react-native-ssl-manager 1.0.0

package/LICENSE

@@ -0,0 +1,20 @@
+MIT License
+
+Copyright (c) 2024 Trần Đình Huy
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,264 @@
+# react-native-ssl-manager
+
+React Native SSL Pinning provides seamless SSL certificate pinning integration for enhanced network security in React Native apps. This module enables developers to easily implement and manage certificate pinning, protecting applications against man-in-the-middle (MITM) attacks. With dynamic configuration options and the ability to toggle SSL pinning, it's particularly useful for development and testing scenarios.
+
+## Features
+
+- 🔒 Easy SSL certificate pinning implementation
+- 🔄 Dynamic enabling/disabling of SSL pinning
+- ⚡ Optimized for development and testing workflows
+- 📱 Cross-platform support (iOS & Android)
+- 🛠️ Simple configuration using JSON
+- 🚀 Performance-optimized implementation
+
+## Installation
+
+```sh
+npm install react-native-ssl-manager
+```
+
+## Usage
+
+### Basic Setup
+
+```typescript
+import { 
+  initializeSslPinning, 
+  setUseSSLPinning, 
+  getUseSSLPinning 
+} from 'react-native-ssl-manager';
+
+// Initialize SSL pinning with configuration
+const sslConfig = {
+  "domains": {
+    "development": "api.dev.example.com",
+    "production": "api.example.com"
+  },
+  "sha256Keys": {
+    "api.dev.example.com": [
+      "sha256/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=",
+      "sha256/YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY="
+    ],
+    "api.example.com": [
+      "sha256/ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ=",
+      "sha256/WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW="
+    ]
+  }
+};
+
+// Initialize the SSL pinning
+await initializeSslPinning(JSON.stringify(sslConfig));
+
+// Enable SSL pinning
+await setUseSSLPinning(true);
+
+// Check if SSL pinning is enabled
+const isEnabled = await getUseSSLPinning();
+console.log('SSL Pinning enabled:', isEnabled);
+```
+
+### Configuration File (ssl_config.json)
+
+Create a configuration file with your domain certificates. Example structure:
+
+```json
+{
+  "domains": {
+    "development": "api.dev.example.com",
+    "production": "api.example.com"
+  },
+  "sha256Keys": {
+    "api.dev.example.com": [
+      "sha256/certificate-hash-1=",
+      "sha256/certificate-hash-2="
+    ],
+    "api.example.com": [
+      "sha256/certificate-hash-3=",
+      "sha256/certificate-hash-4="
+    ]
+  }
+}
+```
+
+### API Reference
+
+#### `initializeSslPinning(configJsonString: string): Promise<any>`
+Initializes the SSL pinning configuration with the provided JSON string configuration.
+
+```typescript
+await initializeSslPinning(JSON.stringify(sslConfig));
+```
+
+#### `setUseSSLPinning(usePinning: boolean): void`
+Enables or disables SSL pinning dynamically.
+
+```typescript
+await setUseSSLPinning(true); // Enable SSL pinning
+await setUseSSLPinning(false); // Disable SSL pinning
+```
+
+#### `getUseSSLPinning(): Promise<boolean>`
+Retrieves the current state of SSL pinning.
+
+```typescript
+const isEnabled = await getUseSSLPinning();
+```
+
+## Important Notes ⚠️
+
+### Restarting After SSL Pinning Changes
+
+When using `setUseSSLPinning`, a restart of the application is required for changes to take effect. This is because SSL pinning is implemented at the native level.
+
+#### Using React Native Restart
+
+First, install react-native-restart:
+
+```sh
+# Using npm
+npm install react-native-restart
+
+# Using yarn
+yarn add react-native-restart
+```
+
+For iOS, run pod install:
+```sh
+cd ios && pod install
+```
+
+Then use it in your code:
+```typescript
+import RNRestart from 'react-native-restart';
+
+const toggleSSLPinning = async (enabled: boolean) => {
+  await setUseSSLPinning(enabled);
+  // Restart the app to apply changes
+  RNRestart.Restart();
+};
+
+// Example with user confirmation
+const handleSSLToggle = async (enabled: boolean) => {
+  // Save any necessary state
+  await saveAppState();
+  
+  // Update SSL pinning
+  await setUseSSLPinning(enabled);
+  
+  // Show user message
+  Alert.alert(
+    'Restart Required',
+    'The app needs to restart to apply security changes.',
+    [
+      {
+        text: 'Restart Now',
+        onPress: () => RNRestart.Restart()
+      }
+    ]
+  );
+};
+```
+
+## Development and Testing Benefits
+
+### For Developers
+- **Quick Toggling**: Easily switch SSL pinning on/off during development
+- **Performance Optimization**: Minimize SSL verification overhead during development
+- **Flexible Configuration**: Support multiple environments with different certificates
+
+### For QA Teams
+- **Efficient Testing**: Quickly verify API behavior with and without SSL pinning
+- **Issue Investigation**: Easily isolate SSL-related issues
+- **Environment Switching**: Seamlessly test across different environments
+
+## Best Practices
+
+1. **Environment Management**
+   - Keep separate configurations for development and production
+   - Store production certificates securely
+
+2. **Performance Optimization**
+   - Enable SSL pinning only when necessary during development
+   - Use development certificates for testing environments
+
+3. **Security Considerations**
+   - Always enable SSL pinning in production
+   - Regularly update certificates before expiration
+   - Maintain multiple backup certificates
+
+## Roadmap 🗺️
+
+We're actively working on expanding the capabilities of react-native-ssl-manager. Here are our planned features:
+
+### Upcoming Features
+
+- 📱 **Expo Plugin Integration**
+  - Native SSL pinning support for Expo projects
+  - Seamless configuration through expo-config-plugin
+  - Auto-linking capabilities for Expo development builds
+  - Support for Expo's development client
+
+## Testing with Proxyman 🔍
+
+Proxyman is a powerful tool for testing SSL pinning implementation. Here's how you can verify your SSL pinning configuration:
+
+### Setup Verification
+
+1. **Install Proxyman**
+   - Download and install [Proxyman](https://proxyman.io/)
+   - Install Proxyman's SSL certificate on your device/simulator
+
+2. **Testing SSL Pinning**
+   ```typescript
+   // Enable SSL Pinning
+   await setUseSSLPinning(true);
+   
+   // Make API requests through your app
+   // If SSL pinning is working correctly:
+   // - Requests will fail when Proxyman tries to intercept them
+   // - You'll see SSL/TLS handshake errors
+   
+   // Disable SSL Pinning for debugging
+   await setUseSSLPinning(false);
+   // Now you can intercept and inspect API calls with Proxyman
+   ```
+
+### Common Test Scenarios
+
+1. **Verify SSL Pinning is Active**
+   - Enable SSL pinning
+   - Attempt to intercept traffic with Proxyman
+   - Requests should fail with SSL handshake errors
+
+2. **Debug API Calls**
+   - Disable SSL pinning temporarily
+   - Use Proxyman to inspect API requests/responses
+   - Helpful for QA testing and development
+
+3. **Certificate Validation**
+   - Verify your SSL configuration matches the certificates in ssl_config.json
+   - Test against both development and production endpoints
+
+### Troubleshooting Tips
+
+- If requests succeed with Proxyman while SSL pinning is enabled, check your configuration
+- Verify that the SHA256 hashes in your config match your server certificates
+- Test both development and production environments separately
+
+This integration with Proxyman makes it easy to:
+- Verify SSL pinning implementation
+- Debug API communications
+- Validate security configurations
+- Speed up development and testing workflows
+
+## Contributing
+
+See the [contributing guide](CONTRIBUTING.md) to learn how to contribute to the repository and the development workflow.
+
+## License
+
+For open source projects, say how it is licensed.
+
+---
+
+Made with [create-react-native-library](https://github.com/callstack/react-native-builder-bob)

package/android/build.gradle

@@ -0,0 +1,97 @@
+buildscript {
+  // Buildscript is evaluated before everything else so we can't use getExtOrDefault
+  def kotlin_version = rootProject.ext.has("kotlinVersion") ? rootProject.ext.get("kotlinVersion") : project.properties["UseSslPinning_kotlinVersion"]
+
+  repositories {
+    google()
+    mavenCentral()
+  }
+
+  dependencies {
+    classpath "com.android.tools.build:gradle:7.2.1"
+    // noinspection DifferentKotlinGradleVersion
+    classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
+  }
+}
+
+def isNewArchitectureEnabled() {
+  return rootProject.hasProperty("newArchEnabled") && rootProject.getProperty("newArchEnabled") == "true"
+}
+
+apply plugin: "com.android.library"
+apply plugin: "kotlin-android"
+
+if (isNewArchitectureEnabled()) {
+  apply plugin: "com.facebook.react"
+}
+
+def getExtOrDefault(name) {
+  return rootProject.ext.has(name) ? rootProject.ext.get(name) : project.properties["UseSslPinning_" + name]
+}
+
+def getExtOrIntegerDefault(name) {
+  return rootProject.ext.has(name) ? rootProject.ext.get(name) : (project.properties["UseSslPinning_" + name]).toInteger()
+}
+
+def supportsNamespace() {
+  def parsed = com.android.Version.ANDROID_GRADLE_PLUGIN_VERSION.tokenize('.')
+  def major = parsed[0].toInteger()
+  def minor = parsed[1].toInteger()
+
+  // Namespace support was added in 7.3.0
+  return (major == 7 && minor >= 3) || major >= 8
+}
+
+android {
+  if (supportsNamespace()) {
+    namespace "com.usesslpinning"
+
+    sourceSets {
+      main {
+        manifest.srcFile "src/main/AndroidManifestNew.xml"
+      }
+    }
+  }
+
+  compileSdkVersion getExtOrIntegerDefault("compileSdkVersion")
+
+  defaultConfig {
+    minSdkVersion getExtOrIntegerDefault("minSdkVersion")
+    targetSdkVersion getExtOrIntegerDefault("targetSdkVersion")
+
+  }
+
+  buildTypes {
+    release {
+      minifyEnabled false
+    }
+  }
+
+  lintOptions {
+    disable "GradleCompatible"
+  }
+
+  compileOptions {
+    sourceCompatibility JavaVersion.VERSION_1_8
+    targetCompatibility JavaVersion.VERSION_1_8
+  }
+  
+}
+
+repositories {
+  mavenCentral()
+  google()
+}
+
+def kotlin_version = getExtOrDefault("kotlinVersion")
+
+dependencies {
+  // For < 0.71, this will be from the local maven repo
+  // For > 0.71, this will be replaced by `com.facebook.react:react-android:$version` by react gradle plugin
+  //noinspection GradleDynamicVersion
+  implementation "com.facebook.react:react-native:+"
+  implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
+   // Add OkHttp dependency for SSL pinning
+  implementation "com.squareup.okhttp3:okhttp:4.9.1"
+}
+

package/android/gradle.properties

@@ -0,0 +1,5 @@
+UseSslPinning_kotlinVersion=1.7.0
+UseSslPinning_minSdkVersion=21
+UseSslPinning_targetSdkVersion=31
+UseSslPinning_compileSdkVersion=31
+UseSslPinning_ndkversion=21.4.7075529

package/android/src/main/AndroidManifest.xml

@@ -0,0 +1,3 @@
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+          package="com.usesslpinning">
+</manifest>

package/android/src/main/AndroidManifestNew.xml

@@ -0,0 +1,2 @@
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
+</manifest>

package/android/src/main/java/com/usesslpinning/UseSslPinningFactory.kt

@@ -0,0 +1,50 @@
+package com.usesslpinning
+
+import android.content.Context
+import android.util.Log
+import com.facebook.react.modules.network.OkHttpClientFactory
+import com.facebook.react.modules.network.ReactCookieJarContainer
+import okhttp3.CertificatePinner
+import okhttp3.OkHttpClient
+import org.json.JSONObject
+
+class UseSslPinningFactory(
+  private val context: Context,
+  private val configJsonString: String
+) : OkHttpClientFactory {
+
+  override fun createNewNetworkModuleClient(): OkHttpClient {
+    val sharedPreferences = context.getSharedPreferences("AppSettings", Context.MODE_PRIVATE)
+    val useSSLPinning = sharedPreferences.getBoolean("useSSLPinning", true)
+
+    val clientBuilder = OkHttpClient.Builder().cookieJar(ReactCookieJarContainer()).apply {
+      if (useSSLPinning) {
+        val certificatePinnerBuilder = CertificatePinner.Builder()
+
+        try {
+          val configJson = JSONObject(configJsonString)
+          addCertificatesToPinner(certificatePinnerBuilder, configJson)
+          val certificatePinner = certificatePinnerBuilder.build()
+          certificatePinner(certificatePinner)
+        } catch (e: Exception) {
+          e.printStackTrace()
+        }
+      }
+    }.cache(null).build()
+
+    return clientBuilder
+  }
+  private fun addCertificatesToPinner(certificatePinnerBuilder: CertificatePinner.Builder, configJson: JSONObject) {
+    val sha256Keys = configJson.getJSONObject("sha256Keys")
+    val hostnames = sha256Keys.keys()
+    while (hostnames.hasNext()) {
+      val hostname = hostnames.next()
+      val keysArray = sha256Keys.getJSONArray(hostname)
+      for (i in 0 until keysArray.length()) {
+        val sha256Key = keysArray.getString(i)
+        certificatePinnerBuilder.add(hostname, sha256Key)
+      }
+    }
+  }
+}
+

package/android/src/main/java/com/usesslpinning/UseSslPinningModule.kt

@@ -0,0 +1,45 @@
+package com.usesslpinning
+
+import android.content.Context // Thêm dòng này
+import android.util.Log
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.bridge.ReactContextBaseJavaModule
+import com.facebook.react.bridge.ReactMethod
+import com.facebook.react.bridge.Promise
+import com.facebook.react.modules.network.OkHttpClientProvider
+
+class UseSslPinningModule(reactContext: ReactApplicationContext) :
+    ReactContextBaseJavaModule(reactContext) {
+
+    override fun getName(): String {
+        return NAME
+    }
+
+    @ReactMethod
+    fun setUseSSLPinning(usePinning: Boolean) {
+        val sharedPreferences = reactApplicationContext.getSharedPreferences("AppSettings", Context.MODE_PRIVATE)
+        sharedPreferences.edit().putBoolean("useSSLPinning", usePinning).apply()
+    }
+
+    @ReactMethod
+    fun getUseSSLPinning(promise: Promise) {
+        val sharedPreferences = reactApplicationContext.getSharedPreferences("AppSettings", Context.MODE_PRIVATE)
+        val usePinning = sharedPreferences.getBoolean("useSSLPinning", true)
+        promise.resolve(usePinning)
+    }
+
+  @ReactMethod
+  fun initializeSslPinning(configJsonString: String, promise: Promise) {
+    try {
+      OkHttpClientProvider.setOkHttpClientFactory(UseSslPinningFactory(reactApplicationContext, configJsonString))
+      Log.d("MyLibrary", "SSL Pinning initialized successfully")
+      promise.resolve("SSL Pinning initialized successfully")
+    } catch (e: Exception) {
+      promise.reject("SSL_PINNING_ERROR", "Failed to initialize SSL Pinning", e)
+    }
+  }
+
+    companion object {
+        const val NAME = "UseSslPinning"
+    }
+}

package/android/src/main/java/com/usesslpinning/UseSslPinningPackage.kt

@@ -0,0 +1,17 @@
+package com.usesslpinning
+
+import com.facebook.react.ReactPackage
+import com.facebook.react.bridge.NativeModule
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.uimanager.ViewManager
+
+
+class UseSslPinningPackage : ReactPackage {
+  override fun createNativeModules(reactContext: ReactApplicationContext): List<NativeModule> {
+    return listOf(UseSslPinningModule(reactContext))
+  }
+
+  override fun createViewManagers(reactContext: ReactApplicationContext): List<ViewManager<*, *>> {
+    return emptyList()
+  }
+}

package/ios/UseSslPinning-Bridging-Header.h

@@ -0,0 +1,2 @@
+#import <React/RCTBridgeModule.h>
+#import <React/RCTViewManager.h>

package/ios/UseSslPinning.mm

@@ -0,0 +1,19 @@
+#import <React/RCTBridgeModule.h>
+
+@interface RCT_EXTERN_MODULE(UseSslPinning, NSObject)
+
+RCT_EXTERN_METHOD(setUseSSLPinning:(BOOL)usePinning)
+
+RCT_EXTERN_METHOD(getUseSSLPinning:(RCTPromiseResolveBlock)resolve
+                  rejecter:(RCTPromiseRejectBlock)reject)
+
+RCT_EXTERN_METHOD(initializeSslPinning:(NSString *)configJsonString
+                  resolver:(RCTPromiseResolveBlock)resolve
+                  rejecter:(RCTPromiseRejectBlock)reject)
+
++ (BOOL)requiresMainQueueSetup
+{
+    return NO;
+}
+
+@end

package/ios/UseSslPinning.swift

@@ -0,0 +1,169 @@
+import Foundation
+import TrustKit
+import TrustKit.TSKPinningValidator
+import TrustKit.TSKPinningValidatorCallback
+
+// Add SSLPinningError enum definition
+enum SSLPinningError: Error {
+    case invalidConfiguration
+    case invalidPinConfiguration(domain: String)
+    
+    var message: String {
+        switch self {
+        case .invalidConfiguration:
+            return "Invalid SSL pinning configuration format"
+        case .invalidPinConfiguration(let domain):
+            return "Invalid pin configuration for domain: \(domain)"
+        }
+    }
+}
+
+@objc(UseSslPinning)
+class UseSslPinning: NSObject {
+    private static var sharedTrustKit: TrustKit?
+    private let userDefaults = UserDefaults.standard
+    private let useSSLPinningKey = "useSSLPinning"
+    
+    private func cleanJsonString(_ jsonString: String) -> String {
+        var cleaned = jsonString
+            .replacingOccurrences(of: "\n", with: "")
+            .replacingOccurrences(of: "| ", with: "")
+            .replacingOccurrences(of: "\\ ", with: "")
+            .replacingOccurrences(of: "\\\"", with: "\"")
+        
+        // Remove any remaining backslashes before quotes
+        cleaned = cleaned.replacingOccurrences(of: "\\(?!\")", with: "")
+        
+        // Clean up any double spaces
+        cleaned = cleaned.replacingOccurrences(of: "  ", with: " ")
+        
+        NSLog("Original JSON: %@", jsonString)
+        NSLog("Cleaned JSON: %@", cleaned)
+        
+        return cleaned
+    }
+    
+    private func validateAndCleanPins(_ pins: [String], for domain: String) throws -> [String] {
+        return try pins.map { pin -> String in
+            var cleanPin = pin.trimmingCharacters(in: .whitespacesAndNewlines)
+            
+            // Verify pin format
+            guard cleanPin.starts(with: "sha256/") else {
+                NSLog("Invalid pin format (missing sha256/): %@", cleanPin)
+                throw SSLPinningError.invalidPinConfiguration(domain: domain)
+            }
+            
+            // Remove sha256/ prefix for TrustKit
+            cleanPin = cleanPin.replacingOccurrences(of: "sha256/", with: "")
+            
+            // Verify base64 format
+            guard cleanPin.range(of: "^[A-Za-z0-9+/=]+$", options: .regularExpression) != nil else {
+                NSLog("Invalid pin format (not base64): %@", cleanPin)
+                throw SSLPinningError.invalidPinConfiguration(domain: domain)
+            }
+            
+            return cleanPin
+        }
+    }
+    
+    @objc
+    func initializeSslPinning(_ configJsonString: String, resolver resolve: @escaping RCTPromiseResolveBlock, rejecter reject: @escaping RCTPromiseRejectBlock) {
+        // Check if SSL pinning is enabled
+        let isSSLPinningEnabled = userDefaults.bool(forKey: useSSLPinningKey)
+        
+        if isSSLPinningEnabled {
+            do {
+                // Parse JSON configuration
+                guard let jsonData = configJsonString.data(using: .utf8),
+                      let config = try JSONSerialization.jsonObject(with: jsonData, options: []) as? [String: Any],
+                      let sha256Keys = config["sha256Keys"] as? [String: [String]] else {
+                    throw SSLPinningError.invalidConfiguration
+                }
+                
+                // Build pinned domains configuration
+                var pinnedDomains: [String: Any] = [:]
+                
+                // Process each domain and its pins from JSON
+                for (domain, pins) in sha256Keys {
+                    let cleanedPins = try pins.map { pin -> String in
+                        // Validate and clean the pin
+                        var cleanPin = pin.trimmingCharacters(in: .whitespacesAndNewlines)
+                        
+                        // Verify pin format
+                        guard cleanPin.starts(with: "sha256/") else {
+                            NSLog("Invalid pin format for domain %@: %@", domain, cleanPin)
+                            throw SSLPinningError.invalidPinConfiguration(domain: domain)
+                        }
+                        
+                        // Remove sha256/ prefix for TrustKit
+                        cleanPin = cleanPin.replacingOccurrences(of: "sha256/", with: "")
+                        
+                        return cleanPin
+                    }
+                    
+                    pinnedDomains[domain] = [
+                        kTSKIncludeSubdomains: true,
+                        kTSKEnforcePinning: true,
+                        kTSKDisableDefaultReportUri: true,
+                        kTSKPublicKeyHashes: cleanedPins
+                    ]
+                }
+                
+                let trustKitConfig: [String: Any] = [
+                    kTSKSwizzleNetworkDelegates: true,
+                    kTSKPinnedDomains: pinnedDomains
+                ]
+                
+                DispatchQueue.main.async {
+                    // Initialize TrustKit with the configuration
+                    TrustKit.initSharedInstance(withConfiguration: trustKitConfig)
+                    
+                    // Set up validation callback
+                    TrustKit.sharedInstance().pinningValidatorCallback = { result, notedHostname, policy in
+                        switch result.finalTrustDecision {
+                        case .shouldBlockConnection:
+                            NSLog("⛔️ SSL Pinning failed for domain: %@", notedHostname)
+                            NSLog("Policy details: %@", policy)
+                        case .shouldAllowConnection:
+                            NSLog("✅ SSL Pinning succeeded for domain: %@", notedHostname)
+                        default:
+                            NSLog("⚠️ Unexpected SSL Pinning result for domain: %@", notedHostname)
+                        }
+                    }
+                    
+                    NSLog("✅ TrustKit initialized with config: %@", trustKitConfig)
+                    resolve([
+                        "message": "SSL Pinning initialized successfully",
+                        "domains": Array(pinnedDomains.keys)
+                    ])
+                }
+                
+            } catch let error as SSLPinningError {
+                NSLog("❌ SSL Pinning Error: %@", error.message)
+                reject("SSL_PINNING_ERROR", error.message, error)
+            } catch {
+                NSLog("❌ Unexpected Error: %@", error.localizedDescription)
+                reject("SSL_PINNING_ERROR", "Unexpected error during SSL pinning initialization", error)
+            }
+        } else {
+            NSLog("⚠️ SSL Pinning is disabled",isSSLPinningEnabled)
+            resolve([
+                "message": "SSL Pinning is disabled",
+                "domains": [],
+                "isSSLPinningEnabled": isSSLPinningEnabled
+            ])
+        }
+    }
+    
+    @objc
+    func setUseSSLPinning(_ usePinning: Bool) {
+        userDefaults.set(usePinning, forKey: useSSLPinningKey)
+        userDefaults.synchronize()
+    }
+    
+    @objc
+    func getUseSSLPinning(_ resolve: RCTPromiseResolveBlock, rejecter reject: RCTPromiseRejectBlock) {
+        let usePinning = userDefaults.bool(forKey: useSSLPinningKey)
+        resolve(usePinning)
+    }
+}

package/lib/commonjs/index.js

@@ -0,0 +1,42 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.setUseSSLPinning = exports.initializeSslPinning = exports.getUseSSLPinning = void 0;
+var _reactNative = require("react-native");
+const LINKING_ERROR = `The package 'react-native-ssl-manager' doesn't seem to be linked. Make sure: \n\n` + _reactNative.Platform.select({
+  ios: "- You have run 'pod install'\n",
+  default: ''
+}) + '- You rebuilt the app after installing the package\n' + '- You are not using Expo Go\n';
+const UseSslPinning = _reactNative.NativeModules.UseSslPinning ? _reactNative.NativeModules.UseSslPinning : new Proxy({}, {
+  get() {
+    throw new Error(LINKING_ERROR);
+  }
+});
+const setUseSSLPinning = usePinning => {
+  UseSslPinning.setUseSSLPinning(usePinning);
+};
+
+/**
+ * Retrieves the current state of SSL pinning usage.
+ *
+ * @returns A promise that resolves to a boolean indicating whether SSL pinning is being used.
+ */
+exports.setUseSSLPinning = setUseSSLPinning;
+const getUseSSLPinning = async () => {
+  return await UseSslPinning.getUseSSLPinning();
+};
+
+/**
+ * Initializes SSL pinning with the provided configuration.
+ *
+ * @param {string} configJsonString - The JSON string containing the SSL pinning configuration.
+ * @returns {Promise<any>} A promise that resolves when the SSL pinning is initialized.
+ */
+exports.getUseSSLPinning = getUseSSLPinning;
+const initializeSslPinning = async configJsonString => {
+  return await UseSslPinning.initializeSslPinning(configJsonString);
+};
+exports.initializeSslPinning = initializeSslPinning;
+//# sourceMappingURL=index.js.map

package/lib/commonjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_reactNative","require","LINKING_ERROR","Platform","select","ios","default","UseSslPinning","NativeModules","Proxy","get","Error","setUseSSLPinning","usePinning","exports","getUseSSLPinning","initializeSslPinning","configJsonString"],"sourceRoot":"../../src","sources":["index.tsx"],"mappings":";;;;;;AAAA,IAAAA,YAAA,GAAAC,OAAA;AAEA,MAAMC,aAAa,GACjB,mFAAmF,GACnFC,qBAAQ,CAACC,MAAM,CAAC;EAAEC,GAAG,EAAE,gCAAgC;EAAEC,OAAO,EAAE;AAAG,CAAC,CAAC,GACvE,sDAAsD,GACtD,+BAA+B;AAEjC,MAAMC,aAAa,GAAGC,0BAAa,CAACD,aAAa,GAC7CC,0BAAa,CAACD,aAAa,GAC3B,IAAIE,KAAK,CACP,CAAC,CAAC,EACF;EACEC,GAAGA,CAAA,EAAG;IACJ,MAAM,IAAIC,KAAK,CAACT,aAAa,CAAC;EAChC;AACF,CACF,CAAC;AAEE,MAAMU,gBAAgB,GAAIC,UAAmB,IAAW;EAC7DN,aAAa,CAACK,gBAAgB,CAACC,UAAU,CAAC;AAC5C,CAAC;;AAED;AACA;AACA;AACA;AACA;AAJAC,OAAA,CAAAF,gBAAA,GAAAA,gBAAA;AAKO,MAAMG,gBAAgB,GAAG,MAAAA,CAAA,KAA8B;EAC5D,OAAO,MAAMR,aAAa,CAACQ,gBAAgB,CAAC,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALAD,OAAA,CAAAC,gBAAA,GAAAA,gBAAA;AAMO,MAAMC,oBAAoB,GAAG,MAClCC,gBAAwB,IACP;EACjB,OAAO,MAAMV,aAAa,CAACS,oBAAoB,CAACC,gBAAgB,CAAC;AACnE,CAAC;AAACH,OAAA,CAAAE,oBAAA,GAAAA,oBAAA","ignoreList":[]}

package/lib/module/index.js

@@ -0,0 +1,33 @@
+import { NativeModules, Platform } from 'react-native';
+const LINKING_ERROR = `The package 'react-native-ssl-manager' doesn't seem to be linked. Make sure: \n\n` + Platform.select({
+  ios: "- You have run 'pod install'\n",
+  default: ''
+}) + '- You rebuilt the app after installing the package\n' + '- You are not using Expo Go\n';
+const UseSslPinning = NativeModules.UseSslPinning ? NativeModules.UseSslPinning : new Proxy({}, {
+  get() {
+    throw new Error(LINKING_ERROR);
+  }
+});
+export const setUseSSLPinning = usePinning => {
+  UseSslPinning.setUseSSLPinning(usePinning);
+};
+
+/**
+ * Retrieves the current state of SSL pinning usage.
+ *
+ * @returns A promise that resolves to a boolean indicating whether SSL pinning is being used.
+ */
+export const getUseSSLPinning = async () => {
+  return await UseSslPinning.getUseSSLPinning();
+};
+
+/**
+ * Initializes SSL pinning with the provided configuration.
+ *
+ * @param {string} configJsonString - The JSON string containing the SSL pinning configuration.
+ * @returns {Promise<any>} A promise that resolves when the SSL pinning is initialized.
+ */
+export const initializeSslPinning = async configJsonString => {
+  return await UseSslPinning.initializeSslPinning(configJsonString);
+};
+//# sourceMappingURL=index.js.map

package/lib/module/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["NativeModules","Platform","LINKING_ERROR","select","ios","default","UseSslPinning","Proxy","get","Error","setUseSSLPinning","usePinning","getUseSSLPinning","initializeSslPinning","configJsonString"],"sourceRoot":"../../src","sources":["index.tsx"],"mappings":"AAAA,SAASA,aAAa,EAAEC,QAAQ,QAAQ,cAAc;AAEtD,MAAMC,aAAa,GACjB,mFAAmF,GACnFD,QAAQ,CAACE,MAAM,CAAC;EAAEC,GAAG,EAAE,gCAAgC;EAAEC,OAAO,EAAE;AAAG,CAAC,CAAC,GACvE,sDAAsD,GACtD,+BAA+B;AAEjC,MAAMC,aAAa,GAAGN,aAAa,CAACM,aAAa,GAC7CN,aAAa,CAACM,aAAa,GAC3B,IAAIC,KAAK,CACP,CAAC,CAAC,EACF;EACEC,GAAGA,CAAA,EAAG;IACJ,MAAM,IAAIC,KAAK,CAACP,aAAa,CAAC;EAChC;AACF,CACF,CAAC;AAEL,OAAO,MAAMQ,gBAAgB,GAAIC,UAAmB,IAAW;EAC7DL,aAAa,CAACI,gBAAgB,CAACC,UAAU,CAAC;AAC5C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,gBAAgB,GAAG,MAAAA,CAAA,KAA8B;EAC5D,OAAO,MAAMN,aAAa,CAACM,gBAAgB,CAAC,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,oBAAoB,GAAG,MAClCC,gBAAwB,IACP;EACjB,OAAO,MAAMR,aAAa,CAACO,oBAAoB,CAACC,gBAAgB,CAAC;AACnE,CAAC","ignoreList":[]}

package/lib/typescript/src/index.d.ts

@@ -0,0 +1,15 @@
+export declare const setUseSSLPinning: (usePinning: boolean) => void;
+/**
+ * Retrieves the current state of SSL pinning usage.
+ *
+ * @returns A promise that resolves to a boolean indicating whether SSL pinning is being used.
+ */
+export declare const getUseSSLPinning: () => Promise<boolean>;
+/**
+ * Initializes SSL pinning with the provided configuration.
+ *
+ * @param {string} configJsonString - The JSON string containing the SSL pinning configuration.
+ * @returns {Promise<any>} A promise that resolves when the SSL pinning is initialized.
+ */
+export declare const initializeSslPinning: (configJsonString: string) => Promise<any>;
+//# sourceMappingURL=index.d.ts.map

package/lib/typescript/src/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.tsx"],"names":[],"mappings":"AAmBA,eAAO,MAAM,gBAAgB,eAAgB,OAAO,KAAG,IAEtD,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,gBAAgB,QAAa,QAAQ,OAAO,CAExD,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,qBACb,MAAM,KACvB,QAAQ,GAAG,CAEb,CAAC"}

package/package.json

@@ -0,0 +1,172 @@
+{
+  "name": "react-native-ssl-manager",
+  "version": "1.0.0",
+  "description": "React Native SSL Pinning provides seamless SSL certificate pinning integration for enhanced network security in React Native apps. This module enables developers to easily implement and manage certificate pinning, protecting applications against man-in-the-middle (MITM) attacks. With dynamic configuration options and the ability to toggle SSL pinning, it's particularly useful for development and testing scenarios.",
+  "main": "lib/commonjs/index",
+  "module": "lib/module/index",
+  "types": "lib/typescript/src/index.d.ts",
+  "react-native": {
+    "android": {
+      "source": "android/src/main/java/com/usesslpinning/UseSslPinningPackage.kt"
+    },
+    "ios": {
+      "podspec": "react-native-ssl-manager.podspec"
+    }
+  },
+  "source": "src/index",
+  "files": [
+    "src",
+    "lib",
+    "!**/__tests__",
+    "!**/__fixtures__",
+    "!**/__mocks__",
+    "android",
+    "ios",
+    "cpp",
+    "*.podspec",
+    "!lib/typescript/example",
+    "!ios/build",
+    "!android/build",
+    "!android/gradle",
+    "!android/gradlew",
+    "!android/gradlew.bat",
+    "!android/local.properties",
+    "!**/.*"
+  ],
+  "scripts": {
+    "example": "yarn workspace react-native-ssl-manager-example",
+    "test": "jest",
+    "typecheck": "tsc --noEmit",
+    "lint": "eslint \"**/*.{js,ts,tsx}\"",
+    "clean": "del-cli android/build example/android/build example/android/app/build example/ios/build lib",
+    "prepare": "bob build",
+    "release": "release-it"
+  },
+  "keywords": [
+    "react-native",
+    "ios",
+    "android"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/huytdps13400/react-native-ssl-manager.git"
+  },
+  "author": "Trần Đình Huy <kingonwork@gmail.com> (https://github.com/huytdps13400)",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/huytdps13400/react-native-ssl-manager/issues"
+  },
+  "homepage": "https://github.com/huytdps13400/react-native-ssl-manager#readme",
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org/",
+    "access": "public"
+  },
+  "devDependencies": {
+    "@commitlint/config-conventional": "^17.0.2",
+    "@evilmartians/lefthook": "^1.5.0",
+    "@react-native/eslint-config": "^0.73.1",
+    "@release-it/conventional-changelog": "^5.0.0",
+    "@types/jest": "^29.5.5",
+    "@types/react": "^18.2.44",
+    "commitlint": "^17.0.2",
+    "del-cli": "^5.1.0",
+    "eslint": "^8.51.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-prettier": "^5.0.1",
+    "jest": "^29.7.0",
+    "prettier": "^3.0.3",
+    "react": "18.2.0",
+    "react-native": "0.73.6",
+    "react-native-builder-bob": "^0.20.0",
+    "release-it": "^15.0.0",
+    "turbo": "^1.10.7",
+    "typescript": "5.1.x"
+  },
+  "resolutions": {
+    "@types/react": "^18.2.44"
+  },
+  "peerDependencies": {
+    "react": "*",
+    "react-native": "*"
+  },
+  "workspaces": [
+    "example"
+  ],
+  "packageManager": "yarn@3.6.1",
+  "jest": {
+    "preset": "react-native",
+    "modulePathIgnorePatterns": [
+      "<rootDir>/example/node_modules",
+      "<rootDir>/lib/"
+    ]
+  },
+  "commitlint": {
+    "extends": [
+      "@commitlint/config-conventional"
+    ]
+  },
+  "release-it": {
+    "git": {
+      "commitMessage": "chore: release ${version}",
+      "tagName": "v${version}"
+    },
+    "npm": {
+      "publish": true
+    },
+    "github": {
+      "release": true
+    },
+    "plugins": {
+      "@release-it/conventional-changelog": {
+        "preset": "angular"
+      }
+    }
+  },
+  "eslintConfig": {
+    "root": true,
+    "extends": [
+      "@react-native",
+      "prettier"
+    ],
+    "rules": {
+      "prettier/prettier": [
+        "error",
+        {
+          "quoteProps": "consistent",
+          "singleQuote": true,
+          "tabWidth": 2,
+          "trailingComma": "es5",
+          "useTabs": false
+        }
+      ]
+    }
+  },
+  "eslintIgnore": [
+    "node_modules/",
+    "lib/"
+  ],
+  "prettier": {
+    "quoteProps": "consistent",
+    "singleQuote": true,
+    "tabWidth": 2,
+    "trailingComma": "es5",
+    "useTabs": false
+  },
+  "react-native-builder-bob": {
+    "source": "src",
+    "output": "lib",
+    "targets": [
+      "commonjs",
+      "module",
+      [
+        "typescript",
+        {
+          "project": "tsconfig.build.json"
+        }
+      ]
+    ]
+  },
+  "dependencies": {
+    "postinstall": "^0.10.3"
+  }
+}

package/react-native-ssl-manager.podspec

@@ -0,0 +1,43 @@
+require "json"
+
+package = JSON.parse(File.read(File.join(__dir__, "package.json")))
+folly_compiler_flags = '-DFOLLY_NO_CONFIG -DFOLLY_MOBILE=1 -DFOLLY_USE_LIBCPP=1 -Wno-comma -Wno-shorten-64-to-32'
+
+Pod::Spec.new do |s|
+  s.name         = "react-native-ssl-manager"
+  s.version      = package["version"]
+  s.summary      = package["description"]
+  s.homepage     = package["homepage"]
+  s.license      = package["license"]
+  s.authors      = package["author"]
+
+  s.platforms    = { :ios => min_ios_version_supported }
+  s.source       = { :git => "https://github.com/huytdps13400/react-native-ssl-manager.git", :tag => "#{s.version}" }
+
+  s.source_files = "ios/**/*.{h,m,mm,swift}"
+
+  # Use install_modules_dependencies helper to install the dependencies if React Native version >=0.71.0.
+  # See https://github.com/facebook/react-native/blob/febf6b7f33fdb4904669f99d795eba4c0f95d7bf/scripts/cocoapods/new_architecture.rb#L79.
+  if respond_to?(:install_modules_dependencies, true)
+    install_modules_dependencies(s)
+  else
+  s.dependency "React-Core"
+
+  # Don't install the dependencies when we run `pod install` in the old architecture.
+  if ENV['RCT_NEW_ARCH_ENABLED'] == '1' then
+    s.compiler_flags = folly_compiler_flags + " -DRCT_NEW_ARCH_ENABLED=1"
+    s.pod_target_xcconfig    = {
+        "HEADER_SEARCH_PATHS" => "\"$(PODS_ROOT)/boost\"",
+        "OTHER_CPLUSPLUSFLAGS" => "-DFOLLY_NO_CONFIG -DFOLLY_MOBILE=1 -DFOLLY_USE_LIBCPP=1",
+        "CLANG_CXX_LANGUAGE_STANDARD" => "c++17"
+    }
+    s.dependency "React-Codegen"
+    s.dependency "RCT-Folly"
+    s.dependency "RCTRequired"
+    s.dependency "RCTTypeSafety"
+    s.dependency "ReactCommon/turbomodule/core"
+   end
+  end    
+
+  s.dependency "TrustKit"
+end

package/src/index.tsx

@@ -0,0 +1,43 @@
+import { NativeModules, Platform } from 'react-native';
+
+const LINKING_ERROR =
+  `The package 'react-native-ssl-manager' doesn't seem to be linked. Make sure: \n\n` +
+  Platform.select({ ios: "- You have run 'pod install'\n", default: '' }) +
+  '- You rebuilt the app after installing the package\n' +
+  '- You are not using Expo Go\n';
+
+const UseSslPinning = NativeModules.UseSslPinning
+  ? NativeModules.UseSslPinning
+  : new Proxy(
+      {},
+      {
+        get() {
+          throw new Error(LINKING_ERROR);
+        },
+      }
+    );
+
+export const setUseSSLPinning = (usePinning: boolean): void => {
+  UseSslPinning.setUseSSLPinning(usePinning);
+};
+
+/**
+ * Retrieves the current state of SSL pinning usage.
+ *
+ * @returns A promise that resolves to a boolean indicating whether SSL pinning is being used.
+ */
+export const getUseSSLPinning = async (): Promise<boolean> => {
+  return await UseSslPinning.getUseSSLPinning();
+};
+
+/**
+ * Initializes SSL pinning with the provided configuration.
+ *
+ * @param {string} configJsonString - The JSON string containing the SSL pinning configuration.
+ * @returns {Promise<any>} A promise that resolves when the SSL pinning is initialized.
+ */
+export const initializeSslPinning = async (
+  configJsonString: string
+): Promise<any> => {
+  return await UseSslPinning.initializeSslPinning(configJsonString);
+};