react-native-ssl-pinning-module

v1.0.1

Published

a month ago

React Native module for SSL Pinning (Android + iOS)

Downloads

0High
0Medium
0Low

anweshanmukherjee

react-native-ssl-pinning-module

React Native module to enable SSL Pinning on Android and iOS platforms through native network layers.

This library facilitates the configuration of SSL Public Key Pinning by bridging native platform features
— OkHttp’s CertificatePinner on Android, and TrustKit on iOS.
It helps protect the application from man-in-the-middle (MITM) attacks by validating server certificates against pinned public keys.

Features

SSL pinning using public key hashes (SHA-256) on Android and iOS.
Configurable hostname and multiple public key pins.
Native implementation with minimal JS overhead.
Enable or disable SSL pinning dynamically.
Lightweight and easy integration into any React Native project.

Supported Platforms

| Platform | Version | Notes | |----------|----------------|-----------------------------------------| | Android | 5.0 (API 21)+ | Uses OkHttp CertificatePinner | | iOS | 10.0+ | Uses TrustKit for SSL pinning | | React Native | 0.60+ | Supports autolinking and manual linking |

Installation

Install via npm or yarn:

npm install react-native-ssl-pinning-module
# or
yarn add react-native-ssl-pinning-module

For iOS, install CocoaPods dependencies:

cd ios && pod install && cd ..

For React Native < 0.60, link manually:

react-native link react-native-ssl-pinning-module

Usage

Import the module

import { enableSSLPinning, disableSSLPinning } from 'react-native-ssl-pinning-module';

Enable SSL pinning

Call early in the app lifecycle (e.g., in App.js root component, componentDidMount, or useEffect).

enableSSLPinning('your.server.com', [
  'sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=',
  'sha256/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB='
]);

Disable SSL pinning

To reset the SSL pinning configuration:

disableSSLPinning();

API

| Method | Parameters | Description | Returns | |---------------------|---------------------------------|-----------------------------------------|-------------| | enableSSLPinning | (hostname: string, pins: string[]) | Pins SSL certificates for the given hostname with listed public key hashes | Promise<void> | | disableSSLPinning | () | Removes SSL pinning, disables pin enforcement | Promise<void> |

Example

import React, { useEffect } from 'react';
import { enableSSLPinning } from 'react-native-ssl-pinning-module';

export default function App() {
  useEffect(() => {
    enableSSLPinning('api.example.com', [
      'sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=',
      'sha256/BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB='
    ]);
  }, []);

  return (
    // App JSX
  );
}

Contact

For questions or support, reach me at: [email protected]

Published

Vulnerabilities

Links

Maintainers

Keywords

Readme

react-native-ssl-pinning-module

Table of Contents

Features

Supported Platforms

Installation

Usage

Import the module

Enable SSL pinning

Disable SSL pinning

API

Example

Contact