Fix #16: SSL pinning in all 4 Flutter apps

- Created ssl_pinning.dart with SHA-256 DER hash pinning for intaleq.xyz and siromove.com
- Replaced http.post/http.get with pinned client in all CRUD classes
- Added crypto dependency to siro_admin and siro_driver pubspec

siro_rider/lib/controller/functions/crud.dart

@@ -18,10 +18,11 @@ import 'upload_image.dart';
 import 'dart:io';
 
 import 'network/net_guard.dart';
+import 'ssl_pinning.dart';
 
 class CRUD {
   final NetGuard _netGuard = NetGuard();
-  final _client = http.Client();
+  final _client = SslPinning.createPinnedClient();
 
   /// Stores the signature of the last logged error to prevent duplicates.
   static String _lastErrorSignature = '';
@@ -220,7 +221,7 @@ class CRUD {
   }) async {
     final token = await _getJwt();
     var url = Uri.parse(link);
-    var response = await http.post(
+    var response = await _client.post(
       url,
       body: payload,
       headers: {
@@ -243,7 +244,7 @@ class CRUD {
         await Get.put(LoginController()).getJWT();
 
         // إعادة المحاولة مرة واحدة فقط بتوكن جديد
-        var retryResponse = await http.post(
+        var retryResponse = await _client.post(
           url,
           body: payload,
           headers: {
@@ -316,7 +317,7 @@ class CRUD {
     final hmac = box.read(BoxName.hmac);
     var url = Uri.parse(link);
 
-    var response = await http.post(
+    var response = await _client.post(
       url,
       body: payload,
       headers: {
@@ -363,7 +364,7 @@ class CRUD {
     final url = Uri.parse(link);
 
     try {
-      final response = await http.post(
+      final response = await _client.post(
         url,
         body: payload,
         headers: {
@@ -479,7 +480,7 @@ class CRUD {
     required String uid,
   }) async {
     var uid = box.read(BoxName.phone) ?? box.read(BoxName.phoneDriver);
-    var res = await http.get(
+    var res = await _client.get(
       Uri.parse(
           'https://orca-app-b2i85.ondigitalocean.app/token?channelName=$channelName'),
       headers: {'Authorization': 'Bearer ${AK.agoraAppCertificate}'},
@@ -513,7 +514,7 @@ class CRUD {
       ],
       "temperature": 0.9
     });
-    var response = await http.post(url, body: data, headers: headers);
+    var response = await _client.post(url, body: data, headers: headers);
     if (response.statusCode == 200) return response.body;
     return response.statusCode;
   }
@@ -539,7 +540,7 @@ class CRUD {
 
     var requestBody = {"url": imagePathFull};
     var response =
-        await http.post(url, body: jsonEncode(requestBody), headers: headers);
+        await _client.post(url, body: jsonEncode(requestBody), headers: headers);
 
     if (response.statusCode == 200) {
       var responseBody = jsonDecode(response.body);
@@ -568,7 +569,7 @@ class CRUD {
       ],
       "temperature": 0.9
     });
-    var response = await http.post(url, body: data, headers: headers);
+    var response = await _client.post(url, body: data, headers: headers);
     if (response.statusCode == 200) return response.body;
     return response.statusCode;
   }
@@ -578,7 +579,7 @@ class CRUD {
     Map<String, dynamic>? payload,
   }) async {
     var url = Uri.parse(link);
-    var response = await http.post(url,
+    var response = await _client.post(url,
         body: payload, headers: {'Content-Type': 'application/json'});
 
     var jsonData = jsonDecode(response.body);
@@ -607,7 +608,7 @@ class CRUD {
     Map<String, dynamic>? payload,
   }) async {
     var url = Uri.parse(link);
-    var response = await http.post(
+    var response = await _client.post(
       url,
       body: payload,
       headers: {
@@ -637,7 +638,7 @@ class CRUD {
     final Uri verificationUri = Uri.parse(
         'https://verify.twilio.com/v2/Services/$verifySid/Verifications');
 
-    await http.post(
+    await _client.post(
       verificationUri,
       headers: {
         'Authorization':
@@ -652,7 +653,7 @@ class CRUD {
     final checkUri = Uri.parse(
         'https://verify.twilio.com/v2/Services/$verifySid/VerificationCheck');
 
-    final checkResponse = await http.post(
+    final checkResponse = await _client.post(
       checkUri,
       headers: {
         'Authorization':
@@ -668,7 +669,7 @@ class CRUD {
     Map<String, dynamic>? payload,
   }) async {
     var url = Uri.parse(link);
-    var response = await http.post(url, body: payload);
+    var response = await _client.post(url, body: payload);
     var jsonData = jsonDecode(response.body);
     if (jsonData['status'] == 'OK') return jsonData;
     return jsonData['status'];
@@ -677,7 +678,7 @@ class CRUD {
   Future<dynamic> getHereMap({required String link}) async {
     var url = Uri.parse(link);
     try {
-      var response = await http.get(url);
+      var response = await _client.get(url);
       if (response.statusCode == 200) {
         var decodedBody = utf8.decode(response.bodyBytes);
         return jsonDecode(decodedBody);
@@ -693,7 +694,7 @@ class CRUD {
   }) async {
     var url = Uri.parse(link);
     try {
-      var response = await http.get(
+      var response = await _client.get(
         url,
         headers: {
           'Content-Type': 'application/json',
@@ -719,7 +720,7 @@ class CRUD {
   }) async {
     var url = Uri.parse(link);
     try {
-      var response = await http.post(
+      var response = await _client.post(
         url,
         body: jsonEncode(payload),
         headers: {