-
Notifications
You must be signed in to change notification settings - Fork 617
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Avoid issues with weird characters like + / and = on the filesystem. The SRI package has been re-structured and is now under pkg/sri
- Loading branch information
Showing
6 changed files
with
150 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
package sri | ||
|
||
import ( | ||
"fmt" | ||
"strings" | ||
) | ||
|
||
// Parse a SRI hash | ||
func Parse(sriHash string) (*Hash, error) { | ||
elems := strings.SplitN(sriHash, "-", 2) | ||
if len(elems) != 2 { | ||
return nil, fmt.Errorf("sri: not a hash %v", sriHash) | ||
} | ||
|
||
// Get the algo | ||
var algo Algo | ||
switch elems[0] { | ||
case string(SHA256): | ||
algo = SHA256 | ||
case string(SHA384): | ||
algo = SHA384 | ||
case string(SHA512): | ||
algo = SHA512 | ||
default: | ||
return nil, fmt.Errorf("sri: unsupported algo %s", elems[0]) | ||
} | ||
|
||
// Get the hash | ||
dbuf := make([]byte, b64Enc.DecodedLen(len(elems[1]))) | ||
n, err := b64Enc.Decode(dbuf, []byte(elems[1])) | ||
if err != nil { | ||
return nil, err | ||
} | ||
sum := dbuf[:n] | ||
|
||
return &Hash{string(algo), sum}, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
// Package sri implements helper functions to calculate SubResource Integrity | ||
// hashes. | ||
// https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity | ||
package sri | ||
|
||
import ( | ||
b64 "encoding/base64" | ||
"encoding/hex" | ||
) | ||
|
||
// Algo is a supported hashing algorithm | ||
type Algo string | ||
|
||
const ( | ||
// SHA256 algo | ||
SHA256 = Algo("sha256") | ||
// SHA384 algo | ||
SHA384 = Algo("sha384") | ||
// SHA512 algo | ||
SHA512 = Algo("sha512") | ||
) | ||
|
||
// Base64 encoding to use | ||
var b64Enc = b64.StdEncoding | ||
|
||
// Hash represents a SRI-hash | ||
type Hash struct { | ||
algo string | ||
sum []byte | ||
} | ||
|
||
// String returns a SRI-encoded string | ||
func (h *Hash) String() string { | ||
return h.algo + "-" + b64Enc.EncodeToString(h.sum) | ||
} | ||
|
||
// Hex return a hex-encoded representation of the sum | ||
func (h *Hash) Hex() string { | ||
return hex.EncodeToString(h.sum) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
package sri | ||
|
||
import ( | ||
"crypto/sha256" | ||
"crypto/sha512" | ||
"hash" | ||
"io" | ||
) | ||
|
||
// Writer is like a hash.Hash with a Sum function | ||
type Writer struct { | ||
w io.Writer | ||
algo Algo | ||
h hash.Hash | ||
} | ||
|
||
// NewWriter returns a SRI writer that forwards the write while calculating | ||
// the SRI hash. | ||
func NewWriter(w io.Writer, algo Algo) Writer { | ||
var h hash.Hash | ||
switch algo { | ||
case SHA256: | ||
h = sha256.New() | ||
case SHA384: | ||
h = sha512.New384() | ||
case SHA512: | ||
h = sha512.New() | ||
default: | ||
panic("unsupported SRI algo") | ||
} | ||
|
||
return Writer{w, algo, h} | ||
} | ||
|
||
func (w Writer) Write(b []byte) (int, error) { | ||
// First write to the underlying storage | ||
n, err := w.w.Write(b) | ||
if err == nil { | ||
// This should always succeed | ||
_, _ = w.h.Write(b) | ||
} | ||
return n, err | ||
} | ||
|
||
// Sum returns the calculated SRI hash | ||
func (w Writer) Sum() *Hash { | ||
sum := w.h.Sum(nil) | ||
return &Hash{string(w.algo), sum} | ||
} |
This file was deleted.
Oops, something went wrong.