diff options
author | Kat Marchán <kzm@sykosomatic.org> | 2017-04-29 01:11:18 +0300 |
---|---|---|
committer | Rebecca Turner <me@re-becca.org> | 2017-05-26 02:13:33 +0300 |
commit | c8b66854adef8d91c4ad2b058db6f1ca48031b58 (patch) | |
tree | 5e34a1bc728c551d5fa1cbf6bd50d53a04c634f3 /node_modules/ssri | |
parent | cbaf1c914036bc8ac1f9ea965ccba4fd690c8c45 (diff) |
pacote@2.7.4
Diffstat (limited to 'node_modules/ssri')
-rw-r--r-- | node_modules/ssri/CHANGELOG.md | 135 | ||||
-rw-r--r-- | node_modules/ssri/LICENSE.md | 3 | ||||
-rw-r--r-- | node_modules/ssri/README.md | 462 | ||||
-rw-r--r-- | node_modules/ssri/index.js | 333 | ||||
-rw-r--r-- | node_modules/ssri/package.json | 94 |
5 files changed, 1027 insertions, 0 deletions
diff --git a/node_modules/ssri/CHANGELOG.md b/node_modules/ssri/CHANGELOG.md new file mode 100644 index 000000000..838a6fe69 --- /dev/null +++ b/node_modules/ssri/CHANGELOG.md @@ -0,0 +1,135 @@ +# Change Log + +All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. + +<a name="4.1.2"></a> +## [4.1.2](https://github.com/zkat/ssri/compare/v4.1.1...v4.1.2) (2017-04-18) + + +### Bug Fixes + +* **stream:** _flush can be called multiple times. use on("end") ([b1c4805](https://github.com/zkat/ssri/commit/b1c4805)) + + + +<a name="4.1.1"></a> +## [4.1.1](https://github.com/zkat/ssri/compare/v4.1.0...v4.1.1) (2017-04-12) + + +### Bug Fixes + +* **pickAlgorithm:** error if pickAlgorithm() is used in an empty Integrity ([fab470e](https://github.com/zkat/ssri/commit/fab470e)) + + + +<a name="4.1.0"></a> +# [4.1.0](https://github.com/zkat/ssri/compare/v4.0.0...v4.1.0) (2017-04-07) + + +### Features + +* adding ssri.create for a crypto style interface (#2) ([96f52ad](https://github.com/zkat/ssri/commit/96f52ad)) + + + +<a name="4.0.0"></a> +# [4.0.0](https://github.com/zkat/ssri/compare/v3.0.2...v4.0.0) (2017-04-03) + + +### Bug Fixes + +* **integrity:** should have changed the error code before. oops ([8381afa](https://github.com/zkat/ssri/commit/8381afa)) + + +### BREAKING CHANGES + +* **integrity:** EBADCHECKSUM -> EINTEGRITY for verification errors + + + +<a name="3.0.2"></a> +## [3.0.2](https://github.com/zkat/ssri/compare/v3.0.1...v3.0.2) (2017-04-03) + + + +<a name="3.0.1"></a> +## [3.0.1](https://github.com/zkat/ssri/compare/v3.0.0...v3.0.1) (2017-04-03) + + +### Bug Fixes + +* **package.json:** really should have these in the keywords because search ([a6ac6d0](https://github.com/zkat/ssri/commit/a6ac6d0)) + + + +<a name="3.0.0"></a> +# [3.0.0](https://github.com/zkat/ssri/compare/v2.0.0...v3.0.0) (2017-04-03) + + +### Bug Fixes + +* **hashes:** IntegrityMetadata -> Hash ([d04aa1f](https://github.com/zkat/ssri/commit/d04aa1f)) + + +### Features + +* **check:** return IntegrityMetadata on check success ([2301e74](https://github.com/zkat/ssri/commit/2301e74)) +* **fromHex:** ssri.fromHex to make it easier to generate them from hex valus ([049b89e](https://github.com/zkat/ssri/commit/049b89e)) +* **hex:** utility function for getting hex version of digest ([a9f021c](https://github.com/zkat/ssri/commit/a9f021c)) +* **hexDigest:** added hexDigest method to Integrity objects too ([85208ba](https://github.com/zkat/ssri/commit/85208ba)) +* **integrity:** add .isIntegrity and .isIntegrityMetadata ([1b29e6f](https://github.com/zkat/ssri/commit/1b29e6f)) +* **integrityStream:** new stream that can both generate and check streamed data ([fd23e1b](https://github.com/zkat/ssri/commit/fd23e1b)) +* **parse:** allow parsing straight into a single IntegrityMetadata object ([c8ddf48](https://github.com/zkat/ssri/commit/c8ddf48)) +* **pickAlgorithm:** Intergrity#pickAlgorithm() added ([b97a796](https://github.com/zkat/ssri/commit/b97a796)) +* **size:** calculate and update stream sizes ([02ed1ad](https://github.com/zkat/ssri/commit/02ed1ad)) + + +### BREAKING CHANGES + +* **hashes:** `.isIntegrityMetadata` is now `.isHash`. Also, any references to `IntegrityMetadata` now refer to `Hash`. +* **integrityStream:** createCheckerStream has been removed and replaced with a general-purpose integrityStream. + +To convert existing createCheckerStream code, move the `sri` argument into `opts.integrity` in integrityStream. All other options should be the same. +* **check:** `checkData`, `checkStream`, and `createCheckerStream` now yield a whole IntegrityMetadata instance representing the first successful hash match. + + + +<a name="2.0.0"></a> +# [2.0.0](https://github.com/zkat/ssri/compare/v1.0.0...v2.0.0) (2017-03-24) + + +### Bug Fixes + +* **strict-mode:** make regexes more rigid ([122a32c](https://github.com/zkat/ssri/commit/122a32c)) + + +### Features + +* **api:** added serialize alias for unparse ([999b421](https://github.com/zkat/ssri/commit/999b421)) +* **concat:** add Integrity#concat() ([cae12c7](https://github.com/zkat/ssri/commit/cae12c7)) +* **pickAlgo:** pick the strongest algorithm provided, by default ([58c18f7](https://github.com/zkat/ssri/commit/58c18f7)) +* **strict-mode:** strict SRI support ([3f0b64c](https://github.com/zkat/ssri/commit/3f0b64c)) +* **stringify:** replaced unparse/serialize with stringify ([4acad30](https://github.com/zkat/ssri/commit/4acad30)) +* **verification:** add opts.pickAlgorithm ([f72e658](https://github.com/zkat/ssri/commit/f72e658)) + + +### BREAKING CHANGES + +* **pickAlgo:** ssri will prioritize specific hashes now +* **stringify:** serialize and unparse have been removed. Use ssri.stringify instead. +* **strict-mode:** functions that accepted an optional `sep` argument now expect `opts.sep`. + + + +<a name="1.0.0"></a> +# 1.0.0 (2017-03-23) + + +### Features + +* **api:** implemented initial api ([4fbb16b](https://github.com/zkat/ssri/commit/4fbb16b)) + + +### BREAKING CHANGES + +* **api:** Initial API established. diff --git a/node_modules/ssri/LICENSE.md b/node_modules/ssri/LICENSE.md new file mode 100644 index 000000000..c05cb0958 --- /dev/null +++ b/node_modules/ssri/LICENSE.md @@ -0,0 +1,3 @@ +To the extent possible under law, maintainers for this project have waived all copyright and related or neighboring rights to this project. + +For more information on this waiver, see: https://creativecommons.org/publicdomain/zero/1.0/ diff --git a/node_modules/ssri/README.md b/node_modules/ssri/README.md new file mode 100644 index 000000000..f2fc035da --- /dev/null +++ b/node_modules/ssri/README.md @@ -0,0 +1,462 @@ +# ssri [![npm version](https://img.shields.io/npm/v/ssri.svg)](https://npm.im/ssri) [![license](https://img.shields.io/npm/l/ssri.svg)](https://npm.im/ssri) [![Travis](https://img.shields.io/travis/zkat/ssri.svg)](https://travis-ci.org/zkat/ssri) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/ssri?svg=true)](https://ci.appveyor.com/project/zkat/ssri) [![Coverage Status](https://coveralls.io/repos/github/zkat/ssri/badge.svg?branch=latest)](https://coveralls.io/github/zkat/ssri?branch=latest) + +[`ssri`](https://github.com/zkat/ssri), short for Standard Subresource +Integrity, is a Node.js utility for parsing, manipulating, serializing, +generating, and verifying [Subresource +Integrity](https://w3c.github.io/webappsec/specs/subresourceintegrity/) hashes. + +## Install + +`$ npm install --save ssri` + +## Table of Contents + +* [Example](#example) +* [Features](#features) +* [Contributing](#contributing) +* [API](#api) + * Parsing & Serializing + * [`parse`](#parse) + * [`stringify`](#stringify) + * [`Integrity#concat`](#integrity-concat) + * [`Integrity#toString`](#integrity-to-string) + * [`Integrity#toJSON`](#integrity-to-json) + * [`Integrity#pickAlgorithm`](#integrity-pick-algorithm) + * [`Integrity#hexDigest`](#integrity-hex-digest) + * Integrity Generation + * [`fromHex`](#from-hex) + * [`fromData`](#from-data) + * [`fromStream`](#from-stream) + * [`create`](#create) + * Integrity Verification + * [`checkData`](#check-data) + * [`checkStream`](#check-stream) + * [`integrityStream`](#integrity-stream) + +### Example + +```javascript +const ssri = require('ssri') + +const integrity = 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +// Parsing and serializing +const parsed = ssri.parse(integrity) +ssri.stringify(parsed) // === integrity (works on non-Integrity objects) +parsed.toString() // === integrity + +// Async stream functions +ssri.checkStream(fs.createReadStream('./my-file'), integrity).then(...) +ssri.fromStream(fs.createReadStream('./my-file')).then(sri => { + sri.toString() === integrity +}) +fs.createReadStream('./my-file').pipe(ssri.createCheckerStream(sri)) + +// Sync data functions +ssri.fromData(fs.readFileSync('./my-file')) // === parsed +ssri.checkData(fs.readFileSync('./my-file'), integrity) // => 'sha512' +``` + +### Features + +* Parses and stringifies SRI strings. +* Generates SRI strings from raw data or Streams. +* Strict standard compliance. +* `?foo` metadata option support. +* Multiple entries for the same algorithm. +* Object-based integrity hash manipulation. +* Small footprint: no dependencies, concise implementation. +* Full test coverage. +* Customizable algorithm picker. + +### Contributing + +The ssri team enthusiastically welcomes contributions and project participation! +There's a bunch of things you can do if you want to contribute! The [Contributor +Guide](CONTRIBUTING.md) has all the information you need for everything from +reporting bugs to contributing entire new features. Please don't hesitate to +jump in if you'd like to, or even ask us questions if something isn't clear. + +### API + +#### <a name="parse"></a> `> ssri.parse(sri, [opts]) -> Integrity` + +Parses `sri` into an `Integrity` data structure. `sri` can be an integrity +string, an `Hash`-like with `digest` and `algorithm` fields and an optional +`options` field, or an `Integrity`-like object. The resulting object will be an +`Integrity` instance that has this shape: + +```javascript +{ + 'sha1': [{algorithm: 'sha1', digest: 'deadbeef', options: []}], + 'sha512': [ + {algorithm: 'sha512', digest: 'c0ffee', options: []}, + {algorithm: 'sha512', digest: 'bad1dea', options: ['foo']} + ], +} +``` + +If `opts.single` is truthy, a single `Hash` object will be returned. That is, a +single object that looks like `{algorithm, digest, options}`, as opposed to a +larger object with multiple of these. + +If `opts.strict` is truthy, the resulting object will be filtered such that +it strictly follows the Subresource Integrity spec, throwing away any entries +with any invalid components. This also means a restricted set of algorithms +will be used -- the spec limits them to `sha256`, `sha384`, and `sha512`. + +Strict mode is recommended if the integrity strings are intended for use in +browsers, or in other situations where strict adherence to the spec is needed. + +##### Example + +```javascript +ssri.parse('sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo') // -> Integrity object +``` + +#### <a name="stringify"></a> `> ssri.stringify(sri, [opts]) -> String` + +This function is identical to [`Integrity#toString()`](#integrity-to-string), +except it can be used on _any_ object that [`parse`](#parse) can handle -- that +is, a string, an `Hash`-like, or an `Integrity`-like. + +The `opts.sep` option defines the string to use when joining multiple entries +together. To be spec-compliant, this _must_ be whitespace. The default is a +single space (`' '`). + +If `opts.strict` is true, the integrity string will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +// Useful for cleaning up input SRI strings: +ssri.stringify('\n\rsha512-foo\n\t\tsha384-bar') +// -> 'sha512-foo sha384-bar' + +// Hash-like: only a single entry. +ssri.stringify({ + algorithm: 'sha512', + digest:'9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==', + options: ['foo'] +}) +// -> +// 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +// Integrity-like: full multi-entry syntax. Similar to output of `ssri.parse` +ssri.stringify({ + 'sha512': [ + { + algorithm: 'sha512', + digest:'9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==', + options: ['foo'] + } + ] +}) +// -> +// 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' +``` + +#### <a name="integrity-concat"></a> `> Integrity#concat(otherIntegrity, [opts]) -> Integrity` + +Concatenates an `Integrity` object with another IntegrityLike, or an integrity +string. + +This is functionally equivalent to concatenating the string format of both +integrity arguments, and calling [`ssri.parse`](#ssri-parse) on the new string. + +If `opts.strict` is true, the new `Integrity` will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +// This will combine the integrity checks for two different versions of +// your index.js file so you can use a single integrity string and serve +// either of these to clients, from a single `<script>` tag. +const desktopIntegrity = ssri.fromData(fs.readFileSync('./index.desktop.js')) +const mobileIntegrity = ssri.fromData(fs.readFileSync('./index.mobile.js')) + +// Note that browsers (and ssri) will succeed as long as ONE of the entries +// for the *prioritized* algorithm succeeds. That is, in order for this fallback +// to work, both desktop and mobile *must* use the same `algorithm` values. +desktopIntegrity.concat(mobileIntegrity) +``` + +#### <a name="integrity-to-string"></a> `> Integrity#toString([opts]) -> String` + +Returns the string representation of an `Integrity` object. All hash entries +will be concatenated in the string by `opts.sep`, which defaults to `' '`. + +If you want to serialize an object that didn't from from an `ssri` function, +use [`ssri.stringify()`](#stringify). + +If `opts.strict` is true, the integrity string will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrity = 'sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo' + +ssri.parse(integrity).toString() === integrity +``` + +#### <a name="integrity-to-json"></a> `> Integrity#toJSON() -> String` + +Returns the string representation of an `Integrity` object. All hash entries +will be concatenated in the string by `' '`. + +This is a convenience method so you can pass an `Integrity` object directly to `JSON.stringify`. +For more info check out [toJSON() behavior on mdn](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify#toJSON%28%29_behavior). + +##### Example + +```javascript +const integrity = '"sha512-9KhgCRIx/AmzC8xqYJTZRrnO8OW2Pxyl2DIMZSBOr0oDvtEFyht3xpp71j/r/pAe1DM+JI/A+line3jUBgzQ7A==?foo"' + +JSON.stringify(ssri.parse(integrity)) === integrity +``` + +#### <a name="integrity-pick-algorithm"></a> `> Integrity#pickAlgorithm([opts]) -> String` + +Returns the "best" algorithm from those available in the integrity object. + +If `opts.pickAlgorithm` is provided, it will be passed two algorithms as +arguments. ssri will prioritize whichever of the two algorithms is returned by +this function. Note that the function may be called multiple times, and it +**must** return one of the two algorithms provided. By default, ssri will make +a best-effort to pick the strongest/most reliable of the given algorithms. It +may intentionally deprioritize algorithms with known vulnerabilities. + +##### Example + +```javascript +ssri.parse('sha1-WEakDigEST sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1').pickAlgorithm() // sha512 +``` + +#### <a name="integrity-hex-digest"></a> `> Integrity#hexDigest() -> String` + +`Integrity` is assumed to be either a single-hash `Integrity` instance, or a +`Hash` instance. Returns its `digest`, converted to a hex representation of the +base64 data. + +##### Example + +```javascript +ssri.parse('sha1-deadbeef').hexDigest() // '75e69d6de79f' +``` + +#### <a name="from-hex"></a> `> ssri.fromHex(hexDigest, algorithm, [opts]) -> Integrity` + +Creates an `Integrity` object with a single entry, based on a hex-formatted +hash. This is a utility function to help convert existing shasums to the +Integrity format, and is roughly equivalent to something like: + +```javascript +algorithm + '-' + Buffer.from(hexDigest, 'hex').toString('base64') +``` + +`opts.options` may optionally be passed in: it must be an array of option +strings that will be added to all generated integrity hashes generated by +`fromData`. This is a loosely-specified feature of SRIs, and currently has no +specified semantics besides being `?`-separated. Use at your own risk, and +probably avoid if your integrity strings are meant to be used with browsers. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +If `opts.single` is true, a single `Hash` object will be returned. + +##### Example + +```javascript +ssri.fromHex('75e69d6de79f', 'sha1').toString() // 'sha1-deadbeef' +``` + +#### <a name="from-data"></a> `> ssri.fromData(data, [opts]) -> Integrity` + +Creates an `Integrity` object from either string or `Buffer` data, calculating +all the requested hashes and adding any specified options to the object. + +`opts.algorithms` determines which algorithms to generate hashes for. All +results will be included in a single `Integrity` object. The default value for +`opts.algorithms` is `['sha512']`. All algorithm strings must be hashes listed +in `crypto.getHashes()` for the host Node.js platform. + +`opts.options` may optionally be passed in: it must be an array of option +strings that will be added to all generated integrity hashes generated by +`fromData`. This is a loosely-specified feature of SRIs, and currently has no +specified semantics besides being `?`-separated. Use at your own risk, and +probably avoid if your integrity strings are meant to be used with browsers. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrityObj = ssri.fromData('foobarbaz', { + algorithms: ['sha256', 'sha384', 'sha512'] +}) +integrity.toString('\n') +// -> +// sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0= +// sha384-irnCxQ0CfQhYGlVAUdwTPC9bF3+YWLxlaDGM4xbYminxpbXEq+D+2GCEBTxcjES9 +// sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1+9vBnypkYWg== +``` + +#### <a name="from-stream"></a> `> ssri.fromStream(stream, [opts]) -> Promise<Integrity>` + +Returns a Promise of an Integrity object calculated by reading data from +a given `stream`. + +It accepts both `opts.algorithms` and `opts.options`, which are documented as +part of [`ssri.fromData`](#from-data). + +Additionally, `opts.Promise` may be passed in to inject a Promise library of +choice. By default, ssri will use Node's built-in Promises. + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +ssri.fromStream(fs.createReadStream('index.js'), { + algorithms: ['sha1', 'sha512'] +}).then(integrity => { + return ssri.checkStream(fs.createReadStream('index.js'), integrity) +}) // succeeds +``` + +#### <a name="create"></a> `> ssri.create([opts]) -> <Hash>` + +Returns a Hash object with `update(<Buffer or string>[,enc])` and `digest()` methods. + + +The Hash object provides the same methods as [crypto class Hash](https://nodejs.org/dist/latest-v6.x/docs/api/crypto.html#crypto_class_hash). +`digest()` accepts no arguments and returns an Integrity object calculated by reading data from +calls to update. + +It accepts both `opts.algorithms` and `opts.options`, which are documented as +part of [`ssri.fromData`](#from-data). + +If `opts.strict` is true, the integrity object will be created using strict +parsing rules. See [`ssri.parse`](#parse). + +##### Example + +```javascript +const integrity = ssri.create().update('foobarbaz').digest() +integrity.toString() +// -> +// sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1+9vBnypkYWg== +``` + +#### <a name="check-data"></a> `> ssri.checkData(data, sri, [opts]) -> Hash|false` + +Verifies `data` integrity against an `sri` argument. `data` may be either a +`String` or a `Buffer`, and `sri` can be any subresource integrity +representation that [`ssri.parse`](#parse) can handle. + +If verification succeeds, `checkData` will return the name of the algorithm that +was used for verification (a truthy value). Otherwise, it will return `false`. + +If `opts.pickAlgorithm` is provided, it will be used by +[`Integrity#pickAlgorithm`](#integrity-pick-algorithm) when deciding which of +the available digests to match against. + +##### Example + +```javascript +const data = fs.readFileSync('index.js') +ssri.checkData(data, ssri.fromData(data)) // -> 'sha512' +ssri.checkData(data, 'sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0') +ssri.checkData(data, 'sha1-BaDDigEST') // -> false +``` + +#### <a name="check-stream"></a> `> ssri.checkStream(stream, sri, [opts]) -> Promise<Hash>` + +Verifies the contents of `stream` against an `sri` argument. `stream` will be +consumed in its entirety by this process. `sri` can be any subresource integrity +representation that [`ssri.parse`](#parse) can handle. + +`checkStream` will return a Promise that either resolves to the +`Hash` that succeeded verification, or, if the verification fails +or an error happens with `stream`, the Promise will be rejected. + +If the Promise is rejected because verification failed, the returned error will +have `err.code` as `EINTEGRITY`. + +If `opts.size` is given, it will be matched against the stream size. An error +with `err.code` `EBADSIZE` will be returned by a rejection if the expected size +and actual size fail to match. + +If `opts.pickAlgorithm` is provided, it will be used by +[`Integrity#pickAlgorithm`](#integrity-pick-algorithm) when deciding which of +the available digests to match against. + +##### Example + +```javascript +const integrity = ssri.fromData(fs.readFileSync('index.js')) + +ssri.checkStream( + fs.createReadStream('index.js'), + integrity +) +// -> +// Promise<{ +// algorithm: 'sha512', +// digest: 'sha512-yzd8ELD1piyANiWnmdnpCL5F52f10UfUdEkHywVZeqTt0ymgrxR63Qz0GB7TKPoeeZQmWCaz7T1' +// }> + +ssri.checkStream( + fs.createReadStream('index.js'), + 'sha256-l981iLWj8kurw4UbNy8Lpxqdzd7UOxS50Glhv8FwfZ0' +) // -> Promise<Hash> + +ssri.checkStream( + fs.createReadStream('index.js'), + 'sha1-BaDDigEST' +) // -> Promise<Error<{code: 'EINTEGRITY'}>> +``` + +#### <a name="integrity-stream"></a> `> integrityStream(sri, [opts]) -> IntegrityStream` + +Returns a `Transform` stream that data can be piped through in order to generate +and optionally check data integrity for piped data. When the stream completes +successfully, it emits `size` and `integrity` events, containing the total +number of bytes processed and a calculated `Integrity` instance based on stream +data, respectively. + +If `opts.algorithms` is passed in, the listed algorithms will be calculated when +generating the final `Integrity` instance. The default is `['sha512']`. + +If `opts.single` is passed in, a single `Hash` instance will be returned. + +If `opts.integrity` is passed in, it should be an `integrity` value understood +by [`parse`](#parse) that the stream will check the data against. If +verification succeeds, the integrity stream will emit a `verified` event whose +value is a single `Hash` object that is the one that succeeded verification. If +verification fails, the stream will error with an `EINTEGRITY` error code. + +If `opts.size` is given, it will be matched against the stream size. An error +with `err.code` `EBADSIZE` will be emitted by the stream if the expected size +and actual size fail to match. + +If `opts.pickAlgorithm` is provided, it will be passed two algorithms as +arguments. ssri will prioritize whichever of the two algorithms is returned by +this function. Note that the function may be called multiple times, and it +**must** return one of the two algorithms provided. By default, ssri will make +a best-effort to pick the strongest/most reliable of the given algorithms. It +may intentionally deprioritize algorithms with known vulnerabilities. + +##### Example + +```javascript +const integrity = ssri.fromData(fs.readFileSync('index.js')) +fs.createReadStream('index.js') +.pipe(ssri.checkStream(integrity)) +``` diff --git a/node_modules/ssri/index.js b/node_modules/ssri/index.js new file mode 100644 index 000000000..9c84dbc21 --- /dev/null +++ b/node_modules/ssri/index.js @@ -0,0 +1,333 @@ +'use strict' + +const crypto = require('crypto') +const Transform = require('stream').Transform + +const SPEC_ALGORITHMS = ['sha256', 'sha384', 'sha512'] + +const BASE64_REGEX = /^[a-z0-9+/]+(?:=?=?)$/i +const SRI_REGEX = /^([^-]+)-([^?]+)([?\S*]*)$/ +const STRICT_SRI_REGEX = /^([^-]+)-([A-Za-z0-9+/]+(?:=?=?))([?\x21-\x7E]*)$/ +const VCHAR_REGEX = /^[\x21-\x7E]+$/ + +class Hash { + get isHash () { return true } + constructor (hash, opts) { + const strict = !!(opts && opts.strict) + this.source = hash.trim() + // 3.1. Integrity metadata (called "Hash" by ssri) + // https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description + const match = this.source.match( + strict + ? STRICT_SRI_REGEX + : SRI_REGEX + ) + if (!match) { return } + if (strict && !SPEC_ALGORITHMS.some(a => a === match[1])) { return } + this.algorithm = match[1] + this.digest = match[2] + + const rawOpts = match[3] + this.options = rawOpts ? rawOpts.slice(1).split('?') : [] + } + hexDigest () { + return this.digest && bufFrom(this.digest, 'base64').toString('hex') + } + toJSON () { + return this.toString() + } + toString (opts) { + if (opts && opts.strict) { + // Strict mode enforces the standard as close to the foot of the + // letter as it can. + if (!( + // The spec has very restricted productions for algorithms. + // https://www.w3.org/TR/CSP2/#source-list-syntax + SPEC_ALGORITHMS.some(x => x === this.algorithm) && + // Usually, if someone insists on using a "different" base64, we + // leave it as-is, since there's multiple standards, and the + // specified is not a URL-safe variant. + // https://www.w3.org/TR/CSP2/#base64_value + this.digest.match(BASE64_REGEX) && + // Option syntax is strictly visual chars. + // https://w3c.github.io/webappsec-subresource-integrity/#grammardef-option-expression + // https://tools.ietf.org/html/rfc5234#appendix-B.1 + (this.options || []).every(opt => opt.match(VCHAR_REGEX)) + )) { + return '' + } + } + const options = this.options && this.options.length + ? `?${this.options.join('?')}` + : '' + return `${this.algorithm}-${this.digest}${options}` + } +} + +class Integrity { + get isIntegrity () { return true } + toJSON () { + return this.toString() + } + toString (opts) { + opts = opts || {} + let sep = opts.sep || ' ' + if (opts.strict) { + // Entries must be separated by whitespace, according to spec. + sep = sep.replace(/\S+/g, ' ') + } + return Object.keys(this).map(k => { + return this[k].map(hash => { + return Hash.prototype.toString.call(hash, opts) + }).filter(x => x.length).join(sep) + }).filter(x => x.length).join(sep) + } + concat (integrity, opts) { + const other = typeof integrity === 'string' + ? integrity + : stringify(integrity, opts) + return parse(`${this.toString(opts)} ${other}`, opts) + } + hexDigest () { + return parse(this, {single: true}).hexDigest() + } + pickAlgorithm (opts) { + const pickAlgorithm = (opts && opts.pickAlgorithm) || getPrioritizedHash + const keys = Object.keys(this) + if (!keys.length) { + throw new Error(`No algorithms available for ${this}`) + } + return keys.reduce((acc, algo) => { + return pickAlgorithm(acc, algo) || acc + }) + } +} + +module.exports.parse = parse +function parse (sri, opts) { + opts = opts || {} + if (typeof sri === 'string') { + return _parse(sri, opts) + } else if (sri.algorithm && sri.digest) { + const fullSri = new Integrity() + fullSri[sri.algorithm] = [sri] + return _parse(stringify(fullSri, opts), opts) + } else { + return _parse(stringify(sri, opts), opts) + } +} + +function _parse (integrity, opts) { + // 3.4.3. Parse metadata + // https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata + if (opts.single) { + return new Hash(integrity, opts) + } + return integrity.trim().split(/\s+/).reduce((acc, string) => { + const hash = new Hash(string, opts) + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) +} + +module.exports.stringify = stringify +function stringify (obj, opts) { + if (obj.algorithm && obj.digest) { + return Hash.prototype.toString.call(obj, opts) + } else if (typeof obj === 'string') { + return stringify(parse(obj, opts), opts) + } else { + return Integrity.prototype.toString.call(obj, opts) + } +} + +module.exports.fromHex = fromHex +function fromHex (hexDigest, algorithm, opts) { + const optString = (opts && opts.options && opts.options.length) + ? `?${opts.options.join('?')}` + : '' + return parse( + `${algorithm}-${ + bufFrom(hexDigest, 'hex').toString('base64') + }${optString}`, opts + ) +} + +module.exports.fromData = fromData +function fromData (data, opts) { + opts = opts || {} + const algorithms = opts.algorithms || ['sha512'] + const optString = opts.options && opts.options.length + ? `?${opts.options.join('?')}` + : '' + return algorithms.reduce((acc, algo) => { + const digest = crypto.createHash(algo).update(data).digest('base64') + const hash = new Hash( + `${algo}-${digest}${optString}`, + opts + ) + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) +} + +module.exports.fromStream = fromStream +function fromStream (stream, opts) { + opts = opts || {} + const P = opts.Promise || Promise + const istream = integrityStream(opts) + return new P((resolve, reject) => { + stream.pipe(istream) + stream.on('error', reject) + istream.on('error', reject) + let sri + istream.on('integrity', s => { sri = s }) + istream.on('end', () => resolve(sri)) + istream.on('data', () => {}) + }) +} + +module.exports.checkData = checkData +function checkData (data, sri, opts) { + opts = opts || {} + sri = parse(sri, opts) + const algorithm = sri.pickAlgorithm(opts) + const digests = sri[algorithm] + const digest = crypto.createHash(algorithm).update(data).digest('base64') + return digests.find(hash => hash.digest === digest) || false +} + +module.exports.checkStream = checkStream +function checkStream (stream, sri, opts) { + opts = opts || {} + const P = opts.Promise || Promise + const checker = integrityStream({ + integrity: sri, + size: opts.size, + strict: opts.strict, + pickAlgorithm: opts.pickAlgorithm + }) + return new P((resolve, reject) => { + stream.pipe(checker) + stream.on('error', reject) + checker.on('error', reject) + let sri + checker.on('verified', s => { sri = s }) + checker.on('end', () => resolve(sri)) + checker.on('data', () => {}) + }) +} + +module.exports.integrityStream = integrityStream +function integrityStream (opts) { + opts = opts || {} + // For verification + const sri = opts.integrity && parse(opts.integrity, opts) + const algorithm = sri && sri.pickAlgorithm(opts) + const digests = sri && sri[algorithm] + // Calculating stream + const algorithms = opts.algorithms || [algorithm || 'sha512'] + const hashes = algorithms.map(crypto.createHash) + let streamSize = 0 + const stream = new Transform({ + transform (chunk, enc, cb) { + streamSize += chunk.length + hashes.forEach(h => h.update(chunk, enc)) + cb(null, chunk, enc) + } + }).on('end', () => { + const optString = (opts.options && opts.options.length) + ? `?${opts.options.join('?')}` + : '' + const newSri = parse(hashes.map((h, i) => { + return `${algorithms[i]}-${h.digest('base64')}${optString}` + }).join(' '), opts) + const match = ( + // Integrity verification mode + opts.integrity && + digests.find(hash => { + return newSri[algorithm].find(newhash => { + return hash.digest === newhash.digest + }) + }) + ) + if (typeof opts.size === 'number' && streamSize !== opts.size) { + const err = new Error(`stream size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${streamSize}`) + err.code = 'EBADSIZE' + err.found = streamSize + err.expected = opts.size + err.sri = sri + stream.emit('error', err) + } else if (opts.integrity && !match) { + const err = new Error(`${sri} integrity checksum failed when using ${algorithm}: wanted ${digests} but got ${newSri}. (${streamSize} bytes)`) + err.code = 'EINTEGRITY' + err.found = newSri + err.expected = digests + err.algorithm = algorithm + err.sri = sri + stream.emit('error', err) + } else { + stream.emit('size', streamSize) + stream.emit('integrity', newSri) + match && stream.emit('verified', match) + } + }) + return stream +} + +module.exports.create = createIntegrity +function createIntegrity (opts) { + opts = opts || {} + const algorithms = opts.algorithms || ['sha512'] + const optString = opts.options && opts.options.length + ? `?${opts.options.join('?')}` + : '' + + const hashes = algorithms.map(crypto.createHash) + + return { + update: function (chunk, enc) { + hashes.forEach(h => h.update(chunk, enc)) + return this + }, + digest: function (enc) { + const integrity = algorithms.reduce((acc, algo) => { + const digest = hashes.shift().digest('base64') + const hash = new Hash( + `${algo}-${digest}${optString}`, + opts + ) + if (hash.algorithm && hash.digest) { + const algo = hash.algorithm + if (!acc[algo]) { acc[algo] = [] } + acc[algo].push(hash) + } + return acc + }, new Integrity()) + + return integrity + } + } +} + +// This is a Best Effort™ at a reasonable priority for hash algos +const DEFAULT_PRIORITY = [ + 'md5', 'whirlpool', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512' +] +function getPrioritizedHash (algo1, algo2) { + return DEFAULT_PRIORITY.indexOf(algo1.toLowerCase()) >= DEFAULT_PRIORITY.indexOf(algo2.toLowerCase()) + ? algo1 + : algo2 +} + +function bufFrom (data, enc) { + return Buffer.from ? Buffer.from(data, enc) : new Buffer(data, enc) +} diff --git a/node_modules/ssri/package.json b/node_modules/ssri/package.json new file mode 100644 index 000000000..b828c974c --- /dev/null +++ b/node_modules/ssri/package.json @@ -0,0 +1,94 @@ +{ + "_from": "ssri@~4.1.2", + "_id": "ssri@4.1.2", + "_integrity": "sha1-PTxptJDQsQd3Kpv4GIHziuBx8ks=", + "_location": "/ssri", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "ssri@~4.1.2", + "name": "ssri", + "escapedName": "ssri", + "rawSpec": "~4.1.2", + "saveSpec": null, + "fetchSpec": "~4.1.2" + }, + "_requiredBy": [ + "/", + "/cacache", + "/npm-registry-client", + "/pacote", + "/pacote/make-fetch-happen" + ], + "_resolved": "https://registry.npmjs.org/ssri/-/ssri-4.1.2.tgz", + "_shasum": "3d3c69b490d0b107772a9bf81881f38ae071f24b", + "_shrinkwrap": null, + "_spec": "ssri@~4.1.2", + "_where": "/Users/zkat/Documents/code/npm", + "author": { + "name": "Kat Marchán", + "email": "kzm@sykosomatic.org" + }, + "bin": null, + "bugs": { + "url": "https://github.com/zkat/ssri/issues" + }, + "bundleDependencies": false, + "config": { + "nyc": { + "exclude": [ + "node_modules/**", + "test/**" + ] + } + }, + "dependencies": {}, + "deprecated": false, + "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", + "devDependencies": { + "nyc": "^10.2.0", + "standard": "^9.0.2", + "standard-version": "^4.0.0", + "tap": "^10.3.2", + "weallbehave": "^1.0.0", + "weallcontribute": "^1.0.8" + }, + "files": [ + "*.js" + ], + "homepage": "https://github.com/zkat/ssri#readme", + "keywords": [ + "w3c", + "web", + "security", + "integrity", + "checksum", + "hashing", + "subresource integrity", + "sri", + "sri hash", + "sri string", + "sri generator", + "html" + ], + "license": "CC0-1.0", + "main": "index.js", + "name": "ssri", + "optionalDependencies": {}, + "peerDependencies": {}, + "repository": { + "type": "git", + "url": "git+https://github.com/zkat/ssri.git" + }, + "scripts": { + "postrelease": "npm publish && git push --follow-tags", + "prerelease": "npm t", + "pretest": "standard", + "release": "standard-version -s", + "test": "tap -J --coverage test/*.js", + "update-coc": "weallbehave -o . && git add CODE_OF_CONDUCT.md && git commit -m 'docs(coc): updated CODE_OF_CONDUCT.md'", + "update-contrib": "weallcontribute -o . && git add CONTRIBUTING.md && git commit -m 'docs(contributing): updated CONTRIBUTING.md'" + }, + "version": "4.1.2" +} |