Comparing version 4.1.1 to 4.1.2
@@ -5,2 +5,12 @@ # Change Log | ||
<a name="4.1.2"></a> | ||
## [4.1.2](https://github.com/zkat/ssri/compare/v4.1.1...v4.1.2) (2017-04-18) | ||
### Bug Fixes | ||
* **stream:** _flush can be called multiple times. use on("end") ([b1c4805](https://github.com/zkat/ssri/commit/b1c4805)) | ||
<a name="4.1.1"></a> | ||
@@ -7,0 +17,0 @@ ## [4.1.1](https://github.com/zkat/ssri/compare/v4.1.0...v4.1.1) (2017-04-12) |
74
index.js
@@ -245,40 +245,38 @@ 'use strict' | ||
cb(null, chunk, enc) | ||
}, | ||
flush (done) { | ||
const optString = (opts.options && opts.options.length) | ||
? `?${opts.options.join('?')}` | ||
: '' | ||
const newSri = parse(hashes.map((h, i) => { | ||
return `${algorithms[i]}-${h.digest('base64')}${optString}` | ||
}).join(' '), opts) | ||
const match = ( | ||
// Integrity verification mode | ||
opts.integrity && | ||
digests.find(hash => { | ||
return newSri[algorithm].find(newhash => { | ||
return hash.digest === newhash.digest | ||
}) | ||
} | ||
}).on('end', () => { | ||
const optString = (opts.options && opts.options.length) | ||
? `?${opts.options.join('?')}` | ||
: '' | ||
const newSri = parse(hashes.map((h, i) => { | ||
return `${algorithms[i]}-${h.digest('base64')}${optString}` | ||
}).join(' '), opts) | ||
const match = ( | ||
// Integrity verification mode | ||
opts.integrity && | ||
digests.find(hash => { | ||
return newSri[algorithm].find(newhash => { | ||
return hash.digest === newhash.digest | ||
}) | ||
) | ||
if (typeof opts.size === 'number' && streamSize !== opts.size) { | ||
const err = new Error(`stream size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${streamSize}`) | ||
err.code = 'EBADSIZE' | ||
err.found = streamSize | ||
err.expected = opts.size | ||
err.sri = sri | ||
stream.emit('error', err) | ||
} else if (opts.integrity && !match) { | ||
const err = new Error(`${sri} integrity checksum failed when using ${algorithm}`) | ||
err.code = 'EINTEGRITY' | ||
err.found = newSri | ||
err.expected = digests | ||
err.algorithm = algorithm | ||
err.sri = sri | ||
stream.emit('error', err) | ||
} else { | ||
stream.emit('size', streamSize) | ||
stream.emit('integrity', newSri) | ||
match && stream.emit('verified', match) | ||
} | ||
done() | ||
}) | ||
) | ||
if (typeof opts.size === 'number' && streamSize !== opts.size) { | ||
const err = new Error(`stream size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${streamSize}`) | ||
err.code = 'EBADSIZE' | ||
err.found = streamSize | ||
err.expected = opts.size | ||
err.sri = sri | ||
stream.emit('error', err) | ||
} else if (opts.integrity && !match) { | ||
const err = new Error(`${sri} integrity checksum failed when using ${algorithm}: wanted ${digests} but got ${newSri}. (${streamSize} bytes)`) | ||
err.code = 'EINTEGRITY' | ||
err.found = newSri | ||
err.expected = digests | ||
err.algorithm = algorithm | ||
err.sri = sri | ||
stream.emit('error', err) | ||
} else { | ||
stream.emit('size', streamSize) | ||
stream.emit('integrity', newSri) | ||
match && stream.emit('verified', match) | ||
} | ||
@@ -309,3 +307,3 @@ }) | ||
`${algo}-${digest}${optString}`, | ||
opts | ||
opts | ||
) | ||
@@ -312,0 +310,0 @@ if (hash.algorithm && hash.digest) { |
{ | ||
"name": "ssri", | ||
"version": "4.1.1", | ||
"version": "4.1.2", | ||
"description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
34582
312