ssri - npm Package Compare versions

Comparing version 5.2.4 to 5.3.0

CHANGELOG.md

@@ -5,2 +5,12 @@ # Change Log
 
+<a name="5.3.0"></a>
+# [5.3.0](https://github.com/zkat/ssri/compare/v5.2.4...v5.3.0) (2018-03-13)
+
+
+### Features
+
+* **checkData:** optionally throw when checkData fails ([bf26b84](https://github.com/zkat/ssri/commit/bf26b84))
+
+
+
 <a name="5.2.4"></a>
@@ -7,0 +17,0 @@ ## [5.2.4](https://github.com/zkat/ssri/compare/v5.2.3...v5.2.4) (2018-02-16)

index.js

@@ -219,6 +219,35 @@ 'use strict'
   sri = parse(sri, opts)
-  if (!Object.keys(sri).length) { return false }
+  if (!Object.keys(sri).length) {
+    if (opts.error) {
+      throw Object.assign(
+        new Error('No valid integrity hashes to check against'), {
+          code: 'EINTEGRITY'
+        }
+      )
+    } else {
+      return false
+    }
+  }
   const algorithm = sri.pickAlgorithm(opts)
   const digest = crypto.createHash(algorithm).update(data).digest('base64')
-  return parse({algorithm, digest}).match(sri, opts)
+  const newSri = parse({algorithm, digest})
+  const match = newSri.match(sri, opts)
+  if (match || !opts.error) {
+    return match
+  } else if (typeof opts.size === 'number' && (data.length !== opts.size)) {
+    const err = new Error(`data size mismatch when checking ${sri}.\n  Wanted: ${opts.size}\n  Found: ${data.length}`)
+    err.code = 'EBADSIZE'
+    err.found = data.length
+    err.expected = opts.size
+    err.sri = sri
+    throw err
+  } else {
+    const err = new Error(`Integrity checksum failed when using ${algorithm}: Wanted ${sri}, but got ${newSri}. (${data.length} bytes)`)
+    err.code = 'EINTEGRITY'
+    err.found = newSri
+    err.expected = sri
+    err.algorithm = algorithm
+    err.sri = sri
+    throw err
+  }
 }
@@ -225,0 +254,0 @@

package.json

 {
   "name": "ssri",
-  "version": "5.2.4",
+  "version": "5.3.0",
   "description": "Standard Subresource Integrity library --  parses, serializes, generates, and verifies integrity metadata according to the SRI spec.",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -392,2 +392,5 @@ # ssri [![npm version](https://img.shields.io/npm/v/ssri.svg)](https://npm.im/ssri) [![license](https://img.shields.io/npm/l/ssri.svg)](https://npm.im/ssri) [![Travis](https://img.shields.io/travis/zkat/ssri.svg)](https://travis-ci.org/zkat/ssri) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/ssri?svg=true)](https://ci.appveyor.com/project/zkat/ssri) [![Coverage Status](https://coveralls.io/repos/github/zkat/ssri/badge.svg?branch=latest)](https://coveralls.io/github/zkat/ssri?branch=latest)
 
+If `opts.error` is true, and verification fails, `checkData` will throw either
+an `EBADSIZE` or an `EINTEGRITY` error, instead of just returning false.
+
 ##### Example
@@ -400,2 +403,3 @@
 ssri.checkData(data, 'sha1-BaDDigEST') // -> false
+ssri.checkData(data, 'sha1-BaDDigEST', {error: true}) // -> Error! EINTEGRITY
 ```
@@ -402,0 +406,0 @@

No alert changes

Improved metrics

Total package byte prevSize

40500

increased by3.39%

Lines of code

356

increased by8.87%

Number of lines in readme file

489

increased by0.82%

No dependency changes