How to use the ssri.checkStream function in ssri
To help you get started, we’ve selected a few ssri examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
appcelerator-modules / ti.playservices / updater / index.js View on Github 
async function downloadWithIntegrity(url, downloadPath, integrity) {
const file = await download(url, downloadPath);
// Verify integrity!
await ssri.checkStream(fs.createReadStream(file), integrity);
return file;
}async function downloadWithIntegrity(url, downloadPath, integrity, options) {
const file = await download(url, downloadPath, options);
// Verify integrity!
await ssri.checkStream(fs.createReadStream(file), integrity);
return file;
}Utils.downloadURL = async function downloadURL(url, integrity, options) {
if (!integrity) {
throw new Error('No "integrity" value given for %s, may need to run "node scons.js modules-integrity" to generate new module listing with updated integrity hashes.', url);
}
if (url.startsWith('file://')) {
const filePath = url.slice(7);
if (!await fs.exists(filePath)) {
throw new Error('File URL does not exist on disk: %s', url);
}
// if it passes integrity check, we're all good, return path to file
await ssri.checkStream(fs.createReadStream(filePath), integrity);
return filePath;
}
const downloadPath = cachedDownloadPath(url);
// Check if file already exists and passes integrity check!
if (await fs.exists(downloadPath)) {
try {
// if it passes integrity check, we're all good, return path to file
await ssri.checkStream(fs.createReadStream(downloadPath), integrity);
// cached copy is still valid, integrity hash matches
return downloadPath;
} catch (e) {
// hash doesn't match. Wipe the cached version and re-download
await fs.remove(downloadPath);
return downloadWithIntegrity(url, downloadPath, integrity, options);
}info = await ccGet.hasContent(cache, hash)
}
if (!info) {
return false
}
const cpath = ccPath(cache, info.sri)
if (verify) {
try {
await ssri.checkStream(
fs.createReadStream.orig(cpath),
info.sri
)
} catch (err) {
const newResolved = await fetchPackage(cache, pkg, hash)
cache = newResolved.cache
await ssri.checkStream(
fs.createReadStream.orig(cpath),
info.sri
)
}
}
return Object.assign(info.stat, {
integrity: info.sri.toString(),
cachePath: ccPath(cache, info.sri)
})
}.then((s) => {
const contentInfo = {
size: s.size,
valid: true
}
return ssri
.checkStream(new fsm.ReadStream(filepath), sri)
.catch((err) => {
if (err.code !== 'EINTEGRITY') {
throw err
}
return rimraf(filepath).then(() => {
contentInfo.valid = false
})
})
.then(() => contentInfo)
})
.catch((err) => {function checkSRI (dataStream, sum) {
return ssri.checkStream(dataStream, sum).catch(e => {
throw e.code === 'EINTEGRITY' ? new IntegrityError(e.message) : e
})
}if (!info) {
return false
}
const cpath = ccPath(cache, info.sri)
if (verify) {
try {
await ssri.checkStream(
fs.createReadStream(cpath),
info.sri
)
} catch (err) {
const newResolved = await repairPackage({ cache, hash, pkg, resolvedPath })
cache = newResolved.cache
hash = newResolved.hash
pkg = newResolved.pkg
await ssri.checkStream(
fs.createReadStream(cpath),
info.sri
)
}
}
return Object.assign(info.stat, {
integrity: info.sri.toString(),
cachePath: ccPath(cache, info.sri)
})
}ssri
Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.
