Exemple #1
0
def main():
    parser = argparse.ArgumentParser(
        'SubResource Integrity(SRI) Tool',
        description='Calculates the digest of a file '
        'and generates an SRI string')

    parser.add_argument(
        '--url-safe',
        action='store_true',
        help='Assume a URL safe base64 encoded SRI: decodes to an SRI'
        ' of format sha256-myhash')

    subparsers = parser.add_subparsers(help='encode or decode',
                                       required=True,
                                       dest='command')

    gen = subparsers.add_parser('generate')

    gen.add_argument('file')
    gen.add_argument('--dgst',
                     default='sha256',
                     choices=hashlib.algorithms_available,
                     help='digest algorithm see: openssl dgst')

    verify = subparsers.add_parser('verify')

    verify.add_argument('file')
    verify.add_argument('sri')

    decoder = subparsers.add_parser('decode')
    decoder.add_argument('sri')

    opts = parser.parse_args()

    if opts.command == 'generate':
        print(
            str(
                sritool.generate_sri(opts.file,
                                     dgst=opts.dgst,
                                     url_safe=opts.url_safe)))
    elif opts.command == 'verify':
        if opts.url_safe:
            claimed = sritool.urlsafe_to_hash(opts.sri)
        else:
            claimed = sritool.sri_to_hash(opts.sri)

        real = sritool.generate_sri(opts.file, claimed.algorithm)

        print(f'{str(real)}\nurlsafeb64: {sritool.hash_to_urlsafeb64(real)}')

        if str(real) != str(claimed):
            print(f'{opts.file}: {str(real)} != {str(claimed)}',
                  file=sys.stderr)
            sys.exit(1)
    elif opts.command == 'decode':
        print(str(sritool.urlsafe_to_hash(opts.sri)))
Exemple #2
0
 def to_python(self, value):
     try:
         return sri.urlsafe_to_hash(value)
     except Exception:
         err = ValidationError('Bad SRI Hash: make sure to python->'
                               'base64.urlsafe_b64encode your sri hash')
         VarProxy.path_errors.append(err)
         raise err
Exemple #3
0
def test_urlsafe_to_hash_notb64():

    with raises(Exception) as e:
        sritool.urlsafe_to_hash('adfasdfasdfsad')

    assert 'binascii.Error' in str(e.type)
Exemple #4
0
def test_urlsafe_to_hash_bad_input_type():
    with raises(AssertionError):
        sritool.urlsafe_to_hash(1234)
Exemple #5
0
def test_urlsafe_to_hash_bytes_input(sri_obj, sri_urlsafe):
    bencoded = sri_urlsafe.encode('ascii')
    assert str(sritool.urlsafe_to_hash(bencoded)) == str(sri_obj)
Exemple #6
0
def test_urlsafe_to_hash(sri_obj, sri_urlsafe):

    assert str(sritool.urlsafe_to_hash(sri_urlsafe)) == str(sri_obj)