Crate ssri

source ·
Expand description

ssri, short for Standard Subresource Integrity, is a Rust library for parsing, manipulating, serializing, generating, and verifying Subresource Integrity hashes.

Examples

Parse a string as Integrity to convert it to a struct:

let source = "sha256-uU0nuZNNPgilLlLX2n2r+sSE7+N6U4DukIj3rOLvzek=";

let parsed: Integrity = source.parse().unwrap();
assert_eq!(parsed.to_string(), source)

Generating a new hash from file data:

// By default, generates Integrity as Sha256.
// Use IntegrityOpts to pick the algorithm yourself.
let sri = Integrity::from(b"hello world");
assert_eq!(sri.to_string(), "sha256-uU0nuZNNPgilLlLX2n2r+sSE7+N6U4DukIj3rOLvzek=");

Verifying data against an SRI:

let sri = Integrity::from(b"hello world");
assert_eq!(sri.check(b"hello world").unwrap(), Algorithm::Sha256);

You can also use IntegrityOpts and IntegrityChecker to generate and check subresource integrity, respectively. These allow things like multiple algorithms, and incremental/streamed data input.

Re-exports

Structs

Enums

  • Valid algorithms for integrity strings.
  • Integrity-related error values.