From 1e1fe5b82fc8d8fba1f053b60ac240ecbc453d69 Mon Sep 17 00:00:00 2001 From: videogame hacker Date: Sat, 5 Mar 2022 20:22:41 +0000 Subject: [PATCH] Auto-calculate subresource integrity for webring JS --- Cargo.lock | 63 ++++++++++++++++++++++++++++++++++++++++++++ Cargo.toml | 1 + build_src/webring.rs | 12 +++++++++ 3 files changed, 76 insertions(+) diff --git a/Cargo.lock b/Cargo.lock index bc81536..fea3309 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -89,6 +89,15 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" +[[package]] +name = "base64" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e" +dependencies = [ + "byteorder", +] + [[package]] name = "bitflags" version = "1.2.1" @@ -416,6 +425,12 @@ dependencies = [ "libc", ] +[[package]] +name = "hex" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77" + [[package]] name = "html5ever" version = "0.25.1" @@ -492,6 +507,7 @@ dependencies = [ "askama", "notify", "siru", + "ssri", ] [[package]] @@ -973,6 +989,18 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "sha2" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" +dependencies = [ + "block-buffer", + "digest", + "fake-simd", + "opaque-debug", +] + [[package]] name = "shell-words" version = "1.0.0" @@ -1006,6 +1034,21 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f173ac3d1a7e3b28003f40de0b5ce7fe2710f9b9dc3fc38664cebee46b3b6527" +[[package]] +name = "ssri" +version = "7.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9cec0d388f39fbe79d7aa600e8d38053bf97b1bc8d350da7c0ba800d0f423f2" +dependencies = [ + "base64", + "digest", + "hex", + "serde", + "sha-1", + "sha2", + "thiserror", +] + [[package]] name = "static_assertions" version = "1.1.0" @@ -1080,6 +1123,26 @@ dependencies = [ "unicode-width", ] +[[package]] +name = "thiserror" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "time" version = "0.1.44" diff --git a/Cargo.toml b/Cargo.toml index 9162e7c..c8cb7c3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,3 +14,4 @@ path = "build_src/main.rs" askama = "0.10.5" notify = "4.0.17" siru = { git = "https://github.com/videogame-hacker/siru.git" } +ssri = "7.0.0" diff --git a/build_src/webring.rs b/build_src/webring.rs index 7088e07..397254b 100644 --- a/build_src/webring.rs +++ b/build_src/webring.rs @@ -1,5 +1,7 @@ use crate::*; +use ssri::{Algorithm, IntegrityOpts}; + pub fn copy_webring(ctx: &BuildContext) -> Result<()> { log_info("Copying webring…"); copy_dir_recursive( @@ -7,5 +9,15 @@ pub fn copy_webring(ctx: &BuildContext) -> Result<()> { ctx.output_dir.join("webring"), )?; + log_info("Calculating webring integrity…"); + let webring_content = ctx.read_bin("webring/webring-0.2.0.js")?; + let integrity = IntegrityOpts::new() + .algorithm(Algorithm::Sha512) + .algorithm(Algorithm::Sha1) + .chain(&webring_content) + .result(); + + ctx.write("webring/webring-0.2.0.js.integ.txt", integrity.to_string())?; + Ok(()) }