- Rust 100%
| .github | ci: change test matrix to include MSRV | |
| src | feat(from_hex): Implemented Integrity::from_hex(), inverse of Integrity::to_hex() ( #11 ) | |
| .gitignore | misc: stop tracking Cargo.lock in repo | |
| Cargo.toml | chore: Release ssri version 9.2.0 | |
| CHANGELOG.md | docs: update changelog | |
| cliff.toml | meta: add publishing bits | |
| clippy.toml | fix(clippy): set MSRV for clippy, too | |
| CODE_OF_CONDUCT.md | docs: improve doc situation a bit | |
| CONTRIBUTING.md | docs: improve doc situation a bit | |
| LICENSE.md | feat(license): change license to Apache-2.0 | |
| Makefile.toml | meta: add publishing bits | |
| README.md | feat(license): change license to Apache-2.0 | |
ssri
ssri, short for Standard Subresource
Integrity, is a Rust library for parsing, manipulating, serializing,
generating, and verifying Subresource Integrity
hashes.
Example
Parse a string as Integrity to convert it to a struct:
usessri::Integrity;letsource="sha256-uU0nuZNNPgilLlLX2n2r+sSE7+N6U4DukIj3rOLvzek=";letparsed: Integrity=source.parse().unwrap();assert_eq!(parsed.to_string(),source)Generating a new hash from file data:
usessri::Integrity;// By default, generates Integrity as Sha256.
// Use IntegrityOpts to pick the algorithm yourself.
letsri=Integrity::from(b"hello world");assert_eq!(sri.to_string(),"sha256-uU0nuZNNPgilLlLX2n2r+sSE7+N6U4DukIj3rOLvzek=");Verifying data against an SRI:
usessri::{Integrity,Algorithm};letsri=Integrity::from(b"hello world");assert_eq!(sri.check(b"hello world").unwrap(),Algorithm::Sha256);You can also use IntegrityOpts and IntegrityChecker to generate
and check subresource integrity, respectively. These allow things like multiple algorithms, and
incremental/streamed data input.
Install
Using cargo-edit
$ cargo add ssri
Documentation
Features
- Parses and stringifies Subresource Integrity strings.
- Generates SRI strings from raw data.
- Strict standard compliance.
- Multiple entries for the same algorithm.
Contributing
The ssri team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The Contributor Guide has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear.
All participants and maintainers in this project are expected to follow Code of Conduct, and just generally be excellent to each other.
Happy hacking!
License
This project is licensed under the Apache-2.0 License.