├── LICENSE
├── srihash.sh
├── srihash
└── README.md


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 ping
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/srihash.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | # Simple bash script that generates the Subresource Integrity (SRI) hash for a remote resource
 4 | # Source: https://github.com/ping/srihash/
 5 | #
 6 | # Usage:
 7 | #   ./srihash.sh 'https://url/to/a.css'
 8 | #   ./srihash.sh 'https://url/to/a.css' 'https://url/to/another.js'
 9 | # Use sha256 instead
10 | #   ./srihash.sh 'sha256' 'https://url/to/a.css'
11 | # Use sha512 instead
12 | #   ./srihash.sh 'sha512' 'https://url/to/a.css'
13 | #
14 | set -e
15 | 
16 | # default algo, options: 'sha256' 'sha384' 'sha512'
17 | hashalgo='sha384'
18 | 
19 | # terminal colors
20 | bold=`tput bold`
21 | red=`tput setaf 1`
22 | green=`tput setaf 2`
23 | blue=`tput setaf 4`
24 | reset=`tput sgr0`
25 | 
26 | allhtmlsrc=''
27 | for f in "$@"
28 | do
29 |     if [ "${f:0:3}" = 'sha' ]; then
30 |         hashalgo="$f"
31 |         continue
32 |     elif [ "${f:0:4}" != 'http' ]; then
33 |         echo "${red}Invalid URL: $f ${reset}"
34 |         continue
35 |     fi
36 |     echo "==== ${bold}Generating hash for: $f${reset} ===="
37 |     for h in 'sha256' 'sha384' 'sha512'
38 |     do
39 |         if [ "$h" = "$hashalgo" ]; then
40 |             hshval="$h-$(curl -sL $f | openssl dgst -$h -binary | openssl base64 -A)"
41 |             echo "${bold}${green}$hshval${reset}"
42 |             if [[ "$f" == *'.js' ]]; then
43 |                 htmlsrc="<script src=\"$f\"\n integrity=\"$hshval\"\n crossorigin=\"anonymous\"></script>"
44 |                 echo -e "$htmlsrc"
45 |                 if [ -n "$allhtmlsrc" ]; then
46 |                     allhtmlsrc="$allhtmlsrc\n"
47 |                 fi
48 |                 allhtmlsrc="$allhtmlsrc$htmlsrc"
49 |             elif [[ "$f" == *'.css' ]]; then
50 |                 htmlsrc="<link rel=\"stylesheet\" href=\"$f\"\n integrity=\"$hshval\"\n crossorigin=\"anonymous\">"
51 |                 echo -e "$htmlsrc"
52 |                 if [ -n "$allhtmlsrc" ]; then
53 |                     allhtmlsrc="$allhtmlsrc\n"
54 |                 fi
55 |                 allhtmlsrc="$allhtmlsrc$htmlsrc"
56 |             fi
57 |         fi
58 |     done
59 | done
60 | if [ -n "$allhtmlsrc" ]; then
61 |     echo -e -n "$allhtmlsrc" | pbcopy
62 | fi
63 | 


--------------------------------------------------------------------------------
/srihash:
--------------------------------------------------------------------------------
 1 | 
 2 | # Source: https://github.com/ping/srihash/
 3 | # Usage:
 4 | #   srihash 'https://url/to/a.css'
 5 | #   srihash 'https://url/to/a.css' 'https://url/to/another.js'
 6 | # Use sha256 instead
 7 | #   srihash 'sha256' 'https://url/to/a.css'
 8 | # Use sha512 instead
 9 | #   srihash 'sha512' 'https://url/to/a.css'
10 | function srihash() {
11 |     # default algo, options: 'sha256' 'sha384' 'sha512'
12 |     local hashalgo='sha384'
13 | 
14 |     # terminal colors
15 |     local bold=`tput bold`
16 |     local red=`tput setaf 1`
17 |     local green=`tput setaf 2`
18 |     local blue=`tput setaf 4`
19 |     local reset=`tput sgr0`
20 | 
21 |     local allhtmlsrc=''
22 | 
23 |     for f in "$@"
24 |     do
25 |         if [ "${f:0:3}" = 'sha' ]; then
26 |             hashalgo="$f"
27 |             continue
28 |         elif [ "${f:0:4}" != 'http' ]; then
29 |             echo "${red}Invalid URL: $f ${reset}"
30 |             continue
31 |         fi
32 |         echo "==== ${bold}Generating hash for: $f${reset} ===="
33 |         for h in 'sha256' 'sha384' 'sha512'
34 |         do
35 |             if [ "$h" = "$hashalgo" ]; then
36 |                 hshval="$h-$(curl -sL $f | openssl dgst -$h -binary | openssl base64 -A)"
37 |                 echo "${bold}${green}$hshval${reset}"
38 |                 if [[ "$f" == *'.js' ]]; then
39 |                     htmlsrc="<script src=\"$f\"\n integrity=\"$hshval\"\n crossorigin=\"anonymous\"></script>"
40 |                     echo -e "$htmlsrc"
41 |                     if [ -n "$allhtmlsrc" ]; then
42 |                         allhtmlsrc="$allhtmlsrc\n"
43 |                     fi
44 |                     allhtmlsrc="$allhtmlsrc$htmlsrc"
45 |                 elif [[ "$f" == *'.css' ]]; then
46 |                     htmlsrc="<link rel=\"stylesheet\" href=\"$f\"\n integrity=\"$hshval\"\n crossorigin=\"anonymous\">"
47 |                     echo -e "$htmlsrc"
48 |                     if [ -n "$allhtmlsrc" ]; then
49 |                         allhtmlsrc="$allhtmlsrc\n"
50 |                     fi
51 |                     allhtmlsrc="$allhtmlsrc$htmlsrc"
52 |                 fi
53 |             fi
54 |         done
55 |     done
56 |     if [ -n "$allhtmlsrc" ]; then
57 |         echo -e -n "$allhtmlsrc" | pbcopy
58 |     fi
59 | }
60 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # srihash
 2 | bash function/script to generate an SRI hash for a remote resource
 3 | 
 4 | ## Install
 5 | Not much of an install. Use either the bash function or script version.
 6 | 
 7 | Requires ``openssl``.
 8 | 
 9 | ### 1. bash function
10 | Add the ``srihash`` function to ``~/.bash_profile``
11 | 
12 | ```bash
13 | curl -sL 'https://raw.githubusercontent.com/ping/srihash/master/srihash' >> ~/.bash_profile \
14 | && source ~/.bash_profile
15 | ```
16 | 
17 | ### 2. bash script
18 | Download ``srihash.sh`` locally.
19 | 
20 | ```bash
21 | curl -s -o 'srihash.sh' 'https://raw.githubusercontent.com/ping/srihash/master/srihash.sh' \
22 | && chmod +x srihash.sh
23 | ```
24 | 
25 | ## Usage
26 | 
27 | ```bash
28 | srihash 'https://url/to/a.css' 'https://url/to/another.js'
29 | # or
30 | ./srihash.sh 'https://url/to/a.css' 'https://url/to/another.js'
31 | 
32 | # Use sha256 instead
33 | srihash 'sha256' 'https://url/to/a.css' 'https://url/to/another.js'
34 | # or
35 | ./srihash.sh 'sha256' 'https://url/to/a.css' 'https://url/to/another.js'
36 | 
37 | # Use sha512 instead
38 | srihash 'sha512' 'https://url/to/a.css' 'https://url/to/another.js'
39 | # or
40 | ./srihash.sh 'sha512' 'https://url/to/a.css' 'https://url/to/another.js'
41 | ```
42 | 
43 | Example:
44 | 
45 | ```bash
46 | srihash 'https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css' \
47 | 'https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js'
48 | ```
49 | ```
50 | ==== Generating hash for: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css ====
51 | sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u
52 | <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css"
53 |  integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u"
54 |  crossorigin="anonymous">
55 | ==== Generating hash for: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js ====
56 | sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa
57 | <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js"
58 |  integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa"
59 |  crossorigin="anonymous"></script>
60 | ```
61 | 
62 | The generated ``<script>``/``<link>`` markup will automatically be copied to the clipboard.
63 | 


--------------------------------------------------------------------------------