From d8ff7c71bae0e83966163fa7487f2d04370fb907 Mon Sep 17 00:00:00 2001 From: vijayshinva Date: Sat, 21 Nov 2020 11:34:38 +0530 Subject: [PATCH] Subresource Integrity --- Kryptos/Kryptos/Program.cs | 3 +- Kryptos/Kryptos/WireUpSriExtensions.cs | 86 ++++++++++++++++++++++++++ 2 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 Kryptos/Kryptos/WireUpSriExtensions.cs diff --git a/Kryptos/Kryptos/Program.cs b/Kryptos/Kryptos/Program.cs index 6a66137..fec92ce 100644 --- a/Kryptos/Kryptos/Program.cs +++ b/Kryptos/Kryptos/Program.cs @@ -26,7 +26,8 @@ static async Task Main(string[] args) .WireUpHmacSha1Commands() .WireUpHmacSha256Commands() .WireUpHmacSha384Commands() - .WireUpHmacSha512Commands(); + .WireUpHmacSha512Commands() + .WireUpSriCommands(); return await rootCommand.InvokeAsync(args); } diff --git a/Kryptos/Kryptos/WireUpSriExtensions.cs b/Kryptos/Kryptos/WireUpSriExtensions.cs new file mode 100644 index 0000000..a558cfb --- /dev/null +++ b/Kryptos/Kryptos/WireUpSriExtensions.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections.Generic; +using System.CommandLine; +using System.CommandLine.Invocation; +using System.CommandLine.IO; +using System.IO; +using System.Net.Http; +using System.Security.Cryptography; +using System.Text; + +namespace Kryptos +{ + public static class WireUpSriExtensions + { + public static RootCommand WireUpSriCommands(this RootCommand rootCommand) + { + var sriCommand = new Command("sri", "Subresource Integrity"); + var sriHashCommand = new Command("hash", "Hash"); + sriHashCommand.AddOption(new Option(new string[] { "--text", "-t" }, "Input Text")); + sriHashCommand.AddOption(new Option(new string[] { "--input", "-i" }, "Input file path")); + sriHashCommand.AddOption(new Option(new string[] { "--uri", "-u" }, "Input Uri")); + sriHashCommand.AddOption(new Option(new string[] { "--output", "-o" }, "Output file path")); + sriHashCommand.AddOption(new Option(new string[] { "--sha" }, "256,384(default),512")); + + sriHashCommand.Handler = CommandHandler.Create(async (sha, text, input, uri, output, console) => + { + HashAlgorithm hashAlgorithm = null; + Stream inputStream = null; + try + { + if (text != null) + { + inputStream = new MemoryStream(Encoding.UTF8.GetBytes(text)); + } + if (input != null) + { + inputStream = input.OpenRead(); + } + if (uri != null) + { + using var client = new HttpClient(); + inputStream = await client.GetStreamAsync(uri); + } + + hashAlgorithm = sha switch + { + 256 => SHA256.Create(), + 512 => SHA512.Create(), + _ => SHA384.Create(), + }; + + var hashBytes = hashAlgorithm.ComputeHash(inputStream); + var sri = $"sha{hashAlgorithm.HashSize}-{Convert.ToBase64String(hashBytes)}"; + if (output == null) + { + console.Out.WriteLine(sri); + } + else + { + await File.WriteAllTextAsync(output.FullName, sri).ConfigureAwait(false); + } + } + catch (Exception ex) + { + console.Out.WriteLine(ex.Message); + } + finally + { + if (inputStream != null) + { + await inputStream.DisposeAsync().ConfigureAwait(false); + } + if (hashAlgorithm != null) + { + hashAlgorithm.Dispose(); + } + } + }); + + sriCommand.Add(sriHashCommand); + rootCommand.AddCommand(sriCommand); + + return rootCommand; + } + } +}