About
integrity is an attribute of the fetch elements.
Its value is a digest that controls that the file was not altered in transit. It's a data integrity functionality.
Example
Link element with stylesheet
If the calculation output with a sha384 was:
ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q
A link element for instance would be:
<link rel="stylesheet" href="stylesheet.css" integrity="sha384-ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q">
Script element with javascript
For a script element
<script src="script.js" integrity="sha384-ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q" type="text/javascript"></script>
Management
Calculation
Online
Offline
The integrity can be calculated with the following command line.
It calculate the digest with a sha (256 or 384) and apply the base64 algorithm above.
#sha256
openssl dgst -sha256 -binary stylesheet.css | openssl base64 -A
#sha384
openssl dgst -sha384 -binary stylesheet.css | openssl base64 -A
# work also for other script
openssl dgst -sha384 -binary script.js | openssl base64 -A
where:
- openssl is Openssl (libcrypto)
- sha is the hash function:
- sha256 means Function - sha256 (Secure Hash Algorithm-256)
- sha384 means Hash Function - sha384 (Secure Hash Algorithm-384)
- base64 means What is Base64? (Cryptography Cipher)