Created
May 10, 2012 21:18
-
-
Save freddyb/2655963 to your computer and use it in GitHub Desktop.
check code integrity of JS files for ZeroBin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function getSource(a){x=new XMLHttpRequest;x.open("GET",a,false);try{x.send()}catch(b){console.dir("Could not get JavaScript source due to some external JS references");alert("Code Integrity check failed")}sources.push(x.response.replace(/\s+/g,""));if(sources.length==document.scripts.length){computedHash=Sha256.hash(sources.join(""));console.dir("Hash of all JavaScript is "+computedHash);if(computedHash=="43958ba2baa4cc09552a52066cb13cd732141a4a920f6b4873c44f643ed1985b"){alert("Code Integrity verified")}else{alert("Warning, code integrity error. Do not trust this site with your code")}}}var Sha256={};Sha256.hash=function(a,b){b=typeof b=="undefined"?true:b;if(b)a=Utf8.encode(a);var c=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298];var d=[1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225];a+=String.fromCharCode(128);var e=a.length/4+2;var f=Math.ceil(e/16);var g=new Array(f);for(var h=0;h<f;h++){g[h]=new Array(16);for(var i=0;i<16;i++){g[h][i]=a.charCodeAt(h*64+i*4)<<24|a.charCodeAt(h*64+i*4+1)<<16|a.charCodeAt(h*64+i*4+2)<<8|a.charCodeAt(h*64+i*4+3)}}g[f-1][14]=(a.length-1)*8/Math.pow(2,32);g[f-1][14]=Math.floor(g[f-1][14]);g[f-1][15]=(a.length-1)*8&4294967295;var j=new Array(64);var k,l,m,n,o,p,q,r;for(var h=0;h<f;h++){for(var s=0;s<16;s++)j[s]=g[h][s];for(var s=16;s<64;s++)j[s]=Sha256.sigma1(j[s-2])+j[s-7]+Sha256.sigma0(j[s-15])+j[s-16]&4294967295;k=d[0];l=d[1];m=d[2];n=d[3];o=d[4];p=d[5];q=d[6];r=d[7];for(var s=0;s<64;s++){var t=r+Sha256.Sigma1(o)+Sha256.Ch(o,p,q)+c[s]+j[s];var u=Sha256.Sigma0(k)+Sha256.Maj(k,l,m);r=q;q=p;p=o;o=n+t&4294967295;n=m;m=l;l=k;k=t+u&4294967295}d[0]=d[0]+k&4294967295;d[1]=d[1]+l&4294967295;d[2]=d[2]+m&4294967295;d[3]=d[3]+n&4294967295;d[4]=d[4]+o&4294967295;d[5]=d[5]+p&4294967295;d[6]=d[6]+q&4294967295;d[7]=d[7]+r&4294967295}return Sha256.toHexStr(d[0])+Sha256.toHexStr(d[1])+Sha256.toHexStr(d[2])+Sha256.toHexStr(d[3])+Sha256.toHexStr(d[4])+Sha256.toHexStr(d[5])+Sha256.toHexStr(d[6])+Sha256.toHexStr(d[7])};Sha256.ROTR=function(a,b){return b>>>a|b<<32-a};Sha256.Sigma0=function(a){return Sha256.ROTR(2,a)^Sha256.ROTR(13,a)^Sha256.ROTR(22,a)};Sha256.Sigma1=function(a){return Sha256.ROTR(6,a)^Sha256.ROTR(11,a)^Sha256.ROTR(25,a)};Sha256.sigma0=function(a){return Sha256.ROTR(7,a)^Sha256.ROTR(18,a)^a>>>3};Sha256.sigma1=function(a){return Sha256.ROTR(17,a)^Sha256.ROTR(19,a)^a>>>10};Sha256.Ch=function(a,b,c){return a&b^~a&c};Sha256.Maj=function(a,b,c){return a&b^a&c^b&c};Sha256.toHexStr=function(a){var b="",c;for(var d=7;d>=0;d--){c=a>>>d*4&15;b+=c.toString(16)}return b};var Utf8={};Utf8.encode=function(a){var b=a.replace(/[\u0080-\u07ff]/g,function(a){var b=a.charCodeAt(0);return String.fromCharCode(192|b>>6,128|b&63)});b=b.replace(/[\u0800-\uffff]/g,function(a){var b=a.charCodeAt(0);return String.fromCharCode(224|b>>12,128|b>>6&63,128|b&63)});return b};Utf8.decode=function(a){var b=a.replace(/[\u00e0-\u00ef][\u0080-\u00bf][\u0080-\u00bf]/g,function(a){var b=(a.charCodeAt(0)&15)<<12|(a.charCodeAt(1)&63)<<6|a.charCodeAt(2)&63;return String.fromCharCode(b)});b=b.replace(/[\u00c0-\u00df][\u0080-\u00bf]/g,function(a){var b=(a.charCodeAt(0)&31)<<6|a.charCodeAt(1)&63;return String.fromCharCode(b)});return b};sources=[];for(i=0;i<document.scripts.length;i++){getSource(document.scripts[i].src)} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment