check integrity of downloaded files

[adrelanos]

Threat model:

• website is more trusted
• mirrors / CDNs are less trusted

Under this threat model it would make sense if something similar to subresource integrity could be used.

<script
  src="https://example.com/example-framework.js"
  integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
  crossorigin="anonymous"></script>

Unfortunately, subresource integrity does not support user downloaded files at the of writing. Ticket: w3c/webappsec-subresource-integrity#68
And from the ticket it also doesn't seem like support for that is coming anytime soon.

Meanwhile would it be possible to do integrity check with javascript? Could the javascript look at the download stream, run it through "$sha512" [1] hashing and notify at the end of the download if the hashsum matches or mismatches?

Tails implemented a similar solution. References:

• https://tails.boum.org/contribute/design/download_verification/
• https://tails.boum.org/install/inc/js/download.js

The disadvantage is, that the user has to:

1. complete the download
2. click at the Verify your download button
3. select the file
4. press ok
5. wait for the verification to be completed

That's non-ideal from a usability perspective.

feature request:
Could download.js automate this?

---

[1] Writing $ sha512 because that's just a placeholder for "hashing algorithm". Shouldn't be hardcoded to be future-proof.