Verify document integrityHash after downloading via CLI

bstanley
bstanley
Community Member

I am working with the CLI and trying to figure out how to compare the integrityHash that is given for a document object with the downloaded file. After downloading the document how can I verify that the file was downloaded completely and that the contents is unchanged? If this is already possible, which hashing algorithm should be used? I tried with MD5, SHA1, and SHA256 but none matched.

Sorry if this is a re-post, I searched everywhere looking for this answer and did not come up with any (seemingly) relevant results.


1Password Version: 0.5.5
Extension Version: Not Provided
OS Version: Windows 10 (17134.648)
Sync Type: Not Provided

Comments

  • cohix
    cohix
    1Password Alumni

    @bstanley great question! The short answer is that the CLI does that for you when it downloads it, so there's no real need to check it manually

    However!

    If you would like to validate it yourself, here are the steps:

    1) H = SHA256 the bytes of the file
    2) E = Base64URLEncode(H)
    3) I = integrityHash.replace(/+/g, "-").replace(/\//g, "_").replace(/=/g, "") (to account for some misbehaving older versions of 1Password
    4) stringCompare(E, I)

    Hope that helps!

  • bstanley
    bstanley
    Community Member

    That is great to know! Thank you for the reply, it it appreciated. If that information is not already in the CLI documentation somewhere (that the CLI validates the file for you) I would suggest that it be added for future CLI users (I did not see it anywhere but I could have looked over it). Keep up the great work!

  • AGAlumB
    AGAlumB
    1Password Alumni

    Likewise, thanks for the feedback! :)

This discussion has been closed.