From d2629107bbb09c33289fb7e8ec57e29e744ede49 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kat=20March=C3=A1n?= <kzm@sykosomatic.org>
Date: Thu, 18 Jan 2018 15:42:59 -0800
Subject: [PATCH] fix(checkStream): integrityStream now takes opts.integrity
 algos into account

---
 index.js      |  3 ++-
 test/check.js | 30 ++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 8ece662..1f192e3 100644
--- a/index.js
+++ b/index.js
@@ -237,7 +237,8 @@ function integrityStream (opts) {
   const algorithm = goodSri && sri.pickAlgorithm(opts)
   const digests = goodSri && sri[algorithm]
   // Calculating stream
-  const algorithms = opts.algorithms || [algorithm || 'sha512']
+  const algorithms = (opts.algorithms || ['sha512'])
+  .concat(algorithm ? [algorithm] : [])
   const hashes = algorithms.map(crypto.createHash)
   let streamSize = 0
   const stream = new Transform({
diff --git a/test/check.js b/test/check.js
index 7628cf8..e099716 100644
--- a/test/check.js
+++ b/test/check.js
@@ -193,6 +193,36 @@ test('checkStream', t => {
       })['sha384'][0],
       'picks the "strongest" available algorithm, by default'
     )
+    return ssri.checkStream(fileStream(), [
+      `sha1-${hash(TEST_DATA, 'sha1')}`,
+      `sha384-${hash(TEST_DATA, 'sha384')}`,
+      `sha256-${hash(TEST_DATA, 'sha256')}`
+    ].join(' '), {
+      algorithms: ['sha256']
+    })
+  }).then(res => {
+    t.deepEqual(
+      res,
+      ssri.parse({
+        algorithm: 'sha384', digest: hash(TEST_DATA, 'sha384')
+      })['sha384'][0],
+      'opts.algorithm still takes into account algo to check against'
+    )
+    return ssri.checkStream(fileStream(), [
+      `sha1-${hash(TEST_DATA, 'sha1')}`,
+      `sha384-${hash(TEST_DATA, 'sha384')}`,
+      `sha256-${hash(TEST_DATA, 'sha256')}`
+    ].join(' '), {
+      algorithms: ['sha512']
+    })
+  }).then(res => {
+    t.deepEqual(
+      res,
+      ssri.parse({
+        algorithm: 'sha384', digest: hash(TEST_DATA, 'sha384')
+      })['sha384'][0],
+      '...even if opts.algorithms includes a hash that is not present'
+    )
     return ssri.checkStream(
       fileStream(), `sha256-${hash(TEST_DATA, 'sha256')}`, {
         size: TEST_DATA.length - 1