//specify url of json file containing valid checksums for ISO and USB images below:
//var URLofJsonFileContainingChecksums='https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json'; //this URL will only work if download.html is served from served from https://tails.boum.org/ because of same origin because of same-origin policy.
varURLofJsonFileContainingChecksums='https://cors-anywhere.herokuapp.com/https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json';//use this URL to get around same-origin policy (SOP) if you are staging this locally. The https://cors-anywhere.herokuapp.com/ proxy includes the necessary CORS headers to relax SOP.
console.log('json file containing checksums for ISO and USB images downloaded from '+URLofJsonFileContainingChecksums+'.');
//console.log(checksumjson);
}catch(err){
console.log('json file containing checksums for ISO and USB images could not be downloaded from '+URLofJsonFileContainingChecksums+'.');
console.error(err);
showVerificationResult("error");
return;
}
try{
showVerifyingDownload(file.name);
sha256=forge.md.sha256.create();
awaitreadFile(file);
varfileactualchecksum=sha256.digest().toHex();
console.log('checksum of downloaded file: '+fileactualchecksum);
}catch(err){
console.log('error reading file and calculating checksum.');
console.error(err);
showVerificationResult("error");
return;
}
//If downloaded file is valid, then fileactualchecksum should be 64 hex characters in length, and should be contained within checksumjson. Otherwise, consider downloaded file to be invalid.