UNPKG

3.55 kBPlain TextView Raw
1#!/usr/bin/env node
2// -*- mode: js -*-
3// vim: set filetype=javascript :
4// Copyright 2015 Joyent, Inc. All rights reserved.
5
6var dashdash = require('dashdash');
7var sshpk = require('../lib/index');
8var fs = require('fs');
9var path = require('path');
10var Buffer = require('safer-buffer').Buffer;
11
12var options = [
13 {
14 names: ['hash', 'H'],
15 type: 'string',
16 help: 'Hash algorithm (sha1, sha256, sha384, sha512)'
17 },
18 {
19 names: ['verbose', 'v'],
20 type: 'bool',
21 help: 'Display verbose info about key and hash used'
22 },
23 {
24 names: ['identity', 'i'],
25 type: 'string',
26 help: 'Path to (public) key to use'
27 },
28 {
29 names: ['file', 'f'],
30 type: 'string',
31 help: 'Input filename'
32 },
33 {
34 names: ['format', 't'],
35 type: 'string',
36 help: 'Signature format (asn1, ssh, raw)'
37 },
38 {
39 names: ['signature', 's'],
40 type: 'string',
41 help: 'base64-encoded signature data'
42 },
43 {
44 names: ['help', 'h'],
45 type: 'bool',
46 help: 'Shows this help text'
47 }
48];
49
50if (require.main === module) {
51 var parser = dashdash.createParser({
52 options: options
53 });
54
55 try {
56 var opts = parser.parse(process.argv);
57 } catch (e) {
58 console.error('sshpk-verify: error: %s', e.message);
59 process.exit(3);
60 }
61
62 if (opts.help || opts._args.length > 1) {
63 var help = parser.help({}).trimRight();
64 console.error('sshpk-verify: sign data using an SSH key\n');
65 console.error(help);
66 process.exit(3);
67 }
68
69 if (!opts.identity) {
70 var help = parser.help({}).trimRight();
71 console.error('sshpk-verify: the -i or --identity option ' +
72 'is required\n');
73 console.error(help);
74 process.exit(3);
75 }
76
77 if (!opts.signature) {
78 var help = parser.help({}).trimRight();
79 console.error('sshpk-verify: the -s or --signature option ' +
80 'is required\n');
81 console.error(help);
82 process.exit(3);
83 }
84
85 var keyData = fs.readFileSync(opts.identity);
86
87 var key;
88 try {
89 key = sshpk.parseKey(keyData);
90 } catch (e) {
91 console.error('sshpk-verify: error loading key "' +
92 opts.identity + '": ' + e.name + ': ' + e.message);
93 process.exit(2);
94 }
95
96 var fmt = opts.format || 'asn1';
97 var sigData = Buffer.from(opts.signature, 'base64');
98
99 var sig;
100 try {
101 sig = sshpk.parseSignature(sigData, key.type, fmt);
102 } catch (e) {
103 console.error('sshpk-verify: error parsing signature: ' +
104 e.name + ': ' + e.message);
105 process.exit(2);
106 }
107
108 var hash = opts.hash || key.defaultHashAlgorithm();
109
110 var verifier;
111 try {
112 verifier = key.createVerify(hash);
113 } catch (e) {
114 console.error('sshpk-verify: error creating verifier: ' +
115 e.name + ': ' + e.message);
116 process.exit(2);
117 }
118
119 if (opts.verbose) {
120 console.error('sshpk-verify: using %s-%s with a %d bit key',
121 key.type, hash, key.size);
122 }
123
124 var inFile = process.stdin;
125 var inFileName = 'stdin';
126
127 var inFilePath;
128 if (opts.file) {
129 inFilePath = opts.file;
130 } else if (opts._args.length === 1) {
131 inFilePath = opts._args[0];
132 }
133
134 if (inFilePath)
135 inFileName = path.basename(inFilePath);
136
137 try {
138 if (inFilePath) {
139 fs.accessSync(inFilePath, fs.R_OK);
140 inFile = fs.createReadStream(inFilePath);
141 }
142 } catch (e) {
143 console.error('sshpk-verify: error opening input file' +
144 ': ' + e.name + ': ' + e.message);
145 process.exit(2);
146 }
147
148 inFile.pipe(verifier);
149 inFile.on('end', function () {
150 var ret;
151 try {
152 ret = verifier.verify(sig);
153 } catch (e) {
154 console.error('sshpk-verify: error verifying data: ' +
155 e.name + ': ' + e.message);
156 process.exit(1);
157 }
158
159 if (ret) {
160 console.error('OK');
161 process.exit(0);
162 }
163
164 console.error('NOT OK');
165 process.exit(1);
166 });
167}