1 | #!/usr/bin/env node
|
2 | // -*- mode: js -*-
|
3 | // vim: set filetype=javascript :
|
4 | // Copyright 2015 Joyent, Inc. All rights reserved.
|
5 |
|
6 | var dashdash = require('dashdash');
|
7 | var sshpk = require('../lib/index');
|
8 | var fs = require('fs');
|
9 | var path = require('path');
|
10 | var Buffer = require('safer-buffer').Buffer;
|
11 |
|
12 | var options = [
|
13 | {
|
14 | names: ['hash', 'H'],
|
15 | type: 'string',
|
16 | help: 'Hash algorithm (sha1, sha256, sha384, sha512)'
|
17 | },
|
18 | {
|
19 | names: ['verbose', 'v'],
|
20 | type: 'bool',
|
21 | help: 'Display verbose info about key and hash used'
|
22 | },
|
23 | {
|
24 | names: ['identity', 'i'],
|
25 | type: 'string',
|
26 | help: 'Path to (public) key to use'
|
27 | },
|
28 | {
|
29 | names: ['file', 'f'],
|
30 | type: 'string',
|
31 | help: 'Input filename'
|
32 | },
|
33 | {
|
34 | names: ['format', 't'],
|
35 | type: 'string',
|
36 | help: 'Signature format (asn1, ssh, raw)'
|
37 | },
|
38 | {
|
39 | names: ['signature', 's'],
|
40 | type: 'string',
|
41 | help: 'base64-encoded signature data'
|
42 | },
|
43 | {
|
44 | names: ['help', 'h'],
|
45 | type: 'bool',
|
46 | help: 'Shows this help text'
|
47 | }
|
48 | ];
|
49 |
|
50 | if (require.main === module) {
|
51 | var parser = dashdash.createParser({
|
52 | options: options
|
53 | });
|
54 |
|
55 | try {
|
56 | var opts = parser.parse(process.argv);
|
57 | } catch (e) {
|
58 | console.error('sshpk-verify: error: %s', e.message);
|
59 | process.exit(3);
|
60 | }
|
61 |
|
62 | if (opts.help || opts._args.length > 1) {
|
63 | var help = parser.help({}).trimRight();
|
64 | console.error('sshpk-verify: sign data using an SSH key\n');
|
65 | console.error(help);
|
66 | process.exit(3);
|
67 | }
|
68 |
|
69 | if (!opts.identity) {
|
70 | var help = parser.help({}).trimRight();
|
71 | console.error('sshpk-verify: the -i or --identity option ' +
|
72 | 'is required\n');
|
73 | console.error(help);
|
74 | process.exit(3);
|
75 | }
|
76 |
|
77 | if (!opts.signature) {
|
78 | var help = parser.help({}).trimRight();
|
79 | console.error('sshpk-verify: the -s or --signature option ' +
|
80 | 'is required\n');
|
81 | console.error(help);
|
82 | process.exit(3);
|
83 | }
|
84 |
|
85 | var keyData = fs.readFileSync(opts.identity);
|
86 |
|
87 | var key;
|
88 | try {
|
89 | key = sshpk.parseKey(keyData);
|
90 | } catch (e) {
|
91 | console.error('sshpk-verify: error loading key "' +
|
92 | opts.identity + '": ' + e.name + ': ' + e.message);
|
93 | process.exit(2);
|
94 | }
|
95 |
|
96 | var fmt = opts.format || 'asn1';
|
97 | var sigData = Buffer.from(opts.signature, 'base64');
|
98 |
|
99 | var sig;
|
100 | try {
|
101 | sig = sshpk.parseSignature(sigData, key.type, fmt);
|
102 | } catch (e) {
|
103 | console.error('sshpk-verify: error parsing signature: ' +
|
104 | e.name + ': ' + e.message);
|
105 | process.exit(2);
|
106 | }
|
107 |
|
108 | var hash = opts.hash || key.defaultHashAlgorithm();
|
109 |
|
110 | var verifier;
|
111 | try {
|
112 | verifier = key.createVerify(hash);
|
113 | } catch (e) {
|
114 | console.error('sshpk-verify: error creating verifier: ' +
|
115 | e.name + ': ' + e.message);
|
116 | process.exit(2);
|
117 | }
|
118 |
|
119 | if (opts.verbose) {
|
120 | console.error('sshpk-verify: using %s-%s with a %d bit key',
|
121 | key.type, hash, key.size);
|
122 | }
|
123 |
|
124 | var inFile = process.stdin;
|
125 | var inFileName = 'stdin';
|
126 |
|
127 | var inFilePath;
|
128 | if (opts.file) {
|
129 | inFilePath = opts.file;
|
130 | } else if (opts._args.length === 1) {
|
131 | inFilePath = opts._args[0];
|
132 | }
|
133 |
|
134 | if (inFilePath)
|
135 | inFileName = path.basename(inFilePath);
|
136 |
|
137 | try {
|
138 | if (inFilePath) {
|
139 | fs.accessSync(inFilePath, fs.R_OK);
|
140 | inFile = fs.createReadStream(inFilePath);
|
141 | }
|
142 | } catch (e) {
|
143 | console.error('sshpk-verify: error opening input file' +
|
144 | ': ' + e.name + ': ' + e.message);
|
145 | process.exit(2);
|
146 | }
|
147 |
|
148 | inFile.pipe(verifier);
|
149 | inFile.on('end', function () {
|
150 | var ret;
|
151 | try {
|
152 | ret = verifier.verify(sig);
|
153 | } catch (e) {
|
154 | console.error('sshpk-verify: error verifying data: ' +
|
155 | e.name + ': ' + e.message);
|
156 | process.exit(1);
|
157 | }
|
158 |
|
159 | if (ret) {
|
160 | console.error('OK');
|
161 | process.exit(0);
|
162 | }
|
163 |
|
164 | console.error('NOT OK');
|
165 | process.exit(1);
|
166 | });
|
167 | }
|