sshpk-verify 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167
  1. #!/usr/bin/env node
  2. // -*- mode: js -*-
  3. // vim: set filetype=javascript :
  4. // Copyright 2015 Joyent, Inc. All rights reserved.
  5. var dashdash = require('dashdash');
  6. var sshpk = require('../lib/index');
  7. var fs = require('fs');
  8. var path = require('path');
  9. var options = [
  10. {
  11. names: ['hash', 'H'],
  12. type: 'string',
  13. help: 'Hash algorithm (sha1, sha256, sha384, sha512)'
  14. },
  15. {
  16. names: ['verbose', 'v'],
  17. type: 'bool',
  18. help: 'Display verbose info about key and hash used'
  19. },
  20. {
  21. names: ['identity', 'i'],
  22. type: 'string',
  23. help: 'Path to (public) key to use'
  24. },
  25. {
  26. names: ['file', 'f'],
  27. type: 'string',
  28. help: 'Input filename'
  29. },
  30. {
  31. names: ['format', 't'],
  32. type: 'string',
  33. help: 'Signature format (asn1, ssh, raw)'
  34. },
  35. {
  36. names: ['signature', 's'],
  37. type: 'string',
  38. help: 'base64-encoded signature data'
  39. },
  40. {
  41. names: ['help', 'h'],
  42. type: 'bool',
  43. help: 'Shows this help text'
  44. }
  45. ];
  46. if (require.main === module) {
  47. var parser = dashdash.createParser({
  48. options: options
  49. });
  50. try {
  51. var opts = parser.parse(process.argv);
  52. } catch (e) {
  53. console.error('sshpk-verify: error: %s', e.message);
  54. process.exit(3);
  55. }
  56. if (opts.help || opts._args.length > 1) {
  57. var help = parser.help({}).trimRight();
  58. console.error('sshpk-verify: sign data using an SSH key\n');
  59. console.error(help);
  60. process.exit(3);
  61. }
  62. if (!opts.identity) {
  63. var help = parser.help({}).trimRight();
  64. console.error('sshpk-verify: the -i or --identity option ' +
  65. 'is required\n');
  66. console.error(help);
  67. process.exit(3);
  68. }
  69. if (!opts.signature) {
  70. var help = parser.help({}).trimRight();
  71. console.error('sshpk-verify: the -s or --signature option ' +
  72. 'is required\n');
  73. console.error(help);
  74. process.exit(3);
  75. }
  76. var keyData = fs.readFileSync(opts.identity);
  77. var key;
  78. try {
  79. key = sshpk.parseKey(keyData);
  80. } catch (e) {
  81. console.error('sshpk-verify: error loading key "' +
  82. opts.identity + '": ' + e.name + ': ' + e.message);
  83. process.exit(2);
  84. }
  85. var fmt = opts.format || 'asn1';
  86. var sigData = new Buffer(opts.signature, 'base64');
  87. var sig;
  88. try {
  89. sig = sshpk.parseSignature(sigData, key.type, fmt);
  90. } catch (e) {
  91. console.error('sshpk-verify: error parsing signature: ' +
  92. e.name + ': ' + e.message);
  93. process.exit(2);
  94. }
  95. var hash = opts.hash || key.defaultHashAlgorithm();
  96. var verifier;
  97. try {
  98. verifier = key.createVerify(hash);
  99. } catch (e) {
  100. console.error('sshpk-verify: error creating verifier: ' +
  101. e.name + ': ' + e.message);
  102. process.exit(2);
  103. }
  104. if (opts.verbose) {
  105. console.error('sshpk-verify: using %s-%s with a %d bit key',
  106. key.type, hash, key.size);
  107. }
  108. var inFile = process.stdin;
  109. var inFileName = 'stdin';
  110. var inFilePath;
  111. if (opts.file) {
  112. inFilePath = opts.file;
  113. } else if (opts._args.length === 1) {
  114. inFilePath = opts._args[0];
  115. }
  116. if (inFilePath)
  117. inFileName = path.basename(inFilePath);
  118. try {
  119. if (inFilePath) {
  120. fs.accessSync(inFilePath, fs.R_OK);
  121. inFile = fs.createReadStream(inFilePath);
  122. }
  123. } catch (e) {
  124. console.error('sshpk-verify: error opening input file' +
  125. ': ' + e.name + ': ' + e.message);
  126. process.exit(2);
  127. }
  128. inFile.pipe(verifier);
  129. inFile.on('end', function () {
  130. var ret;
  131. try {
  132. ret = verifier.verify(sig);
  133. } catch (e) {
  134. console.error('sshpk-verify: error verifying data: ' +
  135. e.name + ': ' + e.message);
  136. process.exit(1);
  137. }
  138. if (ret) {
  139. console.error('OK');
  140. process.exit(0);
  141. }
  142. console.error('NOT OK');
  143. process.exit(1);
  144. });
  145. }