|
|
#!/usr/bin/env node // -*- mode: js -*- // vim: set filetype=javascript : // Copyright 2018 Joyent, Inc. All rights reserved.
var dashdash = require('dashdash'); var sshpk = require('../lib/index'); var fs = require('fs'); var path = require('path'); var tty = require('tty'); var readline = require('readline'); var getPassword = require('getpass').getPass;
var options = [ { names: ['outformat', 't'], type: 'string', help: 'Output format' }, { names: ['informat', 'T'], type: 'string', help: 'Input format' }, { names: ['file', 'f'], type: 'string', help: 'Input file name (default stdin)' }, { names: ['out', 'o'], type: 'string', help: 'Output file name (default stdout)' }, { names: ['private', 'p'], type: 'bool', help: 'Produce a private key as output' }, { names: ['derive', 'd'], type: 'string', help: 'Output a new key derived from this one, with given algo' }, { names: ['identify', 'i'], type: 'bool', help: 'Print key metadata instead of converting' }, { names: ['fingerprint', 'F'], type: 'bool', help: 'Output key fingerprint' }, { names: ['hash', 'H'], type: 'string', help: 'Hash function to use for key fingeprint with -F' }, { names: ['spki', 's'], type: 'bool', help: 'With -F, generates an SPKI fingerprint instead of SSH' }, { names: ['comment', 'c'], type: 'string', help: 'Set key comment, if output format supports' }, { names: ['help', 'h'], type: 'bool', help: 'Shows this help text' } ];
if (require.main === module) { var parser = dashdash.createParser({ options: options });
try { var opts = parser.parse(process.argv); } catch (e) { console.error('sshpk-conv: error: %s', e.message); process.exit(1); }
if (opts.help || opts._args.length > 1) { var help = parser.help({}).trimRight(); console.error('sshpk-conv: converts between SSH key formats\n'); console.error(help); console.error('\navailable key formats:'); console.error(' - pem, pkcs1 eg id_rsa'); console.error(' - ssh eg id_rsa.pub'); console.error(' - pkcs8 format you want for openssl'); console.error(' - openssh like output of ssh-keygen -o'); console.error(' - rfc4253 raw OpenSSH wire format'); console.error(' - dnssec dnssec-keygen format'); console.error(' - putty PuTTY ppk format'); console.error('\navailable fingerprint formats:'); console.error(' - hex colon-separated hex for SSH'); console.error(' straight hex for SPKI'); console.error(' - base64 SHA256:* format from OpenSSH'); process.exit(1); }
/* * Key derivation can only be done on private keys, so use of the -d * option necessarily implies -p. */ if (opts.derive) opts.private = true;
var inFile = process.stdin; var inFileName = 'stdin';
var inFilePath; if (opts.file) { inFilePath = opts.file; } else if (opts._args.length === 1) { inFilePath = opts._args[0]; }
if (inFilePath) inFileName = path.basename(inFilePath);
try { if (inFilePath) { fs.accessSync(inFilePath, fs.R_OK); inFile = fs.createReadStream(inFilePath); } } catch (e) { ifError(e, 'error opening input file'); }
var outFile = process.stdout;
try { if (opts.out && !opts.identify) { fs.accessSync(path.dirname(opts.out), fs.W_OK); outFile = fs.createWriteStream(opts.out); } } catch (e) { ifError(e, 'error opening output file'); }
var bufs = []; inFile.on('readable', function () { var data; while ((data = inFile.read())) bufs.push(data); }); var parseOpts = {}; parseOpts.filename = inFileName; inFile.on('end', function processKey() { var buf = Buffer.concat(bufs); var fmt = 'auto'; if (opts.informat) fmt = opts.informat; var f = sshpk.parseKey; if (opts.private) f = sshpk.parsePrivateKey; try { var key = f(buf, fmt, parseOpts); } catch (e) { if (e.name === 'KeyEncryptedError') { getPassword(function (err, pw) { if (err) ifError(err); parseOpts.passphrase = pw; processKey(); }); return; } ifError(e); }
if (opts.derive) key = key.derive(opts.derive);
if (opts.comment) key.comment = opts.comment;
if (opts.identify) { var kind = 'public'; if (sshpk.PrivateKey.isPrivateKey(key)) kind = 'private'; console.log('%s: a %d bit %s %s key', inFileName, key.size, key.type.toUpperCase(), kind); if (key.type === 'ecdsa') console.log('ECDSA curve: %s', key.curve); if (key.comment) console.log('Comment: %s', key.comment); console.log('SHA256 fingerprint: ' + key.fingerprint('sha256').toString()); console.log('MD5 fingerprint: ' + key.fingerprint('md5').toString()); console.log('SPKI-SHA256 fingerprint: ' + key.fingerprint('sha256', 'spki').toString()); process.exit(0); return; }
if (opts.fingerprint) { var hash = opts.hash; var type = opts.spki ? 'spki' : 'ssh'; var format = opts.outformat; var fp = key.fingerprint(hash, type).toString(format); outFile.write(fp); outFile.write('\n'); outFile.once('drain', function () { process.exit(0); }); return; }
fmt = undefined; if (opts.outformat) fmt = opts.outformat; outFile.write(key.toBuffer(fmt)); if (fmt === 'ssh' || (!opts.private && fmt === undefined)) outFile.write('\n'); outFile.once('drain', function () { process.exit(0); }); }); }
function ifError(e, txt) { if (txt) txt = txt + ': '; else txt = ''; console.error('sshpk-conv: ' + txt + e.name + ': ' + e.message); if (process.env['DEBUG'] || process.env['V']) { console.error(e.stack); if (e.innerErr) console.error(e.innerErr.stack); } process.exit(1); }
|