diff options
Diffstat (limited to 'node_modules/sshpk/bin/sshpk-conv')
| -rwxr-xr-x | node_modules/sshpk/bin/sshpk-conv | 243 |
1 files changed, 243 insertions, 0 deletions
diff --git a/node_modules/sshpk/bin/sshpk-conv b/node_modules/sshpk/bin/sshpk-conv new file mode 100755 index 0000000..e839ede --- /dev/null +++ b/node_modules/sshpk/bin/sshpk-conv @@ -0,0 +1,243 @@ +#!/usr/bin/env node +// -*- mode: js -*- +// vim: set filetype=javascript : +// Copyright 2018 Joyent, Inc. All rights reserved. + +var dashdash = require('dashdash'); +var sshpk = require('../lib/index'); +var fs = require('fs'); +var path = require('path'); +var tty = require('tty'); +var readline = require('readline'); +var getPassword = require('getpass').getPass; + +var options = [ + { + names: ['outformat', 't'], + type: 'string', + help: 'Output format' + }, + { + names: ['informat', 'T'], + type: 'string', + help: 'Input format' + }, + { + names: ['file', 'f'], + type: 'string', + help: 'Input file name (default stdin)' + }, + { + names: ['out', 'o'], + type: 'string', + help: 'Output file name (default stdout)' + }, + { + names: ['private', 'p'], + type: 'bool', + help: 'Produce a private key as output' + }, + { + names: ['derive', 'd'], + type: 'string', + help: 'Output a new key derived from this one, with given algo' + }, + { + names: ['identify', 'i'], + type: 'bool', + help: 'Print key metadata instead of converting' + }, + { + names: ['fingerprint', 'F'], + type: 'bool', + help: 'Output key fingerprint' + }, + { + names: ['hash', 'H'], + type: 'string', + help: 'Hash function to use for key fingeprint with -F' + }, + { + names: ['spki', 's'], + type: 'bool', + help: 'With -F, generates an SPKI fingerprint instead of SSH' + }, + { + names: ['comment', 'c'], + type: 'string', + help: 'Set key comment, if output format supports' + }, + { + names: ['help', 'h'], + type: 'bool', + help: 'Shows this help text' + } +]; + +if (require.main === module) { + var parser = dashdash.createParser({ + options: options + }); + + try { + var opts = parser.parse(process.argv); + } catch (e) { + console.error('sshpk-conv: error: %s', e.message); + process.exit(1); + } + + if (opts.help || opts._args.length > 1) { + var help = parser.help({}).trimRight(); + console.error('sshpk-conv: converts between SSH key formats\n'); + console.error(help); + console.error('\navailable key formats:'); + console.error(' - pem, pkcs1 eg id_rsa'); + console.error(' - ssh eg id_rsa.pub'); + console.error(' - pkcs8 format you want for openssl'); + console.error(' - openssh like output of ssh-keygen -o'); + console.error(' - rfc4253 raw OpenSSH wire format'); + console.error(' - dnssec dnssec-keygen format'); + console.error(' - putty PuTTY ppk format'); + console.error('\navailable fingerprint formats:'); + console.error(' - hex colon-separated hex for SSH'); + console.error(' straight hex for SPKI'); + console.error(' - base64 SHA256:* format from OpenSSH'); + process.exit(1); + } + + /* + * Key derivation can only be done on private keys, so use of the -d + * option necessarily implies -p. + */ + if (opts.derive) + opts.private = true; + + var inFile = process.stdin; + var inFileName = 'stdin'; + + var inFilePath; + if (opts.file) { + inFilePath = opts.file; + } else if (opts._args.length === 1) { + inFilePath = opts._args[0]; + } + + if (inFilePath) + inFileName = path.basename(inFilePath); + + try { + if (inFilePath) { + fs.accessSync(inFilePath, fs.R_OK); + inFile = fs.createReadStream(inFilePath); + } + } catch (e) { + ifError(e, 'error opening input file'); + } + + var outFile = process.stdout; + + try { + if (opts.out && !opts.identify) { + fs.accessSync(path.dirname(opts.out), fs.W_OK); + outFile = fs.createWriteStream(opts.out); + } + } catch (e) { + ifError(e, 'error opening output file'); + } + + var bufs = []; + inFile.on('readable', function () { + var data; + while ((data = inFile.read())) + bufs.push(data); + }); + var parseOpts = {}; + parseOpts.filename = inFileName; + inFile.on('end', function processKey() { + var buf = Buffer.concat(bufs); + var fmt = 'auto'; + if (opts.informat) + fmt = opts.informat; + var f = sshpk.parseKey; + if (opts.private) + f = sshpk.parsePrivateKey; + try { + var key = f(buf, fmt, parseOpts); + } catch (e) { + if (e.name === 'KeyEncryptedError') { + getPassword(function (err, pw) { + if (err) + ifError(err); + parseOpts.passphrase = pw; + processKey(); + }); + return; + } + ifError(e); + } + + if (opts.derive) + key = key.derive(opts.derive); + + if (opts.comment) + key.comment = opts.comment; + + if (opts.identify) { + var kind = 'public'; + if (sshpk.PrivateKey.isPrivateKey(key)) + kind = 'private'; + console.log('%s: a %d bit %s %s key', inFileName, + key.size, key.type.toUpperCase(), kind); + if (key.type === 'ecdsa') + console.log('ECDSA curve: %s', key.curve); + if (key.comment) + console.log('Comment: %s', key.comment); + console.log('SHA256 fingerprint: ' + + key.fingerprint('sha256').toString()); + console.log('MD5 fingerprint: ' + + key.fingerprint('md5').toString()); + console.log('SPKI-SHA256 fingerprint: ' + + key.fingerprint('sha256', 'spki').toString()); + process.exit(0); + return; + } + + if (opts.fingerprint) { + var hash = opts.hash; + var type = opts.spki ? 'spki' : 'ssh'; + var format = opts.outformat; + var fp = key.fingerprint(hash, type).toString(format); + outFile.write(fp); + outFile.write('\n'); + outFile.once('drain', function () { + process.exit(0); + }); + return; + } + + fmt = undefined; + if (opts.outformat) + fmt = opts.outformat; + outFile.write(key.toBuffer(fmt)); + if (fmt === 'ssh' || + (!opts.private && fmt === undefined)) + outFile.write('\n'); + outFile.once('drain', function () { + process.exit(0); + }); + }); +} + +function ifError(e, txt) { + if (txt) + txt = txt + ': '; + else + txt = ''; + console.error('sshpk-conv: ' + txt + e.name + ': ' + e.message); + if (process.env['DEBUG'] || process.env['V']) { + console.error(e.stack); + if (e.innerErr) + console.error(e.innerErr.stack); + } + process.exit(1); +} |