#!/usr/bin/env node // -*- mode: js -*- // vim: set filetype=javascript : // Copyright 2015 Joyent, Inc. All rights reserved.

var dashdash = require('dashdash'); var sshpk = require('../lib/index'); var fs = require('fs'); var path = require('path'); var getPassword = require('getpass').getPass;

var options = [

{
        names: ['hash', 'H'],
        type: 'string',
        help: 'Hash algorithm (sha1, sha256, sha384, sha512)'
},
{
        names: ['verbose', 'v'],
        type: 'bool',
        help: 'Display verbose info about key and hash used'
},
{
        names: ['identity', 'i'],
        type: 'string',
        help: 'Path to key to use'
},
{
        names: ['file', 'f'],
        type: 'string',
        help: 'Input filename'
},
{
        names: ['out', 'o'],
        type: 'string',
        help: 'Output filename'
},
{
        names: ['format', 't'],
        type: 'string',
        help: 'Signature format (asn1, ssh, raw)'
},
{
        names: ['binary', 'b'],
        type: 'bool',
        help: 'Output raw binary instead of base64'
},
{
        names: ['help', 'h'],
        type: 'bool',
        help: 'Shows this help text'
}

];

var parseOpts = {};

if (require.main === module) {

var parser = dashdash.createParser({
        options: options
});

try {
        var opts = parser.parse(process.argv);
} catch (e) {
        console.error('sshpk-sign: error: %s', e.message);
        process.exit(1);
}

if (opts.help || opts._args.length > 1) {
        var help = parser.help({}).trimRight();
        console.error('sshpk-sign: sign data using an SSH key\n');
        console.error(help);
        process.exit(1);
}

if (!opts.identity) {
        var help = parser.help({}).trimRight();
        console.error('sshpk-sign: the -i or --identity option ' +
            'is required\n');
        console.error(help);
        process.exit(1);
}

var keyData = fs.readFileSync(opts.identity);
parseOpts.filename = opts.identity;

run();

}

function run() {

var key;
try {
        key = sshpk.parsePrivateKey(keyData, 'auto', parseOpts);
} catch (e) {
        if (e.name === 'KeyEncryptedError') {
                getPassword(function (err, pw) {
                        parseOpts.passphrase = pw;
                        run();
                });
                return;
        }
        console.error('sshpk-sign: error loading private key "' +
            opts.identity + '": ' + e.name + ': ' + e.message);
        process.exit(1);
}

var hash = opts.hash || key.defaultHashAlgorithm();

var signer;
try {
        signer = key.createSign(hash);
} catch (e) {
        console.error('sshpk-sign: error creating signer: ' +
            e.name + ': ' + e.message);
        process.exit(1);
}

if (opts.verbose) {
        console.error('sshpk-sign: using %s-%s with a %d bit key',
            key.type, hash, key.size);
}

var inFile = process.stdin;
var inFileName = 'stdin';

var inFilePath;
if (opts.file) {
        inFilePath = opts.file;
} else if (opts._args.length === 1) {
        inFilePath = opts._args[0];
}

if (inFilePath)
        inFileName = path.basename(inFilePath);

try {
        if (inFilePath) {
                fs.accessSync(inFilePath, fs.R_OK);
                inFile = fs.createReadStream(inFilePath);
        }
} catch (e) {
        console.error('sshpk-sign: error opening input file' +
             ': ' + e.name + ': ' + e.message);
        process.exit(1);
}

var outFile = process.stdout;

try {
        if (opts.out && !opts.identify) {
                fs.accessSync(path.dirname(opts.out), fs.W_OK);
                outFile = fs.createWriteStream(opts.out);
        }
} catch (e) {
        console.error('sshpk-sign: error opening output file' +
            ': ' + e.name + ': ' + e.message);
        process.exit(1);
}

inFile.pipe(signer);
inFile.on('end', function () {
        var sig;
        try {
                sig = signer.sign();
        } catch (e) {
                console.error('sshpk-sign: error signing data: ' +
                    e.name + ': ' + e.message);
                process.exit(1);
        }

        var fmt = opts.format || 'asn1';
        var output;
        try {
                output = sig.toBuffer(fmt);
                if (!opts.binary)
                        output = output.toString('base64');
        } catch (e) {
                console.error('sshpk-sign: error converting signature' +
                    ' to ' + fmt + ' format: ' + e.name + ': ' +
                    e.message);
                process.exit(1);
        }

        outFile.write(output);
        if (!opts.binary)
                outFile.write('\n');
        outFile.once('drain', function () {
                process.exit(0);
        });
});

}