Support for fingerprinting ssh keys

TritonDataCenter · Sep 14, 2011 · ddff235 · ddff235
1 parent 5242873
commit ddff235
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 2 deletions.
diff --git a/lib/index.js b/lib/index.js
@@ -18,6 +18,7 @@ module.exports = {
   signRequest: signer.signRequest,
 
   sshKeyToPEM: util.sshKeyToPEM,
+  sshKeyFingerprint: util.fingerprint,
 
   verify: verify.verifySignature,
   verifySignature: verify.verifySignature

diff --git a/lib/util.js b/lib/util.js
@@ -1,5 +1,7 @@
 // Copyright 2011 Joyent, Inc.  All rights reserved.
 
+var crypto = require('crypto');
+
 var asn1 = require('asn1');
 var ctype = require('ctype');
 
@@ -123,6 +125,40 @@ module.exports = {
       newKey += '\n';
 
     return '-----BEGIN PUBLIC KEY-----' + newKey + '-----END PUBLIC KEY-----\n';
+  },
+
+
+  /**
+   * Generates an OpenSSH fingerprint from an ssh public key.
+   *
+   * @param {String} key an OpenSSH public key.
+   * @return {String} key fingerprint.
+   * @throws {TypeError} on bad input.
+   * @throws {Error} if what you passed doesn't look like an ssh public key.
+   */
+  fingerprint: function(key) {
+    if (!key || typeof(key) !== 'string')
+      throw new TypeError('ssh_key (string) required');
+
+    var pieces = key.split(' ');
+    if (!pieces || !pieces.length || pieces.length < 2)
+      throw new Error('invalid ssh key');
+
+    var data = new Buffer(pieces[1], 'base64');
+
+    var hash = crypto.createHash('md5');
+    hash.update(data);
+    var digest = hash.digest('hex');
+
+    var fp = '';
+    for (var i = 0; i < digest.length; i++) {
+      if (i && i % 2 === 0)
+        fp += ':';
+
+      fp += digest[i];
+    }
+
+    return fp;
   }
 
 

diff --git a/package.json b/package.json
@@ -2,7 +2,7 @@
   "author": "Joyent, Inc",
   "name": "http-signature",
   "description": "Reference implementation of Joyent's HTTP Signature Scheme",
-  "version": "0.9.3",
+  "version": "0.9.4",
   "homepage": "http://www.joyent.com",
   "repository": {
     "type": "git",
@@ -18,7 +18,7 @@
   },
   "dependencies": {
     "asn1": "0.1.5",
-    "ctype": "0.0.3",
+    "ctype": "0.1.0",
     "sprintf": "0.1.1"
   },
   "devDependencies": {

diff --git a/tst/convert.test.js b/tst/convert.test.js
@@ -2,6 +2,7 @@
 
 var test = require('tap').test;
 
+var sshKeyFingerprint = require('../lib/index').sshKeyFingerprint;
 var sshKeyToPEM = require('../lib/index').sshKeyToPEM;
 
 
@@ -80,3 +81,10 @@ test('4096b rsa ssh key', function(t) {
   t.equal(sshKeyToPEM(SSH_4096), PEM_4096);
   t.end();
 });
+
+
+test('fingerprint', function(t) {
+  var fp = sshKeyFingerprint(SSH_1024);
+  t.equal(fp, '59:a4:61:0e:38:18:9f:0f:28:58:2a:27:f7:65:c5:87');
+  t.end();
+});