Rework to use CloudAPI v.next with fingerprints instead of key names

TritonDataCenter · Dec 5, 2011 · 0a98a1f · 0a98a1f
1 parent 120f3f5
commit 0a98a1f
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 21 deletions.
diff --git a/bin/sdc-createkey b/bin/sdc-createkey
@@ -43,7 +43,7 @@ function loadNewKey(key) {
   try {
     return fs.readFileSync(key, 'ascii');
   } catch(e) {
-    common.usage(usageStr, 2, 'Unable to load key ' + identity + ': ' + e);
+    common.usage(usageStr, 2, 'Unable to load key ' + key + ': ' + e);
   }
 }
 

diff --git a/bin/sdc-setup b/bin/sdc-setup
@@ -120,7 +120,6 @@ function dumpEnvVars(url, account, keyId) {
               'easier:');
   console.log('export SDC_CLI_URL=' + url);
   console.log('export SDC_CLI_ACCOUNT=' + account);
-  console.log('export SDC_CLI_KEY_ID=' + keyId);
 }
 
 

diff --git a/lib/cli_common.js b/lib/cli_common.js
@@ -5,6 +5,7 @@ var fs = require('fs');
 var path = require('path');
 var url = require('url');
 
+var httpSignature = require('http-signature');
 var nopt = require('nopt');
 var restify = require('restify');
 var SSHAgentClient = require('ssh-agent');
@@ -20,7 +21,7 @@ url.name = 'url';
 ///--- Globals
 
 var log = restify.log;
-
+var getFingerprint = httpSignature.sshKeyFingerprint;
 
 ///--- Internal Functions
 
@@ -99,7 +100,25 @@ function loadSigningKey(parsed, callback) {
       process.exit(2);
     }
     parsed.signingKey = file;
-    return callback(parsed);
+
+    if (parsed.keyId)
+      return callback(parsed);
+
+    fs.readFile(parsed.identity + '.pub', 'ascii', function(err, file) {
+      if (err) {
+        console.error(err.message);
+        process.exit(2);
+      }
+      try {
+        parsed.keyId = getFingerprint(file);
+      } catch (e) {
+        console.error('Unable to take fingerprint of public key: ' + e.stack);
+        process.exit(2);
+      }
+
+      return callback(parsed);
+    });
+
   });
 }
 
@@ -155,13 +174,8 @@ module.exports = {
       }
     }
 
-    if (!parsed.keyId) {
-      if (process.env.SDC_CLI_KEY_ID) {
-        parsed.keyId = process.env.SDC_CLI_KEY_ID;
-      } else {
-        parsed.keyId = 'id_rsa';
-      }
-    }
+    if (!parsed.keyId && process.env.SDC_CLI_KEY_ID)
+      parsed.keyId = process.env.SDC_CLI_KEY_ID;
 
     if (!parsed.account)
       parsed.account = process.env.SDC_CLI_ACCOUNT;

diff --git a/lib/cloudapi.js b/lib/cloudapi.js
@@ -2045,7 +2045,7 @@ CloudAPI.prototype._request = function(path, body, callback) {
   var obj = {
     path: _encodeURI(path),
     headers: {
-      Authorization: authz,
+      Authorization: null,
       Date: now
     }
   };
@@ -2057,20 +2057,23 @@ CloudAPI.prototype._request = function(path, body, callback) {
     obj.headers.Authorization = this.basicAuth;
   } else {
     if (!this.sshAgent) {
-      var signer = crypto.createSign('RSA-SHA256');
+      var alg = / DSA /.test(this.key) ? 'DSA-SHA1' : 'RSA-SHA256';
+      var signer = crypto.createSign(alg);
       signer.update(now);
       obj.headers.Authorization = sprintf(SIGNATURE,
                                           this.keyId,
-                                          'rsa-sha256',
+                                          alg.toLowerCase(),
                                           signer.sign(this.key, 'base64'));
     } else {
       var self = this;
       return this.sshAgent.sign(this.key, new Buffer(now), function(err, sig) {
-        if (!err && sig)
+        if (!err && sig) {
+          var alg = /DSA/i.test(self.key) ? 'dsa-sha1' : 'rsa-sha1';
           obj.headers.Authorization = sprintf(SIGNATURE,
                                               self.keyId,
-                                              'rsa-sha1',
+                                              alg,
                                               sig.signature);
+        }
 
         return callback(obj);
       });

diff --git a/package.json b/package.json
@@ -19,11 +19,12 @@
     "lib": "./lib"
   },
   "dependencies": {
-    "lru-cache": "~1.0.2",
-    "nopt": "~1.0.7",
-    "restify": "~0.4.3",
-    "sprintf": "~0.1.1",
-    "ssh-agent": "~0.1.0"
+    "http-signature": "0.9.6",
+    "lru-cache": "1.0.4",
+    "nopt": "1.0.10",
+    "restify": "0.5.4",
+    "sprintf": "0.1.1",
+    "ssh-agent": "0.1.0"
   },
   "devDependencies": {}
 }