[英]nodejs jsonwebtoken with PEM file: error “PEM_read_bio:no start line”
I know there are a bunch of similar questions here but after hours of reading I cannot find a solution to mine. 我知道这里有很多类似的问题,但是经过数小时的阅读,我找不到我的解决方案。 So:
所以:
I am trying to use jwk-to-pem for signing a JSON web token using jsonwebtoken . 我试图用JWK到PEM签署使用JSON网络令牌jsonwebtoken 。 I have previously achieved this but now the same code does not work.
我以前已经实现了,但是现在相同的代码不起作用。 After calling
jwt.sign
with the generated pem
I get error:0906D06C:PEM routines:PEM_read_bio:no start line
. 用生成的
pem
调用jwt.sign
,我得到error:0906D06C:PEM routines:PEM_read_bio:no start line
。 I know that common reasons would include wrong linebreaks like \\r
or generally wrong format. 我知道常见的原因包括
\\r
等换行符或格式错误。 I actually even dug through the core nodejs code and found the line throwing this error. 实际上,我什至挖了核心的nodejs代码,发现抛出此错误的行 。
Countless adjustments and attempts brought no solution. 无数的调整和尝试都没有解决方案。 Specifically:
特别:
\\n
\\n
-----BEGIN PUBLIC KEY-----
or -----BEGIN RSA PUBLIC KEY-----
-----BEGIN PUBLIC KEY-----
或-----BEGIN RSA PUBLIC KEY-----
\\n
as last character \\n
作为最后一个字符 pem
string to disk and re-reading it, using node's fs
. fs
将pem
字符串写入磁盘并重新读取。 pem
file to several other files with several editors eg using vi -b
or regex. vi -b
或regex)将pem
文件与其他几个文件进行了比较。 pem
content to jwt.sign
as well as pem.toString('utf8')
as well as every other string encouding supported by node pem
内容的原始文件缓冲区传递给jwt.sign
以及pem.toString('utf8')
以及节点支持的所有其他字符串 pem
file using linux tools and give that to jwt.sign
. pem
文件,并将其提供给jwt.sign
。 Specifically: ssh-keygen -t rsa -b 2048 -f jwtRS256.key
ssh-keygen -t rsa -b 2048 -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.pem
What am I missing here? 我在这里想念什么? What possible causes I did not think of can this have?
我没有想到的可能原因是什么?
I found a very simple explanation: I was by mistake using the public instead of the private key. 我找到了一个非常简单的解释:我误用了公共密钥而不是私有密钥。 The error thrown by openssl/crypto is very misleading.
openssl / crypto引发的错误非常容易引起误解。
Using a private pem/key the signing works as expected. 使用私有的pem /密钥,签名可以按预期进行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.