带有PEM文件的nodejs jsonwebtoken:错误“ PEM_read_bio:无起始行”
[英]nodejs jsonwebtoken with PEM file: error “PEM_read_bio:no start line”
问题描述
I know there are a bunch of similar questions here but after hours of reading I cannot find a solution to mine. 
我知道这里有很多类似的问题,但是经过数小时的阅读,我找不到我的解决方案。 So: 所以:
I am trying to use jwk-to-pem for signing a JSON web token using jsonwebtoken . 我试图用JWK到PEM签署使用JSON网络令牌jsonwebtoken 。 I have previously achieved this but now the same code does not work. 我以前已经实现了,但是现在相同的代码不起作用。 After calling jwt.sign with the generated pem I get error:0906D06C:PEM routines:PEM_read_bio:no start line . 用生成的pem调用jwt.sign ,我得到error:0906D06C:PEM routines:PEM_read_bio:no start line 。 I know that common reasons would include wrong linebreaks like \\r or generally wrong format. 我知道常见的原因包括\\r等换行符或格式错误。 I actually even dug through the core nodejs code and found the line throwing this error. 实际上,我什至挖了核心的nodejs代码,发现抛出此错误的行 。
Countless adjustments and attempts brought no solution. 无数的调整和尝试都没有解决方案。 Specifically: 特别:
- I made sure that all linebreaks are
\\n我确保所有换行符都是\\n - I tried different strings for the first and last line, eg
-----BEGIN PUBLIC KEY-----or-----BEGIN RSA PUBLIC KEY-----我为第一行和最后一行尝试了不同的字符串,例如-----BEGIN PUBLIC KEY-----或-----BEGIN RSA PUBLIC KEY----- - I made sure that the last line contains a
\\nas last character我确保最后一行包含\\n作为最后一个字符 - I tried to write the
pemstring to disk and re-reading it, using node'sfs.我尝试使用节点的fs将pem字符串写入磁盘并重新读取。 - I compared the
pemfile to several other files with several editors eg usingvi -bor regex.我通过几个编辑器(例如,使用vi -b或regex)将pem文件与其他几个文件进行了比较。 - I tried handing the raw file buffer with the
pemcontent tojwt.signas well aspem.toString('utf8')as well as every other string encouding supported by node我尝试将带有pem内容的原始文件缓冲区传递给jwt.sign以及pem.toString('utf8')以及节点支持的所有其他字符串 - I tried to generate a random
pemfile using linux tools and give that tojwt.sign.我试图使用linux工具生成一个随机的pem文件,并将其提供给jwt.sign。 Specifically:ssh-keygen -t rsa -b 2048 -f jwtRS256.key具体来说: ssh-keygen -t rsa -b 2048 -f jwtRS256.key
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.pem
What am I missing here? 我在这里想念什么? What possible causes I did not think of can this have? 我没有想到的可能原因是什么?
1 个解决方案
解决方案1
0 已采纳 2017-10-02 20:57:16
I found a very simple explanation: I was by mistake using the public instead of the private key. 我找到了一个非常简单的解释:我误用了公共密钥而不是私有密钥。 The error thrown by openssl/crypto is very misleading. openssl / crypto引发的错误非常容易引起误解。
Using a private pem/key the signing works as expected. 使用私有的pem /密钥,签名可以按预期进行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.