[英]Why I am this Error in decoding JSON Web Token Error: error:0909006C:PEM routines:get_name:no start line
I have a key named social-public.key
, which I am using to decode JWTs, but the problem is I am having an error as below我有一个名为social-public.key
的密钥,我用它来解码 JWT,但问题是我遇到了如下错误
Error occurred while decoding access token Error: error:0909006C:PEM routines:get_name:no start line
at Verify.verify (internal/crypto/sig.js:157:24)
at Object.verify (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jwa\index.js:164:21)
at Object.jwsVerify [as verify] (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jws\lib\verify-stream.js:54:15)
at D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:127:19
at getSecret (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:90:14)
at Object.module.exports [as verify] (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:94:10)
at D:\SocialAnalysisDashboard\social-dashboard-user-service\express\Middlewares\auth.js:24:46
at processTicksAndRejections (internal/process/task_queues.js:93:5) {
library: 'PEM routines',
function: 'get_name',
reason: 'no start line',
code: 'ERR_OSSL_PEM_NO_START_LINE'
}
Here is code the code I am using to decode JWTs,这是我用来解码 JWT 的代码,
const decodedToken = jwt.verify(token, key, {algorithms: ['RS256']});
Mostly solutions I have found are related to .pem
files.我发现的大多数解决方案都与.pem
文件有关。
I had a similar problem and I fixed it with help of this issue post.我有一个类似的问题,我在这个问题帖子的帮助下修复了它。 You only need one key to sign and verify if you use HS256
.如果您使用HS256
您只需要一把钥匙来签名和验证。 The RSA
version requires a public and private key (Public for verification and private for signing) RSA
版本需要公钥和私钥(公钥用于验证,私钥用于签名)
Follow the following steps:请按照以下步骤操作:
base64
and can be giving directly in the jsonwebtoken
module from npm
我将它保存在base64
,可以直接在npm
的jsonwebtoken
模块中提供\\n
) is giving with the base64
string确保新行字节( \\n
)与base64
字符串一起给出example:例子:
let secret = [
'-----BEGIN PRIVATE KEY-----',
'MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAkcd7iupXSHhgIRat',
'b2gnEiyC3AIf7GCrISTtgM5Lb8kccGjunU8sIqwwd3BV6qD+pExeyvMyU085RHRX',
'ud1cyQIDAQABAkAzmni6GPAiwDHPJLbqK+VAwq7j8ICabTHGvsqwANalT/O4V75m',
'e2ExeqV05+jlzVOGrQ953n8Mx1u0uRgPlfoBAiEAyO3qytGKRRzlqBuGwPFPde4a',
'66ZW4AmRcBwwuKp1zgkCIQC5u/2j/JFzM4GTbpoC0a2u78+tqYQW7Y/Usu6AAubI',
'wQIhAMKbhMQJ7UUBNwH6HyryzcZn5pUEl7IIMmAGPb4uA0mZAiAbJPhawQzY00w6',
'qc1kYBSMHowxiza8yxdcNJJarxHfgQIgcw2oEtn8GbvNMOsFg0Q9TPMdQ+uhxhWK',
'xhVgWkIkTVU=',
'-----END PRIVATE KEY-----',
].join('\n');
Same goes for the public key when verifying.验证时公钥也是如此。
// Create a signed JWT token
const token = jwt.sign(payload, privKey, {algorithm: 'RS256', ...otherSignOptions});
// returns undefined if token could not be verified
jwt.verify(token, pubKey);
I'd recommend of course reading the key from a file instead of hardcoding it.我当然建议从文件中读取密钥,而不是对其进行硬编码。 (preferably in a safe location) (最好在安全的地方)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.