![](/img/trans.png)
[英]Firebase/admin using functions Error: error:0909006C:PEM routines:get_name:no start line
[英]Why I am this Error in decoding JSON Web Token Error: error:0909006C:PEM routines:get_name:no start line
我有一個名為social-public.key
的密鑰,我用它來解碼 JWT,但問題是我遇到了如下錯誤
Error occurred while decoding access token Error: error:0909006C:PEM routines:get_name:no start line
at Verify.verify (internal/crypto/sig.js:157:24)
at Object.verify (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jwa\index.js:164:21)
at Object.jwsVerify [as verify] (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jws\lib\verify-stream.js:54:15)
at D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:127:19
at getSecret (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:90:14)
at Object.module.exports [as verify] (D:\SocialAnalysisDashboard\social-dashboard-user-service\node_modules\jsonwebtoken\verify.js:94:10)
at D:\SocialAnalysisDashboard\social-dashboard-user-service\express\Middlewares\auth.js:24:46
at processTicksAndRejections (internal/process/task_queues.js:93:5) {
library: 'PEM routines',
function: 'get_name',
reason: 'no start line',
code: 'ERR_OSSL_PEM_NO_START_LINE'
}
這是我用來解碼 JWT 的代碼,
const decodedToken = jwt.verify(token, key, {algorithms: ['RS256']});
我發現的大多數解決方案都與.pem
文件有關。
我有一個類似的問題,我在這個問題帖子的幫助下修復了它。 如果您使用HS256
您只需要一把鑰匙來簽名和驗證。 RSA
版本需要公鑰和私鑰(公鑰用於驗證,私鑰用於簽名)
請按照以下步驟操作:
base64
,可以直接在npm
的jsonwebtoken
模塊中提供\\n
)與base64
字符串一起給出例子:
let secret = [
'-----BEGIN PRIVATE KEY-----',
'MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAkcd7iupXSHhgIRat',
'b2gnEiyC3AIf7GCrISTtgM5Lb8kccGjunU8sIqwwd3BV6qD+pExeyvMyU085RHRX',
'ud1cyQIDAQABAkAzmni6GPAiwDHPJLbqK+VAwq7j8ICabTHGvsqwANalT/O4V75m',
'e2ExeqV05+jlzVOGrQ953n8Mx1u0uRgPlfoBAiEAyO3qytGKRRzlqBuGwPFPde4a',
'66ZW4AmRcBwwuKp1zgkCIQC5u/2j/JFzM4GTbpoC0a2u78+tqYQW7Y/Usu6AAubI',
'wQIhAMKbhMQJ7UUBNwH6HyryzcZn5pUEl7IIMmAGPb4uA0mZAiAbJPhawQzY00w6',
'qc1kYBSMHowxiza8yxdcNJJarxHfgQIgcw2oEtn8GbvNMOsFg0Q9TPMdQ+uhxhWK',
'xhVgWkIkTVU=',
'-----END PRIVATE KEY-----',
].join('\n');
驗證時公鑰也是如此。
// Create a signed JWT token
const token = jwt.sign(payload, privKey, {algorithm: 'RS256', ...otherSignOptions});
// returns undefined if token could not be verified
jwt.verify(token, pubKey);
我當然建議從文件中讀取密鑰,而不是對其進行硬編碼。 (最好在安全的地方)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.