jwt - 错误:EVP_PKEY_sign_init:此键类型不支持操作
问题描述
使用jsonwebtoken 8.2.0
,以下代码使用 RS256 对有效负载进行签名:
const jwt = require('jsonwebtoken');
const token = jwt.sign( //<<==sign throw error below
{
uid: this.id, //<<==payload
},
key, //<<==RSA private key of 2048bit
{
expiresIn: (parseInt(process.env.jwt_token_expire_days) * 24).toString() + 'h',
algorithm: 'RS256'
}
);
标志抛出错误:
(node:6528) UnhandledPromiseRejectionWarning: Error: error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not supported for this keytype
at Sign.sign (internal/crypto/sig.js:110:29)
at Object.sign (C:\d\code\js\xyz\node_modules\jwa\index.js:152:45)
at Object.jwsSign [as sign] (C:\d\code\js\xyz\node_modules\jws\lib\sign-stream.js:32:24)
at Object.module.exports [as sign] (C:\d\code\js\xyz\node_modules\jsonwebtoken\sign.js:204:16)
at Viewer.RSAAuthToken (C:\d\code\js\xyz\models\viewer.js:162:21)
at C:\d\code\js\xyz\routes\viewers.js:184:41
at processTicksAndRejections (internal/process/task_queues.js:93:5)
(Use `node --trace-warnings ...` to show where the warning was created)
(node:6528) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:6528) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
Viewer verification status update failed TypeError: res.setheader is not a function
at C:\d\code\js\xyz\routes\viewers.js:203:17
at processTicksAndRejections (internal/process/task_queues.js:93:5)
RSA 私钥(2048 位)如下所示:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAtBwLxqZEirr0uhtMTThmVDu3XKFVgE+qQqQ6oi6P/cvnTBHc
zlnmgqYNpufUbnIgGSZ9RzL29gVq6o/Dc4Sf1C0sEdkU1A5weFEegpeQTfEU1XI9
.....
0q6yoDXSl7JC+y5BWaz75xFX+tb4hKVTD27BvNDYRuvRsFeiKnn7vDmVS1/CoSnd
bv9Y1DrudRU2PkgAUPqbxDzuCNY9VW8IAP/DCw0oJBJP+wzdH9uvhg==
-----END RSA PRIVATE KEY-----
这里有什么问题?
解决方案
这可能是因为您的 RSA 密钥实际上是 RSA-PSS 密钥,对使用的填充、使用、算法、摘要或这些的任何组合有限制。您可以通过执行来确认这个假设
const { createPrivateKey } = require('crypto')
const pk = createPrivateKey(pem)
console.log(pk.asymmetricKeyType)
如果您被rsa-pss
登录,那么您的密钥将限制可以使用它执行的操作。
推荐阅读
- java - 在java中的csv(分隔符为逗号)的字段值中包含逗号
- networking - Web 请求问题 [来自 Postman,但不是来自 python]
- asp.net-mvc - asp.net 从几个文本字段中获取值
- java - 使用spring mvc测试时方法调用异常
- github - 用于下载令牌的 GitHub API
- c# - 最小起订量测试电子邮件服务,无法取回价值
- google-maps - 如何在google maps中直接识别一个城市的坐标?
- javascript - 使用 Javascript 将 CSS 添加到 iframe 内的 iframe 没有 ID
- c# - 无法加载文件或程序集“AvalonWizard,PublicKeyToken=null”或其依赖项之一
- android - 自定义列表视图设置背景问题