我正在尝试使用“jsonwebtoken”来创建带有 RS256 的 JWT。我已经使用此命令创建了密钥:
ssh-keygen -t rsa -b 4096 -m PEM -f <filename>
私钥的输出如下所示:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,3EA25EB113F5940340B4995D7B29B4F7
bQ4mTHOuQgGobjCKwfgOAml1BIa8Qs7VMuGTRYDyXFCNjx+5gdz687z1GdwEQlFu
GYbD15...
-----END RSA PRIVATE KEY-----
我用“fs”读取私钥并将其传递给 jsonwebtoken:
jwt.sign(myData, privateKey, options)
但是,我每次都会收到此错误:
Error: secretOrPrivateKey must be an asymmetric key when using RS256
我查了一下,其他有同样问题的人已经通过将其放入我所拥有的格式来解决它。对我来说,它的格式似乎正确,但 jsonwebtoken 拒绝加密它。
我尝试删除 2 个标题行(Proc-Type 和 DEK-Info),但这根本没有帮助。为什么它声称我的密钥不正确?如果不是它,我如何为其创建正确的密钥?
根据jswonwebtoken库的文档,还支持加密密钥,s。秒。 用法
如果私钥带有密码短语,则为对象 { key, passphrase } 可以使用(基于加密文档),在这种情况下请确保您 通过算法选项。
下面您将找到示例代码。加密密钥是使用您的 ssh-keygen 语句生成的:
var jwt = require("jsonwebtoken");
var pkcs1PemEncrypted = `-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,1163F6773A42B5DFDCF62BC633E69B22
uAlFXa6a21ndPVj4mH9QbYbpiG7APDxWpuh2GwX/xK3oPRDni+t/uqmu/HXcUKM9
w9DR4D44JmHfPtn70zoNGlRw/n5XX9BpWJkMcby67OMc2/Y0w4F3gmpT7jPanB27
GIjadYu4wiBSW1yFTGsOivanTge3r5CLEBzN4BsWFj5lYG0Z5rHkQRCdgpbzDYWh
xKsCtCEyjo8yvs5AF3/pooShTMssFyKVZnqDJBy4YQ1lq7fkeII6onlqHvwBCqmB
X018DlUe8KVGWdfI49b1KHiHxc5n5/tOPn5hjSSCI9E2LgPbl1Sz3/7MBQNVePqN
Cj7HNDhC2k+oSm8ec7pM9/ACmE0KHvKLSi95rP+ul3j1c3+mP8nzdX2gbLZCxz6K
pnRqA/3303NQbYJVGJmFntC9MIMArvitpuQesGsD/QjRgZs3KXDZgIY3oUS64P6a
PPhHWzlf0YduKsZJro3/eDMkoNX+bnaalkdwdFNrpFehpEHjXo5SpNOR/QrUeG+Q
Y4sBfTfOg++B5Xt+za9Bv8ie/dGXoW89A8J2ABC8mUCP8HXa1yAuDA/kRW1/2XVW
cJsmhKiyCUpdZu4jrS1LwmtIuHiVhrX9DfO6wtbGuMqzb3pUdDeBt/XnFoyHl+70
P178+v6YL16oSkZ+a7UkkCW7eCaukpEJxnqKT8HSswsDycqnqY3csbdMX5yJRZLr
XmWn/4TsKh4P2Z19AJxPt1BInYcxaGEI+cLDlhTQUu0u/Ho9TNscFXwAQHPVfwvk
2UFu9Z6TY6erFelwoEWyXyLCnK71Ba1/gdIO4ID4+lylkOizmj4QCD2irxQtfs7S
RtvR8YzkS88KXVDsy1oKRCwfRgVQL/B/xprH9CdBOCH5Wpz1/FbxP2JwJFuPZ5kU
+e00rvTd+Qu/OpS/hZfyrqQtVif83C3Lh3dcF6aysenDWF8vq4LY/3cEkSsHaYlq
BGZI2cIpu3K049XqXjOvstJy86I1EaCJAGvTzQD4WVbw3OKj0lhfgoOSVOF5Sh/9
z5briWohG13hDzv2Luzf3i3vpkdEBTPzyBTJ79rX0hr+ict1QNU8bT52g3/yuIPN
W8MMeNNgGiKB0pQFwFajYDbQR+sPiiIgQG5GqEznjghLwJeWat61d0p+ViOF4Yqr
JvEByfUbNZolg0pRknt4PgtroY228j2uxKWv16/1lUiEuoanAgFlUDzCefY6O7a/
u4bQPKcE+L2lTfd5CJf9wxRccdpji8GARPLk7AYNj8i6jPpRANUotPLCwkuSn/1m
++GUl2MUTX7DTjtiXYigd6QPe5oN3z0+B7xWYBWhHPcT0go32NwDEBYbG0RiddcJ
sZNx3jrdhCAYmiWvuSJXgFzSOqLoZeaFRgOpVbDjro//wUGhxLILzslyYRgNjRpy
pwhwcinT1VTjt/gtaBsAUZzMuJ5Esr7hBpavbYzsMPJsKKlLVABWeKHZIbN7rqxD
rfEX9gO7enD6iW0FNFfZFlI+GazSFH5cBBhJZCdmipdgFhnFY2I1epvIwF69hAVy
KDU7PQS+CIl+TUbZNguw2zPRO6wOpS7ZuxF1Kls5yeqfVrSF8K8cm/WM5/LJY2eO
E/S84fAyiejER1mSQx6+Bidk1n7esuHk0FHF/dLU60bluNxB+Id4K1ZSzqOO0BtI
r7yVdt0d7gniEDDlqpDRplnsPWvpw7oW24N3Al/FhkA4brI/43GepwecPmETl4oZ
UJgpQYc/3Nxi/mu9bVRLw2UTqWSovqj4DUejhX2nQe2+u9Q2px7iv/13x852+8jb
Ju3NKSXIHb+mreISH16DOnapk4L16UI7ArTzUnThayJQCWG0RDq1Z75j5AUMUVw0
WXc7/Jz/rcJ3gDVr3UHBNNE0cSJVOsvWsolvLFn77mOz9WhrMCMg09qY5EJeWoaF
NkM4kwQUMlcJM17CEzpHCdy4+/8tr5ZS390MSlj3nQ33ZM1u/iugSL8b71XWNWbD
y5BwysLAFoc7+ZKACPGvW9J1X1GMJvq6G+F20I2fbLwopWQzWQw76cYH1hWptlmK
ILzO4G+KIpnOoAUpSak9vAFDKxEb89lf3T01gXIJhB0pNuHWEKwgtT2sHeWfwTvn
F7fUKxehqLoOO1ssuD/vdnTEkF8bAonL7NRfZRcVPJNVICw251eYxaoaUrnutXjr
7r0nBlQAUyZpW7ZFDOb8PCJcsqvHtB81KObRN9NV1KUdOh6C13hTdlxMebsz4Wt5
7wTSgAq2/yRb+LtZ8e10qfPiXvoMnMc6yKT2RQXAbjpTfrNvEr44mYBqhIbvVDx9
S3ts/SQYzHHXRy8FFcHWV0sIBJSwzy3fCz3AhfrvOn9yZy8Vb70H2T5CAWd47Akm
JMiREGwrcz1HCnp7IKlSZxBSCZisuhWE9MEPSofLGShIyrn3vxTYX7WJv9kIfxVA
4kudQuXJlXaLz2my6UpcO7CiD45K+2p4ogeW7N6nXnUzpWDLnupJCRvPT0NtJFbs
1rrhVdIvn2Jy+NowF5a108S6AsY0nJb3rb7wvSKCtECRKoeM0oDemwjVt/OgK3aF
mem/3LhB9dyMkBy0G6uahkrtDKOr8KocCaZRKLet9IxZBYtMS+ci6Bb8/dP4K7yW
Ykw77CQUJp7+5rpMPnHyYMkf3HW9GFJmq/Gzk6GlCk7aX+a+54NwPc8DnaSptqko
DIjHS6R0O76MeU2QeqIE07Z20KXZJrtpko4eqreoS+taGhEWuLeg2V4Yp7G4rE6I
C6Flz3r3VYoE6afiZtG23JKSNXtw0eOB5D/2rMWv1EIq0IRYbHcZEyEmotWppp9U
eB1qKBfsKK5ScCUjwKXcSyryesHPRxPDj0zUCQyhkJzxq+3f1Wo+g2dEh1WFqURF
MEv21T9UhSxFH+npXl2HsTg9RF5Ve4FoyCPuDNuiS0suHRsd57hvt6GU/4uk48q3
tnXEGEAKDek56Gksj7INYMDxcn5TP8Qh4gRjGiTvyVJ2k+pECeD90s5q6dmZ0XSf
8frrm20NW9iGU7VcpBlvAjh2IIbLXy3z4jxzUzJw/cwyTFVEtG+T/utkRawSvu9O
q6QCKZO2GfdEl7+bIpdZI2cdxPXvez0+7ZBPmveiwMzAAfDQkgZXqW2dOMWaSgpX
-----END RSA PRIVATE KEY-----`;
var payload = {
sub: '1234567890',
name: 'John Doe',
admin: true,
iat: 1516239022
};
const signedJwt = jwt.sign(payload, {key: pkcs1PemEncrypted, passphrase: "whatever"}, { algorithm: "RS256" });
console.log(signedJwt);