Monday, 18 December 2017

Trying to implement jwt from a few sources, getting error:0906D06C:PEM routines:PEM_read_bio:no start line

It seems there is a problem with some certificates?Under the tutorials and documentation that I've read including node-jsonwebtokens very own, I haven't read anything about ssl-ing except for a few stackoverflow answers.I thought I could personaly set up a key instead of using 'shhhh' as many tutorials seem to choose. I created a file called private.key and made a crypric 42 length key. This code:console.log(`Acquired private key: ${RSA_PRIVATE_KEY.length}`); gets the proper length, but when I test my POST, I get the 0906D06C:PEM... error.Here is the code that is causing the error... let hash = response[0].password; console.log(`Hash from response[0].password: ${hash}`); bcrypt.compare(PASSWORD, hash).then(function(hashres) { // begin last step of validation if (hashres) { const RSA_PRIVATE_KEY = fs.readFileSync('./private.key'); console.log(`Acquired private key: ${RSA_PRIVATE_KEY.length}`); jwt.sign( {exists: true}, RSA_PRIVATE_KEY, { algorithm: 'RS256', expiresIn: 120, subject: response[0].userId.toString() }, (err, jwtBearerToken) => { console.log(`jwtBeareToken: ${jwtBearerToken}`); // <-- undefined console.log(`err: ${err}`); // <-- pem error here }); res.status(200).json({exists: true}); } else { res.status(400).json({exists: false}); } Note that I'm trying to do this async atm, rather then the sync way if that matters. If I do it syncronously, I still get the PEM error too.const TOKEN = jwt.sign( {exists: true}, RSA_PRIVATE_KEY, { algorithm: 'RS256', expiresIn: 120, subject: response[0].userId.toString() }); oh! and for the private key file(private.key)-----BEGIN RSA PRIVATE KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytBCDJR5/6JAlB7ErBge 22YwN/u0K63wrnCMLde+hQQCYs7pBuYtbyxXF2PBFuHS+ytD9PSpY9t3NiGbk/9U s9GYCnqaK+vg2hz+T86LjJVkTJe0HWuE6g+HQ9GjyDGiO7ZBQw31HKxHYA2cMMVj tiO97VKLR9Fp6c6X33uNtdAaUZg57PjyNl6TjPwc52tJz8H5g0aV4tYelsTMaSSE 4nVwPLBoDzZaT84ktW1RuGToC4gEB/bctFrRBVaxp/KSebpds9P2xGMVweWgrvml cLnHGLKBxcCxh9kbgHS/nrgYXPjj92hxk2se/C7QmYeRSUs4ikEWO06NJ7Cgk+bQ 8wIDAQAB -----END RSA PRIVATE KEY----- EDIT:So I managed to get it working copy/pasting jsonwebtokens priv.pem. Why does theirs work and not mine?

Submitted December 18, 2017 at 07:53PM by le_throwawayAcc

No comments:

Post a Comment