search

auth0 / node-jws

JSON Web Signatures
http://self-issued.info/docs/draft-ietf-jose-json-web-signature.html
MIT License
709 stars 108 forks source link

RS256 keys do not create signatures causes runtime error #48

Closed reduxdj closed 8 years ago

reduxdj commented 8 years ago

this is similar to issue #15: https://github.com/brianloveswords/node-jws/issues/15

No matter how I slice it, Reading the key from a file, adding it to code directly, removing \n line terminations, the RS256 encryption does not work correctly. For instance, reading the file directly:

Here's the value of the key

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYi
Qdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2Va
L/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWvfuNc+mfDg+2H/q35dYHjgVGRC
jrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3L
nPdj35F2LaoLZGGNCZxcLjk6tth0iNKbIwW1XrG6TAsNO0VqV6sK1adM3QTy404M
ib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPg
SAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4
DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6k
MeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D
6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSy
PCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gig
Lh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybt
hrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhn
LMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9a
T7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0Q
C1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/
Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJ
qchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyF
QSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0
jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH
18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0
AdVlaXfZkySRNKdphSG/qteDETbdSbuz+eZcZ6LaA43QBJpElaIMHtQHQ7oix
z/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPw
K9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0
epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN
-----END RSA PRIVATE KEY
 post: function() {
    var date, expiration, nonce, ref, ref1, secret, signature, userId;
    secret = fs.readFileSync('/Users/Patrick_/beautywire_api/beautywire.pem');
    userId = (ref = this.bodyParams) != null ? ref.userId : void 0;
    nonce = (ref1 = this.bodyParams) != null ? ref1.nonce : void 0;
    date = new Date(new Date().setHours(24 * 7 * 2)).toISOString();
    expiration = new Date(new Date(new Date().setHours(24 * 7 * 2)).toISOString());
    console.log(secret.toString());
    signature = jws.sign({
      header: {
        alg: 'RS256',
        typ: 'JWT',
        kid: Config.appLayerKeyId,
        cty: "layer-eit;v=1"
      },
      payload: {
        prn: userId,
        nce: nonce,
        exp: expiration
      },
      secret: secret.toString()
    });
    return {
      statusCode: 201,
      body: {
        success: true,
        data: {
          identityToken: signature
        },
        message: "Here's your token - have fun"
      }
    };
  }

W20160415-14:00:45.945(-7)? (STDERR) 140735103415040:error:0906D066:PEM routines:PEM_read_bio:bad end line:../deps/openssl/openssl/crypto/pem/pemlib.c:804: W20160415-14:00:45.998(-7)? (STDERR) Error: SignFinal error W20160415-14:00:45.998(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:00:45.999(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:00:45.999(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24) W20160415-14:00:46.000(-7)? (STDERR) at Object.App.api.addRoute.post as action

Removing \n:

I20160415-14:07:26.235(-7)? -----BEGIN RSA PRIVATE KEY-----MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYiQdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2VaL/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWXNIvfuNc+mfDg+2H/q35dYHjgVGRCjrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3LnPdj35F2LaoLZGGNCZx1XrG6TAsNO0VqV6sK1adM3QTy404Mib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPgSAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6kMeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSyPCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gigLh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybthrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhnLMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9aT7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0QC1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJqchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyFQSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0AdVlaXfZkySRNKdphSG/qteDETbdSbYgnuz+eZcZ6LaA43QBJpElaIMHtQHQ7oixz/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPwK9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN-----END RSA PRIVATE KEY W20160415-14:07:26.236(-7)? (STDERR) 140735103415040:error:0906D06C:PEM routines:PEM_read_bio:no start line:../deps/openssl/openssl/crypto/pem/pemlib.c:696:Expecting: ANY PRIVATE KEY W20160415-14:07:26.296(-7)? (STDERR) Error: SignFinal error W20160415-14:07:26.296(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:07:26.296(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:07:26.297(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24)

  post: function() {
    var date, expiration, nonce, ref, ref1, secret, signature, userId;
    secret = fs.readFileSync('/Users/Patrick_/beautywire_api/beautywire.pem');
    userId = (ref = this.bodyParams) != null ? ref.userId : void 0;
    nonce = (ref1 = this.bodyParams) != null ? ref1.nonce : void 0;
    date = new Date(new Date().setHours(24 * 7 * 2)).toISOString();
    expiration = new Date(new Date(new Date().setHours(24 * 7 * 2)).toISOString());
    console.log(secret.toString().replace(/\n/g, ''));
    signature = jws.sign({
      header: {
        alg: 'RS256',
        typ: 'JWT',
        kid: Config.appLayerKeyId,
        cty: "layer-eit;v=1"
      },
      payload: {
        prn: userId,
        nce: nonce,
        exp: expiration
      },
      secret: secret.toString().replace(/\n/g, '')
    });
    return {
      statusCode: 201,
      body: {
        success: true,
        data: {
          identityToken: signature
        },
        message: "Here's your token - have fun"
      }
    };
  }

Following the other issue, exactly from your response, this should create a signed key.

reduxdj commented 8 years ago

The issue was due to an extra linebreak at the end