Closed reduxdj closed 8 years ago
this is similar to issue #15: https://github.com/brianloveswords/node-jws/issues/15
No matter how I slice it, Reading the key from a file, adding it to code directly, removing \n line terminations, the RS256 encryption does not work correctly. For instance, reading the file directly:
Here's the value of the key
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYi Qdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2Va L/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWvfuNc+mfDg+2H/q35dYHjgVGRC jrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3L nPdj35F2LaoLZGGNCZxcLjk6tth0iNKbIwW1XrG6TAsNO0VqV6sK1adM3QTy404M ib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPg SAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4 DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6k MeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D 6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSy PCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gig Lh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybt hrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhn LMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9a T7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0Q C1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/ Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJ qchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyF QSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0 jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH 18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0 AdVlaXfZkySRNKdphSG/qteDETbdSbuz+eZcZ6LaA43QBJpElaIMHtQHQ7oix z/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPw K9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0 epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN -----END RSA PRIVATE KEY
post: function() { var date, expiration, nonce, ref, ref1, secret, signature, userId; secret = fs.readFileSync('/Users/Patrick_/beautywire_api/beautywire.pem'); userId = (ref = this.bodyParams) != null ? ref.userId : void 0; nonce = (ref1 = this.bodyParams) != null ? ref1.nonce : void 0; date = new Date(new Date().setHours(24 * 7 * 2)).toISOString(); expiration = new Date(new Date(new Date().setHours(24 * 7 * 2)).toISOString()); console.log(secret.toString()); signature = jws.sign({ header: { alg: 'RS256', typ: 'JWT', kid: Config.appLayerKeyId, cty: "layer-eit;v=1" }, payload: { prn: userId, nce: nonce, exp: expiration }, secret: secret.toString() }); return { statusCode: 201, body: { success: true, data: { identityToken: signature }, message: "Here's your token - have fun" } }; }
W20160415-14:00:45.945(-7)? (STDERR) 140735103415040:error:0906D066:PEM routines:PEM_read_bio:bad end line:../deps/openssl/openssl/crypto/pem/pemlib.c:804: W20160415-14:00:45.998(-7)? (STDERR) Error: SignFinal error W20160415-14:00:45.998(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:00:45.999(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:00:45.999(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24) W20160415-14:00:46.000(-7)? (STDERR) at Object.App.api.addRoute.post as action
Removing \n:
I20160415-14:07:26.235(-7)? -----BEGIN RSA PRIVATE KEY-----MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYiQdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2VaL/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWXNIvfuNc+mfDg+2H/q35dYHjgVGRCjrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3LnPdj35F2LaoLZGGNCZx1XrG6TAsNO0VqV6sK1adM3QTy404Mib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPgSAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6kMeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSyPCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gigLh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybthrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhnLMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9aT7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0QC1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJqchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyFQSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0AdVlaXfZkySRNKdphSG/qteDETbdSbYgnuz+eZcZ6LaA43QBJpElaIMHtQHQ7oixz/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPwK9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN-----END RSA PRIVATE KEY W20160415-14:07:26.236(-7)? (STDERR) 140735103415040:error:0906D06C:PEM routines:PEM_read_bio:no start line:../deps/openssl/openssl/crypto/pem/pemlib.c:696:Expecting: ANY PRIVATE KEY W20160415-14:07:26.296(-7)? (STDERR) Error: SignFinal error W20160415-14:07:26.296(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:07:26.296(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:07:26.297(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24)
I20160415-14:07:26.235(-7)? -----BEGIN RSA PRIVATE KEY-----MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYiQdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2VaL/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWXNIvfuNc+mfDg+2H/q35dYHjgVGRCjrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3LnPdj35F2LaoLZGGNCZx1XrG6TAsNO0VqV6sK1adM3QTy404Mib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPgSAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6kMeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSyPCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gigLh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybthrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhnLMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9aT7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0QC1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJqchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyFQSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0AdVlaXfZkySRNKdphSG/qteDETbdSbYgnuz+eZcZ6LaA43QBJpElaIMHtQHQ7oixz/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPwK9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN-----END RSA PRIVATE KEY
post: function() { var date, expiration, nonce, ref, ref1, secret, signature, userId; secret = fs.readFileSync('/Users/Patrick_/beautywire_api/beautywire.pem'); userId = (ref = this.bodyParams) != null ? ref.userId : void 0; nonce = (ref1 = this.bodyParams) != null ? ref1.nonce : void 0; date = new Date(new Date().setHours(24 * 7 * 2)).toISOString(); expiration = new Date(new Date(new Date().setHours(24 * 7 * 2)).toISOString()); console.log(secret.toString().replace(/\n/g, '')); signature = jws.sign({ header: { alg: 'RS256', typ: 'JWT', kid: Config.appLayerKeyId, cty: "layer-eit;v=1" }, payload: { prn: userId, nce: nonce, exp: expiration }, secret: secret.toString().replace(/\n/g, '') }); return { statusCode: 201, body: { success: true, data: { identityToken: signature }, message: "Here's your token - have fun" } }; }
Following the other issue, exactly from your response, this should create a signed key.
The issue was due to an extra linebreak at the end
this is similar to issue #15: https://github.com/brianloveswords/node-jws/issues/15
No matter how I slice it, Reading the key from a file, adding it to code directly, removing \n line terminations, the RS256 encryption does not work correctly. For instance, reading the file directly:
Here's the value of the key
W20160415-14:00:45.945(-7)? (STDERR) 140735103415040:error:0906D066:PEM routines:PEM_read_bio:bad end line:../deps/openssl/openssl/crypto/pem/pemlib.c:804: W20160415-14:00:45.998(-7)? (STDERR) Error: SignFinal error W20160415-14:00:45.998(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:00:45.999(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:00:45.999(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24) W20160415-14:00:46.000(-7)? (STDERR) at Object.App.api.addRoute.post as action
Removing \n:
I20160415-14:07:26.235(-7)? -----BEGIN RSA PRIVATE KEY-----MIIEowIBAAKCAQEAizF1eqrBZ05SwnhKV+y5gvcuSVOtUkvMElNz9Ry/wx791fYiQdi/bRdWUh0MGfbLsQvZ6SVRIa3jfdgkdVRmLh7BvCj11SWbwDUJy/p1XzrkW2VaL/u/Mmr/NR2BD/YdjEuShP31yMT7DDkKdYWXNIvfuNc+mfDg+2H/q35dYHjgVGRCjrmADA5tH0VSYp6Rw13T6iheBdB1dKNSuZkFTXCznEFGMFepAh6tWLOrGkbHWC3LnPdj35F2LaoLZGGNCZx1XrG6TAsNO0VqV6sK1adM3QTy404Mib3UezZfFyo7pQ1E6+QPtvj6dGWZKQYMkvAC3wIDAQABAoIBAFoaBvkDxbQQoEPgSAeIZkGfreercdt+0zfdq4c0N/GfgyLYdC55ltiQLcFzqhy4g/w0NrfT/yO1Azi4DEmi+43JPRGG1jNGZ/7Qlmni0810OtPq1KmQ5aBGYLNKSPxDDbd+R/csychPsk6kMeAHPOy3yndFZfGSWqB/PFgPsXQ7daV2+DmbXi7TPTsMq9dHQwBREvVGtiuviN1D6lfpDw1BFUB68N3ptVYmOxlDeQId7s6TIjA2Xcltk6WRrv/VTaHpvtk0m8nZgVSyPCasoGV8VVa5Wg/gD7fVJEuWFOZxUiURP9OGwrfALErLIUchozZu3wiJh9nZ6gigLh6jz4ECgYEAy+n9Aagap9vWq+rJ7xVlghkwPdkX0nyf4TVowmtwA+/aNcU6iybthrQWRiRhK+XI1BGWwvsbQbLQxoVxBFGYmKlkOlffg7Gdm4FtMEpv4oE2ERIxWBhnLMzxWyHMVYvKE+2THnS2ToUTUp7/daCCsC1JqGIdOpu1kEaYeI+QYJ8CgYEArr9aT7xyta6gCr092V9LpUkn0Mq8JoEo4DQ3mmbqyk4lFTYGklXQPdvpY/qfkUGwkV0QC1JQ+QbtLYRbo0vkr6j+GzGTojwnXhA9QL5/5mqIwcMCdBuC6UiIvv7a+zNJHuw/Z7tzRe7IFDSuX2TjWIzkBv0jVwT88EdaZvYB9cECgYEAm3s/2mqGYKWEqzNsY+uJqchw+0e0HV+/PKZPyabIE4hodwV63S2CgWqBbVxB54nfNqxuqx9yqgahoC2RfjyFQSov7TihijX9OdxXGDI525iwVBXuIAEDcqqWAenkdvoOzGEjA170vyxDDoWDvfn0jEcL2eNt7AlcSLU7fvngmXsCgYAPZf9ATXvSNKwXpitgDzysOPEQPf0sa289qnxH18/SueYco2Ea3gL2oH1FeR08gIxdktTKGpvWBd06iJJGpnZlYD/cB5dZ0XEqocW0AdVlaXfZkySRNKdphSG/qteDETbdSbYgnuz+eZcZ6LaA43QBJpElaIMHtQHQ7oixz/XGQQKBgFWUjQ54vEWwuzb+0gsB2mf/QCL+anhktLy/v39OpkuUQQPZqSG31dPwK9PNDxHECrpjSozdFhd21VApLXcLceh5tovKu+urrjAvPE7Da61LBHfqIa8dpSA0epmPVSMGK69/XoKx9wZDaxEnoHg0vykY2C0pYUBpR8aKLYQoTDqN-----END RSA PRIVATE KEY
W20160415-14:07:26.236(-7)? (STDERR) 140735103415040:error:0906D06C:PEM routines:PEM_read_bio:no start line:../deps/openssl/openssl/crypto/pem/pemlib.c:696:Expecting: ANY PRIVATE KEY W20160415-14:07:26.296(-7)? (STDERR) Error: SignFinal error W20160415-14:07:26.296(-7)? (STDERR) at Sign.sign (crypto.js:426:27) W20160415-14:07:26.296(-7)? (STDERR) at Object.sign (/Users/Patrick/beautywire_api/node_modules/jws/nodemodules/jwa/index.js:54:45) W20160415-14:07:26.297(-7)? (STDERR) at Object.jwsSign [as sign](/Users/Patrick/beautywire_api/node_modules/jws/lib/sign-stream.js:23:24)Following the other issue, exactly from your response, this should create a signed key.