2

为什么我总是在下面的简单代码中得到“密钥无效”错误。我已经尝试使用具有相同结果的不同私钥。请帮助我,因为我不知道我做错了什么。

package main

import (
    "fmt"
    "log"

    "github.com/dgrijalva/jwt-go"
)

var key = `-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAuMVb3lrWKlmGIzTaJqtVJi2rPIy7/BkRKlAZ7Q1u0VlyOhzI
cXq6zAGsh31uWeJBJFKrZdwA6b2LD5vscnuilHi0nfQZA5l+meQT9LJ7STnfJ7f8
1CniBIhj5g6dOva9o/ljrLCmRSE4MjJRl3LkydvrHNokzicOAvieq4BYgHVJ2DC7
r7cSWrHeIiBIEBb1zAghc1OxtkFkxumva2gmywq0zB0VfzsYrtSpWT77qSNA+UEH
H+UCahefkun1uaBcOrEIPUh/j95N3rFTAdIAzFvDqLvLdQbmm/NT78O7izSGvJ1K
4rM2fSiecALSROZqOeJy3pf2v6Caqlp2gdDHUQIDAQABAoIBAEeOBrnhq7bS3KOd
wC3hhCQ442ubhOFoQ8GDK8clwJjKbvYaV3W69cQzkcEWzjl46YlLipzzyla61LPC
ypq7Tob5B9lzwowmUWT/csr8o8oD42vaUMtJPQJMX4OkfTdsfpyV5AfokTuMVdr6
qaZhFEEoLbEKud4sObzk023PUnbMTMyz2weQsmVLT9gm64K9GHzauoEDWGpr3Boz
+mEKo9rhySeK73qXqJFFATl0IB50GpdKondere/XofLQ2kqUB2fFEWIeRXawFd4u
6yE5nxjhIvn9pqMhW48vPAYtwTUhY8OxpCwk9U+awBYMvkCnFlrO4TwCNFqE8j3/
r6YN5VECgYEA2c0GqQVfwbcgB+8pLmd8H7dq+HqHToTA00pgNAsl/LRFUhkIVyY1
YUJkr7nJ3ogzqyjNBz0K4JeaMbMxJRwbxu4SUBgmvc+3h0oa9ibTKtBH4KWAqwCC
3TLQFoMXJCf+YJOL8ZNeqQz4rEpCVvJj86p9F4iTRhl5bd7mYqiEjusCgYEA2S1U
19iAIEiSETtUWEzj/iAKOUZJKl4Kz6PVfUMT1lqodOHsNHexzcQs+W/LW/Z9Jr7u
JtdC0ZZl2UCQ8PBTirsA/gimisnmVhx3mvKXOOO/Cf8RpN1/faTnQJj/Tu+h3aV7
n53Av2wSQPoWnnNB9W515gTYqwiV//CX44lGS7MCgYEAmjSoj4kniB8hBZ0WOi24
2zfg+/a80CH76F1TieWOysHUBtGEbze1OZxpb2WKgQ1MD9Y+e+6DQgr0eFXX6N9i
51DuFFlVLLThy17zge5xOnHnQi3L0Mb24Kg2XooIG2hZmYU94xelQOnXMx0MpUTO
8dl24e+n3kzxBZJ46cdIu2sCgYBzz5yizazlik16Ku07eSVLasKI8FYr5aJWP8Ok
3JRDhmy2h5NyFzIVzDs/eMI09Cig9MgCpl/XbCA7zhZ8pWunWzmYPfyxniDaYqvV
UPAbQjepmP9Lr2JBGiLHa88ZxOfITmqyH2mdqn/BbpuJO2U8//6W/pab/iQfK6mT
iKyXyQKBgGb49CT+zi1VCa4jh0EH78odTwRb/PleAw25CLVSj35MqQCEA2/jU92g
P8iTDU5mDNEaQMvMYN1fKiAPm6hiKp9/5Q02zQWNVzOywgc0L41Yb9K/SqxGwITa
dFwwxhKgBqzgCeIpvKLCGrhMztzPjUL9o4MSdNa92vajcilr8ld6
-----END RSA PRIVATE KEY-----`

func main() {
    token := jwt.New(jwt.SigningMethodRS256)
    jwt, err := token.SignedString(key)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("jwt=", jwt)
}

输出:

2021/04/06 16:48:52 密钥无效

jwt= 我的钥匙有什么问题?

我已经生成了它:

ssh-keygen -t rsa -P "" -b 2048 -m PEM -f jwtRS256.key
ssh-keygen -e -m PEM -f jwtRS256.key > jwtRS256.key.pub

谢谢

4

3 回答 3

1

RSA 系列算法需要类型为 的密钥*rsa.PrivateKey。该库有一个dgrijalva/jwt-go辅助函数jwt.ParseRSAPrivateKeyFromPEM(keyData),其中切片。keyData[]byte

该 repo 在rsa_test.go文件中有一些方便的示例。

这些示例也已过时,因为从 Go 1.16 开始,该ioutil软件包已被弃用...

警告!

请注意,它github.com/dgrijalva/jwt-go已长期无人维护,并且有严重的未修复错误。并且在版本 4 之前不支持 Go 模块(无论如何这只是一个预览版)。我强烈建议选择一个不同的库来处理 JWT。

2021 年 6 月更新

现在有一个图书馆的官方社区分支:由原始项目的所有者祝福golang-jwt/jwt

于 2021-04-06T15:04:36.727 回答
1

https://github.com/lestrrat-go/jwx的作者在这里。

我刚刚尝试在我的测试文件末尾添加你的案例,所以我省略了一些导入,但你的密钥似乎被 jwx 解析得很好:

func TestSO66970208(t *testing.T) {
  var src = `-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAuMVb3lrWKlmGIzTaJqtVJi2rPIy7/BkRKlAZ7Q1u0VlyOhzI
cXq6zAGsh31uWeJBJFKrZdwA6b2LD5vscnuilHi0nfQZA5l+meQT9LJ7STnfJ7f8
1CniBIhj5g6dOva9o/ljrLCmRSE4MjJRl3LkydvrHNokzicOAvieq4BYgHVJ2DC7
r7cSWrHeIiBIEBb1zAghc1OxtkFkxumva2gmywq0zB0VfzsYrtSpWT77qSNA+UEH
H+UCahefkun1uaBcOrEIPUh/j95N3rFTAdIAzFvDqLvLdQbmm/NT78O7izSGvJ1K
4rM2fSiecALSROZqOeJy3pf2v6Caqlp2gdDHUQIDAQABAoIBAEeOBrnhq7bS3KOd
wC3hhCQ442ubhOFoQ8GDK8clwJjKbvYaV3W69cQzkcEWzjl46YlLipzzyla61LPC
ypq7Tob5B9lzwowmUWT/csr8o8oD42vaUMtJPQJMX4OkfTdsfpyV5AfokTuMVdr6
qaZhFEEoLbEKud4sObzk023PUnbMTMyz2weQsmVLT9gm64K9GHzauoEDWGpr3Boz
+mEKo9rhySeK73qXqJFFATl0IB50GpdKondere/XofLQ2kqUB2fFEWIeRXawFd4u
6yE5nxjhIvn9pqMhW48vPAYtwTUhY8OxpCwk9U+awBYMvkCnFlrO4TwCNFqE8j3/
r6YN5VECgYEA2c0GqQVfwbcgB+8pLmd8H7dq+HqHToTA00pgNAsl/LRFUhkIVyY1
YUJkr7nJ3ogzqyjNBz0K4JeaMbMxJRwbxu4SUBgmvc+3h0oa9ibTKtBH4KWAqwCC
3TLQFoMXJCf+YJOL8ZNeqQz4rEpCVvJj86p9F4iTRhl5bd7mYqiEjusCgYEA2S1U
19iAIEiSETtUWEzj/iAKOUZJKl4Kz6PVfUMT1lqodOHsNHexzcQs+W/LW/Z9Jr7u
JtdC0ZZl2UCQ8PBTirsA/gimisnmVhx3mvKXOOO/Cf8RpN1/faTnQJj/Tu+h3aV7
n53Av2wSQPoWnnNB9W515gTYqwiV//CX44lGS7MCgYEAmjSoj4kniB8hBZ0WOi24
2zfg+/a80CH76F1TieWOysHUBtGEbze1OZxpb2WKgQ1MD9Y+e+6DQgr0eFXX6N9i
51DuFFlVLLThy17zge5xOnHnQi3L0Mb24Kg2XooIG2hZmYU94xelQOnXMx0MpUTO
8dl24e+n3kzxBZJ46cdIu2sCgYBzz5yizazlik16Ku07eSVLasKI8FYr5aJWP8Ok
3JRDhmy2h5NyFzIVzDs/eMI09Cig9MgCpl/XbCA7zhZ8pWunWzmYPfyxniDaYqvV
UPAbQjepmP9Lr2JBGiLHa88ZxOfITmqyH2mdqn/BbpuJO2U8//6W/pab/iQfK6mT
iKyXyQKBgGb49CT+zi1VCa4jh0EH78odTwRb/PleAw25CLVSj35MqQCEA2/jU92g
P8iTDU5mDNEaQMvMYN1fKiAPm6hiKp9/5Q02zQWNVzOywgc0L41Yb9K/SqxGwITa
dFwwxhKgBqzgCeIpvKLCGrhMztzPjUL9o4MSdNa92vajcilr8ld6
-----END RSA PRIVATE KEY-----`
  key, err := jwk.ParseString(src, jwk.WithPEM(true))
  if !assert.NoError(t, err, `jwk.ParseString should succeed`) {
    return
  }

  buf, _ := json.MarshalIndent(key, "", "  ")
  t.Logf("%s", buf)
}

这会产生:

lestrrat@finch jwk % go test -run TestSO66970208 -v
=== RUN   TestSO66970208
    jwk_test.go:1472: {
          "keys": [
            {
              "d": "R44GueGrttLco53ALeGEJDjja5uE4WhDwYMrxyXAmMpu9hpXdbr1xDORwRbOOXjpiUuKnPPKVrrUs8LKmrtOhvkH2XPCjCZRZP9yyvyjygPja9pQy0k9Akxfg6R9N2x-nJXkB-iRO4xV2vqppmEUQSgtsQq53iw5vOTTbc9SdsxMzLPbB5CyZUtP2Cbrgr0YfNq6gQNYamvcGjP6YQqj2uHJJ4rvepeokUUBOXQgHnQal0qid16t79eh8tDaSpQHZ8URYh5FdrAV3i7rITmfGOEi-f2moyFbjy88Bi3BNSFjw7GkLCT1T5rAFgy-QKcWWs7hPAI0WoTyPf-vpg3lUQ",
              "dp": "mjSoj4kniB8hBZ0WOi242zfg-_a80CH76F1TieWOysHUBtGEbze1OZxpb2WKgQ1MD9Y-e-6DQgr0eFXX6N9i51DuFFlVLLThy17zge5xOnHnQi3L0Mb24Kg2XooIG2hZmYU94xelQOnXMx0MpUTO8dl24e-n3kzxBZJ46cdIu2s",
              "dq": "c8-cos2s5YpNeirtO3klS2rCiPBWK-WiVj_DpNyUQ4ZstoeTchcyFcw7P3jCNPQooPTIAqZf12wgO84WfKVrp1s5mD38sZ4g2mKr1VDwG0I3qZj_S69iQRoix2vPGcTnyE5qsh9pnap_wW6biTtlPP_-lv6Wm_4kHyupk4isl8k",
              "e": "AQAB",
              "kty": "RSA",
              "n": "uMVb3lrWKlmGIzTaJqtVJi2rPIy7_BkRKlAZ7Q1u0VlyOhzIcXq6zAGsh31uWeJBJFKrZdwA6b2LD5vscnuilHi0nfQZA5l-meQT9LJ7STnfJ7f81CniBIhj5g6dOva9o_ljrLCmRSE4MjJRl3LkydvrHNokzicOAvieq4BYgHVJ2DC7r7cSWrHeIiBIEBb1zAghc1OxtkFkxumva2gmywq0zB0VfzsYrtSpWT77qSNA-UEHH-UCahefkun1uaBcOrEIPUh_j95N3rFTAdIAzFvDqLvLdQbmm_NT78O7izSGvJ1K4rM2fSiecALSROZqOeJy3pf2v6Caqlp2gdDHUQ",
              "p": "2c0GqQVfwbcgB-8pLmd8H7dq-HqHToTA00pgNAsl_LRFUhkIVyY1YUJkr7nJ3ogzqyjNBz0K4JeaMbMxJRwbxu4SUBgmvc-3h0oa9ibTKtBH4KWAqwCC3TLQFoMXJCf-YJOL8ZNeqQz4rEpCVvJj86p9F4iTRhl5bd7mYqiEjus",
              "q": "2S1U19iAIEiSETtUWEzj_iAKOUZJKl4Kz6PVfUMT1lqodOHsNHexzcQs-W_LW_Z9Jr7uJtdC0ZZl2UCQ8PBTirsA_gimisnmVhx3mvKXOOO_Cf8RpN1_faTnQJj_Tu-h3aV7n53Av2wSQPoWnnNB9W515gTYqwiV__CX44lGS7M",
              "qi": "Zvj0JP7OLVUJriOHQQfvyh1PBFv8-V4DDbkItVKPfkypAIQDb-NT3aA_yJMNTmYM0RpAy8xg3V8qIA-bqGIqn3_lDTbNBY1XM7LCBzQvjVhv0r9KrEbAhNp0XDDGEqAGrOAJ4im8osIauEzO3M-NQv2jgxJ01r3a9qNyKWvyV3o"
            }
          ]
        }
--- PASS: TestSO66970208 (0.00s)
PASS
ok      github.com/lestrrat-go/jwx/jwk  0.198s
于 2021-04-08T10:50:09.377 回答
1

正确的代码是:

func main() {
    token := jwt.New(jwt.SigningMethodRS256)
    pkey, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(key))
    if err != nil {
        log.Println(err)
    }
    jwt, err := token.SignedString(pkey)
    if err != nil {
        log.Println(err)
    }
    fmt.Println("jwt=", jwt)
}
于 2021-04-06T15:09:51.143 回答