douju6651 2019-08-20 16:31
浏览 643
已采纳

在jwt-go中解析JWT Auth令牌时,密钥的类型无效

I am setting up security middleware in a GoLang API and seem to have everything set up correctly, but I am getting an error ‘key is of invalid type’.

I have confirmed that my Signing algorithm is RS256 and the middleware options are configured @ SigningMethod: jwt.SigningMethodRS256

I have a valid token…everything else in the middleware passes.

The entry point to this error in the middleware is the jwt.ParseRSAPrivateKeyFromPEM method.

I’ve isolated the error down inside the package github.com/dgrijalva/jwt-go/rsa.go Verify() on line :62 is the ErrInvalidKeyType that is getting thrown. All the params up to the this point seem solid and appropriate (eg m|signingString|signature|key) but this key.(*rsa.PublicKey) is failing…in my debugger (GoLand) I inspect *rsa and am given the response ‘could not find symbol value for rsa’…

if rsaKey, ok = key.(*rsa.PublicKey); !ok {
    return ErrInvalidKeyType
}

please note…if it’s not already too obvious…i’m noob to GoLang

----- UPDATE -----

So at the most granular level the panic starts at go/1.12.8/libexec/src/crypto/rsa/rsa.go:49 with 

func (pub *PublicKey) Size() int {
    log.Printf("SIZE ::: %v :: %v",pub.N.BitLen(), pub.N)
    return (pub.N.BitLen() + 7) / 8
}

The pub is seen as a nil pointer dereference. I trace it back to mux -->

crypto/rsa.VerifyPKCS1v15(...) /usr/local/Cellar/go/1.12.8/libexec/src/crypto/rsa/pkcs1v15.go:275

github.com/dgrijalva/jwt-go.(*SigningMethodRSA).Verify(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/rsa.go:73

github.com/dgrijalva/jwt-go.(*Parser).ParseWithClaims(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/parser.go:77

github.com/dgrijalva/jwt-go.(*Parser).Parse(...) /Users/btschirhart/Sandbox/src/github.com/dgrijalva/jwt-go/parser.go:20

github.com/dgrijalva/jwt-go.Parse(...) /Users/me/Sandbox/src/github.com/dgrijalva/jwt-go/token.go:89

github.com/auth0/go-jwt-middleware.(*JWTMiddleware).CheckJWT(...) /Users/me/Sandbox/src/github.com/auth0/go-jwt-middleware/jwtmiddleware.go:203

github.com/auth0/go-jwt-middleware.(*JWTMiddleware).Handler.func1(...) /Users/me/Sandbox/src/github.com/auth0/go-jwt-middleware/jwtmiddleware.go:110

net/http.HandlerFunc.ServeHTTP(...) /usr/local/Cellar/go/1.12.8/libexec/src/net/http/server.go:1995

github.com/gorilla/mux.(*Router).ServeHTTP(...) /Users/me/Sandbox/src/github.com/gorilla/mux/mux.go:210 +0xe3

  • 写回答

1条回答 默认 最新

  • drbz99867 2019-08-21 19:57
    关注

    Found the answer. It's not a real answer, but it did fix the problem.

    Instead of '-----BEGIN' and 'END-----' I had used '----BEGIN' and 'END----' to build the cert within my middleware.

    In go/1.12.8/libexec/src/encoding/pem/pem.go:82 there is a check against '-----BEGIN' and if it fails it simply returns nil.

    if bytes.HasPrefix(data, pemStart[1:]) {
    rest = rest[len(pemStart)-1 : len(data)]
} else if i := bytes.Index(data, pemStart); i >= 0 {
    rest = rest[i+len(pemStart) : len(data)]
} else {
    return nil, data
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)
  • ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。