1. 首页
  2. 问答
  3. 加密:“错误:PEM_read_bio_PUBKEY失败”

加密:“错误:PEM_read_bio_PUBKEY失败”

2017-01-12 564 views
1

错误是由XML-加密的功能“验证签名”扔了,我不明白为什么:加密:“错误:PEM_read_bio_PUBKEY失败”

Error: PEM_read_bio_PUBKEY failed 
at Error (native) 
at Verify.verify (crypto.js:311:23) 
at RSASHA256.verifySignature (/home/git/backend/node_modules/xml-crypto/lib/signed-xml.js:137:24) 
at SignedXml.validateSignatureValue (/home/git/backend/node_modules/xml-crypto/lib/signed-xml.js:273:20) 
at SignedXml.checkSignature (/home/git/backend/node_modules/xml-crypto/lib/signed-xml.js:261:13) 
at SAML.validateSignature (/home/git/backend/node_modules/passport-saml/lib/passport-saml/saml.js:498:14) 
at /home/git/backend/node_modules/passport-saml/lib/passport-saml/saml.js:545:17 
at _fulfilled (/home/git/backend/node_modules/passport-saml/node_modules/q/q.js:794:54) 
at self.promiseDispatch.done (/home/git/backend/node_modules/passport-saml/node_modules/q/q.js:823:30) 
at Promise.promise.promiseDispatch (/home/git/backend/node_modules/passport-saml/node_modules/q/q.js:756:13) 
at /home/git/backend/node_modules/passport-saml/node_modules/q/q.js:516:49 
at flush (/home/git/backend/node_modules/passport-saml/node_modules/q/q.js:110:17) 
at _combinedTickCallback (internal/process/next_tick.js:67:7) 
at process._tickDomainCallback (internal/process/next_tick.js:122:9)

我用下面重现该错误代码snipet(参数来自生产):

var crypto = require("crypto"); 

var verifySignature = function(str, key, signatureValue) { 
    var verifier = crypto.createVerify("RSA-SHA256"); 
    verifier.update(str); 
    var res = verifier.verify(key, signatureValue, 'base64'); 
    return res 
}; 

var str = '<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></ds:SignatureMethod><ds:Reference URI="#_55ead485-2e18-4a0d-996e-8c1e42ffa49c"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></ds:DigestMethod><ds:DigestValue>nj39d54JP9LU4xUgqUa5uzJ7W/xzDAzXadgUy37Yunk=</ds:DigestValue></ds:Reference></ds:SignedInfo>'; 
var key = '-----BEGIN CERTIFICATE-----\n' + 
'MxXh1Tdvj9Wx5VOV4WVunP81al6yvYwRph5F1CPgKRA=\n' + 
'-----END CERTIFICATE-----\n'; 
var signatureValue = 'QhszIs1jyIQ/b+4kuAxoKNqmU2zk1Gwlzdc0N4V54pkrv+gPwautZMLZEcQCFq9Qt6Xb5oKZHA43OwQfy0kBO1Fy88XlpDu9D5o23pzddZh3x9p0OSjTLA6ycSUYftCKPoTRtIq1AJ9QcmahISPPWA89Vp5hpw2gwuyQsZYXVep8PZJFdlXf+jh35KJq0WOH+4UVRWHoYU5THHE9H7rKqlXzEma+jb78KWF/aNltRFS2yW0UT3bsYE0CKiJp/MokNB51IztwZYqueGBD2A2IcFF+PAq4cnwSzqIZ5sXCVWUSm6lQupyxA67nIA/asJ//WbYozCePSQKFaBNVJEz1Pg=='; 

verifySignature(str, key, signatureValue);

任何想法如何解决它?

来源

2017-01-12 L. Sanna

回答

0

原来由身份提供者提供的证书不正确。固定。

来源

2017-01-20 16:24:15

相关问题

 相关问题