Node.js上的``EVP_DecryptFinal_ex:错误解密''错误 [英] 'EVP_DecryptFinal_ex:bad decrypt' error on nodejs
本文介绍了Node.js上的``EVP_DecryptFinal_ex:错误解密''错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
执行HTTP POST请求登录时,我从nodejs服务器收到此错误:
I got this error from nodejs server when perform a http POST request login:
数字信封例程:EVP_DecryptFinal_ex:不良解密
digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
我通过以下方式创建密钥:
I created keys by:
openssl genpkey -out privateKEY.pem -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096
和
openssl pkey -in privateKEY.pem -out publicKEY.pem -pubout
我该如何解决?
这是代码:
var mysql = require('mysql');
var express = require('express');
var cors = require('cors');
const jwt = require('jsonwebtoken');
var sanitizer = require('sanitizer');
const fs = require("fs");
var app = express();
app.use(cors());
var connection = mysql.createConnection({
host: '127.0.0.1',
user: 'andrea',
password: 'password',
database: 'cars_market_place'
});
try{
connection.connect();
}catch(err){
console.error("Error:"+err);
}
const RSA_PRIVATE_KEY = fs.readFileSync('./privateKEY.pem');
function LinkMysql(query) {
return new Promise(function(resolve, reject) {
connection.query(query, function(err, result) {
if (err)
console.log('error: ' + err);
resolve(result);
});
});
}
app.post('/login', async function(request, response) {
let username = request.query.username;
let password = request.query.password;
if (username && password) {
usernameS = sanitizer.sanitize(request.query.username);
getUser(connection.escape(usernameS)).then( function(user){
if (!user) {
console.log("user not found:"+ username);
response.status(401).json({ msg: 'No such user found', user: username });
}
if (user.password === password) {
const jwtBearerToken = jwt.sign({}, RSA_PRIVATE_KEY, {
algorithm: 'RS256',
expiresIn: 120,
subject: user.username
})
response.json({ msg: 'ok', token: jwtBearerToken });
} else {
response.status(401).json({ msg: 'Password is incorrect' });
}
}).catch( (err) => {
console.error('error='+err);
});
}
});
function getUser(username){
return new Promise((resolve, reject) => {
query = 'SELECT * FROM `users` WHERE `users`.`username` = ' + username;
console.log('query='+query);
LinkMysql(query).then(function(data) {
console.log("data="+data[0].username);
console.table(data);
resolve(data[0]);
reject(null);
}).catch((err)=> {
console.log('Error:'+err);
});
});
}
app.listen(8080);
console.log('server listing on 8080');
推荐答案
我解决了将与RSA_PRIVATE_KEY一起传递给对象的密码短语添加到jwt.sign的问题.
I solved adding the passphrase that I passed in an object together with RSA_PRIVATE_KEY to jwt.sign.
jwt.sign({},{key:RSA_PRIVATE_KEY, passphrase:pass}, {...});
这篇关于Node.js上的``EVP_DecryptFinal_ex:错误解密''错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文