在 ruby 中构建公钥时,是什么导致“既不是 PUB 密钥也不是 PRIV 密钥:嵌套 asn1 错误”?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2293608/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What causes "Neither PUB key nor PRIV key:: nested asn1 error" when building a public key in ruby?
提问by Matthew
When building a public key using the OpenSSL::PKey::RSA module by passing it a .pem file, what is the cause for a response:
使用 OpenSSL::PKey::RSA 模块通过传递一个 .pem 文件来构建公钥时,响应的原因是什么:
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:: nested asn1 error
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `initialize'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `new'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `open'
from (irb):1
Here is the source:
这是来源:
cert = File.join(rails_root, 'config', 'apns', 'sandbox-cert.pem')
APN_CONFIG = { :delivery => {
:host => 'gateway.sandbox.push.apple.com',
:cert => cert,
:passphrase => "",
:port => 2195 },
:feedback => {
:host => 'feedback.sandbox.push.apple.com',
:port => 2196,
:passphrase => "",
:cert => cert} }
options = APN_CONFIG[:delivery].merge(options)
cert = File.read(options[:cert])
ctx = OpenSSL::SSL::SSLContext.new
ctx.key = OpenSSL::PKey::RSA.new(cert, options[:passphrase])
ctx.cert = OpenSSL::X509::Certificate.new(cert)
sock = TCPSocket.new(options[:host], options[:port])
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync = true
ssl.connect
采纳答案by President James K. Polk
A pem file is not a public key, it is a base64-encoded X509 certificate that contains, among its many fields, a public key. I don't know Ruby, or the OpenSSL ruby module, but I would look for some function that reads in PEM files and outputs an X509 certificate, then another function to extract the public key from the certificate.
pem 文件不是公钥,它是 base64 编码的 X509 证书,在其众多字段中包含一个公钥。我不知道 Ruby 或 OpenSSL ruby 模块,但我会寻找一些读取 PEM 文件并输出 X509 证书的函数,然后是另一个从证书中提取公钥的函数。
回答by 2called-chaos
I've got the same problem and it had a different cause. Now guess what :)
我有同样的问题,它有不同的原因。现在猜猜是什么:)
...
...
The damn password was wrong :( Searched 3 days for that "solution". Could have been a "Sorry dude, that's the wrong password!" instead of "nested asn1 error" imho but anyways, maybe this will help somebody.
该死的密码是错误的 :( 搜索了 3 天的“解决方案”。可能是“对不起,伙计,密码错误!”而不是“嵌套 asn1 错误”恕我直言,但无论如何,也许这会对某人有所帮助。
回答by Dorian
If you are using dotenvfor instance, you have to surround the value with "and have \nfor newlines.
dotenv例如,如果您使用的是换行符",则必须用和 have将值\n括起来。
PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nMIICW ... UcuUtU0eIl\n-----END RSA PRIVATE KEY-----"
回答by Ninjaxor
I had a similar problem too, but for me I wasn't creating a pem file for my id_rsa.pub file in the first place. For me I needed to create a pem file out of my existing public key:
我也有类似的问题,但对我来说,我一开始并没有为我的 id_rsa.pub 文件创建 pem 文件。对我来说,我需要用我现有的公钥创建一个 pem 文件:
ssh-keygen -f testing_rsa.pub -e -m pem > pem
Then I copied that OpenSSL string into my test file where it was being used. It looked like this in the end for me.
然后我将该 OpenSSL 字符串复制到我正在使用它的测试文件中。最后对我来说是这样的。
@pub_key = "-----BEGIN RSA PUBLIC KEY-----\nMIIBCgKCAQEAoxi2V0bSKqAqUtoQHxWkOPnErCS541r6/MOSHmKOd6VSNHoBbnas\nZRQSDUTbffB6C++DbmBCOHmvzYORD0ZWYgyMcgbYJD48Z2fe0nm+WMYN5u8DPnTP\nvf8b/rJBxGF0dsaoFAWlB81tTnKFCxAbCSgfmQt+Vd4qupGZ5gGu9uoKlaPjmYuA\nIxIjUMcu3dov7PQ+PZIvdkM0fiz8YIl8zo+iWWyI2s6/XLoZJ4bYs2YJHZDf6biU\nsZhs8xqh/F6qlcRt3Ta25KMa0TB9zE3HHmqA/EJHFubWFRCrQqpboB0+nwCbmZUl\nhaxA79FRvYtORvFAoncoFD4tq3rGXcUQQwIDAQAB\n-----END RSA PUBLIC KEY-----\n"
.
.
.
OpenSSL::PKey::RSA.new(@pub_key)
After that the method stopped throwing that error.
之后,该方法停止抛出该错误。
回答by Tyler Collier
My problem was that OpenSSL::PKey::RSA.new()wants the file contentsand not the file path. Thus, using something like this worked:
我的问题是OpenSSL::PKey::RSA.new()想要文件内容而不是文件路径。因此,使用这样的工作:
OpenSSL::PKey::RSA.new(File.read "./spec/support/keys/server.key")
The OP was already doing this, but hopefully this will help someone. Because it assumes it's file contents and not a file path, even if you supply an invalid path you won't be warned.
OP 已经这样做了,但希望这会对某人有所帮助。因为它假定它是文件内容而不是文件路径,即使您提供了无效的路径,您也不会收到警告。
回答by Nikhil Karkera
Make sure your .pemfiles are in this format.
确保您的.pem文件采用这种格式。
public_key_file.pem:
public_key_file.pem:
-----BEGIN PUBLIC KEY-----
// Your public key goes here
-----END PUBLIC KEY-----
private_key_file.pem:
private_key_file.pem:
-----BEGIN RSA PRIVATE KEY-----
// Your private key goes here
-----END RSA PRIVATE KEY-----
回答by hulksyed07
I got this error while using dotenvwith rails. The issue was not with respect to dotenvgem. It was assigning correct value as confirmed by printing ENV['PRIVATE_KEY']
将dotenv与 rails 结合使用时出现此错误。问题不在于dotenvgem。它通过打印ENV['PRIVATE_KEY']确认分配了正确的值
Issue occurred because i was loading this value in YAMLfile with ERBprocessing and that led to removal of \ncharacter hence making the value invalid
出现问题是因为我正在使用ERB处理在YAML文件中加载此值,这导致删除了\n字符,从而使该值无效
The workaround that i found was to use ENV['PRIVATE_KEY']directly and not via YAML
我发现的解决方法是直接使用ENV['PRIVATE_KEY']而不是通过YAML
回答by Julien
I am using Webrick in my tests and trying to instantiate my private key with the wrong class led me to that error message:
我在我的测试中使用 Webrick 并尝试使用错误的类实例化我的私钥导致我出现该错误消息:
SSLCertificate: OpenSSL::PKey::RSA.new(File.open(MOCK_CERT).read),
But thisworked:
但是这个工作:
SSLCertificate: OpenSSL::X509::Certificate.new(File.open(MOCK_CERT).read),
Facepalm
面掌
回答by Rafael Bugajewski
In my case the function expected a private key while there was a certificate stored in some variable. Exchanging the input with a private key fixed the error.
在我的情况下,该函数需要一个私钥,而某个变量中存储了一个证书。用私钥交换输入修复了错误。
