是什么原因导致“既不是 PUB key 也不是 PRIV key:: 嵌套 asn1 错误”在 ruby 中构建公钥时?
当使用 OpenSSL::PKey::RSA 模块通过向其传递 .pem 文件来构建公钥时,响应的原因是什么:
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:: nested asn1 error
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `initialize'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `new'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `open'
from (irb):1
以下是来源:
cert = File.join(rails_root, 'config', 'apns', 'sandbox-cert.pem')
APN_CONFIG = { :delivery => {
:host => 'gateway.sandbox.push.apple.com',
:cert => cert,
:passphrase => "",
:port => 2195 },
:feedback => {
:host => 'feedback.sandbox.push.apple.com',
:port => 2196,
:passphrase => "",
:cert => cert} }
options = APN_CONFIG[:delivery].merge(options)
cert = File.read(options[:cert])
ctx = OpenSSL::SSL::SSLContext.new
ctx.key = OpenSSL::PKey::RSA.new(cert, options[:passphrase])
ctx.cert = OpenSSL::X509::Certificate.new(cert)
sock = TCPSocket.new(options[:host], options[:port])
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync = true
ssl.connect
When building a public key using the OpenSSL::PKey::RSA module by passing it a .pem file, what is the cause for a response:
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:: nested asn1 error
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `initialize'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `new'
from /Users/Matt/projects/placepop/lib/apn.rb:48:in `open'
from (irb):1
Here is the source:
cert = File.join(rails_root, 'config', 'apns', 'sandbox-cert.pem')
APN_CONFIG = { :delivery => {
:host => 'gateway.sandbox.push.apple.com',
:cert => cert,
:passphrase => "",
:port => 2195 },
:feedback => {
:host => 'feedback.sandbox.push.apple.com',
:port => 2196,
:passphrase => "",
:cert => cert} }
options = APN_CONFIG[:delivery].merge(options)
cert = File.read(options[:cert])
ctx = OpenSSL::SSL::SSLContext.new
ctx.key = OpenSSL::PKey::RSA.new(cert, options[:passphrase])
ctx.cert = OpenSSL::X509::Certificate.new(cert)
sock = TCPSocket.new(options[:host], options[:port])
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
ssl.sync = true
ssl.connect
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(11)
例如,如果您使用
dotenv,则必须用"包围该值,并使用\n表示换行符。If you are using
dotenvfor instance, you have to surround the value with"and have\nfor newlines.我遇到了同样的问题,但原因不同。现在你猜怎么着:)
...
该死的密码是错误的:(
搜索了三天的“解决方案”。可能是“对不起,伙计,密码错误!”而不是“嵌套的 asn1 错误”恕我直言,但无论如何,也许这会对某人有所帮助。
I've got the same problem and it had a different cause. Now guess what :)
...
The damn password was wrong :(
Searched 3 days for that "solution". Could have been a "Sorry dude, that's the wrong password!" instead of "nested asn1 error" imho but anyways, maybe this will help somebody.
pem 文件不是公钥,它是一个 Base64 编码的 X509 证书,在其许多字段中包含公钥。我不知道 Ruby 或 OpenSSL ruby 模块,但我会寻找一些读取 PEM 文件并输出 X509 证书的函数,然后寻找另一个从证书中提取公钥的函数。
A pem file is not a public key, it is a base64-encoded X509 certificate that contains, among its many fields, a public key. I don't know Ruby, or the OpenSSL ruby module, but I would look for some function that reads in PEM files and outputs an X509 certificate, then another function to extract the public key from the certificate.
我也有类似的问题,但对我来说,我一开始就没有为 id_rsa.pub 文件创建 pem 文件。对我来说,我需要用现有的公钥创建一个 pem 文件:
然后我将该 OpenSSL 字符串复制到我正在使用它的测试文件中。对我来说最后看起来像这样。
之后该方法停止抛出该错误。
I had a similar problem too, but for me I wasn't creating a pem file for my id_rsa.pub file in the first place. For me I needed to create a pem file out of my existing public key:
Then I copied that OpenSSL string into my test file where it was being used. It looked like this in the end for me.
After that the method stopped throwing that error.
确保您的
.pem文件采用此格式。public_key_file.pem:
private_key_file.pem:
Make sure your
.pemfiles are in this format.public_key_file.pem:
private_key_file.pem:
我的问题是
OpenSSL::PKey::RSA.new()想要文件内容而不是文件路径。因此,使用这样的东西是有效的:OP已经在这样做了,但希望这会对某人有所帮助。因为它假定它是文件内容而不是文件路径,所以即使您提供无效路径,也不会收到警告。
My problem was that
OpenSSL::PKey::RSA.new()wants the file contents and not the file path. Thus, using something like this worked:The OP was already doing this, but hopefully this will help someone. Because it assumes it's file contents and not a file path, even if you supply an invalid path you won't be warned.
我在将 dotenv 与 Rails 一起使用时遇到此错误。
问题不在于 dotenv gem。
它分配了正确的值,通过打印 ENV['PRIVATE_KEY'] 确认,
出现问题是因为我正在使用 ERB 处理在 YAML 文件中加载此值这导致删除 \n 字符,从而使值无效
我发现的解决方法是直接使用 ENV['PRIVATE_KEY'] 而不是通过 YAML
I got this error while using dotenv with rails.
The issue was not with respect to dotenv gem.
It was assigning correct value as confirmed by printing ENV['PRIVATE_KEY']
Issue occurred because i was loading this value in YAML file with ERB processing and that led to removal of \n character hence making the value invalid
The workaround that i found was to use ENV['PRIVATE_KEY'] directly and not via YAML
我在测试中使用 Webrick,并尝试使用错误的类实例化我的私钥,这导致我收到错误消息:
但是这有效:
Facepalm
I am using Webrick in my tests and trying to instantiate my private key with the wrong class led me to that error message:
But this worked:
Facepalm
如果以上答案都不起作用,则可能是因为算法不正确。较新的公钥是使用
ECDSA算法而不是RSA生成的,因此应使用OpenSSL::PKey::EC类。您可以使用此在线工具验证密钥的算法。它检测算法并提供有关密钥的有用信息。
if none of the above answers worked, it might be because of an incorrect algorithm. newer public keys are made using
ECDSAalgorithm instead ofRSA, soOpenSSL::PKey::ECclass should be used instead.You can verify the key's algorithm using this online tool. it detects the algorithm and provides useful information about the key.
就我而言,该函数需要一个私钥,而某个变量中存储了一个证书。用私钥交换输入修复了错误。
In my case the function expected a private key while there was a certificate stored in some variable. Exchanging the input with a private key fixed the error.
有时,您只需复制并粘贴到 Rails console 或其他认为其缩进总是很棒的编辑器中:-)
示例:
因此,
pubkey变为:这会导致上述错误!
Sometimes, you just copy and paste into
rails consoleor to some other editor which thinks its indentation is always great :-)Example:
So instead of:
the
pubkeybecomes:Which causes the error above!