从 .env 文件访问 .pem 公钥

发布于 2025-01-16 19:25:22 字数 646 浏览 1 评论 0原文

我将公钥作为字符串存储在环境变量中。该公钥来自 .pem 文件。当我尝试在代码中使用它时，出现以下错误

error:0909006C:PEM routines:get_name:no start line

我已经尝试了其他用户的建议，将其转换为 base64，然后使用密钥，但我仍然遇到相同的错误。

公钥的 env 变量

PUB_KEY='-----BEGIN PUBLIC KEY-----randomgibberish-----END PUBLIC KEY-----'

将其转换为 base64 的代码

const pubKey = process.env.PUB_KEY
const buff = Buffer.from(pubKey).toString('base64');
console.log(buff)

在此处的 createPublicKey 方法中使用它

crypto.createPublicKey({
                key: buff,
                format: 'pem',
            });

知道可能会出现什么问题吗？ TIA

原文

I am storing a public key in a env variable as a string. This public key is from a .pem file. When I try to use it in my code, I get the following error

error:0909006C:PEM routines:get_name:no start line

I have tried what other users have suggested, by converting it to base64 and then using the key, but I still get the same error.

env variable for the public key

PUB_KEY='-----BEGIN PUBLIC KEY-----randomgibberish-----END PUBLIC KEY-----'

Code for converting it to base64

const pubKey = process.env.PUB_KEY
const buff = Buffer.from(pubKey).toString('base64');
console.log(buff)

Using it in the createPublicKey method here

crypto.createPublicKey({
                key: buff,
                format: 'pem',
            });

Any idea what could be going wrong? TIA

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

二手情话 2025-01-23 19:25:22

由于公钥中的换行符，您的代码已被破坏。

不需要使用base64，我建议你在env文件中使用换行符（\n）来存储密钥，就像这样：

如果假设你的密钥是这样的：

那么保存是这样的（\n在末尾该行并使其成为一个完整的字符串，您可以看到我如何存储它）

export publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlkH/R64I0H1awndlU1w6BseS9\n5ygy2v6rwV7BA/xlNGCtWfsQ8UlbJl7fawZ1hgL7H8FcUkGk/RsWB7xRpUeHypnE\n8UU2bbhaS+X8Bze2kdoayerb5+YK6kZlyPvmI+WVxksKUEChcKE+t83mqVpnQnO9\nTkTXhzvual4cG+WatwIDAQAB\n-----END PUBLIC KEY-----'

并且在代码中使用：

const { publicKey } = process.env
const originalPublicKey = publicKey.replace(/\\n/g, '\n')

这将完成工作，它将生成您的原始密钥。

const publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlkH/R64I0H1awndlU1w6BseS9\n5ygy2v6rwV7BA/xlNGCtWfsQ8UlbJl7fawZ1hgL7H8FcUkGk/RsWB7xRpUeHypnE\n8UU2bbhaS+X8Bze2kdoayerb5+YK6kZlyPvmI+WVxksKUEChcKE+t83mqVpnQnO9\nTkTXhzvual4cG+WatwIDAQAB\n-----END PUBLIC KEY-----'

const originalPublicKey = publicKey.replace(/\\n/g, '\n')

console.log(originalPublicKey)

那么你可以简单地在你的代码中使用它。

crypto.createPublicKey({
                key: originalPublicKey,
                format: 'pem',
            });

如果此后还有任何问题，请在评论中告诉我。

Your code is breaking because of line break in the public keys.

No need to use base64, I suggest you to use line breaks (\n) in env file to store the key just like this:

If assuming your key is something like this:

then save is it like this (\n on the end of the line and making it a whole string, you can see how i have stored it)

export publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlkH/R64I0H1awndlU1w6BseS9\n5ygy2v6rwV7BA/xlNGCtWfsQ8UlbJl7fawZ1hgL7H8FcUkGk/RsWB7xRpUeHypnE\n8UU2bbhaS+X8Bze2kdoayerb5+YK6kZlyPvmI+WVxksKUEChcKE+t83mqVpnQnO9\nTkTXhzvual4cG+WatwIDAQAB\n-----END PUBLIC KEY-----'

And the in the code use:

const { publicKey } = process.env
const originalPublicKey = publicKey.replace(/\\n/g, '\n')

This will do the work, it will generate your original keys.

const publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlkH/R64I0H1awndlU1w6BseS9\n5ygy2v6rwV7BA/xlNGCtWfsQ8UlbJl7fawZ1hgL7H8FcUkGk/RsWB7xRpUeHypnE\n8UU2bbhaS+X8Bze2kdoayerb5+YK6kZlyPvmI+WVxksKUEChcKE+t83mqVpnQnO9\nTkTXhzvual4cG+WatwIDAQAB\n-----END PUBLIC KEY-----'

const originalPublicKey = publicKey.replace(/\\n/g, '\n')

console.log(originalPublicKey)

then you can simply use this in your code.

crypto.createPublicKey({
                key: originalPublicKey,
                format: 'pem',
            });

Let me know in the comments, if have any issue after this too.

回复收藏 0 原文

等待圉鍢 2025-01-23 19:25:22

您的密钥似乎是 X.509/SPKI 格式的 PEM 编码公钥。但是，缺少换行符。这些设置应使页眉和页脚各在一行上。在正文中，每 64 个字符后就有一个换行符。

格式正确的 PEM 密钥可以通过 createPublicKey( ）。即使正文中缺少换行符，密钥也会被接受，但页眉和页脚必须位于不同的行，否则将显示发布的错误消息：错误：0909006C：PEM例程：get_name：无起始行。

示例：

var crypto = require('crypto')

var x509 = `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunF5aDa6HCfLMMI/MZLT
5hDk304CU+ypFMFiBjowQdUMQKYHZ+fklB7GpLxCatxYJ/hZ7rjfHH3Klq20/Y1E
bYDRopyTSfkrTzPzwsX4Ur/l25CtdQldhHCTMgwf/Ev/buBNobfzdZE+Dhdv5lQw
KtjI43lDKvAi5kEet2TFwfJcJrBiRJeEcLfVgWTXGRQn7gngWKykUu5rS83eAU1x
H9FLojQfyia89/EykiOO7/3UWwd+MATZ9HLjSx2/Lf3g2jr81eifEmYDlri/OZp4
OhZu+0Bo1LXloCTe+vmIQ2YCX7EatUOuyQMt2Vwx4uV+d/A3DP6PtMGBKpF8St4i
GwIDAQAB
-----END PUBLIC KEY-----`;

// Import
var importedPubKey = crypto.createPublicKey({
    key: x509,
    format: 'pem' // default, can also be omitted
});

// Export
console.log(importedPubKey.export({type: 'spki', format: 'pem'}))

密钥也可以写成单行，并以换行符作为转义序列 (\n)，例如，对于单行中的页眉和页脚：

var x509 = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunF5aDa6HCfLMMI/MZLT5hDk304CU+ypFMFiBjowQdUMQKYHZ+fklB7GpLxCatxYJ/hZ7rjfHH3Klq20/Y1EbYDRopyTSfkrTzPzwsX4Ur/l25CtdQldhHCTMgwf/Ev/buBNobfzdZE+Dhdv5lQwKtjI43lDKvAi5kEet2TFwfJcJrBiRJeEcLfVgWTXGRQn7gngWKykUu5rS83eAU1xH9FLojQfyia89/EykiOO7/3UWwd+MATZ9HLjSx2/Lf3g2jr81eifEmYDlri/OZp4OhZu+0Bo1LXloCTe+vmIQ2YCX7EatUOuyQMt2Vwx4uV+d/A3DP6PtMGBKpF8St4iGwIDAQAB\n-----END PUBLIC KEY-----"

如果密钥存储在只要正确考虑换行符，即可获取环境变量（例如X509ENV）并检索（通过process.env.X509ENV）。

Your key seems to be a PEM encoded public key in X.509/SPKI format. However, the line breaks are missing. These are to be set so that header and footer are each on a single line. In the body there is a line break after every 64 characters.

A correctly formatted PEM key can be processed directly by createPublicKey(). The key will be accepted even if the line breaks in the body are missing, but header and footer must be in different lines, otherwise the posted error message will be displayed: error:0909006C:PEM routines:get_name:no start line.

Example:

var crypto = require('crypto')

var x509 = `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunF5aDa6HCfLMMI/MZLT
5hDk304CU+ypFMFiBjowQdUMQKYHZ+fklB7GpLxCatxYJ/hZ7rjfHH3Klq20/Y1E
bYDRopyTSfkrTzPzwsX4Ur/l25CtdQldhHCTMgwf/Ev/buBNobfzdZE+Dhdv5lQw
KtjI43lDKvAi5kEet2TFwfJcJrBiRJeEcLfVgWTXGRQn7gngWKykUu5rS83eAU1x
H9FLojQfyia89/EykiOO7/3UWwd+MATZ9HLjSx2/Lf3g2jr81eifEmYDlri/OZp4
OhZu+0Bo1LXloCTe+vmIQ2YCX7EatUOuyQMt2Vwx4uV+d/A3DP6PtMGBKpF8St4i
GwIDAQAB
-----END PUBLIC KEY-----`;

// Import
var importedPubKey = crypto.createPublicKey({
    key: x509,
    format: 'pem' // default, can also be omitted
});

// Export
console.log(importedPubKey.export({type: 'spki', format: 'pem'}))

The key can also be written as one-liner with line breaks as escape sequences (\n), e.g. for header and footer in single lines:

var x509 = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunF5aDa6HCfLMMI/MZLT5hDk304CU+ypFMFiBjowQdUMQKYHZ+fklB7GpLxCatxYJ/hZ7rjfHH3Klq20/Y1EbYDRopyTSfkrTzPzwsX4Ur/l25CtdQldhHCTMgwf/Ev/buBNobfzdZE+Dhdv5lQwKtjI43lDKvAi5kEet2TFwfJcJrBiRJeEcLfVgWTXGRQn7gngWKykUu5rS83eAU1xH9FLojQfyia89/EykiOO7/3UWwd+MATZ9HLjSx2/Lf3g2jr81eifEmYDlri/OZp4OhZu+0Bo1LXloCTe+vmIQ2YCX7EatUOuyQMt2Vwx4uV+d/A3DP6PtMGBKpF8St4iGwIDAQAB\n-----END PUBLIC KEY-----"

All this also works if the key is stored in an environment variable (e.g. X509ENV) and retrieved (via process.env.X509ENV) as long as the line breaks are correctly taken into account.

回复收藏 0 原文

~没有更多了~