Java 无法使用jsonwebtoken创建RS256 jwt密钥
我正试图按照本教程创建我的JWT: 但当我将SignatureAlgorithm从HS256更改为RS 256时,我得到以下错误:Java 无法使用jsonwebtoken创建RS256 jwt密钥,java,jjwt,Java,Jjwt,我正试图按照本教程创建我的JWT: 但当我将SignatureAlgorithm从HS256更改为RS 256时,我得到以下错误: 签名密钥的算法“SHA256withRSA”不等于有效的HmacSHA*算法名称,无法与HS512一起使用。 这是负责Jwt的代码部分: SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RS256; byte[] apiKeySecretBytes = Datat
签名密钥的算法“SHA256withRSA”不等于有效的HmacSHA*算法名称,无法与HS512一起使用。
这是负责Jwt的代码部分:
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RS256;
byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(SECRET_KEY);
Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
JwtBuilder builder = Jwts.builder().setId(id)
.setIssuedAt(now)
.setSubject(subject)
.setIssuer(issuer)
.signWith(signingKey);
Im使用的秘密密钥例如:
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQCtrKVnwse4anfX+JzM7imShXZUC+QBXQ11A5bOWwHFkXc4nTfE
Or3fJjnRSU5A3IROFU/pVVNiXJNkl7qQZK5mYb8j3NgqX8zZJG7IwLJ/Pm2sRW5Q
j32C/uJum64Q/iEIsCg/mJjDLh1lylEMEuzKgTdWtoeLfxDBL2AJ20qXzQIDAQAB
AoGBAKNXi0GpmjnCOPDxLFg5bvQVfhLSFCGMKQny1DVEtsfgZmbixv5R2R41T4+d
CHJMdEsUFFJ6I7CRLTcg1SDU8IhcAWCBRSNeVuomCHlQG16ti8HxwhiwIcjvDz/z
NC2sL5ZJ2eJnhbtXLdf6pxxO1pA5vLp1AX06IaETO977XvupAkEA+ZgtGZybyUkf
tEA3ekXc5eLoW+zgU0C1fATWcIZ8Iq5YV1BW+3oAzf8HgIbkQh4LM2qa6An3l+vW
NXR4wICHkwJBALIhrcdJqKw36qiyenq+m78klp5SnurQifVt0Sy1GMWyOUqYz5jK
t9sGo9Qn6GDuYe/XGXKWQW25PkEYXxxPPx8CQQCpICyvRidp5VrOURVGjUB5pZ+9
am02/In9V2nXJcnH1kuWHqJSFQGmlEEJHl5dTu5YEMyWnupezzd/UUThbDZxAkAz
TNO5QxNalbf04YG4e9Bq2eSur+iog2pXzkqhb3404UDypNOUkz0jzOO9o8ieschu
xCnGAFPTf7fYE2bAxmnNAkEA0/3bdsvJclquypqP9CQeQnxGwQtWz6+yn07gj3U1
V19mdeKCUZWklRarrcr67u9DdEx+JowyEY/ppzgeQtW01g==
-----END RSA PRIVATE KEY-----
我猜我签错钥匙了。。。
但是我不确定我需要做什么。您尝试使用的密钥不是PKCS#8格式的,可以使用您的代码。你有两个选择
pr\u test.key
文件,并使用命令openssl pkcs8-topk8-in-pr\u test.key-out pr\u test\u pkcs8.key-nocrypt将其转换为密码。然后将其复制并粘贴到SECRET\u KEY
变量中。您仍然需要稍微修改代码:
build.gradle
需要依赖项:
implementation 'org.bouncycastle:bcprov-jdk15on:1.64'
implementation 'org.bouncycastle:bcpkix-jdk15on:1.64'
太神了我想我需要得到我的私钥,并尝试了KeyFactory,但即使在我转换了文件后,我仍然得到了一个无效的格式错误。我在这件事上浪费了太多时间,但你的解决方案是正确的!谢谢如何修改这些私钥代码以------BEGIN EC private key------@k0staa开头
package com.example.demo;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import org.apache.tomcat.util.codec.binary.Base64;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.springframework.stereotype.Service;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
@Service
public class JWTService {
private static String SECRET_KEY = "-----BEGIN RSA PRIVATE KEY-----\n" +
"MIICXgIBAAKBgQCtrKVnwse4anfX+JzM7imShXZUC+QBXQ11A5bOWwHFkXc4nTfE\n" +
"Or3fJjnRSU5A3IROFU/pVVNiXJNkl7qQZK5mYb8j3NgqX8zZJG7IwLJ/Pm2sRW5Q\n" +
"j32C/uJum64Q/iEIsCg/mJjDLh1lylEMEuzKgTdWtoeLfxDBL2AJ20qXzQIDAQAB\n" +
"AoGBAKNXi0GpmjnCOPDxLFg5bvQVfhLSFCGMKQny1DVEtsfgZmbixv5R2R41T4+d\n" +
"CHJMdEsUFFJ6I7CRLTcg1SDU8IhcAWCBRSNeVuomCHlQG16ti8HxwhiwIcjvDz/z\n" +
"NC2sL5ZJ2eJnhbtXLdf6pxxO1pA5vLp1AX06IaETO977XvupAkEA+ZgtGZybyUkf\n" +
"tEA3ekXc5eLoW+zgU0C1fATWcIZ8Iq5YV1BW+3oAzf8HgIbkQh4LM2qa6An3l+vW\n" +
"NXR4wICHkwJBALIhrcdJqKw36qiyenq+m78klp5SnurQifVt0Sy1GMWyOUqYz5jK\n" +
"t9sGo9Qn6GDuYe/XGXKWQW25PkEYXxxPPx8CQQCpICyvRidp5VrOURVGjUB5pZ+9\n" +
"am02/In9V2nXJcnH1kuWHqJSFQGmlEEJHl5dTu5YEMyWnupezzd/UUThbDZxAkAz\n" +
"TNO5QxNalbf04YG4e9Bq2eSur+iog2pXzkqhb3404UDypNOUkz0jzOO9o8ieschu\n" +
"xCnGAFPTf7fYE2bAxmnNAkEA0/3bdsvJclquypqP9CQeQnxGwQtWz6+yn07gj3U1\n" +
"V19mdeKCUZWklRarrcr67u9DdEx+JowyEY/ppzgeQtW01g==\n" +
"-----END RSA PRIVATE KEY-----";
public String generateToken() throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
java.security.Security.addProvider(
new org.bouncycastle.jce.provider.BouncyCastleProvider()
);
PemReader pemReader = new PemReader(new StringReader(SECRET_KEY));
PemObject pemObject;
pemObject = pemReader.readPemObject();
KeyFactory factory = KeyFactory.getInstance("RSA");
byte[] content = pemObject.getContent();
PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(content);
RSAPrivateKey privateKey = (RSAPrivateKey) factory.generatePrivate(privKeySpec);
JwtBuilder builder = Jwts.builder().setId("ID")
.setIssuedAt(new Date())
.setSubject("Subject")
.setIssuer("Issuer")
.signWith(SignatureAlgorithm.RS256, privateKey);
return builder.compact();
}
}
implementation 'org.bouncycastle:bcprov-jdk15on:1.64'
implementation 'org.bouncycastle:bcpkix-jdk15on:1.64'