Search code examples
openssljwt

PHP/Laravel /OpenSSL- "error:0909006C:PEM routines:get_name:no start line"

I am trying to get the private key using the openssl_getLprivatekey() function. My private key is in my public folder. Using the following command, **

$privateKey = openssl_get_privatekey(public_path().'\_certificates\privatekey.pem');

It throws error of "error:0909006C:PEM routines:get_name:no start line".

I have double checked, my format is alright and is according to the standards.

Ihave also tried keeping the private key in a variable and then pass it to the openssl_sign(), it throws error of Cannot coerece the private key.

Here is the code for the later part;

        $header = [
            'alg' => "RS384",
            'typ' => "JWT"
        ];

        $payload = [
            'iss' => "my-client-id",
            'sub' => "my-client-id",
            'aud' => "https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token",
            'jti' =>  (string)strtotime(gmdate("Y-m-d H:i:s")),
            'exp' =>  strtotime(gmdate("Y-m-d H:i:s")) + 270,
        ];


        $privateKey = "my-private-key-in-string";


        $headers_encoded = $this->base64url_encode(json_encode($header));
        $payload_encoded = $this->base64url_encode(json_encode($payload));
        $data = "$headers_encoded.$payload_encoded";

        openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA384)

This code throws error of openssl_sign(): supplied key param cannot be coerced into a private key.

Solution

  • Fixed The issue was with the format of the private Key stored in the variable.

    Private key Before Changes

    $privateKey = "-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7VJTUt9Us8cKj
MzEfYyjiWA4R4/M2bS1GB4t7NXp98C3SC6dVMvDuictGeurT8jNbvJZHtCSuYEvu
.
.
.
TQrKhArgLXX4v3CddjfTRJkFWDbE/CkvKZNOrcf1nhaGCPspRJj2KUkj1Fhl9Cnc
dn/RsYEONbwQSjIfMPkvxF+8HQ==
-----END PRIVATE KEY-----";

    Private Key After Changes

    $privateKey =  "-----BEGIN PRIVATE KEY-----\n".
"MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC7VJTUt9Us8cKj\n".
"MzEfYyjiWA4R4/M2bS1GB4t7NXp98C3SC6dVMvDuictGeurT8jNbvJZHtCSuYEvu\n".
.
.
.
"TQrKhArgLXX4v3CddjfTRJkFWDbE/CkvKZNOrcf1nhaGCPspRJj2KUkj1Fhl9Cnc\n".
"dn/RsYEONbwQSjIfMPkvxF+8HQ==\n".
"-----END PRIVATE KEY-----";

    I know it's not a good practice to use a key from within a code. but for now, it is working. Although I am still getting the issue of get_name:no start line when I try to get the key in .pem file.