[Openid-specs-ab] JWK Thumbprint / RFC 7638
Brian Campbell
bcampbell at pingidentity.com
Mon Sep 21 15:42:51 UTC 2015
I added JWK Thumbprint support to my JOSE/JWT library
<https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an
implementation handy?
The example in section 3.1 <http://tools.ietf.org/html/rfc7638#section-3.1>
provided a nice opportunity to check my work with an "RSA" key type.
However, there are no examples for "EC" or "oct" keys. While it should be
pretty straightforward to implement, for me anyway, dumb little mistakes
are certainly within the realm of possibility. So, if anyone would like to
check their work against mine, a few JWKs followed by the base64url encoded
SHA-256 hash of the RFC 7638 thumbprint are below. I'd be interested to
hear if folks can (hopefully) reproduce the same results.
{"kty":"oct",
"k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"}
7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g
{"kty":"EC",
"x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA",
"y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc",
"crv":"P-256"}
j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs
{"kty":"EC",
"x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt",
"y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu",
"crv":"P-521"}
rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg
{"kty":"EC",
"x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ",
"y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl",
"crv":"P-384"}
vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM
{"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"}
5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150921/4373a387/attachment.html>
More information about the Openid-specs-ab
mailing list