[Openid-specs-ab] JWK Thumbprint / RFC 7638
Manger, James
James.H.Manger at team.telstra.com
Tue Sep 22 00:09:36 UTC 2015
I got the same results, Brian — though using some manual tools, not a proper library.
--
James Manger
From: Openid-specs-ab [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Brian Campbell
Sent: Tuesday, 22 September 2015 1:43 AM
To: jose at ietf.org; <openid-specs-ab at lists.openid.net>
Subject: [Openid-specs-ab] JWK Thumbprint / RFC 7638
I added JWK Thumbprint support to my JOSE/JWT library<https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an implementation handy?
The example in section 3.1<http://tools.ietf.org/html/rfc7638#section-3.1> provided a nice opportunity to check my work with an "RSA" key type. However, there are no examples for "EC" or "oct" keys. While it should be pretty straightforward to implement, for me anyway, dumb little mistakes are certainly within the realm of possibility. So, if anyone would like to check their work against mine, a few JWKs followed by the base64url encoded SHA-256 hash of the RFC 7638 thumbprint are below. I'd be interested to hear if folks can (hopefully) reproduce the same results.
{"kty":"oct",
"k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"}
7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g
{"kty":"EC",
"x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA",
"y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc",
"crv":"P-256"}
j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs
{"kty":"EC",
"x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt",
"y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu",
"crv":"P-521"}
rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg
{"kty":"EC",
"x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ",
"y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl",
"crv":"P-384"}
vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM
{"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"}
5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150922/e35b37b7/attachment.html>
More information about the Openid-specs-ab
mailing list