I added JWK Thumbprint support to my JOSE/JWT library <https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an implementation handy?
The example in section 3.1 <http://tools.ietf.org/html/rfc7638#section-3.1> provided a nice opportunity to check my work with an "RSA" key type. However, there are no examples for "EC" or "oct" keys. While it should be pretty straightforward to implement, for me anyway, dumb little mistakes are certainly within the realm of possibility. So, if anyone would like to check their work against mine, a few JWKs followed by the base64url encoded SHA-256 hash of the RFC 7638 thumbprint are below. I'd be interested to hear if folks can (hopefully) reproduce the same results. {"kty":"oct", "k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"} 7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g {"kty":"EC", "x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA", "y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc", "crv":"P-256"} j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs {"kty":"EC", "x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt", "y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu", "crv":"P-521"} rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg {"kty":"EC", "x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ", "y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl", "crv":"P-384"} vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM {"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"} 5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
