Brian,
Are you thinking that the set of examples should be expanded? Jim From: jose [mailto:[email protected]] On Behalf Of Brian Campbell Sent: Tuesday, September 22, 2015 10:47 AM To: Manger, James <[email protected]> Cc: <[email protected]> <[email protected]>; [email protected] Subject: Re: [jose] [Openid-specs-ab] JWK Thumbprint / RFC 7638 Thanks James. That's still useful validation. For whatever it's worth, shortly after I sent the message yesterday I noticed the nimbus library announced support for JWK thumbprints. So I compared some results with that implementation. Nimbus had a small defect calculating thumbprints for "oct" key types but, once that was fixed, also produced the same results. So I'm reasonably confident these examples are correct. On Mon, Sep 21, 2015 at 6:09 PM, Manger, James <[email protected] <mailto:[email protected]> > wrote: I got the same results, Brian — though using some manual tools, not a proper library. -- James Manger From: Openid-specs-ab [mailto:[email protected] <mailto:[email protected]> ] On Behalf Of Brian Campbell Sent: Tuesday, 22 September 2015 1:43 AM To: [email protected] <mailto:[email protected]> ; <[email protected] <mailto:[email protected]> > Subject: [Openid-specs-ab] JWK Thumbprint / RFC 7638 I added JWK Thumbprint support to my JOSE/JWT library <https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an implementation handy? The example in section 3.1 <http://tools.ietf.org/html/rfc7638#section-3.1> provided a nice opportunity to check my work with an "RSA" key type. However, there are no examples for "EC" or "oct" keys. While it should be pretty straightforward to implement, for me anyway, dumb little mistakes are certainly within the realm of possibility. So, if anyone would like to check their work against mine, a few JWKs followed by the base64url encoded SHA-256 hash of the RFC 7638 thumbprint are below. I'd be interested to hear if folks can (hopefully) reproduce the same results. {"kty":"oct", "k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"} 7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g {"kty":"EC", "x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA", "y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc", "crv":"P-256"} j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs {"kty":"EC", "x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt", "y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu", "crv":"P-521"} rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg {"kty":"EC", "x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ", "y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl", "crv":"P-384"} vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM {"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"} 5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
