Verifiable examples are always nice to have, especially for catching horrible implementation bugs, such as the oct JWK thumbprint compute bug which Brian reported :)
I promptly added them to the Nimbus lib test suite. https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/3415a620a36eaeb79bc307b68484afac7a2156d8 On 23.09.2015 01:58, Brian Campbell wrote: > No, not really. I was just looking to validate my own implementation and > using (abusing) these lists seemed like a decent way to do it. > > I mean, from a developer's perspective, I find examples that can be used to > validate implementation to be extremely useful. But, at this point, RFC > 7638 is probably just fine as it is. > > On Tue, Sep 22, 2015 at 1:45 PM, Jim Schaad <[email protected]> wrote: > >> Brian, >> >> >> >> Are you thinking that the set of examples should be expanded? >> >> >> >> Jim >> >> >> >> >> >> *From:* jose [mailto:[email protected]] *On Behalf Of *Brian Campbell >> *Sent:* Tuesday, September 22, 2015 10:47 AM >> *To:* Manger, James <[email protected]> >> *Cc:* <[email protected]> <[email protected]>; >> [email protected] >> *Subject:* Re: [jose] [Openid-specs-ab] JWK Thumbprint / RFC 7638 >> >> >> >> Thanks James. That's still useful validation. >> >> For whatever it's worth, shortly after I sent the message yesterday I >> noticed the nimbus library announced support for JWK thumbprints. So I >> compared some results with that implementation. Nimbus had a small defect >> calculating thumbprints for "oct" key types but, once that was fixed, also >> produced the same results. So I'm reasonably confident these examples are >> correct. >> >> >> >> >> >> On Mon, Sep 21, 2015 at 6:09 PM, Manger, James < >> [email protected]> wrote: >> >> I got the same results, Brian — though using some manual tools, not a >> proper library. >> >> >> >> -- >> >> James Manger >> >> >> >> *From:* Openid-specs-ab [mailto:[email protected]] *On >> Behalf Of *Brian Campbell >> *Sent:* Tuesday, 22 September 2015 1:43 AM >> *To:* [email protected]; <[email protected]> >> *Subject:* [Openid-specs-ab] JWK Thumbprint / RFC 7638 >> >> >> >> I added JWK Thumbprint support to my JOSE/JWT library >> <https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an >> implementation handy? >> >> The example in section 3.1 >> <http://tools.ietf.org/html/rfc7638#section-3.1> provided a nice >> opportunity to check my work with an "RSA" key type. However, there are no >> examples for "EC" or "oct" keys. While it should be pretty straightforward >> to implement, for me anyway, dumb little mistakes are certainly within the >> realm of possibility. So, if anyone would like to check their work against >> mine, a few JWKs followed by the base64url encoded SHA-256 hash of the RFC >> 7638 thumbprint are below. I'd be interested to hear if folks can >> (hopefully) reproduce the same results. >> >> >> {"kty":"oct", >> "k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"} >> 7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g >> >> >> {"kty":"EC", >> "x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA", >> "y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc", >> "crv":"P-256"} >> j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs >> >> >> {"kty":"EC", >> >> >> "x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt", >> >> >> "y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu", >> "crv":"P-521"} >> rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg >> >> >> {"kty":"EC", >> "x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ", >> "y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl", >> "crv":"P-384"} >> vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM >> >> >> {"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"} >> 5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk >> >> >> > > > _______________________________________________ > Openid-specs-ab mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs-ab -- Vladimir Dzhuvinov :: [email protected]
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
