go-jose icon indicating copy to clipboard operation
go-jose copied to clipboard

Published 20 hours ago verified publisher icon square

Support RFC 7638 canonical kid for JWK

Open zamicol opened this issue 5 years ago • 1 comments

The jose-util complains that, "JWK Thumbprint (RFC 7638) is not used for key id because of lack of canonical representation" and instead has an external dependency to github.com/google/uuid for the kid. https://github.com/square/go-jose/blob/2c8b6426f72c5905687a6fa37788ace1e4def982/jose-util/generate.go#L154

Unless I'm taking crazy pills, RFC 7638 is exactly that, the prescription for a reproducible canonical kid. It even begins by saying, "[This specification defines the] method of creating a canonical form..."

And while I'm asking questions, there doesn't appear to be a clean way to produce a JWK outside of the jose-util, which doesn't expose the functions and is limited to writing JWK's to a file. Is that suppose to be the role of "func NewSigner"? Would there be any interest/need for a 'func NewJWK' ? Either way, I would love to see an example.

zamicol avatar Nov 07 '19 08:11 zamicol

See Pull Request #269

zamicol avatar Nov 11 '19 22:11 zamicol