draft-ietf-jose-json-web-signature-04.txt   draft-ietf-jose-json-web-signature-05.txt 
JOSE Working Group M. Jones JOSE Working Group M. Jones
Internet-Draft Microsoft Internet-Draft Microsoft
Intended status: Standards Track J. Bradley Intended status: Standards Track J. Bradley
Expires: January 17, 2013 Ping Identity Expires: January 31, 2013 Ping Identity
N. Sakimura N. Sakimura
NRI NRI
July 16, 2012 July 30, 2012
JSON Web Signature (JWS) JSON Web Signature (JWS)
draft-ietf-jose-json-web-signature-04 draft-ietf-jose-json-web-signature-05
Abstract Abstract
JSON Web Signature (JWS) is a means of representing content secured JSON Web Signature (JWS) is a means of representing content secured
with digital signatures or Message Authentication Codes (MACs) using with digital signatures or Message Authentication Codes (MACs) using
JavaScript Object Notation (JSON) data structures. Cryptographic JavaScript Object Notation (JSON) data structures. Cryptographic
algorithms and identifiers for use with this specification are algorithms and identifiers for use with this specification are
described in the separate JSON Web Algorithms (JWA) specification. described in the separate JSON Web Algorithms (JWA) specification.
Related encryption capabilities are described in the separate JSON Related encryption capabilities are described in the separate JSON
Web Encryption (JWE) specification. Web Encryption (JWE) specification.
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 17, 2013. This Internet-Draft will expire on January 31, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 33 skipping to change at page 2, line 33
4.1.5. "x5t" (X.509 Certificate Thumbprint) Header 4.1.5. "x5t" (X.509 Certificate Thumbprint) Header
Parameter . . . . . . . . . . . . . . . . . . . . . . 8 Parameter . . . . . . . . . . . . . . . . . . . . . . 8
4.1.6. "x5c" (X.509 Certificate Chain) Header Parameter . . . 9 4.1.6. "x5c" (X.509 Certificate Chain) Header Parameter . . . 9
4.1.7. "kid" (Key ID) Header Parameter . . . . . . . . . . . 9 4.1.7. "kid" (Key ID) Header Parameter . . . . . . . . . . . 9
4.1.8. "typ" (Type) Header Parameter . . . . . . . . . . . . 9 4.1.8. "typ" (Type) Header Parameter . . . . . . . . . . . . 9
4.1.9. "cty" (Content Type) Header Parameter . . . . . . . . 10 4.1.9. "cty" (Content Type) Header Parameter . . . . . . . . 10
4.2. Public Header Parameter Names . . . . . . . . . . . . . . 10 4.2. Public Header Parameter Names . . . . . . . . . . . . . . 10
4.3. Private Header Parameter Names . . . . . . . . . . . . . . 10 4.3. Private Header Parameter Names . . . . . . . . . . . . . . 10
5. Rules for Creating and Validating a JWS . . . . . . . . . . . 10 5. Rules for Creating and Validating a JWS . . . . . . . . . . . 10
6. Securing JWSs with Cryptographic Algorithms . . . . . . . . . 12 6. Securing JWSs with Cryptographic Algorithms . . . . . . . . . 12
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
7.1. JSON Web Signature and Encryption Header Parameters 7.1. JSON Web Signature and Encryption Header Parameters
Registry . . . . . . . . . . . . . . . . . . . . . . . . . 13 Registry . . . . . . . . . . . . . . . . . . . . . . . . . 13
7.1.1. Registration Template . . . . . . . . . . . . . . . . 13 7.1.1. Registration Template . . . . . . . . . . . . . . . . 13
7.1.2. Initial Registry Contents . . . . . . . . . . . . . . 14 7.1.2. Initial Registry Contents . . . . . . . . . . . . . . 14
7.2. JSON Web Signature and Encryption Type Values Registry . . 15 7.2. JSON Web Signature and Encryption Type Values Registry . . 15
7.2.1. Registration Template . . . . . . . . . . . . . . . . 15 7.2.1. Registration Template . . . . . . . . . . . . . . . . 15
7.2.2. Initial Registry Contents . . . . . . . . . . . . . . 16 7.2.2. Initial Registry Contents . . . . . . . . . . . . . . 16
7.3. Media Type Registration . . . . . . . . . . . . . . . . . 16 7.3. Media Type Registration . . . . . . . . . . . . . . . . . 16
7.3.1. Registry Contents . . . . . . . . . . . . . . . . . . 16 7.3.1. Registry Contents . . . . . . . . . . . . . . . . . . 16
8. Security Considerations . . . . . . . . . . . . . . . . . . . 17 8. Security Considerations . . . . . . . . . . . . . . . . . . . 17
8.1. Cryptographic Security Considerations . . . . . . . . . . 17 8.1. Cryptographic Security Considerations . . . . . . . . . . 17
8.2. JSON Security Considerations . . . . . . . . . . . . . . . 18 8.2. JSON Security Considerations . . . . . . . . . . . . . . . 18
8.3. Unicode Comparison Security Considerations . . . . . . . . 18 8.3. Unicode Comparison Security Considerations . . . . . . . . 19
9. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 19 9. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 19
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19
10.1. Normative References . . . . . . . . . . . . . . . . . . . 19 10.1. Normative References . . . . . . . . . . . . . . . . . . . 19
10.2. Informative References . . . . . . . . . . . . . . . . . . 21 10.2. Informative References . . . . . . . . . . . . . . . . . . 21
Appendix A. JWS Examples . . . . . . . . . . . . . . . . . . . . 21 Appendix A. JWS Examples . . . . . . . . . . . . . . . . . . . . 21
A.1. JWS using HMAC SHA-256 . . . . . . . . . . . . . . . . . . 21 A.1. JWS using HMAC SHA-256 . . . . . . . . . . . . . . . . . . 22
A.1.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 21 A.1.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 22
A.1.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 23 A.1.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 24
A.1.3. Validating . . . . . . . . . . . . . . . . . . . . . . 23 A.1.3. Validating . . . . . . . . . . . . . . . . . . . . . . 24
A.2. JWS using RSA SHA-256 . . . . . . . . . . . . . . . . . . 24 A.2. JWS using RSA SHA-256 . . . . . . . . . . . . . . . . . . 24
A.2.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 24 A.2.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 24
A.2.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 27 A.2.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 28
A.2.3. Validating . . . . . . . . . . . . . . . . . . . . . . 27 A.2.3. Validating . . . . . . . . . . . . . . . . . . . . . . 28
A.3. JWS using ECDSA P-256 SHA-256 . . . . . . . . . . . . . . 27 A.3. JWS using ECDSA P-256 SHA-256 . . . . . . . . . . . . . . 28
A.3.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 27 A.3.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 28
A.3.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 29 A.3.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 30
A.3.3. Validating . . . . . . . . . . . . . . . . . . . . . . 29 A.3.3. Validating . . . . . . . . . . . . . . . . . . . . . . 30
A.4. JWS using ECDSA P-521 SHA-512 . . . . . . . . . . . . . . 30 A.4. JWS using ECDSA P-521 SHA-512 . . . . . . . . . . . . . . 31
A.4.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 30 A.4.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . 31
A.4.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 32 A.4.2. Decoding . . . . . . . . . . . . . . . . . . . . . . . 33
A.4.3. Validating . . . . . . . . . . . . . . . . . . . . . . 32 A.4.3. Validating . . . . . . . . . . . . . . . . . . . . . . 33
A.5. Example Plaintext JWS . . . . . . . . . . . . . . . . . . 32 A.5. Example Plaintext JWS . . . . . . . . . . . . . . . . . . 34
Appendix B. "x5c" (X.509 Certificate Chain) Example . . . . . . . 33 Appendix B. "x5c" (X.509 Certificate Chain) Example . . . . . . . 34
Appendix C. Notes on implementing base64url encoding without Appendix C. Notes on implementing base64url encoding without
padding . . . . . . . . . . . . . . . . . . . . . . . 35 padding . . . . . . . . . . . . . . . . . . . . . . . 36
Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 36 Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 37
Appendix E. Document History . . . . . . . . . . . . . . . . . . 36 Appendix E. Document History . . . . . . . . . . . . . . . . . . 38
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 39 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 41
1. Introduction 1. Introduction
JSON Web Signature (JWS) is a compact format for representing content JSON Web Signature (JWS) is a compact format for representing content
secured with digital signatures or Message Authentication Codes secured with digital signatures or Message Authentication Codes
(MACs) intended for space constrained environments such as HTTP (MACs) intended for space constrained environments such as HTTP
Authorization headers and URI query parameters. It represents this Authorization headers and URI query parameters. It represents this
content using JavaScript Object Notation (JSON) [RFC4627] based data content using JavaScript Object Notation (JSON) [RFC4627] based data
structures. The JWS cryptographic mechanisms provide integrity structures. The JWS cryptographic mechanisms provide integrity
protection for arbitrary sequences of bytes. protection for arbitrary sequences of bytes.
skipping to change at page 5, line 38 skipping to change at page 5, line 38
functions. Examples of Collision Resistant Namespaces include: functions. Examples of Collision Resistant Namespaces include:
Domain Names, Object Identifiers (OIDs) as defined in the ITU-T Domain Names, Object Identifiers (OIDs) as defined in the ITU-T
X.660 and X.670 Recommendation series, and Universally Unique X.660 and X.670 Recommendation series, and Universally Unique
IDentifiers (UUIDs) [RFC4122]. When using an administratively IDentifiers (UUIDs) [RFC4122]. When using an administratively
delegated namespace, the definer of a name needs to take delegated namespace, the definer of a name needs to take
reasonable precautions to ensure they are in control of the reasonable precautions to ensure they are in control of the
portion of the namespace they use to define the name. portion of the namespace they use to define the name.
StringOrURI A JSON string value, with the additional requirement StringOrURI A JSON string value, with the additional requirement
that while arbitrary string values MAY be used, any value that while arbitrary string values MAY be used, any value
containing a ":" character MUST be a URI [RFC3986]. containing a ":" character MUST be a URI [RFC3986]. StringOrURI
values are compared as case-sensitive strings with no
transformations or canonicalizations applied.
3. JSON Web Signature (JWS) Overview 3. JSON Web Signature (JWS) Overview
JWS represents digitally signed or MACed content using JSON data JWS represents digitally signed or MACed content using JSON data
structures and base64url encoding. The representation consists of structures and base64url encoding. The representation consists of
three parts: the JWS Header, the JWS Payload, and the JWS Signature. three parts: the JWS Header, the JWS Payload, and the JWS Signature.
In the Compact Serialization, the three parts are base64url-encoded In the Compact Serialization, the three parts are base64url-encoded
for transmission, and represented as the concatenation of the encoded for transmission, and represented as the concatenation of the encoded
strings in that order, with the three strings being separated by strings in that order, with the three strings being separated by
period ('.') characters. (A JSON Serialization for this information period ('.') characters. (A JSON Serialization for this information
skipping to change at page 6, line 14 skipping to change at page 6, line 16
The JWS Header describes the signature or MAC method and parameters The JWS Header describes the signature or MAC method and parameters
employed. The JWS Payload is the message content to be secured. The employed. The JWS Payload is the message content to be secured. The
JWS Signature ensures the integrity of both the JWS Header and the JWS Signature ensures the integrity of both the JWS Header and the
JWS Payload. JWS Payload.
3.1. Example JWS 3.1. Example JWS
The following example JWS Header declares that the encoded object is The following example JWS Header declares that the encoded object is
a JSON Web Token (JWT) [JWT] and the JWS Header and the JWS Payload a JSON Web Token (JWT) [JWT] and the JWS Header and the JWS Payload
are secured using the HMAC SHA-256 algorithm: are secured using the HMAC SHA-256 algorithm:
{"typ":"JWT",
"alg":"HS256"} {"typ":"JWT",
"alg":"HS256"}
Base64url encoding the bytes of the UTF-8 representation of the JWS Base64url encoding the bytes of the UTF-8 representation of the JWS
Header yields this Encoded JWS Header value: Header yields this Encoded JWS Header value:
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
The following is an example of a JSON object that can be used as a The following is an example of a JSON object that can be used as a
JWS Payload. (Note that the payload can be any content, and need not JWS Payload. (Note that the payload can be any content, and need not
be a representation of a JSON object.) be a representation of a JSON object.)
{"iss":"joe",
"exp":1300819380, {"iss":"joe",
"http://example.com/is_root":true} "exp":1300819380,
"http://example.com/is_root":true}
Base64url encoding the bytes of the UTF-8 representation of the JSON Base64url encoding the bytes of the UTF-8 representation of the JSON
object yields the following Encoded JWS Payload (with line breaks for object yields the following Encoded JWS Payload (with line breaks for
display purposes only): display purposes only):
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
Computing the HMAC of the bytes of the ASCII [USASCII] representation Computing the HMAC of the bytes of the ASCII [USASCII] representation
of the JWS Secured Input (the concatenation of the Encoded JWS of the JWS Secured Input (the concatenation of the Encoded JWS
Header, a period ('.') character, and the Encoded JWS Payload) with Header, a period ('.') character, and the Encoded JWS Payload) with
the HMAC SHA-256 algorithm using the key specified in Appendix A.1 the HMAC SHA-256 algorithm using the key specified in Appendix A.1
and base64url encoding the result yields this Encoded JWS Signature and base64url encoding the result yields this Encoded JWS Signature
value: value:
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
Concatenating these parts in the order Header.Payload.Signature with Concatenating these parts in the order Header.Payload.Signature with
period characters between the parts yields this complete JWS period characters between the parts yields this complete JWS
representation (with line breaks for display purposes only): representation (with line breaks for display purposes only):
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
. eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt .
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
. cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk .
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
This computation is illustrated in more detail in Appendix A.1. This computation is illustrated in more detail in Appendix A.1.
4. JWS Header 4. JWS Header
The members of the JSON object represented by the JWS Header describe The members of the JSON object represented by the JWS Header describe
the digital signature or MAC applied to the Encoded JWS Header and the digital signature or MAC applied to the Encoded JWS Header and
the Encoded JWS Payload and optionally additional properties of the the Encoded JWS Payload and optionally additional properties of the
JWS. The Header Parameter Names within this object MUST be unique; JWS. The Header Parameter Names within this object MUST be unique;
JWSs with duplicate Header Parameter Names MUST be rejected. JWSs with duplicate Header Parameter Names MUST be rejected.
Implementations MUST understand the entire contents of the header; Implementations MUST understand the entire contents of the header;
skipping to change at page 21, line 31 skipping to change at page 21, line 42
[MagicSignatures] [MagicSignatures]
Panzer (editor), J., Laurie, B., and D. Balfanz, "Magic Panzer (editor), J., Laurie, B., and D. Balfanz, "Magic
Signatures", January 2011. Signatures", January 2011.
[RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally [RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally
Unique IDentifier (UUID) URN Namespace", RFC 4122, Unique IDentifier (UUID) URN Namespace", RFC 4122,
July 2005. July 2005.
[W3C.CR-xmldsig-core2-20120124] [W3C.CR-xmldsig-core2-20120124]
Reagle, J., Hirsch, F., Cantor, S., Roessler, T., Solo, D., Datta, P., Hirsch, F., Cantor, S., Reagle, J.,
Eastlake, D., Yiu, K., Solo, D., and P. Datta, "XML Roessler, T., Eastlake, D., and K. Yiu, "XML Signature
Signature Syntax and Processing Version 2.0", World Wide Syntax and Processing Version 2.0", World Wide Web
Web Consortium CR CR-xmldsig-core2-20120124, January 2012, Consortium CR CR-xmldsig-core2-20120124, January 2012,
<http://www.w3.org/TR/2012/CR-xmldsig-core2-20120124>. <http://www.w3.org/TR/2012/CR-xmldsig-core2-20120124>.
Appendix A. JWS Examples Appendix A. JWS Examples
This section provides several examples of JWSs. While these examples This section provides several examples of JWSs. While these examples
all represent JSON Web Tokens (JWTs) [JWT], the payload can be any all represent JSON Web Tokens (JWTs) [JWT], the payload can be any
base64url encoded content. base64url encoded content.
A.1. JWS using HMAC SHA-256 A.1. JWS using HMAC SHA-256
A.1.1. Encoding A.1.1. Encoding
The following example JWS Header declares that the data structure is The following example JWS Header declares that the data structure is
a JSON Web Token (JWT) [JWT] and the JWS Secured Input is secured a JSON Web Token (JWT) [JWT] and the JWS Secured Input is secured
using the HMAC SHA-256 algorithm. using the HMAC SHA-256 algorithm.
{"typ":"JWT",
"alg":"HS256"} {"typ":"JWT",
"alg":"HS256"}
The following byte array contains the UTF-8 representation of the JWS The following byte array contains the UTF-8 representation of the JWS
Header: Header:
[123, 34, 116, 121, 112, 34, 58, 34, 74, 87, 84, 34, 44, 13, 10, 32, [123, 34, 116, 121, 112, 34, 58, 34, 74, 87, 84, 34, 44, 13, 10, 32,
34, 97, 108, 103, 34, 58, 34, 72, 83, 50, 53, 54, 34, 125] 34, 97, 108, 103, 34, 58, 34, 72, 83, 50, 53, 54, 34, 125]
Base64url encoding these bytes yields this Encoded JWS Header value: Base64url encoding these bytes yields this Encoded JWS Header value:
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
The JWS Payload used in this example is the bytes of the UTF-8 The JWS Payload used in this example is the bytes of the UTF-8
representation of the JSON object below. (Note that the payload can representation of the JSON object below. (Note that the payload can
be any base64url encoded sequence of bytes, and need not be a be any base64url encoded sequence of bytes, and need not be a
base64url encoded JSON object.) base64url encoded JSON object.)
{"iss":"joe",
"exp":1300819380, {"iss":"joe",
"http://example.com/is_root":true} "exp":1300819380,
"http://example.com/is_root":true}
The following byte array, which is the UTF-8 representation of the The following byte array, which is the UTF-8 representation of the
JSON object above, is the JWS Payload: JSON object above, is the JWS Payload:
[123, 34, 105, 115, 115, 34, 58, 34, 106, 111, 101, 34, 44, 13, 10, [123, 34, 105, 115, 115, 34, 58, 34, 106, 111, 101, 34, 44, 13, 10,
32, 34, 101, 120, 112, 34, 58, 49, 51, 48, 48, 56, 49, 57, 51, 56, 32, 34, 101, 120, 112, 34, 58, 49, 51, 48, 48, 56, 49, 57, 51, 56,
48, 44, 13, 10, 32, 34, 104, 116, 116, 112, 58, 47, 47, 101, 120, 97, 48, 44, 13, 10, 32, 34, 104, 116, 116, 112, 58, 47, 47, 101, 120, 97,
109, 112, 108, 101, 46, 99, 111, 109, 47, 105, 115, 95, 114, 111, 109, 112, 108, 101, 46, 99, 111, 109, 47, 105, 115, 95, 114, 111,
111, 116, 34, 58, 116, 114, 117, 101, 125] 111, 116, 34, 58, 116, 114, 117, 101, 125]
Base64url encoding the above yields the Encoded JWS Payload value Base64url encoding the above yields the Encoded JWS Payload value
(with line breaks for display purposes only): (with line breaks for display purposes only):
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
Concatenating the Encoded JWS Header, a period character, and the Concatenating the Encoded JWS Header, a period character, and the
Encoded JWS Payload yields this JWS Secured Input value (with line Encoded JWS Payload yields this JWS Secured Input value (with line
breaks for display purposes only): breaks for display purposes only):
eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
. eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt .
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
The ASCII representation of the JWS Secured Input is the following The ASCII representation of the JWS Secured Input is the following
byte array: byte array:
[101, 121, 74, 48, 101, 88, 65, 105, 79, 105, 74, 75, 86, 49, 81, [101, 121, 74, 48, 101, 88, 65, 105, 79, 105, 74, 75, 86, 49, 81,
105, 76, 65, 48, 75, 73, 67, 74, 104, 98, 71, 99, 105, 79, 105, 74, 105, 76, 65, 48, 75, 73, 67, 74, 104, 98, 71, 99, 105, 79, 105, 74,
73, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 73, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51,
77, 105, 79, 105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 77, 105, 79, 105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67,
74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84,
107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100,
skipping to change at page 23, line 27 skipping to change at page 23, line 46
Running the HMAC SHA-256 algorithm on the bytes of the ASCII Running the HMAC SHA-256 algorithm on the bytes of the ASCII
representation of the JWS Secured Input with this key yields the representation of the JWS Secured Input with this key yields the
following byte array: following byte array:
[116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173, [116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173,
187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83, 187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83,
132, 141, 121] 132, 141, 121]
Base64url encoding the above HMAC output yields the Encoded JWS Base64url encoding the above HMAC output yields the Encoded JWS
Signature value: Signature value:
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
A.1.2. Decoding A.1.2. Decoding
Decoding the JWS requires base64url decoding the Encoded JWS Header, Decoding the JWS requires base64url decoding the Encoded JWS Header,
Encoded JWS Payload, and Encoded JWS Signature to produce the JWS Encoded JWS Payload, and Encoded JWS Signature to produce the JWS
Header, JWS Payload, and JWS Signature byte arrays. The byte array Header, JWS Payload, and JWS Signature byte arrays. The byte array
containing the UTF-8 representation of the JWS Header is decoded into containing the UTF-8 representation of the JWS Header is decoded into
the JWS Header string. the JWS Header string.
A.1.3. Validating A.1.3. Validating
skipping to change at page 24, line 14 skipping to change at page 24, line 37
A.2. JWS using RSA SHA-256 A.2. JWS using RSA SHA-256
A.2.1. Encoding A.2.1. Encoding
The JWS Header in this example is different from the previous example The JWS Header in this example is different from the previous example
in two ways: First, because a different algorithm is being used, the in two ways: First, because a different algorithm is being used, the
"alg" value is different. Second, for illustration purposes only, "alg" value is different. Second, for illustration purposes only,
the optional "typ" parameter is not used. (This difference is not the optional "typ" parameter is not used. (This difference is not
related to the algorithm employed.) The JWS Header used is: related to the algorithm employed.) The JWS Header used is:
{"alg":"RS256"}
{"alg":"RS256"}
The following byte array contains the UTF-8 representation of the JWS The following byte array contains the UTF-8 representation of the JWS
Header: Header:
[123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125] [123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125]
Base64url encoding these bytes yields this Encoded JWS Header value: Base64url encoding these bytes yields this Encoded JWS Header value:
eyJhbGciOiJSUzI1NiJ9
eyJhbGciOiJSUzI1NiJ9
The JWS Payload used in this example, which follows, is the same as The JWS Payload used in this example, which follows, is the same as
in the previous example. Since the Encoded JWS Payload will in the previous example. Since the Encoded JWS Payload will
therefore be the same, its computation is not repeated here. therefore be the same, its computation is not repeated here.
{"iss":"joe",
"exp":1300819380, {"iss":"joe",
"http://example.com/is_root":true} "exp":1300819380,
"http://example.com/is_root":true}
Concatenating the Encoded JWS Header, a period character, and the Concatenating the Encoded JWS Header, a period character, and the
Encoded JWS Payload yields this JWS Secured Input value (with line Encoded JWS Payload yields this JWS Secured Input value (with line
breaks for display purposes only): breaks for display purposes only):
eyJhbGciOiJSUzI1NiJ9
. eyJhbGciOiJSUzI1NiJ9
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt .
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
The ASCII representation of the JWS Secured Input is the following The ASCII representation of the JWS Secured Input is the following
byte array: byte array:
[101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73, [101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73,
49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105,
74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
skipping to change at page 27, line 8 skipping to change at page 28, line 8
177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202, 177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202,
173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157, 173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157,
105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69, 105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69,
34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202, 34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202,
234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90, 234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90,
193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238, 193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238,
251, 71] 251, 71]
Base64url encoding the digital signature produces this value for the Base64url encoding the digital signature produces this value for the
Encoded JWS Signature (with line breaks for display purposes only): Encoded JWS Signature (with line breaks for display purposes only):
cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7
AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4 cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7
BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4
0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K
hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB 0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv
p0igcN_IoypGlUPQGe77Rw hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB
p0igcN_IoypGlUPQGe77Rw
A.2.2. Decoding A.2.2. Decoding
Decoding the JWS requires base64url decoding the Encoded JWS Header, Decoding the JWS requires base64url decoding the Encoded JWS Header,
Encoded JWS Payload, and Encoded JWS Signature to produce the JWS Encoded JWS Payload, and Encoded JWS Signature to produce the JWS
Header, JWS Payload, and JWS Signature byte arrays. The byte array Header, JWS Payload, and JWS Signature byte arrays. The byte array
containing the UTF-8 representation of the JWS Header is decoded into containing the UTF-8 representation of the JWS Header is decoded into
the JWS Header string. the JWS Header string.
A.2.3. Validating A.2.3. Validating
skipping to change at page 27, line 44 skipping to change at page 28, line 45
the bytes of the ASCII representation of the JWS Secured Input to an the bytes of the ASCII representation of the JWS Secured Input to an
RSA signature verifier that has been configured to use the SHA-256 RSA signature verifier that has been configured to use the SHA-256
hash function. hash function.
A.3. JWS using ECDSA P-256 SHA-256 A.3. JWS using ECDSA P-256 SHA-256
A.3.1. Encoding A.3.1. Encoding
The JWS Header for this example differs from the previous example The JWS Header for this example differs from the previous example
because a different algorithm is being used. The JWS Header used is: because a different algorithm is being used. The JWS Header used is:
{"alg":"ES256"}
{"alg":"ES256"}
The following byte array contains the UTF-8 representation of the JWS The following byte array contains the UTF-8 representation of the JWS
Header: Header:
[123, 34, 97, 108, 103, 34, 58, 34, 69, 83, 50, 53, 54, 34, 125] [123, 34, 97, 108, 103, 34, 58, 34, 69, 83, 50, 53, 54, 34, 125]
Base64url encoding these bytes yields this Encoded JWS Header value: Base64url encoding these bytes yields this Encoded JWS Header value:
eyJhbGciOiJFUzI1NiJ9 eyJhbGciOiJFUzI1NiJ9
The JWS Payload used in this example, which follows, is the same as The JWS Payload used in this example, which follows, is the same as
in the previous examples. Since the Encoded JWS Payload will in the previous examples. Since the Encoded JWS Payload will
therefore be the same, its computation is not repeated here. therefore be the same, its computation is not repeated here.
{"iss":"joe",
"exp":1300819380, {"iss":"joe",
"http://example.com/is_root":true} "exp":1300819380,
"http://example.com/is_root":true}
Concatenating the Encoded JWS Header, a period character, and the Concatenating the Encoded JWS Header, a period character, and the
Encoded JWS Payload yields this JWS Secured Input value (with line Encoded JWS Payload yields this JWS Secured Input value (with line
breaks for display purposes only): breaks for display purposes only):
eyJhbGciOiJFUzI1NiJ9
. eyJhbGciOiJFUzI1NiJ9
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt .
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
The ASCII representation of the JWS Secured Input is the following The ASCII representation of the JWS Secured Input is the following
byte array: byte array:
[101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 73, [101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 73,
49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105,
74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
skipping to change at page 29, line 26 skipping to change at page 30, line 31
| | 7, 212, 2, 163, 178, 40, 3, 58, 249, 124, 126, 23, 129, | | | 7, 212, 2, 163, 178, 40, 3, 58, 249, 124, 126, 23, 129, |
| | 154, 195, 22, 158, 166, 101] | | | 154, 195, 22, 158, 166, 101] |
| S | [197, 10, 7, 211, 140, 60, 112, 229, 216, 241, 45, 175, | | S | [197, 10, 7, 211, 140, 60, 112, 229, 216, 241, 45, 175, |
| | 8, 74, 84, 128, 166, 101, 144, 197, 242, 147, 80, 154, | | | 8, 74, 84, 128, 166, 101, 144, 197, 242, 147, 80, 154, |
| | 143, 63, 127, 138, 131, 163, 84, 213] | | | 143, 63, 127, 138, 131, 163, 84, 213] |
+--------+----------------------------------------------------------+ +--------+----------------------------------------------------------+
Concatenating the S array to the end of the R array and base64url Concatenating the S array to the end of the R array and base64url
encoding the result produces this value for the Encoded JWS Signature encoding the result produces this value for the Encoded JWS Signature
(with line breaks for display purposes only): (with line breaks for display purposes only):
DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA
pmWQxfKTUJqPP3-Kg6NU1Q DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA
pmWQxfKTUJqPP3-Kg6NU1Q
A.3.2. Decoding A.3.2. Decoding
Decoding the JWS requires base64url decoding the Encoded JWS Header, Decoding the JWS requires base64url decoding the Encoded JWS Header,
Encoded JWS Payload, and Encoded JWS Signature to produce the JWS Encoded JWS Payload, and Encoded JWS Signature to produce the JWS
Header, JWS Payload, and JWS Signature byte arrays. The byte array Header, JWS Payload, and JWS Signature byte arrays. The byte array
containing the UTF-8 representation of the JWS Header is decoded into containing the UTF-8 representation of the JWS Header is decoded into
the JWS Header string. the JWS Header string.
A.3.3. Validating A.3.3. Validating
skipping to change at page 30, line 19 skipping to change at page 31, line 25
validated the correctness of the HMAC. Instead, implementations MUST validated the correctness of the HMAC. Instead, implementations MUST
use an ECDSA validator to validate the digital signature. use an ECDSA validator to validate the digital signature.
A.4. JWS using ECDSA P-521 SHA-512 A.4. JWS using ECDSA P-521 SHA-512
A.4.1. Encoding A.4.1. Encoding
The JWS Header for this example differs from the previous example The JWS Header for this example differs from the previous example
because a different ECDSA curve and hash function are used. The JWS because a different ECDSA curve and hash function are used. The JWS
Header used is: Header used is:
{"alg":"ES512"}
{"alg":"ES512"}
The following byte array contains the UTF-8 representation of the JWS The following byte array contains the UTF-8 representation of the JWS
Header: Header:
[123, 34, 97, 108, 103, 34, 58, 34, 69, 83, 53, 49, 50, 34, 125] [123, 34, 97, 108, 103, 34, 58, 34, 69, 83, 53, 49, 50, 34, 125]
Base64url encoding these bytes yields this Encoded JWS Header value: Base64url encoding these bytes yields this Encoded JWS Header value:
eyJhbGciOiJFUzUxMiJ9
eyJhbGciOiJFUzUxMiJ9
The JWS Payload used in this example, is the ASCII string "Payload". The JWS Payload used in this example, is the ASCII string "Payload".
The representation of this string is the byte array: The representation of this string is the byte array:
[80, 97, 121, 108, 111, 97, 100] [80, 97, 121, 108, 111, 97, 100]
Base64url encoding these bytes yields the Encoded JWS Payload value: Base64url encoding these bytes yields the Encoded JWS Payload value:
UGF5bG9hZA
UGF5bG9hZA
Concatenating the Encoded JWS Header, a period character, and the Concatenating the Encoded JWS Header, a period character, and the
Encoded JWS Payload yields this JWS Secured Input value: Encoded JWS Payload yields this JWS Secured Input value:
eyJhbGciOiJFUzUxMiJ9.UGF5bG9hZA
eyJhbGciOiJFUzUxMiJ9.UGF5bG9hZA
The ASCII representation of the JWS Secured Input is the following The ASCII representation of the JWS Secured Input is the following
byte array: byte array:
[101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 85, [101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 85,
120, 77, 105, 74, 57, 46, 85, 71, 70, 53, 98, 71, 57, 104, 90, 65] 120, 77, 105, 74, 57, 46, 85, 71, 70, 53, 98, 71, 57, 104, 90, 65]
The ECDSA key consists of a public part, the EC point (x, y), and a The ECDSA key consists of a public part, the EC point (x, y), and a
private part d. The values of the ECDSA key used in this example, private part d. The values of the ECDSA key used in this example,
presented as the byte arrays representing three 521 bit big endian presented as the byte arrays representing three 521 bit big endian
skipping to change at page 32, line 4 skipping to change at page 33, line 22
| | 152, 105, 18, 53, 108, 163, 214, 68, 231, 62, 153, 150, | | | 152, 105, 18, 53, 108, 163, 214, 68, 231, 62, 153, 150, |
| | 106, 194, 164, 246, 72, 143, 138, 24, 50, 129, 223, 133, | | | 106, 194, 164, 246, 72, 143, 138, 24, 50, 129, 223, 133, |
| | 206, 209, 172, 63, 237, 119, 109] | | | 206, 209, 172, 63, 237, 119, 109] |
| S | [0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92, | | S | [0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92, |
| | 61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193, | | | 61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193, |
| | 199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131, | | | 199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131, |
| | 48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155, | | | 48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155, |
| | 22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148, | | | 22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148, |
| | 188, 222, 59, 242, 103] | | | 188, 222, 59, 242, 103] |
+--------+----------------------------------------------------------+ +--------+----------------------------------------------------------+
Concatenating the S array to the end of the R array and base64url Concatenating the S array to the end of the R array and base64url
encoding the result produces this value for the Encoded JWS Signature encoding the result produces this value for the Encoded JWS Signature
(with line breaks for display purposes only): (with line breaks for display purposes only):
AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq
wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq
EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp
EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn
A.4.2. Decoding A.4.2. Decoding
Decoding the JWS requires base64url decoding the Encoded JWS Header, Decoding the JWS requires base64url decoding the Encoded JWS Header,
Encoded JWS Payload, and Encoded JWS Signature to produce the JWS Encoded JWS Payload, and Encoded JWS Signature to produce the JWS
Header, JWS Payload, and JWS Signature byte arrays. The byte array Header, JWS Payload, and JWS Signature byte arrays. The byte array
containing the UTF-8 representation of the JWS Header is decoded into containing the UTF-8 representation of the JWS Header is decoded into
the JWS Header string. the JWS Header string.
A.4.3. Validating A.4.3. Validating
skipping to change at page 32, line 46 skipping to change at page 34, line 17
As explained in Section 3.4 of the JSON Web Algorithms (JWA) [JWA] As explained in Section 3.4 of the JSON Web Algorithms (JWA) [JWA]
specification, the use of the K value in ECDSA means that we cannot specification, the use of the K value in ECDSA means that we cannot
validate the correctness of the digital signature in the same way we validate the correctness of the digital signature in the same way we
validated the correctness of the HMAC. Instead, implementations MUST validated the correctness of the HMAC. Instead, implementations MUST
use an ECDSA validator to validate the digital signature. use an ECDSA validator to validate the digital signature.
A.5. Example Plaintext JWS A.5. Example Plaintext JWS
The following example JWS Header declares that the encoded object is The following example JWS Header declares that the encoded object is
a Plaintext JWS: a Plaintext JWS:
{"alg":"none"}
{"alg":"none"}
Base64url encoding the bytes of the UTF-8 representation of the JWS Base64url encoding the bytes of the UTF-8 representation of the JWS
Header yields this Encoded JWS Header: Header yields this Encoded JWS Header:
eyJhbGciOiJub25lIn0
eyJhbGciOiJub25lIn0
The JWS Payload used in this example, which follows, is the same as The JWS Payload used in this example, which follows, is the same as
in the previous examples. Since the Encoded JWS Payload will in the previous examples. Since the Encoded JWS Payload will
therefore be the same, its computation is not repeated here. therefore be the same, its computation is not repeated here.
{"iss":"joe",
"exp":1300819380, {"iss":"joe",
"http://example.com/is_root":true} "exp":1300819380,
"http://example.com/is_root":true}
The Encoded JWS Signature is the empty string. The Encoded JWS Signature is the empty string.
Concatenating these parts in the order Header.Payload.Signature with Concatenating these parts in the order Header.Payload.Signature with
period characters between the parts yields this complete JWS (with period characters between the parts yields this complete JWS (with
line breaks for display purposes only): line breaks for display purposes only):
eyJhbGciOiJub25lIn0
. eyJhbGciOiJub25lIn0
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt .
cGxlLmNvbS9pc19yb290Ijp0cnVlfQ eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt
. cGxlLmNvbS9pc19yb290Ijp0cnVlfQ
.
Appendix B. "x5c" (X.509 Certificate Chain) Example Appendix B. "x5c" (X.509 Certificate Chain) Example
The string below is an example of a certificate chain that could be The string below is an example of a certificate chain that could be
used as the value of an "x5c" (X.509 Certificate Chain) header used as the value of an "x5c" (X.509 Certificate Chain) header
parameter, per Section 4.1.6. parameter, per Section 4.1.6.
-----BEGIN CERTIFICATE-----
MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVM -----BEGIN CERTIFICATE-----
xITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR2 MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVM
8gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExM xITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR2
TYwMTU0MzdaFw0yNjExMTYwMTU0MzdaMIHKMQswCQYDVQQGEwJVUzEQMA4GA1UE 8gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExM
CBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWR TYwMTU0MzdaFw0yNjExMTYwMTU0MzdaMIHKMQswCQYDVQQGEwJVUzEQMA4GA1UE
keS5jb20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYW CBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWR
RkeS5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlc keS5jb20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYW
nRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzCCASIwDQYJ RkeS5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2VjdXJlIENlc
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQt1RWMnCZM7DI161+4WQFapmGBWTt nRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzCCASIwDQYJ
wY6vj3D3HKrjJM9N55DrtPDAjhI6zMBS2sofDPZVUBJ7fmd0LJR4h3mUpfjWoqV KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQt1RWMnCZM7DI161+4WQFapmGBWTt
Tr9vcyOdQmVZWt7/v+WIbXnvQAjYwqDL1CBM6nPwT27oDyqu9SoWlm2r4arV3aL wY6vj3D3HKrjJM9N55DrtPDAjhI6zMBS2sofDPZVUBJ7fmd0LJR4h3mUpfjWoqV
GbqGmu75RpRSgAvSMeYddi5Kcju+GZtCpyz8/x4fKL4o/K1w/O5epHBp+YlLpyo Tr9vcyOdQmVZWt7/v+WIbXnvQAjYwqDL1CBM6nPwT27oDyqu9SoWlm2r4arV3aL
7RJlbmr2EkRTcDCVw5wrWCs9CHRK8r5RsL+H0EwnWGu1NcWdrxcx+AuP7q2BNgW GbqGmu75RpRSgAvSMeYddi5Kcju+GZtCpyz8/x4fKL4o/K1w/O5epHBp+YlLpyo
JCJjPOq8lh8BJ6qf9Z/dFjpfMFDniNoW1fho3/Rb2cRGadDAW/hOUoz+EDU8CAw 7RJlbmr2EkRTcDCVw5wrWCs9CHRK8r5RsL+H0EwnWGu1NcWdrxcx+AuP7q2BNgW
EAAaOCATIwggEuMB0GA1UdDgQWBBT9rGEyk2xF1uLuhV+auud2mWjM5zAfBgNVH JCJjPOq8lh8BJ6qf9Z/dFjpfMFDniNoW1fho3/Rb2cRGadDAW/hOUoz+EDU8CAw
SMEGDAWgBTSxLDSkdRMEXGzYcs9of7dqGrU4zASBgNVHRMBAf8ECDAGAQH/AgEA EAAaOCATIwggEuMB0GA1UdDgQWBBT9rGEyk2xF1uLuhV+auud2mWjM5zAfBgNVH
MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZ29kYWR SMEGDAWgBTSxLDSkdRMEXGzYcs9of7dqGrU4zASBgNVHRMBAf8ECDAGAQH/AgEA
keS5jb20wRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL2NlcnRpZmljYXRlcy5nb2 MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZ29kYWR
RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkcm9vdC5jcmwwSwYDVR0gBEQwQjBABgRVH keS5jb20wRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL2NlcnRpZmljYXRlcy5nb2
SAAMDgwNgYIKwYBBQUHAgEWKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkcm9vdC5jcmwwSwYDVR0gBEQwQjBABgRVH
b20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggE SAAMDgwNgYIKwYBBQUHAgEWKmh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5j
BANKGwOy9+aG2Z+5mC6IGOgRQjhVyrEp0lVPLN8tESe8HkGsz2ZbwlFalEzAFPI b20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggE
UyIXvJxwqoJKSQ3kbTJSMUA2fCENZvD117esyfxVgqwcSeIaha86ykRvOe5GPLL BANKGwOy9+aG2Z+5mC6IGOgRQjhVyrEp0lVPLN8tESe8HkGsz2ZbwlFalEzAFPI
5CkKSkB2XIsKd83ASe8T+5o0yGPwLPk9Qnt0hCqU7S+8MxZC9Y7lhyVJEnfzuz9 UyIXvJxwqoJKSQ3kbTJSMUA2fCENZvD117esyfxVgqwcSeIaha86ykRvOe5GPLL
p0iRFEUOOjZv2kWzRaJBydTXRE4+uXR21aITVSzGh6O1mawGhId/dQb8vxRMDsx 5CkKSkB2XIsKd83ASe8T+5o0yGPwLPk9Qnt0hCqU7S+8MxZC9Y7lhyVJEnfzuz9
uxN89txJx9OjxUUAiKEngHUuHqDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZ p0iRFEUOOjZv2kWzRaJBydTXRE4+uXR21aITVSzGh6O1mawGhId/dQb8vxRMDsx
EjYx8WnM25sgVjOuH0aBsXBTWVU+4= uxN89txJx9OjxUUAiKEngHUuHqDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZ
-----END CERTIFICATE----- EjYx8WnM25sgVjOuH0aBsXBTWVU+4=
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
MIIE+zCCBGSgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Z -----BEGIN CERTIFICATE-----
hbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIE MIIE+zCCBGSgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Z
luYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb hbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIE
24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8x luYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb
IDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MDY 24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8x
yMFoXDTI0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZS IDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MDY
BHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgM yMFoXDTI0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZS
iBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN BHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgM
ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XC iBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN
APVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XC
6wwdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLO APVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux
tXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWo 6wwdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLO
riMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZ tXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWo
Eewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjggHhMIIB3TAdBgNVHQ riMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZ
4EFgQU0sSw0pHUTBFxs2HLPaH+3ahq1OMwgdIGA1UdIwSByjCBx6GBwaSBvjCBu Eewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjggHhMIIB3TAdBgNVHQ
zEkMCIGA1UEBxMbVmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQK 4EFgQU0sSw0pHUTBFxs2HLPaH+3ahq1OMwgdIGA1UdIwSByjCBx6GBwaSBvjCBu
Ew5WYWxpQ2VydCwgSW5jLjE1MDMGA1UECxMsVmFsaUNlcnQgQ2xhc3MgMiBQb2x zEkMCIGA1UEBxMbVmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQK
pY3kgVmFsaWRhdGlvbiBBdXRob3JpdHkxITAfBgNVBAMTGGh0dHA6Ly93d3cudm Ew5WYWxpQ2VydCwgSW5jLjE1MDMGA1UECxMsVmFsaUNlcnQgQ2xhc3MgMiBQb2x
FsaWNlcnQuY29tLzEgMB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb22CA pY3kgVmFsaWRhdGlvbiBBdXRob3JpdHkxITAfBgNVBAMTGGh0dHA6Ly93d3cudm
QEwDwYDVR0TAQH/BAUwAwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGG FsaWNlcnQuY29tLzEgMB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb22CA
F2h0dHA6Ly9vY3NwLmdvZGFkZHkuY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA QEwDwYDVR0TAQH/BAUwAwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGG
6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9yb290LmNybD F2h0dHA6Ly9vY3NwLmdvZGFkZHkuY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA
BLBgNVHSAERDBCMEAGBFUdIAAwODA2BggrBgEFBQcCARYqaHR0cDovL2NlcnRpZ 6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9yb290LmNybD
mljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIBBjAN BLBgNVHSAERDBCMEAGBFUdIAAwODA2BggrBgEFBQcCARYqaHR0cDovL2NlcnRpZ
BgkqhkiG9w0BAQUFAAOBgQC1QPmnHfbq/qQaQlpE9xXUhUaJwL6e4+PrxeNYiY+ mljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIBBjAN
Sn1eocSxI0YGyeR+sBjUZsE4OWBsUs5iB0QQeyAfJg594RAoYC5jcdnplDQ1tgM BgkqhkiG9w0BAQUFAAOBgQC1QPmnHfbq/qQaQlpE9xXUhUaJwL6e4+PrxeNYiY+
QLARzLrUc+cb53S8wGd9D0VmsfSxOaFIqII6hR8INMqzW/Rn453HWkrugp++85j Sn1eocSxI0YGyeR+sBjUZsE4OWBsUs5iB0QQeyAfJg594RAoYC5jcdnplDQ1tgM
09VZw== QLARzLrUc+cb53S8wGd9D0VmsfSxOaFIqII6hR8INMqzW/Rn453HWkrugp++85j
-----END CERTIFICATE----- 09VZw==
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ -----BEGIN CERTIFICATE-----
0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNT MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ
AzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0a 0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNT
G9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkq AzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0a
hkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE G9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkq
5MDYyNjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTm hkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE
V0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZ 5MDYyNjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTm
XJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQD V0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZ
ExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9 XJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQD
AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5a ExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9
vIWZJV16vYdA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zf AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5a
N1SLUzm1NZ9WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwb vIWZJV16vYdA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zf
P7RfZHM047QSv4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQU N1SLUzm1NZ9WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwb
AA4GBADt/UG9vUJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQ P7RfZHM047QSv4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQU
C1u+mNr0HZDzTuIYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMM AA4GBADt/UG9vUJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQ
j4QssxsodyamEwCW/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd C1u+mNr0HZDzTuIYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMM
-----END CERTIFICATE----- j4QssxsodyamEwCW/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd
-----END CERTIFICATE-----
Appendix C. Notes on implementing base64url encoding without padding Appendix C. Notes on implementing base64url encoding without padding
This appendix describes how to implement base64url encoding and This appendix describes how to implement base64url encoding and
decoding functions without padding based upon standard base64 decoding functions without padding based upon standard base64
encoding and decoding functions that do use padding. encoding and decoding functions that do use padding.
To be concrete, example C# code implementing these functions is shown To be concrete, example C# code implementing these functions is shown
below. Similar code could be used in other languages. below. Similar code could be used in other languages.
static string base64urlencode(byte [] arg)
{
string s = Convert.ToBase64String(arg); // Standard base64 encoder
s = s.Split('=')[0]; // Remove any trailing '='s
s = s.Replace('+', '-'); // 62nd char of encoding
s = s.Replace('/', '_'); // 63rd char of encoding
return s;
}
static byte [] base64urldecode(string arg) static string base64urlencode(byte [] arg)
{ {
string s = arg; string s = Convert.ToBase64String(arg); // Standard base64 encoder
s = s.Replace('-', '+'); // 62nd char of encoding s = s.Split('=')[0]; // Remove any trailing '='s
s = s.Replace('_', '/'); // 63rd char of encoding s = s.Replace('+', '-'); // 62nd char of encoding
switch (s.Length % 4) // Pad with trailing '='s s = s.Replace('/', '_'); // 63rd char of encoding
{ return s;
case 0: break; // No pad chars in this case }
case 2: s += "=="; break; // Two pad chars
case 3: s += "="; break; // One pad char static byte [] base64urldecode(string arg)
default: throw new System.Exception( {
"Illegal base64url string!"); string s = arg;
} s = s.Replace('-', '+'); // 62nd char of encoding
return Convert.FromBase64String(s); // Standard base64 decoder s = s.Replace('_', '/'); // 63rd char of encoding
} switch (s.Length % 4) // Pad with trailing '='s
{
case 0: break; // No pad chars in this case
case 2: s += "=="; break; // Two pad chars
case 3: s += "="; break; // One pad char
default: throw new System.Exception(
"Illegal base64url string!");
}
return Convert.FromBase64String(s); // Standard base64 decoder
}
As per the example code above, the number of '=' padding characters As per the example code above, the number of '=' padding characters
that needs to be added to the end of a base64url encoded string that needs to be added to the end of a base64url encoded string
without padding to turn it into one with padding is a deterministic without padding to turn it into one with padding is a deterministic
function of the length of the encoded string. Specifically, if the function of the length of the encoded string. Specifically, if the
length mod 4 is 0, no padding is added; if the length mod 4 is 2, two length mod 4 is 0, no padding is added; if the length mod 4 is 2, two
'=' padding characters are added; if the length mod 4 is 3, one '=' '=' padding characters are added; if the length mod 4 is 3, one '='
padding character is added; if the length mod 4 is 1, the input is padding character is added; if the length mod 4 is 1, the input is
malformed. malformed.
skipping to change at page 36, line 26 skipping to change at page 38, line 12
Balfanz, Yaron Y. Goland, John Panzer, and Paul Tarjan all made Balfanz, Yaron Y. Goland, John Panzer, and Paul Tarjan all made
significant contributions to the design of this specification. significant contributions to the design of this specification.
Thanks to Axel Nennker for his early implementation and feedback on Thanks to Axel Nennker for his early implementation and feedback on
the JWS and JWE specifications. the JWS and JWE specifications.
Appendix E. Document History Appendix E. Document History
[[ to be removed by the RFC editor before publication as an RFC ]] [[ to be removed by the RFC editor before publication as an RFC ]]
-05
o Added statement that "StringOrURI values are compared as case-
sensitive strings with no transformations or canonicalizations
applied".
o Indented artwork elements to better distinguish them from the body
text.
-04 -04
o Completed JSON Security Considerations section, including o Completed JSON Security Considerations section, including
considerations about rejecting input with duplicate member names. considerations about rejecting input with duplicate member names.
o Completed security considerations on the use of a SHA-1 hash when o Completed security considerations on the use of a SHA-1 hash when
computing "x5t" (x.509 certificate thumbprint) values. computing "x5t" (x.509 certificate thumbprint) values.
o Refer to the registries as the primary sources of defined values o Refer to the registries as the primary sources of defined values
and then secondarily reference the sections defining the initial and then secondarily reference the sections defining the initial
contents of the registries. contents of the registries.
o Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124] o Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124]
for its security considerations. for its security considerations.
o Added this language to Registration Templates: "This name is case o Added this language to Registration Templates: "This name is case
sensitive. Names that match other registered names in a case sensitive. Names that match other registered names in a case
insensitive manner SHOULD NOT be accepted." insensitive manner SHOULD NOT be accepted."
o Reference draft-jones-jose-jws-json-serialization instead of o Reference draft-jones-jose-jws-json-serialization instead of
draft-jones-json-web-signature-json-serialization. to draft-jones-json-web-signature-json-serialization.
o Described additional open issues. o Described additional open issues.
o Applied editorial suggestions. o Applied editorial suggestions.
-03 -03
o Added the "cty" (content type) header parameter for declaring type o Added the "cty" (content type) header parameter for declaring type
information about the secured content, as opposed to the "typ" information about the secured content, as opposed to the "typ"
(type) header parameter, which declares type information about (type) header parameter, which declares type information about
 End of changes. 49 change blocks. 
204 lines changed or deleted 249 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/