Re: [OAUTH-WG] JWS encoding Appendix A
<Axel.Nennker@telekom.de> Wed, 05 June 2013 13:38 UTC
Return-Path: <Axel.Nennker@telekom.de>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EEB621F9AA6 for <oauth@ietfa.amsl.com>; Wed, 5 Jun 2013 06:38:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.245
X-Spam-Level:
X-Spam-Status: No, score=-1.245 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, TRACKER_ID=2.003]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pxSOOX+Z0THs for <oauth@ietfa.amsl.com>; Wed, 5 Jun 2013 06:37:57 -0700 (PDT)
Received: from tcmail43.telekom.de (tcmail43.telekom.de [80.149.113.173]) by ietfa.amsl.com (Postfix) with ESMTP id C5CFA21F91AB for <oauth@ietf.org>; Wed, 5 Jun 2013 06:37:42 -0700 (PDT)
Received: from he101250.emea1.cds.t-internal.com ([10.125.92.153]) by tcmail41.telekom.de with ESMTP/TLS/AES128-SHA; 05 Jun 2013 15:37:40 +0200
Received: from HE100024.emea1.cds.t-internal.com (10.125.65.200) by HE101250.emea1.cds.t-internal.com (10.125.92.153) with Microsoft SMTP Server (TLS) id 8.3.298.1; Wed, 5 Jun 2013 15:37:40 +0200
Received: from HE111541.emea1.cds.t-internal.com ([10.125.90.97]) by HE100024.emea1.cds.t-internal.com ([2002:769:410c::769:410c]) with mapi; Wed, 5 Jun 2013 15:37:39 +0200
From: Axel.Nennker@telekom.de
To: asanso@adobe.com, oauth@ietf.org
Date: Wed, 05 Jun 2013 15:37:37 +0200
Thread-Topic: JWS encoding Appendix A
Thread-Index: Ac5h8Gf6B9cMsXqnS4iUMhrVweZ0wgAANFzg
Message-ID: <CE8995AB5D178F44A2154F5C9A97CAF40255A5BB872A@HE111541.emea1.cds.t-internal.com>
References: <2481701B-912B-4B5B-821C-D86721A4C4C6@adobe.com>
In-Reply-To: <2481701B-912B-4B5B-821C-D86721A4C4C6@adobe.com>
Accept-Language: de-DE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: de-DE
Content-Type: multipart/alternative; boundary="_000_CE8995AB5D178F44A2154F5C9A97CAF40255A5BB872AHE111541eme_"
MIME-Version: 1.0
Subject: Re: [OAUTH-WG] JWS encoding Appendix A
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2013 13:38:01 -0000
Antonio, Please have a look at this https://code.google.com/p/jsoncrypto/source/browse/trunk/testsrc/org/jsoncrypto/JcBaseTest.java#104 The \r\n is the important. Please make sure you have this byte representation of the payload. The following octet sequence contains the UTF-8 representation of the JWS Header: [123, 34, 116, 121, 112, 34, 58, 34, 74, 87, 84, 34, 44, 13, 10, 32, 34, 97, 108, 103, 34, 58, 34, 72, 83, 50, 53, 54, 34, 125] Best regards Axel From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Antonio Sanso Sent: Wednesday, June 05, 2013 3:27 PM To: oauth@ietf.org WG Subject: [OAUTH-WG] JWS encoding Appendix A Hi *, while testing my encoding routine against JWS I spot a difference between my encoding and the one in the spec. More specifically I am referring to Appendix A.1.1 [0] of the JWS spec. Now it could easily be that the library I wrote is wrong but it works fine with the encoding in the JWT spec for example. If somebody would like to give a look just for the record the encoding for the header in the spec looks like \ eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9 while for me would look like eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9 Same for the payload, spec eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ my library eyJpc3MiOiJqb2UiLCJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ Now the difference is probably given from the fact I did not take care in consideration carriage return in my input. I am on a huge JSON expert but what is the correct way to handle it? Regards Antonio [0] http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11#appendix-A.1
- [OAUTH-WG] JWS encoding Appendix A Antonio Sanso
- Re: [OAUTH-WG] JWS encoding Appendix A Axel.Nennker
- Re: [OAUTH-WG] JWS encoding Appendix A Justin Richer
- Re: [OAUTH-WG] JWS encoding Appendix A Antonio Sanso