Internet Engineering Task Force (IETF) M. Jones Request for Comments: 7638 Microsoft Category: Standards Track N. Sakimura ISSN: 2070-1721 Nomura Research Institute September 2015
Internet Engineering Task Force (IETF) M. Jones Request for Comments: 7638 Microsoft Category: Standards Track N. Sakimura ISSN: 2070-1721 Nomura Research Institute September 2015
JSON Web Key (JWK) Thumbprint
JSON Web密钥(JWK)指纹
Abstract
摘要
This specification defines a method for computing a hash value over a JSON Web Key (JWK). It defines which fields in a JWK are used in the hash computation, the method of creating a canonical form for those fields, and how to convert the resulting Unicode string into a byte sequence to be hashed. The resulting hash value can be used for identifying or selecting the key represented by the JWK that is the subject of the thumbprint.
本规范定义了一种通过JSON Web键(JWK)计算哈希值的方法。它定义了散列计算中使用JWK中的哪些字段、为这些字段创建规范格式的方法,以及如何将生成的Unicode字符串转换为要散列的字节序列。生成的散列值可用于标识或选择由作为指纹主题的JWK表示的密钥。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7638.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7638.
Copyright Notice
版权公告
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. JSON Web Key (JWK) Thumbprint . . . . . . . . . . . . . . . . 3 3.1. Example JWK Thumbprint Computation . . . . . . . . . . . 4 3.2. JWK Members Used in the Thumbprint Computation . . . . . 6 3.2.1. JWK Thumbprint of a Private Key . . . . . . . . . . . 6 3.2.2. Why Not Include Optional Members? . . . . . . . . . . 7 3.3. Order and Representation of Members in Hash Input . . . . 7 3.4. Selection of Hash Function . . . . . . . . . . . . . . . 8 3.5. JWK Thumbprints of Keys Not in JWK Format . . . . . . . . 8 4. Practical JSON and Unicode Considerations . . . . . . . . . . 8 5. Relationship to Digests of X.509 Values . . . . . . . . . . . 9 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 8.1. Normative References . . . . . . . . . . . . . . . . . . 11 8.2. Informative References . . . . . . . . . . . . . . . . . 12 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. JSON Web Key (JWK) Thumbprint . . . . . . . . . . . . . . . . 3 3.1. Example JWK Thumbprint Computation . . . . . . . . . . . 4 3.2. JWK Members Used in the Thumbprint Computation . . . . . 6 3.2.1. JWK Thumbprint of a Private Key . . . . . . . . . . . 6 3.2.2. Why Not Include Optional Members? . . . . . . . . . . 7 3.3. Order and Representation of Members in Hash Input . . . . 7 3.4. Selection of Hash Function . . . . . . . . . . . . . . . 8 3.5. JWK Thumbprints of Keys Not in JWK Format . . . . . . . . 8 4. Practical JSON and Unicode Considerations . . . . . . . . . . 8 5. Relationship to Digests of X.509 Values . . . . . . . . . . . 9 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 8.1. Normative References . . . . . . . . . . . . . . . . . . 11 8.2. Informative References . . . . . . . . . . . . . . . . . 12 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
This specification defines a method for computing a hash value (a.k.a. digest) over a JSON Web Key (JWK) [JWK]. It defines which fields in a JWK are used in the hash computation, the method of creating a canonical form for those fields, and how to convert the resulting Unicode string into a byte sequence to be hashed. The resulting hash value can be used for identifying or selecting the key represented by the JWK that is the subject of the thumbprint, for instance, by using the base64url-encoded JWK Thumbprint value as a "kid" (key ID) value.
本规范定义了一种通过JSON Web密钥(JWK)[JWK]计算哈希值(也称为摘要)的方法。它定义了散列计算中使用JWK中的哪些字段、为这些字段创建规范格式的方法,以及如何将生成的Unicode字符串转换为要散列的字节序列。结果散列值可用于识别或选择由作为指纹主题的JWK表示的密钥,例如,通过使用base64url编码的JWK指纹值作为“kid”(密钥ID)值。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in "Key words for use in RFCs to Indicate Requirement Levels" [RFC2119]. The interpretation should only be applied when the terms appear in all capital letters.
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不得”、“应”、“不应”、“建议”、“不建议”、“可”和“可选”应按照“RFC中用于表示要求水平的关键词”[RFC2119]中的描述进行解释。该解释仅适用于所有大写字母的术语。
This specification uses the same terminology as the "JSON Web Key (JWK)" [JWK], "JSON Web Signature (JWS)" [JWS], and "JSON Web Algorithms (JWA)" [JWA] specifications.
本规范使用与“JSON Web密钥(JWK)”[JWK]、“JSON Web签名(JWS)”[JWS]和“JSON Web算法(JWA)”规范相同的术语。
This term is defined by this specification:
本规范对该术语进行了定义:
JWK Thumbprint The digest value for a JWK.
JWK指纹JWK的摘要值。
The thumbprint of a JSON Web Key (JWK) is computed as follows:
JSON Web密钥(JWK)的指纹计算如下:
1. Construct a JSON object [RFC7159] containing only the required members of a JWK representing the key and with no whitespace or line breaks before or after any syntactic elements and with the required members ordered lexicographically by the Unicode [UNICODE] code points of the member names. (This JSON object is itself a legal JWK representation of the key.)
1. 构造一个JSON对象[RFC7159],该对象只包含表示键的JWK的必需成员,在任何语法元素之前或之后不包含空格或换行符,并且必需的成员按成员名称的Unicode[Unicode]代码点按字典顺序排列。(此JSON对象本身就是密钥的合法JWK表示。)
2. Hash the octets of the UTF-8 representation of this JSON object with a cryptographic hash function H. For example, SHA-256 [SHS] might be used as H. See Section 3.4 for a discussion on the choice of hash function.
2. 使用加密散列函数H散列此JSON对象的UTF-8表示形式的八位字节。例如,SHA-256[SHS]可以用作H。有关散列函数选择的讨论,请参见第3.4节。
The resulting value is the JWK Thumbprint with H of the JWK. The details of this computation are further described in subsequent sections.
结果值是JWK指纹,带有JWK的H。该计算的细节将在后续章节中进一步描述。
This section demonstrates the JWK Thumbprint computation for the JWK below (with the long line broken for display purposes only):
本节演示了以下JWK的JWK指纹计算(长线断开仅用于显示):
{ "kty": "RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAt VT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn6 4tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FD W2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n9 1CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINH aQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e": "AQAB", "alg": "RS256", "kid": "2011-04-29" }
{ "kty": "RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAt VT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn6 4tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FD W2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n9 1CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINH aQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e": "AQAB", "alg": "RS256", "kid": "2011-04-29" }
As defined in "JSON Web Key (JWK)" [JWK] and "JSON Web Algorithms (JWA)" [JWA], the required members for an RSA public key are:
根据“JSON Web密钥(JWK)”和“JSON Web算法(JWA)”中的定义,RSA公钥所需的成员包括:
o "kty" o "n" o "e"
o “kty”o“n”o“e”
Therefore, these are the members used in the thumbprint computation.
因此,这些是指纹计算中使用的成员。
Their lexicographic order, per Section 3.3, is:
根据第3.3节,其词典顺序为:
o "e" o "kty" o "n"
o “e”o“kty”o“n”
Therefore, the JSON object constructed as an intermediate step in the computation is as follows (with the line broken for display purposes only):
因此,作为计算的中间步骤构造的JSON对象如下所示(断线仅用于显示):
{"e":"AQAB","kty":"RSA","n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2 aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCi FV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65Y GjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n 91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_x BniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw"}
{“e”:“AQAB”,“kty”:“RSA”,“n”:一个VVX 7一个视频平台,一个视频平台,一个视频平台,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,一个视频,U x BniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw“}
The octets of the UTF-8 representation of this JSON object are:
此JSON对象的UTF-8表示形式的八位字节为:
[123, 34, 101, 34, 58, 34, 65, 81, 65, 66, 34, 44, 34, 107, 116, 121, 34, 58, 34, 82, 83, 65, 34, 44, 34, 110, 34, 58, 34, 48, 118, 120, 55, 97, 103, 111, 101, 98, 71, 99, 81, 83, 117, 117, 80, 105, 76, 74, 88, 90, 112, 116, 78, 57, 110, 110, 100, 114, 81, 109, 98, 88, 69, 112, 115, 50, 97, 105, 65, 70, 98, 87, 104, 77, 55, 56, 76, 104, 87, 120, 52, 99, 98, 98, 102, 65, 65, 116, 86, 84, 56, 54, 122, 119, 117, 49, 82, 75, 55, 97, 80, 70, 70, 120, 117, 104, 68, 82, 49, 76, 54, 116, 83, 111, 99, 95, 66, 74, 69, 67, 80, 101, 98, 87, 75, 82, 88, 106, 66, 90, 67, 105, 70, 86, 52, 110, 51, 111, 107, 110, 106, 104, 77, 115, 116, 110, 54, 52, 116, 90, 95, 50, 87, 45, 53, 74, 115, 71, 89, 52, 72, 99, 53, 110, 57, 121, 66, 88, 65, 114, 119, 108, 57, 51, 108, 113, 116, 55, 95, 82, 78, 53, 119, 54, 67, 102, 48, 104, 52, 81, 121, 81, 53, 118, 45, 54, 53, 89, 71, 106, 81, 82, 48, 95, 70, 68, 87, 50, 81, 118, 122, 113, 89, 51, 54, 56, 81, 81, 77, 105, 99, 65, 116, 97, 83, 113, 122, 115, 56, 75, 74, 90, 103, 110, 89, 98, 57, 99, 55, 100, 48, 122, 103, 100, 65, 90, 72, 122, 117, 54, 113, 77, 81, 118, 82, 76, 53, 104, 97, 106, 114, 110, 49, 110, 57, 49, 67, 98, 79, 112, 98, 73, 83, 68, 48, 56, 113, 78, 76, 121, 114, 100, 107, 116, 45, 98, 70, 84, 87, 104, 65, 73, 52, 118, 77, 81, 70, 104, 54, 87, 101, 90, 117, 48, 102, 77, 52, 108, 70, 100, 50, 78, 99, 82, 119, 114, 51, 88, 80, 107, 115, 73, 78, 72, 97, 81, 45, 71, 95, 120, 66, 110, 105, 73, 113, 98, 119, 48, 76, 115, 49, 106, 70, 52, 52, 45, 99, 115, 70, 67, 117, 114, 45, 107, 69, 103, 85, 56, 97, 119, 97, 112, 74, 122, 75, 110, 113, 68, 75, 103, 119, 34, 125]
[123, 34, 101, 34, 58, 34, 65, 81, 65, 66, 34, 44, 34, 107, 116, 121, 34, 58, 34, 82, 83, 65, 34, 44, 34, 110, 34, 58, 34, 48, 118, 120, 55, 97, 103, 111, 101, 98, 71, 99, 81, 83, 117, 117, 80, 105, 76, 74, 88, 90, 112, 116, 78, 57, 110, 110, 100, 114, 81, 109, 98, 88, 69, 112, 115, 50, 97, 105, 65, 70, 98, 87, 104, 77, 55, 56, 76, 104, 87, 120, 52, 99, 98, 98, 102, 65, 65, 116, 86, 84, 56, 54, 122, 119, 117, 49, 82, 75, 55, 97, 80, 70, 70, 120, 117, 104, 68, 82, 49, 76, 54, 116, 83, 111, 99, 95, 66, 74, 69, 67, 80, 101, 98, 87, 75, 82, 88, 106, 66, 90, 67, 105, 70, 86, 52, 110, 51, 111, 107, 110, 106, 104, 77, 115, 116, 110, 54, 52, 116, 90, 95, 50, 87, 45, 53, 74, 115, 71, 89, 52, 72, 99, 53, 110, 57, 121, 66, 88, 65, 114, 119, 108, 57, 51, 108, 113, 116, 55, 95, 82, 78, 53, 119, 54, 67, 102, 48, 104, 52, 81, 121, 81, 53, 118, 45, 54, 53, 89, 71, 106, 81, 82, 48, 95, 70, 68, 87, 50, 81, 118, 122, 113, 89, 51, 54, 56, 81, 81, 77, 105, 99, 65, 116, 97, 83, 113, 122, 115, 56, 75, 74, 90, 103, 110, 89, 98, 57, 99, 55, 100, 48, 122, 103, 100, 65, 90, 72, 122, 117, 54, 113, 77, 81, 118, 82, 76, 53, 104, 97, 106, 114, 110, 49, 110, 57, 49, 67, 98, 79, 112, 98, 73, 83, 68, 48, 56, 113, 78, 76, 121, 114, 100, 107, 116, 45, 98, 70, 84, 87, 104, 65, 73, 52, 118, 77, 81, 70, 104, 54, 87, 101, 90, 117, 48, 102, 77, 52, 108, 70, 100, 50, 78, 99, 82, 119, 114, 51, 88, 80, 107, 115, 73, 78, 72, 97, 81, 45, 71, 95, 120, 66, 110, 105, 73, 113, 98, 119, 48, 76, 115, 49, 106, 70, 52, 52, 45, 99, 115, 70, 67, 117, 114, 45, 107, 69, 103, 85, 56, 97, 119, 97, 112, 74, 122, 75, 110, 113, 68, 75, 103, 119, 34, 125]
Using SHA-256 [SHS] as the hash function H, the JWK SHA-256 Thumbprint value is the SHA-256 hash of these octets, specifically:
使用SHA-256[SHS]作为散列函数H,JWK SHA-256指纹值是这些八位字节的SHA-256散列,具体来说:
[55, 54, 203, 177, 120, 124, 184, 48, 156, 119, 238, 140, 55, 5, 197, 225, 111, 251, 158, 133, 151, 21, 144, 31, 30, 76, 89, 177, 17, 130, 245, 123]
[55, 54, 203, 177, 120, 124, 184, 48, 156, 119, 238, 140, 55, 5, 197, 225, 111, 251, 158, 133, 151, 21, 144, 31, 30, 76, 89, 177, 17, 130, 245, 123]
The base64url encoding [JWS] of this JWK SHA-256 Thumbprint value (which might, for instance, be used as a "kid" (key ID) value) is:
此JWK SHA-256指纹值(例如,可能用作“kid”(密钥ID)值)的base64url编码[JWS]为:
NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs
NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs
Only the required members of a key's representation are used when computing its JWK Thumbprint value. As defined in "JSON Web Key (JWK)" [JWK] and "JSON Web Algorithms (JWA)" [JWA], the required members for an elliptic curve public key for the curves specified in Section 6.2.1.1 of RFC 7518 [JWA], in lexicographic order, are:
计算其JWK指纹值时,仅使用密钥表示形式的必需成员。根据“JSON Web密钥(JWK)”[JWK]和“JSON Web算法(JWA)”[JWA]中的定义,RFC 7518[JWA]第6.2.1.1节中规定的曲线椭圆曲线公钥所需的成员按字典顺序为:
o "crv" o "kty" o "x" o "y"
o "crv" o "kty" o "x" o "y"
The required members for an RSA public key, in lexicographic order, are:
RSA公钥所需的成员(按字典顺序)为:
o "e" o "kty" o "n"
o “e”o“kty”o“n”
The required members for a symmetric key, in lexicographic order, are:
对称密钥所需的成员(按字典顺序)为:
o "k" o "kty"
o “k”o“kty”
As other "kty" (key type) values are defined, the specifications defining them should be similarly consulted to determine which members, in addition to "kty", are required.
当定义了其他“kty”(键类型)值时,同样应参考定义它们的规范,以确定除了“kty”之外还需要哪些构件。
The JWK Thumbprint of a JWK representing a private key is computed as the JWK Thumbprint of a JWK representing the corresponding public key. This has the intentional benefit that the same JWK Thumbprint value can be computed both by parties using either the public or private key. The JWK Thumbprint can then be used to refer to both keys of the key pair. Application context can be used to determine if the public or private key is the one being referred to by the JWK Thumbprint.
表示私钥的JWK指纹计算为表示相应公钥的JWK指纹。这样做的目的是,双方可以使用公钥或私钥计算相同的JWK指纹值。然后可以使用JWK指纹引用密钥对的两个密钥。应用程序上下文可用于确定JWK指纹引用的是公钥还是私钥。
This specification defines the method of computing JWK Thumbprints of JWKs representing private keys for interoperability reasons -- so that different implementations computing JWK Thumbprints of private keys will produce the same result.
出于互操作性的原因,本规范定义了计算代表私钥的JWK指纹的方法,以便不同的实现计算私钥的JWK指纹将产生相同的结果。
Optional members of JWKs are intentionally not included in the JWK Thumbprint computation so that their absence or presence in the JWK does not alter the resulting value. The JWK Thumbprint value is a digest of the members required to represent the key as a JWK -- not of additional data that may also accompany the key.
JWK的可选成员故意不包括在JWK指纹计算中,以便JWK中没有或存在它们不会改变结果值。JWK指纹值是将密钥表示为JWK所需的成员的摘要,而不是密钥附带的其他数据的摘要。
Optional members are not included so that the JWK Thumbprint refers to a key -- not a key with an associated set of key attributes. Different application contexts might or might not include different subsets of optional attributes about the key in the JWK. If these were included in the calculation of the JWK thumbprint, the values would be different for those JWKs, even though the keys are the same. The benefit of including only the JWK required members is that the JWK Thumbprint of any JWK representing the key remains the same, regardless of any other attributes that are present.
不包括可选成员,因此JWK指纹引用的是一个键,而不是一个具有一组相关键属性的键。不同的应用程序上下文可能包括也可能不包括关于JWK中键的可选属性的不同子集。如果这些都包含在JWK指纹的计算中,那么这些JWK的值将不同,即使键是相同的。只包含JWK必需的成员的好处是,表示密钥的任何JWK的JWK指纹都保持不变,而不管存在任何其他属性。
Different kinds of thumbprints could be defined by other specifications that might include some or all additional JWK members, if use cases arise where such different kinds of thumbprints would be useful. See Section 9.1 of RFC 7517 [JWK] for notes on some ways to cryptographically bind attributes to a key.
不同种类的指纹可以由其他规范定义,这些规范可能包括一些或所有额外的JWK成员,如果出现这样不同种类的指纹有用的用例的话。请参阅RFC 7517[JWK]的第9.1节,了解有关以加密方式将属性绑定到密钥的一些方法的说明。
The required members in the input to the hash function are ordered lexicographically by the Unicode code points of the member names.
哈希函数输入中所需的成员按成员名称的Unicode代码点按字典顺序排列。
Characters in member names and member values MUST be represented without being escaped. This means that thumbprints of JWKs that require such characters are not defined by this specification. (This is not expected to limit the applicability of this specification, in practice, as the members of JWK representations are not expected to use any of these characters.) The characters specified as requiring escaping by Section 7 of [RFC7159] are quotation mark, reverse solidus (a.k.a. backslash), and the control characters U+0000 through U+001F.
必须在不转义的情况下表示成员名称和成员值中的字符。这意味着需要此类字符的JWKs指纹不在本规范中定义。(实际上,这并不限制本规范的适用性,因为JWK表示法的成员不应使用这些字符中的任何一个。)[RFC7159]第7节规定需要转义的字符为引号,反斜杠,以及控制字符U+0000到U+001F。
If the JWK key type uses members whose values are themselves JSON objects, then the members of those objects MUST likewise be lexicographically ordered. (As of the time of this writing, none are defined that do.)
如果JWK键类型使用的成员的值本身就是JSON对象,那么这些对象的成员也必须按字典顺序排列。(截至本文撰写之时,还没有定义有此功能的。)
If the JWK key type uses members whose values are JSON numbers, and if those numbers are integers, then they MUST be represented as a JSON number as defined in Section 6 of [RFC7159] without including a fraction part or exponent part. For instance, the value "1.024e3"
如果JWK键类型使用的成员的值是JSON数字,并且这些数字是整数,那么它们必须表示为[RFC7159]第6节中定义的JSON数字,而不包括分数部分或指数部分。例如,值“1.024e3”
MUST be represented as "1024". This means that thumbprints of JWKs using numbers that are not integers are not defined by this specification. Also, as noted in "The I-JSON Message Format" [RFC7493], implementations cannot expect an integer whose absolute value is greater than 9007199254740991 (i.e., that is outside the range [-(2**53)+1, (2**53)-1]) to be treated as an exact value. (As of the time of this writing, none are defined that use JSON numbers.)
必须表示为“1024”。这意味着本规范不定义使用非整数数字的JWK指纹。此外,如“I-JSON消息格式”[RFC7493]中所述,实现不能期望绝对值大于9007199254740991(即,超出范围[-(2**53)+1,(2**53)-1])的整数被视为精确值。(截至本文撰写之时,还未定义使用JSON编号的代码。)
See Section 4 for a discussion of further practical considerations pertaining to the representation of the hash input.
请参阅第4节,了解有关哈希输入表示的更多实际注意事项。
A specific hash function must be chosen by an application to compute the hash value of the hash input. For example, SHA-256 [SHS] might be used as the hash function by the application. While SHA-256 is a good default choice at the time of this writing, the hash function of choice can be expected to change over time as the cryptographic landscape evolves.
应用程序必须选择特定的哈希函数来计算哈希输入的哈希值。例如,应用程序可以使用SHA-256[SHS]作为哈希函数。虽然在撰写本文时,SHA-256是一个很好的默认选择,但随着加密环境的发展,所选择的哈希函数可能会随着时间的推移而变化。
Note that in many cases, only the party that creates a key will need to know the hash function used. A typical usage is for the producer of the key to use the base64url-encoded JWK Thumbprint value as a "kid" (key ID) value. In this case, the consumer of the "kid" treats it as an opaque value that it uses to select the key.
注意,在许多情况下,只有创建密钥的一方需要知道所使用的哈希函数。一个典型的用法是密钥生产者将base64url编码的JWK指纹值用作“kid”(密钥ID)值。在这种情况下,“kid”的使用者将其视为用于选择键的不透明值。
However, in some cases, multiple parties will be reproducing the JWK Thumbprint calculation and comparing the results. In these cases, the parties will need to know which hash function was used and use the same one.
但是,在某些情况下,多方将复制JWK指纹计算并比较结果。在这些情况下,双方需要知道使用了哪个散列函数,并使用相同的散列函数。
Note that a key need not be in JWK format to create a JWK Thumbprint of it. The only prerequisites are that the JWK representation of the key be defined and the party creating the JWK Thumbprint be in possession of the necessary key material. These are sufficient to create the hash input from the JWK representation of the key, as described in Section 3.3.
请注意,密钥不必使用JWK格式来创建其JWK指纹。唯一的先决条件是必须定义密钥的JWK表示,并且创建JWK指纹的一方必须拥有必要的密钥材料。如第3.3节所述,这些信息足以从密钥的JWK表示创建哈希输入。
Implementations will almost certainly use functionality provided by the platform's JSON support when parsing the JWK and emitting the JSON object used as the hash input. As a practical consideration, future JWK member names and values should be avoided for which different platforms or libraries might emit different representations. As of the time of this writing, all defined JWK
在解析JWK并发出用作哈希输入的JSON对象时,实现几乎肯定会使用平台JSON支持提供的功能。作为实际考虑,应该避免将来的JWK成员名称和值,因为不同的平台或库可能会发出不同的表示。截至本文撰写之时,所有定义的JWK
member names and values use only printable ASCII characters, which should not exhibit this problem. Note however, that JSON.stringify() cannot be counted on to lexicographically sort the members of JSON objects, so while it could be used to emit some kinds of member values, different code is likely to be needed to perform the sorting.
成员名称和值仅使用可打印的ASCII字符,不应出现此问题。但是请注意,JSON.stringify()不能用于按字典顺序对JSON对象的成员进行排序,因此虽然可以使用它来发出某些类型的成员值,但可能需要不同的代码来执行排序。
In particular, while the operation of lexicographically ordering member names by their Unicode code points is well defined, different platform sort functions may produce different results for non-ASCII characters, in ways that may not be obvious to developers. If writers of future specifications defining new JWK key type values choose to restrict themselves to printable ASCII member names and values (which are for machine and not human consumption anyway), some future interoperability problems might be avoided.
特别是,虽然按照Unicode代码点对成员名称进行字典排序的操作已经得到了很好的定义,但不同的平台排序函数可能会对非ASCII字符产生不同的结果,这对开发人员来说可能并不明显。如果定义新JWK键类型值的未来规范的编写者选择将自己限制为可打印的ASCII成员名称和值(无论如何,这些名称和值是用于机器而非人类使用的),那么将来可能会避免一些互操作性问题。
However, if new JWK members are defined that use non-ASCII member names or values, their definitions should specify the exact Unicode code point sequences used to represent them. This is particularly important in cases in which Unicode normalization could result in the transformation of one set of code points into another under any circumstances.
但是,如果定义的新JWK成员使用非ASCII成员名称或值,则它们的定义应指定用于表示它们的确切Unicode代码点序列。在Unicode规范化可能导致在任何情况下将一组代码点转换为另一组代码点的情况下,这一点尤其重要。
Use of escaped characters in JWKs for which JWK Thumbprints will be computed should be avoided. Use of escaped characters in the hash input JWKs derived from these original JWKs is prohibited.
应避免在计算JWK指纹的JWK中使用转义字符。禁止在从这些原始JWK派生的哈希输入JWK中使用转义字符。
There is a natural representation to use for numeric values that are integers. However, this specification does not attempt to define a standard representation for numbers that are not integers or that contain an exponent component. This is not expected to be a problem in practice, as the required members of JWK representations are expected to use only numbers that are integers.
对于整数数值,有一种自然的表示法。但是,本规范不试图为非整数或包含指数分量的数字定义标准表示法。这在实践中不会成为问题,因为JWK表示的必需成员只使用整数。
Use of number representations containing fraction or exponent parts in JWKs for which JWK Thumbprints will be computed should be avoided.
应避免在计算JWK指纹的JWK中使用包含分数或指数部分的数字表示。
All of these practical considerations are really an instance of Jon Postel's principle: "Be liberal in what you accept, and conservative in what you send."
所有这些实际考虑都是乔恩·波斯特尔原则的一个实例:“接受的东西要自由,发送的东西要保守。”
JWK Thumbprint values are computed on the JWK members required to represent a key, rather than all members of a JWK that the key is represented in. Thus, they are more analogous to applications that use digests of X.509 Subject Public Key Info (SPKI) values, which are defined in Section 4.1.2.7 of [RFC5280], than to applications that use digests of complete certificate values, as the "x5t" (X.509
JWK指纹值是在表示密钥所需的JWK成员上计算的,而不是在表示密钥的JWK的所有成员上计算的。因此,它们更类似于使用[RFC5280]第4.1.2.7节中定义的X.509使用者公钥信息(SPKI)值摘要的应用程序,而不是使用完整证书值摘要的应用程序,如“x5t”(X.509)
certificate SHA-1 thumbprint) [JWS] value defined for X.509 certificate objects does. While logically equivalent to a digest of the SPKI representation of the key, a JWK Thumbprint is computed over a JSON representation of that key, rather than over an ASN.1 representation of it.
为X.509证书对象定义的证书SHA-1指纹[JWS]值无效。虽然在逻辑上相当于密钥的SPKI表示的摘要,但JWK指纹是根据该密钥的JSON表示而不是ASN.1表示来计算的。
This specification adds to the instructions for the Designated Experts of the following IANA registries, all of which are in the "JSON Object Signing and Encryption (JOSE)" registry [IANA.JOSE]:
本规范为以下IANA注册中心的指定专家添加了说明,所有注册中心均位于“JSON对象签名和加密(JOSE)”注册中心[IANA.JOSE]:
o JSON Web Key Types o JSON Web Key Elliptic Curve o JSON Web Key Parameters
o JSON Web密钥类型o JSON Web密钥椭圆曲线o JSON Web密钥参数
IANA has added a link to this specification in the Reference sections of these registries.
IANA在这些注册中心的参考章节中添加了到本规范的链接。
For these registries, because of the practical JSON and Unicode considerations described in Section 4, the Designated Experts must either:
对于这些注册中心,由于第4节中描述的实用JSON和Unicode考虑因素,指定专家必须:
(a) require that JWK member names and values being registered use only printable ASCII characters excluding double quote ('"') and backslash ('\') (the Unicode characters with code points U+0021, U+0023 through U+005B, and U+005D through U+007E), or
(a) 要求注册的JWK成员名称和值仅使用可打印的ASCII字符,不包括双引号(“”)和反斜杠(“\”)(代码点为U+0021、U+0023到U+005B、U+005D到U+007E的Unicode字符),或
(b) if new JWK members or values are defined that use other code points, require that their definitions specify the exact Unicode code point sequences used to represent them. Furthermore, proposed registrations that use Unicode code points that can only be represented in JSON strings as escaped characters must not be accepted.
(b) 如果定义了使用其他代码点的新JWK成员或值,则要求它们的定义指定用于表示它们的确切Unicode代码点序列。此外,不得接受使用Unicode代码点(只能在JSON字符串中表示为转义字符)的拟议注册。
The JSON Security Considerations and Unicode Comparison Security Considerations described in Sections 10.12 and 10.13 of "JSON Web Signature (JWS)" [JWS] also apply to this specification.
“JSON Web签名(JWS)”[JWS]第10.12节和第10.13节中描述的JSON安全注意事项和Unicode比较安全注意事项也适用于本规范。
Also, as described in Section 4, some implementations may produce incorrect results if esoteric or escaped characters are used in the member names. The security implications of this appear to be limited for JWK Thumbprints of public keys, because while it may result in implementations failing to identify the intended key, it should not leak information. The information in a public key is already public in nature, by definition.
此外,如第4节所述,如果在成员名称中使用深奥或转义字符,某些实现可能会产生不正确的结果。这对公钥的JWK指纹的安全性影响似乎是有限的,因为它可能导致实现无法识别预期的密钥,但不应泄漏信息。根据定义,公钥中的信息本质上已经是公开的。
A hash of a symmetric key has the potential to leak information about the key value. Thus, the JWK Thumbprint of a symmetric key should typically be concealed from parties not in possession of the symmetric key, unless in the application context, the cryptographic hash used, such as SHA-256, is known to provide sufficient protection against disclosure of the key value.
对称密钥的散列有可能泄漏有关密钥值的信息。因此,对称密钥的JWK指纹通常应该对不拥有对称密钥的各方隐藏,除非在应用上下文中,已知所使用的加密散列(例如SHA-256)能够提供足够的保护以防止密钥值的泄露。
A JWK Thumbprint will only uniquely identify a particular key if a single unambiguous JWK representation for that key is defined and used when computing the JWK Thumbprint. (Such representations are defined for all the key types defined in "JSON Web Algorithms (JWA)" [JWA].) For example, if an RSA key were to use "e":"AAEAAQ" (representing [0, 1, 0, 1]) rather than the specified correct representation of "e":"AQAB" (representing [1, 0, 1]), then a different thumbprint value would be produced for what could be effectively the same key, at least for implementations that are lax in validating the JWK values that they accept. Thus, JWK Thumbprint values can only be relied upon to be unique for a given key if the implementation also validates that the correct representation of the key is used.
如果在计算JWK指纹时定义并使用了特定密钥的单个明确JWK表示,则JWK指纹将唯一标识该密钥。(此类表示为“JSON Web Algorithms(JWA)”[JWA]中定义的所有密钥类型定义)。例如,如果RSA密钥使用“e”:“AAEAAQ”(表示[0,1,0,1]),而不是指定的正确表示“e”:“AQAB”(表示[1,0,1]),然后,将为有效的同一密钥生成不同的指纹值,至少对于在验证它们接受的JWK值方面不严格的实现是这样。因此,如果实现还验证使用了密钥的正确表示形式,那么JWK指纹值只能被认为是给定密钥的唯一值。
Even more insidious is that an attacker may supply a key that is a transformation of a legal key in order to have it appear to be a different key. For instance, if a legitimate RSA key uses a modulus value N and an attacker supplies a key with modulus 3*N, the modified key would still work about 1/3 of the time, but would appear to be a different key. Thus, while thumbprint values are valuable for identifying legitimate keys, comparing thumbprint values is not a reliable means of excluding (blacklisting) the use of particular keys (or transformations thereof).
更阴险的是,攻击者可能会提供一个合法密钥的转换密钥,以使其看起来是另一个密钥。例如,如果一个合法的RSA密钥使用模值N,而攻击者提供了一个模值为3*N的密钥,那么修改后的密钥仍将工作大约1/3的时间,但看起来是另一个密钥。因此,虽然指纹值对于识别合法密钥很有价值,但比较指纹值并不是排除(黑名单)使用特定密钥(或其转换)的可靠方法。
[IANA.JOSE] IANA, "JSON Object Signing and Encryption (JOSE)", <http://www.iana.org/assignments/jose>.
[IANA.JOSE]IANA,“JSON对象签名和加密(JOSE)”<http://www.iana.org/assignments/jose>.
[JWA] Jones, M., "JSON Web Algorithms (JWA)", RFC 7518, DOI 10.17487/RFC7518, May 2015, <http://www.rfc-editor.org/info/rfc7518>.
[JWA]Jones,M.,“JSON网络算法(JWA)”,RFC 7518,DOI 10.17487/RFC7518,2015年5月<http://www.rfc-editor.org/info/rfc7518>.
[JWK] Jones, M., "JSON Web Key (JWK)", RFC 7517, DOI 10.17487/RFC7517, May 2015, <http://www.rfc-editor.org/info/rfc7517>.
[JWK]Jones,M.,“JSON Web密钥(JWK)”,RFC 7517,DOI 10.17487/RFC75172015年5月<http://www.rfc-editor.org/info/rfc7517>.
[JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Signature (JWS)", RFC 7515, DOI 10.17487/RFC7515, May 2015, <http://www.rfc-editor.org/info/rfc7515>.
[JWS]Jones,M.,Bradley,J.,和N.Sakimura,“JSON网络签名(JWS)”,RFC 7515,DOI 10.17487/RFC7515,2015年5月<http://www.rfc-editor.org/info/rfc7515>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,DOI 10.17487/RFC2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC7159] Bray, T., Ed., "The JavaScript Object Notation (JSON) Data Interchange Format", RFC 7159, DOI 10.17487/RFC7159, March 2014, <http://www.rfc-editor.org/info/rfc7159>.
[RFC7159]Bray,T.,Ed.“JavaScript对象表示法(JSON)数据交换格式”,RFC 7159,DOI 10.17487/RFC7159,2014年3月<http://www.rfc-editor.org/info/rfc7159>.
[SHS] National Institute of Standards and Technology, "Secure Hash Standard (SHS)", FIPS PUB 180-4, March 2012, <http://csrc.nist.gov/publications/fips/fips180-4/ fips-180-4.pdf>.
[SHS]国家标准与技术研究所,“安全哈希标准(SHS)”,FIPS PUB 180-42012年3月<http://csrc.nist.gov/publications/fips/fips180-4/ fips-180-4.pdf>。
[UNICODE] The Unicode Consortium, "The Unicode Standard", <http://www.unicode.org/versions/latest/>.
[UNICODE]UNICODE联盟,“UNICODE标准”<http://www.unicode.org/versions/latest/>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, <http://www.rfc-editor.org/info/rfc5280>.
[RFC5280]Cooper,D.,Santesson,S.,Farrell,S.,Boeyen,S.,Housley,R.,和W.Polk,“Internet X.509公钥基础设施证书和证书撤销列表(CRL)配置文件”,RFC 5280,DOI 10.17487/RFC5280,2008年5月<http://www.rfc-editor.org/info/rfc5280>.
[RFC7493] Bray, T., Ed., "The I-JSON Message Format", RFC 7493, DOI 10.17487/RFC7493, March 2015, <http://www.rfc-editor.org/info/rfc7493>.
[RFC7493]Bray,T.,Ed.,“I-JSON消息格式”,RFC 7493,DOI 10.17487/RFC7493,2015年3月<http://www.rfc-editor.org/info/rfc7493>.
Acknowledgements
致谢
James Manger and John Bradley participated in discussions that led to the creation of this specification. Thanks also to Joel Halpern, Barry Leiba, Adam Montville, Kathleen Moriarty, and Jim Schaad for their reviews of this specification.
James Manger和John Bradley参与了导致创建本规范的讨论。还要感谢Joel Halpern、Barry Leiba、Adam Montville、Kathleen Moriarty和Jim Schaad对本规范的评审。
Authors' Addresses
作者地址
Michael B. Jones Microsoft
迈克尔·琼斯微软公司
Email: mbj@microsoft.com URI: http://self-issued.info/
Email: mbj@microsoft.com URI: http://self-issued.info/
Nat Sakimura Nomura Research Institute
野村新樱研究所
Email: n-sakimura@nri.co.jp URI: http://nat.sakimura.org/
Email: n-sakimura@nri.co.jp URI: http://nat.sakimura.org/