I had all the java crypto routines (using Bouncycastle and lightcrypto libraries) in the xmldap library already and only needed to re-package. The jwt signature stuff is super simple.
Although I use ASN.1 in the xmldap library too (to extract icons from X509 certificates) I think that ASN.1 is unneeded to sign some bytes. In that regard CMS is simply too complicated. Probably it can do much more than jwt... In their latest version Bouncycastle just fixed the ASN.1 routines ... When you look at the xmldap WebTokenTest JUNIT test cases https://code.google.com/p/openinfocard/source/browse/trunk/testsrc/org/x mldap/json/WebTokenTest.java You'll see that generating and validating jwt signatures is very easy. And the implementation for all three specified algorithms in all specified keysizes and additionally RSAOAEP+AESCBC encryption is done in 455 lines. Even less when I would clean that up. https://code.google.com/p/openinfocard/source/browse/trunk/src/org/xmlda p/json/WebToken.java Although I am sure there is room for improvement in this implementation. -Axel CMS http://tools.ietf.org/html/rfc5652 > -----Original Message----- > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] > On Behalf Of Hannes Tschofenig > Sent: Thursday, February 24, 2011 2:17 PM > To: Nennker, Axel; progr...@twilio.com > Cc: OAuth WG > Subject: [OAUTH-WG] JWT Implementation Question > > Hey Axel, Hi Jeff, > > looking at your post regarding the JWT implementation I was > wondering about one aspect: You are providing an > implementation in Java, Python, PHP, and Ruby. > > Why didn't you implement a sub-set of the CMS implementation > for signing instead? Maybe you could have used existing > libraries already. > > Ciao > Hannes > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
