Closed warner closed 4 months ago
@warner @benadida this also differs from the native implementation, which uses the "-_" alphabet:
http://hg.mozilla.org/projects/pine/file/c84885ff69b1/toolkit/identity/IdentityCryptoService.cpp#l50
@jedp I think we're just talking about the format for JWK single values, which right now is just decimal in the native implementation.
That said, @warner is right: JWK specifies base64url encoding here http://tools.ietf.org/html/draft-ietf-jose-json-web-key-05 time to fix this! @warner if you have time, I would welcome a jwcrypto PR.
@benadida quite right - sorry about the confusion. My eyes were simply dazzled by dashes and underscores :)
Most of browserid uses "base64url" encoding, the Base64 encoding that uses "_" and "-" instead of "+" and "/". As an experiment, I ran jwcrypto's
bin/generate-keypair
withlib/version.js
modified to useDEFAULT_DATA_FORMAT_VERSION = '2012.08.15'
, and the key it generated is using the "+/" alphabet instead of "-_":Is this intentional? Do you want to change this to use the "-" alphabet before switching to the new format? (if so, you should probably do it soon, since 0.4.0 won't actually be able to accept version=2012.08.15 keys if the spec is changed to make those keys use the "-" alphabet)