Currently the rfc7638.thumbprint function always uses sha256 as the digest method. However, that is limiting the interoperability with other systems like Auth.js, which selects the digest algorithm depending on the key length.
Below are links to the relevant code in Auth.js and jose
This is important, as the spec mentions in the section Selection of Hash Function that
However, in some cases, multiple parties will be reproducing the JWK
Thumbprint calculation and comparing the results. In these cases,
the parties will need to know which hash function was used and use
the same one.
Currently the rfc7638.thumbprint function always uses
sha256as the digest method. However, that is limiting the interoperability with other systems like Auth.js, which selects the digest algorithm depending on the key length.Below are links to the relevant code in Auth.js and jose
This is important, as the spec mentions in the section Selection of Hash Function that