qi
Registry Context
The RSA private-key JWK member for the first CRT coefficient.
Technical Summary
The "qi" parameter contains the CRT coefficient of the second factor and is represented as a Base64urlUInt-encoded value.
When Used
As an optimization parameter when representing RSA private keys as JWKs.
Normative Requirements
Encoders of Base64urlUInt values
RFC 7518 - Section 2
use the minimum number of octets needed to represent the integer value..
Condition: When encoding "qi" as a Base64urlUInt value.
The octet sequence MUST utilize the minimum number of octets needed to represent the value.
Producers of JWKs representing RSA private keys
RFC 7518 - Section 6.3.2
include "qi" together with all other RSA private-key parameters other than "d", subject to the exception governing "oth"..
Condition: When including any RSA private-key parameter other than "d".
If the producer includes any of the other private key parameters, then all of the others MUST be present, with the exception of "oth".
RFC 7518 - Section 6.3.2
include the "qi" parameter..
The others enable optimizations and SHOULD be included by producers of JWKs representing RSA private keys.
Validation Guidance
If any RSA private-key parameter other than "d" is present, verify that "qi" is also present.
Verify that "qi" is a Base64urlUInt encoding of an unsigned big-endian integer using the minimum number of octets.
When producing an RSA private-key JWK, include "qi" as an optimization parameter.
Reference
Details
- Entry Id
qi- Parameter Name
qi- Parameter Description
First CRT Coefficient- Used With Kty Value
RSA- Parameter Information Class
Private- Change Controller
IESG- Reference
RFC7518 - Section 6.3.2.6