Originally built during Rebooting Web-of-Trust in Paris on April 21st 2017.
This is a work-in-progress implementation of the 2018 RSA Signature Suite for the Linked Data Signatures specification.
Highly experimental, incomplete, and not ready for production use! Use at your own risk! Pull requests welcome.
Build:
mvn clean install
Dependency:
<dependency>
<groupId>info.weboftrust</groupId>
<artifactId>ld-signatures-java</artifactId>
<version>0.2-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
Example JSON-LD document:
{
"@context": {
"schema": "http://schema.org/",
"name": "schema:name",
"homepage": "schema:url",
"image": "schema:image"
},
"name": "Manu Sporny",
"homepage": "https://manu.sporny.org/",
"image": "https://manu.sporny.org/images/manu.png"
}
Example code:
LinkedHashMap<String, Object> jsonLdObject = (LinkedHashMap<String, Object>) JsonUtils.fromString(TestUtil.read(JsonLdSignTest.class.getResourceAsStream("sign.test.jsonld")));
URI creator = URI.create("https://example.com/jdoe/keys/1");
String created = "2017-10-24T05:33:31Z";
String domain = "example.com";
String nonce = null;
RsaSignature2018LdSigner signer = new RsaSignature2018LdSigner(creator, created, domain, nonce, TestUtil.testRSAPrivateKey);
LdSignature ldSignature = signer.sign(jsonLdObject);
LinkedHashMap<String, Object> jsonLdSignatureObject = ldSignature.getJsonLdSignatureObject();
Example Linked Data Signature:
"signature" : {
"type" : "https://w3id.org/security#RsaSignature2018",
"creator" : "https://example.com/jdoe/keys/1",
"created" : "2017-10-24T05:33:31Z",
"domain" : "example.com",
"signatureValue" : "eyJhbGciOiJSUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..d8wWxUJTpxAbYHLgFfaYYJJHdWido6wDMBeUhPL7e0m4vuj7xUePbnorf-YqlGZwaGI0zVI_-qJmGbqSB0bm8x20Z9nvawZS8lTk_4uLIPwSPeH8Cyu5bdUP1OIImBhm0gpUmAZfnDVhCgC81lJOaa4tqCjSr940cRUQ9agYjcOyhUBdBOwQgjd8jgkI7vmXqs2m7TmOVY7aAr-6X3AhJqX_a-iD5sdBsoTNulfTyPjEZcFXMvs6gx2078ftwYiUNQzV4qKwkhmUSAINWomKe_fUh4BpdPbsZax7iKYG1hSWRkmrd9R8FllotKQ_nMWZv0urn02F83US62F6ORRT0w"
}
Example Usage of PrivateKeySignerFactory
:
// keytype must be one of the following
String keyType = "RSA";
String keyType = "P-256K";
String keyType = "Ed25519";
// algorithm must be one of the following
String algorithm = "RS256";
String algorithm = "ES256K";
String algorithm = "EdDSA";
// privateKey must be one of the following
Object privateKey = rsaPrivateKey; // implementation of java.security.interfaces.RSAPrivateKey
Object privateKey = ecPrivateKey; // implementation of org.bitcoinj.core.ECKey
Object privateKey = privateKeyAsByteArray; // an Ed25519 key as a byte[]
PrivateKeySigner<?> privateKeySigner = PrivateKeySignerFactory.privateKeySignerForKey(keyType, algorithm, privateKey);
signature = privateKeySigner.sign(body, algorithm);
Rebooting Web-of-Trust - http://www.weboftrust.info/
Markus Sabadello, Danube Tech - https://danubetech.com/