Skip to content

WebOfTrustInfo/ld-signatures-java

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

77 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Originally built during Rebooting Web-of-Trust in Paris on April 21st 2017.

RWoT Logo

Information

This is a work-in-progress implementation of the 2018 RSA Signature Suite for the Linked Data Signatures specification.

Highly experimental, incomplete, and not ready for production use! Use at your own risk! Pull requests welcome.

Maven

Build:

mvn clean install

Dependency:

<dependency>
	<groupId>info.weboftrust</groupId>
	<artifactId>ld-signatures-java</artifactId>
	<version>0.2-SNAPSHOT</version>
	<scope>compile</scope>
</dependency>

Example

Example JSON-LD document:

{
	"@context": {
		"schema": "http://schema.org/",
		"name": "schema:name",
		"homepage": "schema:url",
		"image": "schema:image"
	},
	"name": "Manu Sporny",
	"homepage": "https://manu.sporny.org/",
	"image": "https://manu.sporny.org/images/manu.png"
}

Example code:

	LinkedHashMap<String, Object> jsonLdObject = (LinkedHashMap<String, Object>) JsonUtils.fromString(TestUtil.read(JsonLdSignTest.class.getResourceAsStream("sign.test.jsonld")));
	URI creator = URI.create("https://example.com/jdoe/keys/1");
	String created = "2017-10-24T05:33:31Z";
	String domain = "example.com";
	String nonce = null;
	
	RsaSignature2018LdSigner signer = new RsaSignature2018LdSigner(creator, created, domain, nonce, TestUtil.testRSAPrivateKey);
	LdSignature ldSignature = signer.sign(jsonLdObject);
	LinkedHashMap<String, Object> jsonLdSignatureObject = ldSignature.getJsonLdSignatureObject();

Example Linked Data Signature:

  "signature" : {
    "type" : "https://w3id.org/security#RsaSignature2018",
    "creator" : "https://example.com/jdoe/keys/1",
    "created" : "2017-10-24T05:33:31Z",
    "domain" : "example.com",
    "signatureValue" : "eyJhbGciOiJSUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..d8wWxUJTpxAbYHLgFfaYYJJHdWido6wDMBeUhPL7e0m4vuj7xUePbnorf-YqlGZwaGI0zVI_-qJmGbqSB0bm8x20Z9nvawZS8lTk_4uLIPwSPeH8Cyu5bdUP1OIImBhm0gpUmAZfnDVhCgC81lJOaa4tqCjSr940cRUQ9agYjcOyhUBdBOwQgjd8jgkI7vmXqs2m7TmOVY7aAr-6X3AhJqX_a-iD5sdBsoTNulfTyPjEZcFXMvs6gx2078ftwYiUNQzV4qKwkhmUSAINWomKe_fUh4BpdPbsZax7iKYG1hSWRkmrd9R8FllotKQ_nMWZv0urn02F83US62F6ORRT0w"
  }

Example Usage of PrivateKeySignerFactory:

  // keytype must be one of the following
  String keyType = "RSA";
  String keyType = "P-256K";
  String keyType = "Ed25519";
  
  // algorithm must be one of the following
  String algorithm = "RS256";
  String algorithm = "ES256K";
  String algorithm = "EdDSA";
  
  // privateKey must be one of the following
  Object privateKey = rsaPrivateKey; // implementation of java.security.interfaces.RSAPrivateKey
  Object privateKey = ecPrivateKey; // implementation of org.bitcoinj.core.ECKey
  Object privateKey = privateKeyAsByteArray; // an Ed25519 key as a byte[]
  
  PrivateKeySigner<?> privateKeySigner = PrivateKeySignerFactory.privateKeySignerForKey(keyType, algorithm, privateKey);
  signature = privateKeySigner.sign(body, algorithm);

About

Rebooting Web-of-Trust - http://www.weboftrust.info/

Markus Sabadello, Danube Tech - https://danubetech.com/