• Stars
    star
    132
  • Rank 274,205 (Top 6 %)
  • Language
    JavaScript
  • License
    BSD 3-Clause "New...
  • Created almost 10 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An implementation of the Linked Data Signatures specification for JSON-LD. Works in the browser and Node.js.

JSON-LD Signatures (jsonld-signatures)

Build status Coverage status Dependency Status NPM Version

An implementation of the Linked Data Signatures specification for JSON-LD, for Node.js and browsers.

Table of Contents

Version Compatibility

jsonld-signatures v9.0 is compatible with the following signature suites:

and the following related libraries:

Background

A Linked Data Signature proof is created (or verified) by specifying a signature suite and a proof purpose.

The signature suite performs the cryptographic operation required to sign (or verify) a digital signature and includes information in a proof such as the verificationMethod identifier, the proof's controller, and the date the proof was created.

The proof purpose indicates why the proof was created and what its intended use is. This information can also be used to make sure that the verificationMethod was authorized for the stated purpose in the proof. Using a proof purpose helps to encourage people to authorize certain cryptographic keys (verification methods) for explicit purposes rather than granting them ambient authority. This approach can help prevent people from accidentally signing documents for reasons they did not intend.

This library provides base classes for signature suites and proof purposes so that custom extensions can be written. It also provides some commonly used proof purposes.

Relationship to Verifiable Credentials

jsonld-signatures is a low-level library that is meant to sign any JSON-LD document.

One common use case for creating these signatures is for use with Verifiable Credentials (VCs). If you're working with those, you should use a higher-level library that's specifically made for that purpose, such as vc-js. (Incidentally, vc-js uses this library, jsonld-signatures, under the hood.)

Security

As with most security- and cryptography-related tools, the overall security of your system will largely depend on your design decisions (which key types you will use, where you'll store the private keys, what you put into your credentials, and so on).

Document Loader

During verification, the key and key controller information must be discovered. This library allows for the key and key controller information to be looked up via a documentLoader or it can be provided directly to the API via the signature suite or proof purpose, respectively.

This library's default documentLoader is very strict for security and content integrity purposes. It will only load locally available copies of the context documents that define the terms it uses internally. Any attempt to load any other documents (including other contexts) will throw an error. If other documents such as verification methods (e.g., public key documents), cannot be provided directly to the API and thus need to be loaded, a custom document loader must be passed. For the sake of clarity, the default document loader will only load locally available copies of the following documents:

If you require other documents to be loaded then you will need to provide a documentLoader that can provide them. jsonld.js provides both a node and browser documentLoader you can use, however, depending on your use case, you may increase security by using a custom documentLoader that is similarly strict and will only load a subset of documents that is constrained by some technical, security, or business rules.

Install

  • Browsers and Node.js 14+ are supported.

To install from NPM:

npm install jsonld-signatures

To install locally (for development):

git clone https://github.com/digitalbazaar/jsonld-signatures.git
cd jsonld-signatures
npm install

Usage

jsonld-signatures (version 8.x and above) is not meant for standalone use. Instead, it's generally used through an individual crypto suite. For detailed usage instructions, see the READMEs of the supported suites:

Most of the usages with individual suites and key types will have elements in common. You'll need to:

  • Generate or import cryptographic keys to sign with (see the @digitalbazaar/crypto-ld >=v5.0) library), or use a secure signer() function provided by your secure cryptographic module.
  • Authorize those keys for the specific purpose you're using them for (see section on Proof Purpose below), using a Controller Document (such as a DID Document or similar).
  • Pair those keys with a corresponding cryptographic Signature Suite. For greenfield development, we recommend the Ed25519Signature2020 suite, and for legacy/compatibility work, you can use Ed25519Signature2018 suite. See also the Choosing a Key Type section of crypto-ld documentation.
  • Set up your documentLoader to fetch contexts and documents securely.
  • Lastly, perform the jsigs.sign() or jsigs.verify() operations.

Node.js Native Canonize Bindings

Specialized use cases may wish to use the native canonize bindings. This mode can be enabled by setting the useNativeCanonize option to true. See the jsonld.js notes on this feature and note you should benchmark performance before using it.

Contribute

See the contribute file!

PRs accepted.

If editing the Readme, please conform to the standard-readme specification.

Commercial Support

Commercial support for this library is available upon request from Digital Bazaar: [email protected]

License

New BSD License (3-clause) © Digital Bazaar

More Repositories

1

forge

A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
JavaScript
4,789
star
2

jsonld.js

A JSON-LD Processor and API implementation in JavaScript
JavaScript
1,660
star
3

pyld

JSON-LD processor written in Python
Python
605
star
4

php-json-ld

PHP implementation of a JSON-LD Processor and API
PHP
266
star
5

vc

W3C Verifiable Credentials implementation in JavaScript
JavaScript
138
star
6

bedrock

Bedrock: A core foundation for rich Web applications.
JavaScript
59
star
7

did-cli

A client for managing Decentralized Identifiers
JavaScript
44
star
8

authn.io

Credential Mediator Polyfill
Vue
43
star
9

monarch

The Modular Networking Architecture - high-performance libraries for creating REST-based, JSON Web Services
C++
43
star
10

did-io

Decentralized identifier management library for browser and node.js
JavaScript
40
star
11

jsonld-request

LIbrary to load JSON-LD from stdin, URLs, or files.
JavaScript
38
star
12

crypto-ld

JavaScript
31
star
13

jsonld-cli

JSON-LD command line interface tool
JavaScript
31
star
14

json-ld

A Context-based JSON Serialization for Linked Data
Perl
25
star
15

credential-handler-polyfill

Credential Handler API polyfill
JavaScript
24
star
16

zcap

Linked Data Capabilities reference implementation
JavaScript
23
star
17

did-method-key

A did-io driver for the DID "key" method
JavaScript
23
star
18

payswarm-wordpress

PaySwarm plugin for WordPress
CSS
18
star
19

payswarm.js

A PaySwarm client for node.js
JavaScript
18
star
20

qram

Cram arbitrarily large data into multiple streaming QR-codes
JavaScript
18
star
21

cborld

A Javascript CBOR-LD processor for web browsers and Node.js apps.
JavaScript
17
star
22

rdf-canonize

An implementation of the RDF Dataset Normalization Algorithm in JavaScript.
JavaScript
15
star
23

minimal-cipher

Minimal encryption/decryption JWE library, secure algs only, browser-compatible.
JavaScript
13
star
24

hashlink

JavaScript implementation of Cryptographic Hyperlinks specification.
JavaScript
13
star
25

p3

The PaySwarm Payment Processor (p3)
JavaScript
12
star
26

edv-client

An Encrypted Data Vault Client
JavaScript
11
star
27

encrypted-data-vaults

A privacy-respecting mechanism for storing, indexing, and retrieving encrypted data at a storage provider.
HTML
10
star
28

vc-revocation-list

Verifiable Credentials Revocation List 2020 JavaScript implementation
JavaScript
10
star
29

payswarm

The PaySwarm Project is creating a standard mechanism for purchasing and re-selling digital goods online.
Python
10
star
30

ed25519-signature-2020

Ed25519Signature2020 Linked Data Proof suite for use with jsonld-signatures.
JavaScript
9
star
31

payswarm-python

Python client library for PaySwarm
Python
9
star
32

vc-demo

A demonstration of issuing and verifying Verifiable Credentials.
9
star
33

equihash

Equihash Proof of Work for Node.js
C++
9
star
34

opencred-idp

Open Credentials Identity Provider and demo websites
PHP
8
star
35

http-signature-header

JavaScript
8
star
36

forge-dist

A native JavaScript implementation of TLS, cryptography primitives, and other webapp tools.
7
star
37

bitmunk

An open source, copyright-aware peer-to-peer client that enables browser-based buying/selling of music, movies and television by fans.
C++
7
star
38

cc-structured-data

Analyzes HTML content for RDFa, Microdata and Microformats
Java
6
star
39

credential-handler-demo

Credential Handler API demo
Vue
6
star
40

rdf-canonize-native

A native implementation of the RDF Dataset Normalization Algorithm for Node.js.
JavaScript
6
star
41

ezcap

An opinionated Authorization Capabilities client
JavaScript
6
star
42

webkms-client

A JavaScript Web Kms client library
JavaScript
6
star
43

le-store-redis

Redis certificate storage back-end for Node Let's Encrypt
JavaScript
5
star
44

bedrock-ledger-storage-mongodb

A storage subsystem for Bedrock ledger.
JavaScript
5
star
45

web-ledger-client

An implementation of a a Web Ledger client
JavaScript
5
star
46

ed25519-verification-key-2018

Javascript library for generating and working with Ed25519 key pairs, for use with crypto-ld.
JavaScript
5
star
47

jsonld-document-loader

JavaScript
5
star
48

web-payments.io

Website-side of the payments polyfill
JavaScript
5
star
49

webid-demo

WebID demonstration source code
JavaScript
5
star
50

jsonld-patch

JSON patch for JSON-LD
JavaScript
5
star
51

base58-universal

Encode/decode using "The Base58 Encoding Scheme".
JavaScript
4
star
52

payment-handler-polyfill

A polyfill for the Payment Handler API
JavaScript
4
star
53

opencred-verifier

Open Credentials Verifier JavaScript API
JavaScript
4
star
54

vpqr

Takes a Verifiable Presentation, compresses it via CBOR-LD, and turns it into a QR Code. For Node.js and browser.
JavaScript
4
star
55

bedrock-ledger-node

A Bedrock module that supports the creation and management of decentralized ledgers.
JavaScript
4
star
56

base64url-universal

Encode/decode "Base64url Encoding" format of JSON Web Signature (JWS) RFC7517.
JavaScript
4
star
57

did-context

DID Context
JavaScript
4
star
58

x25519-key-agreement-key-2019

An X25519 (Curve25519) DH key implementation to work with the crypto-ld LDKeyPair API
JavaScript
4
star
59

http-signature-zcap-invoke

A library for invoking Authorization Capabilities via HTTP signatures
JavaScript
3
star
60

web-request-mediator

A mediator for requests made by relying party Web Apps that are fulfilled by third party service provider Web apps
JavaScript
3
star
61

bedrock-edv-storage

Encrypted Data Vault Storage for Bedrock Apps
JavaScript
3
star
62

ed25519-signature-2018

A Javascript Ed25519 signature suite, for use with jsonld-signatures in the browser and server-side.
JavaScript
3
star
63

bitstring

A Bitstring module for universal JavaScript
JavaScript
3
star
64

bedrock-ledger-consensus-continuity

Web Ledger Continuity Consensus Protocol
JavaScript
3
star
65

security-document-loader

A JSON-LD documentLoader library pre-loaded with core commonly used contexts (suites, VC, DIDs).
JavaScript
3
star
66

monarch-benchmark

A suite of tools for benchmarking Monarch and Apache
C++
2
star
67

bedrock-web-vc-store

A Javascript library for storing Verifiable Credentials for Bedrock web apps
JavaScript
2
star
68

payment-handler-demo

Payment Handler API polyfill demo
HTML
2
star
69

bedrock-angular-lazy-compile

Bedrock AngularJS Lazy Compile
JavaScript
2
star
70

base58-spec

The Base58 Encoding Scheme
XSLT
2
star
71

obv3-test-suite

Open Badges v3 Test Suite
JavaScript
2
star
72

bedrock-angular-form

Bedrock AngularJS Form support
JavaScript
2
star
73

web-request-rpc

JSON-RPC for Web Request Polyfills
JavaScript
2
star
74

bedrock-kms-http

HTTP APIs for Bedrock Key Management
JavaScript
2
star
75

eslint-config-digitalbazaar

JavaScript
2
star
76

canivc

Community compatibility dashboard for the Verifiable Credential ecosystem.
JavaScript
2
star
77

bedrock-idp

Bedrock Identity Provider
JavaScript
2
star
78

payswarm-news-demo

Demonstration of a PaySwarm Token application for bloggers and journalists
JavaScript
2
star
79

bedrock-account-http

HTTP APIs for Bedrock User Accounts
JavaScript
2
star
80

did-ssh

2
star
81

bedrock-mongodb

Bedrock mongodb module
JavaScript
2
star
82

vc-js-cli

JavaScript
2
star
83

ecdsa-secp256k1-verification-key-2019

JavaScript
2
star
84

http-client

An opinionated, isomorphic HTTP client.
JavaScript
2
star
85

bedrock-vue

Vue frontend framework running on Bedrock
JavaScript
2
star
86

chapi-demo-wallet

Credential Handler API Demo Wallet
HTML
2
star
87

bbs-2023-cryptosuite

A BBS-2023 Data Integrity cryptosuite for use with jsonld-signatures.
JavaScript
2
star
88

bedrock-tokenization

A Bedrock module for tokenizing identifiers and storing encrypted related data
JavaScript
2
star
89

webkms-switch

A JavaScript Web Kms switch library
JavaScript
2
star
90

ed25519-verification-key-2020

Javascript library for generating and working with Ed25519VerificationKey2020 key pairs, for use with crypto-ld.
JavaScript
2
star
91

bedrock-views

Bedrock website views module
JavaScript
1
star
92

bedrock-authn-token

Simple token-based authentication for Bedrock apps
JavaScript
1
star
93

d-langtag-ext

An extension to the language tag to support text direction.
XSLT
1
star
94

edv

Encrypted Data Vault
1
star
95

did-method-key-spec

HTML
1
star
96

bedrock-ledger-agent

Bedrock module that provides management of ledger agents
JavaScript
1
star
97

http-proofs

A new HTTP Header to express cryptographic proofs, such as proof-of-work, when accessing a resource.
XSLT
1
star
98

bedrock-mail

Bedrock mail
JavaScript
1
star
99

bedrock-web-pdf417

JavaScript
1
star
100

cit-vocab

Concealed ID Tokens
HTML
1
star