I want to sign Verifiable Credential in JSON structure with Linked Data (JSON-LD) like below:
{
"@context":[
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/security/bbs/v1"
],
"id":"1234",
"type":[
"VerifiableCredential"
],
"issuer":"exampleIssuer",
"validFrom":"2022-06-30T00:00:00Z+01:00",
"expirationDate":"2022-07-30T00:00:00Z+01:00",
"credentialSubject":{
"customerId":"123456",
"name":"Test User",
"birthDate":"1.1.1991"
},
"proof":{
"type":"BbsBlsSignatureProof2020",
"verificationMethod":"did:example:489398593#test",
"created":"2021-12-31T10:54:18Z+01:00",
"proofPurpose":"assertionMethod",
"proofValue":"...",
"nonce":"..."
}
}
The signing itself is not a problem. The problem is the canonicalization = how to prepare the data before signing.
The BbsBlsSignatureProof2020 specifies to use https://w3id.org/security#URDNA2015 (aka URDCA2015) canonicalization algorithm following the RDF Dataset Canonicalization. (the same is for EcdsaSecp256k1RecoverySignature2020 and JsonWebSignature2020).
Is this a must-do or is it just default canonicalization algorithm and I can use any other?
The thing is, RDF is rather complex when working with JSON-LD and seems to have quite some flaws. I would really like to use much easier JCS (JSON Canonicalization Scheme) instead, which works only with syntax of the JSON.
Any feedback on this would be highly appreciated.
As @Rein pointed out it's better to use existing JSON-LD library. Some are listed here: https://json-ld.org/ (Titanium library is available for Java, but there are also libraries using different languages).
However, I've found out that the best option for Java devs is to use this library: iron-vc