Re: Question regarding JSON-LD canonicalization from Dave Longley on 2020-10-25 (public-credentials@w3.org from October 2020)

From: Dave Longley <dlongley@digitalbazaar.com>
Date: Sun, 25 Oct 2020 13:06:59 -0400
To: Andreas Kuehne <kuehne@trustable.de>, Orie Steele <orie@transmute.industries>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <d9047ee3-f6a1-c112-273f-b7bf1ab6f39b@digitalbazaar.com>

On 10/25/20 11:30 AM, Andreas Kuehne wrote:
> Hi Orie,
> 
> thank you for your quick reply!
> 
> Still I have some problems to understand the process based in the
> specifications. As far as I understand the code the URDNA2015 normalizer
> buils an array of NQuads. But that's not a hashable byte array. Do I
> miss an important intermediate step?

The content encoding of NQuads is always UTF-8.

https://www.w3.org/TR/n-quads/#sec-mediatype

A byte array containing the UTF-8 encoded, lexicographically sorted,
NQuads is what should be hashed. When producing an LD proof, there are
some other steps that involve what constitutes the input to the signing
process, which is what Orie linked to.

In short, an LD Proof involves hashing the canonicalized, UTF-8 NQuads
for the document to be signed, and hashing the canonicalized, UTF-8
NQuads for the proof meta data. The two hashes concatenated together
constitute the input to a given signature algorithm as the "verify data"
to be signed, such that the entire document and all proof meta data are
"covered content" by the signature.

Orie's links should cover the above process in more detail if you're
interested in producing LD proofs. If you're just looking for a hash of
some RDF dataset (perhaps represented as a JSON-LD document), then you
can simply get the normalized NQuads and serialize those using UTF-8 to
a byte array and hash that.

> 
> Thanks in advance,
> 
> Andreas
>> https://github.com/digitalbazaar/jsonld-signatures/blob/e3f7c1209f2adc0d3b9171083f98785d7a1d180d/lib/suites/LinkedDataSignature.js#L111
>>
>> https://github.com/digitalbazaar/jsonld-signatures/blob/e3f7c1209f2adc0d3b9171083f98785d7a1d180d/lib/suites/LinkedDataSignature.js#L213
>>
>> See also the spec:
>> https://w3c-ccg.github.io/ld-proofs/#create-verify-hash-algorithm
>>
>> Regards,
>>
>> OS
>>
>> On Mon, Oct 19, 2020 at 2:30 PM Andreas Kuehne <kuehne@trustable.de> wrote:
>>
>>> Hi experts,
>>>
>>>
>>>  I would like to canonicalize a JSON-LD as a preparation for a signature
>>> creation.
>>>
>>> Using jsonld-java and applied normalize() using URDNA2015. But the
>>> output is not a byte array (ready for hashing) but a RDFDataSet. What's
>>> the next step to retrieve a hashable byte array?
>>>
>>>
>>> Greetings,
>>>
>>>
>>> Andreas
>>>
>>> --
>>> Andreas Kühne
>>>
>>> Chair of OASIS DSS-X
>>>
>>> phone: +49 177 293 24 97
>>> mailto: kuehne@trustable.de
>>>
>>>
>>> Trustable solutions UG (haftungsbeschränkt), Gartenheimstr. 39C, 30659
>>> Hannover, Amtsgericht Hannover HRB 219338
>>>
>>> Trustable Ltd. Niederlassung Deutschland, Gartenheimstr. 39C, 30659
>>> Hannover, Amtsgericht Hannover HRB 212612
>>>
>>> Company UK Company No: 5218868 Registered in England and Wales
>>>
>>>
>>>
>>>
> 

-- 
Dave Longley
CTO
Digital Bazaar, Inc.

Received on Sunday, 25 October 2020 17:07:17 UTC