ruby-jsonld-signatures 0.0.10

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4935f61cd06bb5e3d67e927527fb9f2b0965c28a61a94c32313dcfa7c39b7a9d
+  data.tar.gz: 603d4cd7d729f4f9d5a903f613cb0b4a75c32a0b726cd7d8dc4e0f4871a857f8
+SHA512:
+  metadata.gz: 6c04d6231e6c1b0eb9257160f7fed3c26f64e2913a3aec70589d5fcceeae3538fd79ac2d2030025a31094f0442350f5c6afbfeecd6f1caf0ecbdd52db3404a05
+  data.tar.gz: 39c321c7477204ec0301f74a0f3e67625e25da1db90eaabcd056f7192da57660683cb69a5ead0a75933a4a08a22ca7010f1ebeb59f75439afed3b8d6ca1c3f65

data/AUTHORS

@@ -0,0 +1,2 @@
+* Brian Sletten <brian@bosatsu.net>
+* John Callahan <jcallahan@acm.org>

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Accreditrust Technologies, LLC.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,199 @@
+This gem is an implementation of the JSON-LD Signatures specification
+in Ruby that supports the following encryption options:
+
+* RSA
+* Ed25519
+
+Demo
+----
+
+See [an example](https://ldsigdemo.herokuapp.com/) of the gem in action.  The source code for the demo is [here](https://github.com/johncallahan/ldsigdemo).
+
+Getting Started
+---------------
+
+Add the gem to your Gemfile:
+
+```ruby
+gem 'ruby-jsonld-signatures'
+```
+
+then run `bundle install`
+
+Development
+-----------
+
+Clone this repo, bundle and run the rspec tests:
+
+```shell
+git clone https://github.com/johncallahan/ruby-jsonld-signatures.git
+bundle install
+rspec
+```
+
+Description
+-----------
+
+Consider the following JSON-LD document:
+
+```json
+{
+  "@context": [ "https://w3id.org/credentials/v1","https://w3id.org/security/v1"],
+  "type" : [ "Credential" ],
+  "claim" : {
+    "id" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+    "publicKey" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1"
+  },
+  "issuer" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+  "issued" : "2018-03-15T00:00:00Z"
+}
+```
+
+The goal of [Linked Data Signatures](https://w3c-dvcg.github.io/ld-signatures/) is to
+cryptographically "sign" a JSON-LD document such that the the order of
+key/pairs within the JSON-LD document does not matter.  In other words,
+the signature value of the JSON content above would be:
+
+```
+t/T2Wv335B2guVYW88I9uWKEdrE3HFddrXt14AVo9aD9yr5BAbGJT5eQbVGdG+O0Hn6RU9IYgi1o15/F3x37Ag==
+```
+
+The following document is equivalent to the JSON-LD document above even
+though more whitespace is added and the key/value pairs (even in
+embedded blocks) are in different order but their values are equal:
+
+```json
+{
+  "issued" : "2018-03-15T00:00:00Z",
+
+     "issuer" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+     "claim" : {
+       "publicKey" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1",
+       "id" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk"
+     },
+
+  "type" : [ "Credential" ],
+  "@context": [ "https://w3id.org/credentials/v1","https://w3id.org/security/v1"]
+}
+
+```
+
+After generating the signature value for the JSON-LD document, the
+signature value is appended to the document with additional metadata:
+
+```json
+{
+  "@context":["https://w3id.org/credentials/v1","https://w3id.org/security/v1"],
+  "type":["Credential"],
+  "claim":{
+    "id":"did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+    "publicKey":"did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1"
+  },
+  "issuer":"did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+  "issued":"2018-03-15T00:00:00Z",
+  "signature":{
+    "type":"Ed25519Signature2018",
+    "creator":"did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1",
+    "created":"2018-03-15T00:00:00Z",
+    "signatureValue":"t/T2Wv335B2guVYW88I9uWKEdrE3HFddrXt14AVo9aD9yr5BAbGJT5eQbVGdG+O0Hn6RU9IYgi1o15/F3x37Ag=="
+  }
+}
+```
+
+This signed content can be presented to other parties such that any
+key/value pair change to the JSON content (not the order or
+whitespace) can be detected.  It is useful in [DID Auth](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-spring2018/blob/master/final-documents/did-auth.md) where a
+user (via their browser or mobile device) holds a private key and
+needs to provide [verifiable credentials](https://github.com/WebOfTrustInfo/rwot7/blob/master/topics-and-advance-readings/verifiable-credentials-primer.md) to a replying party or
+service provider.  In the case of DID Auth, the relying party can
+verify the signature by resolving the DID (via a [universal
+resolver](https://github.com/decentralized-identity/universal-resolver)) to obtain the public key from a blockchain ([Veres
+One](https://github.com/veres-one/veres-one) in this case).
+
+The process of signing a JSON-LD document includes:
+
+* resolving the context vocabularies (i.e., fetching them via their URLs in the @context]
+* normalizing (or sometimes called 'canonicalizing') the document
+* determining the signature value with a private key (using RSA or Ed25519)
+* embedding the signature JSON with the metadata and signature value (not part of the JSON-LD document)
+
+Verifying a signed JSON-LD document includes:
+
+* extracting the signature block from the JSON-LD document (remove it as well)
+* normalizing (or sometimes called 'canonicalizing') the remaining JSON-LD document
+* verifying the signature value with the public key (using RSA or Ed25519)
+
+The ruby-jsonld-signatures gem relies on other gems to perform signing
+and verifying including:
+
+* [json-ld](https://github.com/ruby-rdf/json-ld)
+* [rdf-normalize](https://github.com/ruby-rdf/rdf-normalize)
+* [ed25519](https://github.com/crypto-rb/ed25519)
+
+NOTE: additional keys that are NOT in the context vocabularies will
+NOT be part of the normalization process.  Thus, the following JSON-LD
+document is equalivalent to the blocks shown above:
+
+```json
+{
+  "@context": [ "https://w3id.org/credentials/v1","https://w3id.org/security/v1"],
+  "type" : [ "Credential" ],
+  "claim" : {
+    "id" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+    "publicKey" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1"
+  },
+  "foo" : "bar",
+  "issuer" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+  "issued" : "2018-03-15T00:00:00Z"
+}
+```
+
+The key "foo" is not found in either the credentials or security
+vocabularies (in the @context) and therefore *not* included in the
+normalized content.  But the following document is not equivalent (the
+key "nonce" *is* part of both the credentials and security
+vocabularies - but it just has to be in one of them):
+
+```json
+{
+  "@context": [ "https://w3id.org/credentials/v1","https://w3id.org/security/v1"],
+  "type" : [ "Credential" ],
+  "claim" : {
+    "id" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+    "publicKey" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1"
+  },
+  "nonce" : "thisisjustarandomstring",
+  "issuer" : "did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk",
+  "issued" : "2018-03-15T00:00:00Z"
+}
+```
+
+By the way, here is the normalized (or "canonicalized") content for
+all blocks above except the one with the "nonce" key-value pair added:
+
+```json
+<did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk> <https://w3id.org/security#publicKey> <did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk#authn-key-1> .
+_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/credentials#Credential> .
+_:c14n0 <https://w3id.org/credentials#claim> <did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk> .
+_:c14n0 <https://w3id.org/credentials#issued> "2018-03-15T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
+_:c14n0 <https://w3id.org/credentials#issuer> <did:v1:test:nym:JApJf12r82Pe6PBJ3gJAAwo8F7uDnae6B4ab9EFQ7XXk> .
+```
+
+Tests
+-----
+
+* Sign a basic string
+* Sign a basic normalized (i.e., "canonicalized") document
+* Sign a basic JSON-LD document
+* Signatures of a second document that contains a non-vocabulary element are equivalent
+* Signatures of a second document that contains a vocabulary element are NOT equivalent
+* Signatures of a second document in different order are equivalent
+* Verify signature of a signed JSON-LD document
+* Detect when signature of a signed JSON-LD document is invalid
+
+Todo
+----
+
+* The gem currently uses the [ed25519](https://github.com/crypto-rb/ed25519) gem, but I have tested the
+  [rbnacl](https://github.com/crypto-rb/rbnacl) gem and it works.  I just need to provide an option hook.
+

data/VERSION

@@ -0,0 +1 @@
+0.0.10

data/lib/json/ld/signature.rb

@@ -0,0 +1,50 @@
+module JSON
+  module LD
+    module SIGNATURE
+
+require 'base64'
+require 'json/ld'
+require 'rdf/normalize'
+require 'json/ld/signature'
+require 'json/ld/signature/ed25519Signer'
+require 'json/ld/signature/ed25519Verifier'
+require 'json/ld/signature/rsaSigner'
+require 'json/ld/signature/rsaVerifier'
+
+autoload :Ed25519Singer, 'json/ld/signature/ed25519Singer'
+autoload :Ed25519Verifier, 'json/ld/signature/ed25519Verifier'
+autoload :RsaSinger, 'json/ld/signature/rsaSinger'
+autoload :RsaVerifier, 'json/ld/signature/rsaVerifier'
+
+      def generateNormalizedGraph(jsonLDDoc, opts)
+        jsonLDDoc.delete 'signature'
+
+        graph = RDF::Graph.new << JSON::LD::API.toRdf(jsonLDDoc)
+        # TODO: Parameterize the normalization
+        normalized = graph.dump(:normalize)
+
+#        digestdoc = ''
+#        digestdoc << opts['nonce'] unless opts['nonce'].nil?
+#        digestdoc << opts['created']
+#        digestdoc << normalized
+#        digestdoc << '@' + opts['domain'] unless opts['domain'].nil?
+#        digestdoc
+
+         normalized
+      end
+
+      module_function :generateNormalizedGraph
+      
+      SECURITY_CONTEXT_URL = 'https://w3id.org/security/v1'
+      
+      class JsonLdSignatureError < JsonLdError
+        class InvalidJsonLdDocument < JsonLdSignatureError; @code = "invalid JSON-LD document"; end
+        class MissingCreator < JsonLdSignatureError; @code = "missing signature creator"; end
+        class MissingKey < JsonLdSignatureError; @code = "missing private PEM formatted string"; end
+        class InvalidKeyType < JsonLdSignatureError; @code = "invalid PEM key"; end
+        class WrongKeyType < JsonLdSignatureError; @code = "signing requires a private key"; end
+        class UnreachableKey < JsonLdSignatureError; @code = "unable to retrieve public key"; end
+      end
+    end
+  end
+end

data/lib/json/ld/signature/ed25519Signer.rb

@@ -0,0 +1,98 @@
+module JSON
+  module LD
+    module SIGNATURE
+
+  class Ed25519Signer
+
+    attr_writer :pub
+    attr_writer :priv
+
+    def pub
+      @pub
+    end
+
+    def priv
+      @priv
+    end
+
+    def sign(input, options = {} )
+      
+      # We require a creator to identify the signing key
+      
+      if options['creator'].nil?
+        raise JsonLdSignatureError::MissingCreator, "the creator of the signature must be identified"
+      end
+      
+      creator = options['creator']
+      
+      # TODO: Validate the resolvability of the URL?
+
+      # We require a privateKeyPem in the options hash
+#      if options['privateKey'].nil?
+#        raise JsonLdSignatureError::MissingKey, "options parameter must include privateKey"
+#      end
+
+      # The privateKeyPem can be either a String or a parsed RSA key
+#      privateKey = options['privateKey']
+      privateKey = priv
+
+#      unless privateKey.private?
+#        raise JsonLdSignatureError::WrongKeyType, "submitted key is a public key"
+#      end
+
+      # Check the input, it should either be a String or a parsed JSON object
+
+      jsonld = case input
+      when String then 
+      begin
+          JSON.parse(input)        
+        rescue JSON::ParserError => e
+            raise JsonLdSignatureError::InvalidJsonLdDocument, e.message
+      end 
+      when Hash then input
+      else
+        raise JsonLdSignatureError::InvalidJsonLdDocument
+      end
+      
+      jsonld.delete 'signature'
+#      created = Time.now.iso8601
+      created = "2018-03-15T00:00:00Z"
+#     nonce = options['nonce']
+#      nonce = "3699b48f-a194-4415-8da3-b76269f63746"
+       nonce = nil
+#      domain = options['domain']
+      domain = nil
+            
+      normOpts = {
+        'nonce' => nonce,
+        'domain' => options['domain'],
+        'created' => created,
+        'creator' => creator
+      }
+      
+      normalizedGraph = JSON::LD::SIGNATURE::generateNormalizedGraph jsonld, normOpts
+#      puts normalizedGraph
+      signature = privateKey.sign normalizedGraph
+
+      enc = Base64.strict_encode64(signature)
+      
+       # "@context" : "https://w3id.org/security/v1",
+
+      sigobj = JSON.parse %({
+        "type" : "Ed25519Signature2018",
+        "creator" : "#{creator}",
+        "created" : "#{created}",
+        "signatureValue" : "#{enc}"
+      })
+      
+      sigobj['domain'] = domain unless options['domain'].nil?
+      sigobj['nonce'] = nonce unless nonce.nil?
+      
+      jsonld['signature'] = sigobj
+      jsonld.to_json
+    end
+  end
+end
+end
+end
+

data/lib/json/ld/signature/ed25519Verifier.rb

@@ -0,0 +1,68 @@
+module JSON
+  module LD
+    module SIGNATURE
+
+  class Ed25519Verifier
+
+    attr_writer :pub
+    attr_writer :priv
+
+    def pub
+      @pub
+    end
+
+    def priv
+      @priv
+    end
+    
+    def verify(input, options = {})
+      
+      # We require a publicKeyPem in the options hash
+#      if options['publicKey'].nil?
+#        raise JsonLdSignatureError::MissingKey, "options parameter must include publicKey"
+#      end
+
+      # The publicKeyPem can be either a String or a parsed RSA key
+#      publicKey = options['publicKey']
+      publicKey = pub
+      
+      # Check the input, it should either be a String or a parsed JSON object
+
+      jsonld = case input
+      when String then 
+      begin
+          JSON.parse(input)        
+        rescue JSON::ParserError => e
+            raise JsonLdSignatureError::InvalidJsonLdDocument, e.message
+      end 
+      when Hash then input
+      else
+        raise JsonLdSignatureError::InvalidJsonLdDocument
+      end
+      
+      signature = jsonld['signature']
+      
+      created = signature['created']
+      creator = signature['creator']
+      signatureValue = signature['signatureValue']
+      domain = signature['domain']
+      nonce = signature['nonce']
+      
+      uri = URI(creator)
+      
+      normOpts = {
+        'nonce' => nonce,
+        'domain' => domain,
+        'created' => created,
+        'creator' => creator
+      }
+      
+      normalizedGraph = JSON::LD::SIGNATURE::generateNormalizedGraph jsonld, normOpts
+
+      publicKey.verify Base64.decode64(signatureValue), normalizedGraph
+    end
+  end
+end
+end
+end
+

data/lib/json/ld/signature/rsaSigner.rb

@@ -0,0 +1,100 @@
+module JSON
+  module LD
+    module SIGNATURE
+
+  class RsaSigner
+
+    attr_writer :pub
+    attr_writer :priv
+
+    def pub
+      @pub
+    end
+
+    def priv
+      @priv
+    end
+
+    def sign(input, options = {} )
+      
+      # We require a creator to identify the signing key
+      
+      if options['creator'].nil?
+        raise JsonLdSignatureError::MissingCreator, "the creator of the signature must be identified"
+      end
+      
+      creator = options['creator']
+      
+      # TODO: Validate the resolvability of the URL?
+
+      # We require a privateKeyPem in the options hash
+#      if options['privateKeyPem'].nil?
+#        raise JsonLdSignatureError::MissingKey, "options parameter must include privateKeyPem"
+#      end
+
+      # The privateKeyPem can be either a String or a parsed RSA key
+#      privateKey = case options['privateKeyPem']
+#      when String then OpenSSL::PKey::RSA.new options['privateKeyPem']
+#      when OpenSSL::PKey::RSA then options['privateKeyPem']
+#      else 
+#        raise JsonLdSignatureError::InvalidKeyType, "key must be RSA Key or PEM String"
+#      end
+      privateKey = @priv
+
+      unless privateKey.private?
+        raise JsonLdSignatureError::WrongKeyType, "submitted key is a public key"
+      end
+
+      # Check the input, it should either be a String or a parsed JSON object
+
+      jsonld = case input
+      when String then 
+      begin
+          JSON.parse(input)        
+        rescue JSON::ParserError => e
+            raise JsonLdSignatureError::InvalidJsonLdDocument, e.message
+      end 
+      when Hash then input
+      else
+        raise JsonLdSignatureError::InvalidJsonLdDocument
+      end
+      
+      jsonld.delete 'signature'
+#      created = Time.now.iso8601
+      created = "2018-03-15T00:00:00Z"
+      nonce = options['nonce']
+      domain = options['domain']
+            
+      normOpts = {
+        'nonce' => nonce,
+        'domain' => options['domain'],
+        'created' => created,
+        'creator' => creator
+      }
+      
+      normalizedGraph = JSON::LD::SIGNATURE::generateNormalizedGraph jsonld, normOpts
+      
+      digest = OpenSSL::Digest::SHA256.new
+      signature = privateKey.sign digest, normalizedGraph
+      enc = Base64.strict_encode64(signature)
+      
+       # "@context" : "https://w3id.org/security/v1",
+
+      sigobj = JSON.parse %({
+        "type" : "RsaSignature2017",
+        "creator" : "#{creator}",
+        "created" : "#{created}",
+        "signatureValue" : "#{enc}"
+      })
+      
+      sigobj['domain'] = domain unless options['domain'].nil?
+      sigobj['nonce'] = nonce unless nonce.nil?
+      
+      jsonld['signature'] = sigobj
+      jsonld.to_json
+    end
+  end
+end
+end
+end
+

data/lib/json/ld/signature/rsaVerifier.rb

@@ -0,0 +1,83 @@
+module JSON
+  module LD
+    module SIGNATURE
+
+  class RsaVerifier
+
+    attr_writer :pub
+    attr_writer :priv
+
+    def pub
+      @pub
+    end
+
+    def priv
+      @priv
+    end
+    
+    def verify(input, options = {})
+      
+      # We require a publicKeyPem in the options hash
+#      if options['publicKeyPem'].nil?
+#        raise JsonLdSignatureError::MissingKey, "options parameter must include publicKeyPem"
+#      end
+
+      # The publicKeyPem can be either a String or a parsed RSA key
+#      publicKey = case options['publicKeyPem']
+#      when String then OpenSSL::PKey::RSA.new options['publicKeyPem']
+#      when OpenSSL::PKey::RSA then options['publicKeyPem']
+#      else 
+#        raise JsonLdSignatureError::InvalidKeyType, "key must be RSA Key or PEM String"
+#      end
+      publicKey = @pub
+      
+      # Check the input, it should either be a String or a parsed JSON object
+
+      jsonld = case input
+      when String then 
+      begin
+          JSON.parse(input)        
+        rescue JSON::ParserError => e
+            raise JsonLdSignatureError::InvalidJsonLdDocument, e.message
+      end 
+      when Hash then input
+      else
+        raise JsonLdSignatureError::InvalidJsonLdDocument
+      end
+      
+      signature = jsonld['signature']
+      
+      created = signature['created']
+      creator = signature['creator']
+      signatureValue = signature['signatureValue']
+      domain = signature['domain']
+      nonce = signature['nonce']
+      
+      uri = URI(creator)
+#      response = Net::HTTP.get_response(uri)
+      
+#      case response.code
+#        when "200"
+#          publicKey = OpenSSL::PKey::RSA.new response.body
+#        else
+#          raise JsonLdSignatureError::UnreachableKey, 
+#             "Key #{creator} could not be retrieved. Error: #{response.code}, #{response.message}"
+#      end
+      
+      normOpts = {
+        'nonce' => nonce,
+        'domain' => domain,
+        'created' => created,
+        'creator' => creator
+      }
+
+      normalizedGraph = JSON::LD::SIGNATURE::generateNormalizedGraph jsonld, normOpts
+
+      digest = OpenSSL::Digest::SHA256.new
+      publicKey.verify digest, Base64.decode64(signatureValue), normalizedGraph
+    end
+  end
+end
+end
+end
+

metadata

@@ -0,0 +1,186 @@
+--- !ruby/object:Gem::Specification
+name: ruby-jsonld-signatures
+version: !ruby/object:Gem::Version
+  version: 0.0.10
+platform: ruby
+authors:
+- Brian Sletten
+- John Callahan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-09-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.4
+- !ruby/object:Gem::Dependency
+  name: rdf-normalize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdf-turtle
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdf-spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: open-uri-cached
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.3.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.3.2
+- !ruby/object:Gem::Dependency
+  name: json-ld
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.2
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+description: RDF::JSON::LD:Signature is an implementation of the JSON-LD Signature
+  specification for the RDF.rb library suite.
+email: public-rdf-ruby@w3.org
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- AUTHORS
+- LICENSE
+- README.md
+- VERSION
+- lib/json/ld/signature.rb
+- lib/json/ld/signature/ed25519Signer.rb
+- lib/json/ld/signature/ed25519Verifier.rb
+- lib/json/ld/signature/rsaSigner.rb
+- lib/json/ld/signature/rsaVerifier.rb
+homepage: http://github.com/bsletten/rdf-jsonld-signature
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: rdf-normalize
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: JSON-LD Signature implementation for Ruby.
+test_files: []