From c48e4a8a06f5554ff484f1a60c8e5673e70a897a Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sun, 19 Jan 2020 21:18:03 +0100
Subject: comment on JSON canonicalization

---
 src/include/taler_json_lib.h | 6 ++++++
 src/json/json.c              | 8 +++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h
index be98f2a7e..d5f6b0ba2 100644
--- a/src/include/taler_json_lib.h
+++ b/src/include/taler_json_lib.h
@@ -107,6 +107,12 @@ TALER_JSON_spec_denomination_signature (const char *field,
 /**
  * Hash a JSON for binary signing.
  *
+ * See https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-15
+ * for fun JSON canonicalization problems.  Callers must ensure that
+ * those are avoided in the input. We will use libjanson's "JSON_COMPACT"
+ * encoding for whitespace and "JSON_SORT_KEYS" to canonicalize as best
+ * as we can.
+ *
  * @param[in] json some JSON value to hash
  * @param[out] hc resulting hash code
  * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
diff --git a/src/json/json.c b/src/json/json.c
index 688086a50..807ea0b61 100644
--- a/src/json/json.c
+++ b/src/json/json.c
@@ -25,7 +25,13 @@
 
 
 /**
- * Hash a JSON for binary signing.
+ * Hash a JSON object for binary signing.
+ *
+ * See https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-15
+ * for fun JSON canonicalization problems.  Callers must ensure that
+ * those are avoided in the input. We will use libjanson's "JSON_COMPACT"
+ * encoding for whitespace and "JSON_SORT_KEYS" to canonicalize as best
+ * as we can.
  *
  * @param[in] json some JSON value
  * @param[out] hc resulting hash code
-- 
cgit v1.2.3