comment on JSON canonicalization - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit c48e4a8a06f5554ff484f1a60c8e5673e70a897a
parent 84fd3013138db335d34fb734608b43fe2b85641e
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun, 19 Jan 2020 21:18:03 +0100

comment on JSON canonicalization

Diffstat:
M src/include/taler_json_lib.h  | 6 ++++++
M src/json/json.c  | 8 +++++++-

2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h
@@ -107,6 +107,12 @@ TALER_JSON_spec_denomination_signature (const char *field,
 /**
  * Hash a JSON for binary signing.
  *
+ * See https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-15
+ * for fun JSON canonicalization problems.  Callers must ensure that
+ * those are avoided in the input. We will use libjanson's "JSON_COMPACT"
+ * encoding for whitespace and "JSON_SORT_KEYS" to canonicalize as best
+ * as we can.
+ *
  * @param[in] json some JSON value to hash
  * @param[out] hc resulting hash code
  * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
diff --git a/src/json/json.c b/src/json/json.c
@@ -25,7 +25,13 @@
 
 
 /**
- * Hash a JSON for binary signing.
+ * Hash a JSON object for binary signing.
+ *
+ * See https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-15
+ * for fun JSON canonicalization problems.  Callers must ensure that
+ * those are avoided in the input. We will use libjanson's "JSON_COMPACT"
+ * encoding for whitespace and "JSON_SORT_KEYS" to canonicalize as best
+ * as we can.
  *
  * @param[in] json some JSON value
  * @param[out] hc resulting hash code

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	src/include/taler_json_lib.h	\|	6	++++++
M	src/json/json.c	\|	8	+++++++-