canonical-json: Canonical JSON for signing and hashing JSON values

[ bsd3, json, library, text ] [ Propose Tags ]

An implementation of Canonical JSON.

http://wiki.laptop.org/go/Canonical_JSON

The "canonical JSON" format is designed to provide repeatable hashes of JSON-encoded data. It is designed for applications that need to hash, sign or authenitcate JSON data structures, including embedded signatures.

Canonical JSON is parsable with any full JSON parser, and it allows whitespace for pretty-printed human readable presentation, but it can be put into a canonical form which then has a stable serialised representation and thus a stable hash.

[Skip to Readme]

Versions [faq]	0.5.0.0, 0.5.0.1, 0.6.0.0
Change log	ChangeLog.md
Dependencies	base (>=4.8 && <5), bytestring (>=0.10.4 && <0.11), containers (>=0.4 && <0.7), deepseq (>=1.2 && <1.5), parsec (==3.1.*), pretty (>=1.0 && <1.2) [details]
License	BSD-3-Clause
Copyright	Copyright 2015-2018 Well-Typed LLP
Author	Duncan Coutts, Edsko de Vries
Maintainer	duncan@well-typed.com, edsko@well-typed.com
Revised	Revision 1 made by HerbertValerioRiedel at Sat Aug 31 23:37:05 UTC 2019
Category	Text, JSON
Home page	https://github.com/well-typed/canonical-json
Source repo	head: git clone https://github.com/well-typed/canonical-json.git
Uploaded	by DuncanCoutts at Wed Jul 31 09:30:04 UTC 2019
Distributions	NixOS:0.6.0.0
Downloads	538 total (61 in the last 30 days)
Rating	(no votes yet) [estimated by rule of succession]
Your Rating	λ λ λ
Status	Docs available [build log] Last success reported on 2019-07-31 [all 1 reports]

Modules

[Index] [Quick Jump]

Text
- JSON
  - Text.JSON.Canonical

Downloads

canonical-json-0.6.0.0.tar.gz [browse] (Cabal source package)
Package description (revised from the package)

Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

For package maintainers and hackage trustees

edit package information

Readme for canonical-json-0.6.0.0

[back to package description]

An implementation of Canonical JSON.

The "canonical JSON" format is designed to provide repeatable hashes of JSON values. It is designed for applications that need to hash, sign or authenitcate JSON data structures., including embedded signatures.

Canonical JSON is parsable with any full JSON parser, and it allows white space for pretty-printed human readable presentation, but it can be put into a canonical form which then has a stable serialised representation and thus a stable hash.

The basic concept is that a file in the canonical JSON format can be read using parseCanonicalJSON. Note that this input file does not itself need to be in canonical form, it just needs to be in the canonical JSON format. Then the renderCanonicalJSON function is used to render into the canonical form. This is then the form that can be hashed or signed etc.

The prettyCanonicalJSON is for convenience to render in a human readable style, since the canoncal form eliminates unnecessary white space which makes the output hard to read. This style is again suitable to read using 'parseCanonicalJSON'. So this is suitable to use for producing output that has to be later hashed or otherwise checked.

See the API docs on Hackage.

This package has been extracted from the hackage-security package where canonical JSON is used for all the signed TUF files, such as the root keys file, etc. As you can see from that, canoncal JSON allows keeping JSON files in a human readable pretty-printed form, and still allows verifying signatures. In particular this demonstrates the use of embedded signatures, where the root.json both contains a body value and multiple signatures of that body all within the same file. This is because canoncal JSON is about hashes for JSON values, not serialised JSON text.

Known bugs limitations

Decoding/encoding Unicode code-points beyond U+00ff is currently broken