json-canonicalization 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 75fbded244fc0096ae6a46a90730fbf8a3fe1913d9a58fe60ec9fc91fb238522
+  data.tar.gz: 817b4072f362414762a9cb19eec0551dab9c4290bc8720640faedb050ff64b75
+SHA512:
+  metadata.gz: 5b8cf4b810ce1ca14b30232cd172d9bb3350b9d0aaaefd7c02cacad1fdb47c87ec7f88091b51c86621319bbeb59df53be34dcb81743b8a70307a90678a19862e
+  data.tar.gz: fc41d6154f7fb136396028f6c03ca3bfbb6e0ce65a676990773ad3361eef48c868990196b63ba790a57e537e12096ac8997036eefc7a7ab1773a94f4672fafcc

data/AUTHORS

@@ -0,0 +1 @@
+* Gregg Kellogg <gregg@greggkellogg.net>

data/LICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org>

data/README.md

@@ -0,0 +1,92 @@
+# json-canonicalization
+An implementation of the JSON Canonicalization Scheme for Ruby
+
+Implements version 5 of [draft-rundgren-json-canonicalization-scheme-05](https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-05#page-5).
+
+[![Gem Version](https://badge.fury.io/rb/json-canonicalization.png)](http://badge.fury.io/rb/json-canonicalization)
+[![Build Status](https://travis-ci.org/dryruby/json-canonicalization.png?branch=master)](http://travis-ci.org/dryruby/json-canonicalization)
+[![Coverage Status](https://coveralls.io/repos/dryruby/json-canonicalization/badge.svg)](https://coveralls.io/r/dryruby/json-canonicalization)
+
+# Description
+
+Cryptographic operations like hashing and signing depend on that the target 
+data does not change during serialization, transport, or parsing. 
+By applying the rules defined by JCS (JSON Canonicalization Scheme), 
+data provided in the JSON [[RFC8259](https://tools.ietf.org/html/rfc8259)]
+format can be exchanged "as is", while still being subject to secure cryptographic operations.
+JCS achieves this by building on the serialization formats for JSON
+primitives as defined by ECMAScript [[ES6](https://www.ecma-international.org/ecma-262/6.0/index.html)],
+constraining JSON data to the<br>I-JSON [[RFC7493](https://tools.ietf.org/html//rfc7493)] subset,
+and through a platform independent property sorting scheme.
+
+Working document: https://cyberphone.github.io/ietf-json-canon<br>
+Published IETF Draft: https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-05
+
+The JSON Canonicalization Scheme concept in a nutshell:
+- Serialization of primitive JSON data types using methods compatible with ECMAScript's `JSON.stringify()`
+- Lexicographic sorting of JSON `Object` properties in a *recursive* process
+- JSON `Array` data is also subject to canonicalization, *but element order remains untouched*
+
+### Sample Input:
+```code
+{
+  "numbers": [333333333.33333329, 1E30, 4.50, 2e-3, 0.000000000000000000000000001],
+  "string": "\u20ac$\u000F\u000aA'\u0042\u0022\u005c\\\"\/",
+  "literals": [null, true, false]
+}
+```
+### Expected Output:
+```code
+{"literals":[null,true,false],"numbers":[333333333.3333333,1e+30,4.5,0.002,1e-27],"string":"€$\u000f\nA'B\"\\\\\"/"}
+```
+## Usage
+The library accepts Ruby input and generates canonical JSON via the `#to_json_c14n` method. This is based on the standard JSON gem's version of `#to_json` with overloads for `Hash`, `String` and `Numeric`
+
+```ruby
+data = {
+  "numbers" => [
+    333333333.3333333,
+    1.0e+30,
+    4.5,
+    0.002,
+    1.0e-27
+  ],
+  "string" => "€$\u000F\nA'B\"\\\\\"/",
+  "literals" => [nil, true, false]
+}
+
+puts data.to_json_c14n
+=> 
+```
+
+## Documentation
+Full documentation available on [RubyDoc](http://rubydoc.info/gems/json-canonicalization/file/README.md)
+
+### Principal Classes
+* {JSON::Canonicalization}
+
+## Dependencies
+* [Ruby](http://ruby-lang.org/) (>= 2.2.2)
+* [JSON](https://rubygems.org/gems/json) (>= 2.1)
+
+## Author
+* [Gregg Kellogg](http://github.com/gkellogg) - <http://kellogg-assoc.com/>
+
+## Contributing
+* Do your best to adhere to the existing coding conventions and idioms.
+* Don't use hard tabs, and don't leave trailing whitespace on any line.
+* Do document every method you add using [YARD][] annotations. Read the
+  [tutorial][YARD-GS] or just look at the existing code for examples.
+* Don't touch the `json-ld.gemspec`, `VERSION` or `AUTHORS` files. If you need to
+  change them, do so on your private branch only.
+* Do feel free to add yourself to the `CREDITS` file and the corresponding
+  list in the the `README`. Alphabetical order applies.
+* Do note that in order for us to merge any non-trivial changes (as a rule
+  of thumb, additions larger than about 15 lines of code), we need an
+  explicit [public domain dedication][PDD] on record from you.
+
+##License
+
+This is free and unencumbered public domain software. For more information,
+see <http://unlicense.org/> or the accompanying {file:UNLICENSE} file.
+

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/lib/json/canonicalization/version.rb

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+# frozen_string_literal: true
+module JSON::Canonicalization::VERSION
+  VERSION_FILE = File.join(File.expand_path(File.dirname(__FILE__)), "..", "..", "..", "VERSION")
+  MAJOR, MINOR, TINY, EXTRA = File.read(VERSION_FILE).chomp.split(".")
+
+  STRING = [MAJOR, MINOR, TINY, EXTRA].compact.join('.')
+
+  ##
+  # @return [String]
+  def self.to_s()   STRING end
+
+  ##
+  # @return [String]
+  def self.to_str() STRING end
+
+  ##
+  # @return [Array(Integer, Integer, Integer)]
+  def self.to_a() STRING.split(".") end
+end

data/lib/json/canonicalization.rb

@@ -0,0 +1,83 @@
+# -*- encoding: utf-8 -*-
+# frozen_string_literal: true
+$:.unshift(File.expand_path("../ld", __FILE__))
+require 'json'
+
+module JSON
+  ##
+  # `JSON::Canonicalization` generates canonical JSON output from Ruby objects
+  module Canonicalization
+    autoload :VERSION,            'json/ld/version'
+  end
+end
+
+class Object
+  # Default canonicalization output for Ruby objects
+  # @return [String]
+  def to_json_c14n
+    self.to_json
+  end
+end
+
+class Array
+  def to_json_c14n
+    '[' + self.map(&:to_json_c14n).join(',') + ']'
+  end
+end
+
+class Numeric
+  def to_json_c14n
+    raise RangeError if self.is_a?(Float) && (self.nan? || self.infinite?)
+    return "0" if self.zero?
+    num = self
+    if num < 0
+      num, sign = -num, '-'
+    end
+    native_rep = "%.15E" % num
+    decimal, exponential = native_rep.split('E')
+    exp_val = exponential.to_i
+    exponential = exp_val > 0 ? ('+' + exp_val.to_s) : exp_val.to_s
+
+    integral, fractional = decimal.split('.')
+    fractional = fractional.sub(/0+$/, '')  # Remove trailing zeros
+
+    if exp_val > 0 && exp_val < 21
+      while exp_val > 0
+        integral += fractional.to_s[0] || '0'
+        fractional = fractional.to_s[1..-1]
+        exp_val -= 1
+      end
+      exponential = nil
+    elsif exp_val == 0
+      exponential = nil
+    elsif exp_val < 0 && exp_val > -7
+      # Small numbers are shown as 0.etc with e-6 as lower limit
+      fractional, integral, exponential = integral + fractional.to_s, '0', nil
+      fractional = ("0" * (-exp_val - 1)) + fractional
+    end
+
+    fractional = nil if fractional.to_s.empty?
+    sign.to_s + integral + (fractional ? ".#{fractional}" : '') + (exponential ? "e#{exponential}" : '')
+  end
+end
+
+class Hash
+  # Output JSON with keys sorted lexicographically
+  # @return [String]
+  def to_json_c14n
+    "{" + self.
+      keys.
+      sort_by {|k| k.encode(Encoding::UTF_16)}.
+      map {|k| k.to_json_c14n + ':' + self[k].to_json_c14n}
+      .join(',') +
+    '}'
+  end
+end
+
+class String
+  # Output JSON with control characters escaped
+  # @return [String]
+  def to_json_c14n
+    self.to_json
+  end
+end

data/spec/c14n_spec.rb

@@ -0,0 +1,11 @@
+require_relative 'spec_helper'
+
+describe "conversions" do
+  Dir.glob(File.expand_path("../input/*.json", __FILE__)).each do |input|
+    it "converts #{input.split('/').last}" do
+      expected = File.read(input.sub('input', 'output'))
+      data = JSON.parse(File.read(input))
+      expect(data.to_json_c14n).to eq expected
+    end
+  end
+end

data/spec/input/arrays.json

@@ -0,0 +1,8 @@
+[
+  56,
+  {
+    "d": true,
+    "10": null,
+    "1": [ ]
+  }
+]

data/spec/input/french.json

@@ -0,0 +1,6 @@
+{
+  "peach": "This sorting order",
+  "péché": "is wrong according to French",
+  "pêche": "but canonicalization MUST",
+  "sin":   "ignore locale"
+}

data/spec/input/structures.json

@@ -0,0 +1,8 @@
+{
+  "1": {"f": {"f": "hi","F": 5} ,"\n": 56.0},
+  "10": { },
+  "": "empty",
+  "a": { },
+  "111": [ {"e": "yes","E": "no" } ],
+  "A": { }
+}

data/spec/input/unicode.json

@@ -0,0 +1,3 @@
+{
+  "Unnormalized Unicode":"A\u030a"
+}

data/spec/input/values.json

@@ -0,0 +1,5 @@
+{
+  "numbers": [333333333.33333329, 1E30, 4.50, 2e-3, 0.000000000000000000000000001],
+  "string": "\u20ac$\u000F\u000aA'\u0042\u0022\u005c\\\"\/",
+  "literals": [null, true, false]
+}

data/spec/input/wierd.json

@@ -0,0 +1,11 @@
+{
+  "\u20ac": "Euro Sign",
+  "\r": "Carriage Return",
+  "\u000a": "Newline",
+  "1": "One",
+  "\u0080": "Control\u007f",
+  "\ud83d\ude02": "Smiley",
+  "\u00f6": "Latin Small Letter O With Diaeresis",
+  "\ufb33": "Hebrew Letter Dalet With Dagesh",
+  "</script>": "Browser Challenge"
+}

data/spec/number_spec.rb

@@ -0,0 +1,37 @@
+require_relative 'spec_helper'
+
+describe "conversions" do
+  {
+    -1/0.0                    => RangeError,
+    -9007199254740992         => '-9007199254740992',
+    0                         => '0',
+    0.000001                  => '0.000001',
+    0/0.0                     => RangeError,
+    1/0.0                     => RangeError,
+    1e+21                     => '1e+21',
+    9.999999999999997e+22     => '9.999999999999997e+22',
+    9.999999999999997e-7      => '9.999999999999997e-7',
+    9007199254740992          => '9007199254740992',
+    9007199254740994          => '9007199254740994',
+    9007199254740996          => '9007199254740996',
+    999999999999999700000     => '999999999999999700000',
+    999999999999999900000     => '999999999999999900000',
+    # -5e-324                 => '-5e-324', # Outside Ruby Range
+    # 1.0000000000000001e+23  => '1.0000000000000001e+23', # Outside Ruby Range
+    # 295147905179352830000   => '295147905179352830000', # Outside Ruby Range
+    #-1.7976931348623157e+308 => '-1.7976931348623157e+308',  # Outside Ruby Range
+    #1.7976931348623157e+308  => '1.7976931348623157e+308',  # Outside Ruby Range
+    #1e+23                    => '1e+23', # Outside Ruby
+    #5e-324                   => '5e-324',  # Outside Ruby Range
+  }.each do |data, expected|
+    if expected.is_a?(String)
+      it "converts #{data} to #{expected}" do
+        expect(data.to_json_c14n).to eq expected
+      end
+    else
+      it "raises #{expected} for #{data}" do
+        expect {data.to_json_c14n}.to raise_error(expected)
+      end
+    end
+  end
+end

data/spec/output/arrays.json

@@ -0,0 +1 @@
+[56,{"1":[],"10":null,"d":true}]

data/spec/output/french.json

@@ -0,0 +1 @@
+{"peach":"This sorting order","péché":"is wrong according to French","pêche":"but canonicalization MUST","sin":"ignore locale"}

data/spec/output/structures.json

@@ -0,0 +1 @@
+{"":"empty","1":{"\n":56,"f":{"F":5,"f":"hi"}},"10":{},"111":[{"E":"no","e":"yes"}],"A":{},"a":{}}

data/spec/output/unicode.json

@@ -0,0 +1 @@
+{"Unnormalized Unicode":"Å"}

data/spec/output/values.json

@@ -0,0 +1 @@
+{"literals":[null,true,false],"numbers":[333333333.3333333,1e+30,4.5,0.002,1e-27],"string":"€$\u000f\nA'B\"\\\\\"/"}

data/spec/output/wierd.json

@@ -0,0 +1 @@
+{"\n":"Newline","\r":"Carriage Return","1":"One","</script>":"Browser Challenge","€":"Control","ö":"Latin Small Letter O With Diaeresis","€":"Euro Sign","😂":"Smiley","דּ":"Hebrew Letter Dalet With Dagesh"}

data/spec/spec_helper.rb

@@ -0,0 +1,24 @@
+$:.unshift(File.join("../../lib", __FILE__))
+
+require "bundler/setup"
+require 'rspec'
+
+begin
+  require 'simplecov'
+  require 'coveralls' unless ENV['NOCOVERALLS']
+  SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new([
+    SimpleCov::Formatter::HTMLFormatter,
+    (Coveralls::SimpleCov::Formatter unless ENV['NOCOVERALLS'])
+  ])
+  SimpleCov.start do
+    add_filter "/spec/"
+  end
+rescue LoadError
+end
+
+require 'json/canonicalization'
+
+::RSpec.configure do |c|
+  c.filter_run focus: true
+  c.run_all_when_everything_filtered = true
+end

metadata

@@ -0,0 +1,106 @@
+--- !ruby/object:Gem::Specification
+name: json-canonicalization
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Gregg Kellogg
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-03-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+description: JSON::Canonicalization generates canonical JSON output from Ruby objects.
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- AUTHORS
+- LICENSE
+- README.md
+- VERSION
+- lib/json/canonicalization.rb
+- lib/json/canonicalization/version.rb
+- spec/c14n_spec.rb
+- spec/input/arrays.json
+- spec/input/french.json
+- spec/input/structures.json
+- spec/input/unicode.json
+- spec/input/values.json
+- spec/input/wierd.json
+- spec/number_spec.rb
+- spec/output/arrays.json
+- spec/output/french.json
+- spec/output/structures.json
+- spec/output/unicode.json
+- spec/output/values.json
+- spec/output/wierd.json
+- spec/spec_helper.rb
+homepage: http://github.com/dryruby/json-canonicalization
+licenses:
+- Unlicense
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.2.2
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.2
+signing_key: 
+specification_version: 4
+summary: JSON Canonicalization for Ruby.
+test_files:
+- spec/spec_helper.rb
+- spec/c14n_spec.rb
+- spec/number_spec.rb
+- spec/input/french.json
+- spec/input/arrays.json
+- spec/input/structures.json
+- spec/input/unicode.json
+- spec/input/wierd.json
+- spec/input/values.json
+- spec/output/french.json
+- spec/output/arrays.json
+- spec/output/structures.json
+- spec/output/unicode.json
+- spec/output/wierd.json
+- spec/output/values.json