Use JSON Canonicalization Scheme (JCS)

atomicdata-dev / atomic-server

An open source headless CMS / real-time database. Powerful table editor, full-text search, and SDKs for JS / React / Svelte.

https://atomicserver.eu

MIT License

972 stars 45 forks source link

Use JSON Canonicalization Scheme (JCS) #115

Open joepio opened 3 years ago

joepio commented 3 years ago

Although the tests are currently passing, and most commits seem to work just fine, I'm pretty sure that there will be situations where the deterministic json-ad serialization will be different from the Typescript version.

To prevent this, I should switch to serde_jcs. Also, double check in atomic-data-browser that this spec is used as well.

Also https://docs.rs/serde_canonical_json/latest/serde_canonical_json/

joepio commented 3 years ago

Also, maybe use JSON Web Signature encoding? https://crates.io/crates/jws

See https://github.com/ontola/atomic-data/issues/35

joepio commented 3 years ago

Also, don't use base64 in URLs (because of =, / characters), maybe consider base64URL

joepio commented 8 months ago

I used serde_canonical_json. Not sure it is actually JCS, though: https://github.com/gelvinp/rs-serde_canonical_json/issues/1

EDIT: switched to serde_jcs because the other one wasnt JCS.