@sd-jwt/sd-jwt-vc 0.12.0 → 0.12.1-next.1

package/README.md

@@ -41,7 +41,7 @@ import { DisclosureFrame } from '@sd-jwt/sd-jwt-vc';
 const iss = 'University';
 
 // issuance time
-const iat = new Date().getTime() / 1000;
+const iat = Math.floor(Date.now() / 1000); // current time in seconds
 
 //unique identifier of the schema
 const vct = 'University-Degree';

package/dist/index.d.mts

@@ -215,8 +215,9 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     private statusValidator;
     /**
      * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
+     * @param currentDate current time in seconds
      */
-    verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean): Promise<VerificationResult>;
+    verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean, currentDate?: number): Promise<VerificationResult>;
     /**
      * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
      * @param encodedSDJwt
@@ -256,6 +257,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     /**
      * Verifies the status of the SD-JWT-VC.
      * @param result
+     * @param currentDate current time in seconds
      */
     private verifyStatus;
 }

package/dist/index.d.ts

@@ -215,8 +215,9 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     private statusValidator;
     /**
      * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
+     * @param currentDate current time in seconds
      */
-    verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean): Promise<VerificationResult>;
+    verify(encodedSDJwt: string, requiredClaimKeys?: string[], requireKeyBindings?: boolean, currentDate?: number): Promise<VerificationResult>;
     /**
      * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
      * @param encodedSDJwt
@@ -256,6 +257,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
     /**
      * Verifies the status of the SD-JWT-VC.
      * @param result
+     * @param currentDate current time in seconds
      */
     private verifyStatus;
 }

package/dist/index.js

@@ -129,9 +129,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
   }
   /**
    * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
+   * @param currentDate current time in seconds
    */
-  verify(encodedSDJwt, requiredClaimKeys, requireKeyBindings) {
-    return __async(this, null, function* () {
+  verify(_0, _1, _2) {
+    return __async(this, arguments, function* (encodedSDJwt, requiredClaimKeys, requireKeyBindings, currentDate = Math.floor(Date.now() / 1e3)) {
       const result = yield __superGet(_SDJwtVcInstance.prototype, this, "verify").call(this, encodedSDJwt, requiredClaimKeys, requireKeyBindings).then((res) => {
         return {
           payload: res.payload,
@@ -139,7 +140,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
           kb: res.kb
         };
       });
-      yield this.verifyStatus(result);
+      yield this.verifyStatus(result, currentDate);
       if (this.userConfig.loadTypeMetadataFormat) {
         yield this.verifyVct(result);
       }
@@ -291,8 +292,9 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
   /**
    * Verifies the status of the SD-JWT-VC.
    * @param result
+   * @param currentDate current time in seconds
    */
-  verifyStatus(result) {
+  verifyStatus(result, currentDate) {
     return __async(this, null, function* () {
       var _a, _b, _c;
       if (result.payload.status) {
@@ -302,8 +304,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
             result.payload.status.status_list.uri
           );
           const slJWT = import_core.Jwt.fromEncode(statusListJWT);
-          yield slJWT.verify(this.userConfig.verifier);
-          if (((_b = slJWT.payload) == null ? void 0 : _b.exp) && slJWT.payload.exp < Date.now() / 1e3) {
+          yield slJWT.verify(this.userConfig.verifier, currentDate);
+          if (((_b = slJWT.payload) == null ? void 0 : _b.exp) && slJWT.payload.exp < currentDate) {
             throw new import_utils.SDJWTException("Status list is expired");
           }
           const statusList = (0, import_jwt_status_list.getListFromStatusListJWT)(statusListJWT);

package/dist/index.mjs

@@ -97,9 +97,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
   }
   /**
    * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
+   * @param currentDate current time in seconds
    */
-  verify(encodedSDJwt, requiredClaimKeys, requireKeyBindings) {
-    return __async(this, null, function* () {
+  verify(_0, _1, _2) {
+    return __async(this, arguments, function* (encodedSDJwt, requiredClaimKeys, requireKeyBindings, currentDate = Math.floor(Date.now() / 1e3)) {
       const result = yield __superGet(_SDJwtVcInstance.prototype, this, "verify").call(this, encodedSDJwt, requiredClaimKeys, requireKeyBindings).then((res) => {
         return {
           payload: res.payload,
@@ -107,7 +108,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
           kb: res.kb
         };
       });
-      yield this.verifyStatus(result);
+      yield this.verifyStatus(result, currentDate);
       if (this.userConfig.loadTypeMetadataFormat) {
         yield this.verifyVct(result);
       }
@@ -259,8 +260,9 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
   /**
    * Verifies the status of the SD-JWT-VC.
    * @param result
+   * @param currentDate current time in seconds
    */
-  verifyStatus(result) {
+  verifyStatus(result, currentDate) {
     return __async(this, null, function* () {
       var _a, _b, _c;
       if (result.payload.status) {
@@ -270,8 +272,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
             result.payload.status.status_list.uri
           );
           const slJWT = Jwt.fromEncode(statusListJWT);
-          yield slJWT.verify(this.userConfig.verifier);
-          if (((_b = slJWT.payload) == null ? void 0 : _b.exp) && slJWT.payload.exp < Date.now() / 1e3) {
+          yield slJWT.verify(this.userConfig.verifier, currentDate);
+          if (((_b = slJWT.payload) == null ? void 0 : _b.exp) && slJWT.payload.exp < currentDate) {
             throw new SDJWTException("Status list is expired");
           }
           const statusList = getListFromStatusListJWT(statusListJWT);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sd-jwt/sd-jwt-vc",
-  "version": "0.12.0",
+  "version": "0.12.1-next.1+0a2f20b",
   "description": "sd-jwt draft 7 implementation in typescript",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -39,15 +39,15 @@
   },
   "license": "Apache-2.0",
   "dependencies": {
-    "@sd-jwt/core": "0.12.0",
-    "@sd-jwt/jwt-status-list": "0.12.0",
-    "@sd-jwt/utils": "0.12.0",
+    "@sd-jwt/core": "0.12.1-next.1+0a2f20b",
+    "@sd-jwt/jwt-status-list": "0.12.1-next.1+0a2f20b",
+    "@sd-jwt/utils": "0.12.1-next.1+0a2f20b",
     "ajv": "^8.17.1",
     "ajv-formats": "^3.0.1"
   },
   "devDependencies": {
-    "@sd-jwt/crypto-nodejs": "0.12.0",
-    "@sd-jwt/types": "0.12.0",
+    "@sd-jwt/crypto-nodejs": "0.12.1-next.1+0a2f20b",
+    "@sd-jwt/types": "0.12.1-next.1+0a2f20b",
     "jose": "^5.2.2",
     "msw": "^2.3.5"
   },
@@ -67,5 +67,5 @@
       "esm"
     ]
   },
-  "gitHead": "36e0b22eb619f3ca9ae8522a26617e50c3680526"
+  "gitHead": "0a2f20b6383d2356540e7a9cc37748c7b9caced2"
 }

package/src/sd-jwt-vc-instance.ts

@@ -106,11 +106,13 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
 
   /**
    * Verifies the SD-JWT-VC. It will validate the signature, the keybindings when required, the status, and the VCT.
+   * @param currentDate current time in seconds
    */
   async verify(
     encodedSDJwt: string,
     requiredClaimKeys?: string[],
     requireKeyBindings?: boolean,
+    currentDate: number = Math.floor(Date.now() / 1000),
   ) {
     // Call the parent class's verify method
     const result: VerificationResult = await super
@@ -123,7 +125,7 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
         };
       });
 
-    await this.verifyStatus(result);
+    await this.verifyStatus(result, currentDate);
     if (this.userConfig.loadTypeMetadataFormat) {
       await this.verifyVct(result);
     }
@@ -300,8 +302,12 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
   /**
    * Verifies the status of the SD-JWT-VC.
    * @param result
+   * @param currentDate current time in seconds
    */
-  private async verifyStatus(result: VerificationResult): Promise<void> {
+  private async verifyStatus(
+    result: VerificationResult,
+    currentDate: number,
+  ): Promise<void> {
     if (result.payload.status) {
       //checks if a status field is present in the payload based on https://www.ietf.org/archive/id/draft-ietf-oauth-status-list-02.html
       if (result.payload.status.status_list) {
@@ -319,13 +325,10 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
           StatusListJWTPayload
         >(statusListJWT);
         // check if the status list has a valid signature. The presence of the verifier is checked in the parent class.
-        await slJWT.verify(this.userConfig.verifier as Verifier);
+        await slJWT.verify(this.userConfig.verifier as Verifier, currentDate);
 
         //check if the status list is expired
-        if (
-          slJWT.payload?.exp &&
-          (slJWT.payload.exp as number) < Date.now() / 1000
-        ) {
+        if (slJWT.payload?.exp && (slJWT.payload.exp as number) < currentDate) {
           throw new SDJWTException('Status list is expired');
         }
 

package/src/test/index.spec.ts

@@ -18,7 +18,7 @@ import { SignJWT } from 'jose';
 
 const iss = 'ExampleIssuer';
 const vct = 'ExampleCredentialType';
-const iat = new Date().getTime() / 1000;
+const iat = Math.floor(Date.now() / 1000);
 
 const { privateKey, publicKey } = Crypto.generateKeyPairSync('ed25519');
 
@@ -45,7 +45,7 @@ const generateStatusList = async (): Promise<string> => {
   const payload: JwtPayload = {
     iss: 'https://example.com',
     sub: 'https://example.com/status/1',
-    iat: new Date().getTime() / 1000,
+    iat: Math.floor(Date.now() / 1000),
   };
   const header: StatusListJWTHeaderParameters = {
     alg: 'EdDSA',

package/src/test/vct.spec.ts

@@ -70,7 +70,7 @@ const server = setupServer(...restHandlers);
 
 const iss = 'ExampleIssuer';
 const vct = 'http://example.com/example';
-const iat = new Date().getTime() / 1000;
+const iat = Math.floor(Date.now() / 1000); // current time in seconds
 
 const { privateKey, publicKey } = Crypto.generateKeyPairSync('ed25519');
 

package/test/app-e2e.spec.ts

@@ -30,7 +30,7 @@ const createSignerVerifier = () => {
 
 const iss = 'ExampleIssuer';
 const vct = 'ExampleCredentials';
-const iat = new Date().getTime() / 1000;
+const iat = Math.floor(Date.now() / 1000); // current time in seconds
 
 describe('App', () => {
   test('Example', async () => {