@sd-jwt/sd-jwt-vc 0.19.1-next.1 → 0.19.1-next.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -1,5 +1,5 @@
1
1
  ![License](https://img.shields.io/github/license/openwallet-foundation/sd-jwt-js.svg)
2
- ![NPM](https://img.shields.io/npm/v/%40sd-jwt%2Fcore)
2
+ ![NPM](https://img.shields.io/npm/v/%40sd-jwt%2Fsd-jwt-vc)
3
3
  ![Release](https://img.shields.io/github/v/release/openwallet-foundation/sd-jwt-js)
4
4
  ![Stars](https://img.shields.io/github/stars/openwallet-foundation/sd-jwt-js)
5
5
 
@@ -9,7 +9,7 @@
9
9
 
10
10
  ### About
11
11
 
12
- SD-JWT-VC format based on the core functions
12
+ Implementation of [SD-JWT-based Verifiable Credentials (SD-JWT VC) draft-ietf-oauth-sd-jwt-vc-15](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html), built on top of `@sd-jwt/core` ([RFC 9901](https://www.rfc-editor.org/rfc/rfc9901.html)).
13
13
 
14
14
  Check the detail description in our github [repo](https://github.com/openwallet-foundation/sd-jwt-js).
15
15
 
@@ -34,8 +34,8 @@ Ensure you have Node.js installed as a prerequisite.
34
34
 
35
35
  Here's a basic example of how to use this library:
36
36
 
37
- ```jsx
38
- import { DisclosureFrame } from '@sd-jwt/sd-jwt-vc';
37
+ ```typescript
38
+ import type { DisclosureFrame } from '@sd-jwt/core';
39
39
 
40
40
  // identifier of the issuer
41
41
  const iss = 'University';
@@ -85,7 +85,7 @@ Check out more details in our [documentation](https://github.com/openwallet-foun
85
85
 
86
86
  ### Revocation
87
87
 
88
- To add revocation capabilities, you can use the `@sd-jwt/jwt-status-list` library to create a JWT Status List and include it in the SD-JWT-VC.
88
+ To add revocation capabilities, you can use the `@owf/token-status-list` library to create a JWT Status List and include it in the SD-JWT-VC.
89
89
 
90
90
  You can pass a dedicated `statusVerifier` function in the configuration to verify the signature of the payload of the JWT of the statuslist. If no function is provided, it will fallback to the verifier that is also used for the sd-jwt-vc.
91
91
 
@@ -105,13 +105,69 @@ const sdjwt = new SDJwtVcInstance({
105
105
  });
106
106
  ```
107
107
 
108
- The library will load load the type metadata format based on the `vct` value according to the [SD-JWT-VC specification](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-08.html#name-sd-jwt-vc-type-metadata) and validate this schema.
108
+ The library will load the type metadata format based on the `vct` value according to the [SD-JWT-VC specification](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html#name-sd-jwt-vc-type-metadata) and validate this schema.
109
109
 
110
110
  Since at this point the display is not yet implemented, the library will only validate the schema and return the type metadata format. In the future the values of the type metadata can be fetched via a function call.
111
111
 
112
+ ### Verification
113
+
114
+ The library provides two verification approaches:
115
+
116
+ #### Standard Verification (Fail-Fast)
117
+
118
+ The `verify()` method throws an error immediately when the first validation failure is encountered:
119
+
120
+ ```typescript
121
+ try {
122
+ const result = await sdjwt.verify(presentation);
123
+ console.log('Verified payload:', result.payload);
124
+ } catch (error) {
125
+ console.error('Verification failed:', error.message);
126
+ }
127
+ ```
128
+
129
+ #### Safe Verification (Collect All Errors)
130
+
131
+ The `safeVerify()` method collects all validation errors instead of failing on the first one. This is useful when you want to show users all issues with a credential at once, including signature, status (revocation), and VCT metadata validation:
132
+
133
+ ```typescript
134
+ import type { SafeVerifyResult, VerificationError } from '@sd-jwt/core';
135
+
136
+ const result = await sdjwt.safeVerify(presentation);
137
+
138
+ if (result.success) {
139
+ // Verification succeeded
140
+ console.log('Verified payload:', result.payload);
141
+ console.log('Header:', result.header);
142
+ if (result.kb) {
143
+ console.log('Key binding:', result.kb);
144
+ }
145
+ if (result.typeMetadata) {
146
+ console.log('Type metadata:', result.typeMetadata);
147
+ }
148
+ } else {
149
+ // Verification failed - inspect all errors
150
+ for (const error of result.errors) {
151
+ console.error(`[${error.code}] ${error.message}`);
152
+ if (error.details) {
153
+ console.error('Details:', error.details);
154
+ }
155
+ }
156
+ }
157
+ ```
158
+
159
+ ##### SD-JWT-VC Specific Error Codes
160
+
161
+ In addition to the [core error codes](../core/README.md#error-codes), `safeVerify()` in SD-JWT-VC can return:
162
+
163
+ | Code | Description |
164
+ |------|-------------|
165
+ | `STATUS_VERIFICATION_FAILED` | Status list fetch or verification failed |
166
+ | `STATUS_INVALID` | Credential status indicates revocation |
167
+ | `VCT_VERIFICATION_FAILED` | VCT type metadata fetch or validation failed |
168
+
112
169
  ### Dependencies
113
170
 
114
- - @sd-jwt/core
115
- - @sd-jwt/types
116
- - @sd-jwt/utils
117
- - @sd-jwt/jwt-status-list
171
+ - [@sd-jwt/core](https://www.npmjs.com/package/@sd-jwt/core)
172
+ - [@owf/token-status-list](https://www.npmjs.com/package/@owf/token-status-list)
173
+ - [zod](https://www.npmjs.com/package/zod)
package/dist/index.d.mts CHANGED
@@ -1,6 +1,5 @@
1
- import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame } from '@sd-jwt/types';
1
+ import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
2
2
  import { z } from 'zod';
3
- import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
4
3
 
5
4
  declare const BackgroundImageSchema: z.ZodObject<{
6
5
  /** REQUIRED. A URI pointing to the background image. */
@@ -933,7 +932,7 @@ type ResolvedTypeMetadata = {
933
932
  };
934
933
  type TypeMetadataFormat = z.infer<typeof TypeMetadataFormatSchema>;
935
934
 
936
- type VcTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
935
+ type VCTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
937
936
 
938
937
  type StatusListFetcher = (uri: string) => Promise<string>;
939
938
  type StatusValidator = (status: number) => Promise<void>;
@@ -943,7 +942,7 @@ type StatusValidator = (status: number) => Promise<void>;
943
942
  type SDJWTVCConfig = SDJWTConfig & {
944
943
  statusListFetcher?: StatusListFetcher;
945
944
  statusValidator?: StatusValidator;
946
- vctFetcher?: VcTFetcher;
945
+ vctFetcher?: VCTFetcher;
947
946
  statusVerifier?: Verifier;
948
947
  loadTypeMetadataFormat?: boolean;
949
948
  timeout?: number;
@@ -1008,6 +1007,16 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
1008
1007
  * @param currentDate current time in seconds
1009
1008
  */
1010
1009
  verify(encodedSDJwt: string, options?: VerifierOptions): Promise<VerificationResult>;
1010
+ /**
1011
+ * Safe verification that collects all errors instead of failing fast.
1012
+ * Returns a result object with either the verified data or an array of all errors.
1013
+ * This includes SD-JWT-VC specific validations like status and VCT metadata.
1014
+ *
1015
+ * @param encodedSDJwt - The encoded SD-JWT-VC to verify
1016
+ * @param options - Verification options
1017
+ * @returns A SafeVerifyResult containing either success data or collected errors
1018
+ */
1019
+ safeVerify(encodedSDJwt: string, options?: VerifierOptions): Promise<SafeVerifyResult<VerificationResult>>;
1011
1020
  /**
1012
1021
  * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
1013
1022
  *
@@ -1091,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
1091
1100
  * @param options
1092
1101
  */
1093
1102
  private verifyStatus;
1103
+ config(newConfig: SDJWTVCConfig): void;
1094
1104
  }
1095
1105
 
1096
- export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VcTFetcher, type VerificationResult };
1106
+ export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
package/dist/index.d.ts CHANGED
@@ -1,6 +1,5 @@
1
- import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame } from '@sd-jwt/types';
1
+ import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
2
2
  import { z } from 'zod';
3
- import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
4
3
 
5
4
  declare const BackgroundImageSchema: z.ZodObject<{
6
5
  /** REQUIRED. A URI pointing to the background image. */
@@ -933,7 +932,7 @@ type ResolvedTypeMetadata = {
933
932
  };
934
933
  type TypeMetadataFormat = z.infer<typeof TypeMetadataFormatSchema>;
935
934
 
936
- type VcTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
935
+ type VCTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
937
936
 
938
937
  type StatusListFetcher = (uri: string) => Promise<string>;
939
938
  type StatusValidator = (status: number) => Promise<void>;
@@ -943,7 +942,7 @@ type StatusValidator = (status: number) => Promise<void>;
943
942
  type SDJWTVCConfig = SDJWTConfig & {
944
943
  statusListFetcher?: StatusListFetcher;
945
944
  statusValidator?: StatusValidator;
946
- vctFetcher?: VcTFetcher;
945
+ vctFetcher?: VCTFetcher;
947
946
  statusVerifier?: Verifier;
948
947
  loadTypeMetadataFormat?: boolean;
949
948
  timeout?: number;
@@ -1008,6 +1007,16 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
1008
1007
  * @param currentDate current time in seconds
1009
1008
  */
1010
1009
  verify(encodedSDJwt: string, options?: VerifierOptions): Promise<VerificationResult>;
1010
+ /**
1011
+ * Safe verification that collects all errors instead of failing fast.
1012
+ * Returns a result object with either the verified data or an array of all errors.
1013
+ * This includes SD-JWT-VC specific validations like status and VCT metadata.
1014
+ *
1015
+ * @param encodedSDJwt - The encoded SD-JWT-VC to verify
1016
+ * @param options - Verification options
1017
+ * @returns A SafeVerifyResult containing either success data or collected errors
1018
+ */
1019
+ safeVerify(encodedSDJwt: string, options?: VerifierOptions): Promise<SafeVerifyResult<VerificationResult>>;
1011
1020
  /**
1012
1021
  * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
1013
1022
  *
@@ -1091,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
1091
1100
  * @param options
1092
1101
  */
1093
1102
  private verifyStatus;
1103
+ config(newConfig: SDJWTVCConfig): void;
1094
1104
  }
1095
1105
 
1096
- export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VcTFetcher, type VerificationResult };
1106
+ export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
package/dist/index.js CHANGED
@@ -101,9 +101,8 @@ __export(index_exports, {
101
101
  module.exports = __toCommonJS(index_exports);
102
102
 
103
103
  // src/sd-jwt-vc-instance.ts
104
+ var import_token_status_list = require("@owf/token-status-list");
104
105
  var import_core = require("@sd-jwt/core");
105
- var import_jwt_status_list = require("@sd-jwt/jwt-status-list");
106
- var import_utils = require("@sd-jwt/utils");
107
106
  var import_zod2 = __toESM(require("zod"));
108
107
 
109
108
  // src/sd-jwt-vc-type-metadata-format.ts
@@ -287,9 +286,11 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
287
286
  validateReservedFields(disclosureFrame) {
288
287
  if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
289
288
  const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
290
- const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) => reservedNames.includes(key));
289
+ const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
290
+ (key) => reservedNames.includes(String(key))
291
+ );
291
292
  if (reservedNamesInDisclosureFrame.length > 0) {
292
- throw new import_utils.SDJWTException("Cannot disclose protected field");
293
+ throw new import_core.SDJWTException("Cannot disclose protected field");
293
294
  }
294
295
  }
295
296
  }
@@ -329,7 +330,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
329
330
  */
330
331
  statusValidator(status) {
331
332
  return __async(this, null, function* () {
332
- if (status !== 0) throw new import_utils.SDJWTException("Status is not valid");
333
+ if (status !== 0) throw new import_core.SDJWTException("Status is not valid");
333
334
  return Promise.resolve();
334
335
  });
335
336
  }
@@ -354,6 +355,96 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
354
355
  return result;
355
356
  });
356
357
  }
358
+ /**
359
+ * Safe verification that collects all errors instead of failing fast.
360
+ * Returns a result object with either the verified data or an array of all errors.
361
+ * This includes SD-JWT-VC specific validations like status and VCT metadata.
362
+ *
363
+ * @param encodedSDJwt - The encoded SD-JWT-VC to verify
364
+ * @param options - Verification options
365
+ * @returns A SafeVerifyResult containing either success data or collected errors
366
+ */
367
+ safeVerify(encodedSDJwt, options) {
368
+ return __async(this, null, function* () {
369
+ const errors = [];
370
+ const addError = (code, message, details) => {
371
+ errors.push({ code, message, details });
372
+ };
373
+ const baseResult = yield __superGet(_SDJwtVcInstance.prototype, this, "safeVerify").call(this, encodedSDJwt, options);
374
+ if (!baseResult.success) {
375
+ errors.push(...baseResult.errors);
376
+ }
377
+ let result;
378
+ if (baseResult.success) {
379
+ result = {
380
+ payload: baseResult.data.payload,
381
+ header: baseResult.data.header,
382
+ kb: baseResult.data.kb
383
+ };
384
+ } else {
385
+ try {
386
+ const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
387
+ if (payload) {
388
+ result = {
389
+ payload,
390
+ header,
391
+ kb: void 0
392
+ };
393
+ }
394
+ } catch (e) {
395
+ }
396
+ }
397
+ if (result) {
398
+ try {
399
+ yield this.verifyStatus(result, options);
400
+ } catch (e) {
401
+ const error = (0, import_core.ensureError)(e);
402
+ const errorMessage = error.message;
403
+ if (errorMessage.includes("Status is not valid")) {
404
+ addError("STATUS_INVALID", errorMessage, error);
405
+ } else {
406
+ addError(
407
+ "STATUS_VERIFICATION_FAILED",
408
+ `Status verification failed: ${errorMessage}`,
409
+ error
410
+ );
411
+ }
412
+ }
413
+ if (this.userConfig.loadTypeMetadataFormat) {
414
+ try {
415
+ const resolvedTypeMetadata = yield this.fetchVct(result);
416
+ if (result) {
417
+ result.typeMetadata = resolvedTypeMetadata;
418
+ }
419
+ } catch (e) {
420
+ addError(
421
+ "VCT_VERIFICATION_FAILED",
422
+ `VCT verification failed: ${(0, import_core.ensureError)(e).message}`,
423
+ e
424
+ );
425
+ }
426
+ }
427
+ }
428
+ if (errors.length > 0) {
429
+ return { success: false, errors };
430
+ }
431
+ if (!result) {
432
+ return {
433
+ success: false,
434
+ errors: [
435
+ {
436
+ code: "INVALID_SD_JWT",
437
+ message: "Failed to construct verification result"
438
+ }
439
+ ]
440
+ };
441
+ }
442
+ return {
443
+ success: true,
444
+ data: result
445
+ };
446
+ });
447
+ }
357
448
  /**
358
449
  * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
359
450
  *
@@ -366,7 +457,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
366
457
  return __async(this, null, function* () {
367
458
  const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
368
459
  if (!payload) {
369
- throw new import_utils.SDJWTException("JWT payload is missing");
460
+ throw new import_core.SDJWTException("JWT payload is missing");
370
461
  }
371
462
  const result = {
372
463
  payload,
@@ -386,10 +477,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
386
477
  if (!integrity) return;
387
478
  const arrayBuffer = yield response.arrayBuffer();
388
479
  const alg = integrity.split("-")[0];
389
- const hashBuffer = yield this.userConfig.hasher(
390
- arrayBuffer,
391
- alg
392
- );
480
+ if (!this.userConfig.hasher) {
481
+ throw new import_core.SDJWTException("Hasher not found");
482
+ }
483
+ const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
393
484
  const integrityHash = integrity.split("-")[1];
394
485
  const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
395
486
  if (hash !== integrityHash) {
@@ -420,7 +511,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
420
511
  yield this.validateIntegrity(response.clone(), url, integrity);
421
512
  const data = yield response.json();
422
513
  return data;
423
- } catch (error) {
514
+ } catch (e) {
515
+ const error = (0, import_core.ensureError)(e);
424
516
  if (error.name === "TimeoutError") {
425
517
  throw new Error(`Request to ${url} timed out`);
426
518
  }
@@ -471,7 +563,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
471
563
  if (baseClaim.sd && extendingClaim.sd) {
472
564
  if ((baseClaim.sd === "always" || baseClaim.sd === "never") && baseClaim.sd !== extendingClaim.sd) {
473
565
  const pathStr = JSON.stringify(extendingClaim.path);
474
- throw new import_utils.SDJWTException(
566
+ throw new import_core.SDJWTException(
475
567
  `Cannot change 'sd' property from '${baseClaim.sd}' to '${extendingClaim.sd}' for claim at path ${pathStr}`
476
568
  );
477
569
  }
@@ -543,17 +635,17 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
543
635
  var _a;
544
636
  const maxDepth = (_a = this.userConfig.maxVctExtendsDepth) != null ? _a : 5;
545
637
  if (maxDepth !== -1 && depth > maxDepth) {
546
- throw new import_utils.SDJWTException(
638
+ throw new import_core.SDJWTException(
547
639
  `Maximum VCT extends depth of ${maxDepth} exceeded`
548
640
  );
549
641
  }
550
642
  if (!parentTypeMetadata.extends) {
551
- throw new import_utils.SDJWTException(
643
+ throw new import_core.SDJWTException(
552
644
  `Type metadata for vct '${parentTypeMetadata.vct}' has no 'extends' field. Unable to resolve extended type metadata document.`
553
645
  );
554
646
  }
555
647
  if (visitedVcts.has(parentTypeMetadata.extends)) {
556
- throw new import_utils.SDJWTException(
648
+ throw new import_core.SDJWTException(
557
649
  `Circular dependency detected in VCT extends chain: ${parentTypeMetadata.extends}`
558
650
  );
559
651
  }
@@ -563,7 +655,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
563
655
  parentTypeMetadata["extends#integrity"]
564
656
  );
565
657
  if (!extendedTypeMetadata) {
566
- throw new import_utils.SDJWTException(
658
+ throw new import_core.SDJWTException(
567
659
  `Resolving VCT extends value '${parentTypeMetadata.extends}' resulted in an undefined result.`
568
660
  );
569
661
  }
@@ -608,7 +700,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
608
700
  if (!data) return void 0;
609
701
  const validated = TypeMetadataFormatSchema.safeParse(data);
610
702
  if (!validated.success) {
611
- throw new import_utils.SDJWTException(
703
+ throw new import_core.SDJWTException(
612
704
  `Invalid VCT type metadata for vct '${vct}':
613
705
  ${import_zod2.default.prettifyError(validated.error)}`
614
706
  );
@@ -631,16 +723,19 @@ ${import_zod2.default.prettifyError(validated.error)}`
631
723
  result.payload.status.status_list.uri
632
724
  );
633
725
  const slJWT = import_core.Jwt.fromEncode(statusListJWT);
726
+ if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
727
+ throw new import_core.SDJWTException("Verifier not found for status list JWT");
728
+ }
634
729
  yield slJWT.verify(
635
730
  (_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
636
731
  options
637
732
  ).catch((err) => {
638
- throw new import_jwt_status_list.SLException(
733
+ throw new import_token_status_list.SLException(
639
734
  `Status List JWT verification failed: ${err.message}`,
640
735
  err.details
641
736
  );
642
737
  });
643
- const statusList = (0, import_jwt_status_list.getListFromStatusListJWT)(statusListJWT);
738
+ const statusList = (0, import_token_status_list.getListFromStatusListJWT)(statusListJWT);
644
739
  const status = statusList.getStatus(
645
740
  result.payload.status.status_list.idx
646
741
  );
@@ -650,6 +745,9 @@ ${import_zod2.default.prettifyError(validated.error)}`
650
745
  }
651
746
  });
652
747
  }
748
+ config(newConfig) {
749
+ super.config(newConfig);
750
+ }
653
751
  };
654
752
  // Annotate the CommonJS export names for ESM import in node:
655
753
  0 && (module.exports = {
package/dist/index.mjs CHANGED
@@ -54,12 +54,17 @@ var __async = (__this, __arguments, generator) => {
54
54
  };
55
55
 
56
56
  // src/sd-jwt-vc-instance.ts
57
- import { Jwt, SDJwt, SDJwtInstance } from "@sd-jwt/core";
58
57
  import {
59
58
  getListFromStatusListJWT,
60
59
  SLException
61
- } from "@sd-jwt/jwt-status-list";
62
- import { SDJWTException } from "@sd-jwt/utils";
60
+ } from "@owf/token-status-list";
61
+ import {
62
+ ensureError,
63
+ Jwt,
64
+ SDJWTException,
65
+ SDJwt,
66
+ SDJwtInstance
67
+ } from "@sd-jwt/core";
63
68
  import z2 from "zod";
64
69
 
65
70
  // src/sd-jwt-vc-type-metadata-format.ts
@@ -243,7 +248,9 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
243
248
  validateReservedFields(disclosureFrame) {
244
249
  if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
245
250
  const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
246
- const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) => reservedNames.includes(key));
251
+ const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
252
+ (key) => reservedNames.includes(String(key))
253
+ );
247
254
  if (reservedNamesInDisclosureFrame.length > 0) {
248
255
  throw new SDJWTException("Cannot disclose protected field");
249
256
  }
@@ -310,6 +317,96 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
310
317
  return result;
311
318
  });
312
319
  }
320
+ /**
321
+ * Safe verification that collects all errors instead of failing fast.
322
+ * Returns a result object with either the verified data or an array of all errors.
323
+ * This includes SD-JWT-VC specific validations like status and VCT metadata.
324
+ *
325
+ * @param encodedSDJwt - The encoded SD-JWT-VC to verify
326
+ * @param options - Verification options
327
+ * @returns A SafeVerifyResult containing either success data or collected errors
328
+ */
329
+ safeVerify(encodedSDJwt, options) {
330
+ return __async(this, null, function* () {
331
+ const errors = [];
332
+ const addError = (code, message, details) => {
333
+ errors.push({ code, message, details });
334
+ };
335
+ const baseResult = yield __superGet(_SDJwtVcInstance.prototype, this, "safeVerify").call(this, encodedSDJwt, options);
336
+ if (!baseResult.success) {
337
+ errors.push(...baseResult.errors);
338
+ }
339
+ let result;
340
+ if (baseResult.success) {
341
+ result = {
342
+ payload: baseResult.data.payload,
343
+ header: baseResult.data.header,
344
+ kb: baseResult.data.kb
345
+ };
346
+ } else {
347
+ try {
348
+ const { payload, header } = yield SDJwt.extractJwt(encodedSDJwt);
349
+ if (payload) {
350
+ result = {
351
+ payload,
352
+ header,
353
+ kb: void 0
354
+ };
355
+ }
356
+ } catch (e) {
357
+ }
358
+ }
359
+ if (result) {
360
+ try {
361
+ yield this.verifyStatus(result, options);
362
+ } catch (e) {
363
+ const error = ensureError(e);
364
+ const errorMessage = error.message;
365
+ if (errorMessage.includes("Status is not valid")) {
366
+ addError("STATUS_INVALID", errorMessage, error);
367
+ } else {
368
+ addError(
369
+ "STATUS_VERIFICATION_FAILED",
370
+ `Status verification failed: ${errorMessage}`,
371
+ error
372
+ );
373
+ }
374
+ }
375
+ if (this.userConfig.loadTypeMetadataFormat) {
376
+ try {
377
+ const resolvedTypeMetadata = yield this.fetchVct(result);
378
+ if (result) {
379
+ result.typeMetadata = resolvedTypeMetadata;
380
+ }
381
+ } catch (e) {
382
+ addError(
383
+ "VCT_VERIFICATION_FAILED",
384
+ `VCT verification failed: ${ensureError(e).message}`,
385
+ e
386
+ );
387
+ }
388
+ }
389
+ }
390
+ if (errors.length > 0) {
391
+ return { success: false, errors };
392
+ }
393
+ if (!result) {
394
+ return {
395
+ success: false,
396
+ errors: [
397
+ {
398
+ code: "INVALID_SD_JWT",
399
+ message: "Failed to construct verification result"
400
+ }
401
+ ]
402
+ };
403
+ }
404
+ return {
405
+ success: true,
406
+ data: result
407
+ };
408
+ });
409
+ }
313
410
  /**
314
411
  * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
315
412
  *
@@ -342,10 +439,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
342
439
  if (!integrity) return;
343
440
  const arrayBuffer = yield response.arrayBuffer();
344
441
  const alg = integrity.split("-")[0];
345
- const hashBuffer = yield this.userConfig.hasher(
346
- arrayBuffer,
347
- alg
348
- );
442
+ if (!this.userConfig.hasher) {
443
+ throw new SDJWTException("Hasher not found");
444
+ }
445
+ const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
349
446
  const integrityHash = integrity.split("-")[1];
350
447
  const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
351
448
  if (hash !== integrityHash) {
@@ -376,7 +473,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
376
473
  yield this.validateIntegrity(response.clone(), url, integrity);
377
474
  const data = yield response.json();
378
475
  return data;
379
- } catch (error) {
476
+ } catch (e) {
477
+ const error = ensureError(e);
380
478
  if (error.name === "TimeoutError") {
381
479
  throw new Error(`Request to ${url} timed out`);
382
480
  }
@@ -587,6 +685,9 @@ ${z2.prettifyError(validated.error)}`
587
685
  result.payload.status.status_list.uri
588
686
  );
589
687
  const slJWT = Jwt.fromEncode(statusListJWT);
688
+ if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
689
+ throw new SDJWTException("Verifier not found for status list JWT");
690
+ }
590
691
  yield slJWT.verify(
591
692
  (_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
592
693
  options
@@ -606,6 +707,9 @@ ${z2.prettifyError(validated.error)}`
606
707
  }
607
708
  });
608
709
  }
710
+ config(newConfig) {
711
+ super.config(newConfig);
712
+ }
609
713
  };
610
714
  export {
611
715
  BackgroundImageSchema,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sd-jwt/sd-jwt-vc",
3
- "version": "0.19.1-next.1+576f172",
3
+ "version": "0.19.1-next.10+fe18c35",
4
4
  "description": "sd-jwt draft 7 implementation in typescript",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -38,14 +38,12 @@
38
38
  },
39
39
  "license": "Apache-2.0",
40
40
  "dependencies": {
41
- "@sd-jwt/core": "0.19.1-next.1+576f172",
42
- "@sd-jwt/jwt-status-list": "0.19.1-next.1+576f172",
43
- "@sd-jwt/utils": "0.19.1-next.1+576f172",
41
+ "@owf/token-status-list": "^0.1.0-alpha-20260312123226",
42
+ "@sd-jwt/core": "0.19.1-next.10+fe18c35",
44
43
  "zod": "^4.3.5"
45
44
  },
46
45
  "devDependencies": {
47
- "@sd-jwt/crypto-nodejs": "0.19.1-next.1+576f172",
48
- "@sd-jwt/types": "0.19.1-next.1+576f172",
46
+ "@owf/crypto": "^0.1.0-alpha-20260312123226",
49
47
  "jose": "^6.1.2",
50
48
  "msw": "^2.12.3"
51
49
  },
@@ -65,5 +63,5 @@
65
63
  "esm"
66
64
  ]
67
65
  },
68
- "gitHead": "576f17261cd5459df00b0ba537914f8a7782ace3"
66
+ "gitHead": "fe18c3572055c3307d05f43f738c1d3c3f15de38"
69
67
  }
@@ -1,5 +1,5 @@
1
- import type { SDJWTConfig, Verifier } from '@sd-jwt/types';
2
- import type { VcTFetcher } from './sd-jwt-vc-vct';
1
+ import type { SDJWTConfig, Verifier } from '@sd-jwt/core';
2
+ import type { VCTFetcher } from './sd-jwt-vc-vct';
3
3
 
4
4
  export type StatusListFetcher = (uri: string) => Promise<string>;
5
5
  export type StatusValidator = (status: number) => Promise<void>;
@@ -13,7 +13,7 @@ export type SDJWTVCConfig = SDJWTConfig & {
13
13
  // validte the status and decide if the status is valid or not. If not provided, the code will continue if it is 0, otherwise it will throw an error.
14
14
  statusValidator?: StatusValidator;
15
15
  // a function that fetches the type metadata format from the uri. If not provided, the library will assume that the response is a TypeMetadataFormat. Caching has to be implemented in this function. If the integrity value is passed, it to be validated according to https://www.w3.org/TR/SRI/
16
- vctFetcher?: VcTFetcher;
16
+ vctFetcher?: VCTFetcher;
17
17
  // a function that verifies the status of the JWT. If not provided, the library will assume that the status is valid if it is 0.
18
18
  statusVerifier?: Verifier;
19
19
  // if set to true, it will load the metadata format based on the vct value. If not provided, it will default to false.
@@ -1,12 +1,21 @@
1
- import { Jwt, SDJwt, SDJwtInstance, type VerifierOptions } from '@sd-jwt/core';
2
1
  import {
3
2
  getListFromStatusListJWT,
4
3
  SLException,
5
4
  type StatusListJWTHeaderParameters,
6
5
  type StatusListJWTPayload,
7
- } from '@sd-jwt/jwt-status-list';
8
- import type { DisclosureFrame, Hasher, Verifier } from '@sd-jwt/types';
9
- import { SDJWTException } from '@sd-jwt/utils';
6
+ } from '@owf/token-status-list';
7
+ import {
8
+ type DisclosureFrame,
9
+ ensureError,
10
+ Jwt,
11
+ type SafeVerifyResult,
12
+ SDJWTException,
13
+ SDJwt,
14
+ SDJwtInstance,
15
+ type VerificationError,
16
+ type VerificationErrorCode,
17
+ type VerifierOptions,
18
+ } from '@sd-jwt/core';
10
19
  import z from 'zod';
11
20
  import type {
12
21
  SDJWTVCConfig,
@@ -53,9 +62,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
53
62
  ) {
54
63
  const reservedNames = ['iss', 'nbf', 'exp', 'cnf', 'vct', 'status'];
55
64
  // check if there is any reserved names in the disclosureFrame._sd array
56
- const reservedNamesInDisclosureFrame = (
57
- disclosureFrame._sd as string[]
58
- ).filter((key) => reservedNames.includes(key));
65
+ const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) =>
66
+ reservedNames.includes(String(key)),
67
+ );
59
68
  if (reservedNamesInDisclosureFrame.length > 0) {
60
69
  throw new SDJWTException('Cannot disclose protected field');
61
70
  }
@@ -133,6 +142,123 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
133
142
  return result;
134
143
  }
135
144
 
145
+ /**
146
+ * Safe verification that collects all errors instead of failing fast.
147
+ * Returns a result object with either the verified data or an array of all errors.
148
+ * This includes SD-JWT-VC specific validations like status and VCT metadata.
149
+ *
150
+ * @param encodedSDJwt - The encoded SD-JWT-VC to verify
151
+ * @param options - Verification options
152
+ * @returns A SafeVerifyResult containing either success data or collected errors
153
+ */
154
+ async safeVerify(
155
+ encodedSDJwt: string,
156
+ options?: VerifierOptions,
157
+ ): Promise<SafeVerifyResult<VerificationResult>> {
158
+ const errors: VerificationError[] = [];
159
+
160
+ // Helper to add errors
161
+ const addError = (
162
+ code: VerificationErrorCode,
163
+ message: string,
164
+ details?: unknown,
165
+ ) => {
166
+ errors.push({ code, message, details });
167
+ };
168
+
169
+ // First, call the parent's safeVerify to get base verification results
170
+ const baseResult = await super.safeVerify(encodedSDJwt, options);
171
+
172
+ // Collect errors from base verification
173
+ if (!baseResult.success) {
174
+ errors.push(...baseResult.errors);
175
+ }
176
+
177
+ // Build partial result for additional verifications
178
+ let result: VerificationResult | undefined;
179
+ if (baseResult.success) {
180
+ result = {
181
+ payload: baseResult.data.payload as SdJwtVcPayload,
182
+ header: baseResult.data.header,
183
+ kb: baseResult.data.kb as VerificationResult['kb'],
184
+ };
185
+ } else {
186
+ // Try to extract payload even if verification failed for status/vct checks
187
+ try {
188
+ const { payload, header } = await SDJwt.extractJwt<
189
+ Record<string, unknown>,
190
+ SdJwtVcPayload
191
+ >(encodedSDJwt);
192
+ if (payload) {
193
+ result = {
194
+ payload,
195
+ header,
196
+ kb: undefined,
197
+ };
198
+ }
199
+ } catch {
200
+ // Cannot extract payload, skip additional checks
201
+ }
202
+ }
203
+
204
+ // Verify status (if payload is available)
205
+ if (result) {
206
+ try {
207
+ await this.verifyStatus(result, options);
208
+ } catch (e) {
209
+ const error = ensureError(e);
210
+ const errorMessage = error.message;
211
+ if (errorMessage.includes('Status is not valid')) {
212
+ addError('STATUS_INVALID', errorMessage, error);
213
+ } else {
214
+ addError(
215
+ 'STATUS_VERIFICATION_FAILED',
216
+ `Status verification failed: ${errorMessage}`,
217
+ error,
218
+ );
219
+ }
220
+ }
221
+
222
+ // Verify VCT metadata (if configured)
223
+ if (this.userConfig.loadTypeMetadataFormat) {
224
+ try {
225
+ const resolvedTypeMetadata = await this.fetchVct(result);
226
+ if (result) {
227
+ result.typeMetadata = resolvedTypeMetadata;
228
+ }
229
+ } catch (e) {
230
+ addError(
231
+ 'VCT_VERIFICATION_FAILED',
232
+ `VCT verification failed: ${ensureError(e).message}`,
233
+ e,
234
+ );
235
+ }
236
+ }
237
+ }
238
+
239
+ // Return result
240
+ if (errors.length > 0) {
241
+ return { success: false, errors };
242
+ }
243
+
244
+ if (!result) {
245
+ return {
246
+ success: false,
247
+ errors: [
248
+ {
249
+ code: 'INVALID_SD_JWT',
250
+ message: 'Failed to construct verification result',
251
+ },
252
+ ],
253
+ };
254
+ }
255
+
256
+ return {
257
+ success: true,
258
+ data: result,
259
+ };
260
+ }
261
+
136
262
  /**
137
263
  * Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
138
264
  *
@@ -179,10 +305,10 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
179
305
  const arrayBuffer = await response.arrayBuffer();
180
306
  const alg = integrity.split('-')[0];
181
307
  //TODO: error handling when a hasher is passed that is not supporting the required algorithm according to the spec
182
- const hashBuffer = await (this.userConfig.hasher as Hasher)(
183
- arrayBuffer,
184
- alg,
185
- );
308
+ if (!this.userConfig.hasher) {
309
+ throw new SDJWTException('Hasher not found');
310
+ }
311
+ const hashBuffer = await this.userConfig.hasher(arrayBuffer, alg);
186
312
  const integrityHash = integrity.split('-')[1];
187
313
  const hash = Array.from(new Uint8Array(hashBuffer))
188
314
  .map((byte) => byte.toString(16).padStart(2, '0'))
@@ -217,8 +343,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
217
343
  const data = await response.json();
218
344
 
219
345
  return data;
220
- } catch (error) {
221
- if ((error as Error).name === 'TimeoutError') {
346
+ } catch (e) {
347
+ const error = ensureError(e);
348
+ if (error.name === 'TimeoutError') {
222
349
  throw new Error(`Request to ${url} timed out`);
223
350
  }
224
351
  throw error;
@@ -515,10 +642,12 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
515
642
  StatusListJWTPayload
516
643
  >(statusListJWT);
517
644
  // check if the status list has a valid signature. The presence of the verifier is checked in the parent class.
645
+ if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
646
+ throw new SDJWTException('Verifier not found for status list JWT');
647
+ }
518
648
  await slJWT
519
649
  .verify(
520
- this.userConfig.statusVerifier ??
521
- (this.userConfig.verifier as Verifier),
650
+ this.userConfig.statusVerifier ?? this.userConfig.verifier,
522
651
  options,
523
652
  )
524
653
  .catch((err: SLException) => {
@@ -541,4 +670,8 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
541
670
  }
542
671
  }
543
672
  }
673
+
674
+ public config(newConfig: SDJWTVCConfig) {
675
+ super.config(newConfig);
676
+ }
544
677
  }
@@ -1,6 +1,6 @@
1
1
  import type { TypeMetadataFormat } from './sd-jwt-vc-type-metadata-format';
2
2
 
3
- export type VcTFetcher = (
3
+ export type VCTFetcher = (
4
4
  uri: string,
5
5
  integrity?: string,
6
6
  ) => Promise<TypeMetadataFormat | undefined>;
@@ -1,16 +1,16 @@
1
1
  import Crypto from 'node:crypto';
2
- import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
2
+ import { hasher as digest, generateSalt } from '@owf/crypto';
3
3
  import {
4
4
  createHeaderAndPayload,
5
5
  StatusList,
6
6
  type StatusListJWTHeaderParameters,
7
- } from '@sd-jwt/jwt-status-list';
7
+ } from '@owf/token-status-list';
8
8
  import type {
9
9
  DisclosureFrame,
10
10
  JwtPayload,
11
11
  Signer,
12
12
  Verifier,
13
- } from '@sd-jwt/types';
13
+ } from '@sd-jwt/core';
14
14
  import { SignJWT } from 'jose';
15
15
  import { describe, expect, test } from 'vitest';
16
16
  import { SDJwtVcInstance } from '..';
@@ -1,7 +1,7 @@
1
1
  import Crypto from 'node:crypto';
2
2
  import { afterEach } from 'node:test';
3
- import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
4
- import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/types';
3
+ import { hasher as digest, generateSalt } from '@owf/crypto';
4
+ import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/core';
5
5
  import { HttpResponse, http } from 'msw';
6
6
  import { setupServer } from 'msw/node';
7
7
  import { afterAll, beforeAll, describe, expect, test, vitest } from 'vitest';
@@ -1,4 +1,4 @@
1
- import type { kbHeader, kbPayload } from '@sd-jwt/types';
1
+ import type { kbHeader, kbPayload } from '@sd-jwt/core';
2
2
  import type { SdJwtVcPayload } from './sd-jwt-vc-payload';
3
3
  import type { ResolvedTypeMetadata } from './sd-jwt-vc-type-metadata-format';
4
4
 
@@ -1,13 +1,13 @@
1
1
  import Crypto from 'node:crypto';
2
2
  import fs from 'node:fs';
3
3
  import path from 'node:path';
4
- import { digest, generateSalt } from '@sd-jwt/crypto-nodejs';
4
+ import { hasher as digest, generateSalt } from '@owf/crypto';
5
5
  import type {
6
6
  DisclosureFrame,
7
7
  PresentationFrame,
8
8
  Signer,
9
9
  Verifier,
10
- } from '@sd-jwt/types';
10
+ } from '@sd-jwt/core';
11
11
  import { describe, expect, test } from 'vitest';
12
12
  import { SDJwtVcInstance } from '../src/index';
13
13
 
package/CHANGELOG.md DELETED
@@ -1,282 +0,0 @@
1
- # Change Log
2
-
3
- All notable changes to this project will be documented in this file.
4
- See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
-
6
- # [0.19.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.1...v0.19.0) (2026-01-23)
7
-
8
-
9
- ### Bug Fixes
10
-
11
- * missing/updated fields in type metadata ([#359](https://github.com/openwallet-foundation/sd-jwt-js/issues/359)) ([d230a8d](https://github.com/openwallet-foundation/sd-jwt-js/commit/d230a8df2899b342b98a1d72eb606fb31de41924))
12
-
13
-
14
- ### Features
15
-
16
- * update to locale ([#358](https://github.com/openwallet-foundation/sd-jwt-js/issues/358)) ([114389e](https://github.com/openwallet-foundation/sd-jwt-js/commit/114389ef8e02b4b40d4e16585a4eea0bdb0732bc))
17
-
18
-
19
-
20
-
21
-
22
- ## [0.18.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.0...v0.18.1) (2026-01-14)
23
-
24
-
25
- ### Bug Fixes
26
-
27
- * keep custom properties on type metadata ([#357](https://github.com/openwallet-foundation/sd-jwt-js/issues/357)) ([2b1f0ba](https://github.com/openwallet-foundation/sd-jwt-js/commit/2b1f0badd7fcc4096e12c38dae227f0ed9d30ec3))
28
-
29
-
30
-
31
-
32
-
33
- # [0.18.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.1...v0.18.0) (2026-01-11)
34
-
35
-
36
- ### Bug Fixes
37
-
38
- * integrity check ([#339](https://github.com/openwallet-foundation/sd-jwt-js/issues/339)) ([4a4c1b0](https://github.com/openwallet-foundation/sd-jwt-js/commit/4a4c1b0c04615bcf0e455d51cd1b9234cbcd0d78))
39
-
40
-
41
- ### Features
42
-
43
- * allow undefined type metadata to be returned by resolver ([#338](https://github.com/openwallet-foundation/sd-jwt-js/issues/338)) ([213de7e](https://github.com/openwallet-foundation/sd-jwt-js/commit/213de7e85b9820ca638ba3362fe4deee808e236e))
44
- * validate sd jwt vc type metadata with zod ([#348](https://github.com/openwallet-foundation/sd-jwt-js/issues/348)) ([23e4beb](https://github.com/openwallet-foundation/sd-jwt-js/commit/23e4beb767451ef975709d01e471285da00f55e9))
45
-
46
-
47
-
48
-
49
-
50
- ## [0.17.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.0...v0.17.1) (2025-11-18)
51
-
52
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
53
-
54
-
55
-
56
-
57
-
58
- # [0.17.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.16.0...v0.17.0) (2025-10-23)
59
-
60
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
61
-
62
-
63
-
64
-
65
-
66
- # [0.16.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.1...v0.16.0) (2025-10-07)
67
-
68
-
69
- ### Bug Fixes
70
-
71
- * change repo url from labs to other one ([#323](https://github.com/openwallet-foundation/sd-jwt-js/issues/323)) ([f68c847](https://github.com/openwallet-foundation/sd-jwt-js/commit/f68c8476c2f04bb9d53acd4059b59caf271df015))
72
- * set correct url in package json ([#321](https://github.com/openwallet-foundation/sd-jwt-js/issues/321)) ([554152c](https://github.com/openwallet-foundation/sd-jwt-js/commit/554152cc819bbc3afb504b25f4a2018a92fb72f1))
73
-
74
-
75
- ### Features
76
-
77
- * Adding validation during issuance when a schema is passed ([#308](https://github.com/openwallet-foundation/sd-jwt-js/issues/308)) ([90eef6b](https://github.com/openwallet-foundation/sd-jwt-js/commit/90eef6be1c0838d334ecdef083dbb609c3812357))
78
- * updates all dependencies to latest versions + biome updates ([#324](https://github.com/openwallet-foundation/sd-jwt-js/issues/324)) ([75d5780](https://github.com/openwallet-foundation/sd-jwt-js/commit/75d5780fb53c5e2c886537b283503fc6fb088a4a))
79
-
80
-
81
-
82
-
83
-
84
- ## [0.15.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.0...v0.15.1) (2025-08-28)
85
-
86
-
87
- ### Bug Fixes
88
-
89
- * make iss claim optional in SD-JWT VC payload ([#310](https://github.com/openwallet-foundation/sd-jwt-js/issues/310)) ([f6275e3](https://github.com/openwallet-foundation/sd-jwt-js/commit/f6275e35e66777709321328ba50fec53e5f48c7b))
90
-
91
-
92
-
93
-
94
-
95
- # [0.15.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.1...v0.15.0) (2025-08-20)
96
-
97
-
98
- ### Features
99
-
100
- * Allows to pass a custom function for the status list JWT validation ([#306](https://github.com/openwallet-foundation/sd-jwt-js/issues/306)) ([25e546e](https://github.com/openwallet-foundation/sd-jwt-js/commit/25e546e1536178f8ee41b0e1b3836656fd6f48ab))
101
-
102
-
103
-
104
-
105
-
106
- ## [0.14.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.0...v0.14.1) (2025-08-02)
107
-
108
-
109
- ### Bug Fixes
110
-
111
- * claim type ([#300](https://github.com/openwallet-foundation/sd-jwt-js/issues/300)) ([3bab5ea](https://github.com/openwallet-foundation/sd-jwt-js/commit/3bab5eae69b6ef872209ca00b5593f96b541bc03))
112
-
113
-
114
-
115
-
116
-
117
- # [0.14.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.13.0...v0.14.0) (2025-06-30)
118
-
119
-
120
- ### Features
121
-
122
- * Add Verifier options ([#297](https://github.com/openwallet-foundation/sd-jwt-js/issues/297)) ([2a6a367](https://github.com/openwallet-foundation/sd-jwt-js/commit/2a6a3674f94742f48feaf660056226b1a54145e7))
123
-
124
-
125
-
126
-
127
-
128
- # [0.13.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.12.0...v0.13.0) (2025-06-25)
129
-
130
-
131
- ### Features
132
-
133
- * fetch VCT Metadata from SD JWT header ([#288](https://github.com/openwallet-foundation/sd-jwt-js/issues/288)) ([#294](https://github.com/openwallet-foundation/sd-jwt-js/issues/294)) ([f89ba44](https://github.com/openwallet-foundation/sd-jwt-js/commit/f89ba445aeb57ce342ec76b58a0eb6d0c090a4e9))
134
-
135
-
136
-
137
-
138
-
139
- # [0.12.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.11.0...v0.12.0) (2025-06-21)
140
-
141
-
142
- ### Bug Fixes
143
-
144
- * expose types ([#290](https://github.com/openwallet-foundation/sd-jwt-js/issues/290)) ([1b656ac](https://github.com/openwallet-foundation/sd-jwt-js/commit/1b656ac21796b715096feae439de6b48442244a9))
145
-
146
-
147
- ### Features
148
-
149
- * add missing types ([#286](https://github.com/openwallet-foundation/sd-jwt-js/issues/286)) ([506b876](https://github.com/openwallet-foundation/sd-jwt-js/commit/506b8769ac8e0082ad30544338eace2d0df34294))
150
-
151
-
152
-
153
-
154
-
155
- # [0.11.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.10.0...v0.11.0) (2025-06-17)
156
-
157
-
158
- ### Features
159
-
160
- * SD JWT Instances VCT Metadata get separated from verify ([#285](https://github.com/openwallet-foundation/sd-jwt-js/issues/285)) ([bc91fd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/bc91fd71f7d721298ad5c08d4379bc870903f65f))
161
-
162
-
163
-
164
-
165
-
166
- # [0.10.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.2...v0.10.0) (2025-03-24)
167
-
168
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
169
-
170
-
171
-
172
-
173
-
174
- ## [0.9.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.1...v0.9.2) (2025-01-29)
175
-
176
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
177
-
178
-
179
-
180
-
181
-
182
- ## [0.9.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.0...v0.9.1) (2024-12-13)
183
-
184
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
185
-
186
-
187
-
188
-
189
-
190
- # [0.9.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.8.0...v0.9.0) (2024-12-10)
191
-
192
-
193
- ### Features
194
-
195
- * align type metadata fetching with sd-jwt-vc draft 08 ([#260](https://github.com/openwallet-foundation/sd-jwt-js/issues/260)) ([2358c75](https://github.com/openwallet-foundation/sd-jwt-js/commit/2358c759887ee29b4c35a3ee0e93ebd8e8c26545))
196
-
197
-
198
-
199
-
200
-
201
- # [0.8.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.2...v0.8.0) (2024-11-26)
202
-
203
-
204
- ### Bug Fixes
205
-
206
- * check if the header includes the string ([#244](https://github.com/openwallet-foundation/sd-jwt-js/issues/244)) ([8a48bb5](https://github.com/openwallet-foundation/sd-jwt-js/commit/8a48bb57fcf9bbad349f349b0aa1ffd997c86bb2))
207
-
208
-
209
- ### Features
210
-
211
- * align media type with sd-jwt-vc draft 06 ([#256](https://github.com/openwallet-foundation/sd-jwt-js/issues/256)) ([1aa3aea](https://github.com/openwallet-foundation/sd-jwt-js/commit/1aa3aea86213e75328975e34d9bf71410fc7a12a))
212
-
213
-
214
-
215
-
216
-
217
- ## [0.7.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.1...v0.7.2) (2024-07-19)
218
-
219
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
220
-
221
-
222
-
223
-
224
-
225
- ## [0.7.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.0...v0.7.1) (2024-05-21)
226
-
227
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
228
-
229
-
230
-
231
-
232
-
233
- # [0.7.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.1...v0.7.0) (2024-05-13)
234
-
235
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
236
-
237
-
238
-
239
-
240
-
241
- ## [0.6.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.0...v0.6.1) (2024-03-18)
242
-
243
-
244
- ### Bug Fixes
245
-
246
- * **sd-jwt-vc:** improve alignment with draft-03 ([#175](https://github.com/openwallet-foundation/sd-jwt-js/issues/175)) ([bcd7d6e](https://github.com/openwallet-foundation/sd-jwt-js/commit/bcd7d6e40fff938d06425d69297274400ab9e8a6))
247
-
248
-
249
-
250
-
251
-
252
- # [0.6.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.5.0...v0.6.0) (2024-03-12)
253
-
254
- **Note:** Version bump only for package @sd-jwt/sd-jwt-vc
255
-
256
-
257
-
258
-
259
-
260
- # [0.5.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.4.0...v0.5.0) (2024-03-11)
261
-
262
-
263
- ### Features
264
-
265
- * make _digest value public in disclosure ([#151](https://github.com/openwallet-foundation/sd-jwt-js/issues/151)) ([7a3fbd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/7a3fbd7db19b6501978340c972b171743d287285))
266
-
267
-
268
-
269
-
270
-
271
- # 0.4.0 (2024-03-08)
272
-
273
-
274
- ### Bug Fixes
275
-
276
- * change SDJwtPayload to SdJwtPayload ([9f06ef7](https://github.com/openwallet-foundation/sd-jwt-js/commit/9f06ef7bd31a1dff4e9bf988e425200a5e1aa82d))
277
- * make sdjwt instance non abstract ([#122](https://github.com/openwallet-foundation/sd-jwt-js/issues/122)) ([e85aae8](https://github.com/openwallet-foundation/sd-jwt-js/commit/e85aae89910f5d9468e29ef14ef3b3d3215b86fd))
278
-
279
-
280
- ### Features
281
-
282
- * add new package for sd-jwt-vc ([ed99188](https://github.com/openwallet-foundation/sd-jwt-js/commit/ed99188f13184d58db64b4211e39fb67f3f78cb5))