@sd-jwt/sd-jwt-vc 0.19.1-next.1 → 0.19.1-next.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +66 -10
- package/dist/index.d.mts +15 -5
- package/dist/index.d.ts +15 -5
- package/dist/index.js +117 -19
- package/dist/index.mjs +113 -9
- package/package.json +5 -7
- package/src/sd-jwt-vc-config.ts +3 -3
- package/src/sd-jwt-vc-instance.ts +148 -15
- package/src/sd-jwt-vc-vct.ts +1 -1
- package/src/test/index.spec.ts +3 -3
- package/src/test/vct.spec.ts +2 -2
- package/src/verification-result.ts +1 -1
- package/test/app-e2e.spec.ts +2 -2
- package/CHANGELOG.md +0 -282
package/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|

|
|
2
|
-

|
|
3
3
|

|
|
4
4
|

|
|
5
5
|
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
|
|
10
10
|
### About
|
|
11
11
|
|
|
12
|
-
SD-JWT-VC
|
|
12
|
+
Implementation of [SD-JWT-based Verifiable Credentials (SD-JWT VC) — draft-ietf-oauth-sd-jwt-vc-15](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html), built on top of `@sd-jwt/core` ([RFC 9901](https://www.rfc-editor.org/rfc/rfc9901.html)).
|
|
13
13
|
|
|
14
14
|
Check the detail description in our github [repo](https://github.com/openwallet-foundation/sd-jwt-js).
|
|
15
15
|
|
|
@@ -34,8 +34,8 @@ Ensure you have Node.js installed as a prerequisite.
|
|
|
34
34
|
|
|
35
35
|
Here's a basic example of how to use this library:
|
|
36
36
|
|
|
37
|
-
```
|
|
38
|
-
import { DisclosureFrame } from '@sd-jwt/
|
|
37
|
+
```typescript
|
|
38
|
+
import type { DisclosureFrame } from '@sd-jwt/core';
|
|
39
39
|
|
|
40
40
|
// identifier of the issuer
|
|
41
41
|
const iss = 'University';
|
|
@@ -85,7 +85,7 @@ Check out more details in our [documentation](https://github.com/openwallet-foun
|
|
|
85
85
|
|
|
86
86
|
### Revocation
|
|
87
87
|
|
|
88
|
-
To add revocation capabilities, you can use the `@
|
|
88
|
+
To add revocation capabilities, you can use the `@owf/token-status-list` library to create a JWT Status List and include it in the SD-JWT-VC.
|
|
89
89
|
|
|
90
90
|
You can pass a dedicated `statusVerifier` function in the configuration to verify the signature of the payload of the JWT of the statuslist. If no function is provided, it will fallback to the verifier that is also used for the sd-jwt-vc.
|
|
91
91
|
|
|
@@ -105,13 +105,69 @@ const sdjwt = new SDJwtVcInstance({
|
|
|
105
105
|
});
|
|
106
106
|
```
|
|
107
107
|
|
|
108
|
-
The library will load
|
|
108
|
+
The library will load the type metadata format based on the `vct` value according to the [SD-JWT-VC specification](https://www.ietf.org/archive/id/draft-ietf-oauth-sd-jwt-vc-15.html#name-sd-jwt-vc-type-metadata) and validate this schema.
|
|
109
109
|
|
|
110
110
|
Since at this point the display is not yet implemented, the library will only validate the schema and return the type metadata format. In the future the values of the type metadata can be fetched via a function call.
|
|
111
111
|
|
|
112
|
+
### Verification
|
|
113
|
+
|
|
114
|
+
The library provides two verification approaches:
|
|
115
|
+
|
|
116
|
+
#### Standard Verification (Fail-Fast)
|
|
117
|
+
|
|
118
|
+
The `verify()` method throws an error immediately when the first validation failure is encountered:
|
|
119
|
+
|
|
120
|
+
```typescript
|
|
121
|
+
try {
|
|
122
|
+
const result = await sdjwt.verify(presentation);
|
|
123
|
+
console.log('Verified payload:', result.payload);
|
|
124
|
+
} catch (error) {
|
|
125
|
+
console.error('Verification failed:', error.message);
|
|
126
|
+
}
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
#### Safe Verification (Collect All Errors)
|
|
130
|
+
|
|
131
|
+
The `safeVerify()` method collects all validation errors instead of failing on the first one. This is useful when you want to show users all issues with a credential at once, including signature, status (revocation), and VCT metadata validation:
|
|
132
|
+
|
|
133
|
+
```typescript
|
|
134
|
+
import type { SafeVerifyResult, VerificationError } from '@sd-jwt/core';
|
|
135
|
+
|
|
136
|
+
const result = await sdjwt.safeVerify(presentation);
|
|
137
|
+
|
|
138
|
+
if (result.success) {
|
|
139
|
+
// Verification succeeded
|
|
140
|
+
console.log('Verified payload:', result.payload);
|
|
141
|
+
console.log('Header:', result.header);
|
|
142
|
+
if (result.kb) {
|
|
143
|
+
console.log('Key binding:', result.kb);
|
|
144
|
+
}
|
|
145
|
+
if (result.typeMetadata) {
|
|
146
|
+
console.log('Type metadata:', result.typeMetadata);
|
|
147
|
+
}
|
|
148
|
+
} else {
|
|
149
|
+
// Verification failed - inspect all errors
|
|
150
|
+
for (const error of result.errors) {
|
|
151
|
+
console.error(`[${error.code}] ${error.message}`);
|
|
152
|
+
if (error.details) {
|
|
153
|
+
console.error('Details:', error.details);
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
```
|
|
158
|
+
|
|
159
|
+
##### SD-JWT-VC Specific Error Codes
|
|
160
|
+
|
|
161
|
+
In addition to the [core error codes](../core/README.md#error-codes), `safeVerify()` in SD-JWT-VC can return:
|
|
162
|
+
|
|
163
|
+
| Code | Description |
|
|
164
|
+
|------|-------------|
|
|
165
|
+
| `STATUS_VERIFICATION_FAILED` | Status list fetch or verification failed |
|
|
166
|
+
| `STATUS_INVALID` | Credential status indicates revocation |
|
|
167
|
+
| `VCT_VERIFICATION_FAILED` | VCT type metadata fetch or validation failed |
|
|
168
|
+
|
|
112
169
|
### Dependencies
|
|
113
170
|
|
|
114
|
-
- @sd-jwt/core
|
|
115
|
-
- @
|
|
116
|
-
-
|
|
117
|
-
- @sd-jwt/jwt-status-list
|
|
171
|
+
- [@sd-jwt/core](https://www.npmjs.com/package/@sd-jwt/core)
|
|
172
|
+
- [@owf/token-status-list](https://www.npmjs.com/package/@owf/token-status-list)
|
|
173
|
+
- [zod](https://www.npmjs.com/package/zod)
|
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
|
-
import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame } from '@sd-jwt/
|
|
1
|
+
import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
-
import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
|
|
4
3
|
|
|
5
4
|
declare const BackgroundImageSchema: z.ZodObject<{
|
|
6
5
|
/** REQUIRED. A URI pointing to the background image. */
|
|
@@ -933,7 +932,7 @@ type ResolvedTypeMetadata = {
|
|
|
933
932
|
};
|
|
934
933
|
type TypeMetadataFormat = z.infer<typeof TypeMetadataFormatSchema>;
|
|
935
934
|
|
|
936
|
-
type
|
|
935
|
+
type VCTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
|
|
937
936
|
|
|
938
937
|
type StatusListFetcher = (uri: string) => Promise<string>;
|
|
939
938
|
type StatusValidator = (status: number) => Promise<void>;
|
|
@@ -943,7 +942,7 @@ type StatusValidator = (status: number) => Promise<void>;
|
|
|
943
942
|
type SDJWTVCConfig = SDJWTConfig & {
|
|
944
943
|
statusListFetcher?: StatusListFetcher;
|
|
945
944
|
statusValidator?: StatusValidator;
|
|
946
|
-
vctFetcher?:
|
|
945
|
+
vctFetcher?: VCTFetcher;
|
|
947
946
|
statusVerifier?: Verifier;
|
|
948
947
|
loadTypeMetadataFormat?: boolean;
|
|
949
948
|
timeout?: number;
|
|
@@ -1008,6 +1007,16 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1008
1007
|
* @param currentDate current time in seconds
|
|
1009
1008
|
*/
|
|
1010
1009
|
verify(encodedSDJwt: string, options?: VerifierOptions): Promise<VerificationResult>;
|
|
1010
|
+
/**
|
|
1011
|
+
* Safe verification that collects all errors instead of failing fast.
|
|
1012
|
+
* Returns a result object with either the verified data or an array of all errors.
|
|
1013
|
+
* This includes SD-JWT-VC specific validations like status and VCT metadata.
|
|
1014
|
+
*
|
|
1015
|
+
* @param encodedSDJwt - The encoded SD-JWT-VC to verify
|
|
1016
|
+
* @param options - Verification options
|
|
1017
|
+
* @returns A SafeVerifyResult containing either success data or collected errors
|
|
1018
|
+
*/
|
|
1019
|
+
safeVerify(encodedSDJwt: string, options?: VerifierOptions): Promise<SafeVerifyResult<VerificationResult>>;
|
|
1011
1020
|
/**
|
|
1012
1021
|
* Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
|
|
1013
1022
|
*
|
|
@@ -1091,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1091
1100
|
* @param options
|
|
1092
1101
|
*/
|
|
1093
1102
|
private verifyStatus;
|
|
1103
|
+
config(newConfig: SDJWTVCConfig): void;
|
|
1094
1104
|
}
|
|
1095
1105
|
|
|
1096
|
-
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type
|
|
1106
|
+
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
|
-
import { SDJWTConfig, Verifier, kbPayload, kbHeader, DisclosureFrame } from '@sd-jwt/
|
|
1
|
+
import { SDJWTConfig, Verifier, SdJwtPayload, kbPayload, kbHeader, SDJwtInstance, DisclosureFrame, VerifierOptions, SafeVerifyResult } from '@sd-jwt/core';
|
|
2
2
|
import { z } from 'zod';
|
|
3
|
-
import { SdJwtPayload, SDJwtInstance, VerifierOptions } from '@sd-jwt/core';
|
|
4
3
|
|
|
5
4
|
declare const BackgroundImageSchema: z.ZodObject<{
|
|
6
5
|
/** REQUIRED. A URI pointing to the background image. */
|
|
@@ -933,7 +932,7 @@ type ResolvedTypeMetadata = {
|
|
|
933
932
|
};
|
|
934
933
|
type TypeMetadataFormat = z.infer<typeof TypeMetadataFormatSchema>;
|
|
935
934
|
|
|
936
|
-
type
|
|
935
|
+
type VCTFetcher = (uri: string, integrity?: string) => Promise<TypeMetadataFormat | undefined>;
|
|
937
936
|
|
|
938
937
|
type StatusListFetcher = (uri: string) => Promise<string>;
|
|
939
938
|
type StatusValidator = (status: number) => Promise<void>;
|
|
@@ -943,7 +942,7 @@ type StatusValidator = (status: number) => Promise<void>;
|
|
|
943
942
|
type SDJWTVCConfig = SDJWTConfig & {
|
|
944
943
|
statusListFetcher?: StatusListFetcher;
|
|
945
944
|
statusValidator?: StatusValidator;
|
|
946
|
-
vctFetcher?:
|
|
945
|
+
vctFetcher?: VCTFetcher;
|
|
947
946
|
statusVerifier?: Verifier;
|
|
948
947
|
loadTypeMetadataFormat?: boolean;
|
|
949
948
|
timeout?: number;
|
|
@@ -1008,6 +1007,16 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1008
1007
|
* @param currentDate current time in seconds
|
|
1009
1008
|
*/
|
|
1010
1009
|
verify(encodedSDJwt: string, options?: VerifierOptions): Promise<VerificationResult>;
|
|
1010
|
+
/**
|
|
1011
|
+
* Safe verification that collects all errors instead of failing fast.
|
|
1012
|
+
* Returns a result object with either the verified data or an array of all errors.
|
|
1013
|
+
* This includes SD-JWT-VC specific validations like status and VCT metadata.
|
|
1014
|
+
*
|
|
1015
|
+
* @param encodedSDJwt - The encoded SD-JWT-VC to verify
|
|
1016
|
+
* @param options - Verification options
|
|
1017
|
+
* @returns A SafeVerifyResult containing either success data or collected errors
|
|
1018
|
+
*/
|
|
1019
|
+
safeVerify(encodedSDJwt: string, options?: VerifierOptions): Promise<SafeVerifyResult<VerificationResult>>;
|
|
1011
1020
|
/**
|
|
1012
1021
|
* Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
|
|
1013
1022
|
*
|
|
@@ -1091,6 +1100,7 @@ declare class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
1091
1100
|
* @param options
|
|
1092
1101
|
*/
|
|
1093
1102
|
private verifyStatus;
|
|
1103
|
+
config(newConfig: SDJWTVCConfig): void;
|
|
1094
1104
|
}
|
|
1095
1105
|
|
|
1096
|
-
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type
|
|
1106
|
+
export { type BackgroundImage, BackgroundImageSchema, type Claim, type ClaimDisplay, ClaimDisplaySchema, type ClaimPath, ClaimPathSchema, ClaimSchema, type ClaimSelectiveDisclosure, ClaimSelectiveDisclosureSchema, ColorSchemeSchema, ContrastSchema, type Display, DisplaySchema, type Logo, LogoSchema, OrientationSchema, type Rendering, RenderingSchema, type ResolvedTypeMetadata, type SDJWTVCConfig, type SDJWTVCStatusReference, SDJwtVcInstance, type SdJwtVcPayload, type SimpleRendering, SimpleRenderingSchema, type StatusListFetcher, type StatusValidator, type SvgTemplateProperties, SvgTemplatePropertiesSchema, type SvgTemplateRendering, SvgTemplateRenderingSchema, type TypeMetadataFormat, TypeMetadataFormatSchema, type VCTFetcher, type VerificationResult };
|
package/dist/index.js
CHANGED
|
@@ -101,9 +101,8 @@ __export(index_exports, {
|
|
|
101
101
|
module.exports = __toCommonJS(index_exports);
|
|
102
102
|
|
|
103
103
|
// src/sd-jwt-vc-instance.ts
|
|
104
|
+
var import_token_status_list = require("@owf/token-status-list");
|
|
104
105
|
var import_core = require("@sd-jwt/core");
|
|
105
|
-
var import_jwt_status_list = require("@sd-jwt/jwt-status-list");
|
|
106
|
-
var import_utils = require("@sd-jwt/utils");
|
|
107
106
|
var import_zod2 = __toESM(require("zod"));
|
|
108
107
|
|
|
109
108
|
// src/sd-jwt-vc-type-metadata-format.ts
|
|
@@ -287,9 +286,11 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
287
286
|
validateReservedFields(disclosureFrame) {
|
|
288
287
|
if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
|
|
289
288
|
const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
|
|
290
|
-
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
289
|
+
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
290
|
+
(key) => reservedNames.includes(String(key))
|
|
291
|
+
);
|
|
291
292
|
if (reservedNamesInDisclosureFrame.length > 0) {
|
|
292
|
-
throw new
|
|
293
|
+
throw new import_core.SDJWTException("Cannot disclose protected field");
|
|
293
294
|
}
|
|
294
295
|
}
|
|
295
296
|
}
|
|
@@ -329,7 +330,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
329
330
|
*/
|
|
330
331
|
statusValidator(status) {
|
|
331
332
|
return __async(this, null, function* () {
|
|
332
|
-
if (status !== 0) throw new
|
|
333
|
+
if (status !== 0) throw new import_core.SDJWTException("Status is not valid");
|
|
333
334
|
return Promise.resolve();
|
|
334
335
|
});
|
|
335
336
|
}
|
|
@@ -354,6 +355,96 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
354
355
|
return result;
|
|
355
356
|
});
|
|
356
357
|
}
|
|
358
|
+
/**
|
|
359
|
+
* Safe verification that collects all errors instead of failing fast.
|
|
360
|
+
* Returns a result object with either the verified data or an array of all errors.
|
|
361
|
+
* This includes SD-JWT-VC specific validations like status and VCT metadata.
|
|
362
|
+
*
|
|
363
|
+
* @param encodedSDJwt - The encoded SD-JWT-VC to verify
|
|
364
|
+
* @param options - Verification options
|
|
365
|
+
* @returns A SafeVerifyResult containing either success data or collected errors
|
|
366
|
+
*/
|
|
367
|
+
safeVerify(encodedSDJwt, options) {
|
|
368
|
+
return __async(this, null, function* () {
|
|
369
|
+
const errors = [];
|
|
370
|
+
const addError = (code, message, details) => {
|
|
371
|
+
errors.push({ code, message, details });
|
|
372
|
+
};
|
|
373
|
+
const baseResult = yield __superGet(_SDJwtVcInstance.prototype, this, "safeVerify").call(this, encodedSDJwt, options);
|
|
374
|
+
if (!baseResult.success) {
|
|
375
|
+
errors.push(...baseResult.errors);
|
|
376
|
+
}
|
|
377
|
+
let result;
|
|
378
|
+
if (baseResult.success) {
|
|
379
|
+
result = {
|
|
380
|
+
payload: baseResult.data.payload,
|
|
381
|
+
header: baseResult.data.header,
|
|
382
|
+
kb: baseResult.data.kb
|
|
383
|
+
};
|
|
384
|
+
} else {
|
|
385
|
+
try {
|
|
386
|
+
const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
|
|
387
|
+
if (payload) {
|
|
388
|
+
result = {
|
|
389
|
+
payload,
|
|
390
|
+
header,
|
|
391
|
+
kb: void 0
|
|
392
|
+
};
|
|
393
|
+
}
|
|
394
|
+
} catch (e) {
|
|
395
|
+
}
|
|
396
|
+
}
|
|
397
|
+
if (result) {
|
|
398
|
+
try {
|
|
399
|
+
yield this.verifyStatus(result, options);
|
|
400
|
+
} catch (e) {
|
|
401
|
+
const error = (0, import_core.ensureError)(e);
|
|
402
|
+
const errorMessage = error.message;
|
|
403
|
+
if (errorMessage.includes("Status is not valid")) {
|
|
404
|
+
addError("STATUS_INVALID", errorMessage, error);
|
|
405
|
+
} else {
|
|
406
|
+
addError(
|
|
407
|
+
"STATUS_VERIFICATION_FAILED",
|
|
408
|
+
`Status verification failed: ${errorMessage}`,
|
|
409
|
+
error
|
|
410
|
+
);
|
|
411
|
+
}
|
|
412
|
+
}
|
|
413
|
+
if (this.userConfig.loadTypeMetadataFormat) {
|
|
414
|
+
try {
|
|
415
|
+
const resolvedTypeMetadata = yield this.fetchVct(result);
|
|
416
|
+
if (result) {
|
|
417
|
+
result.typeMetadata = resolvedTypeMetadata;
|
|
418
|
+
}
|
|
419
|
+
} catch (e) {
|
|
420
|
+
addError(
|
|
421
|
+
"VCT_VERIFICATION_FAILED",
|
|
422
|
+
`VCT verification failed: ${(0, import_core.ensureError)(e).message}`,
|
|
423
|
+
e
|
|
424
|
+
);
|
|
425
|
+
}
|
|
426
|
+
}
|
|
427
|
+
}
|
|
428
|
+
if (errors.length > 0) {
|
|
429
|
+
return { success: false, errors };
|
|
430
|
+
}
|
|
431
|
+
if (!result) {
|
|
432
|
+
return {
|
|
433
|
+
success: false,
|
|
434
|
+
errors: [
|
|
435
|
+
{
|
|
436
|
+
code: "INVALID_SD_JWT",
|
|
437
|
+
message: "Failed to construct verification result"
|
|
438
|
+
}
|
|
439
|
+
]
|
|
440
|
+
};
|
|
441
|
+
}
|
|
442
|
+
return {
|
|
443
|
+
success: true,
|
|
444
|
+
data: result
|
|
445
|
+
};
|
|
446
|
+
});
|
|
447
|
+
}
|
|
357
448
|
/**
|
|
358
449
|
* Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
|
|
359
450
|
*
|
|
@@ -366,7 +457,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
366
457
|
return __async(this, null, function* () {
|
|
367
458
|
const { payload, header } = yield import_core.SDJwt.extractJwt(encodedSDJwt);
|
|
368
459
|
if (!payload) {
|
|
369
|
-
throw new
|
|
460
|
+
throw new import_core.SDJWTException("JWT payload is missing");
|
|
370
461
|
}
|
|
371
462
|
const result = {
|
|
372
463
|
payload,
|
|
@@ -386,10 +477,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
386
477
|
if (!integrity) return;
|
|
387
478
|
const arrayBuffer = yield response.arrayBuffer();
|
|
388
479
|
const alg = integrity.split("-")[0];
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
);
|
|
480
|
+
if (!this.userConfig.hasher) {
|
|
481
|
+
throw new import_core.SDJWTException("Hasher not found");
|
|
482
|
+
}
|
|
483
|
+
const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
|
|
393
484
|
const integrityHash = integrity.split("-")[1];
|
|
394
485
|
const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
|
|
395
486
|
if (hash !== integrityHash) {
|
|
@@ -420,7 +511,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
420
511
|
yield this.validateIntegrity(response.clone(), url, integrity);
|
|
421
512
|
const data = yield response.json();
|
|
422
513
|
return data;
|
|
423
|
-
} catch (
|
|
514
|
+
} catch (e) {
|
|
515
|
+
const error = (0, import_core.ensureError)(e);
|
|
424
516
|
if (error.name === "TimeoutError") {
|
|
425
517
|
throw new Error(`Request to ${url} timed out`);
|
|
426
518
|
}
|
|
@@ -471,7 +563,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
471
563
|
if (baseClaim.sd && extendingClaim.sd) {
|
|
472
564
|
if ((baseClaim.sd === "always" || baseClaim.sd === "never") && baseClaim.sd !== extendingClaim.sd) {
|
|
473
565
|
const pathStr = JSON.stringify(extendingClaim.path);
|
|
474
|
-
throw new
|
|
566
|
+
throw new import_core.SDJWTException(
|
|
475
567
|
`Cannot change 'sd' property from '${baseClaim.sd}' to '${extendingClaim.sd}' for claim at path ${pathStr}`
|
|
476
568
|
);
|
|
477
569
|
}
|
|
@@ -543,17 +635,17 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
543
635
|
var _a;
|
|
544
636
|
const maxDepth = (_a = this.userConfig.maxVctExtendsDepth) != null ? _a : 5;
|
|
545
637
|
if (maxDepth !== -1 && depth > maxDepth) {
|
|
546
|
-
throw new
|
|
638
|
+
throw new import_core.SDJWTException(
|
|
547
639
|
`Maximum VCT extends depth of ${maxDepth} exceeded`
|
|
548
640
|
);
|
|
549
641
|
}
|
|
550
642
|
if (!parentTypeMetadata.extends) {
|
|
551
|
-
throw new
|
|
643
|
+
throw new import_core.SDJWTException(
|
|
552
644
|
`Type metadata for vct '${parentTypeMetadata.vct}' has no 'extends' field. Unable to resolve extended type metadata document.`
|
|
553
645
|
);
|
|
554
646
|
}
|
|
555
647
|
if (visitedVcts.has(parentTypeMetadata.extends)) {
|
|
556
|
-
throw new
|
|
648
|
+
throw new import_core.SDJWTException(
|
|
557
649
|
`Circular dependency detected in VCT extends chain: ${parentTypeMetadata.extends}`
|
|
558
650
|
);
|
|
559
651
|
}
|
|
@@ -563,7 +655,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
563
655
|
parentTypeMetadata["extends#integrity"]
|
|
564
656
|
);
|
|
565
657
|
if (!extendedTypeMetadata) {
|
|
566
|
-
throw new
|
|
658
|
+
throw new import_core.SDJWTException(
|
|
567
659
|
`Resolving VCT extends value '${parentTypeMetadata.extends}' resulted in an undefined result.`
|
|
568
660
|
);
|
|
569
661
|
}
|
|
@@ -608,7 +700,7 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends import_core.SDJwtInstance {
|
|
|
608
700
|
if (!data) return void 0;
|
|
609
701
|
const validated = TypeMetadataFormatSchema.safeParse(data);
|
|
610
702
|
if (!validated.success) {
|
|
611
|
-
throw new
|
|
703
|
+
throw new import_core.SDJWTException(
|
|
612
704
|
`Invalid VCT type metadata for vct '${vct}':
|
|
613
705
|
${import_zod2.default.prettifyError(validated.error)}`
|
|
614
706
|
);
|
|
@@ -631,16 +723,19 @@ ${import_zod2.default.prettifyError(validated.error)}`
|
|
|
631
723
|
result.payload.status.status_list.uri
|
|
632
724
|
);
|
|
633
725
|
const slJWT = import_core.Jwt.fromEncode(statusListJWT);
|
|
726
|
+
if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
|
|
727
|
+
throw new import_core.SDJWTException("Verifier not found for status list JWT");
|
|
728
|
+
}
|
|
634
729
|
yield slJWT.verify(
|
|
635
730
|
(_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
|
|
636
731
|
options
|
|
637
732
|
).catch((err) => {
|
|
638
|
-
throw new
|
|
733
|
+
throw new import_token_status_list.SLException(
|
|
639
734
|
`Status List JWT verification failed: ${err.message}`,
|
|
640
735
|
err.details
|
|
641
736
|
);
|
|
642
737
|
});
|
|
643
|
-
const statusList = (0,
|
|
738
|
+
const statusList = (0, import_token_status_list.getListFromStatusListJWT)(statusListJWT);
|
|
644
739
|
const status = statusList.getStatus(
|
|
645
740
|
result.payload.status.status_list.idx
|
|
646
741
|
);
|
|
@@ -650,6 +745,9 @@ ${import_zod2.default.prettifyError(validated.error)}`
|
|
|
650
745
|
}
|
|
651
746
|
});
|
|
652
747
|
}
|
|
748
|
+
config(newConfig) {
|
|
749
|
+
super.config(newConfig);
|
|
750
|
+
}
|
|
653
751
|
};
|
|
654
752
|
// Annotate the CommonJS export names for ESM import in node:
|
|
655
753
|
0 && (module.exports = {
|
package/dist/index.mjs
CHANGED
|
@@ -54,12 +54,17 @@ var __async = (__this, __arguments, generator) => {
|
|
|
54
54
|
};
|
|
55
55
|
|
|
56
56
|
// src/sd-jwt-vc-instance.ts
|
|
57
|
-
import { Jwt, SDJwt, SDJwtInstance } from "@sd-jwt/core";
|
|
58
57
|
import {
|
|
59
58
|
getListFromStatusListJWT,
|
|
60
59
|
SLException
|
|
61
|
-
} from "@
|
|
62
|
-
import {
|
|
60
|
+
} from "@owf/token-status-list";
|
|
61
|
+
import {
|
|
62
|
+
ensureError,
|
|
63
|
+
Jwt,
|
|
64
|
+
SDJWTException,
|
|
65
|
+
SDJwt,
|
|
66
|
+
SDJwtInstance
|
|
67
|
+
} from "@sd-jwt/core";
|
|
63
68
|
import z2 from "zod";
|
|
64
69
|
|
|
65
70
|
// src/sd-jwt-vc-type-metadata-format.ts
|
|
@@ -243,7 +248,9 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
|
|
|
243
248
|
validateReservedFields(disclosureFrame) {
|
|
244
249
|
if ((disclosureFrame == null ? void 0 : disclosureFrame._sd) && Array.isArray(disclosureFrame._sd) && disclosureFrame._sd.length > 0) {
|
|
245
250
|
const reservedNames = ["iss", "nbf", "exp", "cnf", "vct", "status"];
|
|
246
|
-
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
251
|
+
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter(
|
|
252
|
+
(key) => reservedNames.includes(String(key))
|
|
253
|
+
);
|
|
247
254
|
if (reservedNamesInDisclosureFrame.length > 0) {
|
|
248
255
|
throw new SDJWTException("Cannot disclose protected field");
|
|
249
256
|
}
|
|
@@ -310,6 +317,96 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
|
|
|
310
317
|
return result;
|
|
311
318
|
});
|
|
312
319
|
}
|
|
320
|
+
/**
|
|
321
|
+
* Safe verification that collects all errors instead of failing fast.
|
|
322
|
+
* Returns a result object with either the verified data or an array of all errors.
|
|
323
|
+
* This includes SD-JWT-VC specific validations like status and VCT metadata.
|
|
324
|
+
*
|
|
325
|
+
* @param encodedSDJwt - The encoded SD-JWT-VC to verify
|
|
326
|
+
* @param options - Verification options
|
|
327
|
+
* @returns A SafeVerifyResult containing either success data or collected errors
|
|
328
|
+
*/
|
|
329
|
+
safeVerify(encodedSDJwt, options) {
|
|
330
|
+
return __async(this, null, function* () {
|
|
331
|
+
const errors = [];
|
|
332
|
+
const addError = (code, message, details) => {
|
|
333
|
+
errors.push({ code, message, details });
|
|
334
|
+
};
|
|
335
|
+
const baseResult = yield __superGet(_SDJwtVcInstance.prototype, this, "safeVerify").call(this, encodedSDJwt, options);
|
|
336
|
+
if (!baseResult.success) {
|
|
337
|
+
errors.push(...baseResult.errors);
|
|
338
|
+
}
|
|
339
|
+
let result;
|
|
340
|
+
if (baseResult.success) {
|
|
341
|
+
result = {
|
|
342
|
+
payload: baseResult.data.payload,
|
|
343
|
+
header: baseResult.data.header,
|
|
344
|
+
kb: baseResult.data.kb
|
|
345
|
+
};
|
|
346
|
+
} else {
|
|
347
|
+
try {
|
|
348
|
+
const { payload, header } = yield SDJwt.extractJwt(encodedSDJwt);
|
|
349
|
+
if (payload) {
|
|
350
|
+
result = {
|
|
351
|
+
payload,
|
|
352
|
+
header,
|
|
353
|
+
kb: void 0
|
|
354
|
+
};
|
|
355
|
+
}
|
|
356
|
+
} catch (e) {
|
|
357
|
+
}
|
|
358
|
+
}
|
|
359
|
+
if (result) {
|
|
360
|
+
try {
|
|
361
|
+
yield this.verifyStatus(result, options);
|
|
362
|
+
} catch (e) {
|
|
363
|
+
const error = ensureError(e);
|
|
364
|
+
const errorMessage = error.message;
|
|
365
|
+
if (errorMessage.includes("Status is not valid")) {
|
|
366
|
+
addError("STATUS_INVALID", errorMessage, error);
|
|
367
|
+
} else {
|
|
368
|
+
addError(
|
|
369
|
+
"STATUS_VERIFICATION_FAILED",
|
|
370
|
+
`Status verification failed: ${errorMessage}`,
|
|
371
|
+
error
|
|
372
|
+
);
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
if (this.userConfig.loadTypeMetadataFormat) {
|
|
376
|
+
try {
|
|
377
|
+
const resolvedTypeMetadata = yield this.fetchVct(result);
|
|
378
|
+
if (result) {
|
|
379
|
+
result.typeMetadata = resolvedTypeMetadata;
|
|
380
|
+
}
|
|
381
|
+
} catch (e) {
|
|
382
|
+
addError(
|
|
383
|
+
"VCT_VERIFICATION_FAILED",
|
|
384
|
+
`VCT verification failed: ${ensureError(e).message}`,
|
|
385
|
+
e
|
|
386
|
+
);
|
|
387
|
+
}
|
|
388
|
+
}
|
|
389
|
+
}
|
|
390
|
+
if (errors.length > 0) {
|
|
391
|
+
return { success: false, errors };
|
|
392
|
+
}
|
|
393
|
+
if (!result) {
|
|
394
|
+
return {
|
|
395
|
+
success: false,
|
|
396
|
+
errors: [
|
|
397
|
+
{
|
|
398
|
+
code: "INVALID_SD_JWT",
|
|
399
|
+
message: "Failed to construct verification result"
|
|
400
|
+
}
|
|
401
|
+
]
|
|
402
|
+
};
|
|
403
|
+
}
|
|
404
|
+
return {
|
|
405
|
+
success: true,
|
|
406
|
+
data: result
|
|
407
|
+
};
|
|
408
|
+
});
|
|
409
|
+
}
|
|
313
410
|
/**
|
|
314
411
|
* Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
|
|
315
412
|
*
|
|
@@ -342,10 +439,10 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
|
|
|
342
439
|
if (!integrity) return;
|
|
343
440
|
const arrayBuffer = yield response.arrayBuffer();
|
|
344
441
|
const alg = integrity.split("-")[0];
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
|
|
348
|
-
);
|
|
442
|
+
if (!this.userConfig.hasher) {
|
|
443
|
+
throw new SDJWTException("Hasher not found");
|
|
444
|
+
}
|
|
445
|
+
const hashBuffer = yield this.userConfig.hasher(arrayBuffer, alg);
|
|
349
446
|
const integrityHash = integrity.split("-")[1];
|
|
350
447
|
const hash = Array.from(new Uint8Array(hashBuffer)).map((byte) => byte.toString(16).padStart(2, "0")).join("");
|
|
351
448
|
if (hash !== integrityHash) {
|
|
@@ -376,7 +473,8 @@ var SDJwtVcInstance = class _SDJwtVcInstance extends SDJwtInstance {
|
|
|
376
473
|
yield this.validateIntegrity(response.clone(), url, integrity);
|
|
377
474
|
const data = yield response.json();
|
|
378
475
|
return data;
|
|
379
|
-
} catch (
|
|
476
|
+
} catch (e) {
|
|
477
|
+
const error = ensureError(e);
|
|
380
478
|
if (error.name === "TimeoutError") {
|
|
381
479
|
throw new Error(`Request to ${url} timed out`);
|
|
382
480
|
}
|
|
@@ -587,6 +685,9 @@ ${z2.prettifyError(validated.error)}`
|
|
|
587
685
|
result.payload.status.status_list.uri
|
|
588
686
|
);
|
|
589
687
|
const slJWT = Jwt.fromEncode(statusListJWT);
|
|
688
|
+
if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
|
|
689
|
+
throw new SDJWTException("Verifier not found for status list JWT");
|
|
690
|
+
}
|
|
590
691
|
yield slJWT.verify(
|
|
591
692
|
(_b = this.userConfig.statusVerifier) != null ? _b : this.userConfig.verifier,
|
|
592
693
|
options
|
|
@@ -606,6 +707,9 @@ ${z2.prettifyError(validated.error)}`
|
|
|
606
707
|
}
|
|
607
708
|
});
|
|
608
709
|
}
|
|
710
|
+
config(newConfig) {
|
|
711
|
+
super.config(newConfig);
|
|
712
|
+
}
|
|
609
713
|
};
|
|
610
714
|
export {
|
|
611
715
|
BackgroundImageSchema,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sd-jwt/sd-jwt-vc",
|
|
3
|
-
"version": "0.19.1-next.
|
|
3
|
+
"version": "0.19.1-next.10+fe18c35",
|
|
4
4
|
"description": "sd-jwt draft 7 implementation in typescript",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.mjs",
|
|
@@ -38,14 +38,12 @@
|
|
|
38
38
|
},
|
|
39
39
|
"license": "Apache-2.0",
|
|
40
40
|
"dependencies": {
|
|
41
|
-
"@
|
|
42
|
-
"@sd-jwt/
|
|
43
|
-
"@sd-jwt/utils": "0.19.1-next.1+576f172",
|
|
41
|
+
"@owf/token-status-list": "^0.1.0-alpha-20260312123226",
|
|
42
|
+
"@sd-jwt/core": "0.19.1-next.10+fe18c35",
|
|
44
43
|
"zod": "^4.3.5"
|
|
45
44
|
},
|
|
46
45
|
"devDependencies": {
|
|
47
|
-
"@
|
|
48
|
-
"@sd-jwt/types": "0.19.1-next.1+576f172",
|
|
46
|
+
"@owf/crypto": "^0.1.0-alpha-20260312123226",
|
|
49
47
|
"jose": "^6.1.2",
|
|
50
48
|
"msw": "^2.12.3"
|
|
51
49
|
},
|
|
@@ -65,5 +63,5 @@
|
|
|
65
63
|
"esm"
|
|
66
64
|
]
|
|
67
65
|
},
|
|
68
|
-
"gitHead": "
|
|
66
|
+
"gitHead": "fe18c3572055c3307d05f43f738c1d3c3f15de38"
|
|
69
67
|
}
|
package/src/sd-jwt-vc-config.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import type { SDJWTConfig, Verifier } from '@sd-jwt/
|
|
2
|
-
import type {
|
|
1
|
+
import type { SDJWTConfig, Verifier } from '@sd-jwt/core';
|
|
2
|
+
import type { VCTFetcher } from './sd-jwt-vc-vct';
|
|
3
3
|
|
|
4
4
|
export type StatusListFetcher = (uri: string) => Promise<string>;
|
|
5
5
|
export type StatusValidator = (status: number) => Promise<void>;
|
|
@@ -13,7 +13,7 @@ export type SDJWTVCConfig = SDJWTConfig & {
|
|
|
13
13
|
// validte the status and decide if the status is valid or not. If not provided, the code will continue if it is 0, otherwise it will throw an error.
|
|
14
14
|
statusValidator?: StatusValidator;
|
|
15
15
|
// a function that fetches the type metadata format from the uri. If not provided, the library will assume that the response is a TypeMetadataFormat. Caching has to be implemented in this function. If the integrity value is passed, it to be validated according to https://www.w3.org/TR/SRI/
|
|
16
|
-
vctFetcher?:
|
|
16
|
+
vctFetcher?: VCTFetcher;
|
|
17
17
|
// a function that verifies the status of the JWT. If not provided, the library will assume that the status is valid if it is 0.
|
|
18
18
|
statusVerifier?: Verifier;
|
|
19
19
|
// if set to true, it will load the metadata format based on the vct value. If not provided, it will default to false.
|
|
@@ -1,12 +1,21 @@
|
|
|
1
|
-
import { Jwt, SDJwt, SDJwtInstance, type VerifierOptions } from '@sd-jwt/core';
|
|
2
1
|
import {
|
|
3
2
|
getListFromStatusListJWT,
|
|
4
3
|
SLException,
|
|
5
4
|
type StatusListJWTHeaderParameters,
|
|
6
5
|
type StatusListJWTPayload,
|
|
7
|
-
} from '@
|
|
8
|
-
import
|
|
9
|
-
|
|
6
|
+
} from '@owf/token-status-list';
|
|
7
|
+
import {
|
|
8
|
+
type DisclosureFrame,
|
|
9
|
+
ensureError,
|
|
10
|
+
Jwt,
|
|
11
|
+
type SafeVerifyResult,
|
|
12
|
+
SDJWTException,
|
|
13
|
+
SDJwt,
|
|
14
|
+
SDJwtInstance,
|
|
15
|
+
type VerificationError,
|
|
16
|
+
type VerificationErrorCode,
|
|
17
|
+
type VerifierOptions,
|
|
18
|
+
} from '@sd-jwt/core';
|
|
10
19
|
import z from 'zod';
|
|
11
20
|
import type {
|
|
12
21
|
SDJWTVCConfig,
|
|
@@ -53,9 +62,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
53
62
|
) {
|
|
54
63
|
const reservedNames = ['iss', 'nbf', 'exp', 'cnf', 'vct', 'status'];
|
|
55
64
|
// check if there is any reserved names in the disclosureFrame._sd array
|
|
56
|
-
const reservedNamesInDisclosureFrame = (
|
|
57
|
-
|
|
58
|
-
)
|
|
65
|
+
const reservedNamesInDisclosureFrame = disclosureFrame._sd.filter((key) =>
|
|
66
|
+
reservedNames.includes(String(key)),
|
|
67
|
+
);
|
|
59
68
|
if (reservedNamesInDisclosureFrame.length > 0) {
|
|
60
69
|
throw new SDJWTException('Cannot disclose protected field');
|
|
61
70
|
}
|
|
@@ -133,6 +142,123 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
133
142
|
return result;
|
|
134
143
|
}
|
|
135
144
|
|
|
145
|
+
/**
|
|
146
|
+
* Safe verification that collects all errors instead of failing fast.
|
|
147
|
+
* Returns a result object with either the verified data or an array of all errors.
|
|
148
|
+
* This includes SD-JWT-VC specific validations like status and VCT metadata.
|
|
149
|
+
*
|
|
150
|
+
* @param encodedSDJwt - The encoded SD-JWT-VC to verify
|
|
151
|
+
* @param options - Verification options
|
|
152
|
+
* @returns A SafeVerifyResult containing either success data or collected errors
|
|
153
|
+
*/
|
|
154
|
+
async safeVerify(
|
|
155
|
+
encodedSDJwt: string,
|
|
156
|
+
options?: VerifierOptions,
|
|
157
|
+
): Promise<SafeVerifyResult<VerificationResult>> {
|
|
158
|
+
const errors: VerificationError[] = [];
|
|
159
|
+
|
|
160
|
+
// Helper to add errors
|
|
161
|
+
const addError = (
|
|
162
|
+
code: VerificationErrorCode,
|
|
163
|
+
message: string,
|
|
164
|
+
details?: unknown,
|
|
165
|
+
) => {
|
|
166
|
+
errors.push({ code, message, details });
|
|
167
|
+
};
|
|
168
|
+
|
|
169
|
+
// First, call the parent's safeVerify to get base verification results
|
|
170
|
+
const baseResult = await super.safeVerify(encodedSDJwt, options);
|
|
171
|
+
|
|
172
|
+
// Collect errors from base verification
|
|
173
|
+
if (!baseResult.success) {
|
|
174
|
+
errors.push(...baseResult.errors);
|
|
175
|
+
}
|
|
176
|
+
|
|
177
|
+
// Build partial result for additional verifications
|
|
178
|
+
let result: VerificationResult | undefined;
|
|
179
|
+
if (baseResult.success) {
|
|
180
|
+
result = {
|
|
181
|
+
payload: baseResult.data.payload as SdJwtVcPayload,
|
|
182
|
+
header: baseResult.data.header,
|
|
183
|
+
kb: baseResult.data.kb as VerificationResult['kb'],
|
|
184
|
+
};
|
|
185
|
+
} else {
|
|
186
|
+
// Try to extract payload even if verification failed for status/vct checks
|
|
187
|
+
try {
|
|
188
|
+
const { payload, header } = await SDJwt.extractJwt<
|
|
189
|
+
Record<string, unknown>,
|
|
190
|
+
SdJwtVcPayload
|
|
191
|
+
>(encodedSDJwt);
|
|
192
|
+
if (payload) {
|
|
193
|
+
result = {
|
|
194
|
+
payload,
|
|
195
|
+
header,
|
|
196
|
+
kb: undefined,
|
|
197
|
+
};
|
|
198
|
+
}
|
|
199
|
+
} catch {
|
|
200
|
+
// Cannot extract payload, skip additional checks
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
|
|
204
|
+
// Verify status (if payload is available)
|
|
205
|
+
if (result) {
|
|
206
|
+
try {
|
|
207
|
+
await this.verifyStatus(result, options);
|
|
208
|
+
} catch (e) {
|
|
209
|
+
const error = ensureError(e);
|
|
210
|
+
const errorMessage = error.message;
|
|
211
|
+
if (errorMessage.includes('Status is not valid')) {
|
|
212
|
+
addError('STATUS_INVALID', errorMessage, error);
|
|
213
|
+
} else {
|
|
214
|
+
addError(
|
|
215
|
+
'STATUS_VERIFICATION_FAILED',
|
|
216
|
+
`Status verification failed: ${errorMessage}`,
|
|
217
|
+
error,
|
|
218
|
+
);
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
|
|
222
|
+
// Verify VCT metadata (if configured)
|
|
223
|
+
if (this.userConfig.loadTypeMetadataFormat) {
|
|
224
|
+
try {
|
|
225
|
+
const resolvedTypeMetadata = await this.fetchVct(result);
|
|
226
|
+
if (result) {
|
|
227
|
+
result.typeMetadata = resolvedTypeMetadata;
|
|
228
|
+
}
|
|
229
|
+
} catch (e) {
|
|
230
|
+
addError(
|
|
231
|
+
'VCT_VERIFICATION_FAILED',
|
|
232
|
+
`VCT verification failed: ${ensureError(e).message}`,
|
|
233
|
+
e,
|
|
234
|
+
);
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
|
|
239
|
+
// Return result
|
|
240
|
+
if (errors.length > 0) {
|
|
241
|
+
return { success: false, errors };
|
|
242
|
+
}
|
|
243
|
+
|
|
244
|
+
if (!result) {
|
|
245
|
+
return {
|
|
246
|
+
success: false,
|
|
247
|
+
errors: [
|
|
248
|
+
{
|
|
249
|
+
code: 'INVALID_SD_JWT',
|
|
250
|
+
message: 'Failed to construct verification result',
|
|
251
|
+
},
|
|
252
|
+
],
|
|
253
|
+
};
|
|
254
|
+
}
|
|
255
|
+
|
|
256
|
+
return {
|
|
257
|
+
success: true,
|
|
258
|
+
data: result,
|
|
259
|
+
};
|
|
260
|
+
}
|
|
261
|
+
|
|
136
262
|
/**
|
|
137
263
|
* Gets VCT Metadata of the raw SD-JWT-VC. Returns the type metadata format. If the SD-JWT-VC is invalid or does not contain a vct claim, an error is thrown.
|
|
138
264
|
*
|
|
@@ -179,10 +305,10 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
179
305
|
const arrayBuffer = await response.arrayBuffer();
|
|
180
306
|
const alg = integrity.split('-')[0];
|
|
181
307
|
//TODO: error handling when a hasher is passed that is not supporting the required algorithm according to the spec
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
);
|
|
308
|
+
if (!this.userConfig.hasher) {
|
|
309
|
+
throw new SDJWTException('Hasher not found');
|
|
310
|
+
}
|
|
311
|
+
const hashBuffer = await this.userConfig.hasher(arrayBuffer, alg);
|
|
186
312
|
const integrityHash = integrity.split('-')[1];
|
|
187
313
|
const hash = Array.from(new Uint8Array(hashBuffer))
|
|
188
314
|
.map((byte) => byte.toString(16).padStart(2, '0'))
|
|
@@ -217,8 +343,9 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
217
343
|
const data = await response.json();
|
|
218
344
|
|
|
219
345
|
return data;
|
|
220
|
-
} catch (
|
|
221
|
-
|
|
346
|
+
} catch (e) {
|
|
347
|
+
const error = ensureError(e);
|
|
348
|
+
if (error.name === 'TimeoutError') {
|
|
222
349
|
throw new Error(`Request to ${url} timed out`);
|
|
223
350
|
}
|
|
224
351
|
throw error;
|
|
@@ -515,10 +642,12 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
515
642
|
StatusListJWTPayload
|
|
516
643
|
>(statusListJWT);
|
|
517
644
|
// check if the status list has a valid signature. The presence of the verifier is checked in the parent class.
|
|
645
|
+
if (!this.userConfig.verifier || !this.userConfig.statusVerifier) {
|
|
646
|
+
throw new SDJWTException('Verifier not found for status list JWT');
|
|
647
|
+
}
|
|
518
648
|
await slJWT
|
|
519
649
|
.verify(
|
|
520
|
-
this.userConfig.statusVerifier ??
|
|
521
|
-
(this.userConfig.verifier as Verifier),
|
|
650
|
+
this.userConfig.statusVerifier ?? this.userConfig.verifier,
|
|
522
651
|
options,
|
|
523
652
|
)
|
|
524
653
|
.catch((err: SLException) => {
|
|
@@ -541,4 +670,8 @@ export class SDJwtVcInstance extends SDJwtInstance<SdJwtVcPayload> {
|
|
|
541
670
|
}
|
|
542
671
|
}
|
|
543
672
|
}
|
|
673
|
+
|
|
674
|
+
public config(newConfig: SDJWTVCConfig) {
|
|
675
|
+
super.config(newConfig);
|
|
676
|
+
}
|
|
544
677
|
}
|
package/src/sd-jwt-vc-vct.ts
CHANGED
package/src/test/index.spec.ts
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
import Crypto from 'node:crypto';
|
|
2
|
-
import { digest, generateSalt } from '@
|
|
2
|
+
import { hasher as digest, generateSalt } from '@owf/crypto';
|
|
3
3
|
import {
|
|
4
4
|
createHeaderAndPayload,
|
|
5
5
|
StatusList,
|
|
6
6
|
type StatusListJWTHeaderParameters,
|
|
7
|
-
} from '@
|
|
7
|
+
} from '@owf/token-status-list';
|
|
8
8
|
import type {
|
|
9
9
|
DisclosureFrame,
|
|
10
10
|
JwtPayload,
|
|
11
11
|
Signer,
|
|
12
12
|
Verifier,
|
|
13
|
-
} from '@sd-jwt/
|
|
13
|
+
} from '@sd-jwt/core';
|
|
14
14
|
import { SignJWT } from 'jose';
|
|
15
15
|
import { describe, expect, test } from 'vitest';
|
|
16
16
|
import { SDJwtVcInstance } from '..';
|
package/src/test/vct.spec.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import Crypto from 'node:crypto';
|
|
2
2
|
import { afterEach } from 'node:test';
|
|
3
|
-
import { digest, generateSalt } from '@
|
|
4
|
-
import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/
|
|
3
|
+
import { hasher as digest, generateSalt } from '@owf/crypto';
|
|
4
|
+
import type { DisclosureFrame, Signer, Verifier } from '@sd-jwt/core';
|
|
5
5
|
import { HttpResponse, http } from 'msw';
|
|
6
6
|
import { setupServer } from 'msw/node';
|
|
7
7
|
import { afterAll, beforeAll, describe, expect, test, vitest } from 'vitest';
|
package/test/app-e2e.spec.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import Crypto from 'node:crypto';
|
|
2
2
|
import fs from 'node:fs';
|
|
3
3
|
import path from 'node:path';
|
|
4
|
-
import { digest, generateSalt } from '@
|
|
4
|
+
import { hasher as digest, generateSalt } from '@owf/crypto';
|
|
5
5
|
import type {
|
|
6
6
|
DisclosureFrame,
|
|
7
7
|
PresentationFrame,
|
|
8
8
|
Signer,
|
|
9
9
|
Verifier,
|
|
10
|
-
} from '@sd-jwt/
|
|
10
|
+
} from '@sd-jwt/core';
|
|
11
11
|
import { describe, expect, test } from 'vitest';
|
|
12
12
|
import { SDJwtVcInstance } from '../src/index';
|
|
13
13
|
|
package/CHANGELOG.md
DELETED
|
@@ -1,282 +0,0 @@
|
|
|
1
|
-
# Change Log
|
|
2
|
-
|
|
3
|
-
All notable changes to this project will be documented in this file.
|
|
4
|
-
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
|
-
|
|
6
|
-
# [0.19.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.1...v0.19.0) (2026-01-23)
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
### Bug Fixes
|
|
10
|
-
|
|
11
|
-
* missing/updated fields in type metadata ([#359](https://github.com/openwallet-foundation/sd-jwt-js/issues/359)) ([d230a8d](https://github.com/openwallet-foundation/sd-jwt-js/commit/d230a8df2899b342b98a1d72eb606fb31de41924))
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
### Features
|
|
15
|
-
|
|
16
|
-
* update to locale ([#358](https://github.com/openwallet-foundation/sd-jwt-js/issues/358)) ([114389e](https://github.com/openwallet-foundation/sd-jwt-js/commit/114389ef8e02b4b40d4e16585a4eea0bdb0732bc))
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
## [0.18.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.18.0...v0.18.1) (2026-01-14)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
### Bug Fixes
|
|
26
|
-
|
|
27
|
-
* keep custom properties on type metadata ([#357](https://github.com/openwallet-foundation/sd-jwt-js/issues/357)) ([2b1f0ba](https://github.com/openwallet-foundation/sd-jwt-js/commit/2b1f0badd7fcc4096e12c38dae227f0ed9d30ec3))
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
# [0.18.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.1...v0.18.0) (2026-01-11)
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
### Bug Fixes
|
|
37
|
-
|
|
38
|
-
* integrity check ([#339](https://github.com/openwallet-foundation/sd-jwt-js/issues/339)) ([4a4c1b0](https://github.com/openwallet-foundation/sd-jwt-js/commit/4a4c1b0c04615bcf0e455d51cd1b9234cbcd0d78))
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
### Features
|
|
42
|
-
|
|
43
|
-
* allow undefined type metadata to be returned by resolver ([#338](https://github.com/openwallet-foundation/sd-jwt-js/issues/338)) ([213de7e](https://github.com/openwallet-foundation/sd-jwt-js/commit/213de7e85b9820ca638ba3362fe4deee808e236e))
|
|
44
|
-
* validate sd jwt vc type metadata with zod ([#348](https://github.com/openwallet-foundation/sd-jwt-js/issues/348)) ([23e4beb](https://github.com/openwallet-foundation/sd-jwt-js/commit/23e4beb767451ef975709d01e471285da00f55e9))
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
## [0.17.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.17.0...v0.17.1) (2025-11-18)
|
|
51
|
-
|
|
52
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
# [0.17.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.16.0...v0.17.0) (2025-10-23)
|
|
59
|
-
|
|
60
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
# [0.16.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.1...v0.16.0) (2025-10-07)
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
### Bug Fixes
|
|
70
|
-
|
|
71
|
-
* change repo url from labs to other one ([#323](https://github.com/openwallet-foundation/sd-jwt-js/issues/323)) ([f68c847](https://github.com/openwallet-foundation/sd-jwt-js/commit/f68c8476c2f04bb9d53acd4059b59caf271df015))
|
|
72
|
-
* set correct url in package json ([#321](https://github.com/openwallet-foundation/sd-jwt-js/issues/321)) ([554152c](https://github.com/openwallet-foundation/sd-jwt-js/commit/554152cc819bbc3afb504b25f4a2018a92fb72f1))
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
### Features
|
|
76
|
-
|
|
77
|
-
* Adding validation during issuance when a schema is passed ([#308](https://github.com/openwallet-foundation/sd-jwt-js/issues/308)) ([90eef6b](https://github.com/openwallet-foundation/sd-jwt-js/commit/90eef6be1c0838d334ecdef083dbb609c3812357))
|
|
78
|
-
* updates all dependencies to latest versions + biome updates ([#324](https://github.com/openwallet-foundation/sd-jwt-js/issues/324)) ([75d5780](https://github.com/openwallet-foundation/sd-jwt-js/commit/75d5780fb53c5e2c886537b283503fc6fb088a4a))
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
## [0.15.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.15.0...v0.15.1) (2025-08-28)
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
### Bug Fixes
|
|
88
|
-
|
|
89
|
-
* make iss claim optional in SD-JWT VC payload ([#310](https://github.com/openwallet-foundation/sd-jwt-js/issues/310)) ([f6275e3](https://github.com/openwallet-foundation/sd-jwt-js/commit/f6275e35e66777709321328ba50fec53e5f48c7b))
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
# [0.15.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.1...v0.15.0) (2025-08-20)
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
### Features
|
|
99
|
-
|
|
100
|
-
* Allows to pass a custom function for the status list JWT validation ([#306](https://github.com/openwallet-foundation/sd-jwt-js/issues/306)) ([25e546e](https://github.com/openwallet-foundation/sd-jwt-js/commit/25e546e1536178f8ee41b0e1b3836656fd6f48ab))
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
## [0.14.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.14.0...v0.14.1) (2025-08-02)
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
### Bug Fixes
|
|
110
|
-
|
|
111
|
-
* claim type ([#300](https://github.com/openwallet-foundation/sd-jwt-js/issues/300)) ([3bab5ea](https://github.com/openwallet-foundation/sd-jwt-js/commit/3bab5eae69b6ef872209ca00b5593f96b541bc03))
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
# [0.14.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.13.0...v0.14.0) (2025-06-30)
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
### Features
|
|
121
|
-
|
|
122
|
-
* Add Verifier options ([#297](https://github.com/openwallet-foundation/sd-jwt-js/issues/297)) ([2a6a367](https://github.com/openwallet-foundation/sd-jwt-js/commit/2a6a3674f94742f48feaf660056226b1a54145e7))
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
# [0.13.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.12.0...v0.13.0) (2025-06-25)
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
### Features
|
|
132
|
-
|
|
133
|
-
* fetch VCT Metadata from SD JWT header ([#288](https://github.com/openwallet-foundation/sd-jwt-js/issues/288)) ([#294](https://github.com/openwallet-foundation/sd-jwt-js/issues/294)) ([f89ba44](https://github.com/openwallet-foundation/sd-jwt-js/commit/f89ba445aeb57ce342ec76b58a0eb6d0c090a4e9))
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
# [0.12.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.11.0...v0.12.0) (2025-06-21)
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
### Bug Fixes
|
|
143
|
-
|
|
144
|
-
* expose types ([#290](https://github.com/openwallet-foundation/sd-jwt-js/issues/290)) ([1b656ac](https://github.com/openwallet-foundation/sd-jwt-js/commit/1b656ac21796b715096feae439de6b48442244a9))
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
### Features
|
|
148
|
-
|
|
149
|
-
* add missing types ([#286](https://github.com/openwallet-foundation/sd-jwt-js/issues/286)) ([506b876](https://github.com/openwallet-foundation/sd-jwt-js/commit/506b8769ac8e0082ad30544338eace2d0df34294))
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
# [0.11.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.10.0...v0.11.0) (2025-06-17)
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
### Features
|
|
159
|
-
|
|
160
|
-
* SD JWT Instances VCT Metadata get separated from verify ([#285](https://github.com/openwallet-foundation/sd-jwt-js/issues/285)) ([bc91fd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/bc91fd71f7d721298ad5c08d4379bc870903f65f))
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
# [0.10.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.2...v0.10.0) (2025-03-24)
|
|
167
|
-
|
|
168
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
## [0.9.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.1...v0.9.2) (2025-01-29)
|
|
175
|
-
|
|
176
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
## [0.9.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.9.0...v0.9.1) (2024-12-13)
|
|
183
|
-
|
|
184
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
# [0.9.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.8.0...v0.9.0) (2024-12-10)
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
### Features
|
|
194
|
-
|
|
195
|
-
* align type metadata fetching with sd-jwt-vc draft 08 ([#260](https://github.com/openwallet-foundation/sd-jwt-js/issues/260)) ([2358c75](https://github.com/openwallet-foundation/sd-jwt-js/commit/2358c759887ee29b4c35a3ee0e93ebd8e8c26545))
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
# [0.8.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.2...v0.8.0) (2024-11-26)
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
### Bug Fixes
|
|
205
|
-
|
|
206
|
-
* check if the header includes the string ([#244](https://github.com/openwallet-foundation/sd-jwt-js/issues/244)) ([8a48bb5](https://github.com/openwallet-foundation/sd-jwt-js/commit/8a48bb57fcf9bbad349f349b0aa1ffd997c86bb2))
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
### Features
|
|
210
|
-
|
|
211
|
-
* align media type with sd-jwt-vc draft 06 ([#256](https://github.com/openwallet-foundation/sd-jwt-js/issues/256)) ([1aa3aea](https://github.com/openwallet-foundation/sd-jwt-js/commit/1aa3aea86213e75328975e34d9bf71410fc7a12a))
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
## [0.7.2](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.1...v0.7.2) (2024-07-19)
|
|
218
|
-
|
|
219
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
## [0.7.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.7.0...v0.7.1) (2024-05-21)
|
|
226
|
-
|
|
227
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
# [0.7.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.1...v0.7.0) (2024-05-13)
|
|
234
|
-
|
|
235
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
## [0.6.1](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.6.0...v0.6.1) (2024-03-18)
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
### Bug Fixes
|
|
245
|
-
|
|
246
|
-
* **sd-jwt-vc:** improve alignment with draft-03 ([#175](https://github.com/openwallet-foundation/sd-jwt-js/issues/175)) ([bcd7d6e](https://github.com/openwallet-foundation/sd-jwt-js/commit/bcd7d6e40fff938d06425d69297274400ab9e8a6))
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
# [0.6.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.5.0...v0.6.0) (2024-03-12)
|
|
253
|
-
|
|
254
|
-
**Note:** Version bump only for package @sd-jwt/sd-jwt-vc
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
# [0.5.0](https://github.com/openwallet-foundation/sd-jwt-js/compare/v0.4.0...v0.5.0) (2024-03-11)
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
### Features
|
|
264
|
-
|
|
265
|
-
* make _digest value public in disclosure ([#151](https://github.com/openwallet-foundation/sd-jwt-js/issues/151)) ([7a3fbd7](https://github.com/openwallet-foundation/sd-jwt-js/commit/7a3fbd7db19b6501978340c972b171743d287285))
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
# 0.4.0 (2024-03-08)
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
### Bug Fixes
|
|
275
|
-
|
|
276
|
-
* change SDJwtPayload to SdJwtPayload ([9f06ef7](https://github.com/openwallet-foundation/sd-jwt-js/commit/9f06ef7bd31a1dff4e9bf988e425200a5e1aa82d))
|
|
277
|
-
* make sdjwt instance non abstract ([#122](https://github.com/openwallet-foundation/sd-jwt-js/issues/122)) ([e85aae8](https://github.com/openwallet-foundation/sd-jwt-js/commit/e85aae89910f5d9468e29ef14ef3b3d3215b86fd))
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
### Features
|
|
281
|
-
|
|
282
|
-
* add new package for sd-jwt-vc ([ed99188](https://github.com/openwallet-foundation/sd-jwt-js/commit/ed99188f13184d58db64b4211e39fb67f3f78cb5))
|