fix: make sdjwt instance non abstract (#122)

Signed-off-by: Mirko Mollik <mirko.mollik@fit.fraunhofer.de>

examples/sd-jwt-example/README.md

@@ -0,0 +1,36 @@
+# SD JWT Core Examples
+
+This directory contains example of basic usage(issue, validate, present, verify) of SD JWT
+
+## Run the example
+
+```bash
+pnpm run {example_file_name}
+
+# example
+pnpm run all
+```
+
+### Example lists
+
+- basic: Example of basic usage(issue, validate, present, verify) of SD JWT
+- all: Example of issue, present and verify the comprehensive data.
+- custom: Example of using custom hasher and salt generator for SD JWT
+- custom_header: Example of using custom header for SD JWT
+- sdjwtobject: Example of using SD JWT Object
+- decoy: Example of adding decoy digest in SD JWT
+- kb: key binding example in SD JWT
+- decode: Decoding example of a SD JWT sample
+
+### Variables In Examples
+
+- claims: the user's information
+- disclosureFrame: specify which claims should be disclosed
+- credential: Issued Encoded SD JWT.
+- validated: result of SD JWT validation
+- presentationFrame: specify which claims should be presented
+- presentation: Presented Encoded SD JWT.
+- requiredClaims: specify which claims should be verified
+- verified: result of verification
+- sdJwtToken: SD JWT Token Object
+- SDJwtInstance: SD JWT Instance

examples/sd-jwt-example/all.ts

@@ -0,0 +1,105 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { DisclosureFrame } from '@sd-jwt/types';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    verifier,
+    signAlg: 'EdDSA',
+    hasher: digest,
+    hashAlg: 'SHA-256',
+    saltGenerator: generateSalt,
+  });
+
+  // Issuer Define the claims object with the user's information
+  const claims = {
+    firstname: 'John',
+    lastname: 'Doe',
+    ssn: '123-45-6789',
+    id: '1234',
+    data: {
+      firstname: 'John',
+      lastname: 'Doe',
+      ssn: '123-45-6789',
+      list: [{ r: '1' }, 'b', 'c'],
+    },
+    data2: {
+      hi: 'bye',
+    },
+  };
+
+  // Issuer Define the disclosure frame to specify which claims can be disclosed
+  const disclosureFrame: DisclosureFrame<typeof claims> = {
+    _sd: ['firstname', 'id', 'data2'],
+    data: {
+      _sd: ['list'],
+      _sd_decoy: 2,
+      list: {
+        _sd: [0, 2],
+        _sd_decoy: 1,
+        0: {
+          _sd: ['r'],
+        },
+      },
+    },
+    data2: {
+      _sd: ['hi'],
+    },
+  };
+
+  // Issue a signed JWT credential with the specified claims and disclosures
+  // Return a Encoded SD JWT. Issuer send the credential to the holder
+  const credential = await sdjwt.issue(claims, disclosureFrame);
+  console.log('encodedJwt:', credential);
+
+  // Holder Receive the credential from the issuer and validate it
+  // Return a boolean result
+  const validated = await sdjwt.validate(credential);
+  console.log('validated:', validated);
+
+  // You can decode the SD JWT to get the payload and the disclosures
+  const sdJwtToken = await sdjwt.decode(credential);
+
+  // You can get the keys of the claims from the decoded SD JWT
+  const keys = await sdJwtToken.keys(digest);
+  console.log({ keys });
+
+  // You can get the claims from the decoded SD JWT
+  const payloads = await sdJwtToken.getClaims(digest);
+
+  // You can get the presentable keys from the decoded SD JWT
+  const presentableKeys = await sdJwtToken.presentableKeys(digest);
+
+  console.log({
+    payloads: JSON.stringify(payloads, null, 2),
+    disclosures: JSON.stringify(sdJwtToken.disclosures, null, 2),
+    claim: JSON.stringify(sdJwtToken.jwt?.payload, null, 2),
+    presentableKeys,
+  });
+
+  console.log(
+    '================================================================',
+  );
+
+  // Holder Define the presentation frame to specify which claims should be presented
+  // The list of presented claims must be a subset of the disclosed claims
+  // the presentation frame is determined by the verifier or the protocol that was agreed upon between the holder and the verifier
+  const presentationFrame = ['firstname', 'id'];
+
+  // Create a presentation using the issued credential and the presentation frame
+  // return a Encoded SD JWT. Holder send the presentation to the verifier
+  const presentation = await sdjwt.present(credential, presentationFrame);
+  console.log('presentedSDJwt:', presentation);
+
+  // Verifier Define the required claims that need to be verified in the presentation
+  const requiredClaims = ['firstname', 'id', 'data.ssn'];
+
+  // Verify the presentation using the public key and the required claims
+  // return a boolean result
+  const verified = await sdjwt.verify(credential, requiredClaims);
+  console.log('verified:', verified);
+})();

examples/sd-jwt-example/basic.ts

@@ -0,0 +1,55 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { DisclosureFrame } from '@sd-jwt/types';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    verifier,
+    signAlg: 'EdDSA',
+    hasher: digest,
+    hashAlg: 'SHA-256',
+    saltGenerator: generateSalt,
+  });
+
+  // Issuer Define the claims object with the user's information
+  const claims = {
+    firstname: 'John',
+    lastname: 'Doe',
+    ssn: '123-45-6789',
+    id: '1234',
+  };
+
+  // Issuer Define the disclosure frame to specify which claims can be disclosed
+  const disclosureFrame: DisclosureFrame<typeof claims> = {
+    _sd: ['firstname', 'lastname', 'ssn'],
+  };
+
+  // Issue a signed JWT credential with the specified claims and disclosures
+  // Return a Encoded SD JWT. Issuer send the credential to the holder
+  const credential = await sdjwt.issue(claims, disclosureFrame);
+
+  // Holder Receive the credential from the issuer and validate it
+  // Return a boolean result
+  const valid = await sdjwt.validate(credential);
+
+  // Holder Define the presentation frame to specify which claims should be presented
+  // The list of presented claims must be a subset of the disclosed claims
+  // the presentation frame is determined by the verifier or the protocol that was agreed upon between the holder and the verifier
+  const presentationFrame = ['firstname', 'ssn'];
+
+  // Create a presentation using the issued credential and the presentation frame
+  // return a Encoded SD JWT. Holder send the presentation to the verifier
+  const presentation = await sdjwt.present(credential, presentationFrame);
+
+  // Verifier Define the required claims that need to be verified in the presentation
+  const requiredClaims = ['firstname', 'ssn', 'id'];
+
+  // Verify the presentation using the public key and the required claims
+  // return a boolean result
+  const verified = await sdjwt.verify(presentation, requiredClaims);
+  console.log(verified);
+})();

examples/sd-jwt-example/custom.ts

@@ -0,0 +1,82 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { DisclosureFrame } from '@sd-jwt/types';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    verifier,
+    signAlg: 'EdDSA',
+    hasher: digest,
+    hashAlg: 'SHA-256',
+    saltGenerator: generateSalt,
+  });
+
+  // Issuer Define the claims object with the user's information
+  const claims = {
+    firstname: 'John',
+    lastname: 'Doe',
+    ssn: '123-45-6789',
+    id: '1234',
+  };
+
+  // Issuer Define the disclosure frame to specify which claims can be disclosed
+  const disclosureFrame: DisclosureFrame<typeof claims> = {
+    _sd: ['firstname', 'id'],
+  };
+
+  // Issue a signed JWT credential with the specified claims and disclosures
+  // Return a Encoded SD JWT. Issuer send the credential to the holder
+  const credential = await sdjwt.issue(claims, disclosureFrame);
+  console.log('encodedJwt:', credential);
+
+  // Holder Receive the credential from the issuer and validate it
+  // Return a boolean result
+  const validated = await sdjwt.validate(credential);
+  console.log('validated:', validated);
+
+  // You can decode the SD JWT to get the payload and the disclosures
+  const sdJwtToken = await sdjwt.decode(credential);
+
+  // You can get the keys of the claims from the decoded SD JWT
+  const keys = await sdJwtToken.keys(digest);
+  console.log({ keys });
+
+  // You can get the claims from the decoded SD JWT
+  const payloads = await sdJwtToken.getClaims(digest);
+
+  // You can get the presentable keys from the decoded SD JWT
+  const presentableKeys = await sdJwtToken.presentableKeys(digest);
+
+  console.log({
+    payloads: JSON.stringify(payloads, null, 2),
+    disclosures: JSON.stringify(sdJwtToken.disclosures, null, 2),
+    claim: JSON.stringify(sdJwtToken.jwt?.payload, null, 2),
+    presentableKeys,
+  });
+
+  console.log(
+    '================================================================',
+  );
+
+  // Holder Define the presentation frame to specify which claims should be presented
+  // The list of presented claims must be a subset of the disclosed claims
+  // the presentation frame is determined by the verifier or the protocol that was agreed upon between the holder and the verifier
+  const presentationFrame = ['firstname', 'id'];
+
+  // Create a presentation using the issued credential and the presentation frame
+  // return a Encoded SD JWT. Holder send the presentation to the verifier
+  const presentation = await sdjwt.present(credential, presentationFrame);
+  console.log('presentedSDJwt:', presentation);
+
+  // Verifier Define the required claims that need to be verified in the presentation
+  const requiredClaims = ['firstname', 'id'];
+
+  // Verify the presentation using the public key and the required claims
+  // return a boolean result
+  const verified = await sdjwt.verify(presentation, requiredClaims);
+  console.log('verified:', verified);
+})();

examples/sd-jwt-example/custom_header.ts

@@ -0,0 +1,41 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { DisclosureFrame } from '@sd-jwt/types';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    verifier,
+    signAlg: 'EdDSA',
+    hasher: digest,
+    hashAlg: 'SHA-256',
+    saltGenerator: generateSalt,
+  });
+
+  // Issuer Define the claims object with the user's information
+  const claims = {
+    firstname: 'John',
+    lastname: 'Doe',
+    ssn: '123-45-6789',
+    id: '1234',
+  };
+
+  // Issuer Define the disclosure frame to specify which claims can be disclosed
+  const disclosureFrame: DisclosureFrame<typeof claims> = {
+    _sd: ['firstname', 'id'],
+  };
+
+  // Issue a signed JWT credential with the specified claims and disclosures
+  // Return a Encoded SD JWT. Issuer send the credential to the holder
+  const credential = await sdjwt.issue(claims, disclosureFrame, {
+    header: { typ: 'vc+sd-jwt', custom: 'data' }, // You can add custom header data to the SD JWT
+  });
+  console.log('encodedSdjwt:', credential);
+
+  // You can check the custom header data by decoding the SD JWT
+  const sdJwtToken = await sdjwt.decode(credential);
+  console.log(sdJwtToken);
+})();

examples/sd-jwt-example/decode.ts

@@ -0,0 +1,27 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    signAlg: 'EdDSA',
+    verifier,
+    hasher: digest,
+    saltGenerator: generateSalt,
+    kbSigner: signer,
+    kbSignAlg: 'EdDSA',
+    kbVerifier: verifier,
+  });
+
+  // this is an example of SD JWT
+  const data =
+    'eyJhbGciOiAiRVMyNTYiLCAia2lkIjogImRvYy1zaWduZXItMDUtMjUtMjAyMiIsICJ0eXAiOiAidmMrc2Qtand0In0.eyJfc2QiOiBbIjA5dktySk1PbHlUV00wc2pwdV9wZE9CVkJRMk0xeTNLaHBINTE1blhrcFkiLCAiMnJzakdiYUMwa3k4bVQwcEpyUGlvV1RxMF9kYXcxc1g3NnBvVWxnQ3diSSIsICJFa084ZGhXMGRIRUpidlVIbEVfVkNldUM5dVJFTE9pZUxaaGg3WGJVVHRBIiwgIklsRHpJS2VpWmREd3BxcEs2WmZieXBoRnZ6NUZnbldhLXNONndxUVhDaXciLCAiSnpZakg0c3ZsaUgwUjNQeUVNZmVadTZKdDY5dTVxZWhabzdGN0VQWWxTRSIsICJQb3JGYnBLdVZ1Nnh5bUphZ3ZrRnNGWEFiUm9jMkpHbEFVQTJCQTRvN2NJIiwgIlRHZjRvTGJnd2Q1SlFhSHlLVlFaVTlVZEdFMHc1cnREc3JaemZVYW9tTG8iLCAiamRyVEU4WWNiWTRFaWZ1Z2loaUFlX0JQZWt4SlFaSUNlaVVRd1k5UXF4SSIsICJqc3U5eVZ1bHdRUWxoRmxNXzNKbHpNYVNGemdsaFFHMERwZmF5UXdMVUs0Il0sICJpc3MiOiAiaHR0cHM6Ly9leGFtcGxlLmNvbS9pc3N1ZXIiLCAiaWF0IjogMTY4MzAwMDAwMCwgImV4cCI6IDE4ODMwMDAwMDAsICJkY3QiOiAiaHR0cHM6Ly9jcmVkZW50aWFscy5leGFtcGxlLmNvbS9pZGVudGl0eV9jcmVkZW50aWFsIiwgIl9zZF9hbGciOiAic2hhLTI1NiIsICJjbmYiOiB7Imp3ayI6IHsia3R5IjogIkVDIiwgImNydiI6ICJQLTI1NiIsICJ4IjogIlRDQUVSMTladnUzT0hGNGo0VzR2ZlNWb0hJUDFJTGlsRGxzN3ZDZUdlbWMiLCAieSI6ICJaeGppV1diWk1RR0hWV0tWUTRoYlNJaXJzVmZ1ZWNDRTZ0NGpUOUYySFpRIn19fQ.b036DutqQ72WszrCq0GuqZnbws3MApQyzA41I5DSJmenUfsADtqW8FbI_N04FP1wZDF_JtV6a6Ke3Z7apkoTLA~WyIyR0xDNDJzS1F2ZUNmR2ZyeU5STjl3IiwgImdpdmVuX25hbWUiLCAiSm9obiJd~WyJlbHVWNU9nM2dTTklJOEVZbnN4QV9BIiwgImZhbWlseV9uYW1lIiwgIkRvZSJd~WyI2SWo3dE0tYTVpVlBHYm9TNXRtdlZBIiwgImVtYWlsIiwgImpvaG5kb2VAZXhhbXBsZS5jb20iXQ~WyJlSThaV205UW5LUHBOUGVOZW5IZGhRIiwgInBob25lX251bWJlciIsICIrMS0yMDItNTU1LTAxMDEiXQ~WyJRZ19PNjR6cUF4ZTQxMmExMDhpcm9BIiwgImFkZHJlc3MiLCB7InN0cmVldF9hZGRyZXNzIjogIjEyMyBNYWluIFN0IiwgImxvY2FsaXR5IjogIkFueXRvd24iLCAicmVnaW9uIjogIkFueXN0YXRlIiwgImNvdW50cnkiOiAiVVMifV0~WyJBSngtMDk1VlBycFR0TjRRTU9xUk9BIiwgImJpcnRoZGF0ZSIsICIxOTQwLTAxLTAxIl0~WyJQYzMzSk0yTGNoY1VfbEhnZ3ZfdWZRIiwgImlzX292ZXJfMTgiLCB0cnVlXQ~WyJHMDJOU3JRZmpGWFE3SW8wOXN5YWpBIiwgImlzX292ZXJfMjEiLCB0cnVlXQ~WyJsa2x4RjVqTVlsR1RQVW92TU5JdkNBIiwgImlzX292ZXJfNjUiLCB0cnVlXQ~';
+  const decodedObject = await sdjwt.decode(data);
+  console.log(decodedObject);
+
+  const claims = await sdjwt.getClaims(data);
+  console.log(claims);
+})();

examples/sd-jwt-example/decoy.ts

@@ -0,0 +1,35 @@
+import { SDJwtInstance } from '@sd-jwt/core';
+import { DisclosureFrame } from '@sd-jwt/types';
+import { createSignerVerifier, digest, generateSalt } from './utils';
+
+(async () => {
+  const { signer, verifier } = await createSignerVerifier();
+
+  // Create SDJwt instance for use
+  const sdjwt = new SDJwtInstance({
+    signer,
+    verifier,
+    signAlg: 'EdDSA',
+    hasher: digest,
+    hashAlg: 'SHA-256',
+    saltGenerator: generateSalt,
+  });
+  // Issuer Define the claims object with the user's information
+  const claims = {
+    lastname: 'Doe',
+    ssn: '123-45-6789',
+    id: '1234',
+  };
+
+  // Issuer Define the disclosure frame to specify which claims can be disclosed
+  const disclosureFrame: DisclosureFrame<typeof claims> = {
+    _sd: ['id'],
+    _sd_decoy: 1, // 1 decoy digest will be added in SD JWT
+  };
+  const credential = await sdjwt.issue(claims, disclosureFrame);
+  console.log('encodedSdjwt:', credential);
+
+  // You can check the decoy digest in the SD JWT by decoding it
+  const sdJwtToken = await sdjwt.decode(credential);
+  console.log(sdJwtToken);
+})();