verify function

Claims verify({
  1. required Uint8List token,
  2. required PublicKey verifier,
  3. required Uint8List domain,
  4. int? now,
})

Verifies a CWT's COSE signature and temporal validity, then returns the decoded claims.

When now is provided (Unix timestamp in seconds), temporal claims are validated: nbf must be present and nbf <= now, and if exp is present then now < exp. When now is null, temporal validation is skipped.

  • token: The serialized CWT
  • verifier: The xDSA public key to verify against
  • domain: Application-specific domain separator
  • now: Current Unix timestamp for temporal validation (null to skip)

Implementation

Claims verify({
  required Uint8List token,
  required xdsa.PublicKey verifier,
  required Uint8List domain,
  int? now,
}) {
  if (now != null && now < 0) {
    throw ArgumentError.value(
      now,
      'now',
      'must be a non-negative Unix timestamp',
    );
  }
  return Claims._decode(
    ffi.cwtVerify(
      token: token,
      verifier: verifier.inner,
      domain: domain,
      now: now != null ? BigInt.from(now) : null,
    ),
  );
}