selective_disclosure_jwt library

SD-JWT SDK for Dart.

This library provides an implementation of the Selective Disclosure JWT (SD-JWT) specification, allowing issuers to create JWTs with selectively disclosable claims, holders to present only specific claims to verifiers, and verifiers to validate the authenticity of the presented claims.

The library supports:

Creating and signing SD-JWTs with selectively disclosable claims
Key binding to prevent unauthorized presentations
Verification of SD-JWTs and their disclosures
Cryptographic operations using various algorithms (RS256, ES256, etc.)

Example usage:

// Create an SD-JWT handler
final handler = SdJwtHandlerV1();

// Sign claims with selective disclosure
final sdJwt = await handler.sign(
  claims: {"name": "Alice", "age": 25},
  disclosureFrame: {"_sd": ["age"]},
  issuerPrivateKey: privateKey,
);

// Verify an SD-JWT
final result = await handler.verify(
  sdJwt: sdJwtString,
  issuerKey: publicKey,
);

Classes

Base64EncodedOutputHasher: A hasher implementation that wraps another hasher and encodes its output using a codec.
Disclosure: A class representing a disclosure in an SD-JWT. The class also provides some disclosure functionalities like parsing, decoding and encoding.
DisclosurePath: A class representing a pointer to a path within a SD-JWT claims.
Hasher<T, V>: Hasher is an interface for hashing algorithms. It provides a way to execute a specific algorithm on input data.
PresentWithKbJwtInput: Represents the additional arguments needed to enable presenting the SdJwt with a signed KbJwt.
SdJwt: A class representing a Selective Disclosure JWT (SD-JWT).
SdJwtHandlerV1: Implementation of the SdJwtHandler interface.
SdJwtStatus: A class representing the verification status of a SdJwt.
SdKey: Abstract class representing an SD-JWT cryptographic key. Subclasses:
SDKeySigner: Implements the Signer for bundled algorithms and supported private key formats.
SDKeyVerifier: Implements the Signer for bundled algorithms and supported public key formats.
SdPrivateKey: Represents a private key for signing SD-JWTs.
SdPublicKey: Represents a public key for verifying SD-JWTs.
Signer: An abstract class representing a Signer with well defined capabilities. Any provided implementation should be able to sign the given bytes and be able to provide additional details about the signing algorithm name and verification id used.
Verifier: An abstract class representing a Verifier with well defined capabilities. Any provided implementation should be able to verify the given signature bytes for the given data bytes

Enums

SdJwtSignAlgorithm: Bundled Crypto Algorithms.

Constants

disclosureSeparator → const String: The separator character used between JWT and disclosures in an SD-JWT.

Typedefs

CustomHasher = Hasher<String, Uint8List>? Function(String algorithmName): CustomHasher is a function pointer to a customized hasher.

selective_disclosure_jwt library

Classes

Enums

Constants

Typedefs

selective_disclosure_jwt package

selective_disclosure_jwt library