fixed issue where some nested claims wouldn't be disclosable

TODO.md

@@ -7,3 +7,9 @@
 - Option to provide "additional validation" for sd-jwt validation
 - Option to provide "additional validation" for kb-jwt validation
 - Function to retrieve kb-jwt contents as map
+
+
+Signing:
+    - pass json object
+    - specify keys to selectively disclose
+    - return sdjwt object

getters.go

@@ -0,0 +1,61 @@
+package go_sd_jwt
+
+// Body returns the body of the JWT
+func (s *SdJwt) Body() *map[string]any {
+	return &s.body
+}
+
+// Token returns the JWT token as it was received
+func (s *SdJwt) Token() string {
+	return s.token
+}
+
+// Signature returns the signature of the provided token used to verify it
+func (s *SdJwt) Signature() string {
+	return s.signature
+}
+
+// Head returns the head of the JWT
+func (s *SdJwt) Head() map[string]any {
+	return s.head
+}
+
+// Disclosures returns the disclosures of the SD-JWT
+func (s *SdJwt) Disclosures() []Disclosure {
+	return s.disclosures
+}
+
+// PublicKey returns the public key json (if provided)
+func (s *SdJwt) PublicKey() string {
+	return s.publicKey
+}
+
+// KbJwt returns the signed kb-jwt (if provided)
+func (s *SdJwt) KbJwt() *string {
+	return s.kbJwt
+}
+
+// ClaimName returns the claim name of the disclosure
+func (d *Disclosure) ClaimName() *string {
+	return d.claimName
+}
+
+// ClaimValue returns the claim value of the disclosure
+func (d *Disclosure) ClaimValue() string {
+	return d.claimValue
+}
+
+// Salt returns the salt of the disclosure
+func (d *Disclosure) Salt() string {
+	return d.salt
+}
+
+// RawValue returns the decoded contents of the disclosure
+func (d *Disclosure) RawValue() string {
+	return d.rawValue
+}
+
+// EncodedValue returns the disclosure as it was listed in the original SD-JWT
+func (d *Disclosure) EncodedValue() string {
+	return d.encodedValue
+}

internal/error/error.go

@@ -1,9 +1,15 @@
 package error
 
+import "errors"
+
 type InvalidToken struct {
 	Message string
 }
 
 func (e *InvalidToken) Error() string {
 	return e.Message
 }
+
+var InvalidJsonError = errors.New("")
+var UnknownDisclosureError = errors.New("")
+var ClaimNotFoundError = errors.New("")

internal/jose/algorithms/es256/ES256.go

@@ -29,7 +29,7 @@ func (signer *ES256) ValidateSignature(token, signature string, publicKeyJson st
 	return ecdsa.Verify(pk, bodyHash[:], r, s), nil
 }
 
-func (signer *ES256) Sign(body map[string]interface{}, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
+func (signer *ES256) Sign(body map[string]any, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
 	curve := elliptic.P256()
 	pk, err := ecdsa.GenerateKey(curve, rand.Reader)
 	if err != nil {
@@ -52,6 +52,6 @@ func (signer *ES256) Sign(body map[string]interface{}, headerKeys map[string]str
 
 	return signedToken, pk, pubKey, nil
 }
-func (signer *ES256) SignWithKey(body map[string]interface{}, headerKeys map[string]string, privateKey string) (*string, error) {
+func (signer *ES256) SignWithKey(body map[string]any, headerKeys map[string]string, privateKey string) (*string, error) {
 	return nil, nil //todo
 }

internal/jose/algorithms/es256/ES256_test.go

@@ -25,7 +25,7 @@ func TestValidateSignatureES256(t *testing.T) {
 }
 
 func TestES256_Sign(t *testing.T) {
-	body := map[string]interface{}{
+	body := map[string]any{
 		"firstname": "john",
 		"surname":   "smith",
 		"address": map[string]string{

internal/jose/algorithms/es384/ES384.go

@@ -29,7 +29,7 @@ func (signer *ES384) ValidateSignature(token, signature string, publicKeyJson st
 	return ecdsa.Verify(pk, bodyHash[:], r, s), nil
 }
 
-func (signer *ES384) Sign(body map[string]interface{}, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
+func (signer *ES384) Sign(body map[string]any, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
 	curve := elliptic.P384()
 	pk, err := ecdsa.GenerateKey(curve, rand.Reader)
 	if err != nil {
@@ -52,6 +52,6 @@ func (signer *ES384) Sign(body map[string]interface{}, headerKeys map[string]str
 
 	return signedToken, pk, pubKey, nil
 }
-func (signer *ES384) SignWithKey(body map[string]interface{}, headerKeys map[string]string, privateKey string) (*string, error) {
+func (signer *ES384) SignWithKey(body map[string]any, headerKeys map[string]string, privateKey string) (*string, error) {
 	return nil, nil //todo
 }

internal/jose/algorithms/es384/ES384_test.go

@@ -25,7 +25,7 @@ func TestValidateSignatureES384(t *testing.T) {
 }
 
 func TestES384_Sign(t *testing.T) {
-	body := map[string]interface{}{
+	body := map[string]any{
 		"firstname": "john",
 		"surname":   "smith",
 		"address": map[string]string{

internal/jose/algorithms/es512/ES512.go

@@ -29,7 +29,7 @@ func (signer *ES512) ValidateSignature(token, signature string, publicKeyJson st
 	return ecdsa.Verify(pk, bodyHash[:], r, s), nil
 }
 
-func (signer *ES512) Sign(body map[string]interface{}, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
+func (signer *ES512) Sign(body map[string]any, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error) {
 	curve := elliptic.P521()
 	pk, err := ecdsa.GenerateKey(curve, rand.Reader)
 	if err != nil {
@@ -52,6 +52,6 @@ func (signer *ES512) Sign(body map[string]interface{}, headerKeys map[string]str
 
 	return signedToken, pk, pubKey, nil
 }
-func (signer *ES512) SignWithKey(body map[string]interface{}, headerKeys map[string]string, privateKey string) (*string, error) {
+func (signer *ES512) SignWithKey(body map[string]any, headerKeys map[string]string, privateKey string) (*string, error) {
 	return nil, nil //todo
 }

internal/jose/algorithms/es512/ES512_test.go

@@ -25,7 +25,7 @@ func TestValidateSignatureES512(t *testing.T) {
 }
 
 func TestES512_Sign(t *testing.T) {
-	body := map[string]interface{}{
+	body := map[string]any{
 		"firstname": "john",
 		"surname":   "smith",
 		"address": map[string]string{

internal/jose/signature.go

@@ -11,8 +11,8 @@ import (
 
 type Signer interface {
 	ValidateSignature(token, signature string, publicKey string) (bool, error)
-	Sign(body map[string]interface{}, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error)
-	SignWithKey(body map[string]interface{}, headerKeys map[string]string, privateKey string) (*string, error)
+	Sign(body map[string]any, headerKeys map[string]string) (*string, crypto.PrivateKey, crypto.PublicKey, error)
+	SignWithKey(body map[string]any, headerKeys map[string]string, privateKey string) (*string, error)
 }
 
 func GetSigner(alg string) (Signer, error) {