compliant with sd-jwt 06

Signed-off-by: Berend Sliedrecht <[email protected]>

README.md

@@ -1,14 +1,14 @@
-# Selective Disclosure JWT (SD-JWT) Draft 05 & Selective Disclosure JWT VC
+# Selective Disclosure JWT (SD-JWT) Draft 06 & Selective Disclosure JWT VC
 
 ## Compliant with
 
 -   [sd-jwt
-    05](https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/05/)
+    06](https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/06/)
 -   [sd-jwt-vc
     00](https://datatracker.ietf.org/doc/draft-ietf-oauth-sd-jwt-vc/00/)
 
 > NOTE: the latest specifications are sd-jwt 06 & sd-jwt-vc 01. This library is
-> not conformat, yet.
+> not conformat, yet with sd-jwt-vc 01.
 
 ## Design decisions
 

src/sdJwt/sdJwt.ts

@@ -461,6 +461,23 @@ export class SdJwt<
         }
     }
 
+    public assertNonSelectivelyDisclosableClaim(claimKey: string) {
+        try {
+            this.assertClaimInDisclosureFrame(claimKey)
+            throw new SdJwtError(
+                `Claim key '${claimKey}' was found in the disclosure frame. This claim is not allowed to be selectively disclosed`
+            )
+        } catch {}
+    }
+
+    public assertNonSelectivelyDisclosableClaims() {
+        if (!this.disclosureFrame) return
+
+        ;['_sd', '_sd_alg', '...'].forEach(
+            this.assertNonSelectivelyDisclosableClaim
+        )
+    }
+
     /**
      *
      * Return all claims from the payload and the disclosures on their original place.

src/sdJwtVc/sdJwtVc.ts

@@ -1,6 +1,5 @@
 import { ReturnSdJwtWithHeaderAndPayload, sdJwtFromCompact } from '../sdJwt'
 import { SdJwt, SdJwtVerificationResult } from '../sdJwt'
-import { SdJwtVcError } from './error'
 import { JwtError } from '../jwt'
 import { Verifier } from '../types'
 
@@ -13,22 +12,11 @@ export class SdJwtVc<
     Header extends Record<string, unknown> = Record<string, unknown>,
     Payload extends Record<string, unknown> = Record<string, unknown>
 > extends SdJwt<Header, Payload> {
-    private assertNonSelectivelyDisclosableClaim(claimKey: string) {
-        try {
-            this.assertClaimInDisclosureFrame(claimKey)
-            throw new SdJwtVcError(
-                `Claim key '${claimKey}' was found in the disclosure frame. This claim is not allowed to be selectively disclosed`
-            )
-        } catch {}
-    }
-
-    private assertNonSelectivelyDisclosableClaims() {
+    public assertNonSelectivelyDisclosableClaims() {
         if (!this.disclosureFrame) return
-
-        this.assertNonSelectivelyDisclosableClaim('iss')
-        this.assertNonSelectivelyDisclosableClaim('type')
-        this.assertNonSelectivelyDisclosableClaim('iat')
-        this.assertNonSelectivelyDisclosableClaim('cnf')
+        ;['iss', 'type', 'iat', 'cnf'].forEach(
+            this.assertNonSelectivelyDisclosableClaim
+        )
     }
 
     private validateSdJwtVc(expectedCnfClaim?: Record<string, unknown>) {