Selective Disclosure for JWTs (SD-JWT).

Usage

Contrarily to regular JWTs or JWSs that can be verified directly after being decoded, SD-JWTs claims need to be revealed before being validated. The standard path looks like this:

┌───────┐                     ┌──────────────┐                            ┌───────────────┐
│       │                     │              │                            │               │
│ SdJwt │ ─► SdJwt::decode ─► │ DecodedSdJwt │ ─► DecodedSdJwt::reveal ─► │ RevealedSdJwt │
│       │                     │              │                            │               │
└───────┘                     └──────────────┘                            └───────────────┘

The base SD-JWT type is [SdJwt] (or [SdJwtBuf] if you want to own the SD-JWT). The [SdJwt::decode] function decodes the SD-JWT header, payload and disclosures into a [DecodedSdJwt]. At this point the payload claims are still concealed and cannot be validated. The [DecodedSdJwt::reveal] function uses the disclosures to reveal the disclosed claims and discard the non-disclosed claims. The result is a [RevealedSdJwt] containing the revealed JWT, and a set of JSON pointers ([JsonPointerBuf]) mapping each revealed claim to its disclosure. The [RevealedSdJwt::verify] function can then be used to verify the JWT as usual.

Alternatively, if you don't care about the byproducts of decoding and revealing the claims, a [SdJwt::decode_reveal_verify] function is provided to decode, reveal and verify the claims directly.