Complete SD-JWT verification.

This function performs all verification steps:

1. Parses the presentation
2. Verifies issuer signature (required)
3. Validates standard JWT claims (if present): exp (expiration time), nbf (not before), etc.
4. Extracts hash algorithm
5. Verifies disclosures match digests
6. Verifies key binding (if present)
7. Processes payload to reconstruct claims

Returns the processed payload with all claims (both regular non-selectively-disclosable claims and disclosed selectively-disclosable claims). If a KB-JWT was present and verified, the keyBindingInfo field will contain the holder's public key extracted from the cnf claim, allowing the verifier to use it for subsequent operations.

Standard JWT Claims Validation

Standard JWT claims (RFC 7519) included in the issuer-signed JWT are automatically validated:

• exp (expiration time): Token is rejected if expired
• nbf (not before): Token is rejected if not yet valid
• Other standard claims are preserved but not validated by this library

For testing or debugging purposes where signature verification should be skipped, use verifySDJWTWithoutSignature instead.

Verify key binding in a presentation.

Verifies the Key Binding JWT if present in the presentation. This includes verifying the KB-JWT signature and sd_hash.

Verify SD-JWT issuer signature.

Verifies the signature on the issuer-signed JWT using the issuer's public key.

SD-JWT verification without signature verification.

This function performs verification steps 3-6 of verifySDJWT but skips signature verification. This is useful for testing or debugging, but should NOT be used in production as it does not verify the authenticity of the JWT.

WARNING: This function does not verify the issuer signature. Only use this function when signature verification is not required (e.g., in tests or when verifying locally-generated JWTs).

Verify that all disclosures match digests in the payload.

This function:

1. Computes digest for each disclosure
2. Verifies each digest exists in the payload's _sd array
3. Checks for duplicate disclosures

Process SD-JWT payload by replacing digests with disclosure values.

This function reconstructs the full claims set by:

1. Starting with regular (non-selectively disclosable) claims
2. Replacing digests in _sd arrays with actual claim values from disclosures

Extract hash algorithm from presentation.

Parses the JWT payload and extracts the _sd_alg claim, defaulting to SHA-256.

Parse payload from JWT.

| Parse JWT payload from a JWT string (advanced/internal use).

Extracts and decodes the JWT payload (middle part) from a JWT string. This function properly decodes the base64url-encoded payload and parses it as JSON.

This function is exported for advanced use cases and internal library use. Most users should use verifySDJWT or verifySDJWTWithoutSignature instead, which handle payload parsing internally.

This function is used internally by:

• Presentation - To parse payloads when selecting disclosures
• verifyDisclosures - To extract digests from payloads
• extractHashAlgorithm - To extract hash algorithm from payloads

Advanced/Internal Use

This function is primarily used internally by other modules (e.g., Presentation). Most users should use higher-level functions like verifySDJWT instead. Only use this function directly if you need fine-grained control over JWT parsing.

Extract regular (non-selectively disclosable) claims from payload.

JWT payloads must be JSON objects (RFC 7519), so this function only accepts Aeson.Object values. Returns an error if given a non-object value.

Extract digests from payload's _sd array and arrays with ellipsis objects.