Merge pull request #16 from MichaelFraser99/kb-jwt-unmarshalling

Default Salt Length & Extra 'Token' value inside KB-Jwt
MichaelFraser99 · Jan 20, 2024 · d161e6e · d161e6e
2 parents a10547c + 744f7d9
commit d161e6e
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -3,7 +3,9 @@ Package go_sd_jwt provides a library for creating and validating SD-JWTs. The
 resulting SdJwt object exposes methods for retrieving the claims and disclosures
 as well as retrieving all disclosed claims in line with the specification.
 
-For more information on SD-JWTs, see the [Selective Disclosure JWTs RFC](https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.html)
+For more information on SD-JWTs, see the [Selective Disclosure JWTs Specification](https://datatracker.ietf.org/doc/draft-ietf-oauth-selective-disclosure-jwt/)
+
+Also see: [sdjwt.org](https://sdjwt.org/) for a playground powered by this module
 
 ## Requirements
 - Go 1.21 or higher
@@ -49,12 +51,12 @@ This object represents a single disclosure in a SD-JWT. The EncodedValue propert
 ```go
 func NewFromObject(key string, value any, salt *string) (*Disclosure, error)
 ```
-NewFromObject creates a Disclosure object for the provided key/value pair and optional salt. If no salt provided, a new salt value of 128 bytes is generated
+NewFromObject creates a Disclosure object for the provided key/value pair and optional salt. If no salt provided, a new salt value of 128 bits is generated
 
 ```go
 func NewFromArrayElement(element any, salt *string) (*Disclosure, error)
 ```
-NewFromArrayElement creates a Disclosure object for the provided array element and optional salt. If no salt provided, a new salt value of 128 bytes is generated
+NewFromArrayElement creates a Disclosure object for the provided array element and optional salt. If no salt provided, a new salt value of 128 bits is generated
 
 ```go
 func NewFromDisclosure(disclosure string) (*Disclosure, error)

diff --git a/e2e/e2e_test.go b/e2e/e2e_test.go
@@ -426,7 +426,7 @@ func TestE2E(t *testing.T) {
 			t.Fatalf("error generating nonce value: %s", err.Error())
 		}
 
-		err = providedSdJwt.AddKeyBindingJwt(holderSigner, crypto.SHA256, holderSigner.Alg().String(), "https://audience.com", string(nonce))
+		err = providedSdJwt.AddKeyBindingJwt(holderSigner, crypto.SHA256, holderSigner.Alg().String(), "https://audience.com", base64.RawURLEncoding.EncodeToString(nonce))
 		if err != nil {
 			t.Fatalf("error adding kb jwt: %s", err.Error())
 		}

diff --git a/internal/salt/salt.go b/internal/salt/salt.go
@@ -7,7 +7,7 @@ import (
 )
 
 func NewSalt() (*string, error) {
-	randomBytes := make([]byte, 128)
+	randomBytes := make([]byte, 16)
 	_, err := rand.Read(randomBytes)
 	if err != nil {
 		return nil, fmt.Errorf("error generating salt value: %w", err)

diff --git a/kbjwt/kbjwt.go b/kbjwt/kbjwt.go
@@ -13,7 +13,7 @@ type KbJwt struct {
 	Aud    *string `json:"aud"`
 	Nonce  *string `json:"nonce"`
 	SdHash *string `json:"sd_hash"`
-	Token  string
+	Token  string  `json:"-"`
 }
 
 func NewFromToken(token string) (*KbJwt, error) {