From b528c49629a529204116dae991399c034254f0a1 Mon Sep 17 00:00:00 2001
From: Giuseppe De Marco <demarcog83@gmail.com>
Date: Sat, 17 Feb 2024 01:39:30 +0100
Subject: [PATCH] feat: iat disclosable

---
 examples/complex_eidas/specification.yml |  3 ++-
 examples/settings.yml                    |  2 +-
 pyproject.toml                           |  2 +-
 src/sd_jwt/__init__.py                   |  2 +-
 src/sd_jwt/bin/demo.py                   |  2 +-
 src/sd_jwt/bin/generate.py               | 29 ++++++++++++++++++++++--
 src/sd_jwt/verifier.py                   |  6 ++---
 tests/testcases/settings.yml             |  4 +++-
 8 files changed, 39 insertions(+), 11 deletions(-)

diff --git a/examples/complex_eidas/specification.yml b/examples/complex_eidas/specification.yml
index 626f151..6cab923 100644
--- a/examples/complex_eidas/specification.yml
+++ b/examples/complex_eidas/specification.yml
@@ -1,4 +1,5 @@
 user_claims:
+  !sd iat: 11
   verified_claims:
     verification:
       trust_framework: eidas
@@ -33,5 +34,5 @@ holder_disclosed_claims:
       {
         "verification": { "evidence": [] },
         "claims": { "gender": null, "place_of_birth": { "country": null } },
-      },
+      }
   }
diff --git a/examples/settings.yml b/examples/settings.yml
index 53890e3..a746a5d 100644
--- a/examples/settings.yml
+++ b/examples/settings.yml
@@ -28,4 +28,4 @@ expiry_seconds: 86400000  # 1000 days
 random_seed: 0
 
 iat: 1683000000  # Tue May 02 2023 04:00:00 GMT+0000
-exp: 1883000000  # Sat Sep 01 2029 23:33:20 GMT+0000
\ No newline at end of file
+exp: 1883000000  # Sat Sep 01 2029 23:33:20 GMT+0000
diff --git a/pyproject.toml b/pyproject.toml
index ff25458..a8c594e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "sd-jwt"
-version = "0.10.4"
+version = "0.11.0"
 description = "The reference implementation of the IETF SD-JWT specification."
 authors = ["Daniel Fett <mail@danielfett.de>"]
 readme = "README.md"
diff --git a/src/sd_jwt/__init__.py b/src/sd_jwt/__init__.py
index d9b054a..ae6db5f 100644
--- a/src/sd_jwt/__init__.py
+++ b/src/sd_jwt/__init__.py
@@ -1 +1 @@
-__version__ = "0.10.4"
+__version__ = "0.11.0"
diff --git a/src/sd_jwt/bin/demo.py b/src/sd_jwt/bin/demo.py
index d4b152b..02c5905 100644
--- a/src/sd_jwt/bin/demo.py
+++ b/src/sd_jwt/bin/demo.py
@@ -307,4 +307,4 @@ def cb_get_issuer_key(issuer):
         sys.exit(0)
 
 if __name__ == "__main__":
-    run()
\ No newline at end of file
+    run()
diff --git a/src/sd_jwt/bin/generate.py b/src/sd_jwt/bin/generate.py
index ad00641..e24445f 100755
--- a/src/sd_jwt/bin/generate.py
+++ b/src/sd_jwt/bin/generate.py
@@ -7,8 +7,10 @@
 
 
 import argparse
+import datetime
 import logging
 import sys
+
 from typing import Dict
 from pathlib import Path
 
@@ -29,6 +31,19 @@
 # Set logging to stdout
 logging.basicConfig(stream=sys.stdout, level=logging.INFO)
 
+def get_value_from_disclosables(attr_name, testcase):
+    _res = None
+    try:
+        _res = testcase['user_claims'][
+            [
+                k for k,v in testcase['user_claims'].items()
+                if hasattr(k, "value") and k.value == attr_name
+            ][0]
+        ]
+    except IndexError:
+        pass
+
+    return _res
 
 def generate_test_case_data(settings: Dict, testcase_path: Path, type: str):
     seed = settings["random_seed"]
@@ -42,12 +57,22 @@ def generate_test_case_data(settings: Dict, testcase_path: Path, type: str):
     extra_header_parameters = testcase.get("extra_header_parameters", {})
 
     claims = {}
+
+    _iat = get_value_from_disclosables("iat", testcase)
+
+    iat = _iat or settings.get("iat", int(datetime.datetime.utcnow().timestamp()))
+    exp = iat + (settings.get("exp_delta_minutes", 60) * 60)
+    
     if include_default_claims:
         claims = {
             "iss": settings["identifiers"]["issuer"],
-            "iat": settings["iat"],
-            "exp": settings["exp"],
+            "exp": settings.get("exp", exp)
         }
+    else:
+        claims = dict()
+
+    if not _iat:
+        claims['iat'] = iat
 
     claims.update(testcase["user_claims"])
 
diff --git a/src/sd_jwt/verifier.py b/src/sd_jwt/verifier.py
index 7f0400d..9ec2317 100644
--- a/src/sd_jwt/verifier.py
+++ b/src/sd_jwt/verifier.py
@@ -112,9 +112,9 @@ def _verify_key_binding_jwt(
         # Reassemble the SD-JWT in compact format and check digest
         if self._serialization_format == "compact":
             string_to_hash = self._combine(
-                        self._unverified_input_sd_jwt,
-                        *self._input_disclosures,
-                        ""
+                self._unverified_input_sd_jwt,
+                *self._input_disclosures,
+                ""
             )
             expected_sd_jwt_presentation_hash = self._b64hash(string_to_hash.encode("ascii"))
 
diff --git a/tests/testcases/settings.yml b/tests/testcases/settings.yml
index 53890e3..0195354 100644
--- a/tests/testcases/settings.yml
+++ b/tests/testcases/settings.yml
@@ -27,5 +27,7 @@ expiry_seconds: 86400000  # 1000 days
 
 random_seed: 0
 
+exp_delta_seconds: 60
+
 iat: 1683000000  # Tue May 02 2023 04:00:00 GMT+0000
-exp: 1883000000  # Sat Sep 01 2029 23:33:20 GMT+0000
\ No newline at end of file
+exp: 1883000000  # Sat Sep 01 2029 23:33:20 GMT+0000