import { CRYPTOSUITE_ECDSA_SD_2023, PROOF_TYPE_DATA_INTEGRITY } from "./constants.mjs"; //#region src/cryptosuites/EcdsaSd2023.d.ts interface EcdsaSd2023KeyPair { id: string; controller: string; publicKeyMultibase: string; privateKeyMultibase?: string; } interface EcdsaSd2023Proof { type: typeof PROOF_TYPE_DATA_INTEGRITY; cryptosuite: typeof CRYPTOSUITE_ECDSA_SD_2023; created: string; verificationMethod: string; proofPurpose: string; proofValue: string; } interface SignOptions { document: Record; keyPair: EcdsaSd2023KeyPair; purpose?: string; date?: Date | string; mandatoryPointers?: string[]; } interface DeriveOptions { signedDocument: Record; selectivePointers: string[]; } interface VerifyOptions { document: Record; proof: EcdsaSd2023Proof; publicKeyMultibase: string; } /** * ECDSA SD 2023 Cryptosuite implementation * * Note: Full selective disclosure support requires BBS+ style cryptography. * This implementation provides the structure and basic ECDSA signing. * For production use with actual selective disclosure, integrate with * @mattrglobal/bbs-signatures or similar. */ declare class EcdsaSd2023Cryptosuite { static readonly proofType = "DataIntegrityProof"; static readonly cryptosuite = "ecdsa-sd-2023"; static readonly contextUrl = "https://w3id.org/security/data-integrity/v2"; static readonly verificationMethodTypes: string[]; /** * Sign a document using ecdsa-sd-2023 cryptosuite * * @param options - Sign options including document, keyPair, and mandatoryPointers * @returns Signed document with base proof */ sign(options: SignOptions): Promise>; /** * Derive a selective disclosure proof from a base proof * * @param options - Derive options including signed document and selective pointers * @returns Derived document with only selected claims */ derive(options: DeriveOptions): Promise>; /** * Verify a document with ecdsa-sd-2023 proof */ verify(options: VerifyOptions): Promise<{ verified: boolean; error?: string; }>; /** * Check if this suite matches a given proof */ matchProof(proof: Record): boolean; /** * Create hash data for signing/verification */ private createHashData; /** * Deep sort object keys for consistent serialization */ private sortObject; /** * Get Web Crypto SubtleCrypto API if available */ private getSubtleCrypto; /** * Sign data with P-256 key using Web Crypto API with JWK import */ private signWithP256; /** * Verify signature with P-256 public key using Web Crypto API with JWK import */ private verifyWithP256; /** * SHA-256 hash using cross-platform Hasher */ private sha256; /** * Decode private key from multibase and return raw 32-byte scalar */ private decodePrivateKeyRaw; /** * Decode public key from multibase and return raw bytes * Returns uncompressed format (65 bytes: 0x04 || x || y) */ private decodePublicKeyRaw; /** * Convert raw P-256 private key to JWK format for Web Crypto */ private privateKeyToJwk; /** * Convert raw P-256 public key to JWK format for Web Crypto */ private publicKeyToJwk; /** * Encode proof value (base64url encoded JSON) */ private encodeProofValue; /** * Decode proof value */ private decodeProofValue; /** * Generate a new P-256 key pair with multibase encoding * Uses Web Crypto API for key generation */ static generateKeyPair(controller: string, keyId?: string): Promise; } //#endregion export { DeriveOptions, EcdsaSd2023Cryptosuite, EcdsaSd2023KeyPair, EcdsaSd2023Proof, SignOptions, VerifyOptions }; //# sourceMappingURL=EcdsaSd2023.d.mts.map