/** * Cross-Platform Crypto Module * * Provides cryptographic operations that work in both Node.js and browser environments. * Uses native crypto in Node.js and @noble/hashes + @noble/ciphers in browsers. */ import type { RsaJwk as RsaJwkNode, RsaKeyPair as RsaKeyPairNode } from './node'; import type { CryptoProvider, EncBlob } from './types'; export type RsaJwk = RsaJwkNode; export type RsaKeyPair = RsaKeyPairNode; export { isRsaPssAlg, jwtAlgToNodeAlg, jwtAlgToWebCryptoAlg } from './jwt-alg'; /** * Get the crypto provider for the current runtime environment. * Resolved at build time via the `#crypto-provider` conditional import. */ export declare function getCrypto(): CryptoProvider; /** * Verify an RSA signature. * * Cross-platform: uses Node.js `crypto` module in Node environments, * and WebCrypto `crypto.subtle.verify()` in browsers. * * @param jwtAlg - JWT algorithm identifier (e.g. 'RS256', 'PS256') * @param data - The signed data bytes * @param publicJwk - Public key in JWK format * @param signature - The signature bytes * @returns Promise resolving to true if the signature is valid */ export declare function rsaVerify(jwtAlg: string, data: Buffer | Uint8Array, publicJwk: JsonWebKey, signature: Buffer | Uint8Array): Promise; /** * Sign data with an RSA private JWK and return a base64url-encoded signature. * * Node-only: signs synchronously using `crypto.createPrivateKey` + `crypto.sign`. * Throws in non-Node runtimes since WebCrypto requires async key import and * the audit signer needs a synchronous interface; production hosts that need * RS256 audit signing run on Node. * * @param jwtAlg - JWT algorithm identifier (e.g. 'RS256', 'PS256') * @param data - Bytes to sign * @param privateJwk - Private key in JWK format * @returns Base64url-encoded signature */ export declare function rsaSignBase64Url(jwtAlg: string, data: Buffer | Uint8Array, privateJwk: JsonWebKey): string; /** * Synchronous companion to {@link rsaVerify}. Node-only — server-side audit * verifiers and bundle signature verifiers need a sync surface so the * `AuditSignatureVerifier` interface stays single-await for hot paths. * * Accepts RSA, RSA-PSS, and EdDSA (Ed25519) keys in JWK form. Returns * `false` (never throws) on malformed keys / unsupported algs. * * @param jwtAlg - JWT algorithm identifier (`'RS256'`, `'PS256'`, `'EdDSA'`, ...) * @param data - The signed data bytes * @param publicJwk - Public key in JWK format * @param signature - Raw signature bytes */ export declare function rsaVerifySync(jwtAlg: string, data: Buffer | Uint8Array, publicJwk: JsonWebKey, signature: Buffer | Uint8Array): boolean; /** * Convert a PEM-encoded public key (SPKI) into a JWK so callers can route * verification through {@link rsaVerifySync}. Node-only. * * Throws on malformed PEM — server-side callers should catch and translate * to a structured failure reason. */ export declare function pemToPublicJwk(pem: string): JsonWebKey; /** * Generate an RSA key pair (Node-only). Re-exported here so test code and * host bootstrap don't have to reach into `node:crypto` directly. * * @param modulusLength - Key size in bits (default: 2048) * @param alg - JWT algorithm (default: 'RS256') */ export declare function generateRsaKeyPair(modulusLength?: number, alg?: string): RsaKeyPair; /** * Generate a UUID v4 string. */ export declare function randomUUID(): string; /** * Generate cryptographically secure random bytes. * @param length - Number of bytes to generate (must be a positive integer) * @throws Error if length is not a positive integer */ export declare function randomBytes(length: number): Uint8Array; /** * Compute SHA-256 hash. */ export declare function sha256(data: string | Uint8Array): Uint8Array; /** * Compute SHA-256 hash and return as hex string. */ export declare function sha256Hex(data: string | Uint8Array): string; /** * Compute HMAC-SHA256. */ export declare function hmacSha256(key: Uint8Array, data: Uint8Array): Uint8Array; /** * HKDF-SHA256 key derivation (RFC 5869). * @param ikm - Input keying material * @param salt - Salt value (can be empty) * @param info - Context and application specific information * @param length - Length of output keying material in bytes (1 to 8160) * @throws Error if length is not a positive integer or exceeds HKDF limits */ export declare function hkdfSha256(ikm: Uint8Array, salt: Uint8Array, info: Uint8Array, length: number): Uint8Array; /** * Encrypt using AES-256-GCM. * @param key - 32-byte encryption key (AES-256) * @param plaintext - Data to encrypt * @param iv - 12-byte initialization vector (96 bits, recommended for GCM) * @throws Error if key is not 32 bytes or IV is not 12 bytes */ export declare function encryptAesGcm(key: Uint8Array, plaintext: Uint8Array, iv: Uint8Array): { ciphertext: Uint8Array; tag: Uint8Array; }; /** * Decrypt using AES-256-GCM. * @param key - 32-byte encryption key (AES-256) * @param ciphertext - Encrypted data * @param iv - 12-byte initialization vector (96 bits) * @param tag - 16-byte authentication tag * @throws Error if key is not 32 bytes, IV is not 12 bytes, or tag is not 16 bytes */ export declare function decryptAesGcm(key: Uint8Array, ciphertext: Uint8Array, iv: Uint8Array, tag: Uint8Array): Uint8Array; /** * Constant-time comparison to prevent timing attacks. * @param a - First byte array to compare * @param b - Second byte array to compare * @throws Error if arrays have different lengths */ export declare function timingSafeEqual(a: Uint8Array, b: Uint8Array): boolean; /** * Convert a Uint8Array to hex string. */ export declare function bytesToHex(data: Uint8Array): string; /** * Encode a Uint8Array to base64url string. * RFC 4648 Section 5: Base64 with URL and filename safe alphabet. */ export declare function base64urlEncode(data: Uint8Array): string; /** * Decode a base64url string to Uint8Array. */ export declare function base64urlDecode(data: string): Uint8Array; /** * Encode a Uint8Array to standard base64 string. * RFC 4648 Section 4: Uses +/= characters, suitable for HTTP Basic auth. */ export declare function base64Encode(data: Uint8Array): string; /** * Decode a standard base64 string to Uint8Array. */ export declare function base64Decode(data: string): Uint8Array; /** * Compute SHA-256 hash and return as base64url string. * Commonly used for PKCE code_challenge (S256 method). */ export declare function sha256Base64url(data: string | Uint8Array): string; export type { CryptoProvider, EncBlob }; export { isNode, isBrowser, assertNode } from './runtime'; export { type EncryptedBlob, EncryptedBlobError, encryptValue, decryptValue, tryDecryptValue, serializeBlob, deserializeBlob, tryDeserializeBlob, isValidEncryptedBlob, encryptAndSerialize, deserializeAndDecrypt, tryDeserializeAndDecrypt, } from './encrypted-blob'; export { MIN_CODE_VERIFIER_LENGTH, MAX_CODE_VERIFIER_LENGTH, DEFAULT_CODE_VERIFIER_LENGTH, PkceError, generateCodeVerifier, generateCodeChallenge, verifyCodeChallenge, generatePkcePair, isValidCodeVerifier, isValidCodeChallenge, type PkcePair, } from './pkce'; export { type SecretData, type SecretPersistenceOptions, type SecretValidationResult, secretDataSchema, validateSecretData, parseSecretData, isSecretPersistenceEnabled, resolveSecretPath, loadSecret, saveSecret, deleteSecret, generateSecret, createSecretData, getOrCreateSecret, clearCachedSecret, isSecretCached, } from './secret-persistence'; export { type SignedData, type HmacSigningConfig, signData, verifyData, isSignedData, verifyOrParseData, } from './hmac-signing'; export { type BaseKeyData, type SecretKeyData, type AsymmetricKeyData, type AnyKeyData, type KeyPersistenceOptions, type CreateKeyPersistenceOptions, type CreateSecretOptions, type CreateAsymmetricOptions, type KeyValidationResult, asymmetricAlgSchema, secretKeyDataSchema, asymmetricKeyDataSchema, anyKeyDataSchema, validateKeyData, parseKeyData, isSecretKeyData, isAsymmetricKeyData, KeyPersistence, createKeyPersistence, createKeyPersistenceWithStorage, } from './key-persistence';