import { CoreBuffer, CryptoCipher, CryptoEncryptionAlgorithm, CryptoExchangeKeypair, CryptoExchangePublicKey, CryptoExchangeSecrets, CryptoSecretKey, CryptoSignature, CryptoSignatureKeypair, CryptoSignaturePrivateKey, CryptoSignaturePublicKey } from "@nmshd/crypto"; import { TransportVersion } from "./types/TransportVersion"; export declare abstract class CoreCrypto { /** * Generates a keypair for digital signatures. Depending on the given version, different algorithms are used: * * v1: ECDSA_P521 * * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving into a new CryptoKeypair */ static generateSignatureKeypair(version?: TransportVersion): Promise; /** * Generates a keypair for key exchange (public key encryption). * Depending on the given version, different algorithms are used: * * v1: ECDH_P521 * * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving into a new CryptoKeypair */ static generateExchangeKeypair(version?: TransportVersion): Promise; /** * Generates a secret key for symmetric encryption. Depending on the given version, different algorithms are used: * * v1: AES256_GCM * * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving into a new CryptoSecretKey */ static generateSecretKey(version?: TransportVersion): Promise; /** * Generates a high entropy key / hash derived from a low entropy human readable/memorable master password, a unique salt, * the given symmetric algorithm and the version. Depending on the given version, different key derivation algorithms are used. * Careful, the symmetric algorithm possibly needs to be manually changed depending on the version in addition to * the version. * * @param password The master password as utf-8 encoded string * @param salt A salt which is unique to this user/password instance, needs to by 16 byte long. * @param algorithm The CryptoEncryptionAlgorithm for which the secret needs to be created * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving in a [[CryptoSecretKey]]. */ static deriveKeyFromPassword(password: string, salt: CoreBuffer, algorithm?: CryptoEncryptionAlgorithm, version?: TransportVersion): Promise; static deriveHashOutOfPassword(password: string, salt: CoreBuffer, version?: TransportVersion): Promise; static deriveKeyFromBase(secret: CryptoSecretKey | CoreBuffer, keyId: number, context: string, keyAlgorithm?: CryptoEncryptionAlgorithm): Promise; static deriveClient(client: CryptoExchangeKeypair, serverPublicKey: CryptoExchangePublicKey, keyAlgorithm?: CryptoEncryptionAlgorithm, version?: TransportVersion): Promise; static deriveServer(server: CryptoExchangeKeypair, clientPublicKey: CryptoExchangePublicKey, keyAlgorithm?: CryptoEncryptionAlgorithm, version?: TransportVersion): Promise; /** * Digitally signs the given content with the given private key. * * v1: ECDSA_ED25519 with SHA512 hashes * * @param content The content object which should be signed * @param privateKey The private key to sign * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving in a [[CryptoSignature]] object. */ static sign(content: CoreBuffer, privateKey: CryptoSignaturePrivateKey, version?: TransportVersion): Promise; /** * Verifies the digital signature of a given content with the given digital * signature and public key. * * @param content The content object which digital signature should be verified * @param signature The digital signature itself * @param publicKey The public key which should be verified * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving in either true or false, depending whether or not the * digital signature is correct or wrong */ static verify(content: CoreBuffer, signature: CryptoSignature, publicKey: CryptoSignaturePublicKey, version?: TransportVersion): Promise; /** * Encrypt the given content with the given secret key. * * Please use [[deriveKey]], [[generateEncryptionkey]], or [[generatePassword]] to * get a secret key. Never transfer secret key over the wire, the key exchange * algorithms should take care of that. * * @param content The content object which should be encrypted * @param secretKey The secret key for the encryption * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving in a [[CryptoCipher]] object. */ static encrypt(content: CoreBuffer, secretKey: CryptoSecretKey, version?: TransportVersion): Promise; /** * Decrypts the given cipher with the given secret key. * * Please use [[deriveKey]], [[generateEncryptionkey]], or [[generatePassword]] to * get a secret key. Never transfer secret key over the wire, the key exchange * algorithms should take care of that. * * @param cipher The content object which should be encrypted. * @param secretKey The secret key for the encryption * @param version The version which should be used, "latest" is the default. * @returns A Promise object resolving with the decrypted content */ static decrypt(cipher: CryptoCipher, secretKey: CryptoSecretKey, version?: TransportVersion): Promise; /** * Creates a random buffer with the given size * * @param size The length of bytes which should be randomly filled. * @returns A Promise object resolving in a randomly filled Buffer of given length. */ static random(size: number): Promise; static createAccountPassword(): Promise; private static invalidVersion; } //# sourceMappingURL=CoreCrypto.d.ts.map