import * as _sd_jwt_types from '@sd-jwt/types'; import { Signer, Base64urlString, Verifier, kbHeader, kbPayload, KbVerifier, JwtPayload, SDJWTCompact, Hasher, PresentationFrame, DisclosureFrame, HasherAndAlg, SaltGenerator, SDJWTConfig, KBOptions } from '@sd-jwt/types'; import { Disclosure } from '@sd-jwt/utils'; type FlattenJSONData = { jwtData: { protected: string; payload: string; signature: string; }; disclosures: Array; kb_jwt?: string; }; type FlattenJSONSerialized = { payload: string; signature: string; protected: string; header: { disclosures: Array; kb_jwt?: string; }; }; declare class FlattenJSON { disclosures: Array; kb_jwt?: string; payload: string; signature: string; protected: string; constructor(data: FlattenJSONData); static fromEncode(encodedSdJwt: string): FlattenJSON; static fromSerialized(json: FlattenJSONSerialized): FlattenJSON; toJson(): FlattenJSONSerialized; toEncoded(): string; } type GeneralJSONData = { payload: string; disclosures: Array; kb_jwt?: string; signatures: Array<{ protected: string; signature: string; kid?: string; }>; }; type GeneralJSONSerialized = { payload: string; signatures: Array<{ header: { disclosures?: Array; kid?: string; kb_jwt?: string; }; protected: string; signature: string; }>; }; declare class GeneralJSON { payload: string; disclosures: Array; kb_jwt?: string; signatures: Array<{ protected: string; signature: string; kid?: string; }>; constructor(data: GeneralJSONData); static fromEncode(encodedSdJwt: string): GeneralJSON; static fromSerialized(json: GeneralJSONSerialized): GeneralJSON; toJson(): { payload: string; signatures: ({ header: { kid: string | undefined; disclosures?: undefined; kb_jwt?: undefined; }; protected: string; signature: string; } | { header: { disclosures: string[]; kid: string | undefined; kb_jwt: string | undefined; }; protected: string; signature: string; })[]; }; toEncoded(index: number): string; addSignature(protectedHeader: Record, signer: Signer, kid?: string): Promise; } type JwtData

, Payload extends Record> = { header?: Header; payload?: Payload; signature?: Base64urlString; encoded?: string; }; /** * Options for the JWT verifier */ type VerifierOptions = { /** * current time in seconds since epoch */ currentDate?: number; /** * allowed skew for the current time in seconds. Positive value that will lower the iat and nbf checks, and increase the exp check. */ skewSeconds?: number; /** * required claim keys for the payload. * If the payload does not contain these keys, the verification will fail. */ requiredClaimKeys?: string[]; /** * nonce used to verify the key binding jwt to prevent replay attacks. */ keyBindingNonce?: string; /** * any other custom options */ [key: string]: unknown; }; declare class Jwt

= Record, Payload extends Record = Record> { header?: Header; payload?: Payload; signature?: Base64urlString; private encoded?; constructor(data?: JwtData); static decodeJWT

= Record, Payload extends Record = Record>(jwt: string): { header: Header; payload: Payload; signature: Base64urlString; }; static fromEncode

= Record, Payload extends Record = Record>(encodedJwt: string): Jwt; setHeader(header: Header): Jwt; setPayload(payload: Payload): Jwt; protected getUnsignedToken(): string; sign(signer: Signer): Promise; encodeJwt(): string; /** * Verify the JWT using the provided verifier function. * It checks the signature and validates the iat, nbf, and exp claims if they are present. * @param verifier * @param options - Options for verification, such as current date and skew seconds * @returns */ verify(verifier: Verifier, options?: T & VerifierOptions): Promise<{ payload: Payload | undefined; header: Header | undefined; }>; } declare class KBJwt

extends Jwt { verifyKB(values: { verifier: KbVerifier; payload: JwtPayload; nonce: string; }): Promise<{ payload: Payload; header: Header; }>; static fromKBEncode

(encodedJwt: string): KBJwt; } type SDJwtData

, Payload extends Record, KBHeader extends kbHeader = kbHeader, KBPayload extends kbPayload = kbPayload> = { jwt?: Jwt; disclosures?: Array; kbJwt?: KBJwt; }; declare class SDJwt

= Record, Payload extends Record = Record, KBHeader extends kbHeader = kbHeader, KBPayload extends kbPayload = kbPayload> { jwt?: Jwt; disclosures?: Array; kbJwt?: KBJwt; constructor(data?: SDJwtData); static decodeSDJwt

= Record, Payload extends Record = Record, KBHeader extends kbHeader = kbHeader, KBPayload extends kbPayload = kbPayload>(sdjwt: SDJWTCompact, hasher: Hasher): Promise<{ jwt: Jwt; disclosures: Array; kbJwt?: KBJwt; }>; static extractJwt

= Record, Payload extends Record = Record>(encodedSdJwt: SDJWTCompact): Promise>; static fromEncode

= Record, Payload extends Record = Record, KBHeader extends kbHeader = kbHeader, KBPayload extends kbPayload = kbPayload>(encodedSdJwt: SDJWTCompact, hasher: Hasher): Promise>; present>(presentFrame: PresentationFrame | undefined, hasher: Hasher): Promise; getPresentDisclosures>(presentFrame: PresentationFrame | undefined, hasher: Hasher): Promise[]>; encodeSDJwt(): SDJWTCompact; keys(hasher: Hasher): Promise; presentableKeys(hasher: Hasher): Promise; getClaims(hasher: Hasher): Promise; } declare const listKeys: (obj: Record, prefix?: string) => string[]; declare const pack: >(claims: T, disclosureFrame: DisclosureFrame | undefined, hash: HasherAndAlg, saltGenerator: SaltGenerator) => Promise<{ packedClaims: Record | Array>; disclosures: Array; }>; declare const createDecoy: (hash: HasherAndAlg, saltGenerator: SaltGenerator) => Promise; type SdJwtPayload = Record; declare class SDJwtInstance { protected type?: string; static readonly DEFAULT_hashAlg = "sha-256"; protected userConfig: SDJWTConfig; constructor(userConfig?: SDJWTConfig); private createKBJwt; private SignJwt; private VerifyJwt; issue(payload: Payload, disclosureFrame?: DisclosureFrame, options?: { header?: object; }): Promise; /** * Validates if the disclosureFrame contains any reserved fields. If so it will throw an error. * @param disclosureFrame * @returns */ protected validateReservedFields(_disclosureFrame: DisclosureFrame): void; present>(encodedSDJwt: string, presentationFrame?: PresentationFrame, options?: { kb?: KBOptions; }): Promise; verify(encodedSDJwt: string, options?: T & VerifierOptions): Promise<{ payload: unknown; header: Record | undefined; kb?: undefined; } | { payload: unknown; header: Record | undefined; kb: { payload: _sd_jwt_types.kbPayload; header: _sd_jwt_types.kbHeader; }; }>; private calculateSDHash; /** * This function is for validating the SD JWT * Checking signature, if provided the iat and exp when provided and return its the claims * @param encodedSDJwt * @param options * @returns */ validate(encodedSDJwt: string, options?: T & VerifierOptions): Promise<{ payload: unknown; header: Record | undefined; }>; config(newConfig: SDJWTConfig): void; encode(sdJwt: SDJwt): SDJWTCompact; decode(endcodedSDJwt: SDJWTCompact): Promise, Record, _sd_jwt_types.kbHeader, _sd_jwt_types.kbPayload>>; keys(endcodedSDJwt: SDJWTCompact): Promise; presentableKeys(endcodedSDJwt: SDJWTCompact): Promise; getClaims(endcodedSDJwt: SDJWTCompact): Promise; toFlattenJSON(endcodedSDJwt: SDJWTCompact): FlattenJSON; toGeneralJSON(endcodedSDJwt: SDJWTCompact): GeneralJSON; } declare class SDJwtGeneralJSONInstance { protected type?: string; static readonly DEFAULT_hashAlg = "sha-256"; protected userConfig: SDJWTConfig; constructor(userConfig?: SDJWTConfig); private createKBJwt; private encodeObj; issue(payload: Payload, disclosureFrame: DisclosureFrame | undefined, options: { sigs: Array<{ signer: Signer; alg: string; kid: string; header?: Record; }>; }): Promise; /** * Validates if the disclosureFrame contains any reserved fields. If so it will throw an error. * @param disclosureFrame * @returns */ protected validateReservedFields(_disclosureFrame: DisclosureFrame): void; present>(generalJSON: GeneralJSON, presentationFrame?: PresentationFrame, options?: { kb?: KBOptions; }): Promise; verify(generalJSON: GeneralJSON, options?: VerifierOptions): Promise<{ payload: unknown; headers: any[]; kb?: undefined; } | { payload: unknown; headers: any[]; kb: { payload: _sd_jwt_types.kbPayload; header: _sd_jwt_types.kbHeader; }; }>; private calculateSDHash; validate(generalJSON: GeneralJSON): Promise<{ payload: unknown; headers: any[]; }>; config(newConfig: SDJWTConfig): void; encode(sdJwt: GeneralJSON, index: number): SDJWTCompact; decode(endcodedSDJwt: SDJWTCompact): GeneralJSON; keys(generalSdjwt: GeneralJSON): Promise; presentableKeys(generalSdjwt: GeneralJSON): Promise; getClaims(generalSdjwt: GeneralJSON): Promise; } export { FlattenJSON, type FlattenJSONData, type FlattenJSONSerialized, GeneralJSON, type GeneralJSONData, type GeneralJSONSerialized, Jwt, type JwtData, KBJwt, SDJwt, type SDJwtData, SDJwtGeneralJSONInstance, SDJwtInstance, type SdJwtPayload, type VerifierOptions, createDecoy, listKeys, pack };