import type { JWK, KeyLike } from '../types'; export interface PEMImportOptions { /** * (Only effective in Web Crypto API runtimes) The value to use as {@link !SubtleCrypto.importKey} * `extractable` argument. Default is false. */ extractable?: boolean; } /** * Imports a PEM-encoded SPKI string as a runtime-specific public key representation * ({@link !KeyObject} or {@link !CryptoKey}). * * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption * (1.2.840.113549.1.1.1) instead for all RSA algorithms. * * This function is exported (as a named export) from the main `'jose'` module entry point as well * as from its subpath export `'jose/key/import'`. * * @param spki PEM-encoded SPKI string * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used * with the imported key, its presence is only enforced in Web Crypto API runtimes. See * {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}. */ export declare function importSPKI(spki: string, alg: string, options?: PEMImportOptions): Promise; /** * Imports the SPKI from an X.509 string certificate as a runtime-specific public key representation * ({@link !KeyObject} or {@link !CryptoKey}). * * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption * (1.2.840.113549.1.1.1) instead for all RSA algorithms. * * This function is exported (as a named export) from the main `'jose'` module entry point as well * as from its subpath export `'jose/key/import'`. * * @param x509 X.509 certificate string * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used * with the imported key, its presence is only enforced in Web Crypto API runtimes. See * {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}. */ export declare function importX509(x509: string, alg: string, options?: PEMImportOptions): Promise; /** * Imports a PEM-encoded PKCS#8 string as a runtime-specific private key representation * ({@link !KeyObject} or {@link !CryptoKey}). * * Note: The OID id-RSASSA-PSS (1.2.840.113549.1.1.10) is not supported in * {@link https://w3c.github.io/webcrypto/ Web Cryptography API}, use the OID rsaEncryption * (1.2.840.113549.1.1.1) instead for all RSA algorithms. * * This function is exported (as a named export) from the main `'jose'` module entry point as well * as from its subpath export `'jose/key/import'`. * * @param pkcs8 PEM-encoded PKCS#8 string * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used * with the imported key, its presence is only enforced in Web Crypto API runtimes. See * {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}. */ export declare function importPKCS8(pkcs8: string, alg: string, options?: PEMImportOptions): Promise; /** * Imports a JWK to a runtime-specific key representation (KeyLike). Either the JWK "alg" * (Algorithm) Parameter, or the optional "alg" argument, must be present. * * Note: When the runtime is using {@link https://w3c.github.io/webcrypto/ Web Cryptography API} the * jwk parameters "use", "key_ops", and "ext" are also used in the resulting {@link !CryptoKey}. * * This function is exported (as a named export) from the main `'jose'` module entry point as well * as from its subpath export `'jose/key/import'`. * * @param jwk JSON Web Key. * @param alg (Only effective in Web Crypto API runtimes) JSON Web Algorithm identifier to be used * with the imported key. Default is the "alg" property on the JWK, its presence is only enforced * in Web Crypto API runtimes. See * {@link https://github.com/panva/jose/issues/210 Algorithm Key Requirements}. */ export declare function importJWK(jwk: JWK, alg?: string): Promise;