/** * acceptable JWS signature algorithm * @see https://www.rfc-editor.org/rfc/rfc7515.html */ export type JWSAlgorithmName = "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512"; /** * sign JWS (JSON Web Signature) * @param alg - JWS signature algorithm * @param keyobjOrString - key for verification. CryptoKey object, PKCS#8 PEM private key or HMAC hexadecimal key string * @param header - JWS header * @param payload - JWS payload * @return JWS signature string * @see https://www.rfc-editor.org/rfc/rfc7515.html * @example * await signJWS("RS256", prvkey, "eyJOe..", "eyJpc...") -> "eyJOe..." * await signJWS("PS256", "-----BEGIN PRIVATE...", "eyJOe..", "eyJpc...") -> "eyJOe..." * await signJWS("ES256", "-----BEGIN PRIVATE...", "eyJOe..", "eyJpc...") -> "eyJOe..." * await signJWS("HS256", "12ab34...", "eyJOe..", "eyJpc...") -> "eyJOe..." */ export declare function signJWS(alg: JWSAlgorithmName, keyobjOrString: CryptoKey | string, header: string, payload: string): Promise; /** * verifiy JWS signature * @param sJWS - JWS signature string * @param keyobjOrString - key for verification. CryptoKey object, PKCS#8 PEM public key or HMAC hexadecimal key string * @param acceptAlgs - acceptable JWS signature algorithm to avoid downgrade attacks (OPTION) * @return true if JWS signature is valid * @see https://www.rfc-editor.org/rfc/rfc7515.html * @see {@link verifyJWT} * @example * await verifyJWS("eJYOe...", pubkey) -> true/false * await verifyJWS("eJYOe...", pubkey, ["RS512", "PS512"]) -> true/false * await verifyJWS("eJYOe...", "-----BEGIN PUBLIC...", ["ES512"]) -> true/false * await verifyJWS("eJYOe...", "12ab34...", ["HS512"]) -> true/false */ export declare function verifyJWS(sJWS: string, keyobjOrString: CryptoKey | string, acceptAlgs?: Array): Promise; /** * verify parameters for {@link verifyJWT} */ export interface JWTVerifyOption { /** acceptable JWS algorithm */ alg: string[]; /** acceptable JWT issuer claim */ iss?: string[]; /** acceptable JWT subject claim */ sub?: string[]; /** acceptable JWT audience claim */ aud?: string[]; /** time in second from Unix origin to verify */ verifyAt?: number; /** acceptable JWT ID claim */ jti?: string; /** acceptable time difference seconds to relax nbf and exp */ gracePeriod?: number; } /** * verify JWT (JSON Web Token) * @param sJWT - JWT string to verify * @param keyobjOrString - key for verification. CryptoKey object, PKCS#8 PEM public key or HMAC hexadecimal key string * @param verifyOption - verify parameters * @throws Error if JWT can't be verified * @return true if successfully verified * @see https://www.rfc-editor.org/rfc/rfc7519 * @see {@link verifyJWS} * @example * const key = await getHMACKey("hmacSHA256", "12ab..."); * await verifyJWT("eyJhb...", key, { * alg: ["HS256", "HS384"], * iss: ["https://jwt-idp.example.com"], * sub: ["mailto:mike@example.com", "mailto:joe@example.com"], * aud: ["http://foo1.com"], * jti: "id123456", * }) -> true/false * await verifyJWT("eyJ...", "-----BEGIN PUBLIC...", {...}) -> true/false */ export declare function verifyJWT(sJWT: string, keyobjOrString: CryptoKey | string, verifyOption: JWTVerifyOption): Promise; /** * get NumericDate of current time * @return NumericDate value * @description * This function returns a current time number of seconds * from Unix origin time (i.e. 1970-01-01T00:00:00Z UTC). * @example * getnow() -> 1716204320 */ export declare function getnow(): number; /** * parse JWS/JWT header and payload * @param sJWS - JWS signature string * @return array of parsed JWS header and payload object * @description * This function parses a header and a payload of JWS/JWT string * as JSON objects. * @example * parseJWT("eyJhbGciOiJFUzI1NiJ9.eyJmcnVpdCI6ImFwcGxlIn0.YWFh") -> * [{"alg":"ES256"},{"fruit":"apple"}] * @since 0.4.0 */ export declare function parseJWT(sJWS: string): [object, object]; //# sourceMappingURL=index.d.mts.map