@owf/mdoc 0.6.0-alpha-20260225221529

package/dist/index.d.mts

@@ -0,0 +1,1928 @@
+import { Options } from "cbor-x";
+import z$1, { z } from "zod";
+
+//#region src/cbor/cbor-structure.d.ts
+type CborEncodeOptions = {
+  asDataItem?: boolean;
+};
+type AnyCborStructure = CborStructure<any, any>;
+type EncodedStructureType<T> = T extends CborStructure<infer EncodedStructure, unknown> ? EncodedStructure : any;
+type DecodedStructureType<T> = T extends CborStructure<unknown, infer DecodedStructure> ? DecodedStructure : any;
+type CborStructureStaticThis<T extends AnyCborStructure> = {
+  new (structure: any): T;
+  encodingSchema: z.ZodType<any, any, any> | undefined;
+  fromEncodedStructure: (encodedStructure: EncodedStructureType<T>) => {
+    decodedStructure: DecodedStructureType<T>;
+  };
+};
+declare class CborStructure<EncodedStructure = unknown, DecodedStructure = EncodedStructure> {
+  protected structure: DecodedStructure;
+  constructor(structure: DecodedStructure);
+  get decodedStructure(): DecodedStructure;
+  /**
+   * Static getter for the Zod codec schema that defines the CBOR structure.
+   * Subclasses CAN override this to provide their specific schema for automatic encoding/decoding.
+   * The schema should be a Zod schema or codec that handles validation and transformation.
+   * If not provided, subclasses must override encode(), decode(), and fromEncodedStructure().
+   */
+  static get encodingSchema(): z.ZodType | undefined;
+  /**
+   * Returns the encoded structure that will be serialized to CBOR.
+   * By default, returns the protected structure property.
+   * Override if custom encoding logic is needed.
+   */
+  get encodedStructure(): EncodedStructure;
+  /**
+   * Encodes this structure to CBOR bytes.
+   */
+  encode(options?: CborEncodeOptions): Uint8Array;
+  /**
+   * Decodes CBOR bytes into a structure instance.
+   * Uses the encodingSchema's decode() method to validate and transform the decoded data.
+   */
+  static decode<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, bytes: Uint8Array): T;
+  /**
+   * Creates a structure instance from the encoded CBOR structure (after calling cborDecode).
+   *
+   * Uses the encodingSchema's decode() method to validate and transform the structure if available.
+   * Otherwise, subclasses must override this method.
+   */
+  static fromEncodedStructure<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, encodedStructure: EncodedStructureType<T>): T;
+  static fromDataItem<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, dataItem: unknown): T;
+  /**
+   * Creates a structure instance from the decoded structure.
+   *
+   * Uses the encodingSchema's parse method to validate the structure if available.
+   * Otherwise, subclasses must override this method.
+   */
+  static fromDecodedStructure<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, decodedStructure: DecodedStructureType<T>): T;
+}
+//#endregion
+//#region src/cbor/data-item.d.ts
+type DataItemOptions<T = unknown> = {
+  data: T;
+  buffer: Uint8Array;
+} | {
+  data: T;
+} | {
+  buffer: Uint8Array;
+};
+/**
+ * DataItem is an extension defined https://www.rfc-editor.org/rfc/rfc8949.html#name-encoded-cbor-data-item
+ *  > Sometimes it is beneficial to carry an embedded CBOR data item that is
+ *  > not meant to be decoded immediately at the time the enclosing data item is being decoded.
+ *
+ * The idea of this class is to provide lazy encode and decode of cbor data.
+ *
+ * Due to a bug in the cbor-x library, we are eagerly encoding the data in the constructor.
+ * https://github.com/kriszyp/cbor-x/issues/83
+ *
+ */
+declare class DataItem<T = unknown> {
+  #private;
+  constructor(options: DataItemOptions<T>);
+  get data(): T;
+  get buffer(): Uint8Array;
+  static fromData<T>(data: T): DataItem<T>;
+  static fromBuffer<T>(buffer: Uint8Array): DataItem<T>;
+}
+//#endregion
+//#region src/cbor/models/date-only.d.ts
+declare const customInspectSymbol: unique symbol;
+declare class DateOnly {
+  private date;
+  constructor(date?: string);
+  get [Symbol.toStringTag](): string;
+  toString(): string;
+  toJSON(): string;
+  toISOString(): string;
+  [customInspectSymbol](): string;
+}
+//#endregion
+//#region src/cbor/parser.d.ts
+type CborOptions = Options & {
+  unwrapTopLevelDataItem?: boolean;
+};
+declare const cborDecode: <T>(input: Uint8Array, options?: CborOptions) => T;
+declare const cborEncode: (obj: unknown, options?: Options) => Uint8Array;
+//#endregion
+//#region src/cose/error.d.ts
+declare class CoseError extends Error {
+  constructor(message?: string);
+}
+declare class CoseUnsupportedMacError extends CoseError {}
+declare class CoseInvalidSignatureError extends CoseError {}
+declare class CoseInvalidAlgorithmError extends CoseError {}
+declare class CosePayloadMustBeNullError extends CoseError {}
+declare class CosePayloadMustBeDefinedError extends CoseError {}
+declare class CosePayloadInvalidStructureError extends CoseError {}
+declare class CoseInvalidTypeForKeyError extends CoseError {}
+declare class CoseInvalidValueForKtyError extends CoseError {}
+declare class CoseInvalidKtyForRawError extends CoseError {}
+declare class CoseXNotDefinedError extends CoseError {}
+declare class CoseYNotDefinedError extends CoseError {}
+declare class CoseDNotDefinedError extends CoseError {}
+declare class CoseKNotDefinedError extends CoseError {}
+declare class CoseEphemeralMacKeyIsRequiredError extends CoseError {}
+declare class CoseCertificateNotFoundError extends CoseError {}
+declare class CoseKeyTypeNotSupportedForPrivateKeyExtractionError extends CoseError {}
+//#endregion
+//#region src/cose/headers/defaults.d.ts
+declare enum Header {
+  Algorithm = 1,
+  Critical = 2,
+  ContentType = 3,
+  KeyId = 4,
+  Iv = 5,
+  PartialIv = 6,
+  CounterSignature = 7,
+  CounterSignature0 = 9,
+  CounterSignatureV2 = 11,
+  CounterSignature0V2 = 12,
+  X5Bag = 32,
+  X5Chain = 33,
+  X5T = 34,
+  X5U = 35
+}
+declare enum SignatureAlgorithm {
+  EdDSA = -8,
+  ES256 = -7,
+  ES384 = -35,
+  ES512 = -36,
+  PS256 = -37,
+  PS384 = -38,
+  PS512 = -39,
+  RS256 = -257,
+  RS384 = -258,
+  RS512 = -259
+}
+declare enum MacAlgorithm {
+  HS256 = 5,
+  HS384 = 6,
+  HS512 = 7
+}
+declare enum EncryptionAlgorithm {
+  A128GCM = 1,
+  A192GCM = 2,
+  A256GCM = 3,
+  Direct = -6
+}
+type DigestAlgorithm = 'SHA-256' | 'SHA-384' | 'SHA-512';
+//#endregion
+//#region src/cose/headers/protected-headers.d.ts
+declare const protectedHeadersEncodedStructure: z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+declare const protectedHeadersDecodedStructure: z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>;
+type ProtectedHeadersDecodedStructure = z$1.infer<typeof protectedHeadersDecodedStructure>;
+type ProtectedHeadersEncodedStructure = z$1.infer<typeof protectedHeadersEncodedStructure>;
+type ProtectedHeaderOptions = {
+  protectedHeaders?: ProtectedHeadersDecodedStructure;
+};
+declare class ProtectedHeaders extends CborStructure<ProtectedHeadersEncodedStructure, ProtectedHeadersDecodedStructure> {
+  static get encodingSchema(): z$1.ZodCodec<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>>;
+  get headers(): Map<number, unknown>;
+  static create(options: ProtectedHeaderOptions): ProtectedHeaders;
+}
+//#endregion
+//#region src/cose/headers/unprotected-headers.d.ts
+declare const unprotectedHeadersStructure: z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>;
+type UnprotectedHeadersStructure = z$1.infer<typeof unprotectedHeadersStructure>;
+type UnprotectedHeaderOptions = {
+  unprotectedHeaders?: UnprotectedHeadersStructure;
+};
+declare class UnprotectedHeaders extends CborStructure<UnprotectedHeadersStructure> {
+  static get encodingSchema(): z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>;
+  get headers(): Map<number, unknown>;
+  static create(options: UnprotectedHeaderOptions): UnprotectedHeaders;
+}
+//#endregion
+//#region src/cose/key/curve.d.ts
+declare enum Curve {
+  'P-256' = 1,
+  'P-384' = 2,
+  'P-521' = 3,
+  X25519 = 4,
+  X448 = 5,
+  Ed25519 = 6,
+  Ed448 = 7
+}
+//#endregion
+//#region src/utils/transformers.d.ts
+declare const base64: {
+  decode: (base64: string) => Uint8Array;
+  encode: (bytes: Uint8Array) => string;
+};
+declare const base64url: {
+  decode: (base64url: string) => Uint8Array;
+  encode: (bytes: Uint8Array) => string;
+};
+declare const hex: {
+  decode: (hex: string) => Uint8Array;
+  encode: (bytes: Uint8Array) => string;
+};
+declare const bytesToString: (bytes: Uint8Array) => string;
+declare const stringToBytes: (str: string) => Uint8Array;
+declare const concatBytes: (byteArrays: Array<Uint8Array>) => Uint8Array;
+declare const compareBytes: (lhs: Uint8Array, rhs: Uint8Array) => boolean;
+//#endregion
+//#region src/utils/typed-map.d.ts
+/**
+ * TypedMap provides compile-time type safety for Maps where each key has its own specific value type.
+ * Unlike Map<K, V> which has the same value type V for all keys, TypedMap<Schema, OptionalKeys>
+ * allows different value types per key (heterogeneous values).
+ *
+ * Example:
+ *   type CoseKeySchema = {
+ *     [CoseKeyParameter.KeyType]: KeyType     // number key → KeyType value
+ *     [CoseKeyParameter.Curve]: Curve         // number key → Curve value
+ *     [CoseKeyParameter.X]: Uint8Array        // number key → Uint8Array value
+ *   }
+ *
+ *   const map = new TypedMap<CoseKeySchema>()
+ *   map.get(CoseKeyParameter.KeyType)  // TypeScript knows this is KeyType!
+ *   map.get(CoseKeyParameter.Curve)    // TypeScript knows this is Curve!
+ *   map.get(CoseKeyParameter.X)        // TypeScript knows this is Uint8Array!
+ *
+ * @template Schema - Object type mapping keys to their value types
+ * @template OptionalKeys - Union of keys that are optional (can be absent)
+ */
+declare class TypedMap<Schema extends Record<PropertyKey, any>, OptionalKeys extends keyof Schema = never> {
+  private readonly map;
+  constructor(entries?: (readonly [keyof Schema, Schema[keyof Schema]])[] | null);
+  static fromMap<Schema extends Record<PropertyKey, any>, OptionalKeys extends keyof Schema = never>(map: Map<any, any>): TypedMap<Schema, OptionalKeys>;
+  /**
+   * Type-safe get that returns the correct value type for each key.
+   * Required keys return T, optional keys return T | undefined.
+   */
+  get<K extends keyof Schema>(key: K): K extends OptionalKeys ? Schema[K] | undefined : Schema[K];
+  /**
+   * Type-safe set that ensures the value matches the key's type
+   */
+  set<K extends keyof Schema>(key: K, value: Schema[K]): this;
+  has(key: keyof Schema): boolean;
+  delete(key: keyof Schema): boolean;
+  clear(): void;
+  get size(): number;
+  keys(): IterableIterator<keyof Schema>;
+  values(): IterableIterator<Schema[keyof Schema]>;
+  entries(): IterableIterator<[keyof Schema, Schema[keyof Schema]]>;
+  forEach(callbackfn: (value: Schema[keyof Schema], key: keyof Schema, map: Map<keyof Schema, Schema[keyof Schema]>) => void, thisArg?: any): void;
+  [Symbol.iterator](): IterableIterator<[keyof Schema, Schema[keyof Schema]]>;
+  toMap(): Map<keyof Schema, Schema[keyof Schema]>;
+}
+type EntriesArrayToSchema<T extends ReadonlyArray<readonly [any, any]>> = { [K in T[number][0]]: Extract<T[number], readonly [K, any]>[1] };
+type EntriesBase = ReadonlyArray<readonly [string | number, z.ZodType<any>]>;
+type InferredEntries<Entries extends EntriesBase> = { [K in keyof Entries]: readonly [Entries[K][0], z.infer<Entries[K][1]>] };
+type InferredSchema<Entries extends EntriesBase> = EntriesArrayToSchema<InferredEntries<Entries>>;
+type OptionalKeys<Entries extends EntriesBase> = Entries[number] extends infer E ? E extends readonly [infer K, infer V] ? V extends z.ZodExactOptional<any> ? K : never : never : never;
+/**
+ * Utility function to create a typed map codec.
+ * Takes an array of [key, valueSchema] entries to support any key type (including non-string keys for CBOR).
+ *
+ * Example:
+ *   const coseKeyMap = typedMap([
+ *     [CoseKeyParameter.KeyType, z.number()],
+ *     [CoseKeyParameter.Curve, z.number()],
+ *     [CoseKeyParameter.X, z.instanceof(Uint8Array)]
+ *   ] as const)
+ *
+ * The resulting schema validates a Map and transforms it to TypedMap<Schema, never>.
+ */
+declare function typedMap<const Entries extends EntriesBase>(entries: Entries, {
+  allowAdditionalKeys,
+  encode,
+  decode
+}?: {
+  /**
+   * Whether to allow additional keys in the typed map
+   *
+   * @default true
+   */
+  allowAdditionalKeys?: boolean;
+  /**
+   * Allows overriding the encode function. The original encode method is passed as second
+   * argument, so you can use this method to pre/post process
+   */
+  encode?: (decoded: TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>, originalEncode: (decoded: TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>) => Map<unknown, unknown>) => Map<unknown, unknown>;
+  /**
+   * Allows overriding the decode function. The original decode method is passed as second
+   * argument, so you can use this method to pre/post process
+   */
+  decode?: (encoded: Map<unknown, unknown>, originalDecode: (decoded: Map<unknown, unknown>) => TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>) => TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>;
+}): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>, TypedMap<InferredSchema<Entries>, OptionalKeys<Entries>>>>;
+//#endregion
+//#region src/cose/key/key-operation.d.ts
+declare enum KeyOps {
+  Sign = 1,
+  Verify = 2,
+  Encrypt = 3,
+  Decrypt = 4,
+  WrapKey = 5,
+  UnwrapKey = 6,
+  DeriveKey = 7,
+  DeriveBits = 8,
+  MACCreate = 9,
+  MACVerify = 10
+}
+//#endregion
+//#region src/cose/key/key-type.d.ts
+declare enum KeyType {
+  Okp = 1,
+  Ec = 2,
+  Oct = 4,
+  Reserved = 0
+}
+//#endregion
+//#region src/cose/key/key.d.ts
+declare enum CoseKeyParameter {
+  KeyType = 1,
+  KeyId = 2,
+  Algorithm = 3,
+  KeyOps = 4,
+  BaseIv = 5,
+  CurveOrK = -1,
+  X = -2,
+  Y = -3,
+  D = -4
+}
+declare const coseKeySchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  1: string | KeyType;
+  2: string | Uint8Array<ArrayBufferLike>;
+  3: string | number;
+  4: (string | KeyOps)[];
+  5: Uint8Array<ArrayBufferLike>;
+  [-1]: Uint8Array<ArrayBufferLike> | Curve;
+  [-2]: Uint8Array<ArrayBufferLike>;
+  [-3]: Uint8Array<ArrayBufferLike>;
+  [-4]: Uint8Array<ArrayBufferLike>;
+}, CoseKeyParameter.KeyId | CoseKeyParameter.Algorithm | CoseKeyParameter.KeyOps | CoseKeyParameter.BaseIv | CoseKeyParameter.CurveOrK | CoseKeyParameter.X | CoseKeyParameter.Y | CoseKeyParameter.D>, TypedMap<{
+  1: string | KeyType;
+  2: string | Uint8Array<ArrayBufferLike>;
+  3: string | number;
+  4: (string | KeyOps)[];
+  5: Uint8Array<ArrayBufferLike>;
+  [-1]: Uint8Array<ArrayBufferLike> | Curve;
+  [-2]: Uint8Array<ArrayBufferLike>;
+  [-3]: Uint8Array<ArrayBufferLike>;
+  [-4]: Uint8Array<ArrayBufferLike>;
+}, CoseKeyParameter.KeyId | CoseKeyParameter.Algorithm | CoseKeyParameter.KeyOps | CoseKeyParameter.BaseIv | CoseKeyParameter.CurveOrK | CoseKeyParameter.X | CoseKeyParameter.Y | CoseKeyParameter.D>>>;
+type CoseKeyDecodedStructure = z.output<typeof coseKeySchema>;
+type CoseKeyEncodedStructure = z.input<typeof coseKeySchema>;
+type CoseKeyOptions = {
+  keyType: KeyType | string;
+  keyId?: string;
+  algorithm?: string | number;
+  keyOps?: Array<KeyOps | string>;
+  baseIv?: Uint8Array;
+  curve?: Curve;
+  x?: Uint8Array;
+  y?: Uint8Array;
+  d?: Uint8Array;
+  k?: Uint8Array;
+};
+declare class CoseKey extends CborStructure<CoseKeyEncodedStructure, CoseKeyDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    1: string | KeyType;
+    2: string | Uint8Array<ArrayBufferLike>;
+    3: string | number;
+    4: (string | KeyOps)[];
+    5: Uint8Array<ArrayBufferLike>;
+    [-1]: Uint8Array<ArrayBufferLike> | Curve;
+    [-2]: Uint8Array<ArrayBufferLike>;
+    [-3]: Uint8Array<ArrayBufferLike>;
+    [-4]: Uint8Array<ArrayBufferLike>;
+  }, CoseKeyParameter.KeyId | CoseKeyParameter.Algorithm | CoseKeyParameter.KeyOps | CoseKeyParameter.BaseIv | CoseKeyParameter.CurveOrK | CoseKeyParameter.X | CoseKeyParameter.Y | CoseKeyParameter.D>, TypedMap<{
+    1: string | KeyType;
+    2: string | Uint8Array<ArrayBufferLike>;
+    3: string | number;
+    4: (string | KeyOps)[];
+    5: Uint8Array<ArrayBufferLike>;
+    [-1]: Uint8Array<ArrayBufferLike> | Curve;
+    [-2]: Uint8Array<ArrayBufferLike>;
+    [-3]: Uint8Array<ArrayBufferLike>;
+    [-4]: Uint8Array<ArrayBufferLike>;
+  }, CoseKeyParameter.KeyId | CoseKeyParameter.Algorithm | CoseKeyParameter.KeyOps | CoseKeyParameter.BaseIv | CoseKeyParameter.CurveOrK | CoseKeyParameter.X | CoseKeyParameter.Y | CoseKeyParameter.D>>>;
+  get keyType(): string | KeyType;
+  get keyId(): string | undefined;
+  get algorithm(): string | number | undefined;
+  get keyOps(): (string | KeyOps)[] | undefined;
+  get baseIv(): Uint8Array<ArrayBufferLike> | undefined;
+  get curve(): Curve | undefined;
+  get x(): Uint8Array<ArrayBufferLike> | undefined;
+  get y(): Uint8Array<ArrayBufferLike> | undefined;
+  get d(): Uint8Array<ArrayBufferLike> | undefined;
+  get k(): Uint8Array<ArrayBufferLike> | undefined;
+  static create(options: CoseKeyOptions): CoseKey;
+  static fromJwk(jwk: Record<string, unknown>): CoseKey;
+  get publicKey(): Uint8Array<ArrayBufferLike>;
+  get privateKey(): Uint8Array<ArrayBufferLike>;
+  get jwk(): Record<string, unknown>;
+}
+//#endregion
+//#region src/cose/key/jwk.d.ts
+declare const jwkCoseOptionsMap: Record<string, keyof CoseKeyOptions>;
+declare const coseOptionsJwkMap: {
+  [k: string]: string;
+};
+declare const jwkToCoseKey: {
+  kty: (kty?: unknown) => KeyType;
+  crv: (crv?: unknown) => Curve;
+  alg: (alg?: unknown) => MacAlgorithm | SignatureAlgorithm | EncryptionAlgorithm;
+  kid: (kid?: unknown) => unknown;
+  keyOps: (keyOps?: unknown) => KeyOps[] | undefined;
+  x: (s?: unknown) => Uint8Array<ArrayBufferLike> | undefined;
+  y: (s?: unknown) => Uint8Array<ArrayBufferLike> | undefined;
+  d: (s?: unknown) => Uint8Array<ArrayBufferLike> | undefined;
+};
+declare const coseKeyToJwk: {
+  keyType: (keyType: KeyType) => any;
+  keyId: (keyId: unknown) => unknown;
+  algorithm: (algorithm?: SignatureAlgorithm | MacAlgorithm) => any;
+  keyOps: (keyOps?: unknown) => any[] | undefined;
+  baseIv: (baseIv?: unknown) => unknown;
+  curve: (curve?: Curve) => any;
+  x: (x?: Uint8Array) => string | undefined;
+  y: (y?: Uint8Array) => string | undefined;
+  d: (d?: Uint8Array) => string | undefined;
+};
+//#endregion
+//#region src/mdoc/models/ble-options.d.ts
+declare enum BleOptionsKeys {
+  PeripheralServerMode = 0,
+  CentralClientMode = 1,
+  PeripheralServerModeUuid = 10,
+  CentralClientModeUuid = 11,
+  PeripheralServerModeDeviceAddress = 20
+}
+declare const bleOptionsSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  0: boolean;
+  1: boolean;
+  10: Uint8Array<ArrayBufferLike>;
+  11: Uint8Array<ArrayBufferLike>;
+  20: Uint8Array<ArrayBufferLike>;
+}, BleOptionsKeys.PeripheralServerModeUuid | BleOptionsKeys.CentralClientModeUuid | BleOptionsKeys.PeripheralServerModeDeviceAddress>, TypedMap<{
+  0: boolean;
+  1: boolean;
+  10: Uint8Array<ArrayBufferLike>;
+  11: Uint8Array<ArrayBufferLike>;
+  20: Uint8Array<ArrayBufferLike>;
+}, BleOptionsKeys.PeripheralServerModeUuid | BleOptionsKeys.CentralClientModeUuid | BleOptionsKeys.PeripheralServerModeDeviceAddress>>>;
+type BleOptionsEncodedStructure = z.input<typeof bleOptionsSchema>;
+type BleOptionsDecodedStructure = z.output<typeof bleOptionsSchema>;
+type BleOptionsOptions = {
+  peripheralServerMode: boolean;
+  centralClientMode: boolean;
+  peripheralServerModeUuid?: Uint8Array;
+  centralClientModeUuid?: Uint8Array;
+  peripheralServerModeDeviceAddress?: Uint8Array;
+};
+declare class BleOptions extends CborStructure<BleOptionsEncodedStructure, BleOptionsDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    0: boolean;
+    1: boolean;
+    10: Uint8Array<ArrayBufferLike>;
+    11: Uint8Array<ArrayBufferLike>;
+    20: Uint8Array<ArrayBufferLike>;
+  }, BleOptionsKeys.PeripheralServerModeUuid | BleOptionsKeys.CentralClientModeUuid | BleOptionsKeys.PeripheralServerModeDeviceAddress>, TypedMap<{
+    0: boolean;
+    1: boolean;
+    10: Uint8Array<ArrayBufferLike>;
+    11: Uint8Array<ArrayBufferLike>;
+    20: Uint8Array<ArrayBufferLike>;
+  }, BleOptionsKeys.PeripheralServerModeUuid | BleOptionsKeys.CentralClientModeUuid | BleOptionsKeys.PeripheralServerModeDeviceAddress>>>;
+  get peripheralServerMode(): boolean;
+  get centralClientMode(): boolean;
+  get peripheralServerModeUuid(): Uint8Array<ArrayBufferLike> | undefined;
+  get centralClientModeUuid(): Uint8Array<ArrayBufferLike> | undefined;
+  get peripheralServerModeDeviceAddress(): Uint8Array<ArrayBufferLike> | undefined;
+  static create(options: BleOptionsOptions): BleOptions;
+}
+//#endregion
+//#region src/mdoc/models/nfc-options.d.ts
+declare const nfcOptionsSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  0: number;
+  1: number;
+}, never>, TypedMap<{
+  0: number;
+  1: number;
+}, never>>>;
+type NfcOptionsEncodedStructure = z.input<typeof nfcOptionsSchema>;
+type NfcOptionsDecodedStructure = z.output<typeof nfcOptionsSchema>;
+type NfcOptionsOptions = {
+  maxCommandDataLength: number;
+  maxResponseDataLength: number;
+};
+declare class NfcOptions extends CborStructure<NfcOptionsEncodedStructure, NfcOptionsDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    0: number;
+    1: number;
+  }, never>, TypedMap<{
+    0: number;
+    1: number;
+  }, never>>>;
+  get maxCommandDataLength(): number;
+  get maxResponseDataLength(): number;
+  static create(options: NfcOptionsOptions): NfcOptions;
+}
+//#endregion
+//#region src/mdoc/models/wifi-options.d.ts
+declare enum WifiOptionsKeys {
+  Passphrase = 0,
+  OperatingClass = 1,
+  ChannelNumber = 2,
+  SupportedBands = 3
+}
+declare const wifiOptionsSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  0: string;
+  1: number;
+  2: number;
+  3: Uint8Array<ArrayBufferLike>;
+}, WifiOptionsKeys>, TypedMap<{
+  0: string;
+  1: number;
+  2: number;
+  3: Uint8Array<ArrayBufferLike>;
+}, WifiOptionsKeys>>>;
+type WifiOptionsEncodedStructure = z.input<typeof wifiOptionsSchema>;
+type WifiOptionsDecodedStructure = z.output<typeof wifiOptionsSchema>;
+type WifiOptionsOptions = {
+  passphrase?: string;
+  channelInfoOperatingClass?: number;
+  channelInfoChannelNumber?: number;
+  bandInfoSupportedBands?: Uint8Array;
+};
+declare class WifiOptions extends CborStructure<WifiOptionsEncodedStructure, WifiOptionsDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    0: string;
+    1: number;
+    2: number;
+    3: Uint8Array<ArrayBufferLike>;
+  }, WifiOptionsKeys>, TypedMap<{
+    0: string;
+    1: number;
+    2: number;
+    3: Uint8Array<ArrayBufferLike>;
+  }, WifiOptionsKeys>>>;
+  get encodedStructure(): WifiOptionsEncodedStructure;
+  get passphrase(): string | undefined;
+  get channelInfoOperatingClass(): number | undefined;
+  get channelInfoChannelNumber(): number | undefined;
+  get bandInfoSupportedBands(): Uint8Array<ArrayBufferLike> | undefined;
+  static create(options: WifiOptionsOptions): WifiOptions;
+}
+//#endregion
+//#region src/mdoc/models/retrieval-options.d.ts
+type RetrievalOptions = WifiOptions | BleOptions | NfcOptions;
+//#endregion
+//#region src/mdoc/models/device-retrieval-method.d.ts
+declare enum DeviceRetrievalMethodType {
+  Nfc = 1,
+  Ble = 2,
+  WifiAware = 3
+}
+declare const deviceRetrievalMethodEncodedSchema: z.ZodTuple<[z.ZodUnion<[z.ZodEnum<typeof DeviceRetrievalMethodType>, z.ZodNumber]>, z.ZodNumber, z.ZodMap<z.ZodUnknown, z.ZodUnknown>], null>;
+declare const deviceRetrievalMethodDecodedSchema: z.ZodObject<{
+  type: z.ZodUnion<[z.ZodEnum<typeof DeviceRetrievalMethodType>, z.ZodNumber]>;
+  version: z.ZodNumber;
+  retrievalOptions: z.ZodUnion<readonly [z.ZodCustom<NfcOptions, NfcOptions>, z.ZodCustom<BleOptions, BleOptions>, z.ZodCustom<WifiOptions, WifiOptions>, z.ZodMap<z.ZodUnknown, z.ZodUnknown>]>;
+}, z.core.$strip>;
+type DeviceRetrievalMethodEncodedStructure = z.infer<typeof deviceRetrievalMethodEncodedSchema>;
+type DeviceRetrievalMethodDecodedStructure = z.infer<typeof deviceRetrievalMethodDecodedSchema>;
+type DeviceRetrievalMethodOptions = {
+  type: DeviceRetrievalMethodType | number;
+  version: number;
+  retrievalOptions: RetrievalOptions;
+};
+declare class DeviceRetrievalMethod extends CborStructure<DeviceRetrievalMethodEncodedStructure, DeviceRetrievalMethodDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodUnion<[z.ZodEnum<typeof DeviceRetrievalMethodType>, z.ZodNumber]>, z.ZodNumber, z.ZodMap<z.ZodUnknown, z.ZodUnknown>], null>, z.ZodObject<{
+    type: z.ZodUnion<[z.ZodEnum<typeof DeviceRetrievalMethodType>, z.ZodNumber]>;
+    version: z.ZodNumber;
+    retrievalOptions: z.ZodUnion<readonly [z.ZodCustom<NfcOptions, NfcOptions>, z.ZodCustom<BleOptions, BleOptions>, z.ZodCustom<WifiOptions, WifiOptions>, z.ZodMap<z.ZodUnknown, z.ZodUnknown>]>;
+  }, z.core.$strip>>;
+  get type(): number;
+  get version(): number;
+  get retrievalOptions(): Map<unknown, unknown> | NfcOptions | BleOptions | WifiOptions;
+  static create(options: DeviceRetrievalMethodOptions): DeviceRetrievalMethod;
+}
+//#endregion
+//#region src/mdoc/models/protocol-info.d.ts
+declare const protocolInfoSchema: z$1.ZodUnknown;
+type ProtocolInfoStructure = z$1.infer<typeof protocolInfoSchema>;
+declare class ProtocolInfo extends CborStructure<ProtocolInfoStructure> {
+  static get encodingSchema(): z$1.ZodUnknown;
+}
+//#endregion
+//#region src/mdoc/models/e-device-key.d.ts
+type EDeviceKeyDecodedStructure = CoseKeyDecodedStructure;
+type EDeviceKeyEncodedStructure = CoseKeyEncodedStructure;
+type EDeviceKeyOptions = CoseKeyOptions;
+declare class EDeviceKey extends CoseKey {}
+//#endregion
+//#region src/mdoc/models/security.d.ts
+declare const securityEncodedSchema: z.ZodTuple<[z.ZodNumber, z.ZodCustom<DataItem<unknown>, DataItem<unknown>>], null>;
+declare const securityDecodedSchema: z.ZodObject<{
+  cipherSuiteIdentifier: z.ZodNumber;
+  eDeviceKey: z.ZodCustom<EDeviceKey, EDeviceKey>;
+}, z.core.$strip>;
+type SecurityEncodedStructure = z.infer<typeof securityEncodedSchema>;
+type SecurityDecodedStructure = z.infer<typeof securityDecodedSchema>;
+type SecurityOptions = {
+  cipherSuiteIdentifier: number;
+  eDeviceKey: EDeviceKey;
+};
+declare class Security extends CborStructure<SecurityEncodedStructure, SecurityDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodNumber, z.ZodCustom<DataItem<unknown>, DataItem<unknown>>], null>, z.ZodObject<{
+    cipherSuiteIdentifier: z.ZodNumber;
+    eDeviceKey: z.ZodCustom<EDeviceKey, EDeviceKey>;
+  }, z.core.$strip>>;
+  get cipherSuiteIdentifier(): number;
+  get eDeviceKey(): EDeviceKey;
+  static create(options: SecurityOptions): Security;
+}
+//#endregion
+//#region src/mdoc/models/oidc.d.ts
+declare const oidcEncodedSchema: z.ZodTuple<[z.ZodNumber, z.ZodString, z.ZodString], null>;
+declare const oidcDecodedSchema: z.ZodObject<{
+  version: z.ZodNumber;
+  issuerUrl: z.ZodString;
+  serverRetrievalToken: z.ZodString;
+}, z.core.$strip>;
+type OidcEncodedStructure = z.infer<typeof oidcEncodedSchema>;
+type OidcDecodedStructure = z.infer<typeof oidcDecodedSchema>;
+type OidcOptions = OidcDecodedStructure;
+declare class Oidc extends CborStructure<OidcEncodedStructure, OidcDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodNumber, z.ZodString, z.ZodString], null>, z.ZodObject<{
+    version: z.ZodNumber;
+    issuerUrl: z.ZodString;
+    serverRetrievalToken: z.ZodString;
+  }, z.core.$strip>>;
+  get version(): number;
+  get issuerUrl(): string;
+  get serverRetrievalToken(): string;
+  static create(options: OidcOptions): Oidc;
+}
+//#endregion
+//#region src/mdoc/models/web-api.d.ts
+declare const webApiEncodedSchema: z.ZodTuple<[z.ZodNumber, z.ZodString, z.ZodString], null>;
+declare const webApiDecodedSchema: z.ZodObject<{
+  version: z.ZodNumber;
+  issuerUrl: z.ZodString;
+  serverRetrievalToken: z.ZodString;
+}, z.core.$strip>;
+type WebApiEncodedStructure = z.infer<typeof webApiEncodedSchema>;
+type WebApiDecodedStructure = z.infer<typeof webApiDecodedSchema>;
+type WebApiOptions = WebApiDecodedStructure;
+declare class WebApi extends CborStructure<WebApiEncodedStructure, WebApiDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodNumber, z.ZodString, z.ZodString], null>, z.ZodObject<{
+    version: z.ZodNumber;
+    issuerUrl: z.ZodString;
+    serverRetrievalToken: z.ZodString;
+  }, z.core.$strip>>;
+  get version(): number;
+  get issuerUrl(): string;
+  get serverRetrievalToken(): string;
+  static create(options: WebApiOptions): WebApi;
+}
+//#endregion
+//#region src/mdoc/models/server-retrieval-method.d.ts
+declare const serverRetrievalMethodSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  webApi: WebApi;
+  oidc: Oidc;
+}, "webApi" | "oidc">, TypedMap<{
+  webApi: WebApi;
+  oidc: Oidc;
+}, "webApi" | "oidc">>>;
+type ServerRetrievalMethodDecodedStructure = z.output<typeof serverRetrievalMethodSchema>;
+type ServerRetrievalMethodEncodedStructure = z.input<typeof serverRetrievalMethodSchema>;
+type ServerRetrievalMethodOptions = {
+  webApi?: WebApi;
+  oidc?: Oidc;
+};
+declare class ServerRetrievalMethod extends CborStructure<ServerRetrievalMethodEncodedStructure, ServerRetrievalMethodDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    webApi: WebApi;
+    oidc: Oidc;
+  }, "webApi" | "oidc">, TypedMap<{
+    webApi: WebApi;
+    oidc: Oidc;
+  }, "webApi" | "oidc">>>;
+  get webApi(): WebApi | undefined;
+  get oidc(): Oidc | undefined;
+  static create(options: ServerRetrievalMethodOptions): ServerRetrievalMethod;
+}
+//#endregion
+//#region src/mdoc/models/device-engagement.d.ts
+declare enum DeviceEngagementKeys {
+  Version = 0,
+  Security = 1,
+  DeviceRetrievalMethods = 2,
+  ServerRetrievalMethods = 3,
+  ProtocolInfo = 4
+}
+declare const deviceEngagementSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  0: string;
+  1: Security;
+  2: DeviceRetrievalMethod[];
+  3: ServerRetrievalMethod[];
+  4: ProtocolInfo;
+}, DeviceEngagementKeys.DeviceRetrievalMethods | DeviceEngagementKeys.ServerRetrievalMethods | DeviceEngagementKeys.ProtocolInfo>, TypedMap<{
+  0: string;
+  1: Security;
+  2: DeviceRetrievalMethod[];
+  3: ServerRetrievalMethod[];
+  4: ProtocolInfo;
+}, DeviceEngagementKeys.DeviceRetrievalMethods | DeviceEngagementKeys.ServerRetrievalMethods | DeviceEngagementKeys.ProtocolInfo>>>;
+type DeviceEngagementEncodedStructure = z.input<typeof deviceEngagementSchema>;
+type DeviceEngagementDecodedStructure = z.output<typeof deviceEngagementSchema>;
+type DeviceEngagementOptions = {
+  version: string;
+  security: Security;
+  deviceRetrievalMethods?: Array<DeviceRetrievalMethod>;
+  serverRetrievalMethods?: Array<ServerRetrievalMethod>;
+  protocolInfo?: ProtocolInfo;
+};
+declare class DeviceEngagement extends CborStructure<DeviceEngagementEncodedStructure, DeviceEngagementDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    0: string;
+    1: Security;
+    2: DeviceRetrievalMethod[];
+    3: ServerRetrievalMethod[];
+    4: ProtocolInfo;
+  }, DeviceEngagementKeys.DeviceRetrievalMethods | DeviceEngagementKeys.ServerRetrievalMethods | DeviceEngagementKeys.ProtocolInfo>, TypedMap<{
+    0: string;
+    1: Security;
+    2: DeviceRetrievalMethod[];
+    3: ServerRetrievalMethod[];
+    4: ProtocolInfo;
+  }, DeviceEngagementKeys.DeviceRetrievalMethods | DeviceEngagementKeys.ServerRetrievalMethods | DeviceEngagementKeys.ProtocolInfo>>>;
+  get version(): string;
+  get security(): Security;
+  get deviceRetrievalMethods(): DeviceRetrievalMethod[] | undefined;
+  get serverRetrievalMethods(): ServerRetrievalMethod[] | undefined;
+  get protocolInfo(): ProtocolInfo | undefined;
+  static create(options: DeviceEngagementOptions): DeviceEngagement;
+}
+//#endregion
+//#region src/mdoc/models/e-reader-key.d.ts
+type EReaderKeyDecodedStructure = CoseKeyDecodedStructure;
+type EReaderKeyEncodedStructure = CoseKeyEncodedStructure;
+type EReaderKeyOptions = CoseKeyOptions;
+declare class EReaderKey extends CoseKey {}
+//#endregion
+//#region src/mdoc/models/handover.d.ts
+declare abstract class Handover<EncodedStructure = unknown, DecodedStructure = EncodedStructure> extends CborStructure<EncodedStructure, DecodedStructure> {
+  static tryDecodeHandover<T extends Handover<any, any>>(this: {
+    new (structure: any): T;
+    fromEncodedStructure: (encodedStructure: EncodedStructureType<T>) => {
+      decodedStructure: DecodedStructureType<T>;
+    };
+  }, structure: unknown): T | null;
+  /**
+   * Whether this handover structure requires a reader key. Can
+   * be overridden in extending handover classes.
+   */
+  get requiresReaderKey(): boolean;
+  /**
+   * Whether this handover structure requires device engagement structure. Can
+   * be overridden in extending handover classes.
+   */
+  get requiresDeviceEngagement(): boolean;
+}
+//#endregion
+//#region src/mdoc/models/oid4vp-dc-api-draft24-handover-info.d.ts
+type Oid4vpDcApiDraft24HandoverInfoOptions = {
+  origin: string;
+  clientId: string;
+  nonce: string;
+};
+//#endregion
+//#region src/mdoc/models/oid4vp-dc-api-handover-info.d.ts
+type Oid4vpDcApiHandoverInfoOptions = {
+  origin: string;
+  nonce: string;
+  jwkThumbprint?: Uint8Array;
+};
+//#endregion
+//#region src/mdoc/models/oid4vp-handover-info.d.ts
+type Oid4vpHandoverInfoOptions = {
+  clientId: string;
+  nonce: string;
+  jwkThumbprint?: Uint8Array;
+  responseUri: string;
+};
+//#endregion
+//#region src/mdoc/models/oid4vp-iae-handover-info.d.ts
+type Oid4vpIaeHandoverInfoOptions = {
+  interactiveAuthorizationEndpoint: string;
+  nonce: string;
+  jwkThumbprint?: Uint8Array;
+};
+//#endregion
+//#region src/mdoc/models/session-transcript.d.ts
+declare const sessionTranscriptEncodedSchema: z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>;
+declare const sessionTranscriptDecodedSchema: z.ZodObject<{
+  deviceEngagement: z.ZodNullable<z.ZodCustom<DeviceEngagement, DeviceEngagement>>;
+  eReaderKey: z.ZodNullable<z.ZodCustom<EReaderKey, EReaderKey>>;
+  handover: z.ZodCustom<Handover<unknown, unknown>, Handover<unknown, unknown>>;
+}, z.core.$strip>;
+type SessionTranscriptDecodedStructure = z.infer<typeof sessionTranscriptDecodedSchema>;
+type SessionTranscriptEncodedStructure = z.infer<typeof sessionTranscriptEncodedSchema>;
+type SessionTranscriptOptions = {
+  deviceEngagement?: DeviceEngagement;
+  eReaderKey?: EReaderKey;
+  handover: Handover;
+};
+declare class SessionTranscript extends CborStructure<SessionTranscriptEncodedStructure, SessionTranscriptDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>, z.ZodObject<{
+    deviceEngagement: z.ZodNullable<z.ZodCustom<DeviceEngagement, DeviceEngagement>>;
+    eReaderKey: z.ZodNullable<z.ZodCustom<EReaderKey, EReaderKey>>;
+    handover: z.ZodCustom<Handover<unknown, unknown>, Handover<unknown, unknown>>;
+  }, z.core.$strip>>;
+  get deviceEngagement(): DeviceEngagement | null;
+  get eReaderKey(): EReaderKey | null;
+  get handover(): Handover<unknown, unknown>;
+  static create(options: SessionTranscriptOptions): SessionTranscript;
+  /**
+   * Create a SessionTranscript for QR handover (ISO 18013-5 proximity presentation).
+   *
+   * For QR handover, exact CBOR bytes matter for session key derivation.
+   * Use DeviceEngagement.decode() and EReaderKey.decode() to preserve original bytes -
+   * calling encode() on decoded objects will return the identical bytes.
+   */
+  static forQrHandover(options: {
+    deviceEngagement: DeviceEngagement;
+    eReaderKey: EReaderKey;
+  }): SessionTranscript;
+  static forOid4VpDcApiDraft24(options: Oid4vpDcApiDraft24HandoverInfoOptions, ctx: Pick<MdocContext, 'crypto'>): Promise<SessionTranscript>;
+  static forOid4VpDcApi(options: Oid4vpDcApiHandoverInfoOptions, ctx: Pick<MdocContext, 'crypto'>): Promise<SessionTranscript>;
+  static forOid4VpIae(options: Oid4vpIaeHandoverInfoOptions, ctx: Pick<MdocContext, 'crypto'>): Promise<SessionTranscript>;
+  static forOid4Vp(options: Oid4vpHandoverInfoOptions, ctx: Pick<MdocContext, 'crypto'>): Promise<SessionTranscript>;
+  /**
+   * Calculate the session transcript bytes as defined in 18013-7 first edition, based
+   * on OpenID4VP draft 18.
+   */
+  static forOid4VpDraft18(options: {
+    clientId: string;
+    responseUri: string;
+    verifierGeneratedNonce: string;
+    mdocGeneratedNonce: string;
+  }, ctx: Pick<MdocContext, 'crypto'>): Promise<SessionTranscript>;
+}
+//#endregion
+//#region src/cose/mac0.d.ts
+declare const mac0EncodedSchema: z.ZodTuple<[z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodNullable<z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>, z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>], null>;
+declare const mac0DecodedSchema: z.ZodObject<{
+  protectedHeaders: z.ZodCustom<ProtectedHeaders, ProtectedHeaders>;
+  unprotectedHeaders: z.ZodCustom<UnprotectedHeaders, UnprotectedHeaders>;
+  payload: z.ZodNullable<z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+  tag: z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+}, z.core.$strip>;
+type Mac0EncodedStructure = z.infer<typeof mac0EncodedSchema>;
+type Mac0DecodedStructure = z.infer<typeof mac0DecodedSchema>;
+type Mac0Options = {
+  protectedHeaders: ProtectedHeaders | ProtectedHeaderOptions['protectedHeaders'];
+  unprotectedHeaders: UnprotectedHeaders | UnprotectedHeaderOptions['unprotectedHeaders'];
+  externalAad?: Uint8Array;
+  payload?: Uint8Array | null;
+  detachedPayload?: Uint8Array;
+  privateKey: CoseKey;
+  ephemeralKey: CoseKey;
+  sessionTranscript: SessionTranscript | Uint8Array;
+};
+declare class Mac0 extends CborStructure<Mac0EncodedStructure, Mac0DecodedStructure> {
+  static tag: number;
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodNullable<z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>, z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>], null>, z.ZodObject<{
+    protectedHeaders: z.ZodCustom<ProtectedHeaders, ProtectedHeaders>;
+    unprotectedHeaders: z.ZodCustom<UnprotectedHeaders, UnprotectedHeaders>;
+    payload: z.ZodNullable<z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+    tag: z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+  }, z.core.$strip>>;
+  externalAad?: Uint8Array;
+  detachedPayload?: Uint8Array;
+  get protectedHeaders(): ProtectedHeaders;
+  get unprotectedHeaders(): UnprotectedHeaders;
+  get payload(): Uint8Array<ArrayBufferLike> | null;
+  get tag(): Uint8Array<ArrayBufferLike>;
+  get toBeAuthenticated(): Uint8Array<ArrayBufferLike>;
+  /**
+   * Decodes CBOR bytes into a Sign1 instance.
+   * Uses the encodingSchema's decode() method to validate and transform the decoded data.
+   */
+  static decode<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, bytes: Uint8Array): T;
+  static toBeAuthenticated(options: {
+    payload: Uint8Array;
+    protectedHeaders: ProtectedHeaders;
+    externalAad?: Uint8Array;
+  }): Uint8Array<ArrayBufferLike>;
+  get signatureAlgorithmName(): MacAlgorithm;
+  static create(options: Mac0Options, ctx: Pick<MdocContext, 'crypto' | 'cose'>): Promise<Mac0>;
+}
+//#endregion
+//#region src/cose/sign1.d.ts
+declare const sign1EncodedSchema: z$1.ZodTuple<[z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>, z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>, z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>], null>;
+declare const sign1DecodedSchema: z$1.ZodObject<{
+  protected: z$1.ZodCustom<ProtectedHeaders, ProtectedHeaders>;
+  unprotected: z$1.ZodCustom<UnprotectedHeaders, UnprotectedHeaders>;
+  payload: z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+  signature: z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+}, z$1.core.$strip>;
+type Sign1EncodedStructure = z$1.infer<typeof sign1EncodedSchema>;
+type Sign1DecodedStructure = z$1.infer<typeof sign1DecodedSchema>;
+type Sign1Options = {
+  protectedHeaders?: ProtectedHeaders | ProtectedHeaderOptions['protectedHeaders'];
+  unprotectedHeaders?: UnprotectedHeaders | UnprotectedHeaderOptions['unprotectedHeaders'];
+  signingKey: CoseKey;
+  payload?: Uint8Array | null;
+  detachedPayload?: Uint8Array;
+  externalAad?: Uint8Array;
+};
+declare class Sign1 extends CborStructure<Sign1EncodedStructure, Sign1DecodedStructure> {
+  static tag: number;
+  static get encodingSchema(): z$1.ZodCodec<z$1.ZodTuple<[z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z$1.ZodMap<z$1.ZodNumber, z$1.ZodUnknown>, z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>, z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>], null>, z$1.ZodObject<{
+    protected: z$1.ZodCustom<ProtectedHeaders, ProtectedHeaders>;
+    unprotected: z$1.ZodCustom<UnprotectedHeaders, UnprotectedHeaders>;
+    payload: z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+    signature: z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+  }, z$1.core.$strip>>;
+  detachedPayload?: Uint8Array;
+  externalAad?: Uint8Array;
+  get protectedHeaders(): ProtectedHeaders;
+  get unprotectedHeaders(): UnprotectedHeaders;
+  get payload(): Uint8Array<ArrayBufferLike> | null;
+  get signature(): Uint8Array<ArrayBufferLike>;
+  get certificateChain(): Uint8Array<ArrayBufferLike>[];
+  get certificate(): Uint8Array<ArrayBufferLike>;
+  getIssuingCountry(ctx: Pick<MdocContext, 'x509'>): string;
+  getIssuingStateOrProvince(ctx: Pick<MdocContext, 'x509'>): string;
+  get toBeSigned(): Uint8Array<ArrayBufferLike>;
+  /**
+   * Decodes CBOR bytes into a Sign1 instance.
+   * Uses the encodingSchema's decode() method to validate and transform the decoded data.
+   */
+  static decode<T extends AnyCborStructure>(this: CborStructureStaticThis<T>, bytes: Uint8Array): T;
+  static toBeSigned(options: {
+    payload: Uint8Array;
+    protectedHeaders: ProtectedHeaders;
+    externalAad?: Uint8Array;
+  }): Uint8Array<ArrayBufferLike>;
+  get signatureAlgorithmName(): string;
+  get x5chain(): Uint8Array<ArrayBufferLike>[] | undefined;
+  verifySignature(options: {
+    key?: CoseKey;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509'>): Promise<boolean>;
+  static create(options: Sign1Options, ctx: Pick<MdocContext, 'cose'>): Promise<Sign1>;
+}
+//#endregion
+//#region src/context.d.ts
+type MaybePromise<T> = Promise<T> | T;
+interface MdocContext {
+  crypto: {
+    random: (length: number) => Uint8Array;
+    digest: (input: {
+      digestAlgorithm: DigestAlgorithm;
+      bytes: Uint8Array;
+    }) => MaybePromise<Uint8Array>;
+    calculateEphemeralMacKey: (input: {
+      privateKey: Uint8Array;
+      publicKey: Uint8Array;
+      sessionTranscriptBytes: Uint8Array;
+      info: 'EMacKey' | 'SKReader' | 'SKDevice';
+    }) => MaybePromise<CoseKey>;
+  };
+  cose: {
+    sign1: {
+      sign: (input: {
+        toBeSigned: Uint8Array;
+        key: CoseKey;
+      }) => MaybePromise<Uint8Array>;
+      verify(input: {
+        key: CoseKey;
+        sign1: Sign1;
+      }): MaybePromise<boolean>;
+    };
+    mac0: {
+      sign: (input: {
+        key: CoseKey;
+        toBeAuthenticated: Uint8Array;
+      }) => MaybePromise<Uint8Array>;
+      verify(input: {
+        mac0: Mac0;
+        key: CoseKey;
+      }): MaybePromise<boolean>;
+    };
+  };
+  x509: {
+    getIssuerNameField: (input: {
+      certificate: Uint8Array;
+      field: string;
+    }) => string[];
+    getPublicKey: (input: {
+      certificate: Uint8Array;
+      alg: string;
+    }) => MaybePromise<CoseKey>;
+    verifyCertificateChain: (input: {
+      trustedCertificates: Uint8Array[];
+      x5chain: Uint8Array[];
+      now?: Date;
+    }) => MaybePromise<void>;
+    getCertificateData: (input: {
+      certificate: Uint8Array;
+    }) => MaybePromise<{
+      issuerName: string;
+      subjectName: string;
+      serialNumber: string;
+      thumbprint: string;
+      notBefore: Date;
+      notAfter: Date;
+      pem: string;
+    }>;
+  };
+}
+//#endregion
+//#region src/mdoc/models/data-element-identifier.d.ts
+type DataElementIdentifier = string;
+//#endregion
+//#region src/mdoc/models/data-element-value.d.ts
+type DataElementValue = unknown;
+//#endregion
+//#region src/mdoc/check-callback.d.ts
+interface VerificationAssessment {
+  status: 'PASSED' | 'FAILED' | 'WARNING';
+  category: 'DOCUMENT_FORMAT' | 'DEVICE_AUTH' | 'ISSUER_AUTH' | 'DATA_INTEGRITY' | 'READER_AUTH';
+  check: string;
+  reason?: string;
+}
+type VerificationCallback = (item: VerificationAssessment) => void;
+declare const defaultVerificationCallback: VerificationCallback;
+declare const onCategoryCheck: (onCheck: VerificationCallback, category: VerificationAssessment["category"]) => (item: Omit<VerificationAssessment, "category">) => void;
+//#endregion
+//#region src/mdoc/models/device-mac.d.ts
+type DeviceMacEncodedStructure = Mac0EncodedStructure;
+type DeviceMacDecodedStructure = Mac0DecodedStructure;
+type DeviceMacOptions = Mac0Options;
+declare class DeviceMac extends Mac0 {
+  verify(options: {
+    publicKey: CoseKey;
+    privateKey: CoseKey;
+    info?: 'EMacKey' | 'SKReader' | 'SKDevice';
+    sessionTranscript: SessionTranscript | Uint8Array;
+  }, ctx: Pick<MdocContext, 'crypto' | 'cose'>): Promise<boolean>;
+  static create(options: DeviceMacOptions, ctx: Pick<MdocContext, 'cose' | 'crypto'>): Promise<DeviceMac>;
+}
+//#endregion
+//#region src/mdoc/models/device-signature.d.ts
+type DeviceSignatureEncodedStructure = Sign1EncodedStructure;
+type DeviceSignatureDecodedStructure = Sign1DecodedStructure;
+type DeviceSignatureOptions = Sign1Options;
+declare class DeviceSignature extends Sign1 {
+  static create(options: DeviceSignatureOptions, ctx: Pick<MdocContext, 'cose'>): Promise<DeviceSignature>;
+}
+//#endregion
+//#region src/mdoc/models/device-key.d.ts
+type DeviceKeyDecodedStructure = CoseKeyDecodedStructure;
+type DeviceKeyEncodedStructure = CoseKeyEncodedStructure;
+type DeviceKeyOptions = CoseKeyOptions;
+declare class DeviceKey extends CoseKey {}
+//#endregion
+//#region src/mdoc/models/namespace.d.ts
+type Namespace = string;
+//#endregion
+//#region src/mdoc/models/key-authorizations.d.ts
+declare const keyAuthorizationsSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  nameSpaces: string[];
+  dataElements: Map<string, string[]>;
+}, "nameSpaces" | "dataElements">, TypedMap<{
+  nameSpaces: string[];
+  dataElements: Map<string, string[]>;
+}, "nameSpaces" | "dataElements">>>;
+type KeyAuthorizationsEncodedStructure = z.input<typeof keyAuthorizationsSchema>;
+type KeyAuthorizationsDecodedStructure = z.output<typeof keyAuthorizationsSchema>;
+type KeyAuthorizationsOptions = {
+  namespaces?: Array<Namespace>;
+  dataElements?: Map<Namespace, Array<DataElementIdentifier>>;
+};
+declare class KeyAuthorizations extends CborStructure<KeyAuthorizationsEncodedStructure, KeyAuthorizationsDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    nameSpaces: string[];
+    dataElements: Map<string, string[]>;
+  }, "nameSpaces" | "dataElements">, TypedMap<{
+    nameSpaces: string[];
+    dataElements: Map<string, string[]>;
+  }, "nameSpaces" | "dataElements">>>;
+  get namespaces(): string[] | undefined;
+  get dataElements(): Map<string, string[]> | undefined;
+  static create(options: KeyAuthorizationsOptions): KeyAuthorizations;
+}
+//#endregion
+//#region src/mdoc/models/key-info.d.ts
+declare const keyInfoSchema: z.ZodMap<z.ZodNumber, z.ZodUnknown>;
+type KeyInfoEncodedStructure = z.input<typeof keyInfoSchema>;
+type KeyInfoDecodedStructure = z.output<typeof keyInfoSchema>;
+type KeyInfoOptions = {
+  keyInfo: Map<number, unknown>;
+};
+declare class KeyInfo extends CborStructure<KeyInfoEncodedStructure, KeyInfoDecodedStructure> {
+  static get encodingSchema(): z.ZodMap<z.ZodNumber, z.ZodUnknown>;
+  get keyInfo(): Map<number, unknown>;
+  static create(options: KeyInfoOptions): KeyInfo;
+}
+//#endregion
+//#region src/mdoc/models/device-key-info.d.ts
+declare const deviceKeyInfoSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  deviceKey: DeviceKey;
+  keyAuthorizations: KeyAuthorizations;
+  keyInfo: KeyInfo;
+}, "keyAuthorizations" | "keyInfo">, TypedMap<{
+  deviceKey: DeviceKey;
+  keyAuthorizations: KeyAuthorizations;
+  keyInfo: KeyInfo;
+}, "keyAuthorizations" | "keyInfo">>>;
+type DeviceKeyInfoDecodedStructure = z.output<typeof deviceKeyInfoSchema>;
+type DeviceKeyInfoEncodedStructure = z.input<typeof deviceKeyInfoSchema>;
+type DeviceKeyInfoOptions = {
+  deviceKey: DeviceKey;
+  keyAuthorizations?: KeyAuthorizations;
+  keyInfo?: KeyInfo;
+};
+declare class DeviceKeyInfo extends CborStructure<DeviceKeyInfoEncodedStructure, DeviceKeyInfoDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    deviceKey: DeviceKey;
+    keyAuthorizations: KeyAuthorizations;
+    keyInfo: KeyInfo;
+  }, "keyAuthorizations" | "keyInfo">, TypedMap<{
+    deviceKey: DeviceKey;
+    keyAuthorizations: KeyAuthorizations;
+    keyInfo: KeyInfo;
+  }, "keyAuthorizations" | "keyInfo">>>;
+  get deviceKey(): DeviceKey;
+  get keyAuthorizations(): KeyAuthorizations | undefined;
+  get keyInfo(): KeyInfo | undefined;
+  static create(options: DeviceKeyInfoOptions): DeviceKeyInfo;
+}
+//#endregion
+//#region src/mdoc/models/doctype.d.ts
+type DocType = string;
+//#endregion
+//#region src/mdoc/models/validity-info.d.ts
+declare const validityInfoSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  signed: Date;
+  validFrom: Date;
+  validUntil: Date;
+  expectedUpdate: Date;
+}, "expectedUpdate">, TypedMap<{
+  signed: Date;
+  validFrom: Date;
+  validUntil: Date;
+  expectedUpdate: Date;
+}, "expectedUpdate">>>;
+type ValidityInfoEncodedStructure = z.input<typeof validityInfoSchema>;
+type ValidityInfoDecodedStructure = z.output<typeof validityInfoSchema>;
+type ValidityInfoOptions = {
+  signed: Date;
+  validFrom: Date;
+  validUntil: Date;
+  expectedUpdate?: Date;
+};
+declare class ValidityInfo extends CborStructure<ValidityInfoEncodedStructure, ValidityInfoDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    signed: Date;
+    validFrom: Date;
+    validUntil: Date;
+    expectedUpdate: Date;
+  }, "expectedUpdate">, TypedMap<{
+    signed: Date;
+    validFrom: Date;
+    validUntil: Date;
+    expectedUpdate: Date;
+  }, "expectedUpdate">>>;
+  get signed(): Date;
+  get validFrom(): Date;
+  get validUntil(): Date;
+  get expectedUpdate(): Date | undefined;
+  isSignedBetweenDates(notBefore: Date, notAfter: Date, skewSeconds?: number): boolean;
+  isValidUntilAfterNow(now?: Date, skewSeconds?: number): boolean;
+  isValidFromBeforeNow(now?: Date, skewSeconds?: number): boolean;
+  static create(options: ValidityInfoOptions): ValidityInfo;
+}
+//#endregion
+//#region src/mdoc/models/digest-id.d.ts
+type DigestId = number;
+//#endregion
+//#region src/mdoc/models/value-digests.d.ts
+declare const valueDigestsSchema: z.ZodMap<z.ZodString, z.ZodMap<z.ZodNumber, z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>>;
+type ValueDigestsStructure = z.infer<typeof valueDigestsSchema>;
+type ValueDigestOptions = {
+  digests: ValueDigestsStructure;
+};
+declare class ValueDigests extends CborStructure<ValueDigestsStructure> {
+  static get encodingSchema(): z.ZodMap<z.ZodString, z.ZodMap<z.ZodNumber, z.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>>;
+  get valueDigests(): Map<string, Map<number, Uint8Array<ArrayBufferLike>>>;
+  static create(options: ValueDigestOptions): ValueDigests;
+  getDigestForNamespace(namespace: Namespace, digestId: DigestId): Uint8Array<ArrayBufferLike> | undefined;
+  hasDigestForNamespace(namespace: Namespace, digestId: DigestId): boolean;
+  getNamespaces(): Namespace[];
+  getDigestIdsForNamespace(namespace: Namespace): DigestId[];
+}
+//#endregion
+//#region src/mdoc/models/mobile-security-object.d.ts
+declare const mobileSecurityObjectSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  version: "1.0";
+  docType: string;
+  digestAlgorithm: "SHA-256" | "SHA-384" | "SHA-512";
+  valueDigests: ValueDigests;
+  deviceKeyInfo: DeviceKeyInfo;
+  validityInfo: ValidityInfo;
+}, never>, TypedMap<{
+  version: "1.0";
+  docType: string;
+  digestAlgorithm: "SHA-256" | "SHA-384" | "SHA-512";
+  valueDigests: ValueDigests;
+  deviceKeyInfo: DeviceKeyInfo;
+  validityInfo: ValidityInfo;
+}, never>>>;
+type MobileSecurityObjectDecodedStructure = z.output<typeof mobileSecurityObjectSchema>;
+type MobileSecurityObjectEncodedStructure = z.input<typeof mobileSecurityObjectSchema>;
+type MobileSecurityObjectOptions = {
+  version?: '1.0';
+  digestAlgorithm: DigestAlgorithm;
+  docType: DocType;
+  valueDigests: ValueDigests;
+  validityInfo: ValidityInfo;
+  deviceKeyInfo: DeviceKeyInfo;
+};
+declare class MobileSecurityObject extends CborStructure<MobileSecurityObjectEncodedStructure, MobileSecurityObjectDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    version: "1.0";
+    docType: string;
+    digestAlgorithm: "SHA-256" | "SHA-384" | "SHA-512";
+    valueDigests: ValueDigests;
+    deviceKeyInfo: DeviceKeyInfo;
+    validityInfo: ValidityInfo;
+  }, never>, TypedMap<{
+    version: "1.0";
+    docType: string;
+    digestAlgorithm: "SHA-256" | "SHA-384" | "SHA-512";
+    valueDigests: ValueDigests;
+    deviceKeyInfo: DeviceKeyInfo;
+    validityInfo: ValidityInfo;
+  }, never>>>;
+  get version(): "1.0";
+  get digestAlgorithm(): "SHA-256" | "SHA-384" | "SHA-512";
+  get docType(): string;
+  get validityInfo(): ValidityInfo;
+  get valueDigests(): ValueDigests;
+  get deviceKeyInfo(): DeviceKeyInfo;
+  static create(options: MobileSecurityObjectOptions): MobileSecurityObject;
+}
+//#endregion
+//#region src/mdoc/models/issuer-auth.d.ts
+type IssuerAuthEncodedStructure = Sign1EncodedStructure;
+type IssuerAuthOptions = Omit<Sign1Options, 'payload'> & {
+  payload?: Sign1Options['payload'] | MobileSecurityObject;
+};
+declare class IssuerAuth extends Sign1 {
+  static create(options: IssuerAuthOptions, ctx: Pick<MdocContext, 'cose'>): Promise<IssuerAuth>;
+  get mobileSecurityObject(): MobileSecurityObject;
+  verify(options: {
+    verificationCallback?: VerificationCallback;
+    now?: Date;
+    trustedCertificates?: Array<Uint8Array>;
+    disableCertificateChainValidation?: boolean;
+    skewSeconds?: number;
+  }, ctx: Pick<MdocContext, 'x509' | 'cose'>): Promise<void>;
+}
+//#endregion
+//#region src/mdoc/models/issuer-signed-item.d.ts
+declare const issuerSignedItemSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  digestID: number;
+  random: Uint8Array<ArrayBufferLike>;
+  elementIdentifier: string;
+  elementValue: unknown;
+}, never>, TypedMap<{
+  digestID: number;
+  random: Uint8Array<ArrayBufferLike>;
+  elementIdentifier: string;
+  elementValue: unknown;
+}, never>>>;
+type IssuerSignedItemEncodedStructure = z.input<typeof issuerSignedItemSchema>;
+type IssuerSignedItemDecodedStructure = z.output<typeof issuerSignedItemSchema>;
+type IssuerSignedItemOptions = {
+  digestId: number;
+  random: Uint8Array;
+  elementIdentifier: DataElementIdentifier;
+  elementValue: DataElementValue;
+};
+declare class IssuerSignedItem extends CborStructure<IssuerSignedItemEncodedStructure, IssuerSignedItemDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    digestID: number;
+    random: Uint8Array<ArrayBufferLike>;
+    elementIdentifier: string;
+    elementValue: unknown;
+  }, never>, TypedMap<{
+    digestID: number;
+    random: Uint8Array<ArrayBufferLike>;
+    elementIdentifier: string;
+    elementValue: unknown;
+  }, never>>>;
+  get random(): Uint8Array<ArrayBufferLike>;
+  get elementIdentifier(): string;
+  get elementValue(): unknown;
+  get digestId(): number;
+  isValid(namespace: Namespace, issuerAuth: IssuerAuth, ctx: Pick<MdocContext, 'crypto'>): Promise<boolean>;
+  matchCertificate(issuerAuth: IssuerAuth, ctx: Pick<MdocContext, 'x509'>): boolean;
+  static fromOptions(options: IssuerSignedItemOptions): IssuerSignedItem;
+}
+//#endregion
+//#region src/mdoc/models/device-signed-items.d.ts
+declare const deviceSignedItemsSchema: z.ZodMap<z.ZodString, z.ZodUnknown>;
+type DeviceSignedItemsStructure = z.infer<typeof deviceSignedItemsSchema>;
+type DeviceSignedItemsOptions = {
+  deviceSignedItems: Map<DataElementIdentifier, DataElementValue>;
+};
+declare class DeviceSignedItems extends CborStructure<DeviceSignedItemsStructure> {
+  static get encodingSchema(): z.ZodMap<z.ZodString, z.ZodUnknown>;
+  get deviceSignedItems(): Map<string, unknown>;
+  static create(options: DeviceSignedItemsOptions): DeviceSignedItems;
+}
+//#endregion
+//#region src/mdoc/models/device-namespaces.d.ts
+declare const deviceNamespacesEncodedSchema: z.ZodMap<z.ZodString, z.ZodMap<z.ZodString, z.ZodUnknown>>;
+declare const deviceNamespacesDecodedSchema: z.ZodMap<z.ZodString, z.ZodCustom<DeviceSignedItems, DeviceSignedItems>>;
+type DeviceNamespacesDecodedStructure = z.infer<typeof deviceNamespacesDecodedSchema>;
+type DeviceNamespacesEncodedStructure = z.infer<typeof deviceNamespacesEncodedSchema>;
+type DeviceNamespacesOptions = {
+  deviceNamespaces: Map<Namespace, DeviceSignedItems>;
+};
+declare class DeviceNamespaces extends CborStructure<DeviceNamespacesEncodedStructure, DeviceNamespacesDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodString, z.ZodMap<z.ZodString, z.ZodUnknown>>, z.ZodMap<z.ZodString, z.ZodCustom<DeviceSignedItems, DeviceSignedItems>>>;
+  get deviceNamespaces(): Map<string, DeviceSignedItems>;
+  static create(options: DeviceNamespacesOptions): DeviceNamespaces;
+}
+//#endregion
+//#region src/mdoc/models/device-signed.d.ts
+declare const deviceSignedSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  nameSpaces: DeviceNamespaces;
+  deviceAuth: DeviceAuth;
+}, never>, TypedMap<{
+  nameSpaces: DeviceNamespaces;
+  deviceAuth: DeviceAuth;
+}, never>>>;
+type DeviceSignedDecodedStructure = z.output<typeof deviceSignedSchema>;
+type DeviceSignedEncodedStructure = z.input<typeof deviceSignedSchema>;
+type DeviceSignedOptions = {
+  deviceNamespaces: DeviceNamespaces;
+  deviceAuth: DeviceAuth;
+};
+declare class DeviceSigned extends CborStructure<DeviceSignedEncodedStructure, DeviceSignedDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    nameSpaces: DeviceNamespaces;
+    deviceAuth: DeviceAuth;
+  }, never>, TypedMap<{
+    nameSpaces: DeviceNamespaces;
+    deviceAuth: DeviceAuth;
+  }, never>>>;
+  get deviceNamespaces(): DeviceNamespaces;
+  get deviceAuth(): DeviceAuth;
+  static create(options: DeviceSignedOptions): DeviceSigned;
+}
+//#endregion
+//#region src/mdoc/models/error-code.d.ts
+type ErrorCode = number;
+//#endregion
+//#region src/mdoc/models/error-items.d.ts
+declare const errorItemsSchema: z$1.ZodMap<z$1.ZodString, z$1.ZodNumber>;
+type ErrorItemsStructure = Map<DataElementIdentifier, ErrorCode>;
+type ErrorItemsOptions = {
+  errorItems: ErrorItemsStructure;
+};
+declare class ErrorItems extends CborStructure<ErrorItemsStructure> {
+  static get encodingSchema(): z$1.ZodMap<z$1.ZodString, z$1.ZodNumber>;
+  static create(options: ErrorItemsOptions): ErrorItems;
+}
+//#endregion
+//#region src/mdoc/models/issuer-namespaces.d.ts
+declare const issuerNamespacesEncodedSchema: z$1.ZodMap<z$1.ZodString, z$1.ZodArray<z$1.ZodCustom<DataItem<unknown>, DataItem<unknown>>>>;
+declare const issuerNamespacesDecodedSchema: z$1.ZodMap<z$1.ZodString, z$1.ZodArray<z$1.ZodCustom<IssuerSignedItem, IssuerSignedItem>>>;
+type IssuerNamespacesEncodedStructure = z$1.infer<typeof issuerNamespacesEncodedSchema>;
+type IssuerNamespacesDecodedStructure = z$1.infer<typeof issuerNamespacesDecodedSchema>;
+type IssuerNamespacesOptions = {
+  issuerNamespaces: IssuerNamespacesDecodedStructure;
+};
+declare class IssuerNamespaces extends CborStructure<IssuerNamespacesEncodedStructure, IssuerNamespacesDecodedStructure> {
+  static get encodingSchema(): z$1.ZodCodec<z$1.ZodMap<z$1.ZodString, z$1.ZodArray<z$1.ZodCustom<DataItem<unknown>, DataItem<unknown>>>>, z$1.ZodMap<z$1.ZodString, z$1.ZodArray<z$1.ZodCustom<IssuerSignedItem, IssuerSignedItem>>>>;
+  get issuerNamespaces(): Map<string, IssuerSignedItem[]>;
+  getIssuerNamespace(namespace: string): IssuerSignedItem[] | undefined;
+  setIssuerNamespace(namespace: string, issuerSignedItems: IssuerSignedItem[]): Map<string, IssuerSignedItem[]>;
+  static create(options: IssuerNamespacesOptions): IssuerNamespaces;
+}
+//#endregion
+//#region src/mdoc/models/issuer-signed.d.ts
+declare const issuerSignedSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  nameSpaces: IssuerNamespaces;
+  issuerAuth: IssuerAuth;
+}, never>, TypedMap<{
+  nameSpaces: IssuerNamespaces;
+  issuerAuth: IssuerAuth;
+}, never>>>;
+type IssuerSignedDecodedStructure = z.output<typeof issuerSignedSchema>;
+type IssuerSignedEncodedStructure = z.input<typeof issuerSignedSchema>;
+type IssuerSignedOptions = {
+  issuerNamespaces?: IssuerNamespaces;
+  issuerAuth: IssuerAuth;
+};
+declare class IssuerSigned extends CborStructure<IssuerSignedEncodedStructure, IssuerSignedDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    nameSpaces: IssuerNamespaces;
+    issuerAuth: IssuerAuth;
+  }, never>, TypedMap<{
+    nameSpaces: IssuerNamespaces;
+    issuerAuth: IssuerAuth;
+  }, never>>>;
+  get issuerNamespaces(): IssuerNamespaces;
+  get issuerAuth(): IssuerAuth;
+  getIssuerNamespace(namespace: Namespace): IssuerSignedItem[] | undefined;
+  getPrettyClaims(namespace: Namespace): {} | undefined;
+  get encodedForOid4Vci(): string;
+  static fromEncodedForOid4Vci(encoded: string): IssuerSigned;
+  verify(options: {
+    verificationCallback?: VerificationCallback;
+  }, ctx: Pick<MdocContext, 'x509' | 'crypto'>): Promise<void>;
+  static create(options: IssuerSignedOptions): IssuerSigned;
+}
+//#endregion
+//#region src/mdoc/models/document.d.ts
+declare const documentSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  errors: Map<string, unknown>;
+  docType: string;
+  issuerSigned: IssuerSigned;
+  deviceSigned: DeviceSigned;
+}, "errors">, TypedMap<{
+  errors: Map<string, unknown>;
+  docType: string;
+  issuerSigned: IssuerSigned;
+  deviceSigned: DeviceSigned;
+}, "errors">>>;
+type DocumentDecodedStructure = z.output<typeof documentSchema>;
+type DocumentEncodedStructure = z.input<typeof documentSchema>;
+type DocumentOptions = {
+  docType: DocType;
+  issuerSigned: IssuerSigned;
+  deviceSigned: DeviceSigned;
+  errors?: Map<Namespace, ErrorItems>;
+};
+declare class Document extends CborStructure<DocumentEncodedStructure, DocumentDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    errors: Map<string, unknown>;
+    docType: string;
+    issuerSigned: IssuerSigned;
+    deviceSigned: DeviceSigned;
+  }, "errors">, TypedMap<{
+    errors: Map<string, unknown>;
+    docType: string;
+    issuerSigned: IssuerSigned;
+    deviceSigned: DeviceSigned;
+  }, "errors">>>;
+  get docType(): string;
+  get issuerSigned(): IssuerSigned;
+  get deviceSigned(): DeviceSigned;
+  get errors(): Map<string, unknown> | undefined;
+  getIssuerNamespace(namespace: Namespace): IssuerSignedItem[] | undefined;
+  static create(options: DocumentOptions): Document;
+}
+//#endregion
+//#region src/mdoc/models/device-auth.d.ts
+declare const deviceAuthSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  deviceSignature: DeviceSignature;
+  deviceMac: DeviceMac;
+}, "deviceSignature" | "deviceMac">, TypedMap<{
+  deviceSignature: DeviceSignature;
+  deviceMac: DeviceMac;
+}, "deviceSignature" | "deviceMac">>>;
+type DeviceAuthDecodedStructure = z.output<typeof deviceAuthSchema>;
+type DeviceAuthEncodedStructure = z.input<typeof deviceAuthSchema>;
+type DeviceAuthOptions = {
+  deviceSignature?: DeviceSignature;
+  deviceMac?: DeviceMac;
+};
+declare class DeviceAuth extends CborStructure<DeviceAuthEncodedStructure, DeviceAuthDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    deviceSignature: DeviceSignature;
+    deviceMac: DeviceMac;
+  }, "deviceSignature" | "deviceMac">, TypedMap<{
+    deviceSignature: DeviceSignature;
+    deviceMac: DeviceMac;
+  }, "deviceSignature" | "deviceMac">>>;
+  get deviceSignature(): DeviceSignature | undefined;
+  get deviceMac(): DeviceMac | undefined;
+  verify(options: {
+    document: Document;
+    verificationCallback?: VerificationCallback;
+    ephemeralMacPrivateKey?: CoseKey;
+    sessionTranscript: SessionTranscript | Uint8Array;
+  }, ctx: Pick<MdocContext, 'crypto' | 'cose'>): Promise<void>;
+  static create(options: DeviceAuthOptions): DeviceAuth;
+}
+//#endregion
+//#region src/mdoc/models/device-authentication.d.ts
+declare const deviceAuthenticationEncodedSchema: z.ZodTuple<[z.ZodLiteral<"DeviceAuthentication">, z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>, z.ZodString, z.ZodCustom<DataItem<Map<string, Map<string, unknown>>>, DataItem<Map<string, Map<string, unknown>>>>], null>;
+declare const deviceAuthenticationDecodedSchema: z.ZodObject<{
+  sessionTranscript: z.ZodCustom<SessionTranscript, SessionTranscript>;
+  docType: z.ZodString;
+  deviceNamespaces: z.ZodCustom<DeviceNamespaces, DeviceNamespaces>;
+}, z.core.$strip>;
+type DeviceAuthenticationDecodedStructure = z.infer<typeof deviceAuthenticationDecodedSchema>;
+type DeviceAuthenticationEncodedStructure = z.infer<typeof deviceAuthenticationEncodedSchema>;
+type DeviceAuthenticationOptions = {
+  sessionTranscript: SessionTranscript | Uint8Array;
+  docType: DocType;
+  deviceNamespaces: DeviceNamespaces;
+};
+declare class DeviceAuthentication extends CborStructure<DeviceAuthenticationEncodedStructure, DeviceAuthenticationDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodLiteral<"DeviceAuthentication">, z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>, z.ZodString, z.ZodCustom<DataItem<Map<string, Map<string, unknown>>>, DataItem<Map<string, Map<string, unknown>>>>], null>, z.ZodObject<{
+    sessionTranscript: z.ZodCustom<SessionTranscript, SessionTranscript>;
+    docType: z.ZodString;
+    deviceNamespaces: z.ZodCustom<DeviceNamespaces, DeviceNamespaces>;
+  }, z.core.$strip>>;
+  get sessionTranscript(): SessionTranscript;
+  get docType(): string;
+  get deviceNamespaces(): DeviceNamespaces;
+  static create(options: DeviceAuthenticationOptions): DeviceAuthentication;
+}
+//#endregion
+//#region src/mdoc/models/intent-to-retain.d.ts
+type IntentToRetain = boolean;
+//#endregion
+//#region src/mdoc/models/items-request.d.ts
+declare const namespacesSchema: z.ZodMap<z.ZodString, z.ZodMap<z.ZodString, z.ZodBoolean>>;
+declare const itemsRequestSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  docType: string;
+  nameSpaces: Map<string, Map<string, boolean>>;
+}, never>, TypedMap<{
+  docType: string;
+  nameSpaces: Map<string, Map<string, boolean>>;
+}, never>>>;
+type ItemsRequestEncodedStructure = z.input<typeof itemsRequestSchema>;
+type ItemsRequestDecodedStructure = z.output<typeof itemsRequestSchema>;
+type NamespacesStructure = z.infer<typeof namespacesSchema>;
+type ItemsRequestOptions = {
+  docType: DocType;
+  namespaces: NamespacesStructure | Record<Namespace, Record<DataElementIdentifier, IntentToRetain>>;
+};
+declare class ItemsRequest extends CborStructure<ItemsRequestEncodedStructure, ItemsRequestDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    docType: string;
+    nameSpaces: Map<string, Map<string, boolean>>;
+  }, never>, TypedMap<{
+    docType: string;
+    nameSpaces: Map<string, Map<string, boolean>>;
+  }, never>>>;
+  get docType(): string;
+  get namespaces(): Map<string, Map<string, boolean>>;
+  static create(options: ItemsRequestOptions): ItemsRequest;
+}
+//#endregion
+//#region src/mdoc/models/reader-authentication.d.ts
+declare const readerAuthenticationEncodedSchema: z.ZodTuple<[z.ZodLiteral<"ReaderAuthentication">, z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>, z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>], null>;
+declare const readerAuthenticationDecodedSchema: z.ZodObject<{
+  sessionTranscript: z.ZodCustom<SessionTranscript, SessionTranscript>;
+  itemsRequest: z.ZodCustom<ItemsRequest, ItemsRequest>;
+}, z.core.$strip>;
+type ReaderAuthenticationDecodedStructure = z.infer<typeof readerAuthenticationDecodedSchema>;
+type ReaderAuthenticationEncodedStructure = z.infer<typeof readerAuthenticationEncodedSchema>;
+type ReaderAuthenticationOptions = {
+  sessionTranscript: SessionTranscript;
+  itemsRequest: ItemsRequest;
+};
+declare class ReaderAuthentication extends CborStructure<ReaderAuthenticationEncodedStructure, ReaderAuthenticationDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodTuple<[z.ZodLiteral<"ReaderAuthentication">, z.ZodTuple<[z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodNullable<z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>>, z.ZodUnknown], null>, z.ZodCustom<DataItem<Map<unknown, unknown>>, DataItem<Map<unknown, unknown>>>], null>, z.ZodObject<{
+    sessionTranscript: z.ZodCustom<SessionTranscript, SessionTranscript>;
+    itemsRequest: z.ZodCustom<ItemsRequest, ItemsRequest>;
+  }, z.core.$strip>>;
+  get sessionTranscript(): SessionTranscript;
+  get itemsRequest(): ItemsRequest;
+  static create(options: ReaderAuthenticationOptions): ReaderAuthentication;
+}
+//#endregion
+//#region src/mdoc/models/reader-auth.d.ts
+type ReaderAuthEncodedStructure = Sign1EncodedStructure;
+type ReaderAuthDecodedStructure = Sign1DecodedStructure;
+type ReaderAuthOptions = Sign1Options;
+declare class ReaderAuth extends Sign1 {
+  verify(options: {
+    readerAuthentication: ReaderAuthentication | ReaderAuthenticationOptions;
+    verificationCallback?: VerificationCallback;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509'>): Promise<void>;
+  static create(options: ReaderAuthOptions, ctx: Pick<MdocContext, 'cose'>): Promise<ReaderAuth>;
+}
+//#endregion
+//#region src/mdoc/models/doc-request.d.ts
+declare const docRequestSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  itemsRequest: ItemsRequest;
+  readerAuth: ReaderAuth;
+}, "readerAuth">, TypedMap<{
+  itemsRequest: ItemsRequest;
+  readerAuth: ReaderAuth;
+}, "readerAuth">>>;
+type DocRequestDecodedStructure = z.output<typeof docRequestSchema>;
+type DocRequestEncodedStructure = z.input<typeof docRequestSchema>;
+type DocRequestOptions = {
+  itemsRequest: ItemsRequest;
+  readerAuth?: ReaderAuth;
+};
+declare class DocRequest extends CborStructure<DocRequestEncodedStructure, DocRequestDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    itemsRequest: ItemsRequest;
+    readerAuth: ReaderAuth;
+  }, "readerAuth">, TypedMap<{
+    itemsRequest: ItemsRequest;
+    readerAuth: ReaderAuth;
+  }, "readerAuth">>>;
+  get itemsRequest(): ItemsRequest;
+  get readerAuth(): ReaderAuth | undefined;
+  static create(options: DocRequestOptions): DocRequest;
+}
+//#endregion
+//#region src/mdoc/models/device-request.d.ts
+declare const deviceRequestSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  version: string;
+  docRequests: DocRequest[];
+}, never>, TypedMap<{
+  version: string;
+  docRequests: DocRequest[];
+}, never>>>;
+type DeviceRequestDecodedStructure = z.output<typeof deviceRequestSchema>;
+type DeviceRequestEncodedStructure = z.input<typeof deviceRequestSchema>;
+type DeviceRequestOptions = {
+  version?: string;
+  docRequests: Array<DocRequest>;
+};
+declare class DeviceRequest extends CborStructure<DeviceRequestEncodedStructure, DeviceRequestDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    version: string;
+    docRequests: DocRequest[];
+  }, never>, TypedMap<{
+    version: string;
+    docRequests: DocRequest[];
+  }, never>>>;
+  get version(): string;
+  get docRequests(): DocRequest[];
+  static create(options: DeviceRequestOptions): DeviceRequest;
+}
+//#endregion
+//#region src/mdoc/models/document-error.d.ts
+declare const documentErrorSchema: z.ZodMap<z.ZodString, z.ZodNumber>;
+type DocumentErrorStructure = z.infer<typeof documentErrorSchema>;
+type DocumentErrorOptions = {
+  documentError: DocumentErrorStructure;
+};
+declare class DocumentError extends CborStructure<DocumentErrorStructure> {
+  static get encodingSchema(): z.ZodMap<z.ZodString, z.ZodNumber>;
+  /**
+   * Map where keys are namespaces and values are error codes
+   */
+  get documentError(): Map<string, number>;
+  static create(options: DocumentErrorOptions): DocumentError;
+}
+//#endregion
+//#region src/mdoc/models/device-response.d.ts
+declare const deviceResponseEncodedSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  version: string;
+  status: number;
+  documents: unknown[];
+  documentErrors: unknown[];
+}, "documents" | "documentErrors">, TypedMap<{
+  version: string;
+  status: number;
+  documents: unknown[];
+  documentErrors: unknown[];
+}, "documents" | "documentErrors">>>;
+declare const deviceResponseDecodedSchema: z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+  version: string;
+  status: number;
+  documents: Document[];
+  documentErrors: DocumentError[];
+}, "documents" | "documentErrors">, TypedMap<{
+  version: string;
+  status: number;
+  documents: Document[];
+  documentErrors: DocumentError[];
+}, "documents" | "documentErrors">>>;
+type DeviceResponseEncodedStructure = z.input<typeof deviceResponseEncodedSchema>;
+type DeviceResponseDecodedStructure = z.output<typeof deviceResponseDecodedSchema>;
+type DeviceResponseOptions = {
+  version?: string;
+  documents?: Array<Document>;
+  documentErrors?: Array<DocumentError>;
+  status?: number;
+};
+declare class DeviceResponse extends CborStructure<DeviceResponseEncodedStructure, DeviceResponseDecodedStructure> {
+  static get encodingSchema(): z.ZodCodec<z.ZodMap<z.ZodUnknown, z.ZodUnknown>, z.ZodCustom<TypedMap<{
+    version: string;
+    status: number;
+    documents: Document[];
+    documentErrors: DocumentError[];
+  }, "documents" | "documentErrors">, TypedMap<{
+    version: string;
+    status: number;
+    documents: Document[];
+    documentErrors: DocumentError[];
+  }, "documents" | "documentErrors">>>;
+  get version(): string;
+  get documents(): Document[] | undefined;
+  get documentErrors(): DocumentError[] | undefined;
+  get status(): number;
+  verify(options: {
+    deviceRequest?: DeviceRequest;
+    sessionTranscript: SessionTranscript | Uint8Array;
+    ephemeralReaderKey?: CoseKey;
+    disableCertificateChainValidation?: boolean;
+    trustedCertificates: Uint8Array[];
+    now?: Date;
+    onCheck?: VerificationCallback;
+    skewSeconds?: number;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509' | 'crypto'>): Promise<void>;
+  get encodedForOid4Vp(): string;
+  static fromEncodedForOid4Vp(encoded: string): DeviceResponse;
+  private static create;
+  static createWithDeviceRequest(options: {
+    deviceRequest: DeviceRequest;
+    sessionTranscript: SessionTranscript | Uint8Array;
+    issuerSigned: Array<IssuerSigned>;
+    deviceNamespaces?: DeviceNamespaces;
+    mac?: {
+      ephemeralKey: CoseKey;
+      signingKey: CoseKey;
+    };
+    signature?: {
+      signingKey: CoseKey;
+    };
+  }, ctx: Pick<MdocContext, 'crypto' | 'cose'>): Promise<DeviceResponse>;
+  static createSimple(options: DeviceResponseOptions): DeviceResponse;
+}
+//#endregion
+//#region src/mdoc/models/digest.d.ts
+type Digest = Uint8Array;
+//#endregion
+//#region src/mdoc/models/errors.d.ts
+declare const errorsEncodedSchema: z$1.ZodMap<z$1.ZodString, z$1.ZodMap<z$1.ZodString, z$1.ZodNumber>>;
+declare const errorsDecodedSchema: z$1.ZodMap<z$1.ZodString, z$1.ZodCustom<ErrorItems, ErrorItems>>;
+type ErrorsEncodedStructure = z$1.infer<typeof errorsEncodedSchema>;
+type ErrorsDecodedStructure = z$1.infer<typeof errorsDecodedSchema>;
+type ErrorsOptions = {
+  errors: ErrorsDecodedStructure;
+};
+declare class Errors extends CborStructure<ErrorsEncodedStructure, ErrorsDecodedStructure> {
+  static get encodingSchema(): z$1.ZodCodec<z$1.ZodMap<z$1.ZodString, z$1.ZodMap<z$1.ZodString, z$1.ZodNumber>>, z$1.ZodMap<z$1.ZodString, z$1.ZodCustom<ErrorItems, ErrorItems>>>;
+}
+//#endregion
+//#region src/mdoc/models/nfc-handover.d.ts
+declare const nfcHandoverEncodedSchema: z$1.ZodTuple<[z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>], null>;
+declare const nfcHandoverDecodedSchema: z$1.ZodObject<{
+  selectMessage: z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+  requestMessage: z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+}, z$1.core.$strip>;
+type NfcHandoverEncodedStructure = z$1.infer<typeof nfcHandoverEncodedSchema>;
+type NfcHandoverDecodedStructure = z$1.infer<typeof nfcHandoverDecodedSchema>;
+type NfcHandoverOptions = {
+  selectMessage: Uint8Array;
+  requestMessage?: Uint8Array;
+};
+declare class NfcHandover extends Handover<NfcHandoverEncodedStructure, NfcHandoverDecodedStructure> {
+  static get encodingSchema(): z$1.ZodCodec<z$1.ZodTuple<[z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>, z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>], null>, z$1.ZodObject<{
+    selectMessage: z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>;
+    requestMessage: z$1.ZodNullable<z$1.ZodCustom<Uint8Array<ArrayBufferLike>, Uint8Array<ArrayBufferLike>>>;
+  }, z$1.core.$strip>>;
+  get selectMessage(): Uint8Array<ArrayBufferLike>;
+  get requestMessage(): Uint8Array<ArrayBufferLike> | null;
+  static create(options: NfcHandoverOptions): NfcHandover;
+  get requiresReaderKey(): boolean;
+  get requiresDeviceEngagement(): boolean;
+}
+//#endregion
+//#region src/mdoc/models/qr-handover.d.ts
+declare const qrHandoverSchema: z$1.ZodNull;
+type QrHandoverStructure = z$1.infer<typeof qrHandoverSchema>;
+declare class QrHandover extends Handover<QrHandoverStructure> {
+  static get encodingSchema(): z$1.ZodNull;
+  get requiresReaderKey(): boolean;
+  get requiresDeviceEngagement(): boolean;
+  static create(): QrHandover;
+}
+//#endregion
+//#region src/mdoc/builders/device-signed-builder.d.ts
+declare class DeviceSignedBuilder {
+  private docType;
+  private namespaces;
+  private ctx;
+  constructor(docType: DocType, ctx: Pick<MdocContext, 'cose' | 'crypto'>);
+  addDeviceNamespace(namespace: Namespace, value: Record<string, unknown>): this;
+  sign(options: {
+    signingKey: CoseKey;
+    algorithm: SignatureAlgorithm;
+    sessionTranscript: SessionTranscript;
+    derCertificate: string;
+  }): Promise<DeviceSigned>;
+  tag(options: {
+    publicKey: CoseKey;
+    privateKey: CoseKey;
+    sessionTranscript: SessionTranscript;
+    algorithm: MacAlgorithm;
+    derCertificate: string;
+  }): Promise<DeviceSigned>;
+}
+//#endregion
+//#region src/mdoc/builders/issuer-signed-builder.d.ts
+declare class IssuerSignedBuilder {
+  private docType;
+  private namespaces;
+  private ctx;
+  constructor(docType: DocType, ctx: Pick<MdocContext, 'cose' | 'crypto'>);
+  addIssuerNamespace(namespace: Namespace, values: Record<string, unknown> | Map<string, unknown>): this;
+  private convertIssuerNamespacesIntoValueDigests;
+  sign(options: {
+    signingKey: CoseKey;
+    algorithm: SignatureAlgorithm;
+    digestAlgorithm: DigestAlgorithm;
+    validityInfo: ValidityInfo | ValidityInfoOptions;
+    deviceKeyInfo: DeviceKeyInfo | DeviceKeyInfoOptions;
+    certificate: Uint8Array;
+  }): Promise<IssuerSigned>;
+}
+//#endregion
+//#region src/mdoc/errors.d.ts
+declare class MdlError extends Error {
+  constructor(message?: string);
+}
+declare class MdlParseError extends MdlError {}
+declare class PresentationDefinitionOrDocRequestsAreRequiredError extends MdlError {}
+declare class SessionTranscriptOrSessionTranscriptBytesAreRequiredError extends MdlError {}
+declare class DuplicateNamespaceInIssuerNamespacesError extends MdlError {}
+declare class DuplicateDocumentInDeviceResponseError extends MdlError {}
+declare class EitherSignatureOrMacMustBeProvidedError extends MdlError {}
+//#endregion
+//#region src/holder.d.ts
+declare class Holder {
+  /**
+   *
+   * string should be base64url encoded as defined in openid4vci Draft 15
+   *
+   */
+  static verifyIssuerSigned(options: {
+    issuerSigned: Uint8Array | string | IssuerSigned;
+    verificationCallback?: VerificationCallback;
+    now?: Date;
+    disableCertificateChainValidation?: boolean;
+    trustedCertificates?: Array<Uint8Array>;
+    skewSeconds?: number;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509'>): Promise<void>;
+  static verifyDeviceRequest(options: {
+    deviceRequest: Uint8Array | DeviceRequest;
+    sessionTranscript: Uint8Array | SessionTranscript;
+    verificationCallback?: VerificationCallback;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509'>): Promise<void>;
+  static createDeviceResponseForDeviceRequest(options: {
+    deviceRequest: DeviceRequest;
+    sessionTranscript: SessionTranscript | Uint8Array;
+    issuerSigned: Array<IssuerSigned>;
+    deviceNamespaces?: DeviceNamespaces;
+    mac?: {
+      ephemeralKey: CoseKey;
+      signingKey: CoseKey;
+    };
+    signature?: {
+      signingKey: CoseKey;
+    };
+  }, context: Pick<MdocContext, 'cose' | 'crypto'>): Promise<DeviceResponse>;
+}
+//#endregion
+//#region src/issuer.d.ts
+declare class Issuer {
+  private isb;
+  constructor(docType: DocType, ctx: Pick<MdocContext, 'cose' | 'crypto'>);
+  addIssuerNamespace(namespace: Namespace, value: Record<string | number, unknown>): this;
+  sign(options: {
+    signingKey: CoseKey | Record<string | number, unknown>;
+    algorithm: SignatureAlgorithm;
+    digestAlgorithm: DigestAlgorithm;
+    validityInfo: ValidityInfo | ValidityInfoOptions;
+    deviceKeyInfo: DeviceKeyInfo | DeviceKeyInfoOptions;
+    certificate: Uint8Array;
+  }): Promise<IssuerSigned>;
+}
+//#endregion
+//#region src/verifier.d.ts
+declare class Verifier {
+  static verifyDeviceResponse(options: {
+    deviceRequest?: DeviceRequest;
+    deviceResponse: Uint8Array | DeviceResponse;
+    sessionTranscript: SessionTranscript | Uint8Array;
+    ephemeralReaderKey?: CoseKey;
+    disableCertificateChainValidation?: boolean;
+    trustedCertificates: Uint8Array[];
+    now?: Date;
+    onCheck?: VerificationCallback;
+    skewSeconds?: number;
+  }, ctx: Pick<MdocContext, 'cose' | 'x509' | 'crypto'>): Promise<void>;
+}
+//#endregion
+export { BleOptions, BleOptionsDecodedStructure, BleOptionsEncodedStructure, BleOptionsOptions, CoseCertificateNotFoundError, CoseDNotDefinedError, CoseEphemeralMacKeyIsRequiredError, CoseInvalidAlgorithmError, CoseInvalidKtyForRawError, CoseInvalidSignatureError, CoseInvalidTypeForKeyError, CoseInvalidValueForKtyError, CoseKNotDefinedError, CoseKey, CoseKeyDecodedStructure, CoseKeyEncodedStructure, CoseKeyOptions, CoseKeyParameter, CoseKeyTypeNotSupportedForPrivateKeyExtractionError, CosePayloadInvalidStructureError, CosePayloadMustBeDefinedError, CosePayloadMustBeNullError, CoseUnsupportedMacError, CoseXNotDefinedError, CoseYNotDefinedError, Curve, DataElementIdentifier, DataElementValue, DataItem, DateOnly, DeviceAuth, DeviceAuthDecodedStructure, DeviceAuthEncodedStructure, DeviceAuthOptions, DeviceAuthentication, DeviceAuthenticationDecodedStructure, DeviceAuthenticationEncodedStructure, DeviceAuthenticationOptions, DeviceEngagement, DeviceEngagementDecodedStructure, DeviceEngagementEncodedStructure, DeviceEngagementOptions, DeviceKey, DeviceKeyDecodedStructure, DeviceKeyEncodedStructure, DeviceKeyInfo, DeviceKeyInfoDecodedStructure, DeviceKeyInfoEncodedStructure, DeviceKeyInfoOptions, DeviceKeyOptions, DeviceMac, DeviceMacDecodedStructure, DeviceMacEncodedStructure, DeviceMacOptions, DeviceNamespaces, DeviceNamespacesDecodedStructure, DeviceNamespacesEncodedStructure, DeviceNamespacesOptions, DeviceRequest, DeviceRequestDecodedStructure, DeviceRequestEncodedStructure, DeviceRequestOptions, DeviceResponse, DeviceResponseDecodedStructure, DeviceResponseEncodedStructure, DeviceResponseOptions, DeviceRetrievalMethod, DeviceRetrievalMethodDecodedStructure, DeviceRetrievalMethodEncodedStructure, DeviceRetrievalMethodOptions, DeviceRetrievalMethodType, DeviceSignature, DeviceSignatureDecodedStructure, DeviceSignatureEncodedStructure, DeviceSignatureOptions, DeviceSigned, DeviceSignedBuilder, DeviceSignedDecodedStructure, DeviceSignedEncodedStructure, DeviceSignedItems, DeviceSignedItemsOptions, DeviceSignedItemsStructure, DeviceSignedOptions, Digest, DigestAlgorithm, DigestId, DocRequest, DocRequestDecodedStructure, DocRequestEncodedStructure, DocRequestOptions, DocType, Document, DocumentDecodedStructure, DocumentEncodedStructure, DocumentError, DocumentErrorOptions, DocumentErrorStructure, DocumentOptions, DuplicateDocumentInDeviceResponseError, DuplicateNamespaceInIssuerNamespacesError, EDeviceKey, EDeviceKeyDecodedStructure, EDeviceKeyEncodedStructure, EDeviceKeyOptions, EReaderKey, EReaderKeyDecodedStructure, EReaderKeyEncodedStructure, EReaderKeyOptions, EitherSignatureOrMacMustBeProvidedError, EncryptionAlgorithm, ErrorCode, ErrorItems, ErrorItemsOptions, ErrorItemsStructure, Errors, ErrorsDecodedStructure, ErrorsEncodedStructure, ErrorsOptions, Header, Holder, IntentToRetain, Issuer, IssuerAuth, IssuerAuthEncodedStructure, IssuerAuthOptions, IssuerNamespaces, IssuerNamespacesDecodedStructure, IssuerNamespacesEncodedStructure, IssuerNamespacesOptions, IssuerSigned, IssuerSignedBuilder, IssuerSignedDecodedStructure, IssuerSignedEncodedStructure, IssuerSignedItem, IssuerSignedItemDecodedStructure, IssuerSignedItemEncodedStructure, IssuerSignedItemOptions, IssuerSignedOptions, ItemsRequest, ItemsRequestDecodedStructure, ItemsRequestEncodedStructure, ItemsRequestOptions, KeyAuthorizations, KeyAuthorizationsDecodedStructure, KeyAuthorizationsEncodedStructure, KeyAuthorizationsOptions, KeyInfo, KeyInfoDecodedStructure, KeyInfoEncodedStructure, KeyInfoOptions, KeyOps, KeyType, Mac0, Mac0DecodedStructure, Mac0EncodedStructure, Mac0Options, MacAlgorithm, MdlError, MdlParseError, MdocContext, MobileSecurityObject, MobileSecurityObjectDecodedStructure, MobileSecurityObjectEncodedStructure, MobileSecurityObjectOptions, Namespace, NfcHandover, NfcHandoverDecodedStructure, NfcHandoverEncodedStructure, NfcHandoverOptions, NfcOptions, NfcOptionsDecodedStructure, NfcOptionsEncodedStructure, NfcOptionsOptions, Oidc, OidcDecodedStructure, OidcEncodedStructure, OidcOptions, PresentationDefinitionOrDocRequestsAreRequiredError, ProtectedHeaderOptions, ProtectedHeaders, ProtectedHeadersDecodedStructure, ProtectedHeadersEncodedStructure, ProtocolInfo, ProtocolInfoStructure, QrHandover, QrHandoverStructure, ReaderAuth, ReaderAuthDecodedStructure, ReaderAuthEncodedStructure, ReaderAuthOptions, RetrievalOptions, Security, SecurityDecodedStructure, SecurityEncodedStructure, SecurityOptions, ServerRetrievalMethod, ServerRetrievalMethodDecodedStructure, ServerRetrievalMethodEncodedStructure, ServerRetrievalMethodOptions, SessionTranscript, SessionTranscriptDecodedStructure, SessionTranscriptEncodedStructure, SessionTranscriptOptions, SessionTranscriptOrSessionTranscriptBytesAreRequiredError, Sign1, Sign1DecodedStructure, Sign1EncodedStructure, Sign1Options, SignatureAlgorithm, TypedMap, UnprotectedHeaderOptions, UnprotectedHeaders, UnprotectedHeadersStructure, ValidityInfo, ValidityInfoDecodedStructure, ValidityInfoEncodedStructure, ValidityInfoOptions, ValueDigestOptions, ValueDigests, ValueDigestsStructure, VerificationAssessment, VerificationCallback, Verifier, WebApi, WebApiDecodedStructure, WebApiEncodedStructure, WebApiOptions, WifiOptions, WifiOptionsDecodedStructure, WifiOptionsEncodedStructure, WifiOptionsOptions, base64, base64url, bytesToString, cborDecode, cborEncode, compareBytes, concatBytes, coseKeyToJwk, coseOptionsJwkMap, defaultVerificationCallback, deviceSignedItemsSchema, errorItemsSchema, hex, issuerNamespacesDecodedSchema, issuerNamespacesEncodedSchema, issuerSignedItemSchema, jwkCoseOptionsMap, jwkToCoseKey, onCategoryCheck, protectedHeadersDecodedStructure, protectedHeadersEncodedStructure, sessionTranscriptEncodedSchema, stringToBytes, typedMap, unprotectedHeadersStructure };
+//# sourceMappingURL=index.d.mts.map