@sphereon/ssi-sdk-ext.jwt-service 0.28.1-feature.oyd.cmsm.improv.21 → 0.28.1-next.54

package/dist/index.d.cts

@@ -0,0 +1,278 @@
+import * as _sphereon_ssi_types from '@sphereon/ssi-types';
+import { JWK, IValidationResult, BaseJWK, JoseSignatureAlgorithm, JoseSignatureAlgorithmString } from '@sphereon/ssi-types';
+import { IAgentPlugin, IPluginMethodMap, IAgentContext, IKeyManager } from '@veramo/core';
+import { ManagedIdentifierOptsOrResult, IIdentifierResolution, ManagedIdentifierResult, ExternalIdentifierX5cOpts, ExternalIdentifierDidOpts, ExternalIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
+import { ClientIdScheme } from '@sphereon/ssi-sdk-ext.x509-utils';
+
+/**
+ * @public
+ */
+declare class JwtService implements IAgentPlugin {
+    readonly schema: any;
+    readonly methods: IJwtService;
+    private jwtPrepareJws;
+    private jwtCreateJwsJsonGeneralSignature;
+    private jwtCreateJwsJsonFlattenedSignature;
+    private jwtCreateJwsCompactSignature;
+    private jwtVerifyJwsSignature;
+    private jwtEncryptJweCompactJwt;
+    private jwtDecryptJweCompactJwt;
+}
+
+type IRequiredContext = IAgentContext<IIdentifierResolution & IKeyManager>;
+declare const jwtServiceContextMethods: Array<string>;
+interface IJwtService extends IPluginMethodMap {
+    jwtPrepareJws(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<PreparedJwsObject>;
+    jwtCreateJwsJsonGeneralSignature(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<JwsJsonGeneral>;
+    jwtCreateJwsJsonFlattenedSignature(args: CreateJwsFlattenedArgs, context: IRequiredContext): Promise<JwsJsonFlattened>;
+    jwtCreateJwsCompactSignature(args: CreateJwsCompactArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+    jwtVerifyJwsSignature(args: VerifyJwsArgs, context: IRequiredContext): Promise<IJwsValidationResult>;
+    jwtEncryptJweCompactJwt(args: EncryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+    jwtDecryptJweCompactJwt(args: DecryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+}
+type IJwsValidationResult = IValidationResult & {
+    jws: JwsJsonGeneralWithIdentifiers;
+};
+interface PreparedJws {
+    protectedHeader: JwsHeader;
+    payload: Uint8Array;
+    unprotectedHeader?: JwsHeader;
+    existingSignatures?: Array<JwsJsonSignature>;
+}
+interface JwsJsonSignature {
+    protected: string;
+    header?: JwsHeader;
+    signature: string;
+}
+/**
+ * The JWK representation of an ephemeral public key.
+ * See https://www.rfc-editor.org/rfc/rfc7518.html#section-6
+ */
+type EphemeralPublicKey = Omit<BaseJWK, 'alg'>;
+interface JweHeader extends Omit<BaseJwtHeader, 'alg'> {
+    alg: string;
+    enc: string;
+    jku?: string;
+    jwk?: BaseJWK;
+    epk?: EphemeralPublicKey;
+    x5u?: string;
+    x5c?: string[];
+    x5t?: string;
+    cty?: string;
+    crit?: string[];
+    [k: string]: any;
+}
+interface JweRecipientUnprotectedHeader {
+    alg: string;
+    iv: string;
+    tag: string;
+    epk?: EphemeralPublicKey;
+    kid?: string;
+    apv?: string;
+    apu?: string;
+}
+interface JweProtectedHeader extends Partial<JweHeader> {
+    zip?: 'DEF' | string;
+}
+type Jws = JwsCompact | JwsJsonFlattened | JwsJsonGeneral;
+type JwsCompact = string;
+interface JwsJsonFlattened {
+    payload: string;
+    protected: string;
+    header?: JwsHeader;
+    signature: string;
+}
+interface JwsJsonGeneral {
+    payload: string;
+    signatures: Array<JwsJsonSignature>;
+}
+interface JwsJsonGeneralWithIdentifiers extends JwsJsonGeneral {
+    signatures: Array<JwsJsonSignatureWithIdentifier>;
+}
+interface JwsJsonSignatureWithIdentifier extends JwsJsonSignature {
+    identifier: ExternalIdentifierResult;
+}
+type Jwe = JweCompact | JweJsonFlattened | JweJsonGeneral;
+type JweCompact = string;
+interface JweJsonFlattened {
+    protected: string;
+    unprotected: JweHeader;
+    header: JweHeader | JweRecipientUnprotectedHeader;
+    encrypted_key?: string;
+    aad?: string;
+    iv: string;
+    ciphertext: string;
+    tag?: string;
+}
+interface JweRecipient {
+    header?: JweRecipientUnprotectedHeader;
+    encrypted_key?: string;
+}
+interface JweJsonGeneral {
+    protected: string;
+    unprotected?: JweHeader;
+    recipients: Array<JweRecipient>;
+    aad?: string;
+    iv: string;
+    ciphertext: string;
+    tag?: string;
+}
+interface PreparedJwsObject {
+    jws: PreparedJws;
+    b64: {
+        payload: string;
+        protectedHeader: string;
+    };
+    identifier: ManagedIdentifierResult;
+}
+interface BaseJwtHeader {
+    typ?: string;
+    alg?: string;
+    kid?: string;
+}
+interface BaseJwtPayload {
+    iss?: string;
+    sub?: string;
+    aud?: string[] | string;
+    exp?: number;
+    nbf?: number;
+    iat?: number;
+    jti?: string;
+}
+interface JwsHeader extends BaseJwtHeader {
+    kid?: string;
+    jwk?: JWK;
+    x5c?: string[];
+    [key: string]: unknown;
+}
+interface JwsPayload extends BaseJwtPayload {
+    [key: string]: unknown;
+}
+interface JwsHeaderOpts {
+    alg: JoseSignatureAlgorithm | JoseSignatureAlgorithmString;
+}
+type JwsIdentifierMode = 'x5c' | 'kid' | 'jwk' | 'did' | 'auto';
+type EncryptJweCompactJwtArgs = {
+    payload: JwsPayload;
+    protectedHeader?: JweProtectedHeader | undefined;
+    aad?: Uint8Array | undefined;
+    recipientKey: ExternalIdentifierResult & {
+        kid?: string;
+    };
+    alg?: JweAlg;
+    enc?: JweEnc;
+    apu?: string;
+    apv?: string;
+    expirationTime?: number | string | Date;
+    issuer?: string;
+    audience?: string | string[];
+};
+type DecryptJweCompactJwtArgs = {
+    jwe: JweCompact;
+    idOpts: ManagedIdentifierOptsOrResult;
+};
+type CreateJwsArgs = {
+    mode?: JwsIdentifierMode;
+    issuer: ManagedIdentifierOptsOrResult & {
+        noIssPayloadUpdate?: boolean;
+        noIdentifierInHeader?: boolean;
+    };
+    clientId?: string;
+    clientIdScheme?: ClientIdScheme | 'did' | string;
+    protectedHeader: JwsHeader;
+    payload: JwsPayload | Uint8Array | string;
+};
+type CreateJweArgs = {
+    mode?: JwsIdentifierMode;
+    issuer: ManagedIdentifierOptsOrResult & {
+        noIssPayloadUpdate?: boolean;
+        noIdentifierInHeader?: boolean;
+    };
+    protectedHeader: JweProtectedHeader;
+    encryptedKey: string | EphemeralPublicKey;
+    iv: string;
+    ciphertext: string;
+    tag: string;
+};
+type CreateJwsCompactArgs = CreateJwsArgs;
+type CreateJwsFlattenedArgs = Exclude<CreateJwsJsonArgs, 'existingSignatures'>;
+type VerifyJwsArgs = {
+    jws: Jws;
+    jwk?: JWK;
+    opts?: {
+        x5c?: Omit<ExternalIdentifierX5cOpts, 'identifier'>;
+        did?: Omit<ExternalIdentifierDidOpts, 'identifier'>;
+    };
+};
+/**
+ * @public
+ */
+type CreateJwsJsonArgs = CreateJwsArgs & {
+    unprotectedHeader?: JwsHeader;
+    existingSignatures?: Array<JwsJsonSignature>;
+};
+type CreateJweJsonArgs = CreateJweArgs & {
+    unprotectedHeader?: JweHeader;
+};
+/**
+ * @public
+ */
+interface JwtCompactResult {
+    jwt: JwsCompact | JweCompact;
+}
+declare function isJwsCompact(jws: Jws): jws is JwsCompact;
+declare function isJweCompact(jwe: Jwe): jwe is JweCompact;
+declare function isJwsJsonFlattened(jws: Jws): jws is JwsJsonFlattened;
+declare function isJwsJsonGeneral(jws: Jws): jws is JwsJsonGeneral;
+declare function isJweJsonFlattened(jwe: Jwe): jwe is JweJsonFlattened;
+declare function isJweJsonGeneral(jwe: Jwe): jwe is JweJsonGeneral;
+declare function isJwsHeader(header: BaseJwtHeader & Record<string, any>): header is JwsHeader;
+declare function isJweHeader(header: BaseJwtHeader & Record<string, any>): header is JweHeader;
+declare const COMPACT_JWS_REGEX: RegExp;
+declare const COMPACT_JWE_REGEX: RegExp;
+declare const JweAlgs: readonly ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "dir", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW"];
+type JweAlg = (typeof JweAlgs)[number];
+declare function jweAlg(alg?: string | JweAlg): JweAlg | undefined;
+declare const JweEncs: readonly ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"];
+type JweEnc = (typeof JweEncs)[number];
+declare function jweEnc(alg?: string | JweEnc): JweEnc | undefined;
+
+declare const prepareJwsObject: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<PreparedJwsObject>;
+declare const createJwsCompact: (args: CreateJwsCompactArgs, context: IRequiredContext) => Promise<JwsCompact>;
+declare const createJwsJsonFlattened: (args: CreateJwsFlattenedArgs, context: IRequiredContext) => Promise<JwsJsonFlattened>;
+declare const createJwsJsonGeneral: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<JwsJsonGeneral>;
+/**
+ * Updates the JWT header to include x5c, kid, jwk objects using the supplied issuer identifier that will be used to sign. If not present will automatically make the header objects available
+ * @param mode The type of header to check or include
+ * @param identifier The identifier of the signer. This identifier will be used later to sign
+ * @param header The JWT header
+ * @param noIdentifierInHeader
+ * @param context
+ */
+declare const checkAndUpdateJwsHeader: ({ mode, identifier, header, noIdentifierInHeader, }: {
+    mode?: JwsIdentifierMode;
+    identifier: ManagedIdentifierResult;
+    noIdentifierInHeader?: boolean;
+    header: JwsHeader;
+}, context: IRequiredContext) => Promise<undefined>;
+declare const verifyJws: (args: VerifyJwsArgs, context: IAgentContext<IIdentifierResolution>) => Promise<IJwsValidationResult>;
+declare const toJwsJsonGeneral: ({ jws }: {
+    jws: Jws;
+}, context: IAgentContext<any>) => Promise<JwsJsonGeneral>;
+declare const toJwsJsonGeneralWithIdentifiers: (args: {
+    jws: Jws;
+    jwk?: JWK;
+    opts?: {
+        x5c?: Omit<ExternalIdentifierX5cOpts, "identifier">;
+        did?: Omit<ExternalIdentifierDidOpts, "identifier">;
+    };
+}, context: IAgentContext<IIdentifierResolution>) => Promise<JwsJsonGeneralWithIdentifiers>;
+
+/**
+ * @internal
+ */
+declare const schema: any;
+
+declare const JwtLogger: _sphereon_ssi_types.ISimpleLogger<unknown>;
+
+export { type BaseJwtHeader, type BaseJwtPayload, COMPACT_JWE_REGEX, COMPACT_JWS_REGEX, type CreateJweArgs, type CreateJweJsonArgs, type CreateJwsArgs, type CreateJwsCompactArgs, type CreateJwsFlattenedArgs, type CreateJwsJsonArgs, type DecryptJweCompactJwtArgs, type EncryptJweCompactJwtArgs, type EphemeralPublicKey, type IJwsValidationResult, type IJwtService, type IRequiredContext, type Jwe, type JweAlg, JweAlgs, type JweCompact, type JweEnc, JweEncs, type JweHeader, type JweJsonFlattened, type JweJsonGeneral, type JweProtectedHeader, type JweRecipient, type JweRecipientUnprotectedHeader, type Jws, type JwsCompact, type JwsHeader, type JwsHeaderOpts, type JwsIdentifierMode, type JwsJsonFlattened, type JwsJsonGeneral, type JwsJsonGeneralWithIdentifiers, type JwsJsonSignature, type JwsJsonSignatureWithIdentifier, type JwsPayload, type JwtCompactResult, JwtLogger, JwtService, type PreparedJws, type PreparedJwsObject, type VerifyJwsArgs, checkAndUpdateJwsHeader, createJwsCompact, createJwsJsonFlattened, createJwsJsonGeneral, isJweCompact, isJweHeader, isJweJsonFlattened, isJweJsonGeneral, isJwsCompact, isJwsHeader, isJwsJsonFlattened, isJwsJsonGeneral, jweAlg, jweEnc, jwtServiceContextMethods, prepareJwsObject, schema, toJwsJsonGeneral, toJwsJsonGeneralWithIdentifiers, verifyJws };

package/dist/index.d.ts

@@ -1,13 +1,278 @@
+import * as _sphereon_ssi_types from '@sphereon/ssi-types';
+import { JWK, IValidationResult, BaseJWK, JoseSignatureAlgorithm, JoseSignatureAlgorithmString } from '@sphereon/ssi-types';
+import { IAgentPlugin, IPluginMethodMap, IAgentContext, IKeyManager } from '@veramo/core';
+import { ManagedIdentifierOptsOrResult, IIdentifierResolution, ManagedIdentifierResult, ExternalIdentifierX5cOpts, ExternalIdentifierDidOpts, ExternalIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
+import { ClientIdScheme } from '@sphereon/ssi-sdk-ext.x509-utils';
+
 /**
- * @internal
+ * @public
  */
-declare const schema: any;
-export { schema };
-export declare const JwtLogger: import("@sphereon/ssi-types").ISimpleLogger<unknown>;
+declare class JwtService implements IAgentPlugin {
+    readonly schema: any;
+    readonly methods: IJwtService;
+    private jwtPrepareJws;
+    private jwtCreateJwsJsonGeneralSignature;
+    private jwtCreateJwsJsonFlattenedSignature;
+    private jwtCreateJwsCompactSignature;
+    private jwtVerifyJwsSignature;
+    private jwtEncryptJweCompactJwt;
+    private jwtDecryptJweCompactJwt;
+}
+
+type IRequiredContext = IAgentContext<IIdentifierResolution & IKeyManager>;
+declare const jwtServiceContextMethods: Array<string>;
+interface IJwtService extends IPluginMethodMap {
+    jwtPrepareJws(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<PreparedJwsObject>;
+    jwtCreateJwsJsonGeneralSignature(args: CreateJwsJsonArgs, context: IRequiredContext): Promise<JwsJsonGeneral>;
+    jwtCreateJwsJsonFlattenedSignature(args: CreateJwsFlattenedArgs, context: IRequiredContext): Promise<JwsJsonFlattened>;
+    jwtCreateJwsCompactSignature(args: CreateJwsCompactArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+    jwtVerifyJwsSignature(args: VerifyJwsArgs, context: IRequiredContext): Promise<IJwsValidationResult>;
+    jwtEncryptJweCompactJwt(args: EncryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+    jwtDecryptJweCompactJwt(args: DecryptJweCompactJwtArgs, context: IRequiredContext): Promise<JwtCompactResult>;
+}
+type IJwsValidationResult = IValidationResult & {
+    jws: JwsJsonGeneralWithIdentifiers;
+};
+interface PreparedJws {
+    protectedHeader: JwsHeader;
+    payload: Uint8Array;
+    unprotectedHeader?: JwsHeader;
+    existingSignatures?: Array<JwsJsonSignature>;
+}
+interface JwsJsonSignature {
+    protected: string;
+    header?: JwsHeader;
+    signature: string;
+}
+/**
+ * The JWK representation of an ephemeral public key.
+ * See https://www.rfc-editor.org/rfc/rfc7518.html#section-6
+ */
+type EphemeralPublicKey = Omit<BaseJWK, 'alg'>;
+interface JweHeader extends Omit<BaseJwtHeader, 'alg'> {
+    alg: string;
+    enc: string;
+    jku?: string;
+    jwk?: BaseJWK;
+    epk?: EphemeralPublicKey;
+    x5u?: string;
+    x5c?: string[];
+    x5t?: string;
+    cty?: string;
+    crit?: string[];
+    [k: string]: any;
+}
+interface JweRecipientUnprotectedHeader {
+    alg: string;
+    iv: string;
+    tag: string;
+    epk?: EphemeralPublicKey;
+    kid?: string;
+    apv?: string;
+    apu?: string;
+}
+interface JweProtectedHeader extends Partial<JweHeader> {
+    zip?: 'DEF' | string;
+}
+type Jws = JwsCompact | JwsJsonFlattened | JwsJsonGeneral;
+type JwsCompact = string;
+interface JwsJsonFlattened {
+    payload: string;
+    protected: string;
+    header?: JwsHeader;
+    signature: string;
+}
+interface JwsJsonGeneral {
+    payload: string;
+    signatures: Array<JwsJsonSignature>;
+}
+interface JwsJsonGeneralWithIdentifiers extends JwsJsonGeneral {
+    signatures: Array<JwsJsonSignatureWithIdentifier>;
+}
+interface JwsJsonSignatureWithIdentifier extends JwsJsonSignature {
+    identifier: ExternalIdentifierResult;
+}
+type Jwe = JweCompact | JweJsonFlattened | JweJsonGeneral;
+type JweCompact = string;
+interface JweJsonFlattened {
+    protected: string;
+    unprotected: JweHeader;
+    header: JweHeader | JweRecipientUnprotectedHeader;
+    encrypted_key?: string;
+    aad?: string;
+    iv: string;
+    ciphertext: string;
+    tag?: string;
+}
+interface JweRecipient {
+    header?: JweRecipientUnprotectedHeader;
+    encrypted_key?: string;
+}
+interface JweJsonGeneral {
+    protected: string;
+    unprotected?: JweHeader;
+    recipients: Array<JweRecipient>;
+    aad?: string;
+    iv: string;
+    ciphertext: string;
+    tag?: string;
+}
+interface PreparedJwsObject {
+    jws: PreparedJws;
+    b64: {
+        payload: string;
+        protectedHeader: string;
+    };
+    identifier: ManagedIdentifierResult;
+}
+interface BaseJwtHeader {
+    typ?: string;
+    alg?: string;
+    kid?: string;
+}
+interface BaseJwtPayload {
+    iss?: string;
+    sub?: string;
+    aud?: string[] | string;
+    exp?: number;
+    nbf?: number;
+    iat?: number;
+    jti?: string;
+}
+interface JwsHeader extends BaseJwtHeader {
+    kid?: string;
+    jwk?: JWK;
+    x5c?: string[];
+    [key: string]: unknown;
+}
+interface JwsPayload extends BaseJwtPayload {
+    [key: string]: unknown;
+}
+interface JwsHeaderOpts {
+    alg: JoseSignatureAlgorithm | JoseSignatureAlgorithmString;
+}
+type JwsIdentifierMode = 'x5c' | 'kid' | 'jwk' | 'did' | 'auto';
+type EncryptJweCompactJwtArgs = {
+    payload: JwsPayload;
+    protectedHeader?: JweProtectedHeader | undefined;
+    aad?: Uint8Array | undefined;
+    recipientKey: ExternalIdentifierResult & {
+        kid?: string;
+    };
+    alg?: JweAlg;
+    enc?: JweEnc;
+    apu?: string;
+    apv?: string;
+    expirationTime?: number | string | Date;
+    issuer?: string;
+    audience?: string | string[];
+};
+type DecryptJweCompactJwtArgs = {
+    jwe: JweCompact;
+    idOpts: ManagedIdentifierOptsOrResult;
+};
+type CreateJwsArgs = {
+    mode?: JwsIdentifierMode;
+    issuer: ManagedIdentifierOptsOrResult & {
+        noIssPayloadUpdate?: boolean;
+        noIdentifierInHeader?: boolean;
+    };
+    clientId?: string;
+    clientIdScheme?: ClientIdScheme | 'did' | string;
+    protectedHeader: JwsHeader;
+    payload: JwsPayload | Uint8Array | string;
+};
+type CreateJweArgs = {
+    mode?: JwsIdentifierMode;
+    issuer: ManagedIdentifierOptsOrResult & {
+        noIssPayloadUpdate?: boolean;
+        noIdentifierInHeader?: boolean;
+    };
+    protectedHeader: JweProtectedHeader;
+    encryptedKey: string | EphemeralPublicKey;
+    iv: string;
+    ciphertext: string;
+    tag: string;
+};
+type CreateJwsCompactArgs = CreateJwsArgs;
+type CreateJwsFlattenedArgs = Exclude<CreateJwsJsonArgs, 'existingSignatures'>;
+type VerifyJwsArgs = {
+    jws: Jws;
+    jwk?: JWK;
+    opts?: {
+        x5c?: Omit<ExternalIdentifierX5cOpts, 'identifier'>;
+        did?: Omit<ExternalIdentifierDidOpts, 'identifier'>;
+    };
+};
+/**
+ * @public
+ */
+type CreateJwsJsonArgs = CreateJwsArgs & {
+    unprotectedHeader?: JwsHeader;
+    existingSignatures?: Array<JwsJsonSignature>;
+};
+type CreateJweJsonArgs = CreateJweArgs & {
+    unprotectedHeader?: JweHeader;
+};
 /**
  * @public
  */
-export { JwtService } from './agent/JwtService';
-export * from './functions';
-export * from './types/IJwtService';
-//# sourceMappingURL=index.d.ts.map
+interface JwtCompactResult {
+    jwt: JwsCompact | JweCompact;
+}
+declare function isJwsCompact(jws: Jws): jws is JwsCompact;
+declare function isJweCompact(jwe: Jwe): jwe is JweCompact;
+declare function isJwsJsonFlattened(jws: Jws): jws is JwsJsonFlattened;
+declare function isJwsJsonGeneral(jws: Jws): jws is JwsJsonGeneral;
+declare function isJweJsonFlattened(jwe: Jwe): jwe is JweJsonFlattened;
+declare function isJweJsonGeneral(jwe: Jwe): jwe is JweJsonGeneral;
+declare function isJwsHeader(header: BaseJwtHeader & Record<string, any>): header is JwsHeader;
+declare function isJweHeader(header: BaseJwtHeader & Record<string, any>): header is JweHeader;
+declare const COMPACT_JWS_REGEX: RegExp;
+declare const COMPACT_JWE_REGEX: RegExp;
+declare const JweAlgs: readonly ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "dir", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW"];
+type JweAlg = (typeof JweAlgs)[number];
+declare function jweAlg(alg?: string | JweAlg): JweAlg | undefined;
+declare const JweEncs: readonly ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"];
+type JweEnc = (typeof JweEncs)[number];
+declare function jweEnc(alg?: string | JweEnc): JweEnc | undefined;
+
+declare const prepareJwsObject: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<PreparedJwsObject>;
+declare const createJwsCompact: (args: CreateJwsCompactArgs, context: IRequiredContext) => Promise<JwsCompact>;
+declare const createJwsJsonFlattened: (args: CreateJwsFlattenedArgs, context: IRequiredContext) => Promise<JwsJsonFlattened>;
+declare const createJwsJsonGeneral: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<JwsJsonGeneral>;
+/**
+ * Updates the JWT header to include x5c, kid, jwk objects using the supplied issuer identifier that will be used to sign. If not present will automatically make the header objects available
+ * @param mode The type of header to check or include
+ * @param identifier The identifier of the signer. This identifier will be used later to sign
+ * @param header The JWT header
+ * @param noIdentifierInHeader
+ * @param context
+ */
+declare const checkAndUpdateJwsHeader: ({ mode, identifier, header, noIdentifierInHeader, }: {
+    mode?: JwsIdentifierMode;
+    identifier: ManagedIdentifierResult;
+    noIdentifierInHeader?: boolean;
+    header: JwsHeader;
+}, context: IRequiredContext) => Promise<undefined>;
+declare const verifyJws: (args: VerifyJwsArgs, context: IAgentContext<IIdentifierResolution>) => Promise<IJwsValidationResult>;
+declare const toJwsJsonGeneral: ({ jws }: {
+    jws: Jws;
+}, context: IAgentContext<any>) => Promise<JwsJsonGeneral>;
+declare const toJwsJsonGeneralWithIdentifiers: (args: {
+    jws: Jws;
+    jwk?: JWK;
+    opts?: {
+        x5c?: Omit<ExternalIdentifierX5cOpts, "identifier">;
+        did?: Omit<ExternalIdentifierDidOpts, "identifier">;
+    };
+}, context: IAgentContext<IIdentifierResolution>) => Promise<JwsJsonGeneralWithIdentifiers>;
+
+/**
+ * @internal
+ */
+declare const schema: any;
+
+declare const JwtLogger: _sphereon_ssi_types.ISimpleLogger<unknown>;
+
+export { type BaseJwtHeader, type BaseJwtPayload, COMPACT_JWE_REGEX, COMPACT_JWS_REGEX, type CreateJweArgs, type CreateJweJsonArgs, type CreateJwsArgs, type CreateJwsCompactArgs, type CreateJwsFlattenedArgs, type CreateJwsJsonArgs, type DecryptJweCompactJwtArgs, type EncryptJweCompactJwtArgs, type EphemeralPublicKey, type IJwsValidationResult, type IJwtService, type IRequiredContext, type Jwe, type JweAlg, JweAlgs, type JweCompact, type JweEnc, JweEncs, type JweHeader, type JweJsonFlattened, type JweJsonGeneral, type JweProtectedHeader, type JweRecipient, type JweRecipientUnprotectedHeader, type Jws, type JwsCompact, type JwsHeader, type JwsHeaderOpts, type JwsIdentifierMode, type JwsJsonFlattened, type JwsJsonGeneral, type JwsJsonGeneralWithIdentifiers, type JwsJsonSignature, type JwsJsonSignatureWithIdentifier, type JwsPayload, type JwtCompactResult, JwtLogger, JwtService, type PreparedJws, type PreparedJwsObject, type VerifyJwsArgs, checkAndUpdateJwsHeader, createJwsCompact, createJwsJsonFlattened, createJwsJsonGeneral, isJweCompact, isJweHeader, isJweJsonFlattened, isJweJsonGeneral, isJwsCompact, isJwsHeader, isJwsJsonFlattened, isJwsJsonGeneral, jweAlg, jweEnc, jwtServiceContextMethods, prepareJwsObject, schema, toJwsJsonGeneral, toJwsJsonGeneralWithIdentifiers, verifyJws };