@sphereon/ssi-sdk.kms-rest-client 0.34.1-feature.IDK.11.48

package/dist/index.d.ts

@@ -0,0 +1,1468 @@
+import { IPluginMethodMap, IAgentContext, IAgentPlugin } from '@veramo/core';
+import { BearerTokenArg } from '@sphereon/ssi-types';
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * COSE key type parameter. 1=OKP (Octet Key Pair), 2=EC2 (Elliptic Curve), 3=RSA, 4=Symmetric.
+ * @export
+ */
+declare const CoseKeyType: {
+    readonly NUMBER_1: 1;
+    readonly NUMBER_2: 2;
+    readonly NUMBER_3: 3;
+    readonly NUMBER_4: 4;
+};
+type CoseKeyType = typeof CoseKeyType[keyof typeof CoseKeyType];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a COSE (CBOR Object Signing and Encryption) key in JSON format.
+ * @export
+ * @interface CoseKey
+ */
+interface CoseKey {
+    /**
+     *
+     * @type {CoseKeyType}
+     * @memberof CoseKey
+     */
+    kty: CoseKeyType;
+    /**
+     * Key identifier (base64url-encoded byte string).
+     * @type {string}
+     * @memberof CoseKey
+     */
+    kid?: string;
+    /**
+     * The COSE algorithm identifier (e.g., -7=ES256, -35=ES384, -36=ES512, -8=EdDSA).
+     * @type {number}
+     * @memberof CoseKey
+     */
+    alg?: number;
+    /**
+     * The allowed COSE key operations (1=sign, 2=verify, 3=encrypt, 4=decrypt, etc.).
+     * @type {Array<number>}
+     * @memberof CoseKey
+     */
+    keyOps?: Array<number>;
+    /**
+     * Base initialization vector (base64url-encoded).
+     * @type {string}
+     * @memberof CoseKey
+     */
+    baseIV?: string;
+    /**
+     * The COSE curve identifier (1=P-256, 2=P-384, 3=P-521, 8=secp256k1, 6=Ed25519, etc.).
+     * @type {number}
+     * @memberof CoseKey
+     */
+    crv?: number;
+    /**
+     * The x coordinate (base64url-encoded byte string).
+     * @type {string}
+     * @memberof CoseKey
+     */
+    x?: string;
+    /**
+     * The y coordinate (base64url-encoded byte string).
+     * @type {string}
+     * @memberof CoseKey
+     */
+    y?: string;
+    /**
+     * The private key parameter (base64url-encoded byte string).
+     * @type {string}
+     * @memberof CoseKey
+     */
+    d?: string;
+    /**
+     * X.509 certificate chain as base64-encoded certificates.
+     * @type {Array<string>}
+     * @memberof CoseKey
+     */
+    x5chain?: Array<string>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a cryptographic key pair for COSE (CBOR Object Signing and Encryption) operations.
+ * @export
+ * @interface CoseKeyPair
+ */
+interface CoseKeyPair {
+    /**
+     *
+     * @type {CoseKey}
+     * @memberof CoseKeyPair
+     */
+    privateCoseKey?: CoseKey;
+    /**
+     *
+     * @type {CoseKey}
+     * @memberof CoseKeyPair
+     */
+    publicCoseKey: CoseKey;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * The type of Key Provider. Determines the required configuration settings. - AZURE_KEYVAULT: Microsoft Azure Key Vault or Managed HSM. - AWS_KMS: Amazon Web Services Key Management Service.
+ * @export
+ */
+declare const KeyProviderType: {
+    readonly Software: "SOFTWARE";
+    readonly AzureKeyvault: "AZURE_KEYVAULT";
+    readonly AwsKms: "AWS_KMS";
+};
+type KeyProviderType = typeof KeyProviderType[keyof typeof KeyProviderType];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Cryptographic key type identifier.
+ * @export
+ */
+declare const KeyType: {
+    readonly Okp: "OKP";
+    readonly Ec: "EC";
+    readonly Rsa: "RSA";
+};
+type KeyType = typeof KeyType[keyof typeof KeyType];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Indicates the visibility status of a cryptographic key.
+ * @export
+ */
+declare const KeyVisibility: {
+    readonly Public: "PUBLIC";
+    readonly Private: "PRIVATE";
+};
+type KeyVisibility = typeof KeyVisibility[keyof typeof KeyVisibility];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Cryptographic signature algorithm identifier.
+ * @export
+ */
+declare const SignatureAlgorithm: {
+    readonly Ed25519: "ED25519";
+    readonly EcdsaSha256: "ECDSA_SHA256";
+    readonly EcdsaSha384: "ECDSA_SHA384";
+    readonly EcdsaSha512: "ECDSA_SHA512";
+    readonly Es256K: "ES256K";
+    readonly EckaDhSha256: "ECKA_DH_SHA256";
+    readonly HmacSha256: "HMAC_SHA256";
+    readonly HmacSha384: "HMAC_SHA384";
+    readonly HmacSha512: "HMAC_SHA512";
+    readonly RsaSsaPssSha256Mgf1: "RSA_SSA_PSS_SHA256_MGF1";
+    readonly RsaSsaPssSha384Mgf1: "RSA_SSA_PSS_SHA384_MGF1";
+    readonly RsaSsaPssSha512Mgf1: "RSA_SSA_PSS_SHA512_MGF1";
+};
+type SignatureAlgorithm = typeof SignatureAlgorithm[keyof typeof SignatureAlgorithm];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * The encoding format of the cryptographic key.
+ * @export
+ */
+declare const KeyEncoding: {
+    readonly Cose: "COSE";
+    readonly Jose: "JOSE";
+};
+type KeyEncoding = typeof KeyEncoding[keyof typeof KeyEncoding];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Elliptic curve identifier.
+ * @export
+ */
+declare const Curve: {
+    readonly P256: "P-256";
+    readonly P384: "P-384";
+    readonly P521: "P-521";
+    readonly Secp256k1: "secp256k1";
+    readonly Ed25519: "Ed25519";
+    readonly Ed448: "Ed448";
+    readonly X25519: "X25519";
+    readonly X448: "X448";
+};
+type Curve = typeof Curve[keyof typeof Curve];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Specific operations the key is intended for.
+ * @export
+ */
+declare const KeyOperations: {
+    readonly Sign: "sign";
+    readonly Verify: "verify";
+    readonly Encrypt: "encrypt";
+    readonly Decrypt: "decrypt";
+    readonly WrapKey: "wrapKey";
+    readonly UnwrapKey: "unwrapKey";
+    readonly DeriveKey: "deriveKey";
+    readonly DeriveBits: "deriveBits";
+};
+type KeyOperations = typeof KeyOperations[keyof typeof KeyOperations];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Intended use of the key (signing or encryption).
+ * @export
+ */
+declare const JwkUse: {
+    readonly Sig: "sig";
+    readonly Enc: "enc";
+};
+type JwkUse = typeof JwkUse[keyof typeof JwkUse];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * JSON Web Key (JWK) key type parameter identifying the cryptographic algorithm family.
+ * @export
+ */
+declare const JwkKeyType: {
+    readonly Ec: "EC";
+    readonly Rsa: "RSA";
+    readonly Okp: "OKP";
+    readonly Oct: "oct";
+};
+type JwkKeyType = typeof JwkKeyType[keyof typeof JwkKeyType];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a JSON Web Key (JWK) as defined by the JSON Web Key specification.
+ * @export
+ * @interface Jwk
+ */
+interface Jwk {
+    /**
+     *
+     * @type {JwkKeyType}
+     * @memberof Jwk
+     */
+    kty: JwkKeyType;
+    /**
+     * Key identifier used to uniquely identify the key.
+     * @type {string}
+     * @memberof Jwk
+     */
+    kid?: string;
+    /**
+     * The algorithm intended for use with the key (JWA algorithm name).
+     * @type {string}
+     * @memberof Jwk
+     */
+    alg?: string;
+    /**
+     *
+     * @type {JwkUse}
+     * @memberof Jwk
+     */
+    use?: JwkUse;
+    /**
+     * The allowed cryptographic operations for the key.
+     * @type {Array<KeyOperations>}
+     * @memberof Jwk
+     */
+    keyOps?: Array<KeyOperations>;
+    /**
+     *
+     * @type {Curve}
+     * @memberof Jwk
+     */
+    crv?: Curve;
+    /**
+     * The x coordinate for elliptic curve keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    x?: string;
+    /**
+     * The y coordinate for elliptic curve keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    y?: string;
+    /**
+     * The private key parameter (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    d?: string;
+    /**
+     * The modulus value for RSA keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    n?: string;
+    /**
+     * The public exponent for RSA keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    e?: string;
+    /**
+     * The first prime factor for RSA private keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    p?: string;
+    /**
+     * The second prime factor for RSA private keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    q?: string;
+    /**
+     * The first factor CRT exponent for RSA private keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    dp?: string;
+    /**
+     * The second factor CRT exponent for RSA private keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    dq?: string;
+    /**
+     * The first CRT coefficient for RSA private keys (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    qi?: string;
+    /**
+     * The symmetric key value (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    k?: string;
+    /**
+     * X.509 certificate chain as base64-encoded DER certificates.
+     * @type {Array<string>}
+     * @memberof Jwk
+     */
+    x5c?: Array<string>;
+    /**
+     * X.509 certificate SHA-1 thumbprint (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    x5t?: string;
+    /**
+     * URL pointing to X.509 certificate or certificate chain.
+     * @type {string}
+     * @memberof Jwk
+     */
+    x5u?: string;
+    /**
+     * X.509 certificate SHA-256 thumbprint (base64url-encoded).
+     * @type {string}
+     * @memberof Jwk
+     */
+    x5tS256?: string;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Information about a cryptographic key, providing metadata and configuration details necessary for cryptographic operations.
+ * @export
+ * @interface KeyInfo
+ */
+interface KeyInfo {
+    /**
+     * Unique identifier for the cryptographic key. Can be null if the key identifier is not provided.
+     * @type {string}
+     * @memberof KeyInfo
+     */
+    kid?: string;
+    /**
+     *
+     * @type {Jwk}
+     * @memberof KeyInfo
+     */
+    key?: Jwk;
+    /**
+     *
+     * @type {SignatureAlgorithm}
+     * @memberof KeyInfo
+     */
+    signatureAlgorithm?: SignatureAlgorithm;
+    /**
+     *
+     * @type {KeyVisibility}
+     * @memberof KeyInfo
+     */
+    keyVisibility?: KeyVisibility;
+    /**
+     * X.509 certificate chain associated with the key.
+     * @type {Array<string>}
+     * @memberof KeyInfo
+     */
+    x5c?: Array<string>;
+    /**
+     * A reference or alias to the key in the Key Management Service (KMS).
+     * @type {string}
+     * @memberof KeyInfo
+     */
+    alias?: string;
+    /**
+     * The Key Management System (KMS) identifier associated with the key.
+     * @type {string}
+     * @memberof KeyInfo
+     */
+    providerId?: string;
+    /**
+     *
+     * @type {KeyType}
+     * @memberof KeyInfo
+     */
+    keyType?: KeyType;
+    /**
+     *
+     * @type {KeyEncoding}
+     * @memberof KeyInfo
+     */
+    keyEncoding?: KeyEncoding;
+    /**
+     * Additional configuration options as key-value pairs.
+     * @type {{ [key: string]: string; }}
+     * @memberof KeyInfo
+     */
+    opts?: {
+        [key: string]: string;
+    };
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Request body for creating a raw signature.
+ * @export
+ * @interface CreateRawSignature
+ */
+interface CreateRawSignature {
+    /**
+     *
+     * @type {KeyInfo}
+     * @memberof CreateRawSignature
+     */
+    keyInfo: KeyInfo;
+    /**
+     *
+     * @type {string}
+     * @memberof CreateRawSignature
+     */
+    input: string;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Response body containing the created signature.
+ * @export
+ * @interface CreateRawSignatureResponse
+ */
+interface CreateRawSignatureResponse {
+    /**
+     * The created signature encoded as a base64 string.
+     * @type {string}
+     * @memberof CreateRawSignatureResponse
+     */
+    signature: string;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Parameters for key generation.
+ * @export
+ * @interface GenerateKey
+ */
+interface GenerateKey {
+    /**
+     * Alias for the generated key.
+     * @type {string}
+     * @memberof GenerateKey
+     */
+    alias?: string;
+    /**
+     *
+     * @type {JwkUse}
+     * @memberof GenerateKey
+     */
+    use?: JwkUse;
+    /**
+     *
+     * @type {Array<KeyOperations>}
+     * @memberof GenerateKey
+     */
+    keyOperations?: Array<KeyOperations>;
+    /**
+     *
+     * @type {SignatureAlgorithm}
+     * @memberof GenerateKey
+     */
+    alg?: SignatureAlgorithm;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Parameters for global key generation with optional provider specification.
+ * @export
+ * @interface GenerateKeyGlobal
+ */
+interface GenerateKeyGlobal {
+    /**
+     * Alias for the generated key.
+     * @type {string}
+     * @memberof GenerateKeyGlobal
+     */
+    alias?: string;
+    /**
+     *
+     * @type {JwkUse}
+     * @memberof GenerateKeyGlobal
+     */
+    use?: JwkUse;
+    /**
+     *
+     * @type {Array<KeyOperations>}
+     * @memberof GenerateKeyGlobal
+     */
+    keyOperations?: Array<KeyOperations>;
+    /**
+     *
+     * @type {SignatureAlgorithm}
+     * @memberof GenerateKeyGlobal
+     */
+    alg?: SignatureAlgorithm;
+    /**
+     * Optional provider ID. If not specified, the default provider will be used.
+     * @type {string}
+     * @memberof GenerateKeyGlobal
+     */
+    providerId?: string;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Data class representing a cryptographic key pair used with JOSE (JSON Object Signing and Encryption).
+ * @export
+ * @interface JoseKeyPair
+ */
+interface JoseKeyPair {
+    /**
+     *
+     * @type {Jwk}
+     * @memberof JoseKeyPair
+     */
+    privateJwk?: Jwk;
+    /**
+     *
+     * @type {Jwk}
+     * @memberof JoseKeyPair
+     */
+    publicJwk: Jwk;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a key pair used by a crypto provider, encapsulating both JOSE and COSE key pairs.
+ * @export
+ * @interface ManagedKeyPair
+ */
+interface ManagedKeyPair {
+    /**
+     * Key identifier, may be null.
+     * @type {string}
+     * @memberof ManagedKeyPair
+     */
+    kid?: string;
+    /**
+     * Key Management System identifier.
+     * @type {string}
+     * @memberof ManagedKeyPair
+     */
+    providerId: string;
+    /**
+     * Reference to the key in the KMS.
+     * @type {string}
+     * @memberof ManagedKeyPair
+     */
+    alias: string;
+    /**
+     *
+     * @type {CoseKeyPair}
+     * @memberof ManagedKeyPair
+     */
+    cose: CoseKeyPair;
+    /**
+     *
+     * @type {JoseKeyPair}
+     * @memberof ManagedKeyPair
+     */
+    jose: JoseKeyPair;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a managed cryptographic key information that is guaranteed to be present and resolved, part of a KMS providing concrete access to the key.
+ * @export
+ * @interface ManagedKeyInfo
+ */
+interface ManagedKeyInfo {
+    /**
+     * Unique identifier for the cryptographic key. Can be null if the key identifier is not provided.
+     * @type {string}
+     * @memberof ManagedKeyInfo
+     */
+    kid?: string;
+    /**
+     *
+     * @type {Jwk}
+     * @memberof ManagedKeyInfo
+     */
+    key: Jwk;
+    /**
+     *
+     * @type {SignatureAlgorithm}
+     * @memberof ManagedKeyInfo
+     */
+    signatureAlgorithm?: SignatureAlgorithm;
+    /**
+     *
+     * @type {KeyVisibility}
+     * @memberof ManagedKeyInfo
+     */
+    keyVisibility?: KeyVisibility;
+    /**
+     * X.509 certificate chain associated with the key.
+     * @type {Array<string>}
+     * @memberof ManagedKeyInfo
+     */
+    x5c?: Array<string>;
+    /**
+     * A reference or alias to the key in the Key Management Service (KMS).
+     * @type {string}
+     * @memberof ManagedKeyInfo
+     */
+    alias: string;
+    /**
+     * The Key Management System (KMS) identifier associated with the key.
+     * @type {string}
+     * @memberof ManagedKeyInfo
+     */
+    providerId: string;
+    /**
+     *
+     * @type {KeyType}
+     * @memberof ManagedKeyInfo
+     */
+    keyType?: KeyType;
+    /**
+     *
+     * @type {KeyEncoding}
+     * @memberof ManagedKeyInfo
+     */
+    keyEncoding?: KeyEncoding;
+    /**
+     * Additional configuration options as key-value pairs.
+     * @type {{ [key: string]: string; }}
+     * @memberof ManagedKeyInfo
+     */
+    opts?: {
+        [key: string]: string;
+    };
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Method used to identify cryptographic keys.
+ * @export
+ */
+declare const IdentifierMethod: {
+    readonly Jwk: "JWK";
+    readonly Kid: "KID";
+    readonly CoseKey: "COSE_KEY";
+    readonly X5C: "X5C";
+    readonly Did: "DID";
+};
+type IdentifierMethod = typeof IdentifierMethod[keyof typeof IdentifierMethod];
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Response body containing the details of a Key Provider instance.
+ * @export
+ * @interface KeyProvider
+ */
+interface KeyProvider {
+    /**
+     * The unique identifier assigned to the Key Provider instance upon creation.
+     * @type {string}
+     * @memberof KeyProvider
+     */
+    providerId: string;
+    /**
+     *
+     * @type {KeyProviderType}
+     * @memberof KeyProvider
+     */
+    type: KeyProviderType;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Response body containing the details of a Key Provider instance.
+ * @export
+ * @interface KeyProviderResponse
+ */
+interface KeyProviderResponse {
+    /**
+     * The unique identifier assigned to the Key Provider instance upon creation.
+     * @type {string}
+     * @memberof KeyProviderResponse
+     */
+    providerId: string;
+    /**
+     *
+     * @type {KeyProviderType}
+     * @memberof KeyProviderResponse
+     */
+    type: KeyProviderType;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Response body containing the details of a Key Provider instance.
+ * @export
+ * @interface ListKeyProvidersResponse
+ */
+interface ListKeyProvidersResponse {
+    /**
+     *
+     * @type {Array<KeyProvider>}
+     * @memberof ListKeyProvidersResponse
+     */
+    providers: Array<KeyProvider>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Response body containing all the managed keys.
+ * @export
+ * @interface ListKeysResponse
+ */
+interface ListKeysResponse {
+    /**
+     *
+     * @type {Array<ManagedKeyInfo>}
+     * @memberof ListKeysResponse
+     */
+    keyInfos: Array<ManagedKeyInfo>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a key resolver configuration.
+ * @export
+ * @interface Resolver
+ */
+interface Resolver {
+    /**
+     * Unique identifier for the resolver.
+     * @type {string}
+     * @memberof Resolver
+     */
+    resolverId: string;
+    /**
+     * List of identifier methods supported by this resolver.
+     * @type {Array<IdentifierMethod>}
+     * @memberof Resolver
+     */
+    supportedIdentifierMethods?: Array<IdentifierMethod>;
+    /**
+     * List of key types supported by this resolver.
+     * @type {Array<KeyType>}
+     * @memberof Resolver
+     */
+    supportedKeyTypes?: Array<KeyType>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Response body containing all the resolvers.
+ * @export
+ * @interface ListResolversResponse
+ */
+interface ListResolversResponse {
+    /**
+     *
+     * @type {Array<Resolver>}
+     * @memberof ListResolversResponse
+     */
+    resolvers: Array<Resolver>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Request body for resolving a public key.
+ * @export
+ * @interface ResolvePublicKey
+ */
+interface ResolvePublicKey {
+    /**
+     *
+     * @type {KeyInfo}
+     * @memberof ResolvePublicKey
+     */
+    keyInfo: KeyInfo;
+    /**
+     *
+     * @type {IdentifierMethod}
+     * @memberof ResolvePublicKey
+     */
+    identifierMethod?: IdentifierMethod;
+    /**
+     * Optional array of trusted certificates (base64-encoded) that may be used in the resolution process.
+     * @type {Array<string>}
+     * @memberof ResolvePublicKey
+     */
+    trustedCerts?: Array<string>;
+    /**
+     * Optional boolean indicating whether the X.509 certificate chain should be verified.
+     * @type {boolean}
+     * @memberof ResolvePublicKey
+     */
+    verifyX509CertificateChain?: boolean;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Represents a resolved cryptographic key information where the key is guaranteed to be present and resolved, providing concrete access to the key.
+ * @export
+ * @interface ResolvedKeyInfo
+ */
+interface ResolvedKeyInfo {
+    /**
+     * Unique identifier for the cryptographic key. Can be null if the key identifier is not provided.
+     * @type {string}
+     * @memberof ResolvedKeyInfo
+     */
+    kid?: string;
+    /**
+     *
+     * @type {Jwk}
+     * @memberof ResolvedKeyInfo
+     */
+    key: Jwk;
+    /**
+     *
+     * @type {SignatureAlgorithm}
+     * @memberof ResolvedKeyInfo
+     */
+    signatureAlgorithm?: SignatureAlgorithm;
+    /**
+     *
+     * @type {KeyVisibility}
+     * @memberof ResolvedKeyInfo
+     */
+    keyVisibility?: KeyVisibility;
+    /**
+     * X.509 certificate chain associated with the key.
+     * @type {Array<string>}
+     * @memberof ResolvedKeyInfo
+     */
+    x5c?: Array<string>;
+    /**
+     * A reference or alias to the key in the Key Management Service (KMS).
+     * @type {string}
+     * @memberof ResolvedKeyInfo
+     */
+    alias?: string;
+    /**
+     * The Key Management System (KMS) identifier associated with the key.
+     * @type {string}
+     * @memberof ResolvedKeyInfo
+     */
+    providerId?: string;
+    /**
+     *
+     * @type {KeyType}
+     * @memberof ResolvedKeyInfo
+     */
+    keyType?: KeyType;
+    /**
+     *
+     * @type {KeyEncoding}
+     * @memberof ResolvedKeyInfo
+     */
+    keyEncoding?: KeyEncoding;
+    /**
+     * Additional configuration options as key-value pairs.
+     * @type {{ [key: string]: string; }}
+     * @memberof ResolvedKeyInfo
+     */
+    opts?: {
+        [key: string]: string;
+    };
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Request body for storing a key.
+ * @export
+ * @interface StoreKey
+ */
+interface StoreKey {
+    /**
+     *
+     * @type {ResolvedKeyInfo}
+     * @memberof StoreKey
+     */
+    keyInfo: ResolvedKeyInfo;
+    /**
+     * X.509 certificate chain as base64-encoded DER certificates.
+     * @type {Array<string>}
+     * @memberof StoreKey
+     */
+    certChain?: Array<string>;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ * Request body for verifying a raw signature.
+ * @export
+ * @interface VerifyRawSignature
+ */
+interface VerifyRawSignature {
+    /**
+     *
+     * @type {KeyInfo}
+     * @memberof VerifyRawSignature
+     */
+    keyInfo: KeyInfo;
+    /**
+     *
+     * @type {string}
+     * @memberof VerifyRawSignature
+     */
+    input: string;
+    /**
+     *
+     * @type {string}
+     * @memberof VerifyRawSignature
+     */
+    signature: string;
+}
+
+/**
+ * KMS REST Server API
+ * A REST API for managing cryptographic keys and performing signing and verification operations.
+ *
+ * The version of the OpenAPI document: 0.0.1
+ * Contact: support@sphereon.com
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+/**
+ * Response body containing the details of the signature verification.
+ * @export
+ * @interface VerifyRawSignatureResponse
+ */
+interface VerifyRawSignatureResponse {
+    /**
+     * Indicates whether the signature is valid or not.
+     * @type {boolean}
+     * @memberof VerifyRawSignatureResponse
+     */
+    isValid: boolean;
+}
+
+interface IKmsRestClient extends IPluginMethodMap {
+    kmsGetResolver(args: kmsGetResolverArgs): Promise<Resolver>;
+    kmsListResolvers(args: KmsListResolversArgs): Promise<ListResolversResponse>;
+    kmsResolveKey(args: KmsResolveKeyArgs): Promise<ResolvedKeyInfo>;
+    kmsCreateRawSignature(args: KmsCreateRawSignatureArgs): Promise<CreateRawSignatureResponse>;
+    kmsIsValidRawSignature(args: KmsIsValidRawSignatureArgs): Promise<VerifyRawSignatureResponse>;
+    kmsGetKey(args: KmsGetKeyArgs): Promise<ManagedKeyInfo>;
+    kmsListKeys(args: KmsListKeysArgs): Promise<ListKeysResponse>;
+    kmsStoreKey(args: KmsStoreKeyArgs): Promise<ManagedKeyInfo>;
+    kmsGenerateKey(args: KmsGenerateKeyArgs): Promise<ManagedKeyPair>;
+    kmsDeleteKey(args: KmsDeleteKeyArgs): Promise<boolean>;
+    kmsGetKeyProvider(args: KmsGetKeyProviderArgs): Promise<KeyProviderResponse>;
+    kmsListKeyProviders(args: KmsListKeyProvidersArgs): Promise<ListKeyProvidersResponse>;
+    kmsProviderListKeys(args: KmsProviderListKeysArgs): Promise<ListKeysResponse>;
+    kmsProviderStoreKey(args: KmsProviderStoreKey): Promise<ManagedKeyInfo>;
+    kmsProviderGenerateKey(args: KmsProviderGenerateKey): Promise<ManagedKeyPair>;
+    kmsProviderGetKey(args: KmsProviderGetKeyArgs): Promise<ManagedKeyInfo>;
+    kmsProviderDeleteKey(args: KmsProviderDeleteKeyArgs): Promise<boolean>;
+}
+type KmsListResolversArgs = {
+    baseUrl?: string;
+};
+type kmsGetResolverArgs = {
+    baseUrl?: string;
+    resolverId: string;
+};
+type KmsResolveKeyArgs = {
+    baseUrl?: string;
+    resolverId: String;
+} & ResolvePublicKey;
+type KmsCreateRawSignatureArgs = {
+    baseUrl?: string;
+} & CreateRawSignature;
+type KmsIsValidRawSignatureArgs = {
+    baseUrl?: string;
+} & VerifyRawSignature;
+type KmsGetKeyArgs = {
+    baseUrl?: string;
+    aliasOrKid: string;
+};
+type KmsListKeysArgs = {
+    baseUrl?: string;
+    providerId?: string;
+};
+type KmsStoreKeyArgs = {
+    baseUrl?: string;
+} & StoreKey;
+type KmsGenerateKeyArgs = {
+    baseUrl?: string;
+} & GenerateKeyGlobal;
+type KmsDeleteKeyArgs = {
+    baseUrl?: string;
+    aliasOrKid?: string;
+};
+type KmsGetKeyProviderArgs = {
+    baseUrl?: string;
+    providerId?: string;
+};
+type KmsListKeyProvidersArgs = {
+    baseUrl?: string;
+};
+type KmsProviderListKeysArgs = {
+    baseUrl?: string;
+    providerId: string;
+};
+type KmsProviderStoreKey = {
+    baseUrl?: string;
+    providerId: string;
+} & StoreKey;
+type KmsProviderGenerateKey = {
+    baseUrl?: string;
+    providerId: string;
+} & GenerateKey;
+type KmsProviderGetKeyArgs = {
+    baseUrl?: string;
+    providerId: string;
+    aliasOrKid: string;
+};
+type KmsProviderDeleteKeyArgs = {
+    baseUrl?: string;
+    providerId: string;
+    aliasOrKid: string;
+};
+type RestClientAuthenticationOpts = {
+    enabled?: boolean;
+    bearerToken?: BearerTokenArg;
+};
+type KmsRestClientArgs = {
+    baseUrl?: string;
+    authentication?: RestClientAuthenticationOpts;
+};
+type IRequiredContext = IAgentContext<never>;
+
+/**
+ * {@inheritDoc IKmsRestClient}
+ */
+declare class KmsRestClient implements IAgentPlugin {
+    readonly methods: IKmsRestClient;
+    private readonly agentBaseUrl?;
+    private readonly authOpts?;
+    constructor(args?: KmsRestClientArgs);
+    private static urlWithBase;
+    /** {@inheritDoc IKmsRestClient.kmsGetResolver} */
+    private kmsGetResolver;
+    /** {@inheritDoc IKmsRestClient.kmsListResolvers} */
+    private kmsListResolvers;
+    /** {@inheritDoc IKmsRestClient.kmsResolveKey} */
+    private kmsResolveKey;
+    /** {@inheritDoc IKmsRestClient.kmsCreateRawSignature} */
+    private kmsCreateRawSignature;
+    /** {@inheritDoc IKmsRestClient.kmsIsValidRawSignature} */
+    private kmsIsValidRawSignature;
+    /** {@inheritDoc IKmsRestClient.kmsGetKey} */
+    private kmsGetKey;
+    /** {@inheritDoc IKmsRestClient.kmsListKeys} */
+    private kmsListKeys;
+    /** {@inheritDoc IKmsRestClient.kmsStoreKey} */
+    private kmsStoreKey;
+    /** {@inheritDoc IKmsRestClient.kmsGenerateKey} */
+    private kmsGenerateKey;
+    /** {@inheritDoc IKmsRestClient.kmsDeleteKey} */
+    private kmsDeleteKey;
+    /** {@inheritDoc IKmsRestClient.kmsGetKeyProvider} */
+    private kmsGetKeyProvider;
+    /** {@inheritDoc IKmsRestClient.kmsListKeyProviders} */
+    private kmsListKeyProviders;
+    /** {@inheritDoc IKmsRestClient.kmsProviderListKeys} */
+    private kmsProviderListKeys;
+    /** {@inheritDoc IKmsRestClient.kmsProviderStoreKey} */
+    private kmsProviderStoreKey;
+    /** {@inheritDoc IKmsRestClient.kmsProviderGenerateKey} */
+    private kmsProviderGenerateKey;
+    /** {@inheritDoc IKmsRestClient.kmsProviderGetKey} */
+    private kmsProviderGetKey;
+    /** {@inheritDoc IKmsRestClient.kmsProviderDeleteKey} */
+    private kmsProviderDeleteKey;
+    private assertedAgentBaseUrl;
+    private createHeaders;
+    private addSearchParams;
+}
+
+/**
+ * @public
+ */
+declare const schema: any;
+
+export { type IKmsRestClient, type IRequiredContext, type KmsCreateRawSignatureArgs, type KmsDeleteKeyArgs, type KmsGenerateKeyArgs, type KmsGetKeyArgs, type KmsGetKeyProviderArgs, type KmsIsValidRawSignatureArgs, type KmsListKeyProvidersArgs, type KmsListKeysArgs, type KmsListResolversArgs, type KmsProviderDeleteKeyArgs, type KmsProviderGenerateKey, type KmsProviderGetKeyArgs, type KmsProviderListKeysArgs, type KmsProviderStoreKey, type KmsResolveKeyArgs, KmsRestClient, type KmsRestClientArgs, type KmsStoreKeyArgs, type RestClientAuthenticationOpts, type kmsGetResolverArgs, schema };