node-opcua-crypto 4.10.0 → 4.12.0

package/dist/source/index_web.d.ts

@@ -1,131 +1,20 @@
-import { b as PEM, D as DER, f as PublicKeyPEM, S as Signature, P as PrivateKey, C as Certificate, d as CertificatePEM, N as Nonce, K as KeyObject, e as PrivateKeyPEM, a as PublicKey, g as CertificateRevocationList, h as CertificatePurpose } from '../common-CFr95Map.js';
+import { C as Certificate, P as PrivateKey, d as CertificatePEM, b as PEM, D as DER, f as PublicKeyPEM, S as Signature, K as KeyObject, e as PrivateKeyPEM, a as PublicKey, N as Nonce, g as CertificateRevocationList, h as CertificatePurpose } from '../common-CFr95Map.js';
 export { c as createPrivateKeyFromNodeJSCrypto, i as isKeyObject } from '../common-CFr95Map.js';
 import { KeyLike } from 'crypto';
 import * as x509 from '@peculiar/x509';
 
-declare function identifyPemType(rawKey: Buffer | string): undefined | string;
-declare function removeTrailingLF(str: string): string;
-declare function toPem(raw_key: Buffer | string, pem: string): string;
-declare function convertPEMtoDER(raw_key: PEM): DER;
-declare function hexDump(buffer: Buffer, width?: number): string;
-interface MakeMessageChunkSignatureOptions {
-    signatureLength: number;
-    algorithm: string;
-    privateKey: PrivateKey;
-}
-declare function makeMessageChunkSignature(chunk: Buffer, options: MakeMessageChunkSignatureOptions): Buffer;
-interface VerifyMessageChunkSignatureOptions {
-    signatureLength?: number;
-    algorithm: string;
-    publicKey: PublicKeyPEM;
-}
-/**
- * @method verifyMessageChunkSignature
- *
- *     const signer = {
- *           signatureLength : 128,
- *           algorithm : "RSA-SHA256",
- *           publicKey: "qsdqsdqsd"
- *     };
- * @param blockToVerify
- * @param signature
- * @param options
- * @param options.signatureLength
- * @param options.algorithm    for example "RSA-SHA256"
- * @param options.publicKey
- * @return true if the signature is valid
- */
-declare function verifyMessageChunkSignature(blockToVerify: Buffer, signature: Signature, options: VerifyMessageChunkSignatureOptions): boolean;
-declare function makeSHA1Thumbprint(buffer: Buffer): Signature;
-declare const RSA_PKCS1_OAEP_PADDING: number;
-declare const RSA_PKCS1_PADDING: number;
-declare enum PaddingAlgorithm {
-    RSA_PKCS1_OAEP_PADDING = 4,
-    RSA_PKCS1_PADDING = 1
-}
-declare function publicEncrypt_native(buffer: Buffer, publicKey: KeyLike, algorithm?: PaddingAlgorithm): Buffer;
-declare function privateDecrypt_native(buffer: Buffer, privateKey: PrivateKey, algorithm?: PaddingAlgorithm): Buffer;
-declare const publicEncrypt: typeof publicEncrypt_native;
-declare const privateDecrypt: typeof privateDecrypt_native;
-declare function publicEncrypt_long(buffer: Buffer, publicKey: KeyLike, blockSize: number, padding?: number, paddingAlgorithm?: PaddingAlgorithm): Buffer;
-declare function privateDecrypt_long(buffer: Buffer, privateKey: PrivateKey, blockSize: number, paddingAlgorithm?: number): Buffer;
-declare function coerceCertificatePem(certificate: Certificate | CertificatePEM): CertificatePEM;
-declare function extractPublicKeyFromCertificateSync(certificate: Certificate | CertificatePEM): PublicKeyPEM;
-/**
- * extract the publickey from a certificate
- * @async
- */
-declare function extractPublicKeyFromCertificate(certificate: CertificatePEM | Certificate, callback: (err: Error | null, publicKeyPEM?: PublicKeyPEM) => void): void;
+declare function publicKeyAndPrivateKeyMatches(certificate: Certificate, privateKey: PrivateKey): boolean;
+declare function certificateMatchesPrivateKey(certificate: Certificate, privateKey: PrivateKey): boolean;
 
-declare function makePseudoRandomBuffer(secret: Nonce, seed: Nonce, minLength: number, sha1or256: "SHA1" | "SHA256"): Buffer;
-interface ComputeDerivedKeysOptions {
-    signatureLength: number;
-    signingKeyLength: number;
-    encryptingKeyLength: number;
-    encryptingBlockSize: number;
-    algorithm: string;
-    sha1or256?: "SHA1" | "SHA256";
-}
-interface DerivedKeys extends ComputeDerivedKeysOptions {
-    signatureLength: number;
-    signingKeyLength: number;
-    encryptingKeyLength: number;
-    encryptingBlockSize: number;
-    algorithm: string;
-    sha1or256: "SHA1" | "SHA256";
-    signingKey: Buffer;
-    encryptingKey: Buffer;
-    initializationVector: Buffer;
+interface DirectoryName {
+    stateOrProvinceName?: string;
+    localityName?: string;
+    organizationName?: string;
+    organizationUnitName?: string;
+    commonName?: string;
+    countryName?: string;
 }
-declare function computeDerivedKeys(secret: Nonce, seed: Nonce, options: ComputeDerivedKeysOptions): DerivedKeys;
-/**
- * @method reduceLength
- * @param buffer
- * @param byteToRemove
- * @return buffer
- */
-declare function reduceLength(buffer: Buffer, byteToRemove: number): Buffer;
-/**
- * @method removePadding
- * @param buffer
- * @return buffer with padding removed
- */
-declare function removePadding(buffer: Buffer): Buffer;
-type VerifyChunkSignatureOptions = VerifyMessageChunkSignatureOptions;
-/**
- * @method verifyChunkSignature
- *
- *     const signer = {
- *           signatureLength : 128,
- *           algorithm : "RSA-SHA256",
- *           public_key: "qsdqsdqsd"
- *     };
- *
- * @param chunk  The message chunk to verify.
- * @param options
- * @param options.signatureLength
- * @param options.algorithm  the algorithm.
- * @param options.publicKey
- * @return {*}
- */
-declare function verifyChunkSignature(chunk: Buffer, options: VerifyChunkSignatureOptions): boolean;
-declare function computePaddingFooter(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
-declare function encryptBufferWithDerivedKeys(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
-declare function decryptBufferWithDerivedKeys(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
-/**
- * @method makeMessageChunkSignatureWithDerivedKeys
- * @param message
- * @param derivedKeys
- * @return
- */
-declare function makeMessageChunkSignatureWithDerivedKeys(message: Buffer, derivedKeys: DerivedKeys): Buffer;
-/**
- * @method verifyChunkSignatureWithDerivedKeys
- * @param chunk
- * @param derivedKeys
- * @return
- */
-declare function verifyChunkSignatureWithDerivedKeys(chunk: Buffer, derivedKeys: DerivedKeys): boolean;
+declare function readDirectoryName(buffer: Buffer, block: BlockInfo): DirectoryName;
 
 declare enum TagType {
     BOOLEAN = 1,
@@ -161,49 +50,38 @@ interface BlockInfo {
     start: number;
 }
 declare function readTag(buf: Buffer, pos: number): BlockInfo;
-declare function _readStruct(buf: Buffer, blockInfo: BlockInfo): BlockInfo[];
-declare function parseBitString(buffer: Buffer, start: number, end: number, maxLength: number): string;
-interface BitString {
-    lengthInBits: number;
-    lengthInBytes: number;
-    data: Buffer;
-    debug?: any;
-}
-declare function _readBitString(buffer: Buffer, block: BlockInfo): BitString;
-declare function formatBuffer2DigitHexWithColum(buffer: Buffer): string;
-declare function _readOctetString(buffer: Buffer, block: BlockInfo): Buffer;
-declare function _getBlock(buffer: Buffer, block: BlockInfo): Buffer;
+declare function readStruct(buf: Buffer, blockInfo: BlockInfo): BlockInfo[];
 interface AlgorithmIdentifier {
     identifier: string;
 }
-declare function _readIntegerAsByteString(buffer: Buffer, block: BlockInfo): Buffer;
-declare function _readListOfInteger(buffer: Buffer): Buffer[];
-declare function _readObjectIdentifier(buffer: Buffer, block: BlockInfo): {
-    oid: string;
-    name: string;
-};
-declare function _readAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier;
-declare function _readECCAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier;
+declare function readAlgorithmIdentifier(buffer: Buffer, block: BlockInfo): AlgorithmIdentifier;
 type SignatureValue = string;
-declare function _readSignatureValueBin(buffer: Buffer, block: BlockInfo): Buffer;
-declare function _readSignatureValue(buffer: Buffer, block: BlockInfo): SignatureValue;
-declare function _readLongIntegerValue(buffer: Buffer, block: BlockInfo): Buffer;
-declare function _readIntegerValue(buffer: Buffer, block: BlockInfo): number;
-declare function _readBooleanValue(buffer: Buffer, block: BlockInfo): boolean;
-declare function _readVersionValue(buffer: Buffer, block: BlockInfo): number;
-declare function _readValue(buffer: Buffer, block: BlockInfo): any;
-interface DirectoryName {
-    stateOrProvinceName?: string;
-    localityName?: string;
-    organizationName?: string;
-    organizationUnitName?: string;
-    commonName?: string;
-    countryName?: string;
+declare function readSignatureValueBin(buffer: Buffer, block: BlockInfo): Buffer;
+
+type PublicKeyLength = 64 | 96 | 128 | 256 | 384 | 512;
+/**
+ * A structure exposing useful information about a certificate
+ */
+interface CertificateInfo {
+    /** the public key length in bits */
+    publicKeyLength: PublicKeyLength;
+    /** the date at which the certificate starts to be valid */
+    notBefore: Date;
+    /** the date after which the certificate is not valid any more */
+    notAfter: Date;
+    /** info about certificate owner */
+    subject: DirectoryName;
+    /** public key */
+    publicKey: SubjectPublicKey;
 }
-declare function compactDirectoryName(d: DirectoryName): string;
-declare function _readDirectoryName(buffer: Buffer, block: BlockInfo): DirectoryName;
-declare function _findBlockAtIndex(blocks: BlockInfo[], index: number): BlockInfo | null;
-declare function _readTime(buffer: Buffer, block: BlockInfo): any;
+declare function coerceCertificate(certificate: Certificate | CertificatePEM): Certificate;
+/**
+ * @method exploreCertificateInfo
+ * returns useful information about the certificate such as public key length, start date and end of validity date,
+ * and CN
+ * @param certificate the certificate to explore
+ */
+declare function exploreCertificateInfo(certificate: Certificate | CertificatePEM): CertificateInfo;
 
 /**
  * @module node_opcua_crypto
@@ -241,7 +119,7 @@ interface X509ExtKeyUsage {
 interface SubjectPublicKey {
     modulus: Buffer;
 }
-declare function _readExtension(buffer: Buffer, block: BlockInfo): {
+declare function readExtension(buffer: Buffer, block: BlockInfo): {
     identifier: {
         oid: string;
         name: string;
@@ -310,30 +188,59 @@ declare function split_der(certificateChain: Certificate): Certificate[];
  */
 declare function combine_der(certificates: Certificate[]): Certificate;
 
-type PublicKeyLength = 64 | 96 | 128 | 256 | 384 | 512;
+declare function identifyPemType(rawKey: Buffer | string): undefined | string;
+declare function removeTrailingLF(str: string): string;
+declare function toPem(raw_key: Buffer | string, pem: string): string;
+declare function convertPEMtoDER(raw_key: PEM): DER;
+declare function hexDump(buffer: Buffer, width?: number): string;
+interface MakeMessageChunkSignatureOptions {
+    signatureLength: number;
+    algorithm: string;
+    privateKey: PrivateKey;
+}
+declare function makeMessageChunkSignature(chunk: Buffer, options: MakeMessageChunkSignatureOptions): Buffer;
+interface VerifyMessageChunkSignatureOptions {
+    signatureLength?: number;
+    algorithm: string;
+    publicKey: PublicKeyPEM;
+}
 /**
- * A structure exposing useful information about a certificate
+ * @method verifyMessageChunkSignature
+ *
+ *     const signer = {
+ *           signatureLength : 128,
+ *           algorithm : "RSA-SHA256",
+ *           publicKey: "qsdqsdqsd"
+ *     };
+ * @param blockToVerify
+ * @param signature
+ * @param options
+ * @param options.signatureLength
+ * @param options.algorithm    for example "RSA-SHA256"
+ * @param options.publicKey
+ * @return true if the signature is valid
  */
-interface CertificateInfo {
-    /** the public key length in bits */
-    publicKeyLength: PublicKeyLength;
-    /** the date at which the certificate starts to be valid */
-    notBefore: Date;
-    /** the date after which the certificate is not valid any more */
-    notAfter: Date;
-    /** info about certificate owner */
-    subject: DirectoryName;
-    /** public key */
-    publicKey: SubjectPublicKey;
+declare function verifyMessageChunkSignature(blockToVerify: Buffer, signature: Signature, options: VerifyMessageChunkSignatureOptions): boolean;
+declare function makeSHA1Thumbprint(buffer: Buffer): Signature;
+declare const RSA_PKCS1_OAEP_PADDING: number;
+declare const RSA_PKCS1_PADDING: number;
+declare enum PaddingAlgorithm {
+    RSA_PKCS1_OAEP_PADDING = 4,
+    RSA_PKCS1_PADDING = 1
 }
-declare function coerceCertificate(certificate: Certificate | CertificatePEM): Certificate;
+declare function publicEncrypt_native(buffer: Buffer, publicKey: KeyLike, algorithm?: PaddingAlgorithm): Buffer;
+declare function privateDecrypt_native(buffer: Buffer, privateKey: PrivateKey, algorithm?: PaddingAlgorithm): Buffer;
+declare const publicEncrypt: typeof publicEncrypt_native;
+declare const privateDecrypt: typeof privateDecrypt_native;
+declare function publicEncrypt_long(buffer: Buffer, publicKey: KeyLike, blockSize: number, padding?: number, paddingAlgorithm?: PaddingAlgorithm): Buffer;
+declare function privateDecrypt_long(buffer: Buffer, privateKey: PrivateKey, blockSize: number, paddingAlgorithm?: number): Buffer;
+declare function coerceCertificatePem(certificate: Certificate | CertificatePEM): CertificatePEM;
+declare function extractPublicKeyFromCertificateSync(certificate: Certificate | CertificatePEM): PublicKeyPEM;
 /**
- * @method exploreCertificateInfo
- * returns useful information about the certificate such as public key length, start date and end of validity date,
- * and CN
- * @param certificate the certificate to explore
+ * extract the publickey from a certificate
+ * @async
  */
-declare function exploreCertificateInfo(certificate: Certificate | CertificatePEM): CertificateInfo;
+declare function extractPublicKeyFromCertificate(certificate: CertificatePEM | Certificate, callback: (err: Error | null, publicKeyPEM?: PublicKeyPEM) => void): void;
 
 /***
  * @method rsaLengthPrivateKey
@@ -360,14 +267,77 @@ declare function coerceRsaPublicKeyPem(publicKey: PublicKey | KeyObject | Public
 declare function rsaLengthPublicKey(key: PublicKeyPEM | PublicKey): number;
 declare function rsaLengthRsaPublicKey(key: PublicKeyPEM | PublicKey): number;
 
-declare function verifyCertificateOrClrSignature(certificateOrCrl: Buffer, parentCertificate: Certificate): boolean;
-declare function verifyCertificateSignature(certificate: Certificate, parentCertificate: Certificate): boolean;
-declare function verifyCertificateRevocationListSignature(certificateRevocationList: Certificate, parentCertificate: Certificate): boolean;
-type _VerifyStatus = "BadCertificateIssuerUseNotAllowed" | "BadCertificateInvalid" | "Good";
-declare function verifyCertificateChain(certificateChain: Certificate[]): Promise<{
-    status: _VerifyStatus;
-    reason: string;
-}>;
+declare function makePseudoRandomBuffer(secret: Nonce, seed: Nonce, minLength: number, sha1or256: "SHA1" | "SHA256"): Buffer;
+interface ComputeDerivedKeysOptions {
+    signatureLength: number;
+    signingKeyLength: number;
+    encryptingKeyLength: number;
+    encryptingBlockSize: number;
+    algorithm: string;
+    sha1or256?: "SHA1" | "SHA256";
+}
+interface DerivedKeys extends ComputeDerivedKeysOptions {
+    signatureLength: number;
+    signingKeyLength: number;
+    encryptingKeyLength: number;
+    encryptingBlockSize: number;
+    algorithm: string;
+    sha1or256: "SHA1" | "SHA256";
+    signingKey: Buffer;
+    encryptingKey: Buffer;
+    initializationVector: Buffer;
+}
+declare function computeDerivedKeys(secret: Nonce, seed: Nonce, options: ComputeDerivedKeysOptions): DerivedKeys;
+/**
+ * @method reduceLength
+ * @param buffer
+ * @param byteToRemove
+ * @return buffer
+ */
+declare function reduceLength(buffer: Buffer, byteToRemove: number): Buffer;
+/**
+ * @method removePadding
+ * @param buffer
+ * @return buffer with padding removed
+ */
+declare function removePadding(buffer: Buffer): Buffer;
+type VerifyChunkSignatureOptions = VerifyMessageChunkSignatureOptions;
+/**
+ * @method verifyChunkSignature
+ *
+ *     const signer = {
+ *           signatureLength : 128,
+ *           algorithm : "RSA-SHA256",
+ *           public_key: "qsdqsdqsd"
+ *     };
+ *
+ * @param chunk  The message chunk to verify.
+ * @param options
+ * @param options.signatureLength
+ * @param options.algorithm  the algorithm.
+ * @param options.publicKey
+ * @return {*}
+ */
+declare function verifyChunkSignature(chunk: Buffer, options: VerifyChunkSignatureOptions): boolean;
+declare function computePaddingFooter(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
+declare function encryptBufferWithDerivedKeys(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
+declare function decryptBufferWithDerivedKeys(buffer: Buffer, derivedKeys: DerivedKeys): Buffer;
+/**
+ * @method makeMessageChunkSignatureWithDerivedKeys
+ * @param message
+ * @param derivedKeys
+ * @return
+ */
+declare function makeMessageChunkSignatureWithDerivedKeys(message: Buffer, derivedKeys: DerivedKeys): Buffer;
+/**
+ * @method verifyChunkSignatureWithDerivedKeys
+ * @param chunk
+ * @param derivedKeys
+ * @return
+ */
+declare function verifyChunkSignatureWithDerivedKeys(chunk: Buffer, derivedKeys: DerivedKeys): boolean;
+
+declare function exploreAsn1(buffer: Buffer): void;
 
 type Version = string;
 type Name = string;
@@ -434,23 +404,53 @@ interface PrivateKeyInternals {
  */
 declare function explorePrivateKey(privateKey2: PrivateKey): PrivateKeyInternals;
 
-declare function publicKeyAndPrivateKeyMatches(certificate: Certificate, privateKey: PrivateKey): boolean;
-declare function certificateMatchesPrivateKey(certificate: Certificate, privateKey: PrivateKey): boolean;
+declare function makePrivateKeyFromPem(privateKeyInPem: string): PrivateKey;
 
-declare function generateKeyPair(modulusLength?: 1024 | 2048 | 3072 | 4096): Promise<CryptoKeyPair>;
+declare function makePrivateKeyThumbPrint(privateKey: PrivateKey): Buffer;
+
+interface SubjectOptions {
+    commonName?: string;
+    organization?: string;
+    organizationalUnit?: string;
+    locality?: string;
+    state?: string;
+    country?: string;
+    domainComponent?: string;
+}
 /**
- *  generate a pair of private/public keys of length 1024,2048, 3072, or 4096 bits
+ * subjectName	The subject name to use for the Certificate.
+ * If not specified the ApplicationName and/or domainNames are used to create a suitable default value.
  */
-declare function generatePrivateKey(modulusLength?: 1024 | 2048 | 3072 | 4096): Promise<CryptoKey>;
+declare class Subject implements SubjectOptions {
+    readonly commonName?: string;
+    readonly organization?: string;
+    readonly organizationalUnit?: string;
+    readonly locality?: string;
+    readonly state?: string;
+    readonly country?: string;
+    readonly domainComponent?: string;
+    constructor(options: SubjectOptions | string);
+    static parse(str: string): SubjectOptions;
+    toStringInternal(sep: string): string;
+    toStringForOPCUA(): string;
+    toString(): string;
+}
+
+declare function verifyCertificateOrClrSignature(certificateOrCrl: Buffer, parentCertificate: Certificate): boolean;
+declare function verifyCertificateSignature(certificate: Certificate, parentCertificate: Certificate): boolean;
+declare function verifyCertificateRevocationListSignature(certificateRevocationList: Certificate, parentCertificate: Certificate): boolean;
+type _VerifyStatus = "BadCertificateIssuerUseNotAllowed" | "BadCertificateInvalid" | "Good";
+declare function verifyCertificateChain(certificateChain: Certificate[]): Promise<{
+    status: _VerifyStatus;
+    reason: string;
+}>;
+
+declare function coercePEMorDerToPrivateKey(privateKeyInDerOrPem: string | Buffer): PrivateKey;
 /**
- *  convert  a CryptoKey to a PEM string
+ *
+ * @private
  */
-declare function privateKeyToPEM(privateKey: CryptoKey): Promise<{
-    privPem: string;
-    privDer: ArrayBuffer;
-}>;
-declare function derToPrivateKey(privDer: ArrayBuffer): Promise<CryptoKey>;
-declare function pemToPrivateKey(pem: string): Promise<CryptoKey>;
+declare function _coercePrivateKey(privateKey: any): Promise<KeyObject>;
 
 interface CreateCertificateSigningRequestOptions {
     privateKey: CryptoKey;
@@ -468,6 +468,21 @@ declare function createCertificateSigningRequest({ privateKey, subject, dns, ip,
     der: x509.Pkcs10CertificateRequest;
 }>;
 
+declare function generateKeyPair(modulusLength?: 1024 | 2048 | 3072 | 4096): Promise<CryptoKeyPair>;
+/**
+ *  generate a pair of private/public keys of length 1024,2048, 3072, or 4096 bits
+ */
+declare function generatePrivateKey(modulusLength?: 1024 | 2048 | 3072 | 4096): Promise<CryptoKey>;
+/**
+ *  convert  a CryptoKey to a PEM string
+ */
+declare function privateKeyToPEM(privateKey: CryptoKey): Promise<{
+    privPem: string;
+    privDer: ArrayBuffer;
+}>;
+declare function derToPrivateKey(privDer: ArrayBuffer): Promise<CryptoKey>;
+declare function pemToPrivateKey(pem: string): Promise<CryptoKey>;
+
 interface CreateSelfSignCertificateOptions {
     privateKey: CryptoKey;
     notBefore?: Date;
@@ -488,41 +503,16 @@ declare function createSelfSignedCertificate({ privateKey, notAfter, notBefore,
     der: x509.X509Certificate;
 }>;
 
-declare function coercePEMorDerToPrivateKey(privateKeyInDerOrPem: string | Buffer): PrivateKey;
 /**
- *
- * @private
- */
-declare function _coercePrivateKey(privateKey: any): Promise<KeyObject>;
-
-interface SubjectOptions {
-    commonName?: string;
-    organization?: string;
-    organizationalUnit?: string;
-    locality?: string;
-    state?: string;
-    country?: string;
-    domainComponent?: string;
-}
-/**
- * subjectName	The subject name to use for the Certificate.
- * If not specified the ApplicationName and/or domainNames are used to create a suitable default value.
+ * @module node_opcua_crypto
  */
-declare class Subject implements SubjectOptions {
-    readonly commonName?: string;
-    readonly organization?: string;
-    readonly organizationalUnit?: string;
-    readonly locality?: string;
-    readonly state?: string;
-    readonly country?: string;
-    readonly domainComponent?: string;
-    constructor(options: SubjectOptions | string);
-    static parse(str: string): SubjectOptions;
-    toStringInternal(sep: string): string;
-    toStringForOPCUA(): string;
-    toString(): string;
-}
 
-declare function makePrivateKeyFromPem(privateKeyInPem: string): PrivateKey;
+declare const asn1: {
+    readDirectoryName: typeof readDirectoryName;
+    readTag: typeof readTag;
+    readStruct: typeof readStruct;
+    readAlgorithmIdentifier: typeof readAlgorithmIdentifier;
+    readSignatureValueBin: typeof readSignatureValueBin;
+};
 
-export { type AlgorithmIdentifier, type AttributeTypeAndValue, type AuthorityKeyIdentifier, type BasicConstraints, type BitString, type BlockInfo, Certificate, type CertificateExtension, type CertificateInfo, type CertificateInternals, CertificatePEM, CertificatePurpose, CertificateRevocationList, type CertificateRevocationListInfo, type CertificateSerialNumber, type CertificateSigningRequestInfo, type ComputeDerivedKeysOptions, type CreateSelfSignCertificateOptions, DER, type DerivedKeys, type DirectoryName, type ExtensionRequest, type Extensions, KeyObject, type Name, Nonce, PEM, PaddingAlgorithm, PrivateKey, type PrivateKeyInternals, PrivateKeyPEM, PublicKey, type PublicKeyLength, PublicKeyPEM, RSA_PKCS1_OAEP_PADDING, RSA_PKCS1_PADDING, type RevokedCertificate, Signature, type SignatureValue, Subject, type SubjectOptions, type SubjectPublicKey, type SubjectPublicKeyInfo, type TBSCertList, TagType, type TbsCertificate, type Validity, type VerifyChunkSignatureOptions, type VerifyMessageChunkSignatureOptions, type Version, type X509ExtKeyUsage, type X509KeyUsage, type _VerifyStatus, _coercePrivateKey, _findBlockAtIndex, _getBlock, _readAlgorithmIdentifier, _readBitString, _readBooleanValue, _readDirectoryName, _readECCAlgorithmIdentifier, _readExtension, _readIntegerAsByteString, _readIntegerValue, _readListOfInteger, _readLongIntegerValue, _readObjectIdentifier, _readOctetString, _readSignatureValue, _readSignatureValueBin, _readStruct, _readTime, _readValue, _readVersionValue, certificateMatchesPrivateKey, coerceCertificate, coerceCertificatePem, coercePEMorDerToPrivateKey, coercePrivateKeyPem, coercePublicKeyPem, coerceRsaPublicKeyPem, combine_der, compactDirectoryName, computeDerivedKeys, computePaddingFooter, convertPEMtoDER, createCertificateSigningRequest, createSelfSignedCertificate, decryptBufferWithDerivedKeys, derToPrivateKey, encryptBufferWithDerivedKeys, exploreCertificate, exploreCertificateInfo, exploreCertificateRevocationList, exploreCertificateSigningRequest, explorePrivateKey, extractPublicKeyFromCertificate, extractPublicKeyFromCertificateSync, formatBuffer2DigitHexWithColum, generateKeyPair, generatePrivateKey, hexDump, identifyPemType, makeMessageChunkSignature, makeMessageChunkSignatureWithDerivedKeys, makePrivateKeyFromPem, makePseudoRandomBuffer, makeSHA1Thumbprint, parseBitString, pemToPrivateKey, privateDecrypt, privateDecrypt_long, privateDecrypt_native, privateKeyToPEM, publicEncrypt, publicEncrypt_long, publicEncrypt_native, publicKeyAndPrivateKeyMatches, readCertificationRequestInfo, readNameForCrl, readTag, readTbsCertificate, reduceLength, removePadding, removeTrailingLF, rsaLengthPrivateKey, rsaLengthPublicKey, rsaLengthRsaPublicKey, split_der, toPem, toPem2, verifyCertificateChain, verifyCertificateOrClrSignature, verifyCertificateRevocationListSignature, verifyCertificateSignature, verifyChunkSignature, verifyChunkSignatureWithDerivedKeys, verifyMessageChunkSignature };
+export { type AttributeTypeAndValue, type AuthorityKeyIdentifier, type BasicConstraints, Certificate, type CertificateExtension, type CertificateInfo, type CertificateInternals, CertificatePEM, CertificatePurpose, CertificateRevocationList, type CertificateRevocationListInfo, type CertificateSerialNumber, type CertificateSigningRequestInfo, type ComputeDerivedKeysOptions, type CreateSelfSignCertificateOptions, DER, type DerivedKeys, type DirectoryName, type ExtensionRequest, type Extensions, KeyObject, type Name, Nonce, PEM, PaddingAlgorithm, PrivateKey, type PrivateKeyInternals, PrivateKeyPEM, PublicKey, type PublicKeyLength, PublicKeyPEM, RSA_PKCS1_OAEP_PADDING, RSA_PKCS1_PADDING, type RevokedCertificate, Signature, Subject, type SubjectOptions, type SubjectPublicKey, type SubjectPublicKeyInfo, type TBSCertList, type TbsCertificate, type Validity, type VerifyChunkSignatureOptions, type VerifyMessageChunkSignatureOptions, type Version, type X509ExtKeyUsage, type X509KeyUsage, type _VerifyStatus, _coercePrivateKey, asn1, certificateMatchesPrivateKey, coerceCertificate, coerceCertificatePem, coercePEMorDerToPrivateKey, coercePrivateKeyPem, coercePublicKeyPem, coerceRsaPublicKeyPem, combine_der, computeDerivedKeys, computePaddingFooter, convertPEMtoDER, createCertificateSigningRequest, createSelfSignedCertificate, decryptBufferWithDerivedKeys, derToPrivateKey, encryptBufferWithDerivedKeys, exploreAsn1, exploreCertificate, exploreCertificateInfo, exploreCertificateRevocationList, exploreCertificateSigningRequest, explorePrivateKey, extractPublicKeyFromCertificate, extractPublicKeyFromCertificateSync, generateKeyPair, generatePrivateKey, hexDump, identifyPemType, makeMessageChunkSignature, makeMessageChunkSignatureWithDerivedKeys, makePrivateKeyFromPem, makePrivateKeyThumbPrint, makePseudoRandomBuffer, makeSHA1Thumbprint, pemToPrivateKey, privateDecrypt, privateDecrypt_long, privateDecrypt_native, privateKeyToPEM, publicEncrypt, publicEncrypt_long, publicEncrypt_native, publicKeyAndPrivateKeyMatches, readCertificationRequestInfo, readExtension, readNameForCrl, readTbsCertificate, reduceLength, removePadding, removeTrailingLF, rsaLengthPrivateKey, rsaLengthPublicKey, rsaLengthRsaPublicKey, split_der, toPem, toPem2, verifyCertificateChain, verifyCertificateOrClrSignature, verifyCertificateRevocationListSignature, verifyCertificateSignature, verifyChunkSignature, verifyChunkSignatureWithDerivedKeys, verifyMessageChunkSignature };