/*! * Copyright (c) 2014, GlobalSign * Copyright (c) 2015-2019, Peculiar Ventures * All rights reserved. * * Author 2014-2019, Yury Strozhevsky * * Redistribution and use in source and binary forms, with or without modification, * are permitted provided that the following conditions are met: * * * Redistributions of source code must retain the above copyright notice, this * list of conditions and the following disclaimer. * * * Redistributions in binary form must reproduce the above copyright notice, this * list of conditions and the following disclaimer in the documentation and/or * other materials provided with the distribution. * * * Neither the name of the {organization} nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ import * as asn1js from 'asn1js'; import { BitString, OctetString } from 'asn1js'; import * as bs from 'bytestreamjs'; type SchemaType = any; type SchemaNames = { blockName?: string; optional?: boolean; }; interface SchemaCompatible { /** * Converts parsed ASN.1 object into current class * @param schema */ fromSchema(schema: SchemaType): void; /** * Convert current object to asn1js object and set correct values * @returns asn1js object */ toSchema(): SchemaType; toJSON(): any; } interface SchemaConstructor { schema?: SchemaType; } /** * Parameters for schema generation */ interface SchemaParameters = object> { names?: SchemaNames & N; } interface PkiObjectParameters { schema?: SchemaType; } interface PkiObjectConstructor { new (params: PkiObjectParameters): T; CLASS_NAME: string; } declare abstract class PkiObject { /** * Name of the class */ static CLASS_NAME: string; /** * Returns block name * @returns Returns string block name */ static blockName(): string; /** * Creates PKI object from the raw data * @param raw ASN.1 encoded raw data * @returns Initialized and filled current class object */ static fromBER(this: PkiObjectConstructor, raw: BufferSource): T; /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: string): any; /** * Returns value of pre-defined ASN.1 schema for current class * @param parameters Input parameters for the schema * @returns ASN.1 schema object */ static schema(parameters?: SchemaParameters): SchemaType; get className(): string; /** * Converts parsed ASN.1 object into current class * @param schema ASN.1 schema */ abstract fromSchema(schema: SchemaType): void; /** * Converts current object to ASN.1 object and sets correct values * @param encodeFlag If param equal to `false` then creates schema via decoding stored value. In other case creates schema via assembling from cached parts * @returns ASN.1 object */ abstract toSchema(encodeFlag?: boolean): SchemaType; /** * Converts the class to JSON object * @returns JSON object */ abstract toJSON(): any; toString(encoding?: "hex" | "base64" | "base64url"): string; } declare const TYPE$5 = "type"; declare const VALUE$6 = "value"; interface IGeneralName { /** * value type - from a tagged value (0 for "otherName", 1 for "rfc822Name" etc.) */ type: number; /** * ASN.1 object having GeneralName value (type depends on TYPE value) */ value: any; } type GeneralNameParameters = PkiObjectParameters & Partial<{ type: 1 | 2 | 6; value: string; } | { type: 0 | 3 | 4 | 7 | 8; value: any; }>; interface GeneralNameSchema { names?: { blockName?: string; directoryName?: object; builtInStandardAttributes?: object; otherName?: string; rfc822Name?: string; dNSName?: string; x400Address?: string; ediPartyName?: string; uniformResourceIdentifier?: string; iPAddress?: string; registeredID?: string; }; } interface GeneralNameJson { type: number; value: string; } /** * Represents the GeneralName structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class GeneralName extends PkiObject implements IGeneralName { static CLASS_NAME: string; type: number; value: any; /** * Initializes a new instance of the {@link GeneralName} class * @param parameters Initialization parameters */ constructor(parameters?: GeneralNameParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE$5): number; static defaultValues(memberName: typeof VALUE$6): any; /** * Compares values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * GeneralName ::= Choice { * otherName [0] OtherName, * rfc822Name [1] IA5String, * dNSName [2] IA5String, * x400Address [3] ORAddress, * directoryName [4] value, * ediPartyName [5] EDIPartyName, * uniformResourceIdentifier [6] IA5String, * iPAddress [7] OCTET STRING, * registeredID [8] OBJECT IDENTIFIER } *``` */ static schema(parameters?: GeneralNameSchema): asn1js.Choice; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Constructed | asn1js.IA5String | asn1js.ObjectIdentifier | asn1js.Choice; toJSON(): GeneralNameJson; } declare const ACCESS_METHOD = "accessMethod"; declare const ACCESS_LOCATION = "accessLocation"; interface IAccessDescription { /** * The type and format of the information are specified by the accessMethod field. This profile defines two accessMethod OIDs: id-ad-caIssuers and id-ad-ocsp */ accessMethod: string; /** * The accessLocation field specifies the location of the information */ accessLocation: GeneralName; } type AccessDescriptionParameters = PkiObjectParameters & Partial; /** * JSON representation of {@link AccessDescription} */ interface AccessDescriptionJson { accessMethod: string; accessLocation: GeneralNameJson; } /** * Represents the AccessDescription structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) * * The authority information access extension indicates how to access * information and services for the issuer of the certificate in which * the extension appears. Information and services may include on-line * validation services and CA policy data. This extension may be included in * end entity or CA certificates. Conforming CAs MUST mark this * extension as non-critical. */ declare class AccessDescription extends PkiObject implements IAccessDescription { static CLASS_NAME: string; accessMethod: string; accessLocation: GeneralName; /** * Initializes a new instance of the {@link AccessDescription} class * @param parameters Initialization parameters */ constructor(parameters?: AccessDescriptionParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ACCESS_METHOD): string; static defaultValues(memberName: typeof ACCESS_LOCATION): GeneralName; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AccessDescription ::= SEQUENCE { * accessMethod OBJECT IDENTIFIER, * accessLocation GeneralName } *``` */ static schema(parameters?: SchemaParameters<{ accessMethod?: string; accessLocation?: GeneralNameSchema; }>): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AccessDescriptionJson; } declare const SECONDS = "seconds"; declare const MILLIS = "millis"; declare const MICROS = "micros"; interface IAccuracy { /** * Seconds */ seconds?: number; /** * Milliseconds */ millis?: number; /** * Microseconds */ micros?: number; } type AccuracyParameters = PkiObjectParameters & Partial; type AccuracySchema = SchemaParameters<{ seconds?: string; millis?: string; micros?: string; }>; /** * JSON representation of {@link Accuracy} */ interface AccuracyJson { seconds?: number; millis?: number; micros?: number; } /** * Represents the time deviation around the UTC time contained in GeneralizedTime. Described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) */ declare class Accuracy extends PkiObject implements IAccuracy { static CLASS_NAME: string; seconds?: number; millis?: number; micros?: number; /** * Initializes a new instance of the {@link Accuracy} class * @param parameters Initialization parameters */ constructor(parameters?: AccuracyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SECONDS): number; static defaultValues(memberName: typeof MILLIS): number; static defaultValues(memberName: typeof MICROS): number; static defaultValues(memberName: string): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: typeof SECONDS | typeof MILLIS | typeof MICROS, memberValue: number): boolean; static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Accuracy ::= SEQUENCE { * seconds INTEGER OPTIONAL, * millis [0] INTEGER (1..999) OPTIONAL, * micros [1] INTEGER (1..999) OPTIONAL } *``` */ static schema(parameters?: AccuracySchema): any; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AccuracyJson; } declare const ALGORITHM_ID = "algorithmId"; declare const ALGORITHM_PARAMS = "algorithmParams"; interface IAlgorithmIdentifier { /** * ObjectIdentifier for algorithm (string representation) */ algorithmId: string; /** * Any algorithm parameters */ algorithmParams?: any; } type AlgorithmIdentifierParameters = PkiObjectParameters & Partial; /** * JSON representation of {@link AlgorithmIdentifier} */ interface AlgorithmIdentifierJson { algorithmId: string; algorithmParams?: any; } type AlgorithmIdentifierSchema = SchemaParameters<{ algorithmIdentifier?: string; algorithmParams?: string; }>; /** * Represents the AlgorithmIdentifier structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class AlgorithmIdentifier extends PkiObject implements IAlgorithmIdentifier { static CLASS_NAME: string; algorithmId: string; algorithmParams?: any; /** * Initializes a new instance of the {@link AlgorithmIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: AlgorithmIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ALGORITHM_ID): string; static defaultValues(memberName: typeof ALGORITHM_PARAMS): any; /** * Compares values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AlgorithmIdentifier ::= Sequence { * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } *``` */ static schema(parameters?: AlgorithmIdentifierSchema): any; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AlgorithmIdentifierJson; /** * Checks that two "AlgorithmIdentifiers" are equal * @param algorithmIdentifier */ isEqual(algorithmIdentifier: unknown): boolean; } declare const ALT_NAMES = "altNames"; interface IAltName { /** * Array of alternative names in GeneralName type */ altNames: GeneralName[]; } type AltNameParameters = PkiObjectParameters & Partial; interface AltNameJson { altNames: GeneralNameJson[]; } /** * Represents the AltName structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class AltName extends PkiObject implements IAltName { static CLASS_NAME: string; altNames: GeneralName[]; /** * Initializes a new instance of the {@link AltName} class * @param parameters Initialization parameters */ constructor(parameters?: AltNameParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ALT_NAMES): GeneralName[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AltName ::= GeneralNames *``` */ static schema(parameters?: SchemaParameters<{ altNames?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AltNameJson; } declare const TYPE$4 = "type"; declare const VALUES$1 = "values"; interface IAttribute { /** * Specifies type of attribute value */ type: string; /** * List of attribute values */ values: any[]; } type AttributeParameters = PkiObjectParameters & Partial; type AttributeSchema = SchemaParameters<{ setName?: string; type?: string; values?: string; }>; interface AttributeJson { type: string; values: any[]; } /** * Represents the Attribute structure described in [RFC2986](https://datatracker.ietf.org/doc/html/rfc2986) */ declare class Attribute extends PkiObject implements IAttribute { static CLASS_NAME: string; type: string; values: any[]; /** * Initializes a new instance of the {@link Attribute} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE$4): string; static defaultValues(memberName: typeof VALUES$1): any[]; /** * Compares values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { * type ATTRIBUTE.&id({IOSet}), * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type}) * } *``` */ static schema(parameters?: AttributeSchema): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeJson; } declare const NOT_BEFORE_TIME = "notBeforeTime"; declare const NOT_AFTER_TIME = "notAfterTime"; interface IAttCertValidityPeriod { notBeforeTime: Date; notAfterTime: Date; } type AttCertValidityPeriodParameters = PkiObjectParameters & Partial; type AttCertValidityPeriodSchema = SchemaParameters<{ notBeforeTime?: string; notAfterTime?: string; }>; interface AttCertValidityPeriodJson { notBeforeTime: Date; notAfterTime: Date; } /** * Represents the AttCertValidityPeriod structure described in [RFC5755 Section 4.1](https://datatracker.ietf.org/doc/html/rfc5755#section-4.1) */ declare class AttCertValidityPeriod extends PkiObject implements IAttCertValidityPeriod { static CLASS_NAME: string; notBeforeTime: Date; notAfterTime: Date; /** * Initializes a new instance of the {@link AttCertValidityPeriod} class * @param parameters Initialization parameters */ constructor(parameters?: AttCertValidityPeriodParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof NOT_BEFORE_TIME): Date; static defaultValues(memberName: typeof NOT_AFTER_TIME): Date; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttCertValidityPeriod ::= SEQUENCE { * notBeforeTime GeneralizedTime, * notAfterTime GeneralizedTime * } *``` */ static schema(parameters?: AttCertValidityPeriodSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttCertValidityPeriodJson; } declare const NAMES = "names"; interface IGeneralNames { names: GeneralName[]; } type GeneralNamesParameters = PkiObjectParameters & Partial; type GeneralNamesSchema = SchemaParameters<{ generalNames?: string; }>; interface GeneralNamesJson { names: GeneralNameJson[]; } /** * Represents the GeneralNames structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class GeneralNames extends PkiObject implements IGeneralNames { static CLASS_NAME: string; /** * Array of "general names" */ names: GeneralName[]; /** * Initializes a new instance of the {@link GeneralNames} class * @param parameters Initialization parameters */ constructor(parameters?: GeneralNamesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof NAMES): GeneralName[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName * ``` * * @param parameters Input parameters for the schema * @param optional Flag would be element optional or not * @returns ASN.1 schema object */ static schema(parameters?: GeneralNamesSchema, optional?: boolean): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): GeneralNamesJson; } type ExtensionParsedValue = (SchemaCompatible & { parsingError?: string; }) | SchemaType; interface ExtensionValueType { name: string; type: ExtensionValueConstructor; } interface ExtensionValueConstructor { new (params?: { schema: any; }): SchemaCompatible; } declare class ExtensionValueFactory { static types?: Record; private static getItems; static fromBER(id: string, raw: BufferSource): ExtensionParsedValue | null; static find(id: string): ExtensionValueType | null; static register(id: string, name: string, type: ExtensionValueConstructor): void; } declare const EXTN_ID = "extnID"; declare const CRITICAL = "critical"; declare const EXTN_VALUE = "extnValue"; declare const PARSED_VALUE$5 = "parsedValue"; interface IExtension { extnID: string; critical: boolean; extnValue: asn1js.OctetString; parsedValue?: ExtensionParsedValue; } interface ExtensionConstructorParameters { extnID?: string; critical?: boolean; extnValue?: ArrayBuffer; parsedValue?: ExtensionParsedValue; } type ExtensionParameters = PkiObjectParameters & ExtensionConstructorParameters; type ExtensionSchema = SchemaParameters<{ extnID?: string; critical?: string; extnValue?: string; }>; interface ExtensionJson { extnID: string; extnValue: asn1js.OctetStringJson; critical?: boolean; parsedValue?: any; } /** * Represents the Extension structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class Extension extends PkiObject implements IExtension { static CLASS_NAME: string; extnID: string; critical: boolean; extnValue: asn1js.OctetString; private _parsedValue?; get parsedValue(): ExtensionParsedValue | undefined; set parsedValue(value: ExtensionParsedValue | undefined); /** * Initializes a new instance of the {@link Extension} class * @param parameters Initialization parameters */ constructor(parameters?: ExtensionParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof EXTN_ID): string; static defaultValues(memberName: typeof CRITICAL): boolean; static defaultValues(memberName: typeof EXTN_VALUE): asn1js.OctetString; static defaultValues(memberName: typeof PARSED_VALUE$5): ExtensionParsedValue; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING * } *``` */ static schema(parameters?: ExtensionSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ExtensionJson; } declare const EXTENSIONS$6 = "extensions"; interface IExtensions { /** * List of extensions */ extensions: Extension[]; } type ExtensionsParameters = PkiObjectParameters & Partial; type ExtensionsSchema = SchemaParameters<{ extensions?: string; extension?: ExtensionSchema; }>; interface ExtensionsJson { extensions: ExtensionJson[]; } /** * Represents the Extensions structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class Extensions extends PkiObject implements IExtensions { static CLASS_NAME: string; extensions: Extension[]; /** * Initializes a new instance of the {@link Extensions} class * @param parameters Initialization parameters */ constructor(parameters?: ExtensionsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof EXTENSIONS$6): Extension[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * ``` * * @param parameters Input parameters for the schema * @param optional Flag that current schema should be optional * @returns ASN.1 schema object */ static schema(parameters?: ExtensionsSchema, optional?: boolean): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ExtensionsJson; } declare const ISSUER$5 = "issuer"; declare const SERIAL_NUMBER$6 = "serialNumber"; declare const ISSUER_UID = "issuerUID"; interface IIssuerSerial { /** * Issuer name */ issuer: GeneralNames; /** * Serial number */ serialNumber: asn1js.Integer; /** * Issuer unique identifier */ issuerUID?: asn1js.BitString; } type IssuerSerialParameters = PkiObjectParameters & Partial; interface IssuerSerialJson { issuer: GeneralNamesJson; serialNumber: asn1js.IntegerJson; issuerUID?: asn1js.BitStringJson; } /** * Represents the IssuerSerial structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class IssuerSerial extends PkiObject implements IIssuerSerial { static CLASS_NAME: string; issuer: GeneralNames; serialNumber: asn1js.Integer; issuerUID?: asn1js.BitString; /** * Initializes a new instance of the {@link IssuerSerial} class * @param parameters Initialization parameters */ constructor(parameters?: IssuerSerialParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ISSUER$5): GeneralNames; static defaultValues(memberName: typeof SERIAL_NUMBER$6): asn1js.Integer; static defaultValues(memberName: typeof ISSUER_UID): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * IssuerSerial ::= SEQUENCE { * issuer GeneralNames, * serial CertificateSerialNumber, * issuerUID UniqueIdentifier OPTIONAL * } * * CertificateSerialNumber ::= INTEGER * UniqueIdentifier ::= BIT STRING *``` */ static schema(parameters?: SchemaParameters<{ issuer?: GeneralNamesSchema; serialNumber?: string; issuerUID?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): IssuerSerialJson; } declare const VERSION$k = "version"; declare const BASE_CERTIFICATE_ID$2 = "baseCertificateID"; declare const SUBJECT_NAME = "subjectName"; declare const ISSUER$4 = "issuer"; declare const SIGNATURE$7 = "signature"; declare const SERIAL_NUMBER$5 = "serialNumber"; declare const ATTR_CERT_VALIDITY_PERIOD$1 = "attrCertValidityPeriod"; declare const ATTRIBUTES$4 = "attributes"; declare const ISSUER_UNIQUE_ID$2 = "issuerUniqueID"; declare const EXTENSIONS$5 = "extensions"; interface IAttributeCertificateInfoV1 { /** * The version field MUST have the value of v2 */ version: number; baseCertificateID?: IssuerSerial; subjectName?: GeneralNames; issuer: GeneralNames; /** * Contains the algorithm identifier used to validate the AC signature */ signature: AlgorithmIdentifier; serialNumber: asn1js.Integer; /** * Specifies the period for which the AC issuer certifies that the binding between * the holder and the attributes fields will be valid */ attrCertValidityPeriod: AttCertValidityPeriod; /** * The attributes field gives information about the AC holder */ attributes: Attribute[]; /** * Issuer unique identifier */ issuerUniqueID?: asn1js.BitString; /** * The extensions field generally gives information about the AC as opposed * to information about the AC holder */ extensions?: Extensions; } interface AttributeCertificateInfoV1Json { version: number; baseCertificateID?: IssuerSerialJson; subjectName?: GeneralNamesJson; issuer: GeneralNamesJson; signature: AlgorithmIdentifierJson; serialNumber: asn1js.IntegerJson; attrCertValidityPeriod: AttCertValidityPeriodJson; attributes: AttributeJson[]; issuerUniqueID: asn1js.BitStringJson; extensions: ExtensionsJson; } type AttributeCertificateInfoV1Parameters = PkiObjectParameters & Partial; type AttributeCertificateInfoV1Schema = SchemaParameters<{ version?: string; baseCertificateID?: string; subjectName?: string; signature?: AlgorithmIdentifierSchema; issuer?: string; attrCertValidityPeriod?: AttCertValidityPeriodSchema; serialNumber?: string; attributes?: string; issuerUniqueID?: string; extensions?: ExtensionsSchema; }>; /** * Represents the AttributeCertificateInfoV1 structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class AttributeCertificateInfoV1 extends PkiObject implements IAttributeCertificateInfoV1 { static CLASS_NAME: string; version: number; baseCertificateID?: IssuerSerial; subjectName?: GeneralNames; issuer: GeneralNames; signature: AlgorithmIdentifier; serialNumber: asn1js.Integer; attrCertValidityPeriod: AttCertValidityPeriod; attributes: Attribute[]; issuerUniqueID?: asn1js.BitString; extensions?: Extensions; /** * Initializes a new instance of the {@link AttributeCertificateInfoV1} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeCertificateInfoV1Parameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$k): number; static defaultValues(memberName: typeof BASE_CERTIFICATE_ID$2): IssuerSerial; static defaultValues(memberName: typeof SUBJECT_NAME): GeneralNames; static defaultValues(memberName: typeof ISSUER$4): GeneralNames; static defaultValues(memberName: typeof SIGNATURE$7): AlgorithmIdentifier; static defaultValues(memberName: typeof SERIAL_NUMBER$5): asn1js.Integer; static defaultValues(memberName: typeof ATTR_CERT_VALIDITY_PERIOD$1): AttCertValidityPeriod; static defaultValues(memberName: typeof ATTRIBUTES$4): Attribute[]; static defaultValues(memberName: typeof ISSUER_UNIQUE_ID$2): asn1js.BitString; static defaultValues(memberName: typeof EXTENSIONS$5): Extensions; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttributeCertificateInfo ::= SEQUENCE { * version Version DEFAULT v1, * subject CHOICE { * baseCertificateID [0] IssuerSerial, -- associated with a Public Key Certificate * subjectName [1] GeneralNames }, -- associated with a name * issuer GeneralNames, -- CA issuing the attribute certificate * signature AlgorithmIdentifier, * serialNumber CertificateSerialNumber, * attrCertValidityPeriod AttCertValidityPeriod, * attributes SEQUENCE OF Attribute, * issuerUniqueID UniqueIdentifier OPTIONAL, * extensions Extensions OPTIONAL * } *``` */ static schema(parameters?: AttributeCertificateInfoV1Schema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeCertificateInfoV1Json; } declare const ACINFO$1 = "acinfo"; declare const SIGNATURE_ALGORITHM$8 = "signatureAlgorithm"; declare const SIGNATURE_VALUE$4 = "signatureValue"; interface IAttributeCertificateV1 { /** * Attribute certificate information */ acinfo: AttributeCertificateInfoV1; /** * Signature algorithm */ signatureAlgorithm: AlgorithmIdentifier; /** * Signature value */ signatureValue: asn1js.BitString; } interface AttributeCertificateV1Json { acinfo: AttributeCertificateInfoV1Json; signatureAlgorithm: AlgorithmIdentifierJson; signatureValue: asn1js.BitStringJson; } type AttributeCertificateV1Parameters = PkiObjectParameters & Partial; /** * Class from X.509:1997 */ declare class AttributeCertificateV1 extends PkiObject implements IAttributeCertificateV1 { static CLASS_NAME: string; acinfo: AttributeCertificateInfoV1; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; /** * Initializes a new instance of the {@link AttributeCertificateV1} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeCertificateV1Parameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ACINFO$1): AttributeCertificateInfoV1; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$8): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE_VALUE$4): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttributeCertificate ::= SEQUENCE { * acinfo AttributeCertificateInfoV1, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING * } *``` */ static schema(parameters?: SchemaParameters<{ acinfo?: AttributeCertificateInfoV1Schema; signatureAlgorithm?: AlgorithmIdentifierSchema; signatureValue?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeCertificateV1Json; } declare const DIGESTED_OBJECT_TYPE = "digestedObjectType"; declare const OTHER_OBJECT_TYPE_ID = "otherObjectTypeID"; declare const DIGEST_ALGORITHM$2 = "digestAlgorithm"; declare const OBJECT_DIGEST = "objectDigest"; interface IObjectDigestInfo { digestedObjectType: asn1js.Enumerated; otherObjectTypeID?: asn1js.ObjectIdentifier; digestAlgorithm: AlgorithmIdentifier; objectDigest: asn1js.BitString; } type ObjectDigestInfoParameters = PkiObjectParameters & Partial; interface ObjectDigestInfoJson { digestedObjectType: asn1js.EnumeratedJson; otherObjectTypeID?: asn1js.ObjectIdentifierJson; digestAlgorithm: AlgorithmIdentifierJson; objectDigest: asn1js.BitStringJson; } /** * Represents the ObjectDigestInfo structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class ObjectDigestInfo extends PkiObject implements IObjectDigestInfo { static CLASS_NAME: string; digestedObjectType: asn1js.Enumerated; otherObjectTypeID?: asn1js.ObjectIdentifier; digestAlgorithm: AlgorithmIdentifier; objectDigest: asn1js.BitString; /** * Initializes a new instance of the {@link ObjectDigestInfo} class * @param parameters Initialization parameters */ constructor(parameters?: ObjectDigestInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof DIGESTED_OBJECT_TYPE): asn1js.Enumerated; static defaultValues(memberName: typeof OTHER_OBJECT_TYPE_ID): asn1js.ObjectIdentifier; static defaultValues(memberName: typeof DIGEST_ALGORITHM$2): AlgorithmIdentifier; static defaultValues(memberName: typeof OBJECT_DIGEST): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ObjectDigestInfo ::= SEQUENCE { * digestedObjectType ENUMERATED { * publicKey (0), * publicKeyCert (1), * otherObjectTypes (2) }, * -- otherObjectTypes MUST NOT * -- be used in this profile * otherObjectTypeID OBJECT IDENTIFIER OPTIONAL, * digestAlgorithm AlgorithmIdentifier, * objectDigest BIT STRING * } *``` */ static schema(parameters?: SchemaParameters<{ digestedObjectType?: string; otherObjectTypeID?: string; digestAlgorithm?: AlgorithmIdentifierSchema; objectDigest?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ObjectDigestInfoJson; } declare const ISSUER_NAME = "issuerName"; declare const BASE_CERTIFICATE_ID$1 = "baseCertificateID"; declare const OBJECT_DIGEST_INFO$1 = "objectDigestInfo"; interface IV2Form { issuerName?: GeneralNames; baseCertificateID?: IssuerSerial; objectDigestInfo?: ObjectDigestInfo; } type V2FormParameters = PkiObjectParameters & Partial; interface V2FormJson { issuerName?: GeneralNamesJson; baseCertificateID?: IssuerSerialJson; objectDigestInfo?: ObjectDigestInfoJson; } /** * Represents the V2Form structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class V2Form extends PkiObject implements IV2Form { static CLASS_NAME: string; issuerName?: GeneralNames; baseCertificateID?: IssuerSerial; objectDigestInfo?: ObjectDigestInfo; /** * Initializes a new instance of the {@link V2Form} class * @param parameters Initialization parameters */ constructor(parameters?: V2FormParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ISSUER_NAME): GeneralNames; static defaultValues(memberName: typeof BASE_CERTIFICATE_ID$1): IssuerSerial; static defaultValues(memberName: typeof OBJECT_DIGEST_INFO$1): ObjectDigestInfo; /** * @inheritdoc * @asn ASN.1 schema * ```asn * V2Form ::= SEQUENCE { * issuerName GeneralNames OPTIONAL, * baseCertificateID [0] IssuerSerial OPTIONAL, * objectDigestInfo [1] ObjectDigestInfo OPTIONAL * -- issuerName MUST be present in this profile * -- baseCertificateID and objectDigestInfo MUST NOT * -- be present in this profile * } *``` */ static schema(parameters?: SchemaParameters<{ issuerName?: string; baseCertificateID?: string; objectDigestInfo?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): V2FormJson; } declare const BASE_CERTIFICATE_ID = "baseCertificateID"; declare const ENTITY_NAME = "entityName"; declare const OBJECT_DIGEST_INFO = "objectDigestInfo"; interface IHolder { baseCertificateID?: IssuerSerial; entityName?: GeneralNames; objectDigestInfo?: ObjectDigestInfo; } type HolderParameters = PkiObjectParameters & Partial; type HolderSchema = SchemaParameters<{ baseCertificateID?: string; entityName?: string; objectDigestInfo?: string; }>; interface HolderJson { baseCertificateID?: IssuerSerialJson; entityName?: GeneralNamesJson; objectDigestInfo?: ObjectDigestInfoJson; } /** * Represents the Holder structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class Holder extends PkiObject implements IHolder { static CLASS_NAME: string; baseCertificateID?: IssuerSerial; entityName?: GeneralNames; objectDigestInfo?: ObjectDigestInfo; /** * Initializes a new instance of the {@link AttributeCertificateInfoV1} class * @param parameters Initialization parameters */ constructor(parameters?: HolderParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof BASE_CERTIFICATE_ID): IssuerSerial; static defaultValues(memberName: typeof ENTITY_NAME): GeneralNames; static defaultValues(memberName: typeof OBJECT_DIGEST_INFO): ObjectDigestInfo; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Holder ::= SEQUENCE { * baseCertificateID [0] IssuerSerial OPTIONAL, * -- the issuer and serial number of * -- the holder's Public Key Certificate * entityName [1] GeneralNames OPTIONAL, * -- the name of the claimant or role * objectDigestInfo [2] ObjectDigestInfo OPTIONAL * -- used to directly authenticate the holder, * -- for example, an executable * } *``` */ static schema(parameters?: HolderSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): HolderJson; } declare const VERSION$j = "version"; declare const HOLDER = "holder"; declare const ISSUER$3 = "issuer"; declare const SIGNATURE$6 = "signature"; declare const SERIAL_NUMBER$4 = "serialNumber"; declare const ATTR_CERT_VALIDITY_PERIOD = "attrCertValidityPeriod"; declare const ATTRIBUTES$3 = "attributes"; declare const ISSUER_UNIQUE_ID$1 = "issuerUniqueID"; declare const EXTENSIONS$4 = "extensions"; interface IAttributeCertificateInfoV2 { version: number; holder: Holder; issuer: GeneralNames | V2Form; signature: AlgorithmIdentifier; serialNumber: asn1js.Integer; attrCertValidityPeriod: AttCertValidityPeriod; attributes: Attribute[]; issuerUniqueID?: asn1js.BitString; extensions?: Extensions; } type AttributeCertificateInfoV2Parameters = PkiObjectParameters & Partial; type AttributeCertificateInfoV2Schema = SchemaParameters<{ version?: string; holder?: HolderSchema; issuer?: string; signature?: AlgorithmIdentifierSchema; serialNumber?: string; attrCertValidityPeriod?: AttCertValidityPeriodSchema; attributes?: string; issuerUniqueID?: string; extensions?: ExtensionsSchema; }>; interface AttributeCertificateInfoV2Json { version: number; holder: HolderJson; issuer: GeneralNamesJson | V2FormJson; signature: AlgorithmIdentifierJson; serialNumber: asn1js.IntegerJson; attrCertValidityPeriod: AttCertValidityPeriodJson; attributes: AttributeJson[]; issuerUniqueID?: asn1js.BitStringJson; extensions?: ExtensionsJson; } /** * Represents the AttributeCertificateInfoV2 structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class AttributeCertificateInfoV2 extends PkiObject implements IAttributeCertificateInfoV2 { static CLASS_NAME: string; version: number; holder: Holder; issuer: GeneralNames | V2Form; signature: AlgorithmIdentifier; serialNumber: asn1js.Integer; attrCertValidityPeriod: AttCertValidityPeriod; attributes: Attribute[]; issuerUniqueID?: asn1js.BitString; extensions?: Extensions; /** * Initializes a new instance of the {@link AttributeCertificateInfoV2} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeCertificateInfoV2Parameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$j): number; static defaultValues(memberName: typeof HOLDER): Holder; static defaultValues(memberName: typeof ISSUER$3): GeneralNames | V2Form; static defaultValues(memberName: typeof SIGNATURE$6): AlgorithmIdentifier; static defaultValues(memberName: typeof SERIAL_NUMBER$4): asn1js.Integer; static defaultValues(memberName: typeof ATTR_CERT_VALIDITY_PERIOD): AttCertValidityPeriod; static defaultValues(memberName: typeof ATTRIBUTES$3): Attribute[]; static defaultValues(memberName: typeof ISSUER_UNIQUE_ID$1): asn1js.BitString; static defaultValues(memberName: typeof EXTENSIONS$4): Extensions; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttributeCertificateInfoV2 ::= SEQUENCE { * version AttCertVersion, -- version is v2 * holder Holder, * issuer AttCertIssuer, * signature AlgorithmIdentifier, * serialNumber CertificateSerialNumber, * attrCertValidityPeriod AttCertValidityPeriod, * attributes SEQUENCE OF Attribute, * issuerUniqueID UniqueIdentifier OPTIONAL, * extensions Extensions OPTIONAL * } *``` */ static schema(parameters?: AttributeCertificateInfoV2Schema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeCertificateInfoV2Json; } declare const ACINFO = "acinfo"; declare const SIGNATURE_ALGORITHM$7 = "signatureAlgorithm"; declare const SIGNATURE_VALUE$3 = "signatureValue"; interface IAttributeCertificateV2 { /** * Attribute certificate information */ acinfo: AttributeCertificateInfoV2; /** * Signature algorithm */ signatureAlgorithm: AlgorithmIdentifier; /** * Signature value */ signatureValue: asn1js.BitString; } type AttributeCertificateV2Parameters = PkiObjectParameters & Partial; interface AttributeCertificateV2Json { acinfo: AttributeCertificateInfoV2Json; signatureAlgorithm: AlgorithmIdentifierJson; signatureValue: asn1js.BitStringJson; } /** * Represents the AttributeCertificateV2 structure described in [RFC5755](https://datatracker.ietf.org/doc/html/rfc5755) */ declare class AttributeCertificateV2 extends PkiObject implements IAttributeCertificateV2 { static CLASS_NAME: string; acinfo: AttributeCertificateInfoV2; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; /** * Initializes a new instance of the {@link AttributeCertificateV2} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeCertificateV2Parameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ACINFO): AttributeCertificateInfoV2; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$7): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE_VALUE$3): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttributeCertificate ::= SEQUENCE { * acinfo AttributeCertificateInfoV2, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING * } *``` */ static schema(parameters?: SchemaParameters<{ acinfo?: AttributeCertificateInfoV2Schema; signatureAlgorithm?: AlgorithmIdentifierSchema; signatureValue?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeCertificateV2Json; } declare const TYPE$3 = "type"; declare const VALUE$5 = "value"; interface IAttributeTypeAndValue { type: string; value: AttributeValueType; } type AttributeTypeAndValueParameters = PkiObjectParameters & Partial; type AttributeValueType = asn1js.Utf8String | asn1js.BmpString | asn1js.UniversalString | asn1js.NumericString | asn1js.PrintableString | asn1js.TeletexString | asn1js.VideotexString | asn1js.IA5String | asn1js.GraphicString | asn1js.VisibleString | asn1js.GeneralString | asn1js.CharacterString; interface AttributeTypeAndValueJson { type: string; value: any; } /** * Represents the AttributeTypeAndValue structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class AttributeTypeAndValue extends PkiObject implements IAttributeTypeAndValue { static CLASS_NAME: string; type: string; value: AttributeValueType; /** * Initializes a new instance of the {@link AttributeTypeAndValue} class * @param parameters Initialization parameters */ constructor(parameters?: AttributeTypeAndValueParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE$3): string; static defaultValues(memberName: typeof VALUE$5): AttributeValueType; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AttributeTypeAndValue ::= Sequence { * type AttributeType, * value AttributeValue } * * AttributeType ::= OBJECT IDENTIFIER * * AttributeValue ::= ANY -- DEFINED BY AttributeType *``` */ static schema(parameters?: SchemaParameters<{ type?: string; value?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AttributeTypeAndValueJson; /** * Compares two AttributeTypeAndValue values, or AttributeTypeAndValue with ArrayBuffer value * @param compareTo The value compare to current */ isEqual(compareTo: AttributeTypeAndValue | ArrayBuffer): boolean; } declare const CONTENT_TYPE$1 = "contentType"; declare const CONTENT = "content"; interface IContentInfo { contentType: string; content: any; } type ContentInfoParameters = PkiObjectParameters & Partial; type ContentInfoSchema = SchemaParameters<{ contentType?: string; content?: string; }>; interface ContentInfoJson { contentType: string; content?: any; } /** * Represents the ContentInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class ContentInfo extends PkiObject implements IContentInfo { static CLASS_NAME: string; static readonly DATA = "1.2.840.113549.1.7.1"; static readonly SIGNED_DATA = "1.2.840.113549.1.7.2"; static readonly ENVELOPED_DATA = "1.2.840.113549.1.7.3"; static readonly ENCRYPTED_DATA = "1.2.840.113549.1.7.6"; contentType: string; content: any; /** * Initializes a new instance of the {@link ContentInfo} class * @param parameters Initialization parameters */ constructor(parameters?: ContentInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CONTENT_TYPE$1): string; static defaultValues(memberName: typeof CONTENT): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: T): memberValue is T; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ContentInfo ::= SEQUENCE { * contentType ContentType, * content [0] EXPLICIT ANY DEFINED BY contentType } *``` */ static schema(parameters?: ContentInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ContentInfoJson; } declare const CONTENT_TYPE = "contentType"; declare const CONTENT_ENCRYPTION_ALGORITHM = "contentEncryptionAlgorithm"; declare const ENCRYPTED_CONTENT = "encryptedContent"; interface IEncryptedContentInfo { contentType: string; contentEncryptionAlgorithm: AlgorithmIdentifier; encryptedContent?: asn1js.OctetString; } interface EncryptedContentInfoJson { contentType: string; contentEncryptionAlgorithm: AlgorithmIdentifierJson; encryptedContent?: asn1js.OctetStringJson; } interface EncryptedContentInfoSplit { /** * Disables OctetString splitting for encryptedContent. */ disableSplit?: boolean; } type EncryptedContentParameters = PkiObjectParameters & Partial & EncryptedContentInfoSplit; type EncryptedContentInfoSchema = SchemaParameters<{ contentType?: string; contentEncryptionAlgorithm?: AlgorithmIdentifierSchema; encryptedContent?: string; }>; /** * Represents the EncryptedContentInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class EncryptedContentInfo extends PkiObject implements IEncryptedContentInfo { static CLASS_NAME: string; contentType: string; contentEncryptionAlgorithm: AlgorithmIdentifier; encryptedContent?: asn1js.OctetString; /** * Initializes a new instance of the {@link EncryptedContentInfo} class * @param parameters Initialization parameters */ constructor(parameters?: EncryptedContentParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CONTENT_TYPE): string; static defaultValues(memberName: typeof CONTENT_ENCRYPTION_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTED_CONTENT): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * EncryptedContentInfo ::= SEQUENCE { * contentType ContentType, * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier, * encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL } * * Comment: Strange, but modern crypto engines create ENCRYPTED_CONTENT as "[0] EXPLICIT EncryptedContent" * * EncryptedContent ::= OCTET STRING *``` */ static schema(parameters?: EncryptedContentInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): EncryptedContentInfoJson; /** * Returns concatenated buffer from `encryptedContent` field. * @returns Array buffer * @since 3.0.0 * @throws Throws Error if `encryptedContent` is undefined */ getEncryptedContent(): ArrayBuffer; } declare const X = "x"; declare const Y = "y"; declare const NAMED_CURVE$1 = "namedCurve"; interface IECPublicKey { namedCurve: string; x: ArrayBuffer; y: ArrayBuffer; } interface ECPublicKeyJson { crv: string; x: string; y: string; } type ECPublicKeyParameters = PkiObjectParameters & Partial & { json?: ECPublicKeyJson; }; /** * Represents the PrivateKeyInfo structure described in [RFC5480](https://datatracker.ietf.org/doc/html/rfc5480) */ declare class ECPublicKey extends PkiObject implements IECPublicKey { static CLASS_NAME: string; namedCurve: string; x: ArrayBuffer; y: ArrayBuffer; /** * Initializes a new instance of the {@link ECPublicKey} class * @param parameters Initialization parameters */ constructor(parameters?: ECPublicKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof NAMED_CURVE$1): string; static defaultValues(memberName: typeof X | typeof Y): ArrayBuffer; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: T): memberValue is T; /** * Returns value of pre-defined ASN.1 schema for current class * @param parameters Input parameters for the schema * @returns ASN.1 schema object */ static schema(): SchemaType; fromSchema(schema1: BufferSource): any; toSchema(): asn1js.RawData; toJSON(): ECPublicKeyJson; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: any): void; } interface IRSAPublicKey { /** * Modulus part of RSA public key */ modulus: asn1js.Integer; /** * Public exponent of RSA public key */ publicExponent: asn1js.Integer; } interface RSAPublicKeyJson { n: string; e: string; } type RSAPublicKeyParameters = PkiObjectParameters & Partial & { json?: RSAPublicKeyJson; }; declare const MODULUS$1 = "modulus"; declare const PUBLIC_EXPONENT$1 = "publicExponent"; /** * Represents the RSAPublicKey structure described in [RFC3447](https://datatracker.ietf.org/doc/html/rfc3447) */ declare class RSAPublicKey extends PkiObject implements IRSAPublicKey { static CLASS_NAME: string; modulus: asn1js.Integer; publicExponent: asn1js.Integer; /** * Initializes a new instance of the {@link RSAPublicKey} class * @param parameters Initialization parameters */ constructor(parameters?: RSAPublicKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof MODULUS$1 | typeof PUBLIC_EXPONENT$1): asn1js.Integer; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RSAPublicKey ::= Sequence { * modulus Integer, -- n * publicExponent Integer -- e * } *``` */ static schema(parameters?: SchemaParameters<{ modulus?: string; publicExponent?: string; }>): SchemaType; fromSchema(schema: asn1js.AsnType): void; toSchema(): asn1js.Sequence; toJSON(): RSAPublicKeyJson; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: RSAPublicKeyJson): void; } declare const ALGORITHM$1 = "algorithm"; declare const SUBJECT_PUBLIC_KEY = "subjectPublicKey"; interface IPublicKeyInfo { /** * Algorithm identifier */ algorithm: AlgorithmIdentifier; /** * Subject public key value */ subjectPublicKey: asn1js.BitString; /** * Parsed public key value */ parsedKey?: ECPublicKey | RSAPublicKey | undefined; } type PublicKeyInfoParameters = PkiObjectParameters & Partial & { json?: JsonWebKey; }; interface PublicKeyInfoJson { algorithm: AlgorithmIdentifierJson; subjectPublicKey: asn1js.BitStringJson; } type PublicKeyInfoSchema = SchemaParameters<{ algorithm?: AlgorithmIdentifierSchema; subjectPublicKey?: string; }>; /** * Represents the PublicKeyInfo structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PublicKeyInfo extends PkiObject implements IPublicKeyInfo { static CLASS_NAME: string; algorithm: AlgorithmIdentifier; subjectPublicKey: asn1js.BitString; private _parsedKey?; get parsedKey(): ECPublicKey | RSAPublicKey | undefined; set parsedKey(value: ECPublicKey | RSAPublicKey | undefined); /** * Initializes a new instance of the {@link PublicKeyInfo} class * @param parameters Initialization parameters */ constructor(parameters?: PublicKeyInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ALGORITHM$1): AlgorithmIdentifier; static defaultValues(memberName: typeof SUBJECT_PUBLIC_KEY): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SubjectPublicKeyInfo ::= Sequence { * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } *``` */ static schema(parameters?: PublicKeyInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PublicKeyInfoJson | JsonWebKey; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: any): void; importKey(publicKey: CryptoKey, crypto?: ICryptoEngine): Promise; } type CryptoEngineAlgorithmOperation = "sign" | "encrypt" | "generateKey" | "importKey" | "exportKey" | "verify"; /** * Algorithm parameters */ interface CryptoEngineAlgorithmParams { /** * Algorithm */ algorithm: Algorithm | object; /** * Key usages */ usages: KeyUsage[]; } interface CryptoEngineSignatureParams { signatureAlgorithm: AlgorithmIdentifier; parameters: CryptoEngineAlgorithmParams; } interface CryptoEngineSignWithPrivateKeyParams { algorithm: Algorithm; } /** * Public key parameters */ interface CryptoEnginePublicKeyParams { /** * Algorithm */ algorithm: CryptoEngineAlgorithmParams; } type ContentEncryptionAesCbcParams = AesCbcParams & AesDerivedKeyParams; type ContentEncryptionAesGcmParams = AesGcmParams & AesDerivedKeyParams; type ContentEncryptionAlgorithm = ContentEncryptionAesCbcParams | ContentEncryptionAesGcmParams; interface CryptoEngineEncryptParams { password: ArrayBuffer; contentEncryptionAlgorithm: ContentEncryptionAlgorithm; hmacHashAlgorithm: string; iterationCount: number; contentToEncrypt: ArrayBuffer; contentType: string; } interface CryptoEngineDecryptParams { password: ArrayBuffer; encryptedContentInfo: EncryptedContentInfo; } interface CryptoEngineStampDataWithPasswordParams { password: ArrayBuffer; hashAlgorithm: string; salt: ArrayBuffer; iterationCount: number; contentToStamp: ArrayBuffer; } interface CryptoEngineVerifyDataStampedWithPasswordParams { password: ArrayBuffer; hashAlgorithm: string; salt: ArrayBuffer; iterationCount: number; contentToVerify: ArrayBuffer; signatureToVerify: ArrayBuffer; } interface ICryptoEngine extends SubtleCrypto { name: string; crypto: Crypto; subtle: SubtleCrypto; getRandomValues(array: T): T; /** * Get OID for each specific algorithm * @param algorithm WebCrypto Algorithm * @param safety If `true` throws exception on unknown algorithm. Default is `false` * @param target Name of the target * @throws Throws {@link Error} exception if unknown WebCrypto algorithm */ getOIDByAlgorithm(algorithm: Algorithm, safety?: boolean, target?: string): string; /** * Get default algorithm parameters for each kind of operation * @param algorithmName Algorithm name to get common parameters for * @param operation Kind of operation: "sign", "encrypt", "generateKey", "importKey", "exportKey", "verify" */ getAlgorithmParameters(algorithmName: string, operation: CryptoEngineAlgorithmOperation): CryptoEngineAlgorithmParams; /** * Gets WebCrypto algorithm by wel-known OID * @param oid algorithm identifier * @param safety if `true` throws exception on unknown algorithm identifier * @param target name of the target * @returns Returns WebCrypto algorithm or an empty object */ getAlgorithmByOID(oid: string, safety?: boolean, target?: string): T | object; /** * Gets WebCrypto algorithm by wel-known OID * @param oid algorithm identifier * @param safety if `true` throws exception on unknown algorithm identifier * @param target name of the target * @returns Returns WebCrypto algorithm * @throws Throws {@link Error} exception if unknown algorithm identifier */ getAlgorithmByOID(oid: string, safety: true, target?: string): T; /** * Getting hash algorithm by signature algorithm * @param signatureAlgorithm Signature algorithm */ getHashAlgorithm(signatureAlgorithm: AlgorithmIdentifier): string; /** * Get signature parameters by analyzing private key algorithm * @param privateKey The private key user would like to use * @param hashAlgorithm Hash algorithm user would like to use. Default is SHA-1 */ getSignatureParameters(privateKey: CryptoKey, hashAlgorithm?: string): Promise; /** * Sign data with pre-defined private key * @param data Data to be signed * @param privateKey Private key to use * @param parameters Parameters for used algorithm */ signWithPrivateKey(data: BufferSource, privateKey: CryptoKey, parameters: CryptoEngineSignWithPrivateKeyParams): Promise; /** * Verify data with the public key * @param data Data to be verified * @param signature Signature value * @param publicKeyInfo Public key information * @param signatureAlgorithm Signature algorithm * @param shaAlgorithm Hash algorithm */ verifyWithPublicKey(data: BufferSource, signature: asn1js.BitString | asn1js.OctetString, publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, shaAlgorithm?: string): Promise; getPublicKey(publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, parameters?: CryptoEnginePublicKeyParams): Promise; /** * Specialized function encrypting "EncryptedContentInfo" object using parameters * @param parameters */ encryptEncryptedContentInfo(parameters: CryptoEngineEncryptParams): Promise; /** * Decrypt data stored in "EncryptedContentInfo" object using parameters * @param parameters */ decryptEncryptedContentInfo(parameters: CryptoEngineDecryptParams): Promise; /** * Stamping (signing) data using algorithm similar to HMAC * @param parameters */ stampDataWithPassword(parameters: CryptoEngineStampDataWithPasswordParams): Promise; verifyDataStampedWithPassword(parameters: CryptoEngineVerifyDataStampedWithPasswordParams): Promise; } interface CryptoEngineParameters { name?: string; crypto: Crypto; /** * @deprecated */ subtle?: SubtleCrypto; } interface CryptoEngineConstructor { new (params: CryptoEngineParameters): ICryptoEngine; } interface GlobalCryptoEngine { name: string; crypto: ICryptoEngine | null; } declare let engine: GlobalCryptoEngine; /** * Sets global crypto engine * @param name Name of the crypto engine * @param crypto * @param subtle * @deprecated Since version 3.0.0 */ declare function setEngine(name: string, crypto: ICryptoEngine | Crypto, subtle: ICryptoEngine | SubtleCrypto): void; /** * Sets global crypto engine * @param name Name of the crypto engine * @param crypto Crypto engine. If the parameter is omitted, `CryptoEngine` with `self.crypto` are used * @since 3.0.0 */ declare function setEngine(name: string, crypto?: ICryptoEngine): void; declare function getEngine(): GlobalCryptoEngine; /** * Gets crypto subtle from the current "crypto engine" * @param safety * @returns Reruns {@link ICryptoEngine} or `null` */ declare function getCrypto(safety?: boolean): ICryptoEngine | null; /** * Gets crypto subtle from the current "crypto engine" * @param safety * @returns Reruns {@link ICryptoEngine} or throws en exception * @throws Throws {@link Error} if `subtle` is empty */ declare function getCrypto(safety: true): ICryptoEngine; /** * Initialize input Uint8Array by random values (with help from current "crypto engine") * @param view */ declare function getRandomValues(view: Uint8Array): Uint8Array; /** * Get OID for each specific algorithm * @param algorithm WebCrypto Algorithm * @param safety if `true` throws exception on unknown algorithm * @param target name of the target * @throws Throws {@link Error} exception if unknown WebCrypto algorithm */ declare function getOIDByAlgorithm(algorithm: Algorithm, safety?: boolean, target?: string): string; /** * Get default algorithm parameters for each kind of operation * @param algorithmName Algorithm name to get common parameters for * @param operation Kind of operation: "sign", "encrypt", "generateKey", "importKey", "exportKey", "verify" */ declare function getAlgorithmParameters(algorithmName: string, operation: CryptoEngineAlgorithmOperation): CryptoEngineAlgorithmParams; /** * Create CMS ECDSA signature from WebCrypto ECDSA signature * @param signatureBuffer WebCrypto result of "sign" function */ declare function createCMSECDSASignature(signatureBuffer: ArrayBuffer): ArrayBuffer; /** * Create a single ArrayBuffer from CMS ECDSA signature * @param cmsSignature ASN.1 SEQUENCE contains CMS ECDSA signature * @param pointSize Size of EC point. Use {@link ECNamedCurves.find} to get correct point size * @returns WebCrypto signature */ declare function createECDSASignatureFromCMS(cmsSignature: asn1js.AsnType, pointSize: number): ArrayBuffer; /** * Gets WebCrypto algorithm by well-known OID * @param oid algorithm identifier * @param safety if true throws exception on unknown algorithm identifier * @param target name of the target * @returns WebCrypto algorithm or an empty object */ declare function getAlgorithmByOID(oid: string, safety?: boolean, target?: string): T | object; declare function getAlgorithmByOID(oid: string, safety: true, target?: string): T; /** * Getting hash algorithm by signature algorithm * @param signatureAlgorithm Signature algorithm */ declare function getHashAlgorithm(signatureAlgorithm: AlgorithmIdentifier): string; /** * ANS X9.63 Key Derivation Function * @param hashFunction Used hash function * @param Zbuffer ArrayBuffer containing ECDH shared secret to derive from * @param keydatalen Length (!!! in BITS !!!) of used kew derivation function * @param SharedInfo Usually DER encoded "ECC_CMS_SharedInfo" structure * @param crypto Crypto engine */ declare function kdf(hashFunction: string, Zbuffer: ArrayBuffer, keydatalen: number, SharedInfo: ArrayBuffer, crypto?: ICryptoEngine): Promise; declare const TYPE_AND_VALUES = "typesAndValues"; declare const VALUE_BEFORE_DECODE = "valueBeforeDecode"; declare const RDN = "RDN"; interface IRelativeDistinguishedNames { /** * Array of "type and value" objects */ typesAndValues: AttributeTypeAndValue[]; /** * Value of the RDN before decoding from schema */ valueBeforeDecode: ArrayBuffer; } type RelativeDistinguishedNamesParameters = PkiObjectParameters & Partial; type RelativeDistinguishedNamesSchema = SchemaParameters<{ repeatedSequence?: string; repeatedSet?: string; typeAndValue?: SchemaType; }>; interface RelativeDistinguishedNamesJson { typesAndValues: AttributeTypeAndValueJson[]; } /** * Represents the RelativeDistinguishedNames structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class RelativeDistinguishedNames extends PkiObject implements IRelativeDistinguishedNames { static CLASS_NAME: string; typesAndValues: AttributeTypeAndValue[]; valueBeforeDecode: ArrayBuffer; /** * Initializes a new instance of the {@link RelativeDistinguishedNames} class * @param parameters Initialization parameters */ constructor(parameters?: RelativeDistinguishedNamesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE_AND_VALUES): AttributeTypeAndValue[]; static defaultValues(memberName: typeof VALUE_BEFORE_DECODE): ArrayBuffer; /** * Compares values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RDNSequence ::= Sequence OF RelativeDistinguishedName * * RelativeDistinguishedName ::= * SET SIZE (1..MAX) OF AttributeTypeAndValue *``` */ static schema(parameters?: RelativeDistinguishedNamesSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RelativeDistinguishedNamesJson; /** * Compares two RDN values, or RDN with ArrayBuffer value * @param compareTo The value compare to current */ isEqual(compareTo: unknown): boolean; } declare const TYPE$2 = "type"; declare const VALUE$4 = "value"; declare enum TimeType { UTCTime = 0, GeneralizedTime = 1, empty = 2 } interface ITime { /** * 0 - UTCTime; 1 - GeneralizedTime; 2 - empty value */ type: TimeType; /** * Value of the TIME class */ value: Date; } type TimeParameters = PkiObjectParameters & Partial; type TimeSchema = SchemaParameters<{ utcTimeName?: string; generalTimeName?: string; }>; interface TimeJson { type: TimeType; value: Date; } /** * Represents the Time structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class Time extends PkiObject implements ITime { static CLASS_NAME: string; type: TimeType; value: Date; /** * Initializes a new instance of the {@link Time} class * @param parameters Initialization parameters */ constructor(parameters?: TimeParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE$2): TimeType; static defaultValues(memberName: typeof VALUE$4): Date; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Time ::= CHOICE { * utcTime UTCTime, * generalTime GeneralizedTime } * ``` * * @param parameters Input parameters for the schema * @param optional Flag that current schema should be optional * @returns ASN.1 schema object */ static schema(parameters?: TimeSchema, optional?: boolean): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.UTCTime | asn1js.GeneralizedTime; toJSON(): TimeJson; } declare const TBS$4 = "tbs"; declare const VERSION$i = "version"; declare const SERIAL_NUMBER$3 = "serialNumber"; declare const SIGNATURE$5 = "signature"; declare const ISSUER$2 = "issuer"; declare const NOT_BEFORE$1 = "notBefore"; declare const NOT_AFTER$1 = "notAfter"; declare const SUBJECT$1 = "subject"; declare const SUBJECT_PUBLIC_KEY_INFO = "subjectPublicKeyInfo"; declare const ISSUER_UNIQUE_ID = "issuerUniqueID"; declare const SUBJECT_UNIQUE_ID = "subjectUniqueID"; declare const EXTENSIONS$3 = "extensions"; declare const SIGNATURE_ALGORITHM$6 = "signatureAlgorithm"; declare const SIGNATURE_VALUE$2 = "signatureValue"; type TBSCertificateSchema = SchemaParameters<{ tbsCertificateVersion?: string; tbsCertificateSerialNumber?: string; signature?: AlgorithmIdentifierSchema; issuer?: RelativeDistinguishedNamesSchema; tbsCertificateValidity?: string; notBefore?: TimeSchema; notAfter?: TimeSchema; subject?: RelativeDistinguishedNamesSchema; subjectPublicKeyInfo?: PublicKeyInfoSchema; tbsCertificateIssuerUniqueID?: string; tbsCertificateSubjectUniqueID?: string; extensions?: ExtensionsSchema; }>; interface ICertificate { /** * ToBeSigned (TBS) part of the certificate */ tbs: ArrayBuffer; /** * Version number */ version: number; /** * Serial number of the certificate */ serialNumber: asn1js.Integer; /** * This field contains the algorithm identifier for the algorithm used by the CA to sign the certificate */ signature: AlgorithmIdentifier; /** * The issuer field identifies the entity that has signed and issued the certificate */ issuer: RelativeDistinguishedNames; /** * The date on which the certificate validity period begins */ notBefore: Time; /** * The date on which the certificate validity period ends */ notAfter: Time; /** * The subject field identifies the entity associated with the public key stored in the subject public key field */ subject: RelativeDistinguishedNames; /** * This field is used to carry the public key and identify the algorithm with which the key is used */ subjectPublicKeyInfo: PublicKeyInfo; /** * The subject and issuer unique identifiers are present in the certificate to handle the possibility of reuse of subject and/or issuer names over time */ issuerUniqueID?: ArrayBuffer; /** * The subject and issuer unique identifiers are present in the certificate to handle the possibility of reuse of subject and/or issuer names over time */ subjectUniqueID?: ArrayBuffer; /** * If present, this field is a SEQUENCE of one or more certificate extensions */ extensions?: Extension[]; /** * The signatureAlgorithm field contains the identifier for the cryptographic algorithm used by the CA to sign this certificate */ signatureAlgorithm: AlgorithmIdentifier; /** * The signatureValue field contains a digital signature computed upon the ASN.1 DER encoded tbsCertificate */ signatureValue: asn1js.BitString; } /** * Constructor parameters for the {@link Certificate} class */ type CertificateParameters = PkiObjectParameters & Partial; /** * Parameters for {@link Certificate} schema generation */ type CertificateSchema = SchemaParameters<{ tbsCertificate?: TBSCertificateSchema; signatureAlgorithm?: AlgorithmIdentifierSchema; signatureValue?: string; }>; interface CertificateJson { tbs: string; version: number; serialNumber: asn1js.IntegerJson; signature: AlgorithmIdentifierJson; issuer: RelativeDistinguishedNamesJson; notBefore: TimeJson; notAfter: TimeJson; subject: RelativeDistinguishedNamesJson; subjectPublicKeyInfo: PublicKeyInfoJson | JsonWebKey; issuerUniqueID?: string; subjectUniqueID?: string; extensions?: ExtensionJson[]; signatureAlgorithm: AlgorithmIdentifierJson; signatureValue: asn1js.BitStringJson; } /** * Represents an X.509 certificate described in [RFC5280 Section 4](https://datatracker.ietf.org/doc/html/rfc5280#section-4). * * @example The following example demonstrates how to parse X.509 Certificate * ```js * const asn1 = asn1js.fromBER(raw); * if (asn1.offset === -1) { * throw new Error("Incorrect encoded ASN.1 data"); * } * * const cert = new pkijs.Certificate({ schema: asn1.result }); * ``` * * @example The following example demonstrates how to create self-signed certificate * ```js * const crypto = pkijs.getCrypto(true); * * // Create certificate * const certificate = new pkijs.Certificate(); * certificate.version = 2; * certificate.serialNumber = new asn1js.Integer({ value: 1 }); * certificate.issuer.typesAndValues.push(new pkijs.AttributeTypeAndValue({ * type: "2.5.4.3", // Common name * value: new asn1js.BmpString({ value: "Test" }) * })); * certificate.subject.typesAndValues.push(new pkijs.AttributeTypeAndValue({ * type: "2.5.4.3", // Common name * value: new asn1js.BmpString({ value: "Test" }) * })); * * certificate.notBefore.value = new Date(); * const notAfter = new Date(); * notAfter.setUTCFullYear(notAfter.getUTCFullYear() + 1); * certificate.notAfter.value = notAfter; * * certificate.extensions = []; // Extensions are not a part of certificate by default, it's an optional array * * // "BasicConstraints" extension * const basicConstr = new pkijs.BasicConstraints({ * cA: true, * pathLenConstraint: 3 * }); * certificate.extensions.push(new pkijs.Extension({ * extnID: "2.5.29.19", * critical: false, * extnValue: basicConstr.toSchema().toBER(false), * parsedValue: basicConstr // Parsed value for well-known extensions * })); * * // "KeyUsage" extension * const bitArray = new ArrayBuffer(1); * const bitView = new Uint8Array(bitArray); * bitView[0] |= 0x02; // Key usage "cRLSign" flag * bitView[0] |= 0x04; // Key usage "keyCertSign" flag * const keyUsage = new asn1js.BitString({ valueHex: bitArray }); * certificate.extensions.push(new pkijs.Extension({ * extnID: "2.5.29.15", * critical: false, * extnValue: keyUsage.toBER(false), * parsedValue: keyUsage // Parsed value for well-known extensions * })); * * const algorithm = pkijs.getAlgorithmParameters("RSASSA-PKCS1-v1_5", "generateKey"); * if ("hash" in algorithm.algorithm) { * algorithm.algorithm.hash.name = "SHA-256"; * } * * const keys = await crypto.generateKey(algorithm.algorithm, true, algorithm.usages); * * // Exporting public key into "subjectPublicKeyInfo" value of certificate * await certificate.subjectPublicKeyInfo.importKey(keys.publicKey); * * // Signing final certificate * await certificate.sign(keys.privateKey, "SHA-256"); * * const raw = certificate.toSchema().toBER(); * ``` */ declare class Certificate extends PkiObject implements ICertificate { static CLASS_NAME: string; tbsView: Uint8Array; /** * @deprecated Since version 3.0.0 */ get tbs(): ArrayBuffer; /** * @deprecated Since version 3.0.0 */ set tbs(value: ArrayBuffer); version: number; serialNumber: asn1js.Integer; signature: AlgorithmIdentifier; issuer: RelativeDistinguishedNames; notBefore: Time; notAfter: Time; subject: RelativeDistinguishedNames; subjectPublicKeyInfo: PublicKeyInfo; issuerUniqueID?: ArrayBuffer; subjectUniqueID?: ArrayBuffer; extensions?: Extension[]; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; /** * Initializes a new instance of the {@link Certificate} class * @param parameters Initialization parameters */ constructor(parameters?: CertificateParameters); /** * Return default values for all class members * @param memberName String name for a class member * @returns Predefined default value */ static defaultValues(memberName: typeof TBS$4): ArrayBuffer; static defaultValues(memberName: typeof VERSION$i): number; static defaultValues(memberName: typeof SERIAL_NUMBER$3): asn1js.Integer; static defaultValues(memberName: typeof SIGNATURE$5): AlgorithmIdentifier; static defaultValues(memberName: typeof ISSUER$2): RelativeDistinguishedNames; static defaultValues(memberName: typeof NOT_BEFORE$1): Time; static defaultValues(memberName: typeof NOT_AFTER$1): Time; static defaultValues(memberName: typeof SUBJECT$1): RelativeDistinguishedNames; static defaultValues(memberName: typeof SUBJECT_PUBLIC_KEY_INFO): PublicKeyInfo; static defaultValues(memberName: typeof ISSUER_UNIQUE_ID): ArrayBuffer; static defaultValues(memberName: typeof SUBJECT_UNIQUE_ID): ArrayBuffer; static defaultValues(memberName: typeof EXTENSIONS$3): Extension[]; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$6): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE_VALUE$2): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Certificate ::= SEQUENCE { * tbsCertificate TBSCertificate, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } * * TBSCertificate ::= SEQUENCE { * version [0] EXPLICIT Version DEFAULT v1, * serialNumber CertificateSerialNumber, * signature AlgorithmIdentifier, * issuer Name, * validity Validity, * subject Name, * subjectPublicKeyInfo SubjectPublicKeyInfo, * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version MUST be v2 or v3 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version MUST be v2 or v3 * extensions [3] EXPLICIT Extensions OPTIONAL * -- If present, version MUST be v3 * } * * Version ::= INTEGER { v1(0), v2(1), v3(2) } * * CertificateSerialNumber ::= INTEGER * * Validity ::= SEQUENCE { * notBefore Time, * notAfter Time } * * Time ::= CHOICE { * utcTime UTCTime, * generalTime GeneralizedTime } * * UniqueIdentifier ::= BIT STRING * * SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } * * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING * -- contains the DER encoding of an ASN.1 value * -- corresponding to the extension type identified * -- by extnID * } *``` */ static schema(parameters?: CertificateSchema): SchemaType; fromSchema(schema: SchemaType): void; /** * Creates ASN.1 schema for existing values of TBS part for the certificate * @returns ASN.1 SEQUENCE */ encodeTBS(): asn1js.Sequence; toSchema(encodeFlag?: boolean): asn1js.Sequence; toJSON(): CertificateJson; /** * Importing public key for current certificate * @param parameters Public key export parameters * @param crypto Crypto engine * @returns WebCrypto public key */ getPublicKey(parameters?: CryptoEnginePublicKeyParams, crypto?: ICryptoEngine): Promise; /** * Get hash value for subject public key (default SHA-1) * @param hashAlgorithm Hashing algorithm name * @param crypto Crypto engine * @returns Computed hash value from `Certificate.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey` */ getKeyHash(hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Make a signature for current value from TBS section * @param privateKey Private key for SUBJECT_PUBLIC_KEY_INFO structure * @param hashAlgorithm Hashing algorithm * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verifies the certificate signature * @param issuerCertificate * @param crypto Crypto engine */ verify(issuerCertificate?: Certificate, crypto?: ICryptoEngine): Promise; } /** * Check CA flag for the certificate * @param cert Certificate to find CA flag for * @returns Returns {@link Certificate} if `cert` is CA certificate otherwise return `null` */ declare function checkCA(cert: Certificate, signerCert?: Certificate | null): Certificate | null; declare const OTHER_CERT_FORMAT = "otherCertFormat"; declare const OTHER_CERT = "otherCert"; interface IOtherCertificateFormat { otherCertFormat: string; otherCert: any; } interface OtherCertificateFormatJson { otherCertFormat: string; otherCert?: any; } type OtherCertificateFormatParameters = PkiObjectParameters & Partial; /** * Represents the OtherCertificateFormat structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OtherCertificateFormat extends PkiObject implements IOtherCertificateFormat { otherCertFormat: string; otherCert: any; /** * Initializes a new instance of the {@link OtherCertificateFormat} class * @param parameters Initialization parameters */ constructor(parameters?: OtherCertificateFormatParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof OTHER_CERT_FORMAT): string; static defaultValues(memberName: typeof OTHER_CERT): asn1js.Any; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OtherCertificateFormat ::= SEQUENCE { * otherCertFormat OBJECT IDENTIFIER, * otherCert ANY DEFINED BY otherCertFormat } *``` */ static schema(parameters?: SchemaParameters<{ otherCertFormat?: string; otherCert?: string; }>): SchemaType; fromSchema(schema: any): void; toSchema(): asn1js.Sequence; toJSON(): OtherCertificateFormatJson; } declare const CERTIFICATES$1 = "certificates"; interface ICertificateSet { certificates: CertificateSetItem[]; } interface CertificateSetJson { certificates: CertificateSetItemJson[]; } type CertificateSetItemJson = CertificateJson | AttributeCertificateV1Json | AttributeCertificateV2Json | OtherCertificateFormatJson; type CertificateSetItem = Certificate | AttributeCertificateV1 | AttributeCertificateV2 | OtherCertificateFormat; type CertificateSetParameters = PkiObjectParameters & Partial; /** * Represents the CertificateSet structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class CertificateSet extends PkiObject implements ICertificateSet { static CLASS_NAME: string; certificates: CertificateSetItem[]; /** * Initializes a new instance of the {@link CertificateSet} class * @param parameters Initialization parameters */ constructor(parameters?: CertificateSetParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERTIFICATES$1): CertificateSetItem[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertificateSet ::= SET OF CertificateChoices * * CertificateChoices ::= CHOICE { * certificate Certificate, * extendedCertificate [0] IMPLICIT ExtendedCertificate, -- Obsolete * v1AttrCert [1] IMPLICIT AttributeCertificateV1, -- Obsolete * v2AttrCert [2] IMPLICIT AttributeCertificateV2, * other [3] IMPLICIT OtherCertificateFormat } *``` */ static schema(parameters?: SchemaParameters<{ certificates?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Set; toJSON(): CertificateSetJson; } declare const USER_CERTIFICATE = "userCertificate"; declare const REVOCATION_DATE = "revocationDate"; declare const CRL_ENTRY_EXTENSIONS = "crlEntryExtensions"; interface IRevokedCertificate { userCertificate: asn1js.Integer; revocationDate: Time; crlEntryExtensions?: Extensions; } type RevokedCertificateParameters = PkiObjectParameters & Partial; interface RevokedCertificateJson { userCertificate: asn1js.IntegerJson; revocationDate: TimeJson; crlEntryExtensions?: ExtensionsJson; } /** * Represents the RevokedCertificate structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class RevokedCertificate extends PkiObject implements IRevokedCertificate { static CLASS_NAME: string; userCertificate: asn1js.Integer; revocationDate: Time; crlEntryExtensions?: Extensions; /** * Initializes a new instance of the {@link RevokedCertificate} class * @param parameters Initialization parameters */ constructor(parameters?: RevokedCertificateParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof USER_CERTIFICATE): asn1js.Integer; static defaultValues(memberName: typeof REVOCATION_DATE): Time; static defaultValues(memberName: typeof CRL_ENTRY_EXTENSIONS): Extensions; /** * @inheritdoc * @asn ASN.1 schema * ```asn * revokedCertificates SEQUENCE OF SEQUENCE { * userCertificate CertificateSerialNumber, * revocationDate Time, * crlEntryExtensions Extensions OPTIONAL * -- if present, version MUST be v2 * } OPTIONAL, *``` */ static schema(parameters?: SchemaParameters<{ userCertificate?: string; revocationDate?: string; crlEntryExtensions?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RevokedCertificateJson; } declare const TBS$3 = "tbs"; declare const VERSION$h = "version"; declare const SIGNATURE$4 = "signature"; declare const ISSUER$1 = "issuer"; declare const THIS_UPDATE$1 = "thisUpdate"; declare const NEXT_UPDATE$1 = "nextUpdate"; declare const REVOKED_CERTIFICATES = "revokedCertificates"; declare const CRL_EXTENSIONS = "crlExtensions"; declare const SIGNATURE_ALGORITHM$5 = "signatureAlgorithm"; declare const SIGNATURE_VALUE$1 = "signatureValue"; interface ICertificateRevocationList { tbs: ArrayBuffer; version: number; signature: AlgorithmIdentifier; issuer: RelativeDistinguishedNames; thisUpdate: Time; nextUpdate?: Time; revokedCertificates?: RevokedCertificate[]; crlExtensions?: Extensions; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; } type TBSCertListSchema = SchemaParameters<{ tbsCertListVersion?: string; signature?: AlgorithmIdentifierSchema; issuer?: RelativeDistinguishedNamesSchema; tbsCertListThisUpdate?: TimeSchema; tbsCertListNextUpdate?: TimeSchema; tbsCertListRevokedCertificates?: string; crlExtensions?: ExtensionsSchema; }>; interface CertificateRevocationListJson { tbs: string; version: number; signature: AlgorithmIdentifierJson; issuer: RelativeDistinguishedNamesJson; thisUpdate: TimeJson; nextUpdate?: TimeJson; revokedCertificates?: RevokedCertificateJson[]; crlExtensions?: ExtensionsJson; signatureAlgorithm: AlgorithmIdentifierJson; signatureValue: asn1js.BitStringJson; } type CertificateRevocationListParameters = PkiObjectParameters & Partial; interface CertificateRevocationListVerifyParams { issuerCertificate?: Certificate; publicKeyInfo?: PublicKeyInfo; } /** * Represents the CertificateRevocationList structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class CertificateRevocationList extends PkiObject implements ICertificateRevocationList { static CLASS_NAME: string; tbsView: Uint8Array; /** * @deprecated Since version 3.0.0 */ get tbs(): ArrayBuffer; /** * @deprecated Since version 3.0.0 */ set tbs(value: ArrayBuffer); version: number; signature: AlgorithmIdentifier; issuer: RelativeDistinguishedNames; thisUpdate: Time; nextUpdate?: Time; revokedCertificates?: RevokedCertificate[]; crlExtensions?: Extensions; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; /** * Initializes a new instance of the {@link CertificateRevocationList} class * @param parameters Initialization parameters */ constructor(parameters?: CertificateRevocationListParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS$3): ArrayBuffer; static defaultValues(memberName: typeof VERSION$h): number; static defaultValues(memberName: typeof SIGNATURE$4): AlgorithmIdentifier; static defaultValues(memberName: typeof ISSUER$1): RelativeDistinguishedNames; static defaultValues(memberName: typeof THIS_UPDATE$1): Time; static defaultValues(memberName: typeof NEXT_UPDATE$1): Time; static defaultValues(memberName: typeof REVOKED_CERTIFICATES): RevokedCertificate[]; static defaultValues(memberName: typeof CRL_EXTENSIONS): Extensions; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$5): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE_VALUE$1): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertificateList ::= SEQUENCE { * tbsCertList TBSCertList, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } *``` */ static schema(parameters?: SchemaParameters<{ tbsCertListVersion?: string; signature?: AlgorithmIdentifierSchema; issuer?: RelativeDistinguishedNamesSchema; tbsCertListThisUpdate?: TimeSchema; tbsCertListNextUpdate?: TimeSchema; tbsCertListRevokedCertificates?: string; crlExtensions?: ExtensionsSchema; signatureAlgorithm?: AlgorithmIdentifierSchema; signatureValue?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; protected encodeTBS(): asn1js.Sequence; /** * Convert current object to asn1js object and set correct values * @returns asn1js object */ toSchema(encodeFlag?: boolean): any; toJSON(): CertificateRevocationListJson; /** * Returns `true` if supplied certificate is revoked, otherwise `false` * @param certificate */ isCertificateRevoked(certificate: Certificate): boolean; /** * Make a signature for existing CRL data * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param hashAlgorithm Hashing algorithm. Default SHA-1 * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verify existing signature * @param parameters * @param crypto Crypto engine */ verify(parameters?: CertificateRevocationListVerifyParams, crypto?: ICryptoEngine): Promise; } declare const OTHER_REV_INFO_FORMAT = "otherRevInfoFormat"; declare const OTHER_REV_INFO = "otherRevInfo"; interface IOtherRevocationInfoFormat { otherRevInfoFormat: string; otherRevInfo: any; } interface OtherRevocationInfoFormatJson { otherRevInfoFormat: string; otherRevInfo?: any; } type OtherRevocationInfoFormatParameters = PkiObjectParameters & Partial; /** * Represents the OtherRevocationInfoFormat structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OtherRevocationInfoFormat extends PkiObject implements IOtherRevocationInfoFormat { static CLASS_NAME: string; otherRevInfoFormat: string; otherRevInfo: any; /** * Initializes a new instance of the {@link OtherRevocationInfoFormat} class * @param parameters Initialization parameters */ constructor(parameters?: OtherRevocationInfoFormatParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof OTHER_REV_INFO_FORMAT): string; static defaultValues(memberName: typeof OTHER_REV_INFO): any; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OtherCertificateFormat ::= SEQUENCE { * otherRevInfoFormat OBJECT IDENTIFIER, * otherRevInfo ANY DEFINED BY otherCertFormat } *``` */ static schema(parameters?: SchemaParameters<{ otherRevInfoFormat?: string; otherRevInfo?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OtherRevocationInfoFormatJson; } declare const CRLS$3 = "crls"; declare const OTHER_REVOCATION_INFOS = "otherRevocationInfos"; interface IRevocationInfoChoices { crls: CertificateRevocationList[]; otherRevocationInfos: OtherRevocationInfoFormat[]; } interface RevocationInfoChoicesJson { crls: CertificateRevocationListJson[]; otherRevocationInfos: OtherRevocationInfoFormatJson[]; } type RevocationInfoChoicesParameters = PkiObjectParameters & Partial; type RevocationInfoChoicesSchema = SchemaParameters<{ crls?: string; }>; /** * Represents the RevocationInfoChoices structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RevocationInfoChoices extends PkiObject implements IRevocationInfoChoices { static CLASS_NAME: string; crls: CertificateRevocationList[]; otherRevocationInfos: OtherRevocationInfoFormat[]; /** * Initializes a new instance of the {@link RevocationInfoChoices} class * @param parameters Initialization parameters */ constructor(parameters?: RevocationInfoChoicesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CRLS$3): CertificateRevocationList[]; static defaultValues(memberName: typeof OTHER_REVOCATION_INFOS): OtherRevocationInfoFormat[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RevocationInfoChoices ::= SET OF RevocationInfoChoice * * RevocationInfoChoice ::= CHOICE { * crl CertificateList, * other [1] IMPLICIT OtherRevocationInfoFormat } *``` */ static schema(parameters?: RevocationInfoChoicesSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RevocationInfoChoicesJson; } declare const CERTS$3 = "certs"; declare const CRLS$2 = "crls"; interface IOriginatorInfo { /** * Collection of certificates. In may contain originator certificates associated with several different * key management algorithms. It may also contain attribute certificates associated with the originator. */ certs?: CertificateSet; /** * Collection of CRLs. It is intended that the set contain information sufficient to determine whether * or not the certificates in the certs field are valid, but such correspondence is not necessary */ crls?: RevocationInfoChoices; } interface OriginatorInfoJson { certs?: CertificateSetJson; crls?: RevocationInfoChoicesJson; } type OriginatorInfoParameters = PkiObjectParameters & Partial; /** * Represents the OriginatorInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OriginatorInfo extends PkiObject implements IOriginatorInfo { static CLASS_NAME: string; certs?: CertificateSet; crls?: RevocationInfoChoices; /** * Initializes a new instance of the {@link CertificateSet} class * @param parameters Initialization parameters */ constructor(parameters?: OriginatorInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERTS$3): CertificateSet; static defaultValues(memberName: typeof CRLS$2): RevocationInfoChoices; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OriginatorInfo ::= SEQUENCE { * certs [0] IMPLICIT CertificateSet OPTIONAL, * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ certs?: string; crls?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OriginatorInfoJson; } declare const ISSUER = "issuer"; declare const SERIAL_NUMBER$2 = "serialNumber"; interface IIssuerAndSerialNumber { /** * Certificate issuer name */ issuer: RelativeDistinguishedNames; /** * Certificate serial number */ serialNumber: asn1js.Integer; } interface IssuerAndSerialNumberJson { issuer: RelativeDistinguishedNamesJson; serialNumber: asn1js.IntegerJson; } type IssuerAndSerialNumberParameters = PkiObjectParameters & Partial; type IssuerAndSerialNumberSchema = SchemaParameters<{ issuer?: RelativeDistinguishedNamesSchema; serialNumber?: string; }>; /** * Represents the IssuerAndSerialNumber structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class IssuerAndSerialNumber extends PkiObject implements IIssuerAndSerialNumber { static CLASS_NAME: string; issuer: RelativeDistinguishedNames; serialNumber: asn1js.Integer; /** * Initializes a new instance of the {@link IssuerAndSerialNumber} class * @param parameters Initialization parameters */ constructor(parameters?: IssuerAndSerialNumberParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ISSUER): RelativeDistinguishedNames; static defaultValues(memberName: typeof SERIAL_NUMBER$2): asn1js.Integer; /** * @inheritdoc * @asn ASN.1 schema * ```asn * IssuerAndSerialNumber ::= SEQUENCE { * issuer Name, * serialNumber CertificateSerialNumber } * * CertificateSerialNumber ::= INTEGER *``` */ static schema(parameters?: IssuerAndSerialNumberSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): IssuerAndSerialNumberJson; } declare const VARIANT$3 = "variant"; declare const VALUE$3 = "value"; interface IRecipientIdentifier { variant: number; value: IssuerAndSerialNumber | asn1js.OctetString; } interface RecipientIdentifierJson { variant: number; value?: IssuerAndSerialNumberJson | asn1js.OctetStringJson; } type RecipientIdentifierParameters = PkiObjectParameters & Partial; type RecipientIdentifierSchema = SchemaParameters; /** * Represents the RecipientIdentifier structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RecipientIdentifier extends PkiObject implements IRecipientIdentifier { static CLASS_NAME: string; variant: number; value: IssuerAndSerialNumber | asn1js.OctetString; /** * Initializes a new instance of the {@link RecipientIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: RecipientIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VARIANT$3): number; static defaultValues(memberName: typeof VALUE$3): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RecipientIdentifier ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * subjectKeyIdentifier [0] SubjectKeyIdentifier } * * SubjectKeyIdentifier ::= OCTET STRING *``` */ static schema(parameters?: RecipientIdentifierSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.BaseBlock; toJSON(): RecipientIdentifierJson; } declare const VERSION$g = "version"; declare const RID$1 = "rid"; declare const KEY_ENCRYPTION_ALGORITHM$3 = "keyEncryptionAlgorithm"; declare const ENCRYPTED_KEY$3 = "encryptedKey"; declare const RECIPIENT_CERTIFICATE$1 = "recipientCertificate"; interface IKeyTransRecipientInfo { version: number; rid: RecipientIdentifierType; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; recipientCertificate: Certificate; } interface KeyTransRecipientInfoJson { version: number; rid: RecipientIdentifierMixedJson; keyEncryptionAlgorithm: AlgorithmIdentifierJson; encryptedKey: asn1js.OctetStringJson; } type RecipientIdentifierType = IssuerAndSerialNumber | asn1js.OctetString; type RecipientIdentifierMixedJson = IssuerAndSerialNumberJson | asn1js.OctetStringJson; type KeyTransRecipientInfoParameters = PkiObjectParameters & Partial; /** * Represents the KeyTransRecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class KeyTransRecipientInfo extends PkiObject implements IKeyTransRecipientInfo { static CLASS_NAME: string; version: number; rid: RecipientIdentifierType; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; recipientCertificate: Certificate; /** * Initializes a new instance of the {@link KeyTransRecipientInfo} class * @param parameters Initialization parameters */ constructor(parameters?: KeyTransRecipientInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$g): number; static defaultValues(memberName: typeof RID$1): RecipientIdentifierType; static defaultValues(memberName: typeof KEY_ENCRYPTION_ALGORITHM$3): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTED_KEY$3): asn1js.OctetString; static defaultValues(memberName: typeof RECIPIENT_CERTIFICATE$1): Certificate; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * KeyTransRecipientInfo ::= SEQUENCE { * version CMSVersion, -- always set to 0 or 2 * rid RecipientIdentifier, * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, * encryptedKey EncryptedKey } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; rid?: RecipientIdentifierSchema; keyEncryptionAlgorithm?: AlgorithmIdentifierSchema; encryptedKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): KeyTransRecipientInfoJson; } declare const VARIANT$2 = "variant"; declare const VALUE$2 = "value"; interface IOriginatorIdentifierOrKey { variant: number; value?: any; } interface OriginatorIdentifierOrKeyJson { variant: number; value?: any; } type OriginatorIdentifierOrKeyParameters = PkiObjectParameters & Partial; type OriginatorIdentifierOrKeySchema = SchemaParameters; /** * Represents the OriginatorIdentifierOrKey structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OriginatorIdentifierOrKey extends PkiObject implements IOriginatorIdentifierOrKey { static CLASS_NAME: string; variant: number; value?: any; /** * Initializes a new instance of the {@link OriginatorIdentifierOrKey} class * @param parameters Initialization parameters */ constructor(parameters?: OriginatorIdentifierOrKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VARIANT$2): number; static defaultValues(memberName: typeof VALUE$2): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OriginatorIdentifierOrKey ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * subjectKeyIdentifier [0] SubjectKeyIdentifier, * originatorKey [1] OriginatorPublicKey } *``` */ static schema(parameters?: OriginatorIdentifierOrKeySchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.BaseBlock; toJSON(): OriginatorIdentifierOrKeyJson; } declare const KEY_ATTR_ID = "keyAttrId"; declare const KEY_ATTR = "keyAttr"; interface IOtherKeyAttribute { keyAttrId: string; keyAttr?: any; } interface OtherKeyAttributeJson { keyAttrId: string; keyAttr?: any; } type OtherKeyAttributeParameters = PkiObjectParameters & Partial; type OtherKeyAttributeSchema = SchemaType; /** * Represents the OtherKeyAttribute structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OtherKeyAttribute extends PkiObject implements IOtherKeyAttribute { static CLASS_NAME: string; keyAttrId: string; keyAttr?: any; /** * Initializes a new instance of the {@link OtherKeyAttribute} class * @param parameters Initialization parameters */ constructor(parameters?: OtherKeyAttributeParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_ATTR_ID): string; static defaultValues(memberName: typeof KEY_ATTR): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: T): memberValue is T; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OtherKeyAttribute ::= SEQUENCE { * keyAttrId OBJECT IDENTIFIER, * keyAttr ANY DEFINED BY keyAttrId OPTIONAL } *``` */ static schema(parameters?: OtherKeyAttributeSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OtherKeyAttributeJson; } declare const SUBJECT_KEY_IDENTIFIER = "subjectKeyIdentifier"; declare const DATE$1 = "date"; declare const OTHER$1 = "other"; interface IRecipientKeyIdentifier { subjectKeyIdentifier: asn1js.OctetString; date?: asn1js.GeneralizedTime; other?: OtherKeyAttribute; } interface RecipientKeyIdentifierJson { subjectKeyIdentifier: asn1js.OctetStringJson; date?: asn1js.BaseBlockJson; other?: OtherKeyAttributeJson; } type RecipientKeyIdentifierParameters = PkiObjectParameters & Partial; type RecipientKeyIdentifierSchema = SchemaParameters<{ subjectKeyIdentifier?: string; date?: string; other?: OtherKeyAttributeSchema; }>; /** * Represents the RecipientKeyIdentifier structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RecipientKeyIdentifier extends PkiObject implements IRecipientKeyIdentifier { static CLASS_NAME: string; subjectKeyIdentifier: asn1js.OctetString; date?: asn1js.GeneralizedTime; other?: OtherKeyAttribute; /** * Initializes a new instance of the {@link RecipientKeyIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: RecipientKeyIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SUBJECT_KEY_IDENTIFIER): asn1js.OctetString; static defaultValues(memberName: typeof DATE$1): asn1js.GeneralizedTime; static defaultValues(memberName: typeof OTHER$1): OtherKeyAttribute; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RecipientKeyIdentifier ::= SEQUENCE { * subjectKeyIdentifier SubjectKeyIdentifier, * date GeneralizedTime OPTIONAL, * other OtherKeyAttribute OPTIONAL } *``` */ static schema(parameters?: RecipientKeyIdentifierSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RecipientKeyIdentifierJson; } declare const VARIANT$1 = "variant"; declare const VALUE$1 = "value"; interface IKeyAgreeRecipientIdentifier { variant: number; value: any; } interface KeyAgreeRecipientIdentifierJson { variant: number; value?: IssuerAndSerialNumberJson | RecipientKeyIdentifierJson; } type KeyAgreeRecipientIdentifierParameters = PkiObjectParameters & Partial; type KeyAgreeRecipientIdentifierSchema = SchemaParameters<{ issuerAndSerialNumber?: IssuerAndSerialNumberSchema; rKeyId?: RecipientKeyIdentifierSchema; }>; /** * Represents the KeyAgreeRecipientIdentifier structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class KeyAgreeRecipientIdentifier extends PkiObject implements IKeyAgreeRecipientIdentifier { static CLASS_NAME: string; variant: number; value: any; /** * Initializes a new instance of the {@link KeyAgreeRecipientIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: KeyAgreeRecipientIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VARIANT$1): number; static defaultValues(memberName: typeof VALUE$1): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * KeyAgreeRecipientIdentifier ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * rKeyId [0] IMPLICIT RecipientKeyIdentifier } *``` */ static schema(parameters?: KeyAgreeRecipientIdentifierSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.BaseBlock; toJSON(): KeyAgreeRecipientIdentifierJson; } declare const RID = "rid"; declare const ENCRYPTED_KEY$2 = "encryptedKey"; interface IRecipientEncryptedKey { rid: KeyAgreeRecipientIdentifier; encryptedKey: asn1js.OctetString; } interface RecipientEncryptedKeyJson { rid: KeyAgreeRecipientIdentifierJson; encryptedKey: asn1js.OctetStringJson; } type RecipientEncryptedKeyParameters = PkiObjectParameters & Partial; /** * Represents the RecipientEncryptedKey structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RecipientEncryptedKey extends PkiObject implements IRecipientEncryptedKey { static CLASS_NAME: string; rid: KeyAgreeRecipientIdentifier; encryptedKey: asn1js.OctetString; /** * Initializes a new instance of the {@link RecipientEncryptedKey} class * @param parameters Initialization parameters */ constructor(parameters?: RecipientEncryptedKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof RID): KeyAgreeRecipientIdentifier; static defaultValues(memberName: typeof ENCRYPTED_KEY$2): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RecipientEncryptedKey ::= SEQUENCE { * rid KeyAgreeRecipientIdentifier, * encryptedKey EncryptedKey } * * EncryptedKey ::= OCTET STRING *``` */ static schema(parameters?: SchemaParameters<{ rid?: KeyAgreeRecipientIdentifierSchema; encryptedKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RecipientEncryptedKeyJson; } declare const ENCRYPTED_KEYS = "encryptedKeys"; interface IRecipientEncryptedKeys { encryptedKeys: RecipientEncryptedKey[]; } interface RecipientEncryptedKeysJson { encryptedKeys: RecipientEncryptedKeyJson[]; } type RecipientEncryptedKeysParameters = PkiObjectParameters & Partial; type RecipientEncryptedKeysSchema = SchemaParameters<{ RecipientEncryptedKeys?: string; }>; /** * Represents the RecipientEncryptedKeys structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RecipientEncryptedKeys extends PkiObject implements IRecipientEncryptedKeys { static CLASS_NAME: string; encryptedKeys: RecipientEncryptedKey[]; /** * Initializes a new instance of the {@link RecipientEncryptedKeys} class * @param parameters Initialization parameters */ constructor(parameters?: RecipientEncryptedKeysParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ENCRYPTED_KEYS): RecipientEncryptedKey[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey *``` */ static schema(parameters?: RecipientEncryptedKeysSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RecipientEncryptedKeysJson; } declare const VERSION$f = "version"; declare const ORIGINATOR = "originator"; declare const UKM = "ukm"; declare const KEY_ENCRYPTION_ALGORITHM$2 = "keyEncryptionAlgorithm"; declare const RECIPIENT_ENCRYPTED_KEY = "recipientEncryptedKeys"; declare const RECIPIENT_CERTIFICATE = "recipientCertificate"; declare const RECIPIENT_PUBLIC_KEY = "recipientPublicKey"; interface IKeyAgreeRecipientInfo { version: number; originator: OriginatorIdentifierOrKey; ukm?: asn1js.OctetString; keyEncryptionAlgorithm: AlgorithmIdentifier; recipientEncryptedKeys: RecipientEncryptedKeys; recipientCertificate: Certificate; recipientPublicKey: CryptoKey | null; } interface KeyAgreeRecipientInfoJson { version: number; originator: OriginatorIdentifierOrKeyJson; ukm?: asn1js.OctetStringJson; keyEncryptionAlgorithm: AlgorithmIdentifierJson; recipientEncryptedKeys: RecipientEncryptedKeysJson; } type KeyAgreeRecipientInfoParameters = PkiObjectParameters & Partial; /** * Represents the KeyAgreeRecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class KeyAgreeRecipientInfo extends PkiObject implements IKeyAgreeRecipientInfo { static CLASS_NAME: string; version: number; originator: OriginatorIdentifierOrKey; ukm?: asn1js.OctetString; keyEncryptionAlgorithm: AlgorithmIdentifier; recipientEncryptedKeys: RecipientEncryptedKeys; recipientCertificate: Certificate; recipientPublicKey: CryptoKey | null; /** * Initializes a new instance of the {@link KeyAgreeRecipientInfo} class * @param parameters Initialization parameters */ constructor(parameters?: KeyAgreeRecipientInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$f): number; static defaultValues(memberName: typeof ORIGINATOR): OriginatorIdentifierOrKey; static defaultValues(memberName: typeof UKM): asn1js.OctetString; static defaultValues(memberName: typeof KEY_ENCRYPTION_ALGORITHM$2): AlgorithmIdentifier; static defaultValues(memberName: typeof RECIPIENT_ENCRYPTED_KEY): RecipientEncryptedKeys; static defaultValues(memberName: typeof RECIPIENT_CERTIFICATE): Certificate; static defaultValues(memberName: typeof RECIPIENT_PUBLIC_KEY): null; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * KeyAgreeRecipientInfo ::= SEQUENCE { * version CMSVersion, -- always set to 3 * originator [0] EXPLICIT OriginatorIdentifierOrKey, * ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL, * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, * recipientEncryptedKeys RecipientEncryptedKeys } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; originator?: OriginatorIdentifierOrKeySchema; ukm?: string; keyEncryptionAlgorithm?: AlgorithmIdentifierSchema; recipientEncryptedKeys?: RecipientEncryptedKeysSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; /** * Conversion for the class to JSON object * @returns */ toJSON(): KeyAgreeRecipientInfoJson; } declare const KEY_IDENTIFIER$1 = "keyIdentifier"; declare const DATE = "date"; declare const OTHER = "other"; interface IKEKIdentifier { keyIdentifier: asn1js.OctetString; date?: asn1js.GeneralizedTime; other?: OtherKeyAttribute; } interface KEKIdentifierJson { keyIdentifier: asn1js.OctetStringJson; date?: asn1js.GeneralizedTime; other?: OtherKeyAttributeJson; } type KEKIdentifierParameters = PkiObjectParameters & Partial; type KEKIdentifierSchema = SchemaParameters<{ keyIdentifier?: string; date?: string; other?: OtherKeyAttributeSchema; }>; /** * Represents the KEKIdentifier structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class KEKIdentifier extends PkiObject implements IKEKIdentifier { static CLASS_NAME: string; keyIdentifier: asn1js.OctetString; date?: asn1js.GeneralizedTime; other?: OtherKeyAttribute; /** * Initializes a new instance of the {@link KEKIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: KEKIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_IDENTIFIER$1): asn1js.OctetString; static defaultValues(memberName: typeof DATE): asn1js.GeneralizedTime; static defaultValues(memberName: typeof OTHER): OtherKeyAttribute; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * KEKIdentifier ::= SEQUENCE { * keyIdentifier OCTET STRING, * date GeneralizedTime OPTIONAL, * other OtherKeyAttribute OPTIONAL } *``` */ static schema(parameters?: KEKIdentifierSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): KEKIdentifierJson; } declare const VERSION$e = "version"; declare const KEK_ID = "kekid"; declare const KEY_ENCRYPTION_ALGORITHM$1 = "keyEncryptionAlgorithm"; declare const ENCRYPTED_KEY$1 = "encryptedKey"; declare const PER_DEFINED_KEK = "preDefinedKEK"; interface IKEKRecipientInfo { version: number; kekid: KEKIdentifier; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; preDefinedKEK: ArrayBuffer; } interface KEKRecipientInfoJson { version: number; kekid: KEKIdentifierJson; keyEncryptionAlgorithm: AlgorithmIdentifierJson; encryptedKey: asn1js.OctetStringJson; } type KEKRecipientInfoParameters = PkiObjectParameters & Partial; /** * Represents the KEKRecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class KEKRecipientInfo extends PkiObject implements IKEKRecipientInfo { static CLASS_NAME: string; version: number; kekid: KEKIdentifier; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; preDefinedKEK: ArrayBuffer; /** * Initializes a new instance of the {@link KEKRecipientInfo} class * @param parameters Initialization parameters */ constructor(parameters?: KEKRecipientInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$e): number; static defaultValues(memberName: typeof KEK_ID): KEKIdentifier; static defaultValues(memberName: typeof KEY_ENCRYPTION_ALGORITHM$1): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTED_KEY$1): asn1js.OctetString; static defaultValues(memberName: typeof PER_DEFINED_KEK): ArrayBuffer; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * KEKRecipientInfo ::= SEQUENCE { * version CMSVersion, -- always set to 4 * kekid KEKIdentifier, * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, * encryptedKey EncryptedKey } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; kekid?: KEKIdentifierSchema; keyEncryptionAlgorithm?: AlgorithmIdentifierSchema; encryptedKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): KEKRecipientInfoJson; } declare const VERSION$d = "version"; declare const KEY_DERIVATION_ALGORITHM = "keyDerivationAlgorithm"; declare const KEY_ENCRYPTION_ALGORITHM = "keyEncryptionAlgorithm"; declare const ENCRYPTED_KEY = "encryptedKey"; declare const PASSWORD = "password"; interface IPasswordRecipientInfo { version: number; keyDerivationAlgorithm?: AlgorithmIdentifier; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; password: ArrayBuffer; } interface PasswordRecipientInfoJson { version: number; keyDerivationAlgorithm?: AlgorithmIdentifierJson; keyEncryptionAlgorithm: AlgorithmIdentifierJson; encryptedKey: asn1js.OctetStringJson; } type PasswordRecipientinfoParameters = PkiObjectParameters & Partial; /** * Represents the PasswordRecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class PasswordRecipientinfo extends PkiObject implements IPasswordRecipientInfo { static CLASS_NAME: string; version: number; keyDerivationAlgorithm?: AlgorithmIdentifier; keyEncryptionAlgorithm: AlgorithmIdentifier; encryptedKey: asn1js.OctetString; password: ArrayBuffer; /** * Initializes a new instance of the {@link PasswordRecipientinfo} class * @param parameters Initialization parameters */ constructor(parameters?: PasswordRecipientinfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$d): number; static defaultValues(memberName: typeof KEY_DERIVATION_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof KEY_ENCRYPTION_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTED_KEY): asn1js.OctetString; static defaultValues(memberName: typeof PASSWORD): ArrayBuffer; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PasswordRecipientInfo ::= SEQUENCE { * version CMSVersion, -- Always set to 0 * keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier OPTIONAL, * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier, * encryptedKey EncryptedKey } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; keyDerivationAlgorithm?: string; keyEncryptionAlgorithm?: AlgorithmIdentifierSchema; encryptedKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PasswordRecipientInfoJson; } declare const ORI_TYPE = "oriType"; declare const ORI_VALUE = "oriValue"; interface IOtherRecipientInfo { oriType: string; oriValue: any; } interface OtherRecipientInfoJson { oriType: string; oriValue?: any; } type OtherRecipientInfoParameters = PkiObjectParameters & Partial; /** * Represents the OtherRecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OtherRecipientInfo extends PkiObject implements IOtherRecipientInfo { static CLASS_NAME: string; oriType: string; oriValue: any; /** * Initializes a new instance of the {@link OtherRecipientInfo} class * @param parameters Initialization parameters */ constructor(parameters?: OtherRecipientInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ORI_TYPE): string; static defaultValues(memberName: typeof ORI_VALUE): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OtherRecipientInfo ::= SEQUENCE { * oriType OBJECT IDENTIFIER, * oriValue ANY DEFINED BY oriType } *``` */ static schema(parameters?: SchemaParameters<{ oriType?: string; oriValue?: string; }>): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OtherRecipientInfoJson; } declare const VARIANT = "variant"; declare const VALUE = "value"; interface IRecipientInfo { variant: number; value?: RecipientInfoValue; } interface RecipientInfoJson { variant: number; value?: RecipientInfoValueJson; } type RecipientInfoValue = KeyTransRecipientInfo | KeyAgreeRecipientInfo | KEKRecipientInfo | PasswordRecipientinfo | OtherRecipientInfo; type RecipientInfoValueJson = KeyTransRecipientInfoJson | KeyAgreeRecipientInfoJson | KEKRecipientInfoJson | PasswordRecipientInfoJson | OtherRecipientInfoJson; type RecipientInfoParameters = PkiObjectParameters & Partial; /** * Represents the RecipientInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class RecipientInfo extends PkiObject implements IRecipientInfo { static CLASS_NAME: string; variant: number; value?: RecipientInfoValue; /** * Initializes a new instance of the {@link RecipientInfo} class * @param parameters Initialization parameters */ constructor(parameters?: RecipientInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VARIANT): number; static defaultValues(memberName: typeof VALUE): RecipientInfoValue; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RecipientInfo ::= CHOICE { * ktri KeyTransRecipientInfo, * kari [1] KeyAgreeRecipientInfo, * kekri [2] KEKRecipientInfo, * pwri [3] PasswordRecipientinfo, * ori [4] OtherRecipientInfo } *``` */ static schema(parameters?: SchemaParameters): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.BaseBlock; toJSON(): RecipientInfoJson; } declare const VERSION$c = "version"; declare const ORIGINATOR_INFO = "originatorInfo"; declare const RECIPIENT_INFOS = "recipientInfos"; declare const ENCRYPTED_CONTENT_INFO$1 = "encryptedContentInfo"; declare const UNPROTECTED_ATTRS$1 = "unprotectedAttrs"; interface IEnvelopedData { /** * Version number. * * The appropriate value depends on `originatorInfo`, `RecipientInfo`, and `unprotectedAttrs`. * * The version MUST be assigned as follows: * ``` * IF (originatorInfo is present) AND * ((any certificates with a type of other are present) OR * (any crls with a type of other are present)) * THEN version is 4 * ELSE * IF ((originatorInfo is present) AND * (any version 2 attribute certificates are present)) OR * (any RecipientInfo structures include pwri) OR * (any RecipientInfo structures include ori) * THEN version is 3 * ELSE * IF (originatorInfo is absent) AND * (unprotectedAttrs is absent) AND * (all RecipientInfo structures are version 0) * THEN version is 0 * ELSE version is 2 * ``` */ version: number; /** * Optionally provides information about the originator. It is present only if required by the key management algorithm. * It may contain certificates and CRLs. */ originatorInfo?: OriginatorInfo; /** * Collection of per-recipient information. There MUST be at least one element in the collection. */ recipientInfos: RecipientInfo[]; /** * Encrypted content information */ encryptedContentInfo: EncryptedContentInfo; /** * Collection of attributes that are not encrypted */ unprotectedAttrs?: Attribute[]; } /** * JSON representation of {@link EnvelopedData} */ interface EnvelopedDataJson { version: number; originatorInfo?: OriginatorInfoJson; recipientInfos: RecipientInfoJson[]; encryptedContentInfo: EncryptedContentInfoJson; unprotectedAttrs?: AttributeJson[]; } type EnvelopedDataParameters = PkiObjectParameters & Partial & EncryptedContentInfoSplit; interface EnvelopedDataEncryptionParams { kekEncryptionLength: number; kdfAlgorithm: string; } interface EnvelopedDataDecryptBaseParams { preDefinedData?: BufferSource; recipientCertificate?: Certificate; } interface EnvelopedDataDecryptKeyParams extends EnvelopedDataDecryptBaseParams { recipientPrivateKey: CryptoKey; /** * Crypto provider assigned to `recipientPrivateKey`. If the filed is empty uses default crypto provider. */ crypto?: Crypto; } interface EnvelopedDataDecryptBufferParams extends EnvelopedDataDecryptBaseParams { recipientPrivateKey?: BufferSource; } type EnvelopedDataDecryptParams = EnvelopedDataDecryptBufferParams | EnvelopedDataDecryptKeyParams; /** * Represents the EnvelopedData structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) * * @example The following example demonstrates how to create and encrypt CMS Enveloped Data * ```js * const cmsEnveloped = new pkijs.EnvelopedData(); * * // Add recipient * cmsEnveloped.addRecipientByCertificate(cert, { oaepHashAlgorithm: "SHA-256" }); * * // Secret key algorithm * const alg = { * name: "AES-GCM", * length: 256, * } * await cmsEnveloped.encrypt(alg, dataToEncrypt); * * // Add Enveloped Data into CMS Content Info * const cmsContent = new pkijs.ContentInfo(); * cmsContent.contentType = pkijs.ContentInfo.ENVELOPED_DATA; * cmsContent.content = cmsEnveloped.toSchema(); * * const cmsContentRaw = cmsContent.toSchema().toBER(); * ``` * * @example The following example demonstrates how to decrypt CMS Enveloped Data * ```js * // Get a "crypto" extension * const crypto = pkijs.getCrypto(); * * // Parse CMS Content Info * const cmsContent = pkijs.ContentInfo.fromBER(cmsContentRaw); * if (cmsContent.contentType !== pkijs.ContentInfo.ENVELOPED_DATA) { * throw new Error("CMS is not Enveloped Data"); * } * // Parse CMS Enveloped Data * const cmsEnveloped = new pkijs.EnvelopedData({ schema: cmsContent.content }); * * // Export private key to PKCS#8 * const pkcs8 = await crypto.exportKey("pkcs8", keys.privateKey); * * // Decrypt data * const decryptedData = await cmsEnveloped.decrypt(0, { * recipientCertificate: cert, * recipientPrivateKey: pkcs8, * }); * ``` */ declare class EnvelopedData extends PkiObject implements IEnvelopedData { static CLASS_NAME: string; version: number; originatorInfo?: OriginatorInfo; recipientInfos: RecipientInfo[]; encryptedContentInfo: EncryptedContentInfo; unprotectedAttrs?: Attribute[]; policy: Required; /** * Initializes a new instance of the {@link EnvelopedData} class * @param parameters Initialization parameters */ constructor(parameters?: EnvelopedDataParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$c): number; static defaultValues(memberName: typeof ORIGINATOR_INFO): OriginatorInfo; static defaultValues(memberName: typeof RECIPIENT_INFOS): RecipientInfo[]; static defaultValues(memberName: typeof ENCRYPTED_CONTENT_INFO$1): EncryptedContentInfo; static defaultValues(memberName: typeof UNPROTECTED_ATTRS$1): Attribute[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * EnvelopedData ::= SEQUENCE { * version CMSVersion, * originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL, * recipientInfos RecipientInfos, * encryptedContentInfo EncryptedContentInfo, * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; originatorInfo?: string; recipientInfos?: string; encryptedContentInfo?: EncryptedContentInfoSchema; unprotectedAttrs?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): EnvelopedDataJson; /** * Helpers function for filling "RecipientInfo" based on recipient's certificate. * Problem with WebCrypto is that for RSA certificates we have only one option - "key transport" and * for ECC certificates we also have one option - "key agreement". As soon as Google will implement * DH algorithm it would be possible to use "key agreement" also for RSA certificates. * @param certificate Recipient's certificate * @param parameters Additional parameters necessary for "fine tunning" of encryption process * @param variant Variant = 1 is for "key transport", variant = 2 is for "key agreement". In fact the "variant" is unnecessary now because Google has no DH algorithm implementation. Thus key encryption scheme would be choosen by certificate type only: "key transport" for RSA and "key agreement" for ECC certificates. * @param crypto Crypto engine */ addRecipientByCertificate(certificate: Certificate, parameters?: object, variant?: number, crypto?: ICryptoEngine): boolean; /** * Add recipient based on pre-defined data like password or KEK * @param preDefinedData ArrayBuffer with pre-defined data * @param parameters Additional parameters necessary for "fine tunning" of encryption process * @param variant Variant = 1 for pre-defined "key encryption key" (KEK). Variant = 2 for password-based encryption. * @param crypto Crypto engine */ addRecipientByPreDefinedData(preDefinedData: ArrayBuffer, parameters: { keyIdentifier?: ArrayBuffer; hmacHashAlgorithm?: string; iterationCount?: number; keyEncryptionAlgorithm?: AesKeyGenParams; keyEncryptionAlgorithmParams?: any; } | undefined, variant: number, crypto?: ICryptoEngine): void; /** * Add a "RecipientInfo" using a KeyAgreeRecipientInfo of type RecipientKeyIdentifier. * @param key Recipient's public key * @param keyId The id for the recipient's public key * @param parameters Additional parameters for "fine tuning" the encryption process * @param crypto Crypto engine */ addRecipientByKeyIdentifier(key?: CryptoKey, keyId?: ArrayBuffer, parameters?: any, crypto?: ICryptoEngine): void; /** * Add a "RecipientInfo" using a KeyAgreeRecipientInfo of type RecipientKeyIdentifier. * @param recipientIdentifier Recipient identifier * @param encryptionParameters Additional parameters for "fine tuning" the encryption process * @param extraRecipientInfoParams Additional params for KeyAgreeRecipientInfo * @param crypto Crypto engine */ private _addKeyAgreeRecipientInfo; /** * Creates a new CMS Enveloped Data content with encrypted data * @param contentEncryptionAlgorithm WebCrypto algorithm. For the moment here could be only "AES-CBC" or "AES-GCM" algorithms. * @param contentToEncrypt Content to encrypt * @param crypto Crypto engine */ encrypt(contentEncryptionAlgorithm: Algorithm, contentToEncrypt: ArrayBuffer, crypto?: ICryptoEngine): Promise<(void | { ecdhPrivateKey: CryptoKey; })[]>; /** * Decrypts existing CMS Enveloped Data content * @param recipientIndex Index of recipient * @param parameters Additional parameters * @param crypto Crypto engine */ decrypt(recipientIndex: number, parameters: EnvelopedDataDecryptParams, crypto?: ICryptoEngine): Promise; } declare const VERSION$b = "version"; declare const ENCRYPTED_CONTENT_INFO = "encryptedContentInfo"; declare const UNPROTECTED_ATTRS = "unprotectedAttrs"; interface IEncryptedData { /** * Version number. * * If `unprotectedAttrs` is present, then the version MUST be 2. If `unprotectedAttrs` is absent, then version MUST be 0. */ version: number; /** * Encrypted content information */ encryptedContentInfo: EncryptedContentInfo; /** * Collection of attributes that are not encrypted */ unprotectedAttrs?: Attribute[]; } interface EncryptedDataJson { version: number; encryptedContentInfo: EncryptedContentInfoJson; unprotectedAttrs?: AttributeJson[]; } type EncryptedDataParameters = PkiObjectParameters & Partial; type EncryptedDataEncryptParams = Omit; /** * Represents the EncryptedData structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) * * @example The following example demonstrates how to create and encrypt CMS Encrypted Data * ```js * const cmsEncrypted = new pkijs.EncryptedData(); * * await cmsEncrypted.encrypt({ * contentEncryptionAlgorithm: { * name: "AES-GCM", * length: 256, * }, * hmacHashAlgorithm: "SHA-256", * iterationCount: 1000, * password: password, * contentToEncrypt: dataToEncrypt, * }); * * // Add Encrypted Data into CMS Content Info * const cmsContent = new pkijs.ContentInfo(); * cmsContent.contentType = pkijs.ContentInfo.ENCRYPTED_DATA; * cmsContent.content = cmsEncrypted.toSchema(); * * const cmsContentRaw = cmsContent.toSchema().toBER(); * ``` * * @example The following example demonstrates how to decrypt CMS Encrypted Data * ```js * // Parse CMS Content Info * const cmsContent = pkijs.ContentInfo.fromBER(cmsContentRaw); * if (cmsContent.contentType !== pkijs.ContentInfo.ENCRYPTED_DATA) { * throw new Error("CMS is not Encrypted Data"); * } * // Parse CMS Encrypted Data * const cmsEncrypted = new pkijs.EncryptedData({ schema: cmsContent.content }); * * // Decrypt data * const decryptedData = await cmsEncrypted.decrypt({ * password: password, * }); * ``` */ declare class EncryptedData extends PkiObject implements IEncryptedData { static CLASS_NAME: string; version: number; encryptedContentInfo: EncryptedContentInfo; unprotectedAttrs?: Attribute[]; /** * Initializes a new instance of the {@link EncryptedData} class * @param parameters Initialization parameters */ constructor(parameters?: EncryptedDataParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$b): number; static defaultValues(memberName: typeof ENCRYPTED_CONTENT_INFO): EncryptedContentInfo; static defaultValues(memberName: typeof UNPROTECTED_ATTRS): Attribute[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * EncryptedData ::= SEQUENCE { * version CMSVersion, * encryptedContentInfo EncryptedContentInfo, * unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; encryptedContentInfo?: EncryptedContentInfoSchema; unprotectedAttrs?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): EncryptedDataJson; /** * Creates a new CMS Encrypted Data content * @param parameters Parameters necessary for encryption */ encrypt(parameters: EncryptedDataEncryptParams, crypto?: ICryptoEngine): Promise; /** * Creates a new CMS Encrypted Data content * @param parameters Parameters necessary for encryption * @param crypto Crypto engine * @returns Returns decrypted raw data */ decrypt(parameters: { password: ArrayBuffer; }, crypto?: ICryptoEngine): Promise; } declare const SAFE_CONTENTS = "safeContents"; declare const PARSED_VALUE$4 = "parsedValue"; interface IAuthenticatedSafe { safeContents: ContentInfo[]; parsedValue: any; } type AuthenticatedSafeParameters = PkiObjectParameters & Partial; interface AuthenticatedSafeJson { safeContents: ContentInfoJson[]; } type SafeContent = ContentInfo | EncryptedData | EnvelopedData | object; /** * Represents the AuthenticatedSafe structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class AuthenticatedSafe extends PkiObject implements IAuthenticatedSafe { static CLASS_NAME: string; safeContents: ContentInfo[]; parsedValue: any; /** * Initializes a new instance of the {@link AuthenticatedSafe} class * @param parameters Initialization parameters */ constructor(parameters?: AuthenticatedSafeParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SAFE_CONTENTS): ContentInfo[]; static defaultValues(memberName: typeof PARSED_VALUE$4): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AuthenticatedSafe ::= SEQUENCE OF ContentInfo * -- Data if unencrypted * -- EncryptedData if password-encrypted * -- EnvelopedData if public key-encrypted *``` */ static schema(parameters?: SchemaParameters<{ contentInfos?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AuthenticatedSafeJson; parseInternalValues(parameters: { safeContents: SafeContent[]; }, crypto?: ICryptoEngine): Promise; makeInternalValues(parameters: { safeContents: any[]; }, crypto?: ICryptoEngine): Promise; } declare const KEY_IDENTIFIER = "keyIdentifier"; declare const AUTHORITY_CERT_ISSUER = "authorityCertIssuer"; declare const AUTHORITY_CERT_SERIAL_NUMBER = "authorityCertSerialNumber"; interface IAuthorityKeyIdentifier { keyIdentifier?: asn1js.OctetString; authorityCertIssuer?: GeneralName[]; authorityCertSerialNumber?: asn1js.Integer; } type AuthorityKeyIdentifierParameters = PkiObjectParameters & Partial; interface AuthorityKeyIdentifierJson { keyIdentifier?: asn1js.OctetStringJson; authorityCertIssuer?: GeneralNameJson[]; authorityCertSerialNumber?: asn1js.IntegerJson; } /** * Represents the AuthorityKeyIdentifier structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class AuthorityKeyIdentifier extends PkiObject implements IAuthorityKeyIdentifier { static CLASS_NAME: string; keyIdentifier?: asn1js.OctetString; authorityCertIssuer?: GeneralName[]; authorityCertSerialNumber?: asn1js.Integer; /** * Initializes a new instance of the {@link AuthorityKeyIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: AuthorityKeyIdentifierParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_IDENTIFIER): asn1js.OctetString; static defaultValues(memberName: typeof AUTHORITY_CERT_ISSUER): GeneralName[]; static defaultValues(memberName: typeof AUTHORITY_CERT_SERIAL_NUMBER): asn1js.Integer; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AuthorityKeyIdentifier OID ::= 2.5.29.35 * * AuthorityKeyIdentifier ::= SEQUENCE { * keyIdentifier [0] KeyIdentifier OPTIONAL, * authorityCertIssuer [1] GeneralNames OPTIONAL, * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } * * KeyIdentifier ::= OCTET STRING *``` */ static schema(parameters?: SchemaParameters<{ keyIdentifier?: string; authorityCertIssuer?: string; authorityCertSerialNumber?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): AuthorityKeyIdentifierJson; } declare const CA = "cA"; interface IBasicConstraints { cA: boolean; pathLenConstraint?: number | asn1js.Integer; } type BasicConstraintsParameters = PkiObjectParameters & Partial; interface BasicConstraintsJson { cA?: boolean; pathLenConstraint?: asn1js.IntegerJson | number; } /** * Represents the BasicConstraints structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class BasicConstraints extends PkiObject implements IBasicConstraints { static CLASS_NAME: string; cA: boolean; pathLenConstraint?: number | asn1js.Integer; /** * Initializes a new instance of the {@link AuthorityKeyIdentifier} class * @param parameters Initialization parameters */ constructor(parameters?: BasicConstraintsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CA): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * BasicConstraints ::= SEQUENCE { * cA BOOLEAN DEFAULT FALSE, * pathLenConstraint INTEGER (0..MAX) OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ cA?: string; pathLenConstraint?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; /** * Conversion for the class to JSON object * @returns */ toJSON(): BasicConstraintsJson; } declare const HASH_ALGORITHM$4 = "hashAlgorithm"; declare const ISSUER_NAME_HASH = "issuerNameHash"; declare const ISSUER_KEY_HASH = "issuerKeyHash"; declare const SERIAL_NUMBER$1 = "serialNumber"; interface ICertID { /** * Hash algorithm used to generate the `issuerNameHash` and `issuerKeyHash` values */ hashAlgorithm: AlgorithmIdentifier; /** * Hash of the issuer's distinguished name (DN). The hash shall be calculated over the DER encoding * of the issuer's name field in the certificate being checked. */ issuerNameHash: asn1js.OctetString; /** * Hash of the issuer's public key. The hash shall be calculated over the value (excluding tag and length) * of the subject public key field in the issuer's certificate. */ issuerKeyHash: asn1js.OctetString; /** * Serial number of the certificate for which status is being requested */ serialNumber: asn1js.Integer; } type CertIDParameters = PkiObjectParameters & Partial; type CertIDSchema = SchemaParameters<{ hashAlgorithm?: string; hashAlgorithmObject?: AlgorithmIdentifierSchema; issuerNameHash?: string; issuerKeyHash?: string; serialNumber?: string; }>; interface CertIDJson { hashAlgorithm: AlgorithmIdentifierJson; issuerNameHash: asn1js.OctetStringJson; issuerKeyHash: asn1js.OctetStringJson; serialNumber: asn1js.IntegerJson; } interface CertIDCreateParams { issuerCertificate: Certificate; hashAlgorithm: string; } /** * Represents an CertID described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class CertID extends PkiObject implements ICertID { static CLASS_NAME: string; /** * Making OCSP certificate identifier for specific certificate * @param certificate Certificate making OCSP Request for * @param parameters Additional parameters * @param crypto Crypto engine * @returns Returns created CertID object */ static create(certificate: Certificate, parameters: CertIDCreateParams, crypto?: ICryptoEngine): Promise; hashAlgorithm: AlgorithmIdentifier; issuerNameHash: asn1js.OctetString; issuerKeyHash: asn1js.OctetString; serialNumber: asn1js.Integer; /** * Initializes a new instance of the {@link CertID} class * @param parameters Initialization parameters */ constructor(parameters?: CertIDParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof HASH_ALGORITHM$4): AlgorithmIdentifier; static defaultValues(memberName: typeof ISSUER_NAME_HASH): asn1js.OctetString; static defaultValues(memberName: typeof ISSUER_KEY_HASH): asn1js.OctetString; static defaultValues(memberName: typeof SERIAL_NUMBER$1): asn1js.Integer; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertID ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, * issuerNameHash OCTET STRING, -- Hash of issuer's DN * issuerKeyHash OCTET STRING, -- Hash of issuer's public key * serialNumber CertificateSerialNumber } *``` */ static schema(parameters?: CertIDSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CertIDJson; /** * Checks that two "CertIDs" are equal * @param certificateID Identifier of the certificate to be checked */ isEqual(certificateID: CertID): boolean; /** * Making OCSP certificate identifier for specific certificate * @param certificate Certificate making OCSP Request for * @param parameters Additional parameters * @param crypto Crypto engine */ createForCertificate(certificate: Certificate, parameters: CertIDCreateParams, crypto?: ICryptoEngine): Promise; } declare const CERT_ID$1 = "certID"; declare const CERT_STATUS = "certStatus"; declare const THIS_UPDATE = "thisUpdate"; declare const NEXT_UPDATE = "nextUpdate"; declare const SINGLE_EXTENSIONS = "singleExtensions"; interface ISingleResponse { certID: CertID; certStatus: any; thisUpdate: Date; nextUpdate?: Date; singleExtensions?: Extension[]; } type SingleResponseParameters = PkiObjectParameters & Partial; type SingleResponseSchema = SchemaParameters<{ certID?: CertIDSchema; certStatus?: string; thisUpdate?: string; nextUpdate?: string; singleExtensions?: ExtensionsSchema; }>; interface SingleResponseJson { certID: CertIDJson; certStatus: any; thisUpdate: Date; nextUpdate?: Date; singleExtensions?: ExtensionJson[]; } /** * Represents an SingleResponse described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class SingleResponse extends PkiObject implements ISingleResponse { static CLASS_NAME: string; certID: CertID; certStatus: any; thisUpdate: Date; nextUpdate?: Date; singleExtensions?: Extension[]; /** * Initializes a new instance of the {@link SingleResponse} class * @param parameters Initialization parameters */ constructor(parameters?: SingleResponseParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERT_ID$1): CertID; static defaultValues(memberName: typeof CERT_STATUS): any; static defaultValues(memberName: typeof THIS_UPDATE): Date; static defaultValues(memberName: typeof NEXT_UPDATE): Date; static defaultValues(memberName: typeof SINGLE_EXTENSIONS): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SingleResponse ::= SEQUENCE { * certID CertID, * certStatus CertStatus, * thisUpdate GeneralizedTime, * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, * singleExtensions [1] EXPLICIT Extensions OPTIONAL } * * CertStatus ::= CHOICE { * good [0] IMPLICIT NULL, * revoked [1] IMPLICIT RevokedInfo, * unknown [2] IMPLICIT UnknownInfo } * * RevokedInfo ::= SEQUENCE { * revocationTime GeneralizedTime, * revocationReason [0] EXPLICIT CRLReason OPTIONAL } * * UnknownInfo ::= NULL *``` */ static schema(parameters?: SingleResponseSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SingleResponseJson; } declare const TBS$2 = "tbs"; declare const VERSION$a = "version"; declare const RESPONDER_ID = "responderID"; declare const PRODUCED_AT = "producedAt"; declare const RESPONSES = "responses"; declare const RESPONSE_EXTENSIONS = "responseExtensions"; interface IResponseData { version?: number; tbs: ArrayBuffer; responderID: any; producedAt: Date; responses: SingleResponse[]; responseExtensions?: Extension[]; } type ResponseDataParameters = PkiObjectParameters & Partial; type ResponseDataSchema = SchemaParameters<{ version?: string; responderID?: string; ResponseDataByName?: RelativeDistinguishedNamesSchema; ResponseDataByKey?: string; producedAt?: string; response?: SingleResponseSchema; extensions?: ExtensionsSchema; }>; interface ResponseDataJson { version?: number; tbs: string; responderID: any; producedAt: Date; responses: SingleResponseJson[]; responseExtensions?: ExtensionJson[]; } /** * Represents an ResponseData described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class ResponseData extends PkiObject implements IResponseData { static CLASS_NAME: string; version?: number; tbsView: Uint8Array; /** * @deprecated Since version 3.0.0 */ get tbs(): ArrayBuffer; /** * @deprecated Since version 3.0.0 */ set tbs(value: ArrayBuffer); responderID: any; producedAt: Date; responses: SingleResponse[]; responseExtensions?: Extension[]; /** * Initializes a new instance of the {@link ResponseData} class * @param parameters Initialization parameters */ constructor(parameters?: ResponseDataParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS$2): ArrayBuffer; static defaultValues(memberName: typeof VERSION$a): number; static defaultValues(memberName: typeof RESPONDER_ID): any; static defaultValues(memberName: typeof PRODUCED_AT): Date; static defaultValues(memberName: typeof RESPONSES): SingleResponse[]; static defaultValues(memberName: typeof RESPONSE_EXTENSIONS): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ResponseData ::= SEQUENCE { * version [0] EXPLICIT Version DEFAULT v1, * responderID ResponderID, * producedAt GeneralizedTime, * responses SEQUENCE OF SingleResponse, * responseExtensions [1] EXPLICIT Extensions OPTIONAL } *``` */ static schema(parameters?: ResponseDataSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(encodeFlag?: boolean): SchemaType; toJSON(): ResponseDataJson; } declare const TBS_RESPONSE_DATA = "tbsResponseData"; declare const SIGNATURE_ALGORITHM$4 = "signatureAlgorithm"; declare const SIGNATURE$3 = "signature"; declare const CERTS$2 = "certs"; interface IBasicOCSPResponse { tbsResponseData: ResponseData; signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.BitString; certs?: Certificate[]; } interface CertificateStatus { isForCertificate: boolean; /** * 0 = good, 1 = revoked, 2 = unknown */ status: number; } type BasicOCSPResponseParameters = PkiObjectParameters & Partial; interface BasicOCSPResponseVerifyParams { trustedCerts?: Certificate[]; } interface BasicOCSPResponseJson { tbsResponseData: ResponseDataJson; signatureAlgorithm: AlgorithmIdentifierJson; signature: asn1js.BitStringJson; certs?: CertificateJson[]; } /** * Represents the BasicOCSPResponse structure described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class BasicOCSPResponse extends PkiObject implements IBasicOCSPResponse { static CLASS_NAME: string; tbsResponseData: ResponseData; signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.BitString; certs?: Certificate[]; /** * Initializes a new instance of the {@link BasicOCSPResponse} class * @param parameters Initialization parameters */ constructor(parameters?: BasicOCSPResponseParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS_RESPONSE_DATA): ResponseData; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$4): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE$3): asn1js.BitString; static defaultValues(memberName: typeof CERTS$2): Certificate[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * BasicOCSPResponse ::= SEQUENCE { * tbsResponseData ResponseData, * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING, * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ tbsResponseData?: ResponseDataSchema; signatureAlgorithm?: AlgorithmIdentifierSchema; signature?: string; certs?: CertificateSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): BasicOCSPResponseJson; /** * Get OCSP response status for specific certificate * @param certificate Certificate to be checked * @param issuerCertificate Certificate of issuer for certificate to be checked * @param crypto Crypto engine */ getCertificateStatus(certificate: Certificate, issuerCertificate: Certificate, crypto?: ICryptoEngine): Promise; /** * Make signature for current OCSP Basic Response * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param hashAlgorithm Hashing algorithm. Default SHA-1 * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verify existing OCSP Basic Response * @param params Additional parameters * @param crypto Crypto engine */ verify(params?: BasicOCSPResponseVerifyParams, crypto?: ICryptoEngine): Promise; } declare const CERTIFICATE_INDEX = "certificateIndex"; declare const KEY_INDEX = "keyIndex"; interface ICAVersion { certificateIndex: number; keyIndex: number; } type CAVersionParameters = PkiObjectParameters & Partial; interface CAVersionJson { certificateIndex: number; keyIndex: number; } /** * Represents an CAVersion described in [Certification Authority Renewal](https://docs.microsoft.com/en-us/windows/desktop/seccrypto/certification-authority-renewal) */ declare class CAVersion extends PkiObject implements ICAVersion { static CLASS_NAME: string; certificateIndex: number; keyIndex: number; /** * Initializes a new instance of the {@link CAVersion} class * @param parameters Initialization parameters */ constructor(parameters?: CAVersionParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERTIFICATE_INDEX): number; static defaultValues(memberName: typeof KEY_INDEX): number; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CAVersion ::= INTEGER *``` */ static schema(): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Integer; toJSON(): CAVersionJson; } declare const CRL_ID = "crlId"; declare const CRL_VALUE = "crlValue"; declare const PARSED_VALUE$3 = "parsedValue"; interface ICRLBag { crlId: string; crlValue: any; parsedValue?: any; certValue?: any; } interface CRLBagJson { crlId: string; crlValue: any; } type CRLBagParameters = PkiObjectParameters & Partial; /** * Represents the CRLBag structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class CRLBag extends PkiObject implements ICRLBag { static CLASS_NAME: string; crlId: string; crlValue: any; parsedValue?: any; certValue?: any; /** * Initializes a new instance of the {@link CRLBag} class * @param parameters Initialization parameters */ constructor(parameters?: CRLBagParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CRL_ID): string; static defaultValues(memberName: typeof CRL_VALUE): any; static defaultValues(memberName: typeof PARSED_VALUE$3): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CRLBag ::= SEQUENCE { * crlId BAG-TYPE.&id ({CRLTypes}), * crlValue [0] EXPLICIT BAG-TYPE.&Type ({CRLTypes}{@crlId}) *} *``` */ static schema(parameters?: SchemaParameters<{ id?: string; value?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CRLBagJson; } declare const DISTRIBUTION_POINT$1 = "distributionPoint"; declare const ONLY_CONTAINS_USER_CERTS = "onlyContainsUserCerts"; declare const ONLY_CONTAINS_CA_CERTS = "onlyContainsCACerts"; declare const ONLY_SOME_REASON = "onlySomeReasons"; declare const INDIRECT_CRL = "indirectCRL"; declare const ONLY_CONTAINS_ATTRIBUTE_CERTS = "onlyContainsAttributeCerts"; interface IIssuingDistributionPoint { distributionPoint?: DistributionPointName; onlyContainsUserCerts: boolean; onlyContainsCACerts: boolean; onlySomeReasons?: number; indirectCRL: boolean; onlyContainsAttributeCerts: boolean; } interface IssuingDistributionPointJson { distributionPoint?: DistributionPointNameJson; onlyContainsUserCerts?: boolean; onlyContainsCACerts?: boolean; onlySomeReasons?: number; indirectCRL?: boolean; onlyContainsAttributeCerts?: boolean; } type DistributionPointName = GeneralName[] | RelativeDistinguishedNames; type DistributionPointNameJson = GeneralNameJson[] | RelativeDistinguishedNamesJson; type IssuingDistributionPointParameters = PkiObjectParameters & Partial; /** * Represents the IssuingDistributionPoint structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class IssuingDistributionPoint extends PkiObject implements IIssuingDistributionPoint { static CLASS_NAME: string; distributionPoint?: DistributionPointName; onlyContainsUserCerts: boolean; onlyContainsCACerts: boolean; onlySomeReasons?: number; indirectCRL: boolean; onlyContainsAttributeCerts: boolean; /** * Initializes a new instance of the {@link IssuingDistributionPoint} class * @param parameters Initialization parameters */ constructor(parameters?: IssuingDistributionPointParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof DISTRIBUTION_POINT$1): DistributionPointName; static defaultValues(memberName: typeof ONLY_CONTAINS_USER_CERTS): boolean; static defaultValues(memberName: typeof ONLY_CONTAINS_CA_CERTS): boolean; static defaultValues(memberName: typeof ONLY_SOME_REASON): number; static defaultValues(memberName: typeof INDIRECT_CRL): boolean; static defaultValues(memberName: typeof ONLY_CONTAINS_ATTRIBUTE_CERTS): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * IssuingDistributionPoint ::= SEQUENCE { * distributionPoint [0] DistributionPointName OPTIONAL, * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, * onlySomeReasons [3] ReasonFlags OPTIONAL, * indirectCRL [4] BOOLEAN DEFAULT FALSE, * onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE } * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), * cACompromise (2), * affiliationChanged (3), * superseded (4), * cessationOfOperation (5), * certificateHold (6), * privilegeWithdrawn (7), * aACompromise (8) } *``` */ static schema(parameters?: SchemaParameters<{ distributionPoint?: string; distributionPointNames?: string; onlyContainsUserCerts?: string; onlyContainsCACerts?: string; onlySomeReasons?: string; indirectCRL?: string; onlyContainsAttributeCerts?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): IssuingDistributionPointJson; } declare const DISTRIBUTION_POINT = "distributionPoint"; declare const REASONS = "reasons"; declare const CRL_ISSUER = "cRLIssuer"; interface IDistributionPoint { distributionPoint?: DistributionPointName; reasons?: asn1js.BitString; cRLIssuer?: GeneralName[]; } interface DistributionPointJson { distributionPoint?: DistributionPointNameJson; reasons?: asn1js.BitStringJson; cRLIssuer?: GeneralNameJson[]; } type DistributionPointParameters = PkiObjectParameters & Partial; /** * Represents the DistributionPoint structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class DistributionPoint extends PkiObject implements IDistributionPoint { static CLASS_NAME: string; distributionPoint?: DistributionPointName; reasons?: asn1js.BitString; cRLIssuer?: GeneralName[]; /** * Initializes a new instance of the {@link DistributionPoint} class * @param parameters Initialization parameters */ constructor(parameters?: DistributionPointParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof DISTRIBUTION_POINT): DistributionPointName; static defaultValues(memberName: typeof REASONS): asn1js.BitString; static defaultValues(memberName: typeof CRL_ISSUER): GeneralName[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * DistributionPoint ::= SEQUENCE { * distributionPoint [0] DistributionPointName OPTIONAL, * reasons [1] ReasonFlags OPTIONAL, * cRLIssuer [2] GeneralNames OPTIONAL } * * DistributionPointName ::= CHOICE { * fullName [0] GeneralNames, * nameRelativeToCRLIssuer [1] RelativeDistinguishedName } * * ReasonFlags ::= BIT STRING { * unused (0), * keyCompromise (1), * cACompromise (2), * affiliationChanged (3), * superseded (4), * cessationOfOperation (5), * certificateHold (6), * privilegeWithdrawn (7), * aACompromise (8) } *``` */ static schema(parameters?: SchemaParameters<{ distributionPoint?: string; distributionPointNames?: string; reasons?: string; cRLIssuer?: string; cRLIssuerNames?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): DistributionPointJson; } interface ICRLDistributionPoints { distributionPoints: DistributionPoint[]; } interface CRLDistributionPointsJson { distributionPoints: DistributionPointJson[]; } type CRLDistributionPointsParameters = PkiObjectParameters & Partial; /** * Represents the CRLDistributionPoints structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class CRLDistributionPoints extends PkiObject implements ICRLDistributionPoints { static CLASS_NAME: string; distributionPoints: DistributionPoint[]; /** * Initializes a new instance of the {@link CRLDistributionPoints} class * @param parameters Initialization parameters */ constructor(parameters?: CRLDistributionPointsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: string): DistributionPoint[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint *``` */ static schema(parameters?: SchemaParameters<{ distributionPoints?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CRLDistributionPointsJson; } declare const CERT_ID = "certId"; declare const CERT_VALUE = "certValue"; declare const PARSED_VALUE$2 = "parsedValue"; interface ICertBag { certId: string; certValue: asn1js.OctetString | PkiObject; parsedValue: any; } type CertBagParameters = PkiObjectParameters & Partial; interface CertBagJson { certId: string; certValue: any; } /** * Represents the CertBag structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class CertBag extends PkiObject implements ICertBag { static CLASS_NAME: string; certId: string; certValue: PkiObject | asn1js.OctetString; parsedValue: any; /** * Initializes a new instance of the {@link CertBag} class * @param parameters Initialization parameters */ constructor(parameters?: CertBagParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERT_ID): string; static defaultValues(memberName: typeof CERT_VALUE): any; static defaultValues(memberName: typeof PARSED_VALUE$2): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertBag ::= SEQUENCE { * certId BAG-TYPE.&id ({CertTypes}), * certValue [0] EXPLICIT BAG-TYPE.&Type ({CertTypes}{@certId}) * } *``` */ static schema(parameters?: SchemaParameters<{ id?: string; value?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CertBagJson; } declare const BASE = "base"; declare const MINIMUM = "minimum"; declare const MAXIMUM = "maximum"; interface IGeneralSubtree { base: GeneralName; minimum: number | asn1js.Integer; maximum?: number | asn1js.Integer; } interface GeneralSubtreeJson { base: GeneralNameJson; minimum?: number | asn1js.IntegerJson; maximum?: number | asn1js.IntegerJson; } type GeneralSubtreeParameters = PkiObjectParameters & Partial; /** * Represents the GeneralSubtree structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class GeneralSubtree extends PkiObject implements IGeneralSubtree { static CLASS_NAME: string; base: GeneralName; minimum: number | asn1js.Integer; maximum?: number | asn1js.Integer; /** * Initializes a new instance of the {@link GeneralSubtree} class * @param parameters Initialization parameters */ constructor(parameters?: GeneralSubtreeParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof BASE): GeneralName; static defaultValues(memberName: typeof MINIMUM): number; static defaultValues(memberName: typeof MAXIMUM): number; /** * @inheritdoc * @asn ASN.1 schema * ```asn * GeneralSubtree ::= SEQUENCE { * base GeneralName, * minimum [0] BaseDistance DEFAULT 0, * maximum [1] BaseDistance OPTIONAL } * * BaseDistance ::= INTEGER (0..MAX) *``` */ static schema(parameters?: SchemaParameters<{ base?: GeneralNameSchema; minimum?: string; maximum?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): GeneralSubtreeJson; } declare const TRUSTED_CERTS = "trustedCerts"; declare const CERTS$1 = "certs"; declare const CRLS$1 = "crls"; declare const OCSPS$1 = "ocsps"; declare const CHECK_DATE = "checkDate"; declare const FIND_ORIGIN = "findOrigin"; declare const FIND_ISSUER = "findIssuer"; declare enum ChainValidationCode { unknown = -1, success = 0, noRevocation = 11, noPath = 60, noValidPath = 97 } declare class ChainValidationError extends Error { static readonly NAME = "ChainValidationError"; code: ChainValidationCode; constructor(code: ChainValidationCode, message: string); } interface CertificateChainValidationEngineVerifyResult { result: boolean; resultCode: number; resultMessage: string; error?: Error | ChainValidationError; authConstrPolicies?: string[]; userConstrPolicies?: string[]; explicitPolicyIndicator?: boolean; policyMappings?: string[]; certificatePath?: Certificate[]; } type FindOriginCallback = (certificate: Certificate, validationEngine: CertificateChainValidationEngine) => string; type FindIssuerCallback = (certificate: Certificate, validationEngine: CertificateChainValidationEngine, crypto?: ICryptoEngine) => Promise; interface CertificateChainValidationEngineParameters { trustedCerts?: Certificate[]; certs?: Certificate[]; crls?: CertificateRevocationList[]; ocsps?: BasicOCSPResponse[]; checkDate?: Date; findOrigin?: FindOriginCallback; findIssuer?: FindIssuerCallback; } interface CertificateChainValidationEngineVerifyParams { initialPolicySet?: string[]; initialExplicitPolicy?: boolean; initialPolicyMappingInhibit?: boolean; initialInhibitPolicy?: boolean; initialPermittedSubtreesSet?: GeneralSubtree[]; initialExcludedSubtreesSet?: GeneralSubtree[]; initialRequiredNameForms?: GeneralSubtree[]; passedWhenNotRevValues?: boolean; } /** * Represents a chain-building engine for {@link Certificate} certificates. * * @example * ```js The following example demonstrates how to verify certificate chain * const rootCa = pkijs.Certificate.fromBER(certRaw1); * const intermediateCa = pkijs.Certificate.fromBER(certRaw2); * const leafCert = pkijs.Certificate.fromBER(certRaw3); * const crl1 = pkijs.CertificateRevocationList.fromBER(crlRaw1); * const ocsp1 = pkijs.BasicOCSPResponse.fromBER(ocspRaw1); * * const chainEngine = new pkijs.CertificateChainValidationEngine({ * certs: [rootCa, intermediateCa, leafCert], * crls: [crl1], * ocsps: [ocsp1], * checkDate: new Date("2015-07-13"), // optional * trustedCerts: [rootCa], * }); * * const chain = await chainEngine.verify(); * ``` */ declare class CertificateChainValidationEngine { /** * Array of pre-defined trusted (by user) certificates */ trustedCerts: Certificate[]; /** * Array with certificate chain. Could be only one end-user certificate in there! */ certs: Certificate[]; /** * Array of all CRLs for all certificates from certificate chain */ crls: CertificateRevocationList[]; /** * Array of all OCSP responses */ ocsps: BasicOCSPResponse[]; /** * The date at which the check would be */ checkDate: Date; /** * The date at which the check would be */ findOrigin: FindOriginCallback; /** * The date at which the check would be */ findIssuer: FindIssuerCallback; /** * Constructor for CertificateChainValidationEngine class * @param parameters */ constructor(parameters?: CertificateChainValidationEngineParameters); static defaultFindOrigin(certificate: Certificate, validationEngine: CertificateChainValidationEngine): string; defaultFindIssuer(certificate: Certificate, validationEngine: CertificateChainValidationEngine, crypto?: ICryptoEngine): Promise; /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ defaultValues(memberName: typeof TRUSTED_CERTS): Certificate[]; defaultValues(memberName: typeof CERTS$1): Certificate[]; defaultValues(memberName: typeof CRLS$1): CertificateRevocationList[]; defaultValues(memberName: typeof OCSPS$1): BasicOCSPResponse[]; defaultValues(memberName: typeof CHECK_DATE): Date; defaultValues(memberName: typeof FIND_ORIGIN): FindOriginCallback; defaultValues(memberName: typeof FIND_ISSUER): FindIssuerCallback; sort(passedWhenNotRevValues?: boolean, crypto?: ICryptoEngine): Promise; /** * Major verification function for certificate chain. * @param parameters * @param crypto Crypto engine * @returns */ verify(parameters?: CertificateChainValidationEngineVerifyParams, crypto?: ICryptoEngine): Promise; } declare const POLICY_QUALIFIER_ID = "policyQualifierId"; declare const QUALIFIER = "qualifier"; interface IPolicyQualifierInfo { policyQualifierId: string; qualifier: SchemaType; } type PolicyQualifierInfoParameters = PkiObjectParameters & Partial; interface PolicyQualifierInfoJson { policyQualifierId: string; qualifier: any; } /** * Represents the PolicyQualifierInfo structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PolicyQualifierInfo extends PkiObject implements IPolicyQualifierInfo { static CLASS_NAME: string; policyQualifierId: string; qualifier: SchemaType; /** * Initializes a new instance of the {@link PolicyQualifierInfo} class * @param parameters Initialization parameters */ constructor(parameters?: PolicyQualifierInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof POLICY_QUALIFIER_ID): string; static defaultValues(memberName: typeof QUALIFIER): asn1js.Any; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId } * * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } * id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } * id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } * * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice ) *``` */ static schema(parameters?: SchemaParameters<{ policyQualifierId?: string; qualifier?: string; }>): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PolicyQualifierInfoJson; } declare const POLICY_IDENTIFIER = "policyIdentifier"; declare const POLICY_QUALIFIERS = "policyQualifiers"; interface IPolicyInformation { policyIdentifier: string; policyQualifiers?: PolicyQualifierInfo[]; } type PolicyInformationParameters = PkiObjectParameters & Partial; interface PolicyInformationJson { policyIdentifier: string; policyQualifiers?: PolicyQualifierInfoJson[]; } /** * Represents the PolicyInformation structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PolicyInformation extends PkiObject implements IPolicyInformation { static CLASS_NAME: string; policyIdentifier: string; policyQualifiers?: PolicyQualifierInfo[]; /** * Initializes a new instance of the {@link PolicyInformation} class * @param parameters Initialization parameters */ constructor(parameters?: PolicyInformationParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof POLICY_IDENTIFIER): string; static defaultValues(memberName: typeof POLICY_QUALIFIERS): PolicyQualifierInfo[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF * PolicyQualifierInfo OPTIONAL } * * CertPolicyId ::= OBJECT IDENTIFIER *``` */ static schema(parameters?: SchemaParameters<{ policyIdentifier?: string; policyQualifiers?: string; }>): SchemaType; /** * Converts parsed ASN.1 object into current class * @param schema */ fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PolicyInformationJson; } declare const CERTIFICATE_POLICIES = "certificatePolicies"; interface ICertificatePolicies { certificatePolicies: PolicyInformation[]; } type CertificatePoliciesParameters = PkiObjectParameters & Partial; interface CertificatePoliciesJson { certificatePolicies: PolicyInformationJson[]; } /** * Represents the CertificatePolicies structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class CertificatePolicies extends PkiObject implements ICertificatePolicies { static CLASS_NAME: string; certificatePolicies: PolicyInformation[]; /** * Initializes a new instance of the {@link CertificatePolicies} class * @param parameters Initialization parameters */ constructor(parameters?: CertificatePoliciesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof CERTIFICATE_POLICIES): PolicyInformation[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation *``` */ static schema(parameters?: SchemaParameters<{ certificatePolicies?: string; }>): asn1js.Sequence; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CertificatePoliciesJson; } declare const TEMPLATE_ID = "templateID"; declare const TEMPLATE_MAJOR_VERSION = "templateMajorVersion"; declare const TEMPLATE_MINOR_VERSION = "templateMinorVersion"; interface ICertificateTemplate { templateID: string; templateMajorVersion?: number; templateMinorVersion?: number; } interface CertificateTemplateJson { templateID: string; templateMajorVersion?: number; templateMinorVersion?: number; } type CertificateTemplateParameters = PkiObjectParameters & Partial; /** * Class from "[MS-WCCE]: Windows Client Certificate Enrollment Protocol" */ declare class CertificateTemplate extends PkiObject implements ICertificateTemplate { templateID: string; templateMajorVersion?: number; templateMinorVersion?: number; /** * Initializes a new instance of the {@link CertificateTemplate} class * @param parameters Initialization parameters */ constructor(parameters?: CertificateTemplateParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TEMPLATE_MINOR_VERSION): number; static defaultValues(memberName: typeof TEMPLATE_MAJOR_VERSION): number; static defaultValues(memberName: typeof TEMPLATE_ID): string; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertificateTemplateOID ::= SEQUENCE { * templateID OBJECT IDENTIFIER, * templateMajorVersion INTEGER (0..4294967295) OPTIONAL, * templateMinorVersion INTEGER (0..4294967295) OPTIONAL * } *``` */ static schema(parameters?: SchemaParameters<{ templateID?: string; templateMajorVersion?: string; templateMinorVersion?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): CertificateTemplateJson; } declare const TBS$1 = "tbs"; declare const VERSION$9 = "version"; declare const SUBJECT = "subject"; declare const SPKI = "subjectPublicKeyInfo"; declare const ATTRIBUTES$2 = "attributes"; declare const SIGNATURE_ALGORITHM$3 = "signatureAlgorithm"; declare const SIGNATURE_VALUE = "signatureValue"; interface ICertificationRequest { /** * Value being signed */ tbs: ArrayBuffer; /** * Version number. It should be 0 */ version: number; /** * Distinguished name of the certificate subject */ subject: RelativeDistinguishedNames; /** * Information about the public key being certified */ subjectPublicKeyInfo: PublicKeyInfo; /** * Collection of attributes providing additional information about the subject of the certificate */ attributes?: Attribute[]; /** * signature algorithm (and any associated parameters) under which the certification-request information is signed */ signatureAlgorithm: AlgorithmIdentifier; /** * result of signing the certification request information with the certification request subject's private key */ signatureValue: asn1js.BitString; } /** * JSON representation of {@link CertificationRequest} */ interface CertificationRequestJson { tbs: string; version: number; subject: RelativeDistinguishedNamesJson; subjectPublicKeyInfo: PublicKeyInfoJson | JsonWebKey; attributes?: AttributeJson[]; signatureAlgorithm: AlgorithmIdentifierJson; signatureValue: asn1js.BitStringJson; } interface CertificationRequestInfoParameters { names?: { blockName?: string; CertificationRequestInfo?: string; CertificationRequestInfoVersion?: string; subject?: RelativeDistinguishedNamesSchema; CertificationRequestInfoAttributes?: string; attributes?: AttributeSchema; }; } type CertificationRequestParameters = PkiObjectParameters & Partial; /** * Represents the CertificationRequest structure described in [RFC2986](https://datatracker.ietf.org/doc/html/rfc2986) * * @example The following example demonstrates how to parse PKCS#11 certification request * and verify its challenge password extension and signature value * ```js * const pkcs10 = pkijs.CertificationRequest.fromBER(pkcs10Raw); * * // Get and validate challenge password extension * if (pkcs10.attributes) { * const attrExtensions = pkcs10.attributes.find(o => o.type === "1.2.840.113549.1.9.14"); // pkcs-9-at-extensionRequest * if (attrExtensions) { * const extensions = new pkijs.Extensions({ schema: attrExtensions.values[0] }); * for (const extension of extensions.extensions) { * if (extension.extnID === "1.2.840.113549.1.9.7") { // pkcs-9-at-challengePassword * const asn = asn1js.fromBER(extension.extnValue.valueBlock.valueHex); * if (asn.result.valueBlock.value !== "passwordChallenge") { * throw new Error("PKCS#11 certification request is invalid. Challenge password is incorrect"); * } * } * } * } * } * * // Verify signature value * const ok = await pkcs10.verify(); * if (!ok) { * throw Error("PKCS#11 certification request is invalid. Signature is wrong") * } * ``` * * @example The following example demonstrates how to create PKCS#11 certification request * ```js * // Get a "crypto" extension * const crypto = pkijs.getCrypto(true); * * const pkcs10 = new pkijs.CertificationRequest(); * * pkcs10.subject.typesAndValues.push(new pkijs.AttributeTypeAndValue({ * type: "2.5.4.3", * value: new asn1js.Utf8String({ value: "Test" }) * })); * * * await pkcs10.subjectPublicKeyInfo.importKey(keys.publicKey); * * pkcs10.attributes = []; * * // Subject Alternative Name * const altNames = new pkijs.GeneralNames({ * names: [ * new pkijs.GeneralName({ // email * type: 1, * value: "email@address.com" * }), * new pkijs.GeneralName({ // domain * type: 2, * value: "www.domain.com" * }), * ] * }); * * // SubjectKeyIdentifier * const subjectKeyIdentifier = await crypto.digest({ name: "SHA-1" }, pkcs10.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHex); * * pkcs10.attributes.push(new pkijs.Attribute({ * type: "1.2.840.113549.1.9.14", // pkcs-9-at-extensionRequest * values: [(new pkijs.Extensions({ * extensions: [ * new pkijs.Extension({ * extnID: "2.5.29.14", // id-ce-subjectKeyIdentifier * critical: false, * extnValue: (new asn1js.OctetString({ valueHex: subjectKeyIdentifier })).toBER(false) * }), * new pkijs.Extension({ * extnID: "2.5.29.17", // id-ce-subjectAltName * critical: false, * extnValue: altNames.toSchema().toBER(false) * }), * new pkijs.Extension({ * extnID: "1.2.840.113549.1.9.7", // pkcs-9-at-challengePassword * critical: false, * extnValue: (new asn1js.PrintableString({ value: "passwordChallenge" })).toBER(false) * }) * ] * })).toSchema()] * })); * * // Signing final PKCS#10 request * await pkcs10.sign(keys.privateKey, "SHA-256"); * * const pkcs10Raw = pkcs10.toSchema(true).toBER(); * ``` */ declare class CertificationRequest extends PkiObject implements ICertificationRequest { static CLASS_NAME: string; tbsView: Uint8Array; /** * @deprecated Since version 3.0.0 */ get tbs(): ArrayBuffer; /** * @deprecated Since version 3.0.0 */ set tbs(value: ArrayBuffer); version: number; subject: RelativeDistinguishedNames; subjectPublicKeyInfo: PublicKeyInfo; attributes?: Attribute[]; signatureAlgorithm: AlgorithmIdentifier; signatureValue: asn1js.BitString; /** * Initializes a new instance of the {@link CertificationRequest} class * @param parameters Initialization parameters */ constructor(parameters?: CertificationRequestParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS$1): ArrayBuffer; static defaultValues(memberName: typeof VERSION$9): number; static defaultValues(memberName: typeof SUBJECT): RelativeDistinguishedNames; static defaultValues(memberName: typeof SPKI): PublicKeyInfo; static defaultValues(memberName: typeof ATTRIBUTES$2): Attribute[]; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$3): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE_VALUE): asn1js.BitString; /** * @inheritdoc * @asn ASN.1 schema * ```asn * CertificationRequest ::= SEQUENCE { * certificationRequestInfo CertificationRequestInfo, * signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }}, * signature BIT STRING * } *``` */ static schema(parameters?: SchemaParameters<{ certificationRequestInfo?: CertificationRequestInfoParameters; signatureAlgorithm?: string; signatureValue?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; /** * Aux function making ASN1js Sequence from current TBS * @returns */ protected encodeTBS(): asn1js.Sequence; toSchema(encodeFlag?: boolean): asn1js.Sequence; toJSON(): CertificationRequestJson; /** * Makes signature for current certification request * @param privateKey WebCrypto private key * @param hashAlgorithm String representing current hashing algorithm * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verify existing certification request signature * @param crypto Crypto engine * @returns Returns `true` if signature value is valid, otherwise `false` */ verify(crypto?: ICryptoEngine): Promise; /** * Importing public key for current certificate request * @param parameters * @param crypto Crypto engine * @returns WebCrypt public key */ getPublicKey(parameters?: CryptoEnginePublicKeyParams, crypto?: ICryptoEngine): Promise; } declare abstract class AbstractCryptoEngine implements ICryptoEngine { name: string; crypto: Crypto; subtle: SubtleCrypto; /** * Constructor for CryptoEngine class * @param parameters */ constructor(parameters: CryptoEngineParameters); abstract getOIDByAlgorithm(algorithm: Algorithm, safety?: boolean, target?: string): string; abstract getAlgorithmParameters(algorithmName: string, operation: CryptoEngineAlgorithmOperation): CryptoEngineAlgorithmParams; abstract getAlgorithmByOID(oid: string, safety?: boolean, target?: string): object | T; abstract getAlgorithmByOID(oid: string, safety: true, target?: string): T; abstract getAlgorithmByOID(oid: any, safety?: any, target?: any): object; abstract getHashAlgorithm(signatureAlgorithm: AlgorithmIdentifier): string; abstract getSignatureParameters(privateKey: CryptoKey, hashAlgorithm?: string): Promise; abstract signWithPrivateKey(data: BufferSource, privateKey: CryptoKey, parameters: CryptoEngineSignWithPrivateKeyParams): Promise; abstract verifyWithPublicKey(data: BufferSource, signature: BitString | OctetString, publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, shaAlgorithm?: string): Promise; abstract getPublicKey(publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, parameters?: CryptoEnginePublicKeyParams): Promise; abstract encryptEncryptedContentInfo(parameters: CryptoEngineEncryptParams): Promise; abstract decryptEncryptedContentInfo(parameters: CryptoEngineDecryptParams): Promise; abstract stampDataWithPassword(parameters: CryptoEngineStampDataWithPasswordParams): Promise; abstract verifyDataStampedWithPassword(parameters: CryptoEngineVerifyDataStampedWithPasswordParams): Promise; encrypt(algorithm: globalThis.AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams, key: CryptoKey, data: BufferSource): Promise; decrypt(algorithm: globalThis.AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams, key: CryptoKey, data: BufferSource): Promise; sign(algorithm: globalThis.AlgorithmIdentifier | RsaPssParams | EcdsaParams, key: CryptoKey, data: BufferSource): Promise; verify(algorithm: globalThis.AlgorithmIdentifier | RsaPssParams | EcdsaParams, key: CryptoKey, signature: BufferSource, data: BufferSource): Promise; digest(algorithm: globalThis.AlgorithmIdentifier, data: BufferSource): Promise; generateKey(algorithm: "Ed25519", extractable: boolean, keyUsages: ReadonlyArray<"sign" | "verify">): Promise; generateKey(algorithm: RsaHashedKeyGenParams | EcKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): Promise; generateKey(algorithm: AesKeyGenParams | HmacKeyGenParams | Pbkdf2Params, extractable: boolean, keyUsages: KeyUsage[]): Promise; generateKey(algorithm: globalThis.AlgorithmIdentifier, extractable: boolean, keyUsages: KeyUsage[]): Promise; deriveKey(algorithm: globalThis.AlgorithmIdentifier | EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params, baseKey: CryptoKey, derivedKeyType: globalThis.AlgorithmIdentifier | HkdfParams | Pbkdf2Params | AesDerivedKeyParams | HmacImportParams, extractable: boolean, keyUsages: KeyUsage[]): Promise; deriveKey(algorithm: globalThis.AlgorithmIdentifier | EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params, baseKey: CryptoKey, derivedKeyType: globalThis.AlgorithmIdentifier | HkdfParams | Pbkdf2Params | AesDerivedKeyParams | HmacImportParams, extractable: boolean, keyUsages: Iterable): Promise; deriveBits(algorithm: globalThis.AlgorithmIdentifier | EcdhKeyDeriveParams | HkdfParams | Pbkdf2Params, baseKey: CryptoKey, length: number): Promise; wrapKey(format: KeyFormat, key: CryptoKey, wrappingKey: CryptoKey, wrapAlgorithm: globalThis.AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams): Promise; unwrapKey(format: KeyFormat, wrappedKey: BufferSource, unwrappingKey: CryptoKey, unwrapAlgorithm: globalThis.AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams, unwrappedKeyAlgorithm: globalThis.AlgorithmIdentifier | HmacImportParams | RsaHashedImportParams | EcKeyImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise; unwrapKey(format: KeyFormat, wrappedKey: BufferSource, unwrappingKey: CryptoKey, unwrapAlgorithm: globalThis.AlgorithmIdentifier | RsaOaepParams | AesCtrParams | AesCbcParams | AesGcmParams, unwrappedKeyAlgorithm: globalThis.AlgorithmIdentifier | HmacImportParams | RsaHashedImportParams | EcKeyImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: Iterable): Promise; exportKey(format: "jwk", key: CryptoKey): Promise; exportKey(format: "pkcs8" | "raw" | "spki", key: CryptoKey): Promise; importKey(format: "jwk", keyData: JsonWebKey, algorithm: globalThis.AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise; importKey(format: "pkcs8" | "raw" | "spki", keyData: BufferSource, algorithm: globalThis.AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise; importKey(format: "jwk", keyData: JsonWebKey, algorithm: globalThis.AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise; importKey(format: "pkcs8" | "raw" | "spki", keyData: BufferSource, algorithm: globalThis.AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm, extractable: boolean, keyUsages: Iterable): Promise; getRandomValues(array: T): T; } /** * Default cryptographic engine for Web Cryptography API */ declare class CryptoEngine extends AbstractCryptoEngine { importKey(format: KeyFormat, keyData: BufferSource | JsonWebKey, algorithm: globalThis.AlgorithmIdentifier, extractable: boolean, keyUsages: KeyUsage[]): Promise; /** * Export WebCrypto keys to different formats * @param format * @param key */ exportKey(format: "jwk", key: CryptoKey): Promise; exportKey(format: Exclude, key: CryptoKey): Promise; exportKey(format: string, key: CryptoKey): Promise; /** * Convert WebCrypto keys between different export formats * @param inputFormat * @param outputFormat * @param keyData * @param algorithm * @param extractable * @param keyUsages */ convert(inputFormat: KeyFormat, outputFormat: KeyFormat, keyData: ArrayBuffer | JsonWebKey, algorithm: Algorithm, extractable: boolean, keyUsages: KeyUsage[]): Promise; /** * Gets WebCrypto algorithm by wel-known OID * @param oid algorithm identifier * @param safety if `true` throws exception on unknown algorithm identifier * @param target name of the target * @returns Returns WebCrypto algorithm or an empty object */ getAlgorithmByOID(oid: string, safety?: boolean, target?: string): T | object; /** * Gets WebCrypto algorithm by wel-known OID * @param oid algorithm identifier * @param safety if `true` throws exception on unknown algorithm identifier * @param target name of the target * @returns Returns WebCrypto algorithm * @throws Throws {@link Error} exception if unknown algorithm identifier */ getAlgorithmByOID(oid: string, safety: true, target?: string): T; getOIDByAlgorithm(algorithm: Algorithm, safety?: boolean, target?: string): string; getAlgorithmParameters(algorithmName: string, operation: CryptoEngineAlgorithmOperation): CryptoEngineAlgorithmParams; /** * Getting hash algorithm by signature algorithm * @param signatureAlgorithm Signature algorithm */ getHashAlgorithm(signatureAlgorithm: AlgorithmIdentifier): string; encryptEncryptedContentInfo(parameters: CryptoEngineEncryptParams): Promise; /** * Decrypt data stored in "EncryptedContentInfo" object using parameters * @param parameters */ decryptEncryptedContentInfo(parameters: CryptoEngineDecryptParams): Promise; stampDataWithPassword(parameters: CryptoEngineStampDataWithPasswordParams): Promise; verifyDataStampedWithPassword(parameters: CryptoEngineVerifyDataStampedWithPasswordParams): Promise; getSignatureParameters(privateKey: CryptoKey, hashAlgorithm?: string): Promise; signWithPrivateKey(data: BufferSource, privateKey: CryptoKey, parameters: CryptoEngineSignWithPrivateKeyParams): Promise; fillPublicKeyParameters(publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier): CryptoEnginePublicKeyParams; getPublicKey(publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, parameters?: CryptoEnginePublicKeyParams): Promise; verifyWithPublicKey(data: BufferSource, signature: asn1js.BitString | asn1js.OctetString, publicKeyInfo: PublicKeyInfo, signatureAlgorithm: AlgorithmIdentifier, shaAlgorithm?: string): Promise; } declare const DIGEST_ALGORITHM$1 = "digestAlgorithm"; declare const DIGEST = "digest"; interface IDigestInfo { digestAlgorithm: AlgorithmIdentifier; digest: asn1js.OctetString; } interface DigestInfoJson { digestAlgorithm: AlgorithmIdentifierJson; digest: asn1js.OctetStringJson; } type DigestInfoParameters = PkiObjectParameters & Partial; type DigestInfoSchema = SchemaParameters<{ digestAlgorithm?: AlgorithmIdentifierSchema; digest?: string; }>; /** * Represents the DigestInfo structure described in [RFC3447](https://datatracker.ietf.org/doc/html/rfc3447) */ declare class DigestInfo extends PkiObject implements IDigestInfo { static CLASS_NAME: string; digestAlgorithm: AlgorithmIdentifier; digest: asn1js.OctetString; /** * Initializes a new instance of the {@link DigestInfo} class * @param parameters Initialization parameters */ constructor(parameters?: DigestInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof DIGEST_ALGORITHM$1): AlgorithmIdentifier; static defaultValues(memberName: typeof DIGEST): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * DigestInfo ::= SEQUENCE { * digestAlgorithm DigestAlgorithmIdentifier, * digest Digest } * * Digest ::= OCTET STRING *``` */ static schema(parameters?: DigestInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): DigestInfoJson; } declare const KEY_INFO = "keyInfo"; declare const ENTITY_U_INFO = "entityUInfo"; declare const SUPP_PUB_INFO = "suppPubInfo"; interface IECCCMSSharedInfo { keyInfo: AlgorithmIdentifier; entityUInfo?: asn1js.OctetString; suppPubInfo: asn1js.OctetString; } interface ECCCMSSharedInfoJson { keyInfo: AlgorithmIdentifierJson; entityUInfo?: asn1js.OctetStringJson; suppPubInfo: asn1js.OctetStringJson; } type ECCCMSSharedInfoParameters = PkiObjectParameters & Partial; /** * Represents the ECCCMSSharedInfo structure described in [RFC6318](https://datatracker.ietf.org/doc/html/rfc6318) */ declare class ECCCMSSharedInfo extends PkiObject implements IECCCMSSharedInfo { static CLASS_NAME: string; keyInfo: AlgorithmIdentifier; entityUInfo?: asn1js.OctetString; suppPubInfo: asn1js.OctetString; /** * Initializes a new instance of the {@link ECCCMSSharedInfo} class * @param parameters Initialization parameters */ constructor(parameters?: ECCCMSSharedInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_INFO): AlgorithmIdentifier; static defaultValues(memberName: typeof ENTITY_U_INFO): asn1js.OctetString; static defaultValues(memberName: typeof SUPP_PUB_INFO): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ECC-CMS-SharedInfo ::= SEQUENCE { * keyInfo AlgorithmIdentifier, * entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, * suppPubInfo [2] EXPLICIT OCTET STRING } *``` */ static schema(parameters?: SchemaParameters<{ keyInfo?: AlgorithmIdentifierSchema; entityUInfo?: string; suppPubInfo?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ECCCMSSharedInfoJson; } interface ECNamedCurve { /** * The curve ASN.1 object identifier */ id: string; /** * The name of the curve */ name: string; /** * The coordinate length in bytes */ size: number; } declare class ECNamedCurves { static readonly namedCurves: Record; /** * Registers an ECC named curve * @param name The name o the curve * @param id The curve ASN.1 object identifier * @param size The coordinate length in bytes */ static register(name: string, id: string, size: number): void; /** * Returns an ECC named curve object * @param nameOrId Name or identifier of the named curve * @returns */ static find(nameOrId: string): ECNamedCurve | null; } declare const VERSION$8 = "version"; declare const PRIVATE_KEY = "privateKey"; declare const NAMED_CURVE = "namedCurve"; declare const PUBLIC_KEY$1 = "publicKey"; interface IECPrivateKey { version: number; privateKey: asn1js.OctetString; namedCurve?: string; publicKey?: ECPublicKey; } type ECPrivateKeyParameters = PkiObjectParameters & Partial & { json?: ECPrivateKeyJson; }; interface ECPrivateKeyJson { crv: string; y?: string; x?: string; d: string; } /** * Represents the PrivateKeyInfo structure described in [RFC5915](https://datatracker.ietf.org/doc/html/rfc5915) */ declare class ECPrivateKey extends PkiObject implements IECPrivateKey { static CLASS_NAME: string; version: number; privateKey: asn1js.OctetString; namedCurve?: string; publicKey?: ECPublicKey; /** * Initializes a new instance of the {@link ECPrivateKey} class * @param parameters Initialization parameters */ constructor(parameters?: ECPrivateKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$8): 1; static defaultValues(memberName: typeof PRIVATE_KEY): asn1js.OctetString; static defaultValues(memberName: typeof NAMED_CURVE): string; static defaultValues(memberName: typeof PUBLIC_KEY$1): ECPublicKey; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ECPrivateKey ::= SEQUENCE { * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), * privateKey OCTET STRING, * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, * publicKey [1] BIT STRING OPTIONAL * } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; privateKey?: string; namedCurve?: string; publicKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ECPrivateKeyJson; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: any): void; } declare const E_CONTENT_TYPE = "eContentType"; declare const E_CONTENT = "eContent"; interface IEncapsulatedContentInfo { eContentType: string; eContent?: asn1js.OctetString; } interface EncapsulatedContentInfoJson { eContentType: string; eContent?: asn1js.OctetStringJson; } type EncapsulatedContentInfoParameters = PkiObjectParameters & Partial; type EncapsulatedContentInfoSchema = SchemaParameters<{ eContentType?: string; eContent?: string; }>; /** * Represents the EncapsulatedContentInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class EncapsulatedContentInfo extends PkiObject implements IEncapsulatedContentInfo { static CLASS_NAME: string; eContentType: string; eContent?: asn1js.OctetString; /** * Initializes a new instance of the {@link EncapsulatedContentInfo} class * @param parameters Initialization parameters */ constructor(parameters?: EncapsulatedContentInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof E_CONTENT_TYPE): string; static defaultValues(memberName: typeof E_CONTENT): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * EncapsulatedContentInfo ::= SEQUENCE { * eContentType ContentType, * eContent [0] EXPLICIT OCTET STRING OPTIONAL } * Changed it to ANY, as in PKCS#7 *``` */ static schema(parameters?: EncapsulatedContentInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): EncapsulatedContentInfoJson; } declare const KEY_PURPOSES = "keyPurposes"; interface IExtKeyUsage { keyPurposes: string[]; } interface ExtKeyUsageJson { keyPurposes: string[]; } type ExtKeyUsageParameters = PkiObjectParameters & Partial; /** * Represents the ExtKeyUsage structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class ExtKeyUsage extends PkiObject implements IExtKeyUsage { static CLASS_NAME: string; keyPurposes: string[]; /** * Initializes a new instance of the {@link ExtKeyUsage} class * @param parameters Initialization parameters */ constructor(parameters?: ExtKeyUsageParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_PURPOSES): string[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ExtKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId * * KeyPurposeId ::= OBJECT IDENTIFIER *``` */ static schema(parameters?: SchemaParameters<{ keyPurposes?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ExtKeyUsageJson; } /** * String preparation function. In a future here will be realization of algorithm from RFC4518 * @param inputString JavaScript string. As soon as for each ASN.1 string type we have a specific * transformation function here we will work with pure JavaScript string * @returns Formatted string */ declare function stringPrep(inputString: string): string; declare const ACCESS_DESCRIPTIONS = "accessDescriptions"; interface IInfoAccess { accessDescriptions: AccessDescription[]; } interface InfoAccessJson { accessDescriptions: AccessDescriptionJson[]; } type InfoAccessParameters = PkiObjectParameters & Partial; /** * Represents the InfoAccess structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class InfoAccess extends PkiObject implements IInfoAccess { static CLASS_NAME: string; accessDescriptions: AccessDescription[]; /** * Initializes a new instance of the {@link InfoAccess} class * @param parameters Initialization parameters */ constructor(parameters?: InfoAccessParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ACCESS_DESCRIPTIONS): AccessDescription[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * AuthorityInfoAccessSyntax ::= * SEQUENCE SIZE (1..MAX) OF AccessDescription *``` */ static schema(parameters?: SchemaParameters<{ accessDescriptions?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): InfoAccessJson; } declare const PRIME = "prime"; declare const EXPONENT = "exponent"; declare const COEFFICIENT$1 = "coefficient"; interface IOtherPrimeInfo { prime: asn1js.Integer; exponent: asn1js.Integer; coefficient: asn1js.Integer; } type OtherPrimeInfoParameters = PkiObjectParameters & Partial & { json?: OtherPrimeInfoJson; }; interface OtherPrimeInfoJson { r: string; d: string; t: string; } type OtherPrimeInfoSchema = SchemaParameters<{ prime?: string; exponent?: string; coefficient?: string; }>; /** * Represents the OtherPrimeInfo structure described in [RFC3447](https://datatracker.ietf.org/doc/html/rfc3447) */ declare class OtherPrimeInfo extends PkiObject implements IOtherPrimeInfo { static CLASS_NAME: string; prime: asn1js.Integer; exponent: asn1js.Integer; coefficient: asn1js.Integer; /** * Initializes a new instance of the {@link OtherPrimeInfo} class * @param parameters Initialization parameters */ constructor(parameters?: OtherPrimeInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof PRIME | typeof EXPONENT | typeof COEFFICIENT$1): asn1js.Integer; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OtherPrimeInfo ::= Sequence { * prime Integer, -- ri * exponent Integer, -- di * coefficient Integer -- ti * } *``` */ static schema(parameters?: OtherPrimeInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OtherPrimeInfoJson; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: OtherPrimeInfoJson): void; } declare const VERSION$7 = "version"; declare const MODULUS = "modulus"; declare const PUBLIC_EXPONENT = "publicExponent"; declare const PRIVATE_EXPONENT = "privateExponent"; declare const PRIME1 = "prime1"; declare const PRIME2 = "prime2"; declare const EXPONENT1 = "exponent1"; declare const EXPONENT2 = "exponent2"; declare const COEFFICIENT = "coefficient"; declare const OTHER_PRIME_INFOS = "otherPrimeInfos"; interface IRSAPrivateKey { version: number; modulus: asn1js.Integer; publicExponent: asn1js.Integer; privateExponent: asn1js.Integer; prime1: asn1js.Integer; prime2: asn1js.Integer; exponent1: asn1js.Integer; exponent2: asn1js.Integer; coefficient: asn1js.Integer; otherPrimeInfos?: OtherPrimeInfo[]; } type RSAPrivateKeyParameters = PkiObjectParameters & Partial & { json?: RSAPrivateKeyJson; }; interface RSAPrivateKeyJson { n: string; e: string; d: string; p: string; q: string; dp: string; dq: string; qi: string; oth?: OtherPrimeInfoJson[]; } /** * Represents the PrivateKeyInfo structure described in [RFC3447](https://datatracker.ietf.org/doc/html/rfc3447) */ declare class RSAPrivateKey extends PkiObject implements IRSAPrivateKey { static CLASS_NAME: string; version: number; modulus: asn1js.Integer; publicExponent: asn1js.Integer; privateExponent: asn1js.Integer; prime1: asn1js.Integer; prime2: asn1js.Integer; exponent1: asn1js.Integer; exponent2: asn1js.Integer; coefficient: asn1js.Integer; otherPrimeInfos?: OtherPrimeInfo[]; /** * Initializes a new instance of the {@link RSAPrivateKey} class * @param parameters Initialization parameters */ constructor(parameters?: RSAPrivateKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$7): number; static defaultValues(memberName: typeof MODULUS): asn1js.Integer; static defaultValues(memberName: typeof PUBLIC_EXPONENT): asn1js.Integer; static defaultValues(memberName: typeof PRIVATE_EXPONENT): asn1js.Integer; static defaultValues(memberName: typeof PRIME1): asn1js.Integer; static defaultValues(memberName: typeof PRIME2): asn1js.Integer; static defaultValues(memberName: typeof EXPONENT1): asn1js.Integer; static defaultValues(memberName: typeof EXPONENT2): asn1js.Integer; static defaultValues(memberName: typeof COEFFICIENT): asn1js.Integer; static defaultValues(memberName: typeof OTHER_PRIME_INFOS): OtherPrimeInfo[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RSAPrivateKey ::= Sequence { * version Version, * modulus Integer, -- n * publicExponent Integer, -- e * privateExponent Integer, -- d * prime1 Integer, -- p * prime2 Integer, -- q * exponent1 Integer, -- d mod (p-1) * exponent2 Integer, -- d mod (q-1) * coefficient Integer, -- (inverse of q) mod p * otherPrimeInfos OtherPrimeInfos OPTIONAL * } * * OtherPrimeInfos ::= Sequence SIZE(1..MAX) OF OtherPrimeInfo * ``` */ static schema(parameters?: SchemaParameters<{ version?: string; modulus?: string; publicExponent?: string; privateExponent?: string; prime1?: string; prime2?: string; exponent1?: string; exponent2?: string; coefficient?: string; otherPrimeInfosName?: string; otherPrimeInfo?: OtherPrimeInfoSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RSAPrivateKeyJson; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: any): void; } interface IPrivateKeyInfo { version: number; privateKeyAlgorithm: AlgorithmIdentifier; privateKey: asn1js.OctetString; attributes?: Attribute[]; parsedKey?: RSAPrivateKey | ECPrivateKey; } type PrivateKeyInfoParameters = PkiObjectParameters & Partial & { json?: JsonWebKey; }; interface PrivateKeyInfoJson { version: number; privateKeyAlgorithm: AlgorithmIdentifierJson; privateKey: asn1js.OctetStringJson; attributes?: AttributeJson[]; } /** * Represents the PrivateKeyInfo structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5208) */ declare class PrivateKeyInfo extends PkiObject implements IPrivateKeyInfo { static CLASS_NAME: string; version: number; privateKeyAlgorithm: AlgorithmIdentifier; privateKey: asn1js.OctetString; attributes?: Attribute[]; parsedKey?: RSAPrivateKey | ECPrivateKey; /** * Initializes a new instance of the {@link PrivateKeyInfo} class * @param parameters Initialization parameters */ constructor(parameters?: PrivateKeyInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: string): any; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PrivateKeyInfo ::= SEQUENCE { * version Version, * privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}}, * privateKey PrivateKey, * attributes [0] Attributes OPTIONAL } * * Version ::= INTEGER {v1(0)} (v1,...) * * PrivateKey ::= OCTET STRING * * Attributes ::= SET OF Attribute *``` */ static schema(parameters?: SchemaParameters<{ version?: string; privateKeyAlgorithm?: AlgorithmIdentifierSchema; privateKey?: string; attributes?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PrivateKeyInfoJson | JsonWebKey; /** * Converts JSON value into current object * @param json JSON object */ fromJSON(json: any): void; } /** * Class from RFC5208 */ declare class KeyBag extends PrivateKeyInfo { /** * Constructor for Attribute class * @param parameters */ constructor(parameters?: {}); } declare const MAC = "mac"; declare const MAC_SALT = "macSalt"; declare const ITERATIONS = "iterations"; interface IMacData { mac: DigestInfo; macSalt: asn1js.OctetString; iterations?: number; } interface MacDataJson { mac: DigestInfoJson; macSalt: asn1js.OctetStringJson; iterations?: number; } type MacDataParameters = PkiObjectParameters & Partial; type MacDataSchema = SchemaParameters<{ mac?: DigestInfoSchema; macSalt?: string; iterations?: string; }>; /** * Represents the MacData structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class MacData extends PkiObject implements IMacData { static CLASS_NAME: string; mac: DigestInfo; macSalt: asn1js.OctetString; iterations?: number; /** * Initializes a new instance of the {@link MacData} class * @param parameters Initialization parameters */ constructor(parameters?: MacDataParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof MAC): DigestInfo; static defaultValues(memberName: typeof MAC_SALT): asn1js.OctetString; static defaultValues(memberName: typeof ITERATIONS): number; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * MacData ::= SEQUENCE { * mac DigestInfo, * macSalt OCTET STRING, * iterations INTEGER DEFAULT 1 * -- Note: The default is for historical reasons and its use is * -- deprecated. A higher value, like 1024 is recommended. * } *``` */ static schema(parameters?: MacDataSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): MacDataJson; } declare const HASH_ALGORITHM$3 = "hashAlgorithm"; declare const HASHED_MESSAGE = "hashedMessage"; interface IMessageImprint { hashAlgorithm: AlgorithmIdentifier; hashedMessage: asn1js.OctetString; } interface MessageImprintJson { hashAlgorithm: AlgorithmIdentifierJson; hashedMessage: asn1js.OctetStringJson; } type MessageImprintParameters = PkiObjectParameters & Partial; type MessageImprintSchema = SchemaParameters<{ hashAlgorithm?: AlgorithmIdentifierSchema; hashedMessage?: string; }>; /** * Represents the MessageImprint structure described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) */ declare class MessageImprint extends PkiObject implements IMessageImprint { static CLASS_NAME: string; /** * Creates and fills a new instance of {@link MessageImprint} * @param hashAlgorithm * @param message * @param crypto Crypto engine * @returns New instance of {@link MessageImprint} */ static create(hashAlgorithm: string, message: BufferSource, crypto?: ICryptoEngine): Promise; hashAlgorithm: AlgorithmIdentifier; hashedMessage: asn1js.OctetString; /** * Initializes a new instance of the {@link MessageImprint} class * @param parameters Initialization parameters */ constructor(parameters?: MessageImprintParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof HASH_ALGORITHM$3): AlgorithmIdentifier; static defaultValues(memberName: typeof HASHED_MESSAGE): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * MessageImprint ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, * hashedMessage OCTET STRING } *``` */ static schema(parameters?: MessageImprintSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): MessageImprintJson; } declare const PERMITTED_SUBTREES = "permittedSubtrees"; declare const EXCLUDED_SUBTREES = "excludedSubtrees"; interface INameConstraints { permittedSubtrees?: GeneralSubtree[]; excludedSubtrees?: GeneralSubtree[]; } interface NameConstraintsJson { permittedSubtrees?: GeneralSubtreeJson[]; excludedSubtrees?: GeneralSubtreeJson[]; } type NameConstraintsParameters = PkiObjectParameters & Partial; /** * Represents the NameConstraints structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class NameConstraints extends PkiObject implements INameConstraints { static CLASS_NAME: string; permittedSubtrees?: GeneralSubtree[]; excludedSubtrees?: GeneralSubtree[]; /** * Initializes a new instance of the {@link NameConstraints} class * @param parameters Initialization parameters */ constructor(parameters?: NameConstraintsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof PERMITTED_SUBTREES): GeneralSubtree[]; static defaultValues(memberName: typeof EXCLUDED_SUBTREES): GeneralSubtree[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * NameConstraints ::= SEQUENCE { * permittedSubtrees [0] GeneralSubtrees OPTIONAL, * excludedSubtrees [1] GeneralSubtrees OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ permittedSubtrees?: string; excludedSubtrees?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): NameConstraintsJson; } declare const REQ_CERT = "reqCert"; declare const SINGLE_REQUEST_EXTENSIONS = "singleRequestExtensions"; interface IRequest { reqCert: CertID; singleRequestExtensions?: Extension[]; } interface RequestJson { reqCert: CertIDJson; singleRequestExtensions?: ExtensionJson[]; } type RequestParameters = PkiObjectParameters & Partial; type RequestSchema = SchemaParameters<{ reqCert?: CertIDSchema; extensions?: ExtensionsSchema; singleRequestExtensions?: string; }>; /** * Represents an Request described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class Request extends PkiObject implements IRequest { static CLASS_NAME: string; reqCert: CertID; singleRequestExtensions?: Extension[]; /** * Initializes a new instance of the {@link Request} class * @param parameters Initialization parameters */ constructor(parameters?: RequestParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof REQ_CERT): CertID; static defaultValues(memberName: typeof SINGLE_REQUEST_EXTENSIONS): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Request ::= SEQUENCE { * reqCert CertID, * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } *``` */ static schema(parameters?: RequestSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RequestJson; } declare const TBS = "tbs"; declare const VERSION$6 = "version"; declare const REQUESTOR_NAME = "requestorName"; declare const REQUEST_LIST = "requestList"; declare const REQUEST_EXTENSIONS = "requestExtensions"; interface ITBSRequest { tbs: ArrayBuffer; version?: number; requestorName?: GeneralName; requestList: Request[]; requestExtensions?: Extension[]; } interface TBSRequestJson { tbs: string; version?: number; requestorName?: GeneralNameJson; requestList: RequestJson[]; requestExtensions?: ExtensionJson[]; } type TBSRequestParameters = PkiObjectParameters & Partial; type TBSRequestSchema = SchemaParameters<{ TBSRequestVersion?: string; requestorName?: GeneralNameSchema; requestList?: string; requests?: string; requestNames?: RequestSchema; extensions?: ExtensionsSchema; requestExtensions?: string; }>; /** * Represents the TBSRequest structure described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class TBSRequest extends PkiObject implements ITBSRequest { static CLASS_NAME: string; tbsView: Uint8Array; /** * @deprecated Since version 3.0.0 */ get tbs(): ArrayBuffer; /** * @deprecated Since version 3.0.0 */ set tbs(value: ArrayBuffer); version?: number; requestorName?: GeneralName; requestList: Request[]; requestExtensions?: Extension[]; /** * Initializes a new instance of the {@link TBSRequest} class * @param parameters Initialization parameters */ constructor(parameters?: TBSRequestParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS): ArrayBuffer; static defaultValues(memberName: typeof VERSION$6): number; static defaultValues(memberName: typeof REQUESTOR_NAME): GeneralName; static defaultValues(memberName: typeof REQUEST_LIST): Request[]; static defaultValues(memberName: typeof REQUEST_EXTENSIONS): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * TBSRequest ::= SEQUENCE { * version [0] EXPLICIT Version DEFAULT v1, * requestorName [1] EXPLICIT GeneralName OPTIONAL, * requestList SEQUENCE OF Request, * requestExtensions [2] EXPLICIT Extensions OPTIONAL } *``` */ static schema(parameters?: TBSRequestSchema): SchemaType; fromSchema(schema: SchemaType): void; /** * Convert current object to asn1js object and set correct values * @param encodeFlag If param equal to false then create TBS schema via decoding stored value. In othe case create TBS schema via assembling from TBS parts. * @returns asn1js object */ toSchema(encodeFlag?: boolean): asn1js.Sequence; toJSON(): TBSRequestJson; } declare const SIGNATURE_ALGORITHM$2 = "signatureAlgorithm"; declare const SIGNATURE$2 = "signature"; declare const CERTS = "certs"; interface ISignature { signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.BitString; certs?: Certificate[]; } interface SignatureJson { signatureAlgorithm: AlgorithmIdentifierJson; signature: asn1js.BitStringJson; certs?: CertificateJson[]; } type SignatureParameters = PkiObjectParameters & Partial; type SignatureSchema = SchemaParameters<{ signatureAlgorithm?: AlgorithmIdentifierSchema; signature?: string; certs?: string; }>; /** * Represents the Signature structure described in [RFC6960](https://datatracker.ietf.org/doc/html/rfc6960) */ declare class Signature extends PkiObject implements ISignature { static CLASS_NAME: string; signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.BitString; certs?: Certificate[]; /** * Initializes a new instance of the {@link Signature} class * @param parameters Initialization parameters */ constructor(parameters?: SignatureParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$2): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE$2): asn1js.BitString; static defaultValues(memberName: typeof CERTS): Certificate[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * Signature ::= SEQUENCE { * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING, * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } *``` */ static schema(parameters?: SignatureSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SignatureJson; } declare const TBS_REQUEST = "tbsRequest"; declare const OPTIONAL_SIGNATURE = "optionalSignature"; interface IOCSPRequest { tbsRequest: TBSRequest; optionalSignature?: Signature; } interface OCSPRequestJson { tbsRequest: TBSRequestJson; optionalSignature?: SignatureJson; } type OCSPRequestParameters = PkiObjectParameters & Partial; /** * Represents an OCSP request described in [RFC6960 Section 4.1](https://datatracker.ietf.org/doc/html/rfc6960#section-4.1) * * @example The following example demonstrates how to create OCSP request * ```js * // Create OCSP request * const ocspReq = new pkijs.OCSPRequest(); * * ocspReq.tbsRequest.requestorName = new pkijs.GeneralName({ * type: 4, * value: cert.subject, * }); * * await ocspReq.createForCertificate(cert, { * hashAlgorithm: "SHA-256", * issuerCertificate: issuerCert, * }); * * const nonce = pkijs.getRandomValues(new Uint8Array(10)); * ocspReq.tbsRequest.requestExtensions = [ * new pkijs.Extension({ * extnID: "1.3.6.1.5.5.7.48.1.2", // nonce * extnValue: new asn1js.OctetString({ valueHex: nonce.buffer }).toBER(), * }) * ]; * * // Encode OCSP request * const ocspReqRaw = ocspReq.toSchema(true).toBER(); * ``` */ declare class OCSPRequest extends PkiObject implements IOCSPRequest { static CLASS_NAME: string; tbsRequest: TBSRequest; optionalSignature?: Signature; /** * Initializes a new instance of the {@link OCSPRequest} class * @param parameters Initialization parameters */ constructor(parameters?: OCSPRequestParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TBS_REQUEST): TBSRequest; static defaultValues(memberName: typeof OPTIONAL_SIGNATURE): Signature; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value * @returns Returns `true` if `memberValue` is equal to default value for selected class member */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OCSPRequest ::= SEQUENCE { * tbsRequest TBSRequest, * optionalSignature [0] EXPLICIT Signature OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ tbsRequest?: TBSRequestSchema; optionalSignature?: SignatureSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(encodeFlag?: boolean): asn1js.Sequence; toJSON(): OCSPRequestJson; /** * Making OCSP Request for specific certificate * @param certificate Certificate making OCSP Request for * @param parameters Additional parameters * @param crypto Crypto engine */ createForCertificate(certificate: Certificate, parameters: CertIDCreateParams, crypto?: ICryptoEngine): Promise; /** * Make signature for current OCSP Request * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param hashAlgorithm Hashing algorithm. Default SHA-1 * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; verify(): void; } declare const RESPONSE_TYPE = "responseType"; declare const RESPONSE = "response"; interface IResponseBytes { responseType: string; response: asn1js.OctetString; } interface ResponseBytesJson { responseType: string; response: asn1js.OctetStringJson; } type ResponseBytesParameters = PkiObjectParameters & Partial; type ResponseBytesSchema = SchemaParameters<{ responseType?: string; response?: string; }>; /** * Class from RFC6960 */ declare class ResponseBytes extends PkiObject implements IResponseBytes { static CLASS_NAME: string; responseType: string; response: asn1js.OctetString; /** * Initializes a new instance of the {@link Request} class * @param parameters Initialization parameters */ constructor(parameters?: ResponseBytesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof RESPONSE_TYPE): string; static defaultValues(memberName: typeof RESPONSE): asn1js.OctetString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * ResponseBytes ::= SEQUENCE { * responseType OBJECT IDENTIFIER, * response OCTET STRING } *``` */ static schema(parameters?: ResponseBytesSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): ResponseBytesJson; } declare const RESPONSE_STATUS = "responseStatus"; declare const RESPONSE_BYTES = "responseBytes"; interface IOCSPResponse { responseStatus: asn1js.Enumerated; responseBytes?: ResponseBytes; } interface OCSPResponseJson { responseStatus: asn1js.EnumeratedJson; responseBytes?: ResponseBytesJson; } type OCSPResponseParameters = PkiObjectParameters & Partial; /** * Represents an OCSP response described in [RFC6960 Section 4.2](https://datatracker.ietf.org/doc/html/rfc6960#section-4.2) * * @example The following example demonstrates how to verify OCSP response * ```js * const asnOcspResp = asn1js.fromBER(ocspRespRaw); * const ocspResp = new pkijs.OCSPResponse({ schema: asnOcspResp.result }); * * if (!ocspResp.responseBytes) { * throw new Error("No \"ResponseBytes\" in the OCSP Response - nothing to verify"); * } * * const asnOcspRespBasic = asn1js.fromBER(ocspResp.responseBytes.response.valueBlock.valueHex); * const ocspBasicResp = new pkijs.BasicOCSPResponse({ schema: asnOcspRespBasic.result }); * const ok = await ocspBasicResp.verify({ trustedCerts: [cert] }); * ``` * * @example The following example demonstrates how to create OCSP response * ```js * const ocspBasicResp = new pkijs.BasicOCSPResponse(); * * // Create specific TST info structure to sign * ocspBasicResp.tbsResponseData.responderID = issuerCert.subject; * ocspBasicResp.tbsResponseData.producedAt = new Date(); * * const certID = new pkijs.CertID(); * await certID.createForCertificate(cert, { * hashAlgorithm: "SHA-256", * issuerCertificate: issuerCert, * }); * const response = new pkijs.SingleResponse({ * certID, * }); * response.certStatus = new asn1js.Primitive({ * idBlock: { * tagClass: 3, // CONTEXT-SPECIFIC * tagNumber: 0 // [0] * }, * lenBlockLength: 1 // The length contains one byte 0x00 * }); // status - success * response.thisUpdate = new Date(); * * ocspBasicResp.tbsResponseData.responses.push(response); * * // Add certificates for chain OCSP response validation * ocspBasicResp.certs = [issuerCert]; * * await ocspBasicResp.sign(keys.privateKey, "SHA-256"); * * // Finally create completed OCSP response structure * const ocspBasicRespRaw = ocspBasicResp.toSchema().toBER(false); * * const ocspResp = new pkijs.OCSPResponse({ * responseStatus: new asn1js.Enumerated({ value: 0 }), // success * responseBytes: new pkijs.ResponseBytes({ * responseType: pkijs.id_PKIX_OCSP_Basic, * response: new asn1js.OctetString({ valueHex: ocspBasicRespRaw }), * }), * }); * * const ocspRespRaw = ocspResp.toSchema().toBER(); * ``` */ declare class OCSPResponse extends PkiObject implements IOCSPResponse { static CLASS_NAME: string; responseStatus: asn1js.Enumerated; responseBytes?: ResponseBytes; /** * Initializes a new instance of the {@link OCSPResponse} class * @param parameters Initialization parameters */ constructor(parameters?: OCSPResponseParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof RESPONSE_STATUS): asn1js.Enumerated; static defaultValues(memberName: typeof RESPONSE_BYTES): ResponseBytes; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OCSPResponse ::= SEQUENCE { * responseStatus OCSPResponseStatus, * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } * * OCSPResponseStatus ::= ENUMERATED { * successful (0), -- Response has valid confirmations * malformedRequest (1), -- Illegal confirmation request * internalError (2), -- Internal error in issuer * tryLater (3), -- Try again later * -- (4) is not used * sigRequired (5), -- Must sign the request * unauthorized (6) -- Request unauthorized * } *``` */ static schema(parameters?: SchemaParameters<{ responseStatus?: string; responseBytes?: ResponseBytesSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OCSPResponseJson; /** * Get OCSP response status for specific certificate * @param certificate * @param issuerCertificate * @param crypto Crypto engine */ getCertificateStatus(certificate: Certificate, issuerCertificate: Certificate, crypto?: ICryptoEngine): Promise<{ isForCertificate: boolean; status: number; }>; /** * Make a signature for current OCSP Response * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param hashAlgorithm Hashing algorithm. Default SHA-1 */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verify current OCSP Response * @param issuerCertificate In order to decrease size of resp issuer cert could be omitted. In such case you need manually provide it. * @param crypto Crypto engine */ verify(issuerCertificate?: Certificate | null, crypto?: ICryptoEngine): Promise; } declare const id_SubjectDirectoryAttributes = "2.5.29.9"; declare const id_SubjectKeyIdentifier = "2.5.29.14"; declare const id_KeyUsage = "2.5.29.15"; declare const id_PrivateKeyUsagePeriod = "2.5.29.16"; declare const id_SubjectAltName = "2.5.29.17"; declare const id_IssuerAltName = "2.5.29.18"; declare const id_BasicConstraints = "2.5.29.19"; declare const id_CRLNumber = "2.5.29.20"; declare const id_BaseCRLNumber = "2.5.29.27"; declare const id_CRLReason = "2.5.29.21"; declare const id_InvalidityDate = "2.5.29.24"; declare const id_IssuingDistributionPoint = "2.5.29.28"; declare const id_CertificateIssuer = "2.5.29.29"; declare const id_NameConstraints = "2.5.29.30"; declare const id_CRLDistributionPoints = "2.5.29.31"; declare const id_FreshestCRL = "2.5.29.46"; declare const id_CertificatePolicies = "2.5.29.32"; declare const id_AnyPolicy = "2.5.29.32.0"; declare const id_MicrosoftAppPolicies = "1.3.6.1.4.1.311.21.10"; declare const id_PolicyMappings = "2.5.29.33"; declare const id_AuthorityKeyIdentifier = "2.5.29.35"; declare const id_PolicyConstraints = "2.5.29.36"; declare const id_ExtKeyUsage = "2.5.29.37"; declare const id_InhibitAnyPolicy = "2.5.29.54"; declare const id_AuthorityInfoAccess = "1.3.6.1.5.5.7.1.1"; declare const id_SubjectInfoAccess = "1.3.6.1.5.5.7.1.11"; declare const id_SignedCertificateTimestampList = "1.3.6.1.4.1.11129.2.4.2"; declare const id_MicrosoftCertTemplateV1 = "1.3.6.1.4.1.311.20.2"; declare const id_MicrosoftPrevCaCertHash = "1.3.6.1.4.1.311.21.2"; declare const id_MicrosoftCertTemplateV2 = "1.3.6.1.4.1.311.21.7"; declare const id_MicrosoftCaVersion = "1.3.6.1.4.1.311.21.1"; declare const id_QCStatements = "1.3.6.1.5.5.7.1.3"; declare const id_ContentType_Data = "1.2.840.113549.1.7.1"; declare const id_ContentType_SignedData = "1.2.840.113549.1.7.2"; declare const id_ContentType_EnvelopedData = "1.2.840.113549.1.7.3"; declare const id_ContentType_EncryptedData = "1.2.840.113549.1.7.6"; declare const id_eContentType_TSTInfo = "1.2.840.113549.1.9.16.1.4"; declare const id_CertBag_X509Certificate = "1.2.840.113549.1.9.22.1"; declare const id_CertBag_SDSICertificate = "1.2.840.113549.1.9.22.2"; declare const id_CertBag_AttributeCertificate = "1.2.840.113549.1.9.22.3"; declare const id_CRLBag_X509CRL = "1.2.840.113549.1.9.23.1"; declare const id_pkix = "1.3.6.1.5.5.7"; declare const id_ad = "1.3.6.1.5.5.7.48"; declare const id_PKIX_OCSP_Basic = "1.3.6.1.5.5.7.48.1.1"; declare const id_ad_caIssuers = "1.3.6.1.5.5.7.48.2"; declare const id_ad_ocsp = "1.3.6.1.5.5.7.48.1"; declare const id_sha1 = "1.3.14.3.2.26"; declare const id_sha256 = "2.16.840.1.101.3.4.2.1"; declare const id_sha384 = "2.16.840.1.101.3.4.2.2"; declare const id_sha512 = "2.16.840.1.101.3.4.2.3"; declare const ALGORITHM = "algorithm"; declare const PUBLIC_KEY = "publicKey"; interface IOriginatorPublicKey { algorithm: AlgorithmIdentifier; publicKey: asn1js.BitString; } interface OriginatorPublicKeyJson { algorithm: AlgorithmIdentifierJson; publicKey: asn1js.BitStringJson; } type OriginatorPublicKeyParameters = PkiObjectParameters & Partial; /** * Represents the OriginatorPublicKey structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class OriginatorPublicKey extends PkiObject implements IOriginatorPublicKey { static CLASS_NAME: string; algorithm: AlgorithmIdentifier; publicKey: asn1js.BitString; /** * Initializes a new instance of the {@link OriginatorPublicKey} class * @param parameters Initialization parameters */ constructor(parameters?: OriginatorPublicKeyParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof PUBLIC_KEY): asn1js.BitString; static defaultValues(memberName: string): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: T): memberValue is T; /** * @inheritdoc * @asn ASN.1 schema * ```asn * OriginatorPublicKey ::= SEQUENCE { * algorithm AlgorithmIdentifier, * publicKey BIT STRING } *``` */ static schema(parameters?: SchemaParameters<{ algorithm?: AlgorithmIdentifierSchema; publicKey?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): OriginatorPublicKeyJson; } declare const KEY_DERIVATION_FUNC = "keyDerivationFunc"; declare const ENCRYPTION_SCHEME = "encryptionScheme"; interface IPBES2Params { keyDerivationFunc: AlgorithmIdentifier; encryptionScheme: AlgorithmIdentifier; } interface PBES2ParamsJson { keyDerivationFunc: AlgorithmIdentifierJson; encryptionScheme: AlgorithmIdentifierJson; } type PBES2ParamsParameters = PkiObjectParameters & Partial; /** * Represents the PBES2Params structure described in [RFC2898](https://www.ietf.org/rfc/rfc2898.txt) */ declare class PBES2Params extends PkiObject implements IPBES2Params { static CLASS_NAME: string; keyDerivationFunc: AlgorithmIdentifier; encryptionScheme: AlgorithmIdentifier; /** * Initializes a new instance of the {@link PBES2Params} class * @param parameters Initialization parameters */ constructor(parameters?: PBES2ParamsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof KEY_DERIVATION_FUNC): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTION_SCHEME): AlgorithmIdentifier; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PBES2-params ::= SEQUENCE { * keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} } *``` */ static schema(parameters?: SchemaParameters<{ keyDerivationFunc?: AlgorithmIdentifierSchema; encryptionScheme?: AlgorithmIdentifierSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PBES2ParamsJson; } declare const SALT = "salt"; declare const ITERATION_COUNT = "iterationCount"; declare const KEY_LENGTH = "keyLength"; declare const PRF = "prf"; interface IPBKDF2Params { salt: any; iterationCount: number; keyLength?: number; prf?: AlgorithmIdentifier; } interface PBKDF2ParamsJson { salt: any; iterationCount: number; keyLength?: number; prf?: AlgorithmIdentifierJson; } type PBKDF2ParamsParameters = PkiObjectParameters & Partial; /** * Represents the PBKDF2Params structure described in [RFC2898](https://www.ietf.org/rfc/rfc2898.txt) */ declare class PBKDF2Params extends PkiObject implements IPBKDF2Params { static CLASS_NAME: string; salt: any; iterationCount: number; keyLength?: number; prf?: AlgorithmIdentifier; /** * Initializes a new instance of the {@link PBKDF2Params} class * @param parameters Initialization parameters */ constructor(parameters?: PBKDF2ParamsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SALT): any; static defaultValues(memberName: typeof ITERATION_COUNT): number; static defaultValues(memberName: typeof KEY_LENGTH): number; static defaultValues(memberName: typeof PRF): AlgorithmIdentifier; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PBKDF2-params ::= SEQUENCE { * salt CHOICE { * specified OCTET STRING, * otherSource AlgorithmIdentifier }, * iterationCount INTEGER (1..MAX), * keyLength INTEGER (1..MAX) OPTIONAL, * prf AlgorithmIdentifier * DEFAULT { algorithm hMAC-SHA1, parameters NULL } } *``` */ static schema(parameters?: SchemaParameters<{ saltPrimitive?: string; saltConstructed?: AlgorithmIdentifierSchema; iterationCount?: string; keyLength?: string; prf?: AlgorithmIdentifierSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PBKDF2ParamsJson; } declare const VERSION$5 = "version"; declare const AUTH_SAFE = "authSafe"; declare const MAC_DATA = "macData"; declare const PARSED_VALUE$1 = "parsedValue"; interface IPFX { version: number; authSafe: ContentInfo; macData?: MacData; parsedValue?: PFXParsedValue; } interface PFXJson { version: number; authSafe: ContentInfoJson; macData?: MacDataJson; } type PFXParameters = PkiObjectParameters & Partial; interface PFXParsedValue { authenticatedSafe?: AuthenticatedSafe; integrityMode?: number; } type MakeInternalValuesParams = object | { iterations: number; pbkdf2HashAlgorithm: Algorithm; hmacHashAlgorithm: string; password: ArrayBuffer; } | { signingCertificate: Certificate; privateKey: CryptoKey; hashAlgorithm: string; }; /** * Represents the PFX structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class PFX extends PkiObject implements IPFX { static CLASS_NAME: string; version: number; authSafe: ContentInfo; macData?: MacData; parsedValue?: PFXParsedValue; /** * Initializes a new instance of the {@link PFX} class * @param parameters Initialization parameters */ constructor(parameters?: PFXParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$5): number; static defaultValues(memberName: typeof AUTH_SAFE): ContentInfo; static defaultValues(memberName: typeof MAC_DATA): MacData; static defaultValues(memberName: typeof PARSED_VALUE$1): PFXParsedValue; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PFX ::= SEQUENCE { * version INTEGER {v3(3)}(v3,...), * authSafe ContentInfo, * macData MacData OPTIONAL * } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; authSafe?: ContentInfoSchema; macData?: MacDataSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PFXJson; /** * Making ContentInfo from PARSED_VALUE object * @param parameters Parameters, specific to each "integrity mode" * @param crypto Crypto engine */ makeInternalValues(parameters?: MakeInternalValuesParams, crypto?: ICryptoEngine): Promise; parseInternalValues(parameters: { checkIntegrity?: boolean; password?: ArrayBuffer; }, crypto?: ICryptoEngine): Promise; } declare const ENCRYPTION_ALGORITHM = "encryptionAlgorithm"; declare const ENCRYPTED_DATA = "encryptedData"; declare const PARSED_VALUE = "parsedValue"; interface IPKCS8ShroudedKeyBag { encryptionAlgorithm: AlgorithmIdentifier; encryptedData: asn1js.OctetString; parsedValue?: PrivateKeyInfo; } type PKCS8ShroudedKeyBagParameters = PkiObjectParameters & Partial; interface PKCS8ShroudedKeyBagJson { encryptionAlgorithm: AlgorithmIdentifierJson; encryptedData: asn1js.OctetStringJson; } type PKCS8ShroudedKeyBagMakeInternalValuesParams = Omit; /** * Represents the PKCS8ShroudedKeyBag structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class PKCS8ShroudedKeyBag extends PkiObject implements IPKCS8ShroudedKeyBag { static CLASS_NAME: string; encryptionAlgorithm: AlgorithmIdentifier; encryptedData: asn1js.OctetString; parsedValue?: PrivateKeyInfo; /** * Initializes a new instance of the {@link PKCS8ShroudedKeyBag} class * @param parameters Initialization parameters */ constructor(parameters?: PKCS8ShroudedKeyBagParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ENCRYPTION_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof ENCRYPTED_DATA): asn1js.OctetString; static defaultValues(memberName: typeof PARSED_VALUE): PrivateKeyInfo; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PKCS8ShroudedKeyBag ::= EncryptedPrivateKeyInfo * * EncryptedPrivateKeyInfo ::= SEQUENCE { * encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}}, * encryptedData EncryptedData * } * * EncryptedData ::= OCTET STRING *``` */ static schema(parameters?: SchemaParameters<{ encryptionAlgorithm?: AlgorithmIdentifierSchema; encryptedData?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PKCS8ShroudedKeyBagJson; protected parseInternalValues(parameters: { password: ArrayBuffer; }, crypto?: ICryptoEngine): Promise; makeInternalValues(parameters: PKCS8ShroudedKeyBagMakeInternalValuesParams, crypto?: ICryptoEngine): Promise; } declare const STATUS$1 = "status"; declare const STATUS_STRINGS = "statusStrings"; declare const FAIL_INFO = "failInfo"; interface IPKIStatusInfo { status: PKIStatus; statusStrings?: asn1js.Utf8String[]; failInfo?: asn1js.BitString; } interface PKIStatusInfoJson { status: PKIStatus; statusStrings?: asn1js.Utf8StringJson[]; failInfo?: asn1js.BitStringJson; } type PKIStatusInfoParameters = PkiObjectParameters & Partial; type PKIStatusInfoSchema = SchemaParameters<{ status?: string; statusStrings?: string; failInfo?: string; }>; declare enum PKIStatus { granted = 0, grantedWithMods = 1, rejection = 2, waiting = 3, revocationWarning = 4, revocationNotification = 5 } /** * Represents the PKIStatusInfo structure described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) */ declare class PKIStatusInfo extends PkiObject implements IPKIStatusInfo { static CLASS_NAME: string; status: PKIStatus; statusStrings?: asn1js.Utf8String[]; failInfo?: asn1js.BitString; /** * Initializes a new instance of the {@link PBKDF2Params} class * @param parameters Initialization parameters */ constructor(parameters?: PKIStatusInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof STATUS$1): number; static defaultValues(memberName: typeof STATUS_STRINGS): asn1js.Utf8String[]; static defaultValues(memberName: typeof FAIL_INFO): asn1js.BitString; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PKIStatusInfo ::= SEQUENCE { * status PKIStatus, * statusString PKIFreeText OPTIONAL, * failInfo PKIFailureInfo OPTIONAL } *``` */ static schema(parameters?: PKIStatusInfoSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PKIStatusInfoJson; } declare const REQUIRE_EXPLICIT_POLICY = "requireExplicitPolicy"; declare const INHIBIT_POLICY_MAPPING = "inhibitPolicyMapping"; interface IPolicyConstraints { requireExplicitPolicy?: number; inhibitPolicyMapping?: number; } interface PolicyConstraintsJson { requireExplicitPolicy?: number; inhibitPolicyMapping?: number; } type PolicyConstraintsParameters = PkiObjectParameters & Partial; /** * Represents the PolicyConstraints structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PolicyConstraints extends PkiObject implements IPolicyConstraints { static CLASS_NAME: string; requireExplicitPolicy?: number; inhibitPolicyMapping?: number; /** * Initializes a new instance of the {@link PolicyConstraints} class * @param parameters Initialization parameters */ constructor(parameters?: PolicyConstraintsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof REQUIRE_EXPLICIT_POLICY): number; static defaultValues(memberName: typeof INHIBIT_POLICY_MAPPING): number; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PolicyConstraints ::= SEQUENCE { * requireExplicitPolicy [0] SkipCerts OPTIONAL, * inhibitPolicyMapping [1] SkipCerts OPTIONAL } * * SkipCerts ::= INTEGER (0..MAX) *``` */ static schema(parameters?: SchemaParameters<{ requireExplicitPolicy?: string; inhibitPolicyMapping?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PolicyConstraintsJson; } declare const ISSUER_DOMAIN_POLICY = "issuerDomainPolicy"; declare const SUBJECT_DOMAIN_POLICY = "subjectDomainPolicy"; interface IPolicyMapping { issuerDomainPolicy: string; subjectDomainPolicy: string; } interface PolicyMappingJson { issuerDomainPolicy: string; subjectDomainPolicy: string; } type PolicyMappingParameters = PkiObjectParameters & Partial; /** * Represents the PolicyMapping structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PolicyMapping extends PkiObject implements IPolicyMapping { static CLASS_NAME: string; issuerDomainPolicy: string; subjectDomainPolicy: string; /** * Initializes a new instance of the {@link PolicyMapping} class * @param parameters Initialization parameters */ constructor(parameters?: PolicyMappingParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ISSUER_DOMAIN_POLICY): string; static defaultValues(memberName: typeof SUBJECT_DOMAIN_POLICY): string; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PolicyMapping ::= SEQUENCE { * issuerDomainPolicy CertPolicyId, * subjectDomainPolicy CertPolicyId } *``` */ static schema(parameters?: SchemaParameters<{ issuerDomainPolicy?: string; subjectDomainPolicy?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PolicyMappingJson; } interface IPolicyMappings { mappings: PolicyMapping[]; } interface PolicyMappingsJson { mappings: PolicyMappingJson[]; } type PolicyMappingsParameters = PkiObjectParameters & Partial; /** * Represents the PolicyMappings structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PolicyMappings extends PkiObject implements IPolicyMappings { static CLASS_NAME: string; mappings: PolicyMapping[]; /** * Initializes a new instance of the {@link PolicyMappings} class * @param parameters Initialization parameters */ constructor(parameters?: PolicyMappingsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: string): PolicyMapping[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF PolicyMapping *``` */ static schema(parameters?: SchemaParameters<{ mappings?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PolicyMappingsJson; } declare const NOT_BEFORE = "notBefore"; declare const NOT_AFTER = "notAfter"; interface IPrivateKeyUsagePeriod { notBefore?: Date; notAfter?: Date; } interface PrivateKeyUsagePeriodJson { notBefore?: Date; notAfter?: Date; } type PrivateKeyUsagePeriodParameters = PkiObjectParameters & Partial; /** * Represents the PrivateKeyUsagePeriod structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class PrivateKeyUsagePeriod extends PkiObject implements IPrivateKeyUsagePeriod { static CLASS_NAME: string; notBefore?: Date; notAfter?: Date; /** * Initializes a new instance of the {@link PrivateKeyUsagePeriod} class * @param parameters Initialization parameters */ constructor(parameters?: PrivateKeyUsagePeriodParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof NOT_BEFORE): Date; static defaultValues(memberName: typeof NOT_AFTER): Date; /** * @inheritdoc * @asn ASN.1 schema * ```asn * PrivateKeyUsagePeriod OID ::= 2.5.29.16 * * PrivateKeyUsagePeriod ::= SEQUENCE { * notBefore [0] GeneralizedTime OPTIONAL, * notAfter [1] GeneralizedTime OPTIONAL } * -- either notBefore or notAfter MUST be present *``` */ static schema(parameters?: SchemaParameters<{ notBefore?: string; notAfter?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): PrivateKeyUsagePeriodJson; } declare const ID = "id"; declare const TYPE$1 = "type"; declare const VALUES = "values"; interface IQCStatement { id: string; type?: any; } interface QCStatementJson { id: string; type?: any; } type QCStatementParameters = PkiObjectParameters & Partial; type QCStatementSchema = SchemaParameters<{ id?: string; type?: string; }>; /** * Represents the QCStatement structure described in [RFC3739](https://datatracker.ietf.org/doc/html/rfc3739) */ declare class QCStatement extends PkiObject implements IQCStatement { static CLASS_NAME: string; id: string; type?: any; /** * Initializes a new instance of the {@link QCStatement} class * @param parameters Initialization parameters */ constructor(parameters?: QCStatementParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ID): string; static defaultValues(memberName: typeof TYPE$1): any; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * QCStatement ::= SEQUENCE { * statementId QC-STATEMENT.&id({SupportedStatements}), * statementInfo QC-STATEMENT.&Type({SupportedStatements}{@statementId}) OPTIONAL * } *``` */ static schema(parameters?: QCStatementSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): QCStatementJson; } interface IQCStatements { values: QCStatement[]; } interface QCStatementsJson { values: QCStatementJson[]; } type QCStatementsParameters = PkiObjectParameters & Partial; /** * Represents the QCStatements structure described in [RFC3739](https://datatracker.ietf.org/doc/html/rfc3739) */ declare class QCStatements extends PkiObject implements IQCStatements { static CLASS_NAME: string; values: QCStatement[]; /** * Initializes a new instance of the {@link QCStatement} class * @param parameters Initialization parameters */ constructor(parameters?: QCStatementParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VALUES): QCStatement[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * QCStatements ::= SEQUENCE OF QCStatement *``` */ static schema(parameters?: SchemaParameters<{ values?: string; value?: QCStatementSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): QCStatementsJson; } declare const HASH_ALGORITHM$2 = "hashAlgorithm"; declare const MASK_GEN_ALGORITHM$1 = "maskGenAlgorithm"; declare const P_SOURCE_ALGORITHM = "pSourceAlgorithm"; interface IRSAESOAEPParams { hashAlgorithm: AlgorithmIdentifier; maskGenAlgorithm: AlgorithmIdentifier; pSourceAlgorithm: AlgorithmIdentifier; } interface RSAESOAEPParamsJson { hashAlgorithm?: AlgorithmIdentifierJson; maskGenAlgorithm?: AlgorithmIdentifierJson; pSourceAlgorithm?: AlgorithmIdentifierJson; } type RSAESOAEPParamsParameters = PkiObjectParameters & Partial; /** * Class from RFC3447 */ declare class RSAESOAEPParams extends PkiObject implements IRSAESOAEPParams { static CLASS_NAME: string; hashAlgorithm: AlgorithmIdentifier; maskGenAlgorithm: AlgorithmIdentifier; pSourceAlgorithm: AlgorithmIdentifier; /** * Initializes a new instance of the {@link RSAESOAEPParams} class * @param parameters Initialization parameters */ constructor(parameters?: RSAESOAEPParamsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof HASH_ALGORITHM$2): AlgorithmIdentifier; static defaultValues(memberName: typeof MASK_GEN_ALGORITHM$1): AlgorithmIdentifier; static defaultValues(memberName: typeof P_SOURCE_ALGORITHM): AlgorithmIdentifier; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RSAES-OAEP-params ::= SEQUENCE { * hashAlgorithm [0] HashAlgorithm DEFAULT sha1, * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1, * pSourceAlgorithm [2] PSourceAlgorithm DEFAULT pSpecifiedEmpty * } *``` */ static schema(parameters?: SchemaParameters<{ hashAlgorithm?: AlgorithmIdentifierSchema; maskGenAlgorithm?: AlgorithmIdentifierSchema; pSourceAlgorithm?: AlgorithmIdentifierSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RSAESOAEPParamsJson; } declare const HASH_ALGORITHM$1 = "hashAlgorithm"; declare const MASK_GEN_ALGORITHM = "maskGenAlgorithm"; declare const SALT_LENGTH = "saltLength"; declare const TRAILER_FIELD = "trailerField"; interface IRSASSAPSSParams { /** * Algorithms of hashing (DEFAULT sha1) */ hashAlgorithm: AlgorithmIdentifier; /** * Salt length (DEFAULT 20) */ maskGenAlgorithm: AlgorithmIdentifier; /** * Salt length (DEFAULT 20) */ saltLength: number; /** * (DEFAULT 1) */ trailerField: number; } interface RSASSAPSSParamsJson { hashAlgorithm?: AlgorithmIdentifierJson; maskGenAlgorithm?: AlgorithmIdentifierJson; saltLength?: number; trailerField?: number; } type RSASSAPSSParamsParameters = PkiObjectParameters & Partial; /** * Represents the RSASSAPSSParams structure described in [RFC4055](https://datatracker.ietf.org/doc/html/rfc4055) */ declare class RSASSAPSSParams extends PkiObject implements IRSASSAPSSParams { static CLASS_NAME: string; hashAlgorithm: AlgorithmIdentifier; maskGenAlgorithm: AlgorithmIdentifier; saltLength: number; trailerField: number; /** * Initializes a new instance of the {@link RSASSAPSSParams} class * @param parameters Initialization parameters */ constructor(parameters?: RSASSAPSSParamsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof HASH_ALGORITHM$1): AlgorithmIdentifier; static defaultValues(memberName: typeof MASK_GEN_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof SALT_LENGTH): number; static defaultValues(memberName: typeof TRAILER_FIELD): number; /** * @inheritdoc * @asn ASN.1 schema * ```asn * RSASSA-PSS-params ::= Sequence { * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, * saltLength [2] Integer DEFAULT 20, * trailerField [3] Integer DEFAULT 1 } *``` */ static schema(parameters?: SchemaParameters<{ hashAlgorithm?: AlgorithmIdentifierSchema; maskGenAlgorithm?: AlgorithmIdentifierSchema; saltLength?: string; trailerField?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): RSASSAPSSParamsJson; } declare const SAFE_BUGS = "safeBags"; interface ISafeContents { safeBags: SafeBag[]; } type SafeContentsParameters = PkiObjectParameters & Partial; interface SafeContentsJson { safeBags: SafeBagJson[]; } /** * Represents the SafeContents structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class SafeContents extends PkiObject implements ISafeContents { static CLASS_NAME: string; safeBags: SafeBag[]; /** * Initializes a new instance of the {@link SafeContents} class * @param parameters Initialization parameters */ constructor(parameters?: SafeContentsParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SAFE_BUGS): SafeBag[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SafeContents ::= SEQUENCE OF SafeBag *``` */ static schema(parameters?: SchemaParameters<{ safeBags?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SafeContentsJson; } declare const SECRET_TYPE_ID = "secretTypeId"; declare const SECRET_VALUE = "secretValue"; interface ISecretBag { secretTypeId: string; secretValue: SchemaCompatible; } interface SecretBagJson { secretTypeId: string; secretValue: asn1js.BaseBlockJson; } type SecretBagParameters = PkiObjectParameters & Partial; /** * Represents the SecretBag structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class SecretBag extends PkiObject implements ISecretBag { static CLASS_NAME: string; secretTypeId: string; secretValue: SchemaCompatible; /** * Initializes a new instance of the {@link SecretBag} class * @param parameters Initialization parameters */ constructor(parameters?: SecretBagParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof SECRET_TYPE_ID): string; static defaultValues(memberName: typeof SECRET_VALUE): SchemaCompatible; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SecretBag ::= SEQUENCE { * secretTypeId BAG-TYPE.&id ({SecretTypes}), * secretValue [0] EXPLICIT BAG-TYPE.&Type ({SecretTypes}{@secretTypeId}) * } *``` */ static schema(parameters?: SchemaParameters<{ id?: string; value?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SecretBagJson; } type BagType = PrivateKeyInfo | PKCS8ShroudedKeyBag | CertBag | CRLBag | SecretBag | SafeContents; type BagTypeJson = PrivateKeyInfoJson | JsonWebKey | PKCS8ShroudedKeyBagJson | CertBagJson | CRLBagJson | SecretBagJson | SafeContentsJson; interface BagTypeConstructor { new (params: { schema: any; }): T; } declare class SafeBagValueFactory { private static items?; private static getItems; static register(id: string, type: BagTypeConstructor): void; static find(id: string): BagTypeConstructor | null; } declare const BAG_ID = "bagId"; declare const BAG_VALUE = "bagValue"; declare const BAG_ATTRIBUTES = "bagAttributes"; interface ISafeBag { bagId: string; bagValue: T; bagAttributes?: Attribute[]; } type SafeBagParameters = PkiObjectParameters & Partial>; interface SafeBagJson { bagId: string; bagValue: BagTypeJson; bagAttributes?: AttributeJson[]; } /** * Represents the SafeBag structure described in [RFC7292](https://datatracker.ietf.org/doc/html/rfc7292) */ declare class SafeBag extends PkiObject implements ISafeBag { static CLASS_NAME: string; bagId: string; bagValue: T; bagAttributes?: Attribute[]; /** * Initializes a new instance of the {@link SafeBag} class * @param parameters Initialization parameters */ constructor(parameters?: SafeBagParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof BAG_ID): string; static defaultValues(memberName: typeof BAG_VALUE): BagType; static defaultValues(memberName: typeof BAG_ATTRIBUTES): Attribute[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SafeBag ::= SEQUENCE { * bagId BAG-TYPE.&id ({PKCS12BagSet}), * bagValue [0] EXPLICIT BAG-TYPE.&Type({PKCS12BagSet}{@bagId}), * bagAttributes SET OF PKCS12Attribute OPTIONAL * } *``` */ static schema(parameters?: SchemaParameters<{ bagId?: string; bagValue?: string; bagAttributes?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SafeBagJson; } declare const TYPE = "type"; declare const ATTRIBUTES$1 = "attributes"; declare const ENCODED_VALUE = "encodedValue"; interface ISignedAndUnsignedAttributes { type: number; attributes: Attribute[]; /** * Need to have it in order to successfully process with signature verification */ encodedValue: ArrayBuffer; } interface SignedAndUnsignedAttributesJson { type: number; attributes: AttributeJson[]; } type SignedAndUnsignedAttributesParameters = PkiObjectParameters & Partial; type SignedAndUnsignedAttributesSchema = SchemaParameters<{ tagNumber?: number; attributes?: string; }>; /** * Represents the SignedAndUnsignedAttributes structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class SignedAndUnsignedAttributes extends PkiObject implements ISignedAndUnsignedAttributes { static CLASS_NAME: string; type: number; attributes: Attribute[]; encodedValue: ArrayBuffer; /** * Initializes a new instance of the {@link SignedAndUnsignedAttributes} class * @param parameters Initialization parameters */ constructor(parameters?: SignedAndUnsignedAttributesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TYPE): number; static defaultValues(memberName: typeof ATTRIBUTES$1): Attribute[]; static defaultValues(memberName: typeof ENCODED_VALUE): ArrayBuffer; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SignedAttributes ::= SET SIZE (1..MAX) OF Attribute * * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute *``` */ static schema(parameters?: SignedAndUnsignedAttributesSchema): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SignedAndUnsignedAttributesJson; } declare const VERSION$4 = "version"; declare const LOG_ID = "logID"; declare const EXTENSIONS$2 = "extensions"; declare const TIMESTAMP = "timestamp"; declare const HASH_ALGORITHM = "hashAlgorithm"; declare const SIGNATURE_ALGORITHM$1 = "signatureAlgorithm"; declare const SIGNATURE$1 = "signature"; interface ISignedCertificateTimestamp { version: number; logID: ArrayBuffer; timestamp: Date; extensions: ArrayBuffer; hashAlgorithm: string; signatureAlgorithm: string; signature: ArrayBuffer; } interface SignedCertificateTimestampJson { version: number; logID: string; timestamp: Date; extensions: string; hashAlgorithm: string; signatureAlgorithm: string; signature: string; } type SignedCertificateTimestampParameters = PkiObjectParameters & Partial & { stream?: bs.SeqStream; }; declare class SignedCertificateTimestamp extends PkiObject implements ISignedCertificateTimestamp { static CLASS_NAME: string; version: number; logID: ArrayBuffer; timestamp: Date; extensions: ArrayBuffer; hashAlgorithm: string; signatureAlgorithm: string; signature: ArrayBuffer; /** * Initializes a new instance of the {@link SignedCertificateTimestamp} class * @param parameters Initialization parameters */ constructor(parameters?: SignedCertificateTimestampParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$4): number; static defaultValues(memberName: typeof LOG_ID): ArrayBuffer; static defaultValues(memberName: typeof EXTENSIONS$2): ArrayBuffer; static defaultValues(memberName: typeof TIMESTAMP): Date; static defaultValues(memberName: typeof HASH_ALGORITHM): string; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM$1): string; static defaultValues(memberName: typeof SIGNATURE$1): ArrayBuffer; fromSchema(schema: SchemaType): void; /** * Converts SeqStream data into current class * @param stream */ fromStream(stream: bs.SeqStream): void; toSchema(): asn1js.RawData; /** * Converts current object to SeqStream data * @returns SeqStream object */ toStream(): bs.SeqStream; toJSON(): SignedCertificateTimestampJson; /** * Verify SignedCertificateTimestamp for specific input data * @param logs Array of objects with information about each CT Log (like here: https://ct.grahamedgecombe.com/logs.json) * @param data Data to verify signature against. Could be encoded Certificate or encoded PreCert * @param dataType Type = 0 (data is encoded Certificate), type = 1 (data is encoded PreCert) * @param crypto Crypto engine */ verify(logs: Log[], data: ArrayBuffer, dataType?: number, crypto?: ICryptoEngine): Promise; } interface Log { /** * Identifier of the CT Log encoded in BASE-64 format */ log_id: string; /** * Public key of the CT Log encoded in BASE-64 format */ key: string; } interface Log { /** * Identifier of the CT Log encoded in BASE-64 format */ log_id: string; /** * Public key of the CT Log encoded in BASE-64 format */ key: string; } /** * Verify SignedCertificateTimestamp for specific certificate content * @param certificate Certificate for which verification would be performed * @param issuerCertificate Certificate of the issuer of target certificate * @param logs Array of objects with information about each CT Log (like here: https://ct.grahamedgecombe.com/logs.json) * @param index Index of SignedCertificateTimestamp inside SignedCertificateTimestampList (for -1 would verify all) * @param crypto Crypto engine * @return Array of verification results */ declare function verifySCTsForCertificate(certificate: Certificate, issuerCertificate: Certificate, logs: Log[], index?: number, crypto?: ICryptoEngine): Promise; declare const TIMESTAMPS = "timestamps"; interface ISignedCertificateTimestampList { timestamps: SignedCertificateTimestamp[]; } interface SignedCertificateTimestampListJson { timestamps: SignedCertificateTimestampJson[]; } type SignedCertificateTimestampListParameters = PkiObjectParameters & Partial; /** * Represents the SignedCertificateTimestampList structure described in [RFC6962](https://datatracker.ietf.org/doc/html/rfc6962) */ declare class SignedCertificateTimestampList extends PkiObject implements ISignedCertificateTimestampList { static CLASS_NAME: string; timestamps: SignedCertificateTimestamp[]; /** * Initializes a new instance of the {@link SignedCertificateTimestampList} class * @param parameters Initialization parameters */ constructor(parameters?: SignedCertificateTimestampListParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof TIMESTAMPS): SignedCertificateTimestamp[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SignedCertificateTimestampList ::= OCTET STRING *``` */ static schema(parameters?: SchemaParameters): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.OctetString; toJSON(): SignedCertificateTimestampListJson; } declare const VERSION$3 = "version"; declare const SID = "sid"; declare const DIGEST_ALGORITHM = "digestAlgorithm"; declare const SIGNED_ATTRS = "signedAttrs"; declare const SIGNATURE_ALGORITHM = "signatureAlgorithm"; declare const SIGNATURE = "signature"; declare const UNSIGNED_ATTRS = "unsignedAttrs"; interface ISignerInfo { version: number; sid: SchemaType; digestAlgorithm: AlgorithmIdentifier; signedAttrs?: SignedAndUnsignedAttributes; signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.OctetString; unsignedAttrs?: SignedAndUnsignedAttributes; } interface SignerInfoJson { version: number; sid?: SchemaType; digestAlgorithm: AlgorithmIdentifierJson; signedAttrs?: SignedAndUnsignedAttributesJson; signatureAlgorithm: AlgorithmIdentifierJson; signature: asn1js.OctetStringJson; unsignedAttrs?: SignedAndUnsignedAttributesJson; } type SignerInfoParameters = PkiObjectParameters & Partial; /** * Represents the SignerInfo structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) */ declare class SignerInfo extends PkiObject implements ISignerInfo { static CLASS_NAME: string; version: number; sid: SchemaType; digestAlgorithm: AlgorithmIdentifier; signedAttrs?: SignedAndUnsignedAttributes; signatureAlgorithm: AlgorithmIdentifier; signature: asn1js.OctetString; unsignedAttrs?: SignedAndUnsignedAttributes; /** * Initializes a new instance of the {@link SignerInfo} class * @param parameters Initialization parameters */ constructor(parameters?: SignerInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$3): number; static defaultValues(memberName: typeof SID): SchemaType; static defaultValues(memberName: typeof DIGEST_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNED_ATTRS): SignedAndUnsignedAttributes; static defaultValues(memberName: typeof SIGNATURE_ALGORITHM): AlgorithmIdentifier; static defaultValues(memberName: typeof SIGNATURE): asn1js.OctetString; static defaultValues(memberName: typeof UNSIGNED_ATTRS): SignedAndUnsignedAttributes; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SignerInfo ::= SEQUENCE { * version CMSVersion, * sid SignerIdentifier, * digestAlgorithm DigestAlgorithmIdentifier, * signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, * signatureAlgorithm SignatureAlgorithmIdentifier, * signature SignatureValue, * unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } * * SignerIdentifier ::= CHOICE { * issuerAndSerialNumber IssuerAndSerialNumber, * subjectKeyIdentifier [0] SubjectKeyIdentifier } * * SubjectKeyIdentifier ::= OCTET STRING *``` */ static schema(parameters?: SchemaParameters<{ version?: string; sidSchema?: IssuerAndSerialNumberSchema; sid?: string; digestAlgorithm?: AlgorithmIdentifierSchema; signedAttrs?: SignedAndUnsignedAttributesSchema; signatureAlgorithm?: AlgorithmIdentifierSchema; signature?: string; unsignedAttrs?: SignedAndUnsignedAttributesSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SignerInfoJson; } type SignedDataCRL = CertificateRevocationList | OtherRevocationInfoFormat; type SignedDataCRLJson = CertificateRevocationListJson | OtherRevocationInfoFormatJson; declare const VERSION$2 = "version"; declare const DIGEST_ALGORITHMS = "digestAlgorithms"; declare const ENCAP_CONTENT_INFO = "encapContentInfo"; declare const CERTIFICATES = "certificates"; declare const CRLS = "crls"; declare const SIGNER_INFOS = "signerInfos"; declare const OCSPS = "ocsps"; interface ISignedData { version: number; digestAlgorithms: AlgorithmIdentifier[]; encapContentInfo: EncapsulatedContentInfo; certificates?: CertificateSetItem[]; crls?: SignedDataCRL[]; ocsps?: BasicOCSPResponse[]; signerInfos: SignerInfo[]; } interface SignedDataJson { version: number; digestAlgorithms: AlgorithmIdentifierJson[]; encapContentInfo: EncapsulatedContentInfoJson; certificates?: CertificateSetItemJson[]; crls?: SignedDataCRLJson[]; ocsps?: BasicOCSPResponseJson[]; signerInfos: SignerInfoJson[]; } type SignedDataParameters = PkiObjectParameters & Partial; interface SignedDataVerifyParams { signer?: number; data?: ArrayBuffer; trustedCerts?: Certificate[]; checkDate?: Date; checkChain?: boolean; passedWhenNotRevValues?: boolean; extendedMode?: boolean; findOrigin?: FindOriginCallback | null; findIssuer?: FindIssuerCallback | null; } interface SignedDataVerifyErrorParams { message: string; date?: Date; code?: number; timestampSerial?: ArrayBuffer | null; signatureVerified?: boolean | null; signerCertificate?: Certificate | null; signerCertificateVerified?: boolean | null; certificatePath?: Certificate[]; } interface SignedDataVerifyResult { message: string; date?: Date; code?: number; timestampSerial?: ArrayBuffer | null; signatureVerified?: boolean | null; signerCertificate?: Certificate | null; signerCertificateVerified?: boolean | null; certificatePath: Certificate[]; } declare class SignedDataVerifyError extends Error implements SignedDataVerifyResult { date: Date; code: number; signatureVerified: boolean | null; signerCertificate: Certificate | null; signerCertificateVerified: boolean | null; timestampSerial: ArrayBuffer | null; certificatePath: Certificate[]; constructor({ message, code, date, signatureVerified, signerCertificate, signerCertificateVerified, timestampSerial, certificatePath, }: SignedDataVerifyErrorParams); } /** * Represents the SignedData structure described in [RFC5652](https://datatracker.ietf.org/doc/html/rfc5652) * * @example The following example demonstrates how to create and sign CMS Signed Data * ```js * // Create a new CMS Signed Data * const cmsSigned = new pkijs.SignedData({ * encapContentInfo: new pkijs.EncapsulatedContentInfo({ * eContentType: pkijs.ContentInfo.DATA,, // "data" content type * eContent: new asn1js.OctetString({ valueHex: buffer }) * }), * signerInfos: [ * new pkijs.SignerInfo({ * sid: new pkijs.IssuerAndSerialNumber({ * issuer: cert.issuer, * serialNumber: cert.serialNumber * }) * }) * ], * // Signer certificate for chain validation * certificates: [cert] * }); * * await cmsSigned.sign(keys.privateKey, 0, "SHA-256"); * * // Add Signed Data to Content Info * const cms = new pkijs.ContentInfo({ * contentType: pkijs.ContentInfo.SIGNED_DATA,, * content: cmsSigned.toSchema(true), * }); * * // Encode CMS to ASN.1 * const cmsRaw = cms.toSchema().toBER(); * ``` * * @example The following example demonstrates how to verify CMS Signed Data * ```js * // Parse CMS and detect it's Signed Data * const cms = pkijs.ContentInfo.fromBER(cmsRaw); * if (cms.contentType !== pkijs.ContentInfo.SIGNED_DATA) { * throw new Error("CMS is not Signed Data"); * } * * // Read Signed Data * const signedData = new pkijs.SignedData({ schema: cms.content }); * * // Verify Signed Data signature * const ok = await signedData.verify({ * signer: 0, * checkChain: true, * trustedCerts: [trustedCert], * }); * * if (!ok) { * throw new Error("CMS signature is invalid") * } * ``` */ declare class SignedData extends PkiObject implements ISignedData { static CLASS_NAME: string; static ID_DATA: typeof id_ContentType_Data; version: number; digestAlgorithms: AlgorithmIdentifier[]; encapContentInfo: EncapsulatedContentInfo; certificates?: CertificateSetItem[]; crls?: SignedDataCRL[]; ocsps?: BasicOCSPResponse[]; signerInfos: SignerInfo[]; /** * Initializes a new instance of the {@link SignedData} class * @param parameters Initialization parameters */ constructor(parameters?: SignedDataParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$2): number; static defaultValues(memberName: typeof DIGEST_ALGORITHMS): AlgorithmIdentifier[]; static defaultValues(memberName: typeof ENCAP_CONTENT_INFO): EncapsulatedContentInfo; static defaultValues(memberName: typeof CERTIFICATES): CertificateSetItem[]; static defaultValues(memberName: typeof CRLS): SignedDataCRL[]; static defaultValues(memberName: typeof OCSPS): BasicOCSPResponse[]; static defaultValues(memberName: typeof SIGNER_INFOS): SignerInfo[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SignedData ::= SEQUENCE { * version CMSVersion, * digestAlgorithms DigestAlgorithmIdentifiers, * encapContentInfo EncapsulatedContentInfo, * certificates [0] IMPLICIT CertificateSet OPTIONAL, * crls [1] IMPLICIT RevocationInfoChoices OPTIONAL, * signerInfos SignerInfos } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; digestAlgorithms?: string; encapContentInfo?: EncapsulatedContentInfoSchema; certificates?: string; crls?: RevocationInfoChoicesSchema; signerInfos?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(encodeFlag?: boolean): SchemaType; toJSON(): SignedDataJson; verify(params?: SignedDataVerifyParams & { extendedMode?: false; }, crypto?: ICryptoEngine): Promise; verify(params: SignedDataVerifyParams & { extendedMode: true; }, crypto?: ICryptoEngine): Promise; /** * Signing current SignedData * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param signerIndex Index number (starting from 0) of signer index to make signature for * @param hashAlgorithm Hashing algorithm. Default SHA-1 * @param data Detached data * @param crypto Crypto engine */ sign(privateKey: CryptoKey, signerIndex: number, hashAlgorithm?: string, data?: BufferSource, crypto?: ICryptoEngine): Promise; } declare const ATTRIBUTES = "attributes"; interface ISubjectDirectoryAttributes { attributes: Attribute[]; } interface SubjectDirectoryAttributesJson { attributes: AttributeJson[]; } type SubjectDirectoryAttributesParameters = PkiObjectParameters & Partial; /** * Represents the SubjectDirectoryAttributes structure described in [RFC5280](https://datatracker.ietf.org/doc/html/rfc5280) */ declare class SubjectDirectoryAttributes extends PkiObject implements ISubjectDirectoryAttributes { static CLASS_NAME: string; attributes: Attribute[]; /** * Initializes a new instance of the {@link SubjectDirectoryAttributes} class * @param parameters Initialization parameters */ constructor(parameters?: SubjectDirectoryAttributesParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof ATTRIBUTES): Attribute[]; /** * @inheritdoc * @asn ASN.1 schema * ```asn * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute *``` */ static schema(parameters?: SchemaParameters<{ attributes?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): SubjectDirectoryAttributesJson; } declare const VERSION$1 = "version"; declare const POLICY = "policy"; declare const MESSAGE_IMPRINT$1 = "messageImprint"; declare const SERIAL_NUMBER = "serialNumber"; declare const GEN_TIME = "genTime"; declare const ORDERING = "ordering"; declare const NONCE$1 = "nonce"; declare const ACCURACY = "accuracy"; declare const TSA = "tsa"; declare const EXTENSIONS$1 = "extensions"; interface ITSTInfo { /** * Version of the time-stamp token. * * Conforming time-stamping servers MUST be able to provide version 1 time-stamp tokens. */ version: number; /** * TSA's policy under which the response was produced. * * If a similar field was present in the TimeStampReq, then it MUST have the same value, * otherwise an error (unacceptedPolicy) MUST be returned */ policy: string; /** * The messageImprint MUST have the same value as the similar field in * TimeStampReq, provided that the size of the hash value matches the * expected size of the hash algorithm identified in hashAlgorithm. */ messageImprint: MessageImprint; /** * Integer assigned by the TSA to each TimeStampToken. * * It MUST be unique for each TimeStampToken issued by a given TSA. */ serialNumber: asn1js.Integer; /** * Time at which the time-stamp token has been created by the TSA */ genTime: Date; /** * Represents the time deviation around the UTC time contained in GeneralizedTime */ accuracy?: Accuracy; /** * If the ordering field is missing, or if the ordering field is present * and set to false, then the genTime field only indicates the time at * which the time-stamp token has been created by the TSA.In such a * case, the ordering of time-stamp tokens issued by the same TSA or * different TSAs is only possible when the difference between the * genTime of the first time-stamp token and the genTime of the second * time-stamp token is greater than the sum of the accuracies of the * genTime for each time-stamp token. * * If the ordering field is present and set to true, every time-stamp * token from the same TSA can always be ordered based on the genTime * field, regardless of the genTime accuracy. */ ordering?: boolean; /** * Field MUST be present if it was present in the TimeStampReq. * In such a case it MUST equal the value provided in the TimeStampReq structure. */ nonce?: asn1js.Integer; /** * `tsa` field is to give a hint in identifying the name of the TSA. * If present, it MUST correspond to one of the subject names included * in the certificate that is to be used to verify the token. */ tsa?: GeneralName; /** * Additional information in the future. Extensions is defined in [RFC2459](https://datatracker.ietf.org/doc/html/rfc2459) */ extensions?: Extension[]; } interface TSTInfoJson { version: number; policy: string; messageImprint: MessageImprintJson; serialNumber: asn1js.IntegerJson; genTime: Date; accuracy?: AccuracyJson; ordering?: boolean; nonce?: asn1js.IntegerJson; tsa?: GeneralNameJson; extensions?: ExtensionJson[]; } type TSTInfoParameters = PkiObjectParameters & Partial; interface TSTInfoVerifyParams { data: ArrayBuffer; notBefore?: Date; notAfter?: Date; } /** * Represents the TSTInfo structure described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) */ declare class TSTInfo extends PkiObject implements ITSTInfo { static CLASS_NAME: string; version: number; policy: string; messageImprint: MessageImprint; serialNumber: asn1js.Integer; genTime: Date; accuracy?: Accuracy; ordering?: boolean; nonce?: asn1js.Integer; tsa?: GeneralName; extensions?: Extension[]; /** * Initializes a new instance of the {@link TSTInfo} class * @param parameters Initialization parameters */ constructor(parameters?: TSTInfoParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION$1): number; static defaultValues(memberName: typeof POLICY): string; static defaultValues(memberName: typeof MESSAGE_IMPRINT$1): MessageImprint; static defaultValues(memberName: typeof SERIAL_NUMBER): asn1js.Integer; static defaultValues(memberName: typeof GEN_TIME): Date; static defaultValues(memberName: typeof ACCURACY): Accuracy; static defaultValues(memberName: typeof ORDERING): boolean; static defaultValues(memberName: typeof NONCE$1): asn1js.Integer; static defaultValues(memberName: typeof TSA): GeneralName; static defaultValues(memberName: typeof EXTENSIONS$1): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * TSTInfo ::= SEQUENCE { * version INTEGER { v1(1) }, * policy TSAPolicyId, * messageImprint MessageImprint, * serialNumber INTEGER, * genTime GeneralizedTime, * accuracy Accuracy OPTIONAL, * ordering BOOLEAN DEFAULT FALSE, * nonce INTEGER OPTIONAL, * tsa [0] GeneralName OPTIONAL, * extensions [1] IMPLICIT Extensions OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ version?: string; policy?: string; messageImprint?: MessageImprintSchema; serialNumber?: string; genTime?: string; accuracy?: AccuracySchema; ordering?: string; nonce?: string; tsa?: GeneralNameSchema; extensions?: string; extension?: ExtensionSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): TSTInfoJson; /** * Verify current TST Info value * @param params Input parameters * @param crypto Crypto engine */ verify(params: TSTInfoVerifyParams, crypto?: ICryptoEngine): Promise; } declare const VERSION = "version"; declare const MESSAGE_IMPRINT = "messageImprint"; declare const REQ_POLICY = "reqPolicy"; declare const NONCE = "nonce"; declare const CERT_REQ = "certReq"; declare const EXTENSIONS = "extensions"; interface ITimeStampReq { /** * Version of the Time-Stamp request. Should be version 1. */ version: number; /** * Contains the hash of the datum to be time-stamped */ messageImprint: MessageImprint; /** * Indicates the TSA policy under which the TimeStampToken SHOULD be provided. */ reqPolicy?: string; /** * The nonce, if included, allows the client to verify the timeliness of * the response when no local clock is available. The nonce is a large * random number with a high probability that the client generates it * only once. */ nonce?: asn1js.Integer; /** * If the certReq field is present and set to true, the TSA's public key * certificate that is referenced by the ESSCertID identifier inside a * SigningCertificate attribute in the response MUST be provided by the * TSA in the certificates field from the SignedData structure in that * response. That field may also contain other certificates. * * If the certReq field is missing or if the certReq field is present * and set to false then the certificates field from the SignedData * structure MUST not be present in the response. */ certReq?: boolean; /** * The extensions field is a generic way to add additional information * to the request in the future. */ extensions?: Extension[]; } interface TimeStampReqJson { version: number; messageImprint: MessageImprintJson; reqPolicy?: string; nonce?: asn1js.IntegerJson; certReq?: boolean; extensions?: ExtensionJson[]; } type TimeStampReqParameters = PkiObjectParameters & Partial; /** * Represents the TimeStampReq structure described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) * * @example The following example demonstrates how to create Time-Stamp Request * ```js * const nonce = pkijs.getRandomValues(new Uint8Array(10)).buffer; * * const tspReq = new pkijs.TimeStampReq({ * version: 1, * messageImprint: await pkijs.MessageImprint.create("SHA-256", message), * reqPolicy: "1.2.3.4.5.6", * certReq: true, * nonce: new asn1js.Integer({ valueHex: nonce }), * }); * * const tspReqRaw = tspReq.toSchema().toBER(); * ``` */ declare class TimeStampReq extends PkiObject implements ITimeStampReq { static CLASS_NAME: string; version: number; messageImprint: MessageImprint; reqPolicy?: string; nonce?: asn1js.Integer; certReq?: boolean; extensions?: Extension[]; /** * Initializes a new instance of the {@link TimeStampReq} class * @param parameters Initialization parameters */ constructor(parameters?: TimeStampReqParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof VERSION): number; static defaultValues(memberName: typeof MESSAGE_IMPRINT): MessageImprint; static defaultValues(memberName: typeof REQ_POLICY): string; static defaultValues(memberName: typeof NONCE): asn1js.Integer; static defaultValues(memberName: typeof CERT_REQ): boolean; static defaultValues(memberName: typeof EXTENSIONS): Extension[]; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * TimeStampReq ::= SEQUENCE { * version INTEGER { v1(1) }, * messageImprint MessageImprint, * reqPolicy TSAPolicyId OPTIONAL, * nonce INTEGER OPTIONAL, * certReq BOOLEAN DEFAULT FALSE, * extensions [0] IMPLICIT Extensions OPTIONAL } * * TSAPolicyId ::= OBJECT IDENTIFIER *``` */ static schema(parameters?: SchemaParameters<{ version?: string; messageImprint?: MessageImprintSchema; reqPolicy?: string; nonce?: string; certReq?: string; extensions?: string; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): TimeStampReqJson; } declare const STATUS = "status"; declare const TIME_STAMP_TOKEN = "timeStampToken"; interface ITimeStampResp { /** * Time-Stamp status */ status: PKIStatusInfo; /** * Time-Stamp token */ timeStampToken?: ContentInfo; } interface TimeStampRespJson { status: PKIStatusInfoJson; timeStampToken?: ContentInfoJson; } interface TimeStampRespVerifyParams { signer?: number; trustedCerts?: Certificate[]; data?: ArrayBuffer; } type TimeStampRespParameters = PkiObjectParameters & Partial; /** * Represents the TimeStampResp structure described in [RFC3161](https://www.ietf.org/rfc/rfc3161.txt) * * @example The following example demonstrates how to create and sign Time-Stamp Response * ```js * // Generate random serial number * const serialNumber = pkijs.getRandomValues(new Uint8Array(10)).buffer; * * // Create specific TST info structure to sign * const tstInfo = new pkijs.TSTInfo({ * version: 1, * policy: tspReq.reqPolicy, * messageImprint: tspReq.messageImprint, * serialNumber: new asn1js.Integer({ valueHex: serialNumber }), * genTime: new Date(), * ordering: true, * accuracy: new pkijs.Accuracy({ * seconds: 1, * millis: 1, * micros: 10 * }), * nonce: tspReq.nonce, * }); * * // Create and sign CMS Signed Data with TSTInfo * const cmsSigned = new pkijs.SignedData({ * version: 3, * encapContentInfo: new pkijs.EncapsulatedContentInfo({ * eContentType: "1.2.840.113549.1.9.16.1.4", // "tSTInfo" content type * eContent: new asn1js.OctetString({ valueHex: tstInfo.toSchema().toBER() }), * }), * signerInfos: [ * new pkijs.SignerInfo({ * version: 1, * sid: new pkijs.IssuerAndSerialNumber({ * issuer: cert.issuer, * serialNumber: cert.serialNumber * }) * }) * ], * certificates: [cert] * }); * * await cmsSigned.sign(keys.privateKey, 0, "SHA-256"); * * // Create CMS Content Info * const cmsContent = new pkijs.ContentInfo({ * contentType: pkijs.ContentInfo.SIGNED_DATA, * content: cmsSigned.toSchema(true) * }); * * // Finally create completed TSP response structure * const tspResp = new pkijs.TimeStampResp({ * status: new pkijs.PKIStatusInfo({ status: pkijs.PKIStatus.granted }), * timeStampToken: new pkijs.ContentInfo({ schema: cmsContent.toSchema() }) * }); * * const tspRespRaw = tspResp.toSchema().toBER(); * ``` */ declare class TimeStampResp extends PkiObject implements ITimeStampResp { static CLASS_NAME: string; status: PKIStatusInfo; timeStampToken?: ContentInfo; /** * Initializes a new instance of the {@link TimeStampResp} class * @param parameters Initialization parameters */ constructor(parameters?: TimeStampRespParameters); /** * Returns default values for all class members * @param memberName String name for a class member * @returns Default value */ static defaultValues(memberName: typeof STATUS): PKIStatusInfo; static defaultValues(memberName: typeof TIME_STAMP_TOKEN): ContentInfo; /** * Compare values with default values for all class members * @param memberName String name for a class member * @param memberValue Value to compare with default value */ static compareWithDefault(memberName: string, memberValue: any): boolean; /** * @inheritdoc * @asn ASN.1 schema * ```asn * TimeStampResp ::= SEQUENCE { * status PKIStatusInfo, * timeStampToken TimeStampToken OPTIONAL } *``` */ static schema(parameters?: SchemaParameters<{ status?: PKIStatusInfoSchema; timeStampToken?: ContentInfoSchema; }>): SchemaType; fromSchema(schema: SchemaType): void; toSchema(): asn1js.Sequence; toJSON(): TimeStampRespJson; /** * Sign current TSP Response * @param privateKey Private key for "subjectPublicKeyInfo" structure * @param hashAlgorithm Hashing algorithm. Default SHA-1 * @param crypto Crypto engine */ sign(privateKey: CryptoKey, hashAlgorithm?: string, crypto?: ICryptoEngine): Promise; /** * Verify current TSP Response * @param verificationParameters Input parameters for verification * @param crypto Crypto engine */ verify(verificationParameters?: TimeStampRespVerifyParams, crypto?: ICryptoEngine): Promise; private assertContentType; } declare class ParameterError extends TypeError { static readonly NAME = "ParameterError"; static assert(target: string, params: any, ...fields: string[]): void; static assert(params: any, ...fields: string[]): void; static assertEmpty(value: unknown, name: string, target?: string): asserts value; name: typeof ParameterError.NAME; field: string; target?: string; constructor(field: string, target?: string | null, message?: string); } interface AnyConstructor { new (args: any): any; } type ArgumentType = "undefined" | "null" | "boolean" | "number" | "string" | "object" | "Array" | "ArrayBuffer" | "ArrayBufferView" | AnyConstructor; declare class ArgumentError extends TypeError { static readonly NAME = "ArgumentError"; static isType(value: any, type: "undefined"): value is undefined; static isType(value: any, type: "null"): value is null; static isType(value: any, type: "boolean"): value is boolean; static isType(value: any, type: "number"): value is number; static isType(value: any, type: "object"): value is object; static isType(value: any, type: "string"): value is string; static isType(value: any, type: "Array"): value is any[]; static isType(value: any, type: "ArrayBuffer"): value is ArrayBuffer; static isType(value: any, type: "ArrayBufferView"): value is ArrayBufferView; static isType(value: any, type: new (...args: any[]) => T): value is T; static isType(value: any, type: ArgumentType): boolean; static assert(value: any, name: string, type: "undefined"): asserts value is undefined; static assert(value: any, name: string, type: "null"): asserts value is null; static assert(value: any, name: string, type: "boolean"): asserts value is boolean; static assert(value: any, name: string, type: "number"): asserts value is number; static assert(value: any, name: string, type: "object"): asserts value is { [key: string]: any; }; static assert(value: any, name: string, type: "string"): asserts value is string; static assert(value: any, name: string, type: "Array"): asserts value is any[]; static assert(value: any, name: string, type: "ArrayBuffer"): asserts value is ArrayBuffer; static assert(value: any, name: string, type: "ArrayBufferView"): asserts value is ArrayBufferView; static assert(value: any, name: string, type: new (...args: any[]) => T): asserts value is T; static assert(value: any, name: string, type: ArgumentType, ...types: ArgumentType[]): void; name: typeof ArgumentError.NAME; } interface AsnFromBerResult { offset: number; result: any; } interface AsnCompareSchemaResult { verified: boolean; result?: any; } declare class AsnError extends Error { static assertSchema(asn1: AsnCompareSchemaResult, target: string): asserts asn1 is { verified: true; result: any; }; static assert(asn: AsnFromBerResult, target: string): void; constructor(message: string); } export { AbstractCryptoEngine, AccessDescription, Accuracy, AlgorithmIdentifier, AltName, ArgumentError, AsnError, AttCertValidityPeriod, Attribute, AttributeCertificateInfoV1, AttributeCertificateInfoV2, AttributeCertificateV1, AttributeCertificateV2, AttributeTypeAndValue, AuthenticatedSafe, AuthorityKeyIdentifier, BasicConstraints, BasicOCSPResponse, CAVersion, CRLBag, CRLDistributionPoints, CertBag, CertID, Certificate, CertificateChainValidationEngine, CertificatePolicies, CertificateRevocationList, CertificateSet, CertificateTemplate, CertificationRequest, ChainValidationCode, ChainValidationError, ContentInfo, CryptoEngine, DigestInfo, DistributionPoint, ECCCMSSharedInfo, ECNamedCurves, ECPrivateKey, ECPublicKey, EncapsulatedContentInfo, EncryptedContentInfo, EncryptedData, EnvelopedData, ExtKeyUsage, Extension, ExtensionValueFactory, Extensions, GeneralName, GeneralNames, GeneralSubtree, HASHED_MESSAGE, HASH_ALGORITHM$3 as HASH_ALGORITHM, Holder, InfoAccess, IssuerAndSerialNumber, IssuerSerial, IssuingDistributionPoint, KEKIdentifier, KEKRecipientInfo, KeyAgreeRecipientIdentifier, KeyAgreeRecipientInfo, KeyBag, KeyTransRecipientInfo, MICROS, MILLIS, MacData, MessageImprint, NameConstraints, OCSPRequest, OCSPResponse, ObjectDigestInfo, OriginatorIdentifierOrKey, OriginatorInfo, OriginatorPublicKey, OtherCertificateFormat, OtherKeyAttribute, OtherPrimeInfo, OtherRecipientInfo, OtherRevocationInfoFormat, PBES2Params, PBKDF2Params, PFX, PKCS8ShroudedKeyBag, PKIStatus, PKIStatusInfo, POLICY_IDENTIFIER, POLICY_QUALIFIERS, ParameterError, PasswordRecipientinfo, PkiObject, PolicyConstraints, PolicyInformation, PolicyMapping, PolicyMappings, PolicyQualifierInfo, PrivateKeyInfo, PrivateKeyUsagePeriod, PublicKeyInfo, QCStatement, QCStatements, RDN, RSAESOAEPParams, RSAPrivateKey, RSAPublicKey, RSASSAPSSParams, RecipientEncryptedKey, RecipientEncryptedKeys, RecipientIdentifier, RecipientInfo, RecipientKeyIdentifier, RelativeDistinguishedNames, Request, ResponseBytes, ResponseData, RevocationInfoChoices, RevokedCertificate, SECONDS, SafeBag, SafeBagValueFactory, SafeContents, SecretBag, Signature, SignedAndUnsignedAttributes, SignedCertificateTimestamp, SignedCertificateTimestampList, SignedData, SignedDataVerifyError, SignerInfo, SingleResponse, SubjectDirectoryAttributes, TBSRequest, TSTInfo, TYPE$5 as TYPE, TYPE_AND_VALUES, Time, TimeStampReq, TimeStampResp, TimeType, V2Form, VALUE$6 as VALUE, VALUE_BEFORE_DECODE, checkCA, createCMSECDSASignature, createECDSASignatureFromCMS, engine, getAlgorithmByOID, getAlgorithmParameters, getCrypto, getEngine, getHashAlgorithm, getOIDByAlgorithm, getRandomValues, id_AnyPolicy, id_AuthorityInfoAccess, id_AuthorityKeyIdentifier, id_BaseCRLNumber, id_BasicConstraints, id_CRLBag_X509CRL, id_CRLDistributionPoints, id_CRLNumber, id_CRLReason, id_CertBag_AttributeCertificate, id_CertBag_SDSICertificate, id_CertBag_X509Certificate, id_CertificateIssuer, id_CertificatePolicies, id_ContentType_Data, id_ContentType_EncryptedData, id_ContentType_EnvelopedData, id_ContentType_SignedData, id_ExtKeyUsage, id_FreshestCRL, id_InhibitAnyPolicy, id_InvalidityDate, id_IssuerAltName, id_IssuingDistributionPoint, id_KeyUsage, id_MicrosoftAppPolicies, id_MicrosoftCaVersion, id_MicrosoftCertTemplateV1, id_MicrosoftCertTemplateV2, id_MicrosoftPrevCaCertHash, id_NameConstraints, id_PKIX_OCSP_Basic, id_PolicyConstraints, id_PolicyMappings, id_PrivateKeyUsagePeriod, id_QCStatements, id_SignedCertificateTimestampList, id_SubjectAltName, id_SubjectDirectoryAttributes, id_SubjectInfoAccess, id_SubjectKeyIdentifier, id_ad, id_ad_caIssuers, id_ad_ocsp, id_eContentType_TSTInfo, id_pkix, id_sha1, id_sha256, id_sha384, id_sha512, kdf, setEngine, stringPrep, verifySCTsForCertificate }; export type { AccessDescriptionJson, AccessDescriptionParameters, AccuracyJson, AccuracyParameters, AccuracySchema, AlgorithmIdentifierJson, AlgorithmIdentifierParameters, AlgorithmIdentifierSchema, AltNameJson, AltNameParameters, AnyConstructor, ArgumentType, AsnCompareSchemaResult, AsnFromBerResult, AttCertValidityPeriodJson, AttCertValidityPeriodParameters, AttCertValidityPeriodSchema, AttributeCertificateInfoV1Json, AttributeCertificateInfoV1Parameters, AttributeCertificateInfoV1Schema, AttributeCertificateInfoV2Json, AttributeCertificateInfoV2Parameters, AttributeCertificateInfoV2Schema, AttributeCertificateV1Json, AttributeCertificateV1Parameters, AttributeCertificateV2Json, AttributeCertificateV2Parameters, AttributeJson, AttributeParameters, AttributeSchema, AttributeTypeAndValueJson, AttributeTypeAndValueParameters, AttributeValueType, AuthenticatedSafeJson, AuthenticatedSafeParameters, AuthorityKeyIdentifierJson, AuthorityKeyIdentifierParameters, BagType, BagTypeConstructor, BagTypeJson, BasicConstraintsJson, BasicConstraintsParameters, BasicOCSPResponseJson, BasicOCSPResponseParameters, BasicOCSPResponseVerifyParams, CAVersionJson, CAVersionParameters, CRLBagJson, CRLBagParameters, CRLDistributionPointsJson, CRLDistributionPointsParameters, CertBagJson, CertBagParameters, CertIDCreateParams, CertIDJson, CertIDParameters, CertIDSchema, CertificateChainValidationEngineParameters, CertificateChainValidationEngineVerifyParams, CertificateChainValidationEngineVerifyResult, CertificateJson, CertificateParameters, CertificatePoliciesJson, CertificatePoliciesParameters, CertificateRevocationListJson, CertificateRevocationListParameters, CertificateRevocationListVerifyParams, CertificateSchema, CertificateSetItem, CertificateSetItemJson, CertificateSetJson, CertificateSetParameters, CertificateStatus, CertificateTemplateJson, CertificateTemplateParameters, CertificationRequestInfoParameters, CertificationRequestJson, CertificationRequestParameters, ContentEncryptionAesCbcParams, ContentEncryptionAesGcmParams, ContentEncryptionAlgorithm, ContentInfoJson, ContentInfoParameters, ContentInfoSchema, CryptoEngineAlgorithmOperation, CryptoEngineAlgorithmParams, CryptoEngineConstructor, CryptoEngineDecryptParams, CryptoEngineEncryptParams, CryptoEngineParameters, CryptoEnginePublicKeyParams, CryptoEngineSignWithPrivateKeyParams, CryptoEngineSignatureParams, CryptoEngineStampDataWithPasswordParams, CryptoEngineVerifyDataStampedWithPasswordParams, DigestInfoJson, DigestInfoParameters, DigestInfoSchema, DistributionPointJson, DistributionPointName, DistributionPointNameJson, DistributionPointParameters, ECCCMSSharedInfoJson, ECCCMSSharedInfoParameters, ECNamedCurve, ECPrivateKeyJson, ECPrivateKeyParameters, ECPublicKeyJson, ECPublicKeyParameters, EncapsulatedContentInfoJson, EncapsulatedContentInfoParameters, EncapsulatedContentInfoSchema, EncryptedContentInfoJson, EncryptedContentInfoSchema, EncryptedContentInfoSplit, EncryptedContentParameters, EncryptedDataEncryptParams, EncryptedDataJson, EncryptedDataParameters, EnvelopedDataDecryptBaseParams, EnvelopedDataDecryptBufferParams, EnvelopedDataDecryptKeyParams, EnvelopedDataDecryptParams, EnvelopedDataEncryptionParams, EnvelopedDataJson, EnvelopedDataParameters, ExtKeyUsageJson, ExtKeyUsageParameters, ExtensionConstructorParameters, ExtensionJson, ExtensionParameters, ExtensionParsedValue, ExtensionSchema, ExtensionValueConstructor, ExtensionValueType, ExtensionsJson, ExtensionsParameters, ExtensionsSchema, FindIssuerCallback, FindOriginCallback, GeneralNameJson, GeneralNameParameters, GeneralNameSchema, GeneralNamesJson, GeneralNamesParameters, GeneralNamesSchema, GeneralSubtreeJson, GeneralSubtreeParameters, GlobalCryptoEngine, HolderJson, HolderParameters, HolderSchema, IAccessDescription, IAccuracy, IAlgorithmIdentifier, IAltName, IAttCertValidityPeriod, IAttribute, IAttributeCertificateInfoV1, IAttributeCertificateInfoV2, IAttributeCertificateV1, IAttributeCertificateV2, IAttributeTypeAndValue, IAuthenticatedSafe, IAuthorityKeyIdentifier, IBasicConstraints, IBasicOCSPResponse, ICAVersion, ICRLBag, ICRLDistributionPoints, ICertBag, ICertID, ICertificate, ICertificatePolicies, ICertificateRevocationList, ICertificateSet, ICertificateTemplate, ICertificationRequest, IContentInfo, ICryptoEngine, IDigestInfo, IDistributionPoint, IECCCMSSharedInfo, IECPrivateKey, IECPublicKey, IEncapsulatedContentInfo, IEncryptedContentInfo, IEncryptedData, IEnvelopedData, IExtKeyUsage, IExtension, IExtensions, IGeneralName, IGeneralNames, IGeneralSubtree, IHolder, IInfoAccess, IIssuerAndSerialNumber, IIssuerSerial, IIssuingDistributionPoint, IKEKIdentifier, IKEKRecipientInfo, IKeyAgreeRecipientIdentifier, IKeyAgreeRecipientInfo, IKeyTransRecipientInfo, IMacData, IMessageImprint, INameConstraints, IOCSPRequest, IOCSPResponse, IObjectDigestInfo, IOriginatorIdentifierOrKey, IOriginatorInfo, IOriginatorPublicKey, IOtherCertificateFormat, IOtherKeyAttribute, IOtherPrimeInfo, IOtherRecipientInfo, IOtherRevocationInfoFormat, IPBES2Params, IPBKDF2Params, IPFX, IPKCS8ShroudedKeyBag, IPKIStatusInfo, IPasswordRecipientInfo, IPolicyConstraints, IPolicyInformation, IPolicyMapping, IPolicyMappings, IPolicyQualifierInfo, IPrivateKeyInfo, IPrivateKeyUsagePeriod, IPublicKeyInfo, IQCStatement, IQCStatements, IRSAESOAEPParams, IRSAPrivateKey, IRSAPublicKey, IRSASSAPSSParams, IRecipientEncryptedKey, IRecipientEncryptedKeys, IRecipientIdentifier, IRecipientInfo, IRecipientKeyIdentifier, IRelativeDistinguishedNames, IRequest, IResponseBytes, IResponseData, IRevocationInfoChoices, IRevokedCertificate, ISafeBag, ISafeContents, ISecretBag, ISignature, ISignedAndUnsignedAttributes, ISignedCertificateTimestamp, ISignedCertificateTimestampList, ISignedData, ISignerInfo, ISingleResponse, ISubjectDirectoryAttributes, ITBSRequest, ITSTInfo, ITime, ITimeStampReq, ITimeStampResp, IV2Form, InfoAccessJson, InfoAccessParameters, IssuerAndSerialNumberJson, IssuerAndSerialNumberParameters, IssuerAndSerialNumberSchema, IssuerSerialJson, IssuerSerialParameters, IssuingDistributionPointJson, IssuingDistributionPointParameters, KEKIdentifierJson, KEKIdentifierParameters, KEKIdentifierSchema, KEKRecipientInfoJson, KEKRecipientInfoParameters, KeyAgreeRecipientIdentifierJson, KeyAgreeRecipientIdentifierParameters, KeyAgreeRecipientIdentifierSchema, KeyAgreeRecipientInfoJson, KeyAgreeRecipientInfoParameters, KeyTransRecipientInfoJson, KeyTransRecipientInfoParameters, Log, MacDataJson, MacDataParameters, MacDataSchema, MakeInternalValuesParams, MessageImprintJson, MessageImprintParameters, MessageImprintSchema, NameConstraintsJson, NameConstraintsParameters, OCSPRequestJson, OCSPRequestParameters, OCSPResponseJson, OCSPResponseParameters, ObjectDigestInfoJson, ObjectDigestInfoParameters, OriginatorIdentifierOrKeyJson, OriginatorIdentifierOrKeyParameters, OriginatorIdentifierOrKeySchema, OriginatorInfoJson, OriginatorInfoParameters, OriginatorPublicKeyJson, OriginatorPublicKeyParameters, OtherCertificateFormatJson, OtherCertificateFormatParameters, OtherKeyAttributeJson, OtherKeyAttributeParameters, OtherKeyAttributeSchema, OtherPrimeInfoJson, OtherPrimeInfoParameters, OtherPrimeInfoSchema, OtherRecipientInfoJson, OtherRecipientInfoParameters, OtherRevocationInfoFormatJson, OtherRevocationInfoFormatParameters, PBES2ParamsJson, PBES2ParamsParameters, PBKDF2ParamsJson, PBKDF2ParamsParameters, PFXJson, PFXParameters, PFXParsedValue, PKCS8ShroudedKeyBagJson, PKCS8ShroudedKeyBagParameters, PKIStatusInfoJson, PKIStatusInfoParameters, PKIStatusInfoSchema, PasswordRecipientInfoJson, PasswordRecipientinfoParameters, PkiObjectParameters, PolicyConstraintsJson, PolicyConstraintsParameters, PolicyInformationJson, PolicyInformationParameters, PolicyMappingJson, PolicyMappingParameters, PolicyMappingsJson, PolicyMappingsParameters, PolicyQualifierInfoJson, PolicyQualifierInfoParameters, PrivateKeyInfoJson, PrivateKeyInfoParameters, PrivateKeyUsagePeriodJson, PrivateKeyUsagePeriodParameters, PublicKeyInfoJson, PublicKeyInfoParameters, PublicKeyInfoSchema, QCStatementJson, QCStatementParameters, QCStatementSchema, QCStatementsJson, QCStatementsParameters, RSAESOAEPParamsJson, RSAESOAEPParamsParameters, RSAPrivateKeyJson, RSAPrivateKeyParameters, RSAPublicKeyJson, RSAPublicKeyParameters, RSASSAPSSParamsJson, RSASSAPSSParamsParameters, RecipientEncryptedKeyJson, RecipientEncryptedKeyParameters, RecipientEncryptedKeysJson, RecipientEncryptedKeysParameters, RecipientEncryptedKeysSchema, RecipientIdentifierJson, RecipientIdentifierMixedJson, RecipientIdentifierParameters, RecipientIdentifierSchema, RecipientIdentifierType, RecipientInfoJson, RecipientInfoParameters, RecipientInfoValue, RecipientInfoValueJson, RecipientKeyIdentifierJson, RecipientKeyIdentifierParameters, RecipientKeyIdentifierSchema, RelativeDistinguishedNamesJson, RelativeDistinguishedNamesParameters, RelativeDistinguishedNamesSchema, RequestJson, RequestParameters, RequestSchema, ResponseBytesJson, ResponseBytesParameters, ResponseBytesSchema, ResponseDataJson, ResponseDataParameters, ResponseDataSchema, RevocationInfoChoicesJson, RevocationInfoChoicesParameters, RevocationInfoChoicesSchema, RevokedCertificateJson, RevokedCertificateParameters, SafeBagJson, SafeBagParameters, SafeContent, SafeContentsJson, SafeContentsParameters, SchemaCompatible, SchemaConstructor, SchemaNames, SchemaParameters, SchemaType, SecretBagJson, SecretBagParameters, SignatureJson, SignatureParameters, SignatureSchema, SignedAndUnsignedAttributesJson, SignedAndUnsignedAttributesParameters, SignedAndUnsignedAttributesSchema, SignedCertificateTimestampJson, SignedCertificateTimestampListJson, SignedCertificateTimestampListParameters, SignedCertificateTimestampParameters, SignedDataCRL, SignedDataCRLJson, SignedDataJson, SignedDataParameters, SignedDataVerifyErrorParams, SignedDataVerifyParams, SignedDataVerifyResult, SignerInfoJson, SignerInfoParameters, SingleResponseJson, SingleResponseParameters, SingleResponseSchema, SubjectDirectoryAttributesJson, SubjectDirectoryAttributesParameters, TBSCertListSchema, TBSCertificateSchema, TBSRequestJson, TBSRequestParameters, TBSRequestSchema, TSTInfoJson, TSTInfoParameters, TSTInfoVerifyParams, TimeJson, TimeParameters, TimeSchema, TimeStampReqJson, TimeStampReqParameters, TimeStampRespJson, TimeStampRespParameters, TimeStampRespVerifyParams, V2FormJson, V2FormParameters };