import { Temporal } from "@js-temporal/polyfill";
import { URLPattern } from "urlpattern-polyfill";
import { DocumentLoader } from "./docloader-Q42SMRIB.js";
import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-CzEfWQk2.js";
import { KeyCache } from "./http-DMTrO3Ye.js";
import { TracerProvider } from "@opentelemetry/api";

//#region sig/ld.d.ts
/**
 * A signature of a JSON-LD document.
 * @since 1.0.0
 */
interface Signature {
  "@context"?: "https://w3id.org/identity/v1";
  type: "RsaSignature2017";
  id?: string;
  creator: string;
  created: string;
  signatureValue: string;
}
/**
 * Attaches a LD signature to the given JSON-LD document.
 * @param jsonLd The JSON-LD document to attach the signature to.  It is not
 *               modified.
 * @param signature The signature to attach.
 * @returns The JSON-LD document with the attached signature.
 * @throws {TypeError} If the input document is not a valid JSON-LD document.
 * @since 1.0.0
 */
declare function attachSignature(jsonLd: unknown, signature: Signature): {
  signature: Signature;
};
/**
 * Options for creating Linked Data Signatures.
 * @since 1.0.0
 */
interface CreateSignatureOptions {
  /**
   * The context loader for loading remote JSON-LD contexts.
   */
  contextLoader?: DocumentLoader;
  /**
   * The time when the signature was created.  If not specified, the current
   * time will be used.
   */
  created?: Temporal.Instant;
}
/**
 * Creates a LD signature for the given JSON-LD document.
 * @param jsonLd The JSON-LD document to sign.
 * @param privateKey The private key to sign the document.
 * @param keyId The ID of the public key that corresponds to the private key.
 * @param options Additional options for creating the signature.
 *                See also {@link CreateSignatureOptions}.
 * @return The created signature.
 * @throws {TypeError} If the private key is invalid or unsupported.
 * @since 1.0.0
 */
declare function createSignature(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, {
  contextLoader,
  created
}?: CreateSignatureOptions): Promise<Signature>;
/**
 * Options for signing JSON-LD documents.
 * @since 1.0.0
 */
interface SignJsonLdOptions extends CreateSignatureOptions {
  /**
   * The OpenTelemetry tracer provider for tracing the signing process.
   * If omitted, the global tracer provider is used.
   * @since 1.3.0
   */
  tracerProvider?: TracerProvider;
}
/**
 * Signs the given JSON-LD document with the private key and returns the signed
 * JSON-LD document.
 * @param jsonLd The JSON-LD document to sign.
 * @param privateKey The private key to sign the document.
 * @param keyId The key ID to use in the signature.  It will be used by the
 *              verifier to fetch the corresponding public key.
 * @param options Additional options for signing the document.
 *                See also {@link SignJsonLdOptions}.
 * @returns The signed JSON-LD document.
 * @throws {TypeError} If the private key is invalid or unsupported.
 * @since 1.0.0
 */
declare function signJsonLd(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, options: SignJsonLdOptions): Promise<{
  signature: Signature;
}>;
/**
 * Detaches Linked Data Signatures from the given JSON-LD document.
 * @param jsonLd The JSON-LD document to modify.
 * @returns The modified JSON-LD document.  If the input document does not
 *          contain a signature, the original document is returned.
 * @since 1.0.0
 */
declare function detachSignature(jsonLd: unknown): unknown;
/**
 * Options for verifying Linked Data Signatures.
 * @since 1.0.0
 */
interface VerifySignatureOptions {
  /**
   * The document loader to use for fetching the public key.
   */
  documentLoader?: DocumentLoader;
  /**
   * The context loader to use for JSON-LD context retrieval.
   */
  contextLoader?: DocumentLoader;
  /**
   * The key cache to use for caching public keys.
   */
  keyCache?: KeyCache;
  /**
   * The OpenTelemetry tracer provider for tracing the verification process.
   * If omitted, the global tracer provider is used.
   * @since 1.3.0
   */
  tracerProvider?: TracerProvider;
}
/**
 * Verifies Linked Data Signatures of the given JSON-LD document.
 * @param jsonLd The JSON-LD document to verify.
 * @param options Options for verifying the signature.
 * @returns The public key that signed the document or `null` if the signature
 *          is invalid or the key is not found.
 * @since 1.0.0
 */
declare function verifySignature(jsonLd: unknown, options?: VerifySignatureOptions): Promise<CryptographicKey | null>;
/**
 * Options for verifying JSON-LD documents.
 */
interface VerifyJsonLdOptions extends VerifySignatureOptions {}
/**
 * Verify the authenticity of the given JSON-LD document using Linked Data
 * Signatures.  If the document is signed, this function verifies the signature
 * and checks if the document is attributed to the owner of the public key.
 * If the document is not signed, this function returns `false`.
 * @param jsonLd The JSON-LD document to verify.
 * @param options Options for verifying the document.
 * @returns `true` if the document is authentic; `false` otherwise.
 */
declare function verifyJsonLd(jsonLd: unknown, options?: VerifyJsonLdOptions): Promise<boolean>;
//#endregion
//#region sig/proof.d.ts
/**
 * Options for {@link createProof}.
 * @since 0.10.0
 */
interface CreateProofOptions {
  /**
   * The context loader for loading remote JSON-LD contexts.
   */
  contextLoader?: DocumentLoader;
  /**
   * The JSON-LD context to use for serializing the object to sign.
   */
  context?: string | Record<string, string> | (string | Record<string, string>)[];
  /**
   * The time when the proof was created.  If not specified, the current time
   * will be used.
   */
  created?: Temporal.Instant;
}
/**
 * Creates a proof for the given object.
 * @param object The object to create a proof for.
 * @param privateKey The private key to sign the proof with.
 * @param keyId The key ID to use in the proof. It will be used by the verifier.
 * @param options Additional options.  See also {@link CreateProofOptions}.
 * @returns The created proof.
 * @throws {TypeError} If the private key is invalid or unsupported.
 * @since 0.10.0
 */
declare function createProof(object: Object$1, privateKey: CryptoKey, keyId: URL, {
  contextLoader,
  context,
  created
}?: CreateProofOptions): Promise<DataIntegrityProof>;
/**
 * Options for {@link signObject}.
 * @since 0.10.0
 */
interface SignObjectOptions extends CreateProofOptions {
  /**
   * The document loader for loading remote JSON-LD documents.
   */
  documentLoader?: DocumentLoader;
  /**
   * The OpenTelemetry tracer provider.  If omitted, the global tracer provider
   * is used.
   * @since 1.3.0
   */
  tracerProvider?: TracerProvider;
}
/**
 * Signs the given object with the private key and returns the signed object.
 * @param object The object to create a proof for.
 * @param privateKey The private key to sign the proof with.
 * @param keyId The key ID to use in the proof. It will be used by the verifier.
 * @param options Additional options.  See also {@link SignObjectOptions}.
 * @returns The signed object.
 * @throws {TypeError} If the private key is invalid or unsupported.
 * @since 0.10.0
 */
declare function signObject<T extends Object$1>(object: T, privateKey: CryptoKey, keyId: URL, options?: SignObjectOptions): Promise<T>;
/**
 * Options for {@link verifyProof}.
 * @since 0.10.0
 */
interface VerifyProofOptions {
  /**
   * The context loader for loading remote JSON-LD contexts.
   */
  contextLoader?: DocumentLoader;
  /**
   * The document loader for loading remote JSON-LD documents.
   */
  documentLoader?: DocumentLoader;
  /**
   * The key cache to use for caching public keys.
   * @since 0.12.0
   */
  keyCache?: KeyCache;
  /**
   * The OpenTelemetry tracer provider.  If omitted, the global tracer provider
   * is used.
   * @since 1.3.0
   */
  tracerProvider?: TracerProvider;
}
/**
 * Verifies the given proof for the object.
 * @param jsonLd The JSON-LD object to verify the proof for.  If it contains
 *               any proofs, they will be ignored.
 * @param proof The proof to verify.
 * @param options Additional options.  See also {@link VerifyProofOptions}.
 * @returns The public key that was used to sign the proof, or `null` if the
 *          proof is invalid.
 * @since 0.10.0
 */
declare function verifyProof(jsonLd: unknown, proof: DataIntegrityProof, options?: VerifyProofOptions): Promise<Multikey | null>;
/**
 * Options for {@link verifyObject}.
 * @since 0.10.0
 */
interface VerifyObjectOptions extends VerifyProofOptions {}
/**
 * Verifies the given object.  It will verify all the proofs in the object,
 * and succeed only if all the proofs are valid and all attributions and
 * actors are authenticated by the proofs.
 * @typeParam T The type of the object to verify.
 * @param cls The class of the object to verify.  It must be a subclass of
 *            the {@link Object}.
 * @param jsonLd The JSON-LD object to verify.  It's assumed that the object
 *               is a compacted JSON-LD representation of a `T` with `@context`.
 * @param options Additional options.  See also {@link VerifyObjectOptions}.
 * @returns The object if it's verified, or `null` if it's not.
 * @throws {TypeError} If the object is invalid or unsupported.
 * @since 0.10.0
 */
declare function verifyObject<T extends Object$1>(cls: (new (...args: any[]) => T) & {
  fromJsonLd(jsonLd: unknown, options: VerifyObjectOptions): Promise<T>;
}, jsonLd: unknown, options?: VerifyObjectOptions): Promise<T | null>;
//#endregion
export { CreateProofOptions, type CreateSignatureOptions, type SignJsonLdOptions, SignObjectOptions, type VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, type VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature };