import { RandomSource } from '@stablelib/random';
import * as jose from 'jose';
import { JWEKeyManagementHeaderParameters, JWTDecryptOptions } from 'jose';
import type { KeyLike } from 'jose/dist/types/types';
import { JweAlg, JweEnc, JweHeader, JweJsonGeneral, JweProtectedHeader, JweRecipient, JweRecipientUnprotectedHeader, JwsPayload } from '../types/IJwtService';
export interface EncryptionResult {
    ciphertext: Uint8Array;
    tag: Uint8Array;
    iv: Uint8Array;
    protectedHeader?: string;
    recipients?: JweRecipient[];
    cek?: Uint8Array;
}
export declare const generateContentEncryptionKey: ({ alg, randomSource, }: {
    alg: JweEnc;
    randomSource?: RandomSource;
}) => Promise<Uint8Array>;
export interface JwtEncrypter {
    alg: string;
    enc: string;
    encrypt: (payload: JwsPayload, protectedHeader: JweProtectedHeader, aad?: Uint8Array) => Promise<EncryptionResult>;
    encryptCek?: (cek: Uint8Array) => Promise<JweRecipient>;
}
export interface JweEncrypter {
    alg: string;
    enc: string;
    encrypt: (payload: Uint8Array, protectedHeader: JweProtectedHeader, aad?: Uint8Array) => Promise<EncryptionResult>;
    encryptCek?: (cek: Uint8Array) => Promise<JweRecipient>;
}
export interface JweDecrypter {
    alg: string;
    enc: string;
    decrypt: (sealed: Uint8Array, iv: Uint8Array, aad?: Uint8Array, recipient?: JweRecipient) => Promise<Uint8Array | null>;
}
export declare class CompactJwtEncrypter implements JweEncrypter {
    private _alg;
    private _enc;
    private _keyManagementParams;
    private recipientKey;
    private expirationTime;
    private issuer;
    private audience;
    constructor(args: {
        key: Uint8Array | jose.KeyLike;
        alg?: JweAlg;
        enc?: JweEnc;
        keyManagementParams?: JWEKeyManagementHeaderParameters;
        expirationTime?: number | string | Date;
        issuer?: string;
        audience?: string | string[];
    });
    get enc(): string;
    set enc(value: JweEnc | string);
    get alg(): string;
    set alg(value: JweAlg | string);
    encryptCompactJWT(payload: JwsPayload, jweProtectedHeader: JweProtectedHeader, aad?: Uint8Array | undefined): Promise<string>;
    static decryptCompactJWT(jwt: string, key: KeyLike | Uint8Array, options?: JWTDecryptOptions): Promise<jose.JWTDecryptResult<jose.JWTPayload>>;
    encrypt(payload: Uint8Array, jweProtectedHeader: JweProtectedHeader, aad?: Uint8Array | undefined): Promise<EncryptionResult>;
}
export declare function createJwe(cleartext: Uint8Array, encrypters: JweEncrypter[], protectedHeader: JweProtectedHeader, aad?: Uint8Array): Promise<JweJsonGeneral>;
/**
 * Merges all headers, so we get a unified header.
 *
 * @param protectedHeader
 * @param unprotectedHeader
 * @param recipientUnprotectedHeader
 */
export declare function jweMergeHeaders({ protectedHeader, unprotectedHeader, recipientUnprotectedHeader, }: {
    protectedHeader?: JweProtectedHeader;
    unprotectedHeader?: JweHeader;
    recipientUnprotectedHeader?: JweRecipientUnprotectedHeader;
}): JweHeader;
export declare function decryptJwe(jwe: JweJsonGeneral, decrypter: JweDecrypter): Promise<Uint8Array>;
export declare function toWebCryptoCiphertext(ciphertext: string, tag: string): Uint8Array;
//# sourceMappingURL=JWE.d.ts.map