import mdocPkg from '@sphereon/kmp-mdoc-core'; import { CredentialPayload, VerifiableCredential, IssuerType } from '@veramo/core'; import { SDJWTConfig, Verifier } from '@sd-jwt/types'; import { EventEmitter } from 'events'; /** * Accept a Type or a Promise of that Type. * * @internal */ type OrPromise = T | Promise; type Optional = Pick, K> & Omit; type RequireOneOf = Pick> & { [K in Keys]-?: Required> & Partial>>; }[Keys]; type BearerTokenArg = (() => Promise) | string; /** * Generic structure used for validations. For instance for X509 and JWs signature checks. Allows us to create multilevel structures for complex validations */ type IValidationResult = { /** * The name of the validation or its subsystem. Mainly used for information purposes. Not assumed to be unique */ name: string; /** * Whether the validation was successful or not */ error: boolean; /** * Whether an error can be ignored or not (up to processing logic) */ critical: boolean; /** * Any status/info message about the validation */ message: string; /** * The date and time of the validation */ verificationTime: Date; }; type IValidationResults = { /** * Global derived error state for easy access */ error: boolean; verifications: Array; }; interface IParsedDID { did: string; didUrl: string; method: string; id: string; path?: string; fragment?: string; query?: string; params?: { [index: string]: string; }; } /** * Defines an object type that can be extended with other properties. */ type Extensible = Record; /** * Defines the result of a DID resolution operation. * * @see {@link Resolvable.resolve} * @see {@link https://www.w3.org/TR/did-core/#did-resolution} */ interface DIDResolutionResult { '@context'?: 'https://w3id.org/did-resolution/v1' | string | string[]; didResolutionMetadata: DIDResolutionMetadata; didDocument: DIDDocument | null; didDocumentMetadata: DIDDocumentMetadata; } /** * Describes the options forwarded to the resolver when executing a {@link Resolvable.resolve} operation. * * @see {@link https://www.w3.org/TR/did-core/#did-resolution-options} */ interface DIDResolutionOptions extends Extensible { accept?: string; } /** * Encapsulates the resolution metadata resulting from a {@link Resolvable.resolve} operation. * * @see {@link https://www.w3.org/TR/did-core/#did-resolution-metadata} */ interface DIDResolutionMetadata extends Extensible { contentType?: string; error?: 'invalidDid' | 'notFound' | 'representationNotSupported' | 'unsupportedDidMethod' | string; } /** * Represents metadata about the DID document resulting from a {@link Resolvable.resolve} operation. * * @see {@link https://www.w3.org/TR/did-core/#did-document-metadata} */ interface DIDDocumentMetadata extends Extensible { created?: string; updated?: string; deactivated?: boolean; versionId?: string; nextUpdate?: string; nextVersionId?: string; equivalentId?: string; canonicalId?: string; } /** * Represents the Verification Relationship between a DID subject and a Verification Method. * * @see {@link https://www.w3.org/TR/did-core/#verification-relationships} */ type KeyCapabilitySection = 'authentication' | 'assertionMethod' | 'keyAgreement' | 'capabilityInvocation' | 'capabilityDelegation'; /** * Represents a DID document. * * @see {@link https://www.w3.org/TR/did-core/#did-document-properties} */ type DIDDocument = { '@context'?: 'https://www.w3.org/ns/did/v1' | string | string[]; id: string; alsoKnownAs?: string[]; controller?: string | string[]; verificationMethod?: VerificationMethod[]; service?: Service[]; /** * @deprecated */ publicKey?: VerificationMethod[]; } & { [x in KeyCapabilitySection]?: (string | VerificationMethod)[]; }; /** * Represents a Service entry in a {@link https://www.w3.org/TR/did-core/#did-document-properties | DID document}. * * @see {@link https://www.w3.org/TR/did-core/#services} * @see {@link https://www.w3.org/TR/did-core/#service-properties} */ interface Service { id: string; type: string; serviceEndpoint: ServiceEndpoint | ServiceEndpoint[]; [x: string]: any; } /** * Represents an endpoint of a Service entry in a DID document. * * @see {@link https://www.w3.org/TR/did-core/#dfn-serviceendpoint} * @see {@link https://www.w3.org/TR/did-core/#services} */ type ServiceEndpoint = string | Record; /** * Encapsulates a JSON web key type that includes only the public properties that * can be used in DID documents. * * The private properties are intentionally omitted to discourage the use * (and accidental disclosure) of private keys in DID documents. * * @see {@link https://www.rfc-editor.org/rfc/rfc7517 | RFC7517 JsonWebKey (JWK)} */ interface JsonWebKey extends Extensible { alg?: string; crv?: string; e?: string; ext?: boolean; key_ops?: string[]; kid?: string; kty: string; n?: string; use?: string; x?: string; y?: string; } /** * Represents the properties of a Verification Method listed in a DID document. * * This data type includes public key representations that are no longer present in the spec but are still used by * several DID methods / resolvers and kept for backward compatibility. * * @see {@link https://www.w3.org/TR/did-core/#verification-methods} * @see {@link https://www.w3.org/TR/did-core/#verification-method-properties} */ interface VerificationMethod { id: string; type: string; controller: string; publicKeyBase58?: string; publicKeyBase64?: string; publicKeyJwk?: JsonWebKey; publicKeyHex?: string; publicKeyMultibase?: string; blockchainAccountId?: string; ethereumAddress?: string; conditionOr?: VerificationMethod[]; conditionAnd?: VerificationMethod[]; threshold?: number; conditionThreshold?: VerificationMethod[]; conditionWeightedThreshold?: ConditionWeightedThreshold[]; conditionDelegated?: string; relationshipParent?: string[]; relationshipChild?: string[]; relationshipSibling?: string[]; } interface ConditionWeightedThreshold { condition: VerificationMethod; weight: number; } /** * It expresses how the inputs are presented as proofs to a Verifier. */ interface PresentationSubmission { /** * A UUID or some other unique ID to identify this Presentation Submission */ id: string; /** * A UUID or some other unique ID to identify this Presentation Definition */ definition_id: string; /** * List of descriptors of how the claims are being mapped to presentation definition */ descriptor_map: Array; } /** * descriptor map laying out the structure of the presentation submission. */ interface Descriptor { /** * ID to identify the descriptor from Presentation Definition Input Descriptor it coresponds to. */ id: string; /** * The path where the verifiable credential is located in the presentation submission json */ path: string; path_nested?: Descriptor; /** * The Proof or JWT algorith that the proof is in */ format: string; } type CredentialEncoding = 'json' | 'jwt' | 'cbor'; type IssuerAttributeName = 'iss' | 'issuer' | 'issuerAuth'; type SubjectAttributeName = 'subject' | 'id' | 'deviceMac' | 'TODO'; type TypeAttributeName = 'type' | 'vct'; type DataModel = 'W3C_VCDM' | 'IETF_SD_JWT' | 'ISO_MSO_MDOC'; interface CredentialConstraint { credentialFormat: CredentialFormat; presentationFormat: PresentationFormat; maxSignatures: number; encoding: CredentialEncoding; dataModel: DataModel; typeAttribute?: TypeAttributeName; issuerAttributes: [IssuerAttributeName]; } declare enum StatusListCredentialIdMode { ISSUANCE = "ISSUANCE", NEVER = "NEVER" } declare enum StatusListDriverType { AGENT_TYPEORM = "agent_typeorm" } declare class ObjectUtils { static asArray(value: T): T[]; static isObject(value: unknown): value is object; static isUrlAbsolute(url: string): void; static isString(value: unknown): value is string; static isBase64(value: unknown): boolean; } declare const shaHasher: HasherSync; declare const defaultHasher: HasherSync; declare function isWrappedW3CVerifiableCredential(vc: WrappedVerifiableCredential): vc is WrappedW3CVerifiableCredential; declare function isWrappedW3CVerifiablePresentation(vp: WrappedVerifiablePresentation): vp is WrappedW3CVerifiablePresentation; declare enum StatusListType { StatusList2021 = "StatusList2021", OAuthStatusList = "OAuthStatusList", BitstringStatusList = "BitstringStatusList" } declare function isVcdm1Credential(credential: CredentialPayload | IVerifiableCredential | ICredential | VerifiableCredential | unknown): boolean; declare function isVcdm2Credential(credential: CredentialPayload | IVerifiableCredential | ICredential | VerifiableCredential | unknown): boolean; declare function addVcdmContextIfNeeded(context?: string[], defaultValue?: string): string[]; declare const VCDM_CREDENTIAL_CONTEXT_V1 = "https://www.w3.org/2018/credentials/v1"; declare const VCDM_CREDENTIAL_CONTEXT_V2 = "https://www.w3.org/ns/credentials/v2"; declare const VCDM_CREDENTIAL_CONTEXT_VERSIONS: string[]; declare enum IProofPurpose { verificationMethod = "verificationMethod", assertionMethod = "assertionMethod", authentication = "authentication", keyAgreement = "keyAgreement", contractAgreement = "contactAgreement", capabilityInvocation = "capabilityInvocation", capabilityDelegation = "capabilityDelegation" } declare enum IProofType { Ed25519Signature2018 = "Ed25519Signature2018", Ed25519Signature2020 = "Ed25519Signature2020", EcdsaSecp256k1Signature2019 = "EcdsaSecp256k1Signature2019", EcdsaSecp256k1RecoverySignature2020 = "EcdsaSecp256k1RecoverySignature2020", JsonWebSignature2020 = "JsonWebSignature2020", RsaSignature2018 = "RsaSignature2018", GpgSignature2020 = "GpgSignature2020", JcsEd25519Signature2020 = "JcsEd25519Signature2020", BbsBlsSignatureProof2020 = "BbsBlsSignatureProof2020", BbsBlsBoundSignatureProof2020 = "BbsBlsBoundSignatureProof2020", JwtProof2020 = "JwtProof2020", SdJwtProof2024 = "SdJwtProof2024", MdocProof2024 = "MsoMdocProof2024" } declare const parseDid: (did: string) => IParsedDID; declare function isWrappedMdocCredential(vc: WrappedVerifiableCredential): vc is WrappedMdocCredential; declare function isWrappedMdocPresentation(vp: WrappedVerifiablePresentation): vp is WrappedMdocPresentation; declare function getMdocDecodedPayload(mdoc: MdocDocument): MdocDecodedPayload; /** * Decode an Mdoc from its issuerSigned OID4VP Base64URL (string) to an object containing the disclosures, * signed payload, decoded payload * */ declare function decodeMdocIssuerSigned(oid4vpIssuerSigned: MdocOid4vpIssuerSigned): MdocDocument; declare function encodeMdocIssuerSigned(issuerSigned: MdocIssuerSigned, encoding?: 'base64url'): string; /** * Decode an Mdoc from its vp_token OID4VP Base64URL (string) to an object containing the disclosures, * signed payload, decoded payload * */ declare function decodeMdocDeviceResponse(vpToken: MdocOid4vpMdocVpToken): MdocDeviceResponse; declare const mdocDecodedCredentialToUniformCredential: (decoded: MdocDocument, opts?: { maxTimeSkewInMS?: number; }) => IVerifiableCredential; /** * Decode an SD-JWT vc from its compact format (string) to an object containing the disclosures, * signed payload, decoded payload and the compact SD-JWT vc. * * Both the input and output interfaces of this method are defined in `@sphereon/ssi-types`, so * this method hides the actual implementation of SD-JWT (which is currently based on @sd-jwt/core) */ declare function decodeSdJwtVc(compactSdJwtVc: CompactSdJwtVc, hasher: HasherSync): SdJwtDecodedVerifiableCredential; /** * Decode an SD-JWT vc from its compact format (string) to an object containing the disclosures, * signed payload, decoded payload and the compact SD-JWT vc. * * Both the input and output interfaces of this method are defined in `@sphereon/ssi-types`, so * this method hides the actual implementation of SD-JWT (which is currently based on @sd-jwt/core) */ declare function decodeSdJwtVcAsync(compactSdJwtVc: CompactSdJwtVc, hasher: Hasher): Promise; declare const sdJwtDecodedCredentialToUniformCredential: (decoded: SdJwtDecodedVerifiableCredential, opts?: { maxTimeSkewInMS?: number; }) => IVerifiableCredential; declare enum JwkKeyType { EC = "EC", RSA = "RSA", oct = "oct", OKP = "OKP" } declare enum JoseSignatureAlgorithm { RS256 = "RS256", RS384 = "RS384", RS512 = "RS512", ES256 = "ES256", ES256K = "ES256K", ES384 = "ES384", ES512 = "ES512", EdDSA = "EdDSA", HS256 = "HS256", HS384 = "HS384", HS512 = "HS512", PS256 = "PS256", PS384 = "PS384", PS512 = "PS512", none = "none" } declare enum JoseKeyOperation { SIGN = "sign", VERIFY = "verify", ENCRYPT = "encrypt", DECRYPT = "decrypt", WRAP_KEY = "wrapKey", UNWRAP_KEY = "unwrapKey", DERIVE_KEY = "deriveKey", DERIVE_BITS = "deriveBits" } declare enum JoseCurve { P_256 = "P-256", P_384 = "P-384", P_521 = "P-521", X25519 = "X25519", X448 = "X448", EdDSA = "EdDSA", Ed25519 = "Ed25519", Ed448 = "Ed448", secp256k1 = "secp256k1" } declare enum ICoseKeyType { OKP = 1, EC2 = 2, RSA = 3, Symmetric = 4, Reserved = 0 } declare enum ICoseSignatureAlgorithm { ES256 = -7, ES256K = -47, ES384 = -35, ES512 = -36, EdDSA = -8, HS256_64 = 4, HS256 = 5, HS384 = 6, HS512 = 7, PS256 = -37, PS384 = -38, PS512 = -39 } declare enum ICoseKeyOperation { SIGN = 1, VERIFY = 2, ENCRYPT = 3, DECRYPT = 4, WRAP_KEY = 5, UNWRAP_KEY = 6, DERIVE_KEY = 7, DERIVE_BITS = 8, MAC_CREATE = 9, MAC_VERIFY = 10 } declare enum ICoseCurve { P_256 = 1, P_384 = 2, P_521 = 3, X25519 = 4, X448 = 5, Ed25519 = 6, Ed448 = 7, secp256k1 = -1 } type DeviceResponseCbor = mdocPkg.com.sphereon.mdoc.data.device.DeviceResponseCbor; declare const sha256: (data: string | ArrayBuffer | SharedArrayBuffer) => Uint8Array; declare class CredentialMapper { /** * Decodes a compact SD-JWT vc to it's decoded variant. This method can be used when the hasher implementation used is Async, and therefore not suitable for usage * with the other decode methods. */ static decodeSdJwtVcAsync(compactSdJwtVc: string, hasher: Hasher): Promise; /** * Decodes a Verifiable Presentation to a uniform format. * * When decoding SD-JWT credentials, a hasher implementation must be provided. The hasher implementation must be sync. When using * an async hasher implementation, use the decodeSdJwtVcAsync method instead and you can provide the decoded payload to methods * instead of the compact SD-JWT. * * @param presentation * @param hasher Hasher implementation to use for SD-JWT decoding. */ static decodeVerifiablePresentation(presentation: OriginalVerifiablePresentation, hasher?: HasherSync): JwtDecodedVerifiablePresentation | IVerifiablePresentation | SdJwtDecodedVerifiableCredential | MdocOid4vpMdocVpToken | MdocDeviceResponse; /** * Decodes a Verifiable Credential to a uniform format. * * When decoding SD-JWT credentials, a hasher implementation must be provided. The hasher implementation must be sync. When using * an async hasher implementation, use the decodeSdJwtVcAsync method instead and you can provide the decoded payload to methods * instead of the compact SD-JWT. * * @param credential * @param hasher Hasher implementation to use for SD-JWT decoding */ static decodeVerifiableCredential(credential: OriginalVerifiableCredential, hasher?: HasherSync): JwtDecodedVerifiableCredential | IVerifiableCredential | SdJwtDecodedVerifiableCredential; /** * Converts a presentation to a wrapped presentation. * * When decoding SD-JWT credentials, a hasher implementation must be provided. The hasher implementation must be sync. When using * an async hasher implementation, use the decodeSdJwtVcAsync method instead and you can provide the decoded payload to methods * instead of the compact SD-JWT. * * @param originalPresentation * @param opts */ static toWrappedVerifiablePresentation(originalPresentation: OriginalVerifiablePresentation, opts?: { maxTimeSkewInMS?: number; hasher?: HasherSync; }): WrappedVerifiablePresentation; /** * Converts a list of credentials to a list of wrapped credentials. * * When decoding SD-JWT credentials, a hasher implementation must be provided. The hasher implementation must be sync. When using * an async hasher implementation, use the decodeSdJwtVcAsync method instead and you can provide the decoded payload to methods * instead of the compact SD-JWT. * * @param hasher Hasher implementation to use for SD-JWT decoding */ static toWrappedVerifiableCredentials(verifiableCredentials: OriginalVerifiableCredential[], opts?: { maxTimeSkewInMS?: number; hasher?: HasherSync; }): WrappedVerifiableCredential[]; /** * Converts a credential to a wrapped credential. * * When decoding SD-JWT credentials, a hasher implementation must be provided. The hasher implementation must be sync. When using * an async hasher implementation, use the decodeSdJwtVcAsync method instead and you can provide the decoded payload to methods * instead of the compact SD-JWT. * * @param hasher Hasher implementation to use for SD-JWT decoding */ static toWrappedVerifiableCredential(verifiableCredential: OriginalVerifiableCredential, opts?: { maxTimeSkewInMS?: number; hasher?: HasherSync; }): WrappedVerifiableCredential; static isJwtEncoded(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is string; static isSdJwtEncoded(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is string; static isMsoMdocOid4VPEncoded(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is string; static isW3cCredential(credential: ICredential | SdJwtDecodedVerifiableCredential | MdocDocument): credential is ICredential; static isCredential(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is OriginalVerifiableCredential; static isPresentation(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is OriginalVerifiablePresentation; static hasProof(original: OriginalVerifiableCredential | OriginalVerifiablePresentation | string): boolean; static isW3cPresentation(presentation: UniformVerifiablePresentation | IPresentation | SdJwtDecodedVerifiableCredential | DeviceResponseCbor): presentation is IPresentation; static isSdJwtDecodedCredentialPayload(credential: ICredential | SdJwtDecodedVerifiableCredentialPayload): credential is SdJwtDecodedVerifiableCredentialPayload; static areOriginalVerifiableCredentialsEqual(firstOriginal: OriginalVerifiableCredential, secondOriginal: OriginalVerifiableCredential): boolean; static isJsonLdAsString(original: OriginalVerifiableCredential | OriginalVerifiablePresentation): original is string; static isSdJwtDecodedCredential(original: OriginalVerifiableCredential | OriginalVerifiablePresentation | ICredential | IPresentation): original is SdJwtDecodedVerifiableCredential; static isSdJwtVcdm2DecodedCredential(original: OriginalVerifiableCredential | OriginalVerifiablePresentation | ICredential | IPresentation): original is SdJwtDecodedVerifiableCredential; static isMsoMdocDecodedCredential(original: OriginalVerifiableCredential | OriginalVerifiablePresentation | ICredential | IPresentation): original is MdocDocument; static isMsoMdocDecodedPresentation(original: OriginalVerifiablePresentation): original is MdocDeviceResponse; static isJwtDecodedCredential(original: OriginalVerifiableCredential): original is JwtDecodedVerifiableCredential; static isJwtDecodedPresentation(original: OriginalVerifiablePresentation): original is JwtDecodedVerifiablePresentation; static isWrappedSdJwtVerifiableCredential: typeof isWrappedSdJwtVerifiableCredential; static isWrappedSdJwtVerifiablePresentation: typeof isWrappedSdJwtVerifiablePresentation; static isWrappedW3CVerifiableCredential: typeof isWrappedW3CVerifiableCredential; static isWrappedW3CVerifiablePresentation: typeof isWrappedW3CVerifiablePresentation; static isWrappedMdocCredential: typeof isWrappedMdocCredential; static isWrappedMdocPresentation: typeof isWrappedMdocPresentation; static jwtEncodedPresentationToUniformPresentation(jwt: string, makeCredentialsUniform?: boolean, opts?: { maxTimeSkewInMS?: number; }): IPresentation; static jwtDecodedPresentationToUniformPresentation(decoded: JwtDecodedVerifiablePresentation, makeCredentialsUniform?: boolean, opts?: { maxTimeSkewInMS?: number; }): IVerifiablePresentation; static toUniformCredential(verifiableCredential: OriginalVerifiableCredential, opts?: { maxTimeSkewInMS?: number; hasher?: HasherSync; }): IVerifiableCredential; static toUniformPresentation(presentation: OriginalVerifiablePresentation, opts?: { maxTimeSkewInMS?: number; addContextIfMissing?: boolean; hasher?: HasherSync; }): IVerifiablePresentation; static jwtEncodedCredentialToUniformCredential(jwt: string, opts?: { maxTimeSkewInMS?: number; }): IVerifiableCredential; static jwtDecodedCredentialToUniformCredential(decoded: JwtDecodedVerifiableCredential, opts?: { maxTimeSkewInMS?: number; }): IVerifiableCredential; static toExternalVerifiableCredential(verifiableCredential: any): IVerifiableCredential; static storedCredentialToOriginalFormat(credential: OriginalVerifiableCredential): W3CVerifiableCredential; static storedPresentationToOriginalFormat(presentation: OriginalVerifiablePresentation): W3CVerifiablePresentation; static toCompactJWT(jwtDocument: W3CVerifiableCredential | JwtDecodedVerifiableCredential | W3CVerifiablePresentation | JwtDecodedVerifiablePresentation | string): string; static detectDocumentType(document: W3CVerifiableCredential | W3CVerifiablePresentation | JwtDecodedVerifiableCredential | JwtDecodedVerifiablePresentation | SdJwtDecodedVerifiableCredential | MdocDeviceResponse | MdocDocument): DocumentFormat; private static hasJWTProofType; private static getFirstProof; static issuerCorrelationIdFromIssuerType(issuer: IssuerType): string; } declare function isWrappedSdJwtVerifiableCredential(vc: WrappedVerifiableCredential): vc is WrappedSdJwtVerifiableCredential; declare function isWrappedSdJwtVerifiablePresentation(vp: WrappedVerifiablePresentation): vp is WrappedSdJwtVerifiablePresentation; declare enum OriginalType { JSONLD = "json-ld", JWT_ENCODED = "jwt-encoded", JWT_DECODED = "jwt-decoded", SD_JWT_VC_ENCODED = "sd-jwt-vc-encoded", SD_JWT_VC_DECODED = "sd-jwt-vc-decoded", MSO_MDOC_ENCODED = "mso_mdoc-encoded", MSO_MDOC_DECODED = "mso_mdoc-decoded" } declare const JWT_PROOF_TYPE_2020 = "JwtProof2020"; declare enum DocumentFormat { JWT = 0, JSONLD = 1, SD_JWT_VC = 2, EIP712 = 3, MSO_MDOC = 4 } type LanguageValueClaim = { language: string; value: string | string[] | number | number[]; }; declare const isLanguageValueObject: (claim?: unknown) => claim is LanguageValueClaim; declare const isLanguageValueObjects: (claim?: unknown) => claim is LanguageValueClaim[]; declare const toLanguageValueObject: (claim?: unknown) => LanguageValueClaim | undefined; declare const toLanguageValueObjects: (claim?: unknown) => LanguageValueClaim[] | undefined; declare const mapLanguageValue: (claim?: unknown, opts?: { language?: string; fallbackToFirstObject?: boolean; }) => any; declare const mapLanguageValues: (claimsOrCredential: T, opts?: { language?: string; fallbackToFirstObject?: boolean; noDeepClone?: boolean; }) => T; /** * Create some interface below to do a the mapping of the KMP library. * For now we are using the library directly, and thus do not need them, * but it would be nice if we can remove the imports and just have some interfaces here we can then use, like done * for sd-jwts */ type DocumentJson = mdocPkg.com.sphereon.mdoc.data.device.DocumentJson; type IssuerSignedItemJson = mdocPkg.com.sphereon.mdoc.data.device.IssuerSignedItemJson; /** * Represents a selective disclosure JWT vc in compact form. */ type MdocOid4vpIssuerSigned = string; type MdocOid4vpMdocVpToken = string; type MdocIssuerSigned = mdocPkg.com.sphereon.mdoc.data.device.IssuerSignedCbor; type MdocDocument = mdocPkg.com.sphereon.mdoc.data.device.DocumentCbor; type MdocDocumentJson = mdocPkg.com.sphereon.mdoc.data.device.DocumentJson; type IssuerSignedJson = mdocPkg.com.sphereon.mdoc.data.device.IssuerSignedJson; type DeviceSignedJson = mdocPkg.com.sphereon.mdoc.data.device.DeviceSignedJson; type MdocDeviceResponse = mdocPkg.com.sphereon.mdoc.data.device.DeviceResponseCbor; interface WrappedMdocCredential { /** * Original IssuerSigned to Mdoc that we've received. Can be either the encoded or decoded variant. */ original: MdocDocument | MdocOid4vpIssuerSigned; /** * Record where keys are the namespaces and the values are objects again with the namespace values * @todo which types can be there? (it doesn't matter for matching as mdoc only matches on path) */ decoded: MdocDecodedPayload; /** * Type of this credential. */ type: OriginalType.MSO_MDOC_DECODED | OriginalType.MSO_MDOC_ENCODED; /** * The claim format, typically used during exchange transport protocols */ format: 'mso_mdoc'; /** * Internal stable representation of a Credential */ credential: MdocDocument; } interface WrappedMdocPresentation { /** * Original VP that we've received. Can be either the encoded or decoded variant. */ original: MdocDeviceResponse | MdocOid4vpMdocVpToken; /** * Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT. */ decoded: MdocDeviceResponse; /** * Type of this Presentation. */ type: OriginalType.MSO_MDOC_ENCODED | OriginalType.MSO_MDOC_DECODED; /** * The claim format, typically used during exchange transport protocols */ format: 'mso_mdoc'; /** * Internal stable representation of a Presentation */ presentation: MdocDeviceResponse; /** * Wrapped Mdocs belonging to the Presentation. There can be multiple * documents in a single device response */ vcs: WrappedMdocCredential[]; } /** * Record where keys are the namespaces and the values are objects again with the namespace values */ type MdocDecodedPayload = Record>; type AdditionalClaims = Record; type IIssuerId = string; type SingleOrArray = T | T[]; interface IVcdmBaseCredential { '@context': SingleOrArray; type: string[]; credentialSchema?: undefined | SingleOrArray; issuer: IIssuerId | IIssuer; credentialSubject: SingleOrArray; id?: string; credentialStatus?: SingleOrArray; description?: string; name?: string; } interface IVcdm2Credential extends IVcdmBaseCredential { validFrom: string; validUntil?: string; credentialStatus?: SingleOrArray; [x: string]: any; } interface ICredential extends IVcdmBaseCredential { issuanceDate: string; expirationDate?: string; credentialStatus?: ICredentialStatus; [x: string]: any; } interface ICredentialSubject { id?: string; } type ICredentialContextType = (ICredentialContext & AdditionalClaims) | string; interface ICredentialContext { name?: string; did?: string; } type ICredentialSchemaType = ICredentialSchema | string; interface ICredentialSchema { id: string; type?: string; } interface IProof { type: IProofType | string; created: string; proofPurpose: IProofPurpose | string; verificationMethod: string; challenge?: string; domain?: string; proofValue?: string; jws?: string; jwt?: string; mso_mdoc?: string; nonce?: string; requiredRevealStatements?: string[]; [x: string]: any; } interface ICredentialStatus { id: string; type: string; [x: string]: any; } interface IIssuer { id: string; [x: string]: any; } interface IHasProof { proof: IProof | IProof[]; } type IVerifiableCredential = ICredential & IHasProof; /** * Represents a Json Web Token in compact form. */ type CompactJWT = string; /** * Represents a signed Verifiable Credential (includes proof), in either JSON, compact JWT or compact SD-JWT VC format. * See {@link https://www.w3.org/TR/vc-data-model/#credentials | VC data model} * See {@link https://www.w3.org/TR/vc-data-model/#proof-formats | proof formats} */ type W3CVerifiableCredential = IVerifiableCredential | CompactJWT; interface IPresentation { id?: string; '@context': ICredentialContextType | ICredentialContextType[]; type?: string | string[]; verifiableCredential?: W3CVerifiableCredential[]; presentation_submission?: PresentationSubmission; holder?: string; verifier?: string; [x: string]: any; } type IVerifiablePresentation = IPresentation & IHasProof; /** * Represents a signed Verifiable Presentation (includes proof), in either JSON or compact JWT format. * See {@link https://www.w3.org/TR/vc-data-model/#presentations | VC data model} * See {@link https://www.w3.org/TR/vc-data-model/#proof-formats | proof formats} */ type W3CVerifiablePresentation = IVerifiablePresentation | CompactJWT; interface WrappedW3CVerifiableCredential { /** * Original VC that we've received */ original: W3CVerifiableCredential | JwtDecodedVerifiableCredential; /** * In case of JWT credential it will be the decoded version. In other cases it will be the same as original one */ decoded: JwtDecodedVerifiableCredential | IVerifiableCredential; /** * Type of this credential. Supported types are json-ld, jwt (decoded/encoded) */ type: OriginalType.JSONLD | OriginalType.JWT_ENCODED | OriginalType.JWT_DECODED; /** * The claim format, typically used during exchange transport protocols */ format: 'dc+sd-jwt' | 'jwt_vc' | 'ldp_vc' | 'ldp' | 'jwt'; /** * Internal stable representation of a Credential */ credential: IVerifiableCredential; } interface WrappedW3CVerifiablePresentation { /** * Original VP that we've received */ original: W3CVerifiablePresentation | JwtDecodedVerifiablePresentation; /** * In case of JWT VP it will be the decoded version. In other cases it will be the same as original one */ decoded: JwtDecodedVerifiablePresentation | IVerifiablePresentation; /** * Type of this Presentation. Supported types are json-ld and jwt (decoded/encoded) and sd-jwt-vc (decoded/encoded) */ type: OriginalType.JSONLD | OriginalType.JWT_ENCODED | OriginalType.JWT_DECODED; /** * The claim format, typically used during exchange transport protocols */ format: 'vp+sd-jwt' | 'jwt_vp' | 'ldp_vp'; /** * Internal stable representation of a Presentation without proofs, created based on https://www.w3.org/TR/vc-data-model/#jwt-decoding */ presentation: UniformVerifiablePresentation; /** * Wrapped Verifiable Credentials belonging to the Presentation */ vcs: WrappedW3CVerifiableCredential[]; } interface UniformVerifiablePresentation { '@context': ICredentialContextType | ICredentialContextType[]; type: string | string[]; verifiableCredential: WrappedW3CVerifiableCredential[]; presentation_submission?: PresentationSubmission; holder?: string; } interface JwtDecodedVerifiableCredential { vc: IVerifiableCredential; exp: string; iss: string; nbf: string; sub: string; jti: string; [x: string]: any; } interface JwtDecodedVerifiablePresentation { vp: IVerifiablePresentation; exp: string; iss: string; nbf: string; sub: string; jti: string; aud: string; iat: string; [x: string]: any; } interface IVerifyStatusResult { verified: boolean; /** * Optional Error object for the * but currently the machine readable errors are not exported from DID-JWT package to be imported here */ error?: IError | undefined; /** * Other options can be specified for verification. * They will be forwarded to the lower level modules. that performt the checks */ [x: string]: any; } interface IVerifySingleResultItem { credential?: OriginalVerifiableCredential; presentation?: IPresentation; verified: boolean; error?: IError; log: Array; } interface IVerifySingleResultLog { id: string; valid: boolean; } interface IVerifyResult { /** * This value is used to transmit the global result of verification. */ verified: boolean; results?: Array; statusResult?: IVerifyStatusResult; /** * Optional Error object for the * but currently the machine readable errors are not exported from DID-JWT package to be imported here */ error?: IError | undefined; /** * Other options can be specified for verification. * They will be forwarded to the lower level modules. that perform the checks */ [x: string]: any; } /** * An error object, which can contain a code. * @beta */ interface IError { name?: string; errors?: IError[]; /** * The details of the error being thrown or forwarded */ message?: string; /** * The stack of the error */ stack?: string | string[]; details?: IErrorDetails; /** * The code for the error being throw */ errorCode?: string; } interface IErrorDetails { code?: string; url?: string; cause?: IError; } type StatusPurpose2021 = 'revocation' | 'suspension' | string; type StatusListIndexingDirection = 'rightToLeft'; type StatusListFetcher = (uri: string) => Promise; type StatusValidator = (status: number) => Promise; /** * Configuration for SD-JWT-VC */ type SDJWTVCDM2Config = SDJWTConfig & { statusListFetcher?: StatusListFetcher; statusValidator?: StatusValidator; statusVerifier?: Verifier; loadTypeMetadataFormat?: boolean; timeout?: number; }; /** * Conversion functions to Cose available for TS in our @sphereon/ssi-sdk-ext.key-utils package */ interface BaseJWK { kty: JwkKeyType | JwkKeyTypeString; crv?: JoseCurve | JoseCurveString; alg?: JoseSignatureAlgorithm | JoseSignatureAlgorithmString; x?: string; y?: string; e?: string; n?: string; } type JoseSignatureAlgorithmString = 'RS256' | 'RS384' | 'RS512' | 'ES256' | 'ES256K' | 'ES384' | 'ES512' | 'EdDSA' | 'HS256' | 'HS384' | 'HS512' | 'PS256' | 'PS384' | 'PS512' | 'none'; interface JWK extends BaseJWK { d?: string; dp?: string; dq?: string; ext?: boolean; k?: string; key_ops?: (JoseKeyOperation | JoseKeyOperationString)[]; kid?: string; oth?: Array<{ d?: string; r?: string; t?: string; }>; p?: string; q?: string; qi?: string; use?: string; /** JWK "x5c" (X.509 Certificate Chain) Parameter. */ x5c?: string[]; /** JWK "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter. */ x5t?: string; /** "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter. */ 'x5t#S256'?: string; /** JWK "x5u" (X.509 URL) Parameter. */ x5u?: string; iv?: string; [propName: string]: unknown; } type JwkKeyTypeString = 'EC' | 'RSA' | 'oct' | 'OKP'; type JoseKeyOperationString = 'sign' | 'verify' | 'encrypt' | 'decrypt' | 'wrapKey' | 'unwrapKey' | 'deriveKey' | 'deriveBits'; type JoseCurveString = 'P-256' | 'P-384' | 'P-521' | 'X25519' | 'X448' | 'EdDSA' | 'Ed25519' | 'Ed448' | 'secp256k1'; type SdJwtPayload = Record; /** * The payload MAY contain the _sd_alg key described in Section 4.1.1. * The payload MAY contain one or more digests of Disclosures to enable selective disclosure of the respective claims, created and formatted as described in Section 4.2. * The payload MAY contain one or more decoy digests to obscure the actual number of claims in the SD-JWT, created and formatted as described in Section 4.2.5. * The payload MAY contain one or more permanently disclosed claims. * The payload MAY contain the Holder's public key(s) or reference(s) thereto, as explained in Section 4.1.2. * The payload MAY contain further claims such as iss, iat, etc. as defined or required by the application using SD-JWTs. * The payload MUST NOT contain the claims _sd or ... except for the purpose of conveying digests as described in Section 4.2.4.1 and Section 4.2.4.2 respectively below. */ interface SdJwtVcdm2Payload extends IVcdm2Credential, SdJwtPayload { _sd_alg?: string; _sd?: string[]; cnf?: { jwk?: JWK; kid?: string; }; } type JsonValue = string | number | boolean | { [x: string]: JsonValue | undefined; } | Array; type SdJwtJsonValue = string | number | boolean | { [x: string]: SdJwtJsonValue | undefined; _sd?: string[]; } | Array; /** * Decoded 'pretty' SD JWT Verifiable Credential. This representation has all the `_sd` properties * removed, and includes the disclosures directly within the payload. */ interface SdJwtDecodedVerifiableCredentialPayload { vct: string; iss: string; iat: number; nbf?: number; exp?: number; cnf?: { jwk?: any; kid?: string; }; status?: { idx: number; uri: string; }; sub?: string; [key: string]: JsonValue | undefined; } /** * Represents a selective disclosure JWT vc in compact form. */ type CompactSdJwtVc = string; /** * The signed payload of an SD-JWT. Includes fields such as `_sd`, `...` and `_sd_alg` */ interface SdJwtSignedVerifiableCredentialPayload extends SdJwtDecodedVerifiableCredentialPayload { _sd?: string[]; _sd_alg?: string; [x: string]: SdJwtJsonValue | undefined; } type SdJwtFrameValue = boolean | Array | { [x: string]: SdJwtFrameValue; }; type SdJwtDisclosureFrame = Record; type SdJwtPresentationFrame = Record; /** * Input for creating a SD JWT Verifiable Credential. This representation optionally includes the disclosure frame, * (as `__disclosureFrame`) to indicate which fields in the signed SD-JWT should be selectively discloseable */ interface SdJwtCredentialInput extends SdJwtDecodedVerifiableCredentialPayload { /** * Disclosure frame, indicating which fields in the signed SD-JWT should be selectively discloseable * Will be removed from the actual SD-JWT payload before signing */ __disclosureFrame?: SdJwtDisclosureFrame; } type SdJwtDecodedDisclosure = [string, string, JsonValue] | [string, JsonValue]; interface SdJwtDisclosure { encoded: string; decoded: SdJwtDecodedDisclosure; digest: string; } /** * The decoded SD JWT Verifiable Credential. This representation includes multiple representations of the * same SD-JWT, and allows to fully process an SD-JWT, as well as create a presentation SD-JWT (minus the KB-JWT) by removing * certain disclosures from the compact SD-JWT. * * This representation is useful as it doesn't require a hasher implementation to match the different digests in the signed SD-JWT * payload, with the different disclosures. */ interface SdJwtDecodedVerifiableCredential { type: SdJwtType; /** * The compact sd jwt is the sd-jwt encoded as string. It is a normal JWT, * with the disclosures and kb-jwt appended separated by ~ */ compactSdJwtVc: string; /** * The disclosures included within the SD-JWT in both encoded and decoded format. * The digests are also included, and allows the disclosures to be linked against * the digests in the signed payload. */ disclosures: Array; /** * The signed payload is the payload of the sd-jwt that is actually signed, and that includes * the `_sd` and `...` digests. */ signedPayload: SdJwtSignedVerifiableCredentialPayload | SdJwtVcdm2Payload; /** * The decoded payload is the payload when all `_sd` and `...` digests have been replaced * by the actual values from the disclosures. This format could also be seen as the 'pretty` * version of the SD JWT payload. * * This is useful for displaying the contents of the SD JWT VC to the user, or for example * for querying the contents of the SD JWT VC using a PEX presentation definition path. */ decodedPayload: SdJwtDecodedVerifiableCredentialPayload | SdJwtVcdm2Payload; /** * Key binding JWT */ kbJwt?: { header: SdJwtVcKbJwtHeader; payload: SdJwtVcKbJwtPayload; compact?: CompactJWT; }; } interface SdJwtVcKbJwtHeader { typ: 'kb+jwt'; alg: string; [x: string]: any; } interface SdJwtVcKbJwtPayload { iat: number; aud: string; nonce: string; sd_hash: string; [key: string]: unknown; } interface WrappedSdJwtVerifiableCredential { /** * Original VC that we've received. Can be either the encoded or decoded variant. */ original: SdJwtDecodedVerifiableCredential | SdJwtVcdm2Payload | CompactSdJwtVc; /** * Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT as the `decoded` property * is used in e.g. PEX to check for path filters from fields. The full decoded credential can be found in the `credential` field. */ decoded: SdJwtDecodedVerifiableCredentialPayload | SdJwtVcdm2Payload; /** * Type of this credential. */ type: OriginalType.SD_JWT_VC_DECODED | OriginalType.SD_JWT_VC_ENCODED; /** * The claim format, typically used during exchange transport protocols */ format: SdJwtType; /** * Internal stable representation of a Credential */ credential: SdJwtDecodedVerifiableCredential; } type HasherSync = (data: string | ArrayBuffer | SharedArrayBuffer, alg: string) => Uint8Array; type Hasher = (data: string | ArrayBuffer | SharedArrayBuffer, alg: string) => OrPromise; interface WrappedSdJwtVerifiablePresentation { /** * Original VP that we've received. Can be either the encoded or decoded variant. */ original: SdJwtDecodedVerifiableCredential | SdJwtVcdm2Payload | CompactSdJwtVc; /** * Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT. */ decoded: SdJwtDecodedVerifiableCredentialPayload | SdJwtVcdm2Payload; /** * Type of this Presentation. */ type: OriginalType.SD_JWT_VC_DECODED | OriginalType.SD_JWT_VC_ENCODED; /** * The claim format, typically used during exchange transport protocols */ format: 'dc+sd-jwt'; /** * Internal stable representation of a Presentation */ presentation: SdJwtDecodedVerifiableCredential; /** * Wrapped Verifiable Credentials belonging to the Presentation. Will always be an array * with a single SdJwtVerifiableCredential entry. */ vcs: [WrappedSdJwtVerifiableCredential]; } type SdJwtVcType = 'dc+sd-jwt' | 'vc+sd-jwt'; type SdJwtVpType = 'dc+sd-jwt' | 'vp+sd-jwt'; type SdJwtType = SdJwtVcType | SdJwtVpType; type WrappedVerifiableCredential = WrappedW3CVerifiableCredential | WrappedSdJwtVerifiableCredential | WrappedMdocCredential; type WrappedVerifiablePresentation = WrappedW3CVerifiablePresentation | WrappedSdJwtVerifiablePresentation | WrappedMdocPresentation; type CredentialProofFormat = 'jwt' | 'lds' | 'vc+jwt' | 'cbor'; type CredentialFormat = 'jwt_vc' | 'ldp_vc' | 'vc+jwt' | 'dc+sd-jwt' | 'jwt' | 'ldp' | 'mso_mdoc' | string; type PresentationFormat = 'jwt_vp' | 'ldp_vp' | 'vp+jwt' | 'vp+sd-jwt' | 'dc+sd-jwt' | 'jwt' | 'ldp' | 'mso_mdoc' | string; type ClaimFormat = CredentialFormat | PresentationFormat; type OriginalVerifiableCredential = W3CVerifiableCredential | JwtDecodedVerifiableCredential | SdJwtDecodedVerifiableCredential | MdocOid4vpIssuerSigned | MdocDocument; type OriginalVerifiablePresentation = W3CVerifiablePresentation | JwtDecodedVerifiablePresentation | SdJwtDecodedVerifiableCredential | MdocOid4vpMdocVpToken | MdocDeviceResponse; type Original = OriginalVerifiablePresentation | OriginalVerifiableCredential; type JwtObject = { alg_values: Array; }; type LdpObject = { proof_type_values: Array; }; type DiObject = { proof_type_values: Array; cryptosuite: Array; }; type SdJwtObject = { ['sd-jwt_alg_values']?: Array; ['kb-jwt_alg_values']?: Array; }; type MsoMdocObject = { ['issuerauth_alg_values']?: Array; ['deviceauth_alg_values']?: Array; }; type Format = { jwt?: JwtObject; jwt_vc?: JwtObject; jwt_vc_json?: JwtObject; jwt_vp?: JwtObject; jwt_vp_json?: JwtObject; ldp?: LdpObject; ldp_vc?: LdpObject; ldp_vp?: LdpObject; di?: DiObject; di_vc?: DiObject; di_vp?: DiObject; ['vc+sd-jwt']?: SdJwtObject; ['dc+sd-jwt']?: SdJwtObject; mso_mdoc?: MsoMdocObject; }; /** * Represents the metadata associated with a specific SD-JWT VC type. */ interface SdJwtTypeMetadata { /** * REQUIRED. The VC type URI. */ vct: string; /** * OPTIONAL. A human-readable name for the type. */ name?: string; /** * OPTIONAL. A human-readable description for the type. */ description?: string; /** * OPTIONAL. A URI of another type that this type extends. */ extends?: string; /** * OPTIONAL. Integrity metadata string for the 'extends' field. */ ['extends#integrity']?: string; /** * OPTIONAL. URL pointing towards a JSON Schema document describing the VC's structure. */ schema_uri?: string; /** * OPTIONAL. Integrity metadata string for the 'schema_uri' field. */ ['schema_uri#integrity']?: string; /** * OPTIONAL. Display metadata for various languages. */ display?: Array; /** * OPTIONAL. Metadata for the claims within the VC. */ claims?: Array; } /** * Represents the metadata associated with a specific SD-JWT claim. */ interface SdJwtClaimMetadata { /** * REQUIRED. An array indicating the claim or claims that are being addressed. */ path: Array; /** * OPTIONAL. Display information for the claim. */ display?: Array; /** * OPTIONAL. A string indicating whether the claim is selectively disclosable. */ sd?: SdJwtClaimSelectiveDisclosure; /** * OPTIONAL. A string defining the ID of the claim for reference in the SVG template. */ svg_id?: string; } /** * Represents claim display metadata for a specific language. */ interface SdJwtClaimDisplayMetadata { /** * REQUIRED. Language tag for the display information. */ lang: string; /** * OPTIONAL. Locale identifier for the display information. */ locale?: string; /** * REQUIRED. A human-readable label for the claim, intended for end users. */ label: string; /** * REQUIRED. A human-readable description for the claim, intended for end users. */ description?: string; } /** * Represents display metadata for a specific language. */ interface SdJwtTypeDisplayMetadata { /** * REQUIRED. Language tag for the display information. */ lang: string; /** * OPTIONAL. Locale identifier for the display information. */ locale?: string; /** * REQUIRED. Human-readable name for the type. */ name: string; /** * OPTIONAL. Human-readable description for the type. */ description?: string; /** * OPTIONAL. Rendering metadata for the type. */ rendering?: SdJwtTypeRenderingMetadata; } /** * Contains rendering metadata for different methods. */ interface SdJwtTypeRenderingMetadata { /** * OPTIONAL. Simple rendering method metadata. */ simple?: SdJwtSimpleRenderingMetadata; /** * OPTIONAL. Metadata for SVG templates. */ svg_template?: Array; } /** * Represents metadata for simple rendering. */ interface SdJwtSimpleRenderingMetadata { /** * OPTIONAL. Metadata for the logo image. */ logo?: SdJwtLogoMetadata; /** * OPTIONAL. Background color for the credential. */ background_color?: string; /** * OPTIONAL. Text color for the credential. */ text_color?: string; } /** * Represents metadata for a logo. */ interface SdJwtLogoMetadata { /** * REQUIRED. URI pointing to the logo image. */ uri: string; /** * OPTIONAL. Integrity metadata string for the 'uri' field. */ ['uri#integrity']?: string; /** * OPTIONAL. Alternative text for the logo image. */ alt_text?: string; } /** * Represents metadata for SVG templates. */ interface SdJwtSVGTemplateMetadata { /** * REQUIRED. URI pointing to the SVG template. */ uri: string; /** * OPTIONAL. Integrity metadata string for the 'uri' field. */ ['uri#integrity']?: string; /** * OPTIONAL. Properties for the SVG template. */ properties?: SdJwtSVGTemplateProperties; } /** * Contains properties for SVG templates. */ interface SdJwtSVGTemplateProperties { /** * OPTIONAL. The orientation for which the SVG template is optimized. */ orientation?: string; /** * OPTIONAL. The color scheme for which the SVG template is optimized. */ color_scheme?: string; } /** * A string indicates that the respective key is to be selected. * A null value indicates that all elements of the currently selected array(s) are to be selected. * A non-negative integer indicates that the respective index in an array is to be selected. */ type SdJwtClaimPath = string | null | number; /** * always: The Issuer MUST make the claim selectively disclosable. * allowed: The Issuer MAY make the claim selectively disclosable. * never: The Issuer MUST NOT make the claim selectively disclosable. */ type SdJwtClaimSelectiveDisclosure = 'always' | 'allowed' | 'never'; type SdJwtTypeHasher = (input: any, alg?: string) => string; type KeyType = mdocPkg.com.sphereon.crypto.generic.KeyType; type KeyOperations = mdocPkg.com.sphereon.crypto.generic.KeyOperations; type SignatureAlgorithm = mdocPkg.com.sphereon.crypto.generic.SignatureAlgorithm; /** * See our mdl-mdoc and crypto library for more information * https://github.com/Sphereon-Opensource/mdoc-cbor-crypto-multiplatform * * Conversion functions are available in above library. * Conversion functions are also available for TS in our @sphereon/ssi-sdk-ext.key-utils package * */ interface ICoseKeyJson { kty: ICoseKeyType; kid?: string; alg?: ICoseSignatureAlgorithm; key_ops?: Array; baseIV?: string; crv?: ICoseCurve; x?: string; y?: string; d?: string; x5chain?: Array; getSignatureAlgorithm(): SignatureAlgorithm; getKty(): KeyType; getKeyOperations(): Array; getX509CertificateChain(): Array | undefined; toPublicKey(): ICoseKeyJson; getKidAsString(): string | undefined; getXAsString(): string; getYAsString(): string; [k: string]: unknown; } type MetadataType = 'issuer' | 'authorizationServer' | 'openidFederation'; interface IMetadataImportArgs { metadataType: MetadataType; } type CWT = string; type StatusListCredential = W3CVerifiableCredential | CWT; declare enum CredentialRole { ISSUER = "ISSUER", VERIFIER = "VERIFIER", HOLDER = "HOLDER", FEDERATION_TRUST_ANCHOR = "FEDERATION_TRUST_ANCHOR" } declare enum LogLevel { TRACE = 0, DEBUG = 1, INFO = 2, WARNING = 3, ERROR = 4 } declare enum LoggingEventType { AUDIT = "audit", ACTIVITY = "activity", GENERAL = "general" } interface SimpleLogEvent { type: LoggingEventType.GENERAL; level: LogLevel; correlationId?: string; timestamp: Date; data: string; diagnosticData?: any; } declare enum LogMethod { DEBUG_PKG = 0, CONSOLE = 1, EVENT = 2 } interface SimpleLogOptions { namespace?: string; eventName?: string; defaultLogLevel?: LogLevel; methods?: LogMethod[]; } declare function logOptions(opts?: SimpleLogOptions): Required; declare class Loggers { private static readonly DEFAULT_KEY; static readonly DEFAULT: Loggers; private readonly namespaceOptions; private readonly loggers; constructor(defaultOptions?: Omit); options(namespace: string, options: Omit): this; defaultOptions(options: Omit): this; register(namespace: string, logger: ISimpleLogger): ISimpleLogger; get(namespace: string, registerLogger?: ISimpleLogger): ISimpleLogger; } type ISimpleLogger = { options: Required; log(value: LogType, ...args: any[]): void; info(value: LogType, ...args: any[]): void; debug(value: LogType, ...args: any[]): void; trace(value: LogType, ...args: any[]): void; warning(value: LogType, ...args: any[]): void; error(value: LogType, ...args: any[]): void; logl(level: LogLevel, value: LogType, ...argsW: any[]): void; }; declare class SimpleLogger implements ISimpleLogger { private _eventEmitter; private readonly _options; constructor(opts?: SimpleLogOptions); get eventEmitter(): EventEmitter; get options(): Required; trace(value: any, ...args: any[]): void; debug(value: any, ...args: any[]): void; info(value: any, ...args: any[]): void; warning(value: any, ...args: any[]): void; error(value: any, ...args: any[]): void; logl(level: LogLevel, value: any, ...args: any[]): void; private logImpl; log(value: any, ...args: any[]): void; } declare class SimpleRecordLogger extends SimpleLogger implements ISimpleLogger> { constructor(opts?: SimpleLogOptions); } declare enum System { GENERAL = "general", KMS = "kms", IDENTITY = "identity", OID4VCI = "oid4vci", OID4VP = "oid4vp", SIOPv2 = "siopv2", PE = "PE", CREDENTIALS = "credentials", WEB3 = "web3", PROFILE = "profile", CONTACT = "contact" } declare enum SubSystem { KEY = "key", DID_PROVIDER = "did_provider", DID_RESOLVER = "did_resolver", OID4VP_OP = "oid4vp_op", OID4VCI_CLIENT = "oid4vci_client", SIOPv2_OP = "siopv2_op", CONTACT_MANAGER = "contact_manager", VC_ISSUER = "vc_issuer", VC_VERIFIER = "vc_verifier", VC_PERSISTENCE = "vc_persistence", TRANSPORT = "transport", PROFILE = "profile", API = "api" } declare enum ActionType { CREATE = "create", READ = "read", UPDATE = "update", DELETE = "delete", EXECUTE = "execute" } declare enum DefaultActionSubType { KEY_GENERATION = "Key generation", KEY_IMPORT = "Key import", KEY_PERSISTENCE = "Key persistence", KEY_REMOVAL = "Key removal", DID_CREATION = "DID creation", DID_RESOLUTION = "DID resolution", DID_SERVICE_UPDATE = "DID service update", VC_ISSUE = "VC issue", VC_VERIFY = "VC verify", VC_SHARE = "VC share", VC_DELETE = "VC delete", VC_ISSUE_DECLINE = "VC issue decline", VC_SHARE_DECLINE = "VC share decline" } type ActionSubType = DefaultActionSubType | string; declare enum InitiatorType { USER = "user", SYSTEM = "system", EXTERNAL = "external" } declare enum SystemCorrelationIdType { DID = "did", URL = "url", EMAIL = "email", HOSTNAME = "hostname", PHONE = "phone", USER = "user" } type EventData = { system: string; subSystemType: string; }; interface BasicEvent { id: string; correlationId?: string; eventName: string; initiator?: string; initiatorType: InitiatorType; system: System; subsystem: SubSystem; data: PayloadType; } declare class EventManager { private static readonly INSTANCE; private _emitters; private constructor(); static instance(): EventManager; register(name: string, emitter: EventEmitter, opts?: { disabled: boolean; }): EventEmitter; get(name: string, opts?: { onlyEnabled?: boolean; }): EventEmitter; getOrCreate(name: string, opts?: { onlyEnabled?: boolean; }): EventEmitter; has(name: string): boolean; emitters(filter?: { eventName?: string | symbol; onlyEnabled?: boolean; }): Array; hasEventName(eventName: string | symbol): boolean; eventNames(): Array; emitBasic(event: BasicEvent, ...args: any[]): void; emit(eventName: string | symbol, event: Omit, 'eventName'> | any, ...args: any[]): void; listenerCount(eventName: string | symbol): number; listeners(filter: { emitterName?: string; eventName: string; onlyEnabled?: boolean; }): Array; private emittersImpl; } declare class BasicEventEmitter extends EventEmitter { addListener(eventName: string | symbol, listener: (event: BasicEvent, ...args: any[]) => void): this; once(eventName: string | symbol, listener: (event: BasicEvent, ...args: any[]) => void): this; emit(eventName: string, event: BasicEvent, ...args: any[]): boolean; } export { type ActionSubType, ActionType, type AdditionalClaims, type BaseJWK, type BasicEvent, BasicEventEmitter, type BearerTokenArg, type CWT, type ClaimFormat, type CompactJWT, type CompactSdJwtVc, type ConditionWeightedThreshold, type CredentialConstraint, type CredentialEncoding, type CredentialFormat, CredentialMapper, type CredentialProofFormat, CredentialRole, type DIDDocument, type DIDDocumentMetadata, type DIDResolutionMetadata, type DIDResolutionOptions, type DIDResolutionResult, type DataModel, DefaultActionSubType, type Descriptor, type DeviceSignedJson, type DiObject, DocumentFormat, type DocumentJson, type EventData, EventManager, type Extensible, type Format, type Hasher, type HasherSync, ICoseCurve, type ICoseKeyJson, ICoseKeyOperation, ICoseKeyType, ICoseSignatureAlgorithm, type ICredential, type ICredentialContext, type ICredentialContextType, type ICredentialSchema, type ICredentialSchemaType, type ICredentialStatus, type ICredentialSubject, type IError, type IErrorDetails, type IHasProof, type IIssuer, type IIssuerId, type IMetadataImportArgs, type IParsedDID, type IPresentation, type IProof, IProofPurpose, IProofType, type ISimpleLogger, type IValidationResult, type IValidationResults, type IVcdm2Credential, type IVcdmBaseCredential, type IVerifiableCredential, type IVerifiablePresentation, type IVerifyResult, type IVerifySingleResultItem, type IVerifySingleResultLog, type IVerifyStatusResult, InitiatorType, type IssuerAttributeName, type IssuerSignedItemJson, type IssuerSignedJson, type JWK, JWT_PROOF_TYPE_2020, JoseCurve, type JoseCurveString, JoseKeyOperation, type JoseKeyOperationString, JoseSignatureAlgorithm, type JoseSignatureAlgorithmString, type JsonValue, type JsonWebKey, JwkKeyType, type JwkKeyTypeString, type JwtDecodedVerifiableCredential, type JwtDecodedVerifiablePresentation, type JwtObject, type KeyCapabilitySection, type LanguageValueClaim, type LdpObject, LogLevel, LogMethod, Loggers, LoggingEventType, type MdocDecodedPayload, type MdocDeviceResponse, type MdocDocument, type MdocDocumentJson, type MdocIssuerSigned, type MdocOid4vpIssuerSigned, type MdocOid4vpMdocVpToken, type MetadataType, type MsoMdocObject, ObjectUtils, type Optional, type OrPromise, type Original, OriginalType, type OriginalVerifiableCredential, type OriginalVerifiablePresentation, type PresentationFormat, type PresentationSubmission, type RequireOneOf, type SDJWTVCDM2Config, type SdJwtClaimDisplayMetadata, type SdJwtClaimMetadata, type SdJwtClaimPath, type SdJwtClaimSelectiveDisclosure, type SdJwtCredentialInput, type SdJwtDecodedDisclosure, type SdJwtDecodedVerifiableCredential, type SdJwtDecodedVerifiableCredentialPayload, type SdJwtDisclosure, type SdJwtDisclosureFrame, type SdJwtJsonValue, type SdJwtLogoMetadata, type SdJwtObject, type SdJwtPayload, type SdJwtPresentationFrame, type SdJwtSVGTemplateMetadata, type SdJwtSVGTemplateProperties, type SdJwtSignedVerifiableCredentialPayload, type SdJwtSimpleRenderingMetadata, type SdJwtType, type SdJwtTypeDisplayMetadata, type SdJwtTypeHasher, type SdJwtTypeMetadata, type SdJwtTypeRenderingMetadata, type SdJwtVcKbJwtHeader, type SdJwtVcKbJwtPayload, type SdJwtVcType, type SdJwtVcdm2Payload, type SdJwtVpType, type Service, type ServiceEndpoint, type SimpleLogEvent, type SimpleLogOptions, SimpleLogger, SimpleRecordLogger, type SingleOrArray, type StatusListCredential, StatusListCredentialIdMode, StatusListDriverType, type StatusListFetcher, type StatusListIndexingDirection, StatusListType, type StatusPurpose2021, type StatusValidator, SubSystem, type SubjectAttributeName, System, SystemCorrelationIdType, type TypeAttributeName, type UniformVerifiablePresentation, VCDM_CREDENTIAL_CONTEXT_V1, VCDM_CREDENTIAL_CONTEXT_V2, VCDM_CREDENTIAL_CONTEXT_VERSIONS, type VerificationMethod, type W3CVerifiableCredential, type W3CVerifiablePresentation, type WrappedMdocCredential, type WrappedMdocPresentation, type WrappedSdJwtVerifiableCredential, type WrappedSdJwtVerifiablePresentation, type WrappedVerifiableCredential, type WrappedVerifiablePresentation, type WrappedW3CVerifiableCredential, type WrappedW3CVerifiablePresentation, addVcdmContextIfNeeded, decodeMdocDeviceResponse, decodeMdocIssuerSigned, decodeSdJwtVc, decodeSdJwtVcAsync, defaultHasher, encodeMdocIssuerSigned, getMdocDecodedPayload, isLanguageValueObject, isLanguageValueObjects, isVcdm1Credential, isVcdm2Credential, isWrappedMdocCredential, isWrappedMdocPresentation, isWrappedSdJwtVerifiableCredential, isWrappedSdJwtVerifiablePresentation, isWrappedW3CVerifiableCredential, isWrappedW3CVerifiablePresentation, logOptions, mapLanguageValue, mapLanguageValues, mdocDecodedCredentialToUniformCredential, parseDid, sdJwtDecodedCredentialToUniformCredential, sha256, shaHasher, toLanguageValueObject, toLanguageValueObjects };