server_debian_macro/node_modules/@azure/keyvault-keys/dist/commonjs/cryptographyClientModels.d.ts

import { CryptographyOptions, KeyVaultKey } from "./keysModels.js";
import { JsonWebKeyEncryptionAlgorithm as EncryptionAlgorithm, JsonWebKey, JsonWebKeyCurveName as KeyCurveName, KnownJsonWebKeyCurveName as KnownKeyCurveNames, KnownJsonWebKeySignatureAlgorithm as KnownSignatureAlgorithms, JsonWebKeySignatureAlgorithm as SignatureAlgorithm } from "./generated/models/index.js";
export { KeyCurveName, KnownKeyCurveNames, EncryptionAlgorithm, SignatureAlgorithm, KnownSignatureAlgorithms, };
/** Known values of {@link EncryptionAlgorithm} that the service accepts. */
export declare enum KnownEncryptionAlgorithms {
    /** Encryption Algorithm - RSA-OAEP */
    RSAOaep = "RSA-OAEP",
    /** Encryption Algorithm - RSA-OAEP-256 */
    RSAOaep256 = "RSA-OAEP-256",
    /** Encryption Algorithm - RSA1_5 */
    RSA15 = "RSA1_5",
    /** Encryption Algorithm - A128GCM */
    A128GCM = "A128GCM",
    /** Encryption Algorithm - A192GCM */
    A192GCM = "A192GCM",
    /** Encryption Algorithm - A256GCM */
    A256GCM = "A256GCM",
    /** Encryption Algorithm - A128KW */
    A128KW = "A128KW",
    /** Encryption Algorithm - A192KW */
    A192KW = "A192KW",
    /** Encryption Algorithm - A256KW */
    A256KW = "A256KW",
    /** Encryption Algorithm - A128CBC */
    A128CBC = "A128CBC",
    /** Encryption Algorithm - A192CBC */
    A192CBC = "A192CBC",
    /** Encryption Algorithm - A256CBC */
    A256CBC = "A256CBC",
    /** Encryption Algorithm - A128CBCPAD */
    A128Cbcpad = "A128CBCPAD",
    /** Encryption Algorithm - A192CBCPAD */
    A192Cbcpad = "A192CBCPAD",
    /** Encryption Algorithm - A256CBCPAD */
    A256Cbcpad = "A256CBCPAD"
}
/**
 * Supported algorithms for key wrapping/unwrapping
 */
export type KeyWrapAlgorithm = "A128KW" | "A192KW" | "A256KW" | "RSA-OAEP" | "RSA-OAEP-256" | "RSA1_5";
/**
 * Result of the {@link encrypt} operation.
 */
export interface EncryptResult {
    /**
     * Result of the {@link encrypt} operation in bytes.
     */
    result: Uint8Array;
    /**
     * The {@link EncryptionAlgorithm} used to encrypt the data.
     */
    algorithm: EncryptionAlgorithm;
    /**
     * The ID of the Key Vault Key used to encrypt the data.
     */
    keyID?: string;
    /**
     * The initialization vector used for encryption.
     */
    iv?: Uint8Array;
    /**
     * The authentication tag resulting from encryption with a symmetric key including A128GCM, A192GCM, and A256GCM.
     */
    authenticationTag?: Uint8Array;
    /**
     * Additional data that is authenticated during decryption but not encrypted.
     */
    additionalAuthenticatedData?: Uint8Array;
}
/**
 * Result of the {@link wrap} operation.
 */
export interface WrapResult {
    /**
     * Result of the {@link wrap} operation in bytes.
     */
    result: Uint8Array;
    /**
     * The ID of the Key Vault Key used to wrap the data.
     */
    keyID?: string;
    /**
     * The {@link EncryptionAlgorithm} used to wrap the data.
     */
    algorithm: KeyWrapAlgorithm;
}
/**
 * Result of the {@link unwrap} operation.
 */
export interface UnwrapResult {
    /**
     * Result of the {@link unwrap} operation in bytes.
     */
    result: Uint8Array;
    /**
     * The ID of the Key Vault Key used to unwrap the data.
     */
    keyID?: string;
    /**
     * The {@link KeyWrapAlgorithm} used to unwrap the data.
     */
    algorithm: KeyWrapAlgorithm;
}
/**
 * Result of the {@link decrypt} operation.
 */
export interface DecryptResult {
    /**
     * Result of the {@link decrypt} operation in bytes.
     */
    result: Uint8Array;
    /**
     * The ID of the Key Vault Key used to decrypt the encrypted data.
     */
    keyID?: string;
    /**
     * The {@link EncryptionAlgorithm} used to decrypt the encrypted data.
     */
    algorithm: EncryptionAlgorithm;
}
/**
 * Result of the {@link sign} operation.
 */
export interface SignResult {
    /**
     * Result of the {@link sign} operation in bytes.
     */
    result: Uint8Array;
    /**
     * The ID of the Key Vault Key used to sign the data.
     */
    keyID?: string;
    /**
     * The {@link EncryptionAlgorithm} used to sign the data.
     */
    algorithm: SignatureAlgorithm;
}
/**
 * Result of the {@link verify} operation.
 */
export interface VerifyResult {
    /**
     * Result of the {@link verify} operation in bytes.
     */
    result: boolean;
    /**
     * The ID of the Key Vault Key used to verify the data.
     */
    keyID?: string;
}
/**
 * Options for {@link encrypt}.
 */
export interface EncryptOptions extends CryptographyOptions {
}
/**
 * Options for {@link decrypt}.
 */
export interface DecryptOptions extends CryptographyOptions {
}
/**
 * Options for {@link sign}.
 */
export interface SignOptions extends CryptographyOptions {
}
/**
 * Options for {@link verify}.
 */
export interface VerifyOptions extends CryptographyOptions {
}
/**
 * Options for {@link verifyData}
 */
export interface VerifyDataOptions extends CryptographyOptions {
}
/**
 * Options for {@link wrapKey}.
 */
export interface WrapKeyOptions extends CryptographyOptions {
}
/**
 * Options for {@link unwrapKey}.
 */
export interface UnwrapKeyOptions extends CryptographyOptions {
}
/**
 * A union type representing all supported RSA encryption algorithms.
 */
export type RsaEncryptionAlgorithm = "RSA1_5" | "RSA-OAEP" | "RSA-OAEP-256";
/**
 * Encryption parameters for RSA encryption algorithms.
 */
export interface RsaEncryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: RsaEncryptionAlgorithm;
    /**
     * The plain text to encrypt.
     */
    plaintext: Uint8Array;
}
/**
 * A union type representing all supported AES-GCM encryption algorithms.
 */
export type AesGcmEncryptionAlgorithm = "A128GCM" | "A192GCM" | "A256GCM";
/**
 * Encryption parameters for AES-GCM encryption algorithms.
 */
export interface AesGcmEncryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: AesGcmEncryptionAlgorithm;
    /**
     * The plain text to encrypt.
     */
    plaintext: Uint8Array;
    /**
     * Optional data that is authenticated but not encrypted.
     */
    additionalAuthenticatedData?: Uint8Array;
}
/**
 * A union type representing all supported AES-CBC encryption algorithms.
 */
export type AesCbcEncryptionAlgorithm = "A128CBC" | "A192CBC" | "A256CBC" | "A128CBCPAD" | "A192CBCPAD" | "A256CBCPAD";
/**
 * Encryption parameters for AES-CBC encryption algorithms.
 */
export interface AesCbcEncryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: AesCbcEncryptionAlgorithm;
    /**
     * The plain text to encrypt.
     */
    plaintext: Uint8Array;
    /**
     * The initialization vector used for encryption. If omitted we will attempt to generate an IV using crypto's `randomBytes` functionality.
     * An error will be thrown if creating an IV fails, and you may recover by passing in your own cryptographically secure IV.
     *
     * When passing your own IV, make sure you use a cryptographically random, non-repeating IV.
     */
    iv?: Uint8Array;
}
/**
 * A type representing all currently supported encryption parameters as they apply to different encryption algorithms.
 */
export type EncryptParameters = RsaEncryptParameters | AesGcmEncryptParameters | AesCbcEncryptParameters;
/**
 * Decryption parameters for RSA encryption algorithms.
 */
export interface RsaDecryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: RsaEncryptionAlgorithm;
    /**
     * The ciphertext to decrypt.
     */
    ciphertext: Uint8Array;
}
/**
 * Decryption parameters for AES-GCM encryption algorithms.
 */
export interface AesGcmDecryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: AesGcmEncryptionAlgorithm;
    /**
     * The ciphertext to decrypt.
     */
    ciphertext: Uint8Array;
    /**
     * The initialization vector (or nonce) generated during encryption.
     */
    iv: Uint8Array;
    /**
     * The authentication tag generated during encryption.
     */
    authenticationTag: Uint8Array;
    /**
     * Optional data that is authenticated but not encrypted.
     */
    additionalAuthenticatedData?: Uint8Array;
}
/**
 * Decryption parameters for AES-CBC encryption algorithms.
 */
export interface AesCbcDecryptParameters {
    /**
     * The encryption algorithm to use.
     */
    algorithm: AesCbcEncryptionAlgorithm;
    /**
     * The initialization vector used during encryption.
     */
    /**
     * The ciphertext to decrypt. Microsoft recommends you not use CBC without first ensuring the integrity of the ciphertext using an HMAC, for example.
     * See https://docs.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information.
     */
    ciphertext: Uint8Array;
    /**
     * The initialization vector generated during encryption.
     */
    iv: Uint8Array;
}
/**
 * A type representing all currently supported decryption parameters as they apply to different encryption algorithms.
 */
export type DecryptParameters = RsaDecryptParameters | AesGcmDecryptParameters | AesCbcDecryptParameters;
/**
 * The various key types a {@link CryptographyClient} can hold.
 * The key may be an identifier (URL) to a KeyVault key, the actual KeyVault key,
 * or a local-only JsonWebKey.
 *
 * If an identifier is used, an attempt will be made to exchange it for a {@link KeyVaultKey} during the first operation call. If this attempt fails, the identifier
 * will become a remote-only identifier and the {@link CryptographyClient} will only be able to perform remote operations.
 */
export type CryptographyClientKey = {
    kind: "identifier";
    value: string;
} | {
    kind: "remoteOnlyIdentifier";
    value: string;
} | {
    kind: "KeyVaultKey";
    value: KeyVaultKey;
} | {
    kind: "JsonWebKey";
    value: JsonWebKey;
};
//# sourceMappingURL=cryptographyClientModels.d.ts.map