import { type ConfigProvider } from '../../src/types.ts';
import { type AESSIVDriverConfig, type AES256CBCDriverConfig, type AES256GCMDriverConfig, type ChaCha20Poly1305DriverConfig, type LegacyDriverConfig } from '../../types/encryption.ts';
import { type EncryptionConfig } from '../../types/encryption.ts';
/**
 * Resolved configuration from the config provider that will be
 * accepted by the encryption manager.
 *
 * This type unwraps ConfigProvider types to their resolved values,
 * ensuring all encryptors in the list are concrete EncryptionConfig
 * objects rather than providers.
 *
 * @template KnownEncryptors - Record of encryptor names to their configurations
 */
type ResolvedConfig<KnownEncryptors extends Record<string, EncryptionConfig | ConfigProvider<EncryptionConfig>>> = {
    /**
     * The default encryptor name to use when no specific
     * encryptor is requested
     */
    default?: keyof KnownEncryptors;
    /**
     * Map of encryptor names to their resolved configurations.
     * ConfigProvider types are unwrapped to their underlying
     * EncryptionConfig values.
     */
    list: {
        [K in keyof KnownEncryptors]: KnownEncryptors[K] extends ConfigProvider<infer A> ? A : KnownEncryptors[K];
    };
};
/**
 * Defines the encryption configuration for the application.
 *
 * This function creates a configuration provider that lazily resolves
 * encryption drivers. It validates that the default encryptor (if specified)
 * exists in the list and resolves any ConfigProvider instances to their
 * concrete values.
 *
 * @template KnownEncryptors - Record of encryptor names to their configurations
 *
 * @param config - The encryption configuration object
 * @param config.default - Optional default encryptor name
 * @param config.list - Map of encryptor names to their configurations or providers
 *
 * @example
 * ```ts
 * const encryptionConfig = defineConfig({
 *   default: 'app',
 *   list: {
 *     app: drivers.aes256gcm({
 *       id: 'app',
 *       keys: [env.get('APP_KEY')]
 *     }),
 *     backup: drivers.chacha20({
 *       id: 'backup',
 *       keys: [env.get('BACKUP_KEY')]
 *     })
 *   }
 * })
 * ```
 */
export declare function defineConfig<KnownEncryptors extends Record<string, EncryptionConfig | ConfigProvider<EncryptionConfig>>>(config: {
    default?: keyof KnownEncryptors;
    list: KnownEncryptors;
}): ConfigProvider<ResolvedConfig<KnownEncryptors>>;
/**
 * Collection of encryption driver factory functions.
 *
 * Each driver factory creates a ConfigProvider that lazily imports
 * and configures the corresponding encryption driver. This allows
 * for efficient code splitting and on-demand loading of encryption
 * algorithms.
 */
export declare const drivers: {
    /**
     * Creates a ChaCha20-Poly1305 encryption driver configuration.
     *
     * ChaCha20-Poly1305 is a modern authenticated encryption algorithm
     * that provides excellent performance on systems without AES hardware
     * acceleration.
     *
     * @param config - The ChaCha20-Poly1305 driver configuration
     *
     * @example
     * ```ts
     * drivers.chacha20({
     *   id: 'app',
     *   keys: [env.get('APP_KEY')]
     * })
     * ```
     */
    chacha20: (config: ChaCha20Poly1305DriverConfig) => ConfigProvider<EncryptionConfig>;
    /**
     * Creates an AES-256-CBC encryption driver configuration.
     *
     * AES-256-CBC is a widely-supported block cipher mode. However,
     * consider using AES-256-GCM for new applications as it provides
     * authenticated encryption.
     *
     * @param config - The AES-256-CBC driver configuration
     *
     * @example
     * ```ts
     * drivers.aes256cbc({
     *   id: 'legacy',
     *   keys: [env.get('LEGACY_KEY')]
     * })
     * ```
     */
    aes256cbc: (config: AES256CBCDriverConfig) => ConfigProvider<EncryptionConfig>;
    /**
     * Creates an AES-256-GCM encryption driver configuration.
     *
     * AES-256-GCM is an authenticated encryption algorithm that provides
     * both confidentiality and integrity. It offers excellent performance
     * on systems with AES hardware acceleration.
     *
     * @param config - The AES-256-GCM driver configuration
     *
     * @example
     * ```ts
     * drivers.aes256gcm({
     *   id: 'app',
     *   keys: [env.get('APP_KEY')]
     * })
     * ```
     */
    aes256gcm: (config: AES256GCMDriverConfig) => ConfigProvider<EncryptionConfig>;
    /**
     * Creates an AES-SIV encryption driver configuration.
     *
     * @param config - The AES-SIV driver configuration
     *
     * @example
     * ```ts
     * drivers.aessiv({
     *   id: 'app',
     *   key: env.get('APP_KEY')
     * })
     * ```
     */
    aessiv: (config: AESSIVDriverConfig) => ConfigProvider<EncryptionConfig>;
    /**
     * Creates a Legacy encryption driver configuration.
     *
     * The Legacy driver maintains compatibility with the old AdonisJS v6
     * encryption format. It uses AES-256-CBC with HMAC SHA-256.
     *
     * Use this driver to decrypt values encrypted with older versions
     * of AdonisJS or when migrating to newer encryption drivers.
     *
     * @param config - The Legacy driver configuration
     *
     * @example
     * ```ts
     * drivers.legacy({
     *   keys: [env.get('APP_KEY')]
     * })
     * ```
     */
    legacy: (config: LegacyDriverConfig) => ConfigProvider<EncryptionConfig>;
};
export {};