import { Encrypted as Encrypted$1, newClient, EncryptedQuery as EncryptedQuery$1, JsPlaintext, QueryOpName } from '@cipherstash/protect-ffi';
import { ProtectColumn, ProtectValue, ProtectTable, ProtectTableColumn } from '@cipherstash/schema';

/**
 * Type to represent the client object
 */
type Client = Awaited<ReturnType<typeof newClient>> | undefined;
/**
 * Type to represent an encrypted payload stored in the database. Always carries
 * a ciphertext — scalar payloads at the root (`c`), SteVec payloads at
 * `sv[0].c`. For search-term payloads returned by `encryptQuery`, see
 * {@link EncryptedQuery}.
 */
type Encrypted = Encrypted$1 | null;
/**
 * Type to represent an encrypted query term (search needle) returned by
 * `encryptQuery` / `encryptQueryBulk` for scalar (`unique` / `match` / `ore`)
 * lookups and `ste_vec_selector` JSON path queries. Carries no ciphertext — it
 * is matched against stored values, never decrypted. JSON containment queries
 * (`ste_vec_term`) return a storage-shaped {@link Encrypted} payload instead.
 */
type EncryptedQuery = EncryptedQuery$1 | null;
/**
 * Represents an encrypted payload in the database
 * @deprecated Use `Encrypted` instead
 */
type EncryptedPayload = Encrypted | null;
/**
 * Represents an encrypted data object in the database
 * @deprecated Use `Encrypted` instead
 */
type EncryptedData = Encrypted | null;
/**
 * Represents a value that will be encrypted and used in a search
 */
type SearchTerm = {
    value: JsPlaintext;
    column: ProtectColumn;
    table: ProtectTable<ProtectTableColumn>;
    returnType?: 'eql' | 'composite-literal' | 'escaped-composite-literal';
};
type KeysetIdentifier = {
    name: string;
} | {
    id: string;
};
/**
 * The return type of the search term based on the return type specified in the `SearchTerm` type.
 * - `eql` → an `Encrypted` storage payload (for `ste_vec_term` containment) or an
 *   {@link EncryptedQuery} term (for scalar lookups and `ste_vec_selector` queries).
 * - `composite-literal` → `string` where the value is a composite literal.
 * - `escaped-composite-literal` → `string` where the value is an escaped composite literal.
 */
type EncryptedSearchTerm = Encrypted | EncryptedQuery | string;
/**
 * Result type for encryptQuery batch operations.
 * Can be an `Encrypted` storage payload (e.g. for `ste_vec_term`), an
 * {@link EncryptedQuery} term (for scalar lookups and `ste_vec_selector`),
 * a `string` (for composite-literal formats), or `null` (for null inputs).
 */
type EncryptedQueryResult = Encrypted | EncryptedQuery | string | null;
/**
 * Represents a payload to be encrypted using the `encrypt` function
 */
type EncryptPayload = JsPlaintext | null;
/**
 * Represents the options for encrypting a payload using the `encrypt` function
 */
type EncryptOptions = {
    column: ProtectColumn | ProtectValue;
    table: ProtectTable<ProtectTableColumn>;
};
/**
 * Type to identify encrypted fields in a model
 */
type EncryptedFields<T> = {
    [K in keyof T as T[K] extends Encrypted ? K : never]: T[K];
};
/**
 * Type to identify non-encrypted fields in a model
 */
type OtherFields<T> = {
    [K in keyof T as T[K] extends Encrypted ? never : K]: T[K];
};
/**
 * Type to represent decrypted fields in a model
 */
type DecryptedFields<T> = {
    [K in keyof T as T[K] extends Encrypted ? K : never]: string;
};
/**
 * Represents a model with plaintext (decrypted) values instead of the EQL/JSONB types
 */
type Decrypted<T> = OtherFields<T> & DecryptedFields<T>;
/**
 * Types for bulk encryption and decryption operations.
 */
type BulkEncryptPayload = Array<{
    id?: string;
    plaintext: JsPlaintext | null;
}>;
type BulkEncryptedData = Array<{
    id?: string;
    data: Encrypted;
}>;
type BulkDecryptPayload = Array<{
    id?: string;
    data: Encrypted;
}>;
type BulkDecryptedData = Array<DecryptionResult<JsPlaintext | null>>;
type DecryptionSuccess<T> = {
    error?: never;
    data: T;
    id?: string;
};
type DecryptionError<T> = {
    error: T;
    id?: string;
    data?: never;
};
type DecryptionResult<T> = DecryptionSuccess<T> | DecryptionError<T>;
/**
 * User-facing query type names for encrypting query values.
 *
 * - `'equality'`: For exact match queries. {@link https://cipherstash.com/docs/platform/searchable-encryption/supported-queries/exact | Exact Queries}
 * - `'freeTextSearch'`: For text search queries. {@link https://cipherstash.com/docs/platform/searchable-encryption/supported-queries/match | Match Queries}
 * - `'orderAndRange'`: For comparison and range queries. {@link https://cipherstash.com/docs/platform/searchable-encryption/supported-queries/range | Range Queries}
 * - `'steVecSelector'`: For JSONPath selector queries (e.g., '$.user.email')
 * - `'steVecTerm'`: For containment queries (e.g., { role: 'admin' })
 * - `'searchableJson'`: Auto-infers selector or term based on plaintext type (recommended)
 *   - String values → ste_vec_selector (JSONPath queries)
 *   - Object/Array/Number/Boolean → ste_vec_term (containment queries)
 *
 * Note: For columns with an ste_vec index, `'searchableJson'` behaves identically to omitting
 * `queryType` entirely - both auto-infer the query operation from the plaintext type. Using
 * `'searchableJson'` explicitly is useful for code clarity and self-documenting intent.
 */
type QueryTypeName = 'orderAndRange' | 'freeTextSearch' | 'equality' | 'steVecSelector' | 'steVecTerm' | 'searchableJson';
/**
 * Internal FFI index type names.
 * @internal
 */
type FfiIndexTypeName = 'ore' | 'match' | 'unique' | 'ste_vec';
/**
 * Query type constants for use with encryptQuery().
 */
declare const queryTypes: {
    readonly orderAndRange: "orderAndRange";
    readonly freeTextSearch: "freeTextSearch";
    readonly equality: "equality";
    readonly steVecSelector: "steVecSelector";
    readonly steVecTerm: "steVecTerm";
    readonly searchableJson: "searchableJson";
};
/**
 * Maps user-friendly query type names to FFI index type names.
 * @internal
 */
declare const queryTypeToFfi: Record<QueryTypeName, FfiIndexTypeName>;
/**
 * Maps query type names to FFI query operation names.
 * Returns undefined for query types that don't need a specific queryOp.
 * @internal
 */
declare const queryTypeToQueryOp: Partial<Record<QueryTypeName, QueryOpName>>;
/**
 * Base type for query term options shared between single and bulk operations.
 * @internal
 */
type QueryTermBase = {
    column: ProtectColumn;
    table: ProtectTable<ProtectTableColumn>;
    queryType?: QueryTypeName;
    /**
     * The format for the returned encrypted value:
     * - `'eql'` (default) - Returns raw Encrypted object
     * - `'composite-literal'` - Returns PostgreSQL composite literal format `("json")`
     * - `'escaped-composite-literal'` - Returns escaped format `"(\"json\")"`
     */
    returnType?: 'eql' | 'composite-literal' | 'escaped-composite-literal';
};
/**
 * Options for encrypting a single query term.
 */
type EncryptQueryOptions = QueryTermBase;
/**
 * Individual query term for bulk operations.
 */
type ScalarQueryTerm = QueryTermBase & {
    value: JsPlaintext | null;
};

export { type BulkEncryptedData as B, type Client as C, type Decrypted as D, type Encrypted as E, type FfiIndexTypeName as F, type KeysetIdentifier as K, type OtherFields as O, type QueryTypeName as Q, type ScalarQueryTerm as S, type BulkEncryptPayload as a, type EncryptOptions as b, type BulkDecryptedData as c, type BulkDecryptPayload as d, type EncryptedQueryResult as e, type EncryptQueryOptions as f, type DecryptedFields as g, type DecryptionResult as h, type EncryptPayload as i, type EncryptedData as j, type EncryptedFields as k, type EncryptedPayload as l, type EncryptedQuery as m, type EncryptedSearchTerm as n, type QueryTermBase as o, type SearchTerm as p, queryTypeToFfi as q, queryTypeToQueryOp as r, queryTypes as s };