/**
 * Generates a cryptographically secure opaque access token.
 * Returns a 64-character hex string (32 random bytes).
 */
export declare function generateOpaqueToken(): string;
/**
 * Generates a PKCE code verifier (RFC 7636).
 * Returns a base64url-encoded string of 32 random bytes.
 */
export declare function generateCodeVerifier(): string;
/**
 * Generates a PKCE code challenge from a code verifier (RFC 7636, S256 method).
 * Returns the base64url-encoded SHA-256 hash of the verifier.
 */
export declare function generateCodeChallenge(codeVerifier: string): string;
//# sourceMappingURL=crypto-utils.d.ts.map