/**
 * Configuration File Signing (SEC-015)
 * Provides optional signing and verification for critical configuration files
 * to prevent tampering attacks.
 */
/**
 * Generate a signing key from a passphrase or use a default key file
 * @param keyPath - Optional path to key file
 * @param passphrase - Optional passphrase to derive key from
 * @returns Signing key as Buffer
 */
export declare function generateSigningKey(keyPath?: string, passphrase?: string): Buffer;
/**
 * Sign a file's content
 * @param filePath - Path to file to sign
 * @param content - File content to sign
 * @param key - Signing key
 * @returns Signature as hex string
 */
export declare function signContent(content: string, key: Buffer): string;
/**
 * Verify a file's signature
 * @param content - File content to verify
 * @param signature - Expected signature (hex string)
 * @param key - Signing key
 * @returns True if signature is valid
 */
export declare function verifySignature(content: string, signature: string, key: Buffer): boolean;
/**
 * Save signature to a separate file
 * @param filePath - Path to original file
 * @param signature - Signature to save
 */
export declare function saveSignature(filePath: string, signature: string): void;
/**
 * Load signature from file
 * @param filePath - Path to original file
 * @returns Signature if file exists, undefined otherwise
 */
export declare function loadSignature(filePath: string): string | undefined;
/**
 * Sign a configuration file
 * @param filePath - Path to file to sign
 * @param key - Signing key (optional, will be generated if not provided)
 * @returns Signature hex string
 */
export declare function signFile(filePath: string, key?: Buffer): string;
/**
 * Verify a configuration file's signature
 * @param filePath - Path to file to verify
 * @param key - Signing key (optional, will be generated if not provided)
 * @returns True if signature is valid, false if signature file doesn't exist
 * @throws Error if signature is invalid
 */
export declare function verifyFile(filePath: string, key?: Buffer): boolean;
/**
 * Check if a file has a signature
 * @param filePath - Path to file
 * @returns True if signature file exists
 */
export declare function hasSignature(filePath: string): boolean;
//# sourceMappingURL=fileSigning.d.ts.map