/**
 * @license
 * Copyright 2022-2026 Matter.js Authors
 * SPDX-License-Identifier: Apache-2.0
 */
import { Bytes } from "#util/Bytes.js";
import { MaybePromise } from "#util/Promises.js";
import { Crypto, HashAlgorithm } from "./Crypto.js";
import { EcdsaSignature } from "./EcdsaSignature.js";
import { PrivateKey, PublicKey } from "./Key.js";
/**
 * A crypto API implemented in the style of Node.js.
 *
 * This defines the limited subset of the Node API that we use and nothing more.
 */
export interface NodeJsCryptoApiLike {
    createCipheriv(algorithm: "aes-128-ccm", key: NodeJsCryptoApiLike.BinaryLike, iv: NodeJsCryptoApiLike.BinaryLike, options: NodeJsCryptoApiLike.CipherCcmOptions): NodeJsCryptoApiLike.CipherCcm;
    createDecipheriv(algorithm: "aes-128-ccm", key: NodeJsCryptoApiLike.BinaryLike, iv: NodeJsCryptoApiLike.BinaryLike, options: NodeJsCryptoApiLike.CipherCcmOptions): NodeJsCryptoApiLike.DecipherCcm;
    randomBytes(count: number): NodeJsCryptoApiLike.BinaryLike;
    createECDH(crv: string): NodeJsCryptoApiLike.Ecdh;
    createHash(algo: string): NodeJsCryptoApiLike.Hash;
    pbkdf2(password: NodeJsCryptoApiLike.BinaryLike, salt: NodeJsCryptoApiLike.BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: NodeJsCryptoApiLike.BinaryLike) => void): void;
    hkdf(digest: string, irm: NodeJsCryptoApiLike.BinaryLike, salt: NodeJsCryptoApiLike.BinaryLike, info: NodeJsCryptoApiLike.BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void;
    createHmac(algo: string, key: NodeJsCryptoApiLike.BinaryLike): NodeJsCryptoApiLike.Hash;
    createSign(algo: string): NodeJsCryptoApiLike.Sign;
    createVerify(algo: string): NodeJsCryptoApiLike.Verify;
}
export declare namespace NodeJsCryptoApiLike {
    type CipherKey = {
        key: any;
        format: "jwk";
        type: "pkcs8" | "spki";
        dsaEncoding: "ieee-p1363";
    };
    type BinaryLike = Uint8Array<ArrayBufferLike>;
    interface CipherCcmOptions {
        authTagLength: number;
    }
    interface CipherCcm {
        update(data: BinaryLike): BinaryLike;
        final(): BinaryLike;
        setAAD(buffer: BinaryLike, options: {
            plaintextLength: number;
        }): this;
        getAuthTag(): BinaryLike;
    }
    interface DecipherCcm {
        update(data: BinaryLike): BinaryLike;
        final(): BinaryLike;
        setAAD(buffer: BinaryLike, options: {
            plaintextLength: number;
        }): this;
        setAuthTag(data: BinaryLike): this;
    }
    interface Ecdh {
        generateKeys(): BinaryLike;
        getPublicKey(): BinaryLike;
        getPrivateKey(): BinaryLike;
        setPrivateKey(key: BinaryLike): void;
        computeSecret(data: BinaryLike): BinaryLike;
    }
    interface Hash {
        update(data: BinaryLike): this;
        digest(): BinaryLike;
    }
    interface Sign {
        update(data: BinaryLike): this;
        sign(key: CipherKey): Uint8Array<ArrayBuffer>;
    }
    interface Verify {
        update(data: BinaryLike): this;
        verify(key: CipherKey, signature: BinaryLike): boolean;
    }
}
/**
 * A crypto implementation that uses the Node.js crypto API.
 *
 * It is Node.js "style" because there are many packages that emulate the Node.js API.  As of now (mid-2025) these are
 * sometimes more mature than the available Web Crypto implementation.
 *
 * This module does not import the Node.js crypto implementation directly.  You must provide a crypto implementation to
 * use it.
 */
export declare class NodeJsStyleCrypto extends Crypto {
    #private;
    implementationName: string;
    constructor(crypto: NodeJsCryptoApiLike);
    encrypt(key: Bytes, data: Bytes, nonce: Bytes, aad?: Bytes): Bytes;
    decrypt(key: Bytes, encrypted: Bytes, nonce: Bytes, aad?: Bytes): Bytes;
    randomBytes(length: number): Bytes;
    ecdhGeneratePublicKey(): {
        publicKey: Bytes;
        ecdh: any;
    };
    ecdhGeneratePublicKeyAndSecret(peerPublicKey: Bytes): {
        publicKey: Bytes;
        sharedSecret: Bytes;
    };
    computeHash(data: Bytes | Bytes[] | ReadableStreamDefaultReader<Bytes> | AsyncIterator<Bytes>, algorithm?: HashAlgorithm): MaybePromise<Bytes>;
    createPbkdf2Key(secret: Bytes, salt: Bytes, iteration: number, keyLength: number): Promise<Bytes>;
    createHkdfKey(secret: Bytes, salt: Bytes, info: Bytes, length?: number): Promise<Bytes>;
    signHmac(key: Bytes, data: Bytes): Bytes;
    signEcdsa(privateKey: JsonWebKey, data: Bytes | Bytes[]): EcdsaSignature;
    verifyEcdsa(publicKey: JsonWebKey, data: Bytes, signature: EcdsaSignature): void;
    createKeyPair(): PrivateKey;
    generateDhSecret(key: PrivateKey, peerKey: PublicKey): Bytes;
}
//# sourceMappingURL=NodeJsStyleCrypto.d.ts.map