import type { Base64String, StringMap } from '@naturalcycles/js-lib/types';
/**
 * Using aes-256-cbc.
 */
export declare function encryptRandomIVBuffer(input: Buffer, secretKeyBuffer: Buffer): Buffer;
/**
 * Using aes-256-cbc.
 */
export declare function decryptRandomIVBuffer(input: Buffer, secretKeyBuffer: Buffer): Buffer;
/**
 * Decrypts all object values (base64 strings).
 * Returns object with decrypted values (utf8 strings).
 */
export declare function decryptObject(obj: StringMap<Base64String>, secretKeyBuffer: Buffer): StringMap;
/**
 * Encrypts all object values (utf8 strings).
 * Returns object with encrypted values (base64 strings).
 */
export declare function encryptObject(obj: StringMap, secretKeyBuffer: Buffer): StringMap<Base64String>;
/**
 * Using aes-256-cbc.
 *
 * Input is base64 string.
 * Output is utf8 string.
 */
export declare function decryptString(str: Base64String, secretKeyBuffer: Buffer): string;
/**
 * Using aes-256-cbc.
 *
 * Input is utf8 string.
 * Output is base64 string.
 */
export declare function encryptString(str: string, secretKeyBuffer: Buffer): Base64String;
/**
 * Wraps `crypto.timingSafeEqual` and allows it to be used with String inputs:
 *
 * 1. Does length check first and short-circuits on length mismatch. Because `crypto.timingSafeEqual` only works with same-length inputs.
 *
 * Relevant read:
 * https://medium.com/nerd-for-tech/checking-api-key-without-shooting-yourself-in-the-foot-javascript-nodejs-f271e47bb428
 * https://codahale.com/a-lesson-in-timing-attacks/
 * https://github.com/suryagh/tsscmp/blob/master/lib/index.js
 *
 * Returns true if inputs are equal, false otherwise.
 */
export declare function timingSafeStringEqual(s1: string | undefined, s2: string | undefined): boolean;