import { EDHOC, EdhocCredentialManager, EdhocCredentials } from './edhoc';
/**
 * Credential manager for CCS (CWT Claims Set) credentials identified by kid.
 *
 * Use `addOwnCredential()` to register the local party's credential (returned
 * by `fetch()`) and `addPeerCredential()` for each remote party whose
 * credentials should be accepted (matched during `verify()`).
 */
export declare class CCSCredentialManager implements EdhocCredentialManager {
    private ownCredential;
    private peerCredentials;
    /**
     * Register the local party's CCS credential.
     *
     * @param kid        - Key identifier (integer or Buffer)
     * @param ccsBytes   - Raw CBOR-encoded CCS map
     * @param publicKey  - Public key bytes (e.g. P-256 x-coordinate or x||y)
     * @param privateKey - Private key bytes
     */
    addOwnCredential(kid: number | Buffer, ccsBytes: Buffer, publicKey: Buffer, privateKey: Buffer): void;
    /**
     * Register a peer's CCS credential for verification.
     *
     * @param kid       - Key identifier (integer or Buffer)
     * @param ccsBytes  - Raw CBOR-encoded CCS map
     * @param publicKey - Public key bytes
     */
    addPeerCredential(kid: number | Buffer, ccsBytes: Buffer, publicKey: Buffer): void;
    /**
     * Return the local party's credentials for inclusion in an EDHOC message.
     */
    fetch(_edhoc: EDHOC): Promise<EdhocCredentials>;
    /**
     * Verify received peer credentials by looking up the kid value among
     * registered peer credentials.
     */
    verify(_edhoc: EDHOC, credentials: EdhocCredentials): Promise<EdhocCredentials>;
}
//# sourceMappingURL=ccs-credentials.d.ts.map