/**
 * @file stun-message.ts
 * @description STUN message codec for ICE connectivity checks (RFC 5389 / 8445).
 * @module ice/stun-message
 *
 * Unlike the server-oriented stun-client.js (binding/allocate), this builds and
 * validates the connectivity-check messages browsers require: USERNAME,
 * MESSAGE-INTEGRITY (HMAC-SHA1 keyed by the peer's ice-pwd), FINGERPRINT
 * (CRC-32 of the message Xored with 0x5354554e), PRIORITY, ICE-CONTROLLING/
 * ICE-CONTROLLED, and USE-CANDIDATE.
 */
export declare const MAGIC_COOKIE = 554869826;
export declare const METHOD: Readonly<{
    BINDING: 1;
}>;
export declare const CLASS: Readonly<{
    REQUEST: 0;
    INDICATION: 16;
    SUCCESS: 256;
    ERROR: 272;
}>;
export declare const MSG_TYPE: Readonly<{
    BINDING_REQUEST: 1;
    BINDING_SUCCESS: 257;
    BINDING_ERROR: 273;
}>;
export declare const ATTR: Readonly<{
    MAPPED_ADDRESS: 1;
    USERNAME: 6;
    MESSAGE_INTEGRITY: 8;
    ERROR_CODE: 9;
    XOR_MAPPED_ADDRESS: 32;
    PRIORITY: 36;
    USE_CANDIDATE: 37;
    FINGERPRINT: 32808;
    ICE_CONTROLLED: 32809;
    ICE_CONTROLLING: 32810;
}>;
/** A single STUN attribute pending serialization. */
interface StunAttribute {
    type: number;
    value: Buffer;
}
/** Shape of a parsed STUN message. */
export interface ParsedStunMessage {
    type: number;
    transactionId: Buffer;
    attrs: Map<number, Buffer>;
    raw: Buffer;
}
export declare function crc32(buf: Buffer): number;
/**
 * @class StunMessageBuilder
 * @description Incrementally builds a STUN message, then appends
 * MESSAGE-INTEGRITY and FINGERPRINT with the correct length pre-computation.
 */
export declare class StunMessageBuilder {
    #private;
    type: number;
    transactionId: Buffer;
    attrs: StunAttribute[];
    constructor(type: number, transactionId?: Buffer);
    addAttr(type: number, value: Buffer): this;
    addUsername(username: string): this;
    addPriority(priority: number): this;
    addIceControlling(tieBreaker: Buffer): this;
    addIceControlled(tieBreaker: Buffer): this;
    addUseCandidate(): this;
    addXorMappedAddress(address: string, port: number): this;
    /**
     * Finalize the message, appending MESSAGE-INTEGRITY (keyed by `password`)
     * and FINGERPRINT. Both require the header length to include the attribute
     * being computed, per RFC 5389 §15.4 / §15.5.
     * @param {string} [password] - ICE password for MESSAGE-INTEGRITY
     * @returns {Buffer}
     */
    build(password?: string): Buffer;
}
/**
 * Parse a STUN message. Returns null if not a STUN message.
 * @param {Buffer} msg
 * @returns {null|{type:number,transactionId:Buffer,attrs:Map<number,Buffer>,raw:Buffer}}
 */
export declare function parse(msg: Buffer): ParsedStunMessage | null;
/**
 * Verify the MESSAGE-INTEGRITY of a parsed message against a password.
 * @param {Buffer} msg - raw message
 * @param {string} password
 * @returns {boolean}
 */
export declare function verifyIntegrity(msg: Buffer, password: string): boolean;
export {};