export { createEvidence, createLoginHello, createUserCredentials, extractLoginResult, extractServerHello, verifyServer };
import { type SRPConfig } from "../shared/crypto.js";
import type { AuthResult, ClientHello, CryptoKeyPair, CryptoSource, KeyPair, LoginEvidence, ServerHello, SignupCredentials } from "../shared/types.js";
/**
 * Creates user credentials for SRP6a signup process.
 * Generates salt, computes identity and secret, then calculates verifier.
 *
 * @param username - The username for the account
 * @param password - The password for the account
 * @param config - SRP configuration object
 * @returns Promise that resolves to signup credentials containing username, salt, and verifier
 *
 * @example
 * ```ts
 * const credentials = await createUserCredentials("user123", "password123", config);
 * console.log(credentials); // { username: "user123", salt: "...", verifier: "..." }
 * ```
 */
declare function createUserCredentials(username: string, password: string, config: SRPConfig): Promise<SignupCredentials>;
/**
 * Creates the initial client hello message for SRP6a login process.
 * Generates a key pair and returns both the hello message and the key pair.
 *
 * @param username - The username attempting to login
 * @param config - SRP configuration object
 * @returns Tuple containing [ClientHello message, KeyPair for the session]
 *
 * @example
 * ```ts
 * const [hello, keyPair] = createLoginHello("user123", config);
 * // Send hello to server, keep keyPair for evidence creation
 * ```
 */
declare function createLoginHello(username: string, config: SRPConfig): [ClientHello, KeyPair];
/**
 * Creates login evidence after receiving server hello response.
 * Computes client evidence and expected server evidence for mutual authentication.
 *
 * @param username - The username attempting to login
 * @param password - The password for authentication
 * @param salt - Salt value from server
 * @param server - Server's public key
 * @param pair - Client's key pair from login hello
 * @param config - SRP configuration object
 * @returns Promise that resolves to tuple containing [LoginEvidence, expected server evidence]
 * @throws Error if server's public key is invalid
 *
 * @example
 * ```ts
 * const [evidence, expected] = await createEvidence(
 *   "user123",
 *   "password123",
 *   serverSalt,
 *   serverPublicKey,
 *   clientKeyPair,
 *   config
 * );
 * ```
 */
declare function createEvidence(username: string, password: string, salt: CryptoSource, server: CryptoSource, pair: KeyPair | CryptoKeyPair, config: SRPConfig): Promise<[LoginEvidence, string]>;
/**
 * Verifies server evidence against expected value for mutual authentication.
 * Ensures that the server has knowledge of the shared secret by comparing evidence values.
 *
 * @param expected - The expected server evidence computed by client
 * @param evidence - The actual server evidence received from server
 * @returns True if server evidence matches expected value, false otherwise
 *
 * @example
 * ```ts
 * const isServerValid = verifyServer(expectedEvidence, serverEvidence);
 * if (!isServerValid) {
 *   throw new Error("Server authentication failed");
 * }
 * ```
 */
declare function verifyServer(expected: string, evidence: string): boolean;
/**
 * Extracts server hello information from HTTP response, if server used this library.
 * Parses the response and validates that it contains required salt and server properties.
 *
 * @param response - HTTP response from server hello endpoint
 * @returns Promise that resolves to ServerHello object containing salt and server public key
 * @throws Error if response is not OK, not JSON, or missing required properties
 *
 * @example
 * ```ts
 * const response = await fetch("/api/login/hello", { method: "POST", ... });
 * const { salt, server } = await extractServerHello(response);
 * ```
 */
declare function extractServerHello(response: Response): Promise<ServerHello>;
/**
 * Extracts login result from HTTP response after evidence submission, if server used this library.
 * Parses the response and validates that it contains required result and evidence properties.
 *
 * @param response - HTTP response from login evidence endpoint
 * @returns Promise that resolves to AuthResult object containing result status and server evidence
 * @throws Error if response is not OK, not JSON, or missing required properties
 *
 * @example
 * ```ts
 * const response = await fetch("/api/login/evidence", { method: "POST", ... });
 * const { result, evidence } = await extractLoginResult(response);
 * ```
 */
declare function extractLoginResult(response: Response): Promise<AuthResult>;
//# sourceMappingURL=main.d.ts.map