import { CookieSerializeOptions } from 'cookie-es';
/** Algorithm used for encryption and decryption. */
type EncryptionAlgorithm = 'aes-128-ctr' | 'aes-256-cbc';
/** Algorithm used for integrity verification. */
type IntegrityAlgorithm = 'sha256';
/**
 * Options for customizing the key derivation algorithm used to generate encryption and integrity verification keys as well as the algorithms and salt sizes used.
 */
type SealOptions = Readonly<{
    /** Encryption step options. */
    encryption: SealOptionsSub<EncryptionAlgorithm>;
    /** Integrity step options. */
    integrity: SealOptionsSub<IntegrityAlgorithm>;
    ttl: number;
    /** Number of seconds of permitted clock skew for incoming expirations. Defaults to 60 seconds. */
    timestampSkewSec: number;
    /**
     * Local clock time offset, expressed in number of milliseconds (positive or negative). Defaults to 0.
     */
    localtimeOffsetMsec: number;
}>;
/** `seal()` method options. */
type SealOptionsSub<TAlgorithm extends _Algorithm = _Algorithm> = Readonly<{
    /** The length of the salt (random buffer used to ensure that two identical objects will generate a different encrypted result). Defaults to 256. */
    saltBits: number;
    /** The algorithm used. Defaults to 'aes-256-cbc' for encryption and 'sha256' for integrity. */
    algorithm: TAlgorithm;
    /** The number of iterations used to derive a key from the password. Defaults to 1. */
    iterations: number;
    /** Minimum password size. Defaults to 32. */
    minPasswordlength: number;
}>;
/** Password secret string or buffer.*/
type SessionDataT = Record<string, any>;
export type SessionData<T extends SessionDataT = SessionDataT> = Partial<T>;
export interface Session<T extends SessionDataT = SessionDataT> {
    id: string;
    createdAt: number;
    data: SessionData<T>;
}
export type SessionUpdate<T extends SessionData = SessionData> = Partial<SessionData<T>> | ((oldData: SessionData<T>) => Partial<SessionData<T>> | undefined);
export interface SessionManager<T extends SessionDataT = SessionDataT> {
    readonly id: string | undefined;
    readonly data: SessionData<T>;
    update: (update: SessionUpdate<T>) => Promise<SessionManager<T>>;
    clear: () => Promise<SessionManager<T>>;
}
export interface SessionConfig {
    /** Private key used to encrypt session tokens */
    password: string;
    /** Session expiration time in seconds */
    maxAge?: number;
    /** default is 'start' */
    name?: string;
    /** Default is secure, httpOnly, / */
    cookie?: false | CookieSerializeOptions;
    /** Default is x-start-session / x-{name}-session */
    sessionHeader?: false | string;
    seal?: SealOptions;
    crypto?: Crypto;
    /** Default is Crypto.randomUUID */
    generateId?: () => string;
}
export {};