-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | TLS session manager with limitation, automatic pruning, energy saving
--   and replay resistance and session ticket manager
@package tls-session-manager
@version 0.0.8


-- | In-memory TLS 1.2/1.3 session manager.
--   
--   <ul>
--   <li>Limitation: you can set the maximum size of the session data
--   database.</li>
--   <li>Automatic pruning: old session data over their lifetime are pruned
--   automatically.</li>
--   <li>Energy saving: no dedicate pruning thread is running when the size
--   of session data database is zero.</li>
--   <li>Replay resistance: each session data is used at most once to
--   prevent replay attacks against 0RTT early data of TLS 1.3.</li>
--   </ul>
module Network.TLS.SessionManager

-- | Creating an in-memory session manager.
newSessionManager :: Config -> IO SessionManager

-- | Configuration for session managers.
data Config

-- | ticketLifetime: 2 hours (7200 seconds), pruningDelay: 10 minutes (600
--   seconds), dbMaxSize: 1000 entries.
defaultConfig :: Config

-- | Ticket lifetime in seconds.
ticketLifetime :: Config -> Int

-- | Pruning delay in seconds. This is set to <a>reaperDelay</a>.
pruningDelay :: Config -> Int

-- | The limit size of session data entries.
dbMaxSize :: Config -> Int
instance GHC.Classes.Eq Network.TLS.SessionManager.SessionDataCopy
instance GHC.Internal.Show.Show Network.TLS.SessionManager.SessionDataCopy


-- | A manager for TLS 1.2/1.3 session ticket.
--   
--   Tracking client hello is not implemented yet. So, if this is used for
--   TLS 1.3 0-RTT, replay attack is possible. If your application data in
--   0-RTT changes the status of server side, use <a>SessionManager</a>
--   instead.
--   
--   A dedicated thread is running repeatedly to replece secret keys. So,
--   energy saving is not achieved.
module Network.TLS.SessionTicket

-- | Creating a session ticket manager.
newSessionTicketManager :: Config -> IO SessionManager

-- | Configuration for session tickets.
data Config

-- | ticketLifetime: 2 hours (7200 seconds), secretKeyInterval: 30 minutes
--   (1800 seconds)
defaultConfig :: Config

-- | Ticket lifetime in seconds.
ticketLifetime :: Config -> Int
secretKeyInterval :: Config -> Int
