challenge

package
v0.1.14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 20, 2026 License: MIT Imports: 4 Imported by: 0

Documentation

Overview

Package challenge provides secure challenge generation and validation for device attestation flows.

Challenges are cryptographically random tokens that must be signed by the device to prove the attestation was performed in response to a specific server request (prevents replay attacks).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	// Timeout is how long challenges remain valid (default: 5 minutes).
	Timeout time.Duration

	// CleanupInterval is how often expired challenges are removed (default: 1 minute).
	CleanupInterval time.Duration

	// ChallengeBytes is the number of random bytes in a challenge (default: 32).
	ChallengeBytes int
}

Config holds configuration for the challenge store.

type MemoryStore 

type MemoryStore struct {
	// contains filtered or unexported fields
}

MemoryStore is an in-memory implementation of Store. Suitable for single-instance deployments. For distributed systems, use a Redis or database-backed implementation.

func NewMemoryStore 

func NewMemoryStore(cfg Config) *MemoryStore

NewMemoryStore creates a new in-memory challenge store.

func (*MemoryStore) Close 

func (s *MemoryStore) Close()

Close stops the background cleanup goroutine.

func (*MemoryStore) Generate 

func (s *MemoryStore) Generate(identifier string) (string, error)

Generate creates a cryptographically secure random challenge.

func (*MemoryStore) Len 

func (s *MemoryStore) Len() int

Len returns the number of active challenges (for testing/monitoring).

func (*MemoryStore) Validate 

func (s *MemoryStore) Validate(identifier, challenge string) bool

Validate checks if the challenge matches and hasn't expired. The challenge is consumed only on successful validation.

type Store 

type Store interface {
	// Generate creates a new challenge for the given identifier.
	// The identifier is typically a user ID or session ID.
	Generate(identifier string) (string, error)

	// Validate checks if the challenge is valid and consumes it.
	// Returns true only if the challenge exists, matches, and hasn't expired.
	Validate(identifier, challenge string) bool

	// Close stops background cleanup routines.
	Close()
}

Store manages attestation challenges with automatic expiration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.