krendelhoff/hash-of-wisdom
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add challenge generator

Browse source
This commit is contained in:
Savely Krendelhoff 2025-08-22 17:44:31 +07:00
parent 2d7a2bfaa3
commit 19ebf54673
No known key found for this signature in database
GPG key ID: F70DFD34F40238DE
2 changed files with 63 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/IMPLEMENTATION.md
View file

@ -9,7 +9,7 @@
- [X] Set up testing framework and utilities
- [ ] **Challenge Generation & HMAC Security**
- [ ] Implement HMAC-signed challenge generation (stateless)
- [X] Implement HMAC-signed challenge generation (stateless)
- [ ] Create challenge authenticity verification
- [ ] Add timestamp validation for replay protection (5 minutes TTL)
- [ ] Implement canonical challenge field ordering for HMAC

62
internal/pow/generator.go Normal file
View file

@ -0,0 +1,62 @@
package pow
import (
"crypto/rand"
"time"
)
// Generator handles creation of PoW challenges with HMAC signing
type Generator struct {
config *Config
}
// GenerateOption represents a functional option for challenge generation
type generateOption func(*Challenge)
// WithDifficulty sets custom difficulty for the challenge
func WithDifficulty(difficulty int) generateOption {
return func(c *Challenge) {
c.Difficulty = difficulty
}
}
// NewGenerator creates a new challenge generator
func NewGenerator(config *Config) *Generator {
return &Generator{
config: config,
}
}
// GenerateChallenge creates a new HMAC-signed PoW challenge
func (g *Generator) GenerateChallenge(opts ...generateOption) (*Challenge, error) {
// Create challenge with defaults (no random data yet)
challenge := &Challenge{
Timestamp: time.Now().Unix(),
Difficulty: g.config.DefaultDifficulty,
Resource: g.config.Resource,
}
// Apply options
for _, opt := range opts {
opt(challenge)
}
// Validate difficulty bounds
if challenge.Difficulty < g.config.MinDifficulty || challenge.Difficulty > g.config.MaxDifficulty {
return nil, ErrInvalidDifficulty
}
// Generate cryptographic random data
challenge.Random = g.generateRandom(g.config.RandomBytes)
// Sign the challenge with HMAC
challenge.Sign(g.config.HMACSecret)
return challenge, nil
}
// generateRandom creates cryptographic random bytes
func (g *Generator) generateRandom(length int) []byte {
bytes := make([]byte, length)
rand.Read(bytes)
return bytes
}