supreme-verifier/at.asitplus.attestation.supreme/InMemoryChallengeCache

InMemoryChallengeCache

class InMemoryChallengeCache(clock: <Error class: unknown class>, offset: <Error class: unknown class>) : ChallengeValidator(source)

Caches issued challenges in memory in a coroutine-safe way. Requires a clock and an offset. The AttestationVerifier passes Makoto's clock and the inverse of Makoto.verificationTimeOffset, since these two values are also encoded into issues challenges.

Constructors

Link copied to clipboard
constructor(clock: <Error class: unknown class>, offset: <Error class: unknown class>)

Functions

Link copied to clipboard
open suspend override fun store(challenge: <Error class: unknown class>)

The contract of this function is that it stores challenges regardless of their contents and performs no sanity checks. Reason: Strong cryptographic nonces are assumed, making collisions unrealistic

Link copied to clipboard
open suspend override fun validate(nonce: ByteArray): ChallengeValidationResult

The contract of this function is that it returns a ChallengeValidationResult.Success iff a single still valid challenge matching the passend nonce is found. In all other cases, it must return a ChallengeValidationResult.Failure. In addition, it should also remove all expired nonces, to keep stale nonces from inflating memory/storage.