go-mockid/vendor/git.rootprojects.org/root/hashcash/hashcash.go

package hashcash

import (
	"crypto/rand"
	"crypto/sha256"
	"encoding/base64"
	"encoding/binary"
	"errors"
	"strconv"
	"strings"
	"time"
)

// ErrParse is returned when fewer than 6 or more than 7 segments are split
var ErrParse = errors.New("could not split the hashcash parts")

// ErrInvalidTag is returned when the Hashcash version is unsupported
var ErrInvalidTag = errors.New("expected tag to be 'H'")

// ErrInvalidDifficulty is returned when the difficulty is outside of the acceptable range
var ErrInvalidDifficulty = errors.New("the number of bits of difficulty is too low or too high")

// ErrInvalidDate is returned when the date cannot be parsed as a positive int64
var ErrInvalidDate = errors.New("invalid date")

// ErrExpired is returned when the current time is past that of ExpiresAt
var ErrExpired = errors.New("expired hashcash")

// ErrInvalidSubject is returned when the subject is invalid or does not match that passed to Verify()
var ErrInvalidSubject = errors.New("the subject is invalid or rejected")

// ErrInvalidNonce is returned when the nonce
//var ErrInvalidNonce = errors.New("the nonce has been used or is invalid")

// ErrUnsupportedAlgorithm is returned when the given algorithm is not supported
var ErrUnsupportedAlgorithm = errors.New("the given algorithm is invalid or not supported")

// ErrInvalidSolution is returned when the given hashcash is not properly solved
var ErrInvalidSolution = errors.New("the given solution is not valid")

// MaxDifficulty is the upper bound for all Solve() operations
var MaxDifficulty = 26

// Sep is the separator character to use
var Sep = ":"

// no milliseconds
//var isoTS = "2006-01-02T15:04:05Z"

// Hashcash represents a parsed Hashcash string
type Hashcash struct {
	Tag        string    `json:"tag"`        // Always "H" for "HTTP"
	Difficulty int       `json:"difficulty"` // Number of "partial pre-image" (zero) bits in the hashed code
	ExpiresAt  time.Time `json:"exp"`        // The timestamp that the hashcash expires, as seconds since the Unix epoch
	Subject    string    `json:"sub"`        // Resource data string being transmitted, e.g., a domain or URL
	Nonce      string    `json:"nonce"`      // Unique string of random characters, encoded as url-safe base-64
	Alg        string    `json:"alg"`        // always SHA-256 for now
	Solution   string    `json:"solution"`   // Binary counter, encoded as url-safe base-64
}

// New returns a Hashcash with reasonable defaults
func New(h Hashcash) *Hashcash {
	h.Tag = "H"

	if 0 == h.Difficulty {
		// safe for WebCrypto
		h.Difficulty = 10
	}

	if h.ExpiresAt.IsZero() {
		h.ExpiresAt = time.Now().Add(5 * time.Minute)
	}
	h.ExpiresAt = h.ExpiresAt.UTC().Truncate(time.Second)

	if "" == h.Subject {
		h.Subject = "*"
	}

	if "" == h.Nonce {
		nonce := make([]byte, 16)
		if _, err := rand.Read(nonce); nil != err {
			panic(err)
			return nil
		}
		h.Nonce = base64.RawURLEncoding.EncodeToString(nonce)
	}

	if "" == h.Alg {
		h.Alg = "SHA-256"
	}
	/*
		if "SHA-256" != h.Alg {
			// TODO error
		}
	*/

	return &h
}

// Parse will (obviously) parse the hashcash string, without verifying any
// of the parameters.
func Parse(hc string) (*Hashcash, error) {
	parts := strings.Split(hc, Sep)
	n := len(parts)
	if n < 6 || n > 7 {
		return nil, ErrParse
	}

	tag := parts[0]
	if "H" != tag {
		return nil, ErrInvalidTag
	}

	bits, err := strconv.Atoi(parts[1])
	if nil != err || bits < 0 {
		return nil, ErrInvalidDifficulty
	}

	// Allow empty ExpiresAt
	var exp time.Time
	if "" != parts[2] {
		expAt, err := strconv.ParseInt(parts[2], 10, 64)
		if nil != err || expAt < 0 {
			return nil, ErrInvalidDate
		}
		exp = time.Unix(int64(expAt), 0).UTC()
	}

	/*
		exp, err := time.ParseInLocation(isoTS, parts[2], time.UTC)
		if nil != err {
			return nil, ErrInvalidDate
		}
	*/

	sub := parts[3]

	nonce := parts[4]

	alg := parts[5]

	var solution string
	if n > 6 {
		solution = parts[6]
	}

	h := &Hashcash{
		Tag:        tag,
		Difficulty: bits,
		ExpiresAt:  exp.UTC().Truncate(time.Second),
		Subject:    sub,
		Nonce:      nonce,
		Alg:        alg,
		Solution:   solution,
	}

	return h, nil
}

// String will return the formatted Hashcash, omitting the solution if it has not be solved.
func (h *Hashcash) String() string {
	var solution string
	if "" != h.Solution {
		solution = Sep + h.Solution
	}

	var expAt string
	if !h.ExpiresAt.IsZero() {
		expAt = strconv.FormatInt(h.ExpiresAt.UTC().Truncate(time.Second).Unix(), 10)
	}
	return strings.Join(
		[]string{
			"H",
			strconv.Itoa(h.Difficulty),
			//h.ExpiresAt.UTC().Format(isoTS),
			expAt,
			h.Subject,
			h.Nonce,
			h.Alg,
		},
		Sep,
	) + solution
}

// Verify the Hashcash based on Difficulty, Algorithm, ExpiresAt, Subject and,
// of course, the Solution and hash.
func (h *Hashcash) Verify(subject string) error {
	if h.Difficulty < 0 {
		return ErrInvalidDifficulty
	}

	if "SHA-256" != h.Alg {
		return ErrUnsupportedAlgorithm
	}

	if !h.ExpiresAt.IsZero() && h.ExpiresAt.Sub(time.Now()) < 0 {
		return ErrExpired
	}

	if subject != h.Subject {
		return ErrInvalidSubject
	}

	bits := h.Difficulty
	hash := sha256.Sum256([]byte(h.String()))
	n := bits / 8 // 10 / 8 = 1
	m := bits % 8 // 10 % 8 = 2
	if m > 0 {
		n++ // 10 bits = 2 bytes
	}

	if !verifyBits(hash[:n], bits, n) {
		return ErrInvalidSolution
	}
	return nil
}

func verifyBits(hash []byte, bits, n int) bool {
	for i := 0; i < n; i++ {
		if bits > 8 {
			bits -= 8
			if 0 != hash[i] {
				return false
			}
			continue
		}

		// (bits % 8) == bits
		pad := 8 - bits
		if 0 != hash[i]>>pad {
			return false
		}

		return true
	}

	// 0 == bits
	return true
}

// Solve will search for a solution, returning an error if the difficulty is
// above the local or global MaxDifficulty, the Algorithm is unsupported.
func (h *Hashcash) Solve(maxDifficulty int) error {
	if "SHA-256" != h.Alg {
		return ErrUnsupportedAlgorithm
	}

	if h.Difficulty < 0 {
		return ErrInvalidDifficulty
	}

	if h.Difficulty > maxDifficulty || h.Difficulty > MaxDifficulty {
		return ErrInvalidDifficulty
	}

	if "" != h.Solution {
		if nil == h.Verify(h.Subject) {
			return nil
		}
		h.Solution = ""
	}

	hashcash := h.String()
	bits := h.Difficulty
	n := bits / 8 // 10 / 8 = 1
	m := bits % 8 // 10 % 8 = 2
	if m > 0 {
		n++ // 10 bits = 2 bytes
	}

	var solution uint32 = 0
	sb := make([]byte, 4)
	for {
		// Note: it's not actually important what method of change or encoding is used
		// but incrementing by 1 on an int32 is good enough, and makes for a small base64 encoding
		binary.LittleEndian.PutUint32(sb, solution)
		h.Solution = base64.RawURLEncoding.EncodeToString(sb)
		hash := sha256.Sum256([]byte(hashcash + Sep + h.Solution))
		if verifyBits(hash[:n], bits, n) {
			return nil
		}
		solution++
	}
}
wip: ready new-account for email and google verification 2020-08-17 23:14:09 +00:00			`package hashcash`

			`import (`
			`"crypto/rand"`
			`"crypto/sha256"`
			`"encoding/base64"`
			`"encoding/binary"`
			`"errors"`
			`"strconv"`
			`"strings"`
			`"time"`
			`)`

			`// ErrParse is returned when fewer than 6 or more than 7 segments are split`
			`var ErrParse = errors.New("could not split the hashcash parts")`

			`// ErrInvalidTag is returned when the Hashcash version is unsupported`
			`var ErrInvalidTag = errors.New("expected tag to be 'H'")`

			`// ErrInvalidDifficulty is returned when the difficulty is outside of the acceptable range`
			`var ErrInvalidDifficulty = errors.New("the number of bits of difficulty is too low or too high")`

			`// ErrInvalidDate is returned when the date cannot be parsed as a positive int64`
			`var ErrInvalidDate = errors.New("invalid date")`

			`// ErrExpired is returned when the current time is past that of ExpiresAt`
			`var ErrExpired = errors.New("expired hashcash")`

			`// ErrInvalidSubject is returned when the subject is invalid or does not match that passed to Verify()`
			`var ErrInvalidSubject = errors.New("the subject is invalid or rejected")`

			`// ErrInvalidNonce is returned when the nonce`
			`//var ErrInvalidNonce = errors.New("the nonce has been used or is invalid")`

			`// ErrUnsupportedAlgorithm is returned when the given algorithm is not supported`
			`var ErrUnsupportedAlgorithm = errors.New("the given algorithm is invalid or not supported")`

			`// ErrInvalidSolution is returned when the given hashcash is not properly solved`
			`var ErrInvalidSolution = errors.New("the given solution is not valid")`

			`// MaxDifficulty is the upper bound for all Solve() operations`
			`var MaxDifficulty = 26`

			`// Sep is the separator character to use`
			`var Sep = ":"`

			`// no milliseconds`
			`//var isoTS = "2006-01-02T15:04:05Z"`

			`// Hashcash represents a parsed Hashcash string`
			`type Hashcash struct {`
			Tag string `json:"tag"` // Always "H" for "HTTP"
			Difficulty int `json:"difficulty"` // Number of "partial pre-image" (zero) bits in the hashed code
			ExpiresAt time.Time `json:"exp"` // The timestamp that the hashcash expires, as seconds since the Unix epoch
			Subject string `json:"sub"` // Resource data string being transmitted, e.g., a domain or URL
			Nonce string `json:"nonce"` // Unique string of random characters, encoded as url-safe base-64
			Alg string `json:"alg"` // always SHA-256 for now
			Solution string `json:"solution"` // Binary counter, encoded as url-safe base-64
			`}`

			`// New returns a Hashcash with reasonable defaults`
			`func New(h Hashcash) *Hashcash {`
			`h.Tag = "H"`

			`if 0 == h.Difficulty {`
			`// safe for WebCrypto`
			`h.Difficulty = 10`
			`}`

			`if h.ExpiresAt.IsZero() {`
			`h.ExpiresAt = time.Now().Add(5 * time.Minute)`
			`}`
			`h.ExpiresAt = h.ExpiresAt.UTC().Truncate(time.Second)`

			`if "" == h.Subject {`
			`h.Subject = "*"`
			`}`

			`if "" == h.Nonce {`
			`nonce := make([]byte, 16)`
			`if _, err := rand.Read(nonce); nil != err {`
			`panic(err)`
			`return nil`
			`}`
			`h.Nonce = base64.RawURLEncoding.EncodeToString(nonce)`
			`}`

			`if "" == h.Alg {`
			`h.Alg = "SHA-256"`
			`}`
			`/*`
			`if "SHA-256" != h.Alg {`
			`// TODO error`
			`}`
			`*/`

			`return &h`
			`}`

			`// Parse will (obviously) parse the hashcash string, without verifying any`
			`// of the parameters.`
			`func Parse(hc string) (*Hashcash, error) {`
			`parts := strings.Split(hc, Sep)`
			`n := len(parts)`
			`if n < 6 \|\| n > 7 {`
			`return nil, ErrParse`
			`}`

			`tag := parts[0]`
			`if "H" != tag {`
			`return nil, ErrInvalidTag`
			`}`

			`bits, err := strconv.Atoi(parts[1])`
			`if nil != err \|\| bits < 0 {`
			`return nil, ErrInvalidDifficulty`
			`}`

			`// Allow empty ExpiresAt`
			`var exp time.Time`
			`if "" != parts[2] {`
			`expAt, err := strconv.ParseInt(parts[2], 10, 64)`
			`if nil != err \|\| expAt < 0 {`
			`return nil, ErrInvalidDate`
			`}`
			`exp = time.Unix(int64(expAt), 0).UTC()`
			`}`

			`/*`
			`exp, err := time.ParseInLocation(isoTS, parts[2], time.UTC)`
			`if nil != err {`
			`return nil, ErrInvalidDate`
			`}`
			`*/`

			`sub := parts[3]`

			`nonce := parts[4]`

			`alg := parts[5]`

			`var solution string`
			`if n > 6 {`
			`solution = parts[6]`
			`}`

			`h := &Hashcash{`
			`Tag: tag,`
			`Difficulty: bits,`
			`ExpiresAt: exp.UTC().Truncate(time.Second),`
			`Subject: sub,`
			`Nonce: nonce,`
			`Alg: alg,`
			`Solution: solution,`
			`}`

			`return h, nil`
			`}`

			`// String will return the formatted Hashcash, omitting the solution if it has not be solved.`
			`func (h *Hashcash) String() string {`
			`var solution string`
			`if "" != h.Solution {`
			`solution = Sep + h.Solution`
			`}`

			`var expAt string`
			`if !h.ExpiresAt.IsZero() {`
			`expAt = strconv.FormatInt(h.ExpiresAt.UTC().Truncate(time.Second).Unix(), 10)`
			`}`
			`return strings.Join(`
			`[]string{`
			`"H",`
			`strconv.Itoa(h.Difficulty),`
			`//h.ExpiresAt.UTC().Format(isoTS),`
			`expAt,`
			`h.Subject,`
			`h.Nonce,`
			`h.Alg,`
			`},`
			`Sep,`
			`) + solution`
			`}`

			`// Verify the Hashcash based on Difficulty, Algorithm, ExpiresAt, Subject and,`
			`// of course, the Solution and hash.`
			`func (h *Hashcash) Verify(subject string) error {`
			`if h.Difficulty < 0 {`
			`return ErrInvalidDifficulty`
			`}`

			`if "SHA-256" != h.Alg {`
			`return ErrUnsupportedAlgorithm`
			`}`

			`if !h.ExpiresAt.IsZero() && h.ExpiresAt.Sub(time.Now()) < 0 {`
			`return ErrExpired`
			`}`

			`if subject != h.Subject {`
			`return ErrInvalidSubject`
			`}`

			`bits := h.Difficulty`
			`hash := sha256.Sum256([]byte(h.String()))`
			`n := bits / 8 // 10 / 8 = 1`
			`m := bits % 8 // 10 % 8 = 2`
			`if m > 0 {`
			`n++ // 10 bits = 2 bytes`
			`}`

			`if !verifyBits(hash[:n], bits, n) {`
			`return ErrInvalidSolution`
			`}`
			`return nil`
			`}`

			`func verifyBits(hash []byte, bits, n int) bool {`
			`for i := 0; i < n; i++ {`
			`if bits > 8 {`
			`bits -= 8`
			`if 0 != hash[i] {`
			`return false`
			`}`
			`continue`
			`}`

			`// (bits % 8) == bits`
			`pad := 8 - bits`
			`if 0 != hash[i]>>pad {`
			`return false`
			`}`

			`return true`
			`}`

			`// 0 == bits`
			`return true`
			`}`

			`// Solve will search for a solution, returning an error if the difficulty is`
			`// above the local or global MaxDifficulty, the Algorithm is unsupported.`
			`func (h *Hashcash) Solve(maxDifficulty int) error {`
			`if "SHA-256" != h.Alg {`
			`return ErrUnsupportedAlgorithm`
			`}`

			`if h.Difficulty < 0 {`
			`return ErrInvalidDifficulty`
			`}`

			`if h.Difficulty > maxDifficulty \|\| h.Difficulty > MaxDifficulty {`
			`return ErrInvalidDifficulty`
			`}`

			`if "" != h.Solution {`
			`if nil == h.Verify(h.Subject) {`
			`return nil`
			`}`
			`h.Solution = ""`
			`}`

			`hashcash := h.String()`
			`bits := h.Difficulty`
			`n := bits / 8 // 10 / 8 = 1`
			`m := bits % 8 // 10 % 8 = 2`
			`if m > 0 {`
			`n++ // 10 bits = 2 bytes`
			`}`

			`var solution uint32 = 0`
			`sb := make([]byte, 4)`
			`for {`
			`// Note: it's not actually important what method of change or encoding is used`
			`// but incrementing by 1 on an int32 is good enough, and makes for a small base64 encoding`
			`binary.LittleEndian.PutUint32(sb, solution)`
			`h.Solution = base64.RawURLEncoding.EncodeToString(sb)`
			`hash := sha256.Sum256([]byte(hashcash + Sep + h.Solution))`
			`if verifyBits(hash[:n], bits, n) {`
			`return nil`
			`}`
			`solution++`
			`}`
			`}`