Restructure refimpl into go-lang and python subdirectories

Move Go reference implementation to refimpl/go-lang/ and add new Python reference implementation in refimpl/python/. Update build.sh with renamed draft and simplified tool paths. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 23:11:55 +01:00
parent ff795c72e6
commit bbf557e54b
52 changed files with 3972 additions and 341 deletions
--- a/refimpl/python/ect/jti_cache.py
+++ b/refimpl/python/ect/jti_cache.py
@@ -0,0 +1,52 @@
+"""JTI replay cache for production verification."""
+
+from __future__ import annotations
+
+import threading
+import time
+from abc import ABC, abstractmethod
+
+
+class JTICache(ABC):
+    @abstractmethod
+    def seen(self, jti: str) -> bool:
+        pass
+
+    @abstractmethod
+    def add(self, jti: str) -> None:
+        pass
+
+
+class _MemoryJTICache(JTICache):
+    def __init__(self, max_size: int, ttl_sec: int) -> None:
+        self._max_size = max_size
+        self._ttl_sec = ttl_sec
+        self._by_jti: dict[str, float] = {}
+        self._lock = threading.RLock()
+
+    def seen(self, jti: str) -> bool:
+        with self._lock:
+            exp = self._by_jti.get(jti)
+            if exp is None:
+                return False
+            if time.time() > exp:
+                del self._by_jti[jti]
+                return False
+            return True
+
+    def add(self, jti: str) -> None:
+        with self._lock:
+            now = time.time()
+            for k, exp in list(self._by_jti.items()):
+                if now > exp:
+                    del self._by_jti[k]
+            if self._max_size > 0 and len(self._by_jti) >= self._max_size and jti not in self._by_jti:
+                # evict one
+                for k in self._by_jti:
+                    del self._by_jti[k]
+                    break
+            self._by_jti[jti] = now + self._ttl_sec
+
+
+def new_jti_cache(max_size: int, ttl_sec: int) -> JTICache:
+    return _MemoryJTICache(max_size, ttl_sec)