Skip to content

Commit

Permalink
Add correct server certificate and assert correct redactions
Browse files Browse the repository at this point in the history
  • Loading branch information
th4s committed Nov 8, 2023
1 parent f58dfee commit 1608645
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 7 deletions.
1 change: 1 addition & 0 deletions tlsn/tests-integration/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ tlsn-tls-core.workspace = true
tlsn-prover = { workspace = true, features = ["tracing"] }
tlsn-verifier = { workspace = true, features = ["tracing"] }
tlsn-server-fixture.workspace = true
tlsn-utils.workspace = true

p256 = { workspace = true, features = ["ecdsa"] }
hyper = { workspace = true, features = ["client", "http1"] }
Expand Down
35 changes: 28 additions & 7 deletions tlsn/tests-integration/tests/verify.rs
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
use futures::AsyncWriteExt;
use hyper::{body::to_bytes, Body, Request, StatusCode};
use tls_core::{anchors::RootCertStore, verify::WebPkiVerifier};
use tlsn_core::{proof::SessionInfo, Direction, RedactedTranscript};
use tlsn_prover::tls::{Prover, ProverConfig};
use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
use tlsn_verifier::tls::{Verifier, VerifierConfig};
use tokio::io::{AsyncRead, AsyncWrite};
use tokio_util::compat::{FuturesAsyncReadCompatExt, TokioAsyncReadCompatExt};
use tracing::instrument;
use utils::range::RangeSet;

#[tokio::test]
#[ignore]
Expand All @@ -15,7 +17,16 @@ async fn verify() {

let (socket_0, socket_1) = tokio::io::duplex(2 << 23);

let (_, (sent, received, session_info)) = tokio::join!(prover(socket_0), verifier(socket_1));
let (_, (sent, received, _session_info)) = tokio::join!(prover(socket_0), verifier(socket_1));

assert_eq!(sent.authed(), &RangeSet::from(0..sent.data().len() - 1));
assert_eq!(
sent.redacted(),
&RangeSet::from(sent.data().len() - 1..sent.data().len())
);

assert_eq!(received.authed(), &RangeSet::from(2..received.data().len()));
assert_eq!(received.redacted(), &RangeSet::from(0..2));
}

#[instrument(skip(notary_socket))]
Expand All @@ -24,7 +35,7 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socke

let server_task = tokio::spawn(tlsn_server_fixture::bind(server_socket.compat()));

let mut root_store = tls_core::anchors::RootCertStore::empty();
let mut root_store = RootCertStore::empty();
root_store
.add(&tls_core::key::Certificate(CA_CERT_DER.to_vec()))
.unwrap();
Expand Down Expand Up @@ -79,9 +90,9 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socke
let sent_transcript_len = prover.sent_transcript().data().len();
let recv_transcript_len = prover.recv_transcript().data().len();

// Reveal everything
prover.reveal(0..sent_transcript_len, Direction::Sent);
prover.reveal(0..recv_transcript_len, Direction::Received);
// Reveal parts of the transcript
prover.reveal(0..sent_transcript_len - 1, Direction::Sent);
prover.reveal(2..recv_transcript_len, Direction::Received);
prover.prove().await.unwrap();

prover.finalize().await.unwrap()
Expand All @@ -91,8 +102,18 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socke
async fn verifier<T: AsyncWrite + AsyncRead + Send + Sync + Unpin + 'static>(
socket: T,
) -> (RedactedTranscript, RedactedTranscript, SessionInfo) {
let verifier = Verifier::new(VerifierConfig::builder().id("test").build().unwrap());
let (sent, received, session_info) = verifier.verify(socket.compat()).await.unwrap();
let mut root_store = RootCertStore::empty();
root_store
.add(&tls_core::key::Certificate(CA_CERT_DER.to_vec()))
.unwrap();

let verifier_config = VerifierConfig::builder()
.id("test")
.cert_verifier(WebPkiVerifier::new(root_store, None))
.build()
.unwrap();
let verifier = Verifier::new(verifier_config);

let (sent, received, session_info) = verifier.verify(socket.compat()).await.unwrap();
(sent, received, session_info)
}

0 comments on commit 1608645

Please sign in to comment.