mirror of
https://github.com/tlsnotary/tlsn-js.git
synced 2026-04-02 03:00:18 -04:00
Updated interactive demo to tlsn dev
This commit is contained in:
@@ -8,25 +8,23 @@ async-tungstenite = { version = "0.25", features = ["tokio-runtime"] }
|
||||
futures = "0.3"
|
||||
http = "1.1"
|
||||
http-body-util = "0.1"
|
||||
hyper = {version = "1.1", features = ["client", "http1"]}
|
||||
hyper-util = {version = "0.1", features = ["full"]}
|
||||
hyper = { version = "1.1", features = ["client", "http1"] }
|
||||
hyper-util = { version = "0.1", features = ["full"] }
|
||||
regex = "1.10.3"
|
||||
tokio = {version = "1", features = [
|
||||
tokio = { version = "1", features = [
|
||||
"rt",
|
||||
"rt-multi-thread",
|
||||
"macros",
|
||||
"net",
|
||||
"io-std",
|
||||
"fs",
|
||||
]}
|
||||
] }
|
||||
tokio-util = { version = "0.7", features = ["compat"] }
|
||||
tracing = "0.1.40"
|
||||
tracing-subscriber = { version ="0.3.18", features = ["env-filter"] }
|
||||
tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
|
||||
uuid = { version = "1.4.1", features = ["v4", "fast-rng"] }
|
||||
ws_stream_tungstenite = { version = "0.13", features = ["tokio_io"] }
|
||||
|
||||
tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-core" }
|
||||
tlsn-prover = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-prover" }
|
||||
tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-common" }
|
||||
spansy = {git = "https://github.com/tlsnotary/tlsn-utils", package = "spansy", branch = "dev"}
|
||||
tlsn = { git = "https://github.com/tlsnotary/tlsn.git", branch = "dev" }
|
||||
spansy = { git = "https://github.com/tlsnotary/tlsn-utils", package = "spansy", branch = "dev" }
|
||||
rangeset = "0.2.0"
|
||||
|
||||
@@ -8,9 +8,11 @@ use spansy::{
|
||||
json::{self},
|
||||
Spanned,
|
||||
};
|
||||
use tlsn_common::config::ProtocolConfig;
|
||||
use tlsn_core::ProveConfig;
|
||||
use tlsn_prover::{Prover, ProverConfig};
|
||||
use tlsn::{
|
||||
config::ProtocolConfig,
|
||||
connection::{DnsName, ServerName},
|
||||
prover::{ProveConfig, ProveConfigBuilder, Prover, ProverConfig},
|
||||
};
|
||||
use tokio::io::{AsyncRead, AsyncWrite};
|
||||
use tokio_util::compat::{FuturesAsyncReadCompatExt, TokioAsyncReadCompatExt};
|
||||
use tracing::{debug, info};
|
||||
@@ -71,25 +73,27 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(verifier_soc
|
||||
let server_domain = uri.authority().unwrap().host();
|
||||
let server_port = uri.port_u16().unwrap_or(443);
|
||||
|
||||
// Create prover and connect to verifier.
|
||||
//
|
||||
// Set up protocol configuration for prover.
|
||||
let mut prover_config_builder = ProverConfig::builder();
|
||||
prover_config_builder
|
||||
.server_name(ServerName::Dns(server_domain.try_into().unwrap()))
|
||||
.protocol_config(
|
||||
ProtocolConfig::builder()
|
||||
.max_sent_data(MAX_SENT_DATA)
|
||||
.max_recv_data(MAX_RECV_DATA)
|
||||
.build()
|
||||
.unwrap(),
|
||||
);
|
||||
let prover_config = prover_config_builder.build().unwrap();
|
||||
// Create prover and connect to verifier.
|
||||
//
|
||||
// Perform the setup phase with the verifier.
|
||||
let prover = Prover::new(
|
||||
ProverConfig::builder()
|
||||
.server_name(server_domain)
|
||||
.protocol_config(
|
||||
ProtocolConfig::builder()
|
||||
.max_sent_data(MAX_SENT_DATA)
|
||||
.max_recv_data(MAX_RECV_DATA)
|
||||
.build()
|
||||
.unwrap(),
|
||||
)
|
||||
.build()
|
||||
.unwrap(),
|
||||
)
|
||||
.setup(verifier_socket.compat())
|
||||
.await
|
||||
.unwrap();
|
||||
let prover = Prover::new(prover_config)
|
||||
.setup(verifier_socket.compat())
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
// Connect to TLS Server.
|
||||
let tls_client_socket = tokio::net::TcpStream::connect((server_domain, server_port))
|
||||
@@ -132,7 +136,7 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(verifier_soc
|
||||
// Create proof for the Verifier.
|
||||
let mut prover = prover_task.await.unwrap().unwrap();
|
||||
|
||||
let mut builder: tlsn_core::ProveConfigBuilder<'_> = ProveConfig::builder(prover.transcript());
|
||||
let mut builder: ProveConfigBuilder<'_> = ProveConfig::builder(prover.transcript());
|
||||
|
||||
// Reveal the DNS name.
|
||||
builder.server_identity();
|
||||
|
||||
@@ -17,22 +17,22 @@ hyper = { version = "1.1", features = ["client", "http1", "server"] }
|
||||
hyper-util = { version = "0.1", features = ["full"] }
|
||||
serde = { version = "1.0.147", features = ["derive"] }
|
||||
sha1 = "0.10"
|
||||
tokio = {version = "1", features = [
|
||||
tokio = { version = "1", features = [
|
||||
"rt",
|
||||
"rt-multi-thread",
|
||||
"macros",
|
||||
"net",
|
||||
"io-std",
|
||||
"fs",
|
||||
]}
|
||||
] }
|
||||
tokio-util = { version = "0.7", features = ["compat"] }
|
||||
tower = { version = "0.4.12", features = ["make"] }
|
||||
tower-service = { version = "0.3" }
|
||||
tracing = "0.1.40"
|
||||
tracing-subscriber = { version ="0.3.18", features = ["env-filter"] }
|
||||
tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
|
||||
ws_stream_tungstenite = { version = "0.13", features = ["tokio_io"] }
|
||||
|
||||
tlsn-core = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-core" }
|
||||
tlsn-verifier = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-verifier" }
|
||||
tlsn-common = { git = "https://github.com/tlsnotary/tlsn.git", tag = "v0.1.0-alpha.12", package = "tlsn-common" }
|
||||
tlsn = { git = "https://github.com/tlsnotary/tlsn.git", branch = "dev" }
|
||||
rustls = "0.23"
|
||||
webpki-roots = "0.26"
|
||||
tower-util = "0.3.1"
|
||||
|
||||
@@ -12,9 +12,11 @@ use std::{
|
||||
net::{IpAddr, SocketAddr},
|
||||
sync::Arc,
|
||||
};
|
||||
use tlsn_common::config::ProtocolConfigValidator;
|
||||
use tlsn_core::{VerifierOutput, VerifyConfig};
|
||||
use tlsn_verifier::{Verifier, VerifierConfig};
|
||||
use tlsn::{
|
||||
config::{CertificateDer, ProtocolConfigValidator, RootCertStore},
|
||||
connection::ServerName,
|
||||
verifier::{Verifier, VerifierConfig, VerifierOutput, VerifyConfig},
|
||||
};
|
||||
|
||||
use tokio::{
|
||||
io::{AsyncRead, AsyncWrite},
|
||||
@@ -130,7 +132,15 @@ async fn verifier<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(
|
||||
.build()
|
||||
.unwrap();
|
||||
|
||||
let root_store = RootCertStore {
|
||||
roots: webpki_roots::TLS_SERVER_ROOTS
|
||||
.iter()
|
||||
.map(|ta| CertificateDer(ta.subject.as_ref().to_vec()))
|
||||
.collect(),
|
||||
};
|
||||
|
||||
let verifier_config = VerifierConfig::builder()
|
||||
.root_store(root_store)
|
||||
.protocol_config_validator(config_validator)
|
||||
.build()
|
||||
.unwrap();
|
||||
@@ -139,16 +149,16 @@ async fn verifier<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(
|
||||
// Receive authenticated data.
|
||||
debug!("Starting MPC-TLS verification...");
|
||||
|
||||
let verify_config = VerifyConfig::default();
|
||||
let VerifierOutput {
|
||||
server_name,
|
||||
transcript,
|
||||
..
|
||||
} = verifier
|
||||
.verify(socket.compat(), &verify_config)
|
||||
.verify(socket.compat(), &VerifyConfig::default())
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let server_name = server_name.expect("prover should have revealed server name");
|
||||
let transcript = transcript.expect("prover should have revealed transcript data");
|
||||
|
||||
// Check sent data: check host.
|
||||
@@ -170,13 +180,9 @@ async fn verifier<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(
|
||||
.ok_or_else(|| eyre!("Verification failed: missing data in received data"))?;
|
||||
|
||||
// Check Session info: server name.
|
||||
if let Some(server_name) = server_name {
|
||||
if server_name.as_str() != server_domain {
|
||||
return Err(eyre!("Verification failed: server name mismatches"));
|
||||
}
|
||||
} else {
|
||||
// TODO: https://github.com/tlsnotary/tlsn-js/issues/110
|
||||
// return Err(eyre!("Verification failed: server name is missing"));
|
||||
let ServerName::Dns(dns_name) = server_name;
|
||||
if dns_name.as_str() != server_domain {
|
||||
return Err(eyre!("Verification failed: server name mismatches"));
|
||||
}
|
||||
|
||||
let sent_string = bytes_to_redacted_string(&sent)?;
|
||||
|
||||
Reference in New Issue
Block a user