github/tlsn
1
1
Fork 0
mirror of https://github.com/tlsnotary/tlsn.git synced 2026-01-09 14:48:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(prover): client authentication (#916)

Browse Source
This commit is contained in:
dan
2025-06-17 14:02:14 +00:00
committed by GitHub
parent 6923ceefd3
commit 9d853eb496
13 changed files with 301 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
crates/examples/attestation/prove.rs
View File

@@ -19,8 +19,9 @@ use tlsn_common::config::ProtocolConfig;
use tlsn_core::{request::RequestConfig, transcript::TranscriptCommitConfig, CryptoProvider};
use tlsn_examples::ExampleType;
use tlsn_formats::http::{DefaultHttpCommitter, HttpCommit, HttpTranscript};
use tlsn_prover::{Prover, ProverConfig};
use tlsn_prover::{Prover, ProverConfig, TlsConfig};
use tlsn_server_fixture::DEFAULT_FIXTURE_PORT;
use tlsn_server_fixture_certs::{CLIENT_CERT, CLIENT_KEY};
// Setting of the application server.
const USER_AGENT: &str = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36";
@@ -105,8 +106,8 @@ async fn notarize(
};
// Set up protocol configuration for prover.
// Prover configuration.
let prover_config = ProverConfig::builder()
let mut prover_config_builder = ProverConfig::builder();
prover_config_builder
.server_name(SERVER_DOMAIN)
.protocol_config(
ProtocolConfig::builder()
@@ -117,8 +118,17 @@ async fn notarize(
.max_recv_data(tlsn_examples::MAX_RECV_DATA)
.build()?,
)
.crypto_provider(crypto_provider)
.build()?;
.crypto_provider(crypto_provider);
// (Optional) Set up TLS client authentication if required by the server.
prover_config_builder.tls_config(
TlsConfig::builder()
.client_auth_pem((vec![CLIENT_CERT.to_vec()], CLIENT_KEY.to_vec()))
.unwrap()
.build()?,
);
let prover_config = prover_config_builder.build()?;
// Create a new prover and perform necessary setup.
let prover = Prover::new(prover_config)

49
crates/examples/interactive/interactive.rs
View File

@@ -16,9 +16,9 @@ use tlsn_common::config::{ProtocolConfig, ProtocolConfigValidator};
use tlsn_core::{
transcript::PartialTranscript, CryptoProvider, ProveConfig, VerifierOutput, VerifyConfig,
};
use tlsn_prover::{Prover, ProverConfig};
use tlsn_prover::{Prover, ProverConfig, TlsConfig};
use tlsn_server_fixture::DEFAULT_FIXTURE_PORT;
use tlsn_server_fixture_certs::SERVER_DOMAIN;
use tlsn_server_fixture_certs::{CLIENT_CERT, CLIENT_KEY, SERVER_DOMAIN};
use tlsn_verifier::{Verifier, VerifierConfig};
const SECRET: &str = "TLSNotary's private key 🤡";
@@ -84,26 +84,37 @@ async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(
..Default::default()
};
// Set up protocol configuration for prover.
let mut prover_config_builder = ProverConfig::builder();
prover_config_builder
.server_name(server_domain)
.protocol_config(
ProtocolConfig::builder()
.max_sent_data(MAX_SENT_DATA)
.max_recv_data(MAX_RECV_DATA)
.build()
.unwrap(),
)
.crypto_provider(crypto_provider);
// (Optional) Set up TLS client authentication if required by the server.
prover_config_builder.tls_config(
TlsConfig::builder()
.client_auth_pem((vec![CLIENT_CERT.to_vec()], CLIENT_KEY.to_vec()))
.unwrap()
.build()
.unwrap(),
);
let prover_config = prover_config_builder.build().unwrap();
// Create prover and connect to verifier.
//
// Perform the setup phase with the verifier.
let prover = Prover::new(
ProverConfig::builder()
.server_name(server_domain)
.protocol_config(
ProtocolConfig::builder()
.max_sent_data(MAX_SENT_DATA)
.max_recv_data(MAX_RECV_DATA)
.build()
.unwrap(),
)
.crypto_provider(crypto_provider)
.build()
.unwrap(),
)
.setup(verifier_socket.compat())
.await
.unwrap();
let prover = Prover::new(prover_config)
.setup(verifier_socket.compat())
.await
.unwrap();
// Connect to TLS Server.
let tls_client_socket = tokio::net::TcpStream::connect(server_addr).await.unwrap();