refactor: modularize server-fixture (#563)

* refactor: modularize server-fixture

* small fixes

* Update crates/server-fixture/server/Cargo.toml

add newline

Co-authored-by: sinu.eth <65924192+sinui0@users.noreply.github.com>

---------

Co-authored-by: Ubuntu <ubuntu@ip-10-35-1-161.eu-central-1.compute.internal>
Co-authored-by: sinu.eth <65924192+sinui0@users.noreply.github.com>

Cargo.toml

@@ -16,7 +16,8 @@ members = [
     "crates/notary/server",
     "crates/notary/tests-integration",
     "crates/prover",
-    "crates/server-fixture",
+    "crates/server-fixture/certs",
+    "crates/server-fixture/server",
     "crates/tests-integration",
     "crates/tls/backend",
     "crates/tls/client",
@@ -47,7 +48,8 @@ tlsn-hmac-sha256 = { path = "crates/components/hmac-sha256" }
 tlsn-hmac-sha256-circuits = { path = "crates/components/hmac-sha256-circuits" }
 tlsn-key-exchange = { path = "crates/components/key-exchange" }
 tlsn-prover = { path = "crates/prover" }
-tlsn-server-fixture = { path = "crates/server-fixture" }
+tlsn-server-fixture = { path = "crates/server-fixture/server" }
+tlsn-server-fixture-certs = { path = "crates/server-fixture/certs" }
 tlsn-stream-cipher = { path = "crates/components/stream-cipher" }
 tlsn-tls-backend = { path = "crates/tls/backend" }
 tlsn-tls-client = { path = "crates/tls/client" }

crates/benches/Cargo.toml

@@ -14,6 +14,7 @@ tlsn-common = { workspace = true }
 tlsn-core = { workspace = true }
 tlsn-prover = { workspace = true }
 tlsn-server-fixture = { workspace = true }
+tlsn-server-fixture-certs = { workspace = true }
 tlsn-tls-core = { workspace = true }
 tlsn-verifier = { workspace = true }
 tokio = { workspace = true, features = [

crates/benches/bin/prover.rs

@@ -17,7 +17,8 @@ use tlsn_benches::{
 
 use tlsn_common::config::ProtocolConfig;
 use tlsn_core::Direction;
-use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
+use tlsn_server_fixture::bind;
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
 use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::{
     compat::TokioAsyncReadCompatExt,
@@ -112,7 +113,7 @@ async fn run_instance<S: AsyncWrite + AsyncRead + Send + Sync + Unpin + 'static>
     set_interface(PROVER_INTERFACE, upload, 1, upload_delay)?;
 
     let (client_conn, server_conn) = tokio::io::duplex(2 << 16);
-    tokio::spawn(tlsn_server_fixture::bind(server_conn.compat()));
+    tokio::spawn(bind(server_conn.compat()));
 
     let start_time = Instant::now();
 

crates/benches/bin/verifier.rs

@@ -1,16 +1,16 @@
 use anyhow::Context;
+use tokio::io::{AsyncRead, AsyncWrite};
+use tokio_util::compat::TokioAsyncReadCompatExt;
+use tracing_subscriber::{fmt::format::FmtSpan, EnvFilter};
+
 use tls_core::verify::WebPkiVerifier;
 use tlsn_benches::{
     config::{BenchInstance, Config},
     set_interface, VERIFIER_INTERFACE,
 };
 use tlsn_common::config::ProtocolConfigValidator;
-use tlsn_server_fixture::CA_CERT_DER;
-use tokio::io::{AsyncRead, AsyncWrite};
-use tokio_util::compat::TokioAsyncReadCompatExt;
-
+use tlsn_server_fixture_certs::CA_CERT_DER;
 use tlsn_verifier::tls::{Verifier, VerifierConfig};
-use tracing_subscriber::{fmt::format::FmtSpan, EnvFilter};
 
 #[tokio::main]
 async fn main() -> anyhow::Result<()> {

crates/server-fixture/certs/Cargo.toml

@@ -0,0 +1,4 @@
+[package]
+name = "tlsn-server-fixture-certs"
+version = "0.1.0"
+edition = "2021"

crates/server-fixture/certs/src/lib.rs

@@ -0,0 +1,8 @@
+/// A certificate authority certificate fixture.
+pub static CA_CERT_DER: &[u8] = include_bytes!("tls/root_ca_cert.der");
+/// A server certificate (domain=test-server.io) fixture.
+pub static SERVER_CERT_DER: &[u8] = include_bytes!("tls/test_server_cert.der");
+/// A server private key fixture.
+pub static SERVER_KEY_DER: &[u8] = include_bytes!("tls/test_server_private_key.der");
+/// The domain name bound to the server certificate.
+pub static SERVER_DOMAIN: &str = "test-server.io";

crates/server-fixture/server/Cargo.toml

@@ -14,6 +14,8 @@ tokio = { workspace = true, features = ["macros", "rt-multi-thread"] }
 tokio-util = { workspace = true, features = ["compat", "io"] }
 tower-service = { version = "0.3" }
 
+tlsn-server-fixture-certs = { workspace = true }
+
 [[bin]]
 name = "main"
 path = "src/main.rs"

crates/server-fixture/server/src/lib.rs

@@ -25,14 +25,7 @@ use hyper_util::rt::TokioIo;
 use tokio_util::compat::FuturesAsyncReadCompatExt;
 use tower_service::Service;
 
-/// A certificate authority certificate fixture.
-pub static CA_CERT_DER: &[u8] = include_bytes!("tls/root_ca_cert.der");
-/// A server certificate (domain=test-server.io) fixture.
-pub static SERVER_CERT_DER: &[u8] = include_bytes!("tls/test_server_cert.der");
-/// A server private key fixture.
-pub static SERVER_KEY_DER: &[u8] = include_bytes!("tls/test_server_private_key.der");
-/// The domain name bound to the server certificate.
-pub static SERVER_DOMAIN: &str = "test-server.io";
+use tlsn_server_fixture_certs::*;
 
 struct AppState {
     shutdown: Option<oneshot::Sender<()>>,

crates/tests-integration/Cargo.toml

@@ -8,6 +8,7 @@ publish = false
 tlsn-core = { workspace = true }
 tlsn-prover = { workspace = true }
 tlsn-server-fixture = { workspace = true }
+tlsn-server-fixture-certs = { workspace = true }
 tlsn-tls-core = { workspace = true }
 tlsn-utils = { workspace = true }
 tlsn-verifier = { workspace = true }

crates/tests-integration/tests/defer_decryption.rs

@@ -1,7 +1,9 @@
-use futures::{AsyncReadExt, AsyncWriteExt};
 use tlsn_prover::tls::{Prover, ProverConfig};
-use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
+use tlsn_server_fixture::bind;
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
 use tlsn_verifier::tls::{Verifier, VerifierConfig};
+
+use futures::{AsyncReadExt, AsyncWriteExt};
 use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::compat::TokioAsyncReadCompatExt;
 use tracing::instrument;
@@ -20,7 +22,7 @@ async fn test_defer_decryption() {
 async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socket: T) {
     let (client_socket, server_socket) = tokio::io::duplex(2 << 16);
 
-    let server_task = tokio::spawn(tlsn_server_fixture::bind(server_socket.compat()));
+    let server_task = tokio::spawn(bind(server_socket.compat()));
 
     let mut root_store = tls_core::anchors::RootCertStore::empty();
     root_store

crates/tests-integration/tests/notarize.rs

@@ -1,9 +1,11 @@
+use tlsn_prover::tls::{Prover, ProverConfig};
+use tlsn_server_fixture::bind;
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
+use tlsn_verifier::tls::{Verifier, VerifierConfig};
+
 use http_body_util::{BodyExt as _, Empty};
 use hyper::{body::Bytes, Request, StatusCode};
 use hyper_util::rt::TokioIo;
-use tlsn_prover::tls::{Prover, ProverConfig};
-use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
-use tlsn_verifier::tls::{Verifier, VerifierConfig};
 use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::compat::{FuturesAsyncReadCompatExt, TokioAsyncReadCompatExt};
 use tracing::instrument;
@@ -22,7 +24,7 @@ async fn notarize() {
 async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socket: T) {
     let (client_socket, server_socket) = tokio::io::duplex(2 << 16);
 
-    let server_task = tokio::spawn(tlsn_server_fixture::bind(server_socket.compat()));
+    let server_task = tokio::spawn(bind(server_socket.compat()));
 
     let mut root_store = tls_core::anchors::RootCertStore::empty();
     root_store

crates/tests-integration/tests/verify.rs

@@ -1,11 +1,13 @@
-use http_body_util::{BodyExt as _, Empty};
-use hyper::{body::Bytes, Request, StatusCode};
-use hyper_util::rt::TokioIo;
 use tls_core::{anchors::RootCertStore, verify::WebPkiVerifier};
 use tlsn_core::{proof::SessionInfo, Direction, RedactedTranscript};
 use tlsn_prover::tls::{Prover, ProverConfig};
-use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
+use tlsn_server_fixture::bind;
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
 use tlsn_verifier::tls::{Verifier, VerifierConfig};
+
+use http_body_util::{BodyExt as _, Empty};
+use hyper::{body::Bytes, Request, StatusCode};
+use hyper_util::rt::TokioIo;
 use tokio::io::{AsyncRead, AsyncWrite};
 use tokio_util::compat::{FuturesAsyncReadCompatExt, TokioAsyncReadCompatExt};
 use tracing::instrument;
@@ -34,7 +36,7 @@ async fn verify() {
 async fn prover<T: AsyncWrite + AsyncRead + Send + Unpin + 'static>(notary_socket: T) {
     let (client_socket, server_socket) = tokio::io::duplex(1 << 16);
 
-    let server_task = tokio::spawn(tlsn_server_fixture::bind(server_socket.compat()));
+    let server_task = tokio::spawn(bind(server_socket.compat()));
 
     let mut root_store = RootCertStore::empty();
     root_store

crates/wasm-test-runner/Cargo.toml

@@ -9,6 +9,7 @@ tlsn-common = { workspace = true }
 tlsn-core = { workspace = true }
 tlsn-prover = { workspace = true }
 tlsn-server-fixture = { workspace = true }
+tlsn-server-fixture-certs = { workspace = true }
 tlsn-tls-core = { workspace = true }
 tlsn-verifier = { workspace = true }
 

crates/wasm-test-runner/src/server_fixture.rs

@@ -1,5 +1,7 @@
 use std::{env, net::IpAddr};
 
+use tlsn_server_fixture;
+
 use anyhow::Result;
 use futures::Future;
 use tokio::net::TcpListener;

crates/wasm-test-runner/src/tlsn_fixture.rs

@@ -1,13 +1,14 @@
 use std::{env, net::IpAddr};
 
-use anyhow::Result;
-use futures::{AsyncReadExt, AsyncWriteExt, Future};
 use tls_core::{anchors::RootCertStore, verify::WebPkiVerifier};
 use tlsn_common::config::{ProtocolConfig, ProtocolConfigValidator};
 use tlsn_core::Direction;
 use tlsn_prover::tls::{Prover, ProverConfig};
-use tlsn_server_fixture::{CA_CERT_DER, SERVER_DOMAIN};
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
 use tlsn_verifier::tls::{Verifier, VerifierConfig};
+
+use anyhow::Result;
+use futures::{AsyncReadExt, AsyncWriteExt, Future};
 use tokio::net::{TcpListener, TcpStream};
 use tokio_util::compat::TokioAsyncReadCompatExt;
 use tracing::{info, instrument};
@@ -66,9 +67,7 @@ pub async fn start() -> Result<impl Future<Output = Result<()>>> {
 async fn handle_verifier(io: TcpStream) -> Result<()> {
     let mut root_store = RootCertStore::empty();
     root_store
-        .add(&tls_core::key::Certificate(
-            tlsn_server_fixture::CA_CERT_DER.to_vec(),
-        ))
+        .add(&tls_core::key::Certificate(CA_CERT_DER.to_vec()))
         .unwrap();
 
     let config_validator = ProtocolConfigValidator::builder()

crates/wasm/Cargo.toml

@@ -22,6 +22,7 @@ no-bundler = ["wasm-bindgen-rayon/no-bundler"]
 tlsn-common = { path = "../common" }
 tlsn-core = { path = "../core" }
 tlsn-prover = { path = "../prover" }
+tlsn-server-fixture-certs = { workspace = true }
 tlsn-tls-client-async = { path = "../tls/client-async" }
 tlsn-tls-core = { path = "../tls/core" }
 tlsn-verifier = { path = "../verifier" }

crates/wasm/src/tests.rs

@@ -5,6 +5,7 @@ use std::collections::HashMap;
 use tls_core::verify::WebPkiVerifier;
 use tlsn_common::config::{ProtocolConfig, ProtocolConfigValidator};
 use tlsn_prover::tls::{Prover, ProverConfig};
+use tlsn_server_fixture_certs::{CA_CERT_DER, SERVER_DOMAIN};
 use tlsn_verifier::tls::{Verifier, VerifierConfig};
 use wasm_bindgen::prelude::*;
 
@@ -14,9 +15,6 @@ use crate::{
     verifier::JsVerifier,
 };
 
-static CA_CERT_DER: &[u8] = include_bytes!("../../server-fixture/src/tls/root_ca_cert.der");
-static SERVER_DOMAIN: &str = "test-server.io";
-
 #[wasm_bindgen]
 pub async fn test_prove() -> Result<(), JsValue> {
     let mut root_store = tls_core::anchors::RootCertStore::empty();