tlsnotary/tlsn
1
0
Fork 0
mirror of https://github.com/tlsnotary/tlsn.git synced 2026-01-09 13:27:59 -05:00
Code Issues Packages Projects Releases 12 Wiki Activity

deploy: 38820d6a3f

Browse Source
This commit is contained in:
sinui0
2025-07-02 16:41:45 +00:00
parent f838f60256
commit 0276350974
255 changed files with 15729 additions and 3616 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates.js
View File

@@ -1,2 +1,2 @@
window.ALL_CRATES = ["tlsn_core","tlsn_prover","tlsn_verifier","tlsn_wasm"];
//{"start":21,"fragment_lengths":[11,14,16,12]}
window.ALL_CRATES = ["tlsn","tlsn_core","tlsn_wasm"];
//{"start":21,"fragment_lengths":[6,12,12]}

2
index.html
View File

@@ -1 +1 @@
<meta http-equiv="refresh" content="0; url=tlsn_prover">
<meta http-equiv="refresh" content="0; url=tlsn">

4
search-index.js
View File

File diff suppressed because one or more lines are too long

1
search.desc/tlsn/tlsn-desc-0-.js Normal file
View File

File diff suppressed because one or more lines are too long

2
search.desc/tlsn_core/tlsn_core-desc-0-.js
View File

File diff suppressed because one or more lines are too long

1
search.desc/tlsn_prover/tlsn_prover-desc-0-.js
View File

@@ -1 +0,0 @@
searchState.loadedDescShard("tlsn_prover", 0, "TLSNotary prover library.\nConfiguration to prove information to the verifier.\nBuilder for <code>ProveConfig</code>.\nError for <code>ProveConfigBuilder</code>.\nA prover instance.\nConfiguration for the prover.\nBuilder for <code>ProverConfig</code>.\nA controller for the prover.\nError for <code>Prover</code>.\nProver future which must be polled for the TLS connection …\nProver output.\nConfiguration for the provers TLS connection.\nBuilder for <code>TlsConfig</code>.\nBuilds a new <code>ProverConfig</code>.\nBuilds a new <code>TlsConfig</code>.\nBuilds the configuration.\nCreates a new builder for <code>ProverConfig</code>.\nCreates a new builder for <code>TlsConfig</code>.\nCreates a new builder.\nSets a DER-encoded certificate chain and a matching …\nReturns a certificate chain and a matching private key for …\nSets a PEM-encoded certificate chain and a matching …\nCloses the connection with the verifier.\nConnects to the server using the provided socket.\nReturns the connection information.\nReturns a controller for the prover for advanced …\nReturns the crypto provider.\nCryptography provider.\nDefers decryption of data from the server until the server …\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCreates a new prover.\nCreates a new builder.\nRequests an attestation from the verifier.\nReturns the protocol configuration.\nProtocol configuration to be checked with the verifier.\nProves information to the verifier.\nReveals the given ranges of the transcript.\nReveals the given ranges of the received data transcript.\nReveals the given ranges of the sent data transcript.\nReturns <code>true</code> if the server identity is to be proven.\nProves the server identity.\nReturns the server DNS name.\nThe server DNS name.\nSets up the prover.\nTLS prover states.\nReturns the TLS configuration.\nTLS configuration.\nReturns the transcript.\nReturns the transcript to be proven.\nReturns the transcript commitment configuration.\nConfigures transcript commitments.\nTranscript commitments.\nTranscript commitment secrets.\nState after the TLS connection has been committed and …\nEntry state\nState after MPC setup has completed.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.")

1
search.desc/tlsn_verifier/tlsn_verifier-desc-0-.js
View File

@@ -1 +0,0 @@
searchState.loadedDescShard("tlsn_verifier", 0, "TLSNotary verifier library.\nInformation about the TLS session.\nUninitialized field\nCustom validation error\nA Verifier instance.\nConfiguration for the <code>Verifier</code>.\nBuilder for <code>VerifierConfig</code>.\nError type for VerifierConfigBuilder\nError for <code>Verifier</code>.\nVerifier output.\nConfiguration to verify information from the prover.\nBuilder for <code>VerifyConfig</code>.\nError for <code>VerifyConfigBuilder</code>.\nBuilds a new <code>VerifierConfig</code>.\nBuilds the configuration.\nCreates a new configuration builder.\nCreates a new builder.\nCloses the connection with the prover.\nReturns the connection information.\nConnection information.\nCryptography provider.\nReturns the cryptography provider.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCreates a new verifier.\nCreates a new builder.\nRuns the verifier to completion and attests to the TLS …\nAttests to the TLS session.\nReturns the protocol configuration validator.\nRuns the verifier until the TLS connection is closed.\nServers name.\nServer identity.\nSets up the verifier.\nTLS Verifier state.\nTranscript data.\nTranscript commitments.\nRuns the TLS verifier to completion, verifying the TLS …\nVerifies information from the prover.\nState after the TLS connection has been closed.\nInitialized state.\nState after setup has completed.\nTLS Verifier state.\nReturns the argument unchanged.\nReturns the argument unchanged.\nReturns the argument unchanged.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.\nCalls <code>U::from(self)</code>.")

4
src-files.js
View File

@@ -1,2 +1,2 @@
createSrcSidebar('[["tlsn_core",["",[["attestation",[],["builder.rs","config.rs","extension.rs","proof.rs"]],["connection",[],["commit.rs","proof.rs"]],["fixtures",[],["provider.rs"]],["request",[],["builder.rs","config.rs"]],["transcript",[["encoding",[],["encoder.rs","proof.rs","provider.rs","tree.rs"]]],["commit.rs","encoding.rs","hash.rs","proof.rs"]]],["attestation.rs","connection.rs","fixtures.rs","hash.rs","lib.rs","merkle.rs","presentation.rs","provider.rs","request.rs","secrets.rs","serialize.rs","signing.rs","transcript.rs"]]],["tlsn_prover",["",[],["config.rs","error.rs","future.rs","lib.rs","state.rs"]]],["tlsn_verifier",["",[],["config.rs","error.rs","lib.rs","state.rs"]]],["tlsn_wasm",["",[["prover",[],["config.rs","mod.rs"]],["verifier",[],["config.rs","mod.rs"]]],["io.rs","lib.rs","log.rs","types.rs"]]]]');
//{"start":19,"fragment_lengths":[523,81,71,136]}
createSrcSidebar('[["tlsn",["",[["commit",[],["hash.rs","transcript.rs"]],["prover",[],["config.rs","error.rs","future.rs","state.rs"]],["verifier",[],["config.rs","error.rs","state.rs"]]],["commit.rs","config.rs","context.rs","encoding.rs","ghash.rs","lib.rs","msg.rs","mux.rs","prover.rs","tag.rs","verifier.rs","zk_aes_ctr.rs"]]],["tlsn_core",["",[["attestation",[],["builder.rs","config.rs","extension.rs","proof.rs"]],["connection",[],["commit.rs","proof.rs"]],["fixtures",[],["provider.rs"]],["request",[],["builder.rs","config.rs"]],["transcript",[["encoding",[],["encoder.rs","proof.rs","provider.rs","tree.rs"]]],["commit.rs","encoding.rs","hash.rs","proof.rs","tls.rs"]]],["attestation.rs","connection.rs","fixtures.rs","hash.rs","lib.rs","merkle.rs","presentation.rs","provider.rs","request.rs","secrets.rs","serialize.rs","signing.rs","transcript.rs"]]],["tlsn_wasm",["",[["prover",[],["config.rs","mod.rs"]],["verifier",[],["config.rs","mod.rs"]]],["io.rs","lib.rs","log.rs","types.rs"]]]]');
//{"start":19,"fragment_lengths":[313,533,136]}

109
src/tlsn/commit.rs.html Normal file
View File

@@ -0,0 +1,109 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/commit.rs`."><title>commit.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>commit.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Plaintext commitment and proof of encryption.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>hash;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>transcript;
<a href=#5 id=5 data-nosnippet>5</a>
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpz_core::bitvec::BitVec;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpz_memory_core::{
<a href=#8 id=8 data-nosnippet>8</a> DecodeFutureTyped, Vector,
<a href=#9 id=9 data-nosnippet>9</a> binary::{Binary, U8},
<a href=#10 id=10 data-nosnippet>10</a>};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>mpz_vm_core::{Vm, prelude::<span class="kw-2">*</span>};
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>tlsn_core::transcript::Record;
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use crate</span>::{
<a href=#15 id=15 data-nosnippet>15</a> Role,
<a href=#16 id=16 data-nosnippet>16</a> zk_aes_ctr::{ZkAesCtr, ZkAesCtrError},
<a href=#17 id=17 data-nosnippet>17</a>};
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="doccomment">/// Commits the plaintext of the provided records, returning a proof of
<a href=#20 id=20 data-nosnippet>20</a>/// encryption.
<a href=#21 id=21 data-nosnippet>21</a>///
<a href=#22 id=22 data-nosnippet>22</a>/// Writes the plaintext VM reference to the provided records.
<a href=#23 id=23 data-nosnippet>23</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>commit_records&lt;<span class="lifetime">'record</span>&gt;(
<a href=#24 id=24 data-nosnippet>24</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#25 id=25 data-nosnippet>25</a> aes: <span class="kw-2">&amp;mut </span>ZkAesCtr,
<a href=#26 id=26 data-nosnippet>26</a> records: <span class="kw">impl </span>IntoIterator&lt;Item = <span class="kw-2">&amp;</span><span class="lifetime">'record </span>Record&gt;,
<a href=#27 id=27 data-nosnippet>27</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(Vec&lt;Vector&lt;U8&gt;&gt;, RecordProof), RecordProofError&gt; {
<a href=#28 id=28 data-nosnippet>28</a> <span class="kw">let </span><span class="kw-2">mut </span>plaintexts = Vec::new();
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">let </span><span class="kw-2">mut </span>ciphertexts = Vec::new();
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">for </span>record <span class="kw">in </span>records {
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">let </span>(plaintext_ref, ciphertext_ref) = aes
<a href=#32 id=32 data-nosnippet>32</a> .encrypt(vm, record.explicit_nonce.clone(), record.ciphertext.len())
<a href=#33 id=33 data-nosnippet>33</a> .map_err(ErrorRepr::Aes)<span class="question-mark">?</span>;
<a href=#34 id=34 data-nosnippet>34</a>
<a href=#35 id=35 data-nosnippet>35</a> <span class="kw">if let </span>Role::Prover = aes.role() {
<a href=#36 id=36 data-nosnippet>36</a> <span class="kw">let </span><span class="prelude-val">Some</span>(plaintext) = record.plaintext.clone() <span class="kw">else </span>{
<a href=#37 id=37 data-nosnippet>37</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::MissingPlaintext.into());
<a href=#38 id=38 data-nosnippet>38</a> };
<a href=#39 id=39 data-nosnippet>39</a>
<a href=#40 id=40 data-nosnippet>40</a> vm.assign(plaintext_ref, plaintext)
<a href=#41 id=41 data-nosnippet>41</a> .map_err(RecordProofError::vm)<span class="question-mark">?</span>;
<a href=#42 id=42 data-nosnippet>42</a> }
<a href=#43 id=43 data-nosnippet>43</a> vm.commit(plaintext_ref).map_err(RecordProofError::vm)<span class="question-mark">?</span>;
<a href=#44 id=44 data-nosnippet>44</a>
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">let </span>ciphertext = vm.decode(ciphertext_ref).map_err(RecordProofError::vm)<span class="question-mark">?</span>;
<a href=#46 id=46 data-nosnippet>46</a>
<a href=#47 id=47 data-nosnippet>47</a> plaintexts.push(plaintext_ref);
<a href=#48 id=48 data-nosnippet>48</a> ciphertexts.push((ciphertext, record.ciphertext.clone()));
<a href=#49 id=49 data-nosnippet>49</a> }
<a href=#50 id=50 data-nosnippet>50</a>
<a href=#51 id=51 data-nosnippet>51</a> <span class="prelude-val">Ok</span>((plaintexts, RecordProof { ciphertexts }))
<a href=#52 id=52 data-nosnippet>52</a>}
<a href=#53 id=53 data-nosnippet>53</a>
<a href=#54 id=54 data-nosnippet>54</a><span class="doccomment">/// Proof of encryption.
<a href=#55 id=55 data-nosnippet>55</a></span><span class="attr">#[derive(Debug)]
<a href=#56 id=56 data-nosnippet>56</a>#[must_use]
<a href=#57 id=57 data-nosnippet>57</a>#[allow(clippy::type_complexity)]
<a href=#58 id=58 data-nosnippet>58</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>RecordProof {
<a href=#59 id=59 data-nosnippet>59</a> ciphertexts: Vec&lt;(DecodeFutureTyped&lt;BitVec, Vec&lt;u8&gt;&gt;, Vec&lt;u8&gt;)&gt;,
<a href=#60 id=60 data-nosnippet>60</a>}
<a href=#61 id=61 data-nosnippet>61</a>
<a href=#62 id=62 data-nosnippet>62</a><span class="kw">impl </span>RecordProof {
<a href=#63 id=63 data-nosnippet>63</a> <span class="doccomment">/// Verifies the proof.
<a href=#64 id=64 data-nosnippet>64</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>verify(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), RecordProofError&gt; {
<a href=#65 id=65 data-nosnippet>65</a> <span class="kw">let </span><span class="self">Self </span>{ ciphertexts } = <span class="self">self</span>;
<a href=#66 id=66 data-nosnippet>66</a>
<a href=#67 id=67 data-nosnippet>67</a> <span class="kw">for </span>(<span class="kw-2">mut </span>ciphertext, expected) <span class="kw">in </span>ciphertexts {
<a href=#68 id=68 data-nosnippet>68</a> <span class="kw">let </span>ciphertext = ciphertext
<a href=#69 id=69 data-nosnippet>69</a> .try_recv()
<a href=#70 id=70 data-nosnippet>70</a> .map_err(RecordProofError::vm)<span class="question-mark">?
<a href=#71 id=71 data-nosnippet>71</a> </span>.ok_or_else(|| ErrorRepr::NotDecoded)<span class="question-mark">?</span>;
<a href=#72 id=72 data-nosnippet>72</a>
<a href=#73 id=73 data-nosnippet>73</a> <span class="kw">if </span>ciphertext != expected {
<a href=#74 id=74 data-nosnippet>74</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::InvalidCiphertext.into());
<a href=#75 id=75 data-nosnippet>75</a> }
<a href=#76 id=76 data-nosnippet>76</a> }
<a href=#77 id=77 data-nosnippet>77</a>
<a href=#78 id=78 data-nosnippet>78</a> <span class="prelude-val">Ok</span>(())
<a href=#79 id=79 data-nosnippet>79</a> }
<a href=#80 id=80 data-nosnippet>80</a>}
<a href=#81 id=81 data-nosnippet>81</a>
<a href=#82 id=82 data-nosnippet>82</a><span class="doccomment">/// Error for [`RecordProof`].
<a href=#83 id=83 data-nosnippet>83</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#84 id=84 data-nosnippet>84</a>#[error(transparent)]
<a href=#85 id=85 data-nosnippet>85</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>RecordProofError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#86 id=86 data-nosnippet>86</a>
<a href=#87 id=87 data-nosnippet>87</a><span class="kw">impl </span>RecordProofError {
<a href=#88 id=88 data-nosnippet>88</a> <span class="kw">fn </span>vm&lt;E&gt;(err: E) -&gt; <span class="self">Self
<a href=#89 id=89 data-nosnippet>89</a> </span><span class="kw">where
<a href=#90 id=90 data-nosnippet>90</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#91 id=91 data-nosnippet>91</a> {
<a href=#92 id=92 data-nosnippet>92</a> <span class="self">Self</span>(ErrorRepr::Vm(err.into()))
<a href=#93 id=93 data-nosnippet>93</a> }
<a href=#94 id=94 data-nosnippet>94</a>}
<a href=#95 id=95 data-nosnippet>95</a>
<a href=#96 id=96 data-nosnippet>96</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#97 id=97 data-nosnippet>97</a>#[error(<span class="string">"record proof error: {0}"</span>)]
<a href=#98 id=98 data-nosnippet>98</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#99 id=99 data-nosnippet>99</a> <span class="attr">#[error(<span class="string">"VM error: {0}"</span>)]
<a href=#100 id=100 data-nosnippet>100</a> </span>Vm(Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;),
<a href=#101 id=101 data-nosnippet>101</a> <span class="attr">#[error(<span class="string">"zk aes error: {0}"</span>)]
<a href=#102 id=102 data-nosnippet>102</a> </span>Aes(ZkAesCtrError),
<a href=#103 id=103 data-nosnippet>103</a> <span class="attr">#[error(<span class="string">"plaintext is missing"</span>)]
<a href=#104 id=104 data-nosnippet>104</a> </span>MissingPlaintext,
<a href=#105 id=105 data-nosnippet>105</a> <span class="attr">#[error(<span class="string">"ciphertext was not decoded"</span>)]
<a href=#106 id=106 data-nosnippet>106</a> </span>NotDecoded,
<a href=#107 id=107 data-nosnippet>107</a> <span class="attr">#[error(<span class="string">"ciphertext does not match expected"</span>)]
<a href=#108 id=108 data-nosnippet>108</a> </span>InvalidCiphertext,
<a href=#109 id=109 data-nosnippet>109</a>}</code></pre></div></section></main></body></html>

198
src/tlsn/commit/hash.rs.html Normal file
View File

@@ -0,0 +1,198 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/commit/hash.rs`."><title>hash.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/commit/</div>hash.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Plaintext hash commitments.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::collections::HashMap;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpz_core::bitvec::BitVec;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpz_hash::sha256::Sha256;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpz_memory_core::{
<a href=#8 id=8 data-nosnippet>8</a> DecodeFutureTyped, MemoryExt, Vector,
<a href=#9 id=9 data-nosnippet>9</a> binary::{Binary, U8},
<a href=#10 id=10 data-nosnippet>10</a>};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>mpz_vm_core::{Vm, VmError, prelude::<span class="kw-2">*</span>};
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>tlsn_core::{
<a href=#13 id=13 data-nosnippet>13</a> hash::{Blinder, Hash, HashAlgId, TypedHash},
<a href=#14 id=14 data-nosnippet>14</a> transcript::{
<a href=#15 id=15 data-nosnippet>15</a> Direction, Idx,
<a href=#16 id=16 data-nosnippet>16</a> hash::{PlaintextHash, PlaintextHashSecret},
<a href=#17 id=17 data-nosnippet>17</a> },
<a href=#18 id=18 data-nosnippet>18</a>};
<a href=#19 id=19 data-nosnippet>19</a>
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">use crate</span>::{Role, commit::transcript::TranscriptRefs};
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="doccomment">/// Future which will resolve to the committed hash values.
<a href=#23 id=23 data-nosnippet>23</a></span><span class="attr">#[derive(Debug)]
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>HashCommitFuture {
<a href=#26 id=26 data-nosnippet>26</a> <span class="attr">#[allow(clippy::type_complexity)]
<a href=#27 id=27 data-nosnippet>27</a> </span>futs: Vec&lt;(
<a href=#28 id=28 data-nosnippet>28</a> Direction,
<a href=#29 id=29 data-nosnippet>29</a> Idx,
<a href=#30 id=30 data-nosnippet>30</a> HashAlgId,
<a href=#31 id=31 data-nosnippet>31</a> DecodeFutureTyped&lt;BitVec, Vec&lt;u8&gt;&gt;,
<a href=#32 id=32 data-nosnippet>32</a> )&gt;,
<a href=#33 id=33 data-nosnippet>33</a>}
<a href=#34 id=34 data-nosnippet>34</a>
<a href=#35 id=35 data-nosnippet>35</a><span class="kw">impl </span>HashCommitFuture {
<a href=#36 id=36 data-nosnippet>36</a> <span class="doccomment">/// Tries to receive the value, returning an error if the value is not
<a href=#37 id=37 data-nosnippet>37</a> /// ready.
<a href=#38 id=38 data-nosnippet>38</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>try_recv(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;Vec&lt;PlaintextHash&gt;, HashCommitError&gt; {
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">let </span><span class="kw-2">mut </span>output = Vec::new();
<a href=#40 id=40 data-nosnippet>40</a> <span class="kw">for </span>(direction, idx, alg, <span class="kw-2">mut </span>fut) <span class="kw">in </span><span class="self">self</span>.futs {
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">let </span>hash = fut
<a href=#42 id=42 data-nosnippet>42</a> .try_recv()
<a href=#43 id=43 data-nosnippet>43</a> .map_err(|<span class="kw">_</span>| HashCommitError::decode())<span class="question-mark">?
<a href=#44 id=44 data-nosnippet>44</a> </span>.ok_or_else(HashCommitError::decode)<span class="question-mark">?</span>;
<a href=#45 id=45 data-nosnippet>45</a> output.push(PlaintextHash {
<a href=#46 id=46 data-nosnippet>46</a> direction,
<a href=#47 id=47 data-nosnippet>47</a> idx,
<a href=#48 id=48 data-nosnippet>48</a> hash: TypedHash {
<a href=#49 id=49 data-nosnippet>49</a> alg,
<a href=#50 id=50 data-nosnippet>50</a> value: Hash::try_from(hash).map_err(HashCommitError::convert)<span class="question-mark">?</span>,
<a href=#51 id=51 data-nosnippet>51</a> },
<a href=#52 id=52 data-nosnippet>52</a> });
<a href=#53 id=53 data-nosnippet>53</a> }
<a href=#54 id=54 data-nosnippet>54</a>
<a href=#55 id=55 data-nosnippet>55</a> <span class="prelude-val">Ok</span>(output)
<a href=#56 id=56 data-nosnippet>56</a> }
<a href=#57 id=57 data-nosnippet>57</a>}
<a href=#58 id=58 data-nosnippet>58</a>
<a href=#59 id=59 data-nosnippet>59</a><span class="doccomment">/// Prove plaintext hash commitments.
<a href=#60 id=60 data-nosnippet>60</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>prove_hash(
<a href=#61 id=61 data-nosnippet>61</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#62 id=62 data-nosnippet>62</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#63 id=63 data-nosnippet>63</a> idxs: <span class="kw">impl </span>IntoIterator&lt;Item = (Direction, Idx, HashAlgId)&gt;,
<a href=#64 id=64 data-nosnippet>64</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(HashCommitFuture, Vec&lt;PlaintextHashSecret&gt;), HashCommitError&gt; {
<a href=#65 id=65 data-nosnippet>65</a> <span class="kw">let </span><span class="kw-2">mut </span>futs = Vec::new();
<a href=#66 id=66 data-nosnippet>66</a> <span class="kw">let </span><span class="kw-2">mut </span>secrets = Vec::new();
<a href=#67 id=67 data-nosnippet>67</a> <span class="kw">for </span>(direction, idx, alg, hash_ref, blinder_ref) <span class="kw">in
<a href=#68 id=68 data-nosnippet>68</a> </span>hash_commit_inner(vm, Role::Prover, refs, idxs)<span class="question-mark">?
<a href=#69 id=69 data-nosnippet>69</a> </span>{
<a href=#70 id=70 data-nosnippet>70</a> <span class="kw">let </span>blinder: Blinder = rand::random();
<a href=#71 id=71 data-nosnippet>71</a>
<a href=#72 id=72 data-nosnippet>72</a> vm.assign(blinder_ref, blinder.as_bytes().to_vec())<span class="question-mark">?</span>;
<a href=#73 id=73 data-nosnippet>73</a> vm.commit(blinder_ref)<span class="question-mark">?</span>;
<a href=#74 id=74 data-nosnippet>74</a>
<a href=#75 id=75 data-nosnippet>75</a> <span class="kw">let </span>hash_fut = vm.decode(Vector::&lt;U8&gt;::from(hash_ref))<span class="question-mark">?</span>;
<a href=#76 id=76 data-nosnippet>76</a>
<a href=#77 id=77 data-nosnippet>77</a> futs.push((direction, idx.clone(), alg, hash_fut));
<a href=#78 id=78 data-nosnippet>78</a> secrets.push(PlaintextHashSecret {
<a href=#79 id=79 data-nosnippet>79</a> direction,
<a href=#80 id=80 data-nosnippet>80</a> idx,
<a href=#81 id=81 data-nosnippet>81</a> blinder,
<a href=#82 id=82 data-nosnippet>82</a> alg,
<a href=#83 id=83 data-nosnippet>83</a> });
<a href=#84 id=84 data-nosnippet>84</a> }
<a href=#85 id=85 data-nosnippet>85</a>
<a href=#86 id=86 data-nosnippet>86</a> <span class="prelude-val">Ok</span>((HashCommitFuture { futs }, secrets))
<a href=#87 id=87 data-nosnippet>87</a>}
<a href=#88 id=88 data-nosnippet>88</a>
<a href=#89 id=89 data-nosnippet>89</a><span class="doccomment">/// Verify plaintext hash commitments.
<a href=#90 id=90 data-nosnippet>90</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>verify_hash(
<a href=#91 id=91 data-nosnippet>91</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#92 id=92 data-nosnippet>92</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#93 id=93 data-nosnippet>93</a> idxs: <span class="kw">impl </span>IntoIterator&lt;Item = (Direction, Idx, HashAlgId)&gt;,
<a href=#94 id=94 data-nosnippet>94</a>) -&gt; <span class="prelude-ty">Result</span>&lt;HashCommitFuture, HashCommitError&gt; {
<a href=#95 id=95 data-nosnippet>95</a> <span class="kw">let </span><span class="kw-2">mut </span>futs = Vec::new();
<a href=#96 id=96 data-nosnippet>96</a> <span class="kw">for </span>(direction, idx, alg, hash_ref, blinder_ref) <span class="kw">in
<a href=#97 id=97 data-nosnippet>97</a> </span>hash_commit_inner(vm, Role::Verifier, refs, idxs)<span class="question-mark">?
<a href=#98 id=98 data-nosnippet>98</a> </span>{
<a href=#99 id=99 data-nosnippet>99</a> vm.commit(blinder_ref)<span class="question-mark">?</span>;
<a href=#100 id=100 data-nosnippet>100</a>
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">let </span>hash_fut = vm.decode(Vector::&lt;U8&gt;::from(hash_ref))<span class="question-mark">?</span>;
<a href=#102 id=102 data-nosnippet>102</a>
<a href=#103 id=103 data-nosnippet>103</a> futs.push((direction, idx, alg, hash_fut));
<a href=#104 id=104 data-nosnippet>104</a> }
<a href=#105 id=105 data-nosnippet>105</a>
<a href=#106 id=106 data-nosnippet>106</a> <span class="prelude-val">Ok</span>(HashCommitFuture { futs })
<a href=#107 id=107 data-nosnippet>107</a>}
<a href=#108 id=108 data-nosnippet>108</a>
<a href=#109 id=109 data-nosnippet>109</a><span class="doccomment">/// Commit plaintext hashes of the transcript.
<a href=#110 id=110 data-nosnippet>110</a></span><span class="attr">#[allow(clippy::type_complexity)]
<a href=#111 id=111 data-nosnippet>111</a></span><span class="kw">fn </span>hash_commit_inner(
<a href=#112 id=112 data-nosnippet>112</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#113 id=113 data-nosnippet>113</a> role: Role,
<a href=#114 id=114 data-nosnippet>114</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#115 id=115 data-nosnippet>115</a> idxs: <span class="kw">impl </span>IntoIterator&lt;Item = (Direction, Idx, HashAlgId)&gt;,
<a href=#116 id=116 data-nosnippet>116</a>) -&gt; <span class="prelude-ty">Result</span>&lt;Vec&lt;(Direction, Idx, HashAlgId, Array&lt;U8, <span class="number">32</span>&gt;, Vector&lt;U8&gt;)&gt;, HashCommitError&gt; {
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">let </span><span class="kw-2">mut </span>output = Vec::new();
<a href=#118 id=118 data-nosnippet>118</a> <span class="kw">let </span><span class="kw-2">mut </span>hashers = HashMap::new();
<a href=#119 id=119 data-nosnippet>119</a> <span class="kw">for </span>(direction, idx, alg) <span class="kw">in </span>idxs {
<a href=#120 id=120 data-nosnippet>120</a> <span class="kw">let </span>blinder = vm.alloc_vec::&lt;U8&gt;(<span class="number">16</span>)<span class="question-mark">?</span>;
<a href=#121 id=121 data-nosnippet>121</a> <span class="kw">match </span>role {
<a href=#122 id=122 data-nosnippet>122</a> Role::Prover =&gt; vm.mark_private(blinder)<span class="question-mark">?</span>,
<a href=#123 id=123 data-nosnippet>123</a> Role::Verifier =&gt; vm.mark_blind(blinder)<span class="question-mark">?</span>,
<a href=#124 id=124 data-nosnippet>124</a> }
<a href=#125 id=125 data-nosnippet>125</a>
<a href=#126 id=126 data-nosnippet>126</a> <span class="kw">let </span>hash = <span class="kw">match </span>alg {
<a href=#127 id=127 data-nosnippet>127</a> HashAlgId::SHA256 =&gt; {
<a href=#128 id=128 data-nosnippet>128</a> <span class="kw">let </span><span class="kw-2">mut </span>hasher = <span class="kw">if let </span><span class="prelude-val">Some</span>(hasher) = hashers.get(<span class="kw-2">&amp;</span>alg).cloned() {
<a href=#129 id=129 data-nosnippet>129</a> hasher
<a href=#130 id=130 data-nosnippet>130</a> } <span class="kw">else </span>{
<a href=#131 id=131 data-nosnippet>131</a> <span class="kw">let </span>hasher = Sha256::new_with_init(vm).map_err(HashCommitError::hasher)<span class="question-mark">?</span>;
<a href=#132 id=132 data-nosnippet>132</a> hashers.insert(alg, hasher.clone());
<a href=#133 id=133 data-nosnippet>133</a> hasher
<a href=#134 id=134 data-nosnippet>134</a> };
<a href=#135 id=135 data-nosnippet>135</a>
<a href=#136 id=136 data-nosnippet>136</a> <span class="kw">for </span>plaintext <span class="kw">in </span>refs.get(direction, <span class="kw-2">&amp;</span>idx).expect(<span class="string">"plaintext refs are valid"</span>) {
<a href=#137 id=137 data-nosnippet>137</a> hasher.update(<span class="kw-2">&amp;</span>plaintext);
<a href=#138 id=138 data-nosnippet>138</a> }
<a href=#139 id=139 data-nosnippet>139</a> hasher.update(<span class="kw-2">&amp;</span>blinder);
<a href=#140 id=140 data-nosnippet>140</a> hasher.finalize(vm).map_err(HashCommitError::hasher)<span class="question-mark">?
<a href=#141 id=141 data-nosnippet>141</a> </span>}
<a href=#142 id=142 data-nosnippet>142</a> alg =&gt; {
<a href=#143 id=143 data-nosnippet>143</a> <span class="kw">return </span><span class="prelude-val">Err</span>(HashCommitError::unsupported_alg(alg));
<a href=#144 id=144 data-nosnippet>144</a> }
<a href=#145 id=145 data-nosnippet>145</a> };
<a href=#146 id=146 data-nosnippet>146</a>
<a href=#147 id=147 data-nosnippet>147</a> output.push((direction, idx, alg, hash, blinder));
<a href=#148 id=148 data-nosnippet>148</a> }
<a href=#149 id=149 data-nosnippet>149</a>
<a href=#150 id=150 data-nosnippet>150</a> <span class="prelude-val">Ok</span>(output)
<a href=#151 id=151 data-nosnippet>151</a>}
<a href=#152 id=152 data-nosnippet>152</a>
<a href=#153 id=153 data-nosnippet>153</a><span class="doccomment">/// Error type for hash commitments.
<a href=#154 id=154 data-nosnippet>154</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#155 id=155 data-nosnippet>155</a>#[error(transparent)]
<a href=#156 id=156 data-nosnippet>156</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>HashCommitError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#157 id=157 data-nosnippet>157</a>
<a href=#158 id=158 data-nosnippet>158</a><span class="kw">impl </span>HashCommitError {
<a href=#159 id=159 data-nosnippet>159</a> <span class="kw">fn </span>decode() -&gt; <span class="self">Self </span>{
<a href=#160 id=160 data-nosnippet>160</a> <span class="self">Self</span>(ErrorRepr::Decode)
<a href=#161 id=161 data-nosnippet>161</a> }
<a href=#162 id=162 data-nosnippet>162</a>
<a href=#163 id=163 data-nosnippet>163</a> <span class="kw">fn </span>convert(e: <span class="kw-2">&amp;</span><span class="lifetime">'static </span>str) -&gt; <span class="self">Self </span>{
<a href=#164 id=164 data-nosnippet>164</a> <span class="self">Self</span>(ErrorRepr::Convert(e))
<a href=#165 id=165 data-nosnippet>165</a> }
<a href=#166 id=166 data-nosnippet>166</a>
<a href=#167 id=167 data-nosnippet>167</a> <span class="kw">fn </span>hasher&lt;E&gt;(e: E) -&gt; <span class="self">Self
<a href=#168 id=168 data-nosnippet>168</a> </span><span class="kw">where
<a href=#169 id=169 data-nosnippet>169</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync&gt;&gt;,
<a href=#170 id=170 data-nosnippet>170</a> {
<a href=#171 id=171 data-nosnippet>171</a> <span class="self">Self</span>(ErrorRepr::Hasher(e.into()))
<a href=#172 id=172 data-nosnippet>172</a> }
<a href=#173 id=173 data-nosnippet>173</a>
<a href=#174 id=174 data-nosnippet>174</a> <span class="kw">fn </span>unsupported_alg(alg: HashAlgId) -&gt; <span class="self">Self </span>{
<a href=#175 id=175 data-nosnippet>175</a> <span class="self">Self</span>(ErrorRepr::UnsupportedAlg { alg })
<a href=#176 id=176 data-nosnippet>176</a> }
<a href=#177 id=177 data-nosnippet>177</a>}
<a href=#178 id=178 data-nosnippet>178</a>
<a href=#179 id=179 data-nosnippet>179</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#180 id=180 data-nosnippet>180</a>#[error(<span class="string">"hash commit error: {0}"</span>)]
<a href=#181 id=181 data-nosnippet>181</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#182 id=182 data-nosnippet>182</a> <span class="attr">#[error(<span class="string">"VM error: {0}"</span>)]
<a href=#183 id=183 data-nosnippet>183</a> </span>Vm(VmError),
<a href=#184 id=184 data-nosnippet>184</a> <span class="attr">#[error(<span class="string">"failed to decode hash"</span>)]
<a href=#185 id=185 data-nosnippet>185</a> </span>Decode,
<a href=#186 id=186 data-nosnippet>186</a> <span class="attr">#[error(<span class="string">"failed to convert hash: {0}"</span>)]
<a href=#187 id=187 data-nosnippet>187</a> </span>Convert(<span class="kw-2">&amp;</span><span class="lifetime">'static </span>str),
<a href=#188 id=188 data-nosnippet>188</a> <span class="attr">#[error(<span class="string">"unsupported hash algorithm: {alg}"</span>)]
<a href=#189 id=189 data-nosnippet>189</a> </span>UnsupportedAlg { alg: HashAlgId },
<a href=#190 id=190 data-nosnippet>190</a> <span class="attr">#[error(<span class="string">"hasher error: {0}"</span>)]
<a href=#191 id=191 data-nosnippet>191</a> </span>Hasher(Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync&gt;),
<a href=#192 id=192 data-nosnippet>192</a>}
<a href=#193 id=193 data-nosnippet>193</a>
<a href=#194 id=194 data-nosnippet>194</a><span class="kw">impl </span>From&lt;VmError&gt; <span class="kw">for </span>HashCommitError {
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">fn </span>from(value: VmError) -&gt; <span class="self">Self </span>{
<a href=#196 id=196 data-nosnippet>196</a> <span class="self">Self</span>(ErrorRepr::Vm(value))
<a href=#197 id=197 data-nosnippet>197</a> }
<a href=#198 id=198 data-nosnippet>198</a>}</code></pre></div></section></main></body></html>

204
src/tlsn/commit/transcript.rs.html Normal file
View File

@@ -0,0 +1,204 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/commit/transcript.rs`."><title>transcript.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/commit/</div>transcript.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>mpz_memory_core::{
<a href=#2 id=2 data-nosnippet>2</a> MemoryExt, Vector,
<a href=#3 id=3 data-nosnippet>3</a> binary::{Binary, U8},
<a href=#4 id=4 data-nosnippet>4</a>};
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpz_vm_core::{Vm, VmError};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>rangeset::Intersection;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tlsn_core::transcript::{Direction, Idx, PartialTranscript};
<a href=#8 id=8 data-nosnippet>8</a>
<a href=#9 id=9 data-nosnippet>9</a><span class="doccomment">/// References to the application plaintext in the transcript.
<a href=#10 id=10 data-nosnippet>10</a></span><span class="attr">#[derive(Debug, Default, Clone)]
<a href=#11 id=11 data-nosnippet>11</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>TranscriptRefs {
<a href=#12 id=12 data-nosnippet>12</a> sent: Vec&lt;Vector&lt;U8&gt;&gt;,
<a href=#13 id=13 data-nosnippet>13</a> recv: Vec&lt;Vector&lt;U8&gt;&gt;,
<a href=#14 id=14 data-nosnippet>14</a>}
<a href=#15 id=15 data-nosnippet>15</a>
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">impl </span>TranscriptRefs {
<a href=#17 id=17 data-nosnippet>17</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>new(sent: Vec&lt;Vector&lt;U8&gt;&gt;, recv: Vec&lt;Vector&lt;U8&gt;&gt;) -&gt; <span class="self">Self </span>{
<a href=#18 id=18 data-nosnippet>18</a> <span class="self">Self </span>{ sent, recv }
<a href=#19 id=19 data-nosnippet>19</a> }
<a href=#20 id=20 data-nosnippet>20</a>
<a href=#21 id=21 data-nosnippet>21</a> <span class="doccomment">/// Returns the sent plaintext references.
<a href=#22 id=22 data-nosnippet>22</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>sent(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>[Vector&lt;U8&gt;] {
<a href=#23 id=23 data-nosnippet>23</a> <span class="kw-2">&amp;</span><span class="self">self</span>.sent
<a href=#24 id=24 data-nosnippet>24</a> }
<a href=#25 id=25 data-nosnippet>25</a>
<a href=#26 id=26 data-nosnippet>26</a> <span class="doccomment">/// Returns the received plaintext references.
<a href=#27 id=27 data-nosnippet>27</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>recv(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>[Vector&lt;U8&gt;] {
<a href=#28 id=28 data-nosnippet>28</a> <span class="kw-2">&amp;</span><span class="self">self</span>.recv
<a href=#29 id=29 data-nosnippet>29</a> }
<a href=#30 id=30 data-nosnippet>30</a>
<a href=#31 id=31 data-nosnippet>31</a> <span class="doccomment">/// Returns VM references for the given direction and index, otherwise
<a href=#32 id=32 data-nosnippet>32</a> /// `None` if the index is out of bounds.
<a href=#33 id=33 data-nosnippet>33</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>get(<span class="kw-2">&amp;</span><span class="self">self</span>, direction: Direction, idx: <span class="kw-2">&amp;</span>Idx) -&gt; <span class="prelude-ty">Option</span>&lt;Vec&lt;Vector&lt;U8&gt;&gt;&gt; {
<a href=#34 id=34 data-nosnippet>34</a> <span class="kw">if </span>idx.is_empty() {
<a href=#35 id=35 data-nosnippet>35</a> <span class="kw">return </span><span class="prelude-val">Some</span>(Vec::new());
<a href=#36 id=36 data-nosnippet>36</a> }
<a href=#37 id=37 data-nosnippet>37</a>
<a href=#38 id=38 data-nosnippet>38</a> <span class="kw">let </span>refs = <span class="kw">match </span>direction {
<a href=#39 id=39 data-nosnippet>39</a> Direction::Sent =&gt; <span class="kw-2">&amp;</span><span class="self">self</span>.sent,
<a href=#40 id=40 data-nosnippet>40</a> Direction::Received =&gt; <span class="kw-2">&amp;</span><span class="self">self</span>.recv,
<a href=#41 id=41 data-nosnippet>41</a> };
<a href=#42 id=42 data-nosnippet>42</a>
<a href=#43 id=43 data-nosnippet>43</a> <span class="comment">// Computes the transcript range for each reference.
<a href=#44 id=44 data-nosnippet>44</a> </span><span class="kw">let </span><span class="kw-2">mut </span>start = <span class="number">0</span>;
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">let </span><span class="kw-2">mut </span>slice_iter = refs.iter().map(<span class="kw">move </span>|slice| {
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">let </span>out = (slice, start..start + slice.len());
<a href=#47 id=47 data-nosnippet>47</a> start += slice.len();
<a href=#48 id=48 data-nosnippet>48</a> out
<a href=#49 id=49 data-nosnippet>49</a> });
<a href=#50 id=50 data-nosnippet>50</a>
<a href=#51 id=51 data-nosnippet>51</a> <span class="kw">let </span><span class="kw-2">mut </span>slices = Vec::new();
<a href=#52 id=52 data-nosnippet>52</a> <span class="kw">let </span>(<span class="kw-2">mut </span>slice, <span class="kw-2">mut </span>slice_range) = slice_iter.next()<span class="question-mark">?</span>;
<a href=#53 id=53 data-nosnippet>53</a> <span class="kw">for </span>range <span class="kw">in </span>idx.iter_ranges() {
<a href=#54 id=54 data-nosnippet>54</a> <span class="kw">loop </span>{
<a href=#55 id=55 data-nosnippet>55</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(intersection) = slice_range.intersection(<span class="kw-2">&amp;</span>range) {
<a href=#56 id=56 data-nosnippet>56</a> <span class="kw">let </span>start = intersection.start - slice_range.start;
<a href=#57 id=57 data-nosnippet>57</a> <span class="kw">let </span>end = intersection.end - slice_range.start;
<a href=#58 id=58 data-nosnippet>58</a> slices.push(slice.get(start..end).expect(<span class="string">"range should be in bounds"</span>));
<a href=#59 id=59 data-nosnippet>59</a> }
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a> <span class="comment">// Proceed to next range if the current slice extends beyond. Otherwise, proceed
<a href=#62 id=62 data-nosnippet>62</a> // to the next slice.
<a href=#63 id=63 data-nosnippet>63</a> </span><span class="kw">if </span>range.end &lt;= slice_range.end {
<a href=#64 id=64 data-nosnippet>64</a> <span class="kw">break</span>;
<a href=#65 id=65 data-nosnippet>65</a> } <span class="kw">else </span>{
<a href=#66 id=66 data-nosnippet>66</a> (slice, slice_range) = slice_iter.next()<span class="question-mark">?</span>;
<a href=#67 id=67 data-nosnippet>67</a> }
<a href=#68 id=68 data-nosnippet>68</a> }
<a href=#69 id=69 data-nosnippet>69</a> }
<a href=#70 id=70 data-nosnippet>70</a>
<a href=#71 id=71 data-nosnippet>71</a> <span class="prelude-val">Some</span>(slices)
<a href=#72 id=72 data-nosnippet>72</a> }
<a href=#73 id=73 data-nosnippet>73</a>}
<a href=#74 id=74 data-nosnippet>74</a>
<a href=#75 id=75 data-nosnippet>75</a><span class="doccomment">/// Decodes the transcript.
<a href=#76 id=76 data-nosnippet>76</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>decode_transcript(
<a href=#77 id=77 data-nosnippet>77</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#78 id=78 data-nosnippet>78</a> sent: <span class="kw-2">&amp;</span>Idx,
<a href=#79 id=79 data-nosnippet>79</a> recv: <span class="kw-2">&amp;</span>Idx,
<a href=#80 id=80 data-nosnippet>80</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#81 id=81 data-nosnippet>81</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VmError&gt; {
<a href=#82 id=82 data-nosnippet>82</a> <span class="kw">let </span>sent_refs = refs.get(Direction::Sent, sent).expect(<span class="string">"index is in bounds"</span>);
<a href=#83 id=83 data-nosnippet>83</a> <span class="kw">let </span>recv_refs = refs
<a href=#84 id=84 data-nosnippet>84</a> .get(Direction::Received, recv)
<a href=#85 id=85 data-nosnippet>85</a> .expect(<span class="string">"index is in bounds"</span>);
<a href=#86 id=86 data-nosnippet>86</a>
<a href=#87 id=87 data-nosnippet>87</a> <span class="kw">for </span>slice <span class="kw">in </span>sent_refs.into_iter().chain(recv_refs) {
<a href=#88 id=88 data-nosnippet>88</a> <span class="comment">// Drop the future, we don't need it.
<a href=#89 id=89 data-nosnippet>89</a> </span>drop(vm.decode(slice)<span class="question-mark">?</span>);
<a href=#90 id=90 data-nosnippet>90</a> }
<a href=#91 id=91 data-nosnippet>91</a>
<a href=#92 id=92 data-nosnippet>92</a> <span class="prelude-val">Ok</span>(())
<a href=#93 id=93 data-nosnippet>93</a>}
<a href=#94 id=94 data-nosnippet>94</a>
<a href=#95 id=95 data-nosnippet>95</a><span class="doccomment">/// Verifies a partial transcript.
<a href=#96 id=96 data-nosnippet>96</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>verify_transcript(
<a href=#97 id=97 data-nosnippet>97</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#98 id=98 data-nosnippet>98</a> transcript: <span class="kw-2">&amp;</span>PartialTranscript,
<a href=#99 id=99 data-nosnippet>99</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#100 id=100 data-nosnippet>100</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), InconsistentTranscript&gt; {
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">let </span>sent_refs = refs
<a href=#102 id=102 data-nosnippet>102</a> .get(Direction::Sent, transcript.sent_authed())
<a href=#103 id=103 data-nosnippet>103</a> .expect(<span class="string">"index is in bounds"</span>);
<a href=#104 id=104 data-nosnippet>104</a> <span class="kw">let </span>recv_refs = refs
<a href=#105 id=105 data-nosnippet>105</a> .get(Direction::Received, transcript.received_authed())
<a href=#106 id=106 data-nosnippet>106</a> .expect(<span class="string">"index is in bounds"</span>);
<a href=#107 id=107 data-nosnippet>107</a>
<a href=#108 id=108 data-nosnippet>108</a> <span class="kw">let </span><span class="kw-2">mut </span>authenticated_data = Vec::new();
<a href=#109 id=109 data-nosnippet>109</a> <span class="kw">for </span>data <span class="kw">in </span>sent_refs.into_iter().chain(recv_refs) {
<a href=#110 id=110 data-nosnippet>110</a> <span class="kw">let </span>plaintext = vm
<a href=#111 id=111 data-nosnippet>111</a> .get(data)
<a href=#112 id=112 data-nosnippet>112</a> .expect(<span class="string">"reference is valid"</span>)
<a href=#113 id=113 data-nosnippet>113</a> .expect(<span class="string">"plaintext is decoded"</span>);
<a href=#114 id=114 data-nosnippet>114</a> authenticated_data.extend_from_slice(<span class="kw-2">&amp;</span>plaintext);
<a href=#115 id=115 data-nosnippet>115</a> }
<a href=#116 id=116 data-nosnippet>116</a>
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">let </span><span class="kw-2">mut </span>purported_data = Vec::with_capacity(authenticated_data.len());
<a href=#118 id=118 data-nosnippet>118</a> <span class="kw">for </span>range <span class="kw">in </span>transcript.sent_authed().iter_ranges() {
<a href=#119 id=119 data-nosnippet>119</a> purported_data.extend_from_slice(<span class="kw-2">&amp;</span>transcript.sent_unsafe()[range]);
<a href=#120 id=120 data-nosnippet>120</a> }
<a href=#121 id=121 data-nosnippet>121</a>
<a href=#122 id=122 data-nosnippet>122</a> <span class="kw">for </span>range <span class="kw">in </span>transcript.received_authed().iter_ranges() {
<a href=#123 id=123 data-nosnippet>123</a> purported_data.extend_from_slice(<span class="kw-2">&amp;</span>transcript.received_unsafe()[range]);
<a href=#124 id=124 data-nosnippet>124</a> }
<a href=#125 id=125 data-nosnippet>125</a>
<a href=#126 id=126 data-nosnippet>126</a> <span class="kw">if </span>purported_data != authenticated_data {
<a href=#127 id=127 data-nosnippet>127</a> <span class="kw">return </span><span class="prelude-val">Err</span>(InconsistentTranscript {});
<a href=#128 id=128 data-nosnippet>128</a> }
<a href=#129 id=129 data-nosnippet>129</a>
<a href=#130 id=130 data-nosnippet>130</a> <span class="prelude-val">Ok</span>(())
<a href=#131 id=131 data-nosnippet>131</a>}
<a href=#132 id=132 data-nosnippet>132</a>
<a href=#133 id=133 data-nosnippet>133</a><span class="doccomment">/// Error for [`verify_transcript`].
<a href=#134 id=134 data-nosnippet>134</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#135 id=135 data-nosnippet>135</a>#[error(<span class="string">"inconsistent transcript"</span>)]
<a href=#136 id=136 data-nosnippet>136</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>InconsistentTranscript {}
<a href=#137 id=137 data-nosnippet>137</a>
<a href=#138 id=138 data-nosnippet>138</a><span class="attr">#[cfg(test)]
<a href=#139 id=139 data-nosnippet>139</a></span><span class="kw">mod </span>tests {
<a href=#140 id=140 data-nosnippet>140</a> <span class="kw">use </span><span class="kw">super</span>::TranscriptRefs;
<a href=#141 id=141 data-nosnippet>141</a> <span class="kw">use </span>mpz_memory_core::{FromRaw, Slice, Vector, binary::U8};
<a href=#142 id=142 data-nosnippet>142</a> <span class="kw">use </span>rangeset::RangeSet;
<a href=#143 id=143 data-nosnippet>143</a> <span class="kw">use </span>std::ops::Range;
<a href=#144 id=144 data-nosnippet>144</a> <span class="kw">use </span>tlsn_core::transcript::{Direction, Idx};
<a href=#145 id=145 data-nosnippet>145</a>
<a href=#146 id=146 data-nosnippet>146</a> <span class="comment">// TRANSCRIPT_REFS:
<a href=#147 id=147 data-nosnippet>147</a> //
<a href=#148 id=148 data-nosnippet>148</a> // 48..96 -&gt; 6 slots
<a href=#149 id=149 data-nosnippet>149</a> // 112..176 -&gt; 8 slots
<a href=#150 id=150 data-nosnippet>150</a> // 240..288 -&gt; 6 slots
<a href=#151 id=151 data-nosnippet>151</a> // 352..392 -&gt; 5 slots
<a href=#152 id=152 data-nosnippet>152</a> // 440..480 -&gt; 5 slots
<a href=#153 id=153 data-nosnippet>153</a> </span><span class="kw">const </span>TRANSCRIPT_REFS: <span class="kw-2">&amp;</span>[Range&lt;usize&gt;] = <span class="kw-2">&amp;</span>[<span class="number">48</span>..<span class="number">96</span>, <span class="number">112</span>..<span class="number">176</span>, <span class="number">240</span>..<span class="number">288</span>, <span class="number">352</span>..<span class="number">392</span>, <span class="number">440</span>..<span class="number">480</span>];
<a href=#154 id=154 data-nosnippet>154</a>
<a href=#155 id=155 data-nosnippet>155</a> <span class="kw">const </span>IDXS: <span class="kw-2">&amp;</span>[Range&lt;usize&gt;] = <span class="kw-2">&amp;</span>[<span class="number">0</span>..<span class="number">4</span>, <span class="number">5</span>..<span class="number">10</span>, <span class="number">14</span>..<span class="number">16</span>, <span class="number">16</span>..<span class="number">28</span>];
<a href=#156 id=156 data-nosnippet>156</a>
<a href=#157 id=157 data-nosnippet>157</a> <span class="comment">// 1. Take slots 0..4, 4 slots -&gt; 48..80 (4)
<a href=#158 id=158 data-nosnippet>158</a> // 2. Take slots 5..10, 5 slots -&gt; 88..96 (1) + 112..144 (4)
<a href=#159 id=159 data-nosnippet>159</a> // 3. Take slots 14..16, 2 slots -&gt; 240..256 (2)
<a href=#160 id=160 data-nosnippet>160</a> // 4. Take slots 16..28, 12 slots -&gt; 256..288 (4) + 352..392 (5) + 440..464 (3)
<a href=#161 id=161 data-nosnippet>161</a> //
<a href=#162 id=162 data-nosnippet>162</a> // 5. Merge slots 240..256 and 256..288 =&gt; 240..288 and get EXPECTED_REFS
<a href=#163 id=163 data-nosnippet>163</a> </span><span class="kw">const </span>EXPECTED_REFS: <span class="kw-2">&amp;</span>[Range&lt;usize&gt;] =
<a href=#164 id=164 data-nosnippet>164</a> <span class="kw-2">&amp;</span>[<span class="number">48</span>..<span class="number">80</span>, <span class="number">88</span>..<span class="number">96</span>, <span class="number">112</span>..<span class="number">144</span>, <span class="number">240</span>..<span class="number">288</span>, <span class="number">352</span>..<span class="number">392</span>, <span class="number">440</span>..<span class="number">464</span>];
<a href=#165 id=165 data-nosnippet>165</a>
<a href=#166 id=166 data-nosnippet>166</a> <span class="attr">#[test]
<a href=#167 id=167 data-nosnippet>167</a> </span><span class="kw">fn </span>test_transcript_refs_get() {
<a href=#168 id=168 data-nosnippet>168</a> <span class="kw">let </span>transcript_refs: Vec&lt;Vector&lt;U8&gt;&gt; = TRANSCRIPT_REFS
<a href=#169 id=169 data-nosnippet>169</a> .iter()
<a href=#170 id=170 data-nosnippet>170</a> .cloned()
<a href=#171 id=171 data-nosnippet>171</a> .map(|range| Vector::from_raw(Slice::from_range_unchecked(range)))
<a href=#172 id=172 data-nosnippet>172</a> .collect();
<a href=#173 id=173 data-nosnippet>173</a>
<a href=#174 id=174 data-nosnippet>174</a> <span class="kw">let </span>transcript_refs = TranscriptRefs {
<a href=#175 id=175 data-nosnippet>175</a> sent: transcript_refs.clone(),
<a href=#176 id=176 data-nosnippet>176</a> recv: transcript_refs,
<a href=#177 id=177 data-nosnippet>177</a> };
<a href=#178 id=178 data-nosnippet>178</a>
<a href=#179 id=179 data-nosnippet>179</a> <span class="kw">let </span>vm_refs = transcript_refs
<a href=#180 id=180 data-nosnippet>180</a> .get(Direction::Sent, <span class="kw-2">&amp;</span>idx_fixture())
<a href=#181 id=181 data-nosnippet>181</a> .unwrap();
<a href=#182 id=182 data-nosnippet>182</a>
<a href=#183 id=183 data-nosnippet>183</a> <span class="kw">let </span>expected_refs: Vec&lt;Vector&lt;U8&gt;&gt; = EXPECTED_REFS
<a href=#184 id=184 data-nosnippet>184</a> .iter()
<a href=#185 id=185 data-nosnippet>185</a> .cloned()
<a href=#186 id=186 data-nosnippet>186</a> .map(|range| Vector::from_raw(Slice::from_range_unchecked(range)))
<a href=#187 id=187 data-nosnippet>187</a> .collect();
<a href=#188 id=188 data-nosnippet>188</a>
<a href=#189 id=189 data-nosnippet>189</a> <span class="macro">assert_eq!</span>(
<a href=#190 id=190 data-nosnippet>190</a> vm_refs.len(),
<a href=#191 id=191 data-nosnippet>191</a> expected_refs.len(),
<a href=#192 id=192 data-nosnippet>192</a> <span class="string">"Length of actual and expected refs are not equal"
<a href=#193 id=193 data-nosnippet>193</a> </span>);
<a href=#194 id=194 data-nosnippet>194</a>
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">for </span>(<span class="kw-2">&amp;</span>expected, actual) <span class="kw">in </span>expected_refs.iter().zip(vm_refs) {
<a href=#196 id=196 data-nosnippet>196</a> <span class="macro">assert_eq!</span>(expected, actual);
<a href=#197 id=197 data-nosnippet>197</a> }
<a href=#198 id=198 data-nosnippet>198</a> }
<a href=#199 id=199 data-nosnippet>199</a>
<a href=#200 id=200 data-nosnippet>200</a> <span class="kw">fn </span>idx_fixture() -&gt; Idx {
<a href=#201 id=201 data-nosnippet>201</a> <span class="kw">let </span>set = RangeSet::from(IDXS);
<a href=#202 id=202 data-nosnippet>202</a> Idx::builder().union(<span class="kw-2">&amp;</span>set).build()
<a href=#203 id=203 data-nosnippet>203</a> }
<a href=#204 id=204 data-nosnippet>204</a>}</code></pre></div></section></main></body></html>

364
src/tlsn/config.rs.html Normal file
View File

@@ -0,0 +1,364 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLSNotary protocol config and config utilities.
<a href=#2 id=2 data-nosnippet>2</a></span><span class="kw">use </span>core::fmt;
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>once_cell::sync::Lazy;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">use </span>semver::Version;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>serde::{Deserialize, Serialize};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>std::error::Error;
<a href=#7 id=7 data-nosnippet>7</a>
<a href=#8 id=8 data-nosnippet>8</a><span class="comment">// Default is 32 bytes to decrypt the TLS protocol messages.
<a href=#9 id=9 data-nosnippet>9</a></span><span class="kw">const </span>DEFAULT_MAX_RECV_ONLINE: usize = <span class="number">32</span>;
<a href=#10 id=10 data-nosnippet>10</a><span class="comment">// Default maximum number of TLS records to allow.
<a href=#11 id=11 data-nosnippet>11</a>//
<a href=#12 id=12 data-nosnippet>12</a>// This would allow for up to 50Mb upload from prover to verifier.
<a href=#13 id=13 data-nosnippet>13</a></span><span class="kw">const </span>DEFAULT_RECORDS_LIMIT: usize = <span class="number">256</span>;
<a href=#14 id=14 data-nosnippet>14</a>
<a href=#15 id=15 data-nosnippet>15</a><span class="comment">// Current version that is running.
<a href=#16 id=16 data-nosnippet>16</a></span><span class="kw">static </span>VERSION: Lazy&lt;Version&gt; = Lazy::new(|| {
<a href=#17 id=17 data-nosnippet>17</a> Version::parse(<span class="macro">env!</span>(<span class="string">"CARGO_PKG_VERSION"</span>))
<a href=#18 id=18 data-nosnippet>18</a> .map_err(|err| ProtocolConfigError::new(ErrorKind::Version, err))
<a href=#19 id=19 data-nosnippet>19</a> .unwrap()
<a href=#20 id=20 data-nosnippet>20</a>});
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="doccomment">/// Protocol configuration to be set up initially by prover and verifier.
<a href=#23 id=23 data-nosnippet>23</a></span><span class="attr">#[derive(derive_builder::Builder, Clone, Debug, Deserialize, Serialize)]
<a href=#24 id=24 data-nosnippet>24</a>#[builder(build_fn(validate = <span class="string">"Self::validate"</span>))]
<a href=#25 id=25 data-nosnippet>25</a></span><span class="kw">pub struct </span>ProtocolConfig {
<a href=#26 id=26 data-nosnippet>26</a> <span class="doccomment">/// Maximum number of bytes that can be sent.
<a href=#27 id=27 data-nosnippet>27</a> </span>max_sent_data: usize,
<a href=#28 id=28 data-nosnippet>28</a> <span class="doccomment">/// Maximum number of application data records that can be sent.
<a href=#29 id=29 data-nosnippet>29</a> </span><span class="attr">#[builder(setter(strip_option), default)]
<a href=#30 id=30 data-nosnippet>30</a> </span>max_sent_records: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#31 id=31 data-nosnippet>31</a> <span class="doccomment">/// Maximum number of bytes that can be decrypted online, i.e. while the
<a href=#32 id=32 data-nosnippet>32</a> /// MPC-TLS connection is active.
<a href=#33 id=33 data-nosnippet>33</a> </span><span class="attr">#[builder(default = <span class="string">"DEFAULT_MAX_RECV_ONLINE"</span>)]
<a href=#34 id=34 data-nosnippet>34</a> </span>max_recv_data_online: usize,
<a href=#35 id=35 data-nosnippet>35</a> <span class="doccomment">/// Maximum number of bytes that can be received.
<a href=#36 id=36 data-nosnippet>36</a> </span>max_recv_data: usize,
<a href=#37 id=37 data-nosnippet>37</a> <span class="doccomment">/// Maximum number of received application data records that can be
<a href=#38 id=38 data-nosnippet>38</a> /// decrypted online, i.e. while the MPC-TLS connection is active.
<a href=#39 id=39 data-nosnippet>39</a> </span><span class="attr">#[builder(setter(strip_option), default)]
<a href=#40 id=40 data-nosnippet>40</a> </span>max_recv_records_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#41 id=41 data-nosnippet>41</a> <span class="doccomment">/// Whether the `deferred decryption` feature is toggled on from the start
<a href=#42 id=42 data-nosnippet>42</a> /// of the MPC-TLS connection.
<a href=#43 id=43 data-nosnippet>43</a> </span><span class="attr">#[builder(default = <span class="string">"true"</span>)]
<a href=#44 id=44 data-nosnippet>44</a> </span>defer_decryption_from_start: bool,
<a href=#45 id=45 data-nosnippet>45</a> <span class="doccomment">/// Network settings.
<a href=#46 id=46 data-nosnippet>46</a> </span><span class="attr">#[builder(default)]
<a href=#47 id=47 data-nosnippet>47</a> </span>network: NetworkSetting,
<a href=#48 id=48 data-nosnippet>48</a> <span class="doccomment">/// Version that is being run by prover/verifier.
<a href=#49 id=49 data-nosnippet>49</a> </span><span class="attr">#[builder(setter(skip), default = <span class="string">"VERSION.clone()"</span>)]
<a href=#50 id=50 data-nosnippet>50</a> </span>version: Version,
<a href=#51 id=51 data-nosnippet>51</a>}
<a href=#52 id=52 data-nosnippet>52</a>
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">impl </span>ProtocolConfigBuilder {
<a href=#54 id=54 data-nosnippet>54</a> <span class="kw">fn </span>validate(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), String&gt; {
<a href=#55 id=55 data-nosnippet>55</a> <span class="kw">if </span><span class="self">self</span>.max_recv_data_online &gt; <span class="self">self</span>.max_recv_data {
<a href=#56 id=56 data-nosnippet>56</a> <span class="kw">return </span><span class="prelude-val">Err</span>(
<a href=#57 id=57 data-nosnippet>57</a> <span class="string">"max_recv_data_online must be smaller or equal to max_recv_data"</span>.to_string(),
<a href=#58 id=58 data-nosnippet>58</a> );
<a href=#59 id=59 data-nosnippet>59</a> }
<a href=#60 id=60 data-nosnippet>60</a> <span class="prelude-val">Ok</span>(())
<a href=#61 id=61 data-nosnippet>61</a> }
<a href=#62 id=62 data-nosnippet>62</a>}
<a href=#63 id=63 data-nosnippet>63</a>
<a href=#64 id=64 data-nosnippet>64</a><span class="kw">impl </span>ProtocolConfig {
<a href=#65 id=65 data-nosnippet>65</a> <span class="doccomment">/// Creates a new builder for `ProtocolConfig`.
<a href=#66 id=66 data-nosnippet>66</a> </span><span class="kw">pub fn </span>builder() -&gt; ProtocolConfigBuilder {
<a href=#67 id=67 data-nosnippet>67</a> ProtocolConfigBuilder::default()
<a href=#68 id=68 data-nosnippet>68</a> }
<a href=#69 id=69 data-nosnippet>69</a>
<a href=#70 id=70 data-nosnippet>70</a> <span class="doccomment">/// Returns the maximum number of bytes that can be sent.
<a href=#71 id=71 data-nosnippet>71</a> </span><span class="kw">pub fn </span>max_sent_data(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#72 id=72 data-nosnippet>72</a> <span class="self">self</span>.max_sent_data
<a href=#73 id=73 data-nosnippet>73</a> }
<a href=#74 id=74 data-nosnippet>74</a>
<a href=#75 id=75 data-nosnippet>75</a> <span class="doccomment">/// Returns the maximum number of application data records that can
<a href=#76 id=76 data-nosnippet>76</a> /// be sent.
<a href=#77 id=77 data-nosnippet>77</a> </span><span class="kw">pub fn </span>max_sent_records(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Option</span>&lt;usize&gt; {
<a href=#78 id=78 data-nosnippet>78</a> <span class="self">self</span>.max_sent_records
<a href=#79 id=79 data-nosnippet>79</a> }
<a href=#80 id=80 data-nosnippet>80</a>
<a href=#81 id=81 data-nosnippet>81</a> <span class="doccomment">/// Returns the maximum number of bytes that can be decrypted online.
<a href=#82 id=82 data-nosnippet>82</a> </span><span class="kw">pub fn </span>max_recv_data_online(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#83 id=83 data-nosnippet>83</a> <span class="self">self</span>.max_recv_data_online
<a href=#84 id=84 data-nosnippet>84</a> }
<a href=#85 id=85 data-nosnippet>85</a>
<a href=#86 id=86 data-nosnippet>86</a> <span class="doccomment">/// Returns the maximum number of bytes that can be received.
<a href=#87 id=87 data-nosnippet>87</a> </span><span class="kw">pub fn </span>max_recv_data(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#88 id=88 data-nosnippet>88</a> <span class="self">self</span>.max_recv_data
<a href=#89 id=89 data-nosnippet>89</a> }
<a href=#90 id=90 data-nosnippet>90</a>
<a href=#91 id=91 data-nosnippet>91</a> <span class="doccomment">/// Returns the maximum number of received application data records that
<a href=#92 id=92 data-nosnippet>92</a> /// can be decrypted online.
<a href=#93 id=93 data-nosnippet>93</a> </span><span class="kw">pub fn </span>max_recv_records_online(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Option</span>&lt;usize&gt; {
<a href=#94 id=94 data-nosnippet>94</a> <span class="self">self</span>.max_recv_records_online
<a href=#95 id=95 data-nosnippet>95</a> }
<a href=#96 id=96 data-nosnippet>96</a>
<a href=#97 id=97 data-nosnippet>97</a> <span class="doccomment">/// Returns whether the `deferred decryption` feature is toggled on from the
<a href=#98 id=98 data-nosnippet>98</a> /// start of the MPC-TLS connection.
<a href=#99 id=99 data-nosnippet>99</a> </span><span class="kw">pub fn </span>defer_decryption_from_start(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; bool {
<a href=#100 id=100 data-nosnippet>100</a> <span class="self">self</span>.defer_decryption_from_start
<a href=#101 id=101 data-nosnippet>101</a> }
<a href=#102 id=102 data-nosnippet>102</a>
<a href=#103 id=103 data-nosnippet>103</a> <span class="doccomment">/// Returns the network settings.
<a href=#104 id=104 data-nosnippet>104</a> </span><span class="kw">pub fn </span>network(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; NetworkSetting {
<a href=#105 id=105 data-nosnippet>105</a> <span class="self">self</span>.network
<a href=#106 id=106 data-nosnippet>106</a> }
<a href=#107 id=107 data-nosnippet>107</a>}
<a href=#108 id=108 data-nosnippet>108</a>
<a href=#109 id=109 data-nosnippet>109</a><span class="doccomment">/// Protocol configuration validator used by checker (i.e. verifier) to perform
<a href=#110 id=110 data-nosnippet>110</a>/// compatibility check with the peer's (i.e. the prover's) configuration.
<a href=#111 id=111 data-nosnippet>111</a></span><span class="attr">#[derive(derive_builder::Builder, Clone, Debug)]
<a href=#112 id=112 data-nosnippet>112</a></span><span class="kw">pub struct </span>ProtocolConfigValidator {
<a href=#113 id=113 data-nosnippet>113</a> <span class="doccomment">/// Maximum number of bytes that can be sent.
<a href=#114 id=114 data-nosnippet>114</a> </span>max_sent_data: usize,
<a href=#115 id=115 data-nosnippet>115</a> <span class="doccomment">/// Maximum number of application data records that can be sent.
<a href=#116 id=116 data-nosnippet>116</a> </span><span class="attr">#[builder(default = <span class="string">"DEFAULT_RECORDS_LIMIT"</span>)]
<a href=#117 id=117 data-nosnippet>117</a> </span>max_sent_records: usize,
<a href=#118 id=118 data-nosnippet>118</a> <span class="doccomment">/// Maximum number of bytes that can be received.
<a href=#119 id=119 data-nosnippet>119</a> </span>max_recv_data: usize,
<a href=#120 id=120 data-nosnippet>120</a> <span class="doccomment">/// Maximum number of application data records that can be received online.
<a href=#121 id=121 data-nosnippet>121</a> </span><span class="attr">#[builder(default = <span class="string">"DEFAULT_RECORDS_LIMIT"</span>)]
<a href=#122 id=122 data-nosnippet>122</a> </span>max_recv_records_online: usize,
<a href=#123 id=123 data-nosnippet>123</a> <span class="doccomment">/// Version that is being run by checker.
<a href=#124 id=124 data-nosnippet>124</a> </span><span class="attr">#[builder(setter(skip), default = <span class="string">"VERSION.clone()"</span>)]
<a href=#125 id=125 data-nosnippet>125</a> </span>version: Version,
<a href=#126 id=126 data-nosnippet>126</a>}
<a href=#127 id=127 data-nosnippet>127</a>
<a href=#128 id=128 data-nosnippet>128</a><span class="kw">impl </span>ProtocolConfigValidator {
<a href=#129 id=129 data-nosnippet>129</a> <span class="doccomment">/// Creates a new builder for `ProtocolConfigValidator`.
<a href=#130 id=130 data-nosnippet>130</a> </span><span class="kw">pub fn </span>builder() -&gt; ProtocolConfigValidatorBuilder {
<a href=#131 id=131 data-nosnippet>131</a> ProtocolConfigValidatorBuilder::default()
<a href=#132 id=132 data-nosnippet>132</a> }
<a href=#133 id=133 data-nosnippet>133</a>
<a href=#134 id=134 data-nosnippet>134</a> <span class="doccomment">/// Returns the maximum number of bytes that can be sent.
<a href=#135 id=135 data-nosnippet>135</a> </span><span class="kw">pub fn </span>max_sent_data(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#136 id=136 data-nosnippet>136</a> <span class="self">self</span>.max_sent_data
<a href=#137 id=137 data-nosnippet>137</a> }
<a href=#138 id=138 data-nosnippet>138</a>
<a href=#139 id=139 data-nosnippet>139</a> <span class="doccomment">/// Returns the maximum number of application data records that can
<a href=#140 id=140 data-nosnippet>140</a> /// be sent.
<a href=#141 id=141 data-nosnippet>141</a> </span><span class="kw">pub fn </span>max_sent_records(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#142 id=142 data-nosnippet>142</a> <span class="self">self</span>.max_sent_records
<a href=#143 id=143 data-nosnippet>143</a> }
<a href=#144 id=144 data-nosnippet>144</a>
<a href=#145 id=145 data-nosnippet>145</a> <span class="doccomment">/// Returns the maximum number of bytes that can be received.
<a href=#146 id=146 data-nosnippet>146</a> </span><span class="kw">pub fn </span>max_recv_data(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#147 id=147 data-nosnippet>147</a> <span class="self">self</span>.max_recv_data
<a href=#148 id=148 data-nosnippet>148</a> }
<a href=#149 id=149 data-nosnippet>149</a>
<a href=#150 id=150 data-nosnippet>150</a> <span class="doccomment">/// Returns the maximum number of application data records that can
<a href=#151 id=151 data-nosnippet>151</a> /// be received online.
<a href=#152 id=152 data-nosnippet>152</a> </span><span class="kw">pub fn </span>max_recv_records_online(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
<a href=#153 id=153 data-nosnippet>153</a> <span class="self">self</span>.max_recv_records_online
<a href=#154 id=154 data-nosnippet>154</a> }
<a href=#155 id=155 data-nosnippet>155</a>
<a href=#156 id=156 data-nosnippet>156</a> <span class="doccomment">/// Performs compatibility check of the protocol configuration between
<a href=#157 id=157 data-nosnippet>157</a> /// prover and verifier.
<a href=#158 id=158 data-nosnippet>158</a> </span><span class="kw">pub fn </span>validate(<span class="kw-2">&amp;</span><span class="self">self</span>, config: <span class="kw-2">&amp;</span>ProtocolConfig) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProtocolConfigError&gt; {
<a href=#159 id=159 data-nosnippet>159</a> <span class="self">self</span>.check_max_transcript_size(config.max_sent_data, config.max_recv_data)<span class="question-mark">?</span>;
<a href=#160 id=160 data-nosnippet>160</a> <span class="self">self</span>.check_max_records(config.max_sent_records, config.max_recv_records_online)<span class="question-mark">?</span>;
<a href=#161 id=161 data-nosnippet>161</a> <span class="self">self</span>.check_version(<span class="kw-2">&amp;</span>config.version)<span class="question-mark">?</span>;
<a href=#162 id=162 data-nosnippet>162</a> <span class="prelude-val">Ok</span>(())
<a href=#163 id=163 data-nosnippet>163</a> }
<a href=#164 id=164 data-nosnippet>164</a>
<a href=#165 id=165 data-nosnippet>165</a> <span class="comment">// Checks if both the sent and recv data are within limits.
<a href=#166 id=166 data-nosnippet>166</a> </span><span class="kw">fn </span>check_max_transcript_size(
<a href=#167 id=167 data-nosnippet>167</a> <span class="kw-2">&amp;</span><span class="self">self</span>,
<a href=#168 id=168 data-nosnippet>168</a> max_sent_data: usize,
<a href=#169 id=169 data-nosnippet>169</a> max_recv_data: usize,
<a href=#170 id=170 data-nosnippet>170</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProtocolConfigError&gt; {
<a href=#171 id=171 data-nosnippet>171</a> <span class="kw">if </span>max_sent_data &gt; <span class="self">self</span>.max_sent_data {
<a href=#172 id=172 data-nosnippet>172</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProtocolConfigError::max_transcript_size(<span class="macro">format!</span>(
<a href=#173 id=173 data-nosnippet>173</a> <span class="string">"max_sent_data {:?} is greater than the configured limit {:?}"</span>,
<a href=#174 id=174 data-nosnippet>174</a> max_sent_data, <span class="self">self</span>.max_sent_data,
<a href=#175 id=175 data-nosnippet>175</a> )));
<a href=#176 id=176 data-nosnippet>176</a> }
<a href=#177 id=177 data-nosnippet>177</a>
<a href=#178 id=178 data-nosnippet>178</a> <span class="kw">if </span>max_recv_data &gt; <span class="self">self</span>.max_recv_data {
<a href=#179 id=179 data-nosnippet>179</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProtocolConfigError::max_transcript_size(<span class="macro">format!</span>(
<a href=#180 id=180 data-nosnippet>180</a> <span class="string">"max_recv_data {:?} is greater than the configured limit {:?}"</span>,
<a href=#181 id=181 data-nosnippet>181</a> max_recv_data, <span class="self">self</span>.max_recv_data,
<a href=#182 id=182 data-nosnippet>182</a> )));
<a href=#183 id=183 data-nosnippet>183</a> }
<a href=#184 id=184 data-nosnippet>184</a>
<a href=#185 id=185 data-nosnippet>185</a> <span class="prelude-val">Ok</span>(())
<a href=#186 id=186 data-nosnippet>186</a> }
<a href=#187 id=187 data-nosnippet>187</a>
<a href=#188 id=188 data-nosnippet>188</a> <span class="kw">fn </span>check_max_records(
<a href=#189 id=189 data-nosnippet>189</a> <span class="kw-2">&amp;</span><span class="self">self</span>,
<a href=#190 id=190 data-nosnippet>190</a> max_sent_records: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#191 id=191 data-nosnippet>191</a> max_recv_records_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#192 id=192 data-nosnippet>192</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProtocolConfigError&gt; {
<a href=#193 id=193 data-nosnippet>193</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(max_sent_records) = max_sent_records {
<a href=#194 id=194 data-nosnippet>194</a> <span class="kw">if </span>max_sent_records &gt; <span class="self">self</span>.max_sent_records {
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProtocolConfigError::max_record_count(<span class="macro">format!</span>(
<a href=#196 id=196 data-nosnippet>196</a> <span class="string">"max_sent_records {} is greater than the configured limit {}"</span>,
<a href=#197 id=197 data-nosnippet>197</a> max_sent_records, <span class="self">self</span>.max_sent_records,
<a href=#198 id=198 data-nosnippet>198</a> )));
<a href=#199 id=199 data-nosnippet>199</a> }
<a href=#200 id=200 data-nosnippet>200</a> }
<a href=#201 id=201 data-nosnippet>201</a>
<a href=#202 id=202 data-nosnippet>202</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(max_recv_records_online) = max_recv_records_online {
<a href=#203 id=203 data-nosnippet>203</a> <span class="kw">if </span>max_recv_records_online &gt; <span class="self">self</span>.max_recv_records_online {
<a href=#204 id=204 data-nosnippet>204</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProtocolConfigError::max_record_count(<span class="macro">format!</span>(
<a href=#205 id=205 data-nosnippet>205</a> <span class="string">"max_recv_records_online {} is greater than the configured limit {}"</span>,
<a href=#206 id=206 data-nosnippet>206</a> max_recv_records_online, <span class="self">self</span>.max_recv_records_online,
<a href=#207 id=207 data-nosnippet>207</a> )));
<a href=#208 id=208 data-nosnippet>208</a> }
<a href=#209 id=209 data-nosnippet>209</a> }
<a href=#210 id=210 data-nosnippet>210</a>
<a href=#211 id=211 data-nosnippet>211</a> <span class="prelude-val">Ok</span>(())
<a href=#212 id=212 data-nosnippet>212</a> }
<a href=#213 id=213 data-nosnippet>213</a>
<a href=#214 id=214 data-nosnippet>214</a> <span class="comment">// Checks if both versions are the same (might support check for different but
<a href=#215 id=215 data-nosnippet>215</a> // compatible versions in the future).
<a href=#216 id=216 data-nosnippet>216</a> </span><span class="kw">fn </span>check_version(<span class="kw-2">&amp;</span><span class="self">self</span>, peer_version: <span class="kw-2">&amp;</span>Version) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProtocolConfigError&gt; {
<a href=#217 id=217 data-nosnippet>217</a> <span class="kw">if </span><span class="kw-2">*</span>peer_version != <span class="self">self</span>.version {
<a href=#218 id=218 data-nosnippet>218</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProtocolConfigError::version(<span class="macro">format!</span>(
<a href=#219 id=219 data-nosnippet>219</a> <span class="string">"prover's version {:?} is different from verifier's version {:?}"</span>,
<a href=#220 id=220 data-nosnippet>220</a> peer_version, <span class="self">self</span>.version
<a href=#221 id=221 data-nosnippet>221</a> )));
<a href=#222 id=222 data-nosnippet>222</a> }
<a href=#223 id=223 data-nosnippet>223</a>
<a href=#224 id=224 data-nosnippet>224</a> <span class="prelude-val">Ok</span>(())
<a href=#225 id=225 data-nosnippet>225</a> }
<a href=#226 id=226 data-nosnippet>226</a>}
<a href=#227 id=227 data-nosnippet>227</a>
<a href=#228 id=228 data-nosnippet>228</a><span class="doccomment">/// Settings for the network environment.
<a href=#229 id=229 data-nosnippet>229</a>///
<a href=#230 id=230 data-nosnippet>230</a>/// Provides optimization options to adapt the protocol to different network
<a href=#231 id=231 data-nosnippet>231</a>/// situations.
<a href=#232 id=232 data-nosnippet>232</a></span><span class="attr">#[derive(Debug, Clone, Copy, Serialize, Deserialize)]
<a href=#233 id=233 data-nosnippet>233</a></span><span class="kw">pub enum </span>NetworkSetting {
<a href=#234 id=234 data-nosnippet>234</a> <span class="doccomment">/// Prefers a bandwidth-heavy protocol.
<a href=#235 id=235 data-nosnippet>235</a> </span>Bandwidth,
<a href=#236 id=236 data-nosnippet>236</a> <span class="doccomment">/// Prefers a latency-heavy protocol.
<a href=#237 id=237 data-nosnippet>237</a> </span>Latency,
<a href=#238 id=238 data-nosnippet>238</a>}
<a href=#239 id=239 data-nosnippet>239</a>
<a href=#240 id=240 data-nosnippet>240</a><span class="kw">impl </span>Default <span class="kw">for </span>NetworkSetting {
<a href=#241 id=241 data-nosnippet>241</a> <span class="kw">fn </span>default() -&gt; <span class="self">Self </span>{
<a href=#242 id=242 data-nosnippet>242</a> <span class="self">Self</span>::Bandwidth
<a href=#243 id=243 data-nosnippet>243</a> }
<a href=#244 id=244 data-nosnippet>244</a>}
<a href=#245 id=245 data-nosnippet>245</a>
<a href=#246 id=246 data-nosnippet>246</a><span class="doccomment">/// A ProtocolConfig error.
<a href=#247 id=247 data-nosnippet>247</a></span><span class="attr">#[derive(thiserror::Error, Debug)]
<a href=#248 id=248 data-nosnippet>248</a></span><span class="kw">pub struct </span>ProtocolConfigError {
<a href=#249 id=249 data-nosnippet>249</a> kind: ErrorKind,
<a href=#250 id=250 data-nosnippet>250</a> <span class="attr">#[source]
<a href=#251 id=251 data-nosnippet>251</a> </span>source: <span class="prelude-ty">Option</span>&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync&gt;&gt;,
<a href=#252 id=252 data-nosnippet>252</a>}
<a href=#253 id=253 data-nosnippet>253</a>
<a href=#254 id=254 data-nosnippet>254</a><span class="kw">impl </span>ProtocolConfigError {
<a href=#255 id=255 data-nosnippet>255</a> <span class="kw">fn </span>new&lt;E&gt;(kind: ErrorKind, source: E) -&gt; <span class="self">Self
<a href=#256 id=256 data-nosnippet>256</a> </span><span class="kw">where
<a href=#257 id=257 data-nosnippet>257</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync&gt;&gt;,
<a href=#258 id=258 data-nosnippet>258</a> {
<a href=#259 id=259 data-nosnippet>259</a> <span class="self">Self </span>{
<a href=#260 id=260 data-nosnippet>260</a> kind,
<a href=#261 id=261 data-nosnippet>261</a> source: <span class="prelude-val">Some</span>(source.into()),
<a href=#262 id=262 data-nosnippet>262</a> }
<a href=#263 id=263 data-nosnippet>263</a> }
<a href=#264 id=264 data-nosnippet>264</a>
<a href=#265 id=265 data-nosnippet>265</a> <span class="kw">fn </span>max_transcript_size(msg: <span class="kw">impl </span>Into&lt;String&gt;) -&gt; <span class="self">Self </span>{
<a href=#266 id=266 data-nosnippet>266</a> <span class="self">Self </span>{
<a href=#267 id=267 data-nosnippet>267</a> kind: ErrorKind::MaxTranscriptSize,
<a href=#268 id=268 data-nosnippet>268</a> source: <span class="prelude-val">Some</span>(msg.into().into()),
<a href=#269 id=269 data-nosnippet>269</a> }
<a href=#270 id=270 data-nosnippet>270</a> }
<a href=#271 id=271 data-nosnippet>271</a>
<a href=#272 id=272 data-nosnippet>272</a> <span class="kw">fn </span>max_record_count(msg: <span class="kw">impl </span>Into&lt;String&gt;) -&gt; <span class="self">Self </span>{
<a href=#273 id=273 data-nosnippet>273</a> <span class="self">Self </span>{
<a href=#274 id=274 data-nosnippet>274</a> kind: ErrorKind::MaxRecordCount,
<a href=#275 id=275 data-nosnippet>275</a> source: <span class="prelude-val">Some</span>(msg.into().into()),
<a href=#276 id=276 data-nosnippet>276</a> }
<a href=#277 id=277 data-nosnippet>277</a> }
<a href=#278 id=278 data-nosnippet>278</a>
<a href=#279 id=279 data-nosnippet>279</a> <span class="kw">fn </span>version(msg: <span class="kw">impl </span>Into&lt;String&gt;) -&gt; <span class="self">Self </span>{
<a href=#280 id=280 data-nosnippet>280</a> <span class="self">Self </span>{
<a href=#281 id=281 data-nosnippet>281</a> kind: ErrorKind::Version,
<a href=#282 id=282 data-nosnippet>282</a> source: <span class="prelude-val">Some</span>(msg.into().into()),
<a href=#283 id=283 data-nosnippet>283</a> }
<a href=#284 id=284 data-nosnippet>284</a> }
<a href=#285 id=285 data-nosnippet>285</a>}
<a href=#286 id=286 data-nosnippet>286</a>
<a href=#287 id=287 data-nosnippet>287</a><span class="kw">impl </span>fmt::Display <span class="kw">for </span>ProtocolConfigError {
<a href=#288 id=288 data-nosnippet>288</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; fmt::Result {
<a href=#289 id=289 data-nosnippet>289</a> <span class="kw">match </span><span class="self">self</span>.kind {
<a href=#290 id=290 data-nosnippet>290</a> ErrorKind::MaxTranscriptSize =&gt; <span class="macro">write!</span>(f, <span class="string">"max transcript size exceeded"</span>)<span class="question-mark">?</span>,
<a href=#291 id=291 data-nosnippet>291</a> ErrorKind::MaxRecordCount =&gt; <span class="macro">write!</span>(f, <span class="string">"max record count exceeded"</span>)<span class="question-mark">?</span>,
<a href=#292 id=292 data-nosnippet>292</a> ErrorKind::Version =&gt; <span class="macro">write!</span>(f, <span class="string">"version error"</span>)<span class="question-mark">?</span>,
<a href=#293 id=293 data-nosnippet>293</a> }
<a href=#294 id=294 data-nosnippet>294</a>
<a href=#295 id=295 data-nosnippet>295</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(<span class="kw-2">ref </span>source) = <span class="self">self</span>.source {
<a href=#296 id=296 data-nosnippet>296</a> <span class="macro">write!</span>(f, <span class="string">" caused by: {source}"</span>)<span class="question-mark">?</span>;
<a href=#297 id=297 data-nosnippet>297</a> }
<a href=#298 id=298 data-nosnippet>298</a>
<a href=#299 id=299 data-nosnippet>299</a> <span class="prelude-val">Ok</span>(())
<a href=#300 id=300 data-nosnippet>300</a> }
<a href=#301 id=301 data-nosnippet>301</a>}
<a href=#302 id=302 data-nosnippet>302</a>
<a href=#303 id=303 data-nosnippet>303</a><span class="attr">#[derive(Debug)]
<a href=#304 id=304 data-nosnippet>304</a></span><span class="kw">enum </span>ErrorKind {
<a href=#305 id=305 data-nosnippet>305</a> MaxTranscriptSize,
<a href=#306 id=306 data-nosnippet>306</a> MaxRecordCount,
<a href=#307 id=307 data-nosnippet>307</a> Version,
<a href=#308 id=308 data-nosnippet>308</a>}
<a href=#309 id=309 data-nosnippet>309</a>
<a href=#310 id=310 data-nosnippet>310</a><span class="attr">#[cfg(test)]
<a href=#311 id=311 data-nosnippet>311</a></span><span class="kw">mod </span>test {
<a href=#312 id=312 data-nosnippet>312</a> <span class="kw">use super</span>::<span class="kw-2">*</span>;
<a href=#313 id=313 data-nosnippet>313</a> <span class="kw">use </span>rstest::{fixture, rstest};
<a href=#314 id=314 data-nosnippet>314</a>
<a href=#315 id=315 data-nosnippet>315</a> <span class="kw">const </span>TEST_MAX_SENT_LIMIT: usize = <span class="number">1 </span>&lt;&lt; <span class="number">12</span>;
<a href=#316 id=316 data-nosnippet>316</a> <span class="kw">const </span>TEST_MAX_RECV_LIMIT: usize = <span class="number">1 </span>&lt;&lt; <span class="number">14</span>;
<a href=#317 id=317 data-nosnippet>317</a>
<a href=#318 id=318 data-nosnippet>318</a> <span class="attr">#[fixture]
<a href=#319 id=319 data-nosnippet>319</a> #[once]
<a href=#320 id=320 data-nosnippet>320</a> </span><span class="kw">fn </span>config_validator() -&gt; ProtocolConfigValidator {
<a href=#321 id=321 data-nosnippet>321</a> ProtocolConfigValidator::builder()
<a href=#322 id=322 data-nosnippet>322</a> .max_sent_data(TEST_MAX_SENT_LIMIT)
<a href=#323 id=323 data-nosnippet>323</a> .max_recv_data(TEST_MAX_RECV_LIMIT)
<a href=#324 id=324 data-nosnippet>324</a> .build()
<a href=#325 id=325 data-nosnippet>325</a> .unwrap()
<a href=#326 id=326 data-nosnippet>326</a> }
<a href=#327 id=327 data-nosnippet>327</a>
<a href=#328 id=328 data-nosnippet>328</a> <span class="attr">#[rstest]
<a href=#329 id=329 data-nosnippet>329</a> #[case::same_max_sent_recv_data(TEST_MAX_SENT_LIMIT, TEST_MAX_RECV_LIMIT)]
<a href=#330 id=330 data-nosnippet>330</a> #[case::smaller_max_sent_data(<span class="number">1 </span>&lt;&lt; <span class="number">11</span>, TEST_MAX_RECV_LIMIT)]
<a href=#331 id=331 data-nosnippet>331</a> #[case::smaller_max_recv_data(TEST_MAX_SENT_LIMIT, <span class="number">1 </span>&lt;&lt; <span class="number">13</span>)]
<a href=#332 id=332 data-nosnippet>332</a> #[case::smaller_max_sent_recv_data(<span class="number">1 </span>&lt;&lt; <span class="number">7</span>, <span class="number">1 </span>&lt;&lt; <span class="number">9</span>)]
<a href=#333 id=333 data-nosnippet>333</a> </span><span class="kw">fn </span>test_check_success(
<a href=#334 id=334 data-nosnippet>334</a> config_validator: <span class="kw-2">&amp;</span>ProtocolConfigValidator,
<a href=#335 id=335 data-nosnippet>335</a> <span class="attr">#[case] </span>max_sent_data: usize,
<a href=#336 id=336 data-nosnippet>336</a> <span class="attr">#[case] </span>max_recv_data: usize,
<a href=#337 id=337 data-nosnippet>337</a> ) {
<a href=#338 id=338 data-nosnippet>338</a> <span class="kw">let </span>peer_config = ProtocolConfig::builder()
<a href=#339 id=339 data-nosnippet>339</a> .max_sent_data(max_sent_data)
<a href=#340 id=340 data-nosnippet>340</a> .max_recv_data(max_recv_data)
<a href=#341 id=341 data-nosnippet>341</a> .build()
<a href=#342 id=342 data-nosnippet>342</a> .unwrap();
<a href=#343 id=343 data-nosnippet>343</a>
<a href=#344 id=344 data-nosnippet>344</a> <span class="macro">assert!</span>(config_validator.validate(<span class="kw-2">&amp;</span>peer_config).is_ok())
<a href=#345 id=345 data-nosnippet>345</a> }
<a href=#346 id=346 data-nosnippet>346</a>
<a href=#347 id=347 data-nosnippet>347</a> <span class="attr">#[rstest]
<a href=#348 id=348 data-nosnippet>348</a> #[case::bigger_max_sent_data(<span class="number">1 </span>&lt;&lt; <span class="number">13</span>, TEST_MAX_RECV_LIMIT)]
<a href=#349 id=349 data-nosnippet>349</a> #[case::bigger_max_recv_data(<span class="number">1 </span>&lt;&lt; <span class="number">10</span>, <span class="number">1 </span>&lt;&lt; <span class="number">16</span>)]
<a href=#350 id=350 data-nosnippet>350</a> #[case::bigger_max_sent_recv_data(<span class="number">1 </span>&lt;&lt; <span class="number">14</span>, <span class="number">1 </span>&lt;&lt; <span class="number">21</span>)]
<a href=#351 id=351 data-nosnippet>351</a> </span><span class="kw">fn </span>test_check_fail(
<a href=#352 id=352 data-nosnippet>352</a> config_validator: <span class="kw-2">&amp;</span>ProtocolConfigValidator,
<a href=#353 id=353 data-nosnippet>353</a> <span class="attr">#[case] </span>max_sent_data: usize,
<a href=#354 id=354 data-nosnippet>354</a> <span class="attr">#[case] </span>max_recv_data: usize,
<a href=#355 id=355 data-nosnippet>355</a> ) {
<a href=#356 id=356 data-nosnippet>356</a> <span class="kw">let </span>peer_config = ProtocolConfig::builder()
<a href=#357 id=357 data-nosnippet>357</a> .max_sent_data(max_sent_data)
<a href=#358 id=358 data-nosnippet>358</a> .max_recv_data(max_recv_data)
<a href=#359 id=359 data-nosnippet>359</a> .build()
<a href=#360 id=360 data-nosnippet>360</a> .unwrap();
<a href=#361 id=361 data-nosnippet>361</a>
<a href=#362 id=362 data-nosnippet>362</a> <span class="macro">assert!</span>(config_validator.validate(<span class="kw-2">&amp;</span>peer_config).is_err())
<a href=#363 id=363 data-nosnippet>363</a> }
<a href=#364 id=364 data-nosnippet>364</a>}</code></pre></div></section></main></body></html>

21
src/tlsn/context.rs.html Normal file
View File

@@ -0,0 +1,21 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/context.rs`."><title>context.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>context.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Execution context.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>mpz_common::context::Multithread;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span><span class="kw">crate</span>::mux::MuxControl;
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a><span class="doccomment">/// Maximum concurrency for multi-threaded context.
<a href=#8 id=8 data-nosnippet>8</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">const </span>MAX_CONCURRENCY: usize = <span class="number">8</span>;
<a href=#9 id=9 data-nosnippet>9</a>
<a href=#10 id=10 data-nosnippet>10</a><span class="doccomment">/// Builds a multi-threaded context with the given muxer.
<a href=#11 id=11 data-nosnippet>11</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>build_mt_context(mux: MuxControl) -&gt; Multithread {
<a href=#12 id=12 data-nosnippet>12</a> <span class="kw">let </span>builder = Multithread::builder().mux(mux).concurrency(MAX_CONCURRENCY);
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a> <span class="attr">#[cfg(target_arch = <span class="string">"wasm32"</span>)]
<a href=#15 id=15 data-nosnippet>15</a> </span><span class="kw">let </span>builder = builder.spawn_handler(|f| {
<a href=#16 id=16 data-nosnippet>16</a> <span class="kw">let _ </span>= web_spawn::spawn(f);
<a href=#17 id=17 data-nosnippet>17</a> <span class="prelude-val">Ok</span>(())
<a href=#18 id=18 data-nosnippet>18</a> });
<a href=#19 id=19 data-nosnippet>19</a>
<a href=#20 id=20 data-nosnippet>20</a> builder.build().unwrap()
<a href=#21 id=21 data-nosnippet>21</a>}</code></pre></div></section></main></body></html>

238
src/tlsn/encoding.rs.html Normal file
View File

@@ -0,0 +1,238 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/encoding.rs`."><title>encoding.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>encoding.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Encoding commitment protocol.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::ops::Range;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpz_common::Context;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpz_memory_core::{
<a href=#7 id=7 data-nosnippet>7</a> Vector,
<a href=#8 id=8 data-nosnippet>8</a> binary::U8,
<a href=#9 id=9 data-nosnippet>9</a> correlated::{Delta, Key, Mac},
<a href=#10 id=10 data-nosnippet>10</a>};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>rand::Rng;
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>serde::{Deserialize, Serialize};
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>serio::{SinkExt, stream::IoStreamExt};
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>tlsn_core::{
<a href=#15 id=15 data-nosnippet>15</a> hash::HashAlgorithm,
<a href=#16 id=16 data-nosnippet>16</a> transcript::{
<a href=#17 id=17 data-nosnippet>17</a> Direction, Idx,
<a href=#18 id=18 data-nosnippet>18</a> encoding::{
<a href=#19 id=19 data-nosnippet>19</a> Encoder, EncoderSecret, EncodingCommitment, EncodingProvider, EncodingProviderError,
<a href=#20 id=20 data-nosnippet>20</a> EncodingTree, EncodingTreeError, new_encoder,
<a href=#21 id=21 data-nosnippet>21</a> },
<a href=#22 id=22 data-nosnippet>22</a> },
<a href=#23 id=23 data-nosnippet>23</a>};
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a><span class="kw">use </span><span class="kw">crate</span>::commit::transcript::TranscriptRefs;
<a href=#26 id=26 data-nosnippet>26</a>
<a href=#27 id=27 data-nosnippet>27</a><span class="doccomment">/// Bytes of encoding, per byte.
<a href=#28 id=28 data-nosnippet>28</a></span><span class="kw">const </span>ENCODING_SIZE: usize = <span class="number">128</span>;
<a href=#29 id=29 data-nosnippet>29</a>
<a href=#30 id=30 data-nosnippet>30</a><span class="attr">#[derive(Debug, Serialize, Deserialize)]
<a href=#31 id=31 data-nosnippet>31</a></span><span class="kw">struct </span>Encodings {
<a href=#32 id=32 data-nosnippet>32</a> sent: Vec&lt;u8&gt;,
<a href=#33 id=33 data-nosnippet>33</a> recv: Vec&lt;u8&gt;,
<a href=#34 id=34 data-nosnippet>34</a>}
<a href=#35 id=35 data-nosnippet>35</a>
<a href=#36 id=36 data-nosnippet>36</a><span class="doccomment">/// Transfers the encodings using the provided seed and keys.
<a href=#37 id=37 data-nosnippet>37</a>///
<a href=#38 id=38 data-nosnippet>38</a>/// The keys must be consistent with the global delta used in the encodings.
<a href=#39 id=39 data-nosnippet>39</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">async fn </span>transfer&lt;<span class="lifetime">'a</span>&gt;(
<a href=#40 id=40 data-nosnippet>40</a> ctx: <span class="kw-2">&amp;mut </span>Context,
<a href=#41 id=41 data-nosnippet>41</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#42 id=42 data-nosnippet>42</a> delta: <span class="kw-2">&amp;</span>Delta,
<a href=#43 id=43 data-nosnippet>43</a> f: <span class="kw">impl </span>Fn(Vector&lt;U8&gt;) -&gt; <span class="kw-2">&amp;</span><span class="lifetime">'a </span>[Key],
<a href=#44 id=44 data-nosnippet>44</a>) -&gt; <span class="prelude-ty">Result</span>&lt;EncodingCommitment, EncodingError&gt; {
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">let </span>secret = EncoderSecret::new(rand::rng().random(), delta.as_block().to_bytes());
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">let </span>encoder = new_encoder(<span class="kw-2">&amp;</span>secret);
<a href=#47 id=47 data-nosnippet>47</a>
<a href=#48 id=48 data-nosnippet>48</a> <span class="kw">let </span>sent_keys: Vec&lt;u8&gt; = refs
<a href=#49 id=49 data-nosnippet>49</a> .sent()
<a href=#50 id=50 data-nosnippet>50</a> .iter()
<a href=#51 id=51 data-nosnippet>51</a> .copied()
<a href=#52 id=52 data-nosnippet>52</a> .flat_map(<span class="kw-2">&amp;</span>f)
<a href=#53 id=53 data-nosnippet>53</a> .flat_map(|key| key.as_block().as_bytes())
<a href=#54 id=54 data-nosnippet>54</a> .copied()
<a href=#55 id=55 data-nosnippet>55</a> .collect();
<a href=#56 id=56 data-nosnippet>56</a> <span class="kw">let </span>recv_keys: Vec&lt;u8&gt; = refs
<a href=#57 id=57 data-nosnippet>57</a> .recv()
<a href=#58 id=58 data-nosnippet>58</a> .iter()
<a href=#59 id=59 data-nosnippet>59</a> .copied()
<a href=#60 id=60 data-nosnippet>60</a> .flat_map(<span class="kw-2">&amp;</span>f)
<a href=#61 id=61 data-nosnippet>61</a> .flat_map(|key| key.as_block().as_bytes())
<a href=#62 id=62 data-nosnippet>62</a> .copied()
<a href=#63 id=63 data-nosnippet>63</a> .collect();
<a href=#64 id=64 data-nosnippet>64</a>
<a href=#65 id=65 data-nosnippet>65</a> <span class="macro">assert_eq!</span>(sent_keys.len() % ENCODING_SIZE, <span class="number">0</span>);
<a href=#66 id=66 data-nosnippet>66</a> <span class="macro">assert_eq!</span>(recv_keys.len() % ENCODING_SIZE, <span class="number">0</span>);
<a href=#67 id=67 data-nosnippet>67</a>
<a href=#68 id=68 data-nosnippet>68</a> <span class="kw">let </span><span class="kw-2">mut </span>sent_encoding = Vec::with_capacity(sent_keys.len());
<a href=#69 id=69 data-nosnippet>69</a> <span class="kw">let </span><span class="kw-2">mut </span>recv_encoding = Vec::with_capacity(recv_keys.len());
<a href=#70 id=70 data-nosnippet>70</a>
<a href=#71 id=71 data-nosnippet>71</a> encoder.encode_range(
<a href=#72 id=72 data-nosnippet>72</a> Direction::Sent,
<a href=#73 id=73 data-nosnippet>73</a> <span class="number">0</span>..sent_keys.len() / ENCODING_SIZE,
<a href=#74 id=74 data-nosnippet>74</a> <span class="kw-2">&amp;mut </span>sent_encoding,
<a href=#75 id=75 data-nosnippet>75</a> );
<a href=#76 id=76 data-nosnippet>76</a> encoder.encode_range(
<a href=#77 id=77 data-nosnippet>77</a> Direction::Received,
<a href=#78 id=78 data-nosnippet>78</a> <span class="number">0</span>..recv_keys.len() / ENCODING_SIZE,
<a href=#79 id=79 data-nosnippet>79</a> <span class="kw-2">&amp;mut </span>recv_encoding,
<a href=#80 id=80 data-nosnippet>80</a> );
<a href=#81 id=81 data-nosnippet>81</a>
<a href=#82 id=82 data-nosnippet>82</a> sent_encoding
<a href=#83 id=83 data-nosnippet>83</a> .iter_mut()
<a href=#84 id=84 data-nosnippet>84</a> .zip(sent_keys)
<a href=#85 id=85 data-nosnippet>85</a> .for_each(|(enc, key)| <span class="kw-2">*</span>enc ^= key);
<a href=#86 id=86 data-nosnippet>86</a> recv_encoding
<a href=#87 id=87 data-nosnippet>87</a> .iter_mut()
<a href=#88 id=88 data-nosnippet>88</a> .zip(recv_keys)
<a href=#89 id=89 data-nosnippet>89</a> .for_each(|(enc, key)| <span class="kw-2">*</span>enc ^= key);
<a href=#90 id=90 data-nosnippet>90</a>
<a href=#91 id=91 data-nosnippet>91</a> ctx.io_mut()
<a href=#92 id=92 data-nosnippet>92</a> .send(Encodings {
<a href=#93 id=93 data-nosnippet>93</a> sent: sent_encoding,
<a href=#94 id=94 data-nosnippet>94</a> recv: recv_encoding,
<a href=#95 id=95 data-nosnippet>95</a> })
<a href=#96 id=96 data-nosnippet>96</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#97 id=97 data-nosnippet>97</a>
<a href=#98 id=98 data-nosnippet>98</a> <span class="kw">let </span>root = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#99 id=99 data-nosnippet>99</a> ctx.io_mut().send(secret.clone()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#100 id=100 data-nosnippet>100</a>
<a href=#101 id=101 data-nosnippet>101</a> <span class="prelude-val">Ok</span>(EncodingCommitment {
<a href=#102 id=102 data-nosnippet>102</a> root,
<a href=#103 id=103 data-nosnippet>103</a> secret: secret.clone(),
<a href=#104 id=104 data-nosnippet>104</a> })
<a href=#105 id=105 data-nosnippet>105</a>}
<a href=#106 id=106 data-nosnippet>106</a>
<a href=#107 id=107 data-nosnippet>107</a><span class="doccomment">/// Receives the encodings using the provided MACs.
<a href=#108 id=108 data-nosnippet>108</a>///
<a href=#109 id=109 data-nosnippet>109</a>/// The MACs must be consistent with the global delta used in the encodings.
<a href=#110 id=110 data-nosnippet>110</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">async fn </span>receive&lt;<span class="lifetime">'a</span>&gt;(
<a href=#111 id=111 data-nosnippet>111</a> ctx: <span class="kw-2">&amp;mut </span>Context,
<a href=#112 id=112 data-nosnippet>112</a> hasher: <span class="kw-2">&amp;</span>(<span class="kw">dyn </span>HashAlgorithm + Send + Sync),
<a href=#113 id=113 data-nosnippet>113</a> refs: <span class="kw-2">&amp;</span>TranscriptRefs,
<a href=#114 id=114 data-nosnippet>114</a> f: <span class="kw">impl </span>Fn(Vector&lt;U8&gt;) -&gt; <span class="kw-2">&amp;</span><span class="lifetime">'a </span>[Mac],
<a href=#115 id=115 data-nosnippet>115</a> idxs: <span class="kw">impl </span>IntoIterator&lt;Item = <span class="kw-2">&amp;</span>(Direction, Idx)&gt;,
<a href=#116 id=116 data-nosnippet>116</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(EncodingCommitment, EncodingTree), EncodingError&gt; {
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">let </span>Encodings { <span class="kw-2">mut </span>sent, <span class="kw-2">mut </span>recv } = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#118 id=118 data-nosnippet>118</a>
<a href=#119 id=119 data-nosnippet>119</a> <span class="kw">let </span>sent_macs: Vec&lt;u8&gt; = refs
<a href=#120 id=120 data-nosnippet>120</a> .sent()
<a href=#121 id=121 data-nosnippet>121</a> .iter()
<a href=#122 id=122 data-nosnippet>122</a> .copied()
<a href=#123 id=123 data-nosnippet>123</a> .flat_map(<span class="kw-2">&amp;</span>f)
<a href=#124 id=124 data-nosnippet>124</a> .flat_map(|mac| mac.as_bytes())
<a href=#125 id=125 data-nosnippet>125</a> .copied()
<a href=#126 id=126 data-nosnippet>126</a> .collect();
<a href=#127 id=127 data-nosnippet>127</a> <span class="kw">let </span>recv_macs: Vec&lt;u8&gt; = refs
<a href=#128 id=128 data-nosnippet>128</a> .recv()
<a href=#129 id=129 data-nosnippet>129</a> .iter()
<a href=#130 id=130 data-nosnippet>130</a> .copied()
<a href=#131 id=131 data-nosnippet>131</a> .flat_map(<span class="kw-2">&amp;</span>f)
<a href=#132 id=132 data-nosnippet>132</a> .flat_map(|mac| mac.as_bytes())
<a href=#133 id=133 data-nosnippet>133</a> .copied()
<a href=#134 id=134 data-nosnippet>134</a> .collect();
<a href=#135 id=135 data-nosnippet>135</a>
<a href=#136 id=136 data-nosnippet>136</a> <span class="macro">assert_eq!</span>(sent_macs.len() % ENCODING_SIZE, <span class="number">0</span>);
<a href=#137 id=137 data-nosnippet>137</a> <span class="macro">assert_eq!</span>(recv_macs.len() % ENCODING_SIZE, <span class="number">0</span>);
<a href=#138 id=138 data-nosnippet>138</a>
<a href=#139 id=139 data-nosnippet>139</a> <span class="kw">if </span>sent.len() != sent_macs.len() {
<a href=#140 id=140 data-nosnippet>140</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::IncorrectMacCount {
<a href=#141 id=141 data-nosnippet>141</a> direction: Direction::Sent,
<a href=#142 id=142 data-nosnippet>142</a> expected: sent_macs.len(),
<a href=#143 id=143 data-nosnippet>143</a> got: sent.len(),
<a href=#144 id=144 data-nosnippet>144</a> }
<a href=#145 id=145 data-nosnippet>145</a> .into());
<a href=#146 id=146 data-nosnippet>146</a> }
<a href=#147 id=147 data-nosnippet>147</a>
<a href=#148 id=148 data-nosnippet>148</a> <span class="kw">if </span>recv.len() != recv_macs.len() {
<a href=#149 id=149 data-nosnippet>149</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::IncorrectMacCount {
<a href=#150 id=150 data-nosnippet>150</a> direction: Direction::Received,
<a href=#151 id=151 data-nosnippet>151</a> expected: recv_macs.len(),
<a href=#152 id=152 data-nosnippet>152</a> got: recv.len(),
<a href=#153 id=153 data-nosnippet>153</a> }
<a href=#154 id=154 data-nosnippet>154</a> .into());
<a href=#155 id=155 data-nosnippet>155</a> }
<a href=#156 id=156 data-nosnippet>156</a>
<a href=#157 id=157 data-nosnippet>157</a> sent.iter_mut()
<a href=#158 id=158 data-nosnippet>158</a> .zip(sent_macs)
<a href=#159 id=159 data-nosnippet>159</a> .for_each(|(enc, mac)| <span class="kw-2">*</span>enc ^= mac);
<a href=#160 id=160 data-nosnippet>160</a> recv.iter_mut()
<a href=#161 id=161 data-nosnippet>161</a> .zip(recv_macs)
<a href=#162 id=162 data-nosnippet>162</a> .for_each(|(enc, mac)| <span class="kw-2">*</span>enc ^= mac);
<a href=#163 id=163 data-nosnippet>163</a>
<a href=#164 id=164 data-nosnippet>164</a> <span class="kw">let </span>provider = Provider { sent, recv };
<a href=#165 id=165 data-nosnippet>165</a>
<a href=#166 id=166 data-nosnippet>166</a> <span class="kw">let </span>tree = EncodingTree::new(hasher, idxs, <span class="kw-2">&amp;</span>provider)<span class="question-mark">?</span>;
<a href=#167 id=167 data-nosnippet>167</a> <span class="kw">let </span>root = tree.root();
<a href=#168 id=168 data-nosnippet>168</a>
<a href=#169 id=169 data-nosnippet>169</a> ctx.io_mut().send(root.clone()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#170 id=170 data-nosnippet>170</a> <span class="kw">let </span>secret = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#171 id=171 data-nosnippet>171</a>
<a href=#172 id=172 data-nosnippet>172</a> <span class="kw">let </span>commitment = EncodingCommitment { root, secret };
<a href=#173 id=173 data-nosnippet>173</a>
<a href=#174 id=174 data-nosnippet>174</a> <span class="prelude-val">Ok</span>((commitment, tree))
<a href=#175 id=175 data-nosnippet>175</a>}
<a href=#176 id=176 data-nosnippet>176</a>
<a href=#177 id=177 data-nosnippet>177</a><span class="attr">#[derive(Debug)]
<a href=#178 id=178 data-nosnippet>178</a></span><span class="kw">struct </span>Provider {
<a href=#179 id=179 data-nosnippet>179</a> sent: Vec&lt;u8&gt;,
<a href=#180 id=180 data-nosnippet>180</a> recv: Vec&lt;u8&gt;,
<a href=#181 id=181 data-nosnippet>181</a>}
<a href=#182 id=182 data-nosnippet>182</a>
<a href=#183 id=183 data-nosnippet>183</a><span class="kw">impl </span>EncodingProvider <span class="kw">for </span>Provider {
<a href=#184 id=184 data-nosnippet>184</a> <span class="kw">fn </span>provide_encoding(
<a href=#185 id=185 data-nosnippet>185</a> <span class="kw-2">&amp;</span><span class="self">self</span>,
<a href=#186 id=186 data-nosnippet>186</a> direction: Direction,
<a href=#187 id=187 data-nosnippet>187</a> range: Range&lt;usize&gt;,
<a href=#188 id=188 data-nosnippet>188</a> dest: <span class="kw-2">&amp;mut </span>Vec&lt;u8&gt;,
<a href=#189 id=189 data-nosnippet>189</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), EncodingProviderError&gt; {
<a href=#190 id=190 data-nosnippet>190</a> <span class="kw">let </span>encodings = <span class="kw">match </span>direction {
<a href=#191 id=191 data-nosnippet>191</a> Direction::Sent =&gt; <span class="kw-2">&amp;</span><span class="self">self</span>.sent,
<a href=#192 id=192 data-nosnippet>192</a> Direction::Received =&gt; <span class="kw-2">&amp;</span><span class="self">self</span>.recv,
<a href=#193 id=193 data-nosnippet>193</a> };
<a href=#194 id=194 data-nosnippet>194</a>
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">let </span>start = range.start * ENCODING_SIZE;
<a href=#196 id=196 data-nosnippet>196</a> <span class="kw">let </span>end = range.end * ENCODING_SIZE;
<a href=#197 id=197 data-nosnippet>197</a>
<a href=#198 id=198 data-nosnippet>198</a> <span class="kw">if </span>end &gt; encodings.len() {
<a href=#199 id=199 data-nosnippet>199</a> <span class="kw">return </span><span class="prelude-val">Err</span>(EncodingProviderError);
<a href=#200 id=200 data-nosnippet>200</a> }
<a href=#201 id=201 data-nosnippet>201</a>
<a href=#202 id=202 data-nosnippet>202</a> dest.extend_from_slice(<span class="kw-2">&amp;</span>encodings[start..end]);
<a href=#203 id=203 data-nosnippet>203</a>
<a href=#204 id=204 data-nosnippet>204</a> <span class="prelude-val">Ok</span>(())
<a href=#205 id=205 data-nosnippet>205</a> }
<a href=#206 id=206 data-nosnippet>206</a>}
<a href=#207 id=207 data-nosnippet>207</a>
<a href=#208 id=208 data-nosnippet>208</a><span class="doccomment">/// Encoding protocol error.
<a href=#209 id=209 data-nosnippet>209</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#210 id=210 data-nosnippet>210</a>#[error(transparent)]
<a href=#211 id=211 data-nosnippet>211</a></span><span class="kw">pub struct </span>EncodingError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#212 id=212 data-nosnippet>212</a>
<a href=#213 id=213 data-nosnippet>213</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#214 id=214 data-nosnippet>214</a>#[error(<span class="string">"encoding protocol error: {0}"</span>)]
<a href=#215 id=215 data-nosnippet>215</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#216 id=216 data-nosnippet>216</a> <span class="attr">#[error(<span class="string">"I/O error: {0}"</span>)]
<a href=#217 id=217 data-nosnippet>217</a> </span>Io(std::io::Error),
<a href=#218 id=218 data-nosnippet>218</a> <span class="attr">#[error(<span class="string">"incorrect MAC count for {direction}: expected {expected}, got {got}"</span>)]
<a href=#219 id=219 data-nosnippet>219</a> </span>IncorrectMacCount {
<a href=#220 id=220 data-nosnippet>220</a> direction: Direction,
<a href=#221 id=221 data-nosnippet>221</a> expected: usize,
<a href=#222 id=222 data-nosnippet>222</a> got: usize,
<a href=#223 id=223 data-nosnippet>223</a> },
<a href=#224 id=224 data-nosnippet>224</a> <span class="attr">#[error(<span class="string">"encoding tree error: {0}"</span>)]
<a href=#225 id=225 data-nosnippet>225</a> </span>EncodingTree(EncodingTreeError),
<a href=#226 id=226 data-nosnippet>226</a>}
<a href=#227 id=227 data-nosnippet>227</a>
<a href=#228 id=228 data-nosnippet>228</a><span class="kw">impl </span>From&lt;std::io::Error&gt; <span class="kw">for </span>EncodingError {
<a href=#229 id=229 data-nosnippet>229</a> <span class="kw">fn </span>from(value: std::io::Error) -&gt; <span class="self">Self </span>{
<a href=#230 id=230 data-nosnippet>230</a> <span class="self">Self</span>(ErrorRepr::Io(value))
<a href=#231 id=231 data-nosnippet>231</a> }
<a href=#232 id=232 data-nosnippet>232</a>}
<a href=#233 id=233 data-nosnippet>233</a>
<a href=#234 id=234 data-nosnippet>234</a><span class="kw">impl </span>From&lt;EncodingTreeError&gt; <span class="kw">for </span>EncodingError {
<a href=#235 id=235 data-nosnippet>235</a> <span class="kw">fn </span>from(value: EncodingTreeError) -&gt; <span class="self">Self </span>{
<a href=#236 id=236 data-nosnippet>236</a> <span class="self">Self</span>(ErrorRepr::EncodingTree(value))
<a href=#237 id=237 data-nosnippet>237</a> }
<a href=#238 id=238 data-nosnippet>238</a>}</code></pre></div></section></main></body></html>

39
src/tlsn/ghash.rs.html Normal file
View File

@@ -0,0 +1,39 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/ghash.rs`."><title>ghash.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>ghash.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! GHASH methods.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="comment">// This module belongs in tls/core. It was moved out here temporarily.
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a></span><span class="kw">use </span>ghash::{
<a href=#6 id=6 data-nosnippet>6</a> GHash,
<a href=#7 id=7 data-nosnippet>7</a> universal_hash::{KeyInit, UniversalHash <span class="kw">as </span>UniversalHashReference},
<a href=#8 id=8 data-nosnippet>8</a>};
<a href=#9 id=9 data-nosnippet>9</a>
<a href=#10 id=10 data-nosnippet>10</a><span class="doccomment">/// Computes a GHASH tag.
<a href=#11 id=11 data-nosnippet>11</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>ghash(aad: <span class="kw-2">&amp;</span>[u8], ciphertext: <span class="kw-2">&amp;</span>[u8], key: <span class="kw-2">&amp;</span>[u8; <span class="number">16</span>]) -&gt; [u8; <span class="number">16</span>] {
<a href=#12 id=12 data-nosnippet>12</a> <span class="kw">let </span><span class="kw-2">mut </span>ghash = GHash::new(key.into());
<a href=#13 id=13 data-nosnippet>13</a> ghash.update_padded(<span class="kw-2">&amp;</span>build_ghash_data(aad.to_vec(), ciphertext.to_owned()));
<a href=#14 id=14 data-nosnippet>14</a> <span class="kw">let </span>out = ghash.finalize();
<a href=#15 id=15 data-nosnippet>15</a> out.into()
<a href=#16 id=16 data-nosnippet>16</a>}
<a href=#17 id=17 data-nosnippet>17</a>
<a href=#18 id=18 data-nosnippet>18</a><span class="doccomment">/// Builds padded data for GHASH.
<a href=#19 id=19 data-nosnippet>19</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>build_ghash_data(<span class="kw-2">mut </span>aad: Vec&lt;u8&gt;, <span class="kw-2">mut </span>ciphertext: Vec&lt;u8&gt;) -&gt; Vec&lt;u8&gt; {
<a href=#20 id=20 data-nosnippet>20</a> <span class="kw">let </span>associated_data_bitlen = (aad.len() <span class="kw">as </span>u64) * <span class="number">8</span>;
<a href=#21 id=21 data-nosnippet>21</a> <span class="kw">let </span>text_bitlen = (ciphertext.len() <span class="kw">as </span>u64) * <span class="number">8</span>;
<a href=#22 id=22 data-nosnippet>22</a>
<a href=#23 id=23 data-nosnippet>23</a> <span class="kw">let </span>len_block = ((associated_data_bitlen <span class="kw">as </span>u128) &lt;&lt; <span class="number">64</span>) + (text_bitlen <span class="kw">as </span>u128);
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a> <span class="comment">// Pad data to be a multiple of 16 bytes.
<a href=#26 id=26 data-nosnippet>26</a> </span><span class="kw">let </span>aad_padded_block_count = (aad.len() / <span class="number">16</span>) + (aad.len() % <span class="number">16 </span>!= <span class="number">0</span>) <span class="kw">as </span>usize;
<a href=#27 id=27 data-nosnippet>27</a> aad.resize(aad_padded_block_count * <span class="number">16</span>, <span class="number">0</span>);
<a href=#28 id=28 data-nosnippet>28</a>
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">let </span>ciphertext_padded_block_count =
<a href=#30 id=30 data-nosnippet>30</a> (ciphertext.len() / <span class="number">16</span>) + (ciphertext.len() % <span class="number">16 </span>!= <span class="number">0</span>) <span class="kw">as </span>usize;
<a href=#31 id=31 data-nosnippet>31</a> ciphertext.resize(ciphertext_padded_block_count * <span class="number">16</span>, <span class="number">0</span>);
<a href=#32 id=32 data-nosnippet>32</a>
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">let </span><span class="kw-2">mut </span>data: Vec&lt;u8&gt; = Vec::with_capacity(aad.len() + ciphertext.len() + <span class="number">16</span>);
<a href=#34 id=34 data-nosnippet>34</a> data.extend(aad);
<a href=#35 id=35 data-nosnippet>35</a> data.extend(ciphertext);
<a href=#36 id=36 data-nosnippet>36</a> data.extend_from_slice(<span class="kw-2">&amp;</span>len_block.to_be_bytes());
<a href=#37 id=37 data-nosnippet>37</a>
<a href=#38 id=38 data-nosnippet>38</a> data
<a href=#39 id=39 data-nosnippet>39</a>}</code></pre></div></section></main></body></html>

30
src/tlsn/lib.rs.html Normal file
View File

@@ -0,0 +1,30 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/lib.rs`."><title>lib.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>lib.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLSNotary library.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="attr">#![deny(missing_docs, unreachable_pub, unused_must_use)]
<a href=#4 id=4 data-nosnippet>4</a>#![deny(clippy::all)]
<a href=#5 id=5 data-nosnippet>5</a>#![forbid(unsafe_code)]
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>commit;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">pub mod </span>config;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>context;
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>encoding;
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>ghash;
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>msg;
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>mux;
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">pub mod </span>prover;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>tag;
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">pub mod </span>verifier;
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>zk_aes_ctr;
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="kw">pub use </span>tlsn_core::{attestation, connection, hash, presentation, transcript};
<a href=#20 id=20 data-nosnippet>20</a>
<a href=#21 id=21 data-nosnippet>21</a><span class="doccomment">/// The party's role in the TLSN protocol.
<a href=#22 id=22 data-nosnippet>22</a>///
<a href=#23 id=23 data-nosnippet>23</a>/// A Notary is classified as a Verifier.
<a href=#24 id=24 data-nosnippet>24</a></span><span class="attr">#[derive(Debug, Clone, Copy, PartialEq, Eq)]
<a href=#25 id=25 data-nosnippet>25</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">enum </span>Role {
<a href=#26 id=26 data-nosnippet>26</a> <span class="doccomment">/// The prover.
<a href=#27 id=27 data-nosnippet>27</a> </span>Prover,
<a href=#28 id=28 data-nosnippet>28</a> <span class="doccomment">/// The verifier.
<a href=#29 id=29 data-nosnippet>29</a> </span>Verifier,
<a href=#30 id=30 data-nosnippet>30</a>}</code></pre></div></section></main></body></html>

14
src/tlsn/msg.rs.html Normal file
View File

@@ -0,0 +1,14 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/msg.rs`."><title>msg.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>msg.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Message types.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>serde::{Deserialize, Serialize};
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>tlsn_core::connection::{ServerCertData, ServerName};
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a><span class="doccomment">/// Message sent from Prover to Verifier to prove the server identity.
<a href=#8 id=8 data-nosnippet>8</a></span><span class="attr">#[derive(Debug, Serialize, Deserialize)]
<a href=#9 id=9 data-nosnippet>9</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>ServerIdentityProof {
<a href=#10 id=10 data-nosnippet>10</a> <span class="doccomment">/// Server name.
<a href=#11 id=11 data-nosnippet>11</a> </span><span class="kw">pub </span>name: ServerName,
<a href=#12 id=12 data-nosnippet>12</a> <span class="doccomment">/// Server identity data.
<a href=#13 id=13 data-nosnippet>13</a> </span><span class="kw">pub </span>data: ServerCertData,
<a href=#14 id=14 data-nosnippet>14</a>}</code></pre></div></section></main></body></html>

90
src/tlsn/mux.rs.html Normal file
View File

@@ -0,0 +1,90 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/mux.rs`."><title>mux.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>mux.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Multiplexer used in the TLSNotary protocol.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::future::IntoFuture;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>futures::{
<a href=#6 id=6 data-nosnippet>6</a> AsyncRead, AsyncWrite, Future,
<a href=#7 id=7 data-nosnippet>7</a> future::{FusedFuture, FutureExt},
<a href=#8 id=8 data-nosnippet>8</a>};
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">use </span>tracing::error;
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>uid_mux::yamux;
<a href=#11 id=11 data-nosnippet>11</a>
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span><span class="kw">crate</span>::Role;
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a><span class="doccomment">/// Multiplexer supporting unique deterministic stream IDs.
<a href=#15 id=15 data-nosnippet>15</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Mux&lt;Io&gt; = yamux::Yamux&lt;Io&gt;;
<a href=#16 id=16 data-nosnippet>16</a><span class="doccomment">/// Multiplexer controller providing streams.
<a href=#17 id=17 data-nosnippet>17</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>MuxControl = yamux::YamuxCtrl;
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="doccomment">/// Multiplexer future which must be polled for the muxer to make progress.
<a href=#20 id=20 data-nosnippet>20</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>MuxFuture(
<a href=#21 id=21 data-nosnippet>21</a> Box&lt;<span class="kw">dyn </span>FusedFuture&lt;Output = <span class="prelude-ty">Result</span>&lt;(), yamux::ConnectionError&gt;&gt; + Send + Unpin&gt;,
<a href=#22 id=22 data-nosnippet>22</a>);
<a href=#23 id=23 data-nosnippet>23</a>
<a href=#24 id=24 data-nosnippet>24</a><span class="kw">impl </span>MuxFuture {
<a href=#25 id=25 data-nosnippet>25</a> <span class="doccomment">/// Returns true if the muxer is complete.
<a href=#26 id=26 data-nosnippet>26</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>is_complete(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; bool {
<a href=#27 id=27 data-nosnippet>27</a> <span class="self">self</span>.<span class="number">0</span>.is_terminated()
<a href=#28 id=28 data-nosnippet>28</a> }
<a href=#29 id=29 data-nosnippet>29</a>
<a href=#30 id=30 data-nosnippet>30</a> <span class="doccomment">/// Awaits a future, polling the muxer future concurrently.
<a href=#31 id=31 data-nosnippet>31</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">async fn </span>poll_with&lt;F, R&gt;(<span class="kw-2">&amp;mut </span><span class="self">self</span>, fut: F) -&gt; R
<a href=#32 id=32 data-nosnippet>32</a> <span class="kw">where
<a href=#33 id=33 data-nosnippet>33</a> </span>F: Future&lt;Output = R&gt;,
<a href=#34 id=34 data-nosnippet>34</a> {
<a href=#35 id=35 data-nosnippet>35</a> <span class="kw">let </span><span class="kw-2">mut </span>fut = Box::pin(fut.fuse());
<a href=#36 id=36 data-nosnippet>36</a> <span class="comment">// Poll the future concurrently with the muxer future.
<a href=#37 id=37 data-nosnippet>37</a> // If the muxer returns an error, continue polling the future
<a href=#38 id=38 data-nosnippet>38</a> // until it completes.
<a href=#39 id=39 data-nosnippet>39</a> </span><span class="kw">loop </span>{
<a href=#40 id=40 data-nosnippet>40</a> <span class="macro">futures::select!</span> {
<a href=#41 id=41 data-nosnippet>41</a> res = fut =&gt; <span class="kw">return </span>res,
<a href=#42 id=42 data-nosnippet>42</a> res = <span class="kw-2">&amp;mut </span><span class="self">self</span>.<span class="number">0 </span>=&gt; <span class="kw">if let </span><span class="prelude-val">Err</span>(e) = res {
<a href=#43 id=43 data-nosnippet>43</a> <span class="macro">error!</span>(<span class="string">"mux error: {:?}"</span>, e);
<a href=#44 id=44 data-nosnippet>44</a> },
<a href=#45 id=45 data-nosnippet>45</a> }
<a href=#46 id=46 data-nosnippet>46</a> }
<a href=#47 id=47 data-nosnippet>47</a> }
<a href=#48 id=48 data-nosnippet>48</a>}
<a href=#49 id=49 data-nosnippet>49</a>
<a href=#50 id=50 data-nosnippet>50</a><span class="kw">impl </span>Future <span class="kw">for </span>MuxFuture {
<a href=#51 id=51 data-nosnippet>51</a> <span class="kw">type </span>Output = <span class="prelude-ty">Result</span>&lt;(), yamux::ConnectionError&gt;;
<a href=#52 id=52 data-nosnippet>52</a>
<a href=#53 id=53 data-nosnippet>53</a> <span class="kw">fn </span>poll(
<a href=#54 id=54 data-nosnippet>54</a> <span class="kw-2">mut </span><span class="self">self</span>: std::pin::Pin&lt;<span class="kw-2">&amp;mut </span><span class="self">Self</span>&gt;,
<a href=#55 id=55 data-nosnippet>55</a> cx: <span class="kw-2">&amp;mut </span>std::task::Context&lt;<span class="lifetime">'_</span>&gt;,
<a href=#56 id=56 data-nosnippet>56</a> ) -&gt; std::task::Poll&lt;<span class="self">Self</span>::Output&gt; {
<a href=#57 id=57 data-nosnippet>57</a> <span class="self">self</span>.<span class="number">0</span>.as_mut().poll_unpin(cx)
<a href=#58 id=58 data-nosnippet>58</a> }
<a href=#59 id=59 data-nosnippet>59</a>}
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a><span class="doccomment">/// Attaches a multiplexer to the provided socket.
<a href=#62 id=62 data-nosnippet>62</a>///
<a href=#63 id=63 data-nosnippet>63</a>/// Returns the multiplexer and a controller for creating streams with a codec
<a href=#64 id=64 data-nosnippet>64</a>/// attached.
<a href=#65 id=65 data-nosnippet>65</a>///
<a href=#66 id=66 data-nosnippet>66</a>/// # Arguments
<a href=#67 id=67 data-nosnippet>67</a>///
<a href=#68 id=68 data-nosnippet>68</a>/// * `socket` - The socket to attach the multiplexer to.
<a href=#69 id=69 data-nosnippet>69</a>/// * `role` - The role of the party using the multiplexer.
<a href=#70 id=70 data-nosnippet>70</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>attach_mux&lt;T: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#71 id=71 data-nosnippet>71</a> socket: T,
<a href=#72 id=72 data-nosnippet>72</a> role: Role,
<a href=#73 id=73 data-nosnippet>73</a>) -&gt; (MuxFuture, MuxControl) {
<a href=#74 id=74 data-nosnippet>74</a> <span class="kw">let </span><span class="kw-2">mut </span>mux_config = yamux::Config::default();
<a href=#75 id=75 data-nosnippet>75</a> mux_config.set_max_num_streams(<span class="number">36</span>);
<a href=#76 id=76 data-nosnippet>76</a>
<a href=#77 id=77 data-nosnippet>77</a> <span class="kw">let </span>mux_role = <span class="kw">match </span>role {
<a href=#78 id=78 data-nosnippet>78</a> Role::Prover =&gt; yamux::Mode::Client,
<a href=#79 id=79 data-nosnippet>79</a> Role::Verifier =&gt; yamux::Mode::Server,
<a href=#80 id=80 data-nosnippet>80</a> };
<a href=#81 id=81 data-nosnippet>81</a>
<a href=#82 id=82 data-nosnippet>82</a> <span class="kw">let </span>mux = Mux::new(socket, mux_config, mux_role);
<a href=#83 id=83 data-nosnippet>83</a> <span class="kw">let </span>ctrl = mux.control();
<a href=#84 id=84 data-nosnippet>84</a>
<a href=#85 id=85 data-nosnippet>85</a> <span class="kw">if let </span>Role::Prover = role {
<a href=#86 id=86 data-nosnippet>86</a> ctrl.alloc(<span class="number">32</span>);
<a href=#87 id=87 data-nosnippet>87</a> }
<a href=#88 id=88 data-nosnippet>88</a>
<a href=#89 id=89 data-nosnippet>89</a> (MuxFuture(Box::new(mux.into_future().fuse())), ctrl)
<a href=#90 id=90 data-nosnippet>90</a>}</code></pre></div></section></main></body></html>

656
src/tlsn/prover.rs.html Normal file
View File

@@ -0,0 +1,656 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/prover.rs`."><title>prover.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>prover.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Prover.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">mod </span>config;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">mod </span>error;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">mod </span>future;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">pub mod </span>state;
<a href=#7 id=7 data-nosnippet>7</a>
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">pub use </span>config::{ProverConfig, ProverConfigBuilder, TlsConfig, TlsConfigBuilder};
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">pub use </span>error::ProverError;
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">pub use </span>future::ProverFuture;
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">pub use </span>tlsn_core::{ProveConfig, ProveConfigBuilder, ProveConfigBuilderError, ProverOutput};
<a href=#12 id=12 data-nosnippet>12</a>
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>mpz_common::Context;
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>mpz_core::Block;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">use </span>mpz_garble_core::Delta;
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">use </span>mpz_vm_core::prelude::<span class="kw-2">*</span>;
<a href=#17 id=17 data-nosnippet>17</a>
<a href=#18 id=18 data-nosnippet>18</a><span class="kw">use crate</span>::{
<a href=#19 id=19 data-nosnippet>19</a> Role,
<a href=#20 id=20 data-nosnippet>20</a> commit::{
<a href=#21 id=21 data-nosnippet>21</a> commit_records,
<a href=#22 id=22 data-nosnippet>22</a> hash::prove_hash,
<a href=#23 id=23 data-nosnippet>23</a> transcript::{TranscriptRefs, decode_transcript},
<a href=#24 id=24 data-nosnippet>24</a> },
<a href=#25 id=25 data-nosnippet>25</a> context::build_mt_context,
<a href=#26 id=26 data-nosnippet>26</a> encoding,
<a href=#27 id=27 data-nosnippet>27</a> mux::attach_mux,
<a href=#28 id=28 data-nosnippet>28</a> tag::verify_tags,
<a href=#29 id=29 data-nosnippet>29</a> zk_aes_ctr::ZkAesCtr,
<a href=#30 id=30 data-nosnippet>30</a>};
<a href=#31 id=31 data-nosnippet>31</a>
<a href=#32 id=32 data-nosnippet>32</a><span class="kw">use </span>futures::{AsyncRead, AsyncWrite, TryFutureExt};
<a href=#33 id=33 data-nosnippet>33</a><span class="kw">use </span>mpc_tls::{LeaderCtrl, MpcTlsLeader, SessionKeys};
<a href=#34 id=34 data-nosnippet>34</a><span class="kw">use </span>rand::Rng;
<a href=#35 id=35 data-nosnippet>35</a><span class="kw">use </span>serio::{SinkExt, stream::IoStreamExt};
<a href=#36 id=36 data-nosnippet>36</a><span class="kw">use </span>std::sync::Arc;
<a href=#37 id=37 data-nosnippet>37</a><span class="kw">use </span>tls_client::{ClientConnection, ServerName <span class="kw">as </span>TlsServerName};
<a href=#38 id=38 data-nosnippet>38</a><span class="kw">use </span>tls_client_async::{TlsConnection, bind_client};
<a href=#39 id=39 data-nosnippet>39</a><span class="kw">use </span>tls_core::msgs::enums::ContentType;
<a href=#40 id=40 data-nosnippet>40</a><span class="kw">use </span>tlsn_core::{
<a href=#41 id=41 data-nosnippet>41</a> ProvePayload, Secrets,
<a href=#42 id=42 data-nosnippet>42</a> attestation::Attestation,
<a href=#43 id=43 data-nosnippet>43</a> connection::ServerCertData,
<a href=#44 id=44 data-nosnippet>44</a> request::{Request, RequestConfig},
<a href=#45 id=45 data-nosnippet>45</a> transcript::{Direction, TlsTranscript, Transcript, TranscriptCommitment, TranscriptSecret},
<a href=#46 id=46 data-nosnippet>46</a>};
<a href=#47 id=47 data-nosnippet>47</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#48 id=48 data-nosnippet>48</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#49 id=49 data-nosnippet>49</a>
<a href=#50 id=50 data-nosnippet>50</a><span class="kw">use </span>tracing::{Instrument, Span, debug, info, info_span, instrument};
<a href=#51 id=51 data-nosnippet>51</a>
<a href=#52 id=52 data-nosnippet>52</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTSender = mpz_ot::rcot::shared::SharedRCOTSender&lt;
<a href=#53 id=53 data-nosnippet>53</a> mpz_ot::kos::Sender&lt;mpz_ot::chou_orlandi::Receiver&gt;,
<a href=#54 id=54 data-nosnippet>54</a> mpz_core::Block,
<a href=#55 id=55 data-nosnippet>55</a>&gt;;
<a href=#56 id=56 data-nosnippet>56</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTReceiver = mpz_ot::rcot::shared::SharedRCOTReceiver&lt;
<a href=#57 id=57 data-nosnippet>57</a> mpz_ot::ferret::Receiver&lt;mpz_ot::kos::Receiver&lt;mpz_ot::chou_orlandi::Sender&gt;&gt;,
<a href=#58 id=58 data-nosnippet>58</a> bool,
<a href=#59 id=59 data-nosnippet>59</a> mpz_core::Block,
<a href=#60 id=60 data-nosnippet>60</a>&gt;;
<a href=#61 id=61 data-nosnippet>61</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Mpc =
<a href=#62 id=62 data-nosnippet>62</a> mpz_garble::protocol::semihonest::Garbler&lt;mpz_ot::cot::DerandCOTSender&lt;RCOTSender&gt;&gt;;
<a href=#63 id=63 data-nosnippet>63</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Zk = mpz_zk::Prover&lt;RCOTReceiver&gt;;
<a href=#64 id=64 data-nosnippet>64</a>
<a href=#65 id=65 data-nosnippet>65</a><span class="doccomment">/// A prover instance.
<a href=#66 id=66 data-nosnippet>66</a></span><span class="attr">#[derive(Debug)]
<a href=#67 id=67 data-nosnippet>67</a></span><span class="kw">pub struct </span>Prover&lt;T: state::ProverState = state::Initialized&gt; {
<a href=#68 id=68 data-nosnippet>68</a> config: ProverConfig,
<a href=#69 id=69 data-nosnippet>69</a> span: Span,
<a href=#70 id=70 data-nosnippet>70</a> state: T,
<a href=#71 id=71 data-nosnippet>71</a>}
<a href=#72 id=72 data-nosnippet>72</a>
<a href=#73 id=73 data-nosnippet>73</a><span class="kw">impl </span>Prover&lt;state::Initialized&gt; {
<a href=#74 id=74 data-nosnippet>74</a> <span class="doccomment">/// Creates a new prover.
<a href=#75 id=75 data-nosnippet>75</a> ///
<a href=#76 id=76 data-nosnippet>76</a> /// # Arguments
<a href=#77 id=77 data-nosnippet>77</a> ///
<a href=#78 id=78 data-nosnippet>78</a> /// * `config` - The configuration for the prover.
<a href=#79 id=79 data-nosnippet>79</a> </span><span class="kw">pub fn </span>new(config: ProverConfig) -&gt; <span class="self">Self </span>{
<a href=#80 id=80 data-nosnippet>80</a> <span class="kw">let </span>span = <span class="macro">info_span!</span>(<span class="string">"prover"</span>);
<a href=#81 id=81 data-nosnippet>81</a> <span class="self">Self </span>{
<a href=#82 id=82 data-nosnippet>82</a> config,
<a href=#83 id=83 data-nosnippet>83</a> span,
<a href=#84 id=84 data-nosnippet>84</a> state: state::Initialized,
<a href=#85 id=85 data-nosnippet>85</a> }
<a href=#86 id=86 data-nosnippet>86</a> }
<a href=#87 id=87 data-nosnippet>87</a>
<a href=#88 id=88 data-nosnippet>88</a> <span class="doccomment">/// Sets up the prover.
<a href=#89 id=89 data-nosnippet>89</a> ///
<a href=#90 id=90 data-nosnippet>90</a> /// This performs all MPC setup prior to establishing the connection to the
<a href=#91 id=91 data-nosnippet>91</a> /// application server.
<a href=#92 id=92 data-nosnippet>92</a> ///
<a href=#93 id=93 data-nosnippet>93</a> /// # Arguments
<a href=#94 id=94 data-nosnippet>94</a> ///
<a href=#95 id=95 data-nosnippet>95</a> /// * `socket` - The socket to the TLS verifier.
<a href=#96 id=96 data-nosnippet>96</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"debug"</span>, skip_all, err)]
<a href=#97 id=97 data-nosnippet>97</a> </span><span class="kw">pub async fn </span>setup&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#98 id=98 data-nosnippet>98</a> <span class="self">self</span>,
<a href=#99 id=99 data-nosnippet>99</a> socket: S,
<a href=#100 id=100 data-nosnippet>100</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Prover&lt;state::Setup&gt;, ProverError&gt; {
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">let </span>(<span class="kw-2">mut </span>mux_fut, mux_ctrl) = attach_mux(socket, Role::Prover);
<a href=#102 id=102 data-nosnippet>102</a> <span class="kw">let </span><span class="kw-2">mut </span>mt = build_mt_context(mux_ctrl.clone());
<a href=#103 id=103 data-nosnippet>103</a> <span class="kw">let </span><span class="kw-2">mut </span>ctx = mux_fut.poll_with(mt.new_context()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#104 id=104 data-nosnippet>104</a>
<a href=#105 id=105 data-nosnippet>105</a> <span class="comment">// Sends protocol configuration to verifier for compatibility check.
<a href=#106 id=106 data-nosnippet>106</a> </span>mux_fut
<a href=#107 id=107 data-nosnippet>107</a> .poll_with(ctx.io_mut().send(<span class="self">self</span>.config.protocol_config().clone()))
<a href=#108 id=108 data-nosnippet>108</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#109 id=109 data-nosnippet>109</a>
<a href=#110 id=110 data-nosnippet>110</a> <span class="kw">let </span>(vm, <span class="kw-2">mut </span>mpc_tls) = build_mpc_tls(<span class="kw-2">&amp;</span><span class="self">self</span>.config, ctx);
<a href=#111 id=111 data-nosnippet>111</a>
<a href=#112 id=112 data-nosnippet>112</a> <span class="comment">// Allocate resources for MPC-TLS in the VM.
<a href=#113 id=113 data-nosnippet>113</a> </span><span class="kw">let </span><span class="kw-2">mut </span>keys = mpc_tls.alloc()<span class="question-mark">?</span>;
<a href=#114 id=114 data-nosnippet>114</a> <span class="kw">let </span>vm_lock = vm.try_lock().expect(<span class="string">"VM is not locked"</span>);
<a href=#115 id=115 data-nosnippet>115</a> translate_keys(<span class="kw-2">&amp;mut </span>keys, <span class="kw-2">&amp;</span>vm_lock)<span class="question-mark">?</span>;
<a href=#116 id=116 data-nosnippet>116</a>
<a href=#117 id=117 data-nosnippet>117</a> <span class="comment">// Allocate for committing to plaintext.
<a href=#118 id=118 data-nosnippet>118</a> </span><span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr_sent = ZkAesCtr::new(Role::Prover);
<a href=#119 id=119 data-nosnippet>119</a> zk_aes_ctr_sent.set_key(keys.client_write_key, keys.client_write_iv);
<a href=#120 id=120 data-nosnippet>120</a> zk_aes_ctr_sent.alloc(
<a href=#121 id=121 data-nosnippet>121</a> <span class="kw-2">&amp;mut *</span>vm_lock.zk(),
<a href=#122 id=122 data-nosnippet>122</a> <span class="self">self</span>.config.protocol_config().max_sent_data(),
<a href=#123 id=123 data-nosnippet>123</a> )<span class="question-mark">?</span>;
<a href=#124 id=124 data-nosnippet>124</a>
<a href=#125 id=125 data-nosnippet>125</a> <span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr_recv = ZkAesCtr::new(Role::Prover);
<a href=#126 id=126 data-nosnippet>126</a> zk_aes_ctr_recv.set_key(keys.server_write_key, keys.server_write_iv);
<a href=#127 id=127 data-nosnippet>127</a> zk_aes_ctr_recv.alloc(
<a href=#128 id=128 data-nosnippet>128</a> <span class="kw-2">&amp;mut *</span>vm_lock.zk(),
<a href=#129 id=129 data-nosnippet>129</a> <span class="self">self</span>.config.protocol_config().max_recv_data(),
<a href=#130 id=130 data-nosnippet>130</a> )<span class="question-mark">?</span>;
<a href=#131 id=131 data-nosnippet>131</a>
<a href=#132 id=132 data-nosnippet>132</a> drop(vm_lock);
<a href=#133 id=133 data-nosnippet>133</a>
<a href=#134 id=134 data-nosnippet>134</a> <span class="macro">debug!</span>(<span class="string">"setting up mpc-tls"</span>);
<a href=#135 id=135 data-nosnippet>135</a>
<a href=#136 id=136 data-nosnippet>136</a> mux_fut.poll_with(mpc_tls.preprocess()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#137 id=137 data-nosnippet>137</a>
<a href=#138 id=138 data-nosnippet>138</a> <span class="macro">debug!</span>(<span class="string">"mpc-tls setup complete"</span>);
<a href=#139 id=139 data-nosnippet>139</a>
<a href=#140 id=140 data-nosnippet>140</a> <span class="prelude-val">Ok</span>(Prover {
<a href=#141 id=141 data-nosnippet>141</a> config: <span class="self">self</span>.config,
<a href=#142 id=142 data-nosnippet>142</a> span: <span class="self">self</span>.span,
<a href=#143 id=143 data-nosnippet>143</a> state: state::Setup {
<a href=#144 id=144 data-nosnippet>144</a> mux_ctrl,
<a href=#145 id=145 data-nosnippet>145</a> mux_fut,
<a href=#146 id=146 data-nosnippet>146</a> mpc_tls,
<a href=#147 id=147 data-nosnippet>147</a> zk_aes_ctr_sent,
<a href=#148 id=148 data-nosnippet>148</a> zk_aes_ctr_recv,
<a href=#149 id=149 data-nosnippet>149</a> keys,
<a href=#150 id=150 data-nosnippet>150</a> vm,
<a href=#151 id=151 data-nosnippet>151</a> },
<a href=#152 id=152 data-nosnippet>152</a> })
<a href=#153 id=153 data-nosnippet>153</a> }
<a href=#154 id=154 data-nosnippet>154</a>}
<a href=#155 id=155 data-nosnippet>155</a>
<a href=#156 id=156 data-nosnippet>156</a><span class="kw">impl </span>Prover&lt;state::Setup&gt; {
<a href=#157 id=157 data-nosnippet>157</a> <span class="doccomment">/// Connects to the server using the provided socket.
<a href=#158 id=158 data-nosnippet>158</a> ///
<a href=#159 id=159 data-nosnippet>159</a> /// Returns a handle to the TLS connection, a future which returns the
<a href=#160 id=160 data-nosnippet>160</a> /// prover once the connection is closed.
<a href=#161 id=161 data-nosnippet>161</a> ///
<a href=#162 id=162 data-nosnippet>162</a> /// # Arguments
<a href=#163 id=163 data-nosnippet>163</a> ///
<a href=#164 id=164 data-nosnippet>164</a> /// * `socket` - The socket to the server.
<a href=#165 id=165 data-nosnippet>165</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"debug"</span>, skip_all, err)]
<a href=#166 id=166 data-nosnippet>166</a> </span><span class="kw">pub async fn </span>connect&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#167 id=167 data-nosnippet>167</a> <span class="self">self</span>,
<a href=#168 id=168 data-nosnippet>168</a> socket: S,
<a href=#169 id=169 data-nosnippet>169</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(TlsConnection, ProverFuture), ProverError&gt; {
<a href=#170 id=170 data-nosnippet>170</a> <span class="kw">let </span>state::Setup {
<a href=#171 id=171 data-nosnippet>171</a> mux_ctrl,
<a href=#172 id=172 data-nosnippet>172</a> <span class="kw-2">mut </span>mux_fut,
<a href=#173 id=173 data-nosnippet>173</a> mpc_tls,
<a href=#174 id=174 data-nosnippet>174</a> <span class="kw-2">mut </span>zk_aes_ctr_sent,
<a href=#175 id=175 data-nosnippet>175</a> <span class="kw-2">mut </span>zk_aes_ctr_recv,
<a href=#176 id=176 data-nosnippet>176</a> keys,
<a href=#177 id=177 data-nosnippet>177</a> vm,
<a href=#178 id=178 data-nosnippet>178</a> ..
<a href=#179 id=179 data-nosnippet>179</a> } = <span class="self">self</span>.state;
<a href=#180 id=180 data-nosnippet>180</a>
<a href=#181 id=181 data-nosnippet>181</a> <span class="kw">let </span>(mpc_ctrl, mpc_fut) = mpc_tls.run();
<a href=#182 id=182 data-nosnippet>182</a>
<a href=#183 id=183 data-nosnippet>183</a> <span class="kw">let </span>server_name =
<a href=#184 id=184 data-nosnippet>184</a> TlsServerName::try_from(<span class="self">self</span>.config.server_name().as_str()).map_err(|<span class="kw">_</span>| {
<a href=#185 id=185 data-nosnippet>185</a> ProverError::config(<span class="macro">format!</span>(
<a href=#186 id=186 data-nosnippet>186</a> <span class="string">"invalid server name: {}"</span>,
<a href=#187 id=187 data-nosnippet>187</a> <span class="self">self</span>.config.server_name()
<a href=#188 id=188 data-nosnippet>188</a> ))
<a href=#189 id=189 data-nosnippet>189</a> })<span class="question-mark">?</span>;
<a href=#190 id=190 data-nosnippet>190</a>
<a href=#191 id=191 data-nosnippet>191</a> <span class="kw">let </span>config = tls_client::ClientConfig::builder()
<a href=#192 id=192 data-nosnippet>192</a> .with_safe_defaults()
<a href=#193 id=193 data-nosnippet>193</a> .with_root_certificates(<span class="self">self</span>.config.crypto_provider().cert.root_store().clone());
<a href=#194 id=194 data-nosnippet>194</a>
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">let </span>config = <span class="kw">if let </span><span class="prelude-val">Some</span>((cert, key)) = <span class="self">self</span>.config.tls_config().client_auth() {
<a href=#196 id=196 data-nosnippet>196</a> config
<a href=#197 id=197 data-nosnippet>197</a> .with_single_cert(cert.clone(), key.clone())
<a href=#198 id=198 data-nosnippet>198</a> .map_err(ProverError::config)<span class="question-mark">?
<a href=#199 id=199 data-nosnippet>199</a> </span>} <span class="kw">else </span>{
<a href=#200 id=200 data-nosnippet>200</a> config.with_no_client_auth()
<a href=#201 id=201 data-nosnippet>201</a> };
<a href=#202 id=202 data-nosnippet>202</a>
<a href=#203 id=203 data-nosnippet>203</a> <span class="kw">let </span>client =
<a href=#204 id=204 data-nosnippet>204</a> ClientConnection::new(Arc::new(config), Box::new(mpc_ctrl.clone()), server_name)
<a href=#205 id=205 data-nosnippet>205</a> .map_err(ProverError::config)<span class="question-mark">?</span>;
<a href=#206 id=206 data-nosnippet>206</a>
<a href=#207 id=207 data-nosnippet>207</a> <span class="kw">let </span>(conn, conn_fut) = bind_client(socket, client);
<a href=#208 id=208 data-nosnippet>208</a>
<a href=#209 id=209 data-nosnippet>209</a> <span class="kw">let </span>fut = Box::pin({
<a href=#210 id=210 data-nosnippet>210</a> <span class="kw">let </span>span = <span class="self">self</span>.span.clone();
<a href=#211 id=211 data-nosnippet>211</a> <span class="kw">let </span>mpc_ctrl = mpc_ctrl.clone();
<a href=#212 id=212 data-nosnippet>212</a> <span class="kw">async move </span>{
<a href=#213 id=213 data-nosnippet>213</a> <span class="kw">let </span>conn_fut = <span class="kw">async </span>{
<a href=#214 id=214 data-nosnippet>214</a> mux_fut
<a href=#215 id=215 data-nosnippet>215</a> .poll_with(conn_fut.map_err(ProverError::from))
<a href=#216 id=216 data-nosnippet>216</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#217 id=217 data-nosnippet>217</a>
<a href=#218 id=218 data-nosnippet>218</a> mpc_ctrl.stop().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#219 id=219 data-nosnippet>219</a>
<a href=#220 id=220 data-nosnippet>220</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, ProverError&gt;(())
<a href=#221 id=221 data-nosnippet>221</a> };
<a href=#222 id=222 data-nosnippet>222</a>
<a href=#223 id=223 data-nosnippet>223</a> <span class="macro">info!</span>(<span class="string">"starting MPC-TLS"</span>);
<a href=#224 id=224 data-nosnippet>224</a>
<a href=#225 id=225 data-nosnippet>225</a> <span class="kw">let </span>(<span class="kw">_</span>, (<span class="kw-2">mut </span>ctx, tls_transcript)) = <span class="macro">futures::try_join!</span>(
<a href=#226 id=226 data-nosnippet>226</a> conn_fut,
<a href=#227 id=227 data-nosnippet>227</a> mpc_fut.in_current_span().map_err(ProverError::from)
<a href=#228 id=228 data-nosnippet>228</a> )<span class="question-mark">?</span>;
<a href=#229 id=229 data-nosnippet>229</a>
<a href=#230 id=230 data-nosnippet>230</a> <span class="macro">info!</span>(<span class="string">"finished MPC-TLS"</span>);
<a href=#231 id=231 data-nosnippet>231</a>
<a href=#232 id=232 data-nosnippet>232</a> {
<a href=#233 id=233 data-nosnippet>233</a> <span class="kw">let </span><span class="kw-2">mut </span>vm = vm.try_lock().expect(<span class="string">"VM should not be locked"</span>);
<a href=#234 id=234 data-nosnippet>234</a>
<a href=#235 id=235 data-nosnippet>235</a> <span class="macro">debug!</span>(<span class="string">"finalizing mpc"</span>);
<a href=#236 id=236 data-nosnippet>236</a>
<a href=#237 id=237 data-nosnippet>237</a> <span class="comment">// Finalize DEAP.
<a href=#238 id=238 data-nosnippet>238</a> </span>mux_fut
<a href=#239 id=239 data-nosnippet>239</a> .poll_with(vm.finalize(<span class="kw-2">&amp;mut </span>ctx))
<a href=#240 id=240 data-nosnippet>240</a> .<span class="kw">await
<a href=#241 id=241 data-nosnippet>241</a> </span>.map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#242 id=242 data-nosnippet>242</a>
<a href=#243 id=243 data-nosnippet>243</a> <span class="macro">debug!</span>(<span class="string">"mpc finalized"</span>);
<a href=#244 id=244 data-nosnippet>244</a> }
<a href=#245 id=245 data-nosnippet>245</a>
<a href=#246 id=246 data-nosnippet>246</a> <span class="comment">// Pull out ZK VM.
<a href=#247 id=247 data-nosnippet>247</a> </span><span class="kw">let </span>(<span class="kw">_</span>, <span class="kw-2">mut </span>vm) = Arc::into_inner(vm)
<a href=#248 id=248 data-nosnippet>248</a> .expect(<span class="string">"vm should have only 1 reference"</span>)
<a href=#249 id=249 data-nosnippet>249</a> .into_inner()
<a href=#250 id=250 data-nosnippet>250</a> .into_inner();
<a href=#251 id=251 data-nosnippet>251</a>
<a href=#252 id=252 data-nosnippet>252</a> <span class="comment">// Prove tag verification of received records.
<a href=#253 id=253 data-nosnippet>253</a> // The prover drops the proof output.
<a href=#254 id=254 data-nosnippet>254</a> </span><span class="kw">let _ </span>= verify_tags(
<a href=#255 id=255 data-nosnippet>255</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#256 id=256 data-nosnippet>256</a> (keys.server_write_key, keys.server_write_iv),
<a href=#257 id=257 data-nosnippet>257</a> keys.server_write_mac_key,
<a href=#258 id=258 data-nosnippet>258</a> <span class="kw-2">*</span>tls_transcript.version(),
<a href=#259 id=259 data-nosnippet>259</a> tls_transcript.recv().to_vec(),
<a href=#260 id=260 data-nosnippet>260</a> )
<a href=#261 id=261 data-nosnippet>261</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#262 id=262 data-nosnippet>262</a>
<a href=#263 id=263 data-nosnippet>263</a> <span class="comment">// Prove received plaintext. Prover drops the proof output, as
<a href=#264 id=264 data-nosnippet>264</a> // they trust themselves.
<a href=#265 id=265 data-nosnippet>265</a> </span><span class="kw">let </span>(sent_refs, <span class="kw">_</span>) = commit_records(
<a href=#266 id=266 data-nosnippet>266</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#267 id=267 data-nosnippet>267</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr_sent,
<a href=#268 id=268 data-nosnippet>268</a> tls_transcript
<a href=#269 id=269 data-nosnippet>269</a> .sent()
<a href=#270 id=270 data-nosnippet>270</a> .iter()
<a href=#271 id=271 data-nosnippet>271</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#272 id=272 data-nosnippet>272</a> )
<a href=#273 id=273 data-nosnippet>273</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#274 id=274 data-nosnippet>274</a>
<a href=#275 id=275 data-nosnippet>275</a> <span class="kw">let </span>(recv_refs, <span class="kw">_</span>) = commit_records(
<a href=#276 id=276 data-nosnippet>276</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#277 id=277 data-nosnippet>277</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr_recv,
<a href=#278 id=278 data-nosnippet>278</a> tls_transcript
<a href=#279 id=279 data-nosnippet>279</a> .recv()
<a href=#280 id=280 data-nosnippet>280</a> .iter()
<a href=#281 id=281 data-nosnippet>281</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#282 id=282 data-nosnippet>282</a> )
<a href=#283 id=283 data-nosnippet>283</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#284 id=284 data-nosnippet>284</a>
<a href=#285 id=285 data-nosnippet>285</a> mux_fut
<a href=#286 id=286 data-nosnippet>286</a> .poll_with(vm.execute_all(<span class="kw-2">&amp;mut </span>ctx).map_err(ProverError::zk))
<a href=#287 id=287 data-nosnippet>287</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#288 id=288 data-nosnippet>288</a>
<a href=#289 id=289 data-nosnippet>289</a> <span class="kw">let </span>transcript = tls_transcript
<a href=#290 id=290 data-nosnippet>290</a> .to_transcript()
<a href=#291 id=291 data-nosnippet>291</a> .expect(<span class="string">"transcript is complete"</span>);
<a href=#292 id=292 data-nosnippet>292</a> <span class="kw">let </span>transcript_refs = TranscriptRefs::new(sent_refs, recv_refs);
<a href=#293 id=293 data-nosnippet>293</a>
<a href=#294 id=294 data-nosnippet>294</a> <span class="prelude-val">Ok</span>(Prover {
<a href=#295 id=295 data-nosnippet>295</a> config: <span class="self">self</span>.config,
<a href=#296 id=296 data-nosnippet>296</a> span: <span class="self">self</span>.span,
<a href=#297 id=297 data-nosnippet>297</a> state: state::Committed {
<a href=#298 id=298 data-nosnippet>298</a> mux_ctrl,
<a href=#299 id=299 data-nosnippet>299</a> mux_fut,
<a href=#300 id=300 data-nosnippet>300</a> ctx,
<a href=#301 id=301 data-nosnippet>301</a> vm,
<a href=#302 id=302 data-nosnippet>302</a> tls_transcript,
<a href=#303 id=303 data-nosnippet>303</a> transcript,
<a href=#304 id=304 data-nosnippet>304</a> transcript_refs,
<a href=#305 id=305 data-nosnippet>305</a> },
<a href=#306 id=306 data-nosnippet>306</a> })
<a href=#307 id=307 data-nosnippet>307</a> }
<a href=#308 id=308 data-nosnippet>308</a> .instrument(span)
<a href=#309 id=309 data-nosnippet>309</a> });
<a href=#310 id=310 data-nosnippet>310</a>
<a href=#311 id=311 data-nosnippet>311</a> <span class="prelude-val">Ok</span>((
<a href=#312 id=312 data-nosnippet>312</a> conn,
<a href=#313 id=313 data-nosnippet>313</a> ProverFuture {
<a href=#314 id=314 data-nosnippet>314</a> fut,
<a href=#315 id=315 data-nosnippet>315</a> ctrl: ProverControl { mpc_ctrl },
<a href=#316 id=316 data-nosnippet>316</a> },
<a href=#317 id=317 data-nosnippet>317</a> ))
<a href=#318 id=318 data-nosnippet>318</a> }
<a href=#319 id=319 data-nosnippet>319</a>}
<a href=#320 id=320 data-nosnippet>320</a>
<a href=#321 id=321 data-nosnippet>321</a><span class="kw">impl </span>Prover&lt;state::Committed&gt; {
<a href=#322 id=322 data-nosnippet>322</a> <span class="doccomment">/// Returns the TLS transcript.
<a href=#323 id=323 data-nosnippet>323</a> </span><span class="kw">pub fn </span>tls_transcript(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>TlsTranscript {
<a href=#324 id=324 data-nosnippet>324</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.tls_transcript
<a href=#325 id=325 data-nosnippet>325</a> }
<a href=#326 id=326 data-nosnippet>326</a>
<a href=#327 id=327 data-nosnippet>327</a> <span class="doccomment">/// Returns the transcript.
<a href=#328 id=328 data-nosnippet>328</a> </span><span class="kw">pub fn </span>transcript(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>Transcript {
<a href=#329 id=329 data-nosnippet>329</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.transcript
<a href=#330 id=330 data-nosnippet>330</a> }
<a href=#331 id=331 data-nosnippet>331</a>
<a href=#332 id=332 data-nosnippet>332</a> <span class="doccomment">/// Proves information to the verifier.
<a href=#333 id=333 data-nosnippet>333</a> ///
<a href=#334 id=334 data-nosnippet>334</a> /// # Arguments
<a href=#335 id=335 data-nosnippet>335</a> ///
<a href=#336 id=336 data-nosnippet>336</a> /// * `config` - The disclosure configuration.
<a href=#337 id=337 data-nosnippet>337</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#338 id=338 data-nosnippet>338</a> </span><span class="kw">pub async fn </span>prove(<span class="kw-2">&amp;mut </span><span class="self">self</span>, config: <span class="kw-2">&amp;</span>ProveConfig) -&gt; <span class="prelude-ty">Result</span>&lt;ProverOutput, ProverError&gt; {
<a href=#339 id=339 data-nosnippet>339</a> <span class="kw">let </span>state::Committed {
<a href=#340 id=340 data-nosnippet>340</a> mux_fut,
<a href=#341 id=341 data-nosnippet>341</a> ctx,
<a href=#342 id=342 data-nosnippet>342</a> vm,
<a href=#343 id=343 data-nosnippet>343</a> tls_transcript,
<a href=#344 id=344 data-nosnippet>344</a> transcript_refs,
<a href=#345 id=345 data-nosnippet>345</a> ..
<a href=#346 id=346 data-nosnippet>346</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#347 id=347 data-nosnippet>347</a>
<a href=#348 id=348 data-nosnippet>348</a> <span class="kw">let </span><span class="kw-2">mut </span>output = ProverOutput {
<a href=#349 id=349 data-nosnippet>349</a> transcript_commitments: Vec::new(),
<a href=#350 id=350 data-nosnippet>350</a> transcript_secrets: Vec::new(),
<a href=#351 id=351 data-nosnippet>351</a> };
<a href=#352 id=352 data-nosnippet>352</a>
<a href=#353 id=353 data-nosnippet>353</a> <span class="kw">let </span>payload = ProvePayload {
<a href=#354 id=354 data-nosnippet>354</a> server_identity: config.server_identity().then(|| {
<a href=#355 id=355 data-nosnippet>355</a> (
<a href=#356 id=356 data-nosnippet>356</a> <span class="self">self</span>.config.server_name().clone(),
<a href=#357 id=357 data-nosnippet>357</a> ServerCertData {
<a href=#358 id=358 data-nosnippet>358</a> certs: tls_transcript
<a href=#359 id=359 data-nosnippet>359</a> .server_cert_chain()
<a href=#360 id=360 data-nosnippet>360</a> .expect(<span class="string">"server cert chain is present"</span>)
<a href=#361 id=361 data-nosnippet>361</a> .to_vec(),
<a href=#362 id=362 data-nosnippet>362</a> sig: tls_transcript
<a href=#363 id=363 data-nosnippet>363</a> .server_signature()
<a href=#364 id=364 data-nosnippet>364</a> .expect(<span class="string">"server signature is present"</span>)
<a href=#365 id=365 data-nosnippet>365</a> .clone(),
<a href=#366 id=366 data-nosnippet>366</a> handshake: tls_transcript.handshake_data().clone(),
<a href=#367 id=367 data-nosnippet>367</a> },
<a href=#368 id=368 data-nosnippet>368</a> )
<a href=#369 id=369 data-nosnippet>369</a> }),
<a href=#370 id=370 data-nosnippet>370</a> transcript: config.transcript().cloned(),
<a href=#371 id=371 data-nosnippet>371</a> transcript_commit: config.transcript_commit().map(|config| config.to_request()),
<a href=#372 id=372 data-nosnippet>372</a> };
<a href=#373 id=373 data-nosnippet>373</a>
<a href=#374 id=374 data-nosnippet>374</a> <span class="comment">// Send payload.
<a href=#375 id=375 data-nosnippet>375</a> </span>mux_fut
<a href=#376 id=376 data-nosnippet>376</a> .poll_with(ctx.io_mut().send(payload).map_err(ProverError::from))
<a href=#377 id=377 data-nosnippet>377</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#378 id=378 data-nosnippet>378</a>
<a href=#379 id=379 data-nosnippet>379</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = config.transcript() {
<a href=#380 id=380 data-nosnippet>380</a> decode_transcript(
<a href=#381 id=381 data-nosnippet>381</a> vm,
<a href=#382 id=382 data-nosnippet>382</a> partial_transcript.sent_authed(),
<a href=#383 id=383 data-nosnippet>383</a> partial_transcript.received_authed(),
<a href=#384 id=384 data-nosnippet>384</a> transcript_refs,
<a href=#385 id=385 data-nosnippet>385</a> )
<a href=#386 id=386 data-nosnippet>386</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#387 id=387 data-nosnippet>387</a> }
<a href=#388 id=388 data-nosnippet>388</a>
<a href=#389 id=389 data-nosnippet>389</a> <span class="kw">let </span><span class="kw-2">mut </span>hash_commitments = <span class="prelude-val">None</span>;
<a href=#390 id=390 data-nosnippet>390</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(commit_config) = config.transcript_commit() {
<a href=#391 id=391 data-nosnippet>391</a> <span class="kw">if </span>commit_config.has_encoding() {
<a href=#392 id=392 data-nosnippet>392</a> <span class="kw">let </span>hasher = <span class="self">self
<a href=#393 id=393 data-nosnippet>393</a> </span>.config
<a href=#394 id=394 data-nosnippet>394</a> .crypto_provider()
<a href=#395 id=395 data-nosnippet>395</a> .hash
<a href=#396 id=396 data-nosnippet>396</a> .get(commit_config.encoding_hash_alg())
<a href=#397 id=397 data-nosnippet>397</a> .map_err(ProverError::config)<span class="question-mark">?</span>;
<a href=#398 id=398 data-nosnippet>398</a>
<a href=#399 id=399 data-nosnippet>399</a> <span class="kw">let </span>(commitment, tree) = mux_fut
<a href=#400 id=400 data-nosnippet>400</a> .poll_with(
<a href=#401 id=401 data-nosnippet>401</a> encoding::receive(
<a href=#402 id=402 data-nosnippet>402</a> ctx,
<a href=#403 id=403 data-nosnippet>403</a> hasher,
<a href=#404 id=404 data-nosnippet>404</a> transcript_refs,
<a href=#405 id=405 data-nosnippet>405</a> |plaintext| vm.get_macs(plaintext).expect(<span class="string">"reference is valid"</span>),
<a href=#406 id=406 data-nosnippet>406</a> commit_config.iter_encoding(),
<a href=#407 id=407 data-nosnippet>407</a> )
<a href=#408 id=408 data-nosnippet>408</a> .map_err(ProverError::commit),
<a href=#409 id=409 data-nosnippet>409</a> )
<a href=#410 id=410 data-nosnippet>410</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#411 id=411 data-nosnippet>411</a>
<a href=#412 id=412 data-nosnippet>412</a> output
<a href=#413 id=413 data-nosnippet>413</a> .transcript_commitments
<a href=#414 id=414 data-nosnippet>414</a> .push(TranscriptCommitment::Encoding(commitment));
<a href=#415 id=415 data-nosnippet>415</a> output
<a href=#416 id=416 data-nosnippet>416</a> .transcript_secrets
<a href=#417 id=417 data-nosnippet>417</a> .push(TranscriptSecret::Encoding(tree));
<a href=#418 id=418 data-nosnippet>418</a> }
<a href=#419 id=419 data-nosnippet>419</a>
<a href=#420 id=420 data-nosnippet>420</a> <span class="kw">if </span>commit_config.has_hash() {
<a href=#421 id=421 data-nosnippet>421</a> hash_commitments = <span class="prelude-val">Some</span>(
<a href=#422 id=422 data-nosnippet>422</a> prove_hash(
<a href=#423 id=423 data-nosnippet>423</a> vm,
<a href=#424 id=424 data-nosnippet>424</a> transcript_refs,
<a href=#425 id=425 data-nosnippet>425</a> commit_config
<a href=#426 id=426 data-nosnippet>426</a> .iter_hash()
<a href=#427 id=427 data-nosnippet>427</a> .map(|((dir, idx), alg)| (<span class="kw-2">*</span>dir, idx.clone(), <span class="kw-2">*</span>alg)),
<a href=#428 id=428 data-nosnippet>428</a> )
<a href=#429 id=429 data-nosnippet>429</a> .map_err(ProverError::commit)<span class="question-mark">?</span>,
<a href=#430 id=430 data-nosnippet>430</a> );
<a href=#431 id=431 data-nosnippet>431</a> }
<a href=#432 id=432 data-nosnippet>432</a> }
<a href=#433 id=433 data-nosnippet>433</a>
<a href=#434 id=434 data-nosnippet>434</a> mux_fut
<a href=#435 id=435 data-nosnippet>435</a> .poll_with(vm.execute_all(ctx).map_err(ProverError::zk))
<a href=#436 id=436 data-nosnippet>436</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#437 id=437 data-nosnippet>437</a>
<a href=#438 id=438 data-nosnippet>438</a> <span class="kw">if let </span><span class="prelude-val">Some</span>((hash_fut, hash_secrets)) = hash_commitments {
<a href=#439 id=439 data-nosnippet>439</a> <span class="kw">let </span>hash_commitments = hash_fut.try_recv().map_err(ProverError::commit)<span class="question-mark">?</span>;
<a href=#440 id=440 data-nosnippet>440</a> <span class="kw">for </span>(commitment, secret) <span class="kw">in </span>hash_commitments.into_iter().zip(hash_secrets) {
<a href=#441 id=441 data-nosnippet>441</a> output
<a href=#442 id=442 data-nosnippet>442</a> .transcript_commitments
<a href=#443 id=443 data-nosnippet>443</a> .push(TranscriptCommitment::Hash(commitment));
<a href=#444 id=444 data-nosnippet>444</a> output
<a href=#445 id=445 data-nosnippet>445</a> .transcript_secrets
<a href=#446 id=446 data-nosnippet>446</a> .push(TranscriptSecret::Hash(secret));
<a href=#447 id=447 data-nosnippet>447</a> }
<a href=#448 id=448 data-nosnippet>448</a> }
<a href=#449 id=449 data-nosnippet>449</a>
<a href=#450 id=450 data-nosnippet>450</a> <span class="prelude-val">Ok</span>(output)
<a href=#451 id=451 data-nosnippet>451</a> }
<a href=#452 id=452 data-nosnippet>452</a>
<a href=#453 id=453 data-nosnippet>453</a> <span class="doccomment">/// Requests an attestation from the verifier.
<a href=#454 id=454 data-nosnippet>454</a> ///
<a href=#455 id=455 data-nosnippet>455</a> /// # Arguments
<a href=#456 id=456 data-nosnippet>456</a> ///
<a href=#457 id=457 data-nosnippet>457</a> /// * `config` - The attestation request configuration.
<a href=#458 id=458 data-nosnippet>458</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#459 id=459 data-nosnippet>459</a> #[deprecated(
<a href=#460 id=460 data-nosnippet>460</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#461 id=461 data-nosnippet>461</a> </span>)]
<a href=#462 id=462 data-nosnippet>462</a> </span><span class="kw">pub async fn </span>notarize(
<a href=#463 id=463 data-nosnippet>463</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#464 id=464 data-nosnippet>464</a> config: <span class="kw-2">&amp;</span>RequestConfig,
<a href=#465 id=465 data-nosnippet>465</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(Attestation, Secrets), ProverError&gt; {
<a href=#466 id=466 data-nosnippet>466</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = ProveConfig::builder(<span class="self">self</span>.transcript());
<a href=#467 id=467 data-nosnippet>467</a>
<a href=#468 id=468 data-nosnippet>468</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(config) = config.transcript_commit() {
<a href=#469 id=469 data-nosnippet>469</a> <span class="comment">// Temporarily, we reject attestation requests which contain hash commitments to
<a href=#470 id=470 data-nosnippet>470</a> // subsets of the transcript. We do this because we want to preserve the
<a href=#471 id=471 data-nosnippet>471</a> // obliviousness of the reference notary, and hash commitments currently leak
<a href=#472 id=472 data-nosnippet>472</a> // the ranges which are being committed.
<a href=#473 id=473 data-nosnippet>473</a> </span><span class="kw">for </span>((direction, idx), <span class="kw">_</span>) <span class="kw">in </span>config.iter_hash() {
<a href=#474 id=474 data-nosnippet>474</a> <span class="kw">let </span>len = <span class="kw">match </span>direction {
<a href=#475 id=475 data-nosnippet>475</a> Direction::Sent =&gt; <span class="self">self</span>.transcript().sent().len(),
<a href=#476 id=476 data-nosnippet>476</a> Direction::Received =&gt; <span class="self">self</span>.transcript().received().len(),
<a href=#477 id=477 data-nosnippet>477</a> };
<a href=#478 id=478 data-nosnippet>478</a>
<a href=#479 id=479 data-nosnippet>479</a> <span class="kw">if </span>idx.start() &gt; <span class="number">0 </span>|| idx.end() &lt; len || idx.count() != <span class="number">1 </span>{
<a href=#480 id=480 data-nosnippet>480</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProverError::attestation(
<a href=#481 id=481 data-nosnippet>481</a> <span class="string">"hash commitments to subsets of the transcript are currently not supported in attestation requests"</span>,
<a href=#482 id=482 data-nosnippet>482</a> ));
<a href=#483 id=483 data-nosnippet>483</a> }
<a href=#484 id=484 data-nosnippet>484</a> }
<a href=#485 id=485 data-nosnippet>485</a>
<a href=#486 id=486 data-nosnippet>486</a> builder.transcript_commit(config.clone());
<a href=#487 id=487 data-nosnippet>487</a> }
<a href=#488 id=488 data-nosnippet>488</a>
<a href=#489 id=489 data-nosnippet>489</a> <span class="kw">let </span>disclosure_config = builder.build().map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#490 id=490 data-nosnippet>490</a>
<a href=#491 id=491 data-nosnippet>491</a> <span class="kw">let </span>ProverOutput {
<a href=#492 id=492 data-nosnippet>492</a> transcript_commitments,
<a href=#493 id=493 data-nosnippet>493</a> transcript_secrets,
<a href=#494 id=494 data-nosnippet>494</a> ..
<a href=#495 id=495 data-nosnippet>495</a> } = <span class="self">self</span>.prove(<span class="kw-2">&amp;</span>disclosure_config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#496 id=496 data-nosnippet>496</a>
<a href=#497 id=497 data-nosnippet>497</a> <span class="kw">let </span>state::Committed {
<a href=#498 id=498 data-nosnippet>498</a> mux_fut,
<a href=#499 id=499 data-nosnippet>499</a> ctx,
<a href=#500 id=500 data-nosnippet>500</a> tls_transcript,
<a href=#501 id=501 data-nosnippet>501</a> transcript,
<a href=#502 id=502 data-nosnippet>502</a> ..
<a href=#503 id=503 data-nosnippet>503</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#504 id=504 data-nosnippet>504</a>
<a href=#505 id=505 data-nosnippet>505</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = Request::builder(config);
<a href=#506 id=506 data-nosnippet>506</a>
<a href=#507 id=507 data-nosnippet>507</a> builder
<a href=#508 id=508 data-nosnippet>508</a> .server_name(<span class="self">self</span>.config.server_name().clone())
<a href=#509 id=509 data-nosnippet>509</a> .server_cert_data(ServerCertData {
<a href=#510 id=510 data-nosnippet>510</a> certs: tls_transcript
<a href=#511 id=511 data-nosnippet>511</a> .server_cert_chain()
<a href=#512 id=512 data-nosnippet>512</a> .expect(<span class="string">"server cert chain is present"</span>)
<a href=#513 id=513 data-nosnippet>513</a> .to_vec(),
<a href=#514 id=514 data-nosnippet>514</a> sig: tls_transcript
<a href=#515 id=515 data-nosnippet>515</a> .server_signature()
<a href=#516 id=516 data-nosnippet>516</a> .expect(<span class="string">"server signature is present"</span>)
<a href=#517 id=517 data-nosnippet>517</a> .clone(),
<a href=#518 id=518 data-nosnippet>518</a> handshake: tls_transcript.handshake_data().clone(),
<a href=#519 id=519 data-nosnippet>519</a> })
<a href=#520 id=520 data-nosnippet>520</a> .transcript(transcript.clone())
<a href=#521 id=521 data-nosnippet>521</a> .transcript_commitments(transcript_secrets, transcript_commitments);
<a href=#522 id=522 data-nosnippet>522</a>
<a href=#523 id=523 data-nosnippet>523</a> <span class="kw">let </span>(request, secrets) = builder
<a href=#524 id=524 data-nosnippet>524</a> .build(<span class="self">self</span>.config.crypto_provider())
<a href=#525 id=525 data-nosnippet>525</a> .map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#526 id=526 data-nosnippet>526</a>
<a href=#527 id=527 data-nosnippet>527</a> <span class="kw">let </span>attestation = mux_fut
<a href=#528 id=528 data-nosnippet>528</a> .poll_with(<span class="kw">async </span>{
<a href=#529 id=529 data-nosnippet>529</a> <span class="macro">debug!</span>(<span class="string">"sending attestation request"</span>);
<a href=#530 id=530 data-nosnippet>530</a>
<a href=#531 id=531 data-nosnippet>531</a> ctx.io_mut().send(request.clone()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#532 id=532 data-nosnippet>532</a>
<a href=#533 id=533 data-nosnippet>533</a> <span class="kw">let </span>attestation: Attestation = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#534 id=534 data-nosnippet>534</a>
<a href=#535 id=535 data-nosnippet>535</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, ProverError&gt;(attestation)
<a href=#536 id=536 data-nosnippet>536</a> })
<a href=#537 id=537 data-nosnippet>537</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#538 id=538 data-nosnippet>538</a>
<a href=#539 id=539 data-nosnippet>539</a> <span class="comment">// Check the attestation is consistent with the Prover's view.
<a href=#540 id=540 data-nosnippet>540</a> </span>request
<a href=#541 id=541 data-nosnippet>541</a> .validate(<span class="kw-2">&amp;</span>attestation)
<a href=#542 id=542 data-nosnippet>542</a> .map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#543 id=543 data-nosnippet>543</a>
<a href=#544 id=544 data-nosnippet>544</a> <span class="prelude-val">Ok</span>((attestation, secrets))
<a href=#545 id=545 data-nosnippet>545</a> }
<a href=#546 id=546 data-nosnippet>546</a>
<a href=#547 id=547 data-nosnippet>547</a> <span class="doccomment">/// Closes the connection with the verifier.
<a href=#548 id=548 data-nosnippet>548</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#549 id=549 data-nosnippet>549</a> </span><span class="kw">pub async fn </span>close(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#550 id=550 data-nosnippet>550</a> <span class="kw">let </span>state::Committed {
<a href=#551 id=551 data-nosnippet>551</a> mux_ctrl, mux_fut, ..
<a href=#552 id=552 data-nosnippet>552</a> } = <span class="self">self</span>.state;
<a href=#553 id=553 data-nosnippet>553</a>
<a href=#554 id=554 data-nosnippet>554</a> <span class="comment">// Wait for the verifier to correctly close the connection.
<a href=#555 id=555 data-nosnippet>555</a> </span><span class="kw">if </span>!mux_fut.is_complete() {
<a href=#556 id=556 data-nosnippet>556</a> mux_ctrl.close();
<a href=#557 id=557 data-nosnippet>557</a> mux_fut.<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#558 id=558 data-nosnippet>558</a> }
<a href=#559 id=559 data-nosnippet>559</a>
<a href=#560 id=560 data-nosnippet>560</a> <span class="prelude-val">Ok</span>(())
<a href=#561 id=561 data-nosnippet>561</a> }
<a href=#562 id=562 data-nosnippet>562</a>}
<a href=#563 id=563 data-nosnippet>563</a>
<a href=#564 id=564 data-nosnippet>564</a><span class="kw">fn </span>build_mpc_tls(config: <span class="kw-2">&amp;</span>ProverConfig, ctx: Context) -&gt; (Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;, MpcTlsLeader) {
<a href=#565 id=565 data-nosnippet>565</a> <span class="kw">let </span><span class="kw-2">mut </span>rng = rand::rng();
<a href=#566 id=566 data-nosnippet>566</a> <span class="kw">let </span>delta = Delta::new(Block::random(<span class="kw-2">&amp;mut </span>rng));
<a href=#567 id=567 data-nosnippet>567</a>
<a href=#568 id=568 data-nosnippet>568</a> <span class="kw">let </span>base_ot_send = mpz_ot::chou_orlandi::Sender::default();
<a href=#569 id=569 data-nosnippet>569</a> <span class="kw">let </span>base_ot_recv = mpz_ot::chou_orlandi::Receiver::default();
<a href=#570 id=570 data-nosnippet>570</a> <span class="kw">let </span>rcot_send = mpz_ot::kos::Sender::new(
<a href=#571 id=571 data-nosnippet>571</a> mpz_ot::kos::SenderConfig::default(),
<a href=#572 id=572 data-nosnippet>572</a> delta.into_inner(),
<a href=#573 id=573 data-nosnippet>573</a> base_ot_recv,
<a href=#574 id=574 data-nosnippet>574</a> );
<a href=#575 id=575 data-nosnippet>575</a> <span class="kw">let </span>rcot_recv =
<a href=#576 id=576 data-nosnippet>576</a> mpz_ot::kos::Receiver::new(mpz_ot::kos::ReceiverConfig::default(), base_ot_send);
<a href=#577 id=577 data-nosnippet>577</a> <span class="kw">let </span>rcot_recv = mpz_ot::ferret::Receiver::new(
<a href=#578 id=578 data-nosnippet>578</a> mpz_ot::ferret::FerretConfig::builder()
<a href=#579 id=579 data-nosnippet>579</a> .lpn_type(mpz_ot::ferret::LpnType::Regular)
<a href=#580 id=580 data-nosnippet>580</a> .build()
<a href=#581 id=581 data-nosnippet>581</a> .expect(<span class="string">"ferret config is valid"</span>),
<a href=#582 id=582 data-nosnippet>582</a> Block::random(<span class="kw-2">&amp;mut </span>rng),
<a href=#583 id=583 data-nosnippet>583</a> rcot_recv,
<a href=#584 id=584 data-nosnippet>584</a> );
<a href=#585 id=585 data-nosnippet>585</a>
<a href=#586 id=586 data-nosnippet>586</a> <span class="kw">let </span>rcot_send = mpz_ot::rcot::shared::SharedRCOTSender::new(rcot_send);
<a href=#587 id=587 data-nosnippet>587</a> <span class="kw">let </span>rcot_recv = mpz_ot::rcot::shared::SharedRCOTReceiver::new(rcot_recv);
<a href=#588 id=588 data-nosnippet>588</a>
<a href=#589 id=589 data-nosnippet>589</a> <span class="kw">let </span>mpc = Mpc::new(
<a href=#590 id=590 data-nosnippet>590</a> mpz_ot::cot::DerandCOTSender::new(rcot_send.clone()),
<a href=#591 id=591 data-nosnippet>591</a> rng.random(),
<a href=#592 id=592 data-nosnippet>592</a> delta,
<a href=#593 id=593 data-nosnippet>593</a> );
<a href=#594 id=594 data-nosnippet>594</a>
<a href=#595 id=595 data-nosnippet>595</a> <span class="kw">let </span>zk = Zk::new(rcot_recv.clone());
<a href=#596 id=596 data-nosnippet>596</a>
<a href=#597 id=597 data-nosnippet>597</a> <span class="kw">let </span>vm = Arc::new(Mutex::new(Deap::new(tlsn_deap::Role::Leader, mpc, zk)));
<a href=#598 id=598 data-nosnippet>598</a>
<a href=#599 id=599 data-nosnippet>599</a> (
<a href=#600 id=600 data-nosnippet>600</a> vm.clone(),
<a href=#601 id=601 data-nosnippet>601</a> MpcTlsLeader::new(
<a href=#602 id=602 data-nosnippet>602</a> config.build_mpc_tls_config(),
<a href=#603 id=603 data-nosnippet>603</a> ctx,
<a href=#604 id=604 data-nosnippet>604</a> vm,
<a href=#605 id=605 data-nosnippet>605</a> (rcot_send.clone(), rcot_send.clone(), rcot_send),
<a href=#606 id=606 data-nosnippet>606</a> rcot_recv,
<a href=#607 id=607 data-nosnippet>607</a> ),
<a href=#608 id=608 data-nosnippet>608</a> )
<a href=#609 id=609 data-nosnippet>609</a>}
<a href=#610 id=610 data-nosnippet>610</a>
<a href=#611 id=611 data-nosnippet>611</a><span class="doccomment">/// A controller for the prover.
<a href=#612 id=612 data-nosnippet>612</a></span><span class="attr">#[derive(Clone)]
<a href=#613 id=613 data-nosnippet>613</a></span><span class="kw">pub struct </span>ProverControl {
<a href=#614 id=614 data-nosnippet>614</a> mpc_ctrl: LeaderCtrl,
<a href=#615 id=615 data-nosnippet>615</a>}
<a href=#616 id=616 data-nosnippet>616</a>
<a href=#617 id=617 data-nosnippet>617</a><span class="kw">impl </span>ProverControl {
<a href=#618 id=618 data-nosnippet>618</a> <span class="doccomment">/// Defers decryption of data from the server until the server has closed
<a href=#619 id=619 data-nosnippet>619</a> /// the connection.
<a href=#620 id=620 data-nosnippet>620</a> ///
<a href=#621 id=621 data-nosnippet>621</a> /// This is a performance optimization which will significantly reduce the
<a href=#622 id=622 data-nosnippet>622</a> /// amount of upload bandwidth used by the prover.
<a href=#623 id=623 data-nosnippet>623</a> ///
<a href=#624 id=624 data-nosnippet>624</a> /// # Notes
<a href=#625 id=625 data-nosnippet>625</a> ///
<a href=#626 id=626 data-nosnippet>626</a> /// * The prover may need to close the connection to the server in order for
<a href=#627 id=627 data-nosnippet>627</a> /// it to close the connection on its end. If neither the prover or server
<a href=#628 id=628 data-nosnippet>628</a> /// close the connection this will cause a deadlock.
<a href=#629 id=629 data-nosnippet>629</a> </span><span class="kw">pub async fn </span>defer_decryption(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#630 id=630 data-nosnippet>630</a> <span class="self">self</span>.mpc_ctrl
<a href=#631 id=631 data-nosnippet>631</a> .defer_decryption()
<a href=#632 id=632 data-nosnippet>632</a> .<span class="kw">await
<a href=#633 id=633 data-nosnippet>633</a> </span>.map_err(ProverError::from)
<a href=#634 id=634 data-nosnippet>634</a> }
<a href=#635 id=635 data-nosnippet>635</a>}
<a href=#636 id=636 data-nosnippet>636</a>
<a href=#637 id=637 data-nosnippet>637</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#638 id=638 data-nosnippet>638</a></span><span class="kw">fn </span>translate_keys&lt;Mpc, Zk&gt;(keys: <span class="kw-2">&amp;mut </span>SessionKeys, vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#639 id=639 data-nosnippet>639</a> keys.client_write_key = vm
<a href=#640 id=640 data-nosnippet>640</a> .translate(keys.client_write_key)
<a href=#641 id=641 data-nosnippet>641</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#642 id=642 data-nosnippet>642</a> keys.client_write_iv = vm
<a href=#643 id=643 data-nosnippet>643</a> .translate(keys.client_write_iv)
<a href=#644 id=644 data-nosnippet>644</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#645 id=645 data-nosnippet>645</a> keys.server_write_key = vm
<a href=#646 id=646 data-nosnippet>646</a> .translate(keys.server_write_key)
<a href=#647 id=647 data-nosnippet>647</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#648 id=648 data-nosnippet>648</a> keys.server_write_iv = vm
<a href=#649 id=649 data-nosnippet>649</a> .translate(keys.server_write_iv)
<a href=#650 id=650 data-nosnippet>650</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#651 id=651 data-nosnippet>651</a> keys.server_write_mac_key = vm
<a href=#652 id=652 data-nosnippet>652</a> .translate(keys.server_write_mac_key)
<a href=#653 id=653 data-nosnippet>653</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#654 id=654 data-nosnippet>654</a>
<a href=#655 id=655 data-nosnippet>655</a> <span class="prelude-val">Ok</span>(())
<a href=#656 id=656 data-nosnippet>656</a>}</code></pre></div></section></main></body></html>

14
src/tlsn_prover/config.rs.html → src/tlsn/prover/config.rs.html
View File

@@ -1,11 +1,11 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/prover/src/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_prover" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_prover/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>std::sync::Arc;
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/prover/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/prover/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>std::sync::Arc;
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>derive_builder::UninitializedFieldError;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">use </span>mpc_tls::Config;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>rustls_pki_types::{pem::PemObject, CertificateDer, PrivatePkcs1KeyDer, PrivatePkcs8KeyDer};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>tls_core::key;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tlsn_common::config::{NetworkSetting, ProtocolConfig};
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>tlsn_core::{connection::ServerName, CryptoProvider};
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span><span class="kw">crate</span>::config::{NetworkSetting, ProtocolConfig};
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">use </span>derive_builder::UninitializedFieldError;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpc_tls::Config;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>rustls_pki_types::{CertificateDer, PrivatePkcs1KeyDer, PrivatePkcs8KeyDer, pem::PemObject};
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tls_core::key;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>tlsn_core::{CryptoProvider, connection::ServerName};
<a href=#9 id=9 data-nosnippet>9</a>
<a href=#10 id=10 data-nosnippet>10</a><span class="doccomment">/// Configuration for the prover.
<a href=#11 id=11 data-nosnippet>11</a></span><span class="attr">#[derive(Debug, Clone, derive_builder::Builder)]

132
src/tlsn/prover/error.rs.html Normal file
View File

@@ -0,0 +1,132 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/prover/error.rs`."><title>error.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/prover/</div>error.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>std::{error::Error, fmt};
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>mpc_tls::MpcTlsError;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use crate</span>::{encoding::EncodingError, zk_aes_ctr::ZkAesCtrError};
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a><span class="doccomment">/// Error for [`Prover`](crate::Prover).
<a href=#8 id=8 data-nosnippet>8</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#9 id=9 data-nosnippet>9</a></span><span class="kw">pub struct </span>ProverError {
<a href=#10 id=10 data-nosnippet>10</a> kind: ErrorKind,
<a href=#11 id=11 data-nosnippet>11</a> source: <span class="prelude-ty">Option</span>&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#12 id=12 data-nosnippet>12</a>}
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">impl </span>ProverError {
<a href=#15 id=15 data-nosnippet>15</a> <span class="kw">fn </span>new&lt;E&gt;(kind: ErrorKind, source: E) -&gt; <span class="self">Self
<a href=#16 id=16 data-nosnippet>16</a> </span><span class="kw">where
<a href=#17 id=17 data-nosnippet>17</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#18 id=18 data-nosnippet>18</a> {
<a href=#19 id=19 data-nosnippet>19</a> <span class="self">Self </span>{
<a href=#20 id=20 data-nosnippet>20</a> kind,
<a href=#21 id=21 data-nosnippet>21</a> source: <span class="prelude-val">Some</span>(source.into()),
<a href=#22 id=22 data-nosnippet>22</a> }
<a href=#23 id=23 data-nosnippet>23</a> }
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>config&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#26 id=26 data-nosnippet>26</a> </span><span class="kw">where
<a href=#27 id=27 data-nosnippet>27</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#28 id=28 data-nosnippet>28</a> {
<a href=#29 id=29 data-nosnippet>29</a> <span class="self">Self</span>::new(ErrorKind::Config, source)
<a href=#30 id=30 data-nosnippet>30</a> }
<a href=#31 id=31 data-nosnippet>31</a>
<a href=#32 id=32 data-nosnippet>32</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>mpc&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#33 id=33 data-nosnippet>33</a> </span><span class="kw">where
<a href=#34 id=34 data-nosnippet>34</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#35 id=35 data-nosnippet>35</a> {
<a href=#36 id=36 data-nosnippet>36</a> <span class="self">Self</span>::new(ErrorKind::Mpc, source)
<a href=#37 id=37 data-nosnippet>37</a> }
<a href=#38 id=38 data-nosnippet>38</a>
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>zk&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#40 id=40 data-nosnippet>40</a> </span><span class="kw">where
<a href=#41 id=41 data-nosnippet>41</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#42 id=42 data-nosnippet>42</a> {
<a href=#43 id=43 data-nosnippet>43</a> <span class="self">Self</span>::new(ErrorKind::Zk, source)
<a href=#44 id=44 data-nosnippet>44</a> }
<a href=#45 id=45 data-nosnippet>45</a>
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>commit&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#47 id=47 data-nosnippet>47</a> </span><span class="kw">where
<a href=#48 id=48 data-nosnippet>48</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#49 id=49 data-nosnippet>49</a> {
<a href=#50 id=50 data-nosnippet>50</a> <span class="self">Self</span>::new(ErrorKind::Commit, source)
<a href=#51 id=51 data-nosnippet>51</a> }
<a href=#52 id=52 data-nosnippet>52</a>
<a href=#53 id=53 data-nosnippet>53</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>attestation&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#54 id=54 data-nosnippet>54</a> </span><span class="kw">where
<a href=#55 id=55 data-nosnippet>55</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#56 id=56 data-nosnippet>56</a> {
<a href=#57 id=57 data-nosnippet>57</a> <span class="self">Self</span>::new(ErrorKind::Attestation, source)
<a href=#58 id=58 data-nosnippet>58</a> }
<a href=#59 id=59 data-nosnippet>59</a>}
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a><span class="attr">#[derive(Debug)]
<a href=#62 id=62 data-nosnippet>62</a></span><span class="kw">enum </span>ErrorKind {
<a href=#63 id=63 data-nosnippet>63</a> Io,
<a href=#64 id=64 data-nosnippet>64</a> Mpc,
<a href=#65 id=65 data-nosnippet>65</a> Zk,
<a href=#66 id=66 data-nosnippet>66</a> Config,
<a href=#67 id=67 data-nosnippet>67</a> Commit,
<a href=#68 id=68 data-nosnippet>68</a> Attestation,
<a href=#69 id=69 data-nosnippet>69</a>}
<a href=#70 id=70 data-nosnippet>70</a>
<a href=#71 id=71 data-nosnippet>71</a><span class="kw">impl </span>fmt::Display <span class="kw">for </span>ProverError {
<a href=#72 id=72 data-nosnippet>72</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; fmt::Result {
<a href=#73 id=73 data-nosnippet>73</a> f.write_str(<span class="string">"prover error: "</span>)<span class="question-mark">?</span>;
<a href=#74 id=74 data-nosnippet>74</a>
<a href=#75 id=75 data-nosnippet>75</a> <span class="kw">match </span><span class="self">self</span>.kind {
<a href=#76 id=76 data-nosnippet>76</a> ErrorKind::Io =&gt; f.write_str(<span class="string">"io error"</span>)<span class="question-mark">?</span>,
<a href=#77 id=77 data-nosnippet>77</a> ErrorKind::Mpc =&gt; f.write_str(<span class="string">"mpc error"</span>)<span class="question-mark">?</span>,
<a href=#78 id=78 data-nosnippet>78</a> ErrorKind::Zk =&gt; f.write_str(<span class="string">"zk error"</span>)<span class="question-mark">?</span>,
<a href=#79 id=79 data-nosnippet>79</a> ErrorKind::Config =&gt; f.write_str(<span class="string">"config error"</span>)<span class="question-mark">?</span>,
<a href=#80 id=80 data-nosnippet>80</a> ErrorKind::Commit =&gt; f.write_str(<span class="string">"commit error"</span>)<span class="question-mark">?</span>,
<a href=#81 id=81 data-nosnippet>81</a> ErrorKind::Attestation =&gt; f.write_str(<span class="string">"attestation error"</span>)<span class="question-mark">?</span>,
<a href=#82 id=82 data-nosnippet>82</a> }
<a href=#83 id=83 data-nosnippet>83</a>
<a href=#84 id=84 data-nosnippet>84</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(source) = <span class="kw-2">&amp;</span><span class="self">self</span>.source {
<a href=#85 id=85 data-nosnippet>85</a> <span class="macro">write!</span>(f, <span class="string">" caused by: {source}"</span>)<span class="question-mark">?</span>;
<a href=#86 id=86 data-nosnippet>86</a> }
<a href=#87 id=87 data-nosnippet>87</a>
<a href=#88 id=88 data-nosnippet>88</a> <span class="prelude-val">Ok</span>(())
<a href=#89 id=89 data-nosnippet>89</a> }
<a href=#90 id=90 data-nosnippet>90</a>}
<a href=#91 id=91 data-nosnippet>91</a>
<a href=#92 id=92 data-nosnippet>92</a><span class="kw">impl </span>From&lt;std::io::Error&gt; <span class="kw">for </span>ProverError {
<a href=#93 id=93 data-nosnippet>93</a> <span class="kw">fn </span>from(e: std::io::Error) -&gt; <span class="self">Self </span>{
<a href=#94 id=94 data-nosnippet>94</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#95 id=95 data-nosnippet>95</a> }
<a href=#96 id=96 data-nosnippet>96</a>}
<a href=#97 id=97 data-nosnippet>97</a>
<a href=#98 id=98 data-nosnippet>98</a><span class="kw">impl </span>From&lt;tls_client_async::ConnectionError&gt; <span class="kw">for </span>ProverError {
<a href=#99 id=99 data-nosnippet>99</a> <span class="kw">fn </span>from(e: tls_client_async::ConnectionError) -&gt; <span class="self">Self </span>{
<a href=#100 id=100 data-nosnippet>100</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#101 id=101 data-nosnippet>101</a> }
<a href=#102 id=102 data-nosnippet>102</a>}
<a href=#103 id=103 data-nosnippet>103</a>
<a href=#104 id=104 data-nosnippet>104</a><span class="kw">impl </span>From&lt;uid_mux::yamux::ConnectionError&gt; <span class="kw">for </span>ProverError {
<a href=#105 id=105 data-nosnippet>105</a> <span class="kw">fn </span>from(e: uid_mux::yamux::ConnectionError) -&gt; <span class="self">Self </span>{
<a href=#106 id=106 data-nosnippet>106</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#107 id=107 data-nosnippet>107</a> }
<a href=#108 id=108 data-nosnippet>108</a>}
<a href=#109 id=109 data-nosnippet>109</a>
<a href=#110 id=110 data-nosnippet>110</a><span class="kw">impl </span>From&lt;mpz_common::ContextError&gt; <span class="kw">for </span>ProverError {
<a href=#111 id=111 data-nosnippet>111</a> <span class="kw">fn </span>from(e: mpz_common::ContextError) -&gt; <span class="self">Self </span>{
<a href=#112 id=112 data-nosnippet>112</a> <span class="self">Self</span>::new(ErrorKind::Mpc, e)
<a href=#113 id=113 data-nosnippet>113</a> }
<a href=#114 id=114 data-nosnippet>114</a>}
<a href=#115 id=115 data-nosnippet>115</a>
<a href=#116 id=116 data-nosnippet>116</a><span class="kw">impl </span>From&lt;MpcTlsError&gt; <span class="kw">for </span>ProverError {
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">fn </span>from(e: MpcTlsError) -&gt; <span class="self">Self </span>{
<a href=#118 id=118 data-nosnippet>118</a> <span class="self">Self</span>::new(ErrorKind::Mpc, e)
<a href=#119 id=119 data-nosnippet>119</a> }
<a href=#120 id=120 data-nosnippet>120</a>}
<a href=#121 id=121 data-nosnippet>121</a>
<a href=#122 id=122 data-nosnippet>122</a><span class="kw">impl </span>From&lt;ZkAesCtrError&gt; <span class="kw">for </span>ProverError {
<a href=#123 id=123 data-nosnippet>123</a> <span class="kw">fn </span>from(e: ZkAesCtrError) -&gt; <span class="self">Self </span>{
<a href=#124 id=124 data-nosnippet>124</a> <span class="self">Self</span>::new(ErrorKind::Zk, e)
<a href=#125 id=125 data-nosnippet>125</a> }
<a href=#126 id=126 data-nosnippet>126</a>}
<a href=#127 id=127 data-nosnippet>127</a>
<a href=#128 id=128 data-nosnippet>128</a><span class="kw">impl </span>From&lt;EncodingError&gt; <span class="kw">for </span>ProverError {
<a href=#129 id=129 data-nosnippet>129</a> <span class="kw">fn </span>from(e: EncodingError) -&gt; <span class="self">Self </span>{
<a href=#130 id=130 data-nosnippet>130</a> <span class="self">Self</span>::new(ErrorKind::Commit, e)
<a href=#131 id=131 data-nosnippet>131</a> }
<a href=#132 id=132 data-nosnippet>132</a>}</code></pre></div></section></main></body></html>

4
src/tlsn_prover/future.rs.html → src/tlsn/prover/future.rs.html
View File

@@ -1,6 +1,6 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/prover/src/future.rs`."><title>future.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_prover" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_prover/</div>future.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! This module collects futures which are used by the [Prover].
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/prover/future.rs`."><title>future.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/prover/</div>future.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! This module collects futures which are used by the [Prover].
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use super</span>::{state, Prover, ProverControl, ProverError};
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use super</span>::{Prover, ProverControl, ProverError, state};
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">use </span>futures::Future;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>std::pin::Pin;
<a href=#6 id=6 data-nosnippet>6</a>

61
src/tlsn/prover/state.rs.html Normal file
View File

@@ -0,0 +1,61 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/prover/state.rs`."><title>state.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/prover/</div>state.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS prover states.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::sync::Arc;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpc_tls::{MpcTlsLeader, SessionKeys};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpz_common::Context;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tlsn_core::transcript::{TlsTranscript, Transcript};
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#10 id=10 data-nosnippet>10</a>
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use crate</span>::{
<a href=#12 id=12 data-nosnippet>12</a> commit::transcript::TranscriptRefs,
<a href=#13 id=13 data-nosnippet>13</a> mux::{MuxControl, MuxFuture},
<a href=#14 id=14 data-nosnippet>14</a> prover::{Mpc, Zk},
<a href=#15 id=15 data-nosnippet>15</a> zk_aes_ctr::ZkAesCtr,
<a href=#16 id=16 data-nosnippet>16</a>};
<a href=#17 id=17 data-nosnippet>17</a>
<a href=#18 id=18 data-nosnippet>18</a><span class="doccomment">/// Entry state
<a href=#19 id=19 data-nosnippet>19</a></span><span class="kw">pub struct </span>Initialized;
<a href=#20 id=20 data-nosnippet>20</a>
<a href=#21 id=21 data-nosnippet>21</a><span class="macro">opaque_debug::implement!</span>(Initialized);
<a href=#22 id=22 data-nosnippet>22</a>
<a href=#23 id=23 data-nosnippet>23</a><span class="doccomment">/// State after MPC setup has completed.
<a href=#24 id=24 data-nosnippet>24</a></span><span class="kw">pub struct </span>Setup {
<a href=#25 id=25 data-nosnippet>25</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#26 id=26 data-nosnippet>26</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#27 id=27 data-nosnippet>27</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mpc_tls: MpcTlsLeader,
<a href=#28 id=28 data-nosnippet>28</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr_sent: ZkAesCtr,
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr_recv: ZkAesCtr,
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">pub</span>(<span class="kw">crate</span>) keys: SessionKeys,
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;,
<a href=#32 id=32 data-nosnippet>32</a>}
<a href=#33 id=33 data-nosnippet>33</a>
<a href=#34 id=34 data-nosnippet>34</a><span class="macro">opaque_debug::implement!</span>(Setup);
<a href=#35 id=35 data-nosnippet>35</a>
<a href=#36 id=36 data-nosnippet>36</a><span class="doccomment">/// State after the TLS connection has been committed and closed.
<a href=#37 id=37 data-nosnippet>37</a></span><span class="kw">pub struct </span>Committed {
<a href=#38 id=38 data-nosnippet>38</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#40 id=40 data-nosnippet>40</a> <span class="kw">pub</span>(<span class="kw">crate</span>) ctx: Context,
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Zk,
<a href=#42 id=42 data-nosnippet>42</a> <span class="kw">pub</span>(<span class="kw">crate</span>) tls_transcript: TlsTranscript,
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript: Transcript,
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript_refs: TranscriptRefs,
<a href=#45 id=45 data-nosnippet>45</a>}
<a href=#46 id=46 data-nosnippet>46</a>
<a href=#47 id=47 data-nosnippet>47</a><span class="macro">opaque_debug::implement!</span>(Committed);
<a href=#48 id=48 data-nosnippet>48</a>
<a href=#49 id=49 data-nosnippet>49</a><span class="attr">#[allow(missing_docs)]
<a href=#50 id=50 data-nosnippet>50</a></span><span class="kw">pub trait </span>ProverState: sealed::Sealed {}
<a href=#51 id=51 data-nosnippet>51</a>
<a href=#52 id=52 data-nosnippet>52</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Initialized {}
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Setup {}
<a href=#54 id=54 data-nosnippet>54</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Committed {}
<a href=#55 id=55 data-nosnippet>55</a>
<a href=#56 id=56 data-nosnippet>56</a><span class="kw">mod </span>sealed {
<a href=#57 id=57 data-nosnippet>57</a> <span class="kw">pub trait </span>Sealed {}
<a href=#58 id=58 data-nosnippet>58</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Initialized {}
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Setup {}
<a href=#60 id=60 data-nosnippet>60</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Committed {}
<a href=#61 id=61 data-nosnippet>61</a>}</code></pre></div></section></main></body></html>

170
src/tlsn/tag.rs.html Normal file
View File

@@ -0,0 +1,170 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/tag.rs`."><title>tag.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>tag.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS record tag verification.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span><span class="kw">crate</span>::ghash::ghash;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>cipher::{Cipher, aes::Aes128};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpz_core::bitvec::BitVec;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpz_memory_core::{
<a href=#8 id=8 data-nosnippet>8</a> DecodeFutureTyped,
<a href=#9 id=9 data-nosnippet>9</a> binary::{Binary, U8},
<a href=#10 id=10 data-nosnippet>10</a>};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>mpz_vm_core::{Vm, prelude::<span class="kw-2">*</span>};
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>tls_client::ProtocolVersion;
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>tls_core::cipher::make_tls12_aad;
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>tlsn_core::{connection::TlsVersion, transcript::Record};
<a href=#15 id=15 data-nosnippet>15</a>
<a href=#16 id=16 data-nosnippet>16</a><span class="doccomment">/// Proves the verification of tags of the given `records`,
<a href=#17 id=17 data-nosnippet>17</a>/// returning a proof.
<a href=#18 id=18 data-nosnippet>18</a>///
<a href=#19 id=19 data-nosnippet>19</a>/// # Arguments
<a href=#20 id=20 data-nosnippet>20</a>///
<a href=#21 id=21 data-nosnippet>21</a>/// * `vm` - Virtual machine.
<a href=#22 id=22 data-nosnippet>22</a>/// * `key_iv` - Cipher key and IV.
<a href=#23 id=23 data-nosnippet>23</a>/// * `mac_key` - MAC key.
<a href=#24 id=24 data-nosnippet>24</a>/// * `tls_version` - TLS protocol version.
<a href=#25 id=25 data-nosnippet>25</a>/// * `records` - Records for which the verification is to be proven.
<a href=#26 id=26 data-nosnippet>26</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>verify_tags(
<a href=#27 id=27 data-nosnippet>27</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#28 id=28 data-nosnippet>28</a> key_iv: (Array&lt;U8, <span class="number">16</span>&gt;, Array&lt;U8, <span class="number">4</span>&gt;),
<a href=#29 id=29 data-nosnippet>29</a> mac_key: Array&lt;U8, <span class="number">16</span>&gt;,
<a href=#30 id=30 data-nosnippet>30</a> tls_version: TlsVersion,
<a href=#31 id=31 data-nosnippet>31</a> records: Vec&lt;Record&gt;,
<a href=#32 id=32 data-nosnippet>32</a>) -&gt; <span class="prelude-ty">Result</span>&lt;TagProof, TagProofError&gt; {
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">let </span><span class="kw-2">mut </span>aes = Aes128::default();
<a href=#34 id=34 data-nosnippet>34</a> aes.set_key(key_iv.<span class="number">0</span>);
<a href=#35 id=35 data-nosnippet>35</a> aes.set_iv(key_iv.<span class="number">1</span>);
<a href=#36 id=36 data-nosnippet>36</a>
<a href=#37 id=37 data-nosnippet>37</a> <span class="comment">// Compute j0 blocks.
<a href=#38 id=38 data-nosnippet>38</a> </span><span class="kw">let </span>j0s = records
<a href=#39 id=39 data-nosnippet>39</a> .iter()
<a href=#40 id=40 data-nosnippet>40</a> .map(|rec| {
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">let </span>block = aes.alloc_ctr_block(vm).map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#42 id=42 data-nosnippet>42</a>
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">let </span>explicit_nonce: [u8; <span class="number">8</span>] =
<a href=#44 id=44 data-nosnippet>44</a> rec.explicit_nonce
<a href=#45 id=45 data-nosnippet>45</a> .clone()
<a href=#46 id=46 data-nosnippet>46</a> .try_into()
<a href=#47 id=47 data-nosnippet>47</a> .map_err(|explicit_nonce: Vec&lt;<span class="kw">_</span>&gt;| ErrorRepr::ExplicitNonceLength {
<a href=#48 id=48 data-nosnippet>48</a> expected: <span class="number">8</span>,
<a href=#49 id=49 data-nosnippet>49</a> actual: explicit_nonce.len(),
<a href=#50 id=50 data-nosnippet>50</a> })<span class="question-mark">?</span>;
<a href=#51 id=51 data-nosnippet>51</a>
<a href=#52 id=52 data-nosnippet>52</a> vm.assign(block.explicit_nonce, explicit_nonce)
<a href=#53 id=53 data-nosnippet>53</a> .map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#54 id=54 data-nosnippet>54</a> vm.commit(block.explicit_nonce).map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#55 id=55 data-nosnippet>55</a>
<a href=#56 id=56 data-nosnippet>56</a> <span class="comment">// j0's counter is set to 1.
<a href=#57 id=57 data-nosnippet>57</a> </span>vm.assign(block.counter, <span class="number">1u32</span>.to_be_bytes())
<a href=#58 id=58 data-nosnippet>58</a> .map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#59 id=59 data-nosnippet>59</a> vm.commit(block.counter).map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a> <span class="kw">let </span>j0 = vm.decode(block.output).map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#62 id=62 data-nosnippet>62</a>
<a href=#63 id=63 data-nosnippet>63</a> <span class="prelude-val">Ok</span>(j0)
<a href=#64 id=64 data-nosnippet>64</a> })
<a href=#65 id=65 data-nosnippet>65</a> .collect::&lt;<span class="prelude-ty">Result</span>&lt;Vec&lt;<span class="kw">_</span>&gt;, TagProofError&gt;&gt;()<span class="question-mark">?</span>;
<a href=#66 id=66 data-nosnippet>66</a>
<a href=#67 id=67 data-nosnippet>67</a> <span class="kw">let </span>mac_key = vm.decode(mac_key).map_err(TagProofError::vm)<span class="question-mark">?</span>;
<a href=#68 id=68 data-nosnippet>68</a>
<a href=#69 id=69 data-nosnippet>69</a> <span class="prelude-val">Ok</span>(TagProof {
<a href=#70 id=70 data-nosnippet>70</a> tls_version,
<a href=#71 id=71 data-nosnippet>71</a> j0s,
<a href=#72 id=72 data-nosnippet>72</a> records,
<a href=#73 id=73 data-nosnippet>73</a> mac_key,
<a href=#74 id=74 data-nosnippet>74</a> })
<a href=#75 id=75 data-nosnippet>75</a>}
<a href=#76 id=76 data-nosnippet>76</a>
<a href=#77 id=77 data-nosnippet>77</a><span class="doccomment">/// Proof of tag verification.
<a href=#78 id=78 data-nosnippet>78</a></span><span class="attr">#[derive(Debug)]
<a href=#79 id=79 data-nosnippet>79</a>#[must_use]
<a href=#80 id=80 data-nosnippet>80</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>TagProof {
<a href=#81 id=81 data-nosnippet>81</a> tls_version: TlsVersion,
<a href=#82 id=82 data-nosnippet>82</a> <span class="doccomment">/// The j0 block for each record.
<a href=#83 id=83 data-nosnippet>83</a> </span>j0s: Vec&lt;DecodeFutureTyped&lt;BitVec, [u8; <span class="number">16</span>]&gt;&gt;,
<a href=#84 id=84 data-nosnippet>84</a> records: Vec&lt;Record&gt;,
<a href=#85 id=85 data-nosnippet>85</a> <span class="doccomment">/// The MAC key for tag computation.
<a href=#86 id=86 data-nosnippet>86</a> </span>mac_key: DecodeFutureTyped&lt;BitVec, [u8; <span class="number">16</span>]&gt;,
<a href=#87 id=87 data-nosnippet>87</a>}
<a href=#88 id=88 data-nosnippet>88</a>
<a href=#89 id=89 data-nosnippet>89</a><span class="kw">impl </span>TagProof {
<a href=#90 id=90 data-nosnippet>90</a> <span class="doccomment">/// Verifies the proof.
<a href=#91 id=91 data-nosnippet>91</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>verify(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), TagProofError&gt; {
<a href=#92 id=92 data-nosnippet>92</a> <span class="kw">let </span><span class="self">Self </span>{
<a href=#93 id=93 data-nosnippet>93</a> tls_version,
<a href=#94 id=94 data-nosnippet>94</a> j0s,
<a href=#95 id=95 data-nosnippet>95</a> <span class="kw-2">mut </span>mac_key,
<a href=#96 id=96 data-nosnippet>96</a> records,
<a href=#97 id=97 data-nosnippet>97</a> } = <span class="self">self</span>;
<a href=#98 id=98 data-nosnippet>98</a>
<a href=#99 id=99 data-nosnippet>99</a> <span class="kw">let </span>mac_key = mac_key
<a href=#100 id=100 data-nosnippet>100</a> .try_recv()
<a href=#101 id=101 data-nosnippet>101</a> .map_err(TagProofError::vm)<span class="question-mark">?
<a href=#102 id=102 data-nosnippet>102</a> </span>.ok_or_else(|| ErrorRepr::NotDecoded)<span class="question-mark">?</span>;
<a href=#103 id=103 data-nosnippet>103</a>
<a href=#104 id=104 data-nosnippet>104</a> <span class="kw">let </span>vers = <span class="kw">match </span>tls_version {
<a href=#105 id=105 data-nosnippet>105</a> TlsVersion::V1_2 =&gt; ProtocolVersion::TLSv1_2,
<a href=#106 id=106 data-nosnippet>106</a> TlsVersion::V1_3 =&gt; ProtocolVersion::TLSv1_3,
<a href=#107 id=107 data-nosnippet>107</a> };
<a href=#108 id=108 data-nosnippet>108</a>
<a href=#109 id=109 data-nosnippet>109</a> <span class="kw">for </span>(<span class="kw-2">mut </span>j0, rec) <span class="kw">in </span>j0s.into_iter().zip(records) {
<a href=#110 id=110 data-nosnippet>110</a> <span class="kw">let </span>j0 = j0
<a href=#111 id=111 data-nosnippet>111</a> .try_recv()
<a href=#112 id=112 data-nosnippet>112</a> .map_err(TagProofError::vm)<span class="question-mark">?
<a href=#113 id=113 data-nosnippet>113</a> </span>.ok_or_else(|| ErrorRepr::NotDecoded)<span class="question-mark">?</span>;
<a href=#114 id=114 data-nosnippet>114</a>
<a href=#115 id=115 data-nosnippet>115</a> <span class="kw">let </span>aad = make_tls12_aad(rec.seq, rec.typ, vers, rec.ciphertext.len());
<a href=#116 id=116 data-nosnippet>116</a>
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">let </span>ghash_tag = ghash(aad.as_ref(), <span class="kw-2">&amp;</span>rec.ciphertext, <span class="kw-2">&amp;</span>mac_key);
<a href=#118 id=118 data-nosnippet>118</a>
<a href=#119 id=119 data-nosnippet>119</a> <span class="kw">let </span>record_tag = <span class="kw">match </span>rec.tag.as_ref() {
<a href=#120 id=120 data-nosnippet>120</a> <span class="prelude-val">Some</span>(tag) =&gt; tag,
<a href=#121 id=121 data-nosnippet>121</a> <span class="prelude-val">None </span>=&gt; {
<a href=#122 id=122 data-nosnippet>122</a> <span class="comment">// This will never happen, since we only call this method
<a href=#123 id=123 data-nosnippet>123</a> // for proofs where the records' tags are known.
<a href=#124 id=124 data-nosnippet>124</a> </span><span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::UnknownTag.into());
<a href=#125 id=125 data-nosnippet>125</a> }
<a href=#126 id=126 data-nosnippet>126</a> };
<a href=#127 id=127 data-nosnippet>127</a>
<a href=#128 id=128 data-nosnippet>128</a> <span class="kw">if </span><span class="kw-2">*</span>record_tag
<a href=#129 id=129 data-nosnippet>129</a> != ghash_tag
<a href=#130 id=130 data-nosnippet>130</a> .into_iter()
<a href=#131 id=131 data-nosnippet>131</a> .zip(j0.into_iter())
<a href=#132 id=132 data-nosnippet>132</a> .map(|(a, b)| a ^ b)
<a href=#133 id=133 data-nosnippet>133</a> .collect::&lt;Vec&lt;<span class="kw">_</span>&gt;&gt;()
<a href=#134 id=134 data-nosnippet>134</a> {
<a href=#135 id=135 data-nosnippet>135</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ErrorRepr::InvalidTag.into());
<a href=#136 id=136 data-nosnippet>136</a> }
<a href=#137 id=137 data-nosnippet>137</a> }
<a href=#138 id=138 data-nosnippet>138</a>
<a href=#139 id=139 data-nosnippet>139</a> <span class="prelude-val">Ok</span>(())
<a href=#140 id=140 data-nosnippet>140</a> }
<a href=#141 id=141 data-nosnippet>141</a>}
<a href=#142 id=142 data-nosnippet>142</a>
<a href=#143 id=143 data-nosnippet>143</a><span class="doccomment">/// Error for [`J0Proof`].
<a href=#144 id=144 data-nosnippet>144</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#145 id=145 data-nosnippet>145</a>#[error(transparent)]
<a href=#146 id=146 data-nosnippet>146</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>TagProofError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#147 id=147 data-nosnippet>147</a>
<a href=#148 id=148 data-nosnippet>148</a><span class="kw">impl </span>TagProofError {
<a href=#149 id=149 data-nosnippet>149</a> <span class="kw">fn </span>vm&lt;E&gt;(err: E) -&gt; <span class="self">Self
<a href=#150 id=150 data-nosnippet>150</a> </span><span class="kw">where
<a href=#151 id=151 data-nosnippet>151</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#152 id=152 data-nosnippet>152</a> {
<a href=#153 id=153 data-nosnippet>153</a> <span class="self">Self</span>(ErrorRepr::Vm(err.into()))
<a href=#154 id=154 data-nosnippet>154</a> }
<a href=#155 id=155 data-nosnippet>155</a>}
<a href=#156 id=156 data-nosnippet>156</a>
<a href=#157 id=157 data-nosnippet>157</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#158 id=158 data-nosnippet>158</a>#[error(<span class="string">"j0 proof error: {0}"</span>)]
<a href=#159 id=159 data-nosnippet>159</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#160 id=160 data-nosnippet>160</a> <span class="attr">#[error(<span class="string">"value was not decoded"</span>)]
<a href=#161 id=161 data-nosnippet>161</a> </span>NotDecoded,
<a href=#162 id=162 data-nosnippet>162</a> <span class="attr">#[error(<span class="string">"VM error: {0}"</span>)]
<a href=#163 id=163 data-nosnippet>163</a> </span>Vm(Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;),
<a href=#164 id=164 data-nosnippet>164</a> <span class="attr">#[error(<span class="string">"tag does not match expected"</span>)]
<a href=#165 id=165 data-nosnippet>165</a> </span>InvalidTag,
<a href=#166 id=166 data-nosnippet>166</a> <span class="attr">#[error(<span class="string">"tag is not known"</span>)]
<a href=#167 id=167 data-nosnippet>167</a> </span>UnknownTag,
<a href=#168 id=168 data-nosnippet>168</a> <span class="attr">#[error(<span class="string">"invalid explicit nonce length: expected {expected}, got {actual}"</span>)]
<a href=#169 id=169 data-nosnippet>169</a> </span>ExplicitNonceLength { expected: usize, actual: usize },
<a href=#170 id=170 data-nosnippet>170</a>}</code></pre></div></section></main></body></html>

633
src/tlsn/verifier.rs.html Normal file
View File

@@ -0,0 +1,633 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/verifier.rs`."><title>verifier.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>verifier.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Verifier.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>config;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">mod </span>error;
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">pub mod </span>state;
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>std::sync::Arc;
<a href=#8 id=8 data-nosnippet>8</a>
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">pub use </span>config::{VerifierConfig, VerifierConfigBuilder, VerifierConfigBuilderError};
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">pub use </span>error::VerifierError;
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">pub use </span>tlsn_core::{VerifierOutput, VerifyConfig, VerifyConfigBuilder, VerifyConfigBuilderError};
<a href=#12 id=12 data-nosnippet>12</a>
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use crate</span>::{
<a href=#14 id=14 data-nosnippet>14</a> Role,
<a href=#15 id=15 data-nosnippet>15</a> commit::{
<a href=#16 id=16 data-nosnippet>16</a> commit_records,
<a href=#17 id=17 data-nosnippet>17</a> hash::verify_hash,
<a href=#18 id=18 data-nosnippet>18</a> transcript::{TranscriptRefs, decode_transcript, verify_transcript},
<a href=#19 id=19 data-nosnippet>19</a> },
<a href=#20 id=20 data-nosnippet>20</a> config::ProtocolConfig,
<a href=#21 id=21 data-nosnippet>21</a> context::build_mt_context,
<a href=#22 id=22 data-nosnippet>22</a> encoding,
<a href=#23 id=23 data-nosnippet>23</a> mux::attach_mux,
<a href=#24 id=24 data-nosnippet>24</a> tag::verify_tags,
<a href=#25 id=25 data-nosnippet>25</a> zk_aes_ctr::ZkAesCtr,
<a href=#26 id=26 data-nosnippet>26</a>};
<a href=#27 id=27 data-nosnippet>27</a><span class="kw">use </span>futures::{AsyncRead, AsyncWrite, TryFutureExt};
<a href=#28 id=28 data-nosnippet>28</a><span class="kw">use </span>mpc_tls::{MpcTlsFollower, SessionKeys};
<a href=#29 id=29 data-nosnippet>29</a><span class="kw">use </span>mpz_common::Context;
<a href=#30 id=30 data-nosnippet>30</a><span class="kw">use </span>mpz_core::Block;
<a href=#31 id=31 data-nosnippet>31</a><span class="kw">use </span>mpz_garble_core::Delta;
<a href=#32 id=32 data-nosnippet>32</a><span class="kw">use </span>mpz_vm_core::prelude::<span class="kw-2">*</span>;
<a href=#33 id=33 data-nosnippet>33</a><span class="kw">use </span>serio::{SinkExt, stream::IoStreamExt};
<a href=#34 id=34 data-nosnippet>34</a><span class="kw">use </span>tls_core::msgs::enums::ContentType;
<a href=#35 id=35 data-nosnippet>35</a><span class="kw">use </span>tlsn_core::{
<a href=#36 id=36 data-nosnippet>36</a> ProvePayload,
<a href=#37 id=37 data-nosnippet>37</a> attestation::{Attestation, AttestationConfig},
<a href=#38 id=38 data-nosnippet>38</a> connection::{ConnectionInfo, ServerName, TranscriptLength},
<a href=#39 id=39 data-nosnippet>39</a> request::Request,
<a href=#40 id=40 data-nosnippet>40</a> transcript::{TlsTranscript, TranscriptCommitment},
<a href=#41 id=41 data-nosnippet>41</a>};
<a href=#42 id=42 data-nosnippet>42</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#43 id=43 data-nosnippet>43</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#44 id=44 data-nosnippet>44</a>
<a href=#45 id=45 data-nosnippet>45</a><span class="kw">use </span>tracing::{Span, debug, info, info_span, instrument};
<a href=#46 id=46 data-nosnippet>46</a>
<a href=#47 id=47 data-nosnippet>47</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTSender = mpz_ot::rcot::shared::SharedRCOTSender&lt;
<a href=#48 id=48 data-nosnippet>48</a> mpz_ot::ferret::Sender&lt;mpz_ot::kos::Sender&lt;mpz_ot::chou_orlandi::Receiver&gt;&gt;,
<a href=#49 id=49 data-nosnippet>49</a> mpz_core::Block,
<a href=#50 id=50 data-nosnippet>50</a>&gt;;
<a href=#51 id=51 data-nosnippet>51</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTReceiver = mpz_ot::rcot::shared::SharedRCOTReceiver&lt;
<a href=#52 id=52 data-nosnippet>52</a> mpz_ot::kos::Receiver&lt;mpz_ot::chou_orlandi::Sender&gt;,
<a href=#53 id=53 data-nosnippet>53</a> bool,
<a href=#54 id=54 data-nosnippet>54</a> mpz_core::Block,
<a href=#55 id=55 data-nosnippet>55</a>&gt;;
<a href=#56 id=56 data-nosnippet>56</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Mpc =
<a href=#57 id=57 data-nosnippet>57</a> mpz_garble::protocol::semihonest::Evaluator&lt;mpz_ot::cot::DerandCOTReceiver&lt;RCOTReceiver&gt;&gt;;
<a href=#58 id=58 data-nosnippet>58</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Zk = mpz_zk::Verifier&lt;RCOTSender&gt;;
<a href=#59 id=59 data-nosnippet>59</a>
<a href=#60 id=60 data-nosnippet>60</a><span class="doccomment">/// Information about the TLS session.
<a href=#61 id=61 data-nosnippet>61</a></span><span class="attr">#[derive(Debug)]
<a href=#62 id=62 data-nosnippet>62</a></span><span class="kw">pub struct </span>SessionInfo {
<a href=#63 id=63 data-nosnippet>63</a> <span class="doccomment">/// Server's name.
<a href=#64 id=64 data-nosnippet>64</a> </span><span class="kw">pub </span>server_name: ServerName,
<a href=#65 id=65 data-nosnippet>65</a> <span class="doccomment">/// Connection information.
<a href=#66 id=66 data-nosnippet>66</a> </span><span class="kw">pub </span>connection_info: ConnectionInfo,
<a href=#67 id=67 data-nosnippet>67</a>}
<a href=#68 id=68 data-nosnippet>68</a>
<a href=#69 id=69 data-nosnippet>69</a><span class="doccomment">/// A Verifier instance.
<a href=#70 id=70 data-nosnippet>70</a></span><span class="kw">pub struct </span>Verifier&lt;T: state::VerifierState = state::Initialized&gt; {
<a href=#71 id=71 data-nosnippet>71</a> config: VerifierConfig,
<a href=#72 id=72 data-nosnippet>72</a> span: Span,
<a href=#73 id=73 data-nosnippet>73</a> state: T,
<a href=#74 id=74 data-nosnippet>74</a>}
<a href=#75 id=75 data-nosnippet>75</a>
<a href=#76 id=76 data-nosnippet>76</a><span class="kw">impl </span>Verifier&lt;state::Initialized&gt; {
<a href=#77 id=77 data-nosnippet>77</a> <span class="doccomment">/// Creates a new verifier.
<a href=#78 id=78 data-nosnippet>78</a> </span><span class="kw">pub fn </span>new(config: VerifierConfig) -&gt; <span class="self">Self </span>{
<a href=#79 id=79 data-nosnippet>79</a> <span class="kw">let </span>span = <span class="macro">info_span!</span>(<span class="string">"verifier"</span>);
<a href=#80 id=80 data-nosnippet>80</a> <span class="self">Self </span>{
<a href=#81 id=81 data-nosnippet>81</a> config,
<a href=#82 id=82 data-nosnippet>82</a> span,
<a href=#83 id=83 data-nosnippet>83</a> state: state::Initialized,
<a href=#84 id=84 data-nosnippet>84</a> }
<a href=#85 id=85 data-nosnippet>85</a> }
<a href=#86 id=86 data-nosnippet>86</a>
<a href=#87 id=87 data-nosnippet>87</a> <span class="doccomment">/// Sets up the verifier.
<a href=#88 id=88 data-nosnippet>88</a> ///
<a href=#89 id=89 data-nosnippet>89</a> /// This performs all MPC setup.
<a href=#90 id=90 data-nosnippet>90</a> ///
<a href=#91 id=91 data-nosnippet>91</a> /// # Arguments
<a href=#92 id=92 data-nosnippet>92</a> ///
<a href=#93 id=93 data-nosnippet>93</a> /// * `socket` - The socket to the prover.
<a href=#94 id=94 data-nosnippet>94</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#95 id=95 data-nosnippet>95</a> </span><span class="kw">pub async fn </span>setup&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#96 id=96 data-nosnippet>96</a> <span class="self">self</span>,
<a href=#97 id=97 data-nosnippet>97</a> socket: S,
<a href=#98 id=98 data-nosnippet>98</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Verifier&lt;state::Setup&gt;, VerifierError&gt; {
<a href=#99 id=99 data-nosnippet>99</a> <span class="kw">let </span>(<span class="kw-2">mut </span>mux_fut, mux_ctrl) = attach_mux(socket, Role::Verifier);
<a href=#100 id=100 data-nosnippet>100</a> <span class="kw">let </span><span class="kw-2">mut </span>mt = build_mt_context(mux_ctrl.clone());
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">let </span><span class="kw-2">mut </span>ctx = mux_fut.poll_with(mt.new_context()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#102 id=102 data-nosnippet>102</a>
<a href=#103 id=103 data-nosnippet>103</a> <span class="comment">// Receives protocol configuration from prover to perform compatibility check.
<a href=#104 id=104 data-nosnippet>104</a> </span><span class="kw">let </span>protocol_config = mux_fut
<a href=#105 id=105 data-nosnippet>105</a> .poll_with(<span class="kw">async </span>{
<a href=#106 id=106 data-nosnippet>106</a> <span class="kw">let </span>peer_configuration: ProtocolConfig = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#107 id=107 data-nosnippet>107</a> <span class="self">self</span>.config
<a href=#108 id=108 data-nosnippet>108</a> .protocol_config_validator()
<a href=#109 id=109 data-nosnippet>109</a> .validate(<span class="kw-2">&amp;</span>peer_configuration)<span class="question-mark">?</span>;
<a href=#110 id=110 data-nosnippet>110</a>
<a href=#111 id=111 data-nosnippet>111</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, VerifierError&gt;(peer_configuration)
<a href=#112 id=112 data-nosnippet>112</a> })
<a href=#113 id=113 data-nosnippet>113</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#114 id=114 data-nosnippet>114</a>
<a href=#115 id=115 data-nosnippet>115</a> <span class="kw">let </span>delta = Delta::random(<span class="kw-2">&amp;mut </span>rand::rng());
<a href=#116 id=116 data-nosnippet>116</a> <span class="kw">let </span>(vm, <span class="kw-2">mut </span>mpc_tls) = build_mpc_tls(<span class="kw-2">&amp;</span><span class="self">self</span>.config, <span class="kw-2">&amp;</span>protocol_config, delta, ctx);
<a href=#117 id=117 data-nosnippet>117</a>
<a href=#118 id=118 data-nosnippet>118</a> <span class="comment">// Allocate resources for MPC-TLS in the VM.
<a href=#119 id=119 data-nosnippet>119</a> </span><span class="kw">let </span><span class="kw-2">mut </span>keys = mpc_tls.alloc()<span class="question-mark">?</span>;
<a href=#120 id=120 data-nosnippet>120</a> <span class="kw">let </span>vm_lock = vm.try_lock().expect(<span class="string">"VM is not locked"</span>);
<a href=#121 id=121 data-nosnippet>121</a> translate_keys(<span class="kw-2">&amp;mut </span>keys, <span class="kw-2">&amp;</span>vm_lock)<span class="question-mark">?</span>;
<a href=#122 id=122 data-nosnippet>122</a>
<a href=#123 id=123 data-nosnippet>123</a> <span class="comment">// Allocate for committing to plaintext.
<a href=#124 id=124 data-nosnippet>124</a> </span><span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr_sent = ZkAesCtr::new(Role::Verifier);
<a href=#125 id=125 data-nosnippet>125</a> zk_aes_ctr_sent.set_key(keys.client_write_key, keys.client_write_iv);
<a href=#126 id=126 data-nosnippet>126</a> zk_aes_ctr_sent.alloc(<span class="kw-2">&amp;mut *</span>vm_lock.zk(), protocol_config.max_sent_data())<span class="question-mark">?</span>;
<a href=#127 id=127 data-nosnippet>127</a>
<a href=#128 id=128 data-nosnippet>128</a> <span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr_recv = ZkAesCtr::new(Role::Verifier);
<a href=#129 id=129 data-nosnippet>129</a> zk_aes_ctr_recv.set_key(keys.server_write_key, keys.server_write_iv);
<a href=#130 id=130 data-nosnippet>130</a> zk_aes_ctr_recv.alloc(<span class="kw-2">&amp;mut *</span>vm_lock.zk(), protocol_config.max_recv_data())<span class="question-mark">?</span>;
<a href=#131 id=131 data-nosnippet>131</a>
<a href=#132 id=132 data-nosnippet>132</a> drop(vm_lock);
<a href=#133 id=133 data-nosnippet>133</a>
<a href=#134 id=134 data-nosnippet>134</a> <span class="macro">debug!</span>(<span class="string">"setting up mpc-tls"</span>);
<a href=#135 id=135 data-nosnippet>135</a>
<a href=#136 id=136 data-nosnippet>136</a> mux_fut.poll_with(mpc_tls.preprocess()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#137 id=137 data-nosnippet>137</a>
<a href=#138 id=138 data-nosnippet>138</a> <span class="macro">debug!</span>(<span class="string">"mpc-tls setup complete"</span>);
<a href=#139 id=139 data-nosnippet>139</a>
<a href=#140 id=140 data-nosnippet>140</a> <span class="prelude-val">Ok</span>(Verifier {
<a href=#141 id=141 data-nosnippet>141</a> config: <span class="self">self</span>.config,
<a href=#142 id=142 data-nosnippet>142</a> span: <span class="self">self</span>.span,
<a href=#143 id=143 data-nosnippet>143</a> state: state::Setup {
<a href=#144 id=144 data-nosnippet>144</a> mux_ctrl,
<a href=#145 id=145 data-nosnippet>145</a> mux_fut,
<a href=#146 id=146 data-nosnippet>146</a> delta,
<a href=#147 id=147 data-nosnippet>147</a> mpc_tls,
<a href=#148 id=148 data-nosnippet>148</a> zk_aes_ctr_sent,
<a href=#149 id=149 data-nosnippet>149</a> zk_aes_ctr_recv,
<a href=#150 id=150 data-nosnippet>150</a> keys,
<a href=#151 id=151 data-nosnippet>151</a> vm,
<a href=#152 id=152 data-nosnippet>152</a> },
<a href=#153 id=153 data-nosnippet>153</a> })
<a href=#154 id=154 data-nosnippet>154</a> }
<a href=#155 id=155 data-nosnippet>155</a>
<a href=#156 id=156 data-nosnippet>156</a> <span class="doccomment">/// Runs the verifier to completion and attests to the TLS session.
<a href=#157 id=157 data-nosnippet>157</a> ///
<a href=#158 id=158 data-nosnippet>158</a> /// This is a convenience method which runs all the steps needed for
<a href=#159 id=159 data-nosnippet>159</a> /// notarization.
<a href=#160 id=160 data-nosnippet>160</a> ///
<a href=#161 id=161 data-nosnippet>161</a> /// # Arguments
<a href=#162 id=162 data-nosnippet>162</a> ///
<a href=#163 id=163 data-nosnippet>163</a> /// * `socket` - The socket to the prover.
<a href=#164 id=164 data-nosnippet>164</a> /// * `config` - The attestation configuration.
<a href=#165 id=165 data-nosnippet>165</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#166 id=166 data-nosnippet>166</a> #[deprecated(
<a href=#167 id=167 data-nosnippet>167</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#168 id=168 data-nosnippet>168</a> </span>)]
<a href=#169 id=169 data-nosnippet>169</a> </span><span class="kw">pub async fn </span>notarize&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#170 id=170 data-nosnippet>170</a> <span class="self">self</span>,
<a href=#171 id=171 data-nosnippet>171</a> socket: S,
<a href=#172 id=172 data-nosnippet>172</a> config: <span class="kw-2">&amp;</span>AttestationConfig,
<a href=#173 id=173 data-nosnippet>173</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Attestation, VerifierError&gt; {
<a href=#174 id=174 data-nosnippet>174</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = <span class="self">self</span>.setup(socket).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#175 id=175 data-nosnippet>175</a>
<a href=#176 id=176 data-nosnippet>176</a> <span class="attr">#[allow(deprecated)]
<a href=#177 id=177 data-nosnippet>177</a> </span><span class="kw">let </span>attestation = verifier.notarize(config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#178 id=178 data-nosnippet>178</a>
<a href=#179 id=179 data-nosnippet>179</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#180 id=180 data-nosnippet>180</a>
<a href=#181 id=181 data-nosnippet>181</a> <span class="prelude-val">Ok</span>(attestation)
<a href=#182 id=182 data-nosnippet>182</a> }
<a href=#183 id=183 data-nosnippet>183</a>
<a href=#184 id=184 data-nosnippet>184</a> <span class="doccomment">/// Runs the TLS verifier to completion, verifying the TLS session.
<a href=#185 id=185 data-nosnippet>185</a> ///
<a href=#186 id=186 data-nosnippet>186</a> /// This is a convenience method which runs all the steps needed for
<a href=#187 id=187 data-nosnippet>187</a> /// verification.
<a href=#188 id=188 data-nosnippet>188</a> ///
<a href=#189 id=189 data-nosnippet>189</a> /// # Arguments
<a href=#190 id=190 data-nosnippet>190</a> ///
<a href=#191 id=191 data-nosnippet>191</a> /// * `socket` - The socket to the prover.
<a href=#192 id=192 data-nosnippet>192</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#193 id=193 data-nosnippet>193</a> </span><span class="kw">pub async fn </span>verify&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#194 id=194 data-nosnippet>194</a> <span class="self">self</span>,
<a href=#195 id=195 data-nosnippet>195</a> socket: S,
<a href=#196 id=196 data-nosnippet>196</a> config: <span class="kw-2">&amp;</span>VerifyConfig,
<a href=#197 id=197 data-nosnippet>197</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput, VerifierError&gt; {
<a href=#198 id=198 data-nosnippet>198</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = <span class="self">self</span>.setup(socket).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#199 id=199 data-nosnippet>199</a>
<a href=#200 id=200 data-nosnippet>200</a> <span class="kw">let </span>output = verifier.verify(config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#201 id=201 data-nosnippet>201</a>
<a href=#202 id=202 data-nosnippet>202</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#203 id=203 data-nosnippet>203</a>
<a href=#204 id=204 data-nosnippet>204</a> <span class="prelude-val">Ok</span>(output)
<a href=#205 id=205 data-nosnippet>205</a> }
<a href=#206 id=206 data-nosnippet>206</a>}
<a href=#207 id=207 data-nosnippet>207</a>
<a href=#208 id=208 data-nosnippet>208</a><span class="kw">impl </span>Verifier&lt;state::Setup&gt; {
<a href=#209 id=209 data-nosnippet>209</a> <span class="doccomment">/// Runs the verifier until the TLS connection is closed.
<a href=#210 id=210 data-nosnippet>210</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#211 id=211 data-nosnippet>211</a> </span><span class="kw">pub async fn </span>run(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;Verifier&lt;state::Committed&gt;, VerifierError&gt; {
<a href=#212 id=212 data-nosnippet>212</a> <span class="kw">let </span>state::Setup {
<a href=#213 id=213 data-nosnippet>213</a> mux_ctrl,
<a href=#214 id=214 data-nosnippet>214</a> <span class="kw-2">mut </span>mux_fut,
<a href=#215 id=215 data-nosnippet>215</a> delta,
<a href=#216 id=216 data-nosnippet>216</a> mpc_tls,
<a href=#217 id=217 data-nosnippet>217</a> <span class="kw-2">mut </span>zk_aes_ctr_sent,
<a href=#218 id=218 data-nosnippet>218</a> <span class="kw-2">mut </span>zk_aes_ctr_recv,
<a href=#219 id=219 data-nosnippet>219</a> vm,
<a href=#220 id=220 data-nosnippet>220</a> keys,
<a href=#221 id=221 data-nosnippet>221</a> } = <span class="self">self</span>.state;
<a href=#222 id=222 data-nosnippet>222</a>
<a href=#223 id=223 data-nosnippet>223</a> <span class="macro">info!</span>(<span class="string">"starting MPC-TLS"</span>);
<a href=#224 id=224 data-nosnippet>224</a>
<a href=#225 id=225 data-nosnippet>225</a> <span class="kw">let </span>(<span class="kw-2">mut </span>ctx, tls_transcript) = mux_fut.poll_with(mpc_tls.run()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#226 id=226 data-nosnippet>226</a>
<a href=#227 id=227 data-nosnippet>227</a> <span class="macro">info!</span>(<span class="string">"finished MPC-TLS"</span>);
<a href=#228 id=228 data-nosnippet>228</a>
<a href=#229 id=229 data-nosnippet>229</a> {
<a href=#230 id=230 data-nosnippet>230</a> <span class="kw">let </span><span class="kw-2">mut </span>vm = vm.try_lock().expect(<span class="string">"VM should not be locked"</span>);
<a href=#231 id=231 data-nosnippet>231</a>
<a href=#232 id=232 data-nosnippet>232</a> <span class="macro">debug!</span>(<span class="string">"finalizing mpc"</span>);
<a href=#233 id=233 data-nosnippet>233</a>
<a href=#234 id=234 data-nosnippet>234</a> mux_fut
<a href=#235 id=235 data-nosnippet>235</a> .poll_with(vm.finalize(<span class="kw-2">&amp;mut </span>ctx))
<a href=#236 id=236 data-nosnippet>236</a> .<span class="kw">await
<a href=#237 id=237 data-nosnippet>237</a> </span>.map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#238 id=238 data-nosnippet>238</a>
<a href=#239 id=239 data-nosnippet>239</a> <span class="macro">debug!</span>(<span class="string">"mpc finalized"</span>);
<a href=#240 id=240 data-nosnippet>240</a> }
<a href=#241 id=241 data-nosnippet>241</a>
<a href=#242 id=242 data-nosnippet>242</a> <span class="comment">// Pull out ZK VM.
<a href=#243 id=243 data-nosnippet>243</a> </span><span class="kw">let </span>(<span class="kw">_</span>, <span class="kw-2">mut </span>vm) = Arc::into_inner(vm)
<a href=#244 id=244 data-nosnippet>244</a> .expect(<span class="string">"vm should have only 1 reference"</span>)
<a href=#245 id=245 data-nosnippet>245</a> .into_inner()
<a href=#246 id=246 data-nosnippet>246</a> .into_inner();
<a href=#247 id=247 data-nosnippet>247</a>
<a href=#248 id=248 data-nosnippet>248</a> <span class="comment">// Prepare for the prover to prove tag verification of the received
<a href=#249 id=249 data-nosnippet>249</a> // records.
<a href=#250 id=250 data-nosnippet>250</a> </span><span class="kw">let </span>tag_proof = verify_tags(
<a href=#251 id=251 data-nosnippet>251</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#252 id=252 data-nosnippet>252</a> (keys.server_write_key, keys.server_write_iv),
<a href=#253 id=253 data-nosnippet>253</a> keys.server_write_mac_key,
<a href=#254 id=254 data-nosnippet>254</a> <span class="kw-2">*</span>tls_transcript.version(),
<a href=#255 id=255 data-nosnippet>255</a> tls_transcript.recv().to_vec(),
<a href=#256 id=256 data-nosnippet>256</a> )
<a href=#257 id=257 data-nosnippet>257</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#258 id=258 data-nosnippet>258</a>
<a href=#259 id=259 data-nosnippet>259</a> <span class="comment">// Prepare for the prover to prove received plaintext.
<a href=#260 id=260 data-nosnippet>260</a> </span><span class="kw">let </span>(sent_refs, sent_proof) = commit_records(
<a href=#261 id=261 data-nosnippet>261</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#262 id=262 data-nosnippet>262</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr_sent,
<a href=#263 id=263 data-nosnippet>263</a> tls_transcript
<a href=#264 id=264 data-nosnippet>264</a> .sent()
<a href=#265 id=265 data-nosnippet>265</a> .iter()
<a href=#266 id=266 data-nosnippet>266</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#267 id=267 data-nosnippet>267</a> )
<a href=#268 id=268 data-nosnippet>268</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#269 id=269 data-nosnippet>269</a>
<a href=#270 id=270 data-nosnippet>270</a> <span class="kw">let </span>(recv_refs, recv_proof) = commit_records(
<a href=#271 id=271 data-nosnippet>271</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#272 id=272 data-nosnippet>272</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr_recv,
<a href=#273 id=273 data-nosnippet>273</a> tls_transcript
<a href=#274 id=274 data-nosnippet>274</a> .recv()
<a href=#275 id=275 data-nosnippet>275</a> .iter()
<a href=#276 id=276 data-nosnippet>276</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#277 id=277 data-nosnippet>277</a> )
<a href=#278 id=278 data-nosnippet>278</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#279 id=279 data-nosnippet>279</a>
<a href=#280 id=280 data-nosnippet>280</a> mux_fut
<a href=#281 id=281 data-nosnippet>281</a> .poll_with(vm.execute_all(<span class="kw-2">&amp;mut </span>ctx).map_err(VerifierError::zk))
<a href=#282 id=282 data-nosnippet>282</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#283 id=283 data-nosnippet>283</a>
<a href=#284 id=284 data-nosnippet>284</a> <span class="comment">// Verify the tags.
<a href=#285 id=285 data-nosnippet>285</a> // After the verification, the entire TLS trancript becomes
<a href=#286 id=286 data-nosnippet>286</a> // authenticated from the verifier's perspective.
<a href=#287 id=287 data-nosnippet>287</a> </span>tag_proof.verify().map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#288 id=288 data-nosnippet>288</a>
<a href=#289 id=289 data-nosnippet>289</a> <span class="comment">// Verify the plaintext proofs.
<a href=#290 id=290 data-nosnippet>290</a> </span>sent_proof.verify().map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#291 id=291 data-nosnippet>291</a> recv_proof.verify().map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#292 id=292 data-nosnippet>292</a>
<a href=#293 id=293 data-nosnippet>293</a> <span class="kw">let </span>transcript_refs = TranscriptRefs::new(sent_refs, recv_refs);
<a href=#294 id=294 data-nosnippet>294</a>
<a href=#295 id=295 data-nosnippet>295</a> <span class="prelude-val">Ok</span>(Verifier {
<a href=#296 id=296 data-nosnippet>296</a> config: <span class="self">self</span>.config,
<a href=#297 id=297 data-nosnippet>297</a> span: <span class="self">self</span>.span,
<a href=#298 id=298 data-nosnippet>298</a> state: state::Committed {
<a href=#299 id=299 data-nosnippet>299</a> mux_ctrl,
<a href=#300 id=300 data-nosnippet>300</a> mux_fut,
<a href=#301 id=301 data-nosnippet>301</a> delta,
<a href=#302 id=302 data-nosnippet>302</a> ctx,
<a href=#303 id=303 data-nosnippet>303</a> vm,
<a href=#304 id=304 data-nosnippet>304</a> tls_transcript,
<a href=#305 id=305 data-nosnippet>305</a> transcript_refs,
<a href=#306 id=306 data-nosnippet>306</a> },
<a href=#307 id=307 data-nosnippet>307</a> })
<a href=#308 id=308 data-nosnippet>308</a> }
<a href=#309 id=309 data-nosnippet>309</a>}
<a href=#310 id=310 data-nosnippet>310</a>
<a href=#311 id=311 data-nosnippet>311</a><span class="kw">impl </span>Verifier&lt;state::Committed&gt; {
<a href=#312 id=312 data-nosnippet>312</a> <span class="doccomment">/// Returns the TLS transcript.
<a href=#313 id=313 data-nosnippet>313</a> </span><span class="kw">pub fn </span>tls_transcript(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>TlsTranscript {
<a href=#314 id=314 data-nosnippet>314</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.tls_transcript
<a href=#315 id=315 data-nosnippet>315</a> }
<a href=#316 id=316 data-nosnippet>316</a>
<a href=#317 id=317 data-nosnippet>317</a> <span class="doccomment">/// Verifies information from the prover.
<a href=#318 id=318 data-nosnippet>318</a> ///
<a href=#319 id=319 data-nosnippet>319</a> /// # Arguments
<a href=#320 id=320 data-nosnippet>320</a> ///
<a href=#321 id=321 data-nosnippet>321</a> /// * `config` - Verification configuration.
<a href=#322 id=322 data-nosnippet>322</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#323 id=323 data-nosnippet>323</a> </span><span class="kw">pub async fn </span>verify(
<a href=#324 id=324 data-nosnippet>324</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#325 id=325 data-nosnippet>325</a> <span class="attr">#[allow(unused_variables)] </span>config: <span class="kw-2">&amp;</span>VerifyConfig,
<a href=#326 id=326 data-nosnippet>326</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput, VerifierError&gt; {
<a href=#327 id=327 data-nosnippet>327</a> <span class="kw">let </span>state::Committed {
<a href=#328 id=328 data-nosnippet>328</a> mux_fut,
<a href=#329 id=329 data-nosnippet>329</a> ctx,
<a href=#330 id=330 data-nosnippet>330</a> delta,
<a href=#331 id=331 data-nosnippet>331</a> vm,
<a href=#332 id=332 data-nosnippet>332</a> tls_transcript,
<a href=#333 id=333 data-nosnippet>333</a> transcript_refs,
<a href=#334 id=334 data-nosnippet>334</a> ..
<a href=#335 id=335 data-nosnippet>335</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#336 id=336 data-nosnippet>336</a>
<a href=#337 id=337 data-nosnippet>337</a> <span class="kw">let </span>ProvePayload {
<a href=#338 id=338 data-nosnippet>338</a> server_identity,
<a href=#339 id=339 data-nosnippet>339</a> transcript,
<a href=#340 id=340 data-nosnippet>340</a> transcript_commit,
<a href=#341 id=341 data-nosnippet>341</a> } = mux_fut
<a href=#342 id=342 data-nosnippet>342</a> .poll_with(ctx.io_mut().expect_next().map_err(VerifierError::from))
<a href=#343 id=343 data-nosnippet>343</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#344 id=344 data-nosnippet>344</a>
<a href=#345 id=345 data-nosnippet>345</a> <span class="kw">let </span>server_name = <span class="kw">if let </span><span class="prelude-val">Some</span>((name, cert_data)) = server_identity {
<a href=#346 id=346 data-nosnippet>346</a> cert_data
<a href=#347 id=347 data-nosnippet>347</a> .verify_with_provider(
<a href=#348 id=348 data-nosnippet>348</a> <span class="self">self</span>.config.crypto_provider(),
<a href=#349 id=349 data-nosnippet>349</a> tls_transcript.time(),
<a href=#350 id=350 data-nosnippet>350</a> tls_transcript.server_ephemeral_key(),
<a href=#351 id=351 data-nosnippet>351</a> <span class="kw-2">&amp;</span>name,
<a href=#352 id=352 data-nosnippet>352</a> )
<a href=#353 id=353 data-nosnippet>353</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>;
<a href=#354 id=354 data-nosnippet>354</a>
<a href=#355 id=355 data-nosnippet>355</a> <span class="prelude-val">Some</span>(name)
<a href=#356 id=356 data-nosnippet>356</a> } <span class="kw">else </span>{
<a href=#357 id=357 data-nosnippet>357</a> <span class="prelude-val">None
<a href=#358 id=358 data-nosnippet>358</a> </span>};
<a href=#359 id=359 data-nosnippet>359</a>
<a href=#360 id=360 data-nosnippet>360</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = <span class="kw-2">&amp;</span>transcript {
<a href=#361 id=361 data-nosnippet>361</a> <span class="kw">let </span>sent_len = tls_transcript
<a href=#362 id=362 data-nosnippet>362</a> .sent()
<a href=#363 id=363 data-nosnippet>363</a> .iter()
<a href=#364 id=364 data-nosnippet>364</a> .filter_map(|record| {
<a href=#365 id=365 data-nosnippet>365</a> <span class="kw">if let </span>ContentType::ApplicationData = record.typ {
<a href=#366 id=366 data-nosnippet>366</a> <span class="prelude-val">Some</span>(record.ciphertext.len())
<a href=#367 id=367 data-nosnippet>367</a> } <span class="kw">else </span>{
<a href=#368 id=368 data-nosnippet>368</a> <span class="prelude-val">None
<a href=#369 id=369 data-nosnippet>369</a> </span>}
<a href=#370 id=370 data-nosnippet>370</a> })
<a href=#371 id=371 data-nosnippet>371</a> .sum::&lt;usize&gt;();
<a href=#372 id=372 data-nosnippet>372</a>
<a href=#373 id=373 data-nosnippet>373</a> <span class="kw">let </span>recv_len = tls_transcript
<a href=#374 id=374 data-nosnippet>374</a> .recv()
<a href=#375 id=375 data-nosnippet>375</a> .iter()
<a href=#376 id=376 data-nosnippet>376</a> .filter_map(|record| {
<a href=#377 id=377 data-nosnippet>377</a> <span class="kw">if let </span>ContentType::ApplicationData = record.typ {
<a href=#378 id=378 data-nosnippet>378</a> <span class="prelude-val">Some</span>(record.ciphertext.len())
<a href=#379 id=379 data-nosnippet>379</a> } <span class="kw">else </span>{
<a href=#380 id=380 data-nosnippet>380</a> <span class="prelude-val">None
<a href=#381 id=381 data-nosnippet>381</a> </span>}
<a href=#382 id=382 data-nosnippet>382</a> })
<a href=#383 id=383 data-nosnippet>383</a> .sum::&lt;usize&gt;();
<a href=#384 id=384 data-nosnippet>384</a>
<a href=#385 id=385 data-nosnippet>385</a> <span class="comment">// Check ranges.
<a href=#386 id=386 data-nosnippet>386</a> </span><span class="kw">if </span>partial_transcript.len_sent() != sent_len
<a href=#387 id=387 data-nosnippet>387</a> || partial_transcript.len_received() != recv_len
<a href=#388 id=388 data-nosnippet>388</a> {
<a href=#389 id=389 data-nosnippet>389</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::verify(
<a href=#390 id=390 data-nosnippet>390</a> <span class="string">"prover sent transcript with incorrect length"</span>,
<a href=#391 id=391 data-nosnippet>391</a> ));
<a href=#392 id=392 data-nosnippet>392</a> }
<a href=#393 id=393 data-nosnippet>393</a>
<a href=#394 id=394 data-nosnippet>394</a> decode_transcript(
<a href=#395 id=395 data-nosnippet>395</a> vm,
<a href=#396 id=396 data-nosnippet>396</a> partial_transcript.sent_authed(),
<a href=#397 id=397 data-nosnippet>397</a> partial_transcript.received_authed(),
<a href=#398 id=398 data-nosnippet>398</a> transcript_refs,
<a href=#399 id=399 data-nosnippet>399</a> )
<a href=#400 id=400 data-nosnippet>400</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#401 id=401 data-nosnippet>401</a> }
<a href=#402 id=402 data-nosnippet>402</a>
<a href=#403 id=403 data-nosnippet>403</a> <span class="kw">let </span><span class="kw-2">mut </span>transcript_commitments = Vec::new();
<a href=#404 id=404 data-nosnippet>404</a> <span class="kw">let </span><span class="kw-2">mut </span>hash_commitments = <span class="prelude-val">None</span>;
<a href=#405 id=405 data-nosnippet>405</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(commit_config) = transcript_commit {
<a href=#406 id=406 data-nosnippet>406</a> <span class="kw">if </span>commit_config.encoding() {
<a href=#407 id=407 data-nosnippet>407</a> <span class="kw">let </span>commitment = mux_fut
<a href=#408 id=408 data-nosnippet>408</a> .poll_with(encoding::transfer(
<a href=#409 id=409 data-nosnippet>409</a> ctx,
<a href=#410 id=410 data-nosnippet>410</a> transcript_refs,
<a href=#411 id=411 data-nosnippet>411</a> delta,
<a href=#412 id=412 data-nosnippet>412</a> |plaintext| vm.get_keys(plaintext).expect(<span class="string">"reference is valid"</span>),
<a href=#413 id=413 data-nosnippet>413</a> ))
<a href=#414 id=414 data-nosnippet>414</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#415 id=415 data-nosnippet>415</a>
<a href=#416 id=416 data-nosnippet>416</a> transcript_commitments.push(TranscriptCommitment::Encoding(commitment));
<a href=#417 id=417 data-nosnippet>417</a> }
<a href=#418 id=418 data-nosnippet>418</a>
<a href=#419 id=419 data-nosnippet>419</a> <span class="kw">if </span>commit_config.has_hash() {
<a href=#420 id=420 data-nosnippet>420</a> hash_commitments = <span class="prelude-val">Some</span>(
<a href=#421 id=421 data-nosnippet>421</a> verify_hash(vm, transcript_refs, commit_config.iter_hash().cloned())
<a href=#422 id=422 data-nosnippet>422</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>,
<a href=#423 id=423 data-nosnippet>423</a> );
<a href=#424 id=424 data-nosnippet>424</a> }
<a href=#425 id=425 data-nosnippet>425</a> }
<a href=#426 id=426 data-nosnippet>426</a>
<a href=#427 id=427 data-nosnippet>427</a> mux_fut
<a href=#428 id=428 data-nosnippet>428</a> .poll_with(vm.execute_all(ctx).map_err(VerifierError::zk))
<a href=#429 id=429 data-nosnippet>429</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#430 id=430 data-nosnippet>430</a>
<a href=#431 id=431 data-nosnippet>431</a> <span class="comment">// Verify revealed data.
<a href=#432 id=432 data-nosnippet>432</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = <span class="kw-2">&amp;</span>transcript {
<a href=#433 id=433 data-nosnippet>433</a> verify_transcript(vm, partial_transcript, transcript_refs)
<a href=#434 id=434 data-nosnippet>434</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>;
<a href=#435 id=435 data-nosnippet>435</a> }
<a href=#436 id=436 data-nosnippet>436</a>
<a href=#437 id=437 data-nosnippet>437</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(hash_commitments) = hash_commitments {
<a href=#438 id=438 data-nosnippet>438</a> <span class="kw">for </span>commitment <span class="kw">in </span>hash_commitments.try_recv().map_err(VerifierError::verify)<span class="question-mark">? </span>{
<a href=#439 id=439 data-nosnippet>439</a> transcript_commitments.push(TranscriptCommitment::Hash(commitment));
<a href=#440 id=440 data-nosnippet>440</a> }
<a href=#441 id=441 data-nosnippet>441</a> }
<a href=#442 id=442 data-nosnippet>442</a>
<a href=#443 id=443 data-nosnippet>443</a> <span class="prelude-val">Ok</span>(VerifierOutput {
<a href=#444 id=444 data-nosnippet>444</a> server_name,
<a href=#445 id=445 data-nosnippet>445</a> transcript,
<a href=#446 id=446 data-nosnippet>446</a> transcript_commitments,
<a href=#447 id=447 data-nosnippet>447</a> })
<a href=#448 id=448 data-nosnippet>448</a> }
<a href=#449 id=449 data-nosnippet>449</a>
<a href=#450 id=450 data-nosnippet>450</a> <span class="doccomment">/// Attests to the TLS session.
<a href=#451 id=451 data-nosnippet>451</a> ///
<a href=#452 id=452 data-nosnippet>452</a> /// # Arguments
<a href=#453 id=453 data-nosnippet>453</a> ///
<a href=#454 id=454 data-nosnippet>454</a> /// * `config` - Attestation configuration.
<a href=#455 id=455 data-nosnippet>455</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#456 id=456 data-nosnippet>456</a> #[deprecated(
<a href=#457 id=457 data-nosnippet>457</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#458 id=458 data-nosnippet>458</a> </span>)]
<a href=#459 id=459 data-nosnippet>459</a> </span><span class="kw">pub async fn </span>notarize(
<a href=#460 id=460 data-nosnippet>460</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#461 id=461 data-nosnippet>461</a> config: <span class="kw-2">&amp;</span>AttestationConfig,
<a href=#462 id=462 data-nosnippet>462</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Attestation, VerifierError&gt; {
<a href=#463 id=463 data-nosnippet>463</a> <span class="kw">let </span>VerifierOutput {
<a href=#464 id=464 data-nosnippet>464</a> server_name,
<a href=#465 id=465 data-nosnippet>465</a> transcript,
<a href=#466 id=466 data-nosnippet>466</a> transcript_commitments,
<a href=#467 id=467 data-nosnippet>467</a> } = <span class="self">self</span>.verify(<span class="kw-2">&amp;</span>VerifyConfig::default()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#468 id=468 data-nosnippet>468</a>
<a href=#469 id=469 data-nosnippet>469</a> <span class="kw">if </span>server_name.is_some() {
<a href=#470 id=470 data-nosnippet>470</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::attestation(
<a href=#471 id=471 data-nosnippet>471</a> <span class="string">"server name can not be revealed to a notary"</span>,
<a href=#472 id=472 data-nosnippet>472</a> ));
<a href=#473 id=473 data-nosnippet>473</a> } <span class="kw">else if </span>transcript.is_some() {
<a href=#474 id=474 data-nosnippet>474</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::attestation(
<a href=#475 id=475 data-nosnippet>475</a> <span class="string">"transcript data can not be revealed to a notary"</span>,
<a href=#476 id=476 data-nosnippet>476</a> ));
<a href=#477 id=477 data-nosnippet>477</a> }
<a href=#478 id=478 data-nosnippet>478</a>
<a href=#479 id=479 data-nosnippet>479</a> <span class="kw">let </span>state::Committed {
<a href=#480 id=480 data-nosnippet>480</a> mux_fut,
<a href=#481 id=481 data-nosnippet>481</a> ctx,
<a href=#482 id=482 data-nosnippet>482</a> tls_transcript,
<a href=#483 id=483 data-nosnippet>483</a> ..
<a href=#484 id=484 data-nosnippet>484</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#485 id=485 data-nosnippet>485</a>
<a href=#486 id=486 data-nosnippet>486</a> <span class="kw">let </span>sent_len = tls_transcript
<a href=#487 id=487 data-nosnippet>487</a> .sent()
<a href=#488 id=488 data-nosnippet>488</a> .iter()
<a href=#489 id=489 data-nosnippet>489</a> .filter_map(|record| {
<a href=#490 id=490 data-nosnippet>490</a> <span class="kw">if let </span>ContentType::ApplicationData = record.typ {
<a href=#491 id=491 data-nosnippet>491</a> <span class="prelude-val">Some</span>(record.ciphertext.len())
<a href=#492 id=492 data-nosnippet>492</a> } <span class="kw">else </span>{
<a href=#493 id=493 data-nosnippet>493</a> <span class="prelude-val">None
<a href=#494 id=494 data-nosnippet>494</a> </span>}
<a href=#495 id=495 data-nosnippet>495</a> })
<a href=#496 id=496 data-nosnippet>496</a> .sum::&lt;usize&gt;();
<a href=#497 id=497 data-nosnippet>497</a>
<a href=#498 id=498 data-nosnippet>498</a> <span class="kw">let </span>recv_len = tls_transcript
<a href=#499 id=499 data-nosnippet>499</a> .recv()
<a href=#500 id=500 data-nosnippet>500</a> .iter()
<a href=#501 id=501 data-nosnippet>501</a> .filter_map(|record| {
<a href=#502 id=502 data-nosnippet>502</a> <span class="kw">if let </span>ContentType::ApplicationData = record.typ {
<a href=#503 id=503 data-nosnippet>503</a> <span class="prelude-val">Some</span>(record.ciphertext.len())
<a href=#504 id=504 data-nosnippet>504</a> } <span class="kw">else </span>{
<a href=#505 id=505 data-nosnippet>505</a> <span class="prelude-val">None
<a href=#506 id=506 data-nosnippet>506</a> </span>}
<a href=#507 id=507 data-nosnippet>507</a> })
<a href=#508 id=508 data-nosnippet>508</a> .sum::&lt;usize&gt;();
<a href=#509 id=509 data-nosnippet>509</a>
<a href=#510 id=510 data-nosnippet>510</a> <span class="kw">let </span>request: Request = mux_fut
<a href=#511 id=511 data-nosnippet>511</a> .poll_with(ctx.io_mut().expect_next().map_err(VerifierError::from))
<a href=#512 id=512 data-nosnippet>512</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#513 id=513 data-nosnippet>513</a>
<a href=#514 id=514 data-nosnippet>514</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = Attestation::builder(config)
<a href=#515 id=515 data-nosnippet>515</a> .accept_request(request)
<a href=#516 id=516 data-nosnippet>516</a> .map_err(VerifierError::attestation)<span class="question-mark">?</span>;
<a href=#517 id=517 data-nosnippet>517</a>
<a href=#518 id=518 data-nosnippet>518</a> builder
<a href=#519 id=519 data-nosnippet>519</a> .connection_info(ConnectionInfo {
<a href=#520 id=520 data-nosnippet>520</a> time: tls_transcript.time(),
<a href=#521 id=521 data-nosnippet>521</a> version: (<span class="kw-2">*</span>tls_transcript.version()),
<a href=#522 id=522 data-nosnippet>522</a> transcript_length: TranscriptLength {
<a href=#523 id=523 data-nosnippet>523</a> sent: sent_len <span class="kw">as </span>u32,
<a href=#524 id=524 data-nosnippet>524</a> received: recv_len <span class="kw">as </span>u32,
<a href=#525 id=525 data-nosnippet>525</a> },
<a href=#526 id=526 data-nosnippet>526</a> })
<a href=#527 id=527 data-nosnippet>527</a> .server_ephemeral_key(tls_transcript.server_ephemeral_key().clone())
<a href=#528 id=528 data-nosnippet>528</a> .transcript_commitments(transcript_commitments);
<a href=#529 id=529 data-nosnippet>529</a>
<a href=#530 id=530 data-nosnippet>530</a> <span class="kw">let </span>attestation = builder
<a href=#531 id=531 data-nosnippet>531</a> .build(<span class="self">self</span>.config.crypto_provider())
<a href=#532 id=532 data-nosnippet>532</a> .map_err(VerifierError::attestation)<span class="question-mark">?</span>;
<a href=#533 id=533 data-nosnippet>533</a>
<a href=#534 id=534 data-nosnippet>534</a> mux_fut
<a href=#535 id=535 data-nosnippet>535</a> .poll_with(
<a href=#536 id=536 data-nosnippet>536</a> ctx.io_mut()
<a href=#537 id=537 data-nosnippet>537</a> .send(attestation.clone())
<a href=#538 id=538 data-nosnippet>538</a> .map_err(VerifierError::from),
<a href=#539 id=539 data-nosnippet>539</a> )
<a href=#540 id=540 data-nosnippet>540</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#541 id=541 data-nosnippet>541</a>
<a href=#542 id=542 data-nosnippet>542</a> <span class="macro">info!</span>(<span class="string">"Sent attestation"</span>);
<a href=#543 id=543 data-nosnippet>543</a>
<a href=#544 id=544 data-nosnippet>544</a> <span class="prelude-val">Ok</span>(attestation)
<a href=#545 id=545 data-nosnippet>545</a> }
<a href=#546 id=546 data-nosnippet>546</a>
<a href=#547 id=547 data-nosnippet>547</a> <span class="doccomment">/// Closes the connection with the prover.
<a href=#548 id=548 data-nosnippet>548</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#549 id=549 data-nosnippet>549</a> </span><span class="kw">pub async fn </span>close(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VerifierError&gt; {
<a href=#550 id=550 data-nosnippet>550</a> <span class="kw">let </span>state::Committed {
<a href=#551 id=551 data-nosnippet>551</a> mux_ctrl, mux_fut, ..
<a href=#552 id=552 data-nosnippet>552</a> } = <span class="self">self</span>.state;
<a href=#553 id=553 data-nosnippet>553</a>
<a href=#554 id=554 data-nosnippet>554</a> <span class="comment">// Wait for the prover to correctly close the connection.
<a href=#555 id=555 data-nosnippet>555</a> </span><span class="kw">if </span>!mux_fut.is_complete() {
<a href=#556 id=556 data-nosnippet>556</a> mux_ctrl.close();
<a href=#557 id=557 data-nosnippet>557</a> mux_fut.<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#558 id=558 data-nosnippet>558</a> }
<a href=#559 id=559 data-nosnippet>559</a>
<a href=#560 id=560 data-nosnippet>560</a> <span class="prelude-val">Ok</span>(())
<a href=#561 id=561 data-nosnippet>561</a> }
<a href=#562 id=562 data-nosnippet>562</a>}
<a href=#563 id=563 data-nosnippet>563</a>
<a href=#564 id=564 data-nosnippet>564</a><span class="kw">fn </span>build_mpc_tls(
<a href=#565 id=565 data-nosnippet>565</a> config: <span class="kw-2">&amp;</span>VerifierConfig,
<a href=#566 id=566 data-nosnippet>566</a> protocol_config: <span class="kw-2">&amp;</span>ProtocolConfig,
<a href=#567 id=567 data-nosnippet>567</a> delta: Delta,
<a href=#568 id=568 data-nosnippet>568</a> ctx: Context,
<a href=#569 id=569 data-nosnippet>569</a>) -&gt; (Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;, MpcTlsFollower) {
<a href=#570 id=570 data-nosnippet>570</a> <span class="kw">let </span><span class="kw-2">mut </span>rng = rand::rng();
<a href=#571 id=571 data-nosnippet>571</a>
<a href=#572 id=572 data-nosnippet>572</a> <span class="kw">let </span>base_ot_send = mpz_ot::chou_orlandi::Sender::default();
<a href=#573 id=573 data-nosnippet>573</a> <span class="kw">let </span>base_ot_recv = mpz_ot::chou_orlandi::Receiver::default();
<a href=#574 id=574 data-nosnippet>574</a> <span class="kw">let </span>rcot_send = mpz_ot::kos::Sender::new(
<a href=#575 id=575 data-nosnippet>575</a> mpz_ot::kos::SenderConfig::default(),
<a href=#576 id=576 data-nosnippet>576</a> delta.into_inner(),
<a href=#577 id=577 data-nosnippet>577</a> base_ot_recv,
<a href=#578 id=578 data-nosnippet>578</a> );
<a href=#579 id=579 data-nosnippet>579</a> <span class="kw">let </span>rcot_send = mpz_ot::ferret::Sender::new(
<a href=#580 id=580 data-nosnippet>580</a> mpz_ot::ferret::FerretConfig::builder()
<a href=#581 id=581 data-nosnippet>581</a> .lpn_type(mpz_ot::ferret::LpnType::Regular)
<a href=#582 id=582 data-nosnippet>582</a> .build()
<a href=#583 id=583 data-nosnippet>583</a> .expect(<span class="string">"ferret config is valid"</span>),
<a href=#584 id=584 data-nosnippet>584</a> Block::random(<span class="kw-2">&amp;mut </span>rng),
<a href=#585 id=585 data-nosnippet>585</a> rcot_send,
<a href=#586 id=586 data-nosnippet>586</a> );
<a href=#587 id=587 data-nosnippet>587</a> <span class="kw">let </span>rcot_recv =
<a href=#588 id=588 data-nosnippet>588</a> mpz_ot::kos::Receiver::new(mpz_ot::kos::ReceiverConfig::default(), base_ot_send);
<a href=#589 id=589 data-nosnippet>589</a>
<a href=#590 id=590 data-nosnippet>590</a> <span class="kw">let </span>rcot_send = mpz_ot::rcot::shared::SharedRCOTSender::new(rcot_send);
<a href=#591 id=591 data-nosnippet>591</a> <span class="kw">let </span>rcot_recv = mpz_ot::rcot::shared::SharedRCOTReceiver::new(rcot_recv);
<a href=#592 id=592 data-nosnippet>592</a>
<a href=#593 id=593 data-nosnippet>593</a> <span class="kw">let </span>mpc = Mpc::new(mpz_ot::cot::DerandCOTReceiver::new(rcot_recv.clone()));
<a href=#594 id=594 data-nosnippet>594</a>
<a href=#595 id=595 data-nosnippet>595</a> <span class="kw">let </span>zk = Zk::new(delta, rcot_send.clone());
<a href=#596 id=596 data-nosnippet>596</a>
<a href=#597 id=597 data-nosnippet>597</a> <span class="kw">let </span>vm = Arc::new(Mutex::new(Deap::new(tlsn_deap::Role::Follower, mpc, zk)));
<a href=#598 id=598 data-nosnippet>598</a>
<a href=#599 id=599 data-nosnippet>599</a> (
<a href=#600 id=600 data-nosnippet>600</a> vm.clone(),
<a href=#601 id=601 data-nosnippet>601</a> MpcTlsFollower::new(
<a href=#602 id=602 data-nosnippet>602</a> config.build_mpc_tls_config(protocol_config),
<a href=#603 id=603 data-nosnippet>603</a> ctx,
<a href=#604 id=604 data-nosnippet>604</a> vm,
<a href=#605 id=605 data-nosnippet>605</a> rcot_send,
<a href=#606 id=606 data-nosnippet>606</a> (rcot_recv.clone(), rcot_recv.clone(), rcot_recv),
<a href=#607 id=607 data-nosnippet>607</a> ),
<a href=#608 id=608 data-nosnippet>608</a> )
<a href=#609 id=609 data-nosnippet>609</a>}
<a href=#610 id=610 data-nosnippet>610</a>
<a href=#611 id=611 data-nosnippet>611</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#612 id=612 data-nosnippet>612</a></span><span class="kw">fn </span>translate_keys&lt;Mpc, Zk&gt;(
<a href=#613 id=613 data-nosnippet>613</a> keys: <span class="kw-2">&amp;mut </span>SessionKeys,
<a href=#614 id=614 data-nosnippet>614</a> vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;,
<a href=#615 id=615 data-nosnippet>615</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VerifierError&gt; {
<a href=#616 id=616 data-nosnippet>616</a> keys.client_write_key = vm
<a href=#617 id=617 data-nosnippet>617</a> .translate(keys.client_write_key)
<a href=#618 id=618 data-nosnippet>618</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#619 id=619 data-nosnippet>619</a> keys.client_write_iv = vm
<a href=#620 id=620 data-nosnippet>620</a> .translate(keys.client_write_iv)
<a href=#621 id=621 data-nosnippet>621</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#622 id=622 data-nosnippet>622</a> keys.server_write_key = vm
<a href=#623 id=623 data-nosnippet>623</a> .translate(keys.server_write_key)
<a href=#624 id=624 data-nosnippet>624</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#625 id=625 data-nosnippet>625</a> keys.server_write_iv = vm
<a href=#626 id=626 data-nosnippet>626</a> .translate(keys.server_write_iv)
<a href=#627 id=627 data-nosnippet>627</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#628 id=628 data-nosnippet>628</a> keys.server_write_mac_key = vm
<a href=#629 id=629 data-nosnippet>629</a> .translate(keys.server_write_mac_key)
<a href=#630 id=630 data-nosnippet>630</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#631 id=631 data-nosnippet>631</a>
<a href=#632 id=632 data-nosnippet>632</a> <span class="prelude-val">Ok</span>(())
<a href=#633 id=633 data-nosnippet>633</a>}</code></pre></div></section></main></body></html>

6
src/tlsn_verifier/config.rs.html → src/tlsn/verifier/config.rs.html
View File

@@ -1,10 +1,10 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/verifier/src/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_verifier" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_verifier/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>std::{
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/verifier/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/verifier/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>std::{
<a href=#2 id=2 data-nosnippet>2</a> fmt::{Debug, Formatter, <span class="prelude-ty">Result</span>},
<a href=#3 id=3 data-nosnippet>3</a> sync::Arc,
<a href=#4 id=4 data-nosnippet>4</a>};
<a href=#5 id=5 data-nosnippet>5</a>
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpc_tls::Config;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tlsn_common::config::{NetworkSetting, ProtocolConfig, ProtocolConfigValidator};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span><span class="kw">crate</span>::config::{NetworkSetting, ProtocolConfig, ProtocolConfigValidator};
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpc_tls::Config;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>tlsn_core::CryptoProvider;
<a href=#9 id=9 data-nosnippet>9</a>
<a href=#10 id=10 data-nosnippet>10</a><span class="doccomment">/// Configuration for the [`Verifier`](crate::tls::Verifier).

10
src/tlsn_verifier/error.rs.html → src/tlsn/verifier/error.rs.html
View File

@@ -1,6 +1,6 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/verifier/src/error.rs`."><title>error.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_verifier" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_verifier/</div>error.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>mpc_tls::MpcTlsError;
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>std::{error::Error, fmt};
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>tlsn_common::{encoding::EncodingError, zk_aes_ctr::ZkAesCtrError};
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/verifier/error.rs`."><title>error.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/verifier/</div>error.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use crate</span>::{encoding::EncodingError, zk_aes_ctr::ZkAesCtrError};
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>mpc_tls::MpcTlsError;
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>std::{error::Error, fmt};
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="doccomment">/// Error for [`Verifier`](crate::Verifier).
<a href=#6 id=6 data-nosnippet>6</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
@@ -88,8 +88,8 @@
<a href=#88 id=88 data-nosnippet>88</a> }
<a href=#89 id=89 data-nosnippet>89</a>}
<a href=#90 id=90 data-nosnippet>90</a>
<a href=#91 id=91 data-nosnippet>91</a><span class="kw">impl </span>From&lt;tlsn_common::config::ProtocolConfigError&gt; <span class="kw">for </span>VerifierError {
<a href=#92 id=92 data-nosnippet>92</a> <span class="kw">fn </span>from(e: tlsn_common::config::ProtocolConfigError) -&gt; <span class="self">Self </span>{
<a href=#91 id=91 data-nosnippet>91</a><span class="kw">impl </span>From&lt;<span class="kw">crate</span>::config::ProtocolConfigError&gt; <span class="kw">for </span>VerifierError {
<a href=#92 id=92 data-nosnippet>92</a> <span class="kw">fn </span>from(e: <span class="kw">crate</span>::config::ProtocolConfigError) -&gt; <span class="self">Self </span>{
<a href=#93 id=93 data-nosnippet>93</a> <span class="self">Self</span>::new(ErrorKind::Config, e)
<a href=#94 id=94 data-nosnippet>94</a> }
<a href=#95 id=95 data-nosnippet>95</a>}

61
src/tlsn/verifier/state.rs.html Normal file
View File

@@ -0,0 +1,61 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/verifier/state.rs`."><title>state.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/verifier/</div>state.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS Verifier state.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::sync::Arc;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use crate</span>::{
<a href=#6 id=6 data-nosnippet>6</a> commit::transcript::TranscriptRefs,
<a href=#7 id=7 data-nosnippet>7</a> mux::{MuxControl, MuxFuture},
<a href=#8 id=8 data-nosnippet>8</a> zk_aes_ctr::ZkAesCtr,
<a href=#9 id=9 data-nosnippet>9</a>};
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>mpc_tls::{MpcTlsFollower, SessionKeys};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>mpz_common::Context;
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>mpz_memory_core::correlated::Delta;
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>tlsn_core::transcript::TlsTranscript;
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#16 id=16 data-nosnippet>16</a>
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">use </span><span class="kw">crate</span>::verifier::{Mpc, Zk};
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="doccomment">/// TLS Verifier state.
<a href=#20 id=20 data-nosnippet>20</a></span><span class="kw">pub trait </span>VerifierState: sealed::Sealed {}
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="doccomment">/// Initialized state.
<a href=#23 id=23 data-nosnippet>23</a></span><span class="kw">pub struct </span>Initialized;
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a><span class="macro">opaque_debug::implement!</span>(Initialized);
<a href=#26 id=26 data-nosnippet>26</a>
<a href=#27 id=27 data-nosnippet>27</a><span class="doccomment">/// State after setup has completed.
<a href=#28 id=28 data-nosnippet>28</a></span><span class="kw">pub struct </span>Setup {
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">pub</span>(<span class="kw">crate</span>) delta: Delta,
<a href=#32 id=32 data-nosnippet>32</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mpc_tls: MpcTlsFollower,
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr_sent: ZkAesCtr,
<a href=#34 id=34 data-nosnippet>34</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr_recv: ZkAesCtr,
<a href=#35 id=35 data-nosnippet>35</a> <span class="kw">pub</span>(<span class="kw">crate</span>) keys: SessionKeys,
<a href=#36 id=36 data-nosnippet>36</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;,
<a href=#37 id=37 data-nosnippet>37</a>}
<a href=#38 id=38 data-nosnippet>38</a>
<a href=#39 id=39 data-nosnippet>39</a><span class="doccomment">/// State after the TLS connection has been closed.
<a href=#40 id=40 data-nosnippet>40</a></span><span class="kw">pub struct </span>Committed {
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#42 id=42 data-nosnippet>42</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">pub</span>(<span class="kw">crate</span>) delta: Delta,
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">pub</span>(<span class="kw">crate</span>) ctx: Context,
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Zk,
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">pub</span>(<span class="kw">crate</span>) tls_transcript: TlsTranscript,
<a href=#47 id=47 data-nosnippet>47</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript_refs: TranscriptRefs,
<a href=#48 id=48 data-nosnippet>48</a>}
<a href=#49 id=49 data-nosnippet>49</a>
<a href=#50 id=50 data-nosnippet>50</a><span class="macro">opaque_debug::implement!</span>(Committed);
<a href=#51 id=51 data-nosnippet>51</a>
<a href=#52 id=52 data-nosnippet>52</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Initialized {}
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Setup {}
<a href=#54 id=54 data-nosnippet>54</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Committed {}
<a href=#55 id=55 data-nosnippet>55</a>
<a href=#56 id=56 data-nosnippet>56</a><span class="kw">mod </span>sealed {
<a href=#57 id=57 data-nosnippet>57</a> <span class="kw">pub trait </span>Sealed {}
<a href=#58 id=58 data-nosnippet>58</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Initialized {}
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Setup {}
<a href=#60 id=60 data-nosnippet>60</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Committed {}
<a href=#61 id=61 data-nosnippet>61</a>}</code></pre></div></section></main></body></html>

214
src/tlsn/zk_aes_ctr.rs.html Normal file
View File

@@ -0,0 +1,214 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/tlsn/src/zk_aes_ctr.rs`."><title>zk_aes_ctr.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn/</div>zk_aes_ctr.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! Zero-knowledge AES-CTR encryption.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>cipher::{
<a href=#4 id=4 data-nosnippet>4</a> Cipher, CipherError, Keystream,
<a href=#5 id=5 data-nosnippet>5</a> aes::{Aes128, AesError},
<a href=#6 id=6 data-nosnippet>6</a>};
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpz_memory_core::{
<a href=#8 id=8 data-nosnippet>8</a> Array, Vector,
<a href=#9 id=9 data-nosnippet>9</a> binary::{Binary, U8},
<a href=#10 id=10 data-nosnippet>10</a>};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>mpz_vm_core::{Vm, prelude::<span class="kw-2">*</span>};
<a href=#12 id=12 data-nosnippet>12</a>
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span><span class="kw">crate</span>::Role;
<a href=#14 id=14 data-nosnippet>14</a>
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">type </span>Nonce = Array&lt;U8, <span class="number">8</span>&gt;;
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">type </span>Ctr = Array&lt;U8, <span class="number">4</span>&gt;;
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">type </span>Block = Array&lt;U8, <span class="number">16</span>&gt;;
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="kw">const </span>START_CTR: u32 = <span class="number">2</span>;
<a href=#20 id=20 data-nosnippet>20</a>
<a href=#21 id=21 data-nosnippet>21</a><span class="doccomment">/// ZK AES-CTR encryption.
<a href=#22 id=22 data-nosnippet>22</a></span><span class="attr">#[derive(Debug)]
<a href=#23 id=23 data-nosnippet>23</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>ZkAesCtr {
<a href=#24 id=24 data-nosnippet>24</a> role: Role,
<a href=#25 id=25 data-nosnippet>25</a> aes: Aes128,
<a href=#26 id=26 data-nosnippet>26</a> state: State,
<a href=#27 id=27 data-nosnippet>27</a>}
<a href=#28 id=28 data-nosnippet>28</a>
<a href=#29 id=29 data-nosnippet>29</a><span class="kw">impl </span>ZkAesCtr {
<a href=#30 id=30 data-nosnippet>30</a> <span class="doccomment">/// Creates a new ZK AES-CTR instance.
<a href=#31 id=31 data-nosnippet>31</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>new(role: Role) -&gt; <span class="self">Self </span>{
<a href=#32 id=32 data-nosnippet>32</a> <span class="self">Self </span>{
<a href=#33 id=33 data-nosnippet>33</a> role,
<a href=#34 id=34 data-nosnippet>34</a> aes: Aes128::default(),
<a href=#35 id=35 data-nosnippet>35</a> state: State::Init,
<a href=#36 id=36 data-nosnippet>36</a> }
<a href=#37 id=37 data-nosnippet>37</a> }
<a href=#38 id=38 data-nosnippet>38</a>
<a href=#39 id=39 data-nosnippet>39</a> <span class="doccomment">/// Returns the role.
<a href=#40 id=40 data-nosnippet>40</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>role(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>Role {
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw-2">&amp;</span><span class="self">self</span>.role
<a href=#42 id=42 data-nosnippet>42</a> }
<a href=#43 id=43 data-nosnippet>43</a>
<a href=#44 id=44 data-nosnippet>44</a> <span class="doccomment">/// Allocates `len` bytes for encryption.
<a href=#45 id=45 data-nosnippet>45</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>alloc(
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#47 id=47 data-nosnippet>47</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#48 id=48 data-nosnippet>48</a> len: usize,
<a href=#49 id=49 data-nosnippet>49</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), ZkAesCtrError&gt; {
<a href=#50 id=50 data-nosnippet>50</a> <span class="kw">let </span>State::Init = <span class="self">self</span>.state.take() <span class="kw">else </span>{
<a href=#51 id=51 data-nosnippet>51</a> <span class="prelude-val">Err</span>(ErrorRepr::State {
<a href=#52 id=52 data-nosnippet>52</a> reason: <span class="string">"must be in init state to allocate"</span>,
<a href=#53 id=53 data-nosnippet>53</a> })<span class="question-mark">?
<a href=#54 id=54 data-nosnippet>54</a> </span>};
<a href=#55 id=55 data-nosnippet>55</a>
<a href=#56 id=56 data-nosnippet>56</a> <span class="comment">// Round up to the nearest block size.
<a href=#57 id=57 data-nosnippet>57</a> </span><span class="kw">let </span>len = <span class="number">16 </span>* len.div_ceil(<span class="number">16</span>);
<a href=#58 id=58 data-nosnippet>58</a>
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">let </span>input = vm.alloc_vec::&lt;U8&gt;(len).map_err(ZkAesCtrError::vm)<span class="question-mark">?</span>;
<a href=#60 id=60 data-nosnippet>60</a> <span class="kw">let </span>keystream = <span class="self">self</span>.aes.alloc_keystream(vm, len)<span class="question-mark">?</span>;
<a href=#61 id=61 data-nosnippet>61</a>
<a href=#62 id=62 data-nosnippet>62</a> <span class="kw">match </span><span class="self">self</span>.role {
<a href=#63 id=63 data-nosnippet>63</a> Role::Prover =&gt; vm.mark_private(input).map_err(ZkAesCtrError::vm)<span class="question-mark">?</span>,
<a href=#64 id=64 data-nosnippet>64</a> Role::Verifier =&gt; vm.mark_blind(input).map_err(ZkAesCtrError::vm)<span class="question-mark">?</span>,
<a href=#65 id=65 data-nosnippet>65</a> }
<a href=#66 id=66 data-nosnippet>66</a>
<a href=#67 id=67 data-nosnippet>67</a> <span class="self">self</span>.state = State::Ready { input, keystream };
<a href=#68 id=68 data-nosnippet>68</a>
<a href=#69 id=69 data-nosnippet>69</a> <span class="prelude-val">Ok</span>(())
<a href=#70 id=70 data-nosnippet>70</a> }
<a href=#71 id=71 data-nosnippet>71</a>
<a href=#72 id=72 data-nosnippet>72</a> <span class="doccomment">/// Sets the key and IV for the cipher.
<a href=#73 id=73 data-nosnippet>73</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>set_key(<span class="kw-2">&amp;mut </span><span class="self">self</span>, key: Array&lt;U8, <span class="number">16</span>&gt;, iv: Array&lt;U8, <span class="number">4</span>&gt;) {
<a href=#74 id=74 data-nosnippet>74</a> <span class="self">self</span>.aes.set_key(key);
<a href=#75 id=75 data-nosnippet>75</a> <span class="self">self</span>.aes.set_iv(iv);
<a href=#76 id=76 data-nosnippet>76</a> }
<a href=#77 id=77 data-nosnippet>77</a>
<a href=#78 id=78 data-nosnippet>78</a> <span class="doccomment">/// Proves the encryption of `len` bytes.
<a href=#79 id=79 data-nosnippet>79</a> ///
<a href=#80 id=80 data-nosnippet>80</a> /// Here we only assign certain values in the VM but the actual proving
<a href=#81 id=81 data-nosnippet>81</a> /// happens later when the plaintext is assigned and the VM is executed.
<a href=#82 id=82 data-nosnippet>82</a> ///
<a href=#83 id=83 data-nosnippet>83</a> /// # Arguments
<a href=#84 id=84 data-nosnippet>84</a> ///
<a href=#85 id=85 data-nosnippet>85</a> /// * `vm` - Virtual machine.
<a href=#86 id=86 data-nosnippet>86</a> /// * `explicit_nonce` - Explicit nonce.
<a href=#87 id=87 data-nosnippet>87</a> /// * `len` - Length of the plaintext in bytes.
<a href=#88 id=88 data-nosnippet>88</a> ///
<a href=#89 id=89 data-nosnippet>89</a> /// # Returns
<a href=#90 id=90 data-nosnippet>90</a> ///
<a href=#91 id=91 data-nosnippet>91</a> /// A VM reference to the plaintext and the ciphertext.
<a href=#92 id=92 data-nosnippet>92</a> </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>encrypt(
<a href=#93 id=93 data-nosnippet>93</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#94 id=94 data-nosnippet>94</a> vm: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>Vm&lt;Binary&gt;,
<a href=#95 id=95 data-nosnippet>95</a> explicit_nonce: Vec&lt;u8&gt;,
<a href=#96 id=96 data-nosnippet>96</a> len: usize,
<a href=#97 id=97 data-nosnippet>97</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(Vector&lt;U8&gt;, Vector&lt;U8&gt;), ZkAesCtrError&gt; {
<a href=#98 id=98 data-nosnippet>98</a> <span class="kw">let </span>State::Ready { input, keystream } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state <span class="kw">else </span>{
<a href=#99 id=99 data-nosnippet>99</a> <span class="prelude-val">Err</span>(ErrorRepr::State {
<a href=#100 id=100 data-nosnippet>100</a> reason: <span class="string">"must be in ready state to encrypt"</span>,
<a href=#101 id=101 data-nosnippet>101</a> })<span class="question-mark">?
<a href=#102 id=102 data-nosnippet>102</a> </span>};
<a href=#103 id=103 data-nosnippet>103</a>
<a href=#104 id=104 data-nosnippet>104</a> <span class="kw">let </span>explicit_nonce: [u8; <span class="number">8</span>] =
<a href=#105 id=105 data-nosnippet>105</a> explicit_nonce
<a href=#106 id=106 data-nosnippet>106</a> .try_into()
<a href=#107 id=107 data-nosnippet>107</a> .map_err(|explicit_nonce: Vec&lt;<span class="kw">_</span>&gt;| ErrorRepr::ExplicitNonceLength {
<a href=#108 id=108 data-nosnippet>108</a> expected: <span class="number">8</span>,
<a href=#109 id=109 data-nosnippet>109</a> actual: explicit_nonce.len(),
<a href=#110 id=110 data-nosnippet>110</a> })<span class="question-mark">?</span>;
<a href=#111 id=111 data-nosnippet>111</a>
<a href=#112 id=112 data-nosnippet>112</a> <span class="kw">let </span>block_count = len.div_ceil(<span class="number">16</span>);
<a href=#113 id=113 data-nosnippet>113</a> <span class="kw">let </span>padded_len = block_count * <span class="number">16</span>;
<a href=#114 id=114 data-nosnippet>114</a> <span class="kw">let </span>padding_len = padded_len - len;
<a href=#115 id=115 data-nosnippet>115</a>
<a href=#116 id=116 data-nosnippet>116</a> <span class="kw">if </span>padded_len &gt; input.len() {
<a href=#117 id=117 data-nosnippet>117</a> <span class="prelude-val">Err</span>(ErrorRepr::InsufficientPreprocessing {
<a href=#118 id=118 data-nosnippet>118</a> expected: padded_len,
<a href=#119 id=119 data-nosnippet>119</a> actual: input.len(),
<a href=#120 id=120 data-nosnippet>120</a> })<span class="question-mark">?
<a href=#121 id=121 data-nosnippet>121</a> </span>}
<a href=#122 id=122 data-nosnippet>122</a>
<a href=#123 id=123 data-nosnippet>123</a> <span class="kw">let </span><span class="kw-2">mut </span>input = input.split_off(input.len() - padded_len);
<a href=#124 id=124 data-nosnippet>124</a> <span class="kw">let </span>keystream = keystream.consume(padded_len)<span class="question-mark">?</span>;
<a href=#125 id=125 data-nosnippet>125</a> <span class="kw">let </span><span class="kw-2">mut </span>output = keystream.apply(vm, input)<span class="question-mark">?</span>;
<a href=#126 id=126 data-nosnippet>126</a>
<a href=#127 id=127 data-nosnippet>127</a> <span class="comment">// Assign counter block inputs.
<a href=#128 id=128 data-nosnippet>128</a> </span><span class="kw">let </span><span class="kw-2">mut </span>ctr = START_CTR..;
<a href=#129 id=129 data-nosnippet>129</a> keystream.assign(vm, explicit_nonce, <span class="kw">move </span>|| {
<a href=#130 id=130 data-nosnippet>130</a> ctr.next().expect(<span class="string">"range is unbounded"</span>).to_be_bytes()
<a href=#131 id=131 data-nosnippet>131</a> })<span class="question-mark">?</span>;
<a href=#132 id=132 data-nosnippet>132</a>
<a href=#133 id=133 data-nosnippet>133</a> <span class="comment">// Assign zeroes to the padding.
<a href=#134 id=134 data-nosnippet>134</a> </span><span class="kw">if </span>padding_len &gt; <span class="number">0 </span>{
<a href=#135 id=135 data-nosnippet>135</a> <span class="kw">let </span>padding = input.split_off(input.len() - padding_len);
<a href=#136 id=136 data-nosnippet>136</a> <span class="comment">// To simplify the impl, we don't mark the padding as public, that's why only
<a href=#137 id=137 data-nosnippet>137</a> // the prover assigns it.
<a href=#138 id=138 data-nosnippet>138</a> </span><span class="kw">if let </span>Role::Prover = <span class="self">self</span>.role {
<a href=#139 id=139 data-nosnippet>139</a> vm.assign(padding, <span class="macro">vec!</span>[<span class="number">0</span>; padding_len])
<a href=#140 id=140 data-nosnippet>140</a> .map_err(ZkAesCtrError::vm)<span class="question-mark">?</span>;
<a href=#141 id=141 data-nosnippet>141</a> }
<a href=#142 id=142 data-nosnippet>142</a> vm.commit(padding).map_err(ZkAesCtrError::vm)<span class="question-mark">?</span>;
<a href=#143 id=143 data-nosnippet>143</a> output.truncate(len);
<a href=#144 id=144 data-nosnippet>144</a> }
<a href=#145 id=145 data-nosnippet>145</a>
<a href=#146 id=146 data-nosnippet>146</a> <span class="prelude-val">Ok</span>((input, output))
<a href=#147 id=147 data-nosnippet>147</a> }
<a href=#148 id=148 data-nosnippet>148</a>}
<a href=#149 id=149 data-nosnippet>149</a>
<a href=#150 id=150 data-nosnippet>150</a><span class="kw">enum </span>State {
<a href=#151 id=151 data-nosnippet>151</a> Init,
<a href=#152 id=152 data-nosnippet>152</a> Ready {
<a href=#153 id=153 data-nosnippet>153</a> input: Vector&lt;U8&gt;,
<a href=#154 id=154 data-nosnippet>154</a> keystream: Keystream&lt;Nonce, Ctr, Block&gt;,
<a href=#155 id=155 data-nosnippet>155</a> },
<a href=#156 id=156 data-nosnippet>156</a> Error,
<a href=#157 id=157 data-nosnippet>157</a>}
<a href=#158 id=158 data-nosnippet>158</a>
<a href=#159 id=159 data-nosnippet>159</a><span class="kw">impl </span>State {
<a href=#160 id=160 data-nosnippet>160</a> <span class="kw">fn </span>take(<span class="kw-2">&amp;mut </span><span class="self">self</span>) -&gt; <span class="self">Self </span>{
<a href=#161 id=161 data-nosnippet>161</a> std::mem::replace(<span class="self">self</span>, State::Error)
<a href=#162 id=162 data-nosnippet>162</a> }
<a href=#163 id=163 data-nosnippet>163</a>}
<a href=#164 id=164 data-nosnippet>164</a>
<a href=#165 id=165 data-nosnippet>165</a><span class="kw">impl </span>std::fmt::Debug <span class="kw">for </span>State {
<a href=#166 id=166 data-nosnippet>166</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>std::fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; std::fmt::Result {
<a href=#167 id=167 data-nosnippet>167</a> <span class="kw">match </span><span class="self">self </span>{
<a href=#168 id=168 data-nosnippet>168</a> State::Init =&gt; <span class="macro">write!</span>(f, <span class="string">"Init"</span>),
<a href=#169 id=169 data-nosnippet>169</a> State::Ready { .. } =&gt; <span class="macro">write!</span>(f, <span class="string">"Ready"</span>),
<a href=#170 id=170 data-nosnippet>170</a> State::Error =&gt; <span class="macro">write!</span>(f, <span class="string">"Error"</span>),
<a href=#171 id=171 data-nosnippet>171</a> }
<a href=#172 id=172 data-nosnippet>172</a> }
<a href=#173 id=173 data-nosnippet>173</a>}
<a href=#174 id=174 data-nosnippet>174</a>
<a href=#175 id=175 data-nosnippet>175</a><span class="doccomment">/// Error for [`ZkAesCtr`].
<a href=#176 id=176 data-nosnippet>176</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#177 id=177 data-nosnippet>177</a>#[error(transparent)]
<a href=#178 id=178 data-nosnippet>178</a></span><span class="kw">pub struct </span>ZkAesCtrError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#179 id=179 data-nosnippet>179</a>
<a href=#180 id=180 data-nosnippet>180</a><span class="kw">impl </span>ZkAesCtrError {
<a href=#181 id=181 data-nosnippet>181</a> <span class="kw">fn </span>vm&lt;E&gt;(err: E) -&gt; <span class="self">Self
<a href=#182 id=182 data-nosnippet>182</a> </span><span class="kw">where
<a href=#183 id=183 data-nosnippet>183</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#184 id=184 data-nosnippet>184</a> {
<a href=#185 id=185 data-nosnippet>185</a> <span class="self">Self</span>(ErrorRepr::Vm(err.into()))
<a href=#186 id=186 data-nosnippet>186</a> }
<a href=#187 id=187 data-nosnippet>187</a>}
<a href=#188 id=188 data-nosnippet>188</a>
<a href=#189 id=189 data-nosnippet>189</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#190 id=190 data-nosnippet>190</a>#[error(<span class="string">"zk aes error"</span>)]
<a href=#191 id=191 data-nosnippet>191</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#192 id=192 data-nosnippet>192</a> <span class="attr">#[error(<span class="string">"invalid state: {reason}"</span>)]
<a href=#193 id=193 data-nosnippet>193</a> </span>State { reason: <span class="kw-2">&amp;</span><span class="lifetime">'static </span>str },
<a href=#194 id=194 data-nosnippet>194</a> <span class="attr">#[error(<span class="string">"cipher error: {0}"</span>)]
<a href=#195 id=195 data-nosnippet>195</a> </span>Cipher(Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;),
<a href=#196 id=196 data-nosnippet>196</a> <span class="attr">#[error(<span class="string">"vm error: {0}"</span>)]
<a href=#197 id=197 data-nosnippet>197</a> </span>Vm(Box&lt;<span class="kw">dyn </span>std::error::Error + Send + Sync + <span class="lifetime">'static</span>&gt;),
<a href=#198 id=198 data-nosnippet>198</a> <span class="attr">#[error(<span class="string">"invalid explicit nonce length: expected {expected}, got {actual}"</span>)]
<a href=#199 id=199 data-nosnippet>199</a> </span>ExplicitNonceLength { expected: usize, actual: usize },
<a href=#200 id=200 data-nosnippet>200</a> <span class="attr">#[error(<span class="string">"insufficient preprocessing: expected {expected}, got {actual}"</span>)]
<a href=#201 id=201 data-nosnippet>201</a> </span>InsufficientPreprocessing { expected: usize, actual: usize },
<a href=#202 id=202 data-nosnippet>202</a>}
<a href=#203 id=203 data-nosnippet>203</a>
<a href=#204 id=204 data-nosnippet>204</a><span class="kw">impl </span>From&lt;AesError&gt; <span class="kw">for </span>ZkAesCtrError {
<a href=#205 id=205 data-nosnippet>205</a> <span class="kw">fn </span>from(err: AesError) -&gt; <span class="self">Self </span>{
<a href=#206 id=206 data-nosnippet>206</a> <span class="self">Self</span>(ErrorRepr::Cipher(Box::new(err)))
<a href=#207 id=207 data-nosnippet>207</a> }
<a href=#208 id=208 data-nosnippet>208</a>}
<a href=#209 id=209 data-nosnippet>209</a>
<a href=#210 id=210 data-nosnippet>210</a><span class="kw">impl </span>From&lt;CipherError&gt; <span class="kw">for </span>ZkAesCtrError {
<a href=#211 id=211 data-nosnippet>211</a> <span class="kw">fn </span>from(err: CipherError) -&gt; <span class="self">Self </span>{
<a href=#212 id=212 data-nosnippet>212</a> <span class="self">Self</span>(ErrorRepr::Cipher(Box::new(err)))
<a href=#213 id=213 data-nosnippet>213</a> }
<a href=#214 id=214 data-nosnippet>214</a>}</code></pre></div></section></main></body></html>

833
src/tlsn_core/connection.rs.html
View File

@@ -273,417 +273,426 @@
<a href=#273 id=273 data-nosnippet>273</a>
<a href=#274 id=274 data-nosnippet>274</a><span class="macro">impl_domain_separator!</span>(HandshakeData);
<a href=#275 id=275 data-nosnippet>275</a>
<a href=#276 id=276 data-nosnippet>276</a><span class="doccomment">/// Server certificate and handshake data.
<a href=#276 id=276 data-nosnippet>276</a><span class="doccomment">/// Verify data from the TLS handshake finished messages.
<a href=#277 id=277 data-nosnippet>277</a></span><span class="attr">#[derive(Debug, Clone, Serialize, Deserialize)]
<a href=#278 id=278 data-nosnippet>278</a></span><span class="kw">pub struct </span>ServerCertData {
<a href=#279 id=279 data-nosnippet>279</a> <span class="doccomment">/// Certificate chain.
<a href=#280 id=280 data-nosnippet>280</a> </span><span class="kw">pub </span>certs: Vec&lt;Certificate&gt;,
<a href=#281 id=281 data-nosnippet>281</a> <span class="doccomment">/// Server signature of the key exchange parameters.
<a href=#282 id=282 data-nosnippet>282</a> </span><span class="kw">pub </span>sig: ServerSignature,
<a href=#283 id=283 data-nosnippet>283</a> <span class="doccomment">/// TLS handshake data.
<a href=#284 id=284 data-nosnippet>284</a> </span><span class="kw">pub </span>handshake: HandshakeData,
<a href=#285 id=285 data-nosnippet>285</a>}
<a href=#286 id=286 data-nosnippet>286</a>
<a href=#287 id=287 data-nosnippet>287</a><span class="kw">impl </span>ServerCertData {
<a href=#288 id=288 data-nosnippet>288</a> <span class="doccomment">/// Verifies the server certificate data.
<a href=#289 id=289 data-nosnippet>289</a> ///
<a href=#290 id=290 data-nosnippet>290</a> /// # Arguments
<a href=#291 id=291 data-nosnippet>291</a> ///
<a href=#292 id=292 data-nosnippet>292</a> /// * `provider` - The crypto provider to use for verification.
<a href=#293 id=293 data-nosnippet>293</a> /// * `time` - The time of the connection.
<a href=#294 id=294 data-nosnippet>294</a> /// * `server_ephemeral_key` - The server's ephemeral key.
<a href=#295 id=295 data-nosnippet>295</a> /// * `server_name` - The server name.
<a href=#296 id=296 data-nosnippet>296</a> </span><span class="kw">pub fn </span>verify_with_provider(
<a href=#297 id=297 data-nosnippet>297</a> <span class="kw-2">&amp;</span><span class="self">self</span>,
<a href=#298 id=298 data-nosnippet>298</a> provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#299 id=299 data-nosnippet>299</a> time: u64,
<a href=#300 id=300 data-nosnippet>300</a> server_ephemeral_key: <span class="kw-2">&amp;</span>ServerEphemKey,
<a href=#301 id=301 data-nosnippet>301</a> server_name: <span class="kw-2">&amp;</span>ServerName,
<a href=#302 id=302 data-nosnippet>302</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), CertificateVerificationError&gt; {
<a href=#303 id=303 data-nosnippet>303</a> <span class="attr">#[allow(irrefutable_let_patterns)]
<a href=#304 id=304 data-nosnippet>304</a> </span><span class="kw">let </span>HandshakeData::V1_2(HandshakeDataV1_2 {
<a href=#305 id=305 data-nosnippet>305</a> client_random,
<a href=#306 id=306 data-nosnippet>306</a> server_random,
<a href=#307 id=307 data-nosnippet>307</a> server_ephemeral_key: expected_server_ephemeral_key,
<a href=#308 id=308 data-nosnippet>308</a> }) = <span class="kw-2">&amp;</span><span class="self">self</span>.handshake
<a href=#309 id=309 data-nosnippet>309</a> <span class="kw">else </span>{
<a href=#310 id=310 data-nosnippet>310</a> <span class="macro">unreachable!</span>(<span class="string">"only TLS 1.2 is implemented"</span>)
<a href=#311 id=311 data-nosnippet>311</a> };
<a href=#312 id=312 data-nosnippet>312</a>
<a href=#313 id=313 data-nosnippet>313</a> <span class="kw">if </span>server_ephemeral_key != expected_server_ephemeral_key {
<a href=#314 id=314 data-nosnippet>314</a> <span class="kw">return </span><span class="prelude-val">Err</span>(CertificateVerificationError::InvalidServerEphemeralKey);
<a href=#315 id=315 data-nosnippet>315</a> }
<a href=#316 id=316 data-nosnippet>316</a>
<a href=#317 id=317 data-nosnippet>317</a> <span class="comment">// Verify server name.
<a href=#318 id=318 data-nosnippet>318</a> </span><span class="kw">let </span>server_name = tls_core::dns::ServerName::try_from(server_name.as_ref())
<a href=#319 id=319 data-nosnippet>319</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidIdentity(server_name.clone()))<span class="question-mark">?</span>;
<a href=#320 id=320 data-nosnippet>320</a>
<a href=#321 id=321 data-nosnippet>321</a> <span class="comment">// Verify server certificate.
<a href=#322 id=322 data-nosnippet>322</a> </span><span class="kw">let </span>cert_chain = <span class="self">self
<a href=#323 id=323 data-nosnippet>323</a> </span>.certs
<a href=#324 id=324 data-nosnippet>324</a> .clone()
<a href=#325 id=325 data-nosnippet>325</a> .into_iter()
<a href=#326 id=326 data-nosnippet>326</a> .map(|cert| tls_core::key::Certificate(cert.<span class="number">0</span>))
<a href=#327 id=327 data-nosnippet>327</a> .collect::&lt;Vec&lt;<span class="kw">_</span>&gt;&gt;();
<a href=#328 id=328 data-nosnippet>328</a>
<a href=#329 id=329 data-nosnippet>329</a> <span class="kw">let </span>(end_entity, intermediates) = cert_chain
<a href=#330 id=330 data-nosnippet>330</a> .split_first()
<a href=#331 id=331 data-nosnippet>331</a> .ok_or(CertificateVerificationError::MissingCerts)<span class="question-mark">?</span>;
<a href=#332 id=332 data-nosnippet>332</a>
<a href=#333 id=333 data-nosnippet>333</a> <span class="comment">// Verify the end entity cert is valid for the provided server name
<a href=#334 id=334 data-nosnippet>334</a> // and that it chains to at least one of the roots we trust.
<a href=#335 id=335 data-nosnippet>335</a> </span>provider
<a href=#336 id=336 data-nosnippet>336</a> .cert
<a href=#337 id=337 data-nosnippet>337</a> .verify_server_cert(
<a href=#338 id=338 data-nosnippet>338</a> end_entity,
<a href=#339 id=339 data-nosnippet>339</a> intermediates,
<a href=#340 id=340 data-nosnippet>340</a> <span class="kw-2">&amp;</span>server_name,
<a href=#341 id=341 data-nosnippet>341</a> <span class="kw-2">&amp;mut </span>[].into_iter(),
<a href=#342 id=342 data-nosnippet>342</a> <span class="kw-2">&amp;</span>[],
<a href=#343 id=343 data-nosnippet>343</a> UNIX_EPOCH + Duration::from_secs(time),
<a href=#344 id=344 data-nosnippet>344</a> )
<a href=#345 id=345 data-nosnippet>345</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidCert)<span class="question-mark">?</span>;
<a href=#346 id=346 data-nosnippet>346</a>
<a href=#347 id=347 data-nosnippet>347</a> <span class="comment">// Verify the signature matches the certificate and key exchange parameters.
<a href=#348 id=348 data-nosnippet>348</a> </span><span class="kw">let </span><span class="kw-2">mut </span>message = Vec::new();
<a href=#349 id=349 data-nosnippet>349</a> message.extend_from_slice(client_random);
<a href=#350 id=350 data-nosnippet>350</a> message.extend_from_slice(server_random);
<a href=#351 id=351 data-nosnippet>351</a> message.extend_from_slice(<span class="kw-2">&amp;</span>server_ephemeral_key.kx_params());
<a href=#352 id=352 data-nosnippet>352</a>
<a href=#353 id=353 data-nosnippet>353</a> <span class="kw">let </span>dss = DigitallySignedStruct::new(<span class="self">self</span>.sig.scheme.into(), <span class="self">self</span>.sig.sig.clone());
<a href=#354 id=354 data-nosnippet>354</a>
<a href=#355 id=355 data-nosnippet>355</a> provider
<a href=#356 id=356 data-nosnippet>356</a> .cert
<a href=#357 id=357 data-nosnippet>357</a> .verify_tls12_signature(<span class="kw-2">&amp;</span>message, end_entity, <span class="kw-2">&amp;</span>dss)
<a href=#358 id=358 data-nosnippet>358</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidServerSignature)<span class="question-mark">?</span>;
<a href=#359 id=359 data-nosnippet>359</a>
<a href=#360 id=360 data-nosnippet>360</a> <span class="prelude-val">Ok</span>(())
<a href=#361 id=361 data-nosnippet>361</a> }
<a href=#362 id=362 data-nosnippet>362</a>}
<a href=#278 id=278 data-nosnippet>278</a></span><span class="kw">pub struct </span>VerifyData {
<a href=#279 id=279 data-nosnippet>279</a> <span class="doccomment">/// Client finished verify data.
<a href=#280 id=280 data-nosnippet>280</a> </span><span class="kw">pub </span>client_finished: Vec&lt;u8&gt;,
<a href=#281 id=281 data-nosnippet>281</a> <span class="doccomment">/// Server finished verify data.
<a href=#282 id=282 data-nosnippet>282</a> </span><span class="kw">pub </span>server_finished: Vec&lt;u8&gt;,
<a href=#283 id=283 data-nosnippet>283</a>}
<a href=#284 id=284 data-nosnippet>284</a>
<a href=#285 id=285 data-nosnippet>285</a><span class="doccomment">/// Server certificate and handshake data.
<a href=#286 id=286 data-nosnippet>286</a></span><span class="attr">#[derive(Debug, Clone, Serialize, Deserialize)]
<a href=#287 id=287 data-nosnippet>287</a></span><span class="kw">pub struct </span>ServerCertData {
<a href=#288 id=288 data-nosnippet>288</a> <span class="doccomment">/// Certificate chain.
<a href=#289 id=289 data-nosnippet>289</a> </span><span class="kw">pub </span>certs: Vec&lt;Certificate&gt;,
<a href=#290 id=290 data-nosnippet>290</a> <span class="doccomment">/// Server signature of the key exchange parameters.
<a href=#291 id=291 data-nosnippet>291</a> </span><span class="kw">pub </span>sig: ServerSignature,
<a href=#292 id=292 data-nosnippet>292</a> <span class="doccomment">/// TLS handshake data.
<a href=#293 id=293 data-nosnippet>293</a> </span><span class="kw">pub </span>handshake: HandshakeData,
<a href=#294 id=294 data-nosnippet>294</a>}
<a href=#295 id=295 data-nosnippet>295</a>
<a href=#296 id=296 data-nosnippet>296</a><span class="kw">impl </span>ServerCertData {
<a href=#297 id=297 data-nosnippet>297</a> <span class="doccomment">/// Verifies the server certificate data.
<a href=#298 id=298 data-nosnippet>298</a> ///
<a href=#299 id=299 data-nosnippet>299</a> /// # Arguments
<a href=#300 id=300 data-nosnippet>300</a> ///
<a href=#301 id=301 data-nosnippet>301</a> /// * `provider` - The crypto provider to use for verification.
<a href=#302 id=302 data-nosnippet>302</a> /// * `time` - The time of the connection.
<a href=#303 id=303 data-nosnippet>303</a> /// * `server_ephemeral_key` - The server's ephemeral key.
<a href=#304 id=304 data-nosnippet>304</a> /// * `server_name` - The server name.
<a href=#305 id=305 data-nosnippet>305</a> </span><span class="kw">pub fn </span>verify_with_provider(
<a href=#306 id=306 data-nosnippet>306</a> <span class="kw-2">&amp;</span><span class="self">self</span>,
<a href=#307 id=307 data-nosnippet>307</a> provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#308 id=308 data-nosnippet>308</a> time: u64,
<a href=#309 id=309 data-nosnippet>309</a> server_ephemeral_key: <span class="kw-2">&amp;</span>ServerEphemKey,
<a href=#310 id=310 data-nosnippet>310</a> server_name: <span class="kw-2">&amp;</span>ServerName,
<a href=#311 id=311 data-nosnippet>311</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(), CertificateVerificationError&gt; {
<a href=#312 id=312 data-nosnippet>312</a> <span class="attr">#[allow(irrefutable_let_patterns)]
<a href=#313 id=313 data-nosnippet>313</a> </span><span class="kw">let </span>HandshakeData::V1_2(HandshakeDataV1_2 {
<a href=#314 id=314 data-nosnippet>314</a> client_random,
<a href=#315 id=315 data-nosnippet>315</a> server_random,
<a href=#316 id=316 data-nosnippet>316</a> server_ephemeral_key: expected_server_ephemeral_key,
<a href=#317 id=317 data-nosnippet>317</a> }) = <span class="kw-2">&amp;</span><span class="self">self</span>.handshake
<a href=#318 id=318 data-nosnippet>318</a> <span class="kw">else </span>{
<a href=#319 id=319 data-nosnippet>319</a> <span class="macro">unreachable!</span>(<span class="string">"only TLS 1.2 is implemented"</span>)
<a href=#320 id=320 data-nosnippet>320</a> };
<a href=#321 id=321 data-nosnippet>321</a>
<a href=#322 id=322 data-nosnippet>322</a> <span class="kw">if </span>server_ephemeral_key != expected_server_ephemeral_key {
<a href=#323 id=323 data-nosnippet>323</a> <span class="kw">return </span><span class="prelude-val">Err</span>(CertificateVerificationError::InvalidServerEphemeralKey);
<a href=#324 id=324 data-nosnippet>324</a> }
<a href=#325 id=325 data-nosnippet>325</a>
<a href=#326 id=326 data-nosnippet>326</a> <span class="comment">// Verify server name.
<a href=#327 id=327 data-nosnippet>327</a> </span><span class="kw">let </span>server_name = tls_core::dns::ServerName::try_from(server_name.as_ref())
<a href=#328 id=328 data-nosnippet>328</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidIdentity(server_name.clone()))<span class="question-mark">?</span>;
<a href=#329 id=329 data-nosnippet>329</a>
<a href=#330 id=330 data-nosnippet>330</a> <span class="comment">// Verify server certificate.
<a href=#331 id=331 data-nosnippet>331</a> </span><span class="kw">let </span>cert_chain = <span class="self">self
<a href=#332 id=332 data-nosnippet>332</a> </span>.certs
<a href=#333 id=333 data-nosnippet>333</a> .clone()
<a href=#334 id=334 data-nosnippet>334</a> .into_iter()
<a href=#335 id=335 data-nosnippet>335</a> .map(|cert| tls_core::key::Certificate(cert.<span class="number">0</span>))
<a href=#336 id=336 data-nosnippet>336</a> .collect::&lt;Vec&lt;<span class="kw">_</span>&gt;&gt;();
<a href=#337 id=337 data-nosnippet>337</a>
<a href=#338 id=338 data-nosnippet>338</a> <span class="kw">let </span>(end_entity, intermediates) = cert_chain
<a href=#339 id=339 data-nosnippet>339</a> .split_first()
<a href=#340 id=340 data-nosnippet>340</a> .ok_or(CertificateVerificationError::MissingCerts)<span class="question-mark">?</span>;
<a href=#341 id=341 data-nosnippet>341</a>
<a href=#342 id=342 data-nosnippet>342</a> <span class="comment">// Verify the end entity cert is valid for the provided server name
<a href=#343 id=343 data-nosnippet>343</a> // and that it chains to at least one of the roots we trust.
<a href=#344 id=344 data-nosnippet>344</a> </span>provider
<a href=#345 id=345 data-nosnippet>345</a> .cert
<a href=#346 id=346 data-nosnippet>346</a> .verify_server_cert(
<a href=#347 id=347 data-nosnippet>347</a> end_entity,
<a href=#348 id=348 data-nosnippet>348</a> intermediates,
<a href=#349 id=349 data-nosnippet>349</a> <span class="kw-2">&amp;</span>server_name,
<a href=#350 id=350 data-nosnippet>350</a> <span class="kw-2">&amp;mut </span>[].into_iter(),
<a href=#351 id=351 data-nosnippet>351</a> <span class="kw-2">&amp;</span>[],
<a href=#352 id=352 data-nosnippet>352</a> UNIX_EPOCH + Duration::from_secs(time),
<a href=#353 id=353 data-nosnippet>353</a> )
<a href=#354 id=354 data-nosnippet>354</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidCert)<span class="question-mark">?</span>;
<a href=#355 id=355 data-nosnippet>355</a>
<a href=#356 id=356 data-nosnippet>356</a> <span class="comment">// Verify the signature matches the certificate and key exchange parameters.
<a href=#357 id=357 data-nosnippet>357</a> </span><span class="kw">let </span><span class="kw-2">mut </span>message = Vec::new();
<a href=#358 id=358 data-nosnippet>358</a> message.extend_from_slice(client_random);
<a href=#359 id=359 data-nosnippet>359</a> message.extend_from_slice(server_random);
<a href=#360 id=360 data-nosnippet>360</a> message.extend_from_slice(<span class="kw-2">&amp;</span>server_ephemeral_key.kx_params());
<a href=#361 id=361 data-nosnippet>361</a>
<a href=#362 id=362 data-nosnippet>362</a> <span class="kw">let </span>dss = DigitallySignedStruct::new(<span class="self">self</span>.sig.scheme.into(), <span class="self">self</span>.sig.sig.clone());
<a href=#363 id=363 data-nosnippet>363</a>
<a href=#364 id=364 data-nosnippet>364</a><span class="doccomment">/// Errors that can occur when verifying a certificate chain or signature.
<a href=#365 id=365 data-nosnippet>365</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#366 id=366 data-nosnippet>366</a>#[allow(missing_docs)]
<a href=#367 id=367 data-nosnippet>367</a></span><span class="kw">pub enum </span>CertificateVerificationError {
<a href=#368 id=368 data-nosnippet>368</a> <span class="attr">#[error(<span class="string">"invalid server identity: {0}"</span>)]
<a href=#369 id=369 data-nosnippet>369</a> </span>InvalidIdentity(ServerName),
<a href=#370 id=370 data-nosnippet>370</a> <span class="attr">#[error(<span class="string">"missing server certificates"</span>)]
<a href=#371 id=371 data-nosnippet>371</a> </span>MissingCerts,
<a href=#372 id=372 data-nosnippet>372</a> <span class="attr">#[error(<span class="string">"invalid server certificate"</span>)]
<a href=#373 id=373 data-nosnippet>373</a> </span>InvalidCert,
<a href=#374 id=374 data-nosnippet>374</a> <span class="attr">#[error(<span class="string">"invalid server signature"</span>)]
<a href=#375 id=375 data-nosnippet>375</a> </span>InvalidServerSignature,
<a href=#376 id=376 data-nosnippet>376</a> <span class="attr">#[error(<span class="string">"invalid server ephemeral key"</span>)]
<a href=#377 id=377 data-nosnippet>377</a> </span>InvalidServerEphemeralKey,
<a href=#378 id=378 data-nosnippet>378</a>}
<a href=#379 id=379 data-nosnippet>379</a>
<a href=#380 id=380 data-nosnippet>380</a><span class="attr">#[cfg(test)]
<a href=#381 id=381 data-nosnippet>381</a></span><span class="kw">mod </span>tests {
<a href=#382 id=382 data-nosnippet>382</a> <span class="kw">use super</span>::<span class="kw-2">*</span>;
<a href=#383 id=383 data-nosnippet>383</a> <span class="kw">use crate</span>::{
<a href=#384 id=384 data-nosnippet>384</a> fixtures::ConnectionFixture, provider::default_cert_verifier, transcript::Transcript,
<a href=#385 id=385 data-nosnippet>385</a> };
<a href=#386 id=386 data-nosnippet>386</a>
<a href=#387 id=387 data-nosnippet>387</a> <span class="kw">use </span>hex::FromHex;
<a href=#388 id=388 data-nosnippet>388</a> <span class="kw">use </span>rstest::<span class="kw-2">*</span>;
<a href=#389 id=389 data-nosnippet>389</a> <span class="kw">use </span>tls_core::verify::WebPkiVerifier;
<a href=#390 id=390 data-nosnippet>390</a> <span class="kw">use </span>tlsn_data_fixtures::http::{request::GET_WITH_HEADER, response::OK_JSON};
<a href=#391 id=391 data-nosnippet>391</a>
<a href=#392 id=392 data-nosnippet>392</a> <span class="attr">#[fixture]
<a href=#393 id=393 data-nosnippet>393</a> #[once]
<a href=#394 id=394 data-nosnippet>394</a> </span><span class="kw">fn </span>crypto_provider() -&gt; CryptoProvider {
<a href=#395 id=395 data-nosnippet>395</a> <span class="kw">let </span><span class="kw-2">mut </span>store = default_cert_verifier().root_store().clone();
<a href=#396 id=396 data-nosnippet>396</a>
<a href=#397 id=397 data-nosnippet>397</a> <span class="comment">// Add a cert which is no longer included in the Mozilla root store.
<a href=#398 id=398 data-nosnippet>398</a> </span><span class="kw">let </span>cert = tls_core::key::Certificate(
<a href=#399 id=399 data-nosnippet>399</a> appliedzkp()
<a href=#400 id=400 data-nosnippet>400</a> .server_cert_data
<a href=#401 id=401 data-nosnippet>401</a> .certs
<a href=#402 id=402 data-nosnippet>402</a> .last()
<a href=#403 id=403 data-nosnippet>403</a> .expect(<span class="string">"chain is valid"</span>)
<a href=#404 id=404 data-nosnippet>404</a> .<span class="number">0
<a href=#405 id=405 data-nosnippet>405</a> </span>.clone(),
<a href=#406 id=406 data-nosnippet>406</a> );
<a href=#407 id=407 data-nosnippet>407</a>
<a href=#408 id=408 data-nosnippet>408</a> store.add(<span class="kw-2">&amp;</span>cert).unwrap();
<a href=#409 id=409 data-nosnippet>409</a>
<a href=#410 id=410 data-nosnippet>410</a> CryptoProvider {
<a href=#411 id=411 data-nosnippet>411</a> hash: Default::default(),
<a href=#412 id=412 data-nosnippet>412</a> cert: WebPkiVerifier::new(store, <span class="prelude-val">None</span>),
<a href=#413 id=413 data-nosnippet>413</a> signer: Default::default(),
<a href=#414 id=414 data-nosnippet>414</a> signature: Default::default(),
<a href=#415 id=415 data-nosnippet>415</a> }
<a href=#416 id=416 data-nosnippet>416</a> }
<a href=#417 id=417 data-nosnippet>417</a>
<a href=#418 id=418 data-nosnippet>418</a> <span class="kw">fn </span>tlsnotary() -&gt; ConnectionFixture {
<a href=#419 id=419 data-nosnippet>419</a> ConnectionFixture::tlsnotary(Transcript::new(GET_WITH_HEADER, OK_JSON).length())
<a href=#420 id=420 data-nosnippet>420</a> }
<a href=#421 id=421 data-nosnippet>421</a>
<a href=#422 id=422 data-nosnippet>422</a> <span class="kw">fn </span>appliedzkp() -&gt; ConnectionFixture {
<a href=#423 id=423 data-nosnippet>423</a> ConnectionFixture::appliedzkp(Transcript::new(GET_WITH_HEADER, OK_JSON).length())
<a href=#424 id=424 data-nosnippet>424</a> }
<a href=#425 id=425 data-nosnippet>425</a>
<a href=#426 id=426 data-nosnippet>426</a> <span class="doccomment">/// Expect chain verification to succeed.
<a href=#427 id=427 data-nosnippet>427</a> </span><span class="attr">#[rstest]
<a href=#428 id=428 data-nosnippet>428</a> #[case::tlsnotary(tlsnotary())]
<a href=#429 id=429 data-nosnippet>429</a> #[case::appliedzkp(appliedzkp())]
<a href=#430 id=430 data-nosnippet>430</a> </span><span class="kw">fn </span>test_verify_cert_chain_sucess_ca_implicit(
<a href=#431 id=431 data-nosnippet>431</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#432 id=432 data-nosnippet>432</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#433 id=433 data-nosnippet>433</a> ) {
<a href=#434 id=434 data-nosnippet>434</a> <span class="comment">// Remove the CA cert
<a href=#435 id=435 data-nosnippet>435</a> </span>data.server_cert_data.certs.pop();
<a href=#436 id=436 data-nosnippet>436</a>
<a href=#437 id=437 data-nosnippet>437</a> <span class="macro">assert!</span>(data
<a href=#438 id=438 data-nosnippet>438</a> .server_cert_data
<a href=#439 id=439 data-nosnippet>439</a> .verify_with_provider(
<a href=#440 id=440 data-nosnippet>440</a> crypto_provider,
<a href=#441 id=441 data-nosnippet>441</a> data.connection_info.time,
<a href=#442 id=442 data-nosnippet>442</a> data.server_ephemeral_key(),
<a href=#443 id=443 data-nosnippet>443</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#444 id=444 data-nosnippet>444</a> )
<a href=#445 id=445 data-nosnippet>445</a> .is_ok());
<a href=#446 id=446 data-nosnippet>446</a> }
<a href=#447 id=447 data-nosnippet>447</a>
<a href=#448 id=448 data-nosnippet>448</a> <span class="doccomment">/// Expect chain verification to succeed even when a trusted CA is provided
<a href=#449 id=449 data-nosnippet>449</a> /// among the intermediate certs. webpki handles such cases properly.
<a href=#450 id=450 data-nosnippet>450</a> </span><span class="attr">#[rstest]
<a href=#451 id=451 data-nosnippet>451</a> #[case::tlsnotary(tlsnotary())]
<a href=#452 id=452 data-nosnippet>452</a> #[case::appliedzkp(appliedzkp())]
<a href=#453 id=453 data-nosnippet>453</a> </span><span class="kw">fn </span>test_verify_cert_chain_success_ca_explicit(
<a href=#454 id=454 data-nosnippet>454</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#455 id=455 data-nosnippet>455</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#456 id=456 data-nosnippet>456</a> ) {
<a href=#457 id=457 data-nosnippet>457</a> <span class="macro">assert!</span>(data
<a href=#458 id=458 data-nosnippet>458</a> .server_cert_data
<a href=#459 id=459 data-nosnippet>459</a> .verify_with_provider(
<a href=#460 id=460 data-nosnippet>460</a> crypto_provider,
<a href=#461 id=461 data-nosnippet>461</a> data.connection_info.time,
<a href=#462 id=462 data-nosnippet>462</a> data.server_ephemeral_key(),
<a href=#463 id=463 data-nosnippet>463</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#464 id=464 data-nosnippet>464</a> )
<a href=#465 id=465 data-nosnippet>465</a> .is_ok());
<a href=#466 id=466 data-nosnippet>466</a> }
<a href=#467 id=467 data-nosnippet>467</a>
<a href=#468 id=468 data-nosnippet>468</a> <span class="doccomment">/// Expect to fail since the end entity cert was not valid at the time.
<a href=#469 id=469 data-nosnippet>469</a> </span><span class="attr">#[rstest]
<a href=#470 id=470 data-nosnippet>470</a> #[case::tlsnotary(tlsnotary())]
<a href=#471 id=471 data-nosnippet>471</a> #[case::appliedzkp(appliedzkp())]
<a href=#472 id=472 data-nosnippet>472</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_bad_time(
<a href=#473 id=473 data-nosnippet>473</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#474 id=474 data-nosnippet>474</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#475 id=475 data-nosnippet>475</a> ) {
<a href=#476 id=476 data-nosnippet>476</a> <span class="comment">// unix time when the cert chain was NOT valid
<a href=#477 id=477 data-nosnippet>477</a> </span><span class="kw">let </span>bad_time: u64 = <span class="number">1571465711</span>;
<a href=#478 id=478 data-nosnippet>478</a>
<a href=#479 id=479 data-nosnippet>479</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#480 id=480 data-nosnippet>480</a> crypto_provider,
<a href=#481 id=481 data-nosnippet>481</a> bad_time,
<a href=#482 id=482 data-nosnippet>482</a> data.server_ephemeral_key(),
<a href=#483 id=483 data-nosnippet>483</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#484 id=484 data-nosnippet>484</a> );
<a href=#485 id=485 data-nosnippet>485</a>
<a href=#486 id=486 data-nosnippet>486</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#487 id=487 data-nosnippet>487</a> err.unwrap_err(),
<a href=#488 id=488 data-nosnippet>488</a> CertificateVerificationError::InvalidCert
<a href=#489 id=489 data-nosnippet>489</a> ));
<a href=#490 id=490 data-nosnippet>490</a> }
<a href=#491 id=491 data-nosnippet>491</a>
<a href=#492 id=492 data-nosnippet>492</a> <span class="doccomment">/// Expect to fail when no intermediate cert provided.
<a href=#493 id=493 data-nosnippet>493</a> </span><span class="attr">#[rstest]
<a href=#494 id=494 data-nosnippet>494</a> #[case::tlsnotary(tlsnotary())]
<a href=#495 id=495 data-nosnippet>495</a> #[case::appliedzkp(appliedzkp())]
<a href=#496 id=496 data-nosnippet>496</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_interm_cert(
<a href=#497 id=497 data-nosnippet>497</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#498 id=498 data-nosnippet>498</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#499 id=499 data-nosnippet>499</a> ) {
<a href=#500 id=500 data-nosnippet>500</a> <span class="comment">// Remove the CA cert
<a href=#501 id=501 data-nosnippet>501</a> </span>data.server_cert_data.certs.pop();
<a href=#502 id=502 data-nosnippet>502</a> <span class="comment">// Remove the intermediate cert
<a href=#503 id=503 data-nosnippet>503</a> </span>data.server_cert_data.certs.pop();
<a href=#504 id=504 data-nosnippet>504</a>
<a href=#505 id=505 data-nosnippet>505</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#506 id=506 data-nosnippet>506</a> crypto_provider,
<a href=#507 id=507 data-nosnippet>507</a> data.connection_info.time,
<a href=#508 id=508 data-nosnippet>508</a> data.server_ephemeral_key(),
<a href=#509 id=509 data-nosnippet>509</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#510 id=510 data-nosnippet>510</a> );
<a href=#511 id=511 data-nosnippet>511</a>
<a href=#512 id=512 data-nosnippet>512</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#513 id=513 data-nosnippet>513</a> err.unwrap_err(),
<a href=#514 id=514 data-nosnippet>514</a> CertificateVerificationError::InvalidCert
<a href=#515 id=515 data-nosnippet>515</a> ));
<a href=#516 id=516 data-nosnippet>516</a> }
<a href=#517 id=517 data-nosnippet>517</a>
<a href=#518 id=518 data-nosnippet>518</a> <span class="doccomment">/// Expect to fail when no intermediate cert provided even if a trusted CA
<a href=#519 id=519 data-nosnippet>519</a> /// cert is provided.
<a href=#520 id=520 data-nosnippet>520</a> </span><span class="attr">#[rstest]
<a href=#521 id=521 data-nosnippet>521</a> #[case::tlsnotary(tlsnotary())]
<a href=#522 id=522 data-nosnippet>522</a> #[case::appliedzkp(appliedzkp())]
<a href=#523 id=523 data-nosnippet>523</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_interm_cert_with_ca_cert(
<a href=#524 id=524 data-nosnippet>524</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#525 id=525 data-nosnippet>525</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#526 id=526 data-nosnippet>526</a> ) {
<a href=#527 id=527 data-nosnippet>527</a> <span class="comment">// Remove the intermediate cert
<a href=#528 id=528 data-nosnippet>528</a> </span>data.server_cert_data.certs.remove(<span class="number">1</span>);
<a href=#529 id=529 data-nosnippet>529</a>
<a href=#530 id=530 data-nosnippet>530</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#531 id=531 data-nosnippet>531</a> crypto_provider,
<a href=#532 id=532 data-nosnippet>532</a> data.connection_info.time,
<a href=#533 id=533 data-nosnippet>533</a> data.server_ephemeral_key(),
<a href=#534 id=534 data-nosnippet>534</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#535 id=535 data-nosnippet>535</a> );
<a href=#536 id=536 data-nosnippet>536</a>
<a href=#537 id=537 data-nosnippet>537</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#538 id=538 data-nosnippet>538</a> err.unwrap_err(),
<a href=#539 id=539 data-nosnippet>539</a> CertificateVerificationError::InvalidCert
<a href=#540 id=540 data-nosnippet>540</a> ));
<a href=#541 id=541 data-nosnippet>541</a> }
<a href=#542 id=542 data-nosnippet>542</a>
<a href=#543 id=543 data-nosnippet>543</a> <span class="doccomment">/// Expect to fail because end-entity cert is wrong.
<a href=#544 id=544 data-nosnippet>544</a> </span><span class="attr">#[rstest]
<a href=#545 id=545 data-nosnippet>545</a> #[case::tlsnotary(tlsnotary())]
<a href=#546 id=546 data-nosnippet>546</a> #[case::appliedzkp(appliedzkp())]
<a href=#547 id=547 data-nosnippet>547</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_bad_ee_cert(
<a href=#548 id=548 data-nosnippet>548</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#549 id=549 data-nosnippet>549</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#550 id=550 data-nosnippet>550</a> ) {
<a href=#551 id=551 data-nosnippet>551</a> <span class="kw">let </span>ee: <span class="kw-2">&amp;</span>[u8] = <span class="macro">include_bytes!</span>(<span class="string">"./fixtures/data/unknown/ee.der"</span>);
<a href=#552 id=552 data-nosnippet>552</a>
<a href=#553 id=553 data-nosnippet>553</a> <span class="comment">// Change the end entity cert
<a href=#554 id=554 data-nosnippet>554</a> </span>data.server_cert_data.certs[<span class="number">0</span>] = Certificate(ee.to_vec());
<a href=#555 id=555 data-nosnippet>555</a>
<a href=#556 id=556 data-nosnippet>556</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#557 id=557 data-nosnippet>557</a> crypto_provider,
<a href=#558 id=558 data-nosnippet>558</a> data.connection_info.time,
<a href=#559 id=559 data-nosnippet>559</a> data.server_ephemeral_key(),
<a href=#560 id=560 data-nosnippet>560</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#561 id=561 data-nosnippet>561</a> );
<a href=#562 id=562 data-nosnippet>562</a>
<a href=#563 id=563 data-nosnippet>563</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#564 id=564 data-nosnippet>564</a> err.unwrap_err(),
<a href=#565 id=565 data-nosnippet>565</a> CertificateVerificationError::InvalidCert
<a href=#566 id=566 data-nosnippet>566</a> ));
<a href=#567 id=567 data-nosnippet>567</a> }
<a href=#568 id=568 data-nosnippet>568</a>
<a href=#569 id=569 data-nosnippet>569</a> <span class="doccomment">/// Expect sig verification to fail because client_random is wrong.
<a href=#570 id=570 data-nosnippet>570</a> </span><span class="attr">#[rstest]
<a href=#571 id=571 data-nosnippet>571</a> #[case::tlsnotary(tlsnotary())]
<a href=#572 id=572 data-nosnippet>572</a> #[case::appliedzkp(appliedzkp())]
<a href=#573 id=573 data-nosnippet>573</a> </span><span class="kw">fn </span>test_verify_sig_ke_params_fail_bad_client_random(
<a href=#574 id=574 data-nosnippet>574</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#575 id=575 data-nosnippet>575</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#576 id=576 data-nosnippet>576</a> ) {
<a href=#577 id=577 data-nosnippet>577</a> <span class="kw">let </span>HandshakeData::V1_2(HandshakeDataV1_2 { client_random, .. }) =
<a href=#578 id=578 data-nosnippet>578</a> <span class="kw-2">&amp;mut </span>data.server_cert_data.handshake;
<a href=#579 id=579 data-nosnippet>579</a> client_random[<span class="number">31</span>] = client_random[<span class="number">31</span>].wrapping_add(<span class="number">1</span>);
<a href=#580 id=580 data-nosnippet>580</a>
<a href=#581 id=581 data-nosnippet>581</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#582 id=582 data-nosnippet>582</a> crypto_provider,
<a href=#583 id=583 data-nosnippet>583</a> data.connection_info.time,
<a href=#584 id=584 data-nosnippet>584</a> data.server_ephemeral_key(),
<a href=#585 id=585 data-nosnippet>585</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#586 id=586 data-nosnippet>586</a> );
<a href=#587 id=587 data-nosnippet>587</a>
<a href=#588 id=588 data-nosnippet>588</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#589 id=589 data-nosnippet>589</a> err.unwrap_err(),
<a href=#590 id=590 data-nosnippet>590</a> CertificateVerificationError::InvalidServerSignature
<a href=#591 id=591 data-nosnippet>591</a> ));
<a href=#592 id=592 data-nosnippet>592</a> }
<a href=#593 id=593 data-nosnippet>593</a>
<a href=#594 id=594 data-nosnippet>594</a> <span class="doccomment">/// Expect sig verification to fail because the sig is wrong.
<a href=#595 id=595 data-nosnippet>595</a> </span><span class="attr">#[rstest]
<a href=#596 id=596 data-nosnippet>596</a> #[case::tlsnotary(tlsnotary())]
<a href=#597 id=597 data-nosnippet>597</a> #[case::appliedzkp(appliedzkp())]
<a href=#598 id=598 data-nosnippet>598</a> </span><span class="kw">fn </span>test_verify_sig_ke_params_fail_bad_sig(
<a href=#599 id=599 data-nosnippet>599</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#600 id=600 data-nosnippet>600</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#601 id=601 data-nosnippet>601</a> ) {
<a href=#602 id=602 data-nosnippet>602</a> data.server_cert_data.sig.sig[<span class="number">31</span>] = data.server_cert_data.sig.sig[<span class="number">31</span>].wrapping_add(<span class="number">1</span>);
<a href=#603 id=603 data-nosnippet>603</a>
<a href=#604 id=604 data-nosnippet>604</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#605 id=605 data-nosnippet>605</a> crypto_provider,
<a href=#606 id=606 data-nosnippet>606</a> data.connection_info.time,
<a href=#607 id=607 data-nosnippet>607</a> data.server_ephemeral_key(),
<a href=#608 id=608 data-nosnippet>608</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#609 id=609 data-nosnippet>609</a> );
<a href=#610 id=610 data-nosnippet>610</a>
<a href=#611 id=611 data-nosnippet>611</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#612 id=612 data-nosnippet>612</a> err.unwrap_err(),
<a href=#613 id=613 data-nosnippet>613</a> CertificateVerificationError::InvalidServerSignature
<a href=#614 id=614 data-nosnippet>614</a> ));
<a href=#615 id=615 data-nosnippet>615</a> }
<a href=#616 id=616 data-nosnippet>616</a>
<a href=#617 id=617 data-nosnippet>617</a> <span class="doccomment">/// Expect to fail because the dns name is not in the cert.
<a href=#618 id=618 data-nosnippet>618</a> </span><span class="attr">#[rstest]
<a href=#619 id=619 data-nosnippet>619</a> #[case::tlsnotary(tlsnotary())]
<a href=#620 id=620 data-nosnippet>620</a> #[case::appliedzkp(appliedzkp())]
<a href=#621 id=621 data-nosnippet>621</a> </span><span class="kw">fn </span>test_check_dns_name_present_in_cert_fail_bad_host(
<a href=#622 id=622 data-nosnippet>622</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#623 id=623 data-nosnippet>623</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#624 id=624 data-nosnippet>624</a> ) {
<a href=#625 id=625 data-nosnippet>625</a> <span class="kw">let </span>bad_name = ServerName::from(<span class="string">"badhost.com"</span>);
<a href=#626 id=626 data-nosnippet>626</a>
<a href=#627 id=627 data-nosnippet>627</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#628 id=628 data-nosnippet>628</a> crypto_provider,
<a href=#629 id=629 data-nosnippet>629</a> data.connection_info.time,
<a href=#630 id=630 data-nosnippet>630</a> data.server_ephemeral_key(),
<a href=#631 id=631 data-nosnippet>631</a> <span class="kw-2">&amp;</span>bad_name,
<a href=#632 id=632 data-nosnippet>632</a> );
<a href=#633 id=633 data-nosnippet>633</a>
<a href=#634 id=634 data-nosnippet>634</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#635 id=635 data-nosnippet>635</a> err.unwrap_err(),
<a href=#636 id=636 data-nosnippet>636</a> CertificateVerificationError::InvalidCert
<a href=#637 id=637 data-nosnippet>637</a> ));
<a href=#638 id=638 data-nosnippet>638</a> }
<a href=#639 id=639 data-nosnippet>639</a>
<a href=#640 id=640 data-nosnippet>640</a> <span class="doccomment">/// Expect to fail because the ephemeral key provided is wrong.
<a href=#641 id=641 data-nosnippet>641</a> </span><span class="attr">#[rstest]
<a href=#642 id=642 data-nosnippet>642</a> #[case::tlsnotary(tlsnotary())]
<a href=#643 id=643 data-nosnippet>643</a> #[case::appliedzkp(appliedzkp())]
<a href=#644 id=644 data-nosnippet>644</a> </span><span class="kw">fn </span>test_invalid_ephemeral_key(
<a href=#645 id=645 data-nosnippet>645</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#646 id=646 data-nosnippet>646</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#647 id=647 data-nosnippet>647</a> ) {
<a href=#648 id=648 data-nosnippet>648</a> <span class="kw">let </span>wrong_ephemeral_key = ServerEphemKey {
<a href=#649 id=649 data-nosnippet>649</a> typ: KeyType::SECP256R1,
<a href=#650 id=650 data-nosnippet>650</a> key: Vec::&lt;u8&gt;::from_hex(<span class="macro">include_bytes!</span>(<span class="string">"./fixtures/data/unknown/pubkey"</span>)).unwrap(),
<a href=#651 id=651 data-nosnippet>651</a> };
<a href=#652 id=652 data-nosnippet>652</a>
<a href=#653 id=653 data-nosnippet>653</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#654 id=654 data-nosnippet>654</a> crypto_provider,
<a href=#655 id=655 data-nosnippet>655</a> data.connection_info.time,
<a href=#656 id=656 data-nosnippet>656</a> <span class="kw-2">&amp;</span>wrong_ephemeral_key,
<a href=#657 id=657 data-nosnippet>657</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#658 id=658 data-nosnippet>658</a> );
<a href=#659 id=659 data-nosnippet>659</a>
<a href=#660 id=660 data-nosnippet>660</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#661 id=661 data-nosnippet>661</a> err.unwrap_err(),
<a href=#662 id=662 data-nosnippet>662</a> CertificateVerificationError::InvalidServerEphemeralKey
<a href=#663 id=663 data-nosnippet>663</a> ));
<a href=#664 id=664 data-nosnippet>664</a> }
<a href=#665 id=665 data-nosnippet>665</a>
<a href=#666 id=666 data-nosnippet>666</a> <span class="doccomment">/// Expect to fail when no cert provided.
<a href=#667 id=667 data-nosnippet>667</a> </span><span class="attr">#[rstest]
<a href=#668 id=668 data-nosnippet>668</a> #[case::tlsnotary(tlsnotary())]
<a href=#669 id=669 data-nosnippet>669</a> #[case::appliedzkp(appliedzkp())]
<a href=#670 id=670 data-nosnippet>670</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_cert(
<a href=#671 id=671 data-nosnippet>671</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#672 id=672 data-nosnippet>672</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#673 id=673 data-nosnippet>673</a> ) {
<a href=#674 id=674 data-nosnippet>674</a> <span class="comment">// Empty certs
<a href=#675 id=675 data-nosnippet>675</a> </span>data.server_cert_data.certs = Vec::new();
<a href=#676 id=676 data-nosnippet>676</a>
<a href=#677 id=677 data-nosnippet>677</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#678 id=678 data-nosnippet>678</a> crypto_provider,
<a href=#679 id=679 data-nosnippet>679</a> data.connection_info.time,
<a href=#680 id=680 data-nosnippet>680</a> data.server_ephemeral_key(),
<a href=#681 id=681 data-nosnippet>681</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#682 id=682 data-nosnippet>682</a> );
<a href=#683 id=683 data-nosnippet>683</a>
<a href=#684 id=684 data-nosnippet>684</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#685 id=685 data-nosnippet>685</a> err.unwrap_err(),
<a href=#686 id=686 data-nosnippet>686</a> CertificateVerificationError::MissingCerts
<a href=#687 id=687 data-nosnippet>687</a> ));
<a href=#688 id=688 data-nosnippet>688</a> }
<a href=#689 id=689 data-nosnippet>689</a>}</code></pre></div></section></main></body></html>
<a href=#364 id=364 data-nosnippet>364</a> provider
<a href=#365 id=365 data-nosnippet>365</a> .cert
<a href=#366 id=366 data-nosnippet>366</a> .verify_tls12_signature(<span class="kw-2">&amp;</span>message, end_entity, <span class="kw-2">&amp;</span>dss)
<a href=#367 id=367 data-nosnippet>367</a> .map_err(|<span class="kw">_</span>| CertificateVerificationError::InvalidServerSignature)<span class="question-mark">?</span>;
<a href=#368 id=368 data-nosnippet>368</a>
<a href=#369 id=369 data-nosnippet>369</a> <span class="prelude-val">Ok</span>(())
<a href=#370 id=370 data-nosnippet>370</a> }
<a href=#371 id=371 data-nosnippet>371</a>}
<a href=#372 id=372 data-nosnippet>372</a>
<a href=#373 id=373 data-nosnippet>373</a><span class="doccomment">/// Errors that can occur when verifying a certificate chain or signature.
<a href=#374 id=374 data-nosnippet>374</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#375 id=375 data-nosnippet>375</a>#[allow(missing_docs)]
<a href=#376 id=376 data-nosnippet>376</a></span><span class="kw">pub enum </span>CertificateVerificationError {
<a href=#377 id=377 data-nosnippet>377</a> <span class="attr">#[error(<span class="string">"invalid server identity: {0}"</span>)]
<a href=#378 id=378 data-nosnippet>378</a> </span>InvalidIdentity(ServerName),
<a href=#379 id=379 data-nosnippet>379</a> <span class="attr">#[error(<span class="string">"missing server certificates"</span>)]
<a href=#380 id=380 data-nosnippet>380</a> </span>MissingCerts,
<a href=#381 id=381 data-nosnippet>381</a> <span class="attr">#[error(<span class="string">"invalid server certificate"</span>)]
<a href=#382 id=382 data-nosnippet>382</a> </span>InvalidCert,
<a href=#383 id=383 data-nosnippet>383</a> <span class="attr">#[error(<span class="string">"invalid server signature"</span>)]
<a href=#384 id=384 data-nosnippet>384</a> </span>InvalidServerSignature,
<a href=#385 id=385 data-nosnippet>385</a> <span class="attr">#[error(<span class="string">"invalid server ephemeral key"</span>)]
<a href=#386 id=386 data-nosnippet>386</a> </span>InvalidServerEphemeralKey,
<a href=#387 id=387 data-nosnippet>387</a>}
<a href=#388 id=388 data-nosnippet>388</a>
<a href=#389 id=389 data-nosnippet>389</a><span class="attr">#[cfg(test)]
<a href=#390 id=390 data-nosnippet>390</a></span><span class="kw">mod </span>tests {
<a href=#391 id=391 data-nosnippet>391</a> <span class="kw">use super</span>::<span class="kw-2">*</span>;
<a href=#392 id=392 data-nosnippet>392</a> <span class="kw">use crate</span>::{
<a href=#393 id=393 data-nosnippet>393</a> fixtures::ConnectionFixture, provider::default_cert_verifier, transcript::Transcript,
<a href=#394 id=394 data-nosnippet>394</a> };
<a href=#395 id=395 data-nosnippet>395</a>
<a href=#396 id=396 data-nosnippet>396</a> <span class="kw">use </span>hex::FromHex;
<a href=#397 id=397 data-nosnippet>397</a> <span class="kw">use </span>rstest::<span class="kw-2">*</span>;
<a href=#398 id=398 data-nosnippet>398</a> <span class="kw">use </span>tls_core::verify::WebPkiVerifier;
<a href=#399 id=399 data-nosnippet>399</a> <span class="kw">use </span>tlsn_data_fixtures::http::{request::GET_WITH_HEADER, response::OK_JSON};
<a href=#400 id=400 data-nosnippet>400</a>
<a href=#401 id=401 data-nosnippet>401</a> <span class="attr">#[fixture]
<a href=#402 id=402 data-nosnippet>402</a> #[once]
<a href=#403 id=403 data-nosnippet>403</a> </span><span class="kw">fn </span>crypto_provider() -&gt; CryptoProvider {
<a href=#404 id=404 data-nosnippet>404</a> <span class="kw">let </span><span class="kw-2">mut </span>store = default_cert_verifier().root_store().clone();
<a href=#405 id=405 data-nosnippet>405</a>
<a href=#406 id=406 data-nosnippet>406</a> <span class="comment">// Add a cert which is no longer included in the Mozilla root store.
<a href=#407 id=407 data-nosnippet>407</a> </span><span class="kw">let </span>cert = tls_core::key::Certificate(
<a href=#408 id=408 data-nosnippet>408</a> appliedzkp()
<a href=#409 id=409 data-nosnippet>409</a> .server_cert_data
<a href=#410 id=410 data-nosnippet>410</a> .certs
<a href=#411 id=411 data-nosnippet>411</a> .last()
<a href=#412 id=412 data-nosnippet>412</a> .expect(<span class="string">"chain is valid"</span>)
<a href=#413 id=413 data-nosnippet>413</a> .<span class="number">0
<a href=#414 id=414 data-nosnippet>414</a> </span>.clone(),
<a href=#415 id=415 data-nosnippet>415</a> );
<a href=#416 id=416 data-nosnippet>416</a>
<a href=#417 id=417 data-nosnippet>417</a> store.add(<span class="kw-2">&amp;</span>cert).unwrap();
<a href=#418 id=418 data-nosnippet>418</a>
<a href=#419 id=419 data-nosnippet>419</a> CryptoProvider {
<a href=#420 id=420 data-nosnippet>420</a> hash: Default::default(),
<a href=#421 id=421 data-nosnippet>421</a> cert: WebPkiVerifier::new(store, <span class="prelude-val">None</span>),
<a href=#422 id=422 data-nosnippet>422</a> signer: Default::default(),
<a href=#423 id=423 data-nosnippet>423</a> signature: Default::default(),
<a href=#424 id=424 data-nosnippet>424</a> }
<a href=#425 id=425 data-nosnippet>425</a> }
<a href=#426 id=426 data-nosnippet>426</a>
<a href=#427 id=427 data-nosnippet>427</a> <span class="kw">fn </span>tlsnotary() -&gt; ConnectionFixture {
<a href=#428 id=428 data-nosnippet>428</a> ConnectionFixture::tlsnotary(Transcript::new(GET_WITH_HEADER, OK_JSON).length())
<a href=#429 id=429 data-nosnippet>429</a> }
<a href=#430 id=430 data-nosnippet>430</a>
<a href=#431 id=431 data-nosnippet>431</a> <span class="kw">fn </span>appliedzkp() -&gt; ConnectionFixture {
<a href=#432 id=432 data-nosnippet>432</a> ConnectionFixture::appliedzkp(Transcript::new(GET_WITH_HEADER, OK_JSON).length())
<a href=#433 id=433 data-nosnippet>433</a> }
<a href=#434 id=434 data-nosnippet>434</a>
<a href=#435 id=435 data-nosnippet>435</a> <span class="doccomment">/// Expect chain verification to succeed.
<a href=#436 id=436 data-nosnippet>436</a> </span><span class="attr">#[rstest]
<a href=#437 id=437 data-nosnippet>437</a> #[case::tlsnotary(tlsnotary())]
<a href=#438 id=438 data-nosnippet>438</a> #[case::appliedzkp(appliedzkp())]
<a href=#439 id=439 data-nosnippet>439</a> </span><span class="kw">fn </span>test_verify_cert_chain_sucess_ca_implicit(
<a href=#440 id=440 data-nosnippet>440</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#441 id=441 data-nosnippet>441</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#442 id=442 data-nosnippet>442</a> ) {
<a href=#443 id=443 data-nosnippet>443</a> <span class="comment">// Remove the CA cert
<a href=#444 id=444 data-nosnippet>444</a> </span>data.server_cert_data.certs.pop();
<a href=#445 id=445 data-nosnippet>445</a>
<a href=#446 id=446 data-nosnippet>446</a> <span class="macro">assert!</span>(data
<a href=#447 id=447 data-nosnippet>447</a> .server_cert_data
<a href=#448 id=448 data-nosnippet>448</a> .verify_with_provider(
<a href=#449 id=449 data-nosnippet>449</a> crypto_provider,
<a href=#450 id=450 data-nosnippet>450</a> data.connection_info.time,
<a href=#451 id=451 data-nosnippet>451</a> data.server_ephemeral_key(),
<a href=#452 id=452 data-nosnippet>452</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#453 id=453 data-nosnippet>453</a> )
<a href=#454 id=454 data-nosnippet>454</a> .is_ok());
<a href=#455 id=455 data-nosnippet>455</a> }
<a href=#456 id=456 data-nosnippet>456</a>
<a href=#457 id=457 data-nosnippet>457</a> <span class="doccomment">/// Expect chain verification to succeed even when a trusted CA is provided
<a href=#458 id=458 data-nosnippet>458</a> /// among the intermediate certs. webpki handles such cases properly.
<a href=#459 id=459 data-nosnippet>459</a> </span><span class="attr">#[rstest]
<a href=#460 id=460 data-nosnippet>460</a> #[case::tlsnotary(tlsnotary())]
<a href=#461 id=461 data-nosnippet>461</a> #[case::appliedzkp(appliedzkp())]
<a href=#462 id=462 data-nosnippet>462</a> </span><span class="kw">fn </span>test_verify_cert_chain_success_ca_explicit(
<a href=#463 id=463 data-nosnippet>463</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#464 id=464 data-nosnippet>464</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#465 id=465 data-nosnippet>465</a> ) {
<a href=#466 id=466 data-nosnippet>466</a> <span class="macro">assert!</span>(data
<a href=#467 id=467 data-nosnippet>467</a> .server_cert_data
<a href=#468 id=468 data-nosnippet>468</a> .verify_with_provider(
<a href=#469 id=469 data-nosnippet>469</a> crypto_provider,
<a href=#470 id=470 data-nosnippet>470</a> data.connection_info.time,
<a href=#471 id=471 data-nosnippet>471</a> data.server_ephemeral_key(),
<a href=#472 id=472 data-nosnippet>472</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#473 id=473 data-nosnippet>473</a> )
<a href=#474 id=474 data-nosnippet>474</a> .is_ok());
<a href=#475 id=475 data-nosnippet>475</a> }
<a href=#476 id=476 data-nosnippet>476</a>
<a href=#477 id=477 data-nosnippet>477</a> <span class="doccomment">/// Expect to fail since the end entity cert was not valid at the time.
<a href=#478 id=478 data-nosnippet>478</a> </span><span class="attr">#[rstest]
<a href=#479 id=479 data-nosnippet>479</a> #[case::tlsnotary(tlsnotary())]
<a href=#480 id=480 data-nosnippet>480</a> #[case::appliedzkp(appliedzkp())]
<a href=#481 id=481 data-nosnippet>481</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_bad_time(
<a href=#482 id=482 data-nosnippet>482</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#483 id=483 data-nosnippet>483</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#484 id=484 data-nosnippet>484</a> ) {
<a href=#485 id=485 data-nosnippet>485</a> <span class="comment">// unix time when the cert chain was NOT valid
<a href=#486 id=486 data-nosnippet>486</a> </span><span class="kw">let </span>bad_time: u64 = <span class="number">1571465711</span>;
<a href=#487 id=487 data-nosnippet>487</a>
<a href=#488 id=488 data-nosnippet>488</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#489 id=489 data-nosnippet>489</a> crypto_provider,
<a href=#490 id=490 data-nosnippet>490</a> bad_time,
<a href=#491 id=491 data-nosnippet>491</a> data.server_ephemeral_key(),
<a href=#492 id=492 data-nosnippet>492</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#493 id=493 data-nosnippet>493</a> );
<a href=#494 id=494 data-nosnippet>494</a>
<a href=#495 id=495 data-nosnippet>495</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#496 id=496 data-nosnippet>496</a> err.unwrap_err(),
<a href=#497 id=497 data-nosnippet>497</a> CertificateVerificationError::InvalidCert
<a href=#498 id=498 data-nosnippet>498</a> ));
<a href=#499 id=499 data-nosnippet>499</a> }
<a href=#500 id=500 data-nosnippet>500</a>
<a href=#501 id=501 data-nosnippet>501</a> <span class="doccomment">/// Expect to fail when no intermediate cert provided.
<a href=#502 id=502 data-nosnippet>502</a> </span><span class="attr">#[rstest]
<a href=#503 id=503 data-nosnippet>503</a> #[case::tlsnotary(tlsnotary())]
<a href=#504 id=504 data-nosnippet>504</a> #[case::appliedzkp(appliedzkp())]
<a href=#505 id=505 data-nosnippet>505</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_interm_cert(
<a href=#506 id=506 data-nosnippet>506</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#507 id=507 data-nosnippet>507</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#508 id=508 data-nosnippet>508</a> ) {
<a href=#509 id=509 data-nosnippet>509</a> <span class="comment">// Remove the CA cert
<a href=#510 id=510 data-nosnippet>510</a> </span>data.server_cert_data.certs.pop();
<a href=#511 id=511 data-nosnippet>511</a> <span class="comment">// Remove the intermediate cert
<a href=#512 id=512 data-nosnippet>512</a> </span>data.server_cert_data.certs.pop();
<a href=#513 id=513 data-nosnippet>513</a>
<a href=#514 id=514 data-nosnippet>514</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#515 id=515 data-nosnippet>515</a> crypto_provider,
<a href=#516 id=516 data-nosnippet>516</a> data.connection_info.time,
<a href=#517 id=517 data-nosnippet>517</a> data.server_ephemeral_key(),
<a href=#518 id=518 data-nosnippet>518</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#519 id=519 data-nosnippet>519</a> );
<a href=#520 id=520 data-nosnippet>520</a>
<a href=#521 id=521 data-nosnippet>521</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#522 id=522 data-nosnippet>522</a> err.unwrap_err(),
<a href=#523 id=523 data-nosnippet>523</a> CertificateVerificationError::InvalidCert
<a href=#524 id=524 data-nosnippet>524</a> ));
<a href=#525 id=525 data-nosnippet>525</a> }
<a href=#526 id=526 data-nosnippet>526</a>
<a href=#527 id=527 data-nosnippet>527</a> <span class="doccomment">/// Expect to fail when no intermediate cert provided even if a trusted CA
<a href=#528 id=528 data-nosnippet>528</a> /// cert is provided.
<a href=#529 id=529 data-nosnippet>529</a> </span><span class="attr">#[rstest]
<a href=#530 id=530 data-nosnippet>530</a> #[case::tlsnotary(tlsnotary())]
<a href=#531 id=531 data-nosnippet>531</a> #[case::appliedzkp(appliedzkp())]
<a href=#532 id=532 data-nosnippet>532</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_interm_cert_with_ca_cert(
<a href=#533 id=533 data-nosnippet>533</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#534 id=534 data-nosnippet>534</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#535 id=535 data-nosnippet>535</a> ) {
<a href=#536 id=536 data-nosnippet>536</a> <span class="comment">// Remove the intermediate cert
<a href=#537 id=537 data-nosnippet>537</a> </span>data.server_cert_data.certs.remove(<span class="number">1</span>);
<a href=#538 id=538 data-nosnippet>538</a>
<a href=#539 id=539 data-nosnippet>539</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#540 id=540 data-nosnippet>540</a> crypto_provider,
<a href=#541 id=541 data-nosnippet>541</a> data.connection_info.time,
<a href=#542 id=542 data-nosnippet>542</a> data.server_ephemeral_key(),
<a href=#543 id=543 data-nosnippet>543</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#544 id=544 data-nosnippet>544</a> );
<a href=#545 id=545 data-nosnippet>545</a>
<a href=#546 id=546 data-nosnippet>546</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#547 id=547 data-nosnippet>547</a> err.unwrap_err(),
<a href=#548 id=548 data-nosnippet>548</a> CertificateVerificationError::InvalidCert
<a href=#549 id=549 data-nosnippet>549</a> ));
<a href=#550 id=550 data-nosnippet>550</a> }
<a href=#551 id=551 data-nosnippet>551</a>
<a href=#552 id=552 data-nosnippet>552</a> <span class="doccomment">/// Expect to fail because end-entity cert is wrong.
<a href=#553 id=553 data-nosnippet>553</a> </span><span class="attr">#[rstest]
<a href=#554 id=554 data-nosnippet>554</a> #[case::tlsnotary(tlsnotary())]
<a href=#555 id=555 data-nosnippet>555</a> #[case::appliedzkp(appliedzkp())]
<a href=#556 id=556 data-nosnippet>556</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_bad_ee_cert(
<a href=#557 id=557 data-nosnippet>557</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#558 id=558 data-nosnippet>558</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#559 id=559 data-nosnippet>559</a> ) {
<a href=#560 id=560 data-nosnippet>560</a> <span class="kw">let </span>ee: <span class="kw-2">&amp;</span>[u8] = <span class="macro">include_bytes!</span>(<span class="string">"./fixtures/data/unknown/ee.der"</span>);
<a href=#561 id=561 data-nosnippet>561</a>
<a href=#562 id=562 data-nosnippet>562</a> <span class="comment">// Change the end entity cert
<a href=#563 id=563 data-nosnippet>563</a> </span>data.server_cert_data.certs[<span class="number">0</span>] = Certificate(ee.to_vec());
<a href=#564 id=564 data-nosnippet>564</a>
<a href=#565 id=565 data-nosnippet>565</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#566 id=566 data-nosnippet>566</a> crypto_provider,
<a href=#567 id=567 data-nosnippet>567</a> data.connection_info.time,
<a href=#568 id=568 data-nosnippet>568</a> data.server_ephemeral_key(),
<a href=#569 id=569 data-nosnippet>569</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#570 id=570 data-nosnippet>570</a> );
<a href=#571 id=571 data-nosnippet>571</a>
<a href=#572 id=572 data-nosnippet>572</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#573 id=573 data-nosnippet>573</a> err.unwrap_err(),
<a href=#574 id=574 data-nosnippet>574</a> CertificateVerificationError::InvalidCert
<a href=#575 id=575 data-nosnippet>575</a> ));
<a href=#576 id=576 data-nosnippet>576</a> }
<a href=#577 id=577 data-nosnippet>577</a>
<a href=#578 id=578 data-nosnippet>578</a> <span class="doccomment">/// Expect sig verification to fail because client_random is wrong.
<a href=#579 id=579 data-nosnippet>579</a> </span><span class="attr">#[rstest]
<a href=#580 id=580 data-nosnippet>580</a> #[case::tlsnotary(tlsnotary())]
<a href=#581 id=581 data-nosnippet>581</a> #[case::appliedzkp(appliedzkp())]
<a href=#582 id=582 data-nosnippet>582</a> </span><span class="kw">fn </span>test_verify_sig_ke_params_fail_bad_client_random(
<a href=#583 id=583 data-nosnippet>583</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#584 id=584 data-nosnippet>584</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#585 id=585 data-nosnippet>585</a> ) {
<a href=#586 id=586 data-nosnippet>586</a> <span class="kw">let </span>HandshakeData::V1_2(HandshakeDataV1_2 { client_random, .. }) =
<a href=#587 id=587 data-nosnippet>587</a> <span class="kw-2">&amp;mut </span>data.server_cert_data.handshake;
<a href=#588 id=588 data-nosnippet>588</a> client_random[<span class="number">31</span>] = client_random[<span class="number">31</span>].wrapping_add(<span class="number">1</span>);
<a href=#589 id=589 data-nosnippet>589</a>
<a href=#590 id=590 data-nosnippet>590</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#591 id=591 data-nosnippet>591</a> crypto_provider,
<a href=#592 id=592 data-nosnippet>592</a> data.connection_info.time,
<a href=#593 id=593 data-nosnippet>593</a> data.server_ephemeral_key(),
<a href=#594 id=594 data-nosnippet>594</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#595 id=595 data-nosnippet>595</a> );
<a href=#596 id=596 data-nosnippet>596</a>
<a href=#597 id=597 data-nosnippet>597</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#598 id=598 data-nosnippet>598</a> err.unwrap_err(),
<a href=#599 id=599 data-nosnippet>599</a> CertificateVerificationError::InvalidServerSignature
<a href=#600 id=600 data-nosnippet>600</a> ));
<a href=#601 id=601 data-nosnippet>601</a> }
<a href=#602 id=602 data-nosnippet>602</a>
<a href=#603 id=603 data-nosnippet>603</a> <span class="doccomment">/// Expect sig verification to fail because the sig is wrong.
<a href=#604 id=604 data-nosnippet>604</a> </span><span class="attr">#[rstest]
<a href=#605 id=605 data-nosnippet>605</a> #[case::tlsnotary(tlsnotary())]
<a href=#606 id=606 data-nosnippet>606</a> #[case::appliedzkp(appliedzkp())]
<a href=#607 id=607 data-nosnippet>607</a> </span><span class="kw">fn </span>test_verify_sig_ke_params_fail_bad_sig(
<a href=#608 id=608 data-nosnippet>608</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#609 id=609 data-nosnippet>609</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#610 id=610 data-nosnippet>610</a> ) {
<a href=#611 id=611 data-nosnippet>611</a> data.server_cert_data.sig.sig[<span class="number">31</span>] = data.server_cert_data.sig.sig[<span class="number">31</span>].wrapping_add(<span class="number">1</span>);
<a href=#612 id=612 data-nosnippet>612</a>
<a href=#613 id=613 data-nosnippet>613</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#614 id=614 data-nosnippet>614</a> crypto_provider,
<a href=#615 id=615 data-nosnippet>615</a> data.connection_info.time,
<a href=#616 id=616 data-nosnippet>616</a> data.server_ephemeral_key(),
<a href=#617 id=617 data-nosnippet>617</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#618 id=618 data-nosnippet>618</a> );
<a href=#619 id=619 data-nosnippet>619</a>
<a href=#620 id=620 data-nosnippet>620</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#621 id=621 data-nosnippet>621</a> err.unwrap_err(),
<a href=#622 id=622 data-nosnippet>622</a> CertificateVerificationError::InvalidServerSignature
<a href=#623 id=623 data-nosnippet>623</a> ));
<a href=#624 id=624 data-nosnippet>624</a> }
<a href=#625 id=625 data-nosnippet>625</a>
<a href=#626 id=626 data-nosnippet>626</a> <span class="doccomment">/// Expect to fail because the dns name is not in the cert.
<a href=#627 id=627 data-nosnippet>627</a> </span><span class="attr">#[rstest]
<a href=#628 id=628 data-nosnippet>628</a> #[case::tlsnotary(tlsnotary())]
<a href=#629 id=629 data-nosnippet>629</a> #[case::appliedzkp(appliedzkp())]
<a href=#630 id=630 data-nosnippet>630</a> </span><span class="kw">fn </span>test_check_dns_name_present_in_cert_fail_bad_host(
<a href=#631 id=631 data-nosnippet>631</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#632 id=632 data-nosnippet>632</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#633 id=633 data-nosnippet>633</a> ) {
<a href=#634 id=634 data-nosnippet>634</a> <span class="kw">let </span>bad_name = ServerName::from(<span class="string">"badhost.com"</span>);
<a href=#635 id=635 data-nosnippet>635</a>
<a href=#636 id=636 data-nosnippet>636</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#637 id=637 data-nosnippet>637</a> crypto_provider,
<a href=#638 id=638 data-nosnippet>638</a> data.connection_info.time,
<a href=#639 id=639 data-nosnippet>639</a> data.server_ephemeral_key(),
<a href=#640 id=640 data-nosnippet>640</a> <span class="kw-2">&amp;</span>bad_name,
<a href=#641 id=641 data-nosnippet>641</a> );
<a href=#642 id=642 data-nosnippet>642</a>
<a href=#643 id=643 data-nosnippet>643</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#644 id=644 data-nosnippet>644</a> err.unwrap_err(),
<a href=#645 id=645 data-nosnippet>645</a> CertificateVerificationError::InvalidCert
<a href=#646 id=646 data-nosnippet>646</a> ));
<a href=#647 id=647 data-nosnippet>647</a> }
<a href=#648 id=648 data-nosnippet>648</a>
<a href=#649 id=649 data-nosnippet>649</a> <span class="doccomment">/// Expect to fail because the ephemeral key provided is wrong.
<a href=#650 id=650 data-nosnippet>650</a> </span><span class="attr">#[rstest]
<a href=#651 id=651 data-nosnippet>651</a> #[case::tlsnotary(tlsnotary())]
<a href=#652 id=652 data-nosnippet>652</a> #[case::appliedzkp(appliedzkp())]
<a href=#653 id=653 data-nosnippet>653</a> </span><span class="kw">fn </span>test_invalid_ephemeral_key(
<a href=#654 id=654 data-nosnippet>654</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#655 id=655 data-nosnippet>655</a> <span class="attr">#[case] </span>data: ConnectionFixture,
<a href=#656 id=656 data-nosnippet>656</a> ) {
<a href=#657 id=657 data-nosnippet>657</a> <span class="kw">let </span>wrong_ephemeral_key = ServerEphemKey {
<a href=#658 id=658 data-nosnippet>658</a> typ: KeyType::SECP256R1,
<a href=#659 id=659 data-nosnippet>659</a> key: Vec::&lt;u8&gt;::from_hex(<span class="macro">include_bytes!</span>(<span class="string">"./fixtures/data/unknown/pubkey"</span>)).unwrap(),
<a href=#660 id=660 data-nosnippet>660</a> };
<a href=#661 id=661 data-nosnippet>661</a>
<a href=#662 id=662 data-nosnippet>662</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#663 id=663 data-nosnippet>663</a> crypto_provider,
<a href=#664 id=664 data-nosnippet>664</a> data.connection_info.time,
<a href=#665 id=665 data-nosnippet>665</a> <span class="kw-2">&amp;</span>wrong_ephemeral_key,
<a href=#666 id=666 data-nosnippet>666</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#667 id=667 data-nosnippet>667</a> );
<a href=#668 id=668 data-nosnippet>668</a>
<a href=#669 id=669 data-nosnippet>669</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#670 id=670 data-nosnippet>670</a> err.unwrap_err(),
<a href=#671 id=671 data-nosnippet>671</a> CertificateVerificationError::InvalidServerEphemeralKey
<a href=#672 id=672 data-nosnippet>672</a> ));
<a href=#673 id=673 data-nosnippet>673</a> }
<a href=#674 id=674 data-nosnippet>674</a>
<a href=#675 id=675 data-nosnippet>675</a> <span class="doccomment">/// Expect to fail when no cert provided.
<a href=#676 id=676 data-nosnippet>676</a> </span><span class="attr">#[rstest]
<a href=#677 id=677 data-nosnippet>677</a> #[case::tlsnotary(tlsnotary())]
<a href=#678 id=678 data-nosnippet>678</a> #[case::appliedzkp(appliedzkp())]
<a href=#679 id=679 data-nosnippet>679</a> </span><span class="kw">fn </span>test_verify_cert_chain_fail_no_cert(
<a href=#680 id=680 data-nosnippet>680</a> crypto_provider: <span class="kw-2">&amp;</span>CryptoProvider,
<a href=#681 id=681 data-nosnippet>681</a> <span class="attr">#[case] </span><span class="kw-2">mut </span>data: ConnectionFixture,
<a href=#682 id=682 data-nosnippet>682</a> ) {
<a href=#683 id=683 data-nosnippet>683</a> <span class="comment">// Empty certs
<a href=#684 id=684 data-nosnippet>684</a> </span>data.server_cert_data.certs = Vec::new();
<a href=#685 id=685 data-nosnippet>685</a>
<a href=#686 id=686 data-nosnippet>686</a> <span class="kw">let </span>err = data.server_cert_data.verify_with_provider(
<a href=#687 id=687 data-nosnippet>687</a> crypto_provider,
<a href=#688 id=688 data-nosnippet>688</a> data.connection_info.time,
<a href=#689 id=689 data-nosnippet>689</a> data.server_ephemeral_key(),
<a href=#690 id=690 data-nosnippet>690</a> <span class="kw-2">&amp;</span>ServerName::from(data.server_name.as_ref()),
<a href=#691 id=691 data-nosnippet>691</a> );
<a href=#692 id=692 data-nosnippet>692</a>
<a href=#693 id=693 data-nosnippet>693</a> <span class="macro">assert!</span>(<span class="macro">matches!</span>(
<a href=#694 id=694 data-nosnippet>694</a> err.unwrap_err(),
<a href=#695 id=695 data-nosnippet>695</a> CertificateVerificationError::MissingCerts
<a href=#696 id=696 data-nosnippet>696</a> ));
<a href=#697 id=697 data-nosnippet>697</a> }
<a href=#698 id=698 data-nosnippet>698</a>}</code></pre></div></section></main></body></html>

1876
src/tlsn_core/transcript.rs.html
View File

File diff suppressed because it is too large Load Diff

328
src/tlsn_core/transcript/tls.rs.html Normal file
View File

@@ -0,0 +1,328 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/core/src/transcript/tls.rs`."><title>tls.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn_core" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_core/transcript/</div>tls.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS transcript.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use crate</span>::{
<a href=#4 id=4 data-nosnippet>4</a> connection::{
<a href=#5 id=5 data-nosnippet>5</a> Certificate, HandshakeData, HandshakeDataV1_2, ServerEphemKey, ServerSignature, TlsVersion,
<a href=#6 id=6 data-nosnippet>6</a> VerifyData,
<a href=#7 id=7 data-nosnippet>7</a> },
<a href=#8 id=8 data-nosnippet>8</a> transcript::{Direction, Transcript},
<a href=#9 id=9 data-nosnippet>9</a>};
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>tls_core::msgs::{
<a href=#11 id=11 data-nosnippet>11</a> alert::AlertMessagePayload,
<a href=#12 id=12 data-nosnippet>12</a> codec::{Codec, Reader},
<a href=#13 id=13 data-nosnippet>13</a> enums::{AlertDescription, ContentType, ProtocolVersion},
<a href=#14 id=14 data-nosnippet>14</a> handshake::{HandshakeMessagePayload, HandshakePayload},
<a href=#15 id=15 data-nosnippet>15</a>};
<a href=#16 id=16 data-nosnippet>16</a>
<a href=#17 id=17 data-nosnippet>17</a><span class="doccomment">/// A transcript of TLS records sent and received by the prover.
<a href=#18 id=18 data-nosnippet>18</a></span><span class="attr">#[derive(Debug, Clone)]
<a href=#19 id=19 data-nosnippet>19</a></span><span class="kw">pub struct </span>TlsTranscript {
<a href=#20 id=20 data-nosnippet>20</a> time: u64,
<a href=#21 id=21 data-nosnippet>21</a> version: TlsVersion,
<a href=#22 id=22 data-nosnippet>22</a> server_cert_chain: <span class="prelude-ty">Option</span>&lt;Vec&lt;Certificate&gt;&gt;,
<a href=#23 id=23 data-nosnippet>23</a> server_signature: <span class="prelude-ty">Option</span>&lt;ServerSignature&gt;,
<a href=#24 id=24 data-nosnippet>24</a> handshake_data: HandshakeData,
<a href=#25 id=25 data-nosnippet>25</a> sent: Vec&lt;Record&gt;,
<a href=#26 id=26 data-nosnippet>26</a> recv: Vec&lt;Record&gt;,
<a href=#27 id=27 data-nosnippet>27</a>}
<a href=#28 id=28 data-nosnippet>28</a>
<a href=#29 id=29 data-nosnippet>29</a><span class="kw">impl </span>TlsTranscript {
<a href=#30 id=30 data-nosnippet>30</a> <span class="doccomment">/// Creates a new TLS transcript.
<a href=#31 id=31 data-nosnippet>31</a> </span><span class="attr">#[allow(clippy::too_many_arguments)]
<a href=#32 id=32 data-nosnippet>32</a> </span><span class="kw">pub fn </span>new(
<a href=#33 id=33 data-nosnippet>33</a> time: u64,
<a href=#34 id=34 data-nosnippet>34</a> version: TlsVersion,
<a href=#35 id=35 data-nosnippet>35</a> server_cert_chain: <span class="prelude-ty">Option</span>&lt;Vec&lt;Certificate&gt;&gt;,
<a href=#36 id=36 data-nosnippet>36</a> server_signature: <span class="prelude-ty">Option</span>&lt;ServerSignature&gt;,
<a href=#37 id=37 data-nosnippet>37</a> handshake_data: HandshakeData,
<a href=#38 id=38 data-nosnippet>38</a> verify_data: VerifyData,
<a href=#39 id=39 data-nosnippet>39</a> sent: Vec&lt;Record&gt;,
<a href=#40 id=40 data-nosnippet>40</a> recv: Vec&lt;Record&gt;,
<a href=#41 id=41 data-nosnippet>41</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;<span class="self">Self</span>, TlsTranscriptError&gt; {
<a href=#42 id=42 data-nosnippet>42</a> <span class="kw">let </span><span class="kw-2">mut </span>sent_iter = sent.iter();
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">let </span><span class="kw-2">mut </span>recv_iter = recv.iter();
<a href=#44 id=44 data-nosnippet>44</a>
<a href=#45 id=45 data-nosnippet>45</a> <span class="comment">// Make sure the client finished verify data message was sent first.
<a href=#46 id=46 data-nosnippet>46</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(record) = sent_iter.next() {
<a href=#47 id=47 data-nosnippet>47</a> <span class="kw">let </span>payload = record
<a href=#48 id=48 data-nosnippet>48</a> .plaintext
<a href=#49 id=49 data-nosnippet>49</a> .as_ref()
<a href=#50 id=50 data-nosnippet>50</a> .ok_or(TlsTranscriptError::validation(
<a href=#51 id=51 data-nosnippet>51</a> <span class="string">"client finished message was hidden from the follower"</span>,
<a href=#52 id=52 data-nosnippet>52</a> ))<span class="question-mark">?</span>;
<a href=#53 id=53 data-nosnippet>53</a>
<a href=#54 id=54 data-nosnippet>54</a> <span class="kw">let </span><span class="kw-2">mut </span>reader = Reader::init(payload);
<a href=#55 id=55 data-nosnippet>55</a> <span class="kw">let </span>payload =
<a href=#56 id=56 data-nosnippet>56</a> HandshakeMessagePayload::read_version(<span class="kw-2">&amp;mut </span>reader, ProtocolVersion::TLSv1_2)
<a href=#57 id=57 data-nosnippet>57</a> .ok_or(TlsTranscriptError::validation(
<a href=#58 id=58 data-nosnippet>58</a> <span class="string">"first record sent was not a handshake message"</span>,
<a href=#59 id=59 data-nosnippet>59</a> ))<span class="question-mark">?</span>;
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a> <span class="kw">let </span>HandshakePayload::Finished(vd) = payload.payload <span class="kw">else </span>{
<a href=#62 id=62 data-nosnippet>62</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#63 id=63 data-nosnippet>63</a> <span class="string">"first record sent was not a client finished message"</span>,
<a href=#64 id=64 data-nosnippet>64</a> ));
<a href=#65 id=65 data-nosnippet>65</a> };
<a href=#66 id=66 data-nosnippet>66</a>
<a href=#67 id=67 data-nosnippet>67</a> <span class="kw">if </span>vd.<span class="number">0 </span>!= verify_data.client_finished {
<a href=#68 id=68 data-nosnippet>68</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#69 id=69 data-nosnippet>69</a> <span class="string">"inconsistent client finished verify data"</span>,
<a href=#70 id=70 data-nosnippet>70</a> ));
<a href=#71 id=71 data-nosnippet>71</a> }
<a href=#72 id=72 data-nosnippet>72</a> } <span class="kw">else </span>{
<a href=#73 id=73 data-nosnippet>73</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#74 id=74 data-nosnippet>74</a> <span class="string">"client finished was not sent"</span>,
<a href=#75 id=75 data-nosnippet>75</a> ));
<a href=#76 id=76 data-nosnippet>76</a> }
<a href=#77 id=77 data-nosnippet>77</a>
<a href=#78 id=78 data-nosnippet>78</a> <span class="comment">// Make sure the server finished verify data message was received first.
<a href=#79 id=79 data-nosnippet>79</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(record) = recv_iter.next() {
<a href=#80 id=80 data-nosnippet>80</a> <span class="kw">let </span>payload = record
<a href=#81 id=81 data-nosnippet>81</a> .plaintext
<a href=#82 id=82 data-nosnippet>82</a> .as_ref()
<a href=#83 id=83 data-nosnippet>83</a> .ok_or(TlsTranscriptError::validation(
<a href=#84 id=84 data-nosnippet>84</a> <span class="string">"server finished message was hidden from the follower"</span>,
<a href=#85 id=85 data-nosnippet>85</a> ))<span class="question-mark">?</span>;
<a href=#86 id=86 data-nosnippet>86</a>
<a href=#87 id=87 data-nosnippet>87</a> <span class="kw">let </span><span class="kw-2">mut </span>reader = Reader::init(payload);
<a href=#88 id=88 data-nosnippet>88</a> <span class="kw">let </span>payload =
<a href=#89 id=89 data-nosnippet>89</a> HandshakeMessagePayload::read_version(<span class="kw-2">&amp;mut </span>reader, ProtocolVersion::TLSv1_2)
<a href=#90 id=90 data-nosnippet>90</a> .ok_or(TlsTranscriptError::validation(
<a href=#91 id=91 data-nosnippet>91</a> <span class="string">"first record received was not a handshake message"</span>,
<a href=#92 id=92 data-nosnippet>92</a> ))<span class="question-mark">?</span>;
<a href=#93 id=93 data-nosnippet>93</a>
<a href=#94 id=94 data-nosnippet>94</a> <span class="kw">let </span>HandshakePayload::Finished(vd) = payload.payload <span class="kw">else </span>{
<a href=#95 id=95 data-nosnippet>95</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#96 id=96 data-nosnippet>96</a> <span class="string">"first record received was not a server finished message"</span>,
<a href=#97 id=97 data-nosnippet>97</a> ));
<a href=#98 id=98 data-nosnippet>98</a> };
<a href=#99 id=99 data-nosnippet>99</a>
<a href=#100 id=100 data-nosnippet>100</a> <span class="kw">if </span>vd.<span class="number">0 </span>!= verify_data.server_finished {
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#102 id=102 data-nosnippet>102</a> <span class="string">"inconsistent server finished verify data"</span>,
<a href=#103 id=103 data-nosnippet>103</a> ));
<a href=#104 id=104 data-nosnippet>104</a> }
<a href=#105 id=105 data-nosnippet>105</a> } <span class="kw">else </span>{
<a href=#106 id=106 data-nosnippet>106</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#107 id=107 data-nosnippet>107</a> <span class="string">"server finished was not received"</span>,
<a href=#108 id=108 data-nosnippet>108</a> ));
<a href=#109 id=109 data-nosnippet>109</a> }
<a href=#110 id=110 data-nosnippet>110</a>
<a href=#111 id=111 data-nosnippet>111</a> <span class="comment">// Verify last record sent was either application data or close notify.
<a href=#112 id=112 data-nosnippet>112</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(record) = sent_iter.next_back() {
<a href=#113 id=113 data-nosnippet>113</a> <span class="kw">match </span>record.typ {
<a href=#114 id=114 data-nosnippet>114</a> ContentType::ApplicationData =&gt; {}
<a href=#115 id=115 data-nosnippet>115</a> ContentType::Alert =&gt; {
<a href=#116 id=116 data-nosnippet>116</a> <span class="comment">// Ensure the alert is a close notify.
<a href=#117 id=117 data-nosnippet>117</a> </span><span class="kw">let </span>payload =
<a href=#118 id=118 data-nosnippet>118</a> record
<a href=#119 id=119 data-nosnippet>119</a> .plaintext
<a href=#120 id=120 data-nosnippet>120</a> .as_ref()
<a href=#121 id=121 data-nosnippet>121</a> .ok_or(TlsTranscriptError::validation(
<a href=#122 id=122 data-nosnippet>122</a> <span class="string">"alert content was hidden from the follower"</span>,
<a href=#123 id=123 data-nosnippet>123</a> ))<span class="question-mark">?</span>;
<a href=#124 id=124 data-nosnippet>124</a>
<a href=#125 id=125 data-nosnippet>125</a> <span class="kw">let </span><span class="kw-2">mut </span>reader = Reader::init(payload);
<a href=#126 id=126 data-nosnippet>126</a> <span class="kw">let </span>payload = AlertMessagePayload::read(<span class="kw-2">&amp;mut </span>reader).ok_or(
<a href=#127 id=127 data-nosnippet>127</a> TlsTranscriptError::validation(<span class="string">"alert message was malformed"</span>),
<a href=#128 id=128 data-nosnippet>128</a> )<span class="question-mark">?</span>;
<a href=#129 id=129 data-nosnippet>129</a>
<a href=#130 id=130 data-nosnippet>130</a> <span class="kw">let </span>AlertDescription::CloseNotify = payload.description <span class="kw">else </span>{
<a href=#131 id=131 data-nosnippet>131</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#132 id=132 data-nosnippet>132</a> <span class="string">"sent alert that is not close notify"</span>,
<a href=#133 id=133 data-nosnippet>133</a> ));
<a href=#134 id=134 data-nosnippet>134</a> };
<a href=#135 id=135 data-nosnippet>135</a> }
<a href=#136 id=136 data-nosnippet>136</a> typ =&gt; {
<a href=#137 id=137 data-nosnippet>137</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(<span class="macro">format!</span>(
<a href=#138 id=138 data-nosnippet>138</a> <span class="string">"sent unexpected record content type: {typ:?}"
<a href=#139 id=139 data-nosnippet>139</a> </span>)))
<a href=#140 id=140 data-nosnippet>140</a> }
<a href=#141 id=141 data-nosnippet>141</a> }
<a href=#142 id=142 data-nosnippet>142</a> }
<a href=#143 id=143 data-nosnippet>143</a>
<a href=#144 id=144 data-nosnippet>144</a> <span class="comment">// Verify last record received was either application data or close notify.
<a href=#145 id=145 data-nosnippet>145</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(record) = recv_iter.next_back() {
<a href=#146 id=146 data-nosnippet>146</a> <span class="kw">match </span>record.typ {
<a href=#147 id=147 data-nosnippet>147</a> ContentType::ApplicationData =&gt; {}
<a href=#148 id=148 data-nosnippet>148</a> ContentType::Alert =&gt; {
<a href=#149 id=149 data-nosnippet>149</a> <span class="comment">// Ensure the alert is a close notify.
<a href=#150 id=150 data-nosnippet>150</a> </span><span class="kw">let </span>payload =
<a href=#151 id=151 data-nosnippet>151</a> record
<a href=#152 id=152 data-nosnippet>152</a> .plaintext
<a href=#153 id=153 data-nosnippet>153</a> .as_ref()
<a href=#154 id=154 data-nosnippet>154</a> .ok_or(TlsTranscriptError::validation(
<a href=#155 id=155 data-nosnippet>155</a> <span class="string">"alert content was hidden from the follower"</span>,
<a href=#156 id=156 data-nosnippet>156</a> ))<span class="question-mark">?</span>;
<a href=#157 id=157 data-nosnippet>157</a>
<a href=#158 id=158 data-nosnippet>158</a> <span class="kw">let </span><span class="kw-2">mut </span>reader = Reader::init(payload);
<a href=#159 id=159 data-nosnippet>159</a> <span class="kw">let </span>payload = AlertMessagePayload::read(<span class="kw-2">&amp;mut </span>reader).ok_or(
<a href=#160 id=160 data-nosnippet>160</a> TlsTranscriptError::validation(<span class="string">"alert message was malformed"</span>),
<a href=#161 id=161 data-nosnippet>161</a> )<span class="question-mark">?</span>;
<a href=#162 id=162 data-nosnippet>162</a>
<a href=#163 id=163 data-nosnippet>163</a> <span class="kw">let </span>AlertDescription::CloseNotify = payload.description <span class="kw">else </span>{
<a href=#164 id=164 data-nosnippet>164</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(
<a href=#165 id=165 data-nosnippet>165</a> <span class="string">"received alert that is not close notify"</span>,
<a href=#166 id=166 data-nosnippet>166</a> ));
<a href=#167 id=167 data-nosnippet>167</a> };
<a href=#168 id=168 data-nosnippet>168</a> }
<a href=#169 id=169 data-nosnippet>169</a> typ =&gt; {
<a href=#170 id=170 data-nosnippet>170</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(<span class="macro">format!</span>(
<a href=#171 id=171 data-nosnippet>171</a> <span class="string">"received unexpected record content type: {typ:?}"
<a href=#172 id=172 data-nosnippet>172</a> </span>)))
<a href=#173 id=173 data-nosnippet>173</a> }
<a href=#174 id=174 data-nosnippet>174</a> }
<a href=#175 id=175 data-nosnippet>175</a> }
<a href=#176 id=176 data-nosnippet>176</a>
<a href=#177 id=177 data-nosnippet>177</a> <span class="comment">// Ensure all other records were application data.
<a href=#178 id=178 data-nosnippet>178</a> </span><span class="kw">for </span>record <span class="kw">in </span>sent_iter {
<a href=#179 id=179 data-nosnippet>179</a> <span class="kw">if </span>record.typ != ContentType::ApplicationData {
<a href=#180 id=180 data-nosnippet>180</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(<span class="macro">format!</span>(
<a href=#181 id=181 data-nosnippet>181</a> <span class="string">"sent unexpected record content type: {:?}"</span>,
<a href=#182 id=182 data-nosnippet>182</a> record.typ
<a href=#183 id=183 data-nosnippet>183</a> )));
<a href=#184 id=184 data-nosnippet>184</a> }
<a href=#185 id=185 data-nosnippet>185</a> }
<a href=#186 id=186 data-nosnippet>186</a>
<a href=#187 id=187 data-nosnippet>187</a> <span class="kw">for </span>record <span class="kw">in </span>recv_iter {
<a href=#188 id=188 data-nosnippet>188</a> <span class="kw">if </span>record.typ != ContentType::ApplicationData {
<a href=#189 id=189 data-nosnippet>189</a> <span class="kw">return </span><span class="prelude-val">Err</span>(TlsTranscriptError::validation(<span class="macro">format!</span>(
<a href=#190 id=190 data-nosnippet>190</a> <span class="string">"received unexpected record content type: {:?}"</span>,
<a href=#191 id=191 data-nosnippet>191</a> record.typ
<a href=#192 id=192 data-nosnippet>192</a> )));
<a href=#193 id=193 data-nosnippet>193</a> }
<a href=#194 id=194 data-nosnippet>194</a> }
<a href=#195 id=195 data-nosnippet>195</a>
<a href=#196 id=196 data-nosnippet>196</a> <span class="prelude-val">Ok</span>(<span class="self">Self </span>{
<a href=#197 id=197 data-nosnippet>197</a> time,
<a href=#198 id=198 data-nosnippet>198</a> version,
<a href=#199 id=199 data-nosnippet>199</a> server_cert_chain,
<a href=#200 id=200 data-nosnippet>200</a> server_signature,
<a href=#201 id=201 data-nosnippet>201</a> handshake_data,
<a href=#202 id=202 data-nosnippet>202</a> sent,
<a href=#203 id=203 data-nosnippet>203</a> recv,
<a href=#204 id=204 data-nosnippet>204</a> })
<a href=#205 id=205 data-nosnippet>205</a> }
<a href=#206 id=206 data-nosnippet>206</a>
<a href=#207 id=207 data-nosnippet>207</a> <span class="doccomment">/// Returns the start time of the connection.
<a href=#208 id=208 data-nosnippet>208</a> </span><span class="kw">pub fn </span>time(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; u64 {
<a href=#209 id=209 data-nosnippet>209</a> <span class="self">self</span>.time
<a href=#210 id=210 data-nosnippet>210</a> }
<a href=#211 id=211 data-nosnippet>211</a>
<a href=#212 id=212 data-nosnippet>212</a> <span class="doccomment">/// Returns the TLS protocol version.
<a href=#213 id=213 data-nosnippet>213</a> </span><span class="kw">pub fn </span>version(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>TlsVersion {
<a href=#214 id=214 data-nosnippet>214</a> <span class="kw-2">&amp;</span><span class="self">self</span>.version
<a href=#215 id=215 data-nosnippet>215</a> }
<a href=#216 id=216 data-nosnippet>216</a>
<a href=#217 id=217 data-nosnippet>217</a> <span class="doccomment">/// Returns the server certificate chain.
<a href=#218 id=218 data-nosnippet>218</a> </span><span class="kw">pub fn </span>server_cert_chain(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Option</span>&lt;<span class="kw-2">&amp;</span>[Certificate]&gt; {
<a href=#219 id=219 data-nosnippet>219</a> <span class="self">self</span>.server_cert_chain.as_deref()
<a href=#220 id=220 data-nosnippet>220</a> }
<a href=#221 id=221 data-nosnippet>221</a>
<a href=#222 id=222 data-nosnippet>222</a> <span class="doccomment">/// Returns the server signature.
<a href=#223 id=223 data-nosnippet>223</a> </span><span class="kw">pub fn </span>server_signature(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Option</span>&lt;<span class="kw-2">&amp;</span>ServerSignature&gt; {
<a href=#224 id=224 data-nosnippet>224</a> <span class="self">self</span>.server_signature.as_ref()
<a href=#225 id=225 data-nosnippet>225</a> }
<a href=#226 id=226 data-nosnippet>226</a>
<a href=#227 id=227 data-nosnippet>227</a> <span class="doccomment">/// Returns the server ephemeral key used in the TLS handshake.
<a href=#228 id=228 data-nosnippet>228</a> </span><span class="kw">pub fn </span>server_ephemeral_key(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>ServerEphemKey {
<a href=#229 id=229 data-nosnippet>229</a> <span class="kw">match </span><span class="kw-2">&amp;</span><span class="self">self</span>.handshake_data {
<a href=#230 id=230 data-nosnippet>230</a> HandshakeData::V1_2(HandshakeDataV1_2 {
<a href=#231 id=231 data-nosnippet>231</a> server_ephemeral_key,
<a href=#232 id=232 data-nosnippet>232</a> ..
<a href=#233 id=233 data-nosnippet>233</a> }) =&gt; server_ephemeral_key,
<a href=#234 id=234 data-nosnippet>234</a> }
<a href=#235 id=235 data-nosnippet>235</a> }
<a href=#236 id=236 data-nosnippet>236</a>
<a href=#237 id=237 data-nosnippet>237</a> <span class="doccomment">/// Returns the handshake data.
<a href=#238 id=238 data-nosnippet>238</a> </span><span class="kw">pub fn </span>handshake_data(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>HandshakeData {
<a href=#239 id=239 data-nosnippet>239</a> <span class="kw-2">&amp;</span><span class="self">self</span>.handshake_data
<a href=#240 id=240 data-nosnippet>240</a> }
<a href=#241 id=241 data-nosnippet>241</a>
<a href=#242 id=242 data-nosnippet>242</a> <span class="doccomment">/// Returns the sent records.
<a href=#243 id=243 data-nosnippet>243</a> </span><span class="kw">pub fn </span>sent(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>[Record] {
<a href=#244 id=244 data-nosnippet>244</a> <span class="kw-2">&amp;</span><span class="self">self</span>.sent
<a href=#245 id=245 data-nosnippet>245</a> }
<a href=#246 id=246 data-nosnippet>246</a>
<a href=#247 id=247 data-nosnippet>247</a> <span class="doccomment">/// Returns the received records.
<a href=#248 id=248 data-nosnippet>248</a> </span><span class="kw">pub fn </span>recv(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>[Record] {
<a href=#249 id=249 data-nosnippet>249</a> <span class="kw-2">&amp;</span><span class="self">self</span>.recv
<a href=#250 id=250 data-nosnippet>250</a> }
<a href=#251 id=251 data-nosnippet>251</a>
<a href=#252 id=252 data-nosnippet>252</a> <span class="doccomment">/// Returns the application data transcript.
<a href=#253 id=253 data-nosnippet>253</a> </span><span class="kw">pub fn </span>to_transcript(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;Transcript, TlsTranscriptError&gt; {
<a href=#254 id=254 data-nosnippet>254</a> <span class="kw">let </span><span class="kw-2">mut </span>sent = Vec::new();
<a href=#255 id=255 data-nosnippet>255</a> <span class="kw">let </span><span class="kw-2">mut </span>recv = Vec::new();
<a href=#256 id=256 data-nosnippet>256</a>
<a href=#257 id=257 data-nosnippet>257</a> <span class="kw">for </span>record <span class="kw">in </span><span class="self">self
<a href=#258 id=258 data-nosnippet>258</a> </span>.sent
<a href=#259 id=259 data-nosnippet>259</a> .iter()
<a href=#260 id=260 data-nosnippet>260</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#261 id=261 data-nosnippet>261</a> {
<a href=#262 id=262 data-nosnippet>262</a> <span class="kw">let </span>plaintext = record
<a href=#263 id=263 data-nosnippet>263</a> .plaintext
<a href=#264 id=264 data-nosnippet>264</a> .as_ref()
<a href=#265 id=265 data-nosnippet>265</a> .ok_or(ErrorRepr::Incomplete {
<a href=#266 id=266 data-nosnippet>266</a> direction: Direction::Sent,
<a href=#267 id=267 data-nosnippet>267</a> seq: record.seq,
<a href=#268 id=268 data-nosnippet>268</a> })<span class="question-mark">?
<a href=#269 id=269 data-nosnippet>269</a> </span>.clone();
<a href=#270 id=270 data-nosnippet>270</a> sent.extend_from_slice(<span class="kw-2">&amp;</span>plaintext);
<a href=#271 id=271 data-nosnippet>271</a> }
<a href=#272 id=272 data-nosnippet>272</a>
<a href=#273 id=273 data-nosnippet>273</a> <span class="kw">for </span>record <span class="kw">in </span><span class="self">self
<a href=#274 id=274 data-nosnippet>274</a> </span>.recv
<a href=#275 id=275 data-nosnippet>275</a> .iter()
<a href=#276 id=276 data-nosnippet>276</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#277 id=277 data-nosnippet>277</a> {
<a href=#278 id=278 data-nosnippet>278</a> <span class="kw">let </span>plaintext = record
<a href=#279 id=279 data-nosnippet>279</a> .plaintext
<a href=#280 id=280 data-nosnippet>280</a> .as_ref()
<a href=#281 id=281 data-nosnippet>281</a> .ok_or(ErrorRepr::Incomplete {
<a href=#282 id=282 data-nosnippet>282</a> direction: Direction::Received,
<a href=#283 id=283 data-nosnippet>283</a> seq: record.seq,
<a href=#284 id=284 data-nosnippet>284</a> })<span class="question-mark">?
<a href=#285 id=285 data-nosnippet>285</a> </span>.clone();
<a href=#286 id=286 data-nosnippet>286</a> recv.extend_from_slice(<span class="kw-2">&amp;</span>plaintext);
<a href=#287 id=287 data-nosnippet>287</a> }
<a href=#288 id=288 data-nosnippet>288</a>
<a href=#289 id=289 data-nosnippet>289</a> <span class="prelude-val">Ok</span>(Transcript::new(sent, recv))
<a href=#290 id=290 data-nosnippet>290</a> }
<a href=#291 id=291 data-nosnippet>291</a>}
<a href=#292 id=292 data-nosnippet>292</a>
<a href=#293 id=293 data-nosnippet>293</a><span class="doccomment">/// A TLS record.
<a href=#294 id=294 data-nosnippet>294</a></span><span class="attr">#[derive(Clone)]
<a href=#295 id=295 data-nosnippet>295</a></span><span class="kw">pub struct </span>Record {
<a href=#296 id=296 data-nosnippet>296</a> <span class="doccomment">/// Sequence number.
<a href=#297 id=297 data-nosnippet>297</a> </span><span class="kw">pub </span>seq: u64,
<a href=#298 id=298 data-nosnippet>298</a> <span class="doccomment">/// Content type.
<a href=#299 id=299 data-nosnippet>299</a> </span><span class="kw">pub </span>typ: ContentType,
<a href=#300 id=300 data-nosnippet>300</a> <span class="doccomment">/// Plaintext.
<a href=#301 id=301 data-nosnippet>301</a> </span><span class="kw">pub </span>plaintext: <span class="prelude-ty">Option</span>&lt;Vec&lt;u8&gt;&gt;,
<a href=#302 id=302 data-nosnippet>302</a> <span class="doccomment">/// Explicit nonce.
<a href=#303 id=303 data-nosnippet>303</a> </span><span class="kw">pub </span>explicit_nonce: Vec&lt;u8&gt;,
<a href=#304 id=304 data-nosnippet>304</a> <span class="doccomment">/// Ciphertext.
<a href=#305 id=305 data-nosnippet>305</a> </span><span class="kw">pub </span>ciphertext: Vec&lt;u8&gt;,
<a href=#306 id=306 data-nosnippet>306</a> <span class="doccomment">/// Tag.
<a href=#307 id=307 data-nosnippet>307</a> </span><span class="kw">pub </span>tag: <span class="prelude-ty">Option</span>&lt;Vec&lt;u8&gt;&gt;,
<a href=#308 id=308 data-nosnippet>308</a>}
<a href=#309 id=309 data-nosnippet>309</a>
<a href=#310 id=310 data-nosnippet>310</a><span class="macro">opaque_debug::implement!</span>(Record);
<a href=#311 id=311 data-nosnippet>311</a>
<a href=#312 id=312 data-nosnippet>312</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#313 id=313 data-nosnippet>313</a>#[error(<span class="string">"TLS transcript error: {0}"</span>)]
<a href=#314 id=314 data-nosnippet>314</a></span><span class="kw">pub struct </span>TlsTranscriptError(<span class="attr">#[from] </span>ErrorRepr);
<a href=#315 id=315 data-nosnippet>315</a>
<a href=#316 id=316 data-nosnippet>316</a><span class="kw">impl </span>TlsTranscriptError {
<a href=#317 id=317 data-nosnippet>317</a> <span class="kw">fn </span>validation(msg: <span class="kw">impl </span>Into&lt;String&gt;) -&gt; <span class="self">Self </span>{
<a href=#318 id=318 data-nosnippet>318</a> <span class="self">Self</span>(ErrorRepr::Validation(msg.into()))
<a href=#319 id=319 data-nosnippet>319</a> }
<a href=#320 id=320 data-nosnippet>320</a>}
<a href=#321 id=321 data-nosnippet>321</a>
<a href=#322 id=322 data-nosnippet>322</a><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#323 id=323 data-nosnippet>323</a></span><span class="kw">enum </span>ErrorRepr {
<a href=#324 id=324 data-nosnippet>324</a> <span class="attr">#[error(<span class="string">"validation error: {0}"</span>)]
<a href=#325 id=325 data-nosnippet>325</a> </span>Validation(String),
<a href=#326 id=326 data-nosnippet>326</a> <span class="attr">#[error(<span class="string">"incomplete transcript ({direction}): seq {seq}"</span>)]
<a href=#327 id=327 data-nosnippet>327</a> </span>Incomplete { direction: Direction, seq: u64 },
<a href=#328 id=328 data-nosnippet>328</a>}</code></pre></div></section></main></body></html>

130
src/tlsn_prover/error.rs.html
View File

@@ -1,130 +0,0 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/prover/src/error.rs`."><title>error.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_prover" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_prover/</div>error.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>mpc_tls::MpcTlsError;
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>std::{error::Error, fmt};
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>tlsn_common::{encoding::EncodingError, zk_aes_ctr::ZkAesCtrError};
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="doccomment">/// Error for [`Prover`](crate::Prover).
<a href=#6 id=6 data-nosnippet>6</a></span><span class="attr">#[derive(Debug, thiserror::Error)]
<a href=#7 id=7 data-nosnippet>7</a></span><span class="kw">pub struct </span>ProverError {
<a href=#8 id=8 data-nosnippet>8</a> kind: ErrorKind,
<a href=#9 id=9 data-nosnippet>9</a> source: <span class="prelude-ty">Option</span>&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#10 id=10 data-nosnippet>10</a>}
<a href=#11 id=11 data-nosnippet>11</a>
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">impl </span>ProverError {
<a href=#13 id=13 data-nosnippet>13</a> <span class="kw">fn </span>new&lt;E&gt;(kind: ErrorKind, source: E) -&gt; <span class="self">Self
<a href=#14 id=14 data-nosnippet>14</a> </span><span class="kw">where
<a href=#15 id=15 data-nosnippet>15</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#16 id=16 data-nosnippet>16</a> {
<a href=#17 id=17 data-nosnippet>17</a> <span class="self">Self </span>{
<a href=#18 id=18 data-nosnippet>18</a> kind,
<a href=#19 id=19 data-nosnippet>19</a> source: <span class="prelude-val">Some</span>(source.into()),
<a href=#20 id=20 data-nosnippet>20</a> }
<a href=#21 id=21 data-nosnippet>21</a> }
<a href=#22 id=22 data-nosnippet>22</a>
<a href=#23 id=23 data-nosnippet>23</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>config&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#24 id=24 data-nosnippet>24</a> </span><span class="kw">where
<a href=#25 id=25 data-nosnippet>25</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#26 id=26 data-nosnippet>26</a> {
<a href=#27 id=27 data-nosnippet>27</a> <span class="self">Self</span>::new(ErrorKind::Config, source)
<a href=#28 id=28 data-nosnippet>28</a> }
<a href=#29 id=29 data-nosnippet>29</a>
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>mpc&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#31 id=31 data-nosnippet>31</a> </span><span class="kw">where
<a href=#32 id=32 data-nosnippet>32</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#33 id=33 data-nosnippet>33</a> {
<a href=#34 id=34 data-nosnippet>34</a> <span class="self">Self</span>::new(ErrorKind::Mpc, source)
<a href=#35 id=35 data-nosnippet>35</a> }
<a href=#36 id=36 data-nosnippet>36</a>
<a href=#37 id=37 data-nosnippet>37</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>zk&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#38 id=38 data-nosnippet>38</a> </span><span class="kw">where
<a href=#39 id=39 data-nosnippet>39</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#40 id=40 data-nosnippet>40</a> {
<a href=#41 id=41 data-nosnippet>41</a> <span class="self">Self</span>::new(ErrorKind::Zk, source)
<a href=#42 id=42 data-nosnippet>42</a> }
<a href=#43 id=43 data-nosnippet>43</a>
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>commit&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#45 id=45 data-nosnippet>45</a> </span><span class="kw">where
<a href=#46 id=46 data-nosnippet>46</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#47 id=47 data-nosnippet>47</a> {
<a href=#48 id=48 data-nosnippet>48</a> <span class="self">Self</span>::new(ErrorKind::Commit, source)
<a href=#49 id=49 data-nosnippet>49</a> }
<a href=#50 id=50 data-nosnippet>50</a>
<a href=#51 id=51 data-nosnippet>51</a> <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>attestation&lt;E&gt;(source: E) -&gt; <span class="self">Self
<a href=#52 id=52 data-nosnippet>52</a> </span><span class="kw">where
<a href=#53 id=53 data-nosnippet>53</a> </span>E: Into&lt;Box&lt;<span class="kw">dyn </span>Error + Send + Sync + <span class="lifetime">'static</span>&gt;&gt;,
<a href=#54 id=54 data-nosnippet>54</a> {
<a href=#55 id=55 data-nosnippet>55</a> <span class="self">Self</span>::new(ErrorKind::Attestation, source)
<a href=#56 id=56 data-nosnippet>56</a> }
<a href=#57 id=57 data-nosnippet>57</a>}
<a href=#58 id=58 data-nosnippet>58</a>
<a href=#59 id=59 data-nosnippet>59</a><span class="attr">#[derive(Debug)]
<a href=#60 id=60 data-nosnippet>60</a></span><span class="kw">enum </span>ErrorKind {
<a href=#61 id=61 data-nosnippet>61</a> Io,
<a href=#62 id=62 data-nosnippet>62</a> Mpc,
<a href=#63 id=63 data-nosnippet>63</a> Zk,
<a href=#64 id=64 data-nosnippet>64</a> Config,
<a href=#65 id=65 data-nosnippet>65</a> Commit,
<a href=#66 id=66 data-nosnippet>66</a> Attestation,
<a href=#67 id=67 data-nosnippet>67</a>}
<a href=#68 id=68 data-nosnippet>68</a>
<a href=#69 id=69 data-nosnippet>69</a><span class="kw">impl </span>fmt::Display <span class="kw">for </span>ProverError {
<a href=#70 id=70 data-nosnippet>70</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; fmt::Result {
<a href=#71 id=71 data-nosnippet>71</a> f.write_str(<span class="string">"prover error: "</span>)<span class="question-mark">?</span>;
<a href=#72 id=72 data-nosnippet>72</a>
<a href=#73 id=73 data-nosnippet>73</a> <span class="kw">match </span><span class="self">self</span>.kind {
<a href=#74 id=74 data-nosnippet>74</a> ErrorKind::Io =&gt; f.write_str(<span class="string">"io error"</span>)<span class="question-mark">?</span>,
<a href=#75 id=75 data-nosnippet>75</a> ErrorKind::Mpc =&gt; f.write_str(<span class="string">"mpc error"</span>)<span class="question-mark">?</span>,
<a href=#76 id=76 data-nosnippet>76</a> ErrorKind::Zk =&gt; f.write_str(<span class="string">"zk error"</span>)<span class="question-mark">?</span>,
<a href=#77 id=77 data-nosnippet>77</a> ErrorKind::Config =&gt; f.write_str(<span class="string">"config error"</span>)<span class="question-mark">?</span>,
<a href=#78 id=78 data-nosnippet>78</a> ErrorKind::Commit =&gt; f.write_str(<span class="string">"commit error"</span>)<span class="question-mark">?</span>,
<a href=#79 id=79 data-nosnippet>79</a> ErrorKind::Attestation =&gt; f.write_str(<span class="string">"attestation error"</span>)<span class="question-mark">?</span>,
<a href=#80 id=80 data-nosnippet>80</a> }
<a href=#81 id=81 data-nosnippet>81</a>
<a href=#82 id=82 data-nosnippet>82</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(source) = <span class="kw-2">&amp;</span><span class="self">self</span>.source {
<a href=#83 id=83 data-nosnippet>83</a> <span class="macro">write!</span>(f, <span class="string">" caused by: {source}"</span>)<span class="question-mark">?</span>;
<a href=#84 id=84 data-nosnippet>84</a> }
<a href=#85 id=85 data-nosnippet>85</a>
<a href=#86 id=86 data-nosnippet>86</a> <span class="prelude-val">Ok</span>(())
<a href=#87 id=87 data-nosnippet>87</a> }
<a href=#88 id=88 data-nosnippet>88</a>}
<a href=#89 id=89 data-nosnippet>89</a>
<a href=#90 id=90 data-nosnippet>90</a><span class="kw">impl </span>From&lt;std::io::Error&gt; <span class="kw">for </span>ProverError {
<a href=#91 id=91 data-nosnippet>91</a> <span class="kw">fn </span>from(e: std::io::Error) -&gt; <span class="self">Self </span>{
<a href=#92 id=92 data-nosnippet>92</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#93 id=93 data-nosnippet>93</a> }
<a href=#94 id=94 data-nosnippet>94</a>}
<a href=#95 id=95 data-nosnippet>95</a>
<a href=#96 id=96 data-nosnippet>96</a><span class="kw">impl </span>From&lt;tls_client_async::ConnectionError&gt; <span class="kw">for </span>ProverError {
<a href=#97 id=97 data-nosnippet>97</a> <span class="kw">fn </span>from(e: tls_client_async::ConnectionError) -&gt; <span class="self">Self </span>{
<a href=#98 id=98 data-nosnippet>98</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#99 id=99 data-nosnippet>99</a> }
<a href=#100 id=100 data-nosnippet>100</a>}
<a href=#101 id=101 data-nosnippet>101</a>
<a href=#102 id=102 data-nosnippet>102</a><span class="kw">impl </span>From&lt;uid_mux::yamux::ConnectionError&gt; <span class="kw">for </span>ProverError {
<a href=#103 id=103 data-nosnippet>103</a> <span class="kw">fn </span>from(e: uid_mux::yamux::ConnectionError) -&gt; <span class="self">Self </span>{
<a href=#104 id=104 data-nosnippet>104</a> <span class="self">Self</span>::new(ErrorKind::Io, e)
<a href=#105 id=105 data-nosnippet>105</a> }
<a href=#106 id=106 data-nosnippet>106</a>}
<a href=#107 id=107 data-nosnippet>107</a>
<a href=#108 id=108 data-nosnippet>108</a><span class="kw">impl </span>From&lt;mpz_common::ContextError&gt; <span class="kw">for </span>ProverError {
<a href=#109 id=109 data-nosnippet>109</a> <span class="kw">fn </span>from(e: mpz_common::ContextError) -&gt; <span class="self">Self </span>{
<a href=#110 id=110 data-nosnippet>110</a> <span class="self">Self</span>::new(ErrorKind::Mpc, e)
<a href=#111 id=111 data-nosnippet>111</a> }
<a href=#112 id=112 data-nosnippet>112</a>}
<a href=#113 id=113 data-nosnippet>113</a>
<a href=#114 id=114 data-nosnippet>114</a><span class="kw">impl </span>From&lt;MpcTlsError&gt; <span class="kw">for </span>ProverError {
<a href=#115 id=115 data-nosnippet>115</a> <span class="kw">fn </span>from(e: MpcTlsError) -&gt; <span class="self">Self </span>{
<a href=#116 id=116 data-nosnippet>116</a> <span class="self">Self</span>::new(ErrorKind::Mpc, e)
<a href=#117 id=117 data-nosnippet>117</a> }
<a href=#118 id=118 data-nosnippet>118</a>}
<a href=#119 id=119 data-nosnippet>119</a>
<a href=#120 id=120 data-nosnippet>120</a><span class="kw">impl </span>From&lt;ZkAesCtrError&gt; <span class="kw">for </span>ProverError {
<a href=#121 id=121 data-nosnippet>121</a> <span class="kw">fn </span>from(e: ZkAesCtrError) -&gt; <span class="self">Self </span>{
<a href=#122 id=122 data-nosnippet>122</a> <span class="self">Self</span>::new(ErrorKind::Zk, e)
<a href=#123 id=123 data-nosnippet>123</a> }
<a href=#124 id=124 data-nosnippet>124</a>}
<a href=#125 id=125 data-nosnippet>125</a>
<a href=#126 id=126 data-nosnippet>126</a><span class="kw">impl </span>From&lt;EncodingError&gt; <span class="kw">for </span>ProverError {
<a href=#127 id=127 data-nosnippet>127</a> <span class="kw">fn </span>from(e: EncodingError) -&gt; <span class="self">Self </span>{
<a href=#128 id=128 data-nosnippet>128</a> <span class="self">Self</span>::new(ErrorKind::Commit, e)
<a href=#129 id=129 data-nosnippet>129</a> }
<a href=#130 id=130 data-nosnippet>130</a>}</code></pre></div></section></main></body></html>

678
src/tlsn_prover/lib.rs.html
View File

@@ -1,678 +0,0 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/prover/src/lib.rs`."><title>lib.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_prover" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_prover/</div>lib.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLSNotary prover library.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="attr">#![deny(missing_docs, unreachable_pub, unused_must_use)]
<a href=#4 id=4 data-nosnippet>4</a>#![deny(clippy::all)]
<a href=#5 id=5 data-nosnippet>5</a>#![forbid(unsafe_code)]
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a></span><span class="kw">mod </span>config;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">mod </span>error;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">mod </span>future;
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">pub mod </span>state;
<a href=#11 id=11 data-nosnippet>11</a>
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">pub use </span>config::{ProverConfig, ProverConfigBuilder, TlsConfig, TlsConfigBuilder};
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">pub use </span>error::ProverError;
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">pub use </span>future::ProverFuture;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">pub use </span>tlsn_core::{ProveConfig, ProveConfigBuilder, ProveConfigBuilderError, ProverOutput};
<a href=#16 id=16 data-nosnippet>16</a>
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">use </span>mpz_common::Context;
<a href=#18 id=18 data-nosnippet>18</a><span class="kw">use </span>mpz_core::Block;
<a href=#19 id=19 data-nosnippet>19</a><span class="kw">use </span>mpz_garble_core::Delta;
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">use </span>mpz_vm_core::prelude::<span class="kw-2">*</span>;
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="kw">use </span>futures::{AsyncRead, AsyncWrite, TryFutureExt};
<a href=#23 id=23 data-nosnippet>23</a><span class="kw">use </span>mpc_tls::{LeaderCtrl, MpcTlsLeader, SessionKeys};
<a href=#24 id=24 data-nosnippet>24</a><span class="kw">use </span>rand::Rng;
<a href=#25 id=25 data-nosnippet>25</a><span class="kw">use </span>serio::{stream::IoStreamExt, SinkExt};
<a href=#26 id=26 data-nosnippet>26</a><span class="kw">use </span>std::sync::Arc;
<a href=#27 id=27 data-nosnippet>27</a><span class="kw">use </span>tls_client::{ClientConnection, ServerName <span class="kw">as </span>TlsServerName};
<a href=#28 id=28 data-nosnippet>28</a><span class="kw">use </span>tls_client_async::{bind_client, TlsConnection};
<a href=#29 id=29 data-nosnippet>29</a><span class="kw">use </span>tls_core::msgs::enums::ContentType;
<a href=#30 id=30 data-nosnippet>30</a><span class="kw">use </span>tlsn_common::{
<a href=#31 id=31 data-nosnippet>31</a> commit::{commit_records, hash::prove_hash},
<a href=#32 id=32 data-nosnippet>32</a> context::build_mt_context,
<a href=#33 id=33 data-nosnippet>33</a> encoding,
<a href=#34 id=34 data-nosnippet>34</a> mux::attach_mux,
<a href=#35 id=35 data-nosnippet>35</a> tag::verify_tags,
<a href=#36 id=36 data-nosnippet>36</a> transcript::{decode_transcript, Record, TlsTranscript},
<a href=#37 id=37 data-nosnippet>37</a> zk_aes_ctr::ZkAesCtr,
<a href=#38 id=38 data-nosnippet>38</a> Role,
<a href=#39 id=39 data-nosnippet>39</a>};
<a href=#40 id=40 data-nosnippet>40</a><span class="kw">use </span>tlsn_core::{
<a href=#41 id=41 data-nosnippet>41</a> attestation::Attestation,
<a href=#42 id=42 data-nosnippet>42</a> connection::{
<a href=#43 id=43 data-nosnippet>43</a> ConnectionInfo, HandshakeData, HandshakeDataV1_2, ServerCertData, ServerSignature,
<a href=#44 id=44 data-nosnippet>44</a> TranscriptLength,
<a href=#45 id=45 data-nosnippet>45</a> },
<a href=#46 id=46 data-nosnippet>46</a> request::{Request, RequestConfig},
<a href=#47 id=47 data-nosnippet>47</a> transcript::{Direction, Transcript, TranscriptCommitment, TranscriptSecret},
<a href=#48 id=48 data-nosnippet>48</a> ProvePayload, Secrets,
<a href=#49 id=49 data-nosnippet>49</a>};
<a href=#50 id=50 data-nosnippet>50</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#51 id=51 data-nosnippet>51</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#52 id=52 data-nosnippet>52</a>
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">use </span>tracing::{debug, info, info_span, instrument, Instrument, Span};
<a href=#54 id=54 data-nosnippet>54</a>
<a href=#55 id=55 data-nosnippet>55</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTSender = mpz_ot::rcot::shared::SharedRCOTSender&lt;
<a href=#56 id=56 data-nosnippet>56</a> mpz_ot::kos::Sender&lt;mpz_ot::chou_orlandi::Receiver&gt;,
<a href=#57 id=57 data-nosnippet>57</a> mpz_core::Block,
<a href=#58 id=58 data-nosnippet>58</a>&gt;;
<a href=#59 id=59 data-nosnippet>59</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTReceiver = mpz_ot::rcot::shared::SharedRCOTReceiver&lt;
<a href=#60 id=60 data-nosnippet>60</a> mpz_ot::ferret::Receiver&lt;mpz_ot::kos::Receiver&lt;mpz_ot::chou_orlandi::Sender&gt;&gt;,
<a href=#61 id=61 data-nosnippet>61</a> bool,
<a href=#62 id=62 data-nosnippet>62</a> mpz_core::Block,
<a href=#63 id=63 data-nosnippet>63</a>&gt;;
<a href=#64 id=64 data-nosnippet>64</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Mpc =
<a href=#65 id=65 data-nosnippet>65</a> mpz_garble::protocol::semihonest::Garbler&lt;mpz_ot::cot::DerandCOTSender&lt;RCOTSender&gt;&gt;;
<a href=#66 id=66 data-nosnippet>66</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Zk = mpz_zk::Prover&lt;RCOTReceiver&gt;;
<a href=#67 id=67 data-nosnippet>67</a>
<a href=#68 id=68 data-nosnippet>68</a><span class="doccomment">/// A prover instance.
<a href=#69 id=69 data-nosnippet>69</a></span><span class="attr">#[derive(Debug)]
<a href=#70 id=70 data-nosnippet>70</a></span><span class="kw">pub struct </span>Prover&lt;T: state::ProverState = state::Initialized&gt; {
<a href=#71 id=71 data-nosnippet>71</a> config: ProverConfig,
<a href=#72 id=72 data-nosnippet>72</a> span: Span,
<a href=#73 id=73 data-nosnippet>73</a> state: T,
<a href=#74 id=74 data-nosnippet>74</a>}
<a href=#75 id=75 data-nosnippet>75</a>
<a href=#76 id=76 data-nosnippet>76</a><span class="kw">impl </span>Prover&lt;state::Initialized&gt; {
<a href=#77 id=77 data-nosnippet>77</a> <span class="doccomment">/// Creates a new prover.
<a href=#78 id=78 data-nosnippet>78</a> ///
<a href=#79 id=79 data-nosnippet>79</a> /// # Arguments
<a href=#80 id=80 data-nosnippet>80</a> ///
<a href=#81 id=81 data-nosnippet>81</a> /// * `config` - The configuration for the prover.
<a href=#82 id=82 data-nosnippet>82</a> </span><span class="kw">pub fn </span>new(config: ProverConfig) -&gt; <span class="self">Self </span>{
<a href=#83 id=83 data-nosnippet>83</a> <span class="kw">let </span>span = <span class="macro">info_span!</span>(<span class="string">"prover"</span>);
<a href=#84 id=84 data-nosnippet>84</a> <span class="self">Self </span>{
<a href=#85 id=85 data-nosnippet>85</a> config,
<a href=#86 id=86 data-nosnippet>86</a> span,
<a href=#87 id=87 data-nosnippet>87</a> state: state::Initialized,
<a href=#88 id=88 data-nosnippet>88</a> }
<a href=#89 id=89 data-nosnippet>89</a> }
<a href=#90 id=90 data-nosnippet>90</a>
<a href=#91 id=91 data-nosnippet>91</a> <span class="doccomment">/// Sets up the prover.
<a href=#92 id=92 data-nosnippet>92</a> ///
<a href=#93 id=93 data-nosnippet>93</a> /// This performs all MPC setup prior to establishing the connection to the
<a href=#94 id=94 data-nosnippet>94</a> /// application server.
<a href=#95 id=95 data-nosnippet>95</a> ///
<a href=#96 id=96 data-nosnippet>96</a> /// # Arguments
<a href=#97 id=97 data-nosnippet>97</a> ///
<a href=#98 id=98 data-nosnippet>98</a> /// * `socket` - The socket to the TLS verifier.
<a href=#99 id=99 data-nosnippet>99</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"debug"</span>, skip_all, err)]
<a href=#100 id=100 data-nosnippet>100</a> </span><span class="kw">pub async fn </span>setup&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#101 id=101 data-nosnippet>101</a> <span class="self">self</span>,
<a href=#102 id=102 data-nosnippet>102</a> socket: S,
<a href=#103 id=103 data-nosnippet>103</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Prover&lt;state::Setup&gt;, ProverError&gt; {
<a href=#104 id=104 data-nosnippet>104</a> <span class="kw">let </span>(<span class="kw-2">mut </span>mux_fut, mux_ctrl) = attach_mux(socket, Role::Prover);
<a href=#105 id=105 data-nosnippet>105</a> <span class="kw">let </span><span class="kw-2">mut </span>mt = build_mt_context(mux_ctrl.clone());
<a href=#106 id=106 data-nosnippet>106</a> <span class="kw">let </span><span class="kw-2">mut </span>ctx = mux_fut.poll_with(mt.new_context()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#107 id=107 data-nosnippet>107</a>
<a href=#108 id=108 data-nosnippet>108</a> <span class="comment">// Sends protocol configuration to verifier for compatibility check.
<a href=#109 id=109 data-nosnippet>109</a> </span>mux_fut
<a href=#110 id=110 data-nosnippet>110</a> .poll_with(ctx.io_mut().send(<span class="self">self</span>.config.protocol_config().clone()))
<a href=#111 id=111 data-nosnippet>111</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#112 id=112 data-nosnippet>112</a>
<a href=#113 id=113 data-nosnippet>113</a> <span class="kw">let </span>(vm, <span class="kw-2">mut </span>mpc_tls) = build_mpc_tls(<span class="kw-2">&amp;</span><span class="self">self</span>.config, ctx);
<a href=#114 id=114 data-nosnippet>114</a>
<a href=#115 id=115 data-nosnippet>115</a> <span class="comment">// Allocate resources for MPC-TLS in the VM.
<a href=#116 id=116 data-nosnippet>116</a> </span><span class="kw">let </span><span class="kw-2">mut </span>keys = mpc_tls.alloc()<span class="question-mark">?</span>;
<a href=#117 id=117 data-nosnippet>117</a> translate_keys(<span class="kw-2">&amp;mut </span>keys, <span class="kw-2">&amp;</span>vm.try_lock().expect(<span class="string">"VM is not locked"</span>))<span class="question-mark">?</span>;
<a href=#118 id=118 data-nosnippet>118</a>
<a href=#119 id=119 data-nosnippet>119</a> <span class="comment">// Allocate for committing to plaintext.
<a href=#120 id=120 data-nosnippet>120</a> </span><span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr = ZkAesCtr::new(Role::Prover);
<a href=#121 id=121 data-nosnippet>121</a> zk_aes_ctr.set_key(keys.server_write_key, keys.server_write_iv);
<a href=#122 id=122 data-nosnippet>122</a> zk_aes_ctr.alloc(
<a href=#123 id=123 data-nosnippet>123</a> <span class="kw-2">&amp;mut </span>(<span class="kw-2">*</span>vm.try_lock().expect(<span class="string">"VM is not locked"</span>).zk()),
<a href=#124 id=124 data-nosnippet>124</a> <span class="self">self</span>.config.protocol_config().max_recv_data(),
<a href=#125 id=125 data-nosnippet>125</a> )<span class="question-mark">?</span>;
<a href=#126 id=126 data-nosnippet>126</a>
<a href=#127 id=127 data-nosnippet>127</a> <span class="macro">debug!</span>(<span class="string">"setting up mpc-tls"</span>);
<a href=#128 id=128 data-nosnippet>128</a>
<a href=#129 id=129 data-nosnippet>129</a> mux_fut.poll_with(mpc_tls.preprocess()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#130 id=130 data-nosnippet>130</a>
<a href=#131 id=131 data-nosnippet>131</a> <span class="macro">debug!</span>(<span class="string">"mpc-tls setup complete"</span>);
<a href=#132 id=132 data-nosnippet>132</a>
<a href=#133 id=133 data-nosnippet>133</a> <span class="prelude-val">Ok</span>(Prover {
<a href=#134 id=134 data-nosnippet>134</a> config: <span class="self">self</span>.config,
<a href=#135 id=135 data-nosnippet>135</a> span: <span class="self">self</span>.span,
<a href=#136 id=136 data-nosnippet>136</a> state: state::Setup {
<a href=#137 id=137 data-nosnippet>137</a> mux_ctrl,
<a href=#138 id=138 data-nosnippet>138</a> mux_fut,
<a href=#139 id=139 data-nosnippet>139</a> mpc_tls,
<a href=#140 id=140 data-nosnippet>140</a> zk_aes_ctr,
<a href=#141 id=141 data-nosnippet>141</a> keys,
<a href=#142 id=142 data-nosnippet>142</a> vm,
<a href=#143 id=143 data-nosnippet>143</a> },
<a href=#144 id=144 data-nosnippet>144</a> })
<a href=#145 id=145 data-nosnippet>145</a> }
<a href=#146 id=146 data-nosnippet>146</a>}
<a href=#147 id=147 data-nosnippet>147</a>
<a href=#148 id=148 data-nosnippet>148</a><span class="kw">impl </span>Prover&lt;state::Setup&gt; {
<a href=#149 id=149 data-nosnippet>149</a> <span class="doccomment">/// Connects to the server using the provided socket.
<a href=#150 id=150 data-nosnippet>150</a> ///
<a href=#151 id=151 data-nosnippet>151</a> /// Returns a handle to the TLS connection, a future which returns the
<a href=#152 id=152 data-nosnippet>152</a> /// prover once the connection is closed.
<a href=#153 id=153 data-nosnippet>153</a> ///
<a href=#154 id=154 data-nosnippet>154</a> /// # Arguments
<a href=#155 id=155 data-nosnippet>155</a> ///
<a href=#156 id=156 data-nosnippet>156</a> /// * `socket` - The socket to the server.
<a href=#157 id=157 data-nosnippet>157</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"debug"</span>, skip_all, err)]
<a href=#158 id=158 data-nosnippet>158</a> </span><span class="kw">pub async fn </span>connect&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#159 id=159 data-nosnippet>159</a> <span class="self">self</span>,
<a href=#160 id=160 data-nosnippet>160</a> socket: S,
<a href=#161 id=161 data-nosnippet>161</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(TlsConnection, ProverFuture), ProverError&gt; {
<a href=#162 id=162 data-nosnippet>162</a> <span class="kw">let </span>state::Setup {
<a href=#163 id=163 data-nosnippet>163</a> mux_ctrl,
<a href=#164 id=164 data-nosnippet>164</a> <span class="kw-2">mut </span>mux_fut,
<a href=#165 id=165 data-nosnippet>165</a> mpc_tls,
<a href=#166 id=166 data-nosnippet>166</a> <span class="kw-2">mut </span>zk_aes_ctr,
<a href=#167 id=167 data-nosnippet>167</a> keys,
<a href=#168 id=168 data-nosnippet>168</a> vm,
<a href=#169 id=169 data-nosnippet>169</a> ..
<a href=#170 id=170 data-nosnippet>170</a> } = <span class="self">self</span>.state;
<a href=#171 id=171 data-nosnippet>171</a>
<a href=#172 id=172 data-nosnippet>172</a> <span class="kw">let </span>(mpc_ctrl, mpc_fut) = mpc_tls.run();
<a href=#173 id=173 data-nosnippet>173</a>
<a href=#174 id=174 data-nosnippet>174</a> <span class="kw">let </span>server_name =
<a href=#175 id=175 data-nosnippet>175</a> TlsServerName::try_from(<span class="self">self</span>.config.server_name().as_str()).map_err(|<span class="kw">_</span>| {
<a href=#176 id=176 data-nosnippet>176</a> ProverError::config(<span class="macro">format!</span>(
<a href=#177 id=177 data-nosnippet>177</a> <span class="string">"invalid server name: {}"</span>,
<a href=#178 id=178 data-nosnippet>178</a> <span class="self">self</span>.config.server_name()
<a href=#179 id=179 data-nosnippet>179</a> ))
<a href=#180 id=180 data-nosnippet>180</a> })<span class="question-mark">?</span>;
<a href=#181 id=181 data-nosnippet>181</a>
<a href=#182 id=182 data-nosnippet>182</a> <span class="kw">let </span>config = tls_client::ClientConfig::builder()
<a href=#183 id=183 data-nosnippet>183</a> .with_safe_defaults()
<a href=#184 id=184 data-nosnippet>184</a> .with_root_certificates(<span class="self">self</span>.config.crypto_provider().cert.root_store().clone());
<a href=#185 id=185 data-nosnippet>185</a>
<a href=#186 id=186 data-nosnippet>186</a> <span class="kw">let </span>config = <span class="kw">if let </span><span class="prelude-val">Some</span>((cert, key)) = <span class="self">self</span>.config.tls_config().client_auth() {
<a href=#187 id=187 data-nosnippet>187</a> config
<a href=#188 id=188 data-nosnippet>188</a> .with_single_cert(cert.clone(), key.clone())
<a href=#189 id=189 data-nosnippet>189</a> .map_err(ProverError::config)<span class="question-mark">?
<a href=#190 id=190 data-nosnippet>190</a> </span>} <span class="kw">else </span>{
<a href=#191 id=191 data-nosnippet>191</a> config.with_no_client_auth()
<a href=#192 id=192 data-nosnippet>192</a> };
<a href=#193 id=193 data-nosnippet>193</a>
<a href=#194 id=194 data-nosnippet>194</a> <span class="kw">let </span>client =
<a href=#195 id=195 data-nosnippet>195</a> ClientConnection::new(Arc::new(config), Box::new(mpc_ctrl.clone()), server_name)
<a href=#196 id=196 data-nosnippet>196</a> .map_err(ProverError::config)<span class="question-mark">?</span>;
<a href=#197 id=197 data-nosnippet>197</a>
<a href=#198 id=198 data-nosnippet>198</a> <span class="kw">let </span>(conn, conn_fut) = bind_client(socket, client);
<a href=#199 id=199 data-nosnippet>199</a>
<a href=#200 id=200 data-nosnippet>200</a> <span class="kw">let </span>start_time = web_time::UNIX_EPOCH
<a href=#201 id=201 data-nosnippet>201</a> .elapsed()
<a href=#202 id=202 data-nosnippet>202</a> .expect(<span class="string">"system time is available"</span>)
<a href=#203 id=203 data-nosnippet>203</a> .as_secs();
<a href=#204 id=204 data-nosnippet>204</a>
<a href=#205 id=205 data-nosnippet>205</a> <span class="kw">let </span>fut = Box::pin({
<a href=#206 id=206 data-nosnippet>206</a> <span class="kw">let </span>span = <span class="self">self</span>.span.clone();
<a href=#207 id=207 data-nosnippet>207</a> <span class="kw">let </span>mpc_ctrl = mpc_ctrl.clone();
<a href=#208 id=208 data-nosnippet>208</a> <span class="kw">async move </span>{
<a href=#209 id=209 data-nosnippet>209</a> <span class="kw">let </span>conn_fut = <span class="kw">async </span>{
<a href=#210 id=210 data-nosnippet>210</a> mux_fut
<a href=#211 id=211 data-nosnippet>211</a> .poll_with(conn_fut.map_err(ProverError::from))
<a href=#212 id=212 data-nosnippet>212</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#213 id=213 data-nosnippet>213</a>
<a href=#214 id=214 data-nosnippet>214</a> mpc_ctrl.stop().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#215 id=215 data-nosnippet>215</a>
<a href=#216 id=216 data-nosnippet>216</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, ProverError&gt;(())
<a href=#217 id=217 data-nosnippet>217</a> };
<a href=#218 id=218 data-nosnippet>218</a>
<a href=#219 id=219 data-nosnippet>219</a> <span class="macro">info!</span>(<span class="string">"starting MPC-TLS"</span>);
<a href=#220 id=220 data-nosnippet>220</a>
<a href=#221 id=221 data-nosnippet>221</a> <span class="kw">let </span>(<span class="kw">_</span>, (<span class="kw-2">mut </span>ctx, <span class="kw-2">mut </span>data, ..)) = <span class="macro">futures::try_join!</span>(
<a href=#222 id=222 data-nosnippet>222</a> conn_fut,
<a href=#223 id=223 data-nosnippet>223</a> mpc_fut.in_current_span().map_err(ProverError::from)
<a href=#224 id=224 data-nosnippet>224</a> )<span class="question-mark">?</span>;
<a href=#225 id=225 data-nosnippet>225</a>
<a href=#226 id=226 data-nosnippet>226</a> <span class="macro">info!</span>(<span class="string">"finished MPC-TLS"</span>);
<a href=#227 id=227 data-nosnippet>227</a>
<a href=#228 id=228 data-nosnippet>228</a> {
<a href=#229 id=229 data-nosnippet>229</a> <span class="kw">let </span><span class="kw-2">mut </span>vm = vm.try_lock().expect(<span class="string">"VM should not be locked"</span>);
<a href=#230 id=230 data-nosnippet>230</a>
<a href=#231 id=231 data-nosnippet>231</a> translate_transcript(<span class="kw-2">&amp;mut </span>data.transcript, <span class="kw-2">&amp;</span>vm)<span class="question-mark">?</span>;
<a href=#232 id=232 data-nosnippet>232</a>
<a href=#233 id=233 data-nosnippet>233</a> <span class="macro">debug!</span>(<span class="string">"finalizing mpc"</span>);
<a href=#234 id=234 data-nosnippet>234</a>
<a href=#235 id=235 data-nosnippet>235</a> <span class="comment">// Finalize DEAP.
<a href=#236 id=236 data-nosnippet>236</a> </span>mux_fut
<a href=#237 id=237 data-nosnippet>237</a> .poll_with(vm.finalize(<span class="kw-2">&amp;mut </span>ctx))
<a href=#238 id=238 data-nosnippet>238</a> .<span class="kw">await
<a href=#239 id=239 data-nosnippet>239</a> </span>.map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#240 id=240 data-nosnippet>240</a>
<a href=#241 id=241 data-nosnippet>241</a> <span class="macro">debug!</span>(<span class="string">"mpc finalized"</span>);
<a href=#242 id=242 data-nosnippet>242</a> }
<a href=#243 id=243 data-nosnippet>243</a>
<a href=#244 id=244 data-nosnippet>244</a> <span class="comment">// Pull out ZK VM.
<a href=#245 id=245 data-nosnippet>245</a> </span><span class="kw">let </span>(<span class="kw">_</span>, <span class="kw-2">mut </span>vm) = Arc::into_inner(vm)
<a href=#246 id=246 data-nosnippet>246</a> .expect(<span class="string">"vm should have only 1 reference"</span>)
<a href=#247 id=247 data-nosnippet>247</a> .into_inner()
<a href=#248 id=248 data-nosnippet>248</a> .into_inner();
<a href=#249 id=249 data-nosnippet>249</a>
<a href=#250 id=250 data-nosnippet>250</a> <span class="comment">// Prove tag verification of received records.
<a href=#251 id=251 data-nosnippet>251</a> // The prover drops the proof output.
<a href=#252 id=252 data-nosnippet>252</a> </span><span class="kw">let _ </span>= verify_tags(
<a href=#253 id=253 data-nosnippet>253</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#254 id=254 data-nosnippet>254</a> (data.keys.server_write_key, data.keys.server_write_iv),
<a href=#255 id=255 data-nosnippet>255</a> data.keys.server_write_mac_key,
<a href=#256 id=256 data-nosnippet>256</a> data.transcript.recv.clone(),
<a href=#257 id=257 data-nosnippet>257</a> )
<a href=#258 id=258 data-nosnippet>258</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#259 id=259 data-nosnippet>259</a>
<a href=#260 id=260 data-nosnippet>260</a> <span class="comment">// Prove received plaintext. Prover drops the proof output, as
<a href=#261 id=261 data-nosnippet>261</a> // they trust themselves.
<a href=#262 id=262 data-nosnippet>262</a> </span><span class="kw">_ </span>= commit_records(
<a href=#263 id=263 data-nosnippet>263</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#264 id=264 data-nosnippet>264</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr,
<a href=#265 id=265 data-nosnippet>265</a> data.transcript
<a href=#266 id=266 data-nosnippet>266</a> .recv
<a href=#267 id=267 data-nosnippet>267</a> .iter_mut()
<a href=#268 id=268 data-nosnippet>268</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#269 id=269 data-nosnippet>269</a> )
<a href=#270 id=270 data-nosnippet>270</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#271 id=271 data-nosnippet>271</a>
<a href=#272 id=272 data-nosnippet>272</a> mux_fut
<a href=#273 id=273 data-nosnippet>273</a> .poll_with(vm.execute_all(<span class="kw-2">&amp;mut </span>ctx).map_err(ProverError::zk))
<a href=#274 id=274 data-nosnippet>274</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#275 id=275 data-nosnippet>275</a>
<a href=#276 id=276 data-nosnippet>276</a> <span class="kw">let </span>transcript = data
<a href=#277 id=277 data-nosnippet>277</a> .transcript
<a href=#278 id=278 data-nosnippet>278</a> .to_transcript()
<a href=#279 id=279 data-nosnippet>279</a> .expect(<span class="string">"transcript is complete"</span>);
<a href=#280 id=280 data-nosnippet>280</a> <span class="kw">let </span>transcript_refs = data
<a href=#281 id=281 data-nosnippet>281</a> .transcript
<a href=#282 id=282 data-nosnippet>282</a> .to_transcript_refs()
<a href=#283 id=283 data-nosnippet>283</a> .expect(<span class="string">"transcript is complete"</span>);
<a href=#284 id=284 data-nosnippet>284</a>
<a href=#285 id=285 data-nosnippet>285</a> <span class="kw">let </span>connection_info = ConnectionInfo {
<a href=#286 id=286 data-nosnippet>286</a> time: start_time,
<a href=#287 id=287 data-nosnippet>287</a> version: data
<a href=#288 id=288 data-nosnippet>288</a> .protocol_version
<a href=#289 id=289 data-nosnippet>289</a> .try_into()
<a href=#290 id=290 data-nosnippet>290</a> .expect(<span class="string">"only supported version should have been accepted"</span>),
<a href=#291 id=291 data-nosnippet>291</a> transcript_length: TranscriptLength {
<a href=#292 id=292 data-nosnippet>292</a> sent: transcript.sent().len() <span class="kw">as </span>u32,
<a href=#293 id=293 data-nosnippet>293</a> received: transcript.received().len() <span class="kw">as </span>u32,
<a href=#294 id=294 data-nosnippet>294</a> },
<a href=#295 id=295 data-nosnippet>295</a> };
<a href=#296 id=296 data-nosnippet>296</a>
<a href=#297 id=297 data-nosnippet>297</a> <span class="kw">let </span>server_cert_data =
<a href=#298 id=298 data-nosnippet>298</a> ServerCertData {
<a href=#299 id=299 data-nosnippet>299</a> certs: data
<a href=#300 id=300 data-nosnippet>300</a> .server_cert_details
<a href=#301 id=301 data-nosnippet>301</a> .cert_chain()
<a href=#302 id=302 data-nosnippet>302</a> .iter()
<a href=#303 id=303 data-nosnippet>303</a> .cloned()
<a href=#304 id=304 data-nosnippet>304</a> .map(|c| c.into())
<a href=#305 id=305 data-nosnippet>305</a> .collect(),
<a href=#306 id=306 data-nosnippet>306</a> sig: ServerSignature {
<a href=#307 id=307 data-nosnippet>307</a> scheme: data.server_kx_details.kx_sig().scheme.try_into().expect(
<a href=#308 id=308 data-nosnippet>308</a> <span class="string">"only supported signature scheme should have been accepted"</span>,
<a href=#309 id=309 data-nosnippet>309</a> ),
<a href=#310 id=310 data-nosnippet>310</a> sig: data.server_kx_details.kx_sig().sig.<span class="number">0</span>.clone(),
<a href=#311 id=311 data-nosnippet>311</a> },
<a href=#312 id=312 data-nosnippet>312</a> handshake: HandshakeData::V1_2(HandshakeDataV1_2 {
<a href=#313 id=313 data-nosnippet>313</a> client_random: data.client_random.<span class="number">0</span>,
<a href=#314 id=314 data-nosnippet>314</a> server_random: data.server_random.<span class="number">0</span>,
<a href=#315 id=315 data-nosnippet>315</a> server_ephemeral_key: data
<a href=#316 id=316 data-nosnippet>316</a> .server_key
<a href=#317 id=317 data-nosnippet>317</a> .try_into()
<a href=#318 id=318 data-nosnippet>318</a> .expect(<span class="string">"only supported key scheme should have been accepted"</span>),
<a href=#319 id=319 data-nosnippet>319</a> }),
<a href=#320 id=320 data-nosnippet>320</a> };
<a href=#321 id=321 data-nosnippet>321</a>
<a href=#322 id=322 data-nosnippet>322</a> <span class="prelude-val">Ok</span>(Prover {
<a href=#323 id=323 data-nosnippet>323</a> config: <span class="self">self</span>.config,
<a href=#324 id=324 data-nosnippet>324</a> span: <span class="self">self</span>.span,
<a href=#325 id=325 data-nosnippet>325</a> state: state::Committed {
<a href=#326 id=326 data-nosnippet>326</a> mux_ctrl,
<a href=#327 id=327 data-nosnippet>327</a> mux_fut,
<a href=#328 id=328 data-nosnippet>328</a> ctx,
<a href=#329 id=329 data-nosnippet>329</a> _keys: keys,
<a href=#330 id=330 data-nosnippet>330</a> vm,
<a href=#331 id=331 data-nosnippet>331</a> connection_info,
<a href=#332 id=332 data-nosnippet>332</a> server_cert_data,
<a href=#333 id=333 data-nosnippet>333</a> transcript,
<a href=#334 id=334 data-nosnippet>334</a> transcript_refs,
<a href=#335 id=335 data-nosnippet>335</a> },
<a href=#336 id=336 data-nosnippet>336</a> })
<a href=#337 id=337 data-nosnippet>337</a> }
<a href=#338 id=338 data-nosnippet>338</a> .instrument(span)
<a href=#339 id=339 data-nosnippet>339</a> });
<a href=#340 id=340 data-nosnippet>340</a>
<a href=#341 id=341 data-nosnippet>341</a> <span class="prelude-val">Ok</span>((
<a href=#342 id=342 data-nosnippet>342</a> conn,
<a href=#343 id=343 data-nosnippet>343</a> ProverFuture {
<a href=#344 id=344 data-nosnippet>344</a> fut,
<a href=#345 id=345 data-nosnippet>345</a> ctrl: ProverControl { mpc_ctrl },
<a href=#346 id=346 data-nosnippet>346</a> },
<a href=#347 id=347 data-nosnippet>347</a> ))
<a href=#348 id=348 data-nosnippet>348</a> }
<a href=#349 id=349 data-nosnippet>349</a>}
<a href=#350 id=350 data-nosnippet>350</a>
<a href=#351 id=351 data-nosnippet>351</a><span class="kw">impl </span>Prover&lt;state::Committed&gt; {
<a href=#352 id=352 data-nosnippet>352</a> <span class="doccomment">/// Returns the connection information.
<a href=#353 id=353 data-nosnippet>353</a> </span><span class="kw">pub fn </span>connection_info(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>ConnectionInfo {
<a href=#354 id=354 data-nosnippet>354</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.connection_info
<a href=#355 id=355 data-nosnippet>355</a> }
<a href=#356 id=356 data-nosnippet>356</a>
<a href=#357 id=357 data-nosnippet>357</a> <span class="doccomment">/// Returns the transcript.
<a href=#358 id=358 data-nosnippet>358</a> </span><span class="kw">pub fn </span>transcript(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>Transcript {
<a href=#359 id=359 data-nosnippet>359</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.transcript
<a href=#360 id=360 data-nosnippet>360</a> }
<a href=#361 id=361 data-nosnippet>361</a>
<a href=#362 id=362 data-nosnippet>362</a> <span class="doccomment">/// Proves information to the verifier.
<a href=#363 id=363 data-nosnippet>363</a> ///
<a href=#364 id=364 data-nosnippet>364</a> /// # Arguments
<a href=#365 id=365 data-nosnippet>365</a> ///
<a href=#366 id=366 data-nosnippet>366</a> /// * `config` - The disclosure configuration.
<a href=#367 id=367 data-nosnippet>367</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#368 id=368 data-nosnippet>368</a> </span><span class="kw">pub async fn </span>prove(<span class="kw-2">&amp;mut </span><span class="self">self</span>, config: <span class="kw-2">&amp;</span>ProveConfig) -&gt; <span class="prelude-ty">Result</span>&lt;ProverOutput, ProverError&gt; {
<a href=#369 id=369 data-nosnippet>369</a> <span class="kw">let </span>state::Committed {
<a href=#370 id=370 data-nosnippet>370</a> mux_fut,
<a href=#371 id=371 data-nosnippet>371</a> ctx,
<a href=#372 id=372 data-nosnippet>372</a> vm,
<a href=#373 id=373 data-nosnippet>373</a> server_cert_data,
<a href=#374 id=374 data-nosnippet>374</a> transcript_refs,
<a href=#375 id=375 data-nosnippet>375</a> ..
<a href=#376 id=376 data-nosnippet>376</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#377 id=377 data-nosnippet>377</a>
<a href=#378 id=378 data-nosnippet>378</a> <span class="kw">let </span><span class="kw-2">mut </span>output = ProverOutput {
<a href=#379 id=379 data-nosnippet>379</a> transcript_commitments: Vec::new(),
<a href=#380 id=380 data-nosnippet>380</a> transcript_secrets: Vec::new(),
<a href=#381 id=381 data-nosnippet>381</a> };
<a href=#382 id=382 data-nosnippet>382</a>
<a href=#383 id=383 data-nosnippet>383</a> <span class="kw">let </span>payload = ProvePayload {
<a href=#384 id=384 data-nosnippet>384</a> server_identity: config
<a href=#385 id=385 data-nosnippet>385</a> .server_identity()
<a href=#386 id=386 data-nosnippet>386</a> .then(|| (<span class="self">self</span>.config.server_name().clone(), server_cert_data.clone())),
<a href=#387 id=387 data-nosnippet>387</a> transcript: config.transcript().cloned(),
<a href=#388 id=388 data-nosnippet>388</a> transcript_commit: config.transcript_commit().map(|config| config.to_request()),
<a href=#389 id=389 data-nosnippet>389</a> };
<a href=#390 id=390 data-nosnippet>390</a>
<a href=#391 id=391 data-nosnippet>391</a> <span class="comment">// Send payload.
<a href=#392 id=392 data-nosnippet>392</a> </span>mux_fut
<a href=#393 id=393 data-nosnippet>393</a> .poll_with(ctx.io_mut().send(payload).map_err(ProverError::from))
<a href=#394 id=394 data-nosnippet>394</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#395 id=395 data-nosnippet>395</a>
<a href=#396 id=396 data-nosnippet>396</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = config.transcript() {
<a href=#397 id=397 data-nosnippet>397</a> decode_transcript(
<a href=#398 id=398 data-nosnippet>398</a> vm,
<a href=#399 id=399 data-nosnippet>399</a> partial_transcript.sent_authed(),
<a href=#400 id=400 data-nosnippet>400</a> partial_transcript.received_authed(),
<a href=#401 id=401 data-nosnippet>401</a> transcript_refs,
<a href=#402 id=402 data-nosnippet>402</a> )
<a href=#403 id=403 data-nosnippet>403</a> .map_err(ProverError::zk)<span class="question-mark">?</span>;
<a href=#404 id=404 data-nosnippet>404</a> }
<a href=#405 id=405 data-nosnippet>405</a>
<a href=#406 id=406 data-nosnippet>406</a> <span class="kw">let </span><span class="kw-2">mut </span>hash_commitments = <span class="prelude-val">None</span>;
<a href=#407 id=407 data-nosnippet>407</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(commit_config) = config.transcript_commit() {
<a href=#408 id=408 data-nosnippet>408</a> <span class="kw">if </span>commit_config.has_encoding() {
<a href=#409 id=409 data-nosnippet>409</a> <span class="kw">let </span>hasher = <span class="self">self
<a href=#410 id=410 data-nosnippet>410</a> </span>.config
<a href=#411 id=411 data-nosnippet>411</a> .crypto_provider()
<a href=#412 id=412 data-nosnippet>412</a> .hash
<a href=#413 id=413 data-nosnippet>413</a> .get(commit_config.encoding_hash_alg())
<a href=#414 id=414 data-nosnippet>414</a> .map_err(ProverError::config)<span class="question-mark">?</span>;
<a href=#415 id=415 data-nosnippet>415</a>
<a href=#416 id=416 data-nosnippet>416</a> <span class="kw">let </span>(commitment, tree) = mux_fut
<a href=#417 id=417 data-nosnippet>417</a> .poll_with(
<a href=#418 id=418 data-nosnippet>418</a> encoding::receive(
<a href=#419 id=419 data-nosnippet>419</a> ctx,
<a href=#420 id=420 data-nosnippet>420</a> hasher,
<a href=#421 id=421 data-nosnippet>421</a> transcript_refs,
<a href=#422 id=422 data-nosnippet>422</a> |plaintext| vm.get_macs(plaintext).expect(<span class="string">"reference is valid"</span>),
<a href=#423 id=423 data-nosnippet>423</a> commit_config.iter_encoding(),
<a href=#424 id=424 data-nosnippet>424</a> )
<a href=#425 id=425 data-nosnippet>425</a> .map_err(ProverError::commit),
<a href=#426 id=426 data-nosnippet>426</a> )
<a href=#427 id=427 data-nosnippet>427</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#428 id=428 data-nosnippet>428</a>
<a href=#429 id=429 data-nosnippet>429</a> output
<a href=#430 id=430 data-nosnippet>430</a> .transcript_commitments
<a href=#431 id=431 data-nosnippet>431</a> .push(TranscriptCommitment::Encoding(commitment));
<a href=#432 id=432 data-nosnippet>432</a> output
<a href=#433 id=433 data-nosnippet>433</a> .transcript_secrets
<a href=#434 id=434 data-nosnippet>434</a> .push(TranscriptSecret::Encoding(tree));
<a href=#435 id=435 data-nosnippet>435</a> }
<a href=#436 id=436 data-nosnippet>436</a>
<a href=#437 id=437 data-nosnippet>437</a> <span class="kw">if </span>commit_config.has_hash() {
<a href=#438 id=438 data-nosnippet>438</a> hash_commitments = <span class="prelude-val">Some</span>(
<a href=#439 id=439 data-nosnippet>439</a> prove_hash(
<a href=#440 id=440 data-nosnippet>440</a> vm,
<a href=#441 id=441 data-nosnippet>441</a> transcript_refs,
<a href=#442 id=442 data-nosnippet>442</a> commit_config
<a href=#443 id=443 data-nosnippet>443</a> .iter_hash()
<a href=#444 id=444 data-nosnippet>444</a> .map(|((dir, idx), alg)| (<span class="kw-2">*</span>dir, idx.clone(), <span class="kw-2">*</span>alg)),
<a href=#445 id=445 data-nosnippet>445</a> )
<a href=#446 id=446 data-nosnippet>446</a> .map_err(ProverError::commit)<span class="question-mark">?</span>,
<a href=#447 id=447 data-nosnippet>447</a> );
<a href=#448 id=448 data-nosnippet>448</a> }
<a href=#449 id=449 data-nosnippet>449</a> }
<a href=#450 id=450 data-nosnippet>450</a>
<a href=#451 id=451 data-nosnippet>451</a> mux_fut
<a href=#452 id=452 data-nosnippet>452</a> .poll_with(vm.execute_all(ctx).map_err(ProverError::zk))
<a href=#453 id=453 data-nosnippet>453</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#454 id=454 data-nosnippet>454</a>
<a href=#455 id=455 data-nosnippet>455</a> <span class="kw">if let </span><span class="prelude-val">Some</span>((hash_fut, hash_secrets)) = hash_commitments {
<a href=#456 id=456 data-nosnippet>456</a> <span class="kw">let </span>hash_commitments = hash_fut.try_recv().map_err(ProverError::commit)<span class="question-mark">?</span>;
<a href=#457 id=457 data-nosnippet>457</a> <span class="kw">for </span>(commitment, secret) <span class="kw">in </span>hash_commitments.into_iter().zip(hash_secrets) {
<a href=#458 id=458 data-nosnippet>458</a> output
<a href=#459 id=459 data-nosnippet>459</a> .transcript_commitments
<a href=#460 id=460 data-nosnippet>460</a> .push(TranscriptCommitment::Hash(commitment));
<a href=#461 id=461 data-nosnippet>461</a> output
<a href=#462 id=462 data-nosnippet>462</a> .transcript_secrets
<a href=#463 id=463 data-nosnippet>463</a> .push(TranscriptSecret::Hash(secret));
<a href=#464 id=464 data-nosnippet>464</a> }
<a href=#465 id=465 data-nosnippet>465</a> }
<a href=#466 id=466 data-nosnippet>466</a>
<a href=#467 id=467 data-nosnippet>467</a> <span class="prelude-val">Ok</span>(output)
<a href=#468 id=468 data-nosnippet>468</a> }
<a href=#469 id=469 data-nosnippet>469</a>
<a href=#470 id=470 data-nosnippet>470</a> <span class="doccomment">/// Requests an attestation from the verifier.
<a href=#471 id=471 data-nosnippet>471</a> ///
<a href=#472 id=472 data-nosnippet>472</a> /// # Arguments
<a href=#473 id=473 data-nosnippet>473</a> ///
<a href=#474 id=474 data-nosnippet>474</a> /// * `config` - The attestation request configuration.
<a href=#475 id=475 data-nosnippet>475</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#476 id=476 data-nosnippet>476</a> #[deprecated(
<a href=#477 id=477 data-nosnippet>477</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#478 id=478 data-nosnippet>478</a> </span>)]
<a href=#479 id=479 data-nosnippet>479</a> </span><span class="kw">pub async fn </span>notarize(
<a href=#480 id=480 data-nosnippet>480</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#481 id=481 data-nosnippet>481</a> config: <span class="kw-2">&amp;</span>RequestConfig,
<a href=#482 id=482 data-nosnippet>482</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;(Attestation, Secrets), ProverError&gt; {
<a href=#483 id=483 data-nosnippet>483</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = ProveConfig::builder(<span class="self">self</span>.transcript());
<a href=#484 id=484 data-nosnippet>484</a>
<a href=#485 id=485 data-nosnippet>485</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(config) = config.transcript_commit() {
<a href=#486 id=486 data-nosnippet>486</a> <span class="comment">// Temporarily, we reject attestation requests which contain hash commitments to
<a href=#487 id=487 data-nosnippet>487</a> // subsets of the transcript. We do this because we want to preserve the
<a href=#488 id=488 data-nosnippet>488</a> // obliviousness of the reference notary, and hash commitments currently leak
<a href=#489 id=489 data-nosnippet>489</a> // the ranges which are being committed.
<a href=#490 id=490 data-nosnippet>490</a> </span><span class="kw">for </span>((direction, idx), <span class="kw">_</span>) <span class="kw">in </span>config.iter_hash() {
<a href=#491 id=491 data-nosnippet>491</a> <span class="kw">let </span>len = <span class="kw">match </span>direction {
<a href=#492 id=492 data-nosnippet>492</a> Direction::Sent =&gt; <span class="self">self</span>.transcript().sent().len(),
<a href=#493 id=493 data-nosnippet>493</a> Direction::Received =&gt; <span class="self">self</span>.transcript().received().len(),
<a href=#494 id=494 data-nosnippet>494</a> };
<a href=#495 id=495 data-nosnippet>495</a>
<a href=#496 id=496 data-nosnippet>496</a> <span class="kw">if </span>idx.start() &gt; <span class="number">0 </span>|| idx.end() &lt; len || idx.count() != <span class="number">1 </span>{
<a href=#497 id=497 data-nosnippet>497</a> <span class="kw">return </span><span class="prelude-val">Err</span>(ProverError::attestation(
<a href=#498 id=498 data-nosnippet>498</a> <span class="string">"hash commitments to subsets of the transcript are currently not supported in attestation requests"</span>,
<a href=#499 id=499 data-nosnippet>499</a> ));
<a href=#500 id=500 data-nosnippet>500</a> }
<a href=#501 id=501 data-nosnippet>501</a> }
<a href=#502 id=502 data-nosnippet>502</a>
<a href=#503 id=503 data-nosnippet>503</a> builder.transcript_commit(config.clone());
<a href=#504 id=504 data-nosnippet>504</a> }
<a href=#505 id=505 data-nosnippet>505</a>
<a href=#506 id=506 data-nosnippet>506</a> <span class="kw">let </span>disclosure_config = builder.build().map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#507 id=507 data-nosnippet>507</a>
<a href=#508 id=508 data-nosnippet>508</a> <span class="kw">let </span>ProverOutput {
<a href=#509 id=509 data-nosnippet>509</a> transcript_commitments,
<a href=#510 id=510 data-nosnippet>510</a> transcript_secrets,
<a href=#511 id=511 data-nosnippet>511</a> ..
<a href=#512 id=512 data-nosnippet>512</a> } = <span class="self">self</span>.prove(<span class="kw-2">&amp;</span>disclosure_config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#513 id=513 data-nosnippet>513</a>
<a href=#514 id=514 data-nosnippet>514</a> <span class="kw">let </span>state::Committed {
<a href=#515 id=515 data-nosnippet>515</a> mux_fut,
<a href=#516 id=516 data-nosnippet>516</a> ctx,
<a href=#517 id=517 data-nosnippet>517</a> server_cert_data,
<a href=#518 id=518 data-nosnippet>518</a> transcript,
<a href=#519 id=519 data-nosnippet>519</a> ..
<a href=#520 id=520 data-nosnippet>520</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#521 id=521 data-nosnippet>521</a>
<a href=#522 id=522 data-nosnippet>522</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = Request::builder(config);
<a href=#523 id=523 data-nosnippet>523</a>
<a href=#524 id=524 data-nosnippet>524</a> builder
<a href=#525 id=525 data-nosnippet>525</a> .server_name(<span class="self">self</span>.config.server_name().clone())
<a href=#526 id=526 data-nosnippet>526</a> .server_cert_data(server_cert_data.clone())
<a href=#527 id=527 data-nosnippet>527</a> .transcript(transcript.clone())
<a href=#528 id=528 data-nosnippet>528</a> .transcript_commitments(transcript_secrets, transcript_commitments);
<a href=#529 id=529 data-nosnippet>529</a>
<a href=#530 id=530 data-nosnippet>530</a> <span class="kw">let </span>(request, secrets) = builder
<a href=#531 id=531 data-nosnippet>531</a> .build(<span class="self">self</span>.config.crypto_provider())
<a href=#532 id=532 data-nosnippet>532</a> .map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#533 id=533 data-nosnippet>533</a>
<a href=#534 id=534 data-nosnippet>534</a> <span class="kw">let </span>attestation = mux_fut
<a href=#535 id=535 data-nosnippet>535</a> .poll_with(<span class="kw">async </span>{
<a href=#536 id=536 data-nosnippet>536</a> <span class="macro">debug!</span>(<span class="string">"sending attestation request"</span>);
<a href=#537 id=537 data-nosnippet>537</a>
<a href=#538 id=538 data-nosnippet>538</a> ctx.io_mut().send(request.clone()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#539 id=539 data-nosnippet>539</a>
<a href=#540 id=540 data-nosnippet>540</a> <span class="kw">let </span>attestation: Attestation = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#541 id=541 data-nosnippet>541</a>
<a href=#542 id=542 data-nosnippet>542</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, ProverError&gt;(attestation)
<a href=#543 id=543 data-nosnippet>543</a> })
<a href=#544 id=544 data-nosnippet>544</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#545 id=545 data-nosnippet>545</a>
<a href=#546 id=546 data-nosnippet>546</a> <span class="comment">// Check the attestation is consistent with the Prover's view.
<a href=#547 id=547 data-nosnippet>547</a> </span>request
<a href=#548 id=548 data-nosnippet>548</a> .validate(<span class="kw-2">&amp;</span>attestation)
<a href=#549 id=549 data-nosnippet>549</a> .map_err(ProverError::attestation)<span class="question-mark">?</span>;
<a href=#550 id=550 data-nosnippet>550</a>
<a href=#551 id=551 data-nosnippet>551</a> <span class="prelude-val">Ok</span>((attestation, secrets))
<a href=#552 id=552 data-nosnippet>552</a> }
<a href=#553 id=553 data-nosnippet>553</a>
<a href=#554 id=554 data-nosnippet>554</a> <span class="doccomment">/// Closes the connection with the verifier.
<a href=#555 id=555 data-nosnippet>555</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#556 id=556 data-nosnippet>556</a> </span><span class="kw">pub async fn </span>close(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#557 id=557 data-nosnippet>557</a> <span class="kw">let </span>state::Committed {
<a href=#558 id=558 data-nosnippet>558</a> mux_ctrl, mux_fut, ..
<a href=#559 id=559 data-nosnippet>559</a> } = <span class="self">self</span>.state;
<a href=#560 id=560 data-nosnippet>560</a>
<a href=#561 id=561 data-nosnippet>561</a> <span class="comment">// Wait for the verifier to correctly close the connection.
<a href=#562 id=562 data-nosnippet>562</a> </span><span class="kw">if </span>!mux_fut.is_complete() {
<a href=#563 id=563 data-nosnippet>563</a> mux_ctrl.close();
<a href=#564 id=564 data-nosnippet>564</a> mux_fut.<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#565 id=565 data-nosnippet>565</a> }
<a href=#566 id=566 data-nosnippet>566</a>
<a href=#567 id=567 data-nosnippet>567</a> <span class="prelude-val">Ok</span>(())
<a href=#568 id=568 data-nosnippet>568</a> }
<a href=#569 id=569 data-nosnippet>569</a>}
<a href=#570 id=570 data-nosnippet>570</a>
<a href=#571 id=571 data-nosnippet>571</a><span class="kw">fn </span>build_mpc_tls(config: <span class="kw-2">&amp;</span>ProverConfig, ctx: Context) -&gt; (Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;, MpcTlsLeader) {
<a href=#572 id=572 data-nosnippet>572</a> <span class="kw">let </span><span class="kw-2">mut </span>rng = rand::rng();
<a href=#573 id=573 data-nosnippet>573</a> <span class="kw">let </span>delta = Delta::new(Block::random(<span class="kw-2">&amp;mut </span>rng));
<a href=#574 id=574 data-nosnippet>574</a>
<a href=#575 id=575 data-nosnippet>575</a> <span class="kw">let </span>base_ot_send = mpz_ot::chou_orlandi::Sender::default();
<a href=#576 id=576 data-nosnippet>576</a> <span class="kw">let </span>base_ot_recv = mpz_ot::chou_orlandi::Receiver::default();
<a href=#577 id=577 data-nosnippet>577</a> <span class="kw">let </span>rcot_send = mpz_ot::kos::Sender::new(
<a href=#578 id=578 data-nosnippet>578</a> mpz_ot::kos::SenderConfig::default(),
<a href=#579 id=579 data-nosnippet>579</a> delta.into_inner(),
<a href=#580 id=580 data-nosnippet>580</a> base_ot_recv,
<a href=#581 id=581 data-nosnippet>581</a> );
<a href=#582 id=582 data-nosnippet>582</a> <span class="kw">let </span>rcot_recv =
<a href=#583 id=583 data-nosnippet>583</a> mpz_ot::kos::Receiver::new(mpz_ot::kos::ReceiverConfig::default(), base_ot_send);
<a href=#584 id=584 data-nosnippet>584</a> <span class="kw">let </span>rcot_recv = mpz_ot::ferret::Receiver::new(
<a href=#585 id=585 data-nosnippet>585</a> mpz_ot::ferret::FerretConfig::builder()
<a href=#586 id=586 data-nosnippet>586</a> .lpn_type(mpz_ot::ferret::LpnType::Regular)
<a href=#587 id=587 data-nosnippet>587</a> .build()
<a href=#588 id=588 data-nosnippet>588</a> .expect(<span class="string">"ferret config is valid"</span>),
<a href=#589 id=589 data-nosnippet>589</a> Block::random(<span class="kw-2">&amp;mut </span>rng),
<a href=#590 id=590 data-nosnippet>590</a> rcot_recv,
<a href=#591 id=591 data-nosnippet>591</a> );
<a href=#592 id=592 data-nosnippet>592</a>
<a href=#593 id=593 data-nosnippet>593</a> <span class="kw">let </span>rcot_send = mpz_ot::rcot::shared::SharedRCOTSender::new(rcot_send);
<a href=#594 id=594 data-nosnippet>594</a> <span class="kw">let </span>rcot_recv = mpz_ot::rcot::shared::SharedRCOTReceiver::new(rcot_recv);
<a href=#595 id=595 data-nosnippet>595</a>
<a href=#596 id=596 data-nosnippet>596</a> <span class="kw">let </span>mpc = Mpc::new(
<a href=#597 id=597 data-nosnippet>597</a> mpz_ot::cot::DerandCOTSender::new(rcot_send.clone()),
<a href=#598 id=598 data-nosnippet>598</a> rng.random(),
<a href=#599 id=599 data-nosnippet>599</a> delta,
<a href=#600 id=600 data-nosnippet>600</a> );
<a href=#601 id=601 data-nosnippet>601</a>
<a href=#602 id=602 data-nosnippet>602</a> <span class="kw">let </span>zk = Zk::new(rcot_recv.clone());
<a href=#603 id=603 data-nosnippet>603</a>
<a href=#604 id=604 data-nosnippet>604</a> <span class="kw">let </span>vm = Arc::new(Mutex::new(Deap::new(tlsn_deap::Role::Leader, mpc, zk)));
<a href=#605 id=605 data-nosnippet>605</a>
<a href=#606 id=606 data-nosnippet>606</a> (
<a href=#607 id=607 data-nosnippet>607</a> vm.clone(),
<a href=#608 id=608 data-nosnippet>608</a> MpcTlsLeader::new(
<a href=#609 id=609 data-nosnippet>609</a> config.build_mpc_tls_config(),
<a href=#610 id=610 data-nosnippet>610</a> ctx,
<a href=#611 id=611 data-nosnippet>611</a> vm,
<a href=#612 id=612 data-nosnippet>612</a> (rcot_send.clone(), rcot_send.clone(), rcot_send),
<a href=#613 id=613 data-nosnippet>613</a> rcot_recv,
<a href=#614 id=614 data-nosnippet>614</a> ),
<a href=#615 id=615 data-nosnippet>615</a> )
<a href=#616 id=616 data-nosnippet>616</a>}
<a href=#617 id=617 data-nosnippet>617</a>
<a href=#618 id=618 data-nosnippet>618</a><span class="doccomment">/// A controller for the prover.
<a href=#619 id=619 data-nosnippet>619</a></span><span class="attr">#[derive(Clone)]
<a href=#620 id=620 data-nosnippet>620</a></span><span class="kw">pub struct </span>ProverControl {
<a href=#621 id=621 data-nosnippet>621</a> mpc_ctrl: LeaderCtrl,
<a href=#622 id=622 data-nosnippet>622</a>}
<a href=#623 id=623 data-nosnippet>623</a>
<a href=#624 id=624 data-nosnippet>624</a><span class="kw">impl </span>ProverControl {
<a href=#625 id=625 data-nosnippet>625</a> <span class="doccomment">/// Defers decryption of data from the server until the server has closed
<a href=#626 id=626 data-nosnippet>626</a> /// the connection.
<a href=#627 id=627 data-nosnippet>627</a> ///
<a href=#628 id=628 data-nosnippet>628</a> /// This is a performance optimization which will significantly reduce the
<a href=#629 id=629 data-nosnippet>629</a> /// amount of upload bandwidth used by the prover.
<a href=#630 id=630 data-nosnippet>630</a> ///
<a href=#631 id=631 data-nosnippet>631</a> /// # Notes
<a href=#632 id=632 data-nosnippet>632</a> ///
<a href=#633 id=633 data-nosnippet>633</a> /// * The prover may need to close the connection to the server in order for
<a href=#634 id=634 data-nosnippet>634</a> /// it to close the connection on its end. If neither the prover or server
<a href=#635 id=635 data-nosnippet>635</a> /// close the connection this will cause a deadlock.
<a href=#636 id=636 data-nosnippet>636</a> </span><span class="kw">pub async fn </span>defer_decryption(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#637 id=637 data-nosnippet>637</a> <span class="self">self</span>.mpc_ctrl
<a href=#638 id=638 data-nosnippet>638</a> .defer_decryption()
<a href=#639 id=639 data-nosnippet>639</a> .<span class="kw">await
<a href=#640 id=640 data-nosnippet>640</a> </span>.map_err(ProverError::from)
<a href=#641 id=641 data-nosnippet>641</a> }
<a href=#642 id=642 data-nosnippet>642</a>}
<a href=#643 id=643 data-nosnippet>643</a>
<a href=#644 id=644 data-nosnippet>644</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#645 id=645 data-nosnippet>645</a></span><span class="kw">fn </span>translate_keys&lt;Mpc, Zk&gt;(keys: <span class="kw-2">&amp;mut </span>SessionKeys, vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#646 id=646 data-nosnippet>646</a> keys.client_write_key = vm
<a href=#647 id=647 data-nosnippet>647</a> .translate(keys.client_write_key)
<a href=#648 id=648 data-nosnippet>648</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#649 id=649 data-nosnippet>649</a> keys.client_write_iv = vm
<a href=#650 id=650 data-nosnippet>650</a> .translate(keys.client_write_iv)
<a href=#651 id=651 data-nosnippet>651</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#652 id=652 data-nosnippet>652</a> keys.server_write_key = vm
<a href=#653 id=653 data-nosnippet>653</a> .translate(keys.server_write_key)
<a href=#654 id=654 data-nosnippet>654</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#655 id=655 data-nosnippet>655</a> keys.server_write_iv = vm
<a href=#656 id=656 data-nosnippet>656</a> .translate(keys.server_write_iv)
<a href=#657 id=657 data-nosnippet>657</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#658 id=658 data-nosnippet>658</a> keys.server_write_mac_key = vm
<a href=#659 id=659 data-nosnippet>659</a> .translate(keys.server_write_mac_key)
<a href=#660 id=660 data-nosnippet>660</a> .map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#661 id=661 data-nosnippet>661</a>
<a href=#662 id=662 data-nosnippet>662</a> <span class="prelude-val">Ok</span>(())
<a href=#663 id=663 data-nosnippet>663</a>}
<a href=#664 id=664 data-nosnippet>664</a>
<a href=#665 id=665 data-nosnippet>665</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#666 id=666 data-nosnippet>666</a></span><span class="kw">fn </span>translate_transcript&lt;Mpc, Zk&gt;(
<a href=#667 id=667 data-nosnippet>667</a> transcript: <span class="kw-2">&amp;mut </span>TlsTranscript,
<a href=#668 id=668 data-nosnippet>668</a> vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;,
<a href=#669 id=669 data-nosnippet>669</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), ProverError&gt; {
<a href=#670 id=670 data-nosnippet>670</a> <span class="kw">for </span>Record { plaintext_ref, .. } <span class="kw">in </span>transcript.sent.iter_mut().chain(transcript.recv.iter_mut())
<a href=#671 id=671 data-nosnippet>671</a> {
<a href=#672 id=672 data-nosnippet>672</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(plaintext_ref) = plaintext_ref.as_mut() {
<a href=#673 id=673 data-nosnippet>673</a> <span class="kw-2">*</span>plaintext_ref = vm.translate(<span class="kw-2">*</span>plaintext_ref).map_err(ProverError::mpc)<span class="question-mark">?</span>;
<a href=#674 id=674 data-nosnippet>674</a> }
<a href=#675 id=675 data-nosnippet>675</a> }
<a href=#676 id=676 data-nosnippet>676</a>
<a href=#677 id=677 data-nosnippet>677</a> <span class="prelude-val">Ok</span>(())
<a href=#678 id=678 data-nosnippet>678</a>}</code></pre></div></section></main></body></html>

66
src/tlsn_prover/state.rs.html
View File

@@ -1,66 +0,0 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/prover/src/state.rs`."><title>state.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_prover" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_prover/</div>state.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS prover states.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::sync::Arc;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>mpz_common::Context;
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpc_tls::{MpcTlsLeader, SessionKeys};
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>tlsn_common::{
<a href=#9 id=9 data-nosnippet>9</a> mux::{MuxControl, MuxFuture},
<a href=#10 id=10 data-nosnippet>10</a> transcript::TranscriptRefs,
<a href=#11 id=11 data-nosnippet>11</a> zk_aes_ctr::ZkAesCtr,
<a href=#12 id=12 data-nosnippet>12</a>};
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>tlsn_core::{
<a href=#14 id=14 data-nosnippet>14</a> connection::{ConnectionInfo, ServerCertData},
<a href=#15 id=15 data-nosnippet>15</a> transcript::Transcript,
<a href=#16 id=16 data-nosnippet>16</a>};
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#18 id=18 data-nosnippet>18</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#19 id=19 data-nosnippet>19</a>
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">use crate</span>::{Mpc, Zk};
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="doccomment">/// Entry state
<a href=#23 id=23 data-nosnippet>23</a></span><span class="kw">pub struct </span>Initialized;
<a href=#24 id=24 data-nosnippet>24</a>
<a href=#25 id=25 data-nosnippet>25</a><span class="macro">opaque_debug::implement!</span>(Initialized);
<a href=#26 id=26 data-nosnippet>26</a>
<a href=#27 id=27 data-nosnippet>27</a><span class="doccomment">/// State after MPC setup has completed.
<a href=#28 id=28 data-nosnippet>28</a></span><span class="kw">pub struct </span>Setup {
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mpc_tls: MpcTlsLeader,
<a href=#32 id=32 data-nosnippet>32</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr: ZkAesCtr,
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">pub</span>(<span class="kw">crate</span>) keys: SessionKeys,
<a href=#34 id=34 data-nosnippet>34</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;,
<a href=#35 id=35 data-nosnippet>35</a>}
<a href=#36 id=36 data-nosnippet>36</a>
<a href=#37 id=37 data-nosnippet>37</a><span class="macro">opaque_debug::implement!</span>(Setup);
<a href=#38 id=38 data-nosnippet>38</a>
<a href=#39 id=39 data-nosnippet>39</a><span class="doccomment">/// State after the TLS connection has been committed and closed.
<a href=#40 id=40 data-nosnippet>40</a></span><span class="kw">pub struct </span>Committed {
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#42 id=42 data-nosnippet>42</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">pub</span>(<span class="kw">crate</span>) ctx: Context,
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">pub</span>(<span class="kw">crate</span>) _keys: SessionKeys,
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Zk,
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">pub</span>(<span class="kw">crate</span>) connection_info: ConnectionInfo,
<a href=#47 id=47 data-nosnippet>47</a> <span class="kw">pub</span>(<span class="kw">crate</span>) server_cert_data: ServerCertData,
<a href=#48 id=48 data-nosnippet>48</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript: Transcript,
<a href=#49 id=49 data-nosnippet>49</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript_refs: TranscriptRefs,
<a href=#50 id=50 data-nosnippet>50</a>}
<a href=#51 id=51 data-nosnippet>51</a>
<a href=#52 id=52 data-nosnippet>52</a><span class="macro">opaque_debug::implement!</span>(Committed);
<a href=#53 id=53 data-nosnippet>53</a>
<a href=#54 id=54 data-nosnippet>54</a><span class="attr">#[allow(missing_docs)]
<a href=#55 id=55 data-nosnippet>55</a></span><span class="kw">pub trait </span>ProverState: sealed::Sealed {}
<a href=#56 id=56 data-nosnippet>56</a>
<a href=#57 id=57 data-nosnippet>57</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Initialized {}
<a href=#58 id=58 data-nosnippet>58</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Setup {}
<a href=#59 id=59 data-nosnippet>59</a><span class="kw">impl </span>ProverState <span class="kw">for </span>Committed {}
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a><span class="kw">mod </span>sealed {
<a href=#62 id=62 data-nosnippet>62</a> <span class="kw">pub trait </span>Sealed {}
<a href=#63 id=63 data-nosnippet>63</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Initialized {}
<a href=#64 id=64 data-nosnippet>64</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Setup {}
<a href=#65 id=65 data-nosnippet>65</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Committed {}
<a href=#66 id=66 data-nosnippet>66</a>}</code></pre></div></section></main></body></html>

619
src/tlsn_verifier/lib.rs.html
View File

@@ -1,619 +0,0 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/verifier/src/lib.rs`."><title>lib.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_verifier" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_verifier/</div>lib.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLSNotary verifier library.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="attr">#![deny(missing_docs, unreachable_pub, unused_must_use)]
<a href=#4 id=4 data-nosnippet>4</a>#![deny(clippy::all)]
<a href=#5 id=5 data-nosnippet>5</a>#![forbid(unsafe_code)]
<a href=#6 id=6 data-nosnippet>6</a>
<a href=#7 id=7 data-nosnippet>7</a></span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">mod </span>config;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">mod </span>error;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">pub mod </span>state;
<a href=#10 id=10 data-nosnippet>10</a>
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>std::sync::Arc;
<a href=#12 id=12 data-nosnippet>12</a>
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">pub use </span>config::{VerifierConfig, VerifierConfigBuilder, VerifierConfigBuilderError};
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">pub use </span>error::VerifierError;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">pub use </span>tlsn_core::{VerifierOutput, VerifyConfig, VerifyConfigBuilder, VerifyConfigBuilderError};
<a href=#16 id=16 data-nosnippet>16</a>
<a href=#17 id=17 data-nosnippet>17</a><span class="kw">use </span>futures::{AsyncRead, AsyncWrite, TryFutureExt};
<a href=#18 id=18 data-nosnippet>18</a><span class="kw">use </span>mpc_tls::{FollowerData, MpcTlsFollower, SessionKeys};
<a href=#19 id=19 data-nosnippet>19</a><span class="kw">use </span>mpz_common::Context;
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">use </span>mpz_core::Block;
<a href=#21 id=21 data-nosnippet>21</a><span class="kw">use </span>mpz_garble_core::Delta;
<a href=#22 id=22 data-nosnippet>22</a><span class="kw">use </span>mpz_vm_core::prelude::<span class="kw-2">*</span>;
<a href=#23 id=23 data-nosnippet>23</a><span class="kw">use </span>serio::{stream::IoStreamExt, SinkExt};
<a href=#24 id=24 data-nosnippet>24</a><span class="kw">use </span>tls_core::msgs::enums::ContentType;
<a href=#25 id=25 data-nosnippet>25</a><span class="kw">use </span>tlsn_common::{
<a href=#26 id=26 data-nosnippet>26</a> commit::{commit_records, hash::verify_hash},
<a href=#27 id=27 data-nosnippet>27</a> config::ProtocolConfig,
<a href=#28 id=28 data-nosnippet>28</a> context::build_mt_context,
<a href=#29 id=29 data-nosnippet>29</a> encoding,
<a href=#30 id=30 data-nosnippet>30</a> mux::attach_mux,
<a href=#31 id=31 data-nosnippet>31</a> tag::verify_tags,
<a href=#32 id=32 data-nosnippet>32</a> transcript::{decode_transcript, verify_transcript, Record, TlsTranscript},
<a href=#33 id=33 data-nosnippet>33</a> zk_aes_ctr::ZkAesCtr,
<a href=#34 id=34 data-nosnippet>34</a> Role,
<a href=#35 id=35 data-nosnippet>35</a>};
<a href=#36 id=36 data-nosnippet>36</a><span class="kw">use </span>tlsn_core::{
<a href=#37 id=37 data-nosnippet>37</a> attestation::{Attestation, AttestationConfig},
<a href=#38 id=38 data-nosnippet>38</a> connection::{ConnectionInfo, ServerName, TlsVersion, TranscriptLength},
<a href=#39 id=39 data-nosnippet>39</a> request::Request,
<a href=#40 id=40 data-nosnippet>40</a> transcript::TranscriptCommitment,
<a href=#41 id=41 data-nosnippet>41</a> ProvePayload,
<a href=#42 id=42 data-nosnippet>42</a>};
<a href=#43 id=43 data-nosnippet>43</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#44 id=44 data-nosnippet>44</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#45 id=45 data-nosnippet>45</a><span class="kw">use </span>web_time::{SystemTime, UNIX_EPOCH};
<a href=#46 id=46 data-nosnippet>46</a>
<a href=#47 id=47 data-nosnippet>47</a><span class="kw">use </span>tracing::{debug, info, info_span, instrument, Span};
<a href=#48 id=48 data-nosnippet>48</a>
<a href=#49 id=49 data-nosnippet>49</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTSender = mpz_ot::rcot::shared::SharedRCOTSender&lt;
<a href=#50 id=50 data-nosnippet>50</a> mpz_ot::ferret::Sender&lt;mpz_ot::kos::Sender&lt;mpz_ot::chou_orlandi::Receiver&gt;&gt;,
<a href=#51 id=51 data-nosnippet>51</a> mpz_core::Block,
<a href=#52 id=52 data-nosnippet>52</a>&gt;;
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>RCOTReceiver = mpz_ot::rcot::shared::SharedRCOTReceiver&lt;
<a href=#54 id=54 data-nosnippet>54</a> mpz_ot::kos::Receiver&lt;mpz_ot::chou_orlandi::Sender&gt;,
<a href=#55 id=55 data-nosnippet>55</a> bool,
<a href=#56 id=56 data-nosnippet>56</a> mpz_core::Block,
<a href=#57 id=57 data-nosnippet>57</a>&gt;;
<a href=#58 id=58 data-nosnippet>58</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Mpc =
<a href=#59 id=59 data-nosnippet>59</a> mpz_garble::protocol::semihonest::Evaluator&lt;mpz_ot::cot::DerandCOTReceiver&lt;RCOTReceiver&gt;&gt;;
<a href=#60 id=60 data-nosnippet>60</a><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">type </span>Zk = mpz_zk::Verifier&lt;RCOTSender&gt;;
<a href=#61 id=61 data-nosnippet>61</a>
<a href=#62 id=62 data-nosnippet>62</a><span class="doccomment">/// Information about the TLS session.
<a href=#63 id=63 data-nosnippet>63</a></span><span class="attr">#[derive(Debug)]
<a href=#64 id=64 data-nosnippet>64</a></span><span class="kw">pub struct </span>SessionInfo {
<a href=#65 id=65 data-nosnippet>65</a> <span class="doccomment">/// Server's name.
<a href=#66 id=66 data-nosnippet>66</a> </span><span class="kw">pub </span>server_name: ServerName,
<a href=#67 id=67 data-nosnippet>67</a> <span class="doccomment">/// Connection information.
<a href=#68 id=68 data-nosnippet>68</a> </span><span class="kw">pub </span>connection_info: ConnectionInfo,
<a href=#69 id=69 data-nosnippet>69</a>}
<a href=#70 id=70 data-nosnippet>70</a>
<a href=#71 id=71 data-nosnippet>71</a><span class="doccomment">/// A Verifier instance.
<a href=#72 id=72 data-nosnippet>72</a></span><span class="kw">pub struct </span>Verifier&lt;T: state::VerifierState = state::Initialized&gt; {
<a href=#73 id=73 data-nosnippet>73</a> config: VerifierConfig,
<a href=#74 id=74 data-nosnippet>74</a> span: Span,
<a href=#75 id=75 data-nosnippet>75</a> state: T,
<a href=#76 id=76 data-nosnippet>76</a>}
<a href=#77 id=77 data-nosnippet>77</a>
<a href=#78 id=78 data-nosnippet>78</a><span class="kw">impl </span>Verifier&lt;state::Initialized&gt; {
<a href=#79 id=79 data-nosnippet>79</a> <span class="doccomment">/// Creates a new verifier.
<a href=#80 id=80 data-nosnippet>80</a> </span><span class="kw">pub fn </span>new(config: VerifierConfig) -&gt; <span class="self">Self </span>{
<a href=#81 id=81 data-nosnippet>81</a> <span class="kw">let </span>span = <span class="macro">info_span!</span>(<span class="string">"verifier"</span>);
<a href=#82 id=82 data-nosnippet>82</a> <span class="self">Self </span>{
<a href=#83 id=83 data-nosnippet>83</a> config,
<a href=#84 id=84 data-nosnippet>84</a> span,
<a href=#85 id=85 data-nosnippet>85</a> state: state::Initialized,
<a href=#86 id=86 data-nosnippet>86</a> }
<a href=#87 id=87 data-nosnippet>87</a> }
<a href=#88 id=88 data-nosnippet>88</a>
<a href=#89 id=89 data-nosnippet>89</a> <span class="doccomment">/// Sets up the verifier.
<a href=#90 id=90 data-nosnippet>90</a> ///
<a href=#91 id=91 data-nosnippet>91</a> /// This performs all MPC setup.
<a href=#92 id=92 data-nosnippet>92</a> ///
<a href=#93 id=93 data-nosnippet>93</a> /// # Arguments
<a href=#94 id=94 data-nosnippet>94</a> ///
<a href=#95 id=95 data-nosnippet>95</a> /// * `socket` - The socket to the prover.
<a href=#96 id=96 data-nosnippet>96</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#97 id=97 data-nosnippet>97</a> </span><span class="kw">pub async fn </span>setup&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#98 id=98 data-nosnippet>98</a> <span class="self">self</span>,
<a href=#99 id=99 data-nosnippet>99</a> socket: S,
<a href=#100 id=100 data-nosnippet>100</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Verifier&lt;state::Setup&gt;, VerifierError&gt; {
<a href=#101 id=101 data-nosnippet>101</a> <span class="kw">let </span>(<span class="kw-2">mut </span>mux_fut, mux_ctrl) = attach_mux(socket, Role::Verifier);
<a href=#102 id=102 data-nosnippet>102</a> <span class="kw">let </span><span class="kw-2">mut </span>mt = build_mt_context(mux_ctrl.clone());
<a href=#103 id=103 data-nosnippet>103</a> <span class="kw">let </span><span class="kw-2">mut </span>ctx = mux_fut.poll_with(mt.new_context()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#104 id=104 data-nosnippet>104</a>
<a href=#105 id=105 data-nosnippet>105</a> <span class="comment">// Receives protocol configuration from prover to perform compatibility check.
<a href=#106 id=106 data-nosnippet>106</a> </span><span class="kw">let </span>protocol_config = mux_fut
<a href=#107 id=107 data-nosnippet>107</a> .poll_with(<span class="kw">async </span>{
<a href=#108 id=108 data-nosnippet>108</a> <span class="kw">let </span>peer_configuration: ProtocolConfig = ctx.io_mut().expect_next().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#109 id=109 data-nosnippet>109</a> <span class="self">self</span>.config
<a href=#110 id=110 data-nosnippet>110</a> .protocol_config_validator()
<a href=#111 id=111 data-nosnippet>111</a> .validate(<span class="kw-2">&amp;</span>peer_configuration)<span class="question-mark">?</span>;
<a href=#112 id=112 data-nosnippet>112</a>
<a href=#113 id=113 data-nosnippet>113</a> <span class="prelude-val">Ok</span>::&lt;<span class="kw">_</span>, VerifierError&gt;(peer_configuration)
<a href=#114 id=114 data-nosnippet>114</a> })
<a href=#115 id=115 data-nosnippet>115</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#116 id=116 data-nosnippet>116</a>
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">let </span>delta = Delta::random(<span class="kw-2">&amp;mut </span>rand::rng());
<a href=#118 id=118 data-nosnippet>118</a> <span class="kw">let </span>(vm, <span class="kw-2">mut </span>mpc_tls) = build_mpc_tls(<span class="kw-2">&amp;</span><span class="self">self</span>.config, <span class="kw-2">&amp;</span>protocol_config, delta, ctx);
<a href=#119 id=119 data-nosnippet>119</a>
<a href=#120 id=120 data-nosnippet>120</a> <span class="comment">// Allocate resources for MPC-TLS in VM.
<a href=#121 id=121 data-nosnippet>121</a> </span><span class="kw">let </span><span class="kw-2">mut </span>keys = mpc_tls.alloc()<span class="question-mark">?</span>;
<a href=#122 id=122 data-nosnippet>122</a> translate_keys(<span class="kw-2">&amp;mut </span>keys, <span class="kw-2">&amp;</span>vm.try_lock().expect(<span class="string">"VM is not locked"</span>))<span class="question-mark">?</span>;
<a href=#123 id=123 data-nosnippet>123</a>
<a href=#124 id=124 data-nosnippet>124</a> <span class="comment">// Allocate for committing to plaintext.
<a href=#125 id=125 data-nosnippet>125</a> </span><span class="kw">let </span><span class="kw-2">mut </span>zk_aes_ctr = ZkAesCtr::new(Role::Verifier);
<a href=#126 id=126 data-nosnippet>126</a> zk_aes_ctr.set_key(keys.server_write_key, keys.server_write_iv);
<a href=#127 id=127 data-nosnippet>127</a> zk_aes_ctr.alloc(
<a href=#128 id=128 data-nosnippet>128</a> <span class="kw-2">&amp;mut </span>(<span class="kw-2">*</span>vm.try_lock().expect(<span class="string">"VM is not locked"</span>).zk()),
<a href=#129 id=129 data-nosnippet>129</a> protocol_config.max_recv_data(),
<a href=#130 id=130 data-nosnippet>130</a> )<span class="question-mark">?</span>;
<a href=#131 id=131 data-nosnippet>131</a>
<a href=#132 id=132 data-nosnippet>132</a> <span class="macro">debug!</span>(<span class="string">"setting up mpc-tls"</span>);
<a href=#133 id=133 data-nosnippet>133</a>
<a href=#134 id=134 data-nosnippet>134</a> mux_fut.poll_with(mpc_tls.preprocess()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#135 id=135 data-nosnippet>135</a>
<a href=#136 id=136 data-nosnippet>136</a> <span class="macro">debug!</span>(<span class="string">"mpc-tls setup complete"</span>);
<a href=#137 id=137 data-nosnippet>137</a>
<a href=#138 id=138 data-nosnippet>138</a> <span class="prelude-val">Ok</span>(Verifier {
<a href=#139 id=139 data-nosnippet>139</a> config: <span class="self">self</span>.config,
<a href=#140 id=140 data-nosnippet>140</a> span: <span class="self">self</span>.span,
<a href=#141 id=141 data-nosnippet>141</a> state: state::Setup {
<a href=#142 id=142 data-nosnippet>142</a> mux_ctrl,
<a href=#143 id=143 data-nosnippet>143</a> mux_fut,
<a href=#144 id=144 data-nosnippet>144</a> delta,
<a href=#145 id=145 data-nosnippet>145</a> mpc_tls,
<a href=#146 id=146 data-nosnippet>146</a> zk_aes_ctr,
<a href=#147 id=147 data-nosnippet>147</a> _keys: keys,
<a href=#148 id=148 data-nosnippet>148</a> vm,
<a href=#149 id=149 data-nosnippet>149</a> },
<a href=#150 id=150 data-nosnippet>150</a> })
<a href=#151 id=151 data-nosnippet>151</a> }
<a href=#152 id=152 data-nosnippet>152</a>
<a href=#153 id=153 data-nosnippet>153</a> <span class="doccomment">/// Runs the verifier to completion and attests to the TLS session.
<a href=#154 id=154 data-nosnippet>154</a> ///
<a href=#155 id=155 data-nosnippet>155</a> /// This is a convenience method which runs all the steps needed for
<a href=#156 id=156 data-nosnippet>156</a> /// notarization.
<a href=#157 id=157 data-nosnippet>157</a> ///
<a href=#158 id=158 data-nosnippet>158</a> /// # Arguments
<a href=#159 id=159 data-nosnippet>159</a> ///
<a href=#160 id=160 data-nosnippet>160</a> /// * `socket` - The socket to the prover.
<a href=#161 id=161 data-nosnippet>161</a> /// * `config` - The attestation configuration.
<a href=#162 id=162 data-nosnippet>162</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#163 id=163 data-nosnippet>163</a> #[deprecated(
<a href=#164 id=164 data-nosnippet>164</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#165 id=165 data-nosnippet>165</a> </span>)]
<a href=#166 id=166 data-nosnippet>166</a> </span><span class="kw">pub async fn </span>notarize&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#167 id=167 data-nosnippet>167</a> <span class="self">self</span>,
<a href=#168 id=168 data-nosnippet>168</a> socket: S,
<a href=#169 id=169 data-nosnippet>169</a> config: <span class="kw-2">&amp;</span>AttestationConfig,
<a href=#170 id=170 data-nosnippet>170</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Attestation, VerifierError&gt; {
<a href=#171 id=171 data-nosnippet>171</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = <span class="self">self</span>.setup(socket).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#172 id=172 data-nosnippet>172</a>
<a href=#173 id=173 data-nosnippet>173</a> <span class="attr">#[allow(deprecated)]
<a href=#174 id=174 data-nosnippet>174</a> </span><span class="kw">let </span>attestation = verifier.notarize(config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#175 id=175 data-nosnippet>175</a>
<a href=#176 id=176 data-nosnippet>176</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#177 id=177 data-nosnippet>177</a>
<a href=#178 id=178 data-nosnippet>178</a> <span class="prelude-val">Ok</span>(attestation)
<a href=#179 id=179 data-nosnippet>179</a> }
<a href=#180 id=180 data-nosnippet>180</a>
<a href=#181 id=181 data-nosnippet>181</a> <span class="doccomment">/// Runs the TLS verifier to completion, verifying the TLS session.
<a href=#182 id=182 data-nosnippet>182</a> ///
<a href=#183 id=183 data-nosnippet>183</a> /// This is a convenience method which runs all the steps needed for
<a href=#184 id=184 data-nosnippet>184</a> /// verification.
<a href=#185 id=185 data-nosnippet>185</a> ///
<a href=#186 id=186 data-nosnippet>186</a> /// # Arguments
<a href=#187 id=187 data-nosnippet>187</a> ///
<a href=#188 id=188 data-nosnippet>188</a> /// * `socket` - The socket to the prover.
<a href=#189 id=189 data-nosnippet>189</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#190 id=190 data-nosnippet>190</a> </span><span class="kw">pub async fn </span>verify&lt;S: AsyncWrite + AsyncRead + Send + Unpin + <span class="lifetime">'static</span>&gt;(
<a href=#191 id=191 data-nosnippet>191</a> <span class="self">self</span>,
<a href=#192 id=192 data-nosnippet>192</a> socket: S,
<a href=#193 id=193 data-nosnippet>193</a> config: <span class="kw-2">&amp;</span>VerifyConfig,
<a href=#194 id=194 data-nosnippet>194</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput, VerifierError&gt; {
<a href=#195 id=195 data-nosnippet>195</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = <span class="self">self</span>.setup(socket).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#196 id=196 data-nosnippet>196</a>
<a href=#197 id=197 data-nosnippet>197</a> <span class="kw">let </span>output = verifier.verify(config).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#198 id=198 data-nosnippet>198</a>
<a href=#199 id=199 data-nosnippet>199</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#200 id=200 data-nosnippet>200</a>
<a href=#201 id=201 data-nosnippet>201</a> <span class="prelude-val">Ok</span>(output)
<a href=#202 id=202 data-nosnippet>202</a> }
<a href=#203 id=203 data-nosnippet>203</a>}
<a href=#204 id=204 data-nosnippet>204</a>
<a href=#205 id=205 data-nosnippet>205</a><span class="kw">impl </span>Verifier&lt;state::Setup&gt; {
<a href=#206 id=206 data-nosnippet>206</a> <span class="doccomment">/// Runs the verifier until the TLS connection is closed.
<a href=#207 id=207 data-nosnippet>207</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#208 id=208 data-nosnippet>208</a> </span><span class="kw">pub async fn </span>run(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;Verifier&lt;state::Committed&gt;, VerifierError&gt; {
<a href=#209 id=209 data-nosnippet>209</a> <span class="kw">let </span>state::Setup {
<a href=#210 id=210 data-nosnippet>210</a> mux_ctrl,
<a href=#211 id=211 data-nosnippet>211</a> <span class="kw-2">mut </span>mux_fut,
<a href=#212 id=212 data-nosnippet>212</a> delta,
<a href=#213 id=213 data-nosnippet>213</a> mpc_tls,
<a href=#214 id=214 data-nosnippet>214</a> <span class="kw-2">mut </span>zk_aes_ctr,
<a href=#215 id=215 data-nosnippet>215</a> vm,
<a href=#216 id=216 data-nosnippet>216</a> ..
<a href=#217 id=217 data-nosnippet>217</a> } = <span class="self">self</span>.state;
<a href=#218 id=218 data-nosnippet>218</a>
<a href=#219 id=219 data-nosnippet>219</a> <span class="kw">let </span>start_time = SystemTime::now()
<a href=#220 id=220 data-nosnippet>220</a> .duration_since(UNIX_EPOCH)
<a href=#221 id=221 data-nosnippet>221</a> .expect(<span class="string">"system time should be available"</span>)
<a href=#222 id=222 data-nosnippet>222</a> .as_secs();
<a href=#223 id=223 data-nosnippet>223</a>
<a href=#224 id=224 data-nosnippet>224</a> <span class="macro">info!</span>(<span class="string">"starting MPC-TLS"</span>);
<a href=#225 id=225 data-nosnippet>225</a>
<a href=#226 id=226 data-nosnippet>226</a> <span class="kw">let </span>(
<a href=#227 id=227 data-nosnippet>227</a> <span class="kw-2">mut </span>ctx,
<a href=#228 id=228 data-nosnippet>228</a> FollowerData {
<a href=#229 id=229 data-nosnippet>229</a> server_key,
<a href=#230 id=230 data-nosnippet>230</a> <span class="kw-2">mut </span>transcript,
<a href=#231 id=231 data-nosnippet>231</a> keys,
<a href=#232 id=232 data-nosnippet>232</a> ..
<a href=#233 id=233 data-nosnippet>233</a> },
<a href=#234 id=234 data-nosnippet>234</a> ) = mux_fut.poll_with(mpc_tls.run()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#235 id=235 data-nosnippet>235</a>
<a href=#236 id=236 data-nosnippet>236</a> <span class="macro">info!</span>(<span class="string">"finished MPC-TLS"</span>);
<a href=#237 id=237 data-nosnippet>237</a>
<a href=#238 id=238 data-nosnippet>238</a> {
<a href=#239 id=239 data-nosnippet>239</a> <span class="kw">let </span><span class="kw-2">mut </span>vm = vm.try_lock().expect(<span class="string">"VM should not be locked"</span>);
<a href=#240 id=240 data-nosnippet>240</a>
<a href=#241 id=241 data-nosnippet>241</a> translate_transcript(<span class="kw-2">&amp;mut </span>transcript, <span class="kw-2">&amp;</span>vm)<span class="question-mark">?</span>;
<a href=#242 id=242 data-nosnippet>242</a>
<a href=#243 id=243 data-nosnippet>243</a> <span class="macro">debug!</span>(<span class="string">"finalizing mpc"</span>);
<a href=#244 id=244 data-nosnippet>244</a>
<a href=#245 id=245 data-nosnippet>245</a> mux_fut
<a href=#246 id=246 data-nosnippet>246</a> .poll_with(vm.finalize(<span class="kw-2">&amp;mut </span>ctx))
<a href=#247 id=247 data-nosnippet>247</a> .<span class="kw">await
<a href=#248 id=248 data-nosnippet>248</a> </span>.map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#249 id=249 data-nosnippet>249</a>
<a href=#250 id=250 data-nosnippet>250</a> <span class="macro">debug!</span>(<span class="string">"mpc finalized"</span>);
<a href=#251 id=251 data-nosnippet>251</a> }
<a href=#252 id=252 data-nosnippet>252</a>
<a href=#253 id=253 data-nosnippet>253</a> <span class="comment">// Pull out ZK VM.
<a href=#254 id=254 data-nosnippet>254</a> </span><span class="kw">let </span>(<span class="kw">_</span>, <span class="kw-2">mut </span>vm) = Arc::into_inner(vm)
<a href=#255 id=255 data-nosnippet>255</a> .expect(<span class="string">"vm should have only 1 reference"</span>)
<a href=#256 id=256 data-nosnippet>256</a> .into_inner()
<a href=#257 id=257 data-nosnippet>257</a> .into_inner();
<a href=#258 id=258 data-nosnippet>258</a>
<a href=#259 id=259 data-nosnippet>259</a> <span class="comment">// Prepare for the prover to prove tag verification of the received
<a href=#260 id=260 data-nosnippet>260</a> // records.
<a href=#261 id=261 data-nosnippet>261</a> </span><span class="kw">let </span>tag_proof = verify_tags(
<a href=#262 id=262 data-nosnippet>262</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#263 id=263 data-nosnippet>263</a> (keys.server_write_key, keys.server_write_iv),
<a href=#264 id=264 data-nosnippet>264</a> keys.server_write_mac_key,
<a href=#265 id=265 data-nosnippet>265</a> transcript.recv.clone(),
<a href=#266 id=266 data-nosnippet>266</a> )
<a href=#267 id=267 data-nosnippet>267</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#268 id=268 data-nosnippet>268</a>
<a href=#269 id=269 data-nosnippet>269</a> <span class="comment">// Prepare for the prover to prove received plaintext.
<a href=#270 id=270 data-nosnippet>270</a> </span><span class="kw">let </span>proof = commit_records(
<a href=#271 id=271 data-nosnippet>271</a> <span class="kw-2">&amp;mut </span>vm,
<a href=#272 id=272 data-nosnippet>272</a> <span class="kw-2">&amp;mut </span>zk_aes_ctr,
<a href=#273 id=273 data-nosnippet>273</a> transcript
<a href=#274 id=274 data-nosnippet>274</a> .recv
<a href=#275 id=275 data-nosnippet>275</a> .iter_mut()
<a href=#276 id=276 data-nosnippet>276</a> .filter(|record| record.typ == ContentType::ApplicationData),
<a href=#277 id=277 data-nosnippet>277</a> )
<a href=#278 id=278 data-nosnippet>278</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#279 id=279 data-nosnippet>279</a>
<a href=#280 id=280 data-nosnippet>280</a> mux_fut
<a href=#281 id=281 data-nosnippet>281</a> .poll_with(vm.execute_all(<span class="kw-2">&amp;mut </span>ctx).map_err(VerifierError::zk))
<a href=#282 id=282 data-nosnippet>282</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#283 id=283 data-nosnippet>283</a>
<a href=#284 id=284 data-nosnippet>284</a> <span class="comment">// Verify the tags.
<a href=#285 id=285 data-nosnippet>285</a> // After the verification, the entire TLS trancript becomes
<a href=#286 id=286 data-nosnippet>286</a> // authenticated from the verifier's perspective.
<a href=#287 id=287 data-nosnippet>287</a> </span>tag_proof.verify().map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#288 id=288 data-nosnippet>288</a>
<a href=#289 id=289 data-nosnippet>289</a> <span class="comment">// Verify the plaintext proofs.
<a href=#290 id=290 data-nosnippet>290</a> </span>proof.verify().map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#291 id=291 data-nosnippet>291</a>
<a href=#292 id=292 data-nosnippet>292</a> <span class="kw">let </span>sent = transcript
<a href=#293 id=293 data-nosnippet>293</a> .sent
<a href=#294 id=294 data-nosnippet>294</a> .iter()
<a href=#295 id=295 data-nosnippet>295</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#296 id=296 data-nosnippet>296</a> .map(|record| record.ciphertext.len())
<a href=#297 id=297 data-nosnippet>297</a> .sum::&lt;usize&gt;() <span class="kw">as </span>u32;
<a href=#298 id=298 data-nosnippet>298</a> <span class="kw">let </span>received = transcript
<a href=#299 id=299 data-nosnippet>299</a> .recv
<a href=#300 id=300 data-nosnippet>300</a> .iter()
<a href=#301 id=301 data-nosnippet>301</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#302 id=302 data-nosnippet>302</a> .map(|record| record.ciphertext.len())
<a href=#303 id=303 data-nosnippet>303</a> .sum::&lt;usize&gt;() <span class="kw">as </span>u32;
<a href=#304 id=304 data-nosnippet>304</a>
<a href=#305 id=305 data-nosnippet>305</a> <span class="kw">let </span>transcript_refs = transcript
<a href=#306 id=306 data-nosnippet>306</a> .to_transcript_refs()
<a href=#307 id=307 data-nosnippet>307</a> .expect(<span class="string">"transcript should be complete"</span>);
<a href=#308 id=308 data-nosnippet>308</a>
<a href=#309 id=309 data-nosnippet>309</a> <span class="kw">let </span>connection_info = ConnectionInfo {
<a href=#310 id=310 data-nosnippet>310</a> time: start_time,
<a href=#311 id=311 data-nosnippet>311</a> version: TlsVersion::V1_2,
<a href=#312 id=312 data-nosnippet>312</a> transcript_length: TranscriptLength { sent, received },
<a href=#313 id=313 data-nosnippet>313</a> };
<a href=#314 id=314 data-nosnippet>314</a>
<a href=#315 id=315 data-nosnippet>315</a> <span class="prelude-val">Ok</span>(Verifier {
<a href=#316 id=316 data-nosnippet>316</a> config: <span class="self">self</span>.config,
<a href=#317 id=317 data-nosnippet>317</a> span: <span class="self">self</span>.span,
<a href=#318 id=318 data-nosnippet>318</a> state: state::Committed {
<a href=#319 id=319 data-nosnippet>319</a> mux_ctrl,
<a href=#320 id=320 data-nosnippet>320</a> mux_fut,
<a href=#321 id=321 data-nosnippet>321</a> delta,
<a href=#322 id=322 data-nosnippet>322</a> ctx,
<a href=#323 id=323 data-nosnippet>323</a> vm,
<a href=#324 id=324 data-nosnippet>324</a> server_ephemeral_key: server_key
<a href=#325 id=325 data-nosnippet>325</a> .try_into()
<a href=#326 id=326 data-nosnippet>326</a> .expect(<span class="string">"only supported key type should have been accepted"</span>),
<a href=#327 id=327 data-nosnippet>327</a> connection_info,
<a href=#328 id=328 data-nosnippet>328</a> transcript_refs,
<a href=#329 id=329 data-nosnippet>329</a> },
<a href=#330 id=330 data-nosnippet>330</a> })
<a href=#331 id=331 data-nosnippet>331</a> }
<a href=#332 id=332 data-nosnippet>332</a>}
<a href=#333 id=333 data-nosnippet>333</a>
<a href=#334 id=334 data-nosnippet>334</a><span class="kw">impl </span>Verifier&lt;state::Committed&gt; {
<a href=#335 id=335 data-nosnippet>335</a> <span class="doccomment">/// Returns the connection information.
<a href=#336 id=336 data-nosnippet>336</a> </span><span class="kw">pub fn </span>connection_info(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; <span class="kw-2">&amp;</span>ConnectionInfo {
<a href=#337 id=337 data-nosnippet>337</a> <span class="kw-2">&amp;</span><span class="self">self</span>.state.connection_info
<a href=#338 id=338 data-nosnippet>338</a> }
<a href=#339 id=339 data-nosnippet>339</a>
<a href=#340 id=340 data-nosnippet>340</a> <span class="doccomment">/// Verifies information from the prover.
<a href=#341 id=341 data-nosnippet>341</a> ///
<a href=#342 id=342 data-nosnippet>342</a> /// # Arguments
<a href=#343 id=343 data-nosnippet>343</a> ///
<a href=#344 id=344 data-nosnippet>344</a> /// * `config` - Verification configuration.
<a href=#345 id=345 data-nosnippet>345</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#346 id=346 data-nosnippet>346</a> </span><span class="kw">pub async fn </span>verify(
<a href=#347 id=347 data-nosnippet>347</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#348 id=348 data-nosnippet>348</a> <span class="attr">#[allow(unused_variables)] </span>config: <span class="kw-2">&amp;</span>VerifyConfig,
<a href=#349 id=349 data-nosnippet>349</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput, VerifierError&gt; {
<a href=#350 id=350 data-nosnippet>350</a> <span class="kw">let </span>state::Committed {
<a href=#351 id=351 data-nosnippet>351</a> mux_fut,
<a href=#352 id=352 data-nosnippet>352</a> ctx,
<a href=#353 id=353 data-nosnippet>353</a> delta,
<a href=#354 id=354 data-nosnippet>354</a> vm,
<a href=#355 id=355 data-nosnippet>355</a> connection_info,
<a href=#356 id=356 data-nosnippet>356</a> server_ephemeral_key,
<a href=#357 id=357 data-nosnippet>357</a> transcript_refs,
<a href=#358 id=358 data-nosnippet>358</a> ..
<a href=#359 id=359 data-nosnippet>359</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#360 id=360 data-nosnippet>360</a>
<a href=#361 id=361 data-nosnippet>361</a> <span class="kw">let </span>ProvePayload {
<a href=#362 id=362 data-nosnippet>362</a> server_identity,
<a href=#363 id=363 data-nosnippet>363</a> transcript,
<a href=#364 id=364 data-nosnippet>364</a> transcript_commit,
<a href=#365 id=365 data-nosnippet>365</a> } = mux_fut
<a href=#366 id=366 data-nosnippet>366</a> .poll_with(ctx.io_mut().expect_next().map_err(VerifierError::from))
<a href=#367 id=367 data-nosnippet>367</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#368 id=368 data-nosnippet>368</a>
<a href=#369 id=369 data-nosnippet>369</a> <span class="kw">let </span>server_name = <span class="kw">if let </span><span class="prelude-val">Some</span>((name, cert_data)) = server_identity {
<a href=#370 id=370 data-nosnippet>370</a> cert_data
<a href=#371 id=371 data-nosnippet>371</a> .verify_with_provider(
<a href=#372 id=372 data-nosnippet>372</a> <span class="self">self</span>.config.crypto_provider(),
<a href=#373 id=373 data-nosnippet>373</a> connection_info.time,
<a href=#374 id=374 data-nosnippet>374</a> server_ephemeral_key,
<a href=#375 id=375 data-nosnippet>375</a> <span class="kw-2">&amp;</span>name,
<a href=#376 id=376 data-nosnippet>376</a> )
<a href=#377 id=377 data-nosnippet>377</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>;
<a href=#378 id=378 data-nosnippet>378</a>
<a href=#379 id=379 data-nosnippet>379</a> <span class="prelude-val">Some</span>(name)
<a href=#380 id=380 data-nosnippet>380</a> } <span class="kw">else </span>{
<a href=#381 id=381 data-nosnippet>381</a> <span class="prelude-val">None
<a href=#382 id=382 data-nosnippet>382</a> </span>};
<a href=#383 id=383 data-nosnippet>383</a>
<a href=#384 id=384 data-nosnippet>384</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = <span class="kw-2">&amp;</span>transcript {
<a href=#385 id=385 data-nosnippet>385</a> <span class="comment">// Check ranges.
<a href=#386 id=386 data-nosnippet>386</a> </span><span class="kw">if </span>partial_transcript.len_sent() != connection_info.transcript_length.sent <span class="kw">as </span>usize
<a href=#387 id=387 data-nosnippet>387</a> || partial_transcript.len_received()
<a href=#388 id=388 data-nosnippet>388</a> != connection_info.transcript_length.received <span class="kw">as </span>usize
<a href=#389 id=389 data-nosnippet>389</a> {
<a href=#390 id=390 data-nosnippet>390</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::verify(
<a href=#391 id=391 data-nosnippet>391</a> <span class="string">"prover sent transcript with incorrect length"</span>,
<a href=#392 id=392 data-nosnippet>392</a> ));
<a href=#393 id=393 data-nosnippet>393</a> }
<a href=#394 id=394 data-nosnippet>394</a>
<a href=#395 id=395 data-nosnippet>395</a> decode_transcript(
<a href=#396 id=396 data-nosnippet>396</a> vm,
<a href=#397 id=397 data-nosnippet>397</a> partial_transcript.sent_authed(),
<a href=#398 id=398 data-nosnippet>398</a> partial_transcript.received_authed(),
<a href=#399 id=399 data-nosnippet>399</a> transcript_refs,
<a href=#400 id=400 data-nosnippet>400</a> )
<a href=#401 id=401 data-nosnippet>401</a> .map_err(VerifierError::zk)<span class="question-mark">?</span>;
<a href=#402 id=402 data-nosnippet>402</a> }
<a href=#403 id=403 data-nosnippet>403</a>
<a href=#404 id=404 data-nosnippet>404</a> <span class="kw">let </span><span class="kw-2">mut </span>transcript_commitments = Vec::new();
<a href=#405 id=405 data-nosnippet>405</a> <span class="kw">let </span><span class="kw-2">mut </span>hash_commitments = <span class="prelude-val">None</span>;
<a href=#406 id=406 data-nosnippet>406</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(commit_config) = transcript_commit {
<a href=#407 id=407 data-nosnippet>407</a> <span class="kw">if </span>commit_config.encoding() {
<a href=#408 id=408 data-nosnippet>408</a> <span class="kw">let </span>commitment = mux_fut
<a href=#409 id=409 data-nosnippet>409</a> .poll_with(encoding::transfer(
<a href=#410 id=410 data-nosnippet>410</a> ctx,
<a href=#411 id=411 data-nosnippet>411</a> transcript_refs,
<a href=#412 id=412 data-nosnippet>412</a> delta,
<a href=#413 id=413 data-nosnippet>413</a> |plaintext| vm.get_keys(plaintext).expect(<span class="string">"reference is valid"</span>),
<a href=#414 id=414 data-nosnippet>414</a> ))
<a href=#415 id=415 data-nosnippet>415</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#416 id=416 data-nosnippet>416</a>
<a href=#417 id=417 data-nosnippet>417</a> transcript_commitments.push(TranscriptCommitment::Encoding(commitment));
<a href=#418 id=418 data-nosnippet>418</a> }
<a href=#419 id=419 data-nosnippet>419</a>
<a href=#420 id=420 data-nosnippet>420</a> <span class="kw">if </span>commit_config.has_hash() {
<a href=#421 id=421 data-nosnippet>421</a> hash_commitments = <span class="prelude-val">Some</span>(
<a href=#422 id=422 data-nosnippet>422</a> verify_hash(vm, transcript_refs, commit_config.iter_hash().cloned())
<a href=#423 id=423 data-nosnippet>423</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>,
<a href=#424 id=424 data-nosnippet>424</a> );
<a href=#425 id=425 data-nosnippet>425</a> }
<a href=#426 id=426 data-nosnippet>426</a> }
<a href=#427 id=427 data-nosnippet>427</a>
<a href=#428 id=428 data-nosnippet>428</a> mux_fut
<a href=#429 id=429 data-nosnippet>429</a> .poll_with(vm.execute_all(ctx).map_err(VerifierError::zk))
<a href=#430 id=430 data-nosnippet>430</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#431 id=431 data-nosnippet>431</a>
<a href=#432 id=432 data-nosnippet>432</a> <span class="comment">// Verify revealed data.
<a href=#433 id=433 data-nosnippet>433</a> </span><span class="kw">if let </span><span class="prelude-val">Some</span>(partial_transcript) = <span class="kw-2">&amp;</span>transcript {
<a href=#434 id=434 data-nosnippet>434</a> verify_transcript(vm, partial_transcript, transcript_refs)
<a href=#435 id=435 data-nosnippet>435</a> .map_err(VerifierError::verify)<span class="question-mark">?</span>;
<a href=#436 id=436 data-nosnippet>436</a> }
<a href=#437 id=437 data-nosnippet>437</a>
<a href=#438 id=438 data-nosnippet>438</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(hash_commitments) = hash_commitments {
<a href=#439 id=439 data-nosnippet>439</a> <span class="kw">for </span>commitment <span class="kw">in </span>hash_commitments.try_recv().map_err(VerifierError::verify)<span class="question-mark">? </span>{
<a href=#440 id=440 data-nosnippet>440</a> transcript_commitments.push(TranscriptCommitment::Hash(commitment));
<a href=#441 id=441 data-nosnippet>441</a> }
<a href=#442 id=442 data-nosnippet>442</a> }
<a href=#443 id=443 data-nosnippet>443</a>
<a href=#444 id=444 data-nosnippet>444</a> <span class="prelude-val">Ok</span>(VerifierOutput {
<a href=#445 id=445 data-nosnippet>445</a> server_name,
<a href=#446 id=446 data-nosnippet>446</a> transcript,
<a href=#447 id=447 data-nosnippet>447</a> transcript_commitments,
<a href=#448 id=448 data-nosnippet>448</a> })
<a href=#449 id=449 data-nosnippet>449</a> }
<a href=#450 id=450 data-nosnippet>450</a>
<a href=#451 id=451 data-nosnippet>451</a> <span class="doccomment">/// Attests to the TLS session.
<a href=#452 id=452 data-nosnippet>452</a> ///
<a href=#453 id=453 data-nosnippet>453</a> /// # Arguments
<a href=#454 id=454 data-nosnippet>454</a> ///
<a href=#455 id=455 data-nosnippet>455</a> /// * `config` - Attestation configuration.
<a href=#456 id=456 data-nosnippet>456</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#457 id=457 data-nosnippet>457</a> #[deprecated(
<a href=#458 id=458 data-nosnippet>458</a> note = <span class="string">"attestation functionality will be removed from this API in future releases."
<a href=#459 id=459 data-nosnippet>459</a> </span>)]
<a href=#460 id=460 data-nosnippet>460</a> </span><span class="kw">pub async fn </span>notarize(
<a href=#461 id=461 data-nosnippet>461</a> <span class="kw-2">&amp;mut </span><span class="self">self</span>,
<a href=#462 id=462 data-nosnippet>462</a> config: <span class="kw-2">&amp;</span>AttestationConfig,
<a href=#463 id=463 data-nosnippet>463</a> ) -&gt; <span class="prelude-ty">Result</span>&lt;Attestation, VerifierError&gt; {
<a href=#464 id=464 data-nosnippet>464</a> <span class="kw">let </span>VerifierOutput {
<a href=#465 id=465 data-nosnippet>465</a> server_name,
<a href=#466 id=466 data-nosnippet>466</a> transcript,
<a href=#467 id=467 data-nosnippet>467</a> transcript_commitments,
<a href=#468 id=468 data-nosnippet>468</a> } = <span class="self">self</span>.verify(<span class="kw-2">&amp;</span>VerifyConfig::default()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#469 id=469 data-nosnippet>469</a>
<a href=#470 id=470 data-nosnippet>470</a> <span class="kw">if </span>server_name.is_some() {
<a href=#471 id=471 data-nosnippet>471</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::attestation(
<a href=#472 id=472 data-nosnippet>472</a> <span class="string">"server name can not be revealed to a notary"</span>,
<a href=#473 id=473 data-nosnippet>473</a> ));
<a href=#474 id=474 data-nosnippet>474</a> } <span class="kw">else if </span>transcript.is_some() {
<a href=#475 id=475 data-nosnippet>475</a> <span class="kw">return </span><span class="prelude-val">Err</span>(VerifierError::attestation(
<a href=#476 id=476 data-nosnippet>476</a> <span class="string">"transcript data can not be revealed to a notary"</span>,
<a href=#477 id=477 data-nosnippet>477</a> ));
<a href=#478 id=478 data-nosnippet>478</a> }
<a href=#479 id=479 data-nosnippet>479</a>
<a href=#480 id=480 data-nosnippet>480</a> <span class="kw">let </span>state::Committed {
<a href=#481 id=481 data-nosnippet>481</a> mux_fut,
<a href=#482 id=482 data-nosnippet>482</a> ctx,
<a href=#483 id=483 data-nosnippet>483</a> server_ephemeral_key,
<a href=#484 id=484 data-nosnippet>484</a> connection_info,
<a href=#485 id=485 data-nosnippet>485</a> ..
<a href=#486 id=486 data-nosnippet>486</a> } = <span class="kw-2">&amp;mut </span><span class="self">self</span>.state;
<a href=#487 id=487 data-nosnippet>487</a>
<a href=#488 id=488 data-nosnippet>488</a> <span class="kw">let </span>request: Request = mux_fut
<a href=#489 id=489 data-nosnippet>489</a> .poll_with(ctx.io_mut().expect_next().map_err(VerifierError::from))
<a href=#490 id=490 data-nosnippet>490</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#491 id=491 data-nosnippet>491</a>
<a href=#492 id=492 data-nosnippet>492</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = Attestation::builder(config)
<a href=#493 id=493 data-nosnippet>493</a> .accept_request(request)
<a href=#494 id=494 data-nosnippet>494</a> .map_err(VerifierError::attestation)<span class="question-mark">?</span>;
<a href=#495 id=495 data-nosnippet>495</a>
<a href=#496 id=496 data-nosnippet>496</a> builder
<a href=#497 id=497 data-nosnippet>497</a> .connection_info(connection_info.clone())
<a href=#498 id=498 data-nosnippet>498</a> .server_ephemeral_key(server_ephemeral_key.clone())
<a href=#499 id=499 data-nosnippet>499</a> .transcript_commitments(transcript_commitments);
<a href=#500 id=500 data-nosnippet>500</a>
<a href=#501 id=501 data-nosnippet>501</a> <span class="kw">let </span>attestation = builder
<a href=#502 id=502 data-nosnippet>502</a> .build(<span class="self">self</span>.config.crypto_provider())
<a href=#503 id=503 data-nosnippet>503</a> .map_err(VerifierError::attestation)<span class="question-mark">?</span>;
<a href=#504 id=504 data-nosnippet>504</a>
<a href=#505 id=505 data-nosnippet>505</a> mux_fut
<a href=#506 id=506 data-nosnippet>506</a> .poll_with(
<a href=#507 id=507 data-nosnippet>507</a> ctx.io_mut()
<a href=#508 id=508 data-nosnippet>508</a> .send(attestation.clone())
<a href=#509 id=509 data-nosnippet>509</a> .map_err(VerifierError::from),
<a href=#510 id=510 data-nosnippet>510</a> )
<a href=#511 id=511 data-nosnippet>511</a> .<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#512 id=512 data-nosnippet>512</a>
<a href=#513 id=513 data-nosnippet>513</a> <span class="macro">info!</span>(<span class="string">"Sent attestation"</span>);
<a href=#514 id=514 data-nosnippet>514</a>
<a href=#515 id=515 data-nosnippet>515</a> <span class="prelude-val">Ok</span>(attestation)
<a href=#516 id=516 data-nosnippet>516</a> }
<a href=#517 id=517 data-nosnippet>517</a>
<a href=#518 id=518 data-nosnippet>518</a> <span class="doccomment">/// Closes the connection with the prover.
<a href=#519 id=519 data-nosnippet>519</a> </span><span class="attr">#[instrument(parent = <span class="kw-2">&amp;</span><span class="self">self</span>.span, level = <span class="string">"info"</span>, skip_all, err)]
<a href=#520 id=520 data-nosnippet>520</a> </span><span class="kw">pub async fn </span>close(<span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VerifierError&gt; {
<a href=#521 id=521 data-nosnippet>521</a> <span class="kw">let </span>state::Committed {
<a href=#522 id=522 data-nosnippet>522</a> mux_ctrl, mux_fut, ..
<a href=#523 id=523 data-nosnippet>523</a> } = <span class="self">self</span>.state;
<a href=#524 id=524 data-nosnippet>524</a>
<a href=#525 id=525 data-nosnippet>525</a> <span class="comment">// Wait for the prover to correctly close the connection.
<a href=#526 id=526 data-nosnippet>526</a> </span><span class="kw">if </span>!mux_fut.is_complete() {
<a href=#527 id=527 data-nosnippet>527</a> mux_ctrl.close();
<a href=#528 id=528 data-nosnippet>528</a> mux_fut.<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#529 id=529 data-nosnippet>529</a> }
<a href=#530 id=530 data-nosnippet>530</a>
<a href=#531 id=531 data-nosnippet>531</a> <span class="prelude-val">Ok</span>(())
<a href=#532 id=532 data-nosnippet>532</a> }
<a href=#533 id=533 data-nosnippet>533</a>}
<a href=#534 id=534 data-nosnippet>534</a>
<a href=#535 id=535 data-nosnippet>535</a><span class="kw">fn </span>build_mpc_tls(
<a href=#536 id=536 data-nosnippet>536</a> config: <span class="kw-2">&amp;</span>VerifierConfig,
<a href=#537 id=537 data-nosnippet>537</a> protocol_config: <span class="kw-2">&amp;</span>ProtocolConfig,
<a href=#538 id=538 data-nosnippet>538</a> delta: Delta,
<a href=#539 id=539 data-nosnippet>539</a> ctx: Context,
<a href=#540 id=540 data-nosnippet>540</a>) -&gt; (Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;, MpcTlsFollower) {
<a href=#541 id=541 data-nosnippet>541</a> <span class="kw">let </span><span class="kw-2">mut </span>rng = rand::rng();
<a href=#542 id=542 data-nosnippet>542</a>
<a href=#543 id=543 data-nosnippet>543</a> <span class="kw">let </span>base_ot_send = mpz_ot::chou_orlandi::Sender::default();
<a href=#544 id=544 data-nosnippet>544</a> <span class="kw">let </span>base_ot_recv = mpz_ot::chou_orlandi::Receiver::default();
<a href=#545 id=545 data-nosnippet>545</a> <span class="kw">let </span>rcot_send = mpz_ot::kos::Sender::new(
<a href=#546 id=546 data-nosnippet>546</a> mpz_ot::kos::SenderConfig::default(),
<a href=#547 id=547 data-nosnippet>547</a> delta.into_inner(),
<a href=#548 id=548 data-nosnippet>548</a> base_ot_recv,
<a href=#549 id=549 data-nosnippet>549</a> );
<a href=#550 id=550 data-nosnippet>550</a> <span class="kw">let </span>rcot_send = mpz_ot::ferret::Sender::new(
<a href=#551 id=551 data-nosnippet>551</a> mpz_ot::ferret::FerretConfig::builder()
<a href=#552 id=552 data-nosnippet>552</a> .lpn_type(mpz_ot::ferret::LpnType::Regular)
<a href=#553 id=553 data-nosnippet>553</a> .build()
<a href=#554 id=554 data-nosnippet>554</a> .expect(<span class="string">"ferret config is valid"</span>),
<a href=#555 id=555 data-nosnippet>555</a> Block::random(<span class="kw-2">&amp;mut </span>rng),
<a href=#556 id=556 data-nosnippet>556</a> rcot_send,
<a href=#557 id=557 data-nosnippet>557</a> );
<a href=#558 id=558 data-nosnippet>558</a> <span class="kw">let </span>rcot_recv =
<a href=#559 id=559 data-nosnippet>559</a> mpz_ot::kos::Receiver::new(mpz_ot::kos::ReceiverConfig::default(), base_ot_send);
<a href=#560 id=560 data-nosnippet>560</a>
<a href=#561 id=561 data-nosnippet>561</a> <span class="kw">let </span>rcot_send = mpz_ot::rcot::shared::SharedRCOTSender::new(rcot_send);
<a href=#562 id=562 data-nosnippet>562</a> <span class="kw">let </span>rcot_recv = mpz_ot::rcot::shared::SharedRCOTReceiver::new(rcot_recv);
<a href=#563 id=563 data-nosnippet>563</a>
<a href=#564 id=564 data-nosnippet>564</a> <span class="kw">let </span>mpc = Mpc::new(mpz_ot::cot::DerandCOTReceiver::new(rcot_recv.clone()));
<a href=#565 id=565 data-nosnippet>565</a>
<a href=#566 id=566 data-nosnippet>566</a> <span class="kw">let </span>zk = Zk::new(delta, rcot_send.clone());
<a href=#567 id=567 data-nosnippet>567</a>
<a href=#568 id=568 data-nosnippet>568</a> <span class="kw">let </span>vm = Arc::new(Mutex::new(Deap::new(tlsn_deap::Role::Follower, mpc, zk)));
<a href=#569 id=569 data-nosnippet>569</a>
<a href=#570 id=570 data-nosnippet>570</a> (
<a href=#571 id=571 data-nosnippet>571</a> vm.clone(),
<a href=#572 id=572 data-nosnippet>572</a> MpcTlsFollower::new(
<a href=#573 id=573 data-nosnippet>573</a> config.build_mpc_tls_config(protocol_config),
<a href=#574 id=574 data-nosnippet>574</a> ctx,
<a href=#575 id=575 data-nosnippet>575</a> vm,
<a href=#576 id=576 data-nosnippet>576</a> rcot_send,
<a href=#577 id=577 data-nosnippet>577</a> (rcot_recv.clone(), rcot_recv.clone(), rcot_recv),
<a href=#578 id=578 data-nosnippet>578</a> ),
<a href=#579 id=579 data-nosnippet>579</a> )
<a href=#580 id=580 data-nosnippet>580</a>}
<a href=#581 id=581 data-nosnippet>581</a>
<a href=#582 id=582 data-nosnippet>582</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#583 id=583 data-nosnippet>583</a></span><span class="kw">fn </span>translate_keys&lt;Mpc, Zk&gt;(
<a href=#584 id=584 data-nosnippet>584</a> keys: <span class="kw-2">&amp;mut </span>SessionKeys,
<a href=#585 id=585 data-nosnippet>585</a> vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;,
<a href=#586 id=586 data-nosnippet>586</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VerifierError&gt; {
<a href=#587 id=587 data-nosnippet>587</a> keys.client_write_key = vm
<a href=#588 id=588 data-nosnippet>588</a> .translate(keys.client_write_key)
<a href=#589 id=589 data-nosnippet>589</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#590 id=590 data-nosnippet>590</a> keys.client_write_iv = vm
<a href=#591 id=591 data-nosnippet>591</a> .translate(keys.client_write_iv)
<a href=#592 id=592 data-nosnippet>592</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#593 id=593 data-nosnippet>593</a> keys.server_write_key = vm
<a href=#594 id=594 data-nosnippet>594</a> .translate(keys.server_write_key)
<a href=#595 id=595 data-nosnippet>595</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#596 id=596 data-nosnippet>596</a> keys.server_write_iv = vm
<a href=#597 id=597 data-nosnippet>597</a> .translate(keys.server_write_iv)
<a href=#598 id=598 data-nosnippet>598</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#599 id=599 data-nosnippet>599</a> keys.server_write_mac_key = vm
<a href=#600 id=600 data-nosnippet>600</a> .translate(keys.server_write_mac_key)
<a href=#601 id=601 data-nosnippet>601</a> .map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#602 id=602 data-nosnippet>602</a>
<a href=#603 id=603 data-nosnippet>603</a> <span class="prelude-val">Ok</span>(())
<a href=#604 id=604 data-nosnippet>604</a>}
<a href=#605 id=605 data-nosnippet>605</a>
<a href=#606 id=606 data-nosnippet>606</a><span class="doccomment">/// Translates VM references to the ZK address space.
<a href=#607 id=607 data-nosnippet>607</a></span><span class="kw">fn </span>translate_transcript&lt;Mpc, Zk&gt;(
<a href=#608 id=608 data-nosnippet>608</a> transcript: <span class="kw-2">&amp;mut </span>TlsTranscript,
<a href=#609 id=609 data-nosnippet>609</a> vm: <span class="kw-2">&amp;</span>Deap&lt;Mpc, Zk&gt;,
<a href=#610 id=610 data-nosnippet>610</a>) -&gt; <span class="prelude-ty">Result</span>&lt;(), VerifierError&gt; {
<a href=#611 id=611 data-nosnippet>611</a> <span class="kw">for </span>Record { plaintext_ref, .. } <span class="kw">in </span>transcript.sent.iter_mut().chain(transcript.recv.iter_mut())
<a href=#612 id=612 data-nosnippet>612</a> {
<a href=#613 id=613 data-nosnippet>613</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(plaintext_ref) = plaintext_ref.as_mut() {
<a href=#614 id=614 data-nosnippet>614</a> <span class="kw-2">*</span>plaintext_ref = vm.translate(<span class="kw-2">*</span>plaintext_ref).map_err(VerifierError::mpc)<span class="question-mark">?</span>;
<a href=#615 id=615 data-nosnippet>615</a> }
<a href=#616 id=616 data-nosnippet>616</a> }
<a href=#617 id=617 data-nosnippet>617</a>
<a href=#618 id=618 data-nosnippet>618</a> <span class="prelude-val">Ok</span>(())
<a href=#619 id=619 data-nosnippet>619</a>}</code></pre></div></section></main></body></html>

60
src/tlsn_verifier/state.rs.html
View File

@@ -1,60 +0,0 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/verifier/src/state.rs`."><title>state.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn_verifier" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../../static.files/src-script-813739b1.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_verifier/</div>state.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="doccomment">//! TLS Verifier state.
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a></span><span class="kw">use </span>std::sync::Arc;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use crate</span>::{Mpc, Zk};
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>mpc_tls::{MpcTlsFollower, SessionKeys};
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>mpz_common::Context;
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>mpz_memory_core::correlated::Delta;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">use </span>tlsn_common::{
<a href=#10 id=10 data-nosnippet>10</a> mux::{MuxControl, MuxFuture},
<a href=#11 id=11 data-nosnippet>11</a> transcript::TranscriptRefs,
<a href=#12 id=12 data-nosnippet>12</a> zk_aes_ctr::ZkAesCtr,
<a href=#13 id=13 data-nosnippet>13</a>};
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>tlsn_core::connection::{ConnectionInfo, ServerEphemKey};
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">use </span>tlsn_deap::Deap;
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">use </span>tokio::sync::Mutex;
<a href=#17 id=17 data-nosnippet>17</a>
<a href=#18 id=18 data-nosnippet>18</a><span class="doccomment">/// TLS Verifier state.
<a href=#19 id=19 data-nosnippet>19</a></span><span class="kw">pub trait </span>VerifierState: sealed::Sealed {}
<a href=#20 id=20 data-nosnippet>20</a>
<a href=#21 id=21 data-nosnippet>21</a><span class="doccomment">/// Initialized state.
<a href=#22 id=22 data-nosnippet>22</a></span><span class="kw">pub struct </span>Initialized;
<a href=#23 id=23 data-nosnippet>23</a>
<a href=#24 id=24 data-nosnippet>24</a><span class="macro">opaque_debug::implement!</span>(Initialized);
<a href=#25 id=25 data-nosnippet>25</a>
<a href=#26 id=26 data-nosnippet>26</a><span class="doccomment">/// State after setup has completed.
<a href=#27 id=27 data-nosnippet>27</a></span><span class="kw">pub struct </span>Setup {
<a href=#28 id=28 data-nosnippet>28</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">pub</span>(<span class="kw">crate</span>) delta: Delta,
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mpc_tls: MpcTlsFollower,
<a href=#32 id=32 data-nosnippet>32</a> <span class="kw">pub</span>(<span class="kw">crate</span>) zk_aes_ctr: ZkAesCtr,
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">pub</span>(<span class="kw">crate</span>) _keys: SessionKeys,
<a href=#34 id=34 data-nosnippet>34</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Arc&lt;Mutex&lt;Deap&lt;Mpc, Zk&gt;&gt;&gt;,
<a href=#35 id=35 data-nosnippet>35</a>}
<a href=#36 id=36 data-nosnippet>36</a>
<a href=#37 id=37 data-nosnippet>37</a><span class="doccomment">/// State after the TLS connection has been closed.
<a href=#38 id=38 data-nosnippet>38</a></span><span class="kw">pub struct </span>Committed {
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_ctrl: MuxControl,
<a href=#40 id=40 data-nosnippet>40</a> <span class="kw">pub</span>(<span class="kw">crate</span>) mux_fut: MuxFuture,
<a href=#41 id=41 data-nosnippet>41</a> <span class="kw">pub</span>(<span class="kw">crate</span>) delta: Delta,
<a href=#42 id=42 data-nosnippet>42</a> <span class="kw">pub</span>(<span class="kw">crate</span>) ctx: Context,
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">pub</span>(<span class="kw">crate</span>) vm: Zk,
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">pub</span>(<span class="kw">crate</span>) server_ephemeral_key: ServerEphemKey,
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">pub</span>(<span class="kw">crate</span>) connection_info: ConnectionInfo,
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">pub</span>(<span class="kw">crate</span>) transcript_refs: TranscriptRefs,
<a href=#47 id=47 data-nosnippet>47</a>}
<a href=#48 id=48 data-nosnippet>48</a>
<a href=#49 id=49 data-nosnippet>49</a><span class="macro">opaque_debug::implement!</span>(Committed);
<a href=#50 id=50 data-nosnippet>50</a>
<a href=#51 id=51 data-nosnippet>51</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Initialized {}
<a href=#52 id=52 data-nosnippet>52</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Setup {}
<a href=#53 id=53 data-nosnippet>53</a><span class="kw">impl </span>VerifierState <span class="kw">for </span>Committed {}
<a href=#54 id=54 data-nosnippet>54</a>
<a href=#55 id=55 data-nosnippet>55</a><span class="kw">mod </span>sealed {
<a href=#56 id=56 data-nosnippet>56</a> <span class="kw">pub trait </span>Sealed {}
<a href=#57 id=57 data-nosnippet>57</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Initialized {}
<a href=#58 id=58 data-nosnippet>58</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Setup {}
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">impl </span>Sealed <span class="kw">for </span><span class="kw">super</span>::Committed {}
<a href=#60 id=60 data-nosnippet>60</a>}</code></pre></div></section></main></body></html>

121
src/tlsn_wasm/prover/config.rs.html
View File

@@ -1,63 +1,64 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/wasm/src/prover/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn_wasm" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_wasm/prover/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span><span class="kw">crate</span>::types::NetworkSetting;
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>serde::Deserialize;
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>tlsn_common::config::ProtocolConfig;
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>tlsn::config::ProtocolConfig;
<a href=#4 id=4 data-nosnippet>4</a><span class="kw">use </span>tsify_next::Tsify;
<a href=#5 id=5 data-nosnippet>5</a><span class="attr">#[derive(Debug, Tsify, Deserialize)]
<a href=#6 id=6 data-nosnippet>6</a>#[tsify(from_wasm_abi)]
<a href=#7 id=7 data-nosnippet>7</a></span><span class="kw">pub struct </span>ProverConfig {
<a href=#8 id=8 data-nosnippet>8</a> <span class="kw">pub </span>server_name: String,
<a href=#9 id=9 data-nosnippet>9</a> <span class="kw">pub </span>max_sent_data: usize,
<a href=#10 id=10 data-nosnippet>10</a> <span class="kw">pub </span>max_sent_records: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#11 id=11 data-nosnippet>11</a> <span class="kw">pub </span>max_recv_data_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#12 id=12 data-nosnippet>12</a> <span class="kw">pub </span>max_recv_data: usize,
<a href=#13 id=13 data-nosnippet>13</a> <span class="kw">pub </span>max_recv_records_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#14 id=14 data-nosnippet>14</a> <span class="kw">pub </span>defer_decryption_from_start: <span class="prelude-ty">Option</span>&lt;bool&gt;,
<a href=#15 id=15 data-nosnippet>15</a> <span class="kw">pub </span>network: NetworkSetting,
<a href=#16 id=16 data-nosnippet>16</a> <span class="kw">pub </span>client_auth: <span class="prelude-ty">Option</span>&lt;(Vec&lt;Vec&lt;u8&gt;&gt;, Vec&lt;u8&gt;)&gt;,
<a href=#17 id=17 data-nosnippet>17</a>}
<a href=#18 id=18 data-nosnippet>18</a>
<a href=#19 id=19 data-nosnippet>19</a><span class="kw">impl </span>From&lt;ProverConfig&gt; <span class="kw">for </span>tlsn_prover::ProverConfig {
<a href=#20 id=20 data-nosnippet>20</a> <span class="kw">fn </span>from(value: ProverConfig) -&gt; <span class="self">Self </span>{
<a href=#21 id=21 data-nosnippet>21</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = ProtocolConfig::builder();
<a href=#22 id=22 data-nosnippet>22</a>
<a href=#23 id=23 data-nosnippet>23</a> builder.max_sent_data(value.max_sent_data);
<a href=#24 id=24 data-nosnippet>24</a> builder.max_recv_data(value.max_recv_data);
<a href=#25 id=25 data-nosnippet>25</a>
<a href=#26 id=26 data-nosnippet>26</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_recv_data_online {
<a href=#27 id=27 data-nosnippet>27</a> builder.max_recv_data_online(value);
<a href=#28 id=28 data-nosnippet>28</a> }
<a href=#29 id=29 data-nosnippet>29</a>
<a href=#30 id=30 data-nosnippet>30</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_sent_records {
<a href=#31 id=31 data-nosnippet>31</a> builder.max_sent_records(value);
<a href=#32 id=32 data-nosnippet>32</a> }
<a href=#33 id=33 data-nosnippet>33</a>
<a href=#34 id=34 data-nosnippet>34</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_recv_records_online {
<a href=#35 id=35 data-nosnippet>35</a> builder.max_recv_records_online(value);
<a href=#36 id=36 data-nosnippet>36</a> }
<a href=#37 id=37 data-nosnippet>37</a>
<a href=#38 id=38 data-nosnippet>38</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.defer_decryption_from_start {
<a href=#39 id=39 data-nosnippet>39</a> builder.defer_decryption_from_start(value);
<a href=#40 id=40 data-nosnippet>40</a> }
<a href=#41 id=41 data-nosnippet>41</a>
<a href=#42 id=42 data-nosnippet>42</a> builder.network(value.network.into());
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">let </span>protocol_config = builder.build().unwrap();
<a href=#44 id=44 data-nosnippet>44</a>
<a href=#45 id=45 data-nosnippet>45</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = tlsn_prover::TlsConfig::builder();
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(cert_key) = value.client_auth {
<a href=#47 id=47 data-nosnippet>47</a> <span class="comment">// Try to parse as PEM-encoded.
<a href=#48 id=48 data-nosnippet>48</a> </span><span class="kw">if </span>builder.client_auth_pem(cert_key.clone()).is_err() {
<a href=#49 id=49 data-nosnippet>49</a> <span class="comment">// Otherwise assume DER encoding.
<a href=#50 id=50 data-nosnippet>50</a> </span>builder.client_auth(cert_key);
<a href=#51 id=51 data-nosnippet>51</a> }
<a href=#52 id=52 data-nosnippet>52</a> }
<a href=#53 id=53 data-nosnippet>53</a> <span class="kw">let </span>tls_config = builder.build().unwrap();
<a href=#54 id=54 data-nosnippet>54</a>
<a href=#55 id=55 data-nosnippet>55</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = tlsn_prover::ProverConfig::builder();
<a href=#56 id=56 data-nosnippet>56</a> builder
<a href=#57 id=57 data-nosnippet>57</a> .server_name(value.server_name.as_ref())
<a href=#58 id=58 data-nosnippet>58</a> .protocol_config(protocol_config)
<a href=#59 id=59 data-nosnippet>59</a> .tls_config(tls_config);
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a> builder.build().unwrap()
<a href=#62 id=62 data-nosnippet>62</a> }
<a href=#63 id=63 data-nosnippet>63</a>}</code></pre></div></section></main></body></html>
<a href=#5 id=5 data-nosnippet>5</a>
<a href=#6 id=6 data-nosnippet>6</a><span class="attr">#[derive(Debug, Tsify, Deserialize)]
<a href=#7 id=7 data-nosnippet>7</a>#[tsify(from_wasm_abi)]
<a href=#8 id=8 data-nosnippet>8</a></span><span class="kw">pub struct </span>ProverConfig {
<a href=#9 id=9 data-nosnippet>9</a> <span class="kw">pub </span>server_name: String,
<a href=#10 id=10 data-nosnippet>10</a> <span class="kw">pub </span>max_sent_data: usize,
<a href=#11 id=11 data-nosnippet>11</a> <span class="kw">pub </span>max_sent_records: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#12 id=12 data-nosnippet>12</a> <span class="kw">pub </span>max_recv_data_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#13 id=13 data-nosnippet>13</a> <span class="kw">pub </span>max_recv_data: usize,
<a href=#14 id=14 data-nosnippet>14</a> <span class="kw">pub </span>max_recv_records_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#15 id=15 data-nosnippet>15</a> <span class="kw">pub </span>defer_decryption_from_start: <span class="prelude-ty">Option</span>&lt;bool&gt;,
<a href=#16 id=16 data-nosnippet>16</a> <span class="kw">pub </span>network: NetworkSetting,
<a href=#17 id=17 data-nosnippet>17</a> <span class="kw">pub </span>client_auth: <span class="prelude-ty">Option</span>&lt;(Vec&lt;Vec&lt;u8&gt;&gt;, Vec&lt;u8&gt;)&gt;,
<a href=#18 id=18 data-nosnippet>18</a>}
<a href=#19 id=19 data-nosnippet>19</a>
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">impl </span>From&lt;ProverConfig&gt; <span class="kw">for </span>tlsn::prover::ProverConfig {
<a href=#21 id=21 data-nosnippet>21</a> <span class="kw">fn </span>from(value: ProverConfig) -&gt; <span class="self">Self </span>{
<a href=#22 id=22 data-nosnippet>22</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = ProtocolConfig::builder();
<a href=#23 id=23 data-nosnippet>23</a>
<a href=#24 id=24 data-nosnippet>24</a> builder.max_sent_data(value.max_sent_data);
<a href=#25 id=25 data-nosnippet>25</a> builder.max_recv_data(value.max_recv_data);
<a href=#26 id=26 data-nosnippet>26</a>
<a href=#27 id=27 data-nosnippet>27</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_recv_data_online {
<a href=#28 id=28 data-nosnippet>28</a> builder.max_recv_data_online(value);
<a href=#29 id=29 data-nosnippet>29</a> }
<a href=#30 id=30 data-nosnippet>30</a>
<a href=#31 id=31 data-nosnippet>31</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_sent_records {
<a href=#32 id=32 data-nosnippet>32</a> builder.max_sent_records(value);
<a href=#33 id=33 data-nosnippet>33</a> }
<a href=#34 id=34 data-nosnippet>34</a>
<a href=#35 id=35 data-nosnippet>35</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.max_recv_records_online {
<a href=#36 id=36 data-nosnippet>36</a> builder.max_recv_records_online(value);
<a href=#37 id=37 data-nosnippet>37</a> }
<a href=#38 id=38 data-nosnippet>38</a>
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(value) = value.defer_decryption_from_start {
<a href=#40 id=40 data-nosnippet>40</a> builder.defer_decryption_from_start(value);
<a href=#41 id=41 data-nosnippet>41</a> }
<a href=#42 id=42 data-nosnippet>42</a>
<a href=#43 id=43 data-nosnippet>43</a> builder.network(value.network.into());
<a href=#44 id=44 data-nosnippet>44</a> <span class="kw">let </span>protocol_config = builder.build().unwrap();
<a href=#45 id=45 data-nosnippet>45</a>
<a href=#46 id=46 data-nosnippet>46</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = tlsn::prover::TlsConfig::builder();
<a href=#47 id=47 data-nosnippet>47</a> <span class="kw">if let </span><span class="prelude-val">Some</span>(cert_key) = value.client_auth {
<a href=#48 id=48 data-nosnippet>48</a> <span class="comment">// Try to parse as PEM-encoded.
<a href=#49 id=49 data-nosnippet>49</a> </span><span class="kw">if </span>builder.client_auth_pem(cert_key.clone()).is_err() {
<a href=#50 id=50 data-nosnippet>50</a> <span class="comment">// Otherwise assume DER encoding.
<a href=#51 id=51 data-nosnippet>51</a> </span>builder.client_auth(cert_key);
<a href=#52 id=52 data-nosnippet>52</a> }
<a href=#53 id=53 data-nosnippet>53</a> }
<a href=#54 id=54 data-nosnippet>54</a> <span class="kw">let </span>tls_config = builder.build().unwrap();
<a href=#55 id=55 data-nosnippet>55</a>
<a href=#56 id=56 data-nosnippet>56</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = tlsn::prover::ProverConfig::builder();
<a href=#57 id=57 data-nosnippet>57</a> builder
<a href=#58 id=58 data-nosnippet>58</a> .server_name(value.server_name.as_ref())
<a href=#59 id=59 data-nosnippet>59</a> .protocol_config(protocol_config)
<a href=#60 id=60 data-nosnippet>60</a> .tls_config(tls_config);
<a href=#61 id=61 data-nosnippet>61</a>
<a href=#62 id=62 data-nosnippet>62</a> builder.build().unwrap()
<a href=#63 id=63 data-nosnippet>63</a> }
<a href=#64 id=64 data-nosnippet>64</a>}</code></pre></div></section></main></body></html>

4
src/tlsn_wasm/prover/mod.rs.html
View File

@@ -7,8 +7,8 @@
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>http_body_util::{BodyExt, Full};
<a href=#8 id=8 data-nosnippet>8</a><span class="kw">use </span>hyper::body::Bytes;
<a href=#9 id=9 data-nosnippet>9</a><span class="kw">use </span>tls_client_async::TlsConnection;
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>tlsn_core::{request::RequestConfig, transcript::TranscriptCommitConfigBuilder};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>tlsn_prover::{state, ProveConfig, Prover};
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>tlsn::prover::{state, ProveConfig, Prover};
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>tlsn_core::{request::RequestConfig, transcript::TranscriptCommitConfigBuilder};
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>tracing::info;
<a href=#13 id=13 data-nosnippet>13</a><span class="kw">use </span>wasm_bindgen::{prelude::<span class="kw-2">*</span>, JsError};
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>wasm_bindgen_futures::spawn_local;

2
src/tlsn_wasm/types.rs.html
View File

@@ -335,7 +335,7 @@
<a href=#335 id=335 data-nosnippet>335</a> </span>Latency,
<a href=#336 id=336 data-nosnippet>336</a>}
<a href=#337 id=337 data-nosnippet>337</a>
<a href=#338 id=338 data-nosnippet>338</a><span class="kw">impl </span>From&lt;NetworkSetting&gt; <span class="kw">for </span>tlsn_common::config::NetworkSetting {
<a href=#338 id=338 data-nosnippet>338</a><span class="kw">impl </span>From&lt;NetworkSetting&gt; <span class="kw">for </span>tlsn::config::NetworkSetting {
<a href=#339 id=339 data-nosnippet>339</a> <span class="kw">fn </span>from(value: NetworkSetting) -&gt; <span class="self">Self </span>{
<a href=#340 id=340 data-nosnippet>340</a> <span class="kw">match </span>value {
<a href=#341 id=341 data-nosnippet>341</a> NetworkSetting::Bandwidth =&gt; <span class="self">Self</span>::Bandwidth,

6
src/tlsn_wasm/verifier/config.rs.html
View File

@@ -1,5 +1,5 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/wasm/src/verifier/config.rs`."><title>config.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn_wasm" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_wasm/verifier/</div>config.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">use </span>serde::Deserialize;
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>tlsn_common::config::ProtocolConfigValidator;
<a href=#2 id=2 data-nosnippet>2</a><span class="kw">use </span>tlsn::config::ProtocolConfigValidator;
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">use </span>tsify_next::Tsify;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="attr">#[derive(Debug, Tsify, Deserialize)]
@@ -11,7 +11,7 @@
<a href=#11 id=11 data-nosnippet>11</a> <span class="kw">pub </span>max_recv_records_online: <span class="prelude-ty">Option</span>&lt;usize&gt;,
<a href=#12 id=12 data-nosnippet>12</a>}
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">impl </span>From&lt;VerifierConfig&gt; <span class="kw">for </span>tlsn_verifier::VerifierConfig {
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">impl </span>From&lt;VerifierConfig&gt; <span class="kw">for </span>tlsn::verifier::VerifierConfig {
<a href=#15 id=15 data-nosnippet>15</a> <span class="kw">fn </span>from(value: VerifierConfig) -&gt; <span class="self">Self </span>{
<a href=#16 id=16 data-nosnippet>16</a> <span class="kw">let </span><span class="kw-2">mut </span>builder = ProtocolConfigValidator::builder();
<a href=#17 id=17 data-nosnippet>17</a>
@@ -28,7 +28,7 @@
<a href=#28 id=28 data-nosnippet>28</a>
<a href=#29 id=29 data-nosnippet>29</a> <span class="kw">let </span>validator = builder.build().unwrap();
<a href=#30 id=30 data-nosnippet>30</a>
<a href=#31 id=31 data-nosnippet>31</a> tlsn_verifier::VerifierConfig::builder()
<a href=#31 id=31 data-nosnippet>31</a> tlsn::verifier::VerifierConfig::builder()
<a href=#32 id=32 data-nosnippet>32</a> .protocol_config_validator(validator)
<a href=#33 id=33 data-nosnippet>33</a> .build()
<a href=#34 id=34 data-nosnippet>34</a> .unwrap()

195
src/tlsn_wasm/verifier/mod.rs.html
View File

@@ -1,95 +1,122 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/wasm/src/verifier/mod.rs`."><title>mod.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn_wasm" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_wasm/verifier/</div>mod.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-2"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">mod </span>config;
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `crates/wasm/src/verifier/mod.rs`."><title>mod.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../../" data-static-root-path="../../../static.files/" data-current-crate="tlsn_wasm" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../../static.files/storage-4e99c027.js"></script><script defer src="../../../static.files/src-script-813739b1.js"></script><script defer src="../../../src-files.js"></script><script defer src="../../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../../static.files/favicon-044be391.svg"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><h1><div class="sub-heading">tlsn_wasm/verifier/</div>mod.rs</h1><rustdoc-toolbar></rustdoc-toolbar></div><div class="example-wrap digits-3"><pre class="rust"><code><a href=#1 id=1 data-nosnippet>1</a><span class="kw">mod </span>config;
<a href=#2 id=2 data-nosnippet>2</a>
<a href=#3 id=3 data-nosnippet>3</a><span class="kw">pub use </span>config::VerifierConfig;
<a href=#4 id=4 data-nosnippet>4</a>
<a href=#5 id=5 data-nosnippet>5</a><span class="kw">use </span>enum_try_as_inner::EnumTryAsInner;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>tlsn_verifier::{
<a href=#7 id=7 data-nosnippet>7</a> state::{<span class="self">self</span>, Initialized},
<a href=#8 id=8 data-nosnippet>8</a> Verifier, VerifyConfig,
<a href=#9 id=9 data-nosnippet>9</a>};
<a href=#10 id=10 data-nosnippet>10</a><span class="kw">use </span>tracing::info;
<a href=#11 id=11 data-nosnippet>11</a><span class="kw">use </span>wasm_bindgen::prelude::<span class="kw-2">*</span>;
<a href=#12 id=12 data-nosnippet>12</a><span class="kw">use </span>ws_stream_wasm::{WsMeta, WsStream};
<a href=#13 id=13 data-nosnippet>13</a>
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span><span class="kw">crate</span>::types::VerifierOutput;
<a href=#15 id=15 data-nosnippet>15</a>
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">type </span><span class="prelude-ty">Result</span>&lt;T&gt; = std::result::Result&lt;T, JsError&gt;;
<a href=#6 id=6 data-nosnippet>6</a><span class="kw">use </span>tls_core::msgs::enums::ContentType;
<a href=#7 id=7 data-nosnippet>7</a><span class="kw">use </span>tlsn::{
<a href=#8 id=8 data-nosnippet>8</a> connection::{ConnectionInfo, TranscriptLength},
<a href=#9 id=9 data-nosnippet>9</a> verifier::{
<a href=#10 id=10 data-nosnippet>10</a> state::{<span class="self">self</span>, Initialized},
<a href=#11 id=11 data-nosnippet>11</a> Verifier, VerifyConfig,
<a href=#12 id=12 data-nosnippet>12</a> },
<a href=#13 id=13 data-nosnippet>13</a>};
<a href=#14 id=14 data-nosnippet>14</a><span class="kw">use </span>tracing::info;
<a href=#15 id=15 data-nosnippet>15</a><span class="kw">use </span>wasm_bindgen::prelude::<span class="kw-2">*</span>;
<a href=#16 id=16 data-nosnippet>16</a><span class="kw">use </span>ws_stream_wasm::{WsMeta, WsStream};
<a href=#17 id=17 data-nosnippet>17</a>
<a href=#18 id=18 data-nosnippet>18</a><span class="attr">#[wasm_bindgen(js_name = Verifier)]
<a href=#19 id=19 data-nosnippet>19</a></span><span class="kw">pub struct </span>JsVerifier {
<a href=#20 id=20 data-nosnippet>20</a> state: State,
<a href=#21 id=21 data-nosnippet>21</a>}
<a href=#22 id=22 data-nosnippet>22</a>
<a href=#23 id=23 data-nosnippet>23</a><span class="attr">#[derive(EnumTryAsInner)]
<a href=#24 id=24 data-nosnippet>24</a>#[derive_err(Debug)]
<a href=#25 id=25 data-nosnippet>25</a></span><span class="kw">enum </span>State {
<a href=#26 id=26 data-nosnippet>26</a> Initialized(Verifier&lt;state::Initialized&gt;),
<a href=#27 id=27 data-nosnippet>27</a> Connected((Verifier&lt;state::Initialized&gt;, WsStream)),
<a href=#28 id=28 data-nosnippet>28</a> Complete,
<a href=#29 id=29 data-nosnippet>29</a> Error,
<a href=#30 id=30 data-nosnippet>30</a>}
<a href=#31 id=31 data-nosnippet>31</a>
<a href=#32 id=32 data-nosnippet>32</a><span class="kw">impl </span>std::fmt::Debug <span class="kw">for </span>State {
<a href=#33 id=33 data-nosnippet>33</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>std::fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; std::fmt::Result {
<a href=#34 id=34 data-nosnippet>34</a> <span class="macro">write!</span>(f, <span class="string">"State"</span>)
<a href=#35 id=35 data-nosnippet>35</a> }
<a href=#36 id=36 data-nosnippet>36</a>}
<a href=#37 id=37 data-nosnippet>37</a>
<a href=#38 id=38 data-nosnippet>38</a><span class="kw">impl </span>State {
<a href=#39 id=39 data-nosnippet>39</a> <span class="kw">fn </span>take(<span class="kw-2">&amp;mut </span><span class="self">self</span>) -&gt; <span class="self">Self </span>{
<a href=#40 id=40 data-nosnippet>40</a> std::mem::replace(<span class="self">self</span>, State::Error)
<a href=#41 id=41 data-nosnippet>41</a> }
<a href=#42 id=42 data-nosnippet>42</a>}
<a href=#43 id=43 data-nosnippet>43</a>
<a href=#44 id=44 data-nosnippet>44</a><span class="attr">#[wasm_bindgen(js_class = Verifier)]
<a href=#45 id=45 data-nosnippet>45</a></span><span class="kw">impl </span>JsVerifier {
<a href=#46 id=46 data-nosnippet>46</a> <span class="attr">#[wasm_bindgen(constructor)]
<a href=#47 id=47 data-nosnippet>47</a> </span><span class="kw">pub fn </span>new(config: VerifierConfig) -&gt; JsVerifier {
<a href=#48 id=48 data-nosnippet>48</a> JsVerifier {
<a href=#49 id=49 data-nosnippet>49</a> state: State::Initialized(Verifier::new(config.into())),
<a href=#50 id=50 data-nosnippet>50</a> }
<a href=#51 id=51 data-nosnippet>51</a> }
<a href=#52 id=52 data-nosnippet>52</a>
<a href=#53 id=53 data-nosnippet>53</a> <span class="doccomment">/// Connect to the prover.
<a href=#54 id=54 data-nosnippet>54</a> </span><span class="kw">pub async fn </span>connect(<span class="kw-2">&amp;mut </span><span class="self">self</span>, prover_url: <span class="kw-2">&amp;</span>str) -&gt; <span class="prelude-ty">Result</span>&lt;()&gt; {
<a href=#55 id=55 data-nosnippet>55</a> <span class="kw">let </span>verifier = <span class="self">self</span>.state.take().try_into_initialized()<span class="question-mark">?</span>;
<a href=#18 id=18 data-nosnippet>18</a><span class="kw">use </span><span class="kw">crate</span>::types::VerifierOutput;
<a href=#19 id=19 data-nosnippet>19</a>
<a href=#20 id=20 data-nosnippet>20</a><span class="kw">type </span><span class="prelude-ty">Result</span>&lt;T&gt; = std::result::Result&lt;T, JsError&gt;;
<a href=#21 id=21 data-nosnippet>21</a>
<a href=#22 id=22 data-nosnippet>22</a><span class="attr">#[wasm_bindgen(js_name = Verifier)]
<a href=#23 id=23 data-nosnippet>23</a></span><span class="kw">pub struct </span>JsVerifier {
<a href=#24 id=24 data-nosnippet>24</a> state: State,
<a href=#25 id=25 data-nosnippet>25</a>}
<a href=#26 id=26 data-nosnippet>26</a>
<a href=#27 id=27 data-nosnippet>27</a><span class="attr">#[derive(EnumTryAsInner)]
<a href=#28 id=28 data-nosnippet>28</a>#[derive_err(Debug)]
<a href=#29 id=29 data-nosnippet>29</a></span><span class="kw">enum </span>State {
<a href=#30 id=30 data-nosnippet>30</a> Initialized(Verifier&lt;state::Initialized&gt;),
<a href=#31 id=31 data-nosnippet>31</a> Connected((Verifier&lt;state::Initialized&gt;, WsStream)),
<a href=#32 id=32 data-nosnippet>32</a> Complete,
<a href=#33 id=33 data-nosnippet>33</a> Error,
<a href=#34 id=34 data-nosnippet>34</a>}
<a href=#35 id=35 data-nosnippet>35</a>
<a href=#36 id=36 data-nosnippet>36</a><span class="kw">impl </span>std::fmt::Debug <span class="kw">for </span>State {
<a href=#37 id=37 data-nosnippet>37</a> <span class="kw">fn </span>fmt(<span class="kw-2">&amp;</span><span class="self">self</span>, f: <span class="kw-2">&amp;mut </span>std::fmt::Formatter&lt;<span class="lifetime">'_</span>&gt;) -&gt; std::fmt::Result {
<a href=#38 id=38 data-nosnippet>38</a> <span class="macro">write!</span>(f, <span class="string">"State"</span>)
<a href=#39 id=39 data-nosnippet>39</a> }
<a href=#40 id=40 data-nosnippet>40</a>}
<a href=#41 id=41 data-nosnippet>41</a>
<a href=#42 id=42 data-nosnippet>42</a><span class="kw">impl </span>State {
<a href=#43 id=43 data-nosnippet>43</a> <span class="kw">fn </span>take(<span class="kw-2">&amp;mut </span><span class="self">self</span>) -&gt; <span class="self">Self </span>{
<a href=#44 id=44 data-nosnippet>44</a> std::mem::replace(<span class="self">self</span>, State::Error)
<a href=#45 id=45 data-nosnippet>45</a> }
<a href=#46 id=46 data-nosnippet>46</a>}
<a href=#47 id=47 data-nosnippet>47</a>
<a href=#48 id=48 data-nosnippet>48</a><span class="attr">#[wasm_bindgen(js_class = Verifier)]
<a href=#49 id=49 data-nosnippet>49</a></span><span class="kw">impl </span>JsVerifier {
<a href=#50 id=50 data-nosnippet>50</a> <span class="attr">#[wasm_bindgen(constructor)]
<a href=#51 id=51 data-nosnippet>51</a> </span><span class="kw">pub fn </span>new(config: VerifierConfig) -&gt; JsVerifier {
<a href=#52 id=52 data-nosnippet>52</a> JsVerifier {
<a href=#53 id=53 data-nosnippet>53</a> state: State::Initialized(Verifier::new(config.into())),
<a href=#54 id=54 data-nosnippet>54</a> }
<a href=#55 id=55 data-nosnippet>55</a> }
<a href=#56 id=56 data-nosnippet>56</a>
<a href=#57 id=57 data-nosnippet>57</a> <span class="macro">info!</span>(<span class="string">"Connecting to prover"</span>);
<a href=#58 id=58 data-nosnippet>58</a>
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">let </span>(<span class="kw">_</span>, prover_conn) = WsMeta::connect(prover_url, <span class="prelude-val">None</span>).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#57 id=57 data-nosnippet>57</a> <span class="doccomment">/// Connect to the prover.
<a href=#58 id=58 data-nosnippet>58</a> </span><span class="kw">pub async fn </span>connect(<span class="kw-2">&amp;mut </span><span class="self">self</span>, prover_url: <span class="kw-2">&amp;</span>str) -&gt; <span class="prelude-ty">Result</span>&lt;()&gt; {
<a href=#59 id=59 data-nosnippet>59</a> <span class="kw">let </span>verifier = <span class="self">self</span>.state.take().try_into_initialized()<span class="question-mark">?</span>;
<a href=#60 id=60 data-nosnippet>60</a>
<a href=#61 id=61 data-nosnippet>61</a> <span class="macro">info!</span>(<span class="string">"Connected to prover"</span>);
<a href=#61 id=61 data-nosnippet>61</a> <span class="macro">info!</span>(<span class="string">"Connecting to prover"</span>);
<a href=#62 id=62 data-nosnippet>62</a>
<a href=#63 id=63 data-nosnippet>63</a> <span class="self">self</span>.state = State::Connected((verifier, prover_conn));
<a href=#63 id=63 data-nosnippet>63</a> <span class="kw">let </span>(<span class="kw">_</span>, prover_conn) = WsMeta::connect(prover_url, <span class="prelude-val">None</span>).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#64 id=64 data-nosnippet>64</a>
<a href=#65 id=65 data-nosnippet>65</a> <span class="prelude-val">Ok</span>(())
<a href=#66 id=66 data-nosnippet>66</a> }
<a href=#67 id=67 data-nosnippet>67</a>
<a href=#68 id=68 data-nosnippet>68</a> <span class="doccomment">/// Verifies the connection and finalizes the protocol.
<a href=#69 id=69 data-nosnippet>69</a> </span><span class="kw">pub async fn </span>verify(<span class="kw-2">&amp;mut </span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput&gt; {
<a href=#70 id=70 data-nosnippet>70</a> <span class="kw">let </span>(verifier, prover_conn) = <span class="self">self</span>.state.take().try_into_connected()<span class="question-mark">?</span>;
<a href=#65 id=65 data-nosnippet>65</a> <span class="macro">info!</span>(<span class="string">"Connected to prover"</span>);
<a href=#66 id=66 data-nosnippet>66</a>
<a href=#67 id=67 data-nosnippet>67</a> <span class="self">self</span>.state = State::Connected((verifier, prover_conn));
<a href=#68 id=68 data-nosnippet>68</a>
<a href=#69 id=69 data-nosnippet>69</a> <span class="prelude-val">Ok</span>(())
<a href=#70 id=70 data-nosnippet>70</a> }
<a href=#71 id=71 data-nosnippet>71</a>
<a href=#72 id=72 data-nosnippet>72</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = verifier.setup(prover_conn.into_io()).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#73 id=73 data-nosnippet>73</a>
<a href=#74 id=74 data-nosnippet>74</a> <span class="kw">let </span>connection_info = verifier.connection_info().clone();
<a href=#72 id=72 data-nosnippet>72</a> <span class="doccomment">/// Verifies the connection and finalizes the protocol.
<a href=#73 id=73 data-nosnippet>73</a> </span><span class="kw">pub async fn </span>verify(<span class="kw-2">&amp;mut </span><span class="self">self</span>) -&gt; <span class="prelude-ty">Result</span>&lt;VerifierOutput&gt; {
<a href=#74 id=74 data-nosnippet>74</a> <span class="kw">let </span>(verifier, prover_conn) = <span class="self">self</span>.state.take().try_into_connected()<span class="question-mark">?</span>;
<a href=#75 id=75 data-nosnippet>75</a>
<a href=#76 id=76 data-nosnippet>76</a> <span class="kw">let </span>output = verifier.verify(<span class="kw-2">&amp;</span>VerifyConfig::default()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#77 id=77 data-nosnippet>77</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#78 id=78 data-nosnippet>78</a>
<a href=#79 id=79 data-nosnippet>79</a> <span class="self">self</span>.state = State::Complete;
<a href=#80 id=80 data-nosnippet>80</a>
<a href=#81 id=81 data-nosnippet>81</a> <span class="prelude-val">Ok</span>(VerifierOutput {
<a href=#82 id=82 data-nosnippet>82</a> server_name: output.server_name.map(|s| s.as_str().to_string()),
<a href=#83 id=83 data-nosnippet>83</a> connection_info: connection_info.into(),
<a href=#84 id=84 data-nosnippet>84</a> transcript: output.transcript.map(|t| t.into()),
<a href=#85 id=85 data-nosnippet>85</a> })
<a href=#86 id=86 data-nosnippet>86</a> }
<a href=#87 id=87 data-nosnippet>87</a>}
<a href=#88 id=88 data-nosnippet>88</a>
<a href=#89 id=89 data-nosnippet>89</a><span class="kw">impl </span>From&lt;tlsn_verifier::Verifier&lt;Initialized&gt;&gt; <span class="kw">for </span>JsVerifier {
<a href=#90 id=90 data-nosnippet>90</a> <span class="kw">fn </span>from(value: tlsn_verifier::Verifier&lt;Initialized&gt;) -&gt; <span class="self">Self </span>{
<a href=#91 id=91 data-nosnippet>91</a> <span class="self">Self </span>{
<a href=#92 id=92 data-nosnippet>92</a> state: State::Initialized(value),
<a href=#93 id=93 data-nosnippet>93</a> }
<a href=#94 id=94 data-nosnippet>94</a> }
<a href=#95 id=95 data-nosnippet>95</a>}</code></pre></div></section></main></body></html>
<a href=#76 id=76 data-nosnippet>76</a> <span class="kw">let </span><span class="kw-2">mut </span>verifier = verifier.setup(prover_conn.into_io()).<span class="kw">await</span><span class="question-mark">?</span>.run().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#77 id=77 data-nosnippet>77</a>
<a href=#78 id=78 data-nosnippet>78</a> <span class="kw">let </span>sent = verifier
<a href=#79 id=79 data-nosnippet>79</a> .tls_transcript()
<a href=#80 id=80 data-nosnippet>80</a> .sent()
<a href=#81 id=81 data-nosnippet>81</a> .iter()
<a href=#82 id=82 data-nosnippet>82</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#83 id=83 data-nosnippet>83</a> .map(|record| record.ciphertext.len())
<a href=#84 id=84 data-nosnippet>84</a> .sum::&lt;usize&gt;();
<a href=#85 id=85 data-nosnippet>85</a>
<a href=#86 id=86 data-nosnippet>86</a> <span class="kw">let </span>received = verifier
<a href=#87 id=87 data-nosnippet>87</a> .tls_transcript()
<a href=#88 id=88 data-nosnippet>88</a> .recv()
<a href=#89 id=89 data-nosnippet>89</a> .iter()
<a href=#90 id=90 data-nosnippet>90</a> .filter(|record| record.typ == ContentType::ApplicationData)
<a href=#91 id=91 data-nosnippet>91</a> .map(|record| record.ciphertext.len())
<a href=#92 id=92 data-nosnippet>92</a> .sum::&lt;usize&gt;();
<a href=#93 id=93 data-nosnippet>93</a>
<a href=#94 id=94 data-nosnippet>94</a> <span class="kw">let </span>connection_info = ConnectionInfo {
<a href=#95 id=95 data-nosnippet>95</a> time: verifier.tls_transcript().time(),
<a href=#96 id=96 data-nosnippet>96</a> version: <span class="kw-2">*</span>verifier.tls_transcript().version(),
<a href=#97 id=97 data-nosnippet>97</a> transcript_length: TranscriptLength {
<a href=#98 id=98 data-nosnippet>98</a> sent: sent <span class="kw">as </span>u32,
<a href=#99 id=99 data-nosnippet>99</a> received: received <span class="kw">as </span>u32,
<a href=#100 id=100 data-nosnippet>100</a> },
<a href=#101 id=101 data-nosnippet>101</a> };
<a href=#102 id=102 data-nosnippet>102</a>
<a href=#103 id=103 data-nosnippet>103</a> <span class="kw">let </span>output = verifier.verify(<span class="kw-2">&amp;</span>VerifyConfig::default()).<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#104 id=104 data-nosnippet>104</a> verifier.close().<span class="kw">await</span><span class="question-mark">?</span>;
<a href=#105 id=105 data-nosnippet>105</a>
<a href=#106 id=106 data-nosnippet>106</a> <span class="self">self</span>.state = State::Complete;
<a href=#107 id=107 data-nosnippet>107</a>
<a href=#108 id=108 data-nosnippet>108</a> <span class="prelude-val">Ok</span>(VerifierOutput {
<a href=#109 id=109 data-nosnippet>109</a> server_name: output.server_name.map(|s| s.as_str().to_string()),
<a href=#110 id=110 data-nosnippet>110</a> connection_info: connection_info.into(),
<a href=#111 id=111 data-nosnippet>111</a> transcript: output.transcript.map(|t| t.into()),
<a href=#112 id=112 data-nosnippet>112</a> })
<a href=#113 id=113 data-nosnippet>113</a> }
<a href=#114 id=114 data-nosnippet>114</a>}
<a href=#115 id=115 data-nosnippet>115</a>
<a href=#116 id=116 data-nosnippet>116</a><span class="kw">impl </span>From&lt;tlsn::verifier::Verifier&lt;Initialized&gt;&gt; <span class="kw">for </span>JsVerifier {
<a href=#117 id=117 data-nosnippet>117</a> <span class="kw">fn </span>from(value: tlsn::verifier::Verifier&lt;Initialized&gt;) -&gt; <span class="self">Self </span>{
<a href=#118 id=118 data-nosnippet>118</a> <span class="self">Self </span>{
<a href=#119 id=119 data-nosnippet>119</a> state: State::Initialized(value),
<a href=#120 id=120 data-nosnippet>120</a> }
<a href=#121 id=121 data-nosnippet>121</a> }
<a href=#122 id=122 data-nosnippet>122</a>}</code></pre></div></section></main></body></html>

1
tlsn/all.html Normal file
View File

File diff suppressed because one or more lines are too long

2
tlsn/attestation/constant.VERSION.html Normal file
View File

@@ -0,0 +1,2 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Current version of attestations."><title>VERSION in tlsn::attestation - Rust</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="sidebar-items.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc constant"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle" title="show sidebar"></button></nav><nav class="sidebar"><div class="sidebar-crate"><h2><a href="../../tlsn/index.html">tlsn</a><span class="version">0.1.0-alpha.13-pre</span></h2></div><div class="sidebar-elems"><div id="rustdoc-modnav"><h2><a href="index.html">In tlsn::<wbr>attestation</a></h2></div></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><div class="width-limiter"><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><div class="rustdoc-breadcrumbs"><a href="../index.html">tlsn</a>::<wbr><a href="index.html">attestation</a></div><h1>Constant <span class="constant">VERSION</span><button id="copy-path" title="Copy item path to clipboard">Copy item path</button></h1><rustdoc-toolbar></rustdoc-toolbar><span class="sub-heading"><a class="src" href="../../src/tlsn_core/attestation.rs.html#59">Source</a> </span></div><pre class="rust item-decl"><code>pub const VERSION: <a class="struct" href="struct.Version.html" title="struct tlsn::attestation::Version">Version</a>;</code></pre><details class="toggle top-doc" open><summary class="hideme"><span>Expand description</span></summary><div class="docblock"><p>Current version of attestations.</p>
</div></details></section></div></main></body></html>

138
tlsn/attestation/enum.FieldKind.html Normal file
View File

File diff suppressed because one or more lines are too long

25
tlsn/attestation/index.html Normal file
View File

@@ -0,0 +1,25 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Attestation types."><title>tlsn::attestation - Rust</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../sidebar-items.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc mod"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle" title="show sidebar"></button></nav><nav class="sidebar"><div class="sidebar-crate"><h2><a href="../../tlsn/index.html">tlsn</a><span class="version">0.1.0-alpha.13-pre</span></h2></div><div class="sidebar-elems"><section id="rustdoc-toc"><h2 class="location"><a href="#">Module attestation</a></h2><h3><a href="#">Sections</a></h3><ul class="block top-toc"><li><a href="#extensions" title="Extensions">Extensions</a></li></ul><h3><a href="#structs">Module Items</a></h3><ul class="block"><li><a href="#structs" title="Structs">Structs</a></li><li><a href="#enums" title="Enums">Enums</a></li><li><a href="#constants" title="Constants">Constants</a></li></ul></section><div id="rustdoc-modnav"><h2 class="in-crate"><a href="../index.html">In crate tlsn</a></h2></div></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><div class="width-limiter"><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><div class="rustdoc-breadcrumbs"><a href="../index.html">tlsn</a></div><h1>Module <span>attestation</span><button id="copy-path" title="Copy item path to clipboard">Copy item path</button></h1><rustdoc-toolbar></rustdoc-toolbar><span class="sub-heading"><a class="src" href="../../src/tlsn_core/lib.rs.html#179">Source</a> </span></div><details class="toggle top-doc" open><summary class="hideme"><span>Expand description</span></summary><div class="docblock"><p>Attestation types.</p>
<p>An attestation is a cryptographically signed document issued by a Notary who
witnessed a TLS connection. It contains various fields which can be used to
verify statements about the connection and the associated application data.</p>
<p>Attestations are comprised of two parts: a <a href="struct.Header.html" title="struct tlsn::attestation::Header"><code>Header</code></a> and a <a href="struct.Body.html" title="struct tlsn::attestation::Body"><code>Body</code></a>.</p>
<p>The header is the data structure which is signed by a Notary. It
contains a unique identifier, the protocol version, and a Merkle root
of the body fields.</p>
<p>The body contains the fields of the attestation. These fields include data
which can be used to verify aspects of a TLS connection, such as the
servers identity, and facts about the transcript.</p>
<h2 id="extensions"><a class="doc-anchor" href="#extensions">§</a>Extensions</h2>
<p>An attestation may be extended using <a href="struct.Extension.html" title="struct tlsn::attestation::Extension"><code>Extension</code></a> fields included in the
body. Extensions (currently) have no canonical semantics, but may be used to
implement application specific functionality.</p>
<p>A Prover may <a href="../../tlsn_core/request/config/struct.RequestConfigBuilder.html#method.extension" title="method tlsn_core::request::config::RequestConfigBuilder::extension">append
extensions</a>
to their attestation request, provided that the Notary supports them
(disallowed by default). A Notary may also be configured to
<a href="struct.AttestationConfigBuilder.html#method.extension_validator" title="method tlsn::attestation::AttestationConfigBuilder::extension_validator">validate</a>
any extensions requested by a Prover using custom application logic.
Additionally, a Notary may
<a href="struct.AttestationBuilder.html#method.extension" title="method tlsn::attestation::AttestationBuilder::extension">include</a>
their own extensions.</p>
</div></details><h2 id="structs" class="section-header">Structs<a href="#structs" class="anchor">§</a></h2><dl class="item-table"><dt><a class="struct" href="struct.Attestation.html" title="struct tlsn::attestation::Attestation">Attestation</a></dt><dd>An attestation document.</dd><dt><a class="struct" href="struct.AttestationBuilder.html" title="struct tlsn::attestation::AttestationBuilder">Attestation<wbr>Builder</a></dt><dd>An attestation builder.</dd><dt><a class="struct" href="struct.AttestationBuilderError.html" title="struct tlsn::attestation::AttestationBuilderError">Attestation<wbr>Builder<wbr>Error</a></dt><dd>Error for <a href="struct.AttestationBuilder.html" title="struct tlsn::attestation::AttestationBuilder"><code>AttestationBuilder</code></a>.</dd><dt><a class="struct" href="struct.AttestationConfig.html" title="struct tlsn::attestation::AttestationConfig">Attestation<wbr>Config</a></dt><dd>Attestation configuration.</dd><dt><a class="struct" href="struct.AttestationConfigBuilder.html" title="struct tlsn::attestation::AttestationConfigBuilder">Attestation<wbr>Config<wbr>Builder</a></dt><dd>Builder for <a href="struct.AttestationConfig.html" title="struct tlsn::attestation::AttestationConfig"><code>AttestationConfig</code></a>.</dd><dt><a class="struct" href="struct.AttestationConfigError.html" title="struct tlsn::attestation::AttestationConfigError">Attestation<wbr>Config<wbr>Error</a></dt><dd>Error for <a href="struct.AttestationConfig.html" title="struct tlsn::attestation::AttestationConfig"><code>AttestationConfig</code></a>.</dd><dt><a class="struct" href="struct.AttestationError.html" title="struct tlsn::attestation::AttestationError">Attestation<wbr>Error</a></dt><dd>Error for <a href="struct.AttestationProof.html" title="struct tlsn::attestation::AttestationProof"><code>AttestationProof</code></a>.</dd><dt><a class="struct" href="struct.AttestationProof.html" title="struct tlsn::attestation::AttestationProof">Attestation<wbr>Proof</a></dt><dd>Proof of an attestation.</dd><dt><a class="struct" href="struct.Body.html" title="struct tlsn::attestation::Body">Body</a></dt><dd>Attestation body.</dd><dt><a class="struct" href="struct.Extension.html" title="struct tlsn::attestation::Extension">Extension</a></dt><dd>An attestation extension.</dd><dt><a class="struct" href="struct.Field.html" title="struct tlsn::attestation::Field">Field</a></dt><dd>Public attestation field.</dd><dt><a class="struct" href="struct.FieldId.html" title="struct tlsn::attestation::FieldId">FieldId</a></dt><dd>Identifier for a field.</dd><dt><a class="struct" href="struct.Header.html" title="struct tlsn::attestation::Header">Header</a></dt><dd>Attestation header.</dd><dt><a class="struct" href="struct.InvalidExtension.html" title="struct tlsn::attestation::InvalidExtension">Invalid<wbr>Extension</a></dt><dd>Invalid extension error.</dd><dt><a class="struct" href="struct.Uid.html" title="struct tlsn::attestation::Uid">Uid</a></dt><dd>Unique identifier for an attestation.</dd><dt><a class="struct" href="struct.Version.html" title="struct tlsn::attestation::Version">Version</a></dt><dd>Version of an attestation.</dd></dl><h2 id="enums" class="section-header">Enums<a href="#enums" class="anchor">§</a></h2><dl class="item-table"><dt><a class="enum" href="enum.FieldKind.html" title="enum tlsn::attestation::FieldKind">Field<wbr>Kind</a></dt><dd>Kind of an attestation field.</dd></dl><h2 id="constants" class="section-header">Constants<a href="#constants" class="anchor">§</a></h2><dl class="item-table"><dt><a class="constant" href="constant.VERSION.html" title="constant tlsn::attestation::VERSION">VERSION</a></dt><dd>Current version of attestations.</dd></dl></section></div></main></body></html>

1
tlsn/attestation/sidebar-items.js Normal file
View File

@@ -0,0 +1 @@
window.SIDEBAR_ITEMS = {"constant":["VERSION"],"enum":["FieldKind"],"struct":["Attestation","AttestationBuilder","AttestationBuilderError","AttestationConfig","AttestationConfigBuilder","AttestationConfigError","AttestationError","AttestationProof","Body","Extension","Field","FieldId","Header","InvalidExtension","Uid","Version"]};

132
tlsn/attestation/struct.Attestation.html Normal file
View File

File diff suppressed because one or more lines are too long

134
tlsn/attestation/struct.AttestationBuilder.html Normal file
View File

File diff suppressed because one or more lines are too long

106
tlsn/attestation/struct.AttestationBuilderError.html Normal file
View File

File diff suppressed because one or more lines are too long

107
tlsn/attestation/struct.AttestationConfig.html Normal file
View File

File diff suppressed because one or more lines are too long

124
tlsn/attestation/struct.AttestationConfigBuilder.html Normal file
View File

File diff suppressed because one or more lines are too long

105
tlsn/attestation/struct.AttestationConfigError.html Normal file
View File

File diff suppressed because one or more lines are too long

105
tlsn/attestation/struct.AttestationError.html Normal file
View File

File diff suppressed because one or more lines are too long

129
tlsn/attestation/struct.AttestationProof.html Normal file
View File

File diff suppressed because one or more lines are too long

122
tlsn/attestation/struct.Body.html Normal file
View File

File diff suppressed because one or more lines are too long

129
tlsn/attestation/struct.Extension.html Normal file
View File

File diff suppressed because one or more lines are too long

134
tlsn/attestation/struct.Field.html Normal file
View File

File diff suppressed because one or more lines are too long

134
tlsn/attestation/struct.FieldId.html Normal file
View File

File diff suppressed because one or more lines are too long

132
tlsn/attestation/struct.Header.html Normal file
View File

File diff suppressed because one or more lines are too long

107
tlsn/attestation/struct.InvalidExtension.html Normal file
View File

File diff suppressed because one or more lines are too long

132
tlsn/attestation/struct.Uid.html Normal file
View File

File diff suppressed because one or more lines are too long

130
tlsn/attestation/struct.Version.html Normal file
View File

File diff suppressed because one or more lines are too long

121
tlsn/config/enum.NetworkSetting.html Normal file
View File

File diff suppressed because one or more lines are too long

6
tlsn_verifier/enum.VerifierConfigBuilderError.html → tlsn/config/enum.ProtocolConfigBuilderError.html
View File

File diff suppressed because one or more lines are too long

110
tlsn/config/enum.ProtocolConfigValidatorBuilderError.html Normal file
View File

File diff suppressed because one or more lines are too long

3
tlsn/config/index.html Normal file
View File

@@ -0,0 +1,3 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="TLSNotary protocol config and config utilities."><title>tlsn::config - Rust</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../sidebar-items.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc mod"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle" title="show sidebar"></button></nav><nav class="sidebar"><div class="sidebar-crate"><h2><a href="../../tlsn/index.html">tlsn</a><span class="version">0.1.0-alpha.13-pre</span></h2></div><div class="sidebar-elems"><section id="rustdoc-toc"><h2 class="location"><a href="#">Module config</a></h2><h3><a href="#structs">Module Items</a></h3><ul class="block"><li><a href="#structs" title="Structs">Structs</a></li><li><a href="#enums" title="Enums">Enums</a></li></ul></section><div id="rustdoc-modnav"><h2 class="in-crate"><a href="../index.html">In crate tlsn</a></h2></div></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><div class="width-limiter"><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><div class="rustdoc-breadcrumbs"><a href="../index.html">tlsn</a></div><h1>Module <span>config</span><button id="copy-path" title="Copy item path to clipboard">Copy item path</button></h1><rustdoc-toolbar></rustdoc-toolbar><span class="sub-heading"><a class="src" href="../../src/tlsn/config.rs.html#1-364">Source</a> </span></div><details class="toggle top-doc" open><summary class="hideme"><span>Expand description</span></summary><div class="docblock"><p>TLSNotary protocol config and config utilities.</p>
</div></details><h2 id="structs" class="section-header">Structs<a href="#structs" class="anchor">§</a></h2><dl class="item-table"><dt><a class="struct" href="struct.ProtocolConfig.html" title="struct tlsn::config::ProtocolConfig">Protocol<wbr>Config</a></dt><dd>Protocol configuration to be set up initially by prover and verifier.</dd><dt><a class="struct" href="struct.ProtocolConfigBuilder.html" title="struct tlsn::config::ProtocolConfigBuilder">Protocol<wbr>Config<wbr>Builder</a></dt><dd>Builder for <a href="struct.ProtocolConfig.html"><code>ProtocolConfig</code></a>.</dd><dt><a class="struct" href="struct.ProtocolConfigError.html" title="struct tlsn::config::ProtocolConfigError">Protocol<wbr>Config<wbr>Error</a></dt><dd>A ProtocolConfig error.</dd><dt><a class="struct" href="struct.ProtocolConfigValidator.html" title="struct tlsn::config::ProtocolConfigValidator">Protocol<wbr>Config<wbr>Validator</a></dt><dd>Protocol configuration validator used by checker (i.e. verifier) to perform
compatibility check with the peers (i.e. the provers) configuration.</dd><dt><a class="struct" href="struct.ProtocolConfigValidatorBuilder.html" title="struct tlsn::config::ProtocolConfigValidatorBuilder">Protocol<wbr>Config<wbr>Validator<wbr>Builder</a></dt><dd>Builder for <a href="struct.ProtocolConfigValidator.html"><code>ProtocolConfigValidator</code></a>.</dd></dl><h2 id="enums" class="section-header">Enums<a href="#enums" class="anchor">§</a></h2><dl class="item-table"><dt><a class="enum" href="enum.NetworkSetting.html" title="enum tlsn::config::NetworkSetting">Network<wbr>Setting</a></dt><dd>Settings for the network environment.</dd><dt><a class="enum" href="enum.ProtocolConfigBuilderError.html" title="enum tlsn::config::ProtocolConfigBuilderError">Protocol<wbr>Config<wbr>Builder<wbr>Error</a></dt><dd>Error type for ProtocolConfigBuilder</dd><dt><a class="enum" href="enum.ProtocolConfigValidatorBuilderError.html" title="enum tlsn::config::ProtocolConfigValidatorBuilderError">Protocol<wbr>Config<wbr>Validator<wbr>Builder<wbr>Error</a></dt><dd>Error type for ProtocolConfigValidatorBuilder</dd></dl></section></div></main></body></html>

1
tlsn/config/sidebar-items.js Normal file
View File

@@ -0,0 +1 @@
window.SIDEBAR_ITEMS = {"enum":["NetworkSetting","ProtocolConfigBuilderError","ProtocolConfigValidatorBuilderError"],"struct":["ProtocolConfig","ProtocolConfigBuilder","ProtocolConfigError","ProtocolConfigValidator","ProtocolConfigValidatorBuilder"]};

125
tlsn/config/struct.ProtocolConfig.html Normal file
View File

File diff suppressed because one or more lines are too long

119
tlsn/config/struct.ProtocolConfigBuilder.html Normal file
View File

File diff suppressed because one or more lines are too long

105
tlsn/config/struct.ProtocolConfigError.html Normal file
View File

File diff suppressed because one or more lines are too long

119
tlsn/config/struct.ProtocolConfigValidator.html Normal file
View File

File diff suppressed because one or more lines are too long

115
tlsn/config/struct.ProtocolConfigValidatorBuilder.html Normal file
View File

File diff suppressed because one or more lines are too long

111
tlsn/connection/enum.CertificateVerificationError.html Normal file
View File

File diff suppressed because one or more lines are too long

122
tlsn/connection/enum.HandshakeData.html Normal file
View File

File diff suppressed because one or more lines are too long

130
tlsn/connection/enum.KeyType.html Normal file
View File

File diff suppressed because one or more lines are too long

142
tlsn/connection/enum.SignatureScheme.html Normal file
View File

File diff suppressed because one or more lines are too long

134
tlsn/connection/enum.TlsVersion.html Normal file
View File

File diff suppressed because one or more lines are too long

16
tlsn/connection/index.html Normal file
View File

@@ -0,0 +1,16 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="TLS connection types."><title>tlsn::connection - Rust</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../sidebar-items.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc mod"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle" title="show sidebar"></button></nav><nav class="sidebar"><div class="sidebar-crate"><h2><a href="../../tlsn/index.html">tlsn</a><span class="version">0.1.0-alpha.13-pre</span></h2></div><div class="sidebar-elems"><section id="rustdoc-toc"><h2 class="location"><a href="#">Module connection</a></h2><h3><a href="#">Sections</a></h3><ul class="block top-toc"><li><a href="#commitment" title="Commitment">Commitment</a></li><li><a href="#proving-the-servers-identity" title="Proving the Servers identity">Proving the Servers identity</a></li></ul><h3><a href="#structs">Module Items</a></h3><ul class="block"><li><a href="#structs" title="Structs">Structs</a></li><li><a href="#enums" title="Enums">Enums</a></li></ul></section><div id="rustdoc-modnav"><h2 class="in-crate"><a href="../index.html">In crate tlsn</a></h2></div></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><div class="width-limiter"><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><div class="rustdoc-breadcrumbs"><a href="../index.html">tlsn</a></div><h1>Module <span>connection</span><button id="copy-path" title="Copy item path to clipboard">Copy item path</button></h1><rustdoc-toolbar></rustdoc-toolbar><span class="sub-heading"><a class="src" href="../../src/tlsn_core/lib.rs.html#180">Source</a> </span></div><details class="toggle top-doc" open><summary class="hideme"><span>Expand description</span></summary><div class="docblock"><p>TLS connection types.</p>
<h3 id="commitment"><a class="doc-anchor" href="#commitment">§</a>Commitment</h3>
<p>During the TLS handshake the Notary receives the Servers ephemeral public
key, and this key serves as a binding commitment to the identity of the
Server. The ephemeral key itself does not reveal the Servers identity, but
it is bound to it via a signature created using the Servers
X.509 certificate.</p>
<p>A Prover can withhold the Servers signature and certificate chain from the
Notary to improve privacy and censorship resistance.</p>
<h3 id="proving-the-servers-identity"><a class="doc-anchor" href="#proving-the-servers-identity">§</a>Proving the Servers identity</h3>
<p>A Prover can prove the Servers identity to a Verifier by sending a
<a href="struct.ServerIdentityProof.html" title="struct tlsn::connection::ServerIdentityProof"><code>ServerIdentityProof</code></a>. This proof contains all the information required to
establish the link between the TLS connection and the Servers X.509
certificate. A Verifier checks the Servers certificate against their own
trust anchors, the same way a typical TLS client would.</p>
</div></details><h2 id="structs" class="section-header">Structs<a href="#structs" class="anchor">§</a></h2><dl class="item-table"><dt><a class="struct" href="struct.Certificate.html" title="struct tlsn::connection::Certificate">Certificate</a></dt><dd>X.509 certificate, DER encoded.</dd><dt><a class="struct" href="struct.ConnectionInfo.html" title="struct tlsn::connection::ConnectionInfo">Connection<wbr>Info</a></dt><dd>TLS session information.</dd><dt><a class="struct" href="struct.HandshakeDataV1_2.html" title="struct tlsn::connection::HandshakeDataV1_2">Handshake<wbr>Data<wbr>V1_<wbr>2</a></dt><dd>TLS 1.2 handshake data.</dd><dt><a class="struct" href="struct.ServerCertCommitment.html" title="struct tlsn::connection::ServerCertCommitment">Server<wbr>Cert<wbr>Commitment</a></dt><dd>Commitment to a server certificate.</dd><dt><a class="struct" href="struct.ServerCertData.html" title="struct tlsn::connection::ServerCertData">Server<wbr>Cert<wbr>Data</a></dt><dd>Server certificate and handshake data.</dd><dt><a class="struct" href="struct.ServerCertOpening.html" title="struct tlsn::connection::ServerCertOpening">Server<wbr>Cert<wbr>Opening</a></dt><dd>Opens a <a href="struct.ServerCertCommitment.html" title="struct tlsn::connection::ServerCertCommitment"><code>ServerCertCommitment</code></a>.</dd><dt><a class="struct" href="struct.ServerEphemKey.html" title="struct tlsn::connection::ServerEphemKey">Server<wbr>Ephem<wbr>Key</a></dt><dd>Servers ephemeral public key.</dd><dt><a class="struct" href="struct.ServerIdentityProof.html" title="struct tlsn::connection::ServerIdentityProof">Server<wbr>Identity<wbr>Proof</a></dt><dd>TLS server identity proof.</dd><dt><a class="struct" href="struct.ServerIdentityProofError.html" title="struct tlsn::connection::ServerIdentityProofError">Server<wbr>Identity<wbr>Proof<wbr>Error</a></dt><dd>Error for <a href="struct.ServerIdentityProof.html" title="struct tlsn::connection::ServerIdentityProof"><code>ServerIdentityProof</code></a>.</dd><dt><a class="struct" href="struct.ServerName.html" title="struct tlsn::connection::ServerName">Server<wbr>Name</a></dt><dd>Servers name, a.k.a. the DNS name.</dd><dt><a class="struct" href="struct.ServerSignature.html" title="struct tlsn::connection::ServerSignature">Server<wbr>Signature</a></dt><dd>Servers signature of the key exchange parameters.</dd><dt><a class="struct" href="struct.TranscriptLength.html" title="struct tlsn::connection::TranscriptLength">Transcript<wbr>Length</a></dt><dd>Transcript length information.</dd><dt><a class="struct" href="struct.VerifyData.html" title="struct tlsn::connection::VerifyData">Verify<wbr>Data</a></dt><dd>Verify data from the TLS handshake finished messages.</dd></dl><h2 id="enums" class="section-header">Enums<a href="#enums" class="anchor">§</a></h2><dl class="item-table"><dt><a class="enum" href="enum.CertificateVerificationError.html" title="enum tlsn::connection::CertificateVerificationError">Certificate<wbr>Verification<wbr>Error</a></dt><dd>Errors that can occur when verifying a certificate chain or signature.</dd><dt><a class="enum" href="enum.HandshakeData.html" title="enum tlsn::connection::HandshakeData">Handshake<wbr>Data</a></dt><dd>TLS handshake data.</dd><dt><a class="enum" href="enum.KeyType.html" title="enum tlsn::connection::KeyType">KeyType</a></dt><dd>Type of a public key.</dd><dt><a class="enum" href="enum.SignatureScheme.html" title="enum tlsn::connection::SignatureScheme">Signature<wbr>Scheme</a></dt><dd>Signature scheme on the key exchange parameters.</dd><dt><a class="enum" href="enum.TlsVersion.html" title="enum tlsn::connection::TlsVersion">TlsVersion</a></dt><dd>TLS version.</dd></dl></section></div></main></body></html>

1
tlsn/connection/sidebar-items.js Normal file
View File

@@ -0,0 +1 @@
window.SIDEBAR_ITEMS = {"enum":["CertificateVerificationError","HandshakeData","KeyType","SignatureScheme","TlsVersion"],"struct":["Certificate","ConnectionInfo","HandshakeDataV1_2","ServerCertCommitment","ServerCertData","ServerCertOpening","ServerEphemKey","ServerIdentityProof","ServerIdentityProofError","ServerName","ServerSignature","TranscriptLength","VerifyData"]};

119
tlsn/connection/struct.Certificate.html Normal file
View File

File diff suppressed because one or more lines are too long

127
tlsn/connection/struct.ConnectionInfo.html Normal file
View File

File diff suppressed because one or more lines are too long

126
tlsn/connection/struct.HandshakeDataV1_2.html Normal file
View File

File diff suppressed because one or more lines are too long

120
tlsn/connection/struct.ServerCertCommitment.html Normal file
View File

File diff suppressed because one or more lines are too long

140
tlsn/connection/struct.ServerCertData.html Normal file
View File

File diff suppressed because one or more lines are too long

120
tlsn/connection/struct.ServerCertOpening.html Normal file
View File

File diff suppressed because one or more lines are too long

131
tlsn/connection/struct.ServerEphemKey.html Normal file
View File

File diff suppressed because one or more lines are too long

133
tlsn/connection/struct.ServerIdentityProof.html Normal file
View File

File diff suppressed because one or more lines are too long

105
tlsn/connection/struct.ServerIdentityProofError.html Normal file
View File

File diff suppressed because one or more lines are too long

130
tlsn/connection/struct.ServerName.html Normal file
View File

File diff suppressed because one or more lines are too long

124
tlsn/connection/struct.ServerSignature.html Normal file
View File

File diff suppressed because one or more lines are too long

129
tlsn/connection/struct.TranscriptLength.html Normal file
View File

File diff suppressed because one or more lines are too long

124
tlsn/connection/struct.VerifyData.html Normal file
View File

File diff suppressed because one or more lines are too long

2
tlsn/hash/index.html Normal file
View File

@@ -0,0 +1,2 @@
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Hash types."><title>tlsn::hash - Rust</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-6b053e98.ttf.woff2,FiraSans-Italic-81dc35de.woff2,FiraSans-Regular-0fe48ade.woff2,FiraSans-MediumItalic-ccf7e434.woff2,FiraSans-Medium-e1aa3f0a.woff2,SourceCodePro-Regular-8badfe75.ttf.woff2,SourceCodePro-Semibold-aa29a496.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-9960930a.css"><link rel="stylesheet" href="../../static.files/rustdoc-84e720fa.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="tlsn" data-themes="" data-resource-suffix="" data-rustdoc-version="1.90.0-nightly (71e4c005c 2025-07-01)" data-channel="nightly" data-search-js="search-179e01a3.js" data-settings-js="settings-5514c975.js" ><script src="../../static.files/storage-4e99c027.js"></script><script defer src="../sidebar-items.js"></script><script defer src="../../static.files/main-340f468f.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-32bb7600.css"></noscript><link rel="alternate icon" type="image/png" href="../../static.files/favicon-32x32-6580c154.png"><link rel="icon" type="image/svg+xml" href="../../static.files/favicon-044be391.svg"></head><body class="rustdoc mod"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle" title="show sidebar"></button></nav><nav class="sidebar"><div class="sidebar-crate"><h2><a href="../../tlsn/index.html">tlsn</a><span class="version">0.1.0-alpha.13-pre</span></h2></div><div class="sidebar-elems"><section id="rustdoc-toc"><h2 class="location"><a href="#">Module hash</a></h2><h3><a href="#structs">Module Items</a></h3><ul class="block"><li><a href="#structs" title="Structs">Structs</a></li><li><a href="#traits" title="Traits">Traits</a></li></ul></section><div id="rustdoc-modnav"><h2 class="in-crate"><a href="../index.html">In crate tlsn</a></h2></div></div></nav><div class="sidebar-resizer" title="Drag to resize sidebar"></div><main><div class="width-limiter"><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="main-heading"><div class="rustdoc-breadcrumbs"><a href="../index.html">tlsn</a></div><h1>Module <span>hash</span><button id="copy-path" title="Copy item path to clipboard">Copy item path</button></h1><rustdoc-toolbar></rustdoc-toolbar><span class="sub-heading"><a class="src" href="../../src/tlsn_core/lib.rs.html#183">Source</a> </span></div><details class="toggle top-doc" open><summary class="hideme"><span>Expand description</span></summary><div class="docblock"><p>Hash types.</p>
</div></details><h2 id="structs" class="section-header">Structs<a href="#structs" class="anchor">§</a></h2><dl class="item-table"><dt><a class="struct" href="struct.Blake3.html" title="struct tlsn::hash::Blake3">Blake3</a></dt><dd>BLAKE3 hash algorithm.</dd><dt><a class="struct" href="struct.Blinder.html" title="struct tlsn::hash::Blinder">Blinder</a></dt><dd>A hash blinder.</dd><dt><a class="struct" href="struct.Hash.html" title="struct tlsn::hash::Hash">Hash</a></dt><dd>A hash value.</dd><dt><a class="struct" href="struct.HashAlgId.html" title="struct tlsn::hash::HashAlgId">Hash<wbr>AlgId</a></dt><dd>A hash algorithm identifier.</dd><dt><a class="struct" href="struct.HashProvider.html" title="struct tlsn::hash::HashProvider">Hash<wbr>Provider</a></dt><dd>Hash provider.</dd><dt><a class="struct" href="struct.HashProviderError.html" title="struct tlsn::hash::HashProviderError">Hash<wbr>Provider<wbr>Error</a></dt><dd>An error for <a href="struct.HashProvider.html" title="struct tlsn::hash::HashProvider"><code>HashProvider</code></a>.</dd><dt><a class="struct" href="struct.Keccak256.html" title="struct tlsn::hash::Keccak256">Keccak256</a></dt><dd>Keccak-256 hash algorithm.</dd><dt><a class="struct" href="struct.Sha256.html" title="struct tlsn::hash::Sha256">Sha256</a></dt><dd>SHA-256 hash algorithm.</dd><dt><a class="struct" href="struct.TypedHash.html" title="struct tlsn::hash::TypedHash">Typed<wbr>Hash</a></dt><dd>A typed hash value.</dd></dl><h2 id="traits" class="section-header">Traits<a href="#traits" class="anchor">§</a></h2><dl class="item-table"><dt><a class="trait" href="trait.HashAlgorithm.html" title="trait tlsn::hash::HashAlgorithm">Hash<wbr>Algorithm</a></dt><dd>A hashing algorithm.</dd></dl></section></div></main></body></html>

1
tlsn/hash/sidebar-items.js Normal file
View File

@@ -0,0 +1 @@
window.SIDEBAR_ITEMS = {"struct":["Blake3","Blinder","Hash","HashAlgId","HashProvider","HashProviderError","Keccak256","Sha256","TypedHash"],"trait":["HashAlgorithm"]};

106
tlsn/hash/struct.Blake3.html Normal file
View File

File diff suppressed because one or more lines are too long

122
tlsn/hash/struct.Blinder.html Normal file
View File

File diff suppressed because one or more lines are too long

127
tlsn/hash/struct.Hash.html Normal file
View File

File diff suppressed because one or more lines are too long

139
tlsn/hash/struct.HashAlgId.html Normal file
View File

File diff suppressed because one or more lines are too long

115
tlsn/hash/struct.HashProvider.html Normal file
View File

File diff suppressed because one or more lines are too long

Some files were not shown because too many files have changed in this diff Show More