tlsn_core/
fixtures.rs

1//! Fixtures for testing
2
3mod provider;
4
5pub use provider::FixtureEncodingProvider;
6
7use hex::FromHex;
8
9use crate::{
10    connection::{
11        CertBinding, CertBindingV1_2, ConnectionInfo, DnsName, HandshakeData, KeyType,
12        ServerEphemKey, ServerName, ServerSignature, SignatureScheme, TlsVersion, TranscriptLength,
13    },
14    transcript::{
15        encoding::{EncoderSecret, EncodingProvider},
16        Transcript,
17    },
18    webpki::CertificateDer,
19};
20
21/// A fixture containing various TLS connection data.
22#[derive(Clone)]
23#[allow(missing_docs)]
24pub struct ConnectionFixture {
25    pub server_name: ServerName,
26    pub connection_info: ConnectionInfo,
27    pub server_cert_data: HandshakeData,
28}
29
30impl ConnectionFixture {
31    /// Returns a connection fixture for tlsnotary.org.
32    pub fn tlsnotary(transcript_length: TranscriptLength) -> Self {
33        ConnectionFixture {
34            server_name: ServerName::Dns(DnsName::try_from("tlsnotary.org").unwrap()),
35            connection_info: ConnectionInfo {
36                time: 1671637529,
37                version: TlsVersion::V1_2,
38                transcript_length,
39            },
40            server_cert_data: HandshakeData {
41                certs: vec![
42                    CertificateDer(include_bytes!("fixtures/data/tlsnotary.org/ee.der").to_vec()),
43                    CertificateDer(
44                        include_bytes!("fixtures/data/tlsnotary.org/inter.der").to_vec(),
45                    ),
46                    CertificateDer(include_bytes!("fixtures/data/tlsnotary.org/ca.der").to_vec()),
47                ],
48                sig: ServerSignature {
49                    scheme: SignatureScheme::RSA_PKCS1_SHA256,
50                    sig: Vec::<u8>::from_hex(include_bytes!(
51                        "fixtures/data/tlsnotary.org/signature"
52                    ))
53                    .unwrap(),
54                },
55                binding: CertBinding::V1_2(CertBindingV1_2 {
56                    client_random: <[u8; 32]>::from_hex(include_bytes!(
57                        "fixtures/data/tlsnotary.org/client_random"
58                    ))
59                    .unwrap(),
60                    server_random: <[u8; 32]>::from_hex(include_bytes!(
61                        "fixtures/data/tlsnotary.org/server_random"
62                    ))
63                    .unwrap(),
64                    server_ephemeral_key: ServerEphemKey {
65                        typ: KeyType::SECP256R1,
66                        key: Vec::<u8>::from_hex(include_bytes!(
67                            "fixtures/data/tlsnotary.org/pubkey"
68                        ))
69                        .unwrap(),
70                    },
71                }),
72            },
73        }
74    }
75
76    /// Returns a connection fixture for appliedzkp.org.
77    pub fn appliedzkp(transcript_length: TranscriptLength) -> Self {
78        ConnectionFixture {
79            server_name: ServerName::Dns(DnsName::try_from("appliedzkp.org").unwrap()),
80            connection_info: ConnectionInfo {
81                time: 1671637529,
82                version: TlsVersion::V1_2,
83                transcript_length,
84            },
85            server_cert_data: HandshakeData {
86                certs: vec![
87                    CertificateDer(include_bytes!("fixtures/data/appliedzkp.org/ee.der").to_vec()),
88                    CertificateDer(
89                        include_bytes!("fixtures/data/appliedzkp.org/inter.der").to_vec(),
90                    ),
91                    CertificateDer(include_bytes!("fixtures/data/appliedzkp.org/ca.der").to_vec()),
92                ],
93                sig: ServerSignature {
94                    scheme: SignatureScheme::ECDSA_NISTP256_SHA256,
95                    sig: Vec::<u8>::from_hex(include_bytes!(
96                        "fixtures/data/appliedzkp.org/signature"
97                    ))
98                    .unwrap(),
99                },
100                binding: CertBinding::V1_2(CertBindingV1_2 {
101                    client_random: <[u8; 32]>::from_hex(include_bytes!(
102                        "fixtures/data/appliedzkp.org/client_random"
103                    ))
104                    .unwrap(),
105                    server_random: <[u8; 32]>::from_hex(include_bytes!(
106                        "fixtures/data/appliedzkp.org/server_random"
107                    ))
108                    .unwrap(),
109                    server_ephemeral_key: ServerEphemKey {
110                        typ: KeyType::SECP256R1,
111                        key: Vec::<u8>::from_hex(include_bytes!(
112                            "fixtures/data/appliedzkp.org/pubkey"
113                        ))
114                        .unwrap(),
115                    },
116                }),
117            },
118        }
119    }
120
121    /// Returns the server_ephemeral_key fixture.
122    pub fn server_ephemeral_key(&self) -> &ServerEphemKey {
123        let CertBinding::V1_2(CertBindingV1_2 {
124            server_ephemeral_key,
125            ..
126        }) = &self.server_cert_data.binding;
127        server_ephemeral_key
128    }
129}
130
131/// Returns an encoding provider fixture.
132pub fn encoding_provider(tx: &[u8], rx: &[u8]) -> impl EncodingProvider {
133    let secret = encoder_secret();
134    FixtureEncodingProvider::new(&secret, Transcript::new(tx, rx))
135}
136
137/// Seed fixture.
138const SEED: [u8; 32] = [0; 32];
139
140/// Delta fixture.
141const DELTA: [u8; 16] = [1; 16];
142
143/// Returns an encoder secret fixture.
144pub fn encoder_secret() -> EncoderSecret {
145    EncoderSecret::new(SEED, DELTA)
146}
147
148/// Returns a tampered encoder secret fixture.
149pub fn encoder_secret_tampered_seed() -> EncoderSecret {
150    let mut seed = SEED;
151    seed[0] += 1;
152    EncoderSecret::new(seed, DELTA)
153}