tlsn_core/
fixtures.rs

1//! Fixtures for testing
2
3mod provider;
4pub mod transcript;
5
6pub use provider::FixtureEncodingProvider;
7
8use hex::FromHex;
9
10use crate::{
11    connection::{
12        CertBinding, CertBindingV1_2, ConnectionInfo, DnsName, HandshakeData, KeyType,
13        ServerEphemKey, ServerName, ServerSignature, SignatureAlgorithm, TlsVersion,
14        TranscriptLength,
15    },
16    transcript::{
17        encoding::{EncoderSecret, EncodingProvider},
18        Transcript,
19    },
20    webpki::CertificateDer,
21};
22
23/// A fixture containing various TLS connection data.
24#[derive(Clone)]
25#[allow(missing_docs)]
26pub struct ConnectionFixture {
27    pub server_name: ServerName,
28    pub connection_info: ConnectionInfo,
29    pub server_cert_data: HandshakeData,
30}
31
32impl ConnectionFixture {
33    /// Returns a connection fixture for tlsnotary.org.
34    pub fn tlsnotary(transcript_length: TranscriptLength) -> Self {
35        ConnectionFixture {
36            server_name: ServerName::Dns(DnsName::try_from("tlsnotary.org").unwrap()),
37            connection_info: ConnectionInfo {
38                time: 1671637529,
39                version: TlsVersion::V1_2,
40                transcript_length,
41            },
42            server_cert_data: HandshakeData {
43                certs: vec![
44                    CertificateDer(include_bytes!("fixtures/data/tlsnotary.org/ee.der").to_vec()),
45                    CertificateDer(
46                        include_bytes!("fixtures/data/tlsnotary.org/inter.der").to_vec(),
47                    ),
48                    CertificateDer(include_bytes!("fixtures/data/tlsnotary.org/ca.der").to_vec()),
49                ],
50                sig: ServerSignature {
51                    alg: SignatureAlgorithm::RSA_PKCS1_2048_8192_SHA256,
52                    sig: Vec::<u8>::from_hex(include_bytes!(
53                        "fixtures/data/tlsnotary.org/signature"
54                    ))
55                    .unwrap(),
56                },
57                binding: CertBinding::V1_2(CertBindingV1_2 {
58                    client_random: <[u8; 32]>::from_hex(include_bytes!(
59                        "fixtures/data/tlsnotary.org/client_random"
60                    ))
61                    .unwrap(),
62                    server_random: <[u8; 32]>::from_hex(include_bytes!(
63                        "fixtures/data/tlsnotary.org/server_random"
64                    ))
65                    .unwrap(),
66                    server_ephemeral_key: ServerEphemKey {
67                        typ: KeyType::SECP256R1,
68                        key: Vec::<u8>::from_hex(include_bytes!(
69                            "fixtures/data/tlsnotary.org/pubkey"
70                        ))
71                        .unwrap(),
72                    },
73                }),
74            },
75        }
76    }
77
78    /// Returns a connection fixture for appliedzkp.org.
79    pub fn appliedzkp(transcript_length: TranscriptLength) -> Self {
80        ConnectionFixture {
81            server_name: ServerName::Dns(DnsName::try_from("appliedzkp.org").unwrap()),
82            connection_info: ConnectionInfo {
83                time: 1671637529,
84                version: TlsVersion::V1_2,
85                transcript_length,
86            },
87            server_cert_data: HandshakeData {
88                certs: vec![
89                    CertificateDer(include_bytes!("fixtures/data/appliedzkp.org/ee.der").to_vec()),
90                    CertificateDer(
91                        include_bytes!("fixtures/data/appliedzkp.org/inter.der").to_vec(),
92                    ),
93                    CertificateDer(include_bytes!("fixtures/data/appliedzkp.org/ca.der").to_vec()),
94                ],
95                sig: ServerSignature {
96                    alg: SignatureAlgorithm::ECDSA_NISTP256_SHA256,
97                    sig: Vec::<u8>::from_hex(include_bytes!(
98                        "fixtures/data/appliedzkp.org/signature"
99                    ))
100                    .unwrap(),
101                },
102                binding: CertBinding::V1_2(CertBindingV1_2 {
103                    client_random: <[u8; 32]>::from_hex(include_bytes!(
104                        "fixtures/data/appliedzkp.org/client_random"
105                    ))
106                    .unwrap(),
107                    server_random: <[u8; 32]>::from_hex(include_bytes!(
108                        "fixtures/data/appliedzkp.org/server_random"
109                    ))
110                    .unwrap(),
111                    server_ephemeral_key: ServerEphemKey {
112                        typ: KeyType::SECP256R1,
113                        key: Vec::<u8>::from_hex(include_bytes!(
114                            "fixtures/data/appliedzkp.org/pubkey"
115                        ))
116                        .unwrap(),
117                    },
118                }),
119            },
120        }
121    }
122
123    /// Returns the server_ephemeral_key fixture.
124    pub fn server_ephemeral_key(&self) -> &ServerEphemKey {
125        let CertBinding::V1_2(CertBindingV1_2 {
126            server_ephemeral_key,
127            ..
128        }) = &self.server_cert_data.binding;
129        server_ephemeral_key
130    }
131}
132
133/// Returns an encoding provider fixture.
134pub fn encoding_provider(tx: &[u8], rx: &[u8]) -> impl EncodingProvider {
135    let secret = encoder_secret();
136    FixtureEncodingProvider::new(&secret, Transcript::new(tx, rx))
137}
138
139/// Seed fixture.
140const SEED: [u8; 32] = [0; 32];
141
142/// Delta fixture.
143const DELTA: [u8; 16] = [1; 16];
144
145/// Returns an encoder secret fixture.
146pub fn encoder_secret() -> EncoderSecret {
147    EncoderSecret::new(SEED, DELTA)
148}
149
150/// Returns a tampered encoder secret fixture.
151pub fn encoder_secret_tampered_seed() -> EncoderSecret {
152    let mut seed = SEED;
153    seed[0] += 1;
154    EncoderSecret::new(seed, DELTA)
155}