add config option to mpc-tls, prover and verifier

th4s · th4s · commit 853a93062e2c · 2025-04-11T15:26:53.000+02:00
diff --git a/crates/benches/binary/src/preprocess.rs b/crates/benches/binary/src/preprocess.rs
@@ -1,4 +1,4 @@
-use hmac_sha256::MpcPrf;
+use hmac_sha256::{Config, MpcPrf};
 use mpz_garble::protocol::semihonest::{Evaluator, Garbler};
 use mpz_ot::ideal::cot::{ideal_cot, IdealCOTReceiver, IdealCOTSender};
 use mpz_vm_core::memory::{binary::U8, correlated::Delta, Array, MemoryExt};
@@ -8,7 +8,7 @@ pub async fn preprocess_prf_circuits() {
     let (mut garbler, _) = mock_vm();
     let pms: Array<U8, 32> = garbler.alloc().unwrap();
 
-    let mut prf = MpcPrf::default();
+    let mut prf = MpcPrf::new(Config::default());
     prf.alloc(&mut garbler, pms).unwrap();
 }
 
diff --git a/crates/components/hmac-sha256/benches/prf.rs b/crates/components/hmac-sha256/benches/prf.rs
@@ -2,7 +2,7 @@
 
 use criterion::{criterion_group, criterion_main, Criterion};
 
-use hmac_sha256::MpcPrf;
+use hmac_sha256::{Config, MpcPrf};
 use mpz_common::context::test_mt_context;
 use mpz_garble::protocol::semihonest::{Evaluator, Garbler};
 use mpz_ot::ideal::cot::ideal_cot;
@@ -52,8 +52,8 @@ async fn prf() {
     follower_vm.assign(follower_pms, pms).unwrap();
     follower_vm.commit(follower_pms).unwrap();
 
-    let mut leader = MpcPrf::default();
-    let mut follower = MpcPrf::default();
+    let mut leader = MpcPrf::new(Config::default());
+    let mut follower = MpcPrf::new(Config::default());
 
     let leader_output = leader.alloc(&mut leader_vm, leader_pms).unwrap();
     let follower_output = follower.alloc(&mut follower_vm, follower_pms).unwrap();
diff --git a/crates/components/hmac-sha256/src/prf/mod.rs b/crates/components/hmac-sha256/src/prf/mod.rs
@@ -24,13 +24,6 @@ pub struct MpcPrf {
     circuits: Option<Circuits>,
 }
 
-impl Default for MpcPrf {
-    fn default() -> Self {
-        let config = Config::default();
-        Self::new(config)
-    }
-}
-
 impl MpcPrf {
     /// Creates a new instance of the PRF.
     ///
diff --git a/crates/mpc-tls/src/config.rs b/crates/mpc-tls/src/config.rs
@@ -1,4 +1,5 @@
 use derive_builder::Builder;
+use hmac_sha256::Config as PrfConfig;
 
 const MIN_SENT: usize = 32;
 const MIN_SENT_RECORDS: usize = 8;
@@ -30,6 +31,8 @@ pub struct Config {
     /// Maximum number of received bytes.
     #[allow(unused)]
     pub(crate) max_recv: usize,
+    /// Configuration options for the PRF.
+    pub(crate) prf: PrfConfig,
 }
 
 impl Config {
@@ -76,6 +79,7 @@ impl ConfigBuilder {
             max_recv_records,
             max_recv_online,
             max_recv,
+            prf: self.prf.unwrap_or_default(),
         })
     }
 }
diff --git a/crates/mpc-tls/src/follower.rs b/crates/mpc-tls/src/follower.rs
@@ -63,7 +63,7 @@ impl MpcTlsFollower {
             )),
         )) as Box<dyn KeyExchange + Send + Sync>;
 
-        let prf = MpcPrf::default();
+        let prf = MpcPrf::new(config.prf);
 
         let encrypter = MpcAesGcm::new(
             ShareConversionReceiver::new(OLEReceiver::new(AnyReceiver::new(
diff --git a/crates/mpc-tls/src/leader.rs b/crates/mpc-tls/src/leader.rs
@@ -87,7 +87,7 @@ impl MpcTlsLeader {
             ))),
         )) as Box<dyn KeyExchange + Send + Sync>;
 
-        let prf = MpcPrf::default();
+        let prf = MpcPrf::new(config.prf);
 
         let encrypter = MpcAesGcm::new(
             ShareConversionSender::new(OLESender::new(
diff --git a/crates/prover/Cargo.toml b/crates/prover/Cargo.toml
@@ -21,6 +21,7 @@ tlsn-tls-client = { workspace = true }
 tlsn-tls-client-async = { workspace = true }
 tlsn-tls-core = { workspace = true }
 tlsn-mpc-tls = { workspace = true }
+tlsn-hmac-sha256 = { workspace = true }
 
 serio = { workspace = true, features = ["compat"] }
 uid-mux = { workspace = true, features = ["serio"] }
diff --git a/crates/prover/src/config.rs b/crates/prover/src/config.rs
@@ -1,5 +1,6 @@
 use std::sync::Arc;
 
+use hmac_sha256::Config as PrfConfig;
 use mpc_tls::Config;
 use tlsn_common::config::ProtocolConfig;
 use tlsn_core::{connection::ServerName, CryptoProvider};
@@ -19,6 +20,9 @@ pub struct ProverConfig {
     /// Cryptography provider.
     #[builder(default, setter(into))]
     crypto_provider: Arc<CryptoProvider>,
+    /// Configuration options for the PRF.
+    #[builder(default)]
+    prf: PrfConfig,
 }
 
 impl ProverConfig {
@@ -54,6 +58,7 @@ impl ProverConfig {
             .max_sent(self.protocol_config.max_sent_data())
             .max_recv_online(self.protocol_config.max_recv_data_online())
             .max_recv(self.protocol_config.max_recv_data())
+            .prf(self.prf)
             .build()
             .unwrap()
     }
diff --git a/crates/verifier/Cargo.toml b/crates/verifier/Cargo.toml
@@ -19,6 +19,7 @@ tlsn-core = { workspace = true }
 tlsn-deap = { workspace = true }
 tlsn-mpc-tls = { workspace = true }
 tlsn-tls-core = { workspace = true }
+tlsn-hmac-sha256 = { workspace = true }
 
 serio = { workspace = true, features = ["compat"] }
 uid-mux = { workspace = true, features = ["serio"] }
diff --git a/crates/verifier/src/config.rs b/crates/verifier/src/config.rs
@@ -3,6 +3,7 @@ use std::{
     sync::Arc,
 };
 
+use hmac_sha256::Config as PrfConfig;
 use mpc_tls::Config;
 use tlsn_common::config::{ProtocolConfig, ProtocolConfigValidator};
 use tlsn_core::CryptoProvider;
@@ -16,6 +17,9 @@ pub struct VerifierConfig {
     /// Cryptography provider.
     #[builder(default, setter(into))]
     crypto_provider: Arc<CryptoProvider>,
+    /// Configuration options for the PRF.
+    #[builder(default)]
+    prf: PrfConfig,
 }
 
 impl Debug for VerifierConfig {
@@ -47,6 +51,7 @@ impl VerifierConfig {
             .max_sent(protocol_config.max_sent_data())
             .max_recv_online(protocol_config.max_recv_data_online())
             .max_recv(protocol_config.max_recv_data())
+            .prf(self.prf)
             .build()
             .unwrap()
     }

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`use derive_builder::Builder;`
	`2`	`+use hmac_sha256::Config as PrfConfig;`
`2`	`3`
`3`	`4`	`const MIN_SENT: usize = 32;`
`4`	`5`	`const MIN_SENT_RECORDS: usize = 8;`
`@@ -30,6 +31,8 @@ pub struct Config {`
`30`	`31`	`/// Maximum number of received bytes.`
`31`	`32`	`#[allow(unused)]`
`32`	`33`	`pub(crate) max_recv: usize,`
	`34`	`+ /// Configuration options for the PRF.`
	`35`	`+ pub(crate) prf: PrfConfig,`
`33`	`36`	`}`
`34`	`37`
`35`	`38`	`impl Config {`
`@@ -76,6 +79,7 @@ impl ConfigBuilder {`
`76`	`79`	`max_recv_records,`
`77`	`80`	`max_recv_online,`
`78`	`81`	`max_recv,`
	`82`	`+ prf: self.prf.unwrap_or_default(),`
`79`	`83`	`})`
`80`	`84`	`}`
`81`	`85`	`}`