refactor: move trait SelfsignedCertVerifier and all related to mod.rs

This commit is contained in:
DarkCat09 2024-08-06 20:40:39 +04:00
parent c6567beed7
commit 700981a5e3
Signed by: DarkCat09
GPG key ID: 0A26CD5B3345D6E3
5 changed files with 30 additions and 23 deletions

View file

@ -5,7 +5,7 @@ use tokio::io::AsyncBufReadExt;
use tokio_gemini::certs::{ use tokio_gemini::certs::{
fingerprint::{self, generate_fingerprint}, fingerprint::{self, generate_fingerprint},
insecure::AllowAllCertVerifier, insecure::AllowAllCertVerifier,
verifier::{SelfsignedCert, SelfsignedCertVerifier}, SelfsignedCert, SelfsignedCertVerifier,
}; };
// //
@ -147,9 +147,9 @@ impl CertVerifier {
impl SelfsignedCertVerifier for CertVerifier { impl SelfsignedCertVerifier for CertVerifier {
fn verify( fn verify(
&self, &self,
cert: &tokio_gemini::certs::verifier::CertificateDer, cert: &tokio_gemini::certs::CertificateDer,
host: &str, host: &str,
_now: tokio_gemini::certs::verifier::UnixTime, _now: tokio_gemini::certs::UnixTime,
) -> Result<bool, tokio_rustls::rustls::Error> { ) -> Result<bool, tokio_rustls::rustls::Error> {
if let Some(known_cert) = self.map.get(host) { if let Some(known_cert) = self.map.get(host) {
// if host is found in known_hosts, compare certs // if host is found in known_hosts, compare certs

View file

@ -1,7 +1,7 @@
use tokio_gemini::{ use tokio_gemini::{
certs::{ certs::{
fingerprint::{generate_fingerprint, Algorithm}, fingerprint::{generate_fingerprint, Algorithm},
verifier::SelfsignedCertVerifier, SelfsignedCertVerifier,
}, },
Client, LibError, Client, LibError,
}; };
@ -38,9 +38,9 @@ struct CertVerifier;
impl SelfsignedCertVerifier for CertVerifier { impl SelfsignedCertVerifier for CertVerifier {
fn verify( fn verify(
&self, &self,
cert: &tokio_gemini::certs::verifier::CertificateDer, cert: &tokio_gemini::certs::CertificateDer,
host: &str, host: &str,
_now: tokio_gemini::certs::verifier::UnixTime, _now: tokio_gemini::certs::UnixTime,
) -> Result<bool, tokio_rustls::rustls::Error> { ) -> Result<bool, tokio_rustls::rustls::Error> {
// For real verification example with known_hosts file // For real verification example with known_hosts file
// see examples/main.rs // see examples/main.rs

View file

@ -1,3 +1,23 @@
pub mod fingerprint; pub mod fingerprint;
pub mod insecure; pub mod insecure;
pub mod verifier;
pub(crate) mod verifier;
pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
use tokio_rustls::rustls;
pub trait SelfsignedCertVerifier: Send + Sync {
fn verify(
&self,
cert: &CertificateDer,
host: &str,
now: UnixTime,
) -> Result<bool, rustls::Error>;
}
pub struct SelfsignedCert {
pub algo: crate::certs::fingerprint::Algorithm,
pub fingerprint: String,
pub expires: u64,
}

View file

@ -1,3 +1,5 @@
use crate::certs::SelfsignedCertVerifier;
use std::sync::Arc; use std::sync::Arc;
pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime}; pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
@ -7,21 +9,6 @@ use tokio_rustls::rustls::{
client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier}, client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier},
}; };
pub trait SelfsignedCertVerifier: Send + Sync {
fn verify(
&self,
cert: &CertificateDer,
host: &str,
now: UnixTime,
) -> Result<bool, rustls::Error>;
}
pub struct SelfsignedCert {
pub algo: super::fingerprint::Algorithm,
pub fingerprint: String,
pub expires: u64,
}
pub struct CustomCertVerifier { pub struct CustomCertVerifier {
pub(crate) provider: Arc<rustls::crypto::CryptoProvider>, pub(crate) provider: Arc<rustls::crypto::CryptoProvider>,
pub(crate) webpki_verifier: Option<Arc<rustls::client::WebPkiServerVerifier>>, pub(crate) webpki_verifier: Option<Arc<rustls::client::WebPkiServerVerifier>>,

View file

@ -1,7 +1,7 @@
use std::sync::Arc; use std::sync::Arc;
use crate::{ use crate::{
certs::verifier::{CustomCertVerifier, SelfsignedCertVerifier}, certs::{verifier::CustomCertVerifier, SelfsignedCertVerifier},
Client, Client,
}; };