From 73addc33ca9f0c722ae56be0cabd4cfa0fefa2bc Mon Sep 17 00:00:00 2001 From: DarkCat09 Date: Wed, 28 Aug 2024 17:17:04 +0400 Subject: [PATCH] refactor: delete unused certs::verifier --- src/certs/verifier.rs | 83 ------------------------------------------- 1 file changed, 83 deletions(-) delete mode 100644 src/certs/verifier.rs diff --git a/src/certs/verifier.rs b/src/certs/verifier.rs deleted file mode 100644 index d8fcd29..0000000 --- a/src/certs/verifier.rs +++ /dev/null @@ -1,83 +0,0 @@ -//! Internal custom Rustls verifier -//! allowing verification both with webpki trust roots (when enabled) -//! and with implementaions of our own [`SelfsignedCertVerifier`] - -use crate::certs::SelfsignedCertVerifier; - -use std::sync::Arc; - -pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime}; - -use tokio_rustls::rustls::{ - self, - client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier}, -}; - -pub struct CustomCertVerifier { - pub(crate) provider: Arc, - pub(crate) ss_verifier: Box, -} - -impl ServerCertVerifier for CustomCertVerifier { - fn verify_server_cert( - &self, - end_entity: &CertificateDer<'_>, - _intermediates: &[CertificateDer<'_>], - server_name: &ServerName<'_>, - _ocsp_response: &[u8], - now: UnixTime, - ) -> Result { - // TODO: certificate validation (domain, expiry, etc.) - - if self - .ss_verifier - .verify(end_entity, server_name.to_str().as_ref(), now)? - { - Ok(ServerCertVerified::assertion()) - } else { - Err(rustls::Error::InvalidCertificate( - rustls::CertificateError::ApplicationVerificationFailure, - )) - } - } - - fn verify_tls12_signature( - &self, - message: &[u8], - cert: &CertificateDer<'_>, - dss: &rustls::DigitallySignedStruct, - ) -> Result { - rustls::crypto::verify_tls12_signature( - message, - cert, - dss, - &self.provider.signature_verification_algorithms, - ) - } - - fn verify_tls13_signature( - &self, - message: &[u8], - cert: &CertificateDer<'_>, - dss: &rustls::DigitallySignedStruct, - ) -> Result { - rustls::crypto::verify_tls13_signature( - message, - cert, - dss, - &self.provider.signature_verification_algorithms, - ) - } - - fn supported_verify_schemes(&self) -> Vec { - self.provider - .signature_verification_algorithms - .supported_schemes() - } -} - -impl std::fmt::Debug for CustomCertVerifier { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - write!(f, "CustomCertVerifier {{ provider: {:?} }}", self.provider) - } -}