refactor: delete unused certs::verifier

src/certs/verifier.rs

@@ -1,83 +0,0 @@
-//! Internal custom Rustls verifier
-//! allowing verification both with webpki trust roots (when enabled)
-//! and with implementaions of our own [`SelfsignedCertVerifier`]
-
-use crate::certs::SelfsignedCertVerifier;
-
-use std::sync::Arc;
-
-pub use tokio_rustls::rustls::pki_types::{CertificateDer, ServerName, UnixTime};
-
-use tokio_rustls::rustls::{
-    self,
-    client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier},
-};
-
-pub struct CustomCertVerifier {
-    pub(crate) provider: Arc<rustls::crypto::CryptoProvider>,
-    pub(crate) ss_verifier: Box<dyn SelfsignedCertVerifier>,
-}
-
-impl ServerCertVerifier for CustomCertVerifier {
-    fn verify_server_cert(
-        &self,
-        end_entity: &CertificateDer<'_>,
-        _intermediates: &[CertificateDer<'_>],
-        server_name: &ServerName<'_>,
-        _ocsp_response: &[u8],
-        now: UnixTime,
-    ) -> Result<ServerCertVerified, rustls::Error> {
-        // TODO: certificate validation (domain, expiry, etc.)
-
-        if self
-            .ss_verifier
-            .verify(end_entity, server_name.to_str().as_ref(), now)?
-        {
-            Ok(ServerCertVerified::assertion())
-        } else {
-            Err(rustls::Error::InvalidCertificate(
-                rustls::CertificateError::ApplicationVerificationFailure,
-            ))
-        }
-    }
-
-    fn verify_tls12_signature(
-        &self,
-        message: &[u8],
-        cert: &CertificateDer<'_>,
-        dss: &rustls::DigitallySignedStruct,
-    ) -> Result<HandshakeSignatureValid, rustls::Error> {
-        rustls::crypto::verify_tls12_signature(
-            message,
-            cert,
-            dss,
-            &self.provider.signature_verification_algorithms,
-        )
-    }
-
-    fn verify_tls13_signature(
-        &self,
-        message: &[u8],
-        cert: &CertificateDer<'_>,
-        dss: &rustls::DigitallySignedStruct,
-    ) -> Result<HandshakeSignatureValid, rustls::Error> {
-        rustls::crypto::verify_tls13_signature(
-            message,
-            cert,
-            dss,
-            &self.provider.signature_verification_algorithms,
-        )
-    }
-
-    fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> {
-        self.provider
-            .signature_verification_algorithms
-            .supported_schemes()
-    }
-}
-
-impl std::fmt::Debug for CustomCertVerifier {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        write!(f, "CustomCertVerifier {{ provider: {:?} }}", self.provider)
-    }
-}