deltachat/net/tls/
danger.rs1use rustls::pki_types::{CertificateDer, ServerName, UnixTime};
4use tokio_rustls::rustls;
5
6#[derive(Debug)]
7pub(super) struct NoCertificateVerification();
8
9impl NoCertificateVerification {
10 pub(super) fn new() -> Self {
11 Self()
12 }
13}
14
15impl rustls::client::danger::ServerCertVerifier for NoCertificateVerification {
16 fn verify_server_cert(
17 &self,
18 _end_entity: &CertificateDer<'_>,
19 _intermediates: &[CertificateDer<'_>],
20 _server_name: &ServerName<'_>,
21 _ocsp_response: &[u8],
22 _now: UnixTime,
23 ) -> Result<rustls::client::danger::ServerCertVerified, rustls::Error> {
24 Ok(rustls::client::danger::ServerCertVerified::assertion())
25 }
26
27 fn verify_tls12_signature(
28 &self,
29 message: &[u8],
30 cert: &CertificateDer<'_>,
31 dss: &rustls::DigitallySignedStruct,
32 ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
33 let provider = rustls::crypto::ring::default_provider();
34 let supported_schemes = &provider.signature_verification_algorithms;
35 rustls::crypto::verify_tls12_signature(message, cert, dss, supported_schemes)
36 }
37
38 fn verify_tls13_signature(
39 &self,
40 message: &[u8],
41 cert: &CertificateDer<'_>,
42 dss: &rustls::DigitallySignedStruct,
43 ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
44 let provider = rustls::crypto::ring::default_provider();
45 let supported_schemes = &provider.signature_verification_algorithms;
46 rustls::crypto::verify_tls13_signature(message, cert, dss, supported_schemes)
47 }
48
49 fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> {
50 let provider = rustls::crypto::ring::default_provider();
51 provider
52 .signature_verification_algorithms
53 .supported_schemes()
54 }
55}