ferron/util/
no_server_verifier.rs

1use rustls::client::danger::{HandshakeSignatureValid, ServerCertVerified, ServerCertVerifier};
2use rustls::DigitallySignedStruct;
3use rustls::SignatureScheme::{self, *};
4use rustls_pki_types::{CertificateDer, ServerName, UnixTime};
5
6#[derive(Debug)]
7pub struct NoServerVerifier;
8
9impl NoServerVerifier {
10  pub fn new() -> Self {
11    Self
12  }
13}
14
15impl ServerCertVerifier for NoServerVerifier {
16  fn verify_server_cert(
17    &self,
18    _end_entity: &CertificateDer<'_>,
19    _intermediates: &[CertificateDer<'_>],
20    _server_name: &ServerName<'_>,
21    _ocsp_response: &[u8],
22    _now: UnixTime,
23  ) -> Result<ServerCertVerified, rustls::Error> {
24    Ok(ServerCertVerified::assertion())
25  }
26
27  fn verify_tls12_signature(
28    &self,
29    _message: &[u8],
30    _cert: &CertificateDer<'_>,
31    _dss: &DigitallySignedStruct,
32  ) -> Result<HandshakeSignatureValid, rustls::Error> {
33    Ok(HandshakeSignatureValid::assertion())
34  }
35
36  fn verify_tls13_signature(
37    &self,
38    _message: &[u8],
39    _cert: &CertificateDer<'_>,
40    _dss: &DigitallySignedStruct,
41  ) -> Result<HandshakeSignatureValid, rustls::Error> {
42    Ok(HandshakeSignatureValid::assertion())
43  }
44
45  fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
46    // Extend the list when necessary
47    vec![
48      ECDSA_NISTP384_SHA384,
49      ECDSA_NISTP256_SHA256,
50      ED25519,
51      RSA_PSS_SHA512,
52      RSA_PSS_SHA384,
53      RSA_PSS_SHA256,
54      RSA_PKCS1_SHA512,
55      RSA_PKCS1_SHA384,
56      RSA_PKCS1_SHA256,
57    ]
58  }
59}
ferron/util/no_server_verifier.rs

ferron/util/
no_server_verifier.rs
