Skip to main content

rustls_dangerous/
lib.rs

1#![doc = include_str!("../README.md")]
2#![warn(missing_docs)]
3
4//! ⚠️ **WARNING**: This crate provides a dangerous implementation of `ServerCertVerifier`
5//! that disables all TLS certificate validation. It should **ONLY** be used for development,
6//! testing, or debugging purposes. Using this in production is a critical security risk.
7//!
8//! ## Security Note
9//!
10//! This verifier accepts any server certificate without validation, making the application
11//! vulnerable to man-in-the-middle (MITM) attacks. An attacker could intercept and
12//! impersonate any TLS server.
13
14use rustls::{Error, SignatureScheme, client::danger::{HandshakeSignatureValid, ServerCertVerifier}, pki_types::{CertificateDer, ServerName, UnixTime}};
15
16/// A dangerous implementation of `ServerCertVerifier` that accepts any certificate without validation.
17///
18/// ⚠️ **WARNING**: This struct disables all TLS certificate verification checks. It should
19/// **ONLY** be used for development and testing purposes where you understand and accept
20/// the security implications.
21///
22/// # Example
23///
24/// ```ignore
25/// use rustls::ClientConfig;
26/// use rustls_dangerous::NoCertificateVerification;
27///
28/// let verifier = NoCertificateVerification;
29/// let config = ClientConfig::builder()
30///     .dangerous()
31///     .with_custom_certificate_verifier(std::sync::Arc::new(verifier))
32///     .with_no_client_auth();
33/// ```
34#[derive(Debug, Clone, Copy)]
35pub struct NoCertificateVerification;
36
37impl ServerCertVerifier for NoCertificateVerification {
38    /// Verifies the server certificate chain.
39    ///
40    /// ⚠️ **DANGEROUS**: This implementation always returns success without performing
41    /// any certificate validation. It skips all security checks including:
42    /// - Certificate chain validation
43    /// - Hostname verification
44    /// - Certificate expiration checks
45    /// - Certificate revocation checks
46    /// - Signature verification
47    ///
48    /// # Arguments
49    ///
50    /// * `_end_entity` - The server's end entity certificate (ignored)
51    /// * `_intermediates` - The intermediate certificates in the chain (ignored)
52    /// * `_server_name` - The server's hostname (ignored)
53    /// * `_ocsp` - OCSP response data (ignored)
54    /// * `_now` - The current time (ignored)
55    fn verify_server_cert(
56        &self,
57        _end_entity: &CertificateDer<'_>,
58        _intermediates: &[CertificateDer<'_>],
59        _server_name: &ServerName,
60        _ocsp: &[u8],
61        _now: UnixTime,
62    ) -> Result<rustls::client::danger::ServerCertVerified, Error> {
63        Ok(rustls::client::danger::ServerCertVerified::assertion())
64    }
65
66    /// Verifies a TLS 1.2 handshake signature.
67    ///
68    /// ⚠️ **DANGEROUS**: This implementation always returns success without verifying
69    /// the signature. This means:
70    /// - Any message with any signature will be accepted
71    /// - The signature is not cryptographically verified
72    /// - An attacker could forge handshake messages
73    ///
74    /// # Arguments
75    ///
76    /// * `_msg` - The message that was signed (ignored)
77    /// * `_cert` - The certificate containing the public key (ignored)
78    /// * `_dss` - The digitally signed struct containing the signature (ignored)
79    fn verify_tls12_signature(
80        &self,
81        _msg: &[u8],
82        _cert: &CertificateDer<'_>,
83        _dss: &rustls::DigitallySignedStruct,
84    ) -> Result<HandshakeSignatureValid, Error> {
85        Ok(HandshakeSignatureValid::assertion())
86    }
87
88    /// Verifies a TLS 1.3 handshake signature.
89    ///
90    /// ⚠️ **DANGEROUS**: This implementation always returns success without verifying
91    /// the signature. This means:
92    /// - Any message with any signature will be accepted
93    /// - The signature is not cryptographically verified
94    /// - An attacker could forge handshake messages
95    ///
96    /// # Arguments
97    ///
98    /// * `_msg` - The message that was signed (ignored)
99    /// * `_cert` - The certificate containing the public key (ignored)
100    /// * `_dss` - The digitally signed struct containing the signature (ignored)
101    fn verify_tls13_signature(
102        &self,
103        _msg: &[u8],
104        _cert: &CertificateDer<'_>,
105        _dss: &rustls::DigitallySignedStruct,
106    ) -> Result<HandshakeSignatureValid, Error> {
107        Ok(HandshakeSignatureValid::assertion())
108    }
109
110    /// Returns a comprehensive list of supported signature schemes.
111    ///
112    /// This includes modern and legacy schemes for compatibility:
113    /// - RSA PKCS#1 with SHA-1, SHA-256, SHA-384, SHA-512
114    /// - ECDSA with NIST P-256, P-384, P-521
115    /// - RSA-PSS with SHA-256, SHA-384, SHA-512
116    /// - EdDSA (Ed25519, Ed448)
117    fn supported_verify_schemes(&self) -> Vec<SignatureScheme> {
118        vec![
119            SignatureScheme::RSA_PKCS1_SHA1,
120            SignatureScheme::RSA_PKCS1_SHA256,
121            SignatureScheme::RSA_PKCS1_SHA384,
122            SignatureScheme::RSA_PKCS1_SHA512,
123            SignatureScheme::ECDSA_NISTP256_SHA256,
124            SignatureScheme::ECDSA_NISTP384_SHA384,
125            SignatureScheme::ECDSA_NISTP521_SHA512,
126            SignatureScheme::RSA_PSS_SHA256,
127            SignatureScheme::RSA_PSS_SHA384,
128            SignatureScheme::RSA_PSS_SHA512,
129            SignatureScheme::ED25519,
130            SignatureScheme::ED448,
131        ]
132    }
133    
134    /// Indicates whether raw public keys are required.
135    ///
136    /// Returns `false` because certificate-based verification is used
137    /// (though all checks are bypassed in this dangerous implementation).
138    fn requires_raw_public_keys(&self) -> bool {
139        false
140    }
141    
142    /// Returns hints about acceptable root certificate subjects.
143    ///
144    /// Returns `None` because no certificate validation is performed
145    /// in this dangerous implementation.
146    fn root_hint_subjects(&self) -> Option<&[rustls::DistinguishedName]> {
147        None
148    }
149}
150
151
152#[cfg(test)]
153mod tests {
154    use super::*;
155    use rustls::SignatureScheme;
156
157    /// Tests the basic functionality of `NoCertificateVerification`.
158    ///
159    /// This test verifies:
160    /// - The verifier supports a comprehensive set of signature schemes
161    /// - The ED25519 signature scheme is included
162    /// - Raw public keys are not required
163    /// - Root certificate hints are not provided
164    #[test]
165    fn no_certificate_verification_basic() {
166        let verifier = NoCertificateVerification;
167
168        let schemes = verifier.supported_verify_schemes();
169        assert!(schemes.contains(&SignatureScheme::ED25519));
170
171        assert!(!verifier.requires_raw_public_keys());
172
173        assert!(verifier.root_hint_subjects().is_none());
174    }
175}