From 5ebeccb73f4373875ebf2418df4a9352373ee922 Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Date: Fri, 30 Oct 2020 20:48:01 +0100
Subject: removed unused code

---
 x509.go | 35 -----------------------------------
 1 file changed, 35 deletions(-)

(limited to 'x509.go')

diff --git a/x509.go b/x509.go
index 329ce01..be7d150 100644
--- a/x509.go
+++ b/x509.go
@@ -4,10 +4,8 @@ import (
 	"fmt"
 
 	"crypto"
-	"crypto/ecdsa"
 	"crypto/ed25519"
 	"crypto/rand"
-	"crypto/rsa"
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/base64"
@@ -80,39 +78,6 @@ func LoadEd25519SigningKey(path string) (ed25519.PrivateKey, error) {
 	}
 }
 
-func VerifyChain(ld *LogParameters, certificate *x509.Certificate) ([]*x509.Certificate, error) {
-	opts := x509.VerifyOptions{
-		Roots:     ld.AnchorPool,
-		KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny}, // TODO: move to ld
-	} // TODO: add intermediates
-
-	chains, err := certificate.Verify(opts)
-	if err != nil {
-		return nil, fmt.Errorf("chain verification failed: %v", err)
-	}
-	if len(chains) == 0 {
-		return nil, fmt.Errorf("chain verification failed: no chain")
-	}
-	return chains[0], nil // if we found multiple paths just pick the first one
-}
-
-func VerifySignature(leaf, signature []byte, certificate *x509.Certificate) error {
-	var algo x509.SignatureAlgorithm
-	switch t := certificate.PublicKey.(type) {
-	case *rsa.PublicKey:
-		algo = x509.SHA256WithRSA
-	case *ecdsa.PublicKey:
-		algo = x509.ECDSAWithSHA256
-	default:
-		return fmt.Errorf("unsupported public key algorithm: %v", t)
-	}
-
-	if err := certificate.CheckSignature(algo, leaf, signature); err != nil {
-		return fmt.Errorf("invalid signature: %v", err)
-	}
-	return nil
-}
-
 func GenV1SDI(ld *LogParameters, leaf []byte) (*StItem, error) {
 	// Note that ed25519 does not use the passed io.Reader
 	sig, err := ld.Signer.Sign(rand.Reader, leaf, crypto.Hash(0))
-- 
cgit v1.2.3