pyas2-lib
pyas2-lib copied to clipboard
cms.verify_message should validate the value of Received-Content-MIC for unsigned sent files or fail when MIC is missing.
When validating a MDN, the current code only checks for a valid signature.
But I think that it should also read the Received-Content-MIC value and make sure it is the expected value.
Also, I think that the docstring has a copy/paste error.
def verify_message(data_to_verify, signature, verify_cert):
"""Function parses an ASN.1 encrypted message and extracts/decrypts the original message.
I guess that the verify_message arguments should be extended to also pass the expected MIC value.
Thanks!