[PYTHON-CRYPTO] PKCS7 verification issue.
arbitraryuser at GMAIL.COM
Tue Oct 6 08:26:10 CEST 2009
I'm trying to do the following:
1. Sign a message with Alice's keys (cert is signed by the CA)
2. Encrypt the message with Bob's (signed by the CA) public key
3. Send the PKCS#7 output to Bob
4. Bob decrypts the message and tries to verifies it with the
cacert.pem and with Alice's public key
5. It works. (no surprise here)
However, If I run step 4 with Carol's public key (signed by the CA),
the verify also works... and I would have expected it to fail as it
wasn't signed by Carol!
Am I misunderstanding how the verify is meant to work? (It's quite
possible, I'm very new to PKI)
If I'm not being a complete idiot I'll write a clean test case. At the
moment the code is too wrapped up in my project to extract neatly.
Thanks in advance.
+27 82 4143129
More information about the python-crypto