MetadataResolver._verify(): Add docstring

moreati · Oct 5, 2015 · f5bdada · f5bdada
1 parent d3fdcaa
commit f5bdada
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/u2flib_server/attestation/resolvers.py b/u2flib_server/attestation/resolvers.py
@@ -82,6 +82,13 @@ def _index(self, metadata):
     # FIXME This is the only remaining use of M2Crypto
     @staticmethod
     def _verify(cert, issuer_cert):
+        """Returns True if cert contains a correct signature made using the
+        private key for issuer_cert
+
+        NB: This *only* checks the signature. No other checks are performed,
+        e.g. the trust chain of the issuer_cert is not checked,
+        neither certificate is checked for expiry, etc.
+        """
         # Serialize from cryptography.x509 objects
         cert_der = cert.public_bytes(serialization.Encoding.DER)
         issuer_cert_der = issuer_cert.public_bytes(serialization.Encoding.DER)