Tim Heckman  committed 8000dc3

rsa.pkcs1.verify() should return True when successful

- when verification passes verify() will return True, instead of
None. If verification fails the function will still raise a
rsa.pkcs1.VerificationError for legacy purposes.
- update the docs to note that the verify() function returns True
when successful
- write unit tests to verify this new behavior

This commit passes all build tests:

Ran 44 tests in 1.217s


  • Participants
  • Parent commits 89187b8

Comments (0)

Files changed (4)

File doc/usage.rst

 details. The hash is then signed with the private key.
 In order to verify the signature, use the :py:func:`rsa.verify`
+function. This function returns True if the verification is successful:
     >>> message = 'Go left at the blue tree'
     >>> rsa.verify(message, signature, pubkey)
+    True
 Modify the message, and the signature is no longer valid and a
 :py:class:`rsa.pkcs1.VerificationError` is thrown:

File rsa/

     if message_hash != signature_hash:
         raise VerificationError('Verification failed')
+    return True
 def _hash(message, method_name):
     '''Returns the message digest.

File tests/

         # Check the signature
-        pkcs1.verify(msgfile, signature, pub_key)
+        self.assertTrue(pkcs1.verify(msgfile, signature, pub_key))
         # Alter the message, re-check
         msgfile = BytesIO(b('123456sybren'))

File tests/

         signature = pkcs1.sign(message, self.priv, 'SHA-256')
         print("\tSignature: %r" % signature)
-        pkcs1.verify(message, signature,
+        self.assertTrue(pkcs1.verify(message, signature,
     def test_alter_message(self):
         '''Altering the message should let the verification fail.'''