I'm trying to verify a signature using the Python Cryptography library as stated
This is in the context of a client-server TCP chat app, and the client has calculated the signature, and sent it to the client to verify that it is indeed the correct server. The signature is passed to a function to verify.
with open("server_publickey.pem", "rb") as key_file:
public_key = serialization.load_pem_public_key(
verifier = public_key.verifier(
message = b"the message that the server verified"
verify raises an exception or returns
None. Accordingly, this code
if verifier.verify(): return 1 else: return 0
will always return 0 even though in reality the verification check has passed. You are correct that the proper way to use
verify is to wrap it in a try block and handle the
InvalidSignature exception in the event of failure.