spdx · armintaenzertng · Jul 12, 2023 · Jul 12, 2023
diff --git a/src/spdx_tools/spdx/spdx_element_utils.py b/src/spdx_tools/spdx/spdx_element_utils.py
@@ -5,7 +5,14 @@
 
 from beartype.typing import List, Union
 
-from spdx_tools.spdx.model import ChecksumAlgorithm, ExternalDocumentRef, File, Package, Snippet
+from spdx_tools.spdx.model import (
+    ChecksumAlgorithm,
+    ExternalDocumentRef,
+    File,
+    Package,
+    PackageVerificationCode,
+    Snippet,
+)
 
 
 def get_full_element_spdx_id(
@@ -33,7 +40,7 @@ def get_full_element_spdx_id(
     return external_uri + "#" + local_id
 
 
-def calculate_package_verification_code(files: List[File]) -> str:
+def calculate_package_verification_code(files: List[File]) -> PackageVerificationCode:
     list_of_file_hashes = []
     for file in files:
         file_checksum_value = None
@@ -53,7 +60,8 @@ def calculate_package_verification_code(files: List[File]) -> str:
     list_of_file_hashes.sort()
     hasher = hashlib.new("sha1")
     hasher.update("".join(list_of_file_hashes).encode("utf-8"))
-    return hasher.hexdigest()
+    value = hasher.hexdigest()
+    return PackageVerificationCode(value)
 
 
 def calculate_file_checksum(file_name: str, hash_algorithm=ChecksumAlgorithm.SHA1) -> str:

diff --git a/tests/spdx/test_checksum_calculation.py b/tests/spdx/test_checksum_calculation.py
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 import pytest
 
-from spdx_tools.spdx.model import Checksum, ChecksumAlgorithm, File
+from spdx_tools.spdx.model import Checksum, ChecksumAlgorithm, File, PackageVerificationCode
 from spdx_tools.spdx.spdx_element_utils import calculate_file_checksum, calculate_package_verification_code
 
 
@@ -42,7 +42,7 @@ def test_verification_code_calculation_with_predefined_checksums(generate_test_f
     )
     verification_code = calculate_package_verification_code([file1, file2])
 
-    assert verification_code == "c6cb0949d7cd7439fce8690262a0946374824639"
+    assert verification_code == PackageVerificationCode("c6cb0949d7cd7439fce8690262a0946374824639")
 
 
 def test_verification_code_calculation_with_calculated_checksums(generate_test_files):
@@ -59,7 +59,7 @@ def test_verification_code_calculation_with_calculated_checksums(generate_test_f
     )
     verification_code = calculate_package_verification_code([file1, file2])
 
-    assert verification_code == "6f29d813abb63ee52a47dbcb691ea2e70f956328"
+    assert verification_code == PackageVerificationCode("6f29d813abb63ee52a47dbcb691ea2e70f956328")
 
 
 def test_verification_code_calculation_with_wrong_file_location():