Skip to content
This repository was archived by the owner on Apr 13, 2024. It is now read-only.

Commit 4613083

Browse files
fulderfulder
committed
Update README with newest algorithm
1 parent 179ab94 commit 4613083

File tree

1 file changed

+11
-9
lines changed

1 file changed

+11
-9
lines changed

README.rst

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ For simple raw signing:
4949
5050
secret = open('rsa_private.pem', 'rb').read()
5151
52-
sig_maker = httpsig.Signer(secret=secret, algorithm='rsa-sha256')
52+
sig_maker = httpsig.Signer(secret=secret, algorithm='hs2019', sign_algorithm=httpsig.PSS())
5353
sig_maker.sign('hello world!')
5454
5555
For general use with web frameworks:
@@ -59,9 +59,9 @@ For general use with web frameworks:
5959
import httpsig
6060
6161
key_id = "Some Key ID"
62-
secret = b'some big secret'
62+
secret = open('rsa_private.pem', 'rb').read()
6363
64-
hs = httpsig.HeaderSigner(key_id, secret, algorithm="hmac-sha256", headers=['(request-target)', 'host', 'date'])
64+
hs = httpsig.HeaderSigner(key_id, secret, algorithm="hs2019", sign_algorithm=httpsig.PSS(), headers=['(request-target)', 'host', 'date'])
6565
signed_headers_dict = hs.sign({"Date": "Tue, 01 Jan 2014 01:01:01 GMT", "Host": "example.com"}, method="GET", path="/api/1/object/1")
6666
6767
For use with requests:
@@ -74,9 +74,9 @@ For use with requests:
7474
7575
secret = open('rsa_private.pem', 'rb').read()
7676
77-
auth = HTTPSignatureAuth(key_id='Test', secret=secret)
77+
auth = HTTPSignatureAuth(key_id='Test', secret=secret, sign_algorithm=httpsig.PSS())
7878
z = requests.get('https://api.example.com/path/to/endpoint',
79-
auth=auth, headers={'X-Api-Version': '~6.5'})
79+
auth=auth, headers={'X-Api-Version': '~6.5', 'Date': 'Tue, 01 Jan 2014 01:01:01 GMT')
8080
8181
Class initialization parameters
8282
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -85,20 +85,22 @@ Note that keys and secrets should be bytes objects. At attempt will be made to
8585
8686
.. code:: python
8787
88-
httpsig.Signer(secret, algorithm='rsa-sha256')
88+
httpsig.Signer(secret, algorithm='hs2019', sign_algorithm=httpsig.PSS())
8989
9090
``secret``, in the case of an RSA signature, is a string containing private RSA pem. In the case of HMAC, it is a secret password.
91-
``algorithm`` is one of the six allowed signatures: ``rsa-sha1``, ``rsa-sha256``, ``rsa-sha512``, ``hmac-sha1``, ``hmac-sha256``,
91+
``algorithm`` should be set to 'hs2019' the other six signatures are now deprecated: ``rsa-sha1``, ``rsa-sha256``, ``rsa-sha512``, ``hmac-sha1``, ``hmac-sha256``,
9292
``hmac-sha512``.
93+
``sign_algorithm`` The digital signature algorithm derived from ``keyId``. Currently supported algorithms: ``httpsig.PSS``
9394
9495
9596
.. code:: python
9697
97-
httpsig.requests_auth.HTTPSignatureAuth(key_id, secret, algorithm='rsa-sha256', headers=None)
98+
httpsig.requests_auth.HTTPSignatureAuth(key_id, secret, algorithm='hs2019', sign_algorithm=httpsig.PSS(), headers=None)
9899
99-
``key_id`` is the label by which the server system knows your RSA signature or password.
100+
``key_id`` is the label by which the server system knows your secret.
100101
``headers`` is the list of HTTP headers that are concatenated and used as signing objects. By default it is the specification's minimum, the ``Date`` HTTP header.
101102
``secret`` and ``algorithm`` are as above.
103+
``sign_algorithm`` The digital signature algorithm derived from ``keyId``. Currently supported algorithms: ``httpsig.PSS``
102104
103105
Tests
104106
-----

0 commit comments

Comments
 (0)