Skip to content
This repository has been archived by the owner on Oct 25, 2024. It is now read-only.

hs2019 with PSS support #22

Open
wants to merge 33 commits into
base: master
Choose a base branch
from
Open

hs2019 with PSS support #22

wants to merge 33 commits into from

Conversation

fulder
Copy link

@fulder fulder commented Aug 25, 2020

Implement support for new hs2019 algorithm together with PSS digital signature algorithm in order to follow the latest v12 draft

As the digital signature algorithm should now be derived from the keyId both the Signer and Verifier classes are now accepting a new (optional) sign_algorithm parameter which should be a subclass of the new SignAlgorithm superclass. This way we can easy add support for other digital signature algorithms by adding a custom class (implementing the sign and verify functions).

This has been implemented in parallel with the previously accepted algorithms (e.g. rsa-sha256). This means these algorithms are still supported although a deprecation message is now printed while they are used and they should probably be removed in next major release of this library (together with some cleanup of the 'old' code).

The test_signature tests has been updated to the new hs2019 with one test left for the deprecated rsa-sha256. The README file has also been updated with the new algorithm.

fulder added 25 commits August 24, 2020 11:06
@fulder
Add hs2019 to algorithm list and set to default sign algorithm
6958fe3
@fulder
Print deprecation message on old algorithms
0e18601
@fulder
Requre digital signature algorithm while using 'hs2019' algorithm
39298a0
@fulder
Set algorithm class variable instead of property
3e74497
@fulder
Remove duplicated default sign algorithm
813d2a1
@fulder
Rename long digital signature algorithm to just sign_algorithm
c2654c7
@fulder
Add sign_algorithm to HeaderSigner docstring
bd001d8
@fulder
Require sign_algorithm for 'hs2019' algorith in Verifier
79ca3a2
@fulder
Accept None sign_algorithm for backward compability
86ef109
@fulder
Take back setting algorithm to default twice
4052954
@fulder
Update tests to hs2019 and add one deprecated test using old keys
1e01f5c
@fulder
Make PSS salt configurable
619a13c 
In order to be able to decode the PSS message, the salt length need to
be known.
@fulder
Set default salt to None, i.e. digest size
0a57e36
@fulder
Create sign_algorithms with first PSS class
c4e36fb
@fulder
Test creating superclass for sign algorithm
68b7369
@fulder
Check for subclasses of SignAlgorithms instead of hardcoded list
2060e83
@fulder
Rename default sign algorithm to default algorithm
dc2b90b
@fulder
Fix failing test due to invalid signature
76c26c7
@fulder
Import sign_algorithms in httpsig init
179ab94
@fulder
Update README with newest algorithm
4613083
@fulder
Add sign_algorithm parameter to HTTPSignatureAuth
1b061f9
@fulder
Use issubclass instead of isinstance in Singer construct
77c42ad
@fulder
Remove old unused HeaderVerfier salt_length parameter
08ca125
@fulder
Enforce parameters for superclass sign/verify funcs
fb263d1
@fulder
Bump README draft to version 12
f97f6c0
This was referenced Aug 25, 2020
Open
Merged
@McLoone
Copy link

McLoone commented Aug 27, 2020

+1

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fulder @McLoone