Check for subclasses of SignAlgorithms instead of hardcoded list

archamoney · Aug 25, 2020 · 2060e83 · 2060e83
1 parent 68b7369
commit 2060e83
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/httpsig/sign.py b/httpsig/sign.py
@@ -19,12 +19,15 @@ class Signer(object):
     Password-protected keyfiles are not supported.
     """
 
-    def __init__(self, secret, algorithm=None, sign_algorithm: SignAlgorithm=None):
+    def __init__(self, secret, algorithm=None, sign_algorithm=None):
         if algorithm is None:
             algorithm = DEFAULT_SIGN_ALGORITHM
 
         assert algorithm in ALGORITHMS, "Unknown algorithm"
 
+        if sign_algorithm is not None and not issubclass(type(sign_algorithm), SignAlgorithm):
+            raise HttpSigException("Unsupported digital signature algorithm")
+
         if algorithm != DEFAULT_SIGN_ALGORITHM:
             print("Algorithm: {} is deprecated please update to {}".format(algorithm, DEFAULT_SIGN_ALGORITHM))
 

diff --git a/httpsig/verify.py b/httpsig/verify.py
@@ -38,7 +38,7 @@ def _verify(self, data, signature):
             s = base64.b64decode(signature)
             return ct_bytes_compare(h, s)
 
-        elif isinstance(self.sign_algorithm, SignAlgorithm):
+        elif issubclass(type(self.sign_algorithm), SignAlgorithm):
             return self.sign_algorithm.verify(self.secret, data, signature)
 
         else: