From 2060e8353a2445183642ac8a30ef352af986f08a Mon Sep 17 00:00:00 2001
From: fulder <misad90@gmail.com>
Date: Tue, 25 Aug 2020 10:00:35 +0200
Subject: [PATCH] Check for subclasses of SignAlgorithms instead of hardcoded
 list

---
 httpsig/sign.py   | 5 ++++-
 httpsig/verify.py | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/httpsig/sign.py b/httpsig/sign.py
index af63f3e..a2bbd58 100644
--- a/httpsig/sign.py
+++ b/httpsig/sign.py
@@ -19,12 +19,15 @@ class Signer(object):
     Password-protected keyfiles are not supported.
     """
 
-    def __init__(self, secret, algorithm=None, sign_algorithm: SignAlgorithm=None):
+    def __init__(self, secret, algorithm=None, sign_algorithm=None):
         if algorithm is None:
             algorithm = DEFAULT_SIGN_ALGORITHM
 
         assert algorithm in ALGORITHMS, "Unknown algorithm"
 
+        if sign_algorithm is not None and not issubclass(type(sign_algorithm), SignAlgorithm):
+            raise HttpSigException("Unsupported digital signature algorithm")
+
         if algorithm != DEFAULT_SIGN_ALGORITHM:
             print("Algorithm: {} is deprecated please update to {}".format(algorithm, DEFAULT_SIGN_ALGORITHM))
 
diff --git a/httpsig/verify.py b/httpsig/verify.py
index c529391..7911c98 100644
--- a/httpsig/verify.py
+++ b/httpsig/verify.py
@@ -38,7 +38,7 @@ def _verify(self, data, signature):
             s = base64.b64decode(signature)
             return ct_bytes_compare(h, s)
 
-        elif isinstance(self.sign_algorithm, SignAlgorithm):
+        elif issubclass(type(self.sign_algorithm), SignAlgorithm):
             return self.sign_algorithm.verify(self.secret, data, signature)
 
         else: