Add sha384 to sig auth #26
Conversation
Year 2024 ;)
|
@cdr-chakotay thanks! Should there be support for more hashing algorithms? I'm wondering about the potential proliferation of boolean flags :) |
We are currently moving away from SHA1 to SHA384. To avoid issues during the transit I wanted the users to be able to fall back to SHA1 in case of emergency. This is why I added the flag :) |
|
I agree with @arnaudlimbourg. If we add an option to control the signature algorithm, it is better to have a non-boolean value for forward compatibility. Something like |
|
an Enum could work here, not sure whether it would add much value. |
|
We can also just swap to SHA384, as the current discussion lines out that it should not have a negative effect. |
Yes, we have chosen that approach for most other SDKs now. |
|
Yeah, okay will update the PR is on my to-do :) @arnaudlimbourg can you please add me to the SDK, so I do not need to fork it in my private repo in the future ? |
Reflect decision to solely support SHA384
Update signature auth section to support sha384 only
|
Hey any updates regarding this :) |
|
I just added you as a maintainer to this repo. Did it work? |
|
Yeah, worked out :) Do we want to merge this ? |
Well I can certainly set up some or @arnaudlimbourg wants to do this :D? |
|
Feel free to give it a try! |
|
Migrated to internal PR 27 |
Needed changes for signature authentication makeover.
Have had no rights in the repo, providing the patch like this now :)
@arnaudlimbourg @Acconut