From 71c4fb7beb8e3293243140e4bd74e53989196440 Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Thu, 13 Feb 2020 20:55:48 +0100 Subject: Refs #27468 -- Changed default Signer algorithm to SHA-256. --- docs/internals/deprecation.txt | 3 +++ docs/releases/3.1.txt | 8 ++++++++ docs/topics/signing.txt | 15 ++++++++++++--- 3 files changed, 23 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/internals/deprecation.txt b/docs/internals/deprecation.txt index 257b9a3bf4..76b379ef5a 100644 --- a/docs/internals/deprecation.txt +++ b/docs/internals/deprecation.txt @@ -54,6 +54,9 @@ details on these changes. * Support for the pre-Django 3.1 encoding format of sessions will be removed. +* Support for the pre-Django 3.1 ``django.core.signing.Signer`` signatures + (encoded with the SHA-1 algorithm) will be removed. + * The ``get_request`` argument for ``django.utils.deprecation.MiddlewareMixin.__init__()`` will be required and won't accept ``None``. diff --git a/docs/releases/3.1.txt b/docs/releases/3.1.txt index 384fa43dfb..55f539d534 100644 --- a/docs/releases/3.1.txt +++ b/docs/releases/3.1.txt @@ -404,6 +404,14 @@ Security origins. If you need the previous behavior, explicitly set :setting:`SECURE_REFERRER_POLICY` to ``None``. +* The default :class:`django.core.signing.Signer` algorithm is changed to the + SHA-256. Support for signatures made with the old SHA-1 algorithm remains + until Django 4.0. + + Also, the new ``algorithm`` parameter of the + :class:`~django.core.signing.Signer` allows customizing the hashing + algorithm. + Serialization ~~~~~~~~~~~~~ diff --git a/docs/topics/signing.txt b/docs/topics/signing.txt index 5fa537c579..7927333914 100644 --- a/docs/topics/signing.txt +++ b/docs/topics/signing.txt @@ -81,12 +81,17 @@ generate signatures. You can use a different secret by passing it to the >>> value 'My string:EkfQJafvGyiofrdGnuthdxImIJw' -.. class:: Signer(key=None, sep=':', salt=None) +.. class:: Signer(key=None, sep=':', salt=None, algorithm='sha256') Returns a signer which uses ``key`` to generate signatures and ``sep`` to separate values. ``sep`` cannot be in the `URL safe base64 alphabet `_. This alphabet contains - alphanumeric characters, hyphens, and underscores. + alphanumeric characters, hyphens, and underscores. ``algorithm`` must be an + algorithm supported by :py:mod:`hashlib`. + + .. versionchanged:: 3.1 + + The ``algorithm`` parameter was added. Using the ``salt`` argument --------------------------- @@ -139,7 +144,7 @@ created within a specified period of time:: >>> signer.unsign(value, max_age=timedelta(seconds=20)) 'hello' -.. class:: TimestampSigner(key=None, sep=':', salt=None) +.. class:: TimestampSigner(key=None, sep=':', salt=None, algorithm='sha256') .. method:: sign(value) @@ -151,6 +156,10 @@ created within a specified period of time:: otherwise raises ``SignatureExpired``. The ``max_age`` parameter can accept an integer or a :py:class:`datetime.timedelta` object. + .. versionchanged:: 3.1 + + The ``algorithm`` parameter was added. + Protecting complex data structures ---------------------------------- -- cgit v1.3