diff options
author | Mark Adams <mark@markadams.me> | 2015-01-25 07:31:26 -0600 |
---|---|---|
committer | Mark Adams <mark@markadams.me> | 2015-01-25 07:35:28 -0600 |
commit | c2f119b97b8e6ba189ad7860af95b866aecc9766 (patch) | |
tree | ef0a3dbe278b33d452dbeac59b4d2e77c12b0be0 | |
parent | 3ae5eef7ecc55bcd5a815d0c8dfcc7bc157aaf6c (diff) | |
download | pyjwt-c2f119b97b8e6ba189ad7860af95b866aecc9766.tar.gz |
Updated README.md to address concerns in #81
-rw-r--r-- | README.md | 11 |
1 files changed, 8 insertions, 3 deletions
@@ -79,13 +79,18 @@ Change the algorithm with by setting it in encode: jwt.encode({'some': 'payload'}, 'secret', 'HS512') ``` +Usage of RSA (RS\*) and EC (EC\*) algorithms require a basic understanding +of how public-key cryptography is used with regards to digital signatures. +If you are unfamiliar, you may want to read [this article](http://en.wikipedia.org/wiki/Public-key_cryptography). + When using the RSASSA-PKCS1-v1_5 algorithms, the `key` argument in both `jwt.encode()` and `jwt.decode()` (`"secret"` in the examples) is expected to -be either an RSA public or private key in PEM format. +be either an RSA public or private key in PEM or SSH format. The type of key +(private or public) depends on whether you are signing or verifying. When using the ECDSA algorithms, the `key` argument is expected to -be an Elliptic Curve private key or an Elliptic Curve public -key in PEM format. +be an Elliptic Curve public or private key in PEM format. The type of key +(private or public) depends on whether you are signing or verifying. ## Tests |