From 0bff63903cc3cd3a549bf0f7eb0330860ea6abd5 Mon Sep 17 00:00:00 2001
From: Fredrik Thulin <fredrik@thulin.net>
Date: Wed, 18 Jan 2017 15:22:44 +0100
Subject: [PATCH] sign: remove raw_sign argument again

On second thought, XMLSecCryptoREST.sign() never uses a certificate
returned from the signer service, so it is safe (and faster!) to
always use the /rawsign endpoint.
---
 src/xmlsec/crypto.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/src/xmlsec/crypto.py b/src/xmlsec/crypto.py
index fd4dc5b2..ff7f4335 100644
--- a/src/xmlsec/crypto.py
+++ b/src/xmlsec/crypto.py
@@ -166,14 +166,11 @@ def __init__(self, keyspec):
         super(XMLSecCryptoREST, self).__init__(source="rest", do_padding=False, private=True)
         self._keyspec = keyspec
 
-    def sign(self, data, raw_sign=False):
+    def sign(self, data):
         try:
             import requests
             import json
-            if raw_sign:
-                url = '{!s}/rawsign'.format(self._keyspec)
-            else:
-                url = '{!s}/sign'.format(self._keyspec)
+            url = '{!s}/rawsign'.format(self._keyspec)
             r = requests.post(url, json=dict(mech='RSAPKCS1', data=data.encode("base64")))
             if r.status_code != requests.codes.ok:
                 r.raise_for_status()