From 37fa4392a5ab8f2639b3723168c32cfb27c4a1e8 Mon Sep 17 00:00:00 2001
From: Mark Qvist <bc7291552be7a58f361522990465165c>
Date: Thu, 7 May 2026 19:44:53 +0200
Subject: [PATCH] Fixed signature validation display for offline rsg validation
 with hex-based required signer identity

---
 Changelog.md          | 18 +++++++++++++++++-
 RNS/Utilities/rnid.py |  2 +-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index f8f02d4d..f1f69b79 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,19 @@
+### 2026-05-07: RNS 1.2.4
+
+This release
+
+**Changes**
+- 
+
+**Release Signatures**
+Release artifacts include `rsg` signature files that can be validated against the RNS release signing identity `<bc7291552be7a58f361522990465165c>` using `rnid`. To verify files, download the `rsg` signatures, make sure they are in the same folder as the release artifact, and run `rnid` signature verification with the release identity as the required signer:
+
+```sh
+rnid -i bc7291552be7a58f361522990465165c -V rns-1.2.4-py3-none-any.whl
+```
+
+The `rnid` utility will then verify the signatures, and display whether it is valid. If not, the file has been tampered with and should not be trusted.
+
 ### 2026-05-05: RNS 1.2.3
 
 This release adds Work Document and update/commenting support to `rngit`. 
@@ -20,7 +36,7 @@ This release adds Work Document and update/commenting support to `rngit`.
 Release artifacts include `rsg` signature files that can be validated against the RNS release signing identity `<bc7291552be7a58f361522990465165c>` using `rnid`:
 
 ```sh
-rnid -i bc7291552be7a58f361522990465165c -V rns-1.2.2-py3-none-any.whl.rsg
+rnid -i bc7291552be7a58f361522990465165c -V rns-1.2.3-py3-none-any.whl.rsg
 ```
 
 ### 2026-05-05: RNS 1.2.2
diff --git a/RNS/Utilities/rnid.py b/RNS/Utilities/rnid.py
index c8723744..dc9f7690 100644
--- a/RNS/Utilities/rnid.py
+++ b/RNS/Utilities/rnid.py
@@ -410,7 +410,7 @@ def validate_rsg(rsg, message=None, required_signer=None):
     if not message: raise ValueError(f"No message specified for rsg validation")
     if not type(required_signer) in [RNS.Identity, bytes, type(None)]: raise TypeError(f"Invalid required signer type {type(required_signer)}")
     
-    if   type(required_signer) == RNS.Identity: required_signer_hash = identity.hash
+    if   type(required_signer) == RNS.Identity: required_signer_hash = required_signer.hash
     elif type(required_signer) == bytes:        required_signer_hash = required_signer
     else:                                       required_signer_hash = None