Add more demonstrative code to examples (#6234)

1. In signature generation code example, add a `key' assignment so it can be run solely.
2. In verify() code example, add a positive case before the negative one. Also use copy() to do self authentication.

Co-authored-by: Baofeng Wang <baofeng.wang67@gmail.com>

1 files changed, 8 insertions, 3 deletions

diff --git a/docs/hazmat/primitives/mac/hmac.rst b/docs/hazmat/primitives/mac/hmac.rst
index 3695270b7..5d44e1272 100644
--- a/docs/hazmat/primitives/mac/hmac.rst
+++ b/docs/hazmat/primitives/mac/hmac.rst
@@ -28,10 +28,12 @@ of a message.
     .. doctest::
 
         >>> from cryptography.hazmat.primitives import hashes, hmac
+        >>> key = b'test key. Beware! A real key should use os.urandom or TRNG to generate'
         >>> h = hmac.HMAC(key, hashes.SHA256())
         >>> h.update(b"message to hash")
-        >>> h.finalize()
-        b'#F\xdaI\x8b"e\xc4\xf1\xbb\x9a\x8fc\xff\xf5\xdex.\xbc\xcd/+\x8a\x86\x1d\x84\'\xc3\xa6\x1d\xd8J'
+        >>> signature = h.finalize()
+        >>> signature
+        b'k\xd9\xb29\xefS\xf8\xcf\xec\xed\xbf\x95\xe6\x97X\x18\x9e%\x11DU1\x9fq}\x9a\x9c\xe0)y`='
 
     If the backend doesn't support the requested ``algorithm`` an
     :class:`~cryptography.exceptions.UnsupportedAlgorithm` exception will be
@@ -48,7 +50,10 @@ of a message.
 
         >>> h = hmac.HMAC(key, hashes.SHA256())
         >>> h.update(b"message to hash")
-        >>> h.verify(b"an incorrect signature")
+        >>> h_copy = h.copy() # get a copy of `h' to be reused
+        >>> h.verify(signature)
+        >>>
+        >>> h_copy.verify(b"an incorrect signature")
         Traceback (most recent call last):
         ...
         cryptography.exceptions.InvalidSignature: Signature did not match digest.