AlkantarClanX12
Your IP : 3.22.249.229

Current Path : /opt/cloudlinux/venv/lib/python3.11/site-packages/jwt/__pycache__/
Current File : //opt/cloudlinux/venv/lib/python3.11/site-packages/jwt/__pycache__/algorithms.cpython-311.pyc
�

�܋fht���ddlmZddlZddlZddlZddlZddlmZmZddl	m
Z
mZmZm
Z
mZmZmZddlmZddlmZmZddlmZmZmZmZmZmZmZmZmZej d	krdd
l	m!Z!ndd
l"m!Z!	ddl#m$Z$ddl%m&Z&dd
l'm(Z(ddl)m*Z*ddl+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5ddl6m7Z7m8Z8ddl9m:Z:m;Z;ddl<m=Z=m>Z>m?Z?m@Z@mAZAmBZBmCZCmDZDddlEmFZFmGZGmHZHmIZImJZJmKZKmLZLdZMn
#eN$rdZMYnwxYwe
r3e=e?zZOe2e4zZPe:e;ze7ze8zZQeOePzeQzZRe=e2ze:ze7zZSe?e4ze;ze8zZThd�ZUd(d�ZVGd�de��ZWGd�deW��ZXGd�deW��ZYeMr:Gd �d!eW��ZZGd"�d#eW��Z[Gd$�d%eZ��Z\Gd&�d'eW��Z]dSdS))�)�annotationsN)�ABC�abstractmethod)�
TYPE_CHECKING�Any�ClassVar�NoReturn�Union�cast�overload���InvalidKeyError)�HashlibHash�JWKDict)	�base64url_decode�base64url_encode�der_to_raw_signature�force_bytes�from_base64url_uint�
is_pem_format�
is_ssh_key�raw_to_der_signature�to_base64url_uint)��)�Literal)�InvalidSignature)�default_backend)�hashes)�padding)
�ECDSA�	SECP256K1�	SECP256R1�	SECP384R1�	SECP521R1�
EllipticCurve�EllipticCurvePrivateKey�EllipticCurvePrivateNumbers�EllipticCurvePublicKey�EllipticCurvePublicNumbers)�Ed448PrivateKey�Ed448PublicKey)�Ed25519PrivateKey�Ed25519PublicKey)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers�rsa_crt_dmp1�rsa_crt_dmq1�rsa_crt_iqmp�rsa_recover_prime_factors)�Encoding�NoEncryption�
PrivateFormat�PublicFormat�load_pem_private_key�load_pem_public_key�load_ssh_public_keyTF>�ES256�ES384�ES512�ES521�EdDSA�PS256�PS384�PS512�RS256�RS384�RS512�ES256K�return�dict[str, Algorithm]c��t��ttj��ttj��ttj��d�}t
�r+|�ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��t��d���|S)zE
    Returns the algorithms that are implemented by the library.
    )�none�HS256�HS384�HS512)rGrHrIr?rJr@rBrArDrErFrC)�
NoneAlgorithm�
HMACAlgorithm�SHA256�SHA384�SHA512�
has_crypto�update�RSAAlgorithm�ECAlgorithm�RSAPSSAlgorithm�OKPAlgorithm)�default_algorithmss �E/opt/cloudlinux/venv/lib64/python3.11/site-packages/jwt/algorithms.py�get_default_algorithmsr_ps��
����}�3�4�4��}�3�4�4��}�3�4�4�	����
��!�!�%�l�&9�:�:�%�l�&9�:�:�%�l�&9�:�:�$�[�%7�8�8�%�k�&8�9�9�$�[�%7�8�8�$�[�%7�8�8�$��&���)��)?�@�@�(��)?�@�@�(��)?�@�@�%���
�
�	
�	
�	
�&��c�&�eZdZdZdd�Zedd���Zedd
���Zedd
���Ze	e
ed d�������Ze	e
ed!d"d�������Ze
ed!d#d�����Ze
ed$d�����ZdS)%�	AlgorithmzH
    The interface for an algorithm used to sign and verify tokens.
    �bytestr�bytesrKc��t|dd��}|�t�tr�t|t��rzt|tj��r`t
j|��t�����}|�
|��t|�����St||���
����S)z�
        Compute a hash digest using the specified algorithm's hash algorithm.

        If there is no hash algorithm, raises a NotImplementedError.
        �hash_algN)�backend)�getattr�NotImplementedErrorrW�
isinstance�type�
issubclassr �
HashAlgorithm�HashrrXrd�finalize�digest)�selfrcrfrps    r^�compute_hash_digestzAlgorithm.compute_hash_digest�s����4��T�2�2����%�%�
�		5��8�T�*�*�		5��8�V�%9�:�:�		5�
�[�����_�5F�5F�G�G�G�F��M�M�'�"�"�"�����*�*�+�+�+����'�*�*�1�1�3�3�4�4�4r`�keyrc��dS)z�
        Performs necessary validation and conversions on the key and returns
        the key value in the proper format for sign() and verify().
        N��rqrss  r^�prepare_keyzAlgorithm.prepare_key�����r`�msgc��dS)zn
        Returns a digital signature for the specified message
        using the specified key value.
        Nru�rqryrss   r^�signzAlgorithm.sign�rxr`�sig�boolc��dS)zz
        Verifies that the specified digital signature is valid
        for the specified message and key values.
        Nru�rqryrsr}s    r^�verifyzAlgorithm.verify�rxr`�as_dict�
Literal[True]rc��dS�Nru��key_objr�s  r^�to_jwkzAlgorithm.to_jwk��	��	�r`F�Literal[False]�strc��dSr�rur�s  r^r�zAlgorithm.to_jwk�r�r`�Union[JWKDict, str]c��dS)z3
        Serializes a given key into a JWK
        Nrur�s  r^r�zAlgorithm.to_jwk�rxr`�jwk�
str | JWKDictc��dS)zJ
        Deserializes a given key from JWK back into a key object
        Nru�r�s r^�from_jwkzAlgorithm.from_jwk�rxr`N)rcrdrKrd)rsrrKr)ryrdrsrrKrd)ryrdrsrr}rdrKr~)r�r�rKr�F)r�r�rKr�)r�r~rKr�)r�r�rKr)
�__name__�
__module__�__qualname__�__doc__rrrrwr|r�r�staticmethodr�r�rur`r^rbrb�sX��������5�5�5�5�,�����^�������^�������^���������^��\��X����������^��\��X���������^��\��
������^��\���r`rbc�\�eZdZdZdd�Zdd	�Zdd�Zeddd���Zedd���Z	dS)rRzZ
    Placeholder for use when no signing or verification
    operations are required.
    rs�
str | NonerK�Nonec�8�|dkrd}|�td���|S)N�z*When alg = "none", key value must be None.rrvs  r^rwzNoneAlgorithm.prepare_key�s)���"�9�9��C��?�!�"N�O�O�O��
r`ryrdc��dS)Nr`rur{s   r^r|zNoneAlgorithm.sign�s���sr`r}r~c��dS)NFrur�s    r^r�zNoneAlgorithm.verify�s���ur`Fr�rr�r	c��t���r��rir�s  r^r�zNoneAlgorithm.to_jwk����!�#�#�#r`r�r�c��t���r�r�r�s r^r�zNoneAlgorithm.from_jwk�r�r`N)rsr�rKr�)ryrdrsr�rKrd)ryrdrsr�r}rdrKr~r�)r�rr�r~rKr	)r�r�rKr	)
r�r�r�r�rwr|r�r�r�r�rur`r^rRrR�s���������
�������������$�$�$�$��\�$��$�$�$��\�$�$�$r`rRc��eZdZUdZejZded<ejZ	ded<ej
Zded<d#d
�Zd$d�Z
eed%d�����Zeed&d'd�����Zed&d(d���Zed)d���Zd*d�Zd+d!�Zd"S),rSzf
    Performs signing and verification operations using HMAC
    and the specified hash function.
    zClassVar[HashlibHash]rTrUrVrfrrKr�c��||_dSr��rf�rqrfs  r^�__init__zHMACAlgorithm.__init__s
�� ��
�
�
r`rs�str | bytesrdc�~�t|��}t|��st|��rtd���|S)NzdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)rrrr�rqrs�	key_bytess   r^rwzHMACAlgorithm.prepare_keysM����$�$�	���#�#�	�z�)�'<�'<�	�!�9���
�
�r`r�r�r�rc��dSr�rur�s  r^r�zHMACAlgorithm.to_jwk�	��	�r`Fr�r�c��dSr�rur�s  r^r�zHMACAlgorithm.to_jwkr�r`r~r�c��tt|�������dd�}|r|Stj|��S)N�oct)�k�kty)rr�decode�json�dumps)r�r�r�s   r^r�zHMACAlgorithm.to_jwksO��"�+�g�"6�"6�7�7�>�>�@�@��
�
��
�	#��J��:�c�?�?�"r`r�r�c�L�	t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���t|d��S)N�Key is not valid JSONr�r�zNot an HMAC keyr�)	rjr�r��loads�dict�
ValueErrorr�getr)r��objs  r^r�zHMACAlgorithm.from_jwk)s���	;��#�s�#�#�
!�#�z�#������C��&�&�
!���� � ����	;�	;�	;�!�"9�:�:�:�	;�����7�7�5�>�>�U�"�"�!�"3�4�4�4���C��)�)�)��A	A�A&ryc�\�tj|||j�����Sr�)�hmac�newrfrpr{s   r^r|zHMACAlgorithm.sign:s$���x��S�$�-�0�0�7�7�9�9�9r`r}c�T�tj||�||����Sr�)r��compare_digestr|r�s    r^r�zHMACAlgorithm.verify=s#���"�3��	�	�#�s�(;�(;�<�<�<r`N)rfrrKr�)rsr�rKrd)r�r�r�r�rKrr�)r�r�r�r�rKr�)r�r�r�r~rKr�)r�r�rKrd)ryrdrsrdrKrd)ryrdrsrdr}rdrKr~)r�r�r�r��hashlib�sha256rT�__annotations__�sha384rU�sha512rVr�rwrr�r�r�r|r�rur`r^rSrS�sI���������
%,�N�F�2�2�2�2�$+�N�F�2�2�2�2�$+�N�F�2�2�2�2�!�!�!�!�	�	�	�	�������\��X���������\��X���	#�	#�	#�	#��\�	#��*�*�*��\�*� :�:�:�:�=�=�=�=�=�=r`rSc��eZdZUdZejZded<ejZded<ejZded<d&d
�Z	d'd�Z
eed(d�����Z
eed)d*d�����Z
e	d)d+d���Z
ed,d���Zd-d!�Zd.d$�Zd%S)/rYz~
        Performs signing and verification operations using
        RSASSA-PKCS-v1_5 and the specified hash function.
        �$ClassVar[type[hashes.HashAlgorithm]]rTrUrVrf�type[hashes.HashAlgorithm]rKr�c��||_dSr�r�r�s  r^r�zRSAAlgorithm.__init__M�
��$�D�M�M�Mr`rs�AllowedRSAKeys | str | bytes�AllowedRSAKeysc���t|ttf��r|St|ttf��std���t
|��}	|�d��r"ttt|����Sttt|d�����S#t$r%ttt|����cYSwxYw)N�Expecting a PEM-formatted key.sssh-rsa��password)
rjr0r2rdr��	TypeErrorr�
startswithrr>r<r�r=r�s   r^rwzRSAAlgorithm.prepare_keyPs����#�
�|�<�=�=�
��
��c�E�3�<�0�0�
B�� @�A�A�A�#�C�(�(�I�
J��'�'�
�3�3����.A�)�.L�.L�M�M�M��%�';�I�PT�'U�'U�'U������
J�
J�
J��L�*=�i�*H�*H�I�I�I�I�I�
J���s�6B5�#B5�5,C$�#C$r�r�r�rc��dSr�rur�s  r^r�zRSAAlgorithm.to_jwkc�	��
�Cr`Fr�r�c��dSr�rur�s  r^r�zRSAAlgorithm.to_jwkhr�r`r~r�c��d}t|d���rM|���}ddgt|jj�����t|jj�����t|j�����t|j�����t|j	�����t|j
�����t|j�����t|j�����d�
}n�t|d��re|���}ddgt|j�����t|j�����d�}ntd���|r|Stj|��S)N�private_numbers�RSAr|)
r��key_ops�n�e�d�p�q�dp�dq�qir�)r�r�r�r��Not a public or private key)�hasattrr�r�public_numbersr�r�r�r�r�r��dmp1�dmq1�iqmprr�r�)r�r�r��numberss    r^r�zRSAAlgorithm.to_jwkms���*.�C��w� 1�2�2�
E�!�1�1�3�3��!� &�x�*�7�+A�+C�D�D�K�K�M�M�*�7�+A�+C�D�D�K�K�M�M�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B�������(�+�+�
E�!�0�0�2�2��!� (�z�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�	����&�&C�D�D�D��
'��
��z�#���&r`r�r�c�8�	�	t|t��rtj|���	nt|t��r|�	nt
�n#t
$rt
d���wxYw�	�d��dkrt
d���d�	v�r�d�	v�r�d�	v�r�d�	vrt
d	���gd
�}�	fd�|D��}t|��}|rt|��st
d���tt�	d��t�	d����}|r�tt�	d��t�	d
��t�	d��t�	d��t�	d��t�	d��|���}nst�	d��}t|j||j��\}}t|||t!||��t#||��t%||��|���}|���Sd�	vrLd�	vrHtt�	d��t�	d�������St
d���)Nr�r�r�zNot an RSA keyr�r�r��othz5Unsupported RSA private key: > 2 primes not supported)r�r�r�r�r�c���g|]}|�v��Sruru)�.0�propr�s  �r^�
<listcomp>z)RSAAlgorithm.from_jwk.<locals>.<listcomp>�s���C�C�C�t�t�s�{�C�C�Cr`z@RSA key must include all parameters if any are present besides dr�r�r�r�r�)r�r�r�r�r�r�r�r�)rjr�r�r�r�r�rr��any�allr3rr1r7r�r�r4r5r6�private_key�
public_key)
r��other_props�props_found�any_props_foundr�r�r�r�r�r�s
         @r^r�zRSAAlgorithm.from_jwk�s����
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��&�&�%�&6�7�7�7��c�z�z�c�S�j�j�S�C�Z�Z��C�<�<�)�O����;�:�:��C�C�C�C�{�C�C�C��"%�k�"2�"2��"��3�{�+;�+;��)�Z����"2�'��C��1�1�'��C��1�1�"�"��
#��/�-�c�#�h�7�7�-�c�#�h�7�7�-�c�#�h�7�7�0��T��;�;�0��T��;�;�0��T��;�;�'5����G�G�,�C��H�5�5�A�4�&�(�!�^�-=���D�A�q�0����)�!�Q�/�/�)�!�Q�/�/�)�!�Q�/�/�'5����G��*�*�,�,�,������s�
�
�'�'��C��1�1�'��C��1�1����*�,�,��
&�&C�D�D�Ds�A	A
�
A'ryrdr0c�v�|�|tj��|�����Sr�)r|r!�PKCS1v15rfr{s   r^r|zRSAAlgorithm.sign�s)���8�8�C��!1�!3�!3�T�]�]�_�_�E�E�Er`r2r}c��	|�||tj��|�����dS#t$rYdSwxYw)NTF)r�r!r�rfrr�s    r^r�zRSAAlgorithm.verify�sW��
��
�
�3��W�%5�%7�%7������I�I�I��t��#�
�
�
��u�u�
���s�;?�
A
�A
N�rfr�rKr�)rsr�rKr�)r�r�r�r�rKrr�)r�r�r�r�rKr�)r�r�r�r~rKr�)r�r�rKr��ryrdrsr0rKrd�ryrdrsr2r}rdrKr~)r�r�r�r�r rTr�rUrVr�rwrr�r�r�r|r�rur`r^rYrYCs^�������	�	�
8>�}��D�D�D�D�7=�}��D�D�D�D�7=�}��D�D�D�D�	%�	%�	%�	%�	J�	J�	J�	J�&
�	�	�	�	�
��
��	�
�	�	�	�	�	�
��
��	�
�5:�&	'�&	'�&	'�&	'�
��&	'�P
�E	E�E	E�E	E�
��E	E�N	F�	F�	F�	F�	�	�	�	�	�	r`rYc��eZdZUdZejZded<ejZded<ejZded<d&d
�Z	d'd�Z
d(d�Zd)d�Ze
ed*d�����Ze
ed+d,d�����Ze	d+d-d!���Zed.d$���Zd%S)/rZzr
        Performs signing and verification operations using
        ECDSA and the specified hash function
        r�rTrUrVrfr�rKr�c��||_dSr�r�r�s  r^r�zECAlgorithm.__init__�r�r`rs�AllowedECKeys | str | bytes�
AllowedECKeysc��t|ttf��r|St|ttf��std���t
|��}	|�d��rt|��}nt|��}n!#t$rt|d���}YnwxYwt|ttf��std���|S)Nr�secdsa-sha2-r�zcExpecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for ECDSA algorithms)
rjr(r*rdr�r�rr�r>r=r�r<r)rqrsr��
crypto_keys    r^rwzECAlgorithm.prepare_key�s���#� 7�9O�P�Q�Q�
��
��c�E�3�<�0�0�
B�� @�A�A�A�#�C�(�(�I�

L��'�'��7�7�@�!4�Y�!?�!?�J�J�!4�Y�!?�!?�J����
L�
L�
L�1�)�d�K�K�K�
�
�
�
L������4�6L�M���
�&�y�����s�4B�B-�,B-ryrdr(c��|�|t|�������}t||j��Sr�)r|r"rfr�curve)rqryrs�der_sigs    r^r|zECAlgorithm.signs7���h�h�s�E�$�-�-�/�/�$:�$:�;�;�G�'����;�;�;r`�'AllowedECKeys'r}r~c�<�	t||j��}n#t$rYdSwxYw	t|t��r|���n|}|�||t|�������dS#t$rYdSwxYw)NFT)
rrr�rjr(r�r�r"rfr)rqryrsr}rr�s      r^r�zECAlgorithm.verifys���
�.�s�C�I�>�>�����
�
�
��u�u�
����	
�"�#�'>�?�?��C�N�N�$�$�$���
�!�!�'�3��d�m�m�o�o�0F�0F�G�G�G��t��#�
�
�
��u�u�
���s��
&�&�A!B
�
B�Br�r�r�rc��dSr�rur�s  r^r�zECAlgorithm.to_jwk)r�r`Fr�r�c��dSr�rur�s  r^r�zECAlgorithm.to_jwk.r�r`r�c�p�t|t��r'|������}n9t|t��r|���}ntd���t|jt��rd}nnt|jt��rd}nQt|jt��rd}n4t|jt��rd}ntd|j�����d|t|j���
��t|j���
��d�}t|t��r;t|���j���
��|d	<|r|St#j|��S)
Nr��P-256�P-384�P-521�	secp256k1�Invalid curve: �EC)r��crv�x�yr�)rjr(r�r�r*rrr$r%r&r#rrr�rr��
private_valuer�r�)r�r�r�rr�s     r^r�zECAlgorithm.to_jwk3s����'�#:�;�;�
E�!(�!3�!3�!5�!5�!D�!D�!F�!F����G�%;�<�<�
E�!(�!7�!7�!9�!9���%�&C�D�D�D��'�-��3�3�	
I�����G�M�9�5�5�
I�����G�M�9�5�5�
I�����G�M�9�5�5�
I�!���%�&G��
�&G�&G�H�H�H���&�~�'7�8�8�?�?�A�A�&�~�'7�8�8�?�?�A�A�	#�#�C��'�#:�;�;�
�,��+�+�-�-�;����&�(�(��C���
'��
��z�#���&r`r�r�c��	t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���d|vsd|vrt
d���t|�d����}t|�d����}|�d��}|dkrIt|��t|��cxkrd	krnnt��}�nt
d
���|dkrHt|��t|��cxkrdkrnnt��}n�t
d
���|dkrHt|��t|��cxkrdkrnnt��}not
d���|dkrHt|��t|��cxkrd	krnnt��}n!t
d���t
d|�����tt�|d���t�|d���|���}d|vr|���St|�d����}t|��t|��krt
dt|��|���t%t�|d���|�����S)Nr�r�rzNot an Elliptic curve keyrrrr� z)Coords should be 32 bytes for curve P-256r�0z)Coords should be 48 bytes for curve P-384r�Bz)Coords should be 66 bytes for curve P-521rz-Coords should be 32 bytes for curve secp256k1r�big)�	byteorder)rrrr�z!D should be {} bytes for curve {})rjr�r�r�r�r�rr�r�lenr$r%r&r#r+�int�
from_bytesr�r)r�)r�r�rrr�	curve_objr�r�s        r^r�zECAlgorithm.from_jwkZs;��
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��%�%�%�&A�B�B�B��#�~�~��C���%�&A�B�B�B� �������.�.�A� �������.�.�A��G�G�E�N�N�E������q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )���I�I�)�*U�V�V�V��'�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )���I�I�)�*U�V�V�V��'�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )���I�I�)�*U�V�V�V��+�%�%��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )���I�I�)�G����&�&?��&?�&?�@�@�@�7��.�.��e�.�4�4��.�.��e�.�4�4�����N��#�~�~�%�0�0�2�2�2� �������.�.�A��1�v�v��Q�����%�7��Q�������/����q�E��2�2�N����k�m�m�
r�Nr�)rsrrKr)ryrdrsr(rKrd)ryrdrsr	r}rdrKr~)r�rr�r�rKrr�)r�rr�r�rKr�)r�rr�r~rKr�)r�r�rKr)r�r�r�r�r rTr�rUrVr�rwr|r�rr�r�r�rur`r^rZrZ�sS�������	�	�
8>�}��D�D�D�D�7=�}��D�D�D�D�7=�}��D�D�D�D�	%�	%�	%�	%�	�	�	�	�<	<�	<�	<�	<�
	�	�	�	�"
�	�	�	�	�
��
��	�
�	�	�	�	�	�
��
��	�
�49�$	'�$	'�$	'�$	'�
��$	'�L
�A	�A	�A	�
��A	�A	�A	r`rZc�"�eZdZdZd
d�Zdd�ZdS)r[zA
        Performs a signature using RSASSA-PSS with MGF1
        ryrdrsr0rKc	���|�|tjtj|�����|���j���|�����S)N��mgf�salt_length)r|r!�PSS�MGF1rf�digest_sizer{s   r^r|zRSAPSSAlgorithm.sign�s_���8�8������T�]�]�_�_�5�5� $�
�
��� ;�����
�
���
��
r`r2r}r~c
��	|�||tjtj|�����|���j���|�����dS#t$rYdSwxYw)Nr$TF)r�r!r'r(rfr)rr�s    r^r�zRSAPSSAlgorithm.verify�s���
��
�
����K�#�L������9�9�$(�M�M�O�O�$?�����M�M�O�O�����t��#�
�
�
��u�u�
���s�A9A=�=
B�
BNr�r�)r�r�r�r�r|r�rur`r^r[r[�sF������	�	�	�	�	�	�
	�
	�
	�
	�
	�
	r`r[c��eZdZdZd!d�Zd"d
�Zd#d�Zd$d�Zee	d%d�����Z
ee	d&d'd�����Z
e	d&d(d���Z
e	d)d���Zd S)*r\z�
        Performs signing and verification operations using EdDSA

        This class requires ``cryptography>=2.6`` to be installed.
        �kwargsrrKr�c��dSr�ru)rqr,s  r^r�zOKPAlgorithm.__init__�s���Dr`rs�AllowedOKPKeys | str | bytes�AllowedOKPKeysc���t|ttf��r�t|t��r|�d��n|}t|t��r|�d��n|}d|vrt|��}n3d|vrt
|d���}n|dd�dkrt|��}t|ttttf��std���|S)	N�utf-8z-----BEGIN PUBLICz-----BEGIN PRIVATEr�r�zssh-zcExpecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for EdDSA algorithms)
rjrdr�r��encoder=r<r>r.r/r,r-r)rqrs�key_strr�s    r^rwzOKPAlgorithm.prepare_key�s����#��s�|�,�,�	
9�1;�C��1G�1G�P�#�*�*�W�-�-�-�S��3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S�	�&�'�1�1�-�i�8�8�C�C�)�W�4�4�.�y�4�H�H�H�C�C��Q�q�S�\�V�+�+�-�i�8�8�C���"�$4�o�~�V���
�&�y�����Jr`ryr��#Ed25519PrivateKey | Ed448PrivateKeyrdc��t|t��r|�d��n|}|�|��S)aS
            Sign a message ``msg`` using the EdDSA private key ``key``
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey}Ed448PrivateKey key: A :class:`.Ed25519PrivateKey`
                or :class:`.Ed448PrivateKey` isinstance
            :return bytes signature: The signature, as bytes
            r1)rjr�r3r|)rqryrs�	msg_bytess    r^r|zOKPAlgorithm.sign�s;��0:�#�s�/C�/C�L��
�
�7�+�+�+��I��8�8�I�&�&�&r`r}r~c�j�	t|t��r|�d��n|}t|t��r|�d��n|}t|ttf��r|���n|}|�||��dS#t$rYdSwxYw)a�
            Verify a given ``msg`` against a signature ``sig`` using the EdDSA key ``key``

            :param str|bytes sig: EdDSA signature to check ``msg`` against
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey|Ed25519PublicKey|Ed448PrivateKey|Ed448PublicKey key:
                A private or public EdDSA key instance
            :return bool verified: True if signature is valid, False if not.
            r1TF)rjr�r3r.r,r�r�r)rqryrsr}r7�	sig_bytesr�s       r^r�zOKPAlgorithm.verify�s���
�3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S�	�3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S�	�"�#�(9�?�'K�L�L��C�N�N�$�$�$���
�!�!�)�Y�7�7�7��t��#�
�
�
��u�u�
���s�B B$�$
B2�1B2r�r�rc��dSr�ru�rsr�s  r^r�zOKPAlgorithm.to_jwkr�r`Fr�r�c��dSr�rur;s  r^r�zOKPAlgorithm.to_jwk	r�r`r�c��t|ttf��r�|�tjtj���}t|t��rdnd}tt|�����	��d|d�}|r|Stj|��St|ttf���r|�tjtjt!�����}|����tjtj���}t|t��rdnd}tt|�����	��tt|�����	��d|d�}|r|Stj|��St%d���)	N)�encoding�format�Ed25519�Ed448�OKP)rr�r)r>r?�encryption_algorithm)rr�r�rr�)rjr/r-�public_bytesr8�Rawr;rrr�r�r�r.r,�
private_bytesr:r9r�r)rsr�rrr�r�s      r^r�zOKPAlgorithm.to_jwks����#� 0�.�A�B�B�
+��$�$�%�\�'�+�%����$.�c�3C�#D�#D�Q�i�i�'��*�+�a�.�.�9�9�@�@�B�B� ������+��J��:�c�?�?�*��#� 1�?�C�D�D�
+��%�%�%�\�(�,�)5���&�����N�N�$�$�1�1�%�\�'�+�2����
$.�c�3D�#E�#E�R�i�i�7��)�+�a�.�.�9�9�@�@�B�B�)�+�a�.�.�9�9�@�@�B�B� ��	����+��J��:�c�?�?�*�!�"?�@�@�@r`r�r�c�<�	t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���|�d��}|dkr|dkrt
d|�����d	|vrt
d
���t|�d	����}	d|vr.|dkrtj
|��Stj
|��St|�d����}|dkrtj
|��Stj
|��S#t
$r}t
d��|�d}~wwxYw)
Nr�r�rBzNot an Octet Key Pairrr@rArrzOKP should have "x" parameterr�zInvalid key parameter)rjr�r�r�r�r�rr�rr/�from_public_bytesr-r.�from_private_bytesr,)r�r�rrr��errs      r^r�zOKPAlgorithm.from_jwk=s���
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��&�&�%�&=�>�>�>��G�G�E�N�N�E��	�!�!�e�w�&6�&6�%�&?��&?�&?�@�@�@��#�~�~�%�&E�F�F�F� �������.�.�A�

H��c�>�>��	�)�)�/�A�!�D�D�D�)�;�A�>�>�>�$�S�W�W�S�\�\�2�2���I�%�%�,�?��B�B�B�&�9�!�<�<�<���
H�
H�
H�%�&=�>�>�C�G�����
H���s6�A	A�A&�:E<�E<�,;E<�(E<�<
F�F�FN)r,rrKr�)rsr.rKr/)ryr�rsr5rKrd)ryr�rsr/r}r�rKr~)rsr/r�r�rKrr�)rsr/r�r�rKr�)rsr/r�r~rKr�)r�r�rKr/)r�r�r�r�r�rwr|r�rr�r�r�rur`r^r\r\�s������	�	�	�	�	�	�	�	�	�	�.	'�	'�	'�	'�	�	�	�	�4
�	�	�	�	�
��
��	�
�	�	�	�	�	�
��
��	�
�,	A�,	A�,	A�,	A�
��,	A�\
� 	H� 	H� 	H�
�� 	H� 	H� 	Hr`r\)rKrL)^�
__future__rr�r�r��sys�abcrr�typingrrrr	r
rr�
exceptionsr�typesrr�utilsrrrrrrrrr�version_infor�typing_extensions�cryptography.exceptionsr�cryptography.hazmat.backendsr�cryptography.hazmat.primitivesr �)cryptography.hazmat.primitives.asymmetricr!�,cryptography.hazmat.primitives.asymmetric.ecr"r#r$r%r&r'r(r)r*r+�/cryptography.hazmat.primitives.asymmetric.ed448r,r-�1cryptography.hazmat.primitives.asymmetric.ed25519r.r/�-cryptography.hazmat.primitives.asymmetric.rsar0r1r2r3r4r5r6r7�,cryptography.hazmat.primitives.serializationr8r9r:r;r<r=r>rW�ModuleNotFoundErrorr�rr/�AllowedKeys�AllowedPrivateKeys�AllowedPublicKeys�requires_cryptographyr_rbrRrSrYrZr[r\rur`r^�<module>rbs~��"�"�"�"�"�"�������������
�
�
�
�#�#�#�#�#�#�#�#�P�P�P�P�P�P�P�P�P�P�P�P�P�P�P�P�P�P�'�'�'�'�'�'�'�'�'�'�'�'�'�'�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
�
���v����������)�)�)�)�)�)�/�8�8�8�8�8�8�<�<�<�<�<�<�5�5�5�5�5�5�A�A�A�A�A�A�����������������������������������������	�	�	�	�	�	�	�	�	�	�	�	�	�	�	�	�	�	�	�	��������������������J�J�������J�J�J������
�"�\�1�N�+�.D�D�M��,�,��>��O��!�=�0�>�A�K��/�/�2C�C�o�U��	�-�-�0@�@�>�Q��

�
�
�� ����DH�H�H�H�H��H�H�H�V$�$�$�$�$�I�$�$�$�<C=�C=�C=�C=�C=�I�C=�C=�C=�L�]H�c�c�c�c�c�y�c�c�c�Jt�t�t�t�t�i�t�t�t�l�����,����<bH�bH�bH�bH�bH�y�bH�bH�bH�bH�bH�w]H�]Hs�.A(C�C!� C!