� L�g�v��ddlmZddlZddlZddlZddlmZmZddlm Z m Z mZmZm Z mZmZddlmZddlmZmZddlmZmZmZmZmZmZmZmZmZ dd lm Z m!Z!dd l"m#Z#ddl$m%Z%ddl&m'Z'dd l(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2ddl3m4Z4m5Z5ddl6m7Z7m8Z8ddl9m:Z:m;Z;m<Z<m=Z=m>Z>m?Z?m@Z@mAZAddlBmCZCmDZDmEZEmFZFmGZGmHZHmIZIdZJn #eK$rdZJYnwxYwe r3e:e<zZLe/e1zZMe7e8ze4ze5zZNeLeMzeNzZOe:e/ze7ze4zZPe<e1ze8ze5zZQhd�ZRd&d�ZSGd�de��ZTGd�deT��ZUGd�deT��ZVeJr:Gd�deT��ZWGd �d!eT��ZXGd"�d#eW��ZYGd$�d%eT��ZZdSdS)'�)�annotationsN)�ABC�abstractmethod)� TYPE_CHECKING�Any�ClassVar�Literal�NoReturn�cast�overload��InvalidKeyError)�HashlibHash�JWKDict) �base64url_decode�base64url_encode�der_to_raw_signature�force_bytes�from_base64url_uint� is_pem_format� is_ssh_key�raw_to_der_signature�to_base64url_uint)�InvalidSignature�UnsupportedAlgorithm)�default_backend)�hashes)�padding) �ECDSA� SECP256K1� SECP256R1� SECP384R1� SECP521R1� EllipticCurve�EllipticCurvePrivateKey�EllipticCurvePrivateNumbers�EllipticCurvePublicKey�EllipticCurvePublicNumbers)�Ed448PrivateKey�Ed448PublicKey)�Ed25519PrivateKey�Ed25519PublicKey)� RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers�rsa_crt_dmp1�rsa_crt_dmq1�rsa_crt_iqmp�rsa_recover_prime_factors)�Encoding�NoEncryption� PrivateFormat�PublicFormat�load_pem_private_key�load_pem_public_key�load_ssh_public_keyTF>�ES256�ES384�ES512�ES521�EdDSA�PS256�PS384�PS512�RS256�RS384�RS512�ES256K�return�dict[str, Algorithm]c��t��ttj��ttj��ttj��d�}t �r+|�ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��t��d��|S)zE Returns the algorithms that are implemented by the library. )�none�HS256�HS384�HS512)rErFrGr=rHr>r@r?rBrCrDrA)� NoneAlgorithm� HMACAlgorithm�SHA256�SHA384�SHA512� has_crypto�update�RSAAlgorithm�ECAlgorithm�RSAPSSAlgorithm�OKPAlgorithm)�default_algorithmss �^/home/asafur/pinokio/api/open-webui.git/app/env/lib/python3.11/site-packages/jwt/algorithms.py�get_default_algorithmsr]is�� }�3�4�4��}�3�4�4��}�3�4�4� �� !�!�%�l�&9�:�:�%�l�&9�:�:�%�l�&9�:�:�$�[�%7�8�8�%�k�&8�9�9�$�[�%7�8�8�$�[�%7�8�8�$��&��)��)?�@�@�(��)?�@�@�(��)?�@�@�%�� &��c�&�eZdZdZdd�Zedd��Zedd ��Zedd ��Ze e ed d��Ze e ed!d"d��Ze ed!d#d��Ze ed$d��ZdS)%� AlgorithmzH The interface for an algorithm used to sign and verify tokens. �bytestr�bytesrIc��t|dd��}|�t�tr�t|t��rzt|tj��r`t j|��t��}|� |��t|��St||�� S)z� Compute a hash digest using the specified algorithm's hash algorithm. If there is no hash algorithm, raises a NotImplementedError. �hash_algN)�backend)�getattr�NotImplementedErrorrU� isinstance�type� issubclassr� HashAlgorithm�HashrrVrb�finalize�digest)�selfrardrns r\�compute_hash_digestzAlgorithm.compute_hash_digest�s��4��T�2�2��%�%� � 5��8�T�*�*� 5��8�V�%9�:�:� 5� �[��_�5F�5F�G�G�G�F��M�M�'�"�"�"��*�*�+�+�+��'�*�*�1�1�3�3�4�4�4r^�keyrc��dS)z� Performs necessary validation and conversions on the key and returns the key value in the proper format for sign() and verify(). N��rorqs r\�prepare_keyzAlgorithm.prepare_key��r^�msgc��dS)zn Returns a digital signature for the specified message using the specified key value. Nrs�rorwrqs r\�signzAlgorithm.sign�rvr^�sig�boolc��dS)zz Verifies that the specified digital signature is valid for the specified message and key values. Nrs�rorwrqr{s r\�verifyzAlgorithm.verify�rvr^�as_dict� Literal[True]rc��dS�Nrs��key_objr�s r\�to_jwkzAlgorithm.to_jwk�s ��=@�Cr^F�Literal[False]�strc��dSr�rsr�s r\r�zAlgorithm.to_jwk�s��BE�r^� JWKDict | strc��dS)z3 Serializes a given key into a JWK Nrsr�s r\r�zAlgorithm.to_jwk�rvr^�jwk� str | JWKDictc��dS)zJ Deserializes a given key from JWK back into a key object Nrs�r�s r\�from_jwkzAlgorithm.from_jwk�rvr^N)rarbrIrb)rqrrIr)rwrbrqrrIrb)rwrbrqrr{rbrIr|)r�r�rIr�F)r�r�rIr�)r�r|rIr�)r�r�rIr) �__name__� __module__�__qualname__�__doc__rprrurzrr�staticmethodr�r�rsr^r\r`r`�sH��5�5�5�5�,��^��^��^��?�?�?��^��\��X�@� ��D�D�D�D��^��\��X�E��^��\�� ^��\��r^r`c�\�eZdZdZdd�Zdd �Zdd�Zeddd��Zedd��Z dS)rPzZ Placeholder for use when no signing or verification operations are required. rq� str | NonerI�Nonec�8�|dkrd}|�td��|S)N�z*When alg = "none", key value must be None.rrts r\ruzNoneAlgorithm.prepare_key�s)��"�9�9��C��?�!�"N�O�O�O�� r^rwrbc��dS)Nr^rsrys r\rzzNoneAlgorithm.sign�s��sr^r{r|c��dS)NFrsr~s r\rzNoneAlgorithm.verify�s��ur^Fr�rr�r c��t��r��rgr�s r\r�zNoneAlgorithm.to_jwk��!�#�#�#r^r�r�c��t��r�r�r�s r\r�zNoneAlgorithm.from_jwk�r�r^N)rqr�rIr�)rwrbrqr�rIrb)rwrbrqr�r{rbrIr|r�)r�rr�r|rIr )r�r�rIr ) r�r�r�r�rurzrr�r�r�rsr^r\rPrP�s�� $�$�$�$��\�$��$�$�$��\�$�$�$r^rPc��eZdZUdZejZded<ejZ ded<ej Zded<d#d �Zd$d�Z eed%d��Zee d&d'd��Zed&d(d��Zed)d��Zd*d�Zd+d!�Zd"S),rQzf Performs signing and verification operations using HMAC and the specified hash function. zClassVar[HashlibHash]rRrSrTrdrrIr�c��||_dSr��rd�rords r\�__init__zHMACAlgorithm.__init__�s �� r^rq�str | bytesrbc�~�t|��}t|��st|��rtd��|S)NzdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)rrrr�rorq� key_bytess r\ruzHMACAlgorithm.prepare_key�sM��$�$� ��#�#� �z�)�'<�'<� �!�9�� r^r�r�r�rc��dSr�rsr�s r\r�zHMACAlgorithm.to_jwk � ��#r^Fr�r�c��dSr�rsr�s r\r�zHMACAlgorithm.to_jwks ��cr^r|r�c��tt|��dd�}|r|Stj|��S)N�oct)�k�kty)rr�decode�json�dumps)r�r�r�s r\r�zHMACAlgorithm.to_jwksO��"�+�g�"6�"6�7�7�>�>�@�@�� #��J��:�c�?�?�"r^r�r�c�N� t|t��rtj|��}nt|t��r|}nt �n#t $rt d��d�wxYw|�d��dkrt d��t|d��S)N�Key is not valid JSONr�r�zNot an HMAC keyr�) rhr�r��loads�dict� ValueErrorr�getr)r��objs r\r�zHMACAlgorithm.from_jwk"s�� E��#�s�#�#� !�#�z�#��C��&�&� !�� E� E� E�!�"9�:�:��D� E��7�7�5�>�>�U�"�"�!�"3�4�4�4��C��)�)�)��A A�A'rwc�\�tj|||j��Sr�)�hmac�newrdrnrys r\rzzHMACAlgorithm.sign3s$��x��S�$�-�0�0�7�7�9�9�9r^r{c�T�tj||�||��Sr�)r��compare_digestrzr~s r\rzHMACAlgorithm.verify6s#��"�3�� #�s�(;�(;�<�<�<r^N)rdrrIr�)rqr�rIrb)r�r�r�r�rIrr�)r�r�r�r�rIr�)r�r�r�r|rIr�)r�r�rIrb)rwrbrqrbrIrb)rwrbrqrbr{rbrIr|)r�r�r�r��hashlib�sha256rR�__annotations__�sha384rS�sha512rTr�rurr�r�r�rzrrsr^r\rQrQ�sL�� %,�N�F�2�2�2�2�$+�N�F�2�2�2�2�$+�N�F�2�2�2�2�!�!�!�!� � � � ��\��X��8=��\��X�� #� #� #� #��\� #��*�*�*��\�*� :�:�:�:�=�=�=�=�=�=r^rQc��eZdZUdZejZded<ejZded<ejZded<d&d �Z d'd�Z eed(d��Z ee d)d*d��Z ed)d+d��Z ed,d��Zd-d!�Zd.d$�Zd%S)/rWz~ Performs signing and verification operations using RSASSA-PKCS-v1_5 and the specified hash function. �$ClassVar[type[hashes.HashAlgorithm]]rRrSrTrd�type[hashes.HashAlgorithm]rIr�c��||_dSr�r�r�s r\r�zRSAAlgorithm.__init__F� ��$�D�M�M�Mr^rq�AllowedRSAKeys | str | bytes�AllowedRSAKeysc��t|ttf��r|St|ttf��std��t |��} |�d��r"ttt|��Sttt|d��S#t$rK ttt|��cYS#ttf$rtd��d�wxYwwxYw)N�Expecting a PEM-formatted key.sssh-rsa��passwordz(Could not parse the provided public key.)rhr.r0rbr�� TypeErrorr� startswithrr<r:r�r;rrr�s r\ruzRSAAlgorithm.prepare_keyIs%��#� �|�<�=�=� �� c�E�3�<�0�0� B�� @�A�A�A�#�C�(�(�I� ��'�'� �3�3��.A�)�.L�.L�M�M�M��%�';�I�PT�'U�'U�'U�� .A�)�.L�.L�M�M�M�M�M��"�$8�9� � � �)�B�� s*�6B5�#B5�5 D �!C$�!D �$"D�D r�r�r�rc��dSr�rsr�s r\r�zRSAAlgorithm.to_jwka� ��cr^Fr�r�c��dSr�rsr�s r\r�zRSAAlgorithm.to_jwkgr�r^r|r�c��d}t|d��rM|��}ddgt|jj��t|jj��t|j��t|j��t|j ��t|j ��t|j��t|j��d� }n�t|d��re|��}ddgt|j��t|j��d�}ntd��|r|Stj|��S)N�private_numbers�RSArz) r��key_ops�n�e�d�p�q�dp�dq�qir)r�r�r�r��Not a public or private key)�hasattrr�r�public_numbersr�r�r�r�r�r��dmp1�dmq1�iqmprr�r�)r�r�r��numberss r\r�zRSAAlgorithm.to_jwkms��)-�C��w� 1�2�2� E�!�1�1�3�3��!� &�x�*�7�+A�+C�D�D�K�K�M�M�*�7�+A�+C�D�D�K�K�M�M�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B��(�+�+� E�!�0�0�2�2��!� (�z�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>� ��&�&C�D�D�D�� '�� z�#��&r^r�r�c�>� � t|t��rtj|�� nt|t��r|� nt �n#t $rt d��d�wxYw� �d��dkrt d��d�d� v�r�d� v�r�d� v�r�d� vrt d ��gd �}� fd�|D��}t|��}|rt|��st d��d�tt� d��t� d��}|r�tt� d��t� d ��t� d��t� d��t� d��t� d��|��}nst� d��}t|j||j��\}}t|||t!||��t#||��t%||��|��}|��Sd� vrLd� vrHtt� d��t� d��St d��)Nr�r�r�zNot an RSA keyr�r�r��othz5Unsupported RSA private key: > 2 primes not supported)r�r�r�r�r�c��g|]}|�v��Srsrs)�.0�propr�s �r\� <listcomp>z)RSAAlgorithm.from_jwk.<locals>.<listcomp>�s��C�C�C�t�t�s�{�C�C�Cr^z@RSA key must include all parameters if any are present besides dr�r�r�r�r�)r�r�r�r�r�r�r�r�)rhr�r�r�r�r�rr��any�allr1rr/r5r�r�r2r3r4�private_key� public_key) r��other_props�props_found�any_props_foundr�r�r�r�r�r�s @r\r�zRSAAlgorithm.from_jwk�s�� I��c�3�'�'�%��*�S�/�/�C�C��T�*�*�%��C�C�$�$�� I� I� I�%�&=�>�>�D�H� I��w�w�u�~�~��&�&�%�&6�7�7�T�A��c�z�z�c�S�j�j�S�C�Z�Z��C�<�<�)�O��;�:�:��C�C�C�C�{�C�C�C��"%�k�"2�"2��"� �3�{�+;�+;� �)�Z�� "2�'��C��1�1�'��C��1�1�"�"�� #��/�-�c�#�h�7�7�-�c�#�h�7�7�-�c�#�h�7�7�0��T��;�;�0��T��;�;�0��T��;�;�'5��G�G�,�C��H�5�5�A�4�&�(�!�^�-=��D�A�q�0��)�!�Q�/�/�)�!�Q�/�/�)�!�Q�/�/�'5��G��*�*�,�,�,��s� � �'�'��C��1�1�'��C��1�1��*�,�,�� &�&C�D�D�Ds�A A � A(rwrbr.c�v�|�|tj��|��Sr�)rzr�PKCS1v15rdrys r\rzzRSAAlgorithm.sign�s)��8�8�C��!1�!3�!3�T�]�]�_�_�E�E�Er^r0r{c�� |�||tj��|��dS#t$rYdSwxYw)NTF)rrr�rdrr~s r\rzRSAAlgorithm.verify�sW�� 3��W�%5�%7�%7��I�I�I��t��#� � � ��u�u� ��s�;?� A �A N�rdr�rIr�)rqr�rIr�)r�r�r�r�rIrr�)r�r�r�r�rIr�)r�r�r�r|rIr�)r�r�rIr��rwrbrqr.rIrb�rwrbrqr0r{rbrIr|)r�r�r�r�rrRr�rSrTr�rurr�r�r�rzrrsr^r\rWrW<sZ�� 8>�}��D�D�D�D�7=�}��D�D�D�D�7=�}��D�D�D�D� %� %� %� %� � � � �0 � � � � � �� ?D� � � � � �� $ '�$ '�$ '�$ '� ��$ '�L �E E�E E�E E� ��E E�N F� F� F� F� � � � � � r^rWc��eZdZUdZejZded<ejZded<ejZded<d%d �Z d&d�Z d'd�Zd(d�Ze ed)d��Ze e d*d+d��Zed*d,d ��Zed-d#��Zd$S).rXzr Performs signing and verification operations using ECDSA and the specified hash function r�rRrSrTrdr�rIr�c��||_dSr�r�r�s r\r�zECAlgorithm.__init__�r�r^rq�AllowedECKeys | str | bytes� AllowedECKeysc��t|ttf��r|St|ttf��std��t |��} |�d��rt|��}nt|��}n!#t$rt|d��}YnwxYwt|ttf��std��d�|S)Nr�secdsa-sha2-r�zcExpecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for ECDSA algorithms) rhr&r(rbr�r�rr�r<r;r�r:r)rorqr�� crypto_keys r\ruzECAlgorithm.prepare_key�s��#� 7�9O�P�Q�Q� �� c�E�3�<�0�0� B�� @�A�A�A�#�C�(�(�I� L��'�'��7�7�@�!4�Y�!?�!?�J�J�!4�Y�!?�!?�J�� L� L� L�1�)�d�K�K�K� � � � L��4�6L�M�� &�y��s�4B�B-�,B-rwrbr&c��|�|t|��}t||j��Sr�)rzr rdr�curve)rorwrq�der_sigs r\rzzECAlgorithm.signs7��h�h�s�E�$�-�-�/�/�$:�$:�;�;�G�'��;�;�;r^r{r|c�<� t||j��}n#t$rYdSwxYw t|t��r|��n|}|�||t|��dS#t$rYdSwxYw)NFT) rrr�rhr&r�rr rdr)rorwrqr{rr�s r\rzECAlgorithm.verifys�� .�s�C�I�>�>�� u�u� �� "�#�'>�?�?��C�N�N�$�$�$�� !�!�'�3��d�m�m�o�o�0F�0F�G�G�G��t��#� � � ��u�u� ��s�� &�&�A!B � B�Br�r�r�rc��dSr�rsr�s r\r�zECAlgorithm.to_jwk'r�r^Fr�r�c��dSr�rsr�s r\r�zECAlgorithm.to_jwk-r�r^r�c��t|t��r'|��}n9t|t��r|��}ntd��t|jt��rd}nnt|jt��rd}nQt|jt��rd}n4t|jt��rd}ntd|j��d|t|j|jj ��t|j|jj ��d �}t|t��rGt|��j|jj ��|d <|r|St%j|��S)Nr��P-256�P-384�P-521� secp256k1�Invalid curve: �EC)� bit_length)r��crv�x�yr�)rhr&r�r�r(rrr"r#r$r!rr�key_sizer�rr�� private_valuer�r�)r�r�r�rr�s r\r�zECAlgorithm.to_jwk3s��'�#:�;�;� E�!(�!3�!3�!5�!5�!D�!D�!F�!F��G�%;�<�<� E�!(�!7�!7�!9�!9��%�&C�D�D�D��'�-��3�3� I��G�M�9�5�5� I��G�M�9�5�5� I��G�M�9�5�5� I�!��%�&G�� &G�&G�H�H�H��&�"�$�&�}�5��&�(�(�&�"�$�&�}�5��&�(�(�#�#�C��'�#:�;�;� �,��+�+�-�-�;�&�}�5��&�(�(��C�� '�� z�#��&r^r�r�c�� t|t��rtj|��}nt|t��r|}nt �n#t $rt d��d�wxYw|�d��dkrt d��d�d|vsd|vrt d��d�t|�d��}t|�d��}|�d��}|dkrJt|��t|��cxkrd krnnt��}�nt d ��d�|dkrIt|��t|��cxkrdkrnnt��}n�t d ��d�|dkrIt|��t|��cxkrdkrnnt��}npt d��d�|dkrHt|��t|��cxkrd krnnt��}n!t d��t d|��tt�|d��t�|d��|��}d|vr|��St|�d��}t|��t|��krt dt|��|��t%t�|d��|��S)Nr�r�rzNot an Elliptic curve keyrrrr � z)Coords should be 32 bytes for curve P-256r�0z)Coords should be 48 bytes for curve P-384r�Bz)Coords should be 66 bytes for curve P-521r z-Coords should be 32 bytes for curve secp256k1r�big)� byteorder)rrrr�z!D should be {} bytes for curve {})rhr�r�r�r�r�rr�r�lenr"r#r$r!r)�int� from_bytesr�r'r�)r�r�rrr� curve_objr�r�s r\r�zECAlgorithm.from_jwk_sg�� I��c�3�'�'�%��*�S�/�/�C�C��T�*�*�%��C�C�$�$�� I� I� I�%�&=�>�>�D�H� I��w�w�u�~�~��%�%�%�&A�B�B��L��#�~�~��C��%�&A�B�B��L� ��.�.�A� ��.�.�A��G�G�E�N�N�E��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )��I�I�)�C�� '�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )��I�I�)�C�� '�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )��I�I�)�C�� +�%�%��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� )��I�I�)�G��&�&?��&?�&?�@�@�@�7��.�.��e�.�4�4��.�.��e�.�4�4��N��#�~�~�%�0�0�2�2�2� ��.�.�A��1�v�v��Q��%�7��Q��/��q�E��2�2�N��k�m�m� r�Nr�)rqr�rIr)rwrbrqr&rIrb)rwrbrqrr{rbrIr|)r�rr�r�rIrr�)r�rr�r�rIr�)r�rr�r|rIr�)r�r�rIr)r�r�r�r�rrRr�rSrTr�rurzrrr�r�r�rsr^r\rXrX�sS�� 8>�}��D�D�D�D�7=�}��D�D�D�D�7=�}��D�D�D�D� %� %� %� %� � � � �< <� <� <� <� � � � �" � � � � � �� >C� � � � � �� ) '�) '�) '�) '� ��) '�V �G �G �G � ��G �G �G r^rXc�"�eZdZdZd d�Zdd�ZdS)rYzA Performs a signature using RSASSA-PSS with MGF1 rwrbrqr.rIc ��|�|tjtj|��|��j��|��S)N��mgf�salt_length)rzr�PSS�MGF1rd�digest_sizerys r\rzzRSAPSSAlgorithm.sign�s_��8�8��T�]�]�_�_�5�5� $� � �� ;�� r^r0r{r|c �� |�||tjtj|��|��j��|��dS#t$rYdSwxYw)Nr"TF)rrr%r&rdr'rr~s r\rzRSAPSSAlgorithm.verify�s�� K�#�L��9�9�$(�M�M�O�O�$?��M�M�O�O��t��#� � � ��u�u� ��s�A9A=�= B� BNr�r�)r�r�r�r�rzrrsr^r\rYrY�sF�� r^rYc��eZdZdZd!d�Zd"d �Zd#d�Zd$d�Zee d%d��Z ee d&d'd��Z e d&d(d��Z e d)d��Zd S)*rZz� Performs signing and verification operations using EdDSA This class requires ``cryptography>=2.6`` to be installed. �kwargsrrIr�c��dSr�rs)ror*s r\r�zOKPAlgorithm.__init__�s��Dr^rq�AllowedOKPKeys | str | bytes�AllowedOKPKeysc��t|ttf��r�t|t��r|�d��n|}t|t��r|�d��n|}d|vrt|��}n3d|vrt |d��}n|dd�dkrt|��}t|ttttf��std��|S) N�utf-8z-----BEGIN PUBLICz-----BEGIN PRIVATEr�r�zssh-zcExpecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for EdDSA algorithms) rhrbr�r��encoder;r:r<r,r-r*r+r)rorq�key_strr�s r\ruzOKPAlgorithm.prepare_key�s��#��s�|�,�,� 9�1;�C��1G�1G�P�#�*�*�W�-�-�-�S��3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S� �&�'�1�1�-�i�8�8�C�C�)�W�4�4�.�y�4�H�H�H�C�C��Q�q�S�\�V�+�+�-�i�8�8�C��"�$4�o�~�V�� &�y��Jr^rwr��#Ed25519PrivateKey | Ed448PrivateKeyrbc��t|t��r|�d��n|}|�|��S)aS Sign a message ``msg`` using the EdDSA private key ``key`` :param str|bytes msg: Message to sign :param Ed25519PrivateKey}Ed448PrivateKey key: A :class:`.Ed25519PrivateKey` or :class:`.Ed448PrivateKey` isinstance :return bytes signature: The signature, as bytes r/)rhr�r1rz)rorwrq� msg_bytess r\rzzOKPAlgorithm.sign�s;��0:�#�s�/C�/C�L�� 7�+�+�+��I��8�8�I�&�&�&r^r{r|c�j� t|t��r|�d��n|}t|t��r|�d��n|}t|ttf��r|��n|}|�||��dS#t$rYdSwxYw)a� Verify a given ``msg`` against a signature ``sig`` using the EdDSA key ``key`` :param str|bytes sig: EdDSA signature to check ``msg`` against :param str|bytes msg: Message to sign :param Ed25519PrivateKey|Ed25519PublicKey|Ed448PrivateKey|Ed448PublicKey key: A private or public EdDSA key instance :return bool verified: True if signature is valid, False if not. r/TF)rhr�r1r,r*r�rr)rorwrqr{r5� sig_bytesr�s r\rzOKPAlgorithm.verify�s�� 3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S� �3=�c�3�3G�3G�P�C�J�J�w�/�/�/�S� �"�#�(9�?�'K�L�L��C�N�N�$�$�$�� !�!�)�Y�7�7�7��t��#� � � ��u�u� ��s�B B$�$ B2�1B2r�r�rc��dSr�rs�rqr�s r\r�zOKPAlgorithm.to_jwkr�r^Fr�r�c��dSr�rsr9s r\r�zOKPAlgorithm.to_jwkr�r^r�c��t|ttf��r�|�tjtj��}t|t��rdnd}tt|�� d|d�}|r|Stj|��St|ttf��r|�tjtjt!��}|��tjtj��}t|t��rdnd}tt|�� tt|�� d|d�}|r|Stj|��St%d��) N)�encoding�format�Ed25519�Ed448�OKP)rr�r)r<r=�encryption_algorithm)rr�r�rr�)rhr-r+�public_bytesr6�Rawr9rrr�r�r�r,r*� private_bytesr8r7r�r)rqr�rrr�r�s r\r�zOKPAlgorithm.to_jwks��#� 0�.�A�B�B� +��$�$�%�\�'�+�%��$.�c�3C�#D�#D�Q�i�i�'��*�+�a�.�.�9�9�@�@�B�B� ��+��J��:�c�?�?�*��#� 1�?�C�D�D� +��%�%�%�\�(�,�)5��&��N�N�$�$�1�1�%�\�'�+�2�� $.�c�3D�#E�#E�R�i�i�7��)�+�a�.�.�9�9�@�@�B�B�)�+�a�.�.�9�9�@�@�B�B� �� +��J��:�c�?�?�*�!�"?�@�@�@r^r�r�c�>� t|t��rtj|��}nt|t��r|}nt �n#t $rt d��d�wxYw|�d��dkrt d��|�d��}|dkr|dkrt d|��d |vrt d ��t|�d ��} d|vr.|dkrtj |��Stj |��St|�d��}|dkrtj |��Stj |��S#t $r}t d��|�d}~wwxYw) Nr�r�r@zNot an Octet Key Pairrr>r?rrzOKP should have "x" parameterr�zInvalid key parameter)rhr�r�r�r�r�rr�rr-�from_public_bytesr+r,�from_private_bytesr*)r�r�rrr��errs r\r�zOKPAlgorithm.from_jwkJs�� I��c�3�'�'�%��*�S�/�/�C�C��T�*�*�%��C�C�$�$�� I� I� I�%�&=�>�>�D�H� I��w�w�u�~�~��&�&�%�&=�>�>�>��G�G�E�N�N�E�� !�!�e�w�&6�&6�%�&?��&?�&?�@�@�@��#�~�~�%�&E�F�F�F� ��.�.�A� H��c�>�>�� )�)�/�A�!�D�D�D�)�;�A�>�>�>�$�S�W�W�S�\�\�2�2��I�%�%�,�?��B�B�B�&�9�!�<�<�<�� H� H� H�%�&=�>�>�C�G�� H��s6�A A�A'�;E=�E=�-;E=�)E=�= F�F�FN)r*rrIr�)rqr,rIr-)rwr�rqr3rIrb)rwr�rqr-r{r�rIr|)rqr-r�r�rIrr�)rqr-r�r�rIr�)rqr-r�r|rIr�)r�r�rIr-)r�r�r�r�r�rurzrrr�r�r�rsr^r\rZrZ�s�� . '� '� '� '� � � � �4 � � � � � �� ;@� � � � � �� , A�, A�, A�, A� ��, A�\ � H� H� H� �� H� H� Hr^rZ)rIrJ)[� __future__rr�r�r��abcrr�typingrrrr r rr� exceptionsr�typesrr�utilsrrrrrrrrr�cryptography.exceptionsrr�cryptography.hazmat.backendsr�cryptography.hazmat.primitivesr�)cryptography.hazmat.primitives.asymmetricr�,cryptography.hazmat.primitives.asymmetric.ecr r!r"r#r$r%r&r'r(r)�/cryptography.hazmat.primitives.asymmetric.ed448r*r+�1cryptography.hazmat.primitives.asymmetric.ed25519r,r-�-cryptography.hazmat.primitives.asymmetric.rsar.r/r0r1r2r3r4r5�,cryptography.hazmat.primitives.serializationr6r7r8r9r:r;r<rU�ModuleNotFoundErrorr�rr-�AllowedKeys�AllowedPrivateKeys�AllowedPublicKeys�requires_cryptographyr]r`rPrQrWrXrYrZrsr^r\�<module>r]sD��"�"�"�"�"�"��#�#�#�#�#�#�#�#�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�R�'�'�'�'�'�'�'�'�'�'�'�'�'�'� � � � � � � � � � � � � � � � � � � � � � �/�N�N�N�N�N�N�N�N�<�<�<�<�<�<�5�5�5�5�5�5�A�A�A�A�A�A�� J�J��J�J�J�� "�\�1�N�+�.D�D�M��,�,��>��O��!�=�0�>�A�K��/�/�2C�C�o�U�� -�-�0@�@�>�Q�� DF�F�F�F�F��F�F�F�R$�$�$�$�$�I�$�$�$�<E=�E=�E=�E=�E=�I�E=�E=�E=�P�qH�h�h�h�h�h�y�h�h�h�TA�A�A�A�A�i�A�A�A�F��,��<dH�dH�dH�dH�dH�y�dH�dH�dH�dH�dH�[qH�qHs�A*B=�=C�C