Explicit check the key for ECAlgorithm (#713)

* Explicit check the key for ECAlgorithm * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
author: Evgeniy Tatarkin <tatarkin.evg@gmail.com> 2021-12-12 14:49:19 +0300
committer: GitHub <noreply@github.com> 2021-12-12 17:49:19 +0600
commit: aabeb061348cedaafa1ae2e67371525a30b6b93a (patch)
tree: 02520d6aad9e13df46b259e4f5745ea2416b36be /jwt
parent: 43d38a0c7070961a166a21b94f968e104de947e2 (diff)
download: pyjwt-aabeb061348cedaafa1ae2e67371525a30b6b93a.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/jwt/algorithms.py b/jwt/algorithms.py
index 1f8865a..739df80 100644
--- a/jwt/algorithms.py
+++ b/jwt/algorithms.py
@@ -417,6 +417,12 @@ if has_crypto:
             except ValueError:
                 key = load_pem_private_key(key, password=None)
 
+            # Explicit check the key to prevent confusing errors from cryptography
+            if not isinstance(key, (EllipticCurvePrivateKey, EllipticCurvePublicKey)):
+                raise InvalidKeyError(
+                    "Expecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for ECDSA algorithms"
+                )
+
             return key
 
         def sign(self, msg, key):
author	Evgeniy Tatarkin <tatarkin.evg@gmail.com>	2021-12-12 14:49:19 +0300
committer	GitHub <noreply@github.com>	2021-12-12 17:49:19 +0600
commit	aabeb061348cedaafa1ae2e67371525a30b6b93a (patch)
tree	02520d6aad9e13df46b259e4f5745ea2416b36be /jwt
parent	43d38a0c7070961a166a21b94f968e104de947e2 (diff)
download	pyjwt-aabeb061348cedaafa1ae2e67371525a30b6b93a.tar.gz