Bad error message when key type and algorithm type are incompatible

[mrvanes]

When importing an EC private key from pem and using that to add_signature to a jws token, cryptography ECPrivateKey complains that the sign method only takes 2 positional arguments but 3 were given:

    jwstoken.add_signature(key, None,
    ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^
                           json_encode({"alg": "RS256"}),
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                           json_encode({"kid": key.thumbprint()}))
                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Tools/venv/lib/python3.13/site-packages/jwcrypto/jws.py", line 545, in add_signature
    sig = c.sign()
  File "/Tools/venv/lib/python3.13/site-packages/jwcrypto/jws.py", line 152, in sign
    signature = self.engine.sign(self.key, sigin)
  File "/Tools/venv/lib/python3.13/site-packages/jwcrypto/jwa.py", line 133, in sign
    return skey.sign(payload, self.padfn, self.hashfn)
           ~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: ECPrivateKey.sign() takes 2 positional arguments but 3 were given

[mrvanes]

Never mind, requested signing alg was incompatible.

[simo5]

Heh, using an RSA algorithm with an EC key is indeed too much, however we should return a better error than what you saw.
I am going to re-open this issue so I can investigate later.