Description: Add a check so that asymmetric keys cannot be used as HMAC
 secrets.
Origin: https://github.com/jpadilla/pyjwt/commit/6a84d73f5a48488d3daf554a69500c3f42bb464d

--- a/jwt/__init__.py
+++ b/jwt/__init__.py
@@ -35,6 +35,10 @@
     pass
 
 
+class InvalidAlgorithmError(Exception):
+    pass
+
+
 signing_methods = {
     'HS256': lambda msg, key: hmac.new(key, msg, hashlib.sha256).digest(),
     'HS384': lambda msg, key: hmac.new(key, msg, hashlib.sha384).digest(),
@@ -53,6 +57,14 @@
             key = key.encode('utf-8')
     else:
         raise TypeError("Expecting a string-formatted key.")
+
+    if (b'-----BEGIN PUBLIC KEY-----' in key
+        or b'-----BEGIN CERTIFICATE-----' in key):
+        raise InvalidAlgorithmError(
+            'The specified key is an assymetric key or x509 certificate and'
+            ' should not be used as an HMAC secret.')
+
+
     return key
 
 prepare_key_methods = {