)
  }

  /** Converts public key bytes to SubjectPublicKeyInfo bytes. */
  private fun encodeKey(
    algorithm: String,
    publicKeyBytes: ByteString,
  ): ByteString {
    val subjectPublicKeyInfo =
      SubjectPublicKeyInfo(
        algorithm = AlgorithmIdentifier(algorithm = algorithm, parameters = null),
        subjectPublicKey = BitString(publicKeyBytes, 0),
      )

  val extensions: List<Extension>,
) {
  /**
   * Returns the standard name of this certificate's signature algorithm as specified by
   * [Signature.getInstance]. Typical values are like "SHA256WithRSA".
   */
  val signatureAlgorithmName: String
    get() {
      return when (signature.algorithm) {
        ObjectIdentifiers.SHA256_WITH_RSA_ENCRYPTION -> "SHA256WithRSA"

        else -> null
      }
    }

  /**
   * ```
   * AlgorithmIdentifier ::= SEQUENCE  {
   *   algorithm      OBJECT IDENTIFIER,
   *   parameters     ANY DEFINED BY algorithm OPTIONAL
   * }
   * ```
   */
  internal val algorithmIdentifier: BasicDerAdapter<AlgorithmIdentifier> =
    Adapters.sequence(
      "AlgorithmIdentifier",

            35:ac:60:46:ad:8d:de:18:dc:0b:f6:98:14:ee:89:e8
        Signature Algorithm: ED25519
        Issuer: CN = consoleAdmin
        Validity
            Not Before: Jul 19 15:08:44 2021 GMT
            Not After : Aug 18 15:08:44 2021 GMT
        Subject: CN = consoleAdmin
        Subject Public Key Info:
            Public Key Algorithm: ED25519
                ED25519 Public-Key:
                pub:

09d25e094faa6ca2556c818166b7a9563b93f7099f6f0f4caa6cf63b88e8d3e7
```

</div>

And copy the output to the variable `SECRET_KEY` (don't use the one in the example).

Create a variable `ALGORITHM` with the algorithm used to sign the JWT token and set it to `"HS256"`.

Create a variable for the expiration of the token.

Define a Pydantic Model that will be used in the token endpoint for the response.

- *If total drives has many common divisors the algorithm chooses the minimum amounts of erasure sets possible for a erasure set size of any N*.  In the example with 1024 drives - 4, 8, 16 are GCD factors. With 16 drives we get a total of 64 possible sets, with 8 drives we get a total of 128 possible sets, with 4 drives we get a total of 256 possible sets. So algorithm automatically chooses 64 sets, which is *16* 64 = 1024* drives in total.

## What is Erasure Code?

          "X-Minio-Internal-Server-Side-Encryption-Seal-Algorithm": "REFSRXYyLUhNQUMtU0hBMjU2",
          "X-Minio-Internal-Server-Side-Encryption-Iv": "bW5YRDhRUGczMVhkc2pJT1V1UVlnbWJBcndIQVhpTUN1dnVBS0QwNUVpaz0=",

      return true
    }

    var pos = pos + 4 // 'xn--'.size.

    // We'd prefer to operate directly on `result` but it doesn't offer insertCodePoint(), only
    // appendCodePoint(). The Punycode algorithm processes code points in increasing code-point
    // order, not in increasing index order.
    val codePoints = mutableListOf<Int>()

    // consume all code points before the last delimiter (if there is one)

    assertThat(Adapters.NULL.fromDer(bytes)).isNull()
    assertThat(Adapters.NULL.toDer(null)).isEqualTo(bytes)
  }

  @Test fun `sequence algorithm`() {
    val bytes = "300d06092a864886f70d01010b0500".decodeHex()
    val algorithmIdentifier =
      AlgorithmIdentifier(
        algorithm = SHA256_WITH_RSA_ENCRYPTION,
        parameters = null,
      )
    assertThat(CertificateAdapters.algorithmIdentifier.fromDer(bytes))