@@ -50,7 +50,10 @@ async function ecdsaKeyPair(namedCurve: 'P-256' | 'P-384' | 'P-521'): Promise<Ke
5050function derToPem ( der : Uint8Array , label : string ) : string {
5151 let b = '' ;
5252 for ( let i = 0 ; i < der . length ; i ++ ) b += String . fromCharCode ( der [ i ] ) ;
53- const b64 = btoa ( b ) . match ( / .{ 1 , 64 } / g) ?. join ( '\n' ) ?? btoa ( b ) ;
53+ const b64 =
54+ btoa ( b )
55+ . match ( / .{ 1 , 64 } / g)
56+ ?. join ( '\n' ) ?? btoa ( b ) ;
5457 return `-----BEGIN ${ label } -----\n${ b64 } \n-----END ${ label } -----` ;
5558}
5659
@@ -61,9 +64,7 @@ const CURVES: Array<{ namedCurve: 'P-256' | 'P-384' | 'P-521'; alg: 'ES256' | 'E
6164 { namedCurve : 'P-521' , alg : 'ES512' } ,
6265 ] ;
6366
64- describe ( 'DPoP proof — JWS conformance vs jose.jwtVerify (RFC 9449 + RFC 7518 §3.4)' , function (
65- this : Mocha . Suite
66- ) {
67+ describe ( 'DPoP proof — JWS conformance vs jose.jwtVerify (RFC 9449 + RFC 7518 §3.4)' , function ( this : Mocha . Suite ) {
6768 this . timeout ( 10_000 ) ;
6869
6970 for ( const { namedCurve, alg } of CURVES ) {
@@ -117,10 +118,7 @@ describe('DPoP proof — JWS conformance vs jose.jwtVerify (RFC 9449 + RFC 7518
117118 ) as jose . ProtectedHeaderParameters ;
118119 const fakeJwk = await crypto . subtle . exportKey (
119120 'jwk' ,
120- await jose . importJWK (
121- ( await proofHeaderJwkFor ( kp2 , alg ) ) as jose . JWK ,
122- alg
123- ) as CryptoKey
121+ ( await jose . importJWK ( ( await proofHeaderJwkFor ( kp2 , alg ) ) as jose . JWK , alg ) ) as CryptoKey
124122 ) ;
125123 delete ( fakeJwk as Record < string , unknown > ) . d ;
126124 delete ( fakeJwk as Record < string , unknown > ) . key_ops ;
@@ -147,10 +145,7 @@ describe('DPoP proof — JWS conformance vs jose.jwtVerify (RFC 9449 + RFC 7518
147145 * Round-tripping through `dpopFn` ensures the JWK shape matches what the
148146 * SDK emits in real proofs.
149147 */
150- async function proofHeaderJwkFor (
151- kp : KeyPair ,
152- alg : 'ES256' | 'ES384' | 'ES512'
153- ) : Promise < unknown > {
148+ async function proofHeaderJwkFor ( kp : KeyPair , alg : 'ES256' | 'ES384' | 'ES512' ) : Promise < unknown > {
154149 const proof = await dpopFn ( kp , DefaultCryptoService , HTU , HTM ) ;
155150 const header = jose . decodeProtectedHeader ( proof ) ;
156151 void alg ; // alg unused; kept in signature for caller clarity
0 commit comments