// Using crypto-js and elliptic librariesasyncfunctionsignRequest(method,path,body,contentType,keyId,privateKeyBase64){consttimestamp=Math.floor(Date.now()/1000).toString();// Build canonical stringconstparts=[method.toUpperCase(),path,timestamp];if (["POST","PUT","PATCH"].includes(method.toUpperCase())&&body){constbodyHash=CryptoJS.SHA256(body).toString(CryptoJS.enc.Hex);parts.push(bodyHash);if (contentType){parts.push(contentType);}}constcanonicalString=parts.join("\n");// Extract private key from DER formatconstderBuffer=CryptoJS.enc.Base64.parse(privateKeyBase64);constderBytes=[];for (leti=0;i<derBuffer.sigBytes;i++){derBytes.push((derBuffer.words[Math.floor(i/4)]>>>(24-(i%4)*8))&0xff);}// Find the 32-byte private key in PKCS#8 DER structureletprivateKeyHex;for (leti=0;i<derBytes.length-32;i++){if (derBytes[i]===0x04&&derBytes[i+1]===0x20){constcandidateKey=derBytes.slice(i+2,i+34);privateKeyHex=candidateKey.map((b)=>b.toString(16).padStart(2,"0")).join("");break;}}if (!privateKeyHex){privateKeyHex=derBytes.slice(-32).map((b)=>b.toString(16).padStart(2,"0")).join("");}// Create signatureconstec=newelliptic.ec("secp256k1");constkeyPair=ec.keyFromPrivate(privateKeyHex,"hex");constmessageHash=CryptoJS.SHA256(canonicalString).toString(CryptoJS.enc.Hex);constsignature=keyPair.sign(messageHash,{canonical:true});// Convert to base64constderSignature=signature.toDER();constsignatureBase64=btoa(String.fromCharCode.apply(null,derSignature));return`Signature ${keyId}:${signatureBase64}:${timestamp}`;}// UsageconstauthHeader=awaitsignRequest("GET","/api/users",null,null,"your-key-id","your-private-key-base64");fetch("/api/users",{headers:{Authorization:authHeader,},});