@ledgerhq/hw-ledger-key-ring-protocol 0.2.1-nightly.0

package/lib/NobleCrypto.js

@@ -0,0 +1,298 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.to_hex = exports.NobleCryptoSecp256k1 = void 0;
+const secp256k1 = __importStar(require("secp256k1"));
+const ecc = __importStar(require("tiny-secp256k1"));
+const bip32_1 = require("bip32");
+const create_hmac_1 = __importDefault(require("create-hmac"));
+const crypto = __importStar(require("crypto"));
+const bip32 = (0, bip32_1.BIP32Factory)(ecc);
+const AES_BLOCK_SIZE = 16;
+const PRIVATE_KEY_SIZE = 32;
+class NobleCryptoSecp256k1 {
+    randomKeypair() {
+        return __awaiter(this, void 0, void 0, function* () {
+            let pk;
+            do {
+                pk = crypto.randomBytes(PRIVATE_KEY_SIZE);
+            } while (!secp256k1.privateKeyVerify(pk));
+            return this.keypairFromSecretKey(pk);
+        });
+    }
+    derivePrivate(xpriv, path) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const pk = xpriv.slice(0, 32);
+            const chainCode = xpriv.slice(32);
+            let node = bip32.fromPrivateKey(Buffer.from(pk), Buffer.from(chainCode));
+            for (const index of path) {
+                node = node.derive(index);
+            }
+            return {
+                publicKey: this.to_array(node.publicKey),
+                privateKey: this.to_array(node.privateKey),
+                chainCode: this.to_array(node.chainCode),
+            };
+        });
+    }
+    keypairFromSecretKey(secretKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return {
+                publicKey: secp256k1.publicKeyCreate(secretKey),
+                privateKey: secretKey,
+            };
+        });
+    }
+    derEncode(R, S) {
+        if (R[0] > 0x7f) {
+            R = this.concat(new Uint8Array([0x00]), R);
+        }
+        if (S[0] > 0x7f) {
+            S = this.concat(new Uint8Array([0x00]), S);
+        }
+        R = this.concat(new Uint8Array([0x02, R.length]), R);
+        S = this.concat(new Uint8Array([0x02, S.length]), S);
+        const prefix = new Uint8Array([0x30, R.length + S.length]);
+        return this.concat(prefix, this.concat(R, S));
+    }
+    derDecode(signature) {
+        const R = signature.slice(4, 4 + signature[3]);
+        const S = signature.slice(6 + signature[3], 6 + signature[3] + signature[5 + signature[3]]);
+        return {
+            R: this.enforceLength(R, PRIVATE_KEY_SIZE),
+            S: this.enforceLength(S, PRIVATE_KEY_SIZE),
+        };
+    }
+    sign(message, keyPair) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const signature = secp256k1.ecdsaSign(message, keyPair.privateKey).signature;
+            // DER encoding
+            return this.derEncode(signature.slice(0, 32), signature.slice(32, 64));
+        });
+    }
+    verify(message, signature, publicKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // DER decoding
+            const { R, S } = this.derDecode(signature);
+            return secp256k1.ecdsaVerify(this.concat(R, S), message, publicKey);
+        });
+    }
+    to_array(buffer) {
+        return new Uint8Array(buffer);
+    }
+    normalizeKey(key) {
+        if (key.length === 32) {
+            return key;
+        }
+        throw new Error("Invalid key length for AES-256 " + `(invalid length is ${key.length})`);
+    }
+    normalizeNonce(nonce) {
+        if (nonce.length < 16) {
+            throw new Error("Invalid nonce length (must be 128bits) " + `(invalid length is ${nonce.length})`);
+        }
+        return nonce.slice(0, 16);
+    }
+    concat(a, b) {
+        const c = new Uint8Array(a.length + b.length);
+        c.set(a);
+        c.set(b, a.length);
+        return c;
+    }
+    enforceLength(buffer, length) {
+        if (buffer.length > length) {
+            return buffer.slice(buffer.length - length); // truncate extra bytes from the start
+        }
+        else if (buffer.length < length) {
+            const padded = new Uint8Array(length);
+            const start = length - buffer.length;
+            padded.set(Array(start).fill(0));
+            padded.set(buffer, start);
+            return padded;
+        }
+        return buffer;
+    }
+    pad(message) {
+        // ISO9797M2 implementation
+        const padLength = AES_BLOCK_SIZE - (message.length % AES_BLOCK_SIZE);
+        if (padLength === AES_BLOCK_SIZE) {
+            return message;
+        }
+        const padding = new Uint8Array(padLength);
+        padding[0] = 0x80;
+        padding.fill(0, 1);
+        return this.concat(message, padding);
+    }
+    unpad(message) {
+        // ISO9797M2 implementation
+        for (let i = message.length - 1; i >= 0; i--) {
+            if (message[i] === 0x80) {
+                return message.slice(0, i);
+            }
+            if (message[i] !== 0x00) {
+                return message;
+            }
+        }
+        throw new Error("Invalid padding");
+    }
+    encrypt(secret, nonce, message) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const normalizedSecret = this.normalizeKey(secret);
+            const normalizeNonce = this.normalizeNonce(nonce);
+            const cipher = crypto.createCipheriv("aes-256-gcm", normalizedSecret, normalizeNonce);
+            cipher.setAutoPadding(false);
+            let result = cipher.update(this.to_hex(message), "hex", "hex");
+            result += cipher.final("hex");
+            const bytes = this.from_hex(result);
+            return this.concat(bytes, cipher.getAuthTag());
+        });
+    }
+    decrypt(secret, nonce, ciphertext) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const normalizedSecret = this.normalizeKey(secret);
+            const normalizeNonce = this.normalizeNonce(nonce);
+            const encryptedData = ciphertext.slice(0, ciphertext.length - AES_BLOCK_SIZE);
+            const authTag = ciphertext.slice(encryptedData.length);
+            const decipher = crypto.createDecipheriv("aes-256-gcm", normalizedSecret, normalizeNonce);
+            decipher.setAuthTag(authTag);
+            let result = decipher.update(this.to_hex(encryptedData), "hex", "hex");
+            result += decipher.final("hex");
+            return this.from_hex(result);
+        });
+    }
+    /**
+     * Ledger Live data are encrypted following pattern based on ECIES.
+     * For each encryption the Ledger Live instance generates a random keypair over secp256k1 (ephemeral public key)
+     * and a 16 bytes IV. Ledger Live then perform an ECDH between the command stream public key and
+     * the ephemeral private key to get the encryption key.
+     * The data is then encrypted using AES-256-GCM and serialized using the following format:
+  1 byte : Version of the format (0x00)
+  33 bytes : Compressed ephemeral public key
+  16 bytes : Nonce/IV
+  16 bytes : Tag/MAC (from AES-256-GCM)
+  variable : Encrypted data
+     */
+    encryptUserData(commandStreamPrivateKey, data) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // Generate ephemeral key pair
+            const ephemeralKeypair = yield this.randomKeypair();
+            // Derive the shared secret using ECDH
+            const sharedSecret = yield this.ecdh(yield this.keypairFromSecretKey(commandStreamPrivateKey), ephemeralKeypair.publicKey);
+            // Normalize the shared secret to be used as AES key
+            const aesKey = yield this.computeSymmetricKey(sharedSecret, new Uint8Array());
+            // Generate a random IV (nonce)
+            const iv = crypto.randomBytes(16);
+            // Encrypt the data using AES-256-GCM
+            const cipher = crypto.createCipheriv("aes-256-gcm", aesKey, iv);
+            let encryptedData = cipher.update(data);
+            encryptedData = Buffer.concat([encryptedData, cipher.final()]);
+            const tag = cipher.getAuthTag();
+            // Serialize the format
+            const result = new Uint8Array(1 + ephemeralKeypair.publicKey.length + iv.length + tag.length + encryptedData.length);
+            result[0] = 0x00; // Version of the format
+            result.set(ephemeralKeypair.publicKey, 1);
+            result.set(iv, 34);
+            result.set(tag, 50);
+            result.set(encryptedData, 66);
+            return result;
+        });
+    }
+    decryptUserData(commandStreamPrivateKey, data) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const version = data[0];
+            if (version !== 0x00) {
+                throw new Error("Unsupported format version");
+            }
+            const ephemeralPublicKey = data.slice(1, 34);
+            const iv = data.slice(34, 50);
+            const tag = data.slice(50, 66);
+            const encryptedData = data.slice(66);
+            // Derive the shared secret using ECDH
+            const sharedSecret = yield this.ecdh(yield this.keypairFromSecretKey(commandStreamPrivateKey), ephemeralPublicKey);
+            // Normalize the shared secret to be used as AES key
+            const aesKey = yield this.computeSymmetricKey(sharedSecret, new Uint8Array());
+            // Decrypt the data using AES-256-GCM
+            const decipher = crypto.createDecipheriv("aes-256-gcm", aesKey, iv);
+            decipher.setAuthTag(tag);
+            let decryptedData = decipher.update(encryptedData);
+            decryptedData = Buffer.concat([decryptedData, decipher.final()]);
+            return new Uint8Array(decryptedData.buffer, decryptedData.byteOffset, decryptedData.byteLength);
+        });
+    }
+    randomBytes(size) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return crypto.randomBytes(size);
+        });
+    }
+    ecdh(keyPair, publicKey) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const pubkey = Buffer.from(publicKey);
+            const privkey = Buffer.from(keyPair.privateKey);
+            const point = ecc.pointMultiply(pubkey, privkey, ecc.isPointCompressed(pubkey));
+            return point.slice(1);
+        });
+    }
+    computeSymmetricKey(privateKey, extra) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const digest = (0, create_hmac_1.default)("sha256", Buffer.from(extra)).update(Buffer.from(privateKey)).digest();
+            return digest;
+        });
+    }
+    hash(message) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return crypto.createHash("sha256").update(Buffer.from(message)).digest();
+        });
+    }
+    from_hex(hex) {
+        const bytes = new Uint8Array(hex.length / 2);
+        for (let i = 0; i < hex.length; i += 2) {
+            bytes[i / 2] = parseInt(hex[i] + hex[i + 1], 16);
+        }
+        return bytes;
+    }
+    to_hex(bytes) {
+        return to_hex(bytes);
+    }
+}
+exports.NobleCryptoSecp256k1 = NobleCryptoSecp256k1;
+function to_hex(bytes) {
+    if (!bytes) {
+        return "";
+    }
+    return bytes.reduce((str, byte) => str + byte.toString(16).padStart(2, "0"), "");
+}
+exports.to_hex = to_hex;
+//# sourceMappingURL=NobleCrypto.js.map

package/lib/NobleCrypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"NobleCrypto.js","sourceRoot":"","sources":["../src/NobleCrypto.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qDAAuC;AACvC,oDAAsC;AACtC,iCAAqC;AACrC,8DAA+B;AAC/B,+CAAiC;AAIjC,MAAM,KAAK,GAAG,IAAA,oBAAY,EAAC,GAAG,CAAC,CAAC;AAChC,MAAM,cAAc,GAAG,EAAE,CAAC;AAC1B,MAAM,gBAAgB,GAAG,EAAE,CAAC;AAE5B,MAAa,oBAAoB;IACzB,aAAa;;YACjB,IAAI,EAAc,CAAC;YACnB,GAAG,CAAC;gBACF,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;YAC5C,CAAC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,CAAC,EAAE,CAAC,EAAE;YAC1C,OAAO,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;QACvC,CAAC;KAAA;IAEK,aAAa,CAAC,KAAiB,EAAE,IAAc;;YACnD,MAAM,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC9B,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClC,IAAI,IAAI,GAAG,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;YACzE,KAAK,MAAM,KAAK,IAAI,IAAI,EAAE,CAAC;gBACzB,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;YACD,OAAO;gBACL,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;gBACxC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAW,CAAC;gBAC3C,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;aACzC,CAAC;QACJ,CAAC;KAAA;IAEK,oBAAoB,CAAC,SAAqB;;YAC9C,OAAO;gBACL,SAAS,EAAE,SAAS,CAAC,eAAe,CAAC,SAAS,CAAC;gBAC/C,UAAU,EAAE,SAAS;aACtB,CAAC;QACJ,CAAC;KAAA;IAEO,SAAS,CAAC,CAAa,EAAE,CAAa;QAC5C,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC;YAChB,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,EAAE,CAAC;YAChB,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7C,CAAC;QACD,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrD,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;IAEO,SAAS,CAAC,SAAqB;QACrC,MAAM,CAAC,GAAe,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3D,MAAM,CAAC,GAAe,SAAS,CAAC,KAAK,CACnC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,EAChB,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,CAC/C,CAAC;QACF,OAAO;YACL,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,gBAAgB,CAAC;YAC1C,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,gBAAgB,CAAC;SAC3C,CAAC;IACJ,CAAC;IAEK,IAAI,CAAC,OAAmB,EAAE,OAAgB;;YAC9C,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC;YAC7E,eAAe;YACf,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC;KAAA;IAEK,MAAM,CACV,OAAmB,EACnB,SAAqB,EACrB,SAAqB;;YAErB,eAAe;YACf,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAC3C,OAAO,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QACtE,CAAC;KAAA;IAEO,QAAQ,CAAC,MAAc;QAC7B,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;IAEO,YAAY,CAAC,GAAe;QAClC,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACtB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,iCAAiC,GAAG,sBAAsB,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IAC3F,CAAC;IAEO,cAAc,CAAC,KAAiB;QACtC,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CACb,yCAAyC,GAAG,sBAAsB,KAAK,CAAC,MAAM,GAAG,CAClF,CAAC;QACJ,CAAC;QACD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC5B,CAAC;IAEO,MAAM,CAAC,CAAa,EAAE,CAAa;QACzC,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;QAC9C,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACT,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;QACnB,OAAO,CAAC,CAAC;IACX,CAAC;IAEO,aAAa,CAAC,MAAkB,EAAE,MAAc;QACtD,IAAI,MAAM,CAAC,MAAM,GAAG,MAAM,EAAE,CAAC;YAC3B,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,sCAAsC;QACrF,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,GAAG,MAAM,EAAE,CAAC;YAClC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;YACtC,MAAM,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;YACrC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACjC,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YAC1B,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,GAAG,CAAC,OAAmB;QAC7B,2BAA2B;QAC3B,MAAM,SAAS,GAAG,cAAc,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,cAAc,CAAC,CAAC;QACrE,IAAI,SAAS,KAAK,cAAc,EAAE,CAAC;YACjC,OAAO,OAAO,CAAC;QACjB,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;QAC1C,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAEO,KAAK,CAAC,OAAmB;QAC/B,2BAA2B;QAC3B,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACxB,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7B,CAAC;YACD,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACxB,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IAEK,OAAO,CAAC,MAAkB,EAAE,KAAiB,EAAE,OAAmB;;YACtE,MAAM,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YACnD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;YACtF,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YAC7B,IAAI,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;YAC/D,MAAM,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC9B,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpC,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACjD,CAAC;KAAA;IAEK,OAAO,CACX,MAAkB,EAClB,KAAiB,EACjB,UAAsB;;YAEtB,MAAM,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YACnD,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,MAAM,GAAG,cAAc,CAAC,CAAC;YAC9E,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;YACvD,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;YAC1F,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC7B,IAAI,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;YACvE,MAAM,IAAI,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/B,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACG,eAAe,CACnB,uBAAmC,EACnC,IAAgB;;YAEhB,8BAA8B;YAC9B,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;YAEpD,sCAAsC;YACtC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,IAAI,CAClC,MAAM,IAAI,CAAC,oBAAoB,CAAC,uBAAuB,CAAC,EACxD,gBAAgB,CAAC,SAAS,CAC3B,CAAC;YAEF,oDAAoD;YACpD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,YAAY,EAAE,IAAI,UAAU,EAAE,CAAC,CAAC;YAE9E,+BAA+B;YAC/B,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAElC,qCAAqC;YACrC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;YAChE,IAAI,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACxC,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAC/D,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;YAEhC,uBAAuB;YACvB,MAAM,MAAM,GAAG,IAAI,UAAU,CAC3B,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CACtF,CAAC;YACF,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,wBAAwB;YAC1C,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACnB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;YAE9B,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEK,eAAe,CACnB,uBAAmC,EACnC,IAAgB;;YAEhB,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACxB,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAChD,CAAC;YACD,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7C,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAErC,sCAAsC;YACtC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,IAAI,CAClC,MAAM,IAAI,CAAC,oBAAoB,CAAC,uBAAuB,CAAC,EACxD,kBAAkB,CACnB,CAAC;YAEF,oDAAoD;YACpD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,YAAY,EAAE,IAAI,UAAU,EAAE,CAAC,CAAC;YAE9E,qCAAqC;YACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;YACpE,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YACzB,IAAI,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACnD,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YACjE,OAAO,IAAI,UAAU,CAAC,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,UAAU,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;QAClG,CAAC;KAAA;IAEK,WAAW,CAAC,IAAY;;YAC5B,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC;KAAA;IAEK,IAAI,CAAC,OAAgB,EAAE,SAAqB;;YAChD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACtC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAChD,MAAM,KAAK,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAE,CAAC;YACjF,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;KAAA;IAEK,mBAAmB,CAAC,UAAsB,EAAE,KAAiB;;YACjE,MAAM,MAAM,GAAG,IAAA,qBAAI,EAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;YAC3F,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAEK,IAAI,CAAC,OAAmB;;YAC5B,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QAC3E,CAAC;KAAA;IAED,QAAQ,CAAC,GAAW;QAClB,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,CAAC,KAAqC;QAC1C,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;CACF;AAlRD,oDAkRC;AAED,SAAgB,MAAM,CAAC,KAAqC;IAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;AACnF,CAAC;AALD,wBAKC"}

package/lib/PublicKey.d.ts

@@ -0,0 +1,5 @@
+export declare class PublicKey {
+    publicKey: Uint8Array;
+    constructor(publicKey: Uint8Array);
+}
+//# sourceMappingURL=PublicKey.d.ts.map

package/lib/PublicKey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PublicKey.d.ts","sourceRoot":"","sources":["../src/PublicKey.ts"],"names":[],"mappings":"AAAA,qBAAa,SAAS;IACpB,SAAS,EAAE,UAAU,CAAC;gBACV,SAAS,EAAE,UAAU;CAGlC"}

package/lib/PublicKey.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PublicKey = void 0;
+class PublicKey {
+    constructor(publicKey) {
+        this.publicKey = publicKey;
+    }
+}
+exports.PublicKey = PublicKey;
+//# sourceMappingURL=PublicKey.js.map

package/lib/PublicKey.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PublicKey.js","sourceRoot":"","sources":["../src/PublicKey.ts"],"names":[],"mappings":";;;AAAA,MAAa,SAAS;IAEpB,YAAY,SAAqB;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AALD,8BAKC"}

package/lib/SeedId.d.ts

@@ -0,0 +1,80 @@
+export declare class PubKeyCredential {
+    version: number;
+    curveId: number;
+    signAlgorithm: number;
+    publicKey: Uint8Array;
+    constructor({ version, curveId, signAlgorithm, publicKey, }: {
+        version: number;
+        curveId: number;
+        signAlgorithm: number;
+        publicKey: Uint8Array;
+    });
+    static fromBytes(data: any, offset?: number): [PubKeyCredential, number];
+    toBytes(): Uint8Array;
+    toJSON(): {
+        version: number;
+        curveId: number;
+        signAlgorithm: number;
+        publicKey: string;
+    };
+    assertValidity(): void;
+}
+export type SemVer = {
+    major: number;
+    minor: number;
+    patch: number;
+};
+export declare class Challenge {
+    payloadType: number;
+    version: number;
+    protocolVersion: SemVer;
+    challengeData: Uint8Array;
+    challengeExpiry: Date;
+    host: string;
+    rpCredential: PubKeyCredential;
+    rpSignature: Uint8Array;
+    constructor({ payloadType, version, protocolVersion, challengeData, challengeExpiry, host, rpCredential, rpSignature, }: {
+        payloadType: number;
+        version: number;
+        protocolVersion: SemVer;
+        challengeData: Uint8Array;
+        challengeExpiry: Date;
+        host: string;
+        rpCredential: PubKeyCredential;
+        rpSignature: Uint8Array;
+    });
+    static fromBytes(data: Uint8Array, offset?: number): [Challenge, number];
+    toBytes(): Uint8Array;
+    getUnsignedTLV(): Uint8Array;
+    toJSON(): {
+        payloadType: number;
+        version: number;
+        protocolVersion: SemVer;
+        challenge: {
+            data: string;
+            expiry: string;
+        };
+        host: string;
+        rp: {
+            credential: {
+                version: number;
+                curveId: number;
+                signAlgorithm: number;
+                publicKey: string;
+            };
+            signature: string;
+        }[];
+    };
+    getProtocolVersionData(): Uint8Array;
+    getChallengeExpireValue(): number;
+}
+export type SeedIdResult = {
+    pubkeyCredential: PubKeyCredential;
+    signature: Uint8Array;
+    attestationType: number;
+    attestationPubkeyCredential: PubKeyCredential;
+    attestation: Uint8Array;
+    attestationResult: Uint8Array;
+};
+export declare function parseSeedIdResult(result: Uint8Array): SeedIdResult;
+//# sourceMappingURL=SeedId.d.ts.map

package/lib/SeedId.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SeedId.d.ts","sourceRoot":"","sources":["../src/SeedId.ts"],"names":[],"mappings":"AAIA,qBAAa,gBAAgB;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,UAAU,CAAC;gBAEV,EACV,OAAO,EACP,OAAO,EACP,aAAa,EACb,SAAS,GACV,EAAE;QACD,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,aAAa,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,UAAU,CAAC;KACvB;IAOD,MAAM,CAAC,SAAS,CAAC,IAAI,KAAA,EAAE,MAAM,SAAI,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAmB9D,OAAO,IAAI,UAAU;IAWrB,MAAM;;;;;;IASN,cAAc;CAcf;AAED,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,qBAAa,SAAS;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,UAAU,CAAC;IAC1B,eAAe,EAAE,IAAI,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,gBAAgB,CAAC;IAC/B,WAAW,EAAE,UAAU,CAAC;gBAEZ,EACV,WAAW,EACX,OAAO,EACP,eAAe,EACf,aAAa,EACb,eAAe,EACf,IAAI,EACJ,YAAY,EACZ,WAAW,GACZ,EAAE;QACD,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE,MAAM,CAAC;QAChB,eAAe,EAAE,MAAM,CAAC;QACxB,aAAa,EAAE,UAAU,CAAC;QAC1B,eAAe,EAAE,IAAI,CAAC;QACtB,IAAI,EAAE,MAAM,CAAC;QACb,YAAY,EAAE,gBAAgB,CAAC;QAC/B,WAAW,EAAE,UAAU,CAAC;KACzB;IAWD,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,SAAI,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC;IA8FnE,OAAO,IAAI,UAAU;IAuBrB,cAAc,IAAI,UAAU;IAY5B,MAAM;;;;;;;;;;;;;;;;;;;IAmBN,sBAAsB,IAAI,UAAU;IASpC,uBAAuB,IAAI,MAAM;CAGlC;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,SAAS,EAAE,UAAU,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;IACxB,2BAA2B,EAAE,gBAAgB,CAAC;IAC9C,WAAW,EAAE,UAAU,CAAC;IACxB,iBAAiB,EAAE,UAAU,CAAC;CAC/B,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,UAAU,GAAG,YAAY,CAuClE"}

package/lib/SeedId.js

@@ -0,0 +1,244 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseSeedIdResult = exports.Challenge = exports.PubKeyCredential = void 0;
+const BigEndian_1 = __importDefault(require("./BigEndian"));
+const Crypto_1 = require("./Crypto");
+const tlv_1 = require("./tlv");
+class PubKeyCredential {
+    constructor({ version, curveId, signAlgorithm, publicKey, }) {
+        this.version = version;
+        this.curveId = curveId;
+        this.signAlgorithm = signAlgorithm;
+        this.publicKey = publicKey;
+    }
+    static fromBytes(data, offset = 0) {
+        const view = new DataView(data.buffer, data.byteOffset + offset);
+        const version = view.getUint8(0);
+        const curveId = view.getUint8(1);
+        const signAlgorithm = view.getUint8(2);
+        const publicKeyLength = view.getUint8(3);
+        const publicKey = new Uint8Array(data.buffer, data.byteOffset + offset + 4, publicKeyLength);
+        return [
+            new PubKeyCredential({
+                version,
+                curveId,
+                signAlgorithm,
+                publicKey,
+            }),
+            4 + publicKeyLength,
+        ];
+    }
+    toBytes() {
+        const result = new Uint8Array(4 + this.publicKey.length);
+        const view = new DataView(result.buffer);
+        view.setUint8(0, this.version);
+        view.setUint8(1, this.curveId);
+        view.setUint8(2, this.signAlgorithm);
+        view.setUint8(3, this.publicKey.length);
+        result.set(this.publicKey, 4);
+        return result;
+    }
+    toJSON() {
+        return {
+            version: this.version,
+            curveId: this.curveId,
+            signAlgorithm: this.signAlgorithm,
+            publicKey: Crypto_1.crypto.to_hex(this.publicKey),
+        };
+    }
+    assertValidity() {
+        if (this.version !== 0x00) {
+            throw new Error(`PubKeyCredential: Wrong version: ${this.version}`);
+        }
+        if (this.curveId !== 0x21) {
+            throw new Error(`PubKeyCredential: Wrong curve id: ${this.curveId}`);
+        }
+        if (this.signAlgorithm !== 0x01) {
+            throw new Error(`PubKeyCredential: Wrong sign algorithm: ${this.signAlgorithm}`);
+        }
+        if (this.publicKey.length !== 0x21) {
+            throw new Error(`PubKeyCredential: Wrong pubkey len: ${this.publicKey.length}`);
+        }
+    }
+}
+exports.PubKeyCredential = PubKeyCredential;
+class Challenge {
+    constructor({ payloadType, version, protocolVersion, challengeData, challengeExpiry, host, rpCredential, rpSignature, }) {
+        this.payloadType = payloadType;
+        this.version = version;
+        this.protocolVersion = protocolVersion;
+        this.challengeData = challengeData;
+        this.challengeExpiry = challengeExpiry;
+        this.host = host;
+        this.rpCredential = rpCredential;
+        this.rpSignature = rpSignature;
+    }
+    static fromBytes(data, offset = 0) {
+        let index = offset;
+        const all = tlv_1.TLV.readAllTLV(data, offset);
+        const byType = {};
+        for (const tlv of all) {
+            index += tlv.value.length + 2;
+            byType[tlv.type] = tlv.value;
+            // console.log(tlv.type.toString(16), "(" + tlv.value.length + ")", crypto.to_hex(tlv.value));
+        }
+        const payloadTypeField = byType[0x01];
+        if (payloadTypeField === undefined) {
+            throw new Error("Missing payloadType");
+        }
+        const payloadType = payloadTypeField[0];
+        const versionField = byType[0x02];
+        if (versionField === undefined) {
+            throw new Error("Missing version");
+        }
+        const version = versionField[0];
+        const protocolVersionField = byType[0x60];
+        if (protocolVersionField === undefined) {
+            throw new Error("Missing protocolVersion");
+        }
+        const protocolVersion = {
+            major: protocolVersionField[0],
+            minor: protocolVersionField[1],
+            patch: protocolVersionField[2],
+        };
+        const challengeDataField = byType[0x12];
+        if (challengeDataField === undefined) {
+            throw new Error("Missing challengeData");
+        }
+        const challengeData = challengeDataField;
+        const challengeExpiryField = byType[0x16];
+        if (challengeExpiryField === undefined) {
+            throw new Error("Missing challengeExpiry");
+        }
+        const challengeExpiry = new Date(1000 * BigEndian_1.default.arrayToNumber(challengeExpiryField));
+        const hostField = byType[0x20];
+        if (hostField === undefined) {
+            throw new Error("Missing host");
+        }
+        const host = new TextDecoder().decode(hostField);
+        const signAlgorithmField = byType[0x14];
+        if (signAlgorithmField === undefined) {
+            throw new Error("Missing signAlgorithm");
+        }
+        const signAlgorithm = signAlgorithmField[0];
+        const publicKey = byType[0x33];
+        if (publicKey === undefined) {
+            throw new Error("Missing rpCredential");
+        }
+        const curveIdField = byType[0x32];
+        if (curveIdField === undefined) {
+            throw new Error("Missing curveId");
+        }
+        const curveId = curveIdField[0];
+        const rpCredential = new PubKeyCredential({
+            version,
+            curveId,
+            signAlgorithm,
+            publicKey,
+        });
+        const rpSignatureField = byType[0x15];
+        if (rpSignatureField === undefined) {
+            throw new Error("Missing rpSignature");
+        }
+        const rpSignature = rpSignatureField;
+        const challenge = new Challenge({
+            payloadType,
+            protocolVersion,
+            version,
+            challengeData,
+            challengeExpiry,
+            host,
+            rpCredential,
+            rpSignature,
+        });
+        return [challenge, index - offset];
+    }
+    toBytes() {
+        let buffer = new Uint8Array();
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x01, 1, new Uint8Array([this.payloadType]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x02, 1, new Uint8Array([this.version]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x12, this.challengeData.length, this.challengeData);
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x14, 1, new Uint8Array([this.rpCredential.signAlgorithm]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x15, this.rpSignature.length, this.rpSignature);
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x16, 4, BigEndian_1.default.numberToArray(this.getChallengeExpireValue()));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x20, this.host.length, new TextEncoder().encode(this.host));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x32, 1, new Uint8Array([this.rpCredential.curveId]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x33, this.rpCredential.publicKey.length, this.rpCredential.publicKey);
+        const data = this.getProtocolVersionData();
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x60, data.length, data);
+        return buffer;
+    }
+    getUnsignedTLV() {
+        let buffer = new Uint8Array();
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x01, 1, new Uint8Array([this.payloadType]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x02, 1, new Uint8Array([this.version]));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x12, this.challengeData.length, this.challengeData);
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x16, 4, BigEndian_1.default.numberToArray(this.getChallengeExpireValue()));
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x20, this.host.length, new TextEncoder().encode(this.host));
+        const data = this.getProtocolVersionData();
+        buffer = tlv_1.TLV.pushTLV(buffer, 0x60, data.length, data);
+        return buffer;
+    }
+    toJSON() {
+        return {
+            payloadType: this.payloadType,
+            version: this.version,
+            protocolVersion: this.protocolVersion,
+            challenge: {
+                data: Crypto_1.crypto.to_hex(this.challengeData),
+                expiry: this.challengeExpiry.toISOString(),
+            },
+            host: this.host,
+            rp: [
+                {
+                    credential: this.rpCredential.toJSON(),
+                    signature: Crypto_1.crypto.to_hex(this.rpSignature),
+                },
+            ],
+        };
+    }
+    getProtocolVersionData() {
+        return new Uint8Array([
+            this.protocolVersion.major,
+            this.protocolVersion.minor,
+            this.protocolVersion.patch,
+            0,
+        ]);
+    }
+    getChallengeExpireValue() {
+        return Math.floor(this.challengeExpiry.getTime() / 1000);
+    }
+}
+exports.Challenge = Challenge;
+function parseSeedIdResult(result) {
+    let offset = 0;
+    const [pubkeyCredential, pubkeyCredentialLength] = PubKeyCredential.fromBytes(result, offset);
+    pubkeyCredential.assertValidity();
+    offset += pubkeyCredentialLength;
+    const signatureLen = result[offset];
+    offset += 1;
+    const signature = new Uint8Array(result.buffer, result.byteOffset + offset, signatureLen);
+    offset += signatureLen;
+    const attestationResult = new Uint8Array(result.slice(offset));
+    const attestationType = result[offset];
+    offset += 1;
+    const [attestationPubkeyCredential, attestationPubkeyCredentialLength] = PubKeyCredential.fromBytes(result, offset);
+    attestationPubkeyCredential.assertValidity();
+    offset += attestationPubkeyCredentialLength;
+    const attestationLen = result[offset];
+    offset += 1;
+    const attestation = new Uint8Array(result.buffer, result.byteOffset + offset, attestationLen);
+    return {
+        pubkeyCredential,
+        signature,
+        attestationType,
+        attestationPubkeyCredential,
+        attestation,
+        attestationResult,
+    };
+}
+exports.parseSeedIdResult = parseSeedIdResult;
+//# sourceMappingURL=SeedId.js.map