@mentaproject/signer-react-native 0.0.1

package/dist/utils/base64url.js

@@ -0,0 +1,142 @@
+import { toHex } from "viem";
+/**
+ * Converts a Base64URL encoded string to a Uint8Array.
+ * Base64URL uses - instead of + and _ instead of /, with no padding.
+ *
+ * @param base64url - The Base64URL encoded string
+ * @returns The decoded bytes as Uint8Array
+ */
+export function base64UrlToBytes(base64url) {
+    // Convert Base64URL to standard Base64
+    let base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
+    // Add padding if needed
+    const padding = base64.length % 4;
+    if (padding) {
+        base64 += "=".repeat(4 - padding);
+    }
+    // Decode Base64 to binary string
+    const binaryString = atob(base64);
+    // Convert binary string to Uint8Array
+    const bytes = new Uint8Array(binaryString.length);
+    for (let i = 0; i < binaryString.length; i++) {
+        bytes[i] = binaryString.charCodeAt(i);
+    }
+    return bytes;
+}
+/**
+ * Converts a Uint8Array to a Base64URL encoded string.
+ *
+ * @param bytes - The bytes to encode
+ * @returns The Base64URL encoded string (no padding)
+ */
+export function bytesToBase64Url(bytes) {
+    // Convert bytes to binary string
+    let binaryString = "";
+    for (let i = 0; i < bytes.length; i++) {
+        binaryString += String.fromCharCode(bytes[i]);
+    }
+    // Encode to Base64
+    const base64 = btoa(binaryString);
+    // Convert to Base64URL (remove padding, replace + with -, / with _)
+    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+/**
+ * Converts a Base64URL encoded string to a Hex string.
+ *
+ * @param base64url - The Base64URL encoded string
+ * @returns The hex representation with 0x prefix
+ */
+export function base64UrlToHex(base64url) {
+    const bytes = base64UrlToBytes(base64url);
+    return toHex(bytes);
+}
+/**
+ * Converts a Hex string to a Base64URL encoded string.
+ *
+ * @param hex - The hex string (with or without 0x prefix)
+ * @returns The Base64URL encoded string
+ */
+export function hexToBase64Url(hex) {
+    // Remove 0x prefix if present
+    const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
+    // Convert hex to bytes
+    const bytes = new Uint8Array(cleanHex.length / 2);
+    for (let i = 0; i < cleanHex.length; i += 2) {
+        bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);
+    }
+    return bytesToBase64Url(bytes);
+}
+/**
+ * Converts a Uint8Array to a Hex string.
+ *
+ * @param bytes - The bytes to convert
+ * @returns The hex representation with 0x prefix
+ */
+export function bytesToHex(bytes) {
+    return toHex(bytes);
+}
+/**
+ * Converts a Hex string to a Uint8Array.
+ *
+ * @param hex - The hex string (with or without 0x prefix)
+ * @returns The bytes as Uint8Array
+ */
+export function hexToBytes(hex) {
+    const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
+    const bytes = new Uint8Array(cleanHex.length / 2);
+    for (let i = 0; i < cleanHex.length; i += 2) {
+        bytes[i / 2] = parseInt(cleanHex.slice(i, i + 2), 16);
+    }
+    return bytes;
+}
+/**
+ * Converts a UTF-8 string to a Base64URL encoded string.
+ *
+ * @param str - The UTF-8 string
+ * @returns The Base64URL encoded string
+ */
+export function stringToBase64Url(str) {
+    const encoder = new TextEncoder();
+    const bytes = encoder.encode(str);
+    return bytesToBase64Url(bytes);
+}
+/**
+ * Converts a Base64URL encoded string to a UTF-8 string.
+ *
+ * @param base64url - The Base64URL encoded string
+ * @returns The decoded UTF-8 string
+ */
+export function base64UrlToString(base64url) {
+    const bytes = base64UrlToBytes(base64url);
+    const decoder = new TextDecoder();
+    return decoder.decode(bytes);
+}
+/**
+ * Pads a hex value to ensure it has the specified byte length.
+ * Useful for ensuring coordinates are 32 bytes.
+ *
+ * @param hex - The hex string to pad
+ * @param byteLength - The desired byte length (default: 32)
+ * @returns The padded hex string with 0x prefix
+ */
+export function padHex(hex, byteLength = 32) {
+    const cleanHex = hex.startsWith("0x") ? hex.slice(2) : hex;
+    const targetLength = byteLength * 2;
+    if (cleanHex.length >= targetLength) {
+        return `0x${cleanHex.slice(-targetLength)}`;
+    }
+    return `0x${cleanHex.padStart(targetLength, "0")}`;
+}
+/**
+ * Concatenates multiple Hex values into a single Hex value.
+ *
+ * @param hexValues - The hex values to concatenate
+ * @returns The concatenated hex string with 0x prefix
+ */
+export function concatHex(...hexValues) {
+    const combined = hexValues
+        .map((h) => (h.startsWith("0x") ? h.slice(2) : h))
+        .join("");
+    return `0x${combined}`;
+}
+//# sourceMappingURL=base64url.js.map

package/dist/utils/base64url.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base64url.js","sourceRoot":"","sources":["../../src/utils/base64url.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAY,MAAM,MAAM,CAAC;AAEvC;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAChD,uCAAuC;IACvC,IAAI,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAE7D,wBAAwB;IACxB,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IAClC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,iCAAiC;IACjC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAElC,sCAAsC;IACtC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,KAAK,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAiB;IAChD,iCAAiC;IACjC,IAAI,YAAY,GAAG,EAAE,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;IAED,mBAAmB;IACnB,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;IAElC,oEAAoE;IACpE,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC3E,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,SAAiB;IAC9C,MAAM,KAAK,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC;AACtB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,GAAQ;IACrC,8BAA8B;IAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAE3D,uBAAuB;IACvB,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,gBAAgB,CAAC,KAAK,CAAC,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC;AACtB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,GAAQ;IACjC,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAClC,OAAO,gBAAgB,CAAC,KAAK,CAAC,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAiB;IACjD,MAAM,KAAK,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM,CAAC,GAAQ,EAAE,UAAU,GAAG,EAAE;IAC9C,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3D,MAAM,YAAY,GAAG,UAAU,GAAG,CAAC,CAAC;IAEpC,IAAI,QAAQ,CAAC,MAAM,IAAI,YAAY,EAAE,CAAC;QACpC,OAAO,KAAK,QAAQ,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAS,CAAC;IACrD,CAAC;IAED,OAAO,KAAK,QAAQ,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,CAAC,EAAS,CAAC;AAC5D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,SAAS,CAAC,GAAG,SAAgB;IAC3C,MAAM,QAAQ,GAAG,SAAS;SACvB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SACjD,IAAI,CAAC,EAAE,CAAC,CAAC;IACZ,OAAO,KAAK,QAAQ,EAAS,CAAC;AAChC,CAAC"}

package/dist/utils/cose.d.ts

@@ -0,0 +1,98 @@
+import type { Hex } from "viem";
+import type { P256PublicKey } from "../types/index.js";
+/**
+ * COSE Key Types (kty)
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#key-type
+ */
+declare const COSE_KEY_TYPE: {
+    readonly OKP: 1;
+    readonly EC2: 2;
+    readonly RSA: 3;
+    readonly SYMMETRIC: 4;
+};
+/**
+ * COSE Algorithms
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ */
+declare const COSE_ALGORITHM: {
+    readonly ES256: -7;
+    readonly ES384: -35;
+    readonly ES512: -36;
+    readonly EDDSA: -8;
+};
+/**
+ * COSE Elliptic Curves
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#elliptic-curves
+ */
+declare const COSE_CURVE: {
+    readonly P256: 1;
+    readonly P384: 2;
+    readonly P521: 3;
+    readonly ED25519: 6;
+};
+/**
+ * Error thrown when COSE key parsing fails.
+ */
+export declare class COSEParseError extends Error {
+    constructor(message: string);
+}
+/**
+ * Extracts the attestedCredentialData from authenticatorData.
+ * The attestedCredentialData contains the COSE public key.
+ *
+ * AuthenticatorData structure:
+ * - rpIdHash (32 bytes)
+ * - flags (1 byte)
+ * - signCount (4 bytes, big endian)
+ * - attestedCredentialData (variable, if AT flag is set)
+ *   - aaguid (16 bytes)
+ *   - credentialIdLength (2 bytes, big endian)
+ *   - credentialId (credentialIdLength bytes)
+ *   - credentialPublicKey (remaining bytes, CBOR encoded)
+ *
+ * @param authenticatorData - Raw authenticator data bytes
+ * @returns Object containing credentialId and publicKey bytes
+ * @throws COSEParseError if parsing fails
+ */
+export declare function parseAuthenticatorData(authenticatorData: Uint8Array): {
+    credentialId: Uint8Array;
+    publicKeyBytes: Uint8Array;
+};
+/**
+ * Extracts P256 (secp256r1) public key coordinates from a COSE key.
+ * This is the CRUCIAL function for Passkey integration.
+ *
+ * @param coseBytes - The CBOR-encoded COSE key bytes
+ * @returns The X and Y coordinates as 32-byte hex strings
+ * @throws COSEParseError if the key is not a valid P256 key
+ */
+export declare function extractP256PublicKey(coseBytes: Uint8Array): P256PublicKey;
+/**
+ * Extracts the public key from a WebAuthn attestation response.
+ *
+ * @param attestationObject - Base64URL encoded attestation object from registration
+ * @returns The P256 public key coordinates
+ * @throws COSEParseError if extraction fails
+ */
+export declare function extractPublicKeyFromAttestation(attestationObject: string): {
+    credentialId: Uint8Array;
+    publicKey: P256PublicKey;
+};
+/**
+ * Encodes a P256 public key to the uncompressed format (0x04 || x || y).
+ * This is the standard SEC1 uncompressed point format.
+ *
+ * @param publicKey - The P256 public key coordinates
+ * @returns The uncompressed public key as hex (65 bytes total)
+ */
+export declare function encodeUncompressedPublicKey(publicKey: P256PublicKey): Hex;
+/**
+ * Validates that a public key is on the P256 curve.
+ * This is a basic validation - for full security, use a proper crypto library.
+ *
+ * @param publicKey - The public key coordinates to validate
+ * @returns true if the key appears valid
+ */
+export declare function isValidP256PublicKey(publicKey: P256PublicKey): boolean;
+export { COSE_KEY_TYPE, COSE_ALGORITHM, COSE_CURVE };
+//# sourceMappingURL=cose.d.ts.map

package/dist/utils/cose.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cose.d.ts","sourceRoot":"","sources":["../../src/utils/cose.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAChC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAGvD;;;GAGG;AACH,QAAA,MAAM,aAAa;;;;;CAKT,CAAC;AAEX;;;GAGG;AACH,QAAA,MAAM,cAAc;;;;;CAKV,CAAC;AAEX;;;GAGG;AACH,QAAA,MAAM,UAAU;;;;;CAKN,CAAC;AAaX;;GAEG;AACH,qBAAa,cAAe,SAAQ,KAAK;gBAC3B,OAAO,EAAE,MAAM;CAI5B;AAwED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CAAC,iBAAiB,EAAE,UAAU,GAAG;IACrE,YAAY,EAAE,UAAU,CAAC;IACzB,cAAc,EAAE,UAAU,CAAC;CAC5B,CAuDA;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAAC,SAAS,EAAE,UAAU,GAAG,aAAa,CAwCzE;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,iBAAiB,EAAE,MAAM,GACxB;IACD,YAAY,EAAE,UAAU,CAAC;IACzB,SAAS,EAAE,aAAa,CAAC;CAC1B,CA6BA;AAED;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CAAC,SAAS,EAAE,aAAa,GAAG,GAAG,CAOzE;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,SAAS,EAAE,aAAa,GAAG,OAAO,CA8BtE;AAED,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC"}

package/dist/utils/cose.js

@@ -0,0 +1,259 @@
+import { decode as cborDecode } from "cbor-x";
+import { base64UrlToBytes, bytesToHex, padHex, concatHex } from "./base64url.js";
+/**
+ * COSE Key Types (kty)
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#key-type
+ */
+const COSE_KEY_TYPE = {
+    OKP: 1, // Octet Key Pair
+    EC2: 2, // Elliptic Curve with x and y coordinates
+    RSA: 3, // RSA
+    SYMMETRIC: 4, // Symmetric key
+};
+/**
+ * COSE Algorithms
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ */
+const COSE_ALGORITHM = {
+    ES256: -7, // ECDSA w/ SHA-256 (P-256)
+    ES384: -35, // ECDSA w/ SHA-384 (P-384)
+    ES512: -36, // ECDSA w/ SHA-512 (P-521)
+    EDDSA: -8, // EdDSA
+};
+/**
+ * COSE Elliptic Curves
+ * @see https://www.iana.org/assignments/cose/cose.xhtml#elliptic-curves
+ */
+const COSE_CURVE = {
+    P256: 1, // NIST P-256 (secp256r1)
+    P384: 2, // NIST P-384
+    P521: 3, // NIST P-521
+    ED25519: 6, // Ed25519
+};
+/**
+ * COSE Key Parameter Labels
+ */
+const COSE_KEY_PARAMS = {
+    KTY: 1, // Key type
+    ALG: 3, // Algorithm
+    CRV: -1, // Curve (for EC2 keys)
+    X: -2, // X coordinate (for EC2 keys)
+    Y: -3, // Y coordinate (for EC2 keys)
+};
+/**
+ * Error thrown when COSE key parsing fails.
+ */
+export class COSEParseError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "COSEParseError";
+    }
+}
+/**
+ * Parses a COSE key from CBOR-encoded bytes.
+ *
+ * @param coseBytes - The CBOR-encoded COSE key bytes
+ * @returns The parsed COSE key structure
+ * @throws COSEParseError if parsing fails
+ */
+function parseCOSEKey(coseBytes) {
+    let decoded;
+    try {
+        decoded = cborDecode(coseBytes);
+    }
+    catch (error) {
+        throw new COSEParseError(`Failed to decode CBOR: ${error instanceof Error ? error.message : "Unknown error"}`);
+    }
+    // COSE keys are encoded as CBOR maps
+    if (!(decoded instanceof Map)) {
+        throw new COSEParseError("Invalid COSE key format: expected CBOR map");
+    }
+    const kty = decoded.get(COSE_KEY_PARAMS.KTY);
+    if (typeof kty !== "number") {
+        throw new COSEParseError("Invalid COSE key: missing or invalid kty");
+    }
+    const result = { kty };
+    // Optional algorithm
+    const alg = decoded.get(COSE_KEY_PARAMS.ALG);
+    if (typeof alg === "number") {
+        result.alg = alg;
+    }
+    // For EC2 keys, extract curve and coordinates
+    if (kty === COSE_KEY_TYPE.EC2) {
+        const crv = decoded.get(COSE_KEY_PARAMS.CRV);
+        if (typeof crv === "number") {
+            result.crv = crv;
+        }
+        const x = decoded.get(COSE_KEY_PARAMS.X);
+        if (x instanceof Uint8Array) {
+            result.x = x;
+        }
+        const y = decoded.get(COSE_KEY_PARAMS.Y);
+        if (y instanceof Uint8Array) {
+            result.y = y;
+        }
+    }
+    return result;
+}
+/**
+ * Extracts the attestedCredentialData from authenticatorData.
+ * The attestedCredentialData contains the COSE public key.
+ *
+ * AuthenticatorData structure:
+ * - rpIdHash (32 bytes)
+ * - flags (1 byte)
+ * - signCount (4 bytes, big endian)
+ * - attestedCredentialData (variable, if AT flag is set)
+ *   - aaguid (16 bytes)
+ *   - credentialIdLength (2 bytes, big endian)
+ *   - credentialId (credentialIdLength bytes)
+ *   - credentialPublicKey (remaining bytes, CBOR encoded)
+ *
+ * @param authenticatorData - Raw authenticator data bytes
+ * @returns Object containing credentialId and publicKey bytes
+ * @throws COSEParseError if parsing fails
+ */
+export function parseAuthenticatorData(authenticatorData) {
+    // Minimum length: 37 bytes (rpIdHash + flags + signCount)
+    if (authenticatorData.length < 37) {
+        throw new COSEParseError("Authenticator data too short: minimum 37 bytes required");
+    }
+    // Check AT (attestedCredentialData) flag (bit 6)
+    const flags = authenticatorData[32];
+    const hasAttestedCredData = (flags & 0x40) !== 0;
+    if (!hasAttestedCredData) {
+        throw new COSEParseError("Authenticator data does not contain attested credential data");
+    }
+    // Skip rpIdHash (32) + flags (1) + signCount (4) = 37 bytes
+    let offset = 37;
+    // Skip aaguid (16 bytes)
+    offset += 16;
+    if (authenticatorData.length < offset + 2) {
+        throw new COSEParseError("Authenticator data too short: missing credentialIdLength");
+    }
+    // Read credentialIdLength (2 bytes, big endian)
+    const credentialIdLength = (authenticatorData[offset] << 8) | authenticatorData[offset + 1];
+    offset += 2;
+    if (authenticatorData.length < offset + credentialIdLength) {
+        throw new COSEParseError("Authenticator data too short: missing credentialId");
+    }
+    // Read credentialId
+    const credentialId = authenticatorData.slice(offset, offset + credentialIdLength);
+    offset += credentialIdLength;
+    // Remaining bytes are the CBOR-encoded public key
+    const publicKeyBytes = authenticatorData.slice(offset);
+    if (publicKeyBytes.length === 0) {
+        throw new COSEParseError("Authenticator data too short: missing public key");
+    }
+    return { credentialId, publicKeyBytes };
+}
+/**
+ * Extracts P256 (secp256r1) public key coordinates from a COSE key.
+ * This is the CRUCIAL function for Passkey integration.
+ *
+ * @param coseBytes - The CBOR-encoded COSE key bytes
+ * @returns The X and Y coordinates as 32-byte hex strings
+ * @throws COSEParseError if the key is not a valid P256 key
+ */
+export function extractP256PublicKey(coseBytes) {
+    const coseKey = parseCOSEKey(coseBytes);
+    // Validate key type
+    if (coseKey.kty !== COSE_KEY_TYPE.EC2) {
+        throw new COSEParseError(`Invalid key type: expected EC2 (${COSE_KEY_TYPE.EC2}), got ${coseKey.kty}`);
+    }
+    // Validate curve (if present)
+    if (coseKey.crv !== undefined && coseKey.crv !== COSE_CURVE.P256) {
+        throw new COSEParseError(`Invalid curve: expected P-256 (${COSE_CURVE.P256}), got ${coseKey.crv}`);
+    }
+    // Validate algorithm (if present)
+    if (coseKey.alg !== undefined && coseKey.alg !== COSE_ALGORITHM.ES256) {
+        throw new COSEParseError(`Invalid algorithm: expected ES256 (${COSE_ALGORITHM.ES256}), got ${coseKey.alg}`);
+    }
+    // Validate coordinates
+    if (!coseKey.x || coseKey.x.length === 0) {
+        throw new COSEParseError("Missing X coordinate in COSE key");
+    }
+    if (!coseKey.y || coseKey.y.length === 0) {
+        throw new COSEParseError("Missing Y coordinate in COSE key");
+    }
+    // P-256 coordinates should be exactly 32 bytes
+    // However, some implementations may include leading zeros or strip them
+    // We handle both cases by padding/trimming to exactly 32 bytes
+    const xHex = padHex(bytesToHex(coseKey.x), 32);
+    const yHex = padHex(bytesToHex(coseKey.y), 32);
+    return { x: xHex, y: yHex };
+}
+/**
+ * Extracts the public key from a WebAuthn attestation response.
+ *
+ * @param attestationObject - Base64URL encoded attestation object from registration
+ * @returns The P256 public key coordinates
+ * @throws COSEParseError if extraction fails
+ */
+export function extractPublicKeyFromAttestation(attestationObject) {
+    // Decode the attestation object
+    const attestationBytes = base64UrlToBytes(attestationObject);
+    let attestation;
+    try {
+        attestation = cborDecode(attestationBytes);
+    }
+    catch (error) {
+        throw new COSEParseError(`Failed to decode attestation object: ${error instanceof Error ? error.message : "Unknown error"}`);
+    }
+    // Extract authData from attestation
+    if (!attestation.authData || !(attestation.authData instanceof Uint8Array)) {
+        throw new COSEParseError("Invalid attestation object: missing or invalid authData");
+    }
+    // Parse the authenticator data to get the public key
+    const { credentialId, publicKeyBytes } = parseAuthenticatorData(attestation.authData);
+    // Extract the P256 coordinates from the COSE key
+    const publicKey = extractP256PublicKey(publicKeyBytes);
+    return { credentialId, publicKey };
+}
+/**
+ * Encodes a P256 public key to the uncompressed format (0x04 || x || y).
+ * This is the standard SEC1 uncompressed point format.
+ *
+ * @param publicKey - The P256 public key coordinates
+ * @returns The uncompressed public key as hex (65 bytes total)
+ */
+export function encodeUncompressedPublicKey(publicKey) {
+    // Ensure coordinates are exactly 32 bytes each
+    const x = padHex(publicKey.x, 32);
+    const y = padHex(publicKey.y, 32);
+    // Uncompressed format: 0x04 || x || y
+    return concatHex("0x04", x, y);
+}
+/**
+ * Validates that a public key is on the P256 curve.
+ * This is a basic validation - for full security, use a proper crypto library.
+ *
+ * @param publicKey - The public key coordinates to validate
+ * @returns true if the key appears valid
+ */
+export function isValidP256PublicKey(publicKey) {
+    // Basic validation: check that coordinates are 32 bytes each
+    const xClean = publicKey.x.startsWith("0x")
+        ? publicKey.x.slice(2)
+        : publicKey.x;
+    const yClean = publicKey.y.startsWith("0x")
+        ? publicKey.y.slice(2)
+        : publicKey.y;
+    // Each coordinate should be at most 64 hex chars (32 bytes)
+    if (xClean.length > 64 || yClean.length > 64) {
+        return false;
+    }
+    // Coordinates should not be zero
+    if (BigInt(`0x${xClean}`) === 0n || BigInt(`0x${yClean}`) === 0n) {
+        return false;
+    }
+    // P-256 prime
+    const p = BigInt("0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff");
+    // Coordinates should be less than the prime
+    if (BigInt(`0x${xClean}`) >= p || BigInt(`0x${yClean}`) >= p) {
+        return false;
+    }
+    return true;
+}
+export { COSE_KEY_TYPE, COSE_ALGORITHM, COSE_CURVE };
+//# sourceMappingURL=cose.js.map

package/dist/utils/cose.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cose.js","sourceRoot":"","sources":["../../src/utils/cose.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,QAAQ,CAAC;AAG9C,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAEjF;;;GAGG;AACH,MAAM,aAAa,GAAG;IACpB,GAAG,EAAE,CAAC,EAAE,iBAAiB;IACzB,GAAG,EAAE,CAAC,EAAE,0CAA0C;IAClD,GAAG,EAAE,CAAC,EAAE,MAAM;IACd,SAAS,EAAE,CAAC,EAAE,gBAAgB;CACtB,CAAC;AAEX;;;GAGG;AACH,MAAM,cAAc,GAAG;IACrB,KAAK,EAAE,CAAC,CAAC,EAAE,2BAA2B;IACtC,KAAK,EAAE,CAAC,EAAE,EAAE,2BAA2B;IACvC,KAAK,EAAE,CAAC,EAAE,EAAE,2BAA2B;IACvC,KAAK,EAAE,CAAC,CAAC,EAAE,QAAQ;CACX,CAAC;AAEX;;;GAGG;AACH,MAAM,UAAU,GAAG;IACjB,IAAI,EAAE,CAAC,EAAE,yBAAyB;IAClC,IAAI,EAAE,CAAC,EAAE,aAAa;IACtB,IAAI,EAAE,CAAC,EAAE,aAAa;IACtB,OAAO,EAAE,CAAC,EAAE,UAAU;CACd,CAAC;AAEX;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,GAAG,EAAE,CAAC,EAAE,WAAW;IACnB,GAAG,EAAE,CAAC,EAAE,YAAY;IACpB,GAAG,EAAE,CAAC,CAAC,EAAE,uBAAuB;IAChC,CAAC,EAAE,CAAC,CAAC,EAAE,8BAA8B;IACrC,CAAC,EAAE,CAAC,CAAC,EAAE,8BAA8B;CAC7B,CAAC;AAEX;;GAEG;AACH,MAAM,OAAO,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAaD;;;;;;GAMG;AACH,SAAS,YAAY,CAAC,SAAqB;IACzC,IAAI,OAA6B,CAAC;IAElC,IAAI,CAAC;QACH,OAAO,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IAClC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,cAAc,CACtB,0BAA0B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACrF,CAAC;IACJ,CAAC;IAED,qCAAqC;IACrC,IAAI,CAAC,CAAC,OAAO,YAAY,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,cAAc,CACtB,4CAA4C,CAC7C,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,IAAI,cAAc,CAAC,0CAA0C,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,MAAM,GAAY,EAAE,GAAG,EAAE,CAAC;IAEhC,qBAAqB;IACrB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,GAAG,GAAG,CAAC;IACnB,CAAC;IAED,8CAA8C;IAC9C,IAAI,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,MAAM,CAAC,GAAG,GAAG,GAAG,CAAC;QACnB,CAAC;QAED,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,YAAY,UAAU,EAAE,CAAC;YAC5B,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;QAED,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,YAAY,UAAU,EAAE,CAAC;YAC5B,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,sBAAsB,CAAC,iBAA6B;IAIlE,0DAA0D;IAC1D,IAAI,iBAAiB,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAClC,MAAM,IAAI,cAAc,CACtB,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAED,iDAAiD;IACjD,MAAM,KAAK,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;IACpC,MAAM,mBAAmB,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAEjD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,cAAc,CACtB,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAED,4DAA4D;IAC5D,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,yBAAyB;IACzB,MAAM,IAAI,EAAE,CAAC;IAEb,IAAI,iBAAiB,CAAC,MAAM,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,IAAI,cAAc,CACtB,0DAA0D,CAC3D,CAAC;IACJ,CAAC;IAED,gDAAgD;IAChD,MAAM,kBAAkB,GACtB,CAAC,iBAAiB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnE,MAAM,IAAI,CAAC,CAAC;IAEZ,IAAI,iBAAiB,CAAC,MAAM,GAAG,MAAM,GAAG,kBAAkB,EAAE,CAAC;QAC3D,MAAM,IAAI,cAAc,CACtB,oDAAoD,CACrD,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,YAAY,GAAG,iBAAiB,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,kBAAkB,CAAC,CAAC;IAClF,MAAM,IAAI,kBAAkB,CAAC;IAE7B,kDAAkD;IAClD,MAAM,cAAc,GAAG,iBAAiB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAEvD,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,cAAc,CACtB,kDAAkD,CACnD,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAAC,SAAqB;IACxD,MAAM,OAAO,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC;IAExC,oBAAoB;IACpB,IAAI,OAAO,CAAC,GAAG,KAAK,aAAa,CAAC,GAAG,EAAE,CAAC;QACtC,MAAM,IAAI,cAAc,CACtB,mCAAmC,aAAa,CAAC,GAAG,UAAU,OAAO,CAAC,GAAG,EAAE,CAC5E,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS,IAAI,OAAO,CAAC,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,CAAC;QACjE,MAAM,IAAI,cAAc,CACtB,kCAAkC,UAAU,CAAC,IAAI,UAAU,OAAO,CAAC,GAAG,EAAE,CACzE,CAAC;IACJ,CAAC;IAED,kCAAkC;IAClC,IAAI,OAAO,CAAC,GAAG,KAAK,SAAS,IAAI,OAAO,CAAC,GAAG,KAAK,cAAc,CAAC,KAAK,EAAE,CAAC;QACtE,MAAM,IAAI,cAAc,CACtB,sCAAsC,cAAc,CAAC,KAAK,UAAU,OAAO,CAAC,GAAG,EAAE,CAClF,CAAC;IACJ,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,cAAc,CAAC,kCAAkC,CAAC,CAAC;IAC/D,CAAC;IAED,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,cAAc,CAAC,kCAAkC,CAAC,CAAC;IAC/D,CAAC;IAED,+CAA+C;IAC/C,wEAAwE;IACxE,+DAA+D;IAC/D,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAE/C,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,+BAA+B,CAC7C,iBAAyB;IAKzB,gCAAgC;IAChC,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;IAE7D,IAAI,WAAoD,CAAC;IACzD,IAAI,CAAC;QACH,WAAW,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;IAC7C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,cAAc,CACtB,wCAAwC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CACnG,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,CAAC,CAAC,WAAW,CAAC,QAAQ,YAAY,UAAU,CAAC,EAAE,CAAC;QAC3E,MAAM,IAAI,cAAc,CACtB,yDAAyD,CAC1D,CAAC;IACJ,CAAC;IAED,qDAAqD;IACrD,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,sBAAsB,CAC7D,WAAW,CAAC,QAAQ,CACrB,CAAC;IAEF,iDAAiD;IACjD,MAAM,SAAS,GAAG,oBAAoB,CAAC,cAAc,CAAC,CAAC;IAEvD,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;AACrC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,2BAA2B,CAAC,SAAwB;IAClE,+CAA+C;IAC/C,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAClC,MAAM,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAElC,sCAAsC;IACtC,OAAO,SAAS,CAAC,MAAa,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,SAAwB;IAC3D,6DAA6D;IAC7D,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QACzC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QACzC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QACtB,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;IAEhB,4DAA4D;IAC5D,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC7C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iCAAiC;IACjC,IAAI,MAAM,CAAC,KAAK,MAAM,EAAE,CAAC,KAAK,EAAE,IAAI,MAAM,CAAC,KAAK,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,cAAc;IACd,MAAM,CAAC,GAAG,MAAM,CACd,oEAAoE,CACrE,CAAC;IAEF,4CAA4C;IAC5C,IAAI,MAAM,CAAC,KAAK,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,KAAK,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC"}

package/dist/utils/index.d.ts

@@ -0,0 +1,4 @@
+export { base64UrlToBytes, bytesToBase64Url, base64UrlToHex, hexToBase64Url, bytesToHex, hexToBytes, stringToBase64Url, base64UrlToString, padHex, concatHex, } from "./base64url.js";
+export { extractP256PublicKey, extractPublicKeyFromAttestation, parseAuthenticatorData, encodeUncompressedPublicKey, isValidP256PublicKey, COSEParseError, COSE_KEY_TYPE, COSE_ALGORITHM, COSE_CURVE, } from "./cose.js";
+export { parseAuthenticatorDataFromAssertion, parseDERSignature, normalizeSignatureS, findJsonFieldPosition, parseWebAuthnAssertion, encodeWebAuthnSignature, createChallenge, hashMessage, createAssertionOptions, SignatureError, } from "./passkey.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,iBAAiB,EACjB,MAAM,EACN,SAAS,GACV,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,oBAAoB,EACpB,+BAA+B,EAC/B,sBAAsB,EACtB,2BAA2B,EAC3B,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,UAAU,GACX,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,mCAAmC,EACnC,iBAAiB,EACjB,mBAAmB,EACnB,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,eAAe,EACf,WAAW,EACX,sBAAsB,EACtB,cAAc,GACf,MAAM,cAAc,CAAC"}

package/dist/utils/index.js

@@ -0,0 +1,7 @@
+// Base64URL encoding utilities
+export { base64UrlToBytes, bytesToBase64Url, base64UrlToHex, hexToBase64Url, bytesToHex, hexToBytes, stringToBase64Url, base64UrlToString, padHex, concatHex, } from "./base64url.js";
+// COSE key parsing utilities
+export { extractP256PublicKey, extractPublicKeyFromAttestation, parseAuthenticatorData, encodeUncompressedPublicKey, isValidP256PublicKey, COSEParseError, COSE_KEY_TYPE, COSE_ALGORITHM, COSE_CURVE, } from "./cose.js";
+// Passkey/WebAuthn utilities
+export { parseAuthenticatorDataFromAssertion, parseDERSignature, normalizeSignatureS, findJsonFieldPosition, parseWebAuthnAssertion, encodeWebAuthnSignature, createChallenge, hashMessage, createAssertionOptions, SignatureError, } from "./passkey.js";
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,iBAAiB,EACjB,MAAM,EACN,SAAS,GACV,MAAM,gBAAgB,CAAC;AAExB,6BAA6B;AAC7B,OAAO,EACL,oBAAoB,EACpB,+BAA+B,EAC/B,sBAAsB,EACtB,2BAA2B,EAC3B,oBAAoB,EACpB,cAAc,EACd,aAAa,EACb,cAAc,EACd,UAAU,GACX,MAAM,WAAW,CAAC;AAEnB,6BAA6B;AAC7B,OAAO,EACL,mCAAmC,EACnC,iBAAiB,EACjB,mBAAmB,EACnB,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,eAAe,EACf,WAAW,EACX,sBAAsB,EACtB,cAAc,GACf,MAAM,cAAc,CAAC"}

package/dist/utils/passkey.d.ts

@@ -0,0 +1,108 @@
+import { type Hex } from "viem";
+import type { AuthenticatorData, WebAuthnSignature, SignatureEncodingFormat } from "../types/index.js";
+/**
+ * Error thrown when signature parsing or encoding fails.
+ */
+export declare class SignatureError extends Error {
+    constructor(message: string);
+}
+/**
+ * Parses the authenticator data from a WebAuthn assertion.
+ *
+ * @param authenticatorDataB64 - Base64URL encoded authenticator data
+ * @returns Parsed authenticator data structure
+ */
+export declare function parseAuthenticatorDataFromAssertion(authenticatorDataB64: string): AuthenticatorData;
+/**
+ * Parses a DER-encoded ECDSA signature into r and s components.
+ * WebAuthn signatures are DER-encoded ASN.1 sequences.
+ *
+ * DER format: 0x30 [total-length] 0x02 [r-length] [r] 0x02 [s-length] [s]
+ *
+ * @param signatureB64 - Base64URL encoded DER signature
+ * @returns Object with r and s as 32-byte hex strings
+ */
+export declare function parseDERSignature(signatureB64: string): {
+    r: Hex;
+    s: Hex;
+};
+/**
+ * Normalizes the S value of an ECDSA signature to low-S form.
+ * This is required by some smart contract implementations to prevent
+ * signature malleability.
+ *
+ * For P-256, the curve order n is:
+ * 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551
+ *
+ * If s > n/2, we replace s with n - s.
+ *
+ * @param s - The S component of the signature
+ * @returns The normalized S value in low-S form
+ */
+export declare function normalizeSignatureS(s: Hex): Hex;
+/**
+ * Finds the position of a substring in a JSON string.
+ * Used to locate the challenge and type fields in clientDataJSON.
+ *
+ * @param json - The JSON string to search
+ * @param key - The key to find (e.g., "challenge", "type")
+ * @returns The byte offset of the key's value
+ */
+export declare function findJsonFieldPosition(json: string, key: string): number;
+/**
+ * Parses a WebAuthn assertion response into its components.
+ *
+ * @param assertion - The WebAuthn assertion response
+ * @returns Parsed signature components
+ */
+export declare function parseWebAuthnAssertion(assertion: {
+    authenticatorData: string;
+    clientDataJSON: string;
+    signature: string;
+}): WebAuthnSignature;
+/**
+ * Encodes a WebAuthn signature for smart contract verification.
+ * Different smart contract implementations expect different formats.
+ *
+ * @param signature - The parsed WebAuthn signature
+ * @param format - The encoding format to use
+ * @returns The encoded signature as hex
+ */
+export declare function encodeWebAuthnSignature(signature: WebAuthnSignature, format?: SignatureEncodingFormat): Hex;
+/**
+ * Creates a WebAuthn challenge from a message hash.
+ * The challenge is typically the Base64URL encoding of the hash.
+ *
+ * @param messageHash - The message hash (usually a UserOpHash)
+ * @returns The challenge as Base64URL string
+ */
+export declare function createChallenge(messageHash: Hex): string;
+/**
+ * Hashes a message according to EIP-191 (personal_sign).
+ * This is used when signing arbitrary messages.
+ *
+ * @param message - The message to hash
+ * @returns The EIP-191 hash
+ */
+export declare function hashMessage(message: string | Uint8Array): Hex;
+/**
+ * Creates an assertion options object for react-native-passkey.
+ *
+ * @param challenge - The challenge as Base64URL string
+ * @param rpId - The Relying Party ID
+ * @param credentialId - The credential ID to use (Base64URL)
+ * @param userVerification - User verification requirement
+ * @param timeout - Timeout in milliseconds
+ * @returns Options object for Passkey.get()
+ */
+export declare function createAssertionOptions(challenge: string, rpId: string, credentialId: string, userVerification?: "required" | "preferred" | "discouraged", timeout?: number): {
+    rpId: string;
+    challenge: string;
+    allowCredentials: Array<{
+        id: string;
+        type: "public-key";
+    }>;
+    userVerification: "required" | "preferred" | "discouraged";
+    timeout: number;
+};
+//# sourceMappingURL=passkey.d.ts.map

package/dist/utils/passkey.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"passkey.d.ts","sourceRoot":"","sources":["../../src/utils/passkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,GAAG,EAAkC,MAAM,MAAM,CAAC;AAChE,OAAO,KAAK,EACV,iBAAiB,EACjB,iBAAiB,EACjB,uBAAuB,EACxB,MAAM,mBAAmB,CAAC;AAS3B;;GAEG;AACH,qBAAa,cAAe,SAAQ,KAAK;gBAC3B,OAAO,EAAE,MAAM;CAI5B;AAED;;;;;GAKG;AACH,wBAAgB,mCAAmC,CACjD,oBAAoB,EAAE,MAAM,GAC3B,iBAAiB,CAyBnB;AAED;;;;;;;;GAQG;AACH,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG;IAAE,CAAC,EAAE,GAAG,CAAC;IAAC,CAAC,EAAE,GAAG,CAAA;CAAE,CAwD1E;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,mBAAmB,CAAC,CAAC,EAAE,GAAG,GAAG,GAAG,CAgB/C;AAED;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAWvE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,SAAS,EAAE;IAChD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;CACnB,GAAG,iBAAiB,CA2BpB;AAED;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CACrC,SAAS,EAAE,iBAAiB,EAC5B,MAAM,GAAE,uBAAkC,GACzC,GAAG,CAWL;AAoFD;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,GAAG,GAAG,MAAM,CAExD;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,GAAG,CAa7D;AAED;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CACpC,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,gBAAgB,GAAE,UAAU,GAAG,WAAW,GAAG,aAA0B,EACvE,OAAO,SAAQ,GACd;IACD,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,KAAK,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,YAAY,CAAA;KAAE,CAAC,CAAC;IAC5D,gBAAgB,EAAE,UAAU,GAAG,WAAW,GAAG,aAAa,CAAC;IAC3D,OAAO,EAAE,MAAM,CAAC;CACjB,CAaA"}