@metamask-previews/passkey-controller 0.0.0-preview-4c0846313

package/dist/PasskeyController.mjs

@@ -0,0 +1,443 @@
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _PasskeyController_instances, _PasskeyController_ceremonyManager, _PasskeyController_rpID, _PasskeyController_rpName, _PasskeyController_expectedOrigin, _PasskeyController_userName, _PasskeyController_userDisplayName, _PasskeyController_requireEnrolled, _PasskeyController_getChallengeFromClientData, _PasskeyController_verifyAuthenticationResponse;
+import { BaseController } from "@metamask/base-controller";
+import { randomBytes } from "@noble/ciphers/webcrypto";
+import { WEBAUTHN_TIMEOUT_MS, CeremonyManager } from "./ceremony-manager.mjs";
+import { controllerName, PasskeyControllerErrorCode, PasskeyControllerErrorMessage } from "./constants.mjs";
+import { PasskeyControllerError } from "./errors.mjs";
+import { deriveKeyFromAuthenticationResponse, deriveKeyFromRegistrationResponse } from "./key-derivation.mjs";
+import { createModuleLogger, projectLogger } from "./logger.mjs";
+import { decryptWithKey, encryptWithKey } from "./utils/crypto.mjs";
+import { base64URLToBytes, bytesToBase64URL } from "./utils/encoding.mjs";
+import { COSEALG } from "./webauthn/constants.mjs";
+import { decodeClientDataJSON } from "./webauthn/decode-client-data-json.mjs";
+import { verifyAuthenticationResponse } from "./webauthn/verify-authentication-response.mjs";
+import { verifyRegistrationResponse } from "./webauthn/verify-registration-response.mjs";
+/**
+ * Returns the default (empty) state for {@link PasskeyController}.
+ *
+ * @returns A fresh state object with no enrolled passkey.
+ */
+export function getDefaultPasskeyControllerState() {
+    return { passkeyRecord: null };
+}
+const passkeyControllerMetadata = {
+    passkeyRecord: {
+        persist: true,
+        includeInDebugSnapshot: false,
+        includeInStateLogs: false,
+        usedInUi: true,
+    },
+};
+const log = createModuleLogger(projectLogger, controllerName);
+/**
+ * Selectors for {@link PasskeyControllerState}.
+ *
+ * Use these instead of dedicated getter methods on the controller, so that
+ * derived values can be consumed from Redux selectors and other places that
+ * only have access to a state object.
+ */
+export const passkeyControllerSelectors = {
+    selectIsPasskeyEnrolled: (state) => state.passkeyRecord !== null,
+};
+/**
+ * Passkey-based protection for the vault encryption key (WebAuthn).
+ *
+ * Uses PRF-backed derivation when available; otherwise uses the credential
+ * `userHandle`.
+ */
+export class PasskeyController extends BaseController {
+    /**
+     * Constructs a new {@link PasskeyController}.
+     *
+     * @param args - The constructor arguments.
+     * @param args.messenger - The messenger suited for this controller.
+     * @param args.state - Initial state. Missing properties are filled in with
+     *   defaults from {@link getDefaultPasskeyControllerState}.
+     * @param args.rpID - WebAuthn Relying Party ID (typically the eTLD+1 of the
+     *   client origin, or `localhost` in dev).
+     * @param args.rpName - Human-readable Relying Party name shown by the OS
+     *   passkey UI.
+     * @param args.expectedOrigin - One or more acceptable origins for the
+     *   `clientDataJSON.origin` check (e.g. `chrome-extension://...`).
+     * @param args.userName - Optional `user.name` shown by the OS passkey UI.
+     *   Defaults to `rpName` so client builds (Stable, Flask, etc.) can
+     *   differentiate without changes here.
+     * @param args.userDisplayName - Optional `user.displayName` shown by the OS
+     *   passkey UI. Defaults to `rpName`.
+     */
+    constructor({ messenger, state = {}, rpID, rpName, expectedOrigin, userName, userDisplayName, }) {
+        super({
+            messenger,
+            metadata: passkeyControllerMetadata,
+            name: controllerName,
+            state: { ...getDefaultPasskeyControllerState(), ...state },
+        });
+        _PasskeyController_instances.add(this);
+        _PasskeyController_ceremonyManager.set(this, new CeremonyManager());
+        _PasskeyController_rpID.set(this, void 0);
+        _PasskeyController_rpName.set(this, void 0);
+        _PasskeyController_expectedOrigin.set(this, void 0);
+        _PasskeyController_userName.set(this, void 0);
+        _PasskeyController_userDisplayName.set(this, void 0);
+        __classPrivateFieldSet(this, _PasskeyController_rpID, rpID, "f");
+        __classPrivateFieldSet(this, _PasskeyController_rpName, rpName, "f");
+        __classPrivateFieldSet(this, _PasskeyController_expectedOrigin, expectedOrigin, "f");
+        __classPrivateFieldSet(this, _PasskeyController_userName, userName ?? rpName, "f");
+        __classPrivateFieldSet(this, _PasskeyController_userDisplayName, userDisplayName ?? rpName, "f");
+    }
+    /**
+     * Checks if the passkey is enrolled.
+     *
+     * @returns Whether the passkey is enrolled.
+     */
+    isPasskeyEnrolled() {
+        return passkeyControllerSelectors.selectIsPasskeyEnrolled(this.state);
+    }
+    /**
+     * Registration options for enrolling a passkey.
+     *
+     * Call before {@link protectVaultKeyWithPasskey}.
+     *
+     * @param creationOptionsConfig - Optional configuration.
+     * @param creationOptionsConfig.prfAvailable - Omit PRF when `false`. Default `true`.
+     * @returns Options for `navigator.credentials.create()`.
+     */
+    generateRegistrationOptions(creationOptionsConfig) {
+        const includePrf = creationOptionsConfig?.prfAvailable !== false;
+        const prfSalt = includePrf
+            ? bytesToBase64URL(randomBytes(32).slice())
+            : undefined;
+        const userHandle = bytesToBase64URL(randomBytes(64).slice());
+        const challenge = bytesToBase64URL(randomBytes(32).slice());
+        const extensions = {};
+        if (prfSalt) {
+            extensions.prf = { eval: { first: prfSalt } };
+        }
+        const options = {
+            rp: { name: __classPrivateFieldGet(this, _PasskeyController_rpName, "f"), id: __classPrivateFieldGet(this, _PasskeyController_rpID, "f") },
+            user: {
+                id: userHandle,
+                name: __classPrivateFieldGet(this, _PasskeyController_userName, "f"),
+                displayName: __classPrivateFieldGet(this, _PasskeyController_userDisplayName, "f"),
+            },
+            challenge,
+            pubKeyCredParams: [
+                { alg: COSEALG.EdDSA, type: 'public-key' },
+                { alg: COSEALG.ES256, type: 'public-key' },
+                { alg: COSEALG.RS256, type: 'public-key' },
+            ],
+            timeout: WEBAUTHN_TIMEOUT_MS,
+            authenticatorSelection: {
+                userVerification: 'preferred',
+                authenticatorAttachment: 'platform',
+                residentKey: 'preferred',
+            },
+            hints: ['client-device', 'hybrid'],
+            attestation: 'none',
+            ...(Object.keys(extensions).length > 0 ? { extensions } : {}),
+        };
+        __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").saveRegistrationCeremony(challenge, {
+            userHandle,
+            prfSalt: prfSalt ?? '',
+            challenge,
+            createdAt: Date.now(),
+        });
+        return options;
+    }
+    /**
+     * WebAuthn request options for authenticating with the enrolled passkey.
+     *
+     * Call before {@link retrieveVaultKeyWithPasskey},
+     * {@link verifyPasskeyAuthentication}, or {@link renewVaultKeyProtection}.
+     *
+     * @returns Options for `navigator.credentials.get()`.
+     */
+    generateAuthenticationOptions() {
+        const record = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_requireEnrolled).call(this);
+        const challenge = bytesToBase64URL(randomBytes(32).slice());
+        const extensions = {};
+        if (record.keyDerivation.method === 'prf') {
+            extensions.prf = { eval: { first: record.keyDerivation.prfSalt } };
+        }
+        const options = {
+            challenge,
+            rpId: __classPrivateFieldGet(this, _PasskeyController_rpID, "f"),
+            allowCredentials: [
+                {
+                    id: record.credential.id,
+                    type: 'public-key',
+                    transports: record.credential.transports,
+                },
+            ],
+            userVerification: 'preferred',
+            hints: ['client-device', 'hybrid'],
+            timeout: WEBAUTHN_TIMEOUT_MS,
+            extensions,
+        };
+        __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").saveAuthenticationCeremony(challenge, {
+            challenge,
+            createdAt: Date.now(),
+        });
+        return options;
+    }
+    /**
+     * Completes enrollment and binds the vault key to the new passkey.
+     *
+     * @param params - Protection parameters.
+     * @param params.registrationResponse - Credential from `navigator.credentials.create()`.
+     * @param params.vaultKey - Vault encryption key to protect.
+     */
+    async protectVaultKeyWithPasskey(params) {
+        const { registrationResponse, vaultKey } = params;
+        // get challenge
+        const challenge = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_getChallengeFromClientData).call(this, registrationResponse.response.clientDataJSON);
+        const registrationCeremony = __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").getRegistrationCeremony(challenge);
+        if (!registrationCeremony) {
+            log('No active passkey registration ceremony for challenge');
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.NoRegistrationCeremony, { code: PasskeyControllerErrorCode.NoRegistrationCeremony });
+        }
+        try {
+            // verify registration response
+            const { verified, registrationInfo } = await verifyRegistrationResponse({
+                response: registrationResponse,
+                expectedChallenge: registrationCeremony.challenge,
+                expectedOrigin: __classPrivateFieldGet(this, _PasskeyController_expectedOrigin, "f"),
+                expectedRPID: __classPrivateFieldGet(this, _PasskeyController_rpID, "f"),
+                requireUserVerification: false,
+            }).catch((error) => {
+                log('Error verifying passkey registration response', error);
+                throw new PasskeyControllerError(PasskeyControllerErrorMessage.RegistrationVerificationFailed, {
+                    code: PasskeyControllerErrorCode.RegistrationVerificationFailed,
+                    cause: error instanceof Error ? error : new Error(String(error)),
+                });
+            });
+            if (!verified || !registrationInfo) {
+                log('Passkey registration verification returned unverified or missing registration info');
+                throw new PasskeyControllerError(PasskeyControllerErrorMessage.RegistrationVerificationFailed, { code: PasskeyControllerErrorCode.RegistrationVerificationFailed });
+            }
+            // derive key
+            const { encKey, keyDerivation } = deriveKeyFromRegistrationResponse(registrationResponse, registrationCeremony, registrationInfo.credentialId);
+            // encrypt vault key
+            const { ciphertext, iv } = encryptWithKey(vaultKey, encKey);
+            // persist passkey record
+            this.update((state) => {
+                state.passkeyRecord = {
+                    credential: {
+                        id: registrationInfo.credentialId,
+                        publicKey: bytesToBase64URL(registrationInfo.publicKey),
+                        counter: registrationInfo.counter,
+                        transports: registrationInfo.transports,
+                    },
+                    encryptedVaultKey: { ciphertext, iv },
+                    keyDerivation,
+                };
+            });
+        }
+        finally {
+            __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").deleteRegistrationCeremony(challenge);
+        }
+    }
+    /**
+     * Returns the decrypted vault encryption key from the passkey authentication
+     * response.
+     *
+     * @param authenticationResponse - Credential from `navigator.credentials.get()`.
+     * @returns The vault encryption key.
+     */
+    async retrieveVaultKeyWithPasskey(authenticationResponse) {
+        // verify authentication response
+        await __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_verifyAuthenticationResponse).call(this, authenticationResponse);
+        // derive key (#verifyAuthenticationResponse guarantees enrolled)
+        const passkeyRecord = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_requireEnrolled).call(this);
+        const encKey = deriveKeyFromAuthenticationResponse(authenticationResponse, passkeyRecord);
+        // decrypt vault key
+        let vaultKey;
+        try {
+            vaultKey = decryptWithKey(passkeyRecord.encryptedVaultKey.ciphertext, passkeyRecord.encryptedVaultKey.iv, encKey);
+        }
+        catch (cause) {
+            log('Error decrypting vault key with passkey', cause instanceof Error ? cause : new Error(String(cause)));
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.VaultKeyDecryptionFailed, {
+                code: PasskeyControllerErrorCode.VaultKeyDecryptionFailed,
+                cause: cause instanceof Error ? cause : new Error(String(cause)),
+            });
+        }
+        return vaultKey;
+    }
+    /**
+     * Returns whether passkey authentication succeeds for this credential (same
+     * work as {@link retrieveVaultKeyWithPasskey} without exposing the vault key).
+     *
+     * Returns `false` only when the failure is a {@link PasskeyControllerError}
+     * with a defined `code`. Unexpected errors (e.g. malformed `clientDataJSON`,
+     * internal bugs) are rethrown.
+     *
+     * @param authenticationResponse - Credential from `navigator.credentials.get()`.
+     * @returns `true` if authentication succeeds, otherwise `false`.
+     */
+    async verifyPasskeyAuthentication(authenticationResponse) {
+        try {
+            await this.retrieveVaultKeyWithPasskey(authenticationResponse);
+            return true;
+        }
+        catch (error) {
+            if (error instanceof PasskeyControllerError && error.code !== undefined) {
+                return false;
+            }
+            throw error;
+        }
+    }
+    /**
+     * Updates the vault encryption key for the same passkey (e.g. after a password change).
+     *
+     * Caller MUST first verify the assertion via {@link verifyPasskeyAuthentication}
+     * or {@link retrieveVaultKeyWithPasskey}. This method does not re-verify
+     * because the ceremony is single-use (deleted on verify) and the signature
+     * counter is advanced (replay would be rejected). Authentication here is
+     * enforced by the prior verification plus the `oldVaultKey` match below.
+     *
+     * @param params - Renewal parameters.
+     * @param params.authenticationResponse - Credential from `navigator.credentials.get()`,
+     *   already verified by the caller.
+     * @param params.oldVaultKey - Expected current vault key.
+     * @param params.newVaultKey - New vault key to protect.
+     */
+    async renewVaultKeyProtection(params) {
+        const { authenticationResponse } = params;
+        const passkeyRecord = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_requireEnrolled).call(this);
+        // derive key
+        const encKey = deriveKeyFromAuthenticationResponse(authenticationResponse, passkeyRecord);
+        // decrypt vault key
+        let decryptedVaultKey;
+        try {
+            decryptedVaultKey = decryptWithKey(passkeyRecord.encryptedVaultKey.ciphertext, passkeyRecord.encryptedVaultKey.iv, encKey);
+        }
+        catch (error) {
+            log('Error decrypting vault key during passkey vault key renewal', error instanceof Error ? error : new Error(String(error)));
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.VaultKeyDecryptionFailed, {
+                code: PasskeyControllerErrorCode.VaultKeyDecryptionFailed,
+                cause: error instanceof Error ? error : new Error(String(error)),
+            });
+        }
+        // check if vault key matches
+        const { oldVaultKey, newVaultKey } = params;
+        if (decryptedVaultKey !== oldVaultKey) {
+            log('Passkey renewal rejected: decrypted vault key does not match oldVaultKey');
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.VaultKeyMismatch, { code: PasskeyControllerErrorCode.VaultKeyMismatch });
+        }
+        // encrypt new vault key
+        const { ciphertext, iv } = encryptWithKey(newVaultKey, encKey);
+        // persist passkey record (mutate current state only for vault key material)
+        this.update((state) => {
+            if (!state.passkeyRecord) {
+                throw new PasskeyControllerError(PasskeyControllerErrorMessage.NotEnrolled, {
+                    code: PasskeyControllerErrorCode.NotEnrolled,
+                });
+            }
+            state.passkeyRecord.encryptedVaultKey = { ciphertext, iv };
+        });
+    }
+    /**
+     * Unenrolls the passkey, removing the protected vault key material.
+     */
+    removePasskey() {
+        this.update(() => getDefaultPasskeyControllerState());
+        __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").clear();
+    }
+    /**
+     * Resets state and clears in-flight registration/authentication ceremonies.
+     */
+    clearState() {
+        this.removePasskey();
+    }
+    /**
+     * Releases all in-flight ceremony state and tears down the messenger.
+     */
+    destroy() {
+        __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").clear();
+        super.destroy();
+    }
+}
+_PasskeyController_ceremonyManager = new WeakMap(), _PasskeyController_rpID = new WeakMap(), _PasskeyController_rpName = new WeakMap(), _PasskeyController_expectedOrigin = new WeakMap(), _PasskeyController_userName = new WeakMap(), _PasskeyController_userDisplayName = new WeakMap(), _PasskeyController_instances = new WeakSet(), _PasskeyController_requireEnrolled = function _PasskeyController_requireEnrolled() {
+    const record = this.state.passkeyRecord;
+    if (!record) {
+        throw new PasskeyControllerError(PasskeyControllerErrorMessage.NotEnrolled, {
+            code: PasskeyControllerErrorCode.NotEnrolled,
+        });
+    }
+    return record;
+}, _PasskeyController_getChallengeFromClientData = function _PasskeyController_getChallengeFromClientData(clientDataJSON) {
+    return decodeClientDataJSON(clientDataJSON).challenge;
+}, _PasskeyController_verifyAuthenticationResponse = 
+/**
+ * Verifies an authentication response for the enrolled passkey.
+ *
+ * @param authenticationResponse - Authentication result JSON.
+ */
+async function _PasskeyController_verifyAuthenticationResponse(authenticationResponse) {
+    let challenge;
+    try {
+        // get challenge
+        challenge = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_getChallengeFromClientData).call(this, authenticationResponse.response.clientDataJSON);
+        // get passkey record
+        const record = __classPrivateFieldGet(this, _PasskeyController_instances, "m", _PasskeyController_requireEnrolled).call(this);
+        // get authentication ceremony
+        const authenticationCeremony = __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").getAuthenticationCeremony(challenge);
+        if (!authenticationCeremony) {
+            log('No active passkey authentication ceremony for challenge');
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.NoAuthenticationCeremony, { code: PasskeyControllerErrorCode.NoAuthenticationCeremony });
+        }
+        // verify authentication response
+        const result = await verifyAuthenticationResponse({
+            response: authenticationResponse,
+            expectedChallenge: authenticationCeremony.challenge,
+            expectedOrigin: __classPrivateFieldGet(this, _PasskeyController_expectedOrigin, "f"),
+            expectedRPID: __classPrivateFieldGet(this, _PasskeyController_rpID, "f"),
+            credential: {
+                id: record.credential.id,
+                publicKey: base64URLToBytes(record.credential.publicKey),
+                counter: record.credential.counter,
+                transports: record.credential.transports,
+            },
+            // UV optional for device compatibility; vault key remains password-gated.
+            requireUserVerification: false,
+        }).catch((error) => {
+            log('Error verifying passkey authentication response', error instanceof Error ? error : new Error(String(error)));
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.AuthenticationVerificationFailed, {
+                code: PasskeyControllerErrorCode.AuthenticationVerificationFailed,
+                cause: error instanceof Error ? error : new Error(String(error)),
+            });
+        });
+        if (!result.verified) {
+            log('Passkey authentication verification returned unverified');
+            throw new PasskeyControllerError(PasskeyControllerErrorMessage.AuthenticationVerificationFailed, {
+                code: PasskeyControllerErrorCode.AuthenticationVerificationFailed,
+            });
+        }
+        // persist passkey record with updated counter without clobbering concurrent updates
+        this.update((state) => {
+            if (!state.passkeyRecord) {
+                throw new PasskeyControllerError(PasskeyControllerErrorMessage.NotEnrolled, { code: PasskeyControllerErrorCode.NotEnrolled });
+            }
+            const latest = state.passkeyRecord;
+            latest.credential.counter = Math.max(result.authenticationInfo.newCounter, latest.credential.counter);
+        });
+    }
+    finally {
+        if (challenge) {
+            __classPrivateFieldGet(this, _PasskeyController_ceremonyManager, "f").deleteAuthenticationCeremony(challenge);
+        }
+    }
+};
+//# sourceMappingURL=PasskeyController.mjs.map

package/dist/PasskeyController.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"PasskeyController.mjs","sourceRoot":"","sources":["../src/PasskeyController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAKA,OAAO,EAAE,cAAc,EAAE,kCAAkC;AAE3D,OAAO,EAAE,WAAW,EAAE,iCAAiC;AAEvD,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,+BAA2B;AAC1E,OAAO,EACL,cAAc,EACd,0BAA0B,EAC1B,6BAA6B,EAC9B,wBAAoB;AACrB,OAAO,EAAE,sBAAsB,EAAE,qBAAiB;AAClD,OAAO,EACL,mCAAmC,EACnC,iCAAiC,EAClC,6BAAyB;AAC1B,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,qBAAiB;AAE7D,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,2BAAuB;AAChE,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,6BAAyB;AACtE,OAAO,EAAE,OAAO,EAAE,iCAA6B;AAC/C,OAAO,EAAE,oBAAoB,EAAE,+CAA2C;AAO1E,OAAO,EAAE,4BAA4B,EAAE,sDAAkD;AACzF,OAAO,EAAE,0BAA0B,EAAE,oDAAgD;AAoCrF;;;;GAIG;AACH,MAAM,UAAU,gCAAgC;IAC9C,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAED,MAAM,yBAAyB,GAAG;IAChC,aAAa,EAAE;QACb,OAAO,EAAE,IAAI;QACb,sBAAsB,EAAE,KAAK;QAC7B,kBAAkB,EAAE,KAAK;QACzB,QAAQ,EAAE,IAAI;KACf;CAC8C,CAAC;AAElD,MAAM,GAAG,GAAG,kBAAkB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;AAE9D;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,uBAAuB,EAAE,CAAC,KAA6B,EAAW,EAAE,CAClE,KAAK,CAAC,aAAa,KAAK,IAAI;CAC/B,CAAC;AAEF;;;;;GAKG;AACH,MAAM,OAAO,iBAAkB,SAAQ,cAItC;IAaC;;;;;;;;;;;;;;;;;;OAkBG;IACH,YAAY,EACV,SAAS,EACT,KAAK,GAAG,EAAE,EACV,IAAI,EACJ,MAAM,EACN,cAAc,EACd,QAAQ,EACR,eAAe,GAShB;QACC,KAAK,CAAC;YACJ,SAAS;YACT,QAAQ,EAAE,yBAAyB;YACnC,IAAI,EAAE,cAAc;YACpB,KAAK,EAAE,EAAE,GAAG,gCAAgC,EAAE,EAAE,GAAG,KAAK,EAAE;SAC3D,CAAC,CAAC;;QArDI,6CAAmB,IAAI,eAAe,EAAE,EAAC;QAEzC,0CAAc;QAEd,4CAAgB;QAEhB,oDAAmC;QAEnC,8CAAkB;QAElB,qDAAyB;QA6ChC,uBAAA,IAAI,2BAAS,IAAI,MAAA,CAAC;QAClB,uBAAA,IAAI,6BAAW,MAAM,MAAA,CAAC;QACtB,uBAAA,IAAI,qCAAmB,cAAc,MAAA,CAAC;QACtC,uBAAA,IAAI,+BAAa,QAAQ,IAAI,MAAM,MAAA,CAAC;QACpC,uBAAA,IAAI,sCAAoB,eAAe,IAAI,MAAM,MAAA,CAAC;IACpD,CAAC;IAmBD;;;;OAIG;IACH,iBAAiB;QACf,OAAO,0BAA0B,CAAC,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxE,CAAC;IAED;;;;;;;;OAQG;IACH,2BAA2B,CAAC,qBAE3B;QACC,MAAM,UAAU,GAAG,qBAAqB,EAAE,YAAY,KAAK,KAAK,CAAC;QACjE,MAAM,OAAO,GAAG,UAAU;YACxB,CAAC,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC;YAC3C,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,UAAU,GAAG,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QAE5D,MAAM,UAAU,GAA4B,EAAE,CAAC;QAC/C,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC;QAChD,CAAC;QAED,MAAM,OAAO,GAA+B;YAC1C,EAAE,EAAE,EAAE,IAAI,EAAE,uBAAA,IAAI,iCAAQ,EAAE,EAAE,EAAE,uBAAA,IAAI,+BAAM,EAAE;YAC1C,IAAI,EAAE;gBACJ,EAAE,EAAE,UAAU;gBACd,IAAI,EAAE,uBAAA,IAAI,mCAAU;gBACpB,WAAW,EAAE,uBAAA,IAAI,0CAAiB;aACnC;YACD,SAAS;YACT,gBAAgB,EAAE;gBAChB,EAAE,GAAG,EAAE,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;gBAC1C,EAAE,GAAG,EAAE,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;gBAC1C,EAAE,GAAG,EAAE,OAAO,CAAC,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE;aAC3C;YACD,OAAO,EAAE,mBAAmB;YAC5B,sBAAsB,EAAE;gBACtB,gBAAgB,EAAE,WAAW;gBAC7B,uBAAuB,EAAE,UAAU;gBACnC,WAAW,EAAE,WAAW;aACzB;YACD,KAAK,EAAE,CAAC,eAAe,EAAE,QAAQ,CAAC;YAClC,WAAW,EAAE,MAAM;YACnB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9D,CAAC;QAEF,uBAAA,IAAI,0CAAiB,CAAC,wBAAwB,CAAC,SAAS,EAAE;YACxD,UAAU;YACV,OAAO,EAAE,OAAO,IAAI,EAAE;YACtB,SAAS;YACT,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;;;OAOG;IACH,6BAA6B;QAC3B,MAAM,MAAM,GAAG,uBAAA,IAAI,wEAAiB,MAArB,IAAI,CAAmB,CAAC;QAEvC,MAAM,SAAS,GAAG,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QAE5D,MAAM,UAAU,GAA4B,EAAE,CAAC;QAC/C,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC1C,UAAU,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC;QACrE,CAAC;QAED,MAAM,OAAO,GAAiC;YAC5C,SAAS;YACT,IAAI,EAAE,uBAAA,IAAI,+BAAM;YAChB,gBAAgB,EAAE;gBAChB;oBACE,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE;oBACxB,IAAI,EAAE,YAAY;oBAClB,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,UAAU;iBACzC;aACF;YACD,gBAAgB,EAAE,WAAW;YAC7B,KAAK,EAAE,CAAC,eAAe,EAAE,QAAQ,CAAC;YAClC,OAAO,EAAE,mBAAmB;YAC5B,UAAU;SACX,CAAC;QAEF,uBAAA,IAAI,0CAAiB,CAAC,0BAA0B,CAAC,SAAS,EAAE;YAC1D,SAAS;YACT,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B,CAAC,MAGhC;QACC,MAAM,EAAE,oBAAoB,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;QAElD,gBAAgB;QAChB,MAAM,SAAS,GAAG,uBAAA,IAAI,mFAA4B,MAAhC,IAAI,EACpB,oBAAoB,CAAC,QAAQ,CAAC,cAAc,CAC7C,CAAC;QACF,MAAM,oBAAoB,GACxB,uBAAA,IAAI,0CAAiB,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;QAC3D,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC1B,GAAG,CAAC,uDAAuD,CAAC,CAAC;YAC7D,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,sBAAsB,EACpD,EAAE,IAAI,EAAE,0BAA0B,CAAC,sBAAsB,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,+BAA+B;YAC/B,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAAG,MAAM,0BAA0B,CAAC;gBACtE,QAAQ,EAAE,oBAAoB;gBAC9B,iBAAiB,EAAE,oBAAoB,CAAC,SAAS;gBACjD,cAAc,EAAE,uBAAA,IAAI,yCAAgB;gBACpC,YAAY,EAAE,uBAAA,IAAI,+BAAM;gBACxB,uBAAuB,EAAE,KAAK;aAC/B,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACjB,GAAG,CAAC,+CAA+C,EAAE,KAAK,CAAC,CAAC;gBAC5D,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,8BAA8B,EAC5D;oBACE,IAAI,EAAE,0BAA0B,CAAC,8BAA8B;oBAC/D,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;iBACjE,CACF,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACnC,GAAG,CACD,oFAAoF,CACrF,CAAC;gBACF,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,8BAA8B,EAC5D,EAAE,IAAI,EAAE,0BAA0B,CAAC,8BAA8B,EAAE,CACpE,CAAC;YACJ,CAAC;YAED,aAAa;YACb,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,iCAAiC,CACjE,oBAAoB,EACpB,oBAAoB,EACpB,gBAAgB,CAAC,YAAY,CAC9B,CAAC;YAEF,oBAAoB;YACpB,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,GAAG,cAAc,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;YAE5D,yBAAyB;YACzB,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;gBACpB,KAAK,CAAC,aAAa,GAAG;oBACpB,UAAU,EAAE;wBACV,EAAE,EAAE,gBAAgB,CAAC,YAAY;wBACjC,SAAS,EAAE,gBAAgB,CAAC,gBAAgB,CAAC,SAAS,CAAC;wBACvD,OAAO,EAAE,gBAAgB,CAAC,OAAO;wBACjC,UAAU,EAAE,gBAAgB,CAAC,UAAU;qBACxC;oBACD,iBAAiB,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE;oBACrC,aAAa;iBACd,CAAC;YACJ,CAAC,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,uBAAA,IAAI,0CAAiB,CAAC,0BAA0B,CAAC,SAAS,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,2BAA2B,CAC/B,sBAAqD;QAErD,iCAAiC;QACjC,MAAM,uBAAA,IAAI,qFAA8B,MAAlC,IAAI,EAA+B,sBAAsB,CAAC,CAAC;QAEjE,iEAAiE;QACjE,MAAM,aAAa,GAAG,uBAAA,IAAI,wEAAiB,MAArB,IAAI,CAAmB,CAAC;QAC9C,MAAM,MAAM,GAAG,mCAAmC,CAChD,sBAAsB,EACtB,aAAa,CACd,CAAC;QAEF,oBAAoB;QACpB,IAAI,QAAgB,CAAC;QACrB,IAAI,CAAC;YACH,QAAQ,GAAG,cAAc,CACvB,aAAa,CAAC,iBAAiB,CAAC,UAAU,EAC1C,aAAa,CAAC,iBAAiB,CAAC,EAAE,EAClC,MAAM,CACP,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CACD,yCAAyC,EACzC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YACF,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,wBAAwB,EACtD;gBACE,IAAI,EAAE,0BAA0B,CAAC,wBAAwB;gBACzD,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;aACjE,CACF,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,2BAA2B,CAC/B,sBAAqD;QAErD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,KAAK,YAAY,sBAAsB,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACxE,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,uBAAuB,CAAC,MAI7B;QACC,MAAM,EAAE,sBAAsB,EAAE,GAAG,MAAM,CAAC;QAC1C,MAAM,aAAa,GAAG,uBAAA,IAAI,wEAAiB,MAArB,IAAI,CAAmB,CAAC;QAE9C,aAAa;QACb,MAAM,MAAM,GAAG,mCAAmC,CAChD,sBAAsB,EACtB,aAAa,CACd,CAAC;QAEF,oBAAoB;QACpB,IAAI,iBAAyB,CAAC;QAC9B,IAAI,CAAC;YACH,iBAAiB,GAAG,cAAc,CAChC,aAAa,CAAC,iBAAiB,CAAC,UAAU,EAC1C,aAAa,CAAC,iBAAiB,CAAC,EAAE,EAClC,MAAM,CACP,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CACD,6DAA6D,EAC7D,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YACF,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,wBAAwB,EACtD;gBACE,IAAI,EAAE,0BAA0B,CAAC,wBAAwB;gBACzD,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;aACjE,CACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;QAC5C,IAAI,iBAAiB,KAAK,WAAW,EAAE,CAAC;YACtC,GAAG,CACD,0EAA0E,CAC3E,CAAC;YACF,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,gBAAgB,EAC9C,EAAE,IAAI,EAAE,0BAA0B,CAAC,gBAAgB,EAAE,CACtD,CAAC;QACJ,CAAC;QAED,wBAAwB;QACxB,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,GAAG,cAAc,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE/D,4EAA4E;QAC5E,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;gBACzB,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,WAAW,EACzC;oBACE,IAAI,EAAE,0BAA0B,CAAC,WAAW;iBAC7C,CACF,CAAC;YACJ,CAAC;YACD,KAAK,CAAC,aAAa,CAAC,iBAAiB,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC7D,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,aAAa;QACX,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,gCAAgC,EAAE,CAAC,CAAC;QACtD,uBAAA,IAAI,0CAAiB,CAAC,KAAK,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,OAAO;QACL,uBAAA,IAAI,0CAAiB,CAAC,KAAK,EAAE,CAAC;QAC9B,KAAK,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC;CAwFF;;IAndG,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC;IACxC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,WAAW,EACzC;YACE,IAAI,EAAE,0BAA0B,CAAC,WAAW;SAC7C,CACF,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,yGAE2B,cAAsB;IAChD,OAAO,oBAAoB,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AA+WD;;;;GAIG;AACH,KAAK,0DACH,sBAAqD;IAErD,IAAI,SAA6B,CAAC;IAClC,IAAI,CAAC;QACH,gBAAgB;QAChB,SAAS,GAAG,uBAAA,IAAI,mFAA4B,MAAhC,IAAI,EACd,sBAAsB,CAAC,QAAQ,CAAC,cAAc,CAC/C,CAAC;QAEF,qBAAqB;QACrB,MAAM,MAAM,GAAG,uBAAA,IAAI,wEAAiB,MAArB,IAAI,CAAmB,CAAC;QAEvC,8BAA8B;QAC9B,MAAM,sBAAsB,GAC1B,uBAAA,IAAI,0CAAiB,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAC;QAC7D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,GAAG,CAAC,yDAAyD,CAAC,CAAC;YAC/D,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,wBAAwB,EACtD,EAAE,IAAI,EAAE,0BAA0B,CAAC,wBAAwB,EAAE,CAC9D,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,MAAM,MAAM,GAAG,MAAM,4BAA4B,CAAC;YAChD,QAAQ,EAAE,sBAAsB;YAChC,iBAAiB,EAAE,sBAAsB,CAAC,SAAS;YACnD,cAAc,EAAE,uBAAA,IAAI,yCAAgB;YACpC,YAAY,EAAE,uBAAA,IAAI,+BAAM;YACxB,UAAU,EAAE;gBACV,EAAE,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE;gBACxB,SAAS,EAAE,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC;gBACxD,OAAO,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO;gBAClC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,UAAU;aACzC;YACD,0EAA0E;YAC1E,uBAAuB,EAAE,KAAK;SAC/B,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACjB,GAAG,CACD,iDAAiD,EACjD,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YACF,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,gCAAgC,EAC9D;gBACE,IAAI,EAAE,0BAA0B,CAAC,gCAAgC;gBACjE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;aACjE,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,GAAG,CAAC,yDAAyD,CAAC,CAAC;YAC/D,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,gCAAgC,EAC9D;gBACE,IAAI,EAAE,0BAA0B,CAAC,gCAAgC;aAClE,CACF,CAAC;QACJ,CAAC;QAED,oFAAoF;QACpF,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;YACpB,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;gBACzB,MAAM,IAAI,sBAAsB,CAC9B,6BAA6B,CAAC,WAAW,EACzC,EAAE,IAAI,EAAE,0BAA0B,CAAC,WAAW,EAAE,CACjD,CAAC;YACJ,CAAC;YACD,MAAM,MAAM,GAAG,KAAK,CAAC,aAAa,CAAC;YACnC,MAAM,CAAC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,CAClC,MAAM,CAAC,kBAAkB,CAAC,UAAU,EACpC,MAAM,CAAC,UAAU,CAAC,OAAO,CAC1B,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,IAAI,SAAS,EAAE,CAAC;YACd,uBAAA,IAAI,0CAAiB,CAAC,4BAA4B,CAAC,SAAS,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["import type {\n  ControllerGetStateAction,\n  ControllerStateChangedEvent,\n  StateMetadata,\n} from '@metamask/base-controller';\nimport { BaseController } from '@metamask/base-controller';\nimport type { Messenger } from '@metamask/messenger';\nimport { randomBytes } from '@noble/ciphers/webcrypto';\n\nimport { WEBAUTHN_TIMEOUT_MS, CeremonyManager } from './ceremony-manager';\nimport {\n  controllerName,\n  PasskeyControllerErrorCode,\n  PasskeyControllerErrorMessage,\n} from './constants';\nimport { PasskeyControllerError } from './errors';\nimport {\n  deriveKeyFromAuthenticationResponse,\n  deriveKeyFromRegistrationResponse,\n} from './key-derivation';\nimport { createModuleLogger, projectLogger } from './logger';\nimport type { PasskeyRecord } from './types';\nimport { decryptWithKey, encryptWithKey } from './utils/crypto';\nimport { base64URLToBytes, bytesToBase64URL } from './utils/encoding';\nimport { COSEALG } from './webauthn/constants';\nimport { decodeClientDataJSON } from './webauthn/decode-client-data-json';\nimport type {\n  PasskeyAuthenticationOptions,\n  PasskeyAuthenticationResponse,\n  PasskeyRegistrationOptions,\n  PasskeyRegistrationResponse,\n} from './webauthn/types';\nimport { verifyAuthenticationResponse } from './webauthn/verify-authentication-response';\nimport { verifyRegistrationResponse } from './webauthn/verify-registration-response';\n\nexport type PasskeyControllerState = {\n  passkeyRecord: PasskeyRecord | null;\n};\n\nexport type PasskeyControllerGetStateAction = ControllerGetStateAction<\n  typeof controllerName,\n  PasskeyControllerState\n>;\n\n/**\n * Actions exposed by {@link PasskeyController} on its messenger.\n *\n * Only `:getState` is exposed. Derived enrollment status is available via\n * {@link passkeyControllerSelectors.selectIsPasskeyEnrolled}, and lifecycle\n * methods ({@link PasskeyController.generateRegistrationOptions},\n * {@link PasskeyController.protectVaultKeyWithPasskey}, etc.) accept or\n * return non-`Json` runtime values (WebAuthn `PublicKeyCredential` objects\n * and the vault key string), so they require a direct controller reference.\n */\nexport type PasskeyControllerActions = PasskeyControllerGetStateAction;\n\nexport type PasskeyControllerStateChangedEvent = ControllerStateChangedEvent<\n  typeof controllerName,\n  PasskeyControllerState\n>;\n\nexport type PasskeyControllerEvents = PasskeyControllerStateChangedEvent;\n\nexport type PasskeyControllerMessenger = Messenger<\n  typeof controllerName,\n  PasskeyControllerActions,\n  PasskeyControllerEvents\n>;\n\n/**\n * Returns the default (empty) state for {@link PasskeyController}.\n *\n * @returns A fresh state object with no enrolled passkey.\n */\nexport function getDefaultPasskeyControllerState(): PasskeyControllerState {\n  return { passkeyRecord: null };\n}\n\nconst passkeyControllerMetadata = {\n  passkeyRecord: {\n    persist: true,\n    includeInDebugSnapshot: false,\n    includeInStateLogs: false,\n    usedInUi: true,\n  },\n} satisfies StateMetadata<PasskeyControllerState>;\n\nconst log = createModuleLogger(projectLogger, controllerName);\n\n/**\n * Selectors for {@link PasskeyControllerState}.\n *\n * Use these instead of dedicated getter methods on the controller, so that\n * derived values can be consumed from Redux selectors and other places that\n * only have access to a state object.\n */\nexport const passkeyControllerSelectors = {\n  selectIsPasskeyEnrolled: (state: PasskeyControllerState): boolean =>\n    state.passkeyRecord !== null,\n};\n\n/**\n * Passkey-based protection for the vault encryption key (WebAuthn).\n *\n * Uses PRF-backed derivation when available; otherwise uses the credential\n * `userHandle`.\n */\nexport class PasskeyController extends BaseController<\n  typeof controllerName,\n  PasskeyControllerState,\n  PasskeyControllerMessenger\n> {\n  readonly #ceremonyManager = new CeremonyManager();\n\n  readonly #rpID: string;\n\n  readonly #rpName: string;\n\n  readonly #expectedOrigin: string | string[];\n\n  readonly #userName: string;\n\n  readonly #userDisplayName: string;\n\n  /**\n   * Constructs a new {@link PasskeyController}.\n   *\n   * @param args - The constructor arguments.\n   * @param args.messenger - The messenger suited for this controller.\n   * @param args.state - Initial state. Missing properties are filled in with\n   *   defaults from {@link getDefaultPasskeyControllerState}.\n   * @param args.rpID - WebAuthn Relying Party ID (typically the eTLD+1 of the\n   *   client origin, or `localhost` in dev).\n   * @param args.rpName - Human-readable Relying Party name shown by the OS\n   *   passkey UI.\n   * @param args.expectedOrigin - One or more acceptable origins for the\n   *   `clientDataJSON.origin` check (e.g. `chrome-extension://...`).\n   * @param args.userName - Optional `user.name` shown by the OS passkey UI.\n   *   Defaults to `rpName` so client builds (Stable, Flask, etc.) can\n   *   differentiate without changes here.\n   * @param args.userDisplayName - Optional `user.displayName` shown by the OS\n   *   passkey UI. Defaults to `rpName`.\n   */\n  constructor({\n    messenger,\n    state = {},\n    rpID,\n    rpName,\n    expectedOrigin,\n    userName,\n    userDisplayName,\n  }: {\n    messenger: PasskeyControllerMessenger;\n    state?: Partial<PasskeyControllerState>;\n    rpID: string;\n    rpName: string;\n    expectedOrigin: string | string[];\n    userName?: string;\n    userDisplayName?: string;\n  }) {\n    super({\n      messenger,\n      metadata: passkeyControllerMetadata,\n      name: controllerName,\n      state: { ...getDefaultPasskeyControllerState(), ...state },\n    });\n\n    this.#rpID = rpID;\n    this.#rpName = rpName;\n    this.#expectedOrigin = expectedOrigin;\n    this.#userName = userName ?? rpName;\n    this.#userDisplayName = userDisplayName ?? rpName;\n  }\n\n  #requireEnrolled(): PasskeyRecord {\n    const record = this.state.passkeyRecord;\n    if (!record) {\n      throw new PasskeyControllerError(\n        PasskeyControllerErrorMessage.NotEnrolled,\n        {\n          code: PasskeyControllerErrorCode.NotEnrolled,\n        },\n      );\n    }\n    return record;\n  }\n\n  #getChallengeFromClientData(clientDataJSON: string): string {\n    return decodeClientDataJSON(clientDataJSON).challenge;\n  }\n\n  /**\n   * Checks if the passkey is enrolled.\n   *\n   * @returns Whether the passkey is enrolled.\n   */\n  isPasskeyEnrolled(): boolean {\n    return passkeyControllerSelectors.selectIsPasskeyEnrolled(this.state);\n  }\n\n  /**\n   * Registration options for enrolling a passkey.\n   *\n   * Call before {@link protectVaultKeyWithPasskey}.\n   *\n   * @param creationOptionsConfig - Optional configuration.\n   * @param creationOptionsConfig.prfAvailable - Omit PRF when `false`. Default `true`.\n   * @returns Options for `navigator.credentials.create()`.\n   */\n  generateRegistrationOptions(creationOptionsConfig?: {\n    prfAvailable?: boolean;\n  }): PasskeyRegistrationOptions {\n    const includePrf = creationOptionsConfig?.prfAvailable !== false;\n    const prfSalt = includePrf\n      ? bytesToBase64URL(randomBytes(32).slice())\n      : undefined;\n    const userHandle = bytesToBase64URL(randomBytes(64).slice());\n    const challenge = bytesToBase64URL(randomBytes(32).slice());\n\n    const extensions: Record<string, unknown> = {};\n    if (prfSalt) {\n      extensions.prf = { eval: { first: prfSalt } };\n    }\n\n    const options: PasskeyRegistrationOptions = {\n      rp: { name: this.#rpName, id: this.#rpID },\n      user: {\n        id: userHandle,\n        name: this.#userName,\n        displayName: this.#userDisplayName,\n      },\n      challenge,\n      pubKeyCredParams: [\n        { alg: COSEALG.EdDSA, type: 'public-key' },\n        { alg: COSEALG.ES256, type: 'public-key' },\n        { alg: COSEALG.RS256, type: 'public-key' },\n      ],\n      timeout: WEBAUTHN_TIMEOUT_MS,\n      authenticatorSelection: {\n        userVerification: 'preferred',\n        authenticatorAttachment: 'platform',\n        residentKey: 'preferred',\n      },\n      hints: ['client-device', 'hybrid'],\n      attestation: 'none',\n      ...(Object.keys(extensions).length > 0 ? { extensions } : {}),\n    };\n\n    this.#ceremonyManager.saveRegistrationCeremony(challenge, {\n      userHandle,\n      prfSalt: prfSalt ?? '',\n      challenge,\n      createdAt: Date.now(),\n    });\n\n    return options;\n  }\n\n  /**\n   * WebAuthn request options for authenticating with the enrolled passkey.\n   *\n   * Call before {@link retrieveVaultKeyWithPasskey},\n   * {@link verifyPasskeyAuthentication}, or {@link renewVaultKeyProtection}.\n   *\n   * @returns Options for `navigator.credentials.get()`.\n   */\n  generateAuthenticationOptions(): PasskeyAuthenticationOptions {\n    const record = this.#requireEnrolled();\n\n    const challenge = bytesToBase64URL(randomBytes(32).slice());\n\n    const extensions: Record<string, unknown> = {};\n    if (record.keyDerivation.method === 'prf') {\n      extensions.prf = { eval: { first: record.keyDerivation.prfSalt } };\n    }\n\n    const options: PasskeyAuthenticationOptions = {\n      challenge,\n      rpId: this.#rpID,\n      allowCredentials: [\n        {\n          id: record.credential.id,\n          type: 'public-key',\n          transports: record.credential.transports,\n        },\n      ],\n      userVerification: 'preferred',\n      hints: ['client-device', 'hybrid'],\n      timeout: WEBAUTHN_TIMEOUT_MS,\n      extensions,\n    };\n\n    this.#ceremonyManager.saveAuthenticationCeremony(challenge, {\n      challenge,\n      createdAt: Date.now(),\n    });\n\n    return options;\n  }\n\n  /**\n   * Completes enrollment and binds the vault key to the new passkey.\n   *\n   * @param params - Protection parameters.\n   * @param params.registrationResponse - Credential from `navigator.credentials.create()`.\n   * @param params.vaultKey - Vault encryption key to protect.\n   */\n  async protectVaultKeyWithPasskey(params: {\n    registrationResponse: PasskeyRegistrationResponse;\n    vaultKey: string;\n  }): Promise<void> {\n    const { registrationResponse, vaultKey } = params;\n\n    // get challenge\n    const challenge = this.#getChallengeFromClientData(\n      registrationResponse.response.clientDataJSON,\n    );\n    const registrationCeremony =\n      this.#ceremonyManager.getRegistrationCeremony(challenge);\n    if (!registrationCeremony) {\n      log('No active passkey registration ceremony for challenge');\n      throw new PasskeyControllerError(\n        PasskeyControllerErrorMessage.NoRegistrationCeremony,\n        { code: PasskeyControllerErrorCode.NoRegistrationCeremony },\n      );\n    }\n\n    try {\n      // verify registration response\n      const { verified, registrationInfo } = await verifyRegistrationResponse({\n        response: registrationResponse,\n        expectedChallenge: registrationCeremony.challenge,\n        expectedOrigin: this.#expectedOrigin,\n        expectedRPID: this.#rpID,\n        requireUserVerification: false,\n      }).catch((error) => {\n        log('Error verifying passkey registration response', error);\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.RegistrationVerificationFailed,\n          {\n            code: PasskeyControllerErrorCode.RegistrationVerificationFailed,\n            cause: error instanceof Error ? error : new Error(String(error)),\n          },\n        );\n      });\n      if (!verified || !registrationInfo) {\n        log(\n          'Passkey registration verification returned unverified or missing registration info',\n        );\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.RegistrationVerificationFailed,\n          { code: PasskeyControllerErrorCode.RegistrationVerificationFailed },\n        );\n      }\n\n      // derive key\n      const { encKey, keyDerivation } = deriveKeyFromRegistrationResponse(\n        registrationResponse,\n        registrationCeremony,\n        registrationInfo.credentialId,\n      );\n\n      // encrypt vault key\n      const { ciphertext, iv } = encryptWithKey(vaultKey, encKey);\n\n      // persist passkey record\n      this.update((state) => {\n        state.passkeyRecord = {\n          credential: {\n            id: registrationInfo.credentialId,\n            publicKey: bytesToBase64URL(registrationInfo.publicKey),\n            counter: registrationInfo.counter,\n            transports: registrationInfo.transports,\n          },\n          encryptedVaultKey: { ciphertext, iv },\n          keyDerivation,\n        };\n      });\n    } finally {\n      this.#ceremonyManager.deleteRegistrationCeremony(challenge);\n    }\n  }\n\n  /**\n   * Returns the decrypted vault encryption key from the passkey authentication\n   * response.\n   *\n   * @param authenticationResponse - Credential from `navigator.credentials.get()`.\n   * @returns The vault encryption key.\n   */\n  async retrieveVaultKeyWithPasskey(\n    authenticationResponse: PasskeyAuthenticationResponse,\n  ): Promise<string> {\n    // verify authentication response\n    await this.#verifyAuthenticationResponse(authenticationResponse);\n\n    // derive key (#verifyAuthenticationResponse guarantees enrolled)\n    const passkeyRecord = this.#requireEnrolled();\n    const encKey = deriveKeyFromAuthenticationResponse(\n      authenticationResponse,\n      passkeyRecord,\n    );\n\n    // decrypt vault key\n    let vaultKey: string;\n    try {\n      vaultKey = decryptWithKey(\n        passkeyRecord.encryptedVaultKey.ciphertext,\n        passkeyRecord.encryptedVaultKey.iv,\n        encKey,\n      );\n    } catch (cause) {\n      log(\n        'Error decrypting vault key with passkey',\n        cause instanceof Error ? cause : new Error(String(cause)),\n      );\n      throw new PasskeyControllerError(\n        PasskeyControllerErrorMessage.VaultKeyDecryptionFailed,\n        {\n          code: PasskeyControllerErrorCode.VaultKeyDecryptionFailed,\n          cause: cause instanceof Error ? cause : new Error(String(cause)),\n        },\n      );\n    }\n\n    return vaultKey;\n  }\n\n  /**\n   * Returns whether passkey authentication succeeds for this credential (same\n   * work as {@link retrieveVaultKeyWithPasskey} without exposing the vault key).\n   *\n   * Returns `false` only when the failure is a {@link PasskeyControllerError}\n   * with a defined `code`. Unexpected errors (e.g. malformed `clientDataJSON`,\n   * internal bugs) are rethrown.\n   *\n   * @param authenticationResponse - Credential from `navigator.credentials.get()`.\n   * @returns `true` if authentication succeeds, otherwise `false`.\n   */\n  async verifyPasskeyAuthentication(\n    authenticationResponse: PasskeyAuthenticationResponse,\n  ): Promise<boolean> {\n    try {\n      await this.retrieveVaultKeyWithPasskey(authenticationResponse);\n      return true;\n    } catch (error: unknown) {\n      if (error instanceof PasskeyControllerError && error.code !== undefined) {\n        return false;\n      }\n      throw error;\n    }\n  }\n\n  /**\n   * Updates the vault encryption key for the same passkey (e.g. after a password change).\n   *\n   * Caller MUST first verify the assertion via {@link verifyPasskeyAuthentication}\n   * or {@link retrieveVaultKeyWithPasskey}. This method does not re-verify\n   * because the ceremony is single-use (deleted on verify) and the signature\n   * counter is advanced (replay would be rejected). Authentication here is\n   * enforced by the prior verification plus the `oldVaultKey` match below.\n   *\n   * @param params - Renewal parameters.\n   * @param params.authenticationResponse - Credential from `navigator.credentials.get()`,\n   *   already verified by the caller.\n   * @param params.oldVaultKey - Expected current vault key.\n   * @param params.newVaultKey - New vault key to protect.\n   */\n  async renewVaultKeyProtection(params: {\n    authenticationResponse: PasskeyAuthenticationResponse;\n    oldVaultKey: string;\n    newVaultKey: string;\n  }): Promise<void> {\n    const { authenticationResponse } = params;\n    const passkeyRecord = this.#requireEnrolled();\n\n    // derive key\n    const encKey = deriveKeyFromAuthenticationResponse(\n      authenticationResponse,\n      passkeyRecord,\n    );\n\n    // decrypt vault key\n    let decryptedVaultKey: string;\n    try {\n      decryptedVaultKey = decryptWithKey(\n        passkeyRecord.encryptedVaultKey.ciphertext,\n        passkeyRecord.encryptedVaultKey.iv,\n        encKey,\n      );\n    } catch (error) {\n      log(\n        'Error decrypting vault key during passkey vault key renewal',\n        error instanceof Error ? error : new Error(String(error)),\n      );\n      throw new PasskeyControllerError(\n        PasskeyControllerErrorMessage.VaultKeyDecryptionFailed,\n        {\n          code: PasskeyControllerErrorCode.VaultKeyDecryptionFailed,\n          cause: error instanceof Error ? error : new Error(String(error)),\n        },\n      );\n    }\n\n    // check if vault key matches\n    const { oldVaultKey, newVaultKey } = params;\n    if (decryptedVaultKey !== oldVaultKey) {\n      log(\n        'Passkey renewal rejected: decrypted vault key does not match oldVaultKey',\n      );\n      throw new PasskeyControllerError(\n        PasskeyControllerErrorMessage.VaultKeyMismatch,\n        { code: PasskeyControllerErrorCode.VaultKeyMismatch },\n      );\n    }\n\n    // encrypt new vault key\n    const { ciphertext, iv } = encryptWithKey(newVaultKey, encKey);\n\n    // persist passkey record (mutate current state only for vault key material)\n    this.update((state) => {\n      if (!state.passkeyRecord) {\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.NotEnrolled,\n          {\n            code: PasskeyControllerErrorCode.NotEnrolled,\n          },\n        );\n      }\n      state.passkeyRecord.encryptedVaultKey = { ciphertext, iv };\n    });\n  }\n\n  /**\n   * Unenrolls the passkey, removing the protected vault key material.\n   */\n  removePasskey(): void {\n    this.update(() => getDefaultPasskeyControllerState());\n    this.#ceremonyManager.clear();\n  }\n\n  /**\n   * Resets state and clears in-flight registration/authentication ceremonies.\n   */\n  clearState(): void {\n    this.removePasskey();\n  }\n\n  /**\n   * Releases all in-flight ceremony state and tears down the messenger.\n   */\n  destroy(): void {\n    this.#ceremonyManager.clear();\n    super.destroy();\n  }\n\n  /**\n   * Verifies an authentication response for the enrolled passkey.\n   *\n   * @param authenticationResponse - Authentication result JSON.\n   */\n  async #verifyAuthenticationResponse(\n    authenticationResponse: PasskeyAuthenticationResponse,\n  ): Promise<void> {\n    let challenge: string | undefined;\n    try {\n      // get challenge\n      challenge = this.#getChallengeFromClientData(\n        authenticationResponse.response.clientDataJSON,\n      );\n\n      // get passkey record\n      const record = this.#requireEnrolled();\n\n      // get authentication ceremony\n      const authenticationCeremony =\n        this.#ceremonyManager.getAuthenticationCeremony(challenge);\n      if (!authenticationCeremony) {\n        log('No active passkey authentication ceremony for challenge');\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.NoAuthenticationCeremony,\n          { code: PasskeyControllerErrorCode.NoAuthenticationCeremony },\n        );\n      }\n\n      // verify authentication response\n      const result = await verifyAuthenticationResponse({\n        response: authenticationResponse,\n        expectedChallenge: authenticationCeremony.challenge,\n        expectedOrigin: this.#expectedOrigin,\n        expectedRPID: this.#rpID,\n        credential: {\n          id: record.credential.id,\n          publicKey: base64URLToBytes(record.credential.publicKey),\n          counter: record.credential.counter,\n          transports: record.credential.transports,\n        },\n        // UV optional for device compatibility; vault key remains password-gated.\n        requireUserVerification: false,\n      }).catch((error) => {\n        log(\n          'Error verifying passkey authentication response',\n          error instanceof Error ? error : new Error(String(error)),\n        );\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.AuthenticationVerificationFailed,\n          {\n            code: PasskeyControllerErrorCode.AuthenticationVerificationFailed,\n            cause: error instanceof Error ? error : new Error(String(error)),\n          },\n        );\n      });\n      if (!result.verified) {\n        log('Passkey authentication verification returned unverified');\n        throw new PasskeyControllerError(\n          PasskeyControllerErrorMessage.AuthenticationVerificationFailed,\n          {\n            code: PasskeyControllerErrorCode.AuthenticationVerificationFailed,\n          },\n        );\n      }\n\n      // persist passkey record with updated counter without clobbering concurrent updates\n      this.update((state) => {\n        if (!state.passkeyRecord) {\n          throw new PasskeyControllerError(\n            PasskeyControllerErrorMessage.NotEnrolled,\n            { code: PasskeyControllerErrorCode.NotEnrolled },\n          );\n        }\n        const latest = state.passkeyRecord;\n        latest.credential.counter = Math.max(\n          result.authenticationInfo.newCounter,\n          latest.credential.counter,\n        );\n      });\n    } finally {\n      if (challenge) {\n        this.#ceremonyManager.deleteAuthenticationCeremony(challenge);\n      }\n    }\n  }\n}\n"]}

package/dist/ceremony-manager.cjs

@@ -0,0 +1,134 @@
+"use strict";
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _CeremonyManager_instances, _CeremonyManager_registrationMap, _CeremonyManager_authenticationMap, _CeremonyManager_getMap, _CeremonyManager_pruneExpired, _CeremonyManager_enforceCapacity;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CeremonyManager = exports.MAX_CONCURRENT_PASSKEY_CEREMONIES = exports.CEREMONY_MAX_AGE_MS = exports.CEREMONY_TTL_SLACK_MS = exports.WEBAUTHN_TIMEOUT_MS = void 0;
+/** WebAuthn `timeout` for credential creation and assertion (ms). */
+exports.WEBAUTHN_TIMEOUT_MS = 60000;
+/**
+ * Extra allowance beyond {@link WEBAUTHN_TIMEOUT_MS} before in-memory
+ * ceremony state is discarded (covers slow UX and clock skew).
+ */
+exports.CEREMONY_TTL_SLACK_MS = 15000;
+/**
+ * Maximum age for in-flight registration or authentication ceremony state
+ * (between options and verified response). This bounds the lifetime of a
+ * single WebAuthn ceremony only; it is not a user login session timeout.
+ */
+exports.CEREMONY_MAX_AGE_MS = exports.WEBAUTHN_TIMEOUT_MS + exports.CEREMONY_TTL_SLACK_MS;
+/**
+ * Upper bound on concurrent in-memory ceremonies per flow type (registration
+ * vs authentication), for abuse / leak protection.
+ */
+exports.MAX_CONCURRENT_PASSKEY_CEREMONIES = 16;
+/**
+ * In-memory store for in-flight WebAuthn ceremonies (registration vs authentication),
+ * keyed by base64url challenge. Enforces TTL and a per-flow size cap; not user session state.
+ */
+class CeremonyManager {
+    constructor() {
+        _CeremonyManager_instances.add(this);
+        _CeremonyManager_registrationMap.set(this, new Map());
+        _CeremonyManager_authenticationMap.set(this, new Map());
+    }
+    /**
+     * Records registration ceremony state after pruning expired rows and evicting oldest if at cap.
+     *
+     * @param challenge - Same base64url challenge as in the creation options `challenge` field.
+     * @param ceremony - Payload to retrieve when the registration response returns.
+     */
+    saveRegistrationCeremony(challenge, ceremony) {
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_pruneExpired).call(this, 'registration');
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_enforceCapacity).call(this, 'registration');
+        __classPrivateFieldGet(this, _CeremonyManager_registrationMap, "f").set(challenge, ceremony);
+    }
+    /**
+     * Records authentication ceremony state after pruning expired rows and evicting oldest if at cap.
+     *
+     * @param challenge - Same base64url challenge as in the request options `challenge` field.
+     * @param ceremony - Payload to retrieve when the assertion response returns.
+     */
+    saveAuthenticationCeremony(challenge, ceremony) {
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_pruneExpired).call(this, 'authentication');
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_enforceCapacity).call(this, 'authentication');
+        __classPrivateFieldGet(this, _CeremonyManager_authenticationMap, "f").set(challenge, ceremony);
+    }
+    /**
+     * Returns registration ceremony for a challenge, pruning expired entries on this map first.
+     *
+     * @param challenge - Base64url challenge from decoded `clientDataJSON` (matches stored key).
+     * @returns Stored ceremony, or `undefined` if none or expired.
+     */
+    getRegistrationCeremony(challenge) {
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_pruneExpired).call(this, 'registration');
+        return __classPrivateFieldGet(this, _CeremonyManager_registrationMap, "f").get(challenge);
+    }
+    /**
+     * Returns authentication ceremony for a challenge, pruning expired entries on this map first.
+     *
+     * @param challenge - Base64url challenge from decoded `clientDataJSON` (matches stored key).
+     * @returns Stored ceremony, or `undefined` if none or expired.
+     */
+    getAuthenticationCeremony(challenge) {
+        __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_pruneExpired).call(this, 'authentication');
+        return __classPrivateFieldGet(this, _CeremonyManager_authenticationMap, "f").get(challenge);
+    }
+    /**
+     * Removes a registration ceremony by challenge.
+     *
+     * @param challenge - Map key for the ceremony to remove.
+     * @returns Whether an entry was deleted.
+     */
+    deleteRegistrationCeremony(challenge) {
+        return __classPrivateFieldGet(this, _CeremonyManager_registrationMap, "f").delete(challenge);
+    }
+    /**
+     * Removes an authentication ceremony by challenge.
+     *
+     * @param challenge - Map key for the ceremony to remove.
+     * @returns Whether an entry was deleted.
+     */
+    deleteAuthenticationCeremony(challenge) {
+        return __classPrivateFieldGet(this, _CeremonyManager_authenticationMap, "f").delete(challenge);
+    }
+    /** Drops all in-flight registration and authentication ceremonies. */
+    clear() {
+        __classPrivateFieldGet(this, _CeremonyManager_registrationMap, "f").clear();
+        __classPrivateFieldGet(this, _CeremonyManager_authenticationMap, "f").clear();
+    }
+}
+exports.CeremonyManager = CeremonyManager;
+_CeremonyManager_registrationMap = new WeakMap(), _CeremonyManager_authenticationMap = new WeakMap(), _CeremonyManager_instances = new WeakSet(), _CeremonyManager_getMap = function _CeremonyManager_getMap(ceremonyType) {
+    return ceremonyType === 'registration'
+        ? __classPrivateFieldGet(this, _CeremonyManager_registrationMap, "f")
+        : __classPrivateFieldGet(this, _CeremonyManager_authenticationMap, "f");
+}, _CeremonyManager_pruneExpired = function _CeremonyManager_pruneExpired(ceremonyType) {
+    const now = Date.now();
+    const map = __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_getMap).call(this, ceremonyType);
+    for (const [key, ceremony] of map) {
+        if (now - ceremony.createdAt > exports.CEREMONY_MAX_AGE_MS) {
+            map.delete(key);
+        }
+    }
+}, _CeremonyManager_enforceCapacity = function _CeremonyManager_enforceCapacity(ceremonyType) {
+    const map = __classPrivateFieldGet(this, _CeremonyManager_instances, "m", _CeremonyManager_getMap).call(this, ceremonyType);
+    while (map.size >= exports.MAX_CONCURRENT_PASSKEY_CEREMONIES) {
+        let oldestKey;
+        let oldestTime = Infinity;
+        for (const [mapKey, ceremony] of map) {
+            if (ceremony.createdAt < oldestTime) {
+                oldestTime = ceremony.createdAt;
+                oldestKey = mapKey;
+            }
+        }
+        if (oldestKey === undefined) {
+            break;
+        }
+        map.delete(oldestKey);
+    }
+};
+//# sourceMappingURL=ceremony-manager.cjs.map