@metamask-previews/passkey-controller 0.0.0-preview-4c0846313

package/dist/webauthn/verify-authentication-response.mjs

@@ -0,0 +1,130 @@
+import { decodePartialCBOR } from "@levischuck/tiny-cbor";
+import { concatBytes } from "@metamask/utils";
+import { sha256 } from "@noble/hashes/sha2";
+import { base64URLToBytes } from "../utils/encoding.mjs";
+import { decodeClientDataJSON } from "./decode-client-data-json.mjs";
+import { matchExpectedRPID } from "./match-expected-rp-id.mjs";
+import { parseAuthenticatorData } from "./parse-authenticator-data.mjs";
+import { verifySignature } from "./verify-signature.mjs";
+/**
+ * Verifies a WebAuthn authentication (assertion) response per
+ * W3C WebAuthn Level 3 §7.2.
+ *
+ * Performs the following checks in order:
+ * 1. Credential ID presence, base64url consistency, and type.
+ * 2. `clientDataJSON` -- type is `"webauthn.get"`, challenge and origin
+ *    match.
+ * 3. `authenticatorData` -- RP ID hash matches, user-presence flag is
+ *    set, and optional user-verification flag is checked.
+ * 4. Signature verification -- `signature` is verified over
+ *    `authData || SHA-256(clientDataJSON)` using the stored credential
+ *    public key (COSE-encoded).
+ * 5. Counter monotonicity -- if either the stored or returned counter
+ *    is non-zero, the new counter must exceed the stored value.
+ *
+ * @param opts - Verification options.
+ * @param opts.response - The `PublicKeyCredential` result from
+ *   `navigator.credentials.get()`, serialized as JSON.
+ * @param opts.expectedChallenge - The base64url challenge that was issued
+ *   for this ceremony.
+ * @param opts.expectedOrigin - One or more acceptable origins.
+ * @param opts.expectedRPID - The Relying Party ID domain.
+ * @param opts.credential - The stored credential record to verify against.
+ * @param opts.credential.id - The credential ID (base64url).
+ * @param opts.credential.publicKey - The COSE-encoded public key bytes
+ *   persisted during registration.
+ * @param opts.credential.counter - The last known signature counter value.
+ * @param opts.credential.transports - Optional authenticator transports.
+ * @param opts.requireUserVerification - When `true`, verification fails
+ *   if the UV flag is not set. Defaults to `false`.
+ * @returns Verification result containing `verified` status and parsed
+ *   authentication info (new counter, origin, RP ID).
+ */
+export async function verifyAuthenticationResponse(opts) {
+    const { response, expectedChallenge, expectedOrigin, expectedRPID, credential, requireUserVerification = false, } = opts;
+    const { id, rawId, type: credentialType, response: assertionResponse, } = response;
+    // Ensure credential specified an ID
+    if (!id) {
+        throw new Error('Missing credential ID');
+    }
+    // Ensure ID is base64url-encoded
+    if (id !== rawId) {
+        throw new Error('Credential ID was not base64url-encoded');
+    }
+    // Make sure credential type is public-key
+    if (credentialType !== 'public-key') {
+        throw new Error(`Unexpected credential type ${String(credentialType)}, expected "public-key"`);
+    }
+    if (typeof assertionResponse?.clientDataJSON !== 'string') {
+        throw new Error('Credential response clientDataJSON was not a string');
+    }
+    const clientDataJSON = decodeClientDataJSON(assertionResponse.clientDataJSON);
+    const { type, challenge, origin, tokenBinding } = clientDataJSON;
+    // Make sure we're handling an authentication
+    if (type !== 'webauthn.get') {
+        throw new Error(`Unexpected authentication response type: ${type}`);
+    }
+    // Ensure the device provided the challenge we gave it
+    if (challenge !== expectedChallenge) {
+        throw new Error(`Unexpected authentication response challenge "${challenge}", expected "${expectedChallenge}"`);
+    }
+    // Check that the origin is our site
+    const expectedOrigins = Array.isArray(expectedOrigin)
+        ? expectedOrigin
+        : [expectedOrigin];
+    if (!expectedOrigins.includes(origin)) {
+        throw new Error(`Unexpected authentication response origin "${origin}", expected one of: ${expectedOrigins.join(', ')}`);
+    }
+    if (assertionResponse.userHandle &&
+        typeof assertionResponse.userHandle !== 'string') {
+        throw new Error('Credential response userHandle was not a string');
+    }
+    if (tokenBinding) {
+        if (typeof tokenBinding !== 'object') {
+            throw new Error('ClientDataJSON tokenBinding was not an object');
+        }
+        if (!['present', 'supported', 'not-supported'].includes(tokenBinding.status)) {
+            throw new Error(`Unexpected tokenBinding status ${tokenBinding.status}`);
+        }
+    }
+    const authDataBuffer = base64URLToBytes(assertionResponse.authenticatorData);
+    const parsedAuthData = parseAuthenticatorData(authDataBuffer);
+    const { rpIdHash, flags, counter } = parsedAuthData;
+    // Make sure the response's RP ID is ours
+    const matchedRPID = matchExpectedRPID(rpIdHash, [expectedRPID]);
+    // WebAuthn only requires the user presence flag be true
+    if (!flags.up) {
+        throw new Error('User not present during authentication');
+    }
+    // Enforce user verification if required
+    if (requireUserVerification && !flags.uv) {
+        throw new Error('User verification required, but user could not be verified');
+    }
+    const clientDataHash = sha256(base64URLToBytes(assertionResponse.clientDataJSON));
+    const signatureBase = concatBytes([authDataBuffer, clientDataHash]);
+    const signature = base64URLToBytes(assertionResponse.signature);
+    const cosePublicKey = decodePartialCBOR(new Uint8Array(credential.publicKey), 0)[0];
+    const verified = await verifySignature({
+        cosePublicKey,
+        signature,
+        data: signatureBase,
+    });
+    if (!verified) {
+        return { verified: false };
+    }
+    if ((counter > 0 || credential.counter > 0) &&
+        counter <= credential.counter) {
+        throw new Error(`Response counter value ${counter} was lower than expected ${credential.counter}`);
+    }
+    return {
+        verified: true,
+        authenticationInfo: {
+            credentialId: credential.id,
+            newCounter: counter,
+            userVerified: flags.uv,
+            origin: clientDataJSON.origin,
+            rpID: matchedRPID,
+        },
+    };
+}
+//# sourceMappingURL=verify-authentication-response.mjs.map

package/dist/webauthn/verify-authentication-response.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-authentication-response.mjs","sourceRoot":"","sources":["../../src/webauthn/verify-authentication-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,8BAA8B;AAC1D,OAAO,EAAE,WAAW,EAAE,wBAAwB;AAC9C,OAAO,EAAE,MAAM,EAAE,2BAA2B;AAG5C,OAAO,EAAE,gBAAgB,EAAE,8BAA0B;AACrD,OAAO,EAAE,oBAAoB,EAAE,sCAAkC;AACjE,OAAO,EAAE,iBAAiB,EAAE,mCAA+B;AAC3D,OAAO,EAAE,sBAAsB,EAAE,uCAAmC;AAGpE,OAAO,EAAE,eAAe,EAAE,+BAA2B;AAerD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAAC,IAYlD;IACC,MAAM,EACJ,QAAQ,EACR,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,UAAU,EACV,uBAAuB,GAAG,KAAK,GAChC,GAAG,IAAI,CAAC;IAET,MAAM,EACJ,EAAE,EACF,KAAK,EACL,IAAI,EAAE,cAAc,EACpB,QAAQ,EAAE,iBAAiB,GAC5B,GAAG,QAAQ,CAAC;IAEb,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,8BAA8B,MAAM,CAAC,cAAc,CAAC,yBAAyB,CAC9E,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,iBAAiB,EAAE,cAAc,KAAK,QAAQ,EAAE,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,cAAc,GAAG,oBAAoB,CAAC,iBAAiB,CAAC,cAAc,CAAC,CAAC;IAC9E,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,6CAA6C;IAC7C,IAAI,IAAI,KAAK,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,sDAAsD;IACtD,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,iDAAiD,SAAS,gBAAgB,iBAAiB,GAAG,CAC/F,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,MAAM,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;QACnD,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IACrB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,uBAAuB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxG,CAAC;IACJ,CAAC;IAED,IACE,iBAAiB,CAAC,UAAU;QAC5B,OAAO,iBAAiB,CAAC,UAAU,KAAK,QAAQ,EAChD,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QAED,IACE,CAAC,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,EACxE,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;IAC7E,MAAM,cAAc,GAClB,sBAAsB,CAAC,cAAc,CAAC,CAAC;IACzC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC;IAEpD,yCAAyC;IACzC,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;IAEhE,wDAAwD;IACxD,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,wCAAwC;IACxC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,CAC3B,gBAAgB,CAAC,iBAAiB,CAAC,cAAc,CAAC,CACnD,CAAC;IACF,MAAM,aAAa,GAAG,WAAW,CAAC,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;IAEpE,MAAM,SAAS,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAEhE,MAAM,aAAa,GAAG,iBAAiB,CACrC,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EACpC,CAAC,CACF,CAAC,CAAC,CAAqC,CAAC;IAEzC,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC;QACrC,aAAa;QACb,SAAS;QACT,IAAI,EAAE,aAAa;KACpB,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC7B,CAAC;IAED,IACE,CAAC,OAAO,GAAG,CAAC,IAAI,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC;QACvC,OAAO,IAAI,UAAU,CAAC,OAAO,EAC7B,CAAC;QACD,MAAM,IAAI,KAAK,CACb,0BAA0B,OAAO,4BAA4B,UAAU,CAAC,OAAO,EAAE,CAClF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE;YAClB,YAAY,EAAE,UAAU,CAAC,EAAE;YAC3B,UAAU,EAAE,OAAO;YACnB,YAAY,EAAE,KAAK,CAAC,EAAE;YACtB,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,IAAI,EAAE,WAAW;SAClB;KACF,CAAC;AACJ,CAAC","sourcesContent":["import { decodePartialCBOR } from '@levischuck/tiny-cbor';\nimport { concatBytes } from '@metamask/utils';\nimport { sha256 } from '@noble/hashes/sha2';\n\nimport type { AuthenticatorTransportFuture } from '../types';\nimport { base64URLToBytes } from '../utils/encoding';\nimport { decodeClientDataJSON } from './decode-client-data-json';\nimport { matchExpectedRPID } from './match-expected-rp-id';\nimport { parseAuthenticatorData } from './parse-authenticator-data';\nimport type { ParsedAuthenticatorData } from './types';\nimport type { PasskeyAuthenticationResponse } from './types';\nimport { verifySignature } from './verify-signature';\n\nexport type VerifiedAuthenticationResponse =\n  | { verified: false; authenticationInfo?: never }\n  | {\n      verified: true;\n      authenticationInfo: {\n        credentialId: string;\n        newCounter: number;\n        userVerified: boolean;\n        origin: string;\n        rpID: string;\n      };\n    };\n\n/**\n * Verifies a WebAuthn authentication (assertion) response per\n * W3C WebAuthn Level 3 §7.2.\n *\n * Performs the following checks in order:\n * 1. Credential ID presence, base64url consistency, and type.\n * 2. `clientDataJSON` -- type is `\"webauthn.get\"`, challenge and origin\n *    match.\n * 3. `authenticatorData` -- RP ID hash matches, user-presence flag is\n *    set, and optional user-verification flag is checked.\n * 4. Signature verification -- `signature` is verified over\n *    `authData || SHA-256(clientDataJSON)` using the stored credential\n *    public key (COSE-encoded).\n * 5. Counter monotonicity -- if either the stored or returned counter\n *    is non-zero, the new counter must exceed the stored value.\n *\n * @param opts - Verification options.\n * @param opts.response - The `PublicKeyCredential` result from\n *   `navigator.credentials.get()`, serialized as JSON.\n * @param opts.expectedChallenge - The base64url challenge that was issued\n *   for this ceremony.\n * @param opts.expectedOrigin - One or more acceptable origins.\n * @param opts.expectedRPID - The Relying Party ID domain.\n * @param opts.credential - The stored credential record to verify against.\n * @param opts.credential.id - The credential ID (base64url).\n * @param opts.credential.publicKey - The COSE-encoded public key bytes\n *   persisted during registration.\n * @param opts.credential.counter - The last known signature counter value.\n * @param opts.credential.transports - Optional authenticator transports.\n * @param opts.requireUserVerification - When `true`, verification fails\n *   if the UV flag is not set. Defaults to `false`.\n * @returns Verification result containing `verified` status and parsed\n *   authentication info (new counter, origin, RP ID).\n */\nexport async function verifyAuthenticationResponse(opts: {\n  response: PasskeyAuthenticationResponse;\n  expectedChallenge: string;\n  expectedOrigin: string | string[];\n  expectedRPID: string;\n  credential: {\n    id: string;\n    publicKey: Uint8Array;\n    counter: number;\n    transports?: AuthenticatorTransportFuture[];\n  };\n  requireUserVerification?: boolean;\n}): Promise<VerifiedAuthenticationResponse> {\n  const {\n    response,\n    expectedChallenge,\n    expectedOrigin,\n    expectedRPID,\n    credential,\n    requireUserVerification = false,\n  } = opts;\n\n  const {\n    id,\n    rawId,\n    type: credentialType,\n    response: assertionResponse,\n  } = response;\n\n  // Ensure credential specified an ID\n  if (!id) {\n    throw new Error('Missing credential ID');\n  }\n\n  // Ensure ID is base64url-encoded\n  if (id !== rawId) {\n    throw new Error('Credential ID was not base64url-encoded');\n  }\n\n  // Make sure credential type is public-key\n  if (credentialType !== 'public-key') {\n    throw new Error(\n      `Unexpected credential type ${String(credentialType)}, expected \"public-key\"`,\n    );\n  }\n\n  if (typeof assertionResponse?.clientDataJSON !== 'string') {\n    throw new Error('Credential response clientDataJSON was not a string');\n  }\n\n  const clientDataJSON = decodeClientDataJSON(assertionResponse.clientDataJSON);\n  const { type, challenge, origin, tokenBinding } = clientDataJSON;\n\n  // Make sure we're handling an authentication\n  if (type !== 'webauthn.get') {\n    throw new Error(`Unexpected authentication response type: ${type}`);\n  }\n\n  // Ensure the device provided the challenge we gave it\n  if (challenge !== expectedChallenge) {\n    throw new Error(\n      `Unexpected authentication response challenge \"${challenge}\", expected \"${expectedChallenge}\"`,\n    );\n  }\n\n  // Check that the origin is our site\n  const expectedOrigins = Array.isArray(expectedOrigin)\n    ? expectedOrigin\n    : [expectedOrigin];\n  if (!expectedOrigins.includes(origin)) {\n    throw new Error(\n      `Unexpected authentication response origin \"${origin}\", expected one of: ${expectedOrigins.join(', ')}`,\n    );\n  }\n\n  if (\n    assertionResponse.userHandle &&\n    typeof assertionResponse.userHandle !== 'string'\n  ) {\n    throw new Error('Credential response userHandle was not a string');\n  }\n\n  if (tokenBinding) {\n    if (typeof tokenBinding !== 'object') {\n      throw new Error('ClientDataJSON tokenBinding was not an object');\n    }\n\n    if (\n      !['present', 'supported', 'not-supported'].includes(tokenBinding.status)\n    ) {\n      throw new Error(`Unexpected tokenBinding status ${tokenBinding.status}`);\n    }\n  }\n\n  const authDataBuffer = base64URLToBytes(assertionResponse.authenticatorData);\n  const parsedAuthData: ParsedAuthenticatorData =\n    parseAuthenticatorData(authDataBuffer);\n  const { rpIdHash, flags, counter } = parsedAuthData;\n\n  // Make sure the response's RP ID is ours\n  const matchedRPID = matchExpectedRPID(rpIdHash, [expectedRPID]);\n\n  // WebAuthn only requires the user presence flag be true\n  if (!flags.up) {\n    throw new Error('User not present during authentication');\n  }\n\n  // Enforce user verification if required\n  if (requireUserVerification && !flags.uv) {\n    throw new Error(\n      'User verification required, but user could not be verified',\n    );\n  }\n\n  const clientDataHash = sha256(\n    base64URLToBytes(assertionResponse.clientDataJSON),\n  );\n  const signatureBase = concatBytes([authDataBuffer, clientDataHash]);\n\n  const signature = base64URLToBytes(assertionResponse.signature);\n\n  const cosePublicKey = decodePartialCBOR(\n    new Uint8Array(credential.publicKey),\n    0,\n  )[0] as Map<number, number | Uint8Array>;\n\n  const verified = await verifySignature({\n    cosePublicKey,\n    signature,\n    data: signatureBase,\n  });\n\n  if (!verified) {\n    return { verified: false };\n  }\n\n  if (\n    (counter > 0 || credential.counter > 0) &&\n    counter <= credential.counter\n  ) {\n    throw new Error(\n      `Response counter value ${counter} was lower than expected ${credential.counter}`,\n    );\n  }\n\n  return {\n    verified: true,\n    authenticationInfo: {\n      credentialId: credential.id,\n      newCounter: counter,\n      userVerified: flags.uv,\n      origin: clientDataJSON.origin,\n      rpID: matchedRPID,\n    },\n  };\n}\n"]}

package/dist/webauthn/verify-registration-response.cjs

@@ -0,0 +1,205 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyRegistrationResponse = void 0;
+const tiny_cbor_1 = require("@levischuck/tiny-cbor");
+const utils_1 = require("@metamask/utils");
+const sha2_1 = require("@noble/hashes/sha2");
+const encoding_1 = require("../utils/encoding.cjs");
+const constants_1 = require("./constants.cjs");
+const decode_attestation_object_1 = require("./decode-attestation-object.cjs");
+const decode_client_data_json_1 = require("./decode-client-data-json.cjs");
+const match_expected_rp_id_1 = require("./match-expected-rp-id.cjs");
+const parse_authenticator_data_1 = require("./parse-authenticator-data.cjs");
+const verify_signature_1 = require("./verify-signature.cjs");
+/**
+ * Verifies a WebAuthn registration (attestation) response per
+ * W3C WebAuthn Level 3 §7.1.
+ *
+ * Performs the following checks in order:
+ * 1. Credential ID presence and base64url consistency (`id === rawId`), and
+ *    that `id` matches the credential id inside parsed authenticator data.
+ * 2. Credential type is `"public-key"`.
+ * 3. `clientDataJSON` -- type is `"webauthn.create"`, challenge and origin
+ *    match the expected values.
+ * 4. Attestation object -- CBOR-decodes and parses `authData` to verify
+ *    the RP ID hash, user-presence flag, optional user-verification flag,
+ *    and the attested credential public key algorithm.
+ * 5. Attestation statement -- supports `"none"` (no signature) and
+ *    `"packed"` self-attestation (signature verified against the
+ *    credential's own public key).
+ *
+ * @param opts - Verification options.
+ * @param opts.response - The `PublicKeyCredential` result from
+ *   `navigator.credentials.create()`, serialized as JSON.
+ * @param opts.expectedChallenge - The base64url challenge that was passed
+ *   to the authenticator (must match `clientDataJSON.challenge`).
+ * @param opts.expectedOrigin - One or more acceptable origins (e.g.
+ *   `"chrome-extension://..."` or `"https://metamask.io"`).
+ * @param opts.expectedRPID - The Relying Party ID domain. The
+ *   authenticator's `rpIdHash` is compared against `SHA-256(expectedRPID)`.
+ * @param opts.requireUserVerification - When `true`, verification fails
+ *   if the UV flag is not set. Defaults to `false`.
+ * @param opts.supportedAlgorithmIDs - COSE algorithm identifiers accepted
+ *   for the credential public key. Defaults to EdDSA, ES256, and RS256.
+ * @returns On success, `{ verified: true, registrationInfo }` with the
+ *   parsed credential ID, public key, counter, AAGUID, and transport
+ *   hints. On failure, `{ verified: false }`.
+ */
+async function verifyRegistrationResponse(opts) {
+    const { response, expectedChallenge, expectedOrigin, expectedRPID, requireUserVerification = false, supportedAlgorithmIDs = [constants_1.COSEALG.EdDSA, constants_1.COSEALG.ES256, constants_1.COSEALG.RS256], } = opts;
+    const { id, rawId, type: credentialType, response: attestationResponse, } = response;
+    // Ensure credential specified an ID
+    if (!id) {
+        throw new Error('Missing credential ID');
+    }
+    // Ensure ID is base64url-encoded
+    if (id !== rawId) {
+        throw new Error('Credential ID was not base64url-encoded');
+    }
+    // Make sure credential type is public-key
+    if (credentialType !== 'public-key') {
+        throw new Error(`Unexpected credential type ${String(credentialType)}, expected "public-key"`);
+    }
+    const clientDataJSON = (0, decode_client_data_json_1.decodeClientDataJSON)(attestationResponse.clientDataJSON);
+    const { type, challenge, origin, tokenBinding } = clientDataJSON;
+    // Make sure we're handling an registration
+    if (type !== 'webauthn.create') {
+        throw new Error(`Unexpected registration response type: ${type}`);
+    }
+    // Ensure the device provided the challenge we gave it
+    if (challenge !== expectedChallenge) {
+        throw new Error(`Unexpected registration response challenge "${challenge}", expected "${expectedChallenge}"`);
+    }
+    // Check that the origin is our site
+    const expectedOrigins = Array.isArray(expectedOrigin)
+        ? expectedOrigin
+        : [expectedOrigin];
+    if (!expectedOrigins.includes(origin)) {
+        throw new Error(`Unexpected registration response origin "${origin}", expected one of: ${expectedOrigins.join(', ')}`);
+    }
+    if (tokenBinding) {
+        if (typeof tokenBinding !== 'object') {
+            throw new Error('ClientDataJSON tokenBinding was not an object');
+        }
+        if (!['present', 'supported', 'not-supported'].includes(tokenBinding.status)) {
+            throw new Error(`Unexpected tokenBinding.status value of "${tokenBinding.status}"`);
+        }
+    }
+    const attestationObjectBytes = (0, encoding_1.base64URLToBytes)(attestationResponse.attestationObject);
+    const decodedAttObj = (0, decode_attestation_object_1.decodeAttestationObject)(attestationObjectBytes);
+    const fmt = decodedAttObj.get('fmt');
+    const authData = decodedAttObj.get('authData');
+    const attStmt = decodedAttObj.get('attStmt');
+    const parsedAuthData = (0, parse_authenticator_data_1.parseAuthenticatorData)(authData);
+    const { rpIdHash, flags, counter, credentialID, credentialPublicKey, aaguid, } = parsedAuthData;
+    (0, match_expected_rp_id_1.matchExpectedRPID)(rpIdHash, [expectedRPID]);
+    // Make sure someone was physically present
+    if (!flags.up) {
+        throw new Error('User presence was required, but user was not present');
+    }
+    // Enforce user verification if specified
+    if (requireUserVerification && !flags.uv) {
+        throw new Error('User verification was required, but user could not be verified');
+    }
+    if (!credentialID) {
+        throw new Error('No credential ID was provided by authenticator');
+    }
+    const attestedCredentialId = (0, encoding_1.bytesToBase64URL)(credentialID);
+    if (id !== attestedCredentialId) {
+        throw new Error('Credential id does not match the credential id in authenticator data');
+    }
+    if (!credentialPublicKey) {
+        throw new Error('No public key was provided by authenticator');
+    }
+    if (!aaguid) {
+        throw new Error('No AAGUID was present during registration');
+    }
+    const decodedPublicKey = (0, tiny_cbor_1.decodePartialCBOR)(new Uint8Array(credentialPublicKey), 0)[0];
+    const alg = decodedPublicKey.get(constants_1.COSEKEYS.Alg);
+    if (typeof alg !== 'number') {
+        throw new Error('Credential public key was missing numeric alg');
+    }
+    // Make sure the key algorithm is one we specified within the registration options
+    if (!supportedAlgorithmIDs.includes(alg)) {
+        throw new Error(`Unexpected public key alg "${alg}", expected one of "${supportedAlgorithmIDs.join(', ')}"`);
+    }
+    let verified = false;
+    if (fmt === 'none') {
+        if (attStmt.size > 0) {
+            throw new Error('None attestation had unexpected attestation statement');
+        }
+        verified = true;
+    }
+    else if (fmt === 'packed') {
+        verified = await verifyPackedAttestation(attStmt, authData, attestationResponse.clientDataJSON, decodedPublicKey);
+    }
+    else {
+        throw new Error(`Unsupported attestation format: ${fmt}`);
+    }
+    if (!verified) {
+        return { verified: false };
+    }
+    const aaguidHex = (0, encoding_1.bytesToHex)(aaguid);
+    const aaguidStr = [
+        aaguidHex.slice(0, 8),
+        aaguidHex.slice(8, 12),
+        aaguidHex.slice(12, 16),
+        aaguidHex.slice(16, 20),
+        aaguidHex.slice(20),
+    ].join('-');
+    return {
+        verified: true,
+        registrationInfo: {
+            credentialId: attestedCredentialId,
+            publicKey: credentialPublicKey,
+            counter,
+            transports: attestationResponse.transports,
+            aaguid: aaguidStr,
+            attestationFormat: fmt,
+            userVerified: flags.uv,
+        },
+    };
+}
+exports.verifyRegistrationResponse = verifyRegistrationResponse;
+/**
+ * Verify packed self-attestation per WebAuthn §8.2: no x5c certificate
+ * chain, signature over `authData || SHA-256(clientDataJSON)` verified
+ * with the credential's own public key, and `alg` in the attestation
+ * statement must match the credential key's algorithm.
+ *
+ * @param attStmt - The attestation statement map from the attestation
+ *   object.
+ * @param attStmt.get - Accessor to retrieve statement fields by key.
+ * @param attStmt.size - Number of entries in the statement.
+ * @param authData - Raw authenticator data bytes.
+ * @param clientDataJSONB64url - Base64url-encoded clientDataJSON.
+ * @param cosePublicKey - Decoded COSE public key map from authenticator
+ *   data.
+ * @returns Whether the packed attestation signature is valid.
+ */
+async function verifyPackedAttestation(attStmt, authData, clientDataJSONB64url, cosePublicKey) {
+    const attStmtAlg = attStmt.get('alg');
+    const signature = attStmt.get('sig');
+    const x5c = attStmt.get('x5c');
+    if (typeof attStmtAlg !== 'number') {
+        throw new Error('Packed attestation statement missing alg');
+    }
+    if (!signature) {
+        throw new Error('Packed attestation missing signature');
+    }
+    if (x5c && x5c.length > 0) {
+        throw new Error('Packed attestation with certificate chain (x5c) is not supported; only self-attestation is accepted');
+    }
+    const credAlg = cosePublicKey.get(constants_1.COSEKEYS.Alg);
+    if (attStmtAlg !== credAlg) {
+        throw new Error(`Packed attestation alg ${attStmtAlg} does not match credential alg ${credAlg}`);
+    }
+    const clientDataHash = (0, sha2_1.sha256)((0, encoding_1.base64URLToBytes)(clientDataJSONB64url));
+    const signatureBase = (0, utils_1.concatBytes)([authData, clientDataHash]);
+    return (0, verify_signature_1.verifySignature)({
+        cosePublicKey,
+        signature,
+        data: signatureBase,
+    });
+}
+//# sourceMappingURL=verify-registration-response.cjs.map

package/dist/webauthn/verify-registration-response.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-registration-response.cjs","sourceRoot":"","sources":["../../src/webauthn/verify-registration-response.ts"],"names":[],"mappings":";;;AAAA,qDAA0D;AAC1D,2CAA8C;AAC9C,6CAA4C;AAG5C,oDAI2B;AAC3B,+CAAgD;AAChD,+EAAsE;AACtE,2EAAiE;AACjE,qEAA2D;AAC3D,6EAAoE;AAEpE,6DAAqD;AAiBrD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACI,KAAK,UAAU,0BAA0B,CAAC,IAOhD;IACC,MAAM,EACJ,QAAQ,EACR,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,uBAAuB,GAAG,KAAK,EAC/B,qBAAqB,GAAG,CAAC,mBAAO,CAAC,KAAK,EAAE,mBAAO,CAAC,KAAK,EAAE,mBAAO,CAAC,KAAK,CAAC,GACtE,GAAG,IAAI,CAAC;IAET,MAAM,EACJ,EAAE,EACF,KAAK,EACL,IAAI,EAAE,cAAc,EACpB,QAAQ,EAAE,mBAAmB,GAC9B,GAAG,QAAQ,CAAC;IAEb,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAC7D,CAAC;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,8BAA8B,MAAM,CAAC,cAAc,CAAC,yBAAyB,CAC9E,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,IAAA,8CAAoB,EACzC,mBAAmB,CAAC,cAAc,CACnC,CAAC;IACF,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,2CAA2C;IAC3C,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,0CAA0C,IAAI,EAAE,CAAC,CAAC;IACpE,CAAC;IAED,sDAAsD;IACtD,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,+CAA+C,SAAS,gBAAgB,iBAAiB,GAAG,CAC7F,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,MAAM,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;QACnD,CAAC,CAAC,cAAc;QAChB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IACrB,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACb,4CAA4C,MAAM,uBAAuB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtG,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QAED,IACE,CAAC,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,EACxE,CAAC;YACD,MAAM,IAAI,KAAK,CACb,4CAA4C,YAAY,CAAC,MAAM,GAAG,CACnE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,sBAAsB,GAAG,IAAA,2BAAgB,EAC7C,mBAAmB,CAAC,iBAAiB,CACtC,CAAC;IACF,MAAM,aAAa,GAAG,IAAA,mDAAuB,EAAC,sBAAsB,CAAC,CAAC;IACtE,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAE7C,MAAM,cAAc,GAAG,IAAA,iDAAsB,EAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,EACJ,QAAQ,EACR,KAAK,EACL,OAAO,EACP,YAAY,EACZ,mBAAmB,EACnB,MAAM,GACP,GAAG,cAAc,CAAC;IAEnB,IAAA,wCAAiB,EAAC,QAAQ,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;IAE5C,2CAA2C;IAC3C,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IAED,yCAAyC;IACzC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb,gEAAgE,CACjE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,oBAAoB,GAAG,IAAA,2BAAgB,EAAC,YAAY,CAAC,CAAC;IAC5D,IAAI,EAAE,KAAK,oBAAoB,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACb,sEAAsE,CACvE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IAED,MAAM,gBAAgB,GAAG,IAAA,6BAAiB,EACxC,IAAI,UAAU,CAAC,mBAAmB,CAAC,EACnC,CAAC,CACF,CAAC,CAAC,CAAqC,CAAC;IACzC,MAAM,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAC,oBAAQ,CAAC,GAAG,CAAC,CAAC;IAE/C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,kFAAkF;IAClF,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb,8BAA8B,GAAG,uBAAuB,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC5F,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,IAAI,OAAO,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QACD,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;SAAM,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,QAAQ,GAAG,MAAM,uBAAuB,CACtC,OAAO,EACP,QAAQ,EACR,mBAAmB,CAAC,cAAc,EAClC,gBAAgB,CACjB,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,mCAAmC,GAAG,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC7B,CAAC;IAED,MAAM,SAAS,GAAG,IAAA,qBAAU,EAAC,MAAM,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG;QAChB,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACrB,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QACtB,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;QACvB,SAAS,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;QACvB,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;KACpB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,OAAO;QACL,QAAQ,EAAE,IAAI;QACd,gBAAgB,EAAE;YAChB,YAAY,EAAE,oBAAoB;YAClC,SAAS,EAAE,mBAAmB;YAC9B,OAAO;YACP,UAAU,EACR,mBAAmB,CAAC,UAA4C;YAClE,MAAM,EAAE,SAAS;YACjB,iBAAiB,EAAE,GAAG;YACtB,YAAY,EAAE,KAAK,CAAC,EAAE;SACvB;KACF,CAAC;AACJ,CAAC;AAhMD,gEAgMC;AAED;;;;;;;;;;;;;;;GAeG;AACH,KAAK,UAAU,uBAAuB,CACpC,OAAoD,EACpD,QAAoB,EACpB,oBAA4B,EAC5B,aAA+C;IAE/C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAuB,CAAC;IAC5D,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAA2B,CAAC;IAC/D,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAA6B,CAAC;IAE3D,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CACb,qGAAqG,CACtG,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,oBAAQ,CAAC,GAAG,CAAW,CAAC;IAC1D,IAAI,UAAU,KAAK,OAAO,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,0BAA0B,UAAU,kCAAkC,OAAO,EAAE,CAChF,CAAC;IACJ,CAAC;IAED,MAAM,cAAc,GAAG,IAAA,aAAM,EAAC,IAAA,2BAAgB,EAAC,oBAAoB,CAAC,CAAC,CAAC;IACtE,MAAM,aAAa,GAAG,IAAA,mBAAW,EAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAE9D,OAAO,IAAA,kCAAe,EAAC;QACrB,aAAa;QACb,SAAS;QACT,IAAI,EAAE,aAAa;KACpB,CAAC,CAAC;AACL,CAAC","sourcesContent":["import { decodePartialCBOR } from '@levischuck/tiny-cbor';\nimport { concatBytes } from '@metamask/utils';\nimport { sha256 } from '@noble/hashes/sha2';\n\nimport type { AuthenticatorTransportFuture } from '../types';\nimport {\n  base64URLToBytes,\n  bytesToBase64URL,\n  bytesToHex,\n} from '../utils/encoding';\nimport { COSEALG, COSEKEYS } from './constants';\nimport { decodeAttestationObject } from './decode-attestation-object';\nimport { decodeClientDataJSON } from './decode-client-data-json';\nimport { matchExpectedRPID } from './match-expected-rp-id';\nimport { parseAuthenticatorData } from './parse-authenticator-data';\nimport type { PasskeyRegistrationResponse } from './types';\nimport { verifySignature } from './verify-signature';\n\nexport type VerifiedRegistrationResponse =\n  | { verified: false; registrationInfo?: never }\n  | {\n      verified: true;\n      registrationInfo: {\n        credentialId: string;\n        publicKey: Uint8Array;\n        counter: number;\n        transports?: AuthenticatorTransportFuture[];\n        aaguid: string;\n        attestationFormat: string;\n        userVerified: boolean;\n      };\n    };\n\n/**\n * Verifies a WebAuthn registration (attestation) response per\n * W3C WebAuthn Level 3 §7.1.\n *\n * Performs the following checks in order:\n * 1. Credential ID presence and base64url consistency (`id === rawId`), and\n *    that `id` matches the credential id inside parsed authenticator data.\n * 2. Credential type is `\"public-key\"`.\n * 3. `clientDataJSON` -- type is `\"webauthn.create\"`, challenge and origin\n *    match the expected values.\n * 4. Attestation object -- CBOR-decodes and parses `authData` to verify\n *    the RP ID hash, user-presence flag, optional user-verification flag,\n *    and the attested credential public key algorithm.\n * 5. Attestation statement -- supports `\"none\"` (no signature) and\n *    `\"packed\"` self-attestation (signature verified against the\n *    credential's own public key).\n *\n * @param opts - Verification options.\n * @param opts.response - The `PublicKeyCredential` result from\n *   `navigator.credentials.create()`, serialized as JSON.\n * @param opts.expectedChallenge - The base64url challenge that was passed\n *   to the authenticator (must match `clientDataJSON.challenge`).\n * @param opts.expectedOrigin - One or more acceptable origins (e.g.\n *   `\"chrome-extension://...\"` or `\"https://metamask.io\"`).\n * @param opts.expectedRPID - The Relying Party ID domain. The\n *   authenticator's `rpIdHash` is compared against `SHA-256(expectedRPID)`.\n * @param opts.requireUserVerification - When `true`, verification fails\n *   if the UV flag is not set. Defaults to `false`.\n * @param opts.supportedAlgorithmIDs - COSE algorithm identifiers accepted\n *   for the credential public key. Defaults to EdDSA, ES256, and RS256.\n * @returns On success, `{ verified: true, registrationInfo }` with the\n *   parsed credential ID, public key, counter, AAGUID, and transport\n *   hints. On failure, `{ verified: false }`.\n */\nexport async function verifyRegistrationResponse(opts: {\n  response: PasskeyRegistrationResponse;\n  expectedChallenge: string;\n  expectedOrigin: string | string[];\n  expectedRPID: string;\n  requireUserVerification?: boolean;\n  supportedAlgorithmIDs?: number[];\n}): Promise<VerifiedRegistrationResponse> {\n  const {\n    response,\n    expectedChallenge,\n    expectedOrigin,\n    expectedRPID,\n    requireUserVerification = false,\n    supportedAlgorithmIDs = [COSEALG.EdDSA, COSEALG.ES256, COSEALG.RS256],\n  } = opts;\n\n  const {\n    id,\n    rawId,\n    type: credentialType,\n    response: attestationResponse,\n  } = response;\n\n  // Ensure credential specified an ID\n  if (!id) {\n    throw new Error('Missing credential ID');\n  }\n\n  // Ensure ID is base64url-encoded\n  if (id !== rawId) {\n    throw new Error('Credential ID was not base64url-encoded');\n  }\n\n  // Make sure credential type is public-key\n  if (credentialType !== 'public-key') {\n    throw new Error(\n      `Unexpected credential type ${String(credentialType)}, expected \"public-key\"`,\n    );\n  }\n\n  const clientDataJSON = decodeClientDataJSON(\n    attestationResponse.clientDataJSON,\n  );\n  const { type, challenge, origin, tokenBinding } = clientDataJSON;\n\n  // Make sure we're handling an registration\n  if (type !== 'webauthn.create') {\n    throw new Error(`Unexpected registration response type: ${type}`);\n  }\n\n  // Ensure the device provided the challenge we gave it\n  if (challenge !== expectedChallenge) {\n    throw new Error(\n      `Unexpected registration response challenge \"${challenge}\", expected \"${expectedChallenge}\"`,\n    );\n  }\n\n  // Check that the origin is our site\n  const expectedOrigins = Array.isArray(expectedOrigin)\n    ? expectedOrigin\n    : [expectedOrigin];\n  if (!expectedOrigins.includes(origin)) {\n    throw new Error(\n      `Unexpected registration response origin \"${origin}\", expected one of: ${expectedOrigins.join(', ')}`,\n    );\n  }\n\n  if (tokenBinding) {\n    if (typeof tokenBinding !== 'object') {\n      throw new Error('ClientDataJSON tokenBinding was not an object');\n    }\n\n    if (\n      !['present', 'supported', 'not-supported'].includes(tokenBinding.status)\n    ) {\n      throw new Error(\n        `Unexpected tokenBinding.status value of \"${tokenBinding.status}\"`,\n      );\n    }\n  }\n\n  const attestationObjectBytes = base64URLToBytes(\n    attestationResponse.attestationObject,\n  );\n  const decodedAttObj = decodeAttestationObject(attestationObjectBytes);\n  const fmt = decodedAttObj.get('fmt');\n  const authData = decodedAttObj.get('authData');\n  const attStmt = decodedAttObj.get('attStmt');\n\n  const parsedAuthData = parseAuthenticatorData(authData);\n  const {\n    rpIdHash,\n    flags,\n    counter,\n    credentialID,\n    credentialPublicKey,\n    aaguid,\n  } = parsedAuthData;\n\n  matchExpectedRPID(rpIdHash, [expectedRPID]);\n\n  // Make sure someone was physically present\n  if (!flags.up) {\n    throw new Error('User presence was required, but user was not present');\n  }\n\n  // Enforce user verification if specified\n  if (requireUserVerification && !flags.uv) {\n    throw new Error(\n      'User verification was required, but user could not be verified',\n    );\n  }\n\n  if (!credentialID) {\n    throw new Error('No credential ID was provided by authenticator');\n  }\n\n  const attestedCredentialId = bytesToBase64URL(credentialID);\n  if (id !== attestedCredentialId) {\n    throw new Error(\n      'Credential id does not match the credential id in authenticator data',\n    );\n  }\n\n  if (!credentialPublicKey) {\n    throw new Error('No public key was provided by authenticator');\n  }\n  if (!aaguid) {\n    throw new Error('No AAGUID was present during registration');\n  }\n\n  const decodedPublicKey = decodePartialCBOR(\n    new Uint8Array(credentialPublicKey),\n    0,\n  )[0] as Map<number, number | Uint8Array>;\n  const alg = decodedPublicKey.get(COSEKEYS.Alg);\n\n  if (typeof alg !== 'number') {\n    throw new Error('Credential public key was missing numeric alg');\n  }\n\n  // Make sure the key algorithm is one we specified within the registration options\n  if (!supportedAlgorithmIDs.includes(alg)) {\n    throw new Error(\n      `Unexpected public key alg \"${alg}\", expected one of \"${supportedAlgorithmIDs.join(', ')}\"`,\n    );\n  }\n\n  let verified = false;\n  if (fmt === 'none') {\n    if (attStmt.size > 0) {\n      throw new Error('None attestation had unexpected attestation statement');\n    }\n    verified = true;\n  } else if (fmt === 'packed') {\n    verified = await verifyPackedAttestation(\n      attStmt,\n      authData,\n      attestationResponse.clientDataJSON,\n      decodedPublicKey,\n    );\n  } else {\n    throw new Error(`Unsupported attestation format: ${fmt}`);\n  }\n\n  if (!verified) {\n    return { verified: false };\n  }\n\n  const aaguidHex = bytesToHex(aaguid);\n  const aaguidStr = [\n    aaguidHex.slice(0, 8),\n    aaguidHex.slice(8, 12),\n    aaguidHex.slice(12, 16),\n    aaguidHex.slice(16, 20),\n    aaguidHex.slice(20),\n  ].join('-');\n\n  return {\n    verified: true,\n    registrationInfo: {\n      credentialId: attestedCredentialId,\n      publicKey: credentialPublicKey,\n      counter,\n      transports:\n        attestationResponse.transports as AuthenticatorTransportFuture[],\n      aaguid: aaguidStr,\n      attestationFormat: fmt,\n      userVerified: flags.uv,\n    },\n  };\n}\n\n/**\n * Verify packed self-attestation per WebAuthn §8.2: no x5c certificate\n * chain, signature over `authData || SHA-256(clientDataJSON)` verified\n * with the credential's own public key, and `alg` in the attestation\n * statement must match the credential key's algorithm.\n *\n * @param attStmt - The attestation statement map from the attestation\n *   object.\n * @param attStmt.get - Accessor to retrieve statement fields by key.\n * @param attStmt.size - Number of entries in the statement.\n * @param authData - Raw authenticator data bytes.\n * @param clientDataJSONB64url - Base64url-encoded clientDataJSON.\n * @param cosePublicKey - Decoded COSE public key map from authenticator\n *   data.\n * @returns Whether the packed attestation signature is valid.\n */\nasync function verifyPackedAttestation(\n  attStmt: { get(key: string): unknown; size: number },\n  authData: Uint8Array,\n  clientDataJSONB64url: string,\n  cosePublicKey: Map<number, number | Uint8Array>,\n): Promise<boolean> {\n  const attStmtAlg = attStmt.get('alg') as number | undefined;\n  const signature = attStmt.get('sig') as Uint8Array | undefined;\n  const x5c = attStmt.get('x5c') as Uint8Array[] | undefined;\n\n  if (typeof attStmtAlg !== 'number') {\n    throw new Error('Packed attestation statement missing alg');\n  }\n\n  if (!signature) {\n    throw new Error('Packed attestation missing signature');\n  }\n\n  if (x5c && x5c.length > 0) {\n    throw new Error(\n      'Packed attestation with certificate chain (x5c) is not supported; only self-attestation is accepted',\n    );\n  }\n\n  const credAlg = cosePublicKey.get(COSEKEYS.Alg) as number;\n  if (attStmtAlg !== credAlg) {\n    throw new Error(\n      `Packed attestation alg ${attStmtAlg} does not match credential alg ${credAlg}`,\n    );\n  }\n\n  const clientDataHash = sha256(base64URLToBytes(clientDataJSONB64url));\n  const signatureBase = concatBytes([authData, clientDataHash]);\n\n  return verifySignature({\n    cosePublicKey,\n    signature,\n    data: signatureBase,\n  });\n}\n"]}

package/dist/webauthn/verify-registration-response.d.cts

@@ -0,0 +1,60 @@
+import type { AuthenticatorTransportFuture } from "../types.cjs";
+import type { PasskeyRegistrationResponse } from "./types.cjs";
+export type VerifiedRegistrationResponse = {
+    verified: false;
+    registrationInfo?: never;
+} | {
+    verified: true;
+    registrationInfo: {
+        credentialId: string;
+        publicKey: Uint8Array;
+        counter: number;
+        transports?: AuthenticatorTransportFuture[];
+        aaguid: string;
+        attestationFormat: string;
+        userVerified: boolean;
+    };
+};
+/**
+ * Verifies a WebAuthn registration (attestation) response per
+ * W3C WebAuthn Level 3 §7.1.
+ *
+ * Performs the following checks in order:
+ * 1. Credential ID presence and base64url consistency (`id === rawId`), and
+ *    that `id` matches the credential id inside parsed authenticator data.
+ * 2. Credential type is `"public-key"`.
+ * 3. `clientDataJSON` -- type is `"webauthn.create"`, challenge and origin
+ *    match the expected values.
+ * 4. Attestation object -- CBOR-decodes and parses `authData` to verify
+ *    the RP ID hash, user-presence flag, optional user-verification flag,
+ *    and the attested credential public key algorithm.
+ * 5. Attestation statement -- supports `"none"` (no signature) and
+ *    `"packed"` self-attestation (signature verified against the
+ *    credential's own public key).
+ *
+ * @param opts - Verification options.
+ * @param opts.response - The `PublicKeyCredential` result from
+ *   `navigator.credentials.create()`, serialized as JSON.
+ * @param opts.expectedChallenge - The base64url challenge that was passed
+ *   to the authenticator (must match `clientDataJSON.challenge`).
+ * @param opts.expectedOrigin - One or more acceptable origins (e.g.
+ *   `"chrome-extension://..."` or `"https://metamask.io"`).
+ * @param opts.expectedRPID - The Relying Party ID domain. The
+ *   authenticator's `rpIdHash` is compared against `SHA-256(expectedRPID)`.
+ * @param opts.requireUserVerification - When `true`, verification fails
+ *   if the UV flag is not set. Defaults to `false`.
+ * @param opts.supportedAlgorithmIDs - COSE algorithm identifiers accepted
+ *   for the credential public key. Defaults to EdDSA, ES256, and RS256.
+ * @returns On success, `{ verified: true, registrationInfo }` with the
+ *   parsed credential ID, public key, counter, AAGUID, and transport
+ *   hints. On failure, `{ verified: false }`.
+ */
+export declare function verifyRegistrationResponse(opts: {
+    response: PasskeyRegistrationResponse;
+    expectedChallenge: string;
+    expectedOrigin: string | string[];
+    expectedRPID: string;
+    requireUserVerification?: boolean;
+    supportedAlgorithmIDs?: number[];
+}): Promise<VerifiedRegistrationResponse>;
+//# sourceMappingURL=verify-registration-response.d.cts.map

package/dist/webauthn/verify-registration-response.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-registration-response.d.cts","sourceRoot":"","sources":["../../src/webauthn/verify-registration-response.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,4BAA4B,EAAE,qBAAiB;AAW7D,OAAO,KAAK,EAAE,2BAA2B,EAAE,oBAAgB;AAG3D,MAAM,MAAM,4BAA4B,GACpC;IAAE,QAAQ,EAAE,KAAK,CAAC;IAAC,gBAAgB,CAAC,EAAE,KAAK,CAAA;CAAE,GAC7C;IACE,QAAQ,EAAE,IAAI,CAAC;IACf,gBAAgB,EAAE;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,UAAU,CAAC;QACtB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,CAAC,EAAE,4BAA4B,EAAE,CAAC;QAC5C,MAAM,EAAE,MAAM,CAAC;QACf,iBAAiB,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC;CACH,CAAC;AAEN;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,wBAAsB,0BAA0B,CAAC,IAAI,EAAE;IACrD,QAAQ,EAAE,2BAA2B,CAAC;IACtC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;CAClC,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAyLxC"}

package/dist/webauthn/verify-registration-response.d.mts

@@ -0,0 +1,60 @@
+import type { AuthenticatorTransportFuture } from "../types.mjs";
+import type { PasskeyRegistrationResponse } from "./types.mjs";
+export type VerifiedRegistrationResponse = {
+    verified: false;
+    registrationInfo?: never;
+} | {
+    verified: true;
+    registrationInfo: {
+        credentialId: string;
+        publicKey: Uint8Array;
+        counter: number;
+        transports?: AuthenticatorTransportFuture[];
+        aaguid: string;
+        attestationFormat: string;
+        userVerified: boolean;
+    };
+};
+/**
+ * Verifies a WebAuthn registration (attestation) response per
+ * W3C WebAuthn Level 3 §7.1.
+ *
+ * Performs the following checks in order:
+ * 1. Credential ID presence and base64url consistency (`id === rawId`), and
+ *    that `id` matches the credential id inside parsed authenticator data.
+ * 2. Credential type is `"public-key"`.
+ * 3. `clientDataJSON` -- type is `"webauthn.create"`, challenge and origin
+ *    match the expected values.
+ * 4. Attestation object -- CBOR-decodes and parses `authData` to verify
+ *    the RP ID hash, user-presence flag, optional user-verification flag,
+ *    and the attested credential public key algorithm.
+ * 5. Attestation statement -- supports `"none"` (no signature) and
+ *    `"packed"` self-attestation (signature verified against the
+ *    credential's own public key).
+ *
+ * @param opts - Verification options.
+ * @param opts.response - The `PublicKeyCredential` result from
+ *   `navigator.credentials.create()`, serialized as JSON.
+ * @param opts.expectedChallenge - The base64url challenge that was passed
+ *   to the authenticator (must match `clientDataJSON.challenge`).
+ * @param opts.expectedOrigin - One or more acceptable origins (e.g.
+ *   `"chrome-extension://..."` or `"https://metamask.io"`).
+ * @param opts.expectedRPID - The Relying Party ID domain. The
+ *   authenticator's `rpIdHash` is compared against `SHA-256(expectedRPID)`.
+ * @param opts.requireUserVerification - When `true`, verification fails
+ *   if the UV flag is not set. Defaults to `false`.
+ * @param opts.supportedAlgorithmIDs - COSE algorithm identifiers accepted
+ *   for the credential public key. Defaults to EdDSA, ES256, and RS256.
+ * @returns On success, `{ verified: true, registrationInfo }` with the
+ *   parsed credential ID, public key, counter, AAGUID, and transport
+ *   hints. On failure, `{ verified: false }`.
+ */
+export declare function verifyRegistrationResponse(opts: {
+    response: PasskeyRegistrationResponse;
+    expectedChallenge: string;
+    expectedOrigin: string | string[];
+    expectedRPID: string;
+    requireUserVerification?: boolean;
+    supportedAlgorithmIDs?: number[];
+}): Promise<VerifiedRegistrationResponse>;
+//# sourceMappingURL=verify-registration-response.d.mts.map

package/dist/webauthn/verify-registration-response.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-registration-response.d.mts","sourceRoot":"","sources":["../../src/webauthn/verify-registration-response.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,4BAA4B,EAAE,qBAAiB;AAW7D,OAAO,KAAK,EAAE,2BAA2B,EAAE,oBAAgB;AAG3D,MAAM,MAAM,4BAA4B,GACpC;IAAE,QAAQ,EAAE,KAAK,CAAC;IAAC,gBAAgB,CAAC,EAAE,KAAK,CAAA;CAAE,GAC7C;IACE,QAAQ,EAAE,IAAI,CAAC;IACf,gBAAgB,EAAE;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,UAAU,CAAC;QACtB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,CAAC,EAAE,4BAA4B,EAAE,CAAC;QAC5C,MAAM,EAAE,MAAM,CAAC;QACf,iBAAiB,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC;CACH,CAAC;AAEN;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,wBAAsB,0BAA0B,CAAC,IAAI,EAAE;IACrD,QAAQ,EAAE,2BAA2B,CAAC;IACtC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;CAClC,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAyLxC"}