@motebit/crypto-webauthn 1.0.0

package/LICENSE

@@ -0,0 +1,206 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 Motebit, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+"Motebit" is a trademark of Motebit, Inc. The Apache License grants rights to
+this software, not to any Motebit trademarks, logos, or branding. You may not
+use Motebit branding in a way that suggests endorsement or affiliation without
+written permission.

package/NOTICE

@@ -0,0 +1,19 @@
+Motebit
+Copyright 2026 Motebit, Inc.
+
+This product includes software developed at Motebit, Inc. (https://motebit.com).
+
+The permissive-floor packages (the protocol, SDK, cryptographic primitives,
+platform-attestation verifier leaves, scaffolding CLI, and GitHub Action) are
+licensed under the Apache License, Version 2.0. See LICENSE files in each
+`packages/*/` subdirectory and in `spec/` for the full license text.
+
+The remaining packages, apps, and services are licensed under the Business
+Source License 1.1 and convert to the Apache License, Version 2.0 four years
+after each version's first public release. See `LICENSE` at the repository
+root and `LICENSING.md` for the full license boundary.
+
+"Motebit" is a trademark of Motebit, Inc. The licenses granted here cover
+this software only, not Motebit trademarks, logos, or branding. Use of
+Motebit branding in a way that suggests endorsement or affiliation requires
+written permission.

package/README.md

@@ -0,0 +1,49 @@
+# @motebit/crypto-webauthn
+
+Offline Apache-2.0 verifier for W3C WebAuthn packed-attestation hardware-attestation credentials.
+
+```bash
+npm i @motebit/crypto-webauthn
+```
+
+Plugs into [`@motebit/crypto`](https://www.npmjs.com/package/@motebit/crypto)'s `HardwareAttestationVerifiers` dispatcher as the `webauthn` verifier — called when a credential declares `platform: "webauthn"` (any browser platform authenticator).
+
+## Usage
+
+```ts
+import { verify } from "@motebit/crypto";
+import { webauthnVerifier } from "@motebit/crypto-webauthn";
+
+const result = await verify(credential, {
+  hardwareAttestation: { webauthn: webauthnVerifier({ expectedRpId: "motebit.com" }) },
+});
+```
+
+## What it verifies
+
+1. The CBOR attestation object the browser emits — `{ fmt, attStmt, authData }`.
+2. **Full attestation** (`fmt: "packed"` with `x5c`): chain-verify the leaf against the **pinned FIDO root set** (Apple Anonymous Attestation, Yubico, Microsoft). Every non-leaf must carry `basicConstraints.cA === true`, terminal cert DER byte-equal to one of the pinned roots. Then `attStmt.sig` verifies over `authData || clientDataHash` using the leaf's public key and `attStmt.alg`.
+3. **Self attestation** (`fmt: "packed"` without `x5c`): `attStmt.sig` verifies over `authData || clientDataHash` using the credential's own public key carried in `authData`. Scores as hardware-exported-equivalent — proves only that the credential's key signed the challenge, not that any specific vendor minted it.
+4. **Identity binding.** The transmitted `clientDataHash` must equal `SHA-256(canonicalJson({ attested_at, device_id, identity_public_key, motebit_id, platform: "webauthn", version: "1" }))` — the same body the web mint path composes. A malicious page that substitutes any other body fails here.
+
+## Scope
+
+v1 accepts `fmt: "packed"` only. Other formats (`tpm`, `android-key`, `android-safetynet`, `fido-u2f`, `apple`, `none`) return a structured `fmt-not-supported` error. Additional formats land as additive arms + fixtures.
+
+## Why pinned
+
+A verifier that dynamically fetches the FIDO Metadata Service has no sovereign story. The pinned root set is the self-attesting contract — third parties audit `DEFAULT_FIDO_ROOTS` and know which vendor roots this library accepts. Rotations land as additive constants.
+
+## Related
+
+- [`@motebit/crypto`](https://www.npmjs.com/package/@motebit/crypto) — dispatcher (pure permissive-floor; zero deps)
+- [`@motebit/crypto-appattest`](https://www.npmjs.com/package/@motebit/crypto-appattest) — iOS sibling
+- [`@motebit/crypto-play-integrity`](https://www.npmjs.com/package/@motebit/crypto-play-integrity) — Android sibling
+- [`@motebit/crypto-tpm`](https://www.npmjs.com/package/@motebit/crypto-tpm) — TPM 2.0 sibling
+- [`@motebit/verify`](https://www.npmjs.com/package/@motebit/verify) — canonical CLI bundling all four leaves with motebit defaults
+
+## License
+
+Apache-2.0 — see [LICENSE](./LICENSE) and [NOTICE](./NOTICE).
+
+"Motebit" is a trademark. The Apache License grants rights to this software, not to any Motebit trademarks, logos, or branding. You may not use Motebit branding in a way that suggests endorsement or affiliation without written permission.

package/dist/cbor.d.ts

@@ -0,0 +1,48 @@
+/**
+ * Thin CBOR decoder for WebAuthn attestation objects.
+ *
+ * `navigator.credentials.create({ publicKey: { attestation: "direct", … }})`
+ * returns a `PublicKeyCredential` whose `.response.attestationObject` is
+ * a CBOR-encoded W3C WebAuthn shape:
+ *
+ *   {
+ *     fmt:     "packed" | "tpm" | "android-key" | "android-safetynet"
+ *            | "fido-u2f" | "apple" | "none",
+ *     attStmt: { alg: int, sig: bytes, x5c?: bytes[] },
+ *     authData: bytes
+ *   }
+ *
+ * Delegating to `cbor2` lets us parse that without writing a full CBOR
+ * implementation. We expose a typed `parseWebAuthnAttestationObjectCbor`
+ * so the verifier never touches raw `unknown` shapes — every field is
+ * validated as it's lifted out.
+ *
+ * Intentionally a fork of the `@motebit/crypto-appattest` CBOR parser:
+ * the App Attest shape carries `attStmt.receipt` (Apple's server-side
+ * refresh blob) and does NOT carry `attStmt.alg` or `attStmt.sig`; the
+ * WebAuthn packed shape is the inverse. Forking keeps each adapter's
+ * parser narrow and self-documenting — no shared base that silently
+ * papers over two different wire-format contracts.
+ */
+export interface WebAuthnAttestationObjectCbor {
+    readonly fmt: string;
+    /** COSE algorithm identifier (e.g. -7 for ES256). Only relevant for `packed` fmt. */
+    readonly alg: number | null;
+    /** Signature over `authData || clientDataHash`. Required for packed fmt. */
+    readonly sig: Uint8Array | null;
+    /**
+     * Certificate chain. Empty when the attestation is self-attested
+     * (the credential's own key signed the challenge — no vendor chain).
+     */
+    readonly x5c: readonly Uint8Array[];
+    readonly authData: Uint8Array;
+}
+/**
+ * Parse a CBOR-encoded WebAuthn attestation object.
+ *
+ * Returns a typed view or throws on malformed / unexpected shape. The
+ * caller (`verify.ts`) catches the throw and converts to the
+ * `{ valid: false, errors: [...] }` result shape.
+ */
+export declare function parseWebAuthnAttestationObjectCbor(attestationObjectBytes: Uint8Array): WebAuthnAttestationObjectCbor;
+//# sourceMappingURL=cbor.d.ts.map

package/dist/cbor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cbor.d.ts","sourceRoot":"","sources":["../src/cbor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAIH,MAAM,WAAW,6BAA6B;IAC5C,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,qFAAqF;IACrF,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,4EAA4E;IAC5E,QAAQ,CAAC,GAAG,EAAE,UAAU,GAAG,IAAI,CAAC;IAChC;;;OAGG;IACH,QAAQ,CAAC,GAAG,EAAE,SAAS,UAAU,EAAE,CAAC;IACpC,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAC;CAC/B;AAED;;;;;;GAMG;AACH,wBAAgB,kCAAkC,CAChD,sBAAsB,EAAE,UAAU,GACjC,6BAA6B,CAuD/B"}

package/dist/cbor.js

@@ -0,0 +1,99 @@
+/**
+ * Thin CBOR decoder for WebAuthn attestation objects.
+ *
+ * `navigator.credentials.create({ publicKey: { attestation: "direct", … }})`
+ * returns a `PublicKeyCredential` whose `.response.attestationObject` is
+ * a CBOR-encoded W3C WebAuthn shape:
+ *
+ *   {
+ *     fmt:     "packed" | "tpm" | "android-key" | "android-safetynet"
+ *            | "fido-u2f" | "apple" | "none",
+ *     attStmt: { alg: int, sig: bytes, x5c?: bytes[] },
+ *     authData: bytes
+ *   }
+ *
+ * Delegating to `cbor2` lets us parse that without writing a full CBOR
+ * implementation. We expose a typed `parseWebAuthnAttestationObjectCbor`
+ * so the verifier never touches raw `unknown` shapes — every field is
+ * validated as it's lifted out.
+ *
+ * Intentionally a fork of the `@motebit/crypto-appattest` CBOR parser:
+ * the App Attest shape carries `attStmt.receipt` (Apple's server-side
+ * refresh blob) and does NOT carry `attStmt.alg` or `attStmt.sig`; the
+ * WebAuthn packed shape is the inverse. Forking keeps each adapter's
+ * parser narrow and self-documenting — no shared base that silently
+ * papers over two different wire-format contracts.
+ */
+import { decode as cborDecode } from "cbor2";
+/**
+ * Parse a CBOR-encoded WebAuthn attestation object.
+ *
+ * Returns a typed view or throws on malformed / unexpected shape. The
+ * caller (`verify.ts`) catches the throw and converts to the
+ * `{ valid: false, errors: [...] }` result shape.
+ */
+export function parseWebAuthnAttestationObjectCbor(attestationObjectBytes) {
+    const decoded = cborDecode(attestationObjectBytes);
+    if (decoded === null || typeof decoded !== "object") {
+        throw new Error("attestation object is not a CBOR map");
+    }
+    const getFromAny = (key) => {
+        if (decoded instanceof Map)
+            return decoded.get(key);
+        return decoded[key];
+    };
+    const fmt = getFromAny("fmt");
+    if (typeof fmt !== "string")
+        throw new Error("attestation `fmt` missing or not a string");
+    const attStmt = getFromAny("attStmt");
+    if (attStmt === null || typeof attStmt !== "object") {
+        throw new Error("attestation `attStmt` missing or not an object");
+    }
+    const attStmtGet = (key) => {
+        if (attStmt instanceof Map)
+            return attStmt.get(key);
+        return attStmt[key];
+    };
+    // `alg` and `sig` are specific to the `packed` fmt (and a couple of
+    // others); for shapes that lack them we surface null and let the
+    // verifier reject based on the fmt arm.
+    const algRaw = attStmtGet("alg");
+    const alg = typeof algRaw === "number" ? algRaw : algRaw === undefined ? null : NaN;
+    if (Number.isNaN(alg))
+        throw new Error("attestation `attStmt.alg` present but not a number");
+    const sigRaw = attStmtGet("sig");
+    const sig = sigRaw === undefined ? null : coerceBytes(sigRaw);
+    if (sigRaw !== undefined && sig === null) {
+        throw new Error("attestation `attStmt.sig` present but not bytes");
+    }
+    const x5cRaw = attStmtGet("x5c");
+    const x5c = [];
+    if (x5cRaw !== undefined) {
+        if (!Array.isArray(x5cRaw)) {
+            throw new Error("attestation `attStmt.x5c` present but not an array");
+        }
+        for (const entry of x5cRaw) {
+            const bytes = coerceBytes(entry);
+            if (!bytes)
+                throw new Error("attestation `attStmt.x5c` entry is not bytes");
+            x5c.push(bytes);
+        }
+    }
+    const authDataRaw = getFromAny("authData");
+    const authData = coerceBytes(authDataRaw);
+    if (!authData)
+        throw new Error("attestation `authData` missing or not bytes");
+    return { fmt, alg, sig, x5c, authData };
+}
+/**
+ * cbor2 can surface byte strings as `Uint8Array` or, in some Node builds,
+ * as `Buffer` (a Uint8Array subclass). This helper collapses both shapes
+ * into a plain `Uint8Array` copy the rest of the verifier operates on.
+ */
+function coerceBytes(v) {
+    if (v instanceof Uint8Array) {
+        return new Uint8Array(v.buffer, v.byteOffset, v.byteLength).slice();
+    }
+    return null;
+}
+//# sourceMappingURL=cbor.js.map

package/dist/cbor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cbor.js","sourceRoot":"","sources":["../src/cbor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,MAAM,IAAI,UAAU,EAAE,MAAM,OAAO,CAAC;AAgB7C;;;;;;GAMG;AACH,MAAM,UAAU,kCAAkC,CAChD,sBAAkC;IAElC,MAAM,OAAO,GAAY,UAAU,CAAC,sBAAsB,CAAC,CAAC;IAE5D,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,GAAW,EAAW,EAAE;QAC1C,IAAI,OAAO,YAAY,GAAG;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpD,OAAQ,OAAmC,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC,CAAC;IAEF,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IAC9B,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAE1F,MAAM,OAAO,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IACtC,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACpE,CAAC;IACD,MAAM,UAAU,GAAG,CAAC,GAAW,EAAW,EAAE;QAC1C,IAAI,OAAO,YAAY,GAAG;YAAE,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpD,OAAQ,OAAmC,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC,CAAC;IAEF,oEAAoE;IACpE,iEAAiE;IACjE,wCAAwC;IACxC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;IACpF,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IAE7F,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IACjC,MAAM,GAAG,GAAiB,EAAE,CAAC;IAC7B,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;YACjC,IAAI,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC5E,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IAC1C,IAAI,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IAE9E,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC;AAC1C,CAAC;AAED;;;;GAIG;AACH,SAAS,WAAW,CAAC,CAAU;IAC7B,IAAI,CAAC,YAAY,UAAU,EAAE,CAAC;QAC5B,OAAO,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,CAAC;IACtE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/fido-roots.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Pinned FIDO-vendor root certificates the `packed`-attestation full-
+ * attestation verifier accepts as trust anchors.
+ *
+ * This is the self-attesting contract: a verifier that dynamically
+ * fetched FIDO Metadata Service roots would have no sovereign story —
+ * third parties auditing our output could never reproduce the decision
+ * without trusting our fetch path. By committing the exact bytes of the
+ * CAs we accept, anyone can audit this file, pin the same bytes in their
+ * own verifier, and reach the same yes/no answer for any WebAuthn
+ * attestation they receive.
+ *
+ * Starter set (v1):
+ *   - Apple WebAuthn Anonymous Attestation CA — the platform-authenticator
+ *     root iOS/macOS `Touch ID` / `Face ID` / `Passkey` attestations
+ *     chain to when a site requests `attestation: "direct"`.
+ *     Source: https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem
+ *
+ *   - Yubico FIDO Root CA Serial 457200631 — the Yubico attestation
+ *     root every modern YubiKey (FIDO2 / Security Key) leaf certifies
+ *     under. Source: https://developers.yubico.com/PKI/yubico-ca-certs.txt
+ *
+ *   - Microsoft TPM Root CA 2014 — the root Microsoft TPM-backed
+ *     platform-authenticator leaves chain to on Windows Hello setups.
+ *     Source: https://www.microsoft.com/pkiops/certs/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crt
+ *
+ * Rotations land as additive constants and a dispatch arm on the
+ * accept-set here. Removing a root is a wire-format break and MUST be
+ * coordinated with a spec version bump.
+ *
+ * Tests override the accept-set via `WebAuthnVerifyOptions.rootPems` so
+ * chain-validation exercises the same code path without needing a real
+ * vendor-signed leaf.
+ */
+/**
+ * Apple WebAuthn Anonymous Attestation Root CA.
+ *
+ * Published by Apple as the root for WebAuthn packed-attestation leaves
+ * minted by iOS / macOS platform authenticators. Byte-for-byte match of
+ * Apple's published certificate at
+ * https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem.
+ */
+export declare const APPLE_WEBAUTHN_ROOT_PEM = "-----BEGIN CERTIFICATE-----\nMIICEjCCAZmgAwIBAgIQaB0BbHo84wIlpQGUKEdXcTAKBggqhkjOPQQDAzBLMR8w\nHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJ\nbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MjEzMloXDTQ1MDMx\nNTAwMDAwMFowSzEfMB0GA1UEAwwWQXBwbGUgV2ViQXV0aG4gUm9vdCBDQTETMBEG\nA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49\nAgEGBSuBBAAiA2IABCJCQ2pTVhzjl4Wo6IhHtMSAzO2cv+H9DQKev3//fG59G11k\nxu9eI0/7o6V5uShBpe1u6l6mS19S1FEh6yGljnZAJ+2GNP1mi/YK2kSXIuTHjxA/\npcoRf7XkOtO4o1qlcaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJtdk\n2cV4wlpn0afeaxLQG2PxxtcwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cA\nMGQCMFrZ+9DsJ1PW9hfNdBywZDsWDbWFp28it1d/5w2RPkRX3Bbn/UbDTNLx7Jr3\njAGGiQIwHFj+dJZYUJR786osByBelJYsVZd2GbHQu209b5RCmGQ21gWSw2PdMsSn\n1LabATR4H7iIgXPxz8m8KiS1hXiz\n-----END CERTIFICATE-----\n";
+/**
+ * Yubico FIDO Root CA — Serial 457200631.
+ *
+ * Root of trust for YubiKey FIDO2 / Security Key attestation leaves.
+ * Byte-for-byte match of Yubico's published certificate at
+ * https://developers.yubico.com/PKI/yubico-ca-certs.txt.
+ */
+export declare const YUBICO_FIDO_ROOT_PEM = "-----BEGIN CERTIFICATE-----\nMIIDHjCCAgagAwIBAgIEG0BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZ\ndWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAw\nMDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290\nIENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk\n5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep\n8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbw\nnebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT\n9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXw\nLvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJ\nhjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAN\nBgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4\nMYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kt\nhX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2k\nLVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1U\nsG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqc\nU9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw==\n-----END CERTIFICATE-----\n";
+/**
+ * Microsoft TPM Root Certificate Authority 2014.
+ *
+ * Root of trust for Windows-Hello TPM-backed platform-authenticator
+ * attestation leaves. Byte-for-byte match of Microsoft's published
+ * certificate at
+ * https://www.microsoft.com/pkiops/certs/Microsoft%20TPM%20Root%20Certificate%20Authority%202014.crt.
+ *
+ * Note: Microsoft's Windows Hello attestation commonly uses `fmt: "tpm"`
+ * rather than `fmt: "packed"`; this root is pinned for forward-compatibility
+ * with Microsoft-signed `packed` leaves and for the TPM fmt's additive
+ * arm (non-goal in v1).
+ */
+export declare const MICROSOFT_TPM_ROOT_PEM = "-----BEGIN CERTIFICATE-----\nMIIF9TCCA92gAwIBAgIQXbYwTgy/J79JuMhpUB5dyzANBgkqhkiG9w0BAQsFADCB\njDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl\nZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE2MDQGA1UEAxMt\nTWljcm9zb2Z0IFRQTSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDE0MB4X\nDTE0MTIxMDIxMzExOVoXDTM5MTIxMDIxMzkyOFowgYwxCzAJBgNVBAYTAlVTMRMw\nEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN\naWNyb3NvZnQgQ29ycG9yYXRpb24xNjA0BgNVBAMTLU1pY3Jvc29mdCBUUE0gUm9v\ndCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxNDCCAiIwDQYJKoZIhvcNAQEBBQAD\nggIPADCCAgoCggIBAJ+n+bnKt/JHIRC/oI/xgkgsYdPzP0gpvduDA2GbRtth+L4W\nUyoZKGBw7uz5bjjP8Aql4YExyjR3EZQ4LqnZChMpoCofbeDR4MjCE1TGwWghGpS0\nmM3GtWD9XiME4rE2K0VW3pdN0CLzkYbvZbs2wQTFfE62yNQiDjyHFWAZ4BQH4eWa\n8wrDMUxIAneUCpU6zCwM+l6Qh4ohX063BHzXlTSTc1fDsiPaKuMMjWjK9vp5UHFP\na+dMAWr6OljQZPFIg3aZ4cUfzS9y+n77Hs1NXPBn6E4Db679z4DThIXyoKeZTv1a\naWOWl/exsDLGt2mTMTyykVV8uD1eRjYriFpLQBFT0EfijJB0WzrVeJExDVBtH74E\n1vV0zGlKn3IdmkoXMq72wBWmldvnWqMkYmG+/TT4VqsmxwYQKsW8pAmO2ouCXCq7\nx8XFs2otDi4QZIc6HBxGe0GR8yxI/XxdFR3jGq0GmgcwBKJSNXOvbTS0Ql3TjfuJ\nHO3+SM8ioybJMeAexjRPOGd9mZZdkns2awTW8lzxE2pi0iMsPALLmWekmQTxAkyo\nh+mXxIdjICnsA+J5Nc2vB/YfM1v8Of8jlLSrkVZ+HjAJKaA3TwfnuL9yPalajgSs\nAonA/aGPrpbFTJKnYsX6TAKpxvlLrNs/XZBERPFfygBJTffBMVoerIJQa+W5AgMB\nAAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR6\njArOL0hiF+KU0a5VwVLscXSkVjAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0B\nAQsFAAOCAgEAW4ioo1+J9VWC0UntSBXcXRm1ePTVamtsxVy/GpP4EmJd3Ub53JzN\nBfYdgfUL51CppS3ZY6BoagB+DqoA2GbSL+7sFGHBl5ka6FNelrwsH6VVw4xV/8kl\nIjmqOyfatPYsz0sUdZev+reeiGpKVoXrK6BDnUU27/mgPtem5YKWvHB/soofUrLK\nzZV3WfGdx9zBr8V0xb6n9YUTHRp/nmn5F4VWLBwyjjlRofFJuFZbM0S91aOu6hit\nUOHsgEl6vTlc1v5ymG2tTRSZ+hVbazQWGF6cnKE0NYZy7UCjl2ZWN+FYHUX3tzrK\nUXDy3jl6wmRy+R0O7CJjEgQsaa4Rkz/L+0mdCIdhTNijxPRTaPcLGn1l5ZxtqWl3\nOdcbVjQGMnOWrkaxpbI99/C8tBiYuUCiPkCeuK+0wLMjP3b3zlPGjZnTVSgq52bK\n7JIB70R8dnC6PIPjY9QeY5bOTQJ1LJ/h8Hcn4Vam0aZMIpWDjMOXK48rLNG1+mXB\noDpoa1jAD+hxi54GSJHgGtVHG/HEiBdpHumOBYDLv5UZ9T2nHhPbmkpTA5JvzaCT\nWb0B4htaAlVCbQ0Tn4mNHhASa/rsSpl0C5bpFggsDdaaRmcRJ3UPy+GmSZPT9Xsh\nHv7yoFFKi50iNfc59NhT2Qh/6V/8gK7U+rfcKk+KlW/2k+JSX+4Dyh8=\n-----END CERTIFICATE-----\n";
+/**
+ * Default FIDO root accept-set. Full attestation (x5c present) must
+ * chain to exactly one of these. Tests override by passing
+ * `WebAuthnVerifyOptions.rootPems` — the runtime-injected set replaces
+ * the pinned default so fabricated chains can exercise the same code
+ * path.
+ */
+export declare const DEFAULT_FIDO_ROOTS: ReadonlyArray<string>;
+/**
+ * WebAuthn attestation format discriminator the verifier accepts in v1.
+ * `packed` is the broadest-coverage format and the only one v1 handles.
+ * `tpm`, `android-key`, `android-safetynet`, `fido-u2f`, `apple`, and
+ * `none` are rejected with a structured `fmt-not-supported` error.
+ */
+export declare const WEBAUTHN_FMT_PACKED = "packed";
+//# sourceMappingURL=fido-roots.d.ts.map

package/dist/fido-roots.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fido-roots.d.ts","sourceRoot":"","sources":["../src/fido-roots.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB,izBAcnC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,+oCAmBhC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,sBAAsB,qnEAkClC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,EAAE,aAAa,CAAC,MAAM,CAIpD,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,WAAW,CAAC"}