@motebit/verify 1.2.0 → 1.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -12
- package/dist/adapters.d.ts +8 -31
- package/dist/adapters.d.ts.map +1 -1
- package/dist/adapters.js +0 -13
- package/dist/adapters.js.map +1 -1
- package/dist/cli.d.ts +5 -7
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +12 -26
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +3 -3
- package/dist/index.js +3 -3
- package/package.json +8 -10
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# @motebit/verify
|
|
2
2
|
|
|
3
|
-
The canonical `motebit-verify` command-line tool. A single binary that verifies any signed motebit artifact — identity files, execution receipts, credentials, presentations — including credentials carrying hardware-attestation claims under any of the four canonical sovereign-verifiable platforms (Apple App Attest, Android Hardware-Backed Keystore Attestation, TPM 2.0, WebAuthn)
|
|
3
|
+
The canonical `motebit-verify` command-line tool. A single binary that verifies any signed motebit artifact — identity files, execution receipts, credentials, presentations — including credentials carrying hardware-attestation claims under any of the four canonical sovereign-verifiable platforms (Apple App Attest, Android Hardware-Backed Keystore Attestation, TPM 2.0, WebAuthn).
|
|
4
4
|
|
|
5
5
|
Network-free. No relay contact, no external service, no cloud dependency. Every trust anchor is pinned in the installed package.
|
|
6
6
|
|
|
@@ -28,14 +28,14 @@ VALID (credential)
|
|
|
28
28
|
|
|
29
29
|
Hardware-attestation channel covers every currently-shipped platform:
|
|
30
30
|
|
|
31
|
-
| Platform
|
|
32
|
-
|
|
|
33
|
-
| `secure_enclave`
|
|
34
|
-
| `device_check`
|
|
35
|
-
| `tpm`
|
|
36
|
-
| `android_keystore`
|
|
37
|
-
| `webauthn`
|
|
38
|
-
| `play_integrity` _(
|
|
31
|
+
| Platform | Adapter | Trust anchor |
|
|
32
|
+
| ---------------------------- | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
33
|
+
| `secure_enclave` | `@motebit/crypto` (built-in) | ECDSA-P256 signature; self-asserted SE public key |
|
|
34
|
+
| `device_check` | `@motebit/crypto-appattest` | Pinned Apple App Attestation Root CA |
|
|
35
|
+
| `tpm` | `@motebit/crypto-tpm` | Pinned Infineon / Nuvoton / STMicro / Intel PTT vendor roots |
|
|
36
|
+
| `android_keystore` | `@motebit/crypto-android-keystore` | Pinned Google Hardware Attestation roots (RSA + ECDSA P-384) |
|
|
37
|
+
| `webauthn` | `@motebit/crypto-webauthn` | Pinned Apple / Yubico / Microsoft FIDO roots |
|
|
38
|
+
| `play_integrity` _(removed)_ | _(no adapter wired)_ | Removed 2026-05-03. Credentials carrying this platform fail-closed. Use `@motebit/crypto-android-keystore` instead — see `docs/doctrine/hardware-attestation.md`. |
|
|
39
39
|
|
|
40
40
|
Unknown platform → named error, fail-closed. Missing adapter context → named error, fail-closed. Never silent acceptance.
|
|
41
41
|
|
|
@@ -51,11 +51,10 @@ motebit-verify <file> --clock-skew 30 # allow N seconds of clock drift
|
|
|
51
51
|
motebit-verify <file> \
|
|
52
52
|
--bundle-id com.example.app \
|
|
53
53
|
--android-attestation-application-id ./app-id.bin \
|
|
54
|
-
--android-package com.example.app \
|
|
55
54
|
--rp-id example.com
|
|
56
55
|
```
|
|
57
56
|
|
|
58
|
-
**Verifying `android_keystore` credentials requires `--android-attestation-application-id`.** The flag's value is a path to a binary file containing the raw bytes of the leaf cert's `attestationApplicationId` extension — operators capture this once at build time (deterministic from the registered Android package name + signing-cert SHA-256) and commit the file alongside other pinned config. Without the flag, the Android Keystore arm is intentionally unwired (passing a placeholder would false-reject every real claim); the dispatcher reports `"verifier not wired"`.
|
|
57
|
+
**Verifying `android_keystore` credentials requires `--android-attestation-application-id`.** The flag's value is a path to a binary file containing the raw bytes of the leaf cert's `attestationApplicationId` extension — operators capture this once at build time (deterministic from the registered Android package name + signing-cert SHA-256) and commit the file alongside other pinned config. Without the flag, the Android Keystore arm is intentionally unwired (passing a placeholder would false-reject every real claim); the dispatcher reports `"verifier not wired"`.
|
|
59
58
|
|
|
60
59
|
Exit codes:
|
|
61
60
|
|
|
@@ -113,7 +112,7 @@ If you were on `@motebit/verify@^0.7.0`, migration depends on what you were usin
|
|
|
113
112
|
- [`@motebit/verifier`](https://www.npmjs.com/package/@motebit/verifier) — Apache-2.0 library underneath this CLI (`verifyFile`, `verifyArtifact`, `formatHuman`)
|
|
114
113
|
- [`@motebit/crypto`](https://www.npmjs.com/package/@motebit/crypto) — Apache-2.0 primitives (`verify`, `sign`, suite dispatch; zero monorepo deps)
|
|
115
114
|
- [`@motebit/crypto-appattest`](https://www.npmjs.com/package/@motebit/crypto-appattest) — Apple App Attest adapter bundled into this CLI
|
|
116
|
-
- [`@motebit/crypto-
|
|
115
|
+
- [`@motebit/crypto-android-keystore`](https://www.npmjs.com/package/@motebit/crypto-android-keystore) — Android Hardware-Backed Keystore Attestation adapter bundled into this CLI
|
|
117
116
|
- [`@motebit/crypto-tpm`](https://www.npmjs.com/package/@motebit/crypto-tpm) — TPM 2.0 EK chain adapter bundled into this CLI
|
|
118
117
|
- [`@motebit/crypto-webauthn`](https://www.npmjs.com/package/@motebit/crypto-webauthn) — WebAuthn packed-attestation adapter bundled into this CLI
|
|
119
118
|
- [`motebit`](https://www.npmjs.com/package/motebit) — reference runtime and operator console
|
package/dist/adapters.d.ts
CHANGED
|
@@ -4,11 +4,9 @@
|
|
|
4
4
|
* `@motebit/verifier` (Apache-2.0) accepts an optional
|
|
5
5
|
* `HardwareAttestationVerifiers` record but wires none of the leaves
|
|
6
6
|
* itself; that keeps it dep-thin. This Apache-2.0 aggregator imports
|
|
7
|
-
* every leaf (`@motebit/crypto-appattest`,
|
|
7
|
+
* every canonical leaf (`@motebit/crypto-appattest`,
|
|
8
8
|
* `@motebit/crypto-android-keystore`, `@motebit/crypto-tpm`,
|
|
9
|
-
* `@motebit/crypto-webauthn
|
|
10
|
-
* `@motebit/crypto-play-integrity` for backward compatibility during
|
|
11
|
-
* its 1.x deprecation cycle) and produces a single
|
|
9
|
+
* `@motebit/crypto-webauthn`) and produces a single
|
|
12
10
|
* `HardwareAttestationVerifiers` object the CLI hands to `verifyFile`.
|
|
13
11
|
* Any credential whose subject carries a hardware-attestation claim
|
|
14
12
|
* for any of the canonical platforms now verifies end-to-end — chain
|
|
@@ -28,15 +26,15 @@
|
|
|
28
26
|
* Operators verifying credentials from a different motebit deployment
|
|
29
27
|
* can override any of these via the config parameter.
|
|
30
28
|
*
|
|
31
|
-
*
|
|
32
|
-
*
|
|
33
|
-
*
|
|
34
|
-
*
|
|
29
|
+
* Note: `@motebit/crypto-play-integrity` was deprecated 2026-04-26 and
|
|
30
|
+
* fully removed 2026-05-03. The structural reason — Google publishes no
|
|
31
|
+
* global Play Integrity JWKS, so the package can't satisfy motebit's
|
|
32
|
+
* third-party-verifiability invariant — is captured in
|
|
35
33
|
* `docs/doctrine/hardware-attestation.md` § "Three architectural
|
|
36
|
-
* categories".
|
|
34
|
+
* categories". Android attestation lives entirely on
|
|
35
|
+
* `@motebit/crypto-android-keystore` now.
|
|
37
36
|
*/
|
|
38
37
|
import type { HardwareAttestationVerifiers } from "@motebit/crypto";
|
|
39
|
-
import { type GoogleJwks } from "@motebit/crypto-play-integrity";
|
|
40
38
|
export interface HardwareVerifierBundleConfig {
|
|
41
39
|
/**
|
|
42
40
|
* Apple App Attest — bundle ID the attested iOS app was built with.
|
|
@@ -69,27 +67,6 @@ export interface HardwareVerifierBundleConfig {
|
|
|
69
67
|
* covering both pre- and post-rotation device fleets).
|
|
70
68
|
*/
|
|
71
69
|
readonly androidKeystoreRootPems?: ReadonlyArray<string>;
|
|
72
|
-
/**
|
|
73
|
-
* Google Play Integrity (DEPRECATED) — Android package name the
|
|
74
|
-
* attested app was built with. Defaults to `com.motebit.mobile`.
|
|
75
|
-
* Wired during the `@motebit/crypto-play-integrity@1.x`
|
|
76
|
-
* deprecation cycle so already-minted credentials continue to
|
|
77
|
-
* verify; new mobile builds emit `platform: "android_keystore"`.
|
|
78
|
-
*/
|
|
79
|
-
readonly playIntegrityPackageName?: string;
|
|
80
|
-
/**
|
|
81
|
-
* Google Play Integrity (DEPRECATED) — override the pinned JWKS.
|
|
82
|
-
* Fail-closed by default — see the structural-mismatch note in
|
|
83
|
-
* `@motebit/crypto-play-integrity`'s CLAUDE.md (no global Google
|
|
84
|
-
* JWKS exists; this verifier is operator-key-mediated rather than
|
|
85
|
-
* sovereign-verifiable, which is why it's been deprecated).
|
|
86
|
-
*/
|
|
87
|
-
readonly playIntegrityPinnedJwks?: GoogleJwks;
|
|
88
|
-
/**
|
|
89
|
-
* Google Play Integrity (DEPRECATED) — relax the device-integrity
|
|
90
|
-
* floor. Defaults to the strict `"MEETS_DEVICE_INTEGRITY"`.
|
|
91
|
-
*/
|
|
92
|
-
readonly playIntegrityRequiredDeviceIntegrity?: string;
|
|
93
70
|
/**
|
|
94
71
|
* WebAuthn — Relying Party ID the credential was minted for.
|
|
95
72
|
* Defaults to `motebit.com`.
|
package/dist/adapters.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"adapters.d.ts","sourceRoot":"","sources":["../src/adapters.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"adapters.d.ts","sourceRoot":"","sources":["../src/adapters.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAMpE,MAAM,WAAW,4BAA4B;IAC3C;;;;OAIG;IACH,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC;;;;;OAKG;IACH,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC;;;;;;;;;OASG;IACH,QAAQ,CAAC,+CAA+C,CAAC,EAAE,UAAU,CAAC;IACtE;;;;;OAKG;IACH,QAAQ,CAAC,uBAAuB,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACzD;;;OAGG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAClD;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC9C;AAOD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,CAAC,EAAE,4BAA4B,GACpC,4BAA4B,CAiC9B"}
|
package/dist/adapters.js
CHANGED
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
import { androidKeystoreVerifier } from "@motebit/crypto-android-keystore";
|
|
2
2
|
import { deviceCheckVerifier, APPLE_APPATTEST_ROOT_PEM } from "@motebit/crypto-appattest";
|
|
3
|
-
// eslint-disable-next-line @typescript-eslint/no-deprecated -- consumed for one minor deprecation cycle so already-minted Play Integrity claims continue to verify; removed at @motebit/crypto-play-integrity@2.0.0.
|
|
4
|
-
import { playIntegrityVerifier } from "@motebit/crypto-play-integrity";
|
|
5
3
|
import { tpmVerifier } from "@motebit/crypto-tpm";
|
|
6
4
|
import { webauthnVerifier, DEFAULT_FIDO_ROOTS } from "@motebit/crypto-webauthn";
|
|
7
5
|
/** Motebit's canonical iOS / Android app identifier. */
|
|
@@ -31,7 +29,6 @@ const DEFAULT_WEBAUTHN_RP_ID = "motebit.com";
|
|
|
31
29
|
*/
|
|
32
30
|
export function buildHardwareVerifiers(config) {
|
|
33
31
|
const appAttestBundleId = config?.appAttestBundleId ?? DEFAULT_BUNDLE_ID;
|
|
34
|
-
const playIntegrityPackageName = config?.playIntegrityPackageName ?? DEFAULT_BUNDLE_ID;
|
|
35
32
|
const webauthnRpId = config?.webauthnRpId ?? DEFAULT_WEBAUTHN_RP_ID;
|
|
36
33
|
const verifiers = {
|
|
37
34
|
deviceCheck: deviceCheckVerifier({
|
|
@@ -41,16 +38,6 @@ export function buildHardwareVerifiers(config) {
|
|
|
41
38
|
tpm: tpmVerifier({
|
|
42
39
|
...(config?.tpmRootPems !== undefined ? { rootPems: config.tpmRootPems } : {}),
|
|
43
40
|
}),
|
|
44
|
-
// eslint-disable-next-line @typescript-eslint/no-deprecated -- one-minor-cycle backward compat for already-minted Play Integrity credentials; removed at @motebit/crypto-play-integrity@2.0.0.
|
|
45
|
-
playIntegrity: playIntegrityVerifier({
|
|
46
|
-
expectedPackageName: playIntegrityPackageName,
|
|
47
|
-
...(config?.playIntegrityPinnedJwks !== undefined
|
|
48
|
-
? { pinnedJwks: config.playIntegrityPinnedJwks }
|
|
49
|
-
: {}),
|
|
50
|
-
...(config?.playIntegrityRequiredDeviceIntegrity !== undefined
|
|
51
|
-
? { requiredDeviceIntegrity: config.playIntegrityRequiredDeviceIntegrity }
|
|
52
|
-
: {}),
|
|
53
|
-
}),
|
|
54
41
|
webauthn: webauthnVerifier({
|
|
55
42
|
expectedRpId: webauthnRpId,
|
|
56
43
|
rootPems: config?.webauthnRootPems ?? DEFAULT_FIDO_ROOTS,
|
package/dist/adapters.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"adapters.js","sourceRoot":"","sources":["../src/adapters.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"adapters.js","sourceRoot":"","sources":["../src/adapters.ts"],"names":[],"mappings":"AAqCA,OAAO,EAAE,uBAAuB,EAAE,MAAM,kCAAkC,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAC1F,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAoDhF,wDAAwD;AACxD,MAAM,iBAAiB,GAAG,oBAAoB,CAAC;AAC/C,qEAAqE;AACrE,MAAM,sBAAsB,GAAG,aAAa,CAAC;AAE7C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAqC;IAErC,MAAM,iBAAiB,GAAG,MAAM,EAAE,iBAAiB,IAAI,iBAAiB,CAAC;IACzE,MAAM,YAAY,GAAG,MAAM,EAAE,YAAY,IAAI,sBAAsB,CAAC;IAEpE,MAAM,SAAS,GAA0C;QACvD,WAAW,EAAE,mBAAmB,CAAC;YAC/B,gBAAgB,EAAE,iBAAiB;YACnC,OAAO,EAAE,MAAM,EAAE,gBAAgB,IAAI,wBAAwB;SAC9D,CAAC;QACF,GAAG,EAAE,WAAW,CAAC;YACf,GAAG,CAAC,MAAM,EAAE,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/E,CAAC;QACF,QAAQ,EAAE,gBAAgB,CAAC;YACzB,YAAY,EAAE,YAAY;YAC1B,QAAQ,EAAE,MAAM,EAAE,gBAAgB,IAAI,kBAAkB;SACzD,CAAC;KACH,CAAC;IAEF,oEAAoE;IACpE,oEAAoE;IACpE,gEAAgE;IAChE,2DAA2D;IAC3D,iCAAiC;IACjC,IAAI,MAAM,EAAE,+CAA+C,KAAK,SAAS,EAAE,CAAC;QAC1E,SAAS,CAAC,eAAe,GAAG,uBAAuB,CAAC;YAClD,gCAAgC,EAAE,MAAM,CAAC,+CAA+C;YACxF,GAAG,CAAC,MAAM,CAAC,uBAAuB,KAAK,SAAS;gBAC9C,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,uBAAuB,EAAE;gBAC9C,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CAAC;IACL,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
package/dist/cli.d.ts
CHANGED
|
@@ -5,10 +5,9 @@
|
|
|
5
5
|
* Verifies identity files, execution receipts, credentials, and
|
|
6
6
|
* presentations against their embedded signatures. When a credential
|
|
7
7
|
* carries a `hardware_attestation` claim for `device_check` / `tpm` /
|
|
8
|
-
* `android_keystore` / `webauthn
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
* identity binding end-to-end.
|
|
8
|
+
* `android_keystore` / `webauthn`, the bundled platform adapters
|
|
9
|
+
* verify the chain, extension, package binding, and identity binding
|
|
10
|
+
* end-to-end.
|
|
12
11
|
*
|
|
13
12
|
* ```
|
|
14
13
|
* motebit-verify <file> # auto-detect, print human
|
|
@@ -30,9 +29,8 @@
|
|
|
30
29
|
* 2 usage / I/O error
|
|
31
30
|
*
|
|
32
31
|
* Network-free by design. Every adapter pins its own trust anchor
|
|
33
|
-
* (Apple App Attest Root CA, FIDO roots, TPM vendor roots
|
|
34
|
-
*
|
|
35
|
-
* real bytes (see `@motebit/crypto-play-integrity`'s CLAUDE.md).
|
|
32
|
+
* (Apple App Attest Root CA, FIDO roots, TPM vendor roots, Google
|
|
33
|
+
* Hardware Attestation roots).
|
|
36
34
|
*
|
|
37
35
|
* Three-package lineage — mirrors how tools like `git` / `libgit2` or
|
|
38
36
|
* `cargo` / `tokio` separate the verb-tool from the library layer:
|
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG"}
|
package/dist/cli.js
CHANGED
|
@@ -5,10 +5,9 @@
|
|
|
5
5
|
* Verifies identity files, execution receipts, credentials, and
|
|
6
6
|
* presentations against their embedded signatures. When a credential
|
|
7
7
|
* carries a `hardware_attestation` claim for `device_check` / `tpm` /
|
|
8
|
-
* `android_keystore` / `webauthn
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
* identity binding end-to-end.
|
|
8
|
+
* `android_keystore` / `webauthn`, the bundled platform adapters
|
|
9
|
+
* verify the chain, extension, package binding, and identity binding
|
|
10
|
+
* end-to-end.
|
|
12
11
|
*
|
|
13
12
|
* ```
|
|
14
13
|
* motebit-verify <file> # auto-detect, print human
|
|
@@ -30,9 +29,8 @@
|
|
|
30
29
|
* 2 usage / I/O error
|
|
31
30
|
*
|
|
32
31
|
* Network-free by design. Every adapter pins its own trust anchor
|
|
33
|
-
* (Apple App Attest Root CA, FIDO roots, TPM vendor roots
|
|
34
|
-
*
|
|
35
|
-
* real bytes (see `@motebit/crypto-play-integrity`'s CLAUDE.md).
|
|
32
|
+
* (Apple App Attest Root CA, FIDO roots, TPM vendor roots, Google
|
|
33
|
+
* Hardware Attestation roots).
|
|
36
34
|
*
|
|
37
35
|
* Three-package lineage — mirrors how tools like `git` / `libgit2` or
|
|
38
36
|
* `cargo` / `tokio` separate the verb-tool from the library layer:
|
|
@@ -59,7 +57,6 @@ function parseArgs(argv) {
|
|
|
59
57
|
let expectedType;
|
|
60
58
|
let clockSkewSeconds;
|
|
61
59
|
let bundleId;
|
|
62
|
-
let androidPackage;
|
|
63
60
|
let androidAttestationApplicationIdPath;
|
|
64
61
|
let rpId;
|
|
65
62
|
let help = false;
|
|
@@ -114,14 +111,6 @@ function parseArgs(argv) {
|
|
|
114
111
|
i += 2;
|
|
115
112
|
break;
|
|
116
113
|
}
|
|
117
|
-
case "--android-package": {
|
|
118
|
-
const value = argv[i + 1];
|
|
119
|
-
if (value === undefined)
|
|
120
|
-
return usage("--android-package requires a value");
|
|
121
|
-
androidPackage = value;
|
|
122
|
-
i += 2;
|
|
123
|
-
break;
|
|
124
|
-
}
|
|
125
114
|
case "--android-attestation-application-id": {
|
|
126
115
|
// Path to a binary file containing the raw bytes of the leaf
|
|
127
116
|
// cert's `attestationApplicationId` extension value. Operators
|
|
@@ -170,7 +159,6 @@ function parseArgs(argv) {
|
|
|
170
159
|
...(expectedType !== undefined && { expectedType }),
|
|
171
160
|
...(clockSkewSeconds !== undefined && { clockSkewSeconds }),
|
|
172
161
|
...(bundleId !== undefined && { bundleId }),
|
|
173
|
-
...(androidPackage !== undefined && { androidPackage }),
|
|
174
162
|
...(androidAttestationApplicationIdPath !== undefined && {
|
|
175
163
|
androidAttestationApplicationIdPath,
|
|
176
164
|
}),
|
|
@@ -200,9 +188,6 @@ function renderHelp() {
|
|
|
200
188
|
" --clock-skew <seconds> Allow N seconds of clock skew.",
|
|
201
189
|
" --bundle-id <id> Override the expected iOS bundle ID for App Attest",
|
|
202
190
|
" (default: com.motebit.mobile).",
|
|
203
|
-
" --android-package <name> Override the expected Android package name for",
|
|
204
|
-
" the deprecated Play Integrity adapter",
|
|
205
|
-
" (default: com.motebit.mobile).",
|
|
206
191
|
" --android-attestation-application-id <path>",
|
|
207
192
|
" Path to a binary file containing the raw bytes",
|
|
208
193
|
" of the leaf cert's `attestationApplicationId`",
|
|
@@ -231,11 +216,13 @@ function renderHelp() {
|
|
|
231
216
|
" --android-attestation-application-id)",
|
|
232
217
|
" webauthn WebAuthn packed attestation (pinned Apple / Yubico / Microsoft)",
|
|
233
218
|
"",
|
|
234
|
-
"PLATFORMS
|
|
235
|
-
" play_integrity Google Play Integrity
|
|
236
|
-
"
|
|
237
|
-
"
|
|
238
|
-
"
|
|
219
|
+
"PLATFORMS REMOVED",
|
|
220
|
+
" play_integrity Google Play Integrity adapter was removed 2026-05-03.",
|
|
221
|
+
" Credentials carrying this platform now hit the canonical",
|
|
222
|
+
" dispatcher's fail-closed 'verifier not wired' branch.",
|
|
223
|
+
" Use @motebit/crypto-android-keystore instead — see",
|
|
224
|
+
" docs/doctrine/hardware-attestation.md § 'Three",
|
|
225
|
+
" architectural categories' for the structural reason.",
|
|
239
226
|
].join("\n");
|
|
240
227
|
}
|
|
241
228
|
let cachedVersion;
|
|
@@ -286,7 +273,6 @@ async function main() {
|
|
|
286
273
|
}
|
|
287
274
|
const hardwareAttestation = buildHardwareVerifiers({
|
|
288
275
|
...(args.bundleId !== undefined && { appAttestBundleId: args.bundleId }),
|
|
289
|
-
...(args.androidPackage !== undefined && { playIntegrityPackageName: args.androidPackage }),
|
|
290
276
|
...(androidKeystoreExpectedAttestationApplicationId !== undefined && {
|
|
291
277
|
androidKeystoreExpectedAttestationApplicationId,
|
|
292
278
|
}),
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE5D,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEvD,MAAM,aAAa,GAA4B;IAC7C,UAAU;IACV,SAAS;IACT,YAAY;IACZ,cAAc;IACd,OAAO;CACR,CAAC;AAcF,SAAS,SAAS,CAAC,IAAuB;IACxC,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,YAAsC,CAAC;IAC3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAA4B,CAAC;IACjC,IAAI,mCAAuD,CAAC;IAC5D,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACrB,QAAQ,GAAG,EAAE,CAAC;YACZ,KAAK,IAAI,CAAC;YACV,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,IAAI,CAAC;YACV,KAAK,WAAW;gBACd,OAAO,GAAG,IAAI,CAAC;gBACf,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,GAAG,IAAI,CAAC;gBACZ,CAAC,EAAE,CAAC;gBACJ,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,iBAAiB,CAAC,CAAC,CAAC;gBACvB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,GAAG,GAAG,mBAAmB,CAAC,CAAC;gBACjE,IAAI,CAAE,aAAmC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1D,OAAO,KAAK,CAAC,2BAA2B,KAAK,aAAa,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACzF,CAAC;gBACD,YAAY,GAAG,KAAqB,CAAC;gBACrC,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,gDAAgD,CAAC,CAAC;gBACxF,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjC,OAAO,KAAK,CAAC,qDAAqD,KAAK,IAAI,CAAC,CAAC;gBAC/E,CAAC;gBACD,gBAAgB,GAAG,CAAC,CAAC;gBACrB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,8BAA8B,CAAC,CAAC;gBACtE,QAAQ,GAAG,KAAK,CAAC;gBACjB,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,sCAAsC,CAAC,CAAC,CAAC;gBAC5C,6DAA6D;gBAC7D,+DAA+D;gBAC/D,0DAA0D;gBAC1D,2DAA2D;gBAC3D,+DAA+D;gBAC/D,8DAA8D;gBAC9D,8CAA8C;gBAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;oBACxB,OAAO,KAAK,CAAC,uEAAuE,CAAC,CAAC;gBACxF,CAAC;gBACD,mCAAmC,GAAG,KAAK,CAAC;gBAC5C,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1B,IAAI,KAAK,KAAK,SAAS;oBAAE,OAAO,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBAClE,IAAI,GAAG,KAAK,CAAC;gBACb,CAAC,IAAI,CAAC,CAAC;gBACP,MAAM;YACR,CAAC;YACD;gBACE,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,OAAO,KAAK,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAC;gBAC9D,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvB,OAAO,KAAK,CACV,sDAAsD,GAAG,aAAa,IAAI,IAAI,CAC/E,CAAC;gBACJ,CAAC;gBACD,IAAI,GAAG,GAAG,CAAC;gBACX,CAAC,EAAE,CAAC;gBACJ,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IACxC,IAAI,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC9C,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAE9D,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,IAAI;QACJ,IAAI;QACJ,GAAG,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,CAAC;QACnD,GAAG,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,CAAC;QAC3D,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC3C,GAAG,CAAC,mCAAmC,KAAK,SAAS,IAAI;YACvD,mCAAmC;SACpC,CAAC;QACF,GAAG,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,IAAI,EAAE,CAAC;KACpC,CAAC;AACJ,CAAC;AAED,SAAS,KAAK,CAAC,OAAe;IAC5B,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;AAC5D,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,8DAA8D;QAC9D,EAAE;QACF,OAAO;QACP,mCAAmC;QACnC,EAAE;QACF,6EAA6E;QAC7E,wEAAwE;QACxE,6DAA6D;QAC7D,oEAAoE;QACpE,qEAAqE;QACrE,mCAAmC;QACnC,EAAE;QACF,SAAS;QACT,8EAA8E;QAC9E,2EAA2E;QAC3E,4DAA4D;QAC5D,gFAAgF;QAChF,4DAA4D;QAC5D,+CAA+C;QAC/C,4EAA4E;QAC5E,2EAA2E;QAC3E,qEAAqE;QACrE,yEAAyE;QACzE,uEAAuE;QACvE,0EAA0E;QAC1E,4EAA4E;QAC5E,yEAAyE;QACzE,4DAA4D;QAC5D,6EAA6E;QAC7E,qDAAqD;QACrD,6CAA6C;QAC7C,4CAA4C;QAC5C,EAAE;QACF,YAAY;QACZ,kEAAkE;QAClE,qFAAqF;QACrF,0BAA0B;QAC1B,EAAE;QACF,6BAA6B;QAC7B,2DAA2D;QAC3D,sFAAsF;QACtF,mEAAmE;QACnE,iEAAiE;QACjE,4DAA4D;QAC5D,sFAAsF;QACtF,EAAE;QACF,mBAAmB;QACnB,4EAA4E;QAC5E,+EAA+E;QAC/E,4EAA4E;QAC5E,yEAAyE;QACzE,qEAAqE;QACrE,2EAA2E;KAC5E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,IAAI,aAAiC,CAAC;AACtC,SAAS,iBAAiB;IACxB,IAAI,aAAa,KAAK,SAAS;QAAE,OAAO,aAAa,CAAC;IACtD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAyB,CAAC;QAC/E,aAAa,GAAG,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,aAAa,GAAG,OAAO,CAAC;IAC1B,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,iBAAiB,EAAE,IAAI,CAAC,CAAC;QACjD,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,UAAU,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,UAAU,OAAO,IAAI,IAAI,CAAC,CAAC;YACxE,OAAO,CAAC,CAAC;QACX,CAAC;QACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC;QAClC,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,UAAU,EAAE,IAAI,CAAC,CAAC;QACnF,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,+CAAuE,CAAC;IAC5E,IAAI,IAAI,CAAC,mCAAmC,KAAK,SAAS,EAAE,CAAC;QAC3D,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACrE,+CAA+C,GAAG,IAAI,UAAU,CAC9D,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,UAAU,EAChB,KAAK,CAAC,UAAU,CACjB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,uEAAuE,IAAI,CAAC,mCAAmC,KAAK,GAAG,IAAI,CAC5H,CAAC;YACF,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,MAAM,mBAAmB,GAAG,sBAAsB,CAAC;QACjD,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,EAAE,iBAAiB,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACxE,GAAG,CAAC,+CAA+C,KAAK,SAAS,IAAI;YACnE,+CAA+C;SAChD,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;KAC5D,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE;YACnC,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3E,GAAG,CAAC,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,EAAE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACvF,mBAAmB;SACpB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC;QAC3E,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,IAAI,EAAE;KACH,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;IACb,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACrB,CAAC,CAAC;KACD,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAAC;IACjD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
* "tpm" | "android_keystore" | "webauthn", ... }` verifies end-to-end
|
|
10
10
|
* through this package instead of returning the permissive-floor
|
|
11
11
|
* verifier's `adapter not yet shipped` sentinel. The deprecated
|
|
12
|
-
* `play_integrity`
|
|
13
|
-
*
|
|
14
|
-
*
|
|
12
|
+
* `play_integrity` adapter was removed 2026-05-03 — credentials
|
|
13
|
+
* carrying that platform hit the canonical dispatcher's fail-closed
|
|
14
|
+
* "verifier not wired" branch.
|
|
15
15
|
*
|
|
16
16
|
* Programmatic use:
|
|
17
17
|
*
|
package/dist/index.js
CHANGED
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
* "tpm" | "android_keystore" | "webauthn", ... }` verifies end-to-end
|
|
10
10
|
* through this package instead of returning the permissive-floor
|
|
11
11
|
* verifier's `adapter not yet shipped` sentinel. The deprecated
|
|
12
|
-
* `play_integrity`
|
|
13
|
-
*
|
|
14
|
-
*
|
|
12
|
+
* `play_integrity` adapter was removed 2026-05-03 — credentials
|
|
13
|
+
* carrying that platform hit the canonical dispatcher's fail-closed
|
|
14
|
+
* "verifier not wired" branch.
|
|
15
15
|
*
|
|
16
16
|
* Programmatic use:
|
|
17
17
|
*
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@motebit/verify",
|
|
3
|
-
"version": "1.2.
|
|
4
|
-
"description": "The canonical `motebit-verify` command-line tool — verifies any signed motebit artifact offline, with every hardware-attestation platform bundled (Apple App Attest, Android Hardware-Backed Keystore Attestation, TPM 2.0, WebAuthn
|
|
3
|
+
"version": "1.2.2",
|
|
4
|
+
"description": "The canonical `motebit-verify` command-line tool — verifies any signed motebit artifact offline, with every hardware-attestation platform bundled (Apple App Attest, Android Hardware-Backed Keystore Attestation, TPM 2.0, WebAuthn). One install, no network, self-attesting. Replaces the deprecated @motebit/verify@0.x zero-dep library: library primitives now live in @motebit/crypto; file-reading + formatting helpers in @motebit/verifier; this package is the binary.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
7
7
|
"types": "./dist/index.d.ts",
|
|
@@ -36,7 +36,6 @@
|
|
|
36
36
|
"tpm",
|
|
37
37
|
"webauthn",
|
|
38
38
|
"ed25519",
|
|
39
|
-
"play-integrity",
|
|
40
39
|
"attestation"
|
|
41
40
|
],
|
|
42
41
|
"homepage": "https://github.com/motebit/motebit/tree/main/packages/verify#readme",
|
|
@@ -52,13 +51,12 @@
|
|
|
52
51
|
"access": "public"
|
|
53
52
|
},
|
|
54
53
|
"dependencies": {
|
|
55
|
-
"@motebit/crypto": "1.2.
|
|
56
|
-
"@motebit/crypto-android-keystore": "1.1.
|
|
57
|
-
"@motebit/crypto-
|
|
58
|
-
"@motebit/crypto-tpm": "1.1.
|
|
59
|
-
"@motebit/crypto-
|
|
60
|
-
"@motebit/
|
|
61
|
-
"@motebit/verifier": "1.1.0"
|
|
54
|
+
"@motebit/crypto": "1.2.1",
|
|
55
|
+
"@motebit/crypto-android-keystore": "1.1.2",
|
|
56
|
+
"@motebit/crypto-appattest": "1.0.4",
|
|
57
|
+
"@motebit/crypto-tpm": "1.1.3",
|
|
58
|
+
"@motebit/crypto-webauthn": "1.0.4",
|
|
59
|
+
"@motebit/verifier": "1.1.1"
|
|
62
60
|
},
|
|
63
61
|
"devDependencies": {
|
|
64
62
|
"@noble/curves": "^1.9.0",
|