@ocap/mcrypto 1.29.22 → 1.29.23

package/lib/webauthn.d.cts

@@ -0,0 +1,210 @@
+declare namespace webauthn_d_exports {
+  export { COSEALG, COSECRV, COSEKEYS, COSEKTY, GenerateAuthenticationOptionsOpts, GenerateRegistrationOptionsOpts, ParsedAuthenticatorData, RegistrationResponseJSON, VerifiedRegistrationResponse, cose, decodeClientDataJSON, generateAuthenticationOptions, generateChallenge, generateRegistrationOptions, isoBase64URL, isoCBOR, isoUint8Array, parseAuthenticatorData, toHash, verifyRegistrationResponse, verifySignature };
+}
+declare const COSEKEYS: {
+  readonly kty: 1;
+  readonly alg: 3;
+  readonly crv: -1;
+  readonly x: -2;
+  readonly y: -3;
+  readonly n: -1;
+  readonly e: -2;
+};
+declare const COSEKTY: {
+  readonly OKP: 1;
+  readonly EC2: 2;
+  readonly RSA: 3;
+};
+declare const COSEALG: {
+  readonly ES256: -7;
+  readonly EdDSA: -8;
+  readonly ES384: -35;
+  readonly ES512: -36;
+  readonly PS256: -37;
+  readonly PS384: -38;
+  readonly PS512: -39;
+  readonly ES256K: -47;
+  readonly RS256: -257;
+  readonly RS384: -258;
+  readonly RS512: -259;
+  readonly RS1: -65535;
+};
+declare const COSECRV: {
+  readonly P256: 1;
+  readonly P384: 2;
+  readonly P521: 3;
+  readonly ED25519: 6;
+  readonly SECP256K1: 8;
+};
+declare const cose: {
+  COSEKEYS: {
+    readonly kty: 1;
+    readonly alg: 3;
+    readonly crv: -1;
+    readonly x: -2;
+    readonly y: -3;
+    readonly n: -1;
+    readonly e: -2;
+  };
+  COSEKTY: {
+    readonly OKP: 1;
+    readonly EC2: 2;
+    readonly RSA: 3;
+  };
+  COSEALG: {
+    readonly ES256: -7;
+    readonly EdDSA: -8;
+    readonly ES384: -35;
+    readonly ES512: -36;
+    readonly PS256: -37;
+    readonly PS384: -38;
+    readonly PS512: -39;
+    readonly ES256K: -47;
+    readonly RS256: -257;
+    readonly RS384: -258;
+    readonly RS512: -259;
+    readonly RS1: -65535;
+  };
+  COSECRV: {
+    readonly P256: 1;
+    readonly P384: 2;
+    readonly P521: 3;
+    readonly ED25519: 6;
+    readonly SECP256K1: 8;
+  };
+};
+declare const isoBase64URL: {
+  toBuffer(base64url: string): Uint8Array;
+  fromBuffer(buffer: Uint8Array, to?: "base64url" | "base64"): string;
+  toUTF8String(base64url: string): string;
+  fromUTF8String(utf8String: string): string;
+};
+declare const isoUint8Array: {
+  concat(arrays: Uint8Array[]): Uint8Array;
+  areEqual(a: Uint8Array, b: Uint8Array): boolean;
+  toDataView(array: Uint8Array): DataView;
+  fromHex(hex: string): Uint8Array;
+};
+declare const isoCBOR: {
+  decodeFirst<T = any>(input: Uint8Array): T;
+  encode(input: any): Uint8Array;
+};
+declare function toHash(data: Uint8Array | string, algorithm?: number): Promise<Uint8Array>;
+declare function decodeClientDataJSON(data: string): {
+  type: string;
+  challenge: string;
+  origin: string;
+  crossOrigin?: boolean;
+};
+interface ParsedAuthenticatorData {
+  rpIdHash: Uint8Array;
+  flagsBuf: Uint8Array;
+  flags: {
+    up: boolean;
+    uv: boolean;
+    be: boolean;
+    bs: boolean;
+    at: boolean;
+    ed: boolean;
+    flagsInt: number;
+  };
+  counter: number;
+  counterBuf: Uint8Array;
+  aaguid?: Uint8Array;
+  credentialID?: Uint8Array;
+  credentialPublicKey?: Uint8Array;
+  extensionsData?: any;
+  extensionsDataBuffer?: Uint8Array;
+}
+declare function parseAuthenticatorData(authData: Uint8Array): ParsedAuthenticatorData;
+declare function verifySignature(opts: {
+  signature: Uint8Array;
+  data: Uint8Array;
+  credentialPublicKey: Uint8Array;
+}): Promise<boolean>;
+declare function generateChallenge(): Uint8Array;
+type GenerateRegistrationOptionsOpts = {
+  rpName: string;
+  rpID: string;
+  userName: string;
+  userID?: Uint8Array;
+  challenge?: string | Uint8Array;
+  userDisplayName?: string;
+  timeout?: number;
+  attestationType?: 'direct' | 'enterprise' | 'none';
+  excludeCredentials?: {
+    id: string;
+    transports?: string[];
+  }[];
+  authenticatorSelection?: {
+    authenticatorAttachment?: string;
+    residentKey?: string;
+    requireResidentKey?: boolean;
+    userVerification?: string;
+  };
+  extensions?: Record<string, any>;
+  supportedAlgorithmIDs?: number[];
+};
+declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<Record<string, any>>;
+type GenerateAuthenticationOptionsOpts = {
+  rpID: string;
+  allowCredentials?: {
+    id: string;
+    transports?: string[];
+  }[];
+  challenge?: string | Uint8Array;
+  timeout?: number;
+  userVerification?: 'required' | 'preferred' | 'discouraged';
+  extensions?: Record<string, any>;
+};
+declare function generateAuthenticationOptions(options: GenerateAuthenticationOptionsOpts): Promise<Record<string, any>>;
+type RegistrationResponseJSON = {
+  id: string;
+  rawId: string;
+  type: string;
+  response: {
+    attestationObject: string;
+    clientDataJSON: string;
+    transports?: string[];
+    publicKey?: string;
+    publicKeyAlgorithm?: number;
+    authenticatorData?: string;
+  };
+  clientExtensionResults?: Record<string, any>;
+};
+type VerifiedRegistrationResponse = {
+  verified: false;
+  registrationInfo?: never;
+} | {
+  verified: true;
+  registrationInfo: {
+    fmt: string;
+    aaguid: string;
+    credential: {
+      id: string;
+      publicKey: Uint8Array;
+      counter: number;
+      transports?: string[];
+    };
+    credentialType: 'public-key';
+    attestationObject: Uint8Array;
+    userVerified: boolean;
+    credentialDeviceType: 'singleDevice' | 'multiDevice';
+    credentialBackedUp: boolean;
+    origin: string;
+    rpID?: string;
+    authenticatorExtensionResults?: any;
+  };
+};
+declare function verifyRegistrationResponse(options: {
+  response: RegistrationResponseJSON;
+  expectedChallenge: string | ((challenge: string) => boolean | Promise<boolean>);
+  expectedOrigin: string | string[];
+  expectedRPID?: string | string[];
+  expectedType?: string | string[];
+  requireUserPresence?: boolean;
+  requireUserVerification?: boolean;
+  supportedAlgorithmIDs?: number[];
+}): Promise<VerifiedRegistrationResponse>;
+//#endregion
+export { COSEALG, COSECRV, COSEKEYS, COSEKTY, GenerateAuthenticationOptionsOpts, GenerateRegistrationOptionsOpts, ParsedAuthenticatorData, RegistrationResponseJSON, VerifiedRegistrationResponse, cose, decodeClientDataJSON, generateAuthenticationOptions, generateChallenge, generateRegistrationOptions, isoBase64URL, isoCBOR, isoUint8Array, parseAuthenticatorData, toHash, verifyRegistrationResponse, verifySignature, webauthn_d_exports };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ocap/mcrypto",
-  "version": "1.29.22",
+  "version": "1.29.23",
   "type": "module",
   "description": "Crypto lib that provides signer,crypter,hasher interface",
   "keywords": [
@@ -48,9 +48,8 @@
     "esm"
   ],
   "devDependencies": {
-    "@ocap/e2e-test": "1.29.22",
+    "@ocap/e2e-test": "1.29.23",
     "@types/crypto-js": "^4.2.2",
-    "@types/elliptic": "^6.4.18",
     "@types/node": "^22.7.5",
     "@types/randombytes": "^2.0.3",
     "tsdown": "^0.18.4",
@@ -74,19 +73,16 @@
     "url": "https://github.com/ArcBlock/blockchain/issues"
   },
   "dependencies": {
+    "@noble/curves": "^1.4.0",
     "@noble/ed25519": "^3.0.0",
     "@noble/hashes": "^2.0.1",
-    "@ocap/util": "1.29.22",
-    "@simplewebauthn/server": "^13.0.0",
+    "@ocap/util": "1.29.23",
     "bn.js": "5.2.3",
     "crypto-js": "^4.2.0",
-    "elliptic": "^6.6.1",
-    "eth-lib": "^0.2.8",
     "interface": "^1.2.1",
     "randombytes": "^2.1.0"
   },
   "resolutions": {
-    "bn.js": "5.2.3",
-    "elliptic": "6.5.3"
+    "bn.js": "5.2.3"
   }
 }