@revibase/ctap2-js 0.1.0

package/lib/helpers/fromWebAuthnJson.js

@@ -0,0 +1,125 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.authenticatorMakeCredentialRequestFromPublicKeyCredentialCreationOptionsJSON = exports.authenticatorGetAssertionRequestFromPublicKeyCredentialRequestOptionsJSON = void 0;
+const sha2_js_1 = require("@noble/hashes/sha2.js");
+const utils_js_1 = require("@noble/hashes/utils.js");
+const errors_1 = require("../errors");
+const base64url_1 = require("./base64url");
+const clientData_1 = require("./clientData");
+function userVerificationToOptionalUvBool(uv) {
+    if (uv === "required") {
+        return true;
+    }
+    if (uv === "discouraged") {
+        return false;
+    }
+    return undefined;
+}
+function mapAuthenticatorSelection(sel) {
+    if (!sel) {
+        return undefined;
+    }
+    let rk;
+    if (sel.residentKey === "required" || sel.residentKey === "preferred") {
+        rk = true;
+    }
+    else if (sel.residentKey === "discouraged") {
+        rk = false;
+    }
+    else if (sel.requireResidentKey === true) {
+        rk = true;
+    }
+    const uv = userVerificationToOptionalUvBool(sel.userVerification);
+    if (rk === undefined && uv === undefined) {
+        return undefined;
+    }
+    const o = {};
+    if (rk !== undefined) {
+        o.rk = rk;
+    }
+    if (uv !== undefined) {
+        o.uv = uv;
+    }
+    return o;
+}
+function pickCtapExtensions(ext, mode) {
+    if (!ext) {
+        return undefined;
+    }
+    const out = {};
+    for (const [k, v] of Object.entries(ext)) {
+        if (v == null) {
+            continue;
+        }
+        if (mode === "assertion" && k === "credProps") {
+            continue;
+        }
+        out[k] = v;
+    }
+    return Object.keys(out).length ? out : undefined;
+}
+function authenticatorGetAssertionRequestFromPublicKeyCredentialRequestOptionsJSON(args) {
+    const { challenge, rpId, allowCredentials, userVerification, extensions, crossOrigin = false, topOrigin, origin, } = args;
+    if (!rpId)
+        throw new errors_1.ApduError("WebAuthn options: rpId is required");
+    const clientDataJSON = (0, clientData_1.buildCollectedClientDataJSON)("webauthn.get", {
+        challenge,
+        origin,
+        crossOrigin,
+        topOrigin,
+    });
+    const clientDataHash = (0, sha2_js_1.sha256)((0, utils_js_1.utf8ToBytes)(clientDataJSON));
+    const uv = userVerificationToOptionalUvBool(userVerification);
+    const uvOpts = uv === undefined ? undefined : { up: true, uv };
+    const parsedExtensions = extensions
+        ? pickCtapExtensions(extensions, "assertion")
+        : undefined;
+    return {
+        rpId,
+        clientDataHash,
+        allowCredentials: allowCredentials?.map((d) => ({
+            id: new Uint8Array((0, base64url_1.base64URLStringToBuffer)(d.id)),
+            type: d.type ?? "public-key",
+        })),
+        extensions: parsedExtensions,
+        options: uvOpts,
+    };
+}
+exports.authenticatorGetAssertionRequestFromPublicKeyCredentialRequestOptionsJSON = authenticatorGetAssertionRequestFromPublicKeyCredentialRequestOptionsJSON;
+function authenticatorMakeCredentialRequestFromPublicKeyCredentialCreationOptionsJSON(args) {
+    const { challenge, user, excludeCredentials, extensions, authenticatorSelection, crossOrigin = false, topOrigin, origin, pubKeyCredParams, rp, } = args;
+    if (!rp.id)
+        throw new errors_1.ApduError("WebAuthn options: rp.id is required");
+    const clientDataJSON = (0, clientData_1.buildCollectedClientDataJSON)("webauthn.create", {
+        challenge,
+        origin,
+        crossOrigin,
+        topOrigin,
+    });
+    const clientDataHash = (0, sha2_js_1.sha256)((0, utils_js_1.utf8ToBytes)(clientDataJSON));
+    const userId = new Uint8Array((0, base64url_1.base64URLStringToBuffer)(user.id));
+    const parsedExtensions = extensions
+        ? pickCtapExtensions(extensions, "registration")
+        : undefined;
+    const opt = mapAuthenticatorSelection(authenticatorSelection);
+    return {
+        clientDataHash,
+        rp: { id: rp.id, name: rp.name },
+        user: {
+            id: userId,
+            name: user.name,
+            displayName: user.displayName,
+        },
+        pubKeyCredParams: pubKeyCredParams.map((p) => ({
+            alg: p.alg,
+            type: p.type ?? "public-key",
+        })),
+        excludeCredentials: excludeCredentials?.map((d) => ({
+            id: new Uint8Array((0, base64url_1.base64URLStringToBuffer)(d.id)),
+            type: d.type ?? "public-key",
+        })),
+        extensions: parsedExtensions,
+        options: opt,
+    };
+}
+exports.authenticatorMakeCredentialRequestFromPublicKeyCredentialCreationOptionsJSON = authenticatorMakeCredentialRequestFromPublicKeyCredentialCreationOptionsJSON;

package/lib/helpers/webauthnResponses.d.ts

@@ -0,0 +1,21 @@
+import { AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/browser";
+import type { AuthenticatorGetAssertionResponse } from "../ctap2/getAssertion";
+import { type AuthenticatorMakeCredentialResponse } from "../ctap2/makeCredential";
+type ToWebAuthnResponseJSONInput = {
+    kind: "authentication";
+    assertion: AuthenticatorGetAssertionResponse;
+    credentialId?: Uint8Array;
+    clientDataJSON: string;
+} | {
+    kind: "registration";
+    credential: AuthenticatorMakeCredentialResponse;
+    clientDataJSON: string;
+};
+export declare function toWebAuthnResponseJSON(input: Extract<ToWebAuthnResponseJSONInput, {
+    kind: "authentication";
+}>): AuthenticationResponseJSON;
+export declare function toWebAuthnResponseJSON(input: Extract<ToWebAuthnResponseJSONInput, {
+    kind: "registration";
+}>): RegistrationResponseJSON;
+export {};
+//# sourceMappingURL=webauthnResponses.d.ts.map

package/lib/helpers/webauthnResponses.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webauthnResponses.d.ts","sourceRoot":"","sources":["../../src/helpers/webauthnResponses.ts"],"names":[],"mappings":"AACA,OAAO,EACN,0BAA0B,EAC1B,wBAAwB,EACxB,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,uBAAuB,CAAC;AAE/E,OAAO,EAGN,KAAK,mCAAmC,EACxC,MAAM,yBAAyB,CAAC;AAIjC,KAAK,2BAA2B,GAC7B;IACA,IAAI,EAAE,gBAAgB,CAAC;IACvB,SAAS,EAAE,iCAAiC,CAAC;IAC7C,YAAY,CAAC,EAAE,UAAU,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;CACtB,GACD;IACA,IAAI,EAAE,cAAc,CAAC;IACrB,UAAU,EAAE,mCAAmC,CAAC;IAChD,cAAc,EAAE,MAAM,CAAC;CACtB,CAAC;AAEL,wBAAgB,sBAAsB,CACrC,KAAK,EAAE,OAAO,CAAC,2BAA2B,EAAE;IAAE,IAAI,EAAE,gBAAgB,CAAA;CAAE,CAAC,GACrE,0BAA0B,CAAC;AAC9B,wBAAgB,sBAAsB,CACrC,KAAK,EAAE,OAAO,CAAC,2BAA2B,EAAE;IAAE,IAAI,EAAE,cAAc,CAAA;CAAE,CAAC,GACnE,wBAAwB,CAAC"}

package/lib/helpers/webauthnResponses.js

@@ -0,0 +1,51 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.toWebAuthnResponseJSON = void 0;
+const utils_js_1 = require("@noble/hashes/utils.js");
+const errors_1 = require("../errors");
+const makeCredential_1 = require("../ctap2/makeCredential");
+const authDataExtensions_1 = require("./authDataExtensions");
+const base64url_1 = require("./base64url");
+function toWebAuthnResponseJSON(input) {
+    if (input.kind === "authentication") {
+        const { assertion, credentialId: credentialIdArg, clientDataJSON, } = input;
+        const clientExtensionResults = (0, authDataExtensions_1.parseAuthenticatorDataExtensions)(assertion.authData);
+        const credBytes = assertion.credential?.id ??
+            credentialIdArg ??
+            (() => {
+                throw new errors_1.ApduError("Assertion response missing credential id; set credentialId (base64url) on the request object or use a token that returns it in CBOR");
+            })();
+        const idStr = (0, base64url_1.bufferToBase64URLString)(credBytes);
+        return {
+            id: idStr,
+            rawId: idStr,
+            type: "public-key",
+            clientExtensionResults,
+            response: {
+                clientDataJSON: (0, base64url_1.bufferToBase64URLString)((0, utils_js_1.utf8ToBytes)(clientDataJSON)),
+                authenticatorData: (0, base64url_1.bufferToBase64URLString)(assertion.authData),
+                signature: (0, base64url_1.bufferToBase64URLString)(assertion.signature),
+                userHandle: assertion.user?.id !== undefined
+                    ? (0, base64url_1.bufferToBase64URLString)(assertion.user.id)
+                    : undefined,
+            },
+        };
+    }
+    const { credential, clientDataJSON } = input;
+    const ao = (0, makeCredential_1.buildAttestationObjectBytes)(credential.fmt, credential.authData, credential.attStmt);
+    const credentialId = (0, makeCredential_1.extractCredentialIdFromAuthData)(credential.authData);
+    const idStr = (0, base64url_1.bufferToBase64URLString)(credentialId);
+    const clientExtensionResults = (0, authDataExtensions_1.parseAuthenticatorDataExtensions)(credential.authData);
+    return {
+        id: idStr,
+        rawId: idStr,
+        type: "public-key",
+        clientExtensionResults,
+        response: {
+            clientDataJSON: (0, base64url_1.bufferToBase64URLString)((0, utils_js_1.utf8ToBytes)(clientDataJSON)),
+            attestationObject: (0, base64url_1.bufferToBase64URLString)(ao),
+            authenticatorData: (0, base64url_1.bufferToBase64URLString)(credential.authData),
+        },
+    };
+}
+exports.toWebAuthnResponseJSON = toWebAuthnResponseJSON;

package/lib/helpers/webauthnTypes.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Aligned with {@link https://simplewebauthn.dev/docs/packages/browser `@simplewebauthn/browser`} /
+ * `types` (same shapes as `startRegistration` / `startAuthentication` inputs and outputs).
+ */
+export type { AuthenticationExtensionsClientOutputs, AuthenticationResponseJSON, AuthenticatorAssertionResponseJSON, AuthenticatorAttestationResponseJSON, Base64URLString, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorJSON, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, UserVerificationRequirement, } from "@simplewebauthn/browser";
+//# sourceMappingURL=webauthnTypes.d.ts.map

package/lib/helpers/webauthnTypes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webauthnTypes.d.ts","sourceRoot":"","sources":["../../src/helpers/webauthnTypes.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,YAAY,EACX,qCAAqC,EACrC,0BAA0B,EAC1B,kCAAkC,EAClC,oCAAoC,EACpC,eAAe,EACf,sCAAsC,EACtC,iCAAiC,EACjC,qCAAqC,EACrC,wBAAwB,EACxB,2BAA2B,GAC3B,MAAM,yBAAyB,CAAC"}

package/lib/helpers/webauthnTypes.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/lib/index.d.ts

@@ -0,0 +1,4 @@
+export { ApduError } from "./errors";
+export { authenticateWithNfc, registerWithNfc } from "./publicApi";
+export type { PublicKeyCredentialCreationOptionsJSONWithNfc, PublicKeyCredentialRequestOptionsJSONWithNfc, } from "./types";
+//# sourceMappingURL=index.d.ts.map

package/lib/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnE,YAAY,EACX,6CAA6C,EAC7C,4CAA4C,GAC5C,MAAM,SAAS,CAAC"}

package/lib/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registerWithNfc = exports.authenticateWithNfc = exports.ApduError = void 0;
+var errors_1 = require("./errors");
+Object.defineProperty(exports, "ApduError", { enumerable: true, get: function () { return errors_1.ApduError; } });
+var publicApi_1 = require("./publicApi");
+Object.defineProperty(exports, "authenticateWithNfc", { enumerable: true, get: function () { return publicApi_1.authenticateWithNfc; } });
+Object.defineProperty(exports, "registerWithNfc", { enumerable: true, get: function () { return publicApi_1.registerWithNfc; } });

package/lib/parseResponses.d.ts

@@ -0,0 +1,19 @@
+import { AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/browser";
+import { PublicKeyCredentialCreationOptionsJSONWithNfc, PublicKeyCredentialRequestOptionsJSONWithNfc } from "./types";
+type ParseApduToWebAuthnInput = {
+    kind: "authentication";
+    apduResponse: Uint8Array;
+    request: PublicKeyCredentialRequestOptionsJSONWithNfc;
+} | {
+    kind: "registration";
+    apduResponse: Uint8Array;
+    request: PublicKeyCredentialCreationOptionsJSONWithNfc;
+};
+export declare function parseApduToWebAuthnResponse(input: Extract<ParseApduToWebAuthnInput, {
+    kind: "authentication";
+}>): AuthenticationResponseJSON;
+export declare function parseApduToWebAuthnResponse(input: Extract<ParseApduToWebAuthnInput, {
+    kind: "registration";
+}>): RegistrationResponseJSON;
+export {};
+//# sourceMappingURL=parseResponses.d.ts.map

package/lib/parseResponses.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parseResponses.d.ts","sourceRoot":"","sources":["../src/parseResponses.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,wBAAwB,EACzB,MAAM,yBAAyB,CAAC;AAKjC,OAAO,EACL,6CAA6C,EAC7C,4CAA4C,EAC7C,MAAM,SAAS,CAAC;AAEjB,KAAK,wBAAwB,GACzB;IACE,IAAI,EAAE,gBAAgB,CAAC;IACvB,YAAY,EAAE,UAAU,CAAC;IACzB,OAAO,EAAE,4CAA4C,CAAC;CACvD,GACD;IACE,IAAI,EAAE,cAAc,CAAC;IACrB,YAAY,EAAE,UAAU,CAAC;IACzB,OAAO,EAAE,6CAA6C,CAAC;CACxD,CAAC;AAEN,wBAAgB,2BAA2B,CACzC,KAAK,EAAE,OAAO,CAAC,wBAAwB,EAAE;IAAE,IAAI,EAAE,gBAAgB,CAAA;CAAE,CAAC,GACnE,0BAA0B,CAAC;AAC9B,wBAAgB,2BAA2B,CACzC,KAAK,EAAE,OAAO,CAAC,wBAAwB,EAAE;IAAE,IAAI,EAAE,cAAc,CAAA;CAAE,CAAC,GACjE,wBAAwB,CAAC"}

package/lib/parseResponses.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseApduToWebAuthnResponse = void 0;
+const getAssertion_1 = require("./ctap2/getAssertion");
+const makeCredential_1 = require("./ctap2/makeCredential");
+const clientData_1 = require("./helpers/clientData");
+const webauthnResponses_1 = require("./helpers/webauthnResponses");
+function parseApduToWebAuthnResponse(input) {
+    if (input.kind === "authentication") {
+        const clientDataJSON = (0, clientData_1.buildCollectedClientDataJSON)("webauthn.get", {
+            challenge: input.request.challenge,
+            origin: input.request.origin,
+            crossOrigin: input.request.crossOrigin ?? false,
+            topOrigin: input.request.topOrigin,
+        });
+        const assertion = (0, getAssertion_1.parseAuthenticatorGetAssertionResponse)(input.apduResponse);
+        return (0, webauthnResponses_1.toWebAuthnResponseJSON)({
+            kind: "authentication",
+            assertion,
+            credentialId: assertion.credential?.id,
+            clientDataJSON,
+        });
+    }
+    const clientDataJSON = (0, clientData_1.buildCollectedClientDataJSON)("webauthn.create", {
+        challenge: input.request.challenge,
+        origin: input.request.origin,
+        crossOrigin: input.request.crossOrigin ?? false,
+        topOrigin: input.request.topOrigin,
+    });
+    const credential = (0, makeCredential_1.parseAuthenticatorMakeCredentialResponse)(input.apduResponse);
+    return (0, webauthnResponses_1.toWebAuthnResponseJSON)({
+        kind: "registration",
+        credential,
+        clientDataJSON,
+    });
+}
+exports.parseApduToWebAuthnResponse = parseApduToWebAuthnResponse;

package/lib/publicApi.d.ts

@@ -0,0 +1,15 @@
+import { AuthenticationResponseJSON, RegistrationResponseJSON } from "@simplewebauthn/browser";
+import { PublicKeyCredentialCreationOptionsJSONWithNfc, PublicKeyCredentialRequestOptionsJSONWithNfc } from "./types";
+/**
+ * NFC against a Java Card FIDO2 applet: SELECT FIDO AID, then getAssertion with
+ * short APDU chaining + GET RESPONSE.
+ *
+ */
+export declare function authenticateWithNfc(args: PublicKeyCredentialRequestOptionsJSONWithNfc, transceive: (apdu: Uint8Array) => Promise<Uint8Array>): Promise<AuthenticationResponseJSON>;
+/**
+ * NFC against a Java Card FIDO2 applet: SELECT FIDO AID, then makeCredential with
+ * short APDU chaining + GET RESPONSE.
+ *
+ */
+export declare function registerWithNfc(args: PublicKeyCredentialCreationOptionsJSONWithNfc, transceive: (apdu: Uint8Array) => Promise<Uint8Array>): Promise<RegistrationResponseJSON>;
+//# sourceMappingURL=publicApi.d.ts.map

package/lib/publicApi.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"publicApi.d.ts","sourceRoot":"","sources":["../src/publicApi.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,wBAAwB,EACzB,MAAM,yBAAyB,CAAC;AAgBjC,OAAO,EACL,6CAA6C,EAC7C,4CAA4C,EAC7C,MAAM,SAAS,CAAC;AA4DjB;;;;GAIG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,4CAA4C,EAClD,UAAU,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK,OAAO,CAAC,UAAU,CAAC,GACpD,OAAO,CAAC,0BAA0B,CAAC,CAYrC;AA6BD;;;;GAIG;AACH,wBAAsB,eAAe,CACnC,IAAI,EAAE,6CAA6C,EACnD,UAAU,EAAE,CAAC,IAAI,EAAE,UAAU,KAAK,OAAO,CAAC,UAAU,CAAC,GACpD,OAAO,CAAC,wBAAwB,CAAC,CAYnC"}

package/lib/publicApi.js

@@ -0,0 +1,83 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registerWithNfc = exports.authenticateWithNfc = void 0;
+const apdu_1 = require("./apdu");
+const getAssertion_1 = require("./ctap2/getAssertion");
+const makeCredential_1 = require("./ctap2/makeCredential");
+const fromWebAuthnJson_1 = require("./helpers/fromWebAuthnJson");
+const parseResponses_1 = require("./parseResponses");
+const errors_1 = require("./errors");
+/**
+ * Wraps `transceive` so failures and short reads get a stable {@link ApduError}
+ * with API/phase in the message. Re-throws {@link ApduError} from lower layers unchanged.
+ */
+function nfcTransceiveFor(transceive, apiLabel, phase) {
+    const label = `${apiLabel} (${phase})`;
+    return async (apdu) => {
+        try {
+            const resp = await transceive(apdu);
+            if (resp.length < 2) {
+                throw new errors_1.ApduError(`${label}: response must include SW1/SW2 (got ${resp.length} byte(s))`);
+            }
+            return resp;
+        }
+        catch (e) {
+            if (e instanceof errors_1.ApduError) {
+                throw e;
+            }
+            throw new errors_1.ApduError(`${label}: ${e instanceof Error ? e.message : String(e)}`, { cause: e });
+        }
+    };
+}
+async function runAuthenticateWithNfc(args, transceive) {
+    await (0, apdu_1.transceiveNfcCtap2Command)((0, apdu_1.buildSelectFidoApduSegments)(), nfcTransceiveFor(transceive, "authenticateWithNfc", "SELECT FIDO"));
+    const apduResponse = await (0, apdu_1.transceiveNfcCtap2Command)((0, apdu_1.splitExtendedApduForNfcTransmit)((0, apdu_1.buildCborCommandApdu)((0, getAssertion_1.encodeAuthenticatorGetAssertionRequest)((0, fromWebAuthnJson_1.authenticatorGetAssertionRequestFromPublicKeyCredentialRequestOptionsJSON)(args)))), nfcTransceiveFor(transceive, "authenticateWithNfc", "getAssertion"));
+    return (0, parseResponses_1.parseApduToWebAuthnResponse)({
+        kind: "authentication",
+        apduResponse,
+        request: args,
+    });
+}
+/**
+ * NFC against a Java Card FIDO2 applet: SELECT FIDO AID, then getAssertion with
+ * short APDU chaining + GET RESPONSE.
+ *
+ */
+async function authenticateWithNfc(args, transceive) {
+    try {
+        return await runAuthenticateWithNfc(args, transceive);
+    }
+    catch (e) {
+        if (e instanceof errors_1.ApduError) {
+            throw e;
+        }
+        throw new errors_1.ApduError(`authenticateWithNfc: ${e instanceof Error ? e.message : String(e)}`, { cause: e });
+    }
+}
+exports.authenticateWithNfc = authenticateWithNfc;
+async function runRegisterWithNfc(args, transceive) {
+    await (0, apdu_1.transceiveNfcCtap2Command)((0, apdu_1.buildSelectFidoApduSegments)(), nfcTransceiveFor(transceive, "registerWithNfc", "SELECT FIDO"));
+    const apduResponse = await (0, apdu_1.transceiveNfcCtap2Command)((0, apdu_1.splitExtendedApduForNfcTransmit)((0, apdu_1.buildCborCommandApdu)((0, makeCredential_1.encodeAuthenticatorMakeCredentialRequest)((0, fromWebAuthnJson_1.authenticatorMakeCredentialRequestFromPublicKeyCredentialCreationOptionsJSON)(args)))), nfcTransceiveFor(transceive, "registerWithNfc", "makeCredential"));
+    return (0, parseResponses_1.parseApduToWebAuthnResponse)({
+        kind: "registration",
+        apduResponse,
+        request: args,
+    });
+}
+/**
+ * NFC against a Java Card FIDO2 applet: SELECT FIDO AID, then makeCredential with
+ * short APDU chaining + GET RESPONSE.
+ *
+ */
+async function registerWithNfc(args, transceive) {
+    try {
+        return await runRegisterWithNfc(args, transceive);
+    }
+    catch (e) {
+        if (e instanceof errors_1.ApduError) {
+            throw e;
+        }
+        throw new errors_1.ApduError(`registerWithNfc: ${e instanceof Error ? e.message : String(e)}`, { cause: e });
+    }
+}
+exports.registerWithNfc = registerWithNfc;

package/lib/types.d.ts

@@ -0,0 +1,10 @@
+import { PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON } from "@simplewebauthn/browser";
+type NfcWebAuthnClientFields = {
+    origin: string;
+    crossOrigin?: boolean;
+    topOrigin?: string;
+};
+export type PublicKeyCredentialRequestOptionsJSONWithNfc = PublicKeyCredentialRequestOptionsJSON & NfcWebAuthnClientFields;
+export type PublicKeyCredentialCreationOptionsJSONWithNfc = PublicKeyCredentialCreationOptionsJSON & NfcWebAuthnClientFields;
+export {};
+//# sourceMappingURL=types.d.ts.map

package/lib/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,sCAAsC,EACtC,qCAAqC,EACtC,MAAM,yBAAyB,CAAC;AAEjC,KAAK,uBAAuB,GAAG;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,4CAA4C,GACtD,qCAAqC,GAAG,uBAAuB,CAAC;AAElE,MAAM,MAAM,6CAA6C,GACvD,sCAAsC,GAAG,uBAAuB,CAAC"}

package/lib/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/package.json

@@ -0,0 +1,35 @@
+{
+  "name": "@revibase/ctap2-js",
+  "version": "0.1.0",
+  "description": "Passkeys over NFC directly",
+  "main": "lib/index.js",
+  "types": "lib/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./lib/index.d.ts",
+      "import": "./lib/index.js",
+      "require": "./lib/index.js",
+      "default": "./lib/index.js"
+    }
+  },
+  "license": "MIT",
+  "dependencies": {
+    "@noble/hashes": "^2.0.1",
+    "cbor-x": "^1.6.0"
+  },
+  "peerDependencies": {
+    "@simplewebauthn/browser": "^13.0.0"
+  },
+  "peerDependenciesMeta": {
+    "@simplewebauthn/browser": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@simplewebauthn/browser": "^13.0.0",
+    "typescript": "~5.3.0"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json"
+  }
+}