npm - @simplewebauthn/server - Versions diffs - 11.0.0 → 13.0.0-alpha1 - Mend

@simplewebauthn/server 11.0.0 → 13.0.0-alpha1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (372) hide show

package/script/metadata/mdsTypes.d.ts CHANGED Viewed

@@ -1,8 +1,9 @@
-import type { Base64URLString } from '../deps.js';
+import type { Base64URLString } from '../types/index.js';
 /**
  * Metadata Service structures
  * https://fidoalliance.org/specs/mds/fido-metadata-service-v3.0-ps-20210518.html
  */
+/** */
 export type MDSJWTHeader = {
     alg: string;
     typ: string;
@@ -105,6 +106,9 @@ export type ExtensionDescriptor = {
     data?: string;
     fail_if_unknown: boolean;
 };
+/**
+ * langCode -> "en-US", "ja-JP", etc...
+ */
 export type AlternativeDescriptions = {
     [langCode: string]: string;
 };
@@ -214,3 +218,4 @@ export type AuthenticatorGetInfo = {
     }[];
 };
 export {};
+//# sourceMappingURL=mdsTypes.d.ts.map

package/script/metadata/mdsTypes.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mdsTypes.d.ts","sourceRoot":"","sources":["../../src/metadata/mdsTypes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEzD;;;GAGG;AAEH,MAAM;AACN,MAAM,MAAM,YAAY,GAAG;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,eAAe,EAAE,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,wBAAwB,EAAE,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,wBAAwB,GAAG;IACrC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oCAAoC,CAAC,EAAE,MAAM,EAAE,CAAC;IAChD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,sBAAsB,CAAC,EAAE,qBAAqB,EAAE,CAAC;IACjD,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,sBAAsB,EAAE,MAAM,CAAC;IAC/B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,UAAU,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,gCAAgC,CAAC,EAAE,MAAM,CAAC;CAC3C,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,MAAM,EAAE,mBAAmB,CAAC;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,gCAAgC,CAAC,EAAE,MAAM,CAAC;CAC3C,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAC3B,oBAAoB,GACpB,gBAAgB,GAChB,0BAA0B,GAC1B,4BAA4B,GAC5B,4BAA4B,GAC5B,8BAA8B,GAC9B,kBAAkB,GAClB,SAAS,GACT,0BAA0B,GAC1B,mBAAmB,GACnB,uBAAuB,GACvB,mBAAmB,GACnB,uBAAuB,GACvB,mBAAmB,GACnB,uBAAuB,CAAC;AAE5B;;;;GAIG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,yBAAyB,GAAG;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,sBAAsB,EAAE,UAAU,CAAC;IACnC,MAAM,CAAC,EAAE,sBAAsB,CAAC;IAChC,MAAM,CAAC,EAAE,2BAA2B,CAAC;IACrC,MAAM,CAAC,EAAE,yBAAyB,CAAC;CACpC,CAAC;AAEF,MAAM,MAAM,iCAAiC,GAAG,4BAA4B,EAAE,CAAC;AAE/E,MAAM,MAAM,eAAe,GAAG;IAC5B,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AAEF,MAAM,MAAM,mCAAmC,GAAG;IAChD,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,eAAe,EAAE,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,EAAE,EAAE,MAAM,CAAC;IACX,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAAG;IAAE,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAAA;CAAE,CAAC;AAErE,MAAM,MAAM,iBAAiB,GAAG;IAC9B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oCAAoC,CAAC,EAAE,MAAM,EAAE,CAAC;IAChD,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB,CAAC,EAAE,uBAAuB,CAAC;IAClD,oBAAoB,EAAE,MAAM,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,OAAO,EAAE,CAAC;IACf,wBAAwB,EAAE,OAAO,EAAE,CAAC;IACpC,wBAAwB,EAAE,MAAM,EAAE,CAAC;IACnC,gBAAgB,EAAE,WAAW,EAAE,CAAC;IAChC,uBAAuB,EAAE,iCAAiC,EAAE,CAAC;IAC7D,aAAa,EAAE,aAAa,EAAE,CAAC;IAC/B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,+BAA+B,CAAC,EAAE,OAAO,CAAC;IAC1C,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;IACvC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,cAAc,EAAE,CAAC;IAClC,SAAS,EAAE,8BAA8B,EAAE,CAAC;IAC5C,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,2BAA2B,CAAC,EAAE,mCAAmC,EAAE,CAAC;IACpE,2BAA2B,EAAE,MAAM,EAAE,CAAC;IACtC,iBAAiB,CAAC,EAAE,gBAAgB,EAAE,CAAC;IACvC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAC5C,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;CAC7C,CAAC;AAEF;;GAEG;AAEH;;;GAGG;AACH,MAAM,MAAM,UAAU,GAClB,mBAAmB,GACnB,sBAAsB,GACtB,mBAAmB,GACnB,qBAAqB,GACrB,oBAAoB,GACpB,mBAAmB,GACnB,mBAAmB,GACnB,kBAAkB,GAClB,oBAAoB,GACpB,mBAAmB,GACnB,kBAAkB,GAClB,MAAM,GACN,KAAK,CAAC;AAEV;;;;;;GAMG;AACH,MAAM,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC;AAC7C,QAAA,MAAM,OAAO,wZAeH,CAAC;AAEX;;;GAGG;AACH,MAAM,MAAM,MAAM,GACd,cAAc,GACd,cAAc,GACd,cAAc,GACd,cAAc,GACd,MAAM,CAAC;AAEX;;;GAGG;AACH,MAAM,MAAM,WAAW,GACnB,YAAY,GACZ,iBAAiB,GACjB,OAAO,GACP,OAAO,GACP,QAAQ,GACR,MAAM,CAAC;AAEX;;;GAGG;AACH,MAAM,MAAM,aAAa,GACrB,UAAU,GACV,UAAU,GACV,KAAK,GACL,gBAAgB,GAChB,eAAe,CAAC;AAEpB;;;GAGG;AACH,MAAM,MAAM,iBAAiB,GAAG,UAAU,GAAG,KAAK,GAAG,SAAS,CAAC;AAE/D;;;GAGG;AACH,MAAM,MAAM,cAAc,GACtB,UAAU,GACV,UAAU,GACV,OAAO,GACP,UAAU,GACV,KAAK,GACL,WAAW,GACX,SAAS,GACT,OAAO,GACP,aAAa,CAAC;AAElB;;;GAGG;AACH,MAAM,MAAM,8BAA8B,GACtC,KAAK,GACL,qBAAqB,GACrB,KAAK,GACL,UAAU,GACV,QAAQ,CAAC;AAEb;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,QAAQ,EAAE,CAAC,UAAU,GAAG,QAAQ,CAAC,EAAE,CAAC;IACpC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE;QACR,IAAI,CAAC,EAAE,OAAO,CAAC;QACf,EAAE,CAAC,EAAE,OAAO,CAAC;QACb,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,EAAE,CAAC,EAAE,OAAO,CAAC;QACb,EAAE,CAAC,EAAE,OAAO,CAAC;KACd,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,UAAU,CAAC,EAAE;QAAE,IAAI,EAAE,YAAY,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CACpD,CAAC"}

package/script/metadata/parseJWT.d.ts CHANGED Viewed

@@ -2,3 +2,4 @@
  * Process a JWT into Javascript-friendly data structures
  */
 export declare function parseJWT<T1, T2>(jwt: string): [T1, T2, string];
+//# sourceMappingURL=parseJWT.d.ts.map

package/script/metadata/parseJWT.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"parseJWT.d.ts","sourceRoot":"","sources":["../../src/metadata/parseJWT.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAgB,QAAQ,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,CAO9D"}

package/script/metadata/parseJWT.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseJWT = void 0;
+exports.parseJWT = parseJWT;
 const index_js_1 = require("../helpers/iso/index.js");
 /**
  * Process a JWT into Javascript-friendly data structures
@@ -13,4 +13,3 @@ function parseJWT(jwt) {
         parts[2],
     ];
 }
-exports.parseJWT = parseJWT;

package/script/metadata/verifyAttestationWithMetadata.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
-import type { Base64URLString } from '../deps.js';
+import type { Base64URLString } from '../types/index.js';
 import type { AlgSign, MetadataStatement } from './mdsTypes.js';
-import { COSEALG, COSECRV, COSEKTY } from '../helpers/cose.js';
+import { type COSEALG, type COSECRV, COSEKTY } from '../helpers/cose.js';
 /**
  * Match properties of the authenticator's attestation statement against expected values as
  * registered with the FIDO Alliance Metadata Service
@@ -27,3 +27,4 @@ export declare const algSignToCOSEInfoMap: {
     [key in AlgSign]: COSEInfo;
 };
 export {};
+//# sourceMappingURL=verifyAttestationWithMetadata.d.ts.map

package/script/metadata/verifyAttestationWithMetadata.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"verifyAttestationWithMetadata.d.ts","sourceRoot":"","sources":["../../src/metadata/verifyAttestationWithMetadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAIhE,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,OAAO,EAEZ,OAAO,EAER,MAAM,oBAAoB,CAAC;AAE5B;;;GAGG;AACH,wBAAsB,6BAA6B,CAAC,EAClD,SAAS,EACT,mBAAmB,EACnB,GAAG,EACH,uBAAuB,GACxB,EAAE;IACD,SAAS,EAAE,iBAAiB,CAAC;IAC7B,mBAAmB,EAAE,UAAU,CAAC;IAChC,GAAG,EAAE,UAAU,EAAE,GAAG,eAAe,EAAE,CAAC;IACtC,uBAAuB,CAAC,EAAE,MAAM,CAAC;CAClC,GAAG,OAAO,CAAC,OAAO,CAAC,CAoJnB;AAED,KAAK,QAAQ,GAAG;IACd,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,EAAE,OAAO,CAAC;IACb,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,EAAE;KAAG,GAAG,IAAI,OAAO,GAAG,QAAQ;CAe9D,CAAC"}

package/script/metadata/verifyAttestationWithMetadata.js CHANGED Viewed

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.algSignToCOSEInfoMap = exports.verifyAttestationWithMetadata = void 0;
+exports.algSignToCOSEInfoMap = void 0;
+exports.verifyAttestationWithMetadata = verifyAttestationWithMetadata;
 const convertCertBufferToPEM_js_1 = require("../helpers/convertCertBufferToPEM.js");
 const validateCertificatePath_js_1 = require("../helpers/validateCertificatePath.js");
 const decodeCredentialPublicKey_js_1 = require("../helpers/decodeCredentialPublicKey.js");
@@ -119,7 +120,6 @@ async function verifyAttestationWithMetadata({ statement, credentialPublicKey, x
     }
     return true;
 }
-exports.verifyAttestationWithMetadata = verifyAttestationWithMetadata;
 /**
  * Convert ALG_SIGN values to COSE info
  *

package/script/metadata/verifyJWT.d.ts CHANGED Viewed

@@ -8,3 +8,4 @@
  * (Pulled from https://www.rfc-editor.org/rfc/rfc7515#section-4.1.1)
  */
 export declare function verifyJWT(jwt: string, leafCert: Uint8Array): Promise<boolean>;
+//# sourceMappingURL=verifyJWT.d.ts.map

package/script/metadata/verifyJWT.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyJWT.d.ts","sourceRoot":"","sources":["../../src/metadata/verifyJWT.ts"],"names":[],"mappings":"AAMA;;;;;;;;GAQG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CA0B7E"}

package/script/metadata/verifyJWT.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyJWT = void 0;
+exports.verifyJWT = verifyJWT;
 const convertX509PublicKeyToCOSE_js_1 = require("../helpers/convertX509PublicKeyToCOSE.js");
 const index_js_1 = require("../helpers/iso/index.js");
 const cose_js_1 = require("../helpers/cose.js");
@@ -38,4 +38,3 @@ function verifyJWT(jwt, leafCert) {
     const kty = certCOSE.get(cose_js_1.COSEKEYS.kty);
     throw new Error(`JWT verification with public key of kty ${kty} is not supported by this method`);
 }
-exports.verifyJWT = verifyJWT;

package/script/registration/generateRegistrationOptions.d.ts CHANGED Viewed

@@ -1,21 +1,5 @@
-import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON } from '../deps.js';
-export type GenerateRegistrationOptionsOpts = {
-    rpName: string;
-    rpID: string;
-    userName: string;
-    userID?: Uint8Array;
-    challenge?: string | Uint8Array;
-    userDisplayName?: string;
-    timeout?: number;
-    attestationType?: AttestationConveyancePreference;
-    excludeCredentials?: {
-        id: Base64URLString;
-        transports?: AuthenticatorTransportFuture[];
-    }[];
-    authenticatorSelection?: AuthenticatorSelectionCriteria;
-    extensions?: AuthenticationExtensionsClientInputs;
-    supportedAlgorithmIDs?: COSEAlgorithmIdentifier[];
-};
+import type { AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON } from '../types/index.js';
+export type GenerateRegistrationOptionsOpts = Parameters<typeof generateRegistrationOptions>[0];
 /**
  * Supported crypto algo identifiers
  * See https://w3c.github.io/webauthn/#sctn-alg-identifier
@@ -39,5 +23,24 @@ export declare const supportedCOSEAlgorithmIdentifiers: COSEAlgorithmIdentifier[
  * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }`
  * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation
  * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]`
+ * @param preferredAuthenticatorType **(Optional)** - Encourage the browser to prompt the user to register a specific type of authenticator
  */
-export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<PublicKeyCredentialCreationOptionsJSON>;
+export declare function generateRegistrationOptions(options: {
+    rpName: string;
+    rpID: string;
+    userName: string;
+    userID?: Uint8Array;
+    challenge?: string | Uint8Array;
+    userDisplayName?: string;
+    timeout?: number;
+    attestationType?: 'direct' | 'enterprise' | 'none';
+    excludeCredentials?: {
+        id: Base64URLString;
+        transports?: AuthenticatorTransportFuture[];
+    }[];
+    authenticatorSelection?: AuthenticatorSelectionCriteria;
+    extensions?: AuthenticationExtensionsClientInputs;
+    supportedAlgorithmIDs?: COSEAlgorithmIdentifier[];
+    preferredAuthenticatorType?: 'securityKey' | 'localDevice' | 'remoteDevice';
+}): Promise<PublicKeyCredentialCreationOptionsJSON>;
+//# sourceMappingURL=generateRegistrationOptions.d.ts.map

package/script/registration/generateRegistrationOptions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"generateRegistrationOptions.d.ts","sourceRoot":"","sources":["../../src/registration/generateRegistrationOptions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,oCAAoC,EACpC,8BAA8B,EAC9B,4BAA4B,EAC5B,eAAe,EACf,uBAAuB,EACvB,sCAAsC,EAGvC,MAAM,mBAAmB,CAAC;AAK3B,MAAM,MAAM,+BAA+B,GAAG,UAAU,CAAC,OAAO,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC;AAEhG;;;;GAIG;AACH,eAAO,MAAM,iCAAiC,EAAE,uBAAuB,EAqBtE,CAAC;AAsBF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE;IACP,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;IAChC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,QAAQ,GAAG,YAAY,GAAG,MAAM,CAAC;IACnD,kBAAkB,CAAC,EAAE;QACnB,EAAE,EAAE,eAAe,CAAC;QACpB,UAAU,CAAC,EAAE,4BAA4B,EAAE,CAAC;KAC7C,EAAE,CAAC;IACJ,sBAAsB,CAAC,EAAE,8BAA8B,CAAC;IACxD,UAAU,CAAC,EAAE,oCAAoC,CAAC;IAClD,qBAAqB,CAAC,EAAE,uBAAuB,EAAE,CAAC;IAClD,0BAA0B,CAAC,EAAE,aAAa,GAAG,aAAa,GAAG,cAAc,CAAC;CAC7E,GACA,OAAO,CAAC,sCAAsC,CAAC,CAqIjD"}

package/script/registration/generateRegistrationOptions.js CHANGED Viewed

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateRegistrationOptions = exports.supportedCOSEAlgorithmIdentifiers = void 0;
+exports.supportedCOSEAlgorithmIdentifiers = void 0;
+exports.generateRegistrationOptions = generateRegistrationOptions;
 const generateChallenge_js_1 = require("../helpers/generateChallenge.js");
 const generateUserID_js_1 = require("../helpers/generateUserID.js");
 const index_js_1 = require("../helpers/iso/index.js");
@@ -66,9 +67,10 @@ const defaultSupportedAlgorithmIDs = [-8, -7, -257];
  * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }`
  * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation
  * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]`
+ * @param preferredAuthenticatorType **(Optional)** - Encourage the browser to prompt the user to register a specific type of authenticator
  */
 async function generateRegistrationOptions(options) {
-    const { rpName, rpID, userName, userID, challenge = await (0, generateChallenge_js_1.generateChallenge)(), userDisplayName = '', timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options;
+    const { rpName, rpID, userName, userID, challenge = await (0, generateChallenge_js_1.generateChallenge)(), userDisplayName = '', timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, preferredAuthenticatorType, } = options;
     /**
      * Prepare pubKeyCredParams from the array of algorithm ID's
      */
@@ -130,6 +132,25 @@ async function generateRegistrationOptions(options) {
     if (!_userID) {
         _userID = await (0, generateUserID_js_1.generateUserID)();
     }
+    /**
+     * Map authenticator preference to hints. Map to authenticatorAttachment as well for
+     * backwards-compatibility.
+     */
+    const hints = [];
+    if (preferredAuthenticatorType) {
+        if (preferredAuthenticatorType === 'securityKey') {
+            hints.push('security-key');
+            authenticatorSelection.authenticatorAttachment = 'cross-platform';
+        }
+        else if (preferredAuthenticatorType === 'localDevice') {
+            hints.push('client-device');
+            authenticatorSelection.authenticatorAttachment = 'platform';
+        }
+        else if (preferredAuthenticatorType === 'remoteDevice') {
+            hints.push('hybrid');
+            authenticatorSelection.authenticatorAttachment = 'cross-platform';
+        }
+    }
     return {
         challenge: index_js_1.isoBase64URL.fromBuffer(_challenge),
         rp: {
@@ -159,6 +180,6 @@ async function generateRegistrationOptions(options) {
             ...extensions,
             credProps: true,
         },
+        hints,
     };
 }
-exports.generateRegistrationOptions = generateRegistrationOptions;

package/script/registration/verifications/tpm/constants.d.ts CHANGED Viewed

@@ -45,3 +45,4 @@ export declare const TPM_ECC_CURVE_COSE_CRV_MAP: {
     [key: string]: number;
 };
 export {};
+//# sourceMappingURL=constants.d.ts.map

package/script/registration/verifications/tpm/constants.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/constants.ts"],"names":[],"mappings":"AACA;;;;;;;;GAQG;AAEH;;GAEG;AACH,eAAO,MAAM,MAAM,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAkB3C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,OAAO,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAsC5C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAUlD,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,gBAAgB,CAAA;CAiFhE,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE;IAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;CAM/D,CAAC"}

package/script/registration/verifications/tpm/constants.js CHANGED Viewed

@@ -181,9 +181,9 @@ exports.TPM_MANUFACTURERS = {
  * Match TPM public area curve ID's to `crv` numbers used in COSE public keys
  */
 exports.TPM_ECC_CURVE_COSE_CRV_MAP = {
-    TPM_ECC_NIST_P256: 1,
-    TPM_ECC_NIST_P384: 2,
-    TPM_ECC_NIST_P521: 3,
-    TPM_ECC_BN_P256: 1,
+    TPM_ECC_NIST_P256: 1, // p256
+    TPM_ECC_NIST_P384: 2, // p384
+    TPM_ECC_NIST_P521: 3, // p521
+    TPM_ECC_BN_P256: 1, // p256
     TPM_ECC_SM2_P256: 1, // p256
 };

package/script/registration/verifications/tpm/parseCertInfo.d.ts CHANGED Viewed

@@ -22,3 +22,4 @@ type ParsedCertInfo = {
     };
 };
 export {};
+//# sourceMappingURL=parseCertInfo.d.ts.map

package/script/registration/verifications/tpm/parseCertInfo.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"parseCertInfo.d.ts","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parseCertInfo.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,UAAU,GAAG,cAAc,CAkElE;AAED,KAAK,cAAc,GAAG;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,UAAU,CAAC;IAC5B,SAAS,EAAE,UAAU,CAAC;IACtB,SAAS,EAAE;QACT,KAAK,EAAE,UAAU,CAAC;QAClB,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC;QACrB,IAAI,EAAE,OAAO,CAAC;KACf,CAAC;IACF,eAAe,EAAE,UAAU,CAAC;IAC5B,QAAQ,EAAE;QACR,OAAO,EAAE,MAAM,CAAC;QAChB,aAAa,EAAE,UAAU,CAAC;QAC1B,IAAI,EAAE,UAAU,CAAC;QACjB,aAAa,EAAE,UAAU,CAAC;KAC3B,CAAC;CACH,CAAC"}

package/script/registration/verifications/tpm/parseCertInfo.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parseCertInfo = void 0;
+exports.parseCertInfo = parseCertInfo;
 const constants_js_1 = require("./constants.js");
 const index_js_1 = require("../../../helpers/iso/index.js");
 /**
@@ -59,4 +59,3 @@ function parseCertInfo(certInfo) {
         attested,
     };
 }
-exports.parseCertInfo = parseCertInfo;

package/script/registration/verifications/tpm/parsePubArea.d.ts CHANGED Viewed

@@ -41,3 +41,4 @@ type ECCParameters = {
     kdf: string;
 };
 export {};
+//# sourceMappingURL=parsePubArea.d.ts.map

package/script/registration/verifications/tpm/parsePubArea.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"parsePubArea.d.ts","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parsePubArea.ts"],"names":[],"mappings":"AAGA;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,UAAU,GAAG,aAAa,CAyG/D;AAED,KAAK,aAAa,GAAG;IACnB,IAAI,EAAE,aAAa,GAAG,aAAa,CAAC;IACpC,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB,EAAE;QAChB,QAAQ,EAAE,OAAO,CAAC;QAClB,OAAO,EAAE,OAAO,CAAC;QACjB,WAAW,EAAE,OAAO,CAAC;QACrB,mBAAmB,EAAE,OAAO,CAAC;QAC7B,YAAY,EAAE,OAAO,CAAC;QACtB,eAAe,EAAE,OAAO,CAAC;QACzB,IAAI,EAAE,OAAO,CAAC;QACd,oBAAoB,EAAE,OAAO,CAAC;QAC9B,UAAU,EAAE,OAAO,CAAC;QACpB,OAAO,EAAE,OAAO,CAAC;QACjB,aAAa,EAAE,OAAO,CAAC;KACxB,CAAC;IACF,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE;QACV,GAAG,CAAC,EAAE,aAAa,CAAC;QACpB,GAAG,CAAC,EAAE,aAAa,CAAC;KACrB,CAAC;IACF,MAAM,EAAE,UAAU,CAAC;CACpB,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;CACb,CAAC"}

package/script/registration/verifications/tpm/parsePubArea.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.parsePubArea = void 0;
+exports.parsePubArea = parsePubArea;
 const constants_js_1 = require("./constants.js");
 const index_js_1 = require("../../../helpers/iso/index.js");
 /**
@@ -95,4 +95,3 @@ function parsePubArea(pubArea) {
         unique,
     };
 }
-exports.parsePubArea = parsePubArea;

package/script/registration/verifications/tpm/verifyAttestationTPM.d.ts CHANGED Viewed

@@ -1,2 +1,3 @@
 import type { AttestationFormatVerifierOpts } from '../../verifyRegistrationResponse.js';
 export declare function verifyAttestationTPM(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationTPM.d.ts.map

package/script/registration/verifications/tpm/verifyAttestationTPM.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationTPM.d.ts","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyAttestationTPM.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,qCAAqC,CAAC;AAuBzF,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CA+VlB"}

package/script/registration/verifications/tpm/verifyAttestationTPM.js CHANGED Viewed

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationTPM = void 0;
-const deps_js_1 = require("../../../deps.js");
+exports.verifyAttestationTPM = verifyAttestationTPM;
+const asn1_schema_1 = require("@peculiar/asn1-schema");
+const asn1_x509_1 = require("@peculiar/asn1-x509");
 const decodeCredentialPublicKey_js_1 = require("../../../helpers/decodeCredentialPublicKey.js");
 const cose_js_1 = require("../../../helpers/cose.js");
 const toHash_js_1 = require("../../../helpers/toHash.js");
@@ -171,18 +172,18 @@ async function verifyAttestationTPM(options) {
     /**
      * Plumb the depths of the certificate's ASN.1-formatted data for some values we need to verify
      */
-    const parsedCert = deps_js_1.AsnParser.parse(x5c[0], deps_js_1.Certificate);
+    const parsedCert = asn1_schema_1.AsnParser.parse(x5c[0], asn1_x509_1.Certificate);
     if (!parsedCert.tbsCertificate.extensions) {
         throw new Error('Certificate was missing extensions (TPM)');
     }
     let subjectAltNamePresent;
     let extKeyUsage;
     parsedCert.tbsCertificate.extensions.forEach((ext) => {
-        if (ext.extnID === deps_js_1.id_ce_subjectAltName) {
-            subjectAltNamePresent = deps_js_1.AsnParser.parse(ext.extnValue, deps_js_1.SubjectAlternativeName);
+        if (ext.extnID === asn1_x509_1.id_ce_subjectAltName) {
+            subjectAltNamePresent = asn1_schema_1.AsnParser.parse(ext.extnValue, asn1_x509_1.SubjectAlternativeName);
         }
-        else if (ext.extnID === deps_js_1.id_ce_extKeyUsage) {
-            extKeyUsage = deps_js_1.AsnParser.parse(ext.extnValue, deps_js_1.ExtendedKeyUsage);
+        else if (ext.extnID === asn1_x509_1.id_ce_extKeyUsage) {
+            extKeyUsage = asn1_schema_1.AsnParser.parse(ext.extnValue, asn1_x509_1.ExtendedKeyUsage);
         }
     });
     // Check that certificate contains subjectAltName (2.5.29.17) extension,
@@ -253,7 +254,6 @@ async function verifyAttestationTPM(options) {
         hashAlgorithm: alg,
     });
 }
-exports.verifyAttestationTPM = verifyAttestationTPM;
 /**
  * Contain logic for pulling TPM-specific values out of subjectAlternativeName extension
  */

package/script/registration/verifications/verifyAttestationAndroidKey.d.ts CHANGED Viewed

@@ -3,3 +3,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
  * Verify an attestation response with fmt 'android-key'
  */
 export declare function verifyAttestationAndroidKey(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationAndroidKey.d.ts.map

package/script/registration/verifications/verifyAttestationAndroidKey.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationAndroidKey.d.ts","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidKey.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,kCAAkC,CAAC;AAUtF;;GAEG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CA+HlB"}

package/script/registration/verifications/verifyAttestationAndroidKey.js CHANGED Viewed

@@ -1,7 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationAndroidKey = void 0;
-const deps_js_1 = require("../../deps.js");
+exports.verifyAttestationAndroidKey = verifyAttestationAndroidKey;
+const asn1_schema_1 = require("@peculiar/asn1-schema");
+const asn1_x509_1 = require("@peculiar/asn1-x509");
+const asn1_android_1 = require("@peculiar/asn1-android");
 const convertCertBufferToPEM_js_1 = require("../../helpers/convertCertBufferToPEM.js");
 const validateCertificatePath_js_1 = require("../../helpers/validateCertificatePath.js");
 const verifySignature_js_1 = require("../../helpers/verifySignature.js");
@@ -32,7 +34,7 @@ async function verifyAttestationAndroidKey(options) {
     }
     // Check that credentialPublicKey matches the public key in the attestation certificate
     // Find the public cert in the certificate as PKCS
-    const parsedCert = deps_js_1.AsnParser.parse(x5c[0], deps_js_1.Certificate);
+    const parsedCert = asn1_schema_1.AsnParser.parse(x5c[0], asn1_x509_1.Certificate);
     const parsedCertPubKey = new Uint8Array(parsedCert.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey);
     // Convert the credentialPublicKey to PKCS
     const credPubKeyPKCS = (0, convertCOSEtoPKCS_js_1.convertCOSEtoPKCS)(credentialPublicKey);
@@ -40,11 +42,11 @@ async function verifyAttestationAndroidKey(options) {
         throw new Error('Credential public key does not equal leaf cert public key (AndroidKey)');
     }
     // Find Android KeyStore Extension in certificate extensions
-    const extKeyStore = parsedCert.tbsCertificate.extensions?.find((ext) => ext.extnID === deps_js_1.id_ce_keyDescription);
+    const extKeyStore = parsedCert.tbsCertificate.extensions?.find((ext) => ext.extnID === asn1_android_1.id_ce_keyDescription);
     if (!extKeyStore) {
         throw new Error('Certificate did not contain extKeyStore (AndroidKey)');
     }
-    const parsedExtKeyStore = deps_js_1.AsnParser.parse(extKeyStore.extnValue, deps_js_1.KeyDescription);
+    const parsedExtKeyStore = asn1_schema_1.AsnParser.parse(extKeyStore.extnValue, asn1_android_1.KeyDescription);
     // Verify extKeyStore values
     const { attestationChallenge, teeEnforced, softwareEnforced } = parsedExtKeyStore;
     if (!index_js_1.isoUint8Array.areEqual(new Uint8Array(attestationChallenge.buffer), clientDataHash)) {
@@ -91,4 +93,3 @@ async function verifyAttestationAndroidKey(options) {
         hashAlgorithm: alg,
     });
 }
-exports.verifyAttestationAndroidKey = verifyAttestationAndroidKey;

package/script/registration/verifications/verifyAttestationAndroidSafetyNet.d.ts CHANGED Viewed

@@ -3,3 +3,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
  * Verify an attestation response with fmt 'android-safetynet'
  */
 export declare function verifyAttestationAndroidSafetyNet(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationAndroidSafetyNet.d.ts.map

package/script/registration/verifications/verifyAttestationAndroidSafetyNet.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationAndroidSafetyNet.d.ts","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidSafetyNet.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,kCAAkC,CAAC;AAWtF;;GAEG;AACH,wBAAsB,iCAAiC,CACrD,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CA2IlB"}

package/script/registration/verifications/verifyAttestationAndroidSafetyNet.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationAndroidSafetyNet = void 0;
+exports.verifyAttestationAndroidSafetyNet = verifyAttestationAndroidSafetyNet;
 const toHash_js_1 = require("../../helpers/toHash.js");
 const verifySignature_js_1 = require("../../helpers/verifySignature.js");
 const getCertificateInfo_js_1 = require("../../helpers/getCertificateInfo.js");
@@ -113,4 +113,3 @@ async function verifyAttestationAndroidSafetyNet(options) {
      */
     return verified;
 }
-exports.verifyAttestationAndroidSafetyNet = verifyAttestationAndroidSafetyNet;

package/script/registration/verifications/verifyAttestationApple.d.ts CHANGED Viewed

@@ -1,2 +1,3 @@
 import type { AttestationFormatVerifierOpts } from '../verifyRegistrationResponse.js';
 export declare function verifyAttestationApple(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationApple.d.ts.map

package/script/registration/verifications/verifyAttestationApple.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationApple.d.ts","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationApple.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,kCAAkC,CAAC;AAOtF,wBAAsB,sBAAsB,CAC1C,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CA6ElB"}

package/script/registration/verifications/verifyAttestationApple.js CHANGED Viewed

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationApple = void 0;
-const deps_js_1 = require("../../deps.js");
+exports.verifyAttestationApple = verifyAttestationApple;
+const asn1_schema_1 = require("@peculiar/asn1-schema");
+const asn1_x509_1 = require("@peculiar/asn1-x509");
 const validateCertificatePath_js_1 = require("../../helpers/validateCertificatePath.js");
 const convertCertBufferToPEM_js_1 = require("../../helpers/convertCertBufferToPEM.js");
 const toHash_js_1 = require("../../helpers/toHash.js");
@@ -26,7 +27,7 @@ async function verifyAttestationApple(options) {
     /**
      * Compare nonce in certificate extension to computed nonce
      */
-    const parsedCredCert = deps_js_1.AsnParser.parse(x5c[0], deps_js_1.Certificate);
+    const parsedCredCert = asn1_schema_1.AsnParser.parse(x5c[0], asn1_x509_1.Certificate);
     const { extensions, subjectPublicKeyInfo } = parsedCredCert.tbsCertificate;
     if (!extensions) {
         throw new Error('credCert missing extensions (Apple)');
@@ -58,4 +59,3 @@ async function verifyAttestationApple(options) {
     }
     return true;
 }
-exports.verifyAttestationApple = verifyAttestationApple;

package/script/registration/verifications/verifyAttestationFIDOU2F.d.ts CHANGED Viewed

@@ -3,3 +3,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
  * Verify an attestation response with fmt 'fido-u2f'
  */
 export declare function verifyAttestationFIDOU2F(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationFIDOU2F.d.ts.map

package/script/registration/verifications/verifyAttestationFIDOU2F.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationFIDOU2F.d.ts","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationFIDOU2F.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,kCAAkC,CAAC;AAStF;;GAEG;AACH,wBAAsB,wBAAwB,CAC5C,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CA4DlB"}

package/script/registration/verifications/verifyAttestationFIDOU2F.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationFIDOU2F = void 0;
+exports.verifyAttestationFIDOU2F = verifyAttestationFIDOU2F;
 const convertCOSEtoPKCS_js_1 = require("../../helpers/convertCOSEtoPKCS.js");
 const convertCertBufferToPEM_js_1 = require("../../helpers/convertCertBufferToPEM.js");
 const validateCertificatePath_js_1 = require("../../helpers/validateCertificatePath.js");
@@ -49,4 +49,3 @@ async function verifyAttestationFIDOU2F(options) {
         hashAlgorithm: cose_js_1.COSEALG.ES256,
     });
 }
-exports.verifyAttestationFIDOU2F = verifyAttestationFIDOU2F;

package/script/registration/verifications/verifyAttestationPacked.d.ts CHANGED Viewed

@@ -3,3 +3,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
  * Verify an attestation response with fmt 'packed'
  */
 export declare function verifyAttestationPacked(options: AttestationFormatVerifierOpts): Promise<boolean>;
+//# sourceMappingURL=verifyAttestationPacked.d.ts.map

package/script/registration/verifications/verifyAttestationPacked.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"verifyAttestationPacked.d.ts","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationPacked.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,kCAAkC,CAAC;AAYtF;;GAEG;AACH,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,6BAA6B,GACrC,OAAO,CAAC,OAAO,CAAC,CAyJlB"}

package/script/registration/verifications/verifyAttestationPacked.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAttestationPacked = void 0;
+exports.verifyAttestationPacked = verifyAttestationPacked;
 const cose_js_1 = require("../../helpers/cose.js");
 const convertCertBufferToPEM_js_1 = require("../../helpers/convertCertBufferToPEM.js");
 const validateCertificatePath_js_1 = require("../../helpers/validateCertificatePath.js");
@@ -113,4 +113,3 @@ async function verifyAttestationPacked(options) {
     }
     return verified;
 }
-exports.verifyAttestationPacked = verifyAttestationPacked;

package/script/registration/verifyRegistrationResponse.d.ts CHANGED Viewed

@@ -1,16 +1,10 @@
-import type { COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON, WebAuthnCredential } from '../deps.js';
-import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject.js';
-import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js';
-export type VerifyRegistrationResponseOpts = {
-    response: RegistrationResponseJSON;
-    expectedChallenge: string | ((challenge: string) => boolean | Promise<boolean>);
-    expectedOrigin: string | string[];
-    expectedRPID?: string | string[];
-    expectedType?: string | string[];
-    requireUserPresence?: boolean;
-    requireUserVerification?: boolean;
-    supportedAlgorithmIDs?: COSEAlgorithmIdentifier[];
-};
+import type { COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON, WebAuthnCredential } from '../types/index.js';
+import { type AttestationFormat, type AttestationStatement } from '../helpers/decodeAttestationObject.js';
+import type { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js';
+/**
+ * Configurable options when calling `verifyRegistrationResponse()`
+ */
+export type VerifyRegistrationResponseOpts = Parameters<typeof verifyRegistrationResponse>[0];
 /**
  * Verify that the user has legitimately completed the registration process
  *
@@ -25,7 +19,16 @@ export type VerifyRegistrationResponseOpts = {
  * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true`
  * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to all supported algorithm IDs
  */
-export declare function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>;
+export declare function verifyRegistrationResponse(options: {
+    response: RegistrationResponseJSON;
+    expectedChallenge: string | ((challenge: string) => boolean | Promise<boolean>);
+    expectedOrigin: string | string[];
+    expectedRPID?: string | string[];
+    expectedType?: string | string[];
+    requireUserPresence?: boolean;
+    requireUserVerification?: boolean;
+    supportedAlgorithmIDs?: COSEAlgorithmIdentifier[];
+}): Promise<VerifiedRegistrationResponse>;
 /**
  * Result of registration verification
  *
@@ -82,3 +85,4 @@ export type AttestationFormatVerifierOpts = {
     rpIdHash: Uint8Array;
     verifyTimestampMS?: boolean;
 };
+//# sourceMappingURL=verifyRegistrationResponse.d.ts.map

package/script/registration/verifyRegistrationResponse.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"verifyRegistrationResponse.d.ts","sourceRoot":"","sources":["../../src/registration/verifyRegistrationResponse.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,oBAAoB,EACpB,wBAAwB,EACxB,kBAAkB,EACnB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,KAAK,iBAAiB,EACtB,KAAK,oBAAoB,EAE1B,MAAM,uCAAuC,CAAC;AAC/C,OAAO,KAAK,EAAE,4CAA4C,EAAE,MAAM,6CAA6C,CAAC;AAoBhH;;GAEG;AACH,MAAM,MAAM,8BAA8B,GAAG,UAAU,CAAC,OAAO,0BAA0B,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9F;;;;;;;;;;;;;GAaG;AACH,wBAAsB,0BAA0B,CAC9C,OAAO,EAAE;IACP,QAAQ,EAAE,wBAAwB,CAAC;IACnC,iBAAiB,EAAE,MAAM,GAAG,CAAC,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAChF,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,qBAAqB,CAAC,EAAE,uBAAuB,EAAE,CAAC;CACnD,GACA,OAAO,CAAC,4BAA4B,CAAC,CAsPvC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,MAAM,MAAM,4BAA4B,GAAG;IACzC,QAAQ,EAAE,OAAO,CAAC;IAClB,gBAAgB,CAAC,EAAE;QACjB,GAAG,EAAE,iBAAiB,CAAC;QACvB,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,kBAAkB,CAAC;QAC/B,cAAc,EAAE,YAAY,CAAC;QAC7B,iBAAiB,EAAE,UAAU,CAAC;QAC9B,YAAY,EAAE,OAAO,CAAC;QACtB,oBAAoB,EAAE,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,OAAO,CAAC;QAC5B,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,6BAA6B,CAAC,EAAE,4CAA4C,CAAC;KAC9E,CAAC;CACH,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,6BAA6B,GAAG;IAC1C,MAAM,EAAE,UAAU,CAAC;IACnB,OAAO,EAAE,oBAAoB,CAAC;IAC9B,QAAQ,EAAE,UAAU,CAAC;IACrB,cAAc,EAAE,UAAU,CAAC;IAC3B,YAAY,EAAE,UAAU,CAAC;IACzB,mBAAmB,EAAE,UAAU,CAAC;IAChC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,QAAQ,EAAE,UAAU,CAAC;IACrB,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B,CAAC"}

package/script/registration/verifyRegistrationResponse.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyRegistrationResponse = void 0;
+exports.verifyRegistrationResponse = verifyRegistrationResponse;
 const decodeAttestationObject_js_1 = require("../helpers/decodeAttestationObject.js");
 const decodeClientDataJSON_js_1 = require("../helpers/decodeClientDataJSON.js");
 const parseAuthenticatorData_js_1 = require("../helpers/parseAuthenticatorData.js");
@@ -212,4 +212,3 @@ async function verifyRegistrationResponse(options) {
     }
     return toReturn;
 }
-exports.verifyRegistrationResponse = verifyRegistrationResponse;

package/script/services/defaultRootCerts/android-key.d.ts CHANGED Viewed

@@ -22,3 +22,4 @@ export declare const Google_Hardware_Attestation_Root_1 = "-----BEGIN CERTIFICAT
  * 1E:F1:A0:4B:8B:A5:8A:B9:45:89:AC:49:8C:89:82:A7:83:F2:4E:A7:30:7E:01:59:A0:C3:A7:3B:37:7D:87:CC
  */
 export declare const Google_Hardware_Attestation_Root_2 = "-----BEGIN CERTIFICATE-----\nMIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV\nBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAz\nNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0B\nAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdS\nSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7\ntv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggj\nnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGq\nC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQ\noVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+O\nJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/Eg\nsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRi\nigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+M\nRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9E\naDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5Um\nAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1Ud\nIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYD\nVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnu\nXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83U\nh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cno\nL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2ok\nQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vA\nD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAI\nmMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoW\nFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91\noeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09o\njm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUB\nZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCH\nex0SdDrx+tWUDqG8At2JHA==\n-----END CERTIFICATE-----\n";
+//# sourceMappingURL=android-key.d.ts.map

package/script/services/defaultRootCerts/android-key.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"android-key.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-key.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kCAAkC,u6DA+B9C,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kCAAkC,60DA8B9C,CAAC"}

package/script/services/defaultRootCerts/android-safetynet.d.ts CHANGED Viewed

@@ -9,3 +9,4 @@
  * EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C:D4:33:1C:99
  */
 export declare const GlobalSign_Root_CA = "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n";
+//# sourceMappingURL=android-safetynet.d.ts.map

package/script/services/defaultRootCerts/android-safetynet.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"android-safetynet.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-safetynet.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,eAAO,MAAM,kBAAkB,uwCAqB9B,CAAC"}