@simplewebauthn/server 5.2.1 → 5.4.1

package/dist/registration/verifications/tpm/constants.d.ts

@@ -1,9 +1,27 @@
+/**
+ * A whole lotta domain knowledge is captured here, with hazy connections to source
+ * documents. Good places to start searching for more info on these values are the
+ * following Trusted Computing Group TPM Library docs linked in the WebAuthn API:
+ *
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-3-Commands-01.38.pdf
+ */
+/**
+ * 6.9 TPM_ST (Structure Tags)
+ */
 export declare const TPM_ST: {
     [key: number]: string;
 };
+/**
+ * 6.3 TPM_ALG_ID
+ */
 export declare const TPM_ALG: {
     [key: number]: string;
 };
+/**
+ * 6.4 TPM_ECC_CURVE
+ */
 export declare const TPM_ECC_CURVE: {
     [key: number]: string;
 };
@@ -11,7 +29,19 @@ declare type ManufacturerInfo = {
     name: string;
     id: string;
 };
+/**
+ * Sourced from https://trustedcomputinggroup.org/resource/vendor-id-registry/
+ *
+ * Latest version:
+ * https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-Vendor-ID-Registry-Version-1.02-Revision-1.00.pdf
+ */
 export declare const TPM_MANUFACTURERS: {
     [key: string]: ManufacturerInfo;
 };
+/**
+ * Match TPM public area curve ID's to `crv` numbers used in COSE public keys
+ */
+export declare const TPM_ECC_CURVE_COSE_CRV_MAP: {
+    [key: string]: number;
+};
 export {};

package/dist/registration/verifications/tpm/constants.js

@@ -1,7 +1,19 @@
 "use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TPM_MANUFACTURERS = exports.TPM_ECC_CURVE = exports.TPM_ALG = exports.TPM_ST = void 0;
 /* eslint-disable @typescript-eslint/ban-ts-comment */
+/**
+ * A whole lotta domain knowledge is captured here, with hazy connections to source
+ * documents. Good places to start searching for more info on these values are the
+ * following Trusted Computing Group TPM Library docs linked in the WebAuthn API:
+ *
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-01.38.pdf
+ * - https://www.trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-3-Commands-01.38.pdf
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TPM_ECC_CURVE_COSE_CRV_MAP = exports.TPM_MANUFACTURERS = exports.TPM_ECC_CURVE = exports.TPM_ALG = exports.TPM_ST = void 0;
+/**
+ * 6.9 TPM_ST (Structure Tags)
+ */
 exports.TPM_ST = {
     0x00c4: 'TPM_ST_RSP_COMMAND',
     0x8000: 'TPM_ST_NULL',
@@ -21,6 +33,9 @@ exports.TPM_ST = {
     0x8025: 'TPM_ST_AUTH_SIGNED',
     0x8029: 'TPM_ST_FU_MANIFEST',
 };
+/**
+ * 6.3 TPM_ALG_ID
+ */
 exports.TPM_ALG = {
     0x0000: 'TPM_ALG_ERROR',
     0x0001: 'TPM_ALG_RSA',
@@ -60,6 +75,9 @@ exports.TPM_ALG = {
     0x0043: 'TPM_ALG_CFB',
     0x0044: 'TPM_ALG_ECB',
 };
+/**
+ * 6.4 TPM_ECC_CURVE
+ */
 exports.TPM_ECC_CURVE = {
     0x0000: 'TPM_ECC_NONE',
     0x0001: 'TPM_ECC_NIST_P192',
@@ -71,6 +89,12 @@ exports.TPM_ECC_CURVE = {
     0x0011: 'TPM_ECC_BN_P638',
     0x0020: 'TPM_ECC_SM2_P256',
 };
+/**
+ * Sourced from https://trustedcomputinggroup.org/resource/vendor-id-registry/
+ *
+ * Latest version:
+ * https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-Vendor-ID-Registry-Version-1.02-Revision-1.00.pdf
+ */
 exports.TPM_MANUFACTURERS = {
     'id:414D4400': {
         name: 'AMD',
@@ -149,4 +173,14 @@ exports.TPM_MANUFACTURERS = {
         id: 'FIDO',
     },
 };
+/**
+ * Match TPM public area curve ID's to `crv` numbers used in COSE public keys
+ */
+exports.TPM_ECC_CURVE_COSE_CRV_MAP = {
+    TPM_ECC_NIST_P256: 1,
+    TPM_ECC_NIST_P384: 2,
+    TPM_ECC_NIST_P521: 3,
+    TPM_ECC_BN_P256: 1,
+    TPM_ECC_SM2_P256: 1, // p256
+};
 //# sourceMappingURL=constants.js.map

package/dist/registration/verifications/tpm/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/constants.ts"],"names":[],"mappings":";;;AAAA,sDAAsD;AACzC,QAAA,MAAM,GAA8B;IAC/C,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,6BAA6B;IACrC,MAAM,EAAE,6BAA6B;IACrC,MAAM,EAAE,uBAAuB;IAC/B,MAAM,EAAE,qBAAqB;IAC7B,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,oBAAoB;CAC7B,CAAC;AAEW,QAAA,OAAO,GAA8B;IAChD,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,kBAAkB;IAClB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;CACtB,CAAC;AAEW,QAAA,aAAa,GAA8B;IACtD,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,kBAAkB;CAC3B,CAAC;AAOW,QAAA,iBAAiB,GAAwC;IACpE,aAAa,EAAE;QACb,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,QAAQ;QACd,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,wBAAwB;QAC9B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,oBAAoB;QAC1B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,MAAM;QACZ,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,qBAAqB;QAC3B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,mBAAmB;QACzB,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,MAAM;KACX;CACF,CAAC"}
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/constants.ts"],"names":[],"mappings":";AAAA,sDAAsD;AACtD;;;;;;;;GAQG;;;AAEH;;GAEG;AACU,QAAA,MAAM,GAA8B;IAC/C,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,6BAA6B;IACrC,MAAM,EAAE,6BAA6B;IACrC,MAAM,EAAE,uBAAuB;IAC/B,MAAM,EAAE,qBAAqB;IAC7B,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,oBAAoB;IAC5B,MAAM,EAAE,oBAAoB;CAC7B,CAAC;AAEF;;GAEG;AACU,QAAA,OAAO,GAA8B;IAChD,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,kBAAkB;IAClB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,gBAAgB;IACxB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,eAAe;IACvB,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,wBAAwB;IAChC,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,kBAAkB;IAC1B,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;IACrB,MAAM,EAAE,aAAa;CACtB,CAAC;AAEF;;GAEG;AACU,QAAA,aAAa,GAA8B;IACtD,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,mBAAmB;IAC3B,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,iBAAiB;IACzB,MAAM,EAAE,kBAAkB;CAC3B,CAAC;AAOF;;;;;GAKG;AACU,QAAA,iBAAiB,GAAwC;IACpE,aAAa,EAAE;QACb,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,QAAQ;QACd,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,wBAAwB;QAC9B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,oBAAoB;QAC1B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,UAAU;QAChB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,MAAM;QACZ,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,qBAAqB;QAC3B,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,mBAAmB;QACzB,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,SAAS;QACf,EAAE,EAAE,KAAK;KACV;IACD,aAAa,EAAE;QACb,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,MAAM;KACX;IACD,aAAa,EAAE;QACb,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,MAAM;KACX;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,0BAA0B,GAA8B;IACnE,iBAAiB,EAAE,CAAC;IACpB,iBAAiB,EAAE,CAAC;IACpB,iBAAiB,EAAE,CAAC;IACpB,eAAe,EAAE,CAAC;IAClB,gBAAgB,EAAE,CAAC,EAAG,OAAO;CAC9B,CAAC"}

package/dist/registration/verifications/tpm/parseCertInfo.d.ts

@@ -2,7 +2,7 @@
 /**
  * Cut up a TPM attestation's certInfo into intelligible chunks
  */
-export default function parseCertInfo(certInfo: Buffer): ParsedCertInfo;
+export declare function parseCertInfo(certInfo: Buffer): ParsedCertInfo;
 declare type ParsedCertInfo = {
     magic: number;
     type: string;

package/dist/registration/verifications/tpm/parseCertInfo.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseCertInfo = void 0;
 const constants_1 = require("./constants");
 /**
  * Cut up a TPM attestation's certInfo into intelligible chunks
@@ -49,5 +50,5 @@ function parseCertInfo(certInfo) {
         attested,
     };
 }
-exports.default = parseCertInfo;
+exports.parseCertInfo = parseCertInfo;
 //# sourceMappingURL=parseCertInfo.js.map

package/dist/registration/verifications/tpm/parseCertInfo.js.map

@@ -1 +1 @@
-{"version":3,"file":"parseCertInfo.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parseCertInfo.ts"],"names":[],"mappings":";;AAAA,2CAA8C;AAE9C;;GAEG;AACH,SAAwB,aAAa,CAAC,QAAgB;IACpD,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,uBAAuB;IACvB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAEtE,+CAA+C;IAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,kBAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEhD,8CAA8C;IAC9C,MAAM,qBAAqB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACtF,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,qBAAqB,CAAC,CAAC,CAAC;IAEpF,4CAA4C;IAC5C,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,eAAe,CAAC,CAAC,CAAC;IAExE,oEAAoE;IACpE,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG;QAChB,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QAClC,UAAU,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QACxD,YAAY,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC;KAC5B,CAAC;IAEF,8BAA8B;IAC9B,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAEhE,gBAAgB;IAChB,MAAM,kBAAkB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACnF,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,kBAAkB,CAAC,CAAC,CAAC;IAE9E,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC,CAAC;IAEhF,MAAM,QAAQ,GAAG;QACf,OAAO,EAAE,mBAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC1D,aAAa,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACvC,IAAI,EAAE,YAAY;QAClB,aAAa;KACd,CAAC;IAEF,OAAO;QACL,KAAK;QACL,IAAI;QACJ,eAAe;QACf,SAAS;QACT,SAAS;QACT,eAAe;QACf,QAAQ;KACT,CAAC;AACJ,CAAC;AAtDD,gCAsDC"}
+{"version":3,"file":"parseCertInfo.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parseCertInfo.ts"],"names":[],"mappings":";;;AAAA,2CAA8C;AAE9C;;GAEG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,uBAAuB;IACvB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAEtE,+CAA+C;IAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC3D,MAAM,IAAI,GAAG,kBAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEhD,8CAA8C;IAC9C,MAAM,qBAAqB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACtF,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,qBAAqB,CAAC,CAAC,CAAC;IAEpF,4CAA4C;IAC5C,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,eAAe,CAAC,CAAC,CAAC;IAExE,oEAAoE;IACpE,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,SAAS,GAAG;QAChB,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QAClC,UAAU,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QACxD,YAAY,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QAC3D,IAAI,EAAE,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC;KAC5B,CAAC;IAEF,8BAA8B;IAC9B,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAEhE,gBAAgB;IAChB,MAAM,kBAAkB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACnF,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,kBAAkB,CAAC,CAAC,CAAC;IAE9E,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,mBAAmB,CAAC,CAAC,CAAC;IAEhF,MAAM,QAAQ,GAAG;QACf,OAAO,EAAE,mBAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC1D,aAAa,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACvC,IAAI,EAAE,YAAY;QAClB,aAAa;KACd,CAAC;IAEF,OAAO;QACL,KAAK;QACL,IAAI;QACJ,eAAe;QACf,SAAS;QACT,SAAS;QACT,eAAe;QACf,QAAQ;KACT,CAAC;AACJ,CAAC;AAtDD,sCAsDC"}

package/dist/registration/verifications/tpm/parsePubArea.d.ts

@@ -1,8 +1,11 @@
 /// <reference types="node" />
 /**
  * Break apart a TPM attestation's pubArea buffer
+ *
+ * See 12.2.4 TPMT_PUBLIC here:
+ * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf
  */
-export default function parsePubArea(pubArea: Buffer): ParsedPubArea;
+export declare function parsePubArea(pubArea: Buffer): ParsedPubArea;
 declare type ParsedPubArea = {
     type: 'TPM_ALG_RSA' | 'TPM_ALG_ECC';
     nameAlg: string;

package/dist/registration/verifications/tpm/parsePubArea.js

@@ -1,8 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parsePubArea = void 0;
 const constants_1 = require("./constants");
 /**
  * Break apart a TPM attestation's pubArea buffer
+ *
+ * See 12.2.4 TPMT_PUBLIC here:
+ * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf
  */
 function parsePubArea(pubArea) {
     let pointer = 0;
@@ -30,6 +34,7 @@ function parsePubArea(pubArea) {
     const authPolicy = pubArea.slice(pointer, (pointer += authPolicyLength));
     // Extract additional curve params according to type
     const parameters = {};
+    let unique = Buffer.from([]);
     if (type === 'TPM_ALG_RSA') {
         const rsaBuffer = pubArea.slice(pointer, (pointer += 10));
         parameters.rsa = {
@@ -38,6 +43,12 @@ function parsePubArea(pubArea) {
             keyBits: rsaBuffer.slice(4, 6).readUInt16BE(0),
             exponent: rsaBuffer.slice(6, 10).readUInt32BE(0),
         };
+        /**
+         * See 11.2.4.5 TPM2B_PUBLIC_KEY_RSA here:
+         * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf
+         */
+        const uniqueLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0);
+        unique = pubArea.slice(pointer, (pointer += uniqueLength));
     }
     else if (type === 'TPM_ALG_ECC') {
         const eccBuffer = pubArea.slice(pointer, (pointer += 8));
@@ -47,13 +58,21 @@ function parsePubArea(pubArea) {
             curveID: constants_1.TPM_ECC_CURVE[eccBuffer.slice(4, 6).readUInt16BE(0)],
             kdf: constants_1.TPM_ALG[eccBuffer.slice(6, 8).readUInt16BE(0)],
         };
+        /**
+         * See 11.2.5.1 TPM2B_ECC_PARAMETER here:
+         * https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-2-Structures-00.96-130315.pdf
+         */
+        // Retrieve X
+        const uniqueXLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0);
+        const uniqueX = pubArea.slice(pointer, (pointer += uniqueXLength));
+        // Retrieve Y
+        const uniqueYLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0);
+        const uniqueY = pubArea.slice(pointer, (pointer += uniqueYLength));
+        unique = Buffer.concat([uniqueX, uniqueY]);
     }
     else {
         throw new Error(`Unexpected type "${type}" (TPM)`);
     }
-    // Slice out unique of dynamic length
-    const uniqueLength = pubArea.slice(pointer, (pointer += 2)).readUInt16BE(0);
-    const unique = pubArea.slice(pointer, (pointer += uniqueLength));
     return {
         type,
         nameAlg,
@@ -63,5 +82,5 @@ function parsePubArea(pubArea) {
         unique,
     };
 }
-exports.default = parsePubArea;
+exports.parsePubArea = parsePubArea;
 //# sourceMappingURL=parsePubArea.js.map

package/dist/registration/verifications/tpm/parsePubArea.js.map

@@ -1 +1 @@
-{"version":3,"file":"parsePubArea.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parsePubArea.ts"],"names":[],"mappings":";;AAAA,2CAAqD;AAErD;;GAEG;AACH,SAAwB,YAAY,CAAC,OAAe;IAClD,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,IAAI,GAAG,mBAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7D,MAAM,OAAO,GAAG,mBAAO,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEvD,uCAAuC;IACvC,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACnF,MAAM,gBAAgB,GAAG;QACvB,QAAQ,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACpC,WAAW,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACxC,mBAAmB,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QACjD,YAAY,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QAC1C,eAAe,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QAC7C,IAAI,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,GAAG,CAAC;QACnC,oBAAoB,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,IAAI,CAAC;QACpD,UAAU,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,KAAK,CAAC;QAC3C,OAAO,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,KAAK,CAAC;QACxC,aAAa,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,MAAM,CAAC;KAChD,CAAC;IAEF,6CAA6C;IAC7C,MAAM,gBAAgB,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,CAAC;IAEzE,oDAAoD;IACpD,MAAM,UAAU,GAAiD,EAAE,CAAC;IACpE,IAAI,IAAI,KAAK,aAAa,EAAE;QAC1B,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;QAE1D,UAAU,CAAC,GAAG,GAAG;YACf,SAAS,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACzD,MAAM,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACtD,OAAO,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;YAC9C,QAAQ,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;SACjD,CAAC;KACH;SAAM,IAAI,IAAI,KAAK,aAAa,EAAE;QACjC,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzD,UAAU,CAAC,GAAG,GAAG;YACf,SAAS,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACzD,MAAM,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACtD,OAAO,EAAE,yBAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC7D,GAAG,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;SACpD,CAAC;KACH;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,oBAAoB,IAAI,SAAS,CAAC,CAAC;KACpD;IAED,qCAAqC;IACrC,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAC5E,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,YAAY,CAAC,CAAC,CAAC;IAEjE,OAAO;QACL,IAAI;QACJ,OAAO;QACP,gBAAgB;QAChB,UAAU;QACV,UAAU;QACV,MAAM;KACP,CAAC;AACJ,CAAC;AAjED,+BAiEC"}
+{"version":3,"file":"parsePubArea.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/parsePubArea.ts"],"names":[],"mappings":";;;AAAA,2CAAqD;AAErD;;;;;GAKG;AACH,SAAgB,YAAY,CAAC,OAAe;IAC1C,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,IAAI,GAAG,mBAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7D,MAAM,OAAO,GAAG,mBAAO,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAEvD,uCAAuC;IACvC,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACnF,MAAM,gBAAgB,GAAG;QACvB,QAAQ,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACrC,OAAO,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACpC,WAAW,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,CAAC,CAAC;QACxC,mBAAmB,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QACjD,YAAY,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QAC1C,eAAe,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,EAAE,CAAC;QAC7C,IAAI,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,GAAG,CAAC;QACnC,oBAAoB,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,IAAI,CAAC;QACpD,UAAU,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,KAAK,CAAC;QAC3C,OAAO,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,KAAK,CAAC;QACxC,aAAa,EAAE,CAAC,CAAC,CAAC,mBAAmB,GAAG,MAAM,CAAC;KAChD,CAAC;IAEF,6CAA6C;IAC7C,MAAM,gBAAgB,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,CAAC;IAEzE,oDAAoD;IACpD,MAAM,UAAU,GAAiD,EAAE,CAAC;IACpE,IAAI,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE7B,IAAI,IAAI,KAAK,aAAa,EAAE;QAC1B,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;QAE1D,UAAU,CAAC,GAAG,GAAG;YACf,SAAS,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACzD,MAAM,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACtD,OAAO,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;YAC9C,QAAQ,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;SACjD,CAAC;QAEF;;;WAGG;QACH,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAE5E,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,YAAY,CAAC,CAAC,CAAC;KAC5D;SAAM,IAAI,IAAI,KAAK,aAAa,EAAE;QACjC,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzD,UAAU,CAAC,GAAG,GAAG;YACf,SAAS,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACzD,MAAM,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACtD,OAAO,EAAE,yBAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC7D,GAAG,EAAE,mBAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;SACpD,CAAC;QAEF;;;WAGG;QACH,aAAa;QACb,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,aAAa,CAAC,CAAC,CAAC;QACnE,aAAa;QACb,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,IAAI,aAAa,CAAC,CAAC,CAAC;QAEnE,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;KAC5C;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,oBAAoB,IAAI,SAAS,CAAC,CAAC;KACpD;IAED,OAAO;QACL,IAAI;QACJ,OAAO;QACP,gBAAgB;QAChB,UAAU;QACV,UAAU;QACV,MAAM;KACP,CAAC;AACJ,CAAC;AApFD,oCAoFC"}

package/dist/registration/verifications/tpm/verifyAttestationTPM.d.ts

@@ -0,0 +1,2 @@
+import type { AttestationFormatVerifierOpts } from '../../verifyRegistrationResponse';
+export declare function verifyAttestationTPM(options: AttestationFormatVerifierOpts): Promise<boolean>;

package/dist/registration/verifications/tpm/{verifyTPM.js → verifyAttestationTPM.js}

@@ -1,23 +1,21 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyAttestationTPM = void 0;
 const asn1_schema_1 = require("@peculiar/asn1-schema");
 const asn1_x509_1 = require("@peculiar/asn1-x509");
-const decodeCredentialPublicKey_1 = __importDefault(require("../../../helpers/decodeCredentialPublicKey"));
+const decodeCredentialPublicKey_1 = require("../../../helpers/decodeCredentialPublicKey");
 const convertCOSEtoPKCS_1 = require("../../../helpers/convertCOSEtoPKCS");
-const toHash_1 = __importDefault(require("../../../helpers/toHash"));
-const convertCertBufferToPEM_1 = __importDefault(require("../../../helpers/convertCertBufferToPEM"));
-const validateCertificatePath_1 = __importDefault(require("../../../helpers/validateCertificatePath"));
-const getCertificateInfo_1 = __importDefault(require("../../../helpers/getCertificateInfo"));
-const verifySignature_1 = __importDefault(require("../../../helpers/verifySignature"));
-const metadataService_1 = __importDefault(require("../../../services/metadataService"));
-const verifyAttestationWithMetadata_1 = __importDefault(require("../../../metadata/verifyAttestationWithMetadata"));
+const toHash_1 = require("../../../helpers/toHash");
+const convertCertBufferToPEM_1 = require("../../../helpers/convertCertBufferToPEM");
+const validateCertificatePath_1 = require("../../../helpers/validateCertificatePath");
+const getCertificateInfo_1 = require("../../../helpers/getCertificateInfo");
+const verifySignature_1 = require("../../../helpers/verifySignature");
+const metadataService_1 = require("../../../services/metadataService");
+const verifyAttestationWithMetadata_1 = require("../../../metadata/verifyAttestationWithMetadata");
 const constants_1 = require("./constants");
-const parseCertInfo_1 = __importDefault(require("./parseCertInfo"));
-const parsePubArea_1 = __importDefault(require("./parsePubArea"));
-async function verifyTPM(options) {
+const parseCertInfo_1 = require("./parseCertInfo");
+const parsePubArea_1 = require("./parsePubArea");
+async function verifyAttestationTPM(options) {
     var _a;
     const { aaguid, attStmt, authData, credentialPublicKey, clientDataHash, rootCertificates } = options;
     const { ver, sig, alg, x5c, pubArea, certInfo } = attStmt;
@@ -42,11 +40,11 @@ async function verifyTPM(options) {
     if (!certInfo) {
         throw new Error('Attestation statement did not contain certInfo (TPM)');
     }
-    const parsedPubArea = (0, parsePubArea_1.default)(pubArea);
+    const parsedPubArea = (0, parsePubArea_1.parsePubArea)(pubArea);
     const { unique, type: pubType, parameters } = parsedPubArea;
     // Verify that the public key specified by the parameters and unique fields of pubArea is
     // identical to the credentialPublicKey in the attestedCredentialData in authenticatorData.
-    const cosePublicKey = (0, decodeCredentialPublicKey_1.default)(credentialPublicKey);
+    const cosePublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
     if (pubType === 'TPM_ALG_RSA') {
         const n = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.n);
         const e = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.e);
@@ -72,10 +70,6 @@ async function verifyTPM(options) {
         }
     }
     else if (pubType === 'TPM_ALG_ECC') {
-        /**
-         * TODO: Confirm this all works fine. Conformance tools v1.3.4 don't currently test ECC so I
-         * had to eyeball it based on the **duo-labs/webauthn** library
-         */
         const crv = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.crv);
         const x = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.x);
         const y = cosePublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.y);
@@ -95,15 +89,15 @@ async function verifyTPM(options) {
             throw new Error(`Parsed pubArea type is ECC, but missing parameters.ecc (TPM|ECC)`);
         }
         const pubAreaCurveID = parameters.ecc.curveID;
-        const pubKeyCurveID = constants_1.TPM_ECC_CURVE[crv.readUInt16BE(0)];
-        if (pubAreaCurveID !== pubKeyCurveID) {
-            throw new Error(`Unexpected public key curve ID "${pubKeyCurveID}", expected "${pubAreaCurveID}" (TPM|ECC)`);
+        const pubAreaCurveIDMapToCOSECRV = constants_1.TPM_ECC_CURVE_COSE_CRV_MAP[pubAreaCurveID];
+        if (pubAreaCurveIDMapToCOSECRV !== crv) {
+            throw new Error(`Public area key curve ID "${pubAreaCurveID}" mapped to "${pubAreaCurveIDMapToCOSECRV}" which did not match public key crv of "${crv}" (TPM|ECC)`);
         }
     }
     else {
         throw new Error(`Unsupported pubArea.type "${pubType}"`);
     }
-    const parsedCertInfo = (0, parseCertInfo_1.default)(certInfo);
+    const parsedCertInfo = (0, parseCertInfo_1.parseCertInfo)(certInfo);
     const { magic, type: certType, attested, extraData } = parsedCertInfo;
     if (magic !== 0xff544347) {
         throw new Error(`Unexpected magic value "${magic}", expected "0xff544347" (TPM)`);
@@ -112,7 +106,7 @@ async function verifyTPM(options) {
         throw new Error(`Unexpected type "${certType}", expected "TPM_ST_ATTEST_CERTIFY" (TPM)`);
     }
     // Hash pubArea to create pubAreaHash using the nameAlg in attested
-    const pubAreaHash = (0, toHash_1.default)(pubArea, attested.nameAlg.replace('TPM_ALG_', ''));
+    const pubAreaHash = (0, toHash_1.toHash)(pubArea, attested.nameAlg.replace('TPM_ALG_', ''));
     // Concatenate attested.nameAlg and pubAreaHash to create attestedName.
     const attestedName = Buffer.concat([attested.nameAlgBuffer, pubAreaHash]);
     // Check that certInfo.attested.name is equals to attestedName.
@@ -123,7 +117,7 @@ async function verifyTPM(options) {
     const attToBeSigned = Buffer.concat([authData, clientDataHash]);
     // Hash attToBeSigned using the algorithm specified in attStmt.alg to create attToBeSignedHash
     const hashAlg = convertCOSEtoPKCS_1.COSEALGHASH[alg];
-    const attToBeSignedHash = (0, toHash_1.default)(attToBeSigned, hashAlg);
+    const attToBeSignedHash = (0, toHash_1.toHash)(attToBeSigned, hashAlg);
     // Check that certInfo.extraData is equals to attToBeSignedHash.
     if (!extraData.equals(attToBeSignedHash)) {
         throw new Error('CertInfo extra data did not equal hashed attestation (TPM)');
@@ -135,7 +129,7 @@ async function verifyTPM(options) {
         throw new Error('No certificates present in x5c array (TPM)');
     }
     // Pick a leaf AIK certificate of the x5c array and parse it.
-    const leafCertInfo = (0, getCertificateInfo_1.default)(x5c[0]);
+    const leafCertInfo = (0, getCertificateInfo_1.getCertificateInfo)(x5c[0]);
     const { basicConstraintsCA, version, subject, notAfter, notBefore } = leafCertInfo;
     if (basicConstraintsCA) {
         throw new Error('Certificate basic constraints CA was not `false` (TPM)');
@@ -203,10 +197,10 @@ async function verifyTPM(options) {
     // TODO: If certificate contains id-fido-gen-ce-aaguid(1.3.6.1.4.1.45724.1.1.4) extension, check
     // that it’s value is set to the same AAGUID as in authData.
     // Run some metadata checks if a statement exists for this authenticator
-    const statement = await metadataService_1.default.getStatement(aaguid);
+    const statement = await metadataService_1.MetadataService.getStatement(aaguid);
     if (statement) {
         try {
-            await (0, verifyAttestationWithMetadata_1.default)(statement, credentialPublicKey, x5c);
+            await (0, verifyAttestationWithMetadata_1.verifyAttestationWithMetadata)(statement, credentialPublicKey, x5c);
         }
         catch (err) {
             const _err = err;
@@ -216,7 +210,7 @@ async function verifyTPM(options) {
     else {
         try {
             // Try validating the certificate path using the root certificates set via SettingsService
-            await (0, validateCertificatePath_1.default)(x5c.map(convertCertBufferToPEM_1.default), rootCertificates);
+            await (0, validateCertificatePath_1.validateCertificatePath)(x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM), rootCertificates);
         }
         catch (err) {
             const _err = err;
@@ -225,10 +219,10 @@ async function verifyTPM(options) {
     }
     // Verify signature over certInfo with the public key extracted from AIK certificate.
     // In the wise words of Yuriy Ackermann: "Get Martini friend, you are done!"
-    const leafCertPEM = (0, convertCertBufferToPEM_1.default)(x5c[0]);
-    return (0, verifySignature_1.default)(sig, certInfo, leafCertPEM, hashAlg);
+    const leafCertPEM = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(x5c[0]);
+    return (0, verifySignature_1.verifySignature)(sig, certInfo, leafCertPEM, hashAlg);
 }
-exports.default = verifyTPM;
+exports.verifyAttestationTPM = verifyAttestationTPM;
 /**
  * Contain logic for pulling TPM-specific values out of subjectAlternativeName extension
  */
@@ -286,4 +280,4 @@ function getTcgAtTpmValues(root) {
         tcgAtTpmVersion,
     };
 }
-//# sourceMappingURL=verifyTPM.js.map
+//# sourceMappingURL=verifyAttestationTPM.js.map

package/dist/registration/verifications/tpm/verifyAttestationTPM.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifyAttestationTPM.js","sourceRoot":"","sources":["../../../../src/registration/verifications/tpm/verifyAttestationTPM.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAO6B;AAI7B,0FAAuF;AACvF,0EAA2E;AAC3E,oDAAiD;AACjD,oFAAiF;AACjF,sFAAmF;AACnF,4EAAyE;AACzE,sEAAmE;AACnE,uEAAoE;AACpE,mGAAgG;AAEhG,2CAA4E;AAC5E,mDAAgD;AAChD,iDAA8C;AAEvC,KAAK,UAAU,oBAAoB,CAAC,OAAsC;;IAC/E,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,cAAc,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE1D;;OAEG;IACH,IAAI,GAAG,KAAK,KAAK,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,yBAAyB,CAAC,CAAC;KAClE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,aAAa,GAAG,IAAA,2BAAY,EAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;IAE5D,yFAAyF;IACzF,2FAA2F;IAC3F,MAAM,aAAa,GAAG,IAAA,qDAAyB,EAAC,mBAAmB,CAAC,CAAC;IAErE,IAAI,OAAO,KAAK,aAAa,EAAE;QAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAW,CAAC,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;SAChF;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,OAAO,GAAG,CAAW,CAAC;QAC5B,8FAA8F;QAC9F,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK,CAAC;QAEzD,4CAA4C;QAC5C,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAEjE,IAAI,eAAe,KAAK,IAAI,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,cAAc,eAAe,YAAY,CAAC,CAAC;SAC7F;KACF;SAAM,IAAI,OAAO,KAAK,aAAa,EAAE;QACpC,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAExC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;SAC1D;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QACD,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;SACxD;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC,EAAE;YAC7D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;SAC/E;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;SACrF;QAED,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC;QAC9C,MAAM,0BAA0B,GAAG,sCAA0B,CAAC,cAAc,CAAC,CAAA;QAC7E,IAAI,0BAA0B,KAAK,GAAG,EAAE;YACtC,MAAM,IAAI,KAAK,CACb,6BAA6B,cAAc,gBAAgB,0BAA0B,4CAA4C,GAAG,aAAa,CAClJ,CAAC;SACH;KACF;SAAM;QACL,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,CAAC;KAC1D;IAED,MAAM,cAAc,GAAG,IAAA,6BAAa,EAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,cAAc,CAAC;IAEtE,IAAI,KAAK,KAAK,UAAU,EAAE;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,KAAK,gCAAgC,CAAC,CAAC;KACnF;IAED,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,2CAA2C,CAAC,CAAC;KAC1F;IAED,mEAAmE;IACnE,MAAM,WAAW,GAAG,IAAA,eAAM,EAAC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC;IAE9E,uEAAuE;IACvE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;IAE1E,+DAA+D;IAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;KAC1D;IAED,mEAAmE;IACnE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAEhE,8FAA8F;IAC9F,MAAM,OAAO,GAAW,+BAAW,CAAC,GAAa,CAAC,CAAC;IACnD,MAAM,iBAAiB,GAAG,IAAA,eAAM,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IAEzD,gEAAgE;IAChE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED;;OAEG;IACH,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;KAC/D;IAED,6DAA6D;IAC7D,MAAM,YAAY,GAAG,IAAA,uCAAkB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,YAAY,CAAC;IAEnF,IAAI,kBAAkB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,mEAAmE;IACnE,IAAI,OAAO,KAAK,CAAC,EAAE;QACjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,wCAAwC;IACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,4CAA4C;IAC5C,IAAI,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,IAAI,SAAS,GAAG,GAAG,EAAE;QACnB,MAAM,IAAI,KAAK,CAAC,gCAAgC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAChF;IAED,yCAAyC;IACzC,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,+BAA+B,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;KAC9E;IAED;;OAEG;IACH,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IAExD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,UAAU,EAAE;QACzC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;KAC7D;IAED,IAAI,qBAAyD,CAAC;IAC9D,IAAI,WAAyC,CAAC;IAC9C,UAAU,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,gCAAoB,EAAE;YACvC,qBAAqB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,kCAAsB,CAAC,CAAC;SAChF;aAAM,IAAI,GAAG,CAAC,MAAM,KAAK,6BAAiB,EAAE;YAC3C,WAAW,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;SAChE;IACH,CAAC,CAAC,CAAC;IAEH,wEAAwE;IACxE,IAAI,CAAC,qBAAqB,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,6FAA6F;IAC7F,SAAS;IACT,IAAI,CAAC,CAAA,MAAA,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,0CAAG,CAAC,EAAE,MAAM,CAAA,EAAE;QACvD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;KACvF;IAED,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAAE,GAAG,iBAAiB,CAChF,qBAAqB,CAAC,CAAC,CAAC,CAAC,aAAa,CACvC,CAAC;IAEF,IAAI,CAAC,oBAAoB,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE;QAC/D,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;KACjF;IAED,yFAAyF;IACzF,IAAI,CAAC,6BAAiB,CAAC,oBAAoB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,qCAAqC,oBAAoB,SAAS,CAAC,CAAC;KACrF;IAED,wFAAwF;IACxF,4CAA4C;IAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE;QACrC,MAAM,IAAI,KAAK,CAAC,2BAA2B,WAAW,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;KAC9F;IAED,gGAAgG;IAChG,4DAA4D;IAE5D,wEAAwE;IACxE,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,CAAC,CAAC;SAC1C;KACF;IAED,qFAAqF;IACrF,4EAA4E;IAC5E,MAAM,WAAW,GAAG,IAAA,+CAAsB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,OAAO,IAAA,iCAAe,EAAC,GAAG,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAC9D,CAAC;AA5PD,oDA4PC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,IAAU;IAKnC,MAAM,eAAe,GAAG,cAAc,CAAC;IACvC,MAAM,QAAQ,GAAG,cAAc,CAAC;IAChC,MAAM,UAAU,GAAG,cAAc,CAAC;IAElC,IAAI,oBAAwC,CAAC;IAC7C,IAAI,aAAiC,CAAC;IACtC,IAAI,eAAmC,CAAC;IAExC;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YACrB,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE;gBACjC,oBAAoB,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aAC9C;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE;gBACjC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACvC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,EAAE;gBACnC,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;aACzC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,aAAa;QACb,eAAe;KAChB,CAAC;AACJ,CAAC"}

package/dist/registration/verifications/{verifyAndroidKey.d.ts → verifyAttestationAndroidKey.d.ts}

@@ -2,4 +2,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
 /**
  * Verify an attestation response with fmt 'android-key'
  */
-export default function verifyAttestationAndroidKey(options: AttestationFormatVerifierOpts): Promise<boolean>;
+export declare function verifyAttestationAndroidKey(options: AttestationFormatVerifierOpts): Promise<boolean>;

package/dist/registration/verifications/{verifyAndroidKey.js → verifyAttestationAndroidKey.js}

@@ -1,40 +1,15 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyAttestationAndroidKey = void 0;
 const asn1_schema_1 = require("@peculiar/asn1-schema");
 const asn1_x509_1 = require("@peculiar/asn1-x509");
 const asn1_android_1 = require("@peculiar/asn1-android");
-const convertCertBufferToPEM_1 = __importDefault(require("../../helpers/convertCertBufferToPEM"));
-const validateCertificatePath_1 = __importDefault(require("../../helpers/validateCertificatePath"));
-const verifySignature_1 = __importDefault(require("../../helpers/verifySignature"));
-const convertCOSEtoPKCS_1 = __importStar(require("../../helpers/convertCOSEtoPKCS"));
-const metadataService_1 = __importDefault(require("../../services/metadataService"));
-const verifyAttestationWithMetadata_1 = __importDefault(require("../../metadata/verifyAttestationWithMetadata"));
+const convertCertBufferToPEM_1 = require("../../helpers/convertCertBufferToPEM");
+const validateCertificatePath_1 = require("../../helpers/validateCertificatePath");
+const verifySignature_1 = require("../../helpers/verifySignature");
+const convertCOSEtoPKCS_1 = require("../../helpers/convertCOSEtoPKCS");
+const metadataService_1 = require("../../services/metadataService");
+const verifyAttestationWithMetadata_1 = require("../../metadata/verifyAttestationWithMetadata");
 /**
  * Verify an attestation response with fmt 'android-key'
  */
@@ -56,7 +31,7 @@ async function verifyAttestationAndroidKey(options) {
     const parsedCert = asn1_schema_1.AsnParser.parse(x5c[0], asn1_x509_1.Certificate);
     const parsedCertPubKey = Buffer.from(parsedCert.tbsCertificate.subjectPublicKeyInfo.subjectPublicKey);
     // Convert the credentialPublicKey to PKCS
-    const credPubKeyPKCS = (0, convertCOSEtoPKCS_1.default)(credentialPublicKey);
+    const credPubKeyPKCS = (0, convertCOSEtoPKCS_1.convertCOSEtoPKCS)(credentialPublicKey);
     if (!credPubKeyPKCS.equals(parsedCertPubKey)) {
         throw new Error('Credential public key does not equal leaf cert public key (AndroidKey)');
     }
@@ -79,10 +54,10 @@ async function verifyAttestationAndroidKey(options) {
     if (softwareEnforced.allApplications !== undefined) {
         throw new Error('teeEnforced contained "allApplications [600]" tag (AndroidKey)');
     }
-    const statement = await metadataService_1.default.getStatement(aaguid);
+    const statement = await metadataService_1.MetadataService.getStatement(aaguid);
     if (statement) {
         try {
-            await (0, verifyAttestationWithMetadata_1.default)(statement, credentialPublicKey, x5c);
+            await (0, verifyAttestationWithMetadata_1.verifyAttestationWithMetadata)(statement, credentialPublicKey, x5c);
         }
         catch (err) {
             const _err = err;
@@ -92,7 +67,7 @@ async function verifyAttestationAndroidKey(options) {
     else {
         try {
             // Try validating the certificate path using the root certificates set via SettingsService
-            await (0, validateCertificatePath_1.default)(x5c.map(convertCertBufferToPEM_1.default), rootCertificates);
+            await (0, validateCertificatePath_1.validateCertificatePath)(x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM), rootCertificates);
         }
         catch (err) {
             const _err = err;
@@ -100,9 +75,9 @@ async function verifyAttestationAndroidKey(options) {
         }
     }
     const signatureBase = Buffer.concat([authData, clientDataHash]);
-    const leafCertPEM = (0, convertCertBufferToPEM_1.default)(x5c[0]);
+    const leafCertPEM = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(x5c[0]);
     const hashAlg = convertCOSEtoPKCS_1.COSEALGHASH[alg];
-    return (0, verifySignature_1.default)(sig, signatureBase, leafCertPEM, hashAlg);
+    return (0, verifySignature_1.verifySignature)(sig, signatureBase, leafCertPEM, hashAlg);
 }
-exports.default = verifyAttestationAndroidKey;
-//# sourceMappingURL=verifyAndroidKey.js.map
+exports.verifyAttestationAndroidKey = verifyAttestationAndroidKey;
+//# sourceMappingURL=verifyAttestationAndroidKey.js.map

package/dist/registration/verifications/verifyAttestationAndroidKey.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifyAttestationAndroidKey.js","sourceRoot":"","sources":["../../../src/registration/verifications/verifyAttestationAndroidKey.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAAkD;AAClD,yDAA8E;AAI9E,iFAA8E;AAC9E,mFAAgF;AAChF,mEAAgE;AAChE,uEAAiF;AACjF,oEAAiE;AACjE,gGAA6F;AAE7F;;GAEG;AACI,KAAK,UAAU,2BAA2B,CAC/C,OAAsC;;IAEtC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,GACxF,OAAO,CAAC;IACV,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAElC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;KAC9F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;KAC5F;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;KAC3E;IAED,uFAAuF;IACvF,kDAAkD;IAClD,MAAM,UAAU,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,uBAAW,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,UAAU,CAAC,cAAc,CAAC,oBAAoB,CAAC,gBAAgB,CAChE,CAAC;IAEF,0CAA0C;IAC1C,MAAM,cAAc,GAAG,IAAA,qCAAiB,EAAC,mBAAmB,CAAC,CAAC;IAE9D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;QAC5C,MAAM,IAAI,KAAK,CAAC,wEAAwE,CAAC,CAAC;KAC3F;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,cAAc,CAAC,UAAU,0CAAE,IAAI,CAC5D,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,mCAAoB,CAC3C,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;KACzE;IAED,MAAM,iBAAiB,GAAG,uBAAS,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,EAAE,6BAAc,CAAC,CAAC;IAEjF,4BAA4B;IAC5B,MAAM,EAAE,oBAAoB,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,iBAAiB,CAAC;IAElF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE;QACpE,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;KACzF;IAED,4FAA4F;IAC5F,aAAa;IACb,IAAI,WAAW,CAAC,eAAe,KAAK,SAAS,EAAE;QAC7C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,IAAI,gBAAgB,CAAC,eAAe,KAAK,SAAS,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;KACnF;IAED,MAAM,SAAS,GAAG,MAAM,iCAAe,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,SAAS,EAAE;QACb,IAAI;YACF,MAAM,IAAA,6DAA6B,EAAC,SAAS,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC;SAC1E;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;SAAM;QACL,IAAI;YACF,0FAA0F;YAC1F,MAAM,IAAA,iDAAuB,EAAC,GAAG,CAAC,GAAG,CAAC,+CAAsB,CAAC,EAAE,gBAAgB,CAAC,CAAC;SAClF;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,GAAG,GAAY,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,eAAe,CAAC,CAAC;SACjD;KACF;IAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,IAAA,+CAAsB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,+BAAW,CAAC,GAAa,CAAC,CAAC;IAE3C,OAAO,IAAA,iCAAe,EAAC,GAAG,EAAE,aAAa,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AACnE,CAAC;AApFD,kEAoFC"}

package/dist/registration/verifications/{verifyAndroidSafetyNet.d.ts → verifyAttestationAndroidSafetyNet.d.ts}

@@ -2,4 +2,4 @@ import type { AttestationFormatVerifierOpts } from '../verifyRegistrationRespons
 /**
  * Verify an attestation response with fmt 'android-safetynet'
  */
-export default function verifyAttestationAndroidSafetyNet(options: AttestationFormatVerifierOpts): Promise<boolean>;
+export declare function verifyAttestationAndroidSafetyNet(options: AttestationFormatVerifierOpts): Promise<boolean>;