@simplewebauthn/server 5.3.0 → 5.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/authentication/generateAuthenticationOptions.d.ts +1 -1
- package/dist/authentication/generateAuthenticationOptions.js +4 -3
- package/dist/authentication/generateAuthenticationOptions.js.map +1 -1
- package/dist/authentication/verifyAuthenticationResponse.d.ts +5 -1
- package/dist/authentication/verifyAuthenticationResponse.js +19 -17
- package/dist/authentication/verifyAuthenticationResponse.js.map +1 -1
- package/dist/helpers/convertAAGUIDToString.d.ts +1 -1
- package/dist/helpers/convertAAGUIDToString.js +2 -1
- package/dist/helpers/convertAAGUIDToString.js.map +1 -1
- package/dist/helpers/convertCOSEtoPKCS.d.ts +1 -1
- package/dist/helpers/convertCOSEtoPKCS.js +2 -2
- package/dist/helpers/convertCOSEtoPKCS.js.map +1 -1
- package/dist/helpers/convertCertBufferToPEM.d.ts +1 -1
- package/dist/helpers/convertCertBufferToPEM.js +2 -1
- package/dist/helpers/convertCertBufferToPEM.js.map +1 -1
- package/dist/helpers/convertPublicKeyToPEM.d.ts +1 -1
- package/dist/helpers/convertPublicKeyToPEM.js +2 -1
- package/dist/helpers/convertPublicKeyToPEM.js.map +1 -1
- package/dist/helpers/decodeAttestationObject.d.ts +1 -1
- package/dist/helpers/decodeAttestationObject.js +2 -1
- package/dist/helpers/decodeAttestationObject.js.map +1 -1
- package/dist/helpers/decodeAuthenticatorExtensions.d.ts +20 -0
- package/dist/helpers/decodeAuthenticatorExtensions.js +25 -0
- package/dist/helpers/decodeAuthenticatorExtensions.js.map +1 -0
- package/dist/helpers/decodeClientDataJSON.d.ts +1 -1
- package/dist/helpers/decodeClientDataJSON.js +2 -1
- package/dist/helpers/decodeClientDataJSON.js.map +1 -1
- package/dist/helpers/decodeCredentialPublicKey.d.ts +1 -1
- package/dist/helpers/decodeCredentialPublicKey.js +2 -1
- package/dist/helpers/decodeCredentialPublicKey.js.map +1 -1
- package/dist/helpers/generateChallenge.d.ts +1 -1
- package/dist/helpers/generateChallenge.js +2 -1
- package/dist/helpers/generateChallenge.js.map +1 -1
- package/dist/helpers/getCertificateInfo.d.ts +1 -1
- package/dist/helpers/getCertificateInfo.js +2 -1
- package/dist/helpers/getCertificateInfo.js.map +1 -1
- package/dist/helpers/index.d.ts +15 -15
- package/dist/helpers/index.js +30 -33
- package/dist/helpers/index.js.map +1 -1
- package/dist/helpers/isBase64URLString.d.ts +1 -1
- package/dist/helpers/isBase64URLString.js +2 -1
- package/dist/helpers/isBase64URLString.js.map +1 -1
- package/dist/helpers/isCertRevoked.d.ts +1 -1
- package/dist/helpers/isCertRevoked.js +4 -3
- package/dist/helpers/isCertRevoked.js.map +1 -1
- package/dist/helpers/parseAuthenticatorData.d.ts +3 -1
- package/dist/helpers/parseAuthenticatorData.js +12 -7
- package/dist/helpers/parseAuthenticatorData.js.map +1 -1
- package/dist/helpers/parseBackupFlags.js.map +1 -1
- package/dist/helpers/toHash.d.ts +1 -1
- package/dist/helpers/toHash.js +2 -1
- package/dist/helpers/toHash.js.map +1 -1
- package/dist/helpers/validateCertificatePath.d.ts +1 -1
- package/dist/helpers/validateCertificatePath.js +4 -6
- package/dist/helpers/validateCertificatePath.js.map +1 -1
- package/dist/helpers/verifySignature.d.ts +1 -1
- package/dist/helpers/verifySignature.js +2 -1
- package/dist/helpers/verifySignature.js.map +1 -1
- package/dist/index.d.ts +6 -6
- package/dist/index.js +12 -15
- package/dist/index.js.map +1 -1
- package/dist/metadata/parseJWT.d.ts +1 -1
- package/dist/metadata/parseJWT.js +2 -1
- package/dist/metadata/parseJWT.js.map +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.d.ts +1 -1
- package/dist/metadata/verifyAttestationWithMetadata.js +9 -11
- package/dist/metadata/verifyAttestationWithMetadata.js.map +1 -1
- package/dist/registration/generateRegistrationOptions.d.ts +1 -1
- package/dist/registration/generateRegistrationOptions.js +4 -4
- package/dist/registration/generateRegistrationOptions.js.map +1 -1
- package/dist/registration/verifications/tpm/parseCertInfo.d.ts +1 -1
- package/dist/registration/verifications/tpm/parseCertInfo.js +2 -1
- package/dist/registration/verifications/tpm/parseCertInfo.js.map +1 -1
- package/dist/registration/verifications/tpm/parsePubArea.d.ts +1 -1
- package/dist/registration/verifications/tpm/parsePubArea.js +2 -1
- package/dist/registration/verifications/tpm/parsePubArea.js.map +1 -1
- package/dist/registration/verifications/tpm/verifyAttestationTPM.d.ts +2 -0
- package/dist/registration/verifications/tpm/{verifyTPM.js → verifyAttestationTPM.js} +25 -27
- package/dist/registration/verifications/tpm/verifyAttestationTPM.js.map +1 -0
- package/dist/registration/verifications/{verifyAndroidKey.d.ts → verifyAttestationAndroidKey.d.ts} +1 -1
- package/dist/registration/verifications/{verifyAndroidKey.js → verifyAttestationAndroidKey.js} +15 -40
- package/dist/registration/verifications/verifyAttestationAndroidKey.js.map +1 -0
- package/dist/registration/verifications/{verifyAndroidSafetyNet.d.ts → verifyAttestationAndroidSafetyNet.d.ts} +1 -1
- package/dist/registration/verifications/{verifyAndroidSafetyNet.js → verifyAttestationAndroidSafetyNet.js} +17 -16
- package/dist/registration/verifications/verifyAttestationAndroidSafetyNet.js.map +1 -0
- package/dist/registration/verifications/verifyAttestationApple.d.ts +2 -0
- package/dist/registration/verifications/{verifyApple.js → verifyAttestationApple.js} +11 -13
- package/dist/registration/verifications/verifyAttestationApple.js.map +1 -0
- package/dist/registration/verifications/{verifyFIDOU2F.d.ts → verifyAttestationFIDOU2F.d.ts} +1 -1
- package/dist/registration/verifications/{verifyFIDOU2F.js → verifyAttestationFIDOU2F.js} +11 -13
- package/dist/registration/verifications/verifyAttestationFIDOU2F.js.map +1 -0
- package/dist/registration/verifications/{verifyPacked.d.ts → verifyAttestationPacked.d.ts} +1 -1
- package/dist/registration/verifications/{verifyPacked.js → verifyAttestationPacked.js} +22 -44
- package/dist/registration/verifications/verifyAttestationPacked.js.map +1 -0
- package/dist/registration/verifyRegistrationResponse.d.ts +6 -2
- package/dist/registration/verifyRegistrationResponse.js +32 -30
- package/dist/registration/verifyRegistrationResponse.js.map +1 -1
- package/dist/services/metadataService.d.ts +2 -2
- package/dist/services/metadataService.js +13 -14
- package/dist/services/metadataService.js.map +1 -1
- package/dist/services/settingsService.d.ts +3 -3
- package/dist/services/settingsService.js +9 -12
- package/dist/services/settingsService.js.map +1 -1
- package/package.json +3 -3
- package/dist/registration/verifications/tpm/verifyTPM.d.ts +0 -2
- package/dist/registration/verifications/tpm/verifyTPM.js.map +0 -1
- package/dist/registration/verifications/verifyAndroidKey.js.map +0 -1
- package/dist/registration/verifications/verifyAndroidSafetyNet.js.map +0 -1
- package/dist/registration/verifications/verifyApple.d.ts +0 -2
- package/dist/registration/verifications/verifyApple.js.map +0 -1
- package/dist/registration/verifications/verifyFIDOU2F.js.map +0 -1
- package/dist/registration/verifications/verifyPacked.js.map +0 -1
|
@@ -21,4 +21,4 @@ export declare type GenerateAuthenticationOptionsOpts = {
|
|
|
21
21
|
* @param extensions Additional plugins the authenticator or browser should use during authentication
|
|
22
22
|
* @param rpID Valid domain name (after `https://`)
|
|
23
23
|
*/
|
|
24
|
-
export
|
|
24
|
+
export declare function generateAuthenticationOptions(options?: GenerateAuthenticationOptionsOpts): PublicKeyCredentialRequestOptionsJSON;
|
|
@@ -3,8 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.generateAuthenticationOptions = void 0;
|
|
6
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
7
|
-
const generateChallenge_1 =
|
|
8
|
+
const generateChallenge_1 = require("../helpers/generateChallenge");
|
|
8
9
|
/**
|
|
9
10
|
* Prepare a value to pass into navigator.credentials.get(...) for authenticator "login"
|
|
10
11
|
*
|
|
@@ -19,7 +20,7 @@ const generateChallenge_1 = __importDefault(require("../helpers/generateChalleng
|
|
|
19
20
|
* @param rpID Valid domain name (after `https://`)
|
|
20
21
|
*/
|
|
21
22
|
function generateAuthenticationOptions(options = {}) {
|
|
22
|
-
const { allowCredentials, challenge = (0, generateChallenge_1.
|
|
23
|
+
const { allowCredentials, challenge = (0, generateChallenge_1.generateChallenge)(), timeout = 60000, userVerification, extensions, rpID, } = options;
|
|
23
24
|
return {
|
|
24
25
|
challenge: base64url_1.default.encode(challenge),
|
|
25
26
|
allowCredentials: allowCredentials === null || allowCredentials === void 0 ? void 0 : allowCredentials.map(cred => ({
|
|
@@ -32,5 +33,5 @@ function generateAuthenticationOptions(options = {}) {
|
|
|
32
33
|
rpId: rpID,
|
|
33
34
|
};
|
|
34
35
|
}
|
|
35
|
-
exports.
|
|
36
|
+
exports.generateAuthenticationOptions = generateAuthenticationOptions;
|
|
36
37
|
//# sourceMappingURL=generateAuthenticationOptions.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generateAuthenticationOptions.js","sourceRoot":"","sources":["../../src/authentication/generateAuthenticationOptions.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"generateAuthenticationOptions.js","sourceRoot":"","sources":["../../src/authentication/generateAuthenticationOptions.ts"],"names":[],"mappings":";;;;;;AAMA,0DAAkC;AAElC,oEAAiE;AAWjE;;;;;;;;;;;;GAYG;AACH,SAAgB,6BAA6B,CAC3C,UAA6C,EAAE;IAE/C,MAAM,EACJ,gBAAgB,EAChB,SAAS,GAAG,IAAA,qCAAiB,GAAE,EAC/B,OAAO,GAAG,KAAK,EACf,gBAAgB,EAChB,UAAU,EACV,IAAI,GACL,GAAG,OAAO,CAAC;IAEZ,OAAO;QACL,SAAS,EAAE,mBAAS,CAAC,MAAM,CAAC,SAAS,CAAC;QACtC,gBAAgB,EAAE,gBAAgB,aAAhB,gBAAgB,uBAAhB,gBAAgB,CAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,GAAG,IAAI;YACP,EAAE,EAAE,mBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAY,CAAC;SACxC,CAAC,CAAC;QACH,OAAO;QACP,gBAAgB;QAChB,UAAU;QACV,IAAI,EAAE,IAAI;KACX,CAAC;AACJ,CAAC;AAvBD,sEAuBC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { AuthenticationCredentialJSON, AuthenticatorDevice, CredentialDeviceType } from '@simplewebauthn/typescript-types';
|
|
3
|
+
import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions';
|
|
3
4
|
export declare type VerifyAuthenticationResponseOpts = {
|
|
4
5
|
credential: AuthenticationCredentialJSON;
|
|
5
6
|
expectedChallenge: string | ((challenge: string) => boolean);
|
|
@@ -22,7 +23,7 @@ export declare type VerifyAuthenticationResponseOpts = {
|
|
|
22
23
|
* @param requireUserVerification (Optional) Enforce user verification by the authenticator
|
|
23
24
|
* (via PIN, fingerprint, etc...)
|
|
24
25
|
*/
|
|
25
|
-
export
|
|
26
|
+
export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): VerifiedAuthenticationResponse;
|
|
26
27
|
/**
|
|
27
28
|
* Result of authentication verification
|
|
28
29
|
*
|
|
@@ -38,6 +39,8 @@ export default function verifyAuthenticationResponse(options: VerifyAuthenticati
|
|
|
38
39
|
* @param authenticationInfo.credentialBackedUp Whether or not the multi-device credential has been
|
|
39
40
|
* backed up. Always `false` for single-device credentials. **Should be kept in a DB for later
|
|
40
41
|
* reference!**
|
|
42
|
+
* @param authenticationInfo?.authenticatorExtensionResults The authenticator extensions returned
|
|
43
|
+
* by the browser
|
|
41
44
|
*/
|
|
42
45
|
export declare type VerifiedAuthenticationResponse = {
|
|
43
46
|
verified: boolean;
|
|
@@ -46,5 +49,6 @@ export declare type VerifiedAuthenticationResponse = {
|
|
|
46
49
|
newCounter: number;
|
|
47
50
|
credentialDeviceType: CredentialDeviceType;
|
|
48
51
|
credentialBackedUp: boolean;
|
|
52
|
+
authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
|
|
49
53
|
};
|
|
50
54
|
};
|
|
@@ -3,13 +3,14 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.verifyAuthenticationResponse = void 0;
|
|
6
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
7
|
-
const decodeClientDataJSON_1 =
|
|
8
|
-
const toHash_1 =
|
|
9
|
-
const convertPublicKeyToPEM_1 =
|
|
10
|
-
const verifySignature_1 =
|
|
11
|
-
const parseAuthenticatorData_1 =
|
|
12
|
-
const isBase64URLString_1 =
|
|
8
|
+
const decodeClientDataJSON_1 = require("../helpers/decodeClientDataJSON");
|
|
9
|
+
const toHash_1 = require("../helpers/toHash");
|
|
10
|
+
const convertPublicKeyToPEM_1 = require("../helpers/convertPublicKeyToPEM");
|
|
11
|
+
const verifySignature_1 = require("../helpers/verifySignature");
|
|
12
|
+
const parseAuthenticatorData_1 = require("../helpers/parseAuthenticatorData");
|
|
13
|
+
const isBase64URLString_1 = require("../helpers/isBase64URLString");
|
|
13
14
|
const parseBackupFlags_1 = require("../helpers/parseBackupFlags");
|
|
14
15
|
/**
|
|
15
16
|
* Verify that the user has legitimately completed the login process
|
|
@@ -46,7 +47,7 @@ function verifyAuthenticationResponse(options) {
|
|
|
46
47
|
if (typeof (response === null || response === void 0 ? void 0 : response.clientDataJSON) !== 'string') {
|
|
47
48
|
throw new Error('Credential response clientDataJSON was not a string');
|
|
48
49
|
}
|
|
49
|
-
const clientDataJSON = (0, decodeClientDataJSON_1.
|
|
50
|
+
const clientDataJSON = (0, decodeClientDataJSON_1.decodeClientDataJSON)(response.clientDataJSON);
|
|
50
51
|
const { type, origin, challenge, tokenBinding } = clientDataJSON;
|
|
51
52
|
// Make sure we're handling an authentication
|
|
52
53
|
if (type !== 'webauthn.get') {
|
|
@@ -73,10 +74,10 @@ function verifyAuthenticationResponse(options) {
|
|
|
73
74
|
throw new Error(`Unexpected authentication response origin "${origin}", expected "${expectedOrigin}"`);
|
|
74
75
|
}
|
|
75
76
|
}
|
|
76
|
-
if (!(0, isBase64URLString_1.
|
|
77
|
+
if (!(0, isBase64URLString_1.isBase64URLString)(response.authenticatorData)) {
|
|
77
78
|
throw new Error('Credential response authenticatorData was not a base64url string');
|
|
78
79
|
}
|
|
79
|
-
if (!(0, isBase64URLString_1.
|
|
80
|
+
if (!(0, isBase64URLString_1.isBase64URLString)(response.signature)) {
|
|
80
81
|
throw new Error('Credential response signature was not a base64url string');
|
|
81
82
|
}
|
|
82
83
|
if (response.userHandle && typeof response.userHandle !== 'string') {
|
|
@@ -91,11 +92,11 @@ function verifyAuthenticationResponse(options) {
|
|
|
91
92
|
}
|
|
92
93
|
}
|
|
93
94
|
const authDataBuffer = base64url_1.default.toBuffer(response.authenticatorData);
|
|
94
|
-
const parsedAuthData = (0, parseAuthenticatorData_1.
|
|
95
|
-
const { rpIdHash, flags, counter } = parsedAuthData;
|
|
95
|
+
const parsedAuthData = (0, parseAuthenticatorData_1.parseAuthenticatorData)(authDataBuffer);
|
|
96
|
+
const { rpIdHash, flags, counter, extensionsData } = parsedAuthData;
|
|
96
97
|
// Make sure the response's RP ID is ours
|
|
97
98
|
if (typeof expectedRPID === 'string') {
|
|
98
|
-
const expectedRPIDHash = (0, toHash_1.
|
|
99
|
+
const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expectedRPID, 'ascii'));
|
|
99
100
|
if (!rpIdHash.equals(expectedRPIDHash)) {
|
|
100
101
|
throw new Error(`Unexpected RP ID hash`);
|
|
101
102
|
}
|
|
@@ -103,7 +104,7 @@ function verifyAuthenticationResponse(options) {
|
|
|
103
104
|
else {
|
|
104
105
|
// Go through each expected RP ID and try to find one that matches
|
|
105
106
|
const foundMatch = expectedRPID.some(expected => {
|
|
106
|
-
const expectedRPIDHash = (0, toHash_1.
|
|
107
|
+
const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expected, 'ascii'));
|
|
107
108
|
return rpIdHash.equals(expectedRPIDHash);
|
|
108
109
|
});
|
|
109
110
|
if (!foundMatch) {
|
|
@@ -118,9 +119,9 @@ function verifyAuthenticationResponse(options) {
|
|
|
118
119
|
if (requireUserVerification && !flags.uv) {
|
|
119
120
|
throw new Error('User verification required, but user could not be verified');
|
|
120
121
|
}
|
|
121
|
-
const clientDataHash = (0, toHash_1.
|
|
122
|
+
const clientDataHash = (0, toHash_1.toHash)(base64url_1.default.toBuffer(response.clientDataJSON));
|
|
122
123
|
const signatureBase = Buffer.concat([authDataBuffer, clientDataHash]);
|
|
123
|
-
const publicKey = (0, convertPublicKeyToPEM_1.
|
|
124
|
+
const publicKey = (0, convertPublicKeyToPEM_1.convertPublicKeyToPEM)(authenticator.credentialPublicKey);
|
|
124
125
|
const signature = base64url_1.default.toBuffer(response.signature);
|
|
125
126
|
if ((counter > 0 || authenticator.counter > 0) && counter <= authenticator.counter) {
|
|
126
127
|
// Error out when the counter in the DB is greater than or equal to the counter in the
|
|
@@ -131,15 +132,16 @@ function verifyAuthenticationResponse(options) {
|
|
|
131
132
|
}
|
|
132
133
|
const { credentialDeviceType, credentialBackedUp } = (0, parseBackupFlags_1.parseBackupFlags)(flags);
|
|
133
134
|
const toReturn = {
|
|
134
|
-
verified: (0, verifySignature_1.
|
|
135
|
+
verified: (0, verifySignature_1.verifySignature)(signature, signatureBase, publicKey),
|
|
135
136
|
authenticationInfo: {
|
|
136
137
|
newCounter: counter,
|
|
137
138
|
credentialID: authenticator.credentialID,
|
|
138
139
|
credentialDeviceType,
|
|
139
140
|
credentialBackedUp,
|
|
141
|
+
authenticatorExtensionResults: extensionsData,
|
|
140
142
|
},
|
|
141
143
|
};
|
|
142
144
|
return toReturn;
|
|
143
145
|
}
|
|
144
|
-
exports.
|
|
146
|
+
exports.verifyAuthenticationResponse = verifyAuthenticationResponse;
|
|
145
147
|
//# sourceMappingURL=verifyAuthenticationResponse.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifyAuthenticationResponse.js","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAOlC,0EAAuE;AACvE,8CAA2C;AAC3C,4EAAyE;AACzE,gEAA6D;AAC7D,8EAA2E;AAC3E,oEAAiE;AACjE,kEAA+D;AAY/D;;;;;;;;;;;;;GAaG;AACH,SAAgB,4BAA4B,CAC1C,OAAyC;IAEzC,MAAM,EACJ,UAAU,EACV,iBAAiB,EACjB,cAAc,EACd,YAAY,EACZ,aAAa,EACb,uBAAuB,GACxB,GAAG,OAAO,CAAC;IACZ,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;IAEjE,oCAAoC;IACpC,IAAI,CAAC,EAAE,EAAE;QACP,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;KAC1C;IAED,iCAAiC;IACjC,IAAI,EAAE,KAAK,KAAK,EAAE;QAChB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;KAC5D;IAED,0CAA0C;IAC1C,IAAI,cAAc,KAAK,YAAY,EAAE;QACnC,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,yBAAyB,CAAC,CAAC;KACxF;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,cAAc,CAAA,KAAK,QAAQ,EAAE;QAChD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;KACxE;IAED,MAAM,cAAc,GAAG,IAAA,2CAAoB,EAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAErE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC;IAEjE,6CAA6C;IAC7C,IAAI,IAAI,KAAK,cAAc,EAAE;QAC3B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;KACrE;IAED,sDAAsD;IACtD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CACb,iFAAiF,SAAS,GAAG,CAC9F,CAAC;SACH;KACF;SAAM,IAAI,SAAS,KAAK,iBAAiB,EAAE;QAC1C,MAAM,IAAI,KAAK,CACb,iDAAiD,SAAS,gBAAgB,iBAAiB,GAAG,CAC/F,CAAC;KACH;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;QACjC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;YACpC,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvD,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,uBAAuB,oBAAoB,EAAE,CAClG,CAAC;SACH;KACF;SAAM;QACL,IAAI,MAAM,KAAK,cAAc,EAAE;YAC7B,MAAM,IAAI,KAAK,CACb,8CAA8C,MAAM,gBAAgB,cAAc,GAAG,CACtF,CAAC;SACH;KACF;IAED,IAAI,CAAC,IAAA,qCAAiB,EAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;KACrF;IAED,IAAI,CAAC,IAAA,qCAAiB,EAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QAC1C,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;KAC7E;IAED,IAAI,QAAQ,CAAC,UAAU,IAAI,OAAO,QAAQ,CAAC,UAAU,KAAK,QAAQ,EAAE;QAClE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;KACpE;IAED,IAAI,YAAY,EAAE;QAChB,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;SAClE;QAED,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC7E,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;SAC1E;KACF;IAED,MAAM,cAAc,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IACtE,MAAM,cAAc,GAAG,IAAA,+CAAsB,EAAC,cAAc,CAAC,CAAC;IAC9D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,cAAc,CAAC;IAEpE,yCAAyC;IACzC,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;QACpC,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;SAAM;QACL,kEAAkE;QAClE,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAC9C,MAAM,gBAAgB,GAAG,IAAA,eAAM,EAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;YAChE,OAAO,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;KACF;IAED,wDAAwD;IACxD,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACb,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;KAC3D;IAED,wCAAwC;IACxC,IAAI,uBAAuB,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE;QACxC,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;KAC/E;IAED,MAAM,cAAc,GAAG,IAAA,eAAM,EAAC,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;IAC3E,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC;IAEtE,MAAM,SAAS,GAAG,IAAA,6CAAqB,EAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC;IAC3E,MAAM,SAAS,GAAG,mBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAEzD,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,aAAa,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,OAAO,IAAI,aAAa,CAAC,OAAO,EAAE;QAClF,sFAAsF;QACtF,2FAA2F;QAC3F,sFAAsF;QACtF,gDAAgD;QAChD,MAAM,IAAI,KAAK,CACb,0BAA0B,OAAO,4BAA4B,aAAa,CAAC,OAAO,EAAE,CACrF,CAAC;KACH;IAED,MAAM,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,GAAG,IAAA,mCAAgB,EAAC,KAAK,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG;QACf,QAAQ,EAAE,IAAA,iCAAe,EAAC,SAAS,EAAE,aAAa,EAAE,SAAS,CAAC;QAC9D,kBAAkB,EAAE;YAClB,UAAU,EAAE,OAAO;YACnB,YAAY,EAAE,aAAa,CAAC,YAAY;YACxC,oBAAoB;YACpB,kBAAkB;YAClB,6BAA6B,EAAE,cAAc;SAC9C;KACF,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC;AA9JD,oEA8JC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.convertAAGUIDToString = void 0;
|
|
3
4
|
/**
|
|
4
5
|
* Convert the aaguid buffer in authData into a UUID string
|
|
5
6
|
*/
|
|
@@ -16,5 +17,5 @@ function convertAAGUIDToString(aaguid) {
|
|
|
16
17
|
// Formatted: adce0002-35bc-c60a-648b-0b25f1f05503
|
|
17
18
|
return segments.join('-');
|
|
18
19
|
}
|
|
19
|
-
exports.
|
|
20
|
+
exports.convertAAGUIDToString = convertAAGUIDToString;
|
|
20
21
|
//# sourceMappingURL=convertAAGUIDToString.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convertAAGUIDToString.js","sourceRoot":"","sources":["../../src/helpers/convertAAGUIDToString.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"convertAAGUIDToString.js","sourceRoot":"","sources":["../../src/helpers/convertAAGUIDToString.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,SAAgB,qBAAqB,CAAC,MAAc;IAClD,4CAA4C;IAC5C,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEnC,MAAM,QAAQ,GAAa;QACzB,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACf,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAChB,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;QACjB,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC;QACjB,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI;KACxB,CAAC;IAEF,kDAAkD;IAClD,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAdD,sDAcC"}
|
|
@@ -4,7 +4,7 @@ import { COSEAlgorithmIdentifier } from '@simplewebauthn/typescript-types';
|
|
|
4
4
|
/**
|
|
5
5
|
* Takes COSE-encoded public key and converts it to PKCS key
|
|
6
6
|
*/
|
|
7
|
-
export
|
|
7
|
+
export declare function convertCOSEtoPKCS(cosePublicKey: Buffer): Buffer;
|
|
8
8
|
export declare type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Buffer>;
|
|
9
9
|
export declare enum COSEKEYS {
|
|
10
10
|
kty = 1,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.COSEALGHASH = exports.COSECRV = exports.COSERSASCHEME = exports.COSEKTY = exports.COSEKEYS = void 0;
|
|
3
|
+
exports.COSEALGHASH = exports.COSECRV = exports.COSERSASCHEME = exports.COSEKTY = exports.COSEKEYS = exports.convertCOSEtoPKCS = void 0;
|
|
4
4
|
const decodeCbor_1 = require("./decodeCbor");
|
|
5
5
|
/**
|
|
6
6
|
* Takes COSE-encoded public key and converts it to PKCS key
|
|
@@ -18,7 +18,7 @@ function convertCOSEtoPKCS(cosePublicKey) {
|
|
|
18
18
|
}
|
|
19
19
|
return Buffer.concat([tag, x]);
|
|
20
20
|
}
|
|
21
|
-
exports.
|
|
21
|
+
exports.convertCOSEtoPKCS = convertCOSEtoPKCS;
|
|
22
22
|
var COSEKEYS;
|
|
23
23
|
(function (COSEKEYS) {
|
|
24
24
|
COSEKEYS[COSEKEYS["kty"] = 1] = "kty";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convertCOSEtoPKCS.js","sourceRoot":"","sources":["../../src/helpers/convertCOSEtoPKCS.ts"],"names":[],"mappings":";;;AAEA,6CAA+C;AAE/C;;GAEG;AACH,
|
|
1
|
+
{"version":3,"file":"convertCOSEtoPKCS.js","sourceRoot":"","sources":["../../src/helpers/convertCOSEtoPKCS.ts"],"names":[],"mappings":";;;AAEA,6CAA+C;AAE/C;;GAEG;AACH,SAAgB,iBAAiB,CAAC,aAAqB;IACrD,MAAM,MAAM,GAAkB,IAAA,4BAAe,EAAC,aAAa,CAAC,CAAC;IAE7D,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACjC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEjC,IAAI,CAAC,CAAC,EAAE;QACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;KAClD;IAED,IAAI,CAAC,EAAE;QACL,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAW,EAAE,CAAW,CAAC,CAAC,CAAC;KACvD;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAW,CAAC,CAAC,CAAC;AAC3C,CAAC;AAhBD,8CAgBC;AAID,IAAY,QAQX;AARD,WAAY,QAAQ;IAClB,qCAAO,CAAA;IACP,qCAAO,CAAA;IACP,sCAAQ,CAAA;IACR,kCAAM,CAAA;IACN,kCAAM,CAAA;IACN,kCAAM,CAAA;IACN,kCAAM,CAAA;AACR,CAAC,EARW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAQnB;AAED,IAAY,OAIX;AAJD,WAAY,OAAO;IACjB,mCAAO,CAAA;IACP,mCAAO,CAAA;IACP,mCAAO,CAAA;AACT,CAAC,EAJW,OAAO,GAAP,eAAO,KAAP,eAAO,QAIlB;AAEY,QAAA,aAAa,GAAyC;IACjE,IAAI,EAAE,YAAY;IAClB,KAAK,EAAE,YAAY;IACnB,KAAK,EAAE,YAAY;IACnB,QAAQ,EAAE,YAAY;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,cAAc;CACvB,CAAC;AAEF,0DAA0D;AAC7C,QAAA,OAAO,GAA8B;IAChD,UAAU;IACV,CAAC,EAAE,MAAM;IACT,WAAW;IACX,CAAC,EAAE,MAAM;IACT,WAAW;IACX,CAAC,EAAE,MAAM;IACT,UAAU;IACV,CAAC,EAAE,SAAS;CACb,CAAC;AAEW,QAAA,WAAW,GAA8B;IACpD,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,QAAQ,EAAE,MAAM;IAChB,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,QAAQ;IACf,IAAI,EAAE,QAAQ;IACd,IAAI,EAAE,QAAQ;IACd,KAAK,EAAE,QAAQ;CAChB,CAAC"}
|
|
@@ -3,4 +3,4 @@ import type { Base64URLString } from '@simplewebauthn/typescript-types';
|
|
|
3
3
|
/**
|
|
4
4
|
* Convert buffer to an OpenSSL-compatible PEM text format.
|
|
5
5
|
*/
|
|
6
|
-
export
|
|
6
|
+
export declare function convertCertBufferToPEM(certBuffer: Buffer | Base64URLString): string;
|
|
@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.convertCertBufferToPEM = void 0;
|
|
6
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
7
8
|
/**
|
|
8
9
|
* Convert buffer to an OpenSSL-compatible PEM text format.
|
|
@@ -24,5 +25,5 @@ function convertCertBufferToPEM(certBuffer) {
|
|
|
24
25
|
PEMKey = `-----BEGIN CERTIFICATE-----\n${PEMKey}-----END CERTIFICATE-----\n`;
|
|
25
26
|
return PEMKey;
|
|
26
27
|
}
|
|
27
|
-
exports.
|
|
28
|
+
exports.convertCertBufferToPEM = convertCertBufferToPEM;
|
|
28
29
|
//# sourceMappingURL=convertCertBufferToPEM.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convertCertBufferToPEM.js","sourceRoot":"","sources":["../../src/helpers/convertCertBufferToPEM.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"convertCertBufferToPEM.js","sourceRoot":"","sources":["../../src/helpers/convertCertBufferToPEM.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAGlC;;GAEG;AACH,SAAgB,sBAAsB,CAAC,UAAoC;IACzE,IAAI,MAAc,CAAC;IACnB,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE;QAClC,MAAM,GAAG,mBAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;KACzC;SAAM;QACL,MAAM,GAAG,UAAU,CAAC;KACrB;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAE1C,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE;QAC1D,MAAM,KAAK,GAAG,EAAE,GAAG,CAAC,CAAC;QAErB,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC;KAC5C;IAED,MAAM,GAAG,gCAAgC,MAAM,6BAA6B,CAAC;IAE7E,OAAO,MAAM,CAAC;AAChB,CAAC;AApBD,wDAoBC"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
|
-
export
|
|
2
|
+
export declare function convertPublicKeyToPEM(publicKey: Buffer): string;
|
|
@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.convertPublicKeyToPEM = void 0;
|
|
6
7
|
const cbor_1 = __importDefault(require("cbor"));
|
|
7
8
|
const jwk_to_pem_1 = __importDefault(require("jwk-to-pem"));
|
|
8
9
|
const convertCOSEtoPKCS_1 = require("./convertCOSEtoPKCS");
|
|
@@ -59,5 +60,5 @@ function convertPublicKeyToPEM(publicKey) {
|
|
|
59
60
|
}
|
|
60
61
|
throw new Error(`Could not convert public key type ${kty} to PEM`);
|
|
61
62
|
}
|
|
62
|
-
exports.
|
|
63
|
+
exports.convertPublicKeyToPEM = convertPublicKeyToPEM;
|
|
63
64
|
//# sourceMappingURL=convertPublicKeyToPEM.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"convertPublicKeyToPEM.js","sourceRoot":"","sources":["../../src/helpers/convertPublicKeyToPEM.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"convertPublicKeyToPEM.js","sourceRoot":"","sources":["../../src/helpers/convertPublicKeyToPEM.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AACxB,4DAAkC;AAElC,2DAAiE;AAEjE,SAAgB,qBAAqB,CAAC,SAAiB;IACrD,IAAI,MAAM,CAAC;IACX,IAAI;QACF,MAAM,GAAG,cAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;KAC3C;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,IAAI,GAAG,GAAY,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,sDAAsD,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;KACvF;IAED,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;IAErC,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;KAC/C;IAED,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;QACvB,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,CAAC,GAAG,EAAE;YACR,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;SACrD;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;SACnD;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;SACnD;QAED,MAAM,KAAK,GAAG,IAAA,oBAAQ,EAAC;YACrB,GAAG,EAAE,IAAI;YACT,uCAAuC;YACvC,GAAG,EAAE,2BAAO,CAAC,GAAa,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC;YAC9C,CAAC,EAAG,CAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACnC,CAAC,EAAG,CAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC;SACpC,CAAC,CAAC;QAEH,OAAO,KAAK,CAAC;KACd;SAAM,IAAI,GAAG,KAAK,2BAAO,CAAC,GAAG,EAAE;QAC9B,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,4BAAQ,CAAC,CAAC,CAAC,CAAC;QAEjC,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;SACnD;QAED,IAAI,CAAC,CAAC,EAAE;YACN,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;SACnD;QAED,MAAM,MAAM,GAAG,IAAA,oBAAQ,EAAC;YACtB,GAAG,EAAE,KAAK;YACV,CAAC,EAAG,CAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACnC,CAAC,EAAG,CAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC;SACpC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;KACf;IAED,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,SAAS,CAAC,CAAC;AACrE,CAAC;AA/DD,sDA+DC"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
*
|
|
5
5
|
* @param base64AttestationObject Attestation Object buffer
|
|
6
6
|
*/
|
|
7
|
-
export
|
|
7
|
+
export declare function decodeAttestationObject(attestationObject: Buffer): AttestationObject;
|
|
8
8
|
export declare type AttestationFormat = 'fido-u2f' | 'packed' | 'android-safetynet' | 'android-key' | 'tpm' | 'apple' | 'none';
|
|
9
9
|
export declare type AttestationObject = {
|
|
10
10
|
fmt: AttestationFormat;
|
|
@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.decodeAttestationObject = void 0;
|
|
6
7
|
const cbor_1 = __importDefault(require("cbor"));
|
|
7
8
|
/**
|
|
8
9
|
* Convert an AttestationObject buffer to a proper object
|
|
@@ -13,5 +14,5 @@ function decodeAttestationObject(attestationObject) {
|
|
|
13
14
|
const toCBOR = cbor_1.default.decodeAllSync(attestationObject)[0];
|
|
14
15
|
return toCBOR;
|
|
15
16
|
}
|
|
16
|
-
exports.
|
|
17
|
+
exports.decodeAttestationObject = decodeAttestationObject;
|
|
17
18
|
//# sourceMappingURL=decodeAttestationObject.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decodeAttestationObject.js","sourceRoot":"","sources":["../../src/helpers/decodeAttestationObject.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"decodeAttestationObject.js","sourceRoot":"","sources":["../../src/helpers/decodeAttestationObject.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAExB;;;;GAIG;AACH,SAAgB,uBAAuB,CAAC,iBAAyB;IAC/D,MAAM,MAAM,GAAsB,cAAI,CAAC,aAAa,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3E,OAAO,MAAM,CAAC;AAChB,CAAC;AAHD,0DAGC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
/**
|
|
3
|
+
* Convert authenticator extension data buffer to a proper object
|
|
4
|
+
*
|
|
5
|
+
* @param extensionData Authenticator Extension Data buffer
|
|
6
|
+
*/
|
|
7
|
+
export declare function decodeAuthenticatorExtensions(extensionData: Buffer): AuthenticationExtensionsAuthenticatorOutputs | undefined;
|
|
8
|
+
export declare type AuthenticationExtensionsAuthenticatorOutputs = {
|
|
9
|
+
devicePublicKey?: DevicePublicKeyAuthenticatorOutput;
|
|
10
|
+
uvm?: UVMAuthenticatorOutput;
|
|
11
|
+
};
|
|
12
|
+
export declare type DevicePublicKeyAuthenticatorOutput = {
|
|
13
|
+
dpk?: Buffer;
|
|
14
|
+
scp?: Buffer;
|
|
15
|
+
sig?: string;
|
|
16
|
+
aaguid?: Buffer;
|
|
17
|
+
};
|
|
18
|
+
export declare type UVMAuthenticatorOutput = {
|
|
19
|
+
uvm?: Buffer[];
|
|
20
|
+
};
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.decodeAuthenticatorExtensions = void 0;
|
|
7
|
+
const cbor_1 = __importDefault(require("cbor"));
|
|
8
|
+
/**
|
|
9
|
+
* Convert authenticator extension data buffer to a proper object
|
|
10
|
+
*
|
|
11
|
+
* @param extensionData Authenticator Extension Data buffer
|
|
12
|
+
*/
|
|
13
|
+
function decodeAuthenticatorExtensions(extensionData) {
|
|
14
|
+
let toCBOR;
|
|
15
|
+
try {
|
|
16
|
+
toCBOR = cbor_1.default.decodeAllSync(extensionData)[0];
|
|
17
|
+
}
|
|
18
|
+
catch (err) {
|
|
19
|
+
const _err = err;
|
|
20
|
+
throw new Error(`Error decoding authenticator extensions: ${_err.message}`);
|
|
21
|
+
}
|
|
22
|
+
return toCBOR;
|
|
23
|
+
}
|
|
24
|
+
exports.decodeAuthenticatorExtensions = decodeAuthenticatorExtensions;
|
|
25
|
+
//# sourceMappingURL=decodeAuthenticatorExtensions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decodeAuthenticatorExtensions.js","sourceRoot":"","sources":["../../src/helpers/decodeAuthenticatorExtensions.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAExB;;;;GAIG;AACH,SAAgB,6BAA6B,CAC3C,aAAqB;IAErB,IAAI,MAAgE,CAAC;IACrE,IAAI;QACF,MAAM,GAAG,cAAI,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;KAC/C;IAAC,OAAO,GAAG,EAAE;QACZ,MAAM,IAAI,GAAG,GAAY,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;KAC7E;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAXD,sEAWC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Decode an authenticator's base64url-encoded clientDataJSON to JSON
|
|
3
3
|
*/
|
|
4
|
-
export
|
|
4
|
+
export declare function decodeClientDataJSON(data: string): ClientDataJSON;
|
|
5
5
|
export declare type ClientDataJSON = {
|
|
6
6
|
type: string;
|
|
7
7
|
challenge: string;
|
|
@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.decodeClientDataJSON = void 0;
|
|
6
7
|
const base64url_1 = __importDefault(require("base64url"));
|
|
7
8
|
/**
|
|
8
9
|
* Decode an authenticator's base64url-encoded clientDataJSON to JSON
|
|
@@ -12,5 +13,5 @@ function decodeClientDataJSON(data) {
|
|
|
12
13
|
const clientData = JSON.parse(toString);
|
|
13
14
|
return clientData;
|
|
14
15
|
}
|
|
15
|
-
exports.
|
|
16
|
+
exports.decodeClientDataJSON = decodeClientDataJSON;
|
|
16
17
|
//# sourceMappingURL=decodeClientDataJSON.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decodeClientDataJSON.js","sourceRoot":"","sources":["../../src/helpers/decodeClientDataJSON.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"decodeClientDataJSON.js","sourceRoot":"","sources":["../../src/helpers/decodeClientDataJSON.ts"],"names":[],"mappings":";;;;;;AAAA,0DAAkC;AAElC;;GAEG;AACH,SAAgB,oBAAoB,CAAC,IAAY;IAC/C,MAAM,QAAQ,GAAG,mBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,UAAU,GAAmB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAExD,OAAO,UAAU,CAAC;AACpB,CAAC;AALD,oDAKC"}
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.decodeCredentialPublicKey = void 0;
|
|
3
4
|
const decodeCbor_1 = require("./decodeCbor");
|
|
4
5
|
function decodeCredentialPublicKey(publicKey) {
|
|
5
6
|
return (0, decodeCbor_1.decodeCborFirst)(publicKey);
|
|
6
7
|
}
|
|
7
|
-
exports.
|
|
8
|
+
exports.decodeCredentialPublicKey = decodeCredentialPublicKey;
|
|
8
9
|
//# sourceMappingURL=decodeCredentialPublicKey.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decodeCredentialPublicKey.js","sourceRoot":"","sources":["../../src/helpers/decodeCredentialPublicKey.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"decodeCredentialPublicKey.js","sourceRoot":"","sources":["../../src/helpers/decodeCredentialPublicKey.ts"],"names":[],"mappings":";;;AACA,6CAA+C;AAE/C,SAAgB,yBAAyB,CAAC,SAAiB;IACzD,OAAO,IAAA,4BAAe,EAAC,SAAS,CAAC,CAAC;AACpC,CAAC;AAFD,8DAEC"}
|
|
@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.generateChallenge = void 0;
|
|
6
7
|
const crypto_1 = __importDefault(require("crypto"));
|
|
7
8
|
/**
|
|
8
9
|
* Generate a suitably random value to be used as an attestation or assertion challenge
|
|
@@ -18,5 +19,5 @@ function generateChallenge() {
|
|
|
18
19
|
*/
|
|
19
20
|
return crypto_1.default.randomBytes(32);
|
|
20
21
|
}
|
|
21
|
-
exports.
|
|
22
|
+
exports.generateChallenge = generateChallenge;
|
|
22
23
|
//# sourceMappingURL=generateChallenge.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generateChallenge.js","sourceRoot":"","sources":["../../src/helpers/generateChallenge.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"generateChallenge.js","sourceRoot":"","sources":["../../src/helpers/generateChallenge.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA4B;AAE5B;;GAEG;AACH,SAAgB,iBAAiB;IAC/B;;;;;;;OAOG;IACH,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;AAChC,CAAC;AAVD,8CAUC"}
|
|
@@ -24,5 +24,5 @@ declare type Subject = {
|
|
|
24
24
|
*
|
|
25
25
|
* @param pemCertificate Result from call to `convertASN1toPEM(x5c[0])`
|
|
26
26
|
*/
|
|
27
|
-
export
|
|
27
|
+
export declare function getCertificateInfo(leafCertBuffer: Buffer): CertificateInfo;
|
|
28
28
|
export {};
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getCertificateInfo = void 0;
|
|
3
4
|
const asn1_schema_1 = require("@peculiar/asn1-schema");
|
|
4
5
|
const asn1_x509_1 = require("@peculiar/asn1-x509");
|
|
5
6
|
const issuerSubjectIDKey = {
|
|
@@ -51,5 +52,5 @@ function getCertificateInfo(leafCertBuffer) {
|
|
|
51
52
|
notAfter: parsedCert.validity.notAfter.getTime(),
|
|
52
53
|
};
|
|
53
54
|
}
|
|
54
|
-
exports.
|
|
55
|
+
exports.getCertificateInfo = getCertificateInfo;
|
|
55
56
|
//# sourceMappingURL=getCertificateInfo.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getCertificateInfo.js","sourceRoot":"","sources":["../../src/helpers/getCertificateInfo.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getCertificateInfo.js","sourceRoot":"","sources":["../../src/helpers/getCertificateInfo.ts"],"names":[],"mappings":";;;AAAA,uDAAkD;AAClD,mDAA4F;AAyB5F,MAAM,kBAAkB,GAA+C;IACrE,SAAS,EAAE,GAAG;IACd,UAAU,EAAE,GAAG;IACf,UAAU,EAAE,IAAI;IAChB,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,cAAsB;IACvD,MAAM,OAAO,GAAG,uBAAS,CAAC,KAAK,CAAC,cAAc,EAAE,uBAAW,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC;IAE1C,SAAS;IACT,MAAM,MAAM,GAAW,EAAE,CAAC;IAC1B,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE;QAClC,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,GAAG,EAAE;YACP,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;SACpC;IACH,CAAC,CAAC,CAAC;IAEH,UAAU;IACV,MAAM,OAAO,GAAY,EAAE,CAAC;IAC5B,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE;QACnC,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,GAAG,EAAE;YACP,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;SACrC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAC/B,IAAI,UAAU,CAAC,UAAU,EAAE;QACzB,sCAAsC;QACtC,KAAK,MAAM,GAAG,IAAI,UAAU,CAAC,UAAU,EAAE;YACvC,IAAI,GAAG,CAAC,MAAM,KAAK,kCAAsB,EAAE;gBACzC,MAAM,gBAAgB,GAAG,uBAAS,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,4BAAgB,CAAC,CAAC;gBAC1E,kBAAkB,GAAG,gBAAgB,CAAC,EAAE,CAAC;aAC1C;SACF;KACF;IAED,OAAO;QACL,MAAM;QACN,OAAO;QACP,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,kBAAkB;QAClB,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE;QAClD,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE;KACjD,CAAC;AACJ,CAAC;AAzCD,gDAyCC"}
|
package/dist/helpers/index.d.ts
CHANGED
|
@@ -1,19 +1,19 @@
|
|
|
1
|
-
import convertAAGUIDToString from './convertAAGUIDToString';
|
|
2
|
-
import convertCertBufferToPEM from './convertCertBufferToPEM';
|
|
3
|
-
import convertCOSEtoPKCS from './convertCOSEtoPKCS';
|
|
4
|
-
import convertPublicKeyToPEM from './convertPublicKeyToPEM';
|
|
5
|
-
import decodeAttestationObject from './decodeAttestationObject';
|
|
1
|
+
import { convertAAGUIDToString } from './convertAAGUIDToString';
|
|
2
|
+
import { convertCertBufferToPEM } from './convertCertBufferToPEM';
|
|
3
|
+
import { convertCOSEtoPKCS } from './convertCOSEtoPKCS';
|
|
4
|
+
import { convertPublicKeyToPEM } from './convertPublicKeyToPEM';
|
|
5
|
+
import { decodeAttestationObject } from './decodeAttestationObject';
|
|
6
6
|
import { decodeCborFirst } from './decodeCbor';
|
|
7
|
-
import decodeClientDataJSON from './decodeClientDataJSON';
|
|
8
|
-
import decodeCredentialPublicKey from './decodeCredentialPublicKey';
|
|
9
|
-
import generateChallenge from './generateChallenge';
|
|
10
|
-
import getCertificateInfo from './getCertificateInfo';
|
|
11
|
-
import isBase64URLString from './isBase64URLString';
|
|
12
|
-
import isCertRevoked from './isCertRevoked';
|
|
13
|
-
import parseAuthenticatorData from './parseAuthenticatorData';
|
|
14
|
-
import toHash from './toHash';
|
|
15
|
-
import validateCertificatePath from './validateCertificatePath';
|
|
16
|
-
import verifySignature from './verifySignature';
|
|
7
|
+
import { decodeClientDataJSON } from './decodeClientDataJSON';
|
|
8
|
+
import { decodeCredentialPublicKey } from './decodeCredentialPublicKey';
|
|
9
|
+
import { generateChallenge } from './generateChallenge';
|
|
10
|
+
import { getCertificateInfo } from './getCertificateInfo';
|
|
11
|
+
import { isBase64URLString } from './isBase64URLString';
|
|
12
|
+
import { isCertRevoked } from './isCertRevoked';
|
|
13
|
+
import { parseAuthenticatorData } from './parseAuthenticatorData';
|
|
14
|
+
import { toHash } from './toHash';
|
|
15
|
+
import { validateCertificatePath } from './validateCertificatePath';
|
|
16
|
+
import { verifySignature } from './verifySignature';
|
|
17
17
|
export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, convertPublicKeyToPEM, decodeAttestationObject, decodeCborFirst, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, getCertificateInfo, isBase64URLString, isCertRevoked, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, };
|
|
18
18
|
import type { AttestationFormat, AttestationObject, AttestationStatement } from './decodeAttestationObject';
|
|
19
19
|
import type { CertificateInfo } from './getCertificateInfo';
|