@simplewebauthn/server 7.4.0 → 8.0.0

package/esm/helpers/validateCertificatePath.js

@@ -0,0 +1,122 @@
+import { AsnSerializer } from '../deps.js';
+import { isCertRevoked } from './isCertRevoked.js';
+import { verifySignature } from './verifySignature.js';
+import { mapX509SignatureAlgToCOSEAlg } from './mapX509SignatureAlgToCOSEAlg.js';
+import { getCertificateInfo } from './getCertificateInfo.js';
+import { convertPEMToBytes } from './convertPEMToBytes.js';
+/**
+ * Traverse an array of PEM certificates and ensure they form a proper chain
+ * @param certificates Typically the result of `x5c.map(convertASN1toPEM)`
+ * @param rootCertificates Possible root certificates to complete the path
+ */
+export async function validateCertificatePath(certificates, rootCertificates = []) {
+    if (rootCertificates.length === 0) {
+        // We have no root certs with which to create a full path, so skip path validation
+        // TODO: Is this going to be acceptable default behavior??
+        return true;
+    }
+    let invalidSubjectAndIssuerError = false;
+    let certificateNotYetValidOrExpiredErrorMessage = undefined;
+    for (const rootCert of rootCertificates) {
+        try {
+            const certsWithRoot = certificates.concat([rootCert]);
+            await _validatePath(certsWithRoot);
+            // If we successfully validated a path then there's no need to continue. Reset any existing
+            // errors that were thrown by earlier root certificates
+            invalidSubjectAndIssuerError = false;
+            certificateNotYetValidOrExpiredErrorMessage = undefined;
+            break;
+        }
+        catch (err) {
+            if (err instanceof InvalidSubjectAndIssuer) {
+                invalidSubjectAndIssuerError = true;
+            }
+            else if (err instanceof CertificateNotYetValidOrExpired) {
+                certificateNotYetValidOrExpiredErrorMessage = err.message;
+            }
+            else {
+                throw err;
+            }
+        }
+    }
+    // We tried multiple root certs and none of them worked
+    if (invalidSubjectAndIssuerError) {
+        throw new InvalidSubjectAndIssuer();
+    }
+    else if (certificateNotYetValidOrExpiredErrorMessage) {
+        throw new CertificateNotYetValidOrExpired(certificateNotYetValidOrExpiredErrorMessage);
+    }
+    return true;
+}
+async function _validatePath(certificates) {
+    if (new Set(certificates).size !== certificates.length) {
+        throw new Error('Invalid certificate path: found duplicate certificates');
+    }
+    // From leaf to root, make sure each cert is issued by the next certificate in the chain
+    for (let i = 0; i < certificates.length; i += 1) {
+        const subjectPem = certificates[i];
+        const isLeafCert = i === 0;
+        const isRootCert = i + 1 >= certificates.length;
+        let issuerPem = '';
+        if (isRootCert) {
+            issuerPem = subjectPem;
+        }
+        else {
+            issuerPem = certificates[i + 1];
+        }
+        const subjectInfo = getCertificateInfo(convertPEMToBytes(subjectPem));
+        const issuerInfo = getCertificateInfo(convertPEMToBytes(issuerPem));
+        const x509Subject = subjectInfo.parsedCertificate;
+        // Check for certificate revocation
+        const subjectCertRevoked = await isCertRevoked(x509Subject);
+        if (subjectCertRevoked) {
+            throw new Error(`Found revoked certificate in certificate path`);
+        }
+        // Check that intermediate certificate is within its valid time window
+        const { notBefore, notAfter } = issuerInfo;
+        const now = new Date(Date.now());
+        if (notBefore > now || notAfter < now) {
+            if (isLeafCert) {
+                throw new CertificateNotYetValidOrExpired(`Leaf certificate is not yet valid or expired: ${issuerPem}`);
+            }
+            else if (isRootCert) {
+                throw new CertificateNotYetValidOrExpired(`Root certificate is not yet valid or expired: ${issuerPem}`);
+            }
+            else {
+                throw new CertificateNotYetValidOrExpired(`Intermediate certificate is not yet valid or expired: ${issuerPem}`);
+            }
+        }
+        if (subjectInfo.issuer.combined !== issuerInfo.subject.combined) {
+            throw new InvalidSubjectAndIssuer();
+        }
+        // Verify the subject certificate's signature with the issuer cert's public key
+        const data = AsnSerializer.serialize(x509Subject.tbsCertificate);
+        const signature = x509Subject.signatureValue;
+        const signatureAlgorithm = mapX509SignatureAlgToCOSEAlg(x509Subject.signatureAlgorithm.algorithm);
+        const issuerCertBytes = convertPEMToBytes(issuerPem);
+        const verified = await verifySignature({
+            data: new Uint8Array(data),
+            signature: new Uint8Array(signature),
+            x509Certificate: issuerCertBytes,
+            hashAlgorithm: signatureAlgorithm,
+        });
+        if (!verified) {
+            throw new Error('Invalid certificate path: invalid signature');
+        }
+    }
+    return true;
+}
+// Custom errors to help pass on certain errors
+class InvalidSubjectAndIssuer extends Error {
+    constructor() {
+        const message = 'Subject issuer did not match issuer subject';
+        super(message);
+        this.name = 'InvalidSubjectAndIssuer';
+    }
+}
+class CertificateNotYetValidOrExpired extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'CertificateNotYetValidOrExpired';
+    }
+}

package/{dist → esm}/helpers/verifySignature.d.ts

@@ -1,4 +1,4 @@
-import { COSEALG } from './cose';
+import { COSEALG } from './cose.js';
 /**
  * Verify an authenticator's signature
  */
@@ -9,3 +9,6 @@ export declare function verifySignature(opts: {
     x509Certificate?: Uint8Array;
     hashAlgorithm?: COSEALG;
 }): Promise<boolean>;
+export declare const _verifySignatureInternals: {
+    stubThis: (value: Promise<boolean>) => Promise<boolean>;
+};

package/esm/helpers/verifySignature.js

@@ -0,0 +1,32 @@
+import { isoCrypto } from './iso/index.js';
+import { decodeCredentialPublicKey } from './decodeCredentialPublicKey.js';
+import { convertX509PublicKeyToCOSE } from './convertX509PublicKeyToCOSE.js';
+/**
+ * Verify an authenticator's signature
+ */
+export function verifySignature(opts) {
+    const { signature, data, credentialPublicKey, x509Certificate, hashAlgorithm, } = opts;
+    if (!x509Certificate && !credentialPublicKey) {
+        throw new Error('Must declare either "leafCert" or "credentialPublicKey"');
+    }
+    if (x509Certificate && credentialPublicKey) {
+        throw new Error('Must not declare both "leafCert" and "credentialPublicKey"');
+    }
+    let cosePublicKey = new Map();
+    if (credentialPublicKey) {
+        cosePublicKey = decodeCredentialPublicKey(credentialPublicKey);
+    }
+    else if (x509Certificate) {
+        cosePublicKey = convertX509PublicKeyToCOSE(x509Certificate);
+    }
+    return _verifySignatureInternals.stubThis(isoCrypto.verify({
+        cosePublicKey,
+        signature,
+        data,
+        shaHashOverride: hashAlgorithm,
+    }));
+}
+// Make it possible to stub the return value during testing
+export const _verifySignatureInternals = {
+    stubThis: (value) => value,
+};

package/esm/index.d.ts

@@ -0,0 +1,17 @@
+/**
+ * @packageDocumentation
+ * @module @simplewebauthn/server
+ */
+import { generateRegistrationOptions } from './registration/generateRegistrationOptions.js';
+import { verifyRegistrationResponse } from './registration/verifyRegistrationResponse.js';
+import { generateAuthenticationOptions } from './authentication/generateAuthenticationOptions.js';
+import { verifyAuthenticationResponse } from './authentication/verifyAuthenticationResponse.js';
+import { MetadataService } from './services/metadataService.js';
+import { SettingsService } from './services/settingsService.js';
+export { generateAuthenticationOptions, generateRegistrationOptions, MetadataService, SettingsService, verifyAuthenticationResponse, verifyRegistrationResponse, };
+import type { GenerateRegistrationOptionsOpts } from './registration/generateRegistrationOptions.js';
+import type { GenerateAuthenticationOptionsOpts } from './authentication/generateAuthenticationOptions.js';
+import type { MetadataStatement } from './metadata/mdsTypes.js';
+import type { VerifiedRegistrationResponse, VerifyRegistrationResponseOpts } from './registration/verifyRegistrationResponse.js';
+import type { VerifiedAuthenticationResponse, VerifyAuthenticationResponseOpts } from './authentication/verifyAuthenticationResponse.js';
+export type { GenerateAuthenticationOptionsOpts, GenerateRegistrationOptionsOpts, MetadataStatement, VerifiedAuthenticationResponse, VerifiedRegistrationResponse, VerifyAuthenticationResponseOpts, VerifyRegistrationResponseOpts, };

package/esm/index.js

@@ -0,0 +1,11 @@
+/**
+ * @packageDocumentation
+ * @module @simplewebauthn/server
+ */
+import { generateRegistrationOptions } from './registration/generateRegistrationOptions.js';
+import { verifyRegistrationResponse } from './registration/verifyRegistrationResponse.js';
+import { generateAuthenticationOptions } from './authentication/generateAuthenticationOptions.js';
+import { verifyAuthenticationResponse } from './authentication/verifyAuthenticationResponse.js';
+import { MetadataService } from './services/metadataService.js';
+import { SettingsService } from './services/settingsService.js';
+export { generateAuthenticationOptions, generateRegistrationOptions, MetadataService, SettingsService, verifyAuthenticationResponse, verifyRegistrationResponse, };

package/{dist → esm}/metadata/mdsTypes.d.ts

@@ -1,4 +1,4 @@
-import { Base64URLString } from '@simplewebauthn/typescript-types';
+import type { Base64URLString } from '../deps.js';
 /**
  * Metadata Service structures
  * https://fidoalliance.org/specs/mds/fido-metadata-service-v3.0-ps-20210518.html

package/esm/metadata/mdsTypes.js

@@ -0,0 +1,17 @@
+const AlgSign = [
+    'secp256r1_ecdsa_sha256_raw',
+    'secp256r1_ecdsa_sha256_der',
+    'rsassa_pss_sha256_raw',
+    'rsassa_pss_sha256_der',
+    'secp256k1_ecdsa_sha256_raw',
+    'secp256k1_ecdsa_sha256_der',
+    'rsassa_pss_sha384_raw',
+    'rsassa_pkcsv15_sha256_raw',
+    'rsassa_pkcsv15_sha384_raw',
+    'rsassa_pkcsv15_sha512_raw',
+    'rsassa_pkcsv15_sha1_raw',
+    'secp384r1_ecdsa_sha384_raw',
+    'secp512r1_ecdsa_sha256_raw',
+    'ed25519_eddsa_sha512_raw',
+];
+export {};

package/esm/metadata/parseJWT.js

@@ -0,0 +1,12 @@
+import { isoBase64URL } from '../helpers/iso/index.js';
+/**
+ * Process a JWT into Javascript-friendly data structures
+ */
+export function parseJWT(jwt) {
+    const parts = jwt.split('.');
+    return [
+        JSON.parse(isoBase64URL.toString(parts[0])),
+        JSON.parse(isoBase64URL.toString(parts[1])),
+        parts[2],
+    ];
+}

package/{dist → esm}/metadata/verifyAttestationWithMetadata.d.ts

@@ -1,6 +1,6 @@
-import { Base64URLString } from '@simplewebauthn/typescript-types';
-import type { MetadataStatement, AlgSign } from '../metadata/mdsTypes';
-import { COSEALG, COSECRV, COSEKTY } from '../helpers/cose';
+import type { Base64URLString } from '../deps.js';
+import type { AlgSign, MetadataStatement } from './mdsTypes.js';
+import { COSEALG, COSECRV, COSEKTY } from '../helpers/cose.js';
 /**
  * Match properties of the authenticator's attestation statement against expected values as
  * registered with the FIDO Alliance Metadata Service

package/esm/metadata/verifyAttestationWithMetadata.js

@@ -0,0 +1,159 @@
+import { convertCertBufferToPEM } from '../helpers/convertCertBufferToPEM.js';
+import { validateCertificatePath } from '../helpers/validateCertificatePath.js';
+import { decodeCredentialPublicKey } from '../helpers/decodeCredentialPublicKey.js';
+import { COSEKEYS, COSEKTY, isCOSEPublicKeyEC2 } from '../helpers/cose.js';
+/**
+ * Match properties of the authenticator's attestation statement against expected values as
+ * registered with the FIDO Alliance Metadata Service
+ */
+export async function verifyAttestationWithMetadata({ statement, credentialPublicKey, x5c, attestationStatementAlg, }) {
+    const { authenticationAlgorithms, authenticatorGetInfo, attestationRootCertificates, } = statement;
+    // Make sure the alg in the attestation statement matches one of the ones specified in metadata
+    const keypairCOSEAlgs = new Set();
+    authenticationAlgorithms.forEach((algSign) => {
+        // Map algSign string to { kty, alg, crv }
+        const algSignCOSEINFO = algSignToCOSEInfoMap[algSign];
+        // Keeping this statement here just in case MDS returns something unexpected
+        if (algSignCOSEINFO) {
+            keypairCOSEAlgs.add(algSignCOSEINFO);
+        }
+    });
+    // Extract the public key's COSE info for comparison
+    const decodedPublicKey = decodeCredentialPublicKey(credentialPublicKey);
+    const kty = decodedPublicKey.get(COSEKEYS.kty);
+    const alg = decodedPublicKey.get(COSEKEYS.alg);
+    if (!kty) {
+        throw new Error('Credential public key was missing kty');
+    }
+    if (!alg) {
+        throw new Error('Credential public key was missing alg');
+    }
+    if (!kty) {
+        throw new Error('Credential public key was missing kty');
+    }
+    // Assume everything is a number because these values should be
+    const publicKeyCOSEInfo = { kty, alg };
+    if (isCOSEPublicKeyEC2(decodedPublicKey)) {
+        const crv = decodedPublicKey.get(COSEKEYS.crv);
+        publicKeyCOSEInfo.crv = crv;
+    }
+    /**
+     * Attempt to match the credential public key's algorithm to one specified in the device's
+     * metadata
+     */
+    let foundMatch = false;
+    for (const keypairAlg of keypairCOSEAlgs) {
+        // Make sure algorithm and key type match
+        if (keypairAlg.alg === publicKeyCOSEInfo.alg &&
+            keypairAlg.kty === publicKeyCOSEInfo.kty) {
+            // If not an RSA keypair then make sure curve numbers match too
+            if ((keypairAlg.kty === COSEKTY.EC2 || keypairAlg.kty === COSEKTY.OKP) &&
+                keypairAlg.crv === publicKeyCOSEInfo.crv) {
+                foundMatch = true;
+            }
+            else {
+                // We've matched an RSA public key's properties
+                foundMatch = true;
+            }
+        }
+        if (foundMatch) {
+            break;
+        }
+    }
+    // Make sure the public key is one of the allowed algorithms
+    if (!foundMatch) {
+        /**
+         * Craft some useful error output from the MDS algorithms
+         *
+         * Example:
+         *
+         * ```
+         * [
+         *   'rsassa_pss_sha256_raw' (COSE info: { kty: 3, alg: -37 }),
+         *   'secp256k1_ecdsa_sha256_raw' (COSE info: { kty: 2, alg: -47, crv: 8 })
+         * ]
+         * ```
+         */
+        const debugMDSAlgs = authenticationAlgorithms.map((algSign) => `'${algSign}' (COSE info: ${stringifyCOSEInfo(algSignToCOSEInfoMap[algSign])})`);
+        const strMDSAlgs = JSON.stringify(debugMDSAlgs, null, 2).replace(/"/g, '');
+        /**
+         * Construct useful error output about the public key
+         */
+        const strPubKeyAlg = stringifyCOSEInfo(publicKeyCOSEInfo);
+        throw new Error(`Public key parameters ${strPubKeyAlg} did not match any of the following metadata algorithms:\n${strMDSAlgs}`);
+    }
+    /**
+     * Confirm the attestation statement's algorithm is one supported according to metadata
+     */
+    if (attestationStatementAlg !== undefined &&
+        authenticatorGetInfo?.algorithms !== undefined) {
+        const getInfoAlgs = authenticatorGetInfo.algorithms.map((_alg) => _alg.alg);
+        if (getInfoAlgs.indexOf(attestationStatementAlg) < 0) {
+            throw new Error(`Attestation statement alg ${attestationStatementAlg} did not match one of ${getInfoAlgs}`);
+        }
+    }
+    // Prepare to check the certificate chain
+    const authenticatorCerts = x5c.map(convertCertBufferToPEM);
+    const statementRootCerts = attestationRootCertificates.map(convertCertBufferToPEM);
+    /**
+     * If an authenticator returns exactly one certificate in its x5c, and that cert is found in the
+     * metadata statement then the authenticator is "self-referencing". In this case we forego
+     * certificate chain validation.
+     */
+    let authenticatorIsSelfReferencing = false;
+    if (authenticatorCerts.length === 1 &&
+        statementRootCerts.indexOf(authenticatorCerts[0]) >= 0) {
+        authenticatorIsSelfReferencing = true;
+    }
+    if (!authenticatorIsSelfReferencing) {
+        try {
+            await validateCertificatePath(authenticatorCerts, statementRootCerts);
+        }
+        catch (err) {
+            const _err = err;
+            throw new Error(`Could not validate certificate path with any metadata root certificates: ${_err.message}`);
+        }
+    }
+    return true;
+}
+/**
+ * Convert ALG_SIGN values to COSE info
+ *
+ * Values pulled from `ALG_KEY_COSE` definitions in the FIDO Registry of Predefined Values
+ *
+ * https://fidoalliance.org/specs/common-specs/fido-registry-v2.2-ps-20220523.html#authentication-algorithms
+ */
+export const algSignToCOSEInfoMap = {
+    secp256r1_ecdsa_sha256_raw: { kty: 2, alg: -7, crv: 1 },
+    secp256r1_ecdsa_sha256_der: { kty: 2, alg: -7, crv: 1 },
+    rsassa_pss_sha256_raw: { kty: 3, alg: -37 },
+    rsassa_pss_sha256_der: { kty: 3, alg: -37 },
+    secp256k1_ecdsa_sha256_raw: { kty: 2, alg: -47, crv: 8 },
+    secp256k1_ecdsa_sha256_der: { kty: 2, alg: -47, crv: 8 },
+    rsassa_pss_sha384_raw: { kty: 3, alg: -38 },
+    rsassa_pkcsv15_sha256_raw: { kty: 3, alg: -257 },
+    rsassa_pkcsv15_sha384_raw: { kty: 3, alg: -258 },
+    rsassa_pkcsv15_sha512_raw: { kty: 3, alg: -259 },
+    rsassa_pkcsv15_sha1_raw: { kty: 3, alg: -65535 },
+    secp384r1_ecdsa_sha384_raw: { kty: 2, alg: -35, crv: 2 },
+    secp512r1_ecdsa_sha256_raw: { kty: 2, alg: -36, crv: 3 },
+    ed25519_eddsa_sha512_raw: { kty: 1, alg: -8, crv: 6 },
+};
+/**
+ * A helper to format COSEInfo a little nicer than we can achieve with JSON.stringify()
+ *
+ * Input: `{ "kty": 3, "alg": -257 }`
+ *
+ * Output: `"{ kty: 3, alg: -257 }"`
+ */
+function stringifyCOSEInfo(info) {
+    const { kty, alg, crv } = info;
+    let toReturn = '';
+    if (kty !== COSEKTY.RSA) {
+        toReturn = `{ kty: ${kty}, alg: ${alg}, crv: ${crv} }`;
+    }
+    else {
+        toReturn = `{ kty: ${kty}, alg: ${alg} }`;
+    }
+    return toReturn;
+}

package/esm/metadata/verifyJWT.js

@@ -0,0 +1,37 @@
+import { convertX509PublicKeyToCOSE } from '../helpers/convertX509PublicKeyToCOSE.js';
+import { isoBase64URL, isoUint8Array } from '../helpers/iso/index.js';
+import { COSEALG, COSEKEYS, isCOSEPublicKeyEC2, isCOSEPublicKeyRSA } from '../helpers/cose.js';
+import { verifyEC2 } from '../helpers/iso/isoCrypto/verifyEC2.js';
+import { verifyRSA } from '../helpers/iso/isoCrypto/verifyRSA.js';
+/**
+ * Lightweight verification for FIDO MDS JWTs. Supports use of EC2 and RSA.
+ *
+ * If this ever needs to support more JWS algorithms, here's the list of them:
+ *
+ * https://www.rfc-editor.org/rfc/rfc7518.html#section-3.1
+ *
+ * (Pulled from https://www.rfc-editor.org/rfc/rfc7515#section-4.1.1)
+ */
+export function verifyJWT(jwt, leafCert) {
+    const [header, payload, signature] = jwt.split('.');
+    const certCOSE = convertX509PublicKeyToCOSE(leafCert);
+    const data = isoUint8Array.fromUTF8String(`${header}.${payload}`);
+    const signatureBytes = isoBase64URL.toBuffer(signature);
+    if (isCOSEPublicKeyEC2(certCOSE)) {
+        return verifyEC2({
+            data,
+            signature: signatureBytes,
+            cosePublicKey: certCOSE,
+            shaHashOverride: COSEALG.ES256,
+        });
+    }
+    else if (isCOSEPublicKeyRSA(certCOSE)) {
+        return verifyRSA({
+            data,
+            signature: signatureBytes,
+            cosePublicKey: certCOSE,
+        });
+    }
+    const kty = certCOSE.get(COSEKEYS.kty);
+    throw new Error(`JWT verification with public key of kty ${kty} is not supported by this method`);
+}

package/esm/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}

package/{dist → esm}/registration/generateRegistrationOptions.d.ts

@@ -1,4 +1,4 @@
-import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture } from '@simplewebauthn/typescript-types';
+import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture } from '../deps.js';
 export type GenerateRegistrationOptionsOpts = {
     rpName: string;
     rpID: string;
@@ -40,4 +40,4 @@ export declare const supportedCOSEAlgorithmIdentifiers: COSEAlgorithmIdentifier[
  * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for
  * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
  */
-export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): PublicKeyCredentialCreationOptionsJSON;
+export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<PublicKeyCredentialCreationOptionsJSON>;

package/esm/registration/generateRegistrationOptions.js

@@ -0,0 +1,142 @@
+import { generateChallenge } from '../helpers/generateChallenge.js';
+import { isoBase64URL, isoUint8Array } from '../helpers/iso/index.js';
+/**
+ * Supported crypto algo identifiers
+ * See https://w3c.github.io/webauthn/#sctn-alg-identifier
+ * and https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ */
+export const supportedCOSEAlgorithmIdentifiers = [
+    // EdDSA (In first position to encourage authenticators to use this over ES256)
+    -8,
+    // ECDSA w/ SHA-256
+    -7,
+    // ECDSA w/ SHA-512
+    -36,
+    // RSASSA-PSS w/ SHA-256
+    -37,
+    // RSASSA-PSS w/ SHA-384
+    -38,
+    // RSASSA-PSS w/ SHA-512
+    -39,
+    // RSASSA-PKCS1-v1_5 w/ SHA-256
+    -257,
+    // RSASSA-PKCS1-v1_5 w/ SHA-384
+    -258,
+    // RSASSA-PKCS1-v1_5 w/ SHA-512
+    -259,
+    // RSASSA-PKCS1-v1_5 w/ SHA-1 (Deprecated; here for legacy support)
+    -65535,
+];
+/**
+ * Set up some default authenticator selection options as per the latest spec:
+ * https://www.w3.org/TR/webauthn-2/#dictdef-authenticatorselectioncriteria
+ *
+ * Helps with some older platforms (e.g. Android 7.0 Nougat) that may not be aware of these
+ * defaults.
+ */
+const defaultAuthenticatorSelection = {
+    residentKey: 'preferred',
+    userVerification: 'preferred',
+};
+/**
+ * Use the most commonly-supported algorithms
+ * See the following:
+ *   - https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ *   - https://w3c.github.io/webauthn/#dom-publickeycredentialcreationoptions-pubkeycredparams
+ */
+const defaultSupportedAlgorithmIDs = [-8, -7, -257];
+/**
+ * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration"
+ *
+ * **Options:**
+ *
+ * @param rpName User-visible, "friendly" website/service name
+ * @param rpID Valid domain name (after `https://`)
+ * @param userID User's website-specific unique ID
+ * @param userName User's website-specific username (email, etc...)
+ * @param challenge Random value the authenticator needs to sign and pass back
+ * @param userDisplayName User's actual name
+ * @param timeout How long (in ms) the user can take to complete attestation
+ * @param attestationType Specific attestation statement
+ * @param excludeCredentials Authenticators registered by the user so the user can't register the
+ * same credential multiple times
+ * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that
+ * may be used
+ * @param extensions Additional plugins the authenticator or browser should use during attestation
+ * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for
+ * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ */
+export async function generateRegistrationOptions(options) {
+    const { rpName, rpID, userID, userName, challenge = await generateChallenge(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options;
+    /**
+     * Prepare pubKeyCredParams from the array of algorithm ID's
+     */
+    const pubKeyCredParams = supportedAlgorithmIDs.map((id) => ({
+        alg: id,
+        type: 'public-key',
+    }));
+    /**
+     * Capture some of the nuances of how `residentKey` and `requireResidentKey` how either is set
+     * depending on when either is defined in the options
+     */
+    if (authenticatorSelection.residentKey === undefined) {
+        /**
+         * `residentKey`: "If no value is given then the effective value is `required` if
+         * requireResidentKey is true or `discouraged` if it is false or absent."
+         *
+         * See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-residentkey
+         */
+        if (authenticatorSelection.requireResidentKey) {
+            authenticatorSelection.residentKey = 'required';
+        }
+        else {
+            /**
+             * FIDO Conformance v1.7.2 fails the first test if we do this, even though this is
+             * technically compatible with the WebAuthn L2 spec...
+             */
+            // authenticatorSelection.residentKey = 'discouraged';
+        }
+    }
+    else {
+        /**
+         * `requireResidentKey`: "Relying Parties SHOULD set it to true if, and only if, residentKey is
+         * set to "required""
+         *
+         * Spec says this property defaults to `false` so we should still be okay to assign `false` too
+         *
+         * See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey
+         */
+        authenticatorSelection.requireResidentKey = authenticatorSelection.residentKey === 'required';
+    }
+    /**
+     * Preserve ability to specify `string` values for challenges
+     */
+    let _challenge = challenge;
+    if (typeof _challenge === 'string') {
+        _challenge = isoUint8Array.fromASCIIString(_challenge);
+    }
+    return {
+        challenge: isoBase64URL.fromBuffer(_challenge),
+        rp: {
+            name: rpName,
+            id: rpID,
+        },
+        user: {
+            id: userID,
+            name: userName,
+            displayName: userDisplayName,
+        },
+        pubKeyCredParams,
+        timeout,
+        attestation: attestationType,
+        excludeCredentials: excludeCredentials.map((cred) => ({
+            ...cred,
+            id: isoBase64URL.fromBuffer(cred.id),
+        })),
+        authenticatorSelection,
+        extensions: {
+            ...extensions,
+            credProps: true,
+        },
+    };
+}