@simplewebauthn/server 9.0.3 → 10.0.1

package/esm/helpers/iso/isoCrypto/getWebCrypto.d.ts

@@ -1,11 +1,3 @@
-/// <reference types="node" />
-/// <reference types="node" />
-/// <reference types="node" />
-/// <reference types="node" />
-/// <reference types="node/crypto.js" />
-/// <reference types="node/crypto.js" />
-/// <reference types="node/stream.js" />
-/// <reference types="node/stream.js" />
 import type { Crypto } from '../../../deps.js';
 /**
  * Try to get an instance of the Crypto API from the current runtime. Should support Node,
@@ -16,287 +8,6 @@ export declare class MissingWebCrypto extends Error {
     constructor();
 }
 export declare const _getWebCryptoInternals: {
-    stubThisImportNodeCrypto: () => Promise<{
-        default: typeof import("crypto");
-        createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash;
-        createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash;
-        createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac;
-        createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac;
-        createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB;
-        createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB;
-        createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB;
-        createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB;
-        createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        generateKey(type: "hmac" | "aes", options: {
-            length: number;
-        }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void;
-        generateKey(type: "hmac" | "aes", options: {
-            length: number;
-        }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void;
-        generateKeySync(type: "hmac" | "aes", options: {
-            length: number;
-        }): import("crypto").KeyObject;
-        generateKeySync(type: "hmac" | "aes", options: {
-            length: number;
-        }): import("crypto").KeyObject;
-        createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject;
-        createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject;
-        createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject;
-        createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject;
-        createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject;
-        createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject;
-        createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject;
-        createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject;
-        createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign;
-        createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign;
-        createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify;
-        createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify;
-        createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup;
-        getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup;
-        createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup;
-        createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup;
-        pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer;
-        pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer;
-        randomBytes(size: number): Buffer;
-        randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        randomBytes(size: number): Buffer;
-        randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        pseudoRandomBytes(size: number): Buffer;
-        pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        pseudoRandomBytes(size: number): Buffer;
-        pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        randomInt(max: number): number;
-        randomInt(min: number, max: number): number;
-        randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(max: number): number;
-        randomInt(min: number, max: number): number;
-        randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
-        randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number | undefined, size?: number | undefined): T;
-        randomFillSync<T_1 extends NodeJS.ArrayBufferView>(buffer: T_1, offset?: number | undefined, size?: number | undefined): T_1;
-        randomFill<T_2 extends NodeJS.ArrayBufferView>(buffer: T_2, callback: (err: Error | null, buf: T_2) => void): void;
-        randomFill<T_3 extends NodeJS.ArrayBufferView>(buffer: T_3, offset: number, callback: (err: Error | null, buf: T_3) => void): void;
-        randomFill<T_4 extends NodeJS.ArrayBufferView>(buffer: T_4, offset: number, size: number, callback: (err: Error | null, buf: T_4) => void): void;
-        randomFill<T_5 extends NodeJS.ArrayBufferView>(buffer: T_5, callback: (err: Error | null, buf: T_5) => void): void;
-        randomFill<T_6 extends NodeJS.ArrayBufferView>(buffer: T_6, offset: number, callback: (err: Error | null, buf: T_6) => void): void;
-        randomFill<T_7 extends NodeJS.ArrayBufferView>(buffer: T_7, offset: number, size: number, callback: (err: Error | null, buf: T_7) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer;
-        scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer;
-        publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        getCiphers(): string[];
-        getCiphers(): string[];
-        getCurves(): string[];
-        getCurves(): string[];
-        getFips(): 0 | 1;
-        getFips(): 0 | 1;
-        setFips(bool: boolean): void;
-        setFips(bool: boolean): void;
-        getHashes(): string[];
-        getHashes(): string[];
-        createECDH(curveName: string): import("crypto").ECDH;
-        createECDH(curveName: string): import("crypto").ECDH;
-        timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
-        timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPair: typeof import("crypto").generateKeyPair;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void;
-        diffieHellman(options: {
-            privateKey: import("crypto").KeyObject;
-            publicKey: import("crypto").KeyObject;
-        }): Buffer;
-        diffieHellman(options: {
-            privateKey: import("crypto").KeyObject;
-            publicKey: import("crypto").KeyObject;
-        }): Buffer;
-        getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined;
-        getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined;
-        hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void;
-        hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void;
-        hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer;
-        hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer;
-        secureHeapUsed(): import("crypto").SecureHeapUsage;
-        secureHeapUsed(): import("crypto").SecureHeapUsage;
-        randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`;
-        randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`;
-        generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void;
-        generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void;
-        generatePrimeSync(size: number): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer;
-        generatePrimeSync(size: number): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer;
-        checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean;
-        checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean;
-        setEngine(engine: string, flags?: number | undefined): void;
-        setEngine(engine: string, flags?: number | undefined): void;
-        getRandomValues<T_8 extends import("crypto").webcrypto.BufferSource>(typedArray: T_8): T_8;
-        getRandomValues<T_9 extends import("crypto").webcrypto.BufferSource>(typedArray: T_9): T_9;
-        Certificate: typeof import("crypto").Certificate;
-        constants: typeof import("crypto").constants;
-        fips: boolean;
-        Hash: typeof import("crypto").Hash;
-        Hmac: typeof import("crypto").Hmac;
-        KeyObject: typeof import("crypto").KeyObject;
-        Cipher: typeof import("crypto").Cipher;
-        Decipher: typeof import("crypto").Decipher;
-        Sign: typeof import("crypto").Sign;
-        Verify: typeof import("crypto").Verify;
-        DiffieHellman: typeof import("crypto").DiffieHellman;
-        DiffieHellmanGroup: import("crypto").DiffieHellmanGroupConstructor;
-        ECDH: typeof import("crypto").ECDH;
-        DEFAULT_ENCODING: BufferEncoding;
-        X509Certificate: typeof import("crypto").X509Certificate;
-        subtle: import("crypto").webcrypto.SubtleCrypto;
-        webcrypto: import("crypto").webcrypto.Crypto;
-    } | {
-        webcrypto: undefined;
-    }>;
     stubThisGlobalThisCrypto: () => globalThis.Crypto;
     setCachedCrypto: (newCrypto: Crypto | undefined) => void;
 };

package/esm/helpers/iso/isoCrypto/getWebCrypto.js

@@ -3,29 +3,34 @@ let webCrypto = undefined;
  * Try to get an instance of the Crypto API from the current runtime. Should support Node,
  * as well as others, like Deno, that implement Web APIs.
  */
-export async function getWebCrypto() {
-    if (webCrypto) {
-        return webCrypto;
-    }
+export function getWebCrypto() {
     /**
-     * Naively attempt to access Crypto as a global object, which popular alternative run-times
-     * support.
+     * Hello there! If you came here wondering why this method is asynchronous when use of
+     * `globalThis.crypto` is not, it's to minimize a bunch of refactor related to making this
+     * synchronous. For example, `generateRegistrationOptions()` and `generateAuthenticationOptions()`
+     * become synchronous if we make this synchronous (since nothing else in that method is async)
+     * which represents a breaking API change in this library's core API.
+     *
+     * TODO: If it's after February 2025 when you read this then consider whether it still makes sense
+     * to keep this method asynchronous.
      */
-    const _globalThisCrypto = _getWebCryptoInternals.stubThisGlobalThisCrypto();
-    if (_globalThisCrypto) {
-        webCrypto = _globalThisCrypto;
-        return webCrypto;
-    }
-    /**
-     * `globalThis.crypto` isn't available, so attempt a Node import...
-     */
-    const _nodeCrypto = await _getWebCryptoInternals.stubThisImportNodeCrypto();
-    if (_nodeCrypto?.webcrypto) {
-        webCrypto = _nodeCrypto.webcrypto;
-        return webCrypto;
-    }
-    // We tried to access it both in Node and globally, so bail out
-    throw new MissingWebCrypto();
+    const toResolve = new Promise((resolve, reject) => {
+        if (webCrypto) {
+            return resolve(webCrypto);
+        }
+        /**
+         * Naively attempt to access Crypto as a global object, which popular ESM-centric run-times
+         * support (and Node v20+)
+         */
+        const _globalThisCrypto = _getWebCryptoInternals.stubThisGlobalThisCrypto();
+        if (_globalThisCrypto) {
+            webCrypto = _globalThisCrypto;
+            return resolve(webCrypto);
+        }
+        // We tried to access it both in Node and globally, so bail out
+        return reject(new MissingWebCrypto());
+    });
+    return toResolve;
 }
 export class MissingWebCrypto extends Error {
     constructor() {
@@ -36,26 +41,6 @@ export class MissingWebCrypto extends Error {
 }
 // Make it possible to stub return values during testing
 export const _getWebCryptoInternals = {
-    stubThisImportNodeCrypto: async () => {
-        try {
-            // dnt-shim-ignore
-            /**
-             * The `webpackIgnore` here is to help support Next.js' Edge runtime.
-             * See https://github.com/MasterKale/SimpleWebAuthn/issues/517 for more info.
-             */
-            const _nodeCrypto = await import(/* webpackIgnore: true */ 'crypto');
-            return _nodeCrypto;
-        }
-        catch (_err) {
-            /**
-             * Intentionally declaring webcrypto as undefined because we're assuming the Node import
-             * failed due to either:
-             * - `import()` isn't supported
-             * - `node:crypto` is unavailable.
-             */
-            return { webcrypto: undefined };
-        }
-    },
     stubThisGlobalThisCrypto: () => globalThis.crypto,
     // Make it possible to reset the `webCrypto` at the top of the file
     setCachedCrypto: (newCrypto) => {

package/esm/helpers/iso/isoCrypto/unwrapEC2Signature.d.ts

@@ -1,6 +1,7 @@
+import { COSECRV } from '../../cose.js';
 /**
  * In WebAuthn, EC2 signatures are wrapped in ASN.1 structure so we need to peel r and s apart.
  *
  * See https://www.w3.org/TR/webauthn-2/#sctn-signature-attestation-types
  */
-export declare function unwrapEC2Signature(signature: Uint8Array): Uint8Array;
+export declare function unwrapEC2Signature(signature: Uint8Array, crv: COSECRV): Uint8Array;

package/esm/helpers/iso/isoCrypto/unwrapEC2Signature.js

@@ -1,30 +1,72 @@
 import { AsnParser, ECDSASigValue } from '../../../deps.js';
+import { COSECRV } from '../../cose.js';
 import { isoUint8Array } from '../index.js';
 /**
  * In WebAuthn, EC2 signatures are wrapped in ASN.1 structure so we need to peel r and s apart.
  *
  * See https://www.w3.org/TR/webauthn-2/#sctn-signature-attestation-types
  */
-export function unwrapEC2Signature(signature) {
+export function unwrapEC2Signature(signature, crv) {
     const parsedSignature = AsnParser.parse(signature, ECDSASigValue);
-    let rBytes = new Uint8Array(parsedSignature.r);
-    let sBytes = new Uint8Array(parsedSignature.s);
-    if (shouldRemoveLeadingZero(rBytes)) {
-        rBytes = rBytes.slice(1);
-    }
-    if (shouldRemoveLeadingZero(sBytes)) {
-        sBytes = sBytes.slice(1);
-    }
-    const finalSignature = isoUint8Array.concat([rBytes, sBytes]);
+    const rBytes = new Uint8Array(parsedSignature.r);
+    const sBytes = new Uint8Array(parsedSignature.s);
+    const componentLength = getSignatureComponentLength(crv);
+    const rNormalizedBytes = toNormalizedBytes(rBytes, componentLength);
+    const sNormalizedBytes = toNormalizedBytes(sBytes, componentLength);
+    const finalSignature = isoUint8Array.concat([
+        rNormalizedBytes,
+        sNormalizedBytes,
+    ]);
     return finalSignature;
 }
 /**
- * Determine if the DER-specific `00` byte at the start of an ECDSA signature byte sequence
- * should be removed based on the following logic:
+ * The SubtleCrypto Web Crypto API expects ECDSA signatures with `r` and `s` values to be encoded
+ * to a specific length depending on the order of the curve. This function returns the expected
+ * byte-length for each of the `r` and `s` signature components.
+ *
+ * See <https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations>
+ */
+function getSignatureComponentLength(crv) {
+    switch (crv) {
+        case COSECRV.P256:
+            return 32;
+        case COSECRV.P384:
+            return 48;
+        case COSECRV.P521:
+            return 66;
+        default:
+            throw new Error(`Unexpected COSE crv value of ${crv} (EC2)`);
+    }
+}
+/**
+ * Converts the ASN.1 integer representation to bytes of a specific length `n`.
+ *
+ * DER encodes integers as big-endian byte arrays, with as small as possible representation and
+ * requires a leading `0` byte to disambiguate between negative and positive numbers. This means
+ * that `r` and `s` can potentially not be the expected byte-length that is needed by the
+ * SubtleCrypto Web Crypto API: if there are leading `0`s it can be shorter than expected, and if
+ * it has a leading `1` bit, it can be one byte longer.
  *
- * "If the leading byte is 0x0, and the the high order bit on the second byte is not set to 0,
- * then remove the leading 0x0 byte"
+ * See <https://www.itu.int/rec/T-REC-X.690-202102-I/en>
+ * See <https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations>
  */
-function shouldRemoveLeadingZero(bytes) {
-    return bytes[0] === 0x0 && (bytes[1] & (1 << 7)) !== 0;
+function toNormalizedBytes(bytes, componentLength) {
+    let normalizedBytes;
+    if (bytes.length < componentLength) {
+        // In case the bytes are shorter than expected, we need to pad it with leading `0`s.
+        normalizedBytes = new Uint8Array(componentLength);
+        normalizedBytes.set(bytes, componentLength - bytes.length);
+    }
+    else if (bytes.length === componentLength) {
+        normalizedBytes = bytes;
+    }
+    else if (bytes.length === componentLength + 1 && bytes[0] === 0 && (bytes[1] & 0x80) === 0x80) {
+        // The bytes contain a leading `0` to encode that the integer is positive. This leading `0`
+        // needs to be removed for compatibility with the SubtleCrypto Web Crypto API.
+        normalizedBytes = bytes.subarray(1);
+    }
+    else {
+        throw new Error(`Invalid signature component length ${bytes.length}, expected ${componentLength}`);
+    }
+    return normalizedBytes;
 }

package/esm/helpers/iso/isoCrypto/verify.js

@@ -1,4 +1,4 @@
-import { COSEKEYS, isCOSEPublicKeyEC2, isCOSEPublicKeyOKP, isCOSEPublicKeyRSA, } from '../../cose.js';
+import { COSEKEYS, isCOSECrv, isCOSEPublicKeyEC2, isCOSEPublicKeyOKP, isCOSEPublicKeyRSA, } from '../../cose.js';
 import { verifyEC2 } from './verifyEC2.js';
 import { verifyRSA } from './verifyRSA.js';
 import { verifyOKP } from './verifyOKP.js';
@@ -9,7 +9,11 @@ import { unwrapEC2Signature } from './unwrapEC2Signature.js';
 export function verify(opts) {
     const { cosePublicKey, signature, data, shaHashOverride } = opts;
     if (isCOSEPublicKeyEC2(cosePublicKey)) {
-        const unwrappedSignature = unwrapEC2Signature(signature);
+        const crv = cosePublicKey.get(COSEKEYS.crv);
+        if (!isCOSECrv(crv)) {
+            throw new Error(`unknown COSE curve ${crv}`);
+        }
+        const unwrappedSignature = unwrapEC2Signature(signature, crv);
         return verifyEC2({
             cosePublicKey,
             signature: unwrappedSignature,

package/esm/metadata/parseJWT.js

@@ -5,8 +5,8 @@ import { isoBase64URL } from '../helpers/iso/index.js';
 export function parseJWT(jwt) {
     const parts = jwt.split('.');
     return [
-        JSON.parse(isoBase64URL.toString(parts[0])),
-        JSON.parse(isoBase64URL.toString(parts[1])),
+        JSON.parse(isoBase64URL.toUTF8String(parts[0])),
+        JSON.parse(isoBase64URL.toUTF8String(parts[1])),
         parts[2],
     ];
 }

package/esm/registration/generateRegistrationOptions.d.ts

@@ -1,14 +1,17 @@
-import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture } from '../deps.js';
+import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON } from '../deps.js';
 export type GenerateRegistrationOptionsOpts = {
     rpName: string;
     rpID: string;
-    userID: string;
     userName: string;
+    userID?: Uint8Array;
     challenge?: string | Uint8Array;
     userDisplayName?: string;
     timeout?: number;
     attestationType?: AttestationConveyancePreference;
-    excludeCredentials?: PublicKeyCredentialDescriptorFuture[];
+    excludeCredentials?: {
+        id: Base64URLString;
+        transports?: AuthenticatorTransportFuture[];
+    }[];
     authenticatorSelection?: AuthenticatorSelectionCriteria;
     extensions?: AuthenticationExtensionsClientInputs;
     supportedAlgorithmIDs?: COSEAlgorithmIdentifier[];
@@ -20,24 +23,21 @@ export type GenerateRegistrationOptionsOpts = {
  */
 export declare const supportedCOSEAlgorithmIdentifiers: COSEAlgorithmIdentifier[];
 /**
- * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration"
+ * Prepare a value to pass into navigator.credentials.create(...) for authenticator registration
  *
  * **Options:**
  *
- * @param rpName User-visible, "friendly" website/service name
- * @param rpID Valid domain name (after `https://`)
- * @param userID User's website-specific unique ID
- * @param userName User's website-specific username (email, etc...)
- * @param challenge Random value the authenticator needs to sign and pass back
- * @param userDisplayName User's actual name
- * @param timeout How long (in ms) the user can take to complete attestation
- * @param attestationType Specific attestation statement
- * @param excludeCredentials Authenticators registered by the user so the user can't register the
- * same credential multiple times
- * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that
- * may be used
- * @param extensions Additional plugins the authenticator or browser should use during attestation
- * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for
- * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms
+ * @param rpName - User-visible, "friendly" website/service name
+ * @param rpID - Valid domain name (after `https://`)
+ * @param userName - User's website-specific username (email, etc...)
+ * @param userID **(Optional)** - User's website-specific unique ID. Defaults to generating a random identifier
+ * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back. Defaults to generating a random value
+ * @param userDisplayName **(Optional)** - User's actual name. Defaults to `""`
+ * @param timeout **(Optional)** - How long (in ms) the user can take to complete attestation. Defaults to `60000`
+ * @param attestationType **(Optional)** - Specific attestation statement. Defaults to `"none"`
+ * @param excludeCredentials **(Optional)** - Authenticators registered by the user so the user can't register the same credential multiple times. Defaults to `[]`
+ * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }`
+ * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation
+ * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]`
  */
 export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<PublicKeyCredentialCreationOptionsJSON>;