@simplewebauthn/server 9.0.3 → 10.0.1

package/script/helpers/iso/isoCrypto/getWebCrypto.d.ts

@@ -1,10 +1,3 @@
-/// <reference types="node" />
-/// <reference types="node" />
-/// <reference types="node" />
-/// <reference types="node/crypto.js" />
-/// <reference types=".deno/@types+node@18.16.19/node_modules/@types/node/crypto.js" />
-/// <reference types="node/stream.js" />
-/// <reference types=".deno/@types+node@18.16.19/node_modules/@types/node/stream.js" />
 import type { Crypto } from '../../../deps.js';
 /**
  * Try to get an instance of the Crypto API from the current runtime. Should support Node,
@@ -15,287 +8,6 @@ export declare class MissingWebCrypto extends Error {
     constructor();
 }
 export declare const _getWebCryptoInternals: {
-    stubThisImportNodeCrypto: () => Promise<{
-        default: typeof import("crypto");
-        createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash;
-        createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash;
-        createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac;
-        createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac;
-        createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB;
-        createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM;
-        createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB;
-        createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM;
-        createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher;
-        createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB;
-        createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM;
-        createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB;
-        createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM;
-        createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher;
-        generateKey(type: "hmac" | "aes", options: {
-            length: number;
-        }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void;
-        generateKey(type: "hmac" | "aes", options: {
-            length: number;
-        }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void;
-        generateKeySync(type: "hmac" | "aes", options: {
-            length: number;
-        }): import("crypto").KeyObject;
-        generateKeySync(type: "hmac" | "aes", options: {
-            length: number;
-        }): import("crypto").KeyObject;
-        createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject;
-        createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject;
-        createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject;
-        createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject;
-        createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject;
-        createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject;
-        createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject;
-        createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject;
-        createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign;
-        createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign;
-        createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify;
-        createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify;
-        createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman;
-        createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman;
-        getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup;
-        getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup;
-        createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup;
-        createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup;
-        pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer;
-        pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer;
-        randomBytes(size: number): Buffer;
-        randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        randomBytes(size: number): Buffer;
-        randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        pseudoRandomBytes(size: number): Buffer;
-        pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        pseudoRandomBytes(size: number): Buffer;
-        pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void;
-        randomInt(max: number): number;
-        randomInt(min: number, max: number): number;
-        randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(max: number): number;
-        randomInt(min: number, max: number): number;
-        randomInt(max: number, callback: (err: Error | null, value: number) => void): void;
-        randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void;
-        randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number | undefined, size?: number | undefined): T;
-        randomFillSync<T_1 extends NodeJS.ArrayBufferView>(buffer: T_1, offset?: number | undefined, size?: number | undefined): T_1;
-        randomFill<T_2 extends NodeJS.ArrayBufferView>(buffer: T_2, callback: (err: Error | null, buf: T_2) => void): void;
-        randomFill<T_3 extends NodeJS.ArrayBufferView>(buffer: T_3, offset: number, callback: (err: Error | null, buf: T_3) => void): void;
-        randomFill<T_4 extends NodeJS.ArrayBufferView>(buffer: T_4, offset: number, size: number, callback: (err: Error | null, buf: T_4) => void): void;
-        randomFill<T_5 extends NodeJS.ArrayBufferView>(buffer: T_5, callback: (err: Error | null, buf: T_5) => void): void;
-        randomFill<T_6 extends NodeJS.ArrayBufferView>(buffer: T_6, offset: number, callback: (err: Error | null, buf: T_6) => void): void;
-        randomFill<T_7 extends NodeJS.ArrayBufferView>(buffer: T_7, offset: number, size: number, callback: (err: Error | null, buf: T_7) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void;
-        scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer;
-        scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer;
-        publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer;
-        getCiphers(): string[];
-        getCiphers(): string[];
-        getCurves(): string[];
-        getCurves(): string[];
-        getFips(): 0 | 1;
-        getFips(): 0 | 1;
-        setFips(bool: boolean): void;
-        setFips(bool: boolean): void;
-        getHashes(): string[];
-        getHashes(): string[];
-        createECDH(curveName: string): import("crypto").ECDH;
-        createECDH(curveName: string): import("crypto").ECDH;
-        timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
-        timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>;
-        generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>;
-        generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult;
-        generateKeyPair: typeof import("crypto").generateKeyPair;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer;
-        sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean;
-        verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void;
-        diffieHellman(options: {
-            privateKey: import("crypto").KeyObject;
-            publicKey: import("crypto").KeyObject;
-        }): Buffer;
-        diffieHellman(options: {
-            privateKey: import("crypto").KeyObject;
-            publicKey: import("crypto").KeyObject;
-        }): Buffer;
-        getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined;
-        getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined;
-        hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void;
-        hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void;
-        hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer;
-        hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer;
-        secureHeapUsed(): import("crypto").SecureHeapUsage;
-        secureHeapUsed(): import("crypto").SecureHeapUsage;
-        randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`;
-        randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`;
-        generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void;
-        generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void;
-        generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void;
-        generatePrimeSync(size: number): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer;
-        generatePrimeSync(size: number): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer;
-        generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer;
-        checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void;
-        checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean;
-        checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean;
-        setEngine(engine: string, flags?: number | undefined): void;
-        setEngine(engine: string, flags?: number | undefined): void;
-        getRandomValues<T_8 extends import("crypto").webcrypto.BufferSource>(typedArray: T_8): T_8;
-        getRandomValues<T_9 extends import("crypto").webcrypto.BufferSource>(typedArray: T_9): T_9;
-        Certificate: typeof import("crypto").Certificate;
-        constants: typeof import("crypto").constants;
-        fips: boolean;
-        Hash: typeof import("crypto").Hash;
-        Hmac: typeof import("crypto").Hmac;
-        KeyObject: typeof import("crypto").KeyObject;
-        Cipher: typeof import("crypto").Cipher;
-        Decipher: typeof import("crypto").Decipher;
-        Sign: typeof import("crypto").Sign;
-        Verify: typeof import("crypto").Verify;
-        DiffieHellman: typeof import("crypto").DiffieHellman;
-        DiffieHellmanGroup: import("crypto").DiffieHellmanGroupConstructor;
-        ECDH: typeof import("crypto").ECDH;
-        DEFAULT_ENCODING: BufferEncoding;
-        X509Certificate: typeof import("crypto").X509Certificate;
-        subtle: import("crypto").webcrypto.SubtleCrypto;
-        webcrypto: import("crypto").webcrypto.Crypto;
-    } | {
-        webcrypto: undefined;
-    }>;
     stubThisGlobalThisCrypto: () => globalThis.Crypto;
     setCachedCrypto: (newCrypto: Crypto | undefined) => void;
 };

package/script/helpers/iso/isoCrypto/getWebCrypto.js

@@ -1,27 +1,4 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports._getWebCryptoInternals = exports.MissingWebCrypto = exports.getWebCrypto = void 0;
 let webCrypto = undefined;
@@ -29,29 +6,34 @@ let webCrypto = undefined;
  * Try to get an instance of the Crypto API from the current runtime. Should support Node,
  * as well as others, like Deno, that implement Web APIs.
  */
-async function getWebCrypto() {
-    if (webCrypto) {
-        return webCrypto;
-    }
-    /**
-     * Naively attempt to access Crypto as a global object, which popular alternative run-times
-     * support.
-     */
-    const _globalThisCrypto = exports._getWebCryptoInternals.stubThisGlobalThisCrypto();
-    if (_globalThisCrypto) {
-        webCrypto = _globalThisCrypto;
-        return webCrypto;
-    }
+function getWebCrypto() {
     /**
-     * `globalThis.crypto` isn't available, so attempt a Node import...
+     * Hello there! If you came here wondering why this method is asynchronous when use of
+     * `globalThis.crypto` is not, it's to minimize a bunch of refactor related to making this
+     * synchronous. For example, `generateRegistrationOptions()` and `generateAuthenticationOptions()`
+     * become synchronous if we make this synchronous (since nothing else in that method is async)
+     * which represents a breaking API change in this library's core API.
+     *
+     * TODO: If it's after February 2025 when you read this then consider whether it still makes sense
+     * to keep this method asynchronous.
      */
-    const _nodeCrypto = await exports._getWebCryptoInternals.stubThisImportNodeCrypto();
-    if (_nodeCrypto?.webcrypto) {
-        webCrypto = _nodeCrypto.webcrypto;
-        return webCrypto;
-    }
-    // We tried to access it both in Node and globally, so bail out
-    throw new MissingWebCrypto();
+    const toResolve = new Promise((resolve, reject) => {
+        if (webCrypto) {
+            return resolve(webCrypto);
+        }
+        /**
+         * Naively attempt to access Crypto as a global object, which popular ESM-centric run-times
+         * support (and Node v20+)
+         */
+        const _globalThisCrypto = exports._getWebCryptoInternals.stubThisGlobalThisCrypto();
+        if (_globalThisCrypto) {
+            webCrypto = _globalThisCrypto;
+            return resolve(webCrypto);
+        }
+        // We tried to access it both in Node and globally, so bail out
+        return reject(new MissingWebCrypto());
+    });
+    return toResolve;
 }
 exports.getWebCrypto = getWebCrypto;
 class MissingWebCrypto extends Error {
@@ -64,26 +46,6 @@ class MissingWebCrypto extends Error {
 exports.MissingWebCrypto = MissingWebCrypto;
 // Make it possible to stub return values during testing
 exports._getWebCryptoInternals = {
-    stubThisImportNodeCrypto: async () => {
-        try {
-            // dnt-shim-ignore
-            /**
-             * The `webpackIgnore` here is to help support Next.js' Edge runtime.
-             * See https://github.com/MasterKale/SimpleWebAuthn/issues/517 for more info.
-             */
-            const _nodeCrypto = await Promise.resolve().then(() => __importStar(require(/* webpackIgnore: true */ 'crypto')));
-            return _nodeCrypto;
-        }
-        catch (_err) {
-            /**
-             * Intentionally declaring webcrypto as undefined because we're assuming the Node import
-             * failed due to either:
-             * - `import()` isn't supported
-             * - `node:crypto` is unavailable.
-             */
-            return { webcrypto: undefined };
-        }
-    },
     stubThisGlobalThisCrypto: () => globalThis.crypto,
     // Make it possible to reset the `webCrypto` at the top of the file
     setCachedCrypto: (newCrypto) => {

package/script/helpers/iso/isoCrypto/unwrapEC2Signature.d.ts

@@ -1,6 +1,7 @@
+import { COSECRV } from '../../cose.js';
 /**
  * In WebAuthn, EC2 signatures are wrapped in ASN.1 structure so we need to peel r and s apart.
  *
  * See https://www.w3.org/TR/webauthn-2/#sctn-signature-attestation-types
  */
-export declare function unwrapEC2Signature(signature: Uint8Array): Uint8Array;
+export declare function unwrapEC2Signature(signature: Uint8Array, crv: COSECRV): Uint8Array;

package/script/helpers/iso/isoCrypto/unwrapEC2Signature.js

@@ -2,33 +2,75 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.unwrapEC2Signature = void 0;
 const deps_js_1 = require("../../../deps.js");
+const cose_js_1 = require("../../cose.js");
 const index_js_1 = require("../index.js");
 /**
  * In WebAuthn, EC2 signatures are wrapped in ASN.1 structure so we need to peel r and s apart.
  *
  * See https://www.w3.org/TR/webauthn-2/#sctn-signature-attestation-types
  */
-function unwrapEC2Signature(signature) {
+function unwrapEC2Signature(signature, crv) {
     const parsedSignature = deps_js_1.AsnParser.parse(signature, deps_js_1.ECDSASigValue);
-    let rBytes = new Uint8Array(parsedSignature.r);
-    let sBytes = new Uint8Array(parsedSignature.s);
-    if (shouldRemoveLeadingZero(rBytes)) {
-        rBytes = rBytes.slice(1);
-    }
-    if (shouldRemoveLeadingZero(sBytes)) {
-        sBytes = sBytes.slice(1);
-    }
-    const finalSignature = index_js_1.isoUint8Array.concat([rBytes, sBytes]);
+    const rBytes = new Uint8Array(parsedSignature.r);
+    const sBytes = new Uint8Array(parsedSignature.s);
+    const componentLength = getSignatureComponentLength(crv);
+    const rNormalizedBytes = toNormalizedBytes(rBytes, componentLength);
+    const sNormalizedBytes = toNormalizedBytes(sBytes, componentLength);
+    const finalSignature = index_js_1.isoUint8Array.concat([
+        rNormalizedBytes,
+        sNormalizedBytes,
+    ]);
     return finalSignature;
 }
 exports.unwrapEC2Signature = unwrapEC2Signature;
 /**
- * Determine if the DER-specific `00` byte at the start of an ECDSA signature byte sequence
- * should be removed based on the following logic:
+ * The SubtleCrypto Web Crypto API expects ECDSA signatures with `r` and `s` values to be encoded
+ * to a specific length depending on the order of the curve. This function returns the expected
+ * byte-length for each of the `r` and `s` signature components.
+ *
+ * See <https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations>
+ */
+function getSignatureComponentLength(crv) {
+    switch (crv) {
+        case cose_js_1.COSECRV.P256:
+            return 32;
+        case cose_js_1.COSECRV.P384:
+            return 48;
+        case cose_js_1.COSECRV.P521:
+            return 66;
+        default:
+            throw new Error(`Unexpected COSE crv value of ${crv} (EC2)`);
+    }
+}
+/**
+ * Converts the ASN.1 integer representation to bytes of a specific length `n`.
+ *
+ * DER encodes integers as big-endian byte arrays, with as small as possible representation and
+ * requires a leading `0` byte to disambiguate between negative and positive numbers. This means
+ * that `r` and `s` can potentially not be the expected byte-length that is needed by the
+ * SubtleCrypto Web Crypto API: if there are leading `0`s it can be shorter than expected, and if
+ * it has a leading `1` bit, it can be one byte longer.
  *
- * "If the leading byte is 0x0, and the the high order bit on the second byte is not set to 0,
- * then remove the leading 0x0 byte"
+ * See <https://www.itu.int/rec/T-REC-X.690-202102-I/en>
+ * See <https://www.w3.org/TR/WebCryptoAPI/#ecdsa-operations>
  */
-function shouldRemoveLeadingZero(bytes) {
-    return bytes[0] === 0x0 && (bytes[1] & (1 << 7)) !== 0;
+function toNormalizedBytes(bytes, componentLength) {
+    let normalizedBytes;
+    if (bytes.length < componentLength) {
+        // In case the bytes are shorter than expected, we need to pad it with leading `0`s.
+        normalizedBytes = new Uint8Array(componentLength);
+        normalizedBytes.set(bytes, componentLength - bytes.length);
+    }
+    else if (bytes.length === componentLength) {
+        normalizedBytes = bytes;
+    }
+    else if (bytes.length === componentLength + 1 && bytes[0] === 0 && (bytes[1] & 0x80) === 0x80) {
+        // The bytes contain a leading `0` to encode that the integer is positive. This leading `0`
+        // needs to be removed for compatibility with the SubtleCrypto Web Crypto API.
+        normalizedBytes = bytes.subarray(1);
+    }
+    else {
+        throw new Error(`Invalid signature component length ${bytes.length}, expected ${componentLength}`);
+    }
+    return normalizedBytes;
 }

package/script/helpers/iso/isoCrypto/verify.js

@@ -12,7 +12,11 @@ const unwrapEC2Signature_js_1 = require("./unwrapEC2Signature.js");
 function verify(opts) {
     const { cosePublicKey, signature, data, shaHashOverride } = opts;
     if ((0, cose_js_1.isCOSEPublicKeyEC2)(cosePublicKey)) {
-        const unwrappedSignature = (0, unwrapEC2Signature_js_1.unwrapEC2Signature)(signature);
+        const crv = cosePublicKey.get(cose_js_1.COSEKEYS.crv);
+        if (!(0, cose_js_1.isCOSECrv)(crv)) {
+            throw new Error(`unknown COSE curve ${crv}`);
+        }
+        const unwrappedSignature = (0, unwrapEC2Signature_js_1.unwrapEC2Signature)(signature, crv);
         return (0, verifyEC2_js_1.verifyEC2)({
             cosePublicKey,
             signature: unwrappedSignature,

package/script/metadata/parseJWT.js

@@ -8,8 +8,8 @@ const index_js_1 = require("../helpers/iso/index.js");
 function parseJWT(jwt) {
     const parts = jwt.split('.');
     return [
-        JSON.parse(index_js_1.isoBase64URL.toString(parts[0])),
-        JSON.parse(index_js_1.isoBase64URL.toString(parts[1])),
+        JSON.parse(index_js_1.isoBase64URL.toUTF8String(parts[0])),
+        JSON.parse(index_js_1.isoBase64URL.toUTF8String(parts[1])),
         parts[2],
     ];
 }