npm - chrome-types - Versions diffs - 0.1.308 → 0.1.309 - Mend

chrome-types 0.1.308 → 0.1.309

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/_all.d.ts CHANGED Viewed

@@ -14,8 +14,8 @@
  * limitations under the License.
  */
-// Generated on Wed Oct 09 2024 22:32:54 GMT+0000 (Coordinated Universal Time)
-// Built at 94146150ffb1973bcce4724cc04f764871c8094c
+// Generated on Mon Oct 14 2024 22:32:16 GMT+0000 (Coordinated Universal Time)
+// Built at f0afe5b5fcd80b796176cb18c9c4d038ab4e6a48
 // Includes all types, including MV2 + Platform Apps APIs.
@@ -12325,6 +12325,13 @@ declare namespace chrome {
       scope: Scope;
     }
+    /**
+     * Returns the available Tokens. In a regular user's session the list will always contain the user's token with `id` `"user"`. If a system-wide TPM token is available, the returned list will also contain the system-wide token with `id` `"system"`. The system-wide token will be the same for all sessions on this device (device in the sense of e.g. a Chromebook).
+     *
+     * @chrome-returns-extra since Pending
+     */
+    export function getTokens(): Promise<Token[]>;
     /**
      * Returns the available Tokens. In a regular user's session the list will always contain the user's token with `id` `"user"`. If a system-wide TPM token is available, the returned list will also contain the system-wide token with `id` `"system"`. The system-wide token will be the same for all sessions on this device (device in the sense of e.g. a Chromebook).
      *
@@ -12335,11 +12342,22 @@ declare namespace chrome {
       /**
        * @param tokens The list of available tokens.
        */
-      callback: (
+      callback?: (
         tokens: Token[],
       ) => void,
     ): void;
+    /**
+     * Returns the list of all client certificates available from the given token. Can be used to check for the existence and expiration of client certificates that are usable for a certain authentication.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     */
+    export function getCertificates(
+      tokenId: string,
+    ): Promise<ArrayBuffer[]>;
     /**
      * Returns the list of all client certificates available from the given token. Can be used to check for the existence and expiration of client certificates that are usable for a certain authentication.
      *
@@ -12353,11 +12371,25 @@ declare namespace chrome {
       /**
        * @param certificates The list of certificates, each in DER encoding of a X.509 certificate.
        */
-      callback: (
+      callback?: (
         certificates: ArrayBuffer[],
       ) => void,
     ): void;
+    /**
+     * Imports `certificate` to the given token if the certified key is already stored in this token. After a successful certification request, this function should be used to store the obtained certificate and to make it available to the operating system and browser for authentication.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     * @param certificate The DER encoding of a X.509 certificate.
+     */
+    export function importCertificate(
+      tokenId: string,
+      certificate: ArrayBuffer,
+    ): Promise<void>;
     /**
      * Imports `certificate` to the given token if the certified key is already stored in this token. After a successful certification request, this function should be used to store the obtained certificate and to make it available to the operating system and browser for authentication.
      *
@@ -12374,6 +12406,20 @@ declare namespace chrome {
       callback?: () => void,
     ): void;
+    /**
+     * Removes `certificate` from the given token if present. Should be used to remove obsolete certificates so that they are not considered during authentication and do not clutter the certificate choice. Should be used to free storage in the certificate store.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     * @param certificate The DER encoding of a X.509 certificate.
+     */
+    export function removeCertificate(
+      tokenId: string,
+      certificate: ArrayBuffer,
+    ): Promise<void>;
     /**
      * Removes `certificate` from the given token if present. Should be used to remove obsolete certificates so that they are not considered during authentication and do not clutter the certificate choice. Should be used to free storage in the certificate store.
      *
@@ -12391,9 +12437,25 @@ declare namespace chrome {
     ): void;
     /**
-     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
+     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
+     *
+     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate ChromeOS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tightly bound to the current signed-in user.
+     *
+     * This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The challenged key does not reside in the `"system"` or `"user"` token and is not accessible by any other API.
+     *
+     * @chrome-returns-extra since Pending
+     * @param options Object containing the fields defined in {@link ChallengeKeyOptions}.
+     * @since Chrome 110
+     */
+    export function challengeKey(
+      options: ChallengeKeyOptions,
+    ): Promise<ArrayBuffer>;
+    /**
+     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
      *
-     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate Chrome OS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tighly bound to the current signed-in user.
+     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate ChromeOS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tightly bound to the current signed-in user.
      *
      * This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The challenged key does not reside in the `"system"` or `"user"` token and is not accessible by any other API.
      *
@@ -12408,17 +12470,17 @@ declare namespace chrome {
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;
     /**
-     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
      *
+     * @chrome-returns-extra since Pending
      * @param challenge A challenge as emitted by the Verified Access Web API.
      * @param registerKey If set, the current Enterprise Machine Key is registered with the `"system"` token and relinquishes the Enterprise Machine Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise Machine Key.
-     * @param callback Called back with the challenge response.
      * @deprecated Use {@link challengeKey} instead.
      * @since Chrome 50
      * @chrome-deprecated-since Chrome 110
@@ -12430,20 +12492,14 @@ declare namespace chrome {
       /**
        * @since Chrome 59
        */
-      registerKey: boolean,
-      /**
-       * @param response The challenge response.
-       */
-      callback: (
-        response: ArrayBuffer,
-      ) => void,
-    ): void;
+      registerKey?: boolean,
+    ): Promise<ArrayBuffer>;
     /**
-     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
      *
      * @param challenge A challenge as emitted by the Verified Access Web API.
+     * @param registerKey If set, the current Enterprise Machine Key is registered with the `"system"` token and relinquishes the Enterprise Machine Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise Machine Key.
      * @param callback Called back with the challenge response.
      * @deprecated Use {@link challengeKey} instead.
      * @since Chrome 50
@@ -12453,16 +12509,38 @@ declare namespace chrome {
       challenge: ArrayBuffer,
+      /**
+       * @since Chrome 59
+       */
+      registerKey?: boolean,
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;
     /**
-     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
+     *
+     * @chrome-returns-extra since Pending
+     * @param challenge A challenge as emitted by the Verified Access Web API.
+     * @param registerKey If set, the current Enterprise User Key is registered with the `"user"` token and relinquishes the Enterprise User Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise User Key.
+     * @deprecated Use {@link challengeKey} instead.
+     * @since Chrome 50
+     * @chrome-deprecated-since Chrome 110
+     */
+    export function challengeUserKey(
+      challenge: ArrayBuffer,
+      registerKey: boolean,
+    ): Promise<ArrayBuffer>;
+    /**
+     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
      *
      * @param challenge A challenge as emitted by the Verified Access Web API.
      * @param registerKey If set, the current Enterprise User Key is registered with the `"user"` token and relinquishes the Enterprise User Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise User Key.
@@ -12480,7 +12558,7 @@ declare namespace chrome {
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;

package/index.d.ts CHANGED Viewed

@@ -14,8 +14,8 @@
  * limitations under the License.
  */
-// Generated on Wed Oct 09 2024 22:32:50 GMT+0000 (Coordinated Universal Time)
-// Built at 94146150ffb1973bcce4724cc04f764871c8094c
+// Generated on Mon Oct 14 2024 22:32:11 GMT+0000 (Coordinated Universal Time)
+// Built at f0afe5b5fcd80b796176cb18c9c4d038ab4e6a48
 // Includes MV3+ APIs only.
@@ -8455,6 +8455,13 @@ declare namespace chrome {
       scope: Scope;
     }
+    /**
+     * Returns the available Tokens. In a regular user's session the list will always contain the user's token with `id` `"user"`. If a system-wide TPM token is available, the returned list will also contain the system-wide token with `id` `"system"`. The system-wide token will be the same for all sessions on this device (device in the sense of e.g. a Chromebook).
+     *
+     * @chrome-returns-extra since Pending
+     */
+    export function getTokens(): Promise<Token[]>;
     /**
      * Returns the available Tokens. In a regular user's session the list will always contain the user's token with `id` `"user"`. If a system-wide TPM token is available, the returned list will also contain the system-wide token with `id` `"system"`. The system-wide token will be the same for all sessions on this device (device in the sense of e.g. a Chromebook).
      *
@@ -8465,11 +8472,22 @@ declare namespace chrome {
       /**
        * @param tokens The list of available tokens.
        */
-      callback: (
+      callback?: (
         tokens: Token[],
       ) => void,
     ): void;
+    /**
+     * Returns the list of all client certificates available from the given token. Can be used to check for the existence and expiration of client certificates that are usable for a certain authentication.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     */
+    export function getCertificates(
+      tokenId: string,
+    ): Promise<ArrayBuffer[]>;
     /**
      * Returns the list of all client certificates available from the given token. Can be used to check for the existence and expiration of client certificates that are usable for a certain authentication.
      *
@@ -8483,11 +8501,25 @@ declare namespace chrome {
       /**
        * @param certificates The list of certificates, each in DER encoding of a X.509 certificate.
        */
-      callback: (
+      callback?: (
         certificates: ArrayBuffer[],
       ) => void,
     ): void;
+    /**
+     * Imports `certificate` to the given token if the certified key is already stored in this token. After a successful certification request, this function should be used to store the obtained certificate and to make it available to the operating system and browser for authentication.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     * @param certificate The DER encoding of a X.509 certificate.
+     */
+    export function importCertificate(
+      tokenId: string,
+      certificate: ArrayBuffer,
+    ): Promise<void>;
     /**
      * Imports `certificate` to the given token if the certified key is already stored in this token. After a successful certification request, this function should be used to store the obtained certificate and to make it available to the operating system and browser for authentication.
      *
@@ -8504,6 +8536,20 @@ declare namespace chrome {
       callback?: () => void,
     ): void;
+    /**
+     * Removes `certificate` from the given token if present. Should be used to remove obsolete certificates so that they are not considered during authentication and do not clutter the certificate choice. Should be used to free storage in the certificate store.
+     *
+     * @chrome-returns-extra since Pending
+     * @param tokenId The id of a Token returned by `getTokens`.
+     * @param certificate The DER encoding of a X.509 certificate.
+     */
+    export function removeCertificate(
+      tokenId: string,
+      certificate: ArrayBuffer,
+    ): Promise<void>;
     /**
      * Removes `certificate` from the given token if present. Should be used to remove obsolete certificates so that they are not considered during authentication and do not clutter the certificate choice. Should be used to free storage in the certificate store.
      *
@@ -8521,9 +8567,25 @@ declare namespace chrome {
     ): void;
     /**
-     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
+     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
      *
-     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate Chrome OS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tighly bound to the current signed-in user.
+     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate ChromeOS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tightly bound to the current signed-in user.
+     *
+     * This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The challenged key does not reside in the `"system"` or `"user"` token and is not accessible by any other API.
+     *
+     * @chrome-returns-extra since Pending
+     * @param options Object containing the fields defined in {@link ChallengeKeyOptions}.
+     * @since Chrome 110
+     */
+    export function challengeKey(
+      options: ChallengeKeyOptions,
+    ): Promise<ArrayBuffer>;
+    /**
+     * Similar to `challengeMachineKey` and `challengeUserKey`, but allows specifying the algorithm of a registered key. Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses.
+     *
+     * A successful verification by the Verified Access Web API is a strong signal that the current device is a legitimate ChromeOS device, the current device is managed by the domain specified during verification, the current signed-in user is managed by the domain specified during verification, and the current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. Any device identity emitted by the verification is tightly bound to the hardware of the current device. If `"user"` Scope is specified, the identity is also tightly bound to the current signed-in user.
      *
      * This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The challenged key does not reside in the `"system"` or `"user"` token and is not accessible by any other API.
      *
@@ -8538,17 +8600,17 @@ declare namespace chrome {
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;
     /**
-     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
      *
+     * @chrome-returns-extra since Pending
      * @param challenge A challenge as emitted by the Verified Access Web API.
      * @param registerKey If set, the current Enterprise Machine Key is registered with the `"system"` token and relinquishes the Enterprise Machine Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise Machine Key.
-     * @param callback Called back with the challenge response.
      * @deprecated Use {@link challengeKey} instead.
      * @since Chrome 50
      * @chrome-deprecated-since Chrome 110
@@ -8560,20 +8622,14 @@ declare namespace chrome {
       /**
        * @since Chrome 59
        */
-      registerKey: boolean,
-      /**
-       * @param response The challenge response.
-       */
-      callback: (
-        response: ArrayBuffer,
-      ) => void,
-    ): void;
+      registerKey?: boolean,
+    ): Promise<ArrayBuffer>;
     /**
-     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise Machine Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise device policy. For example, a policy may specify that the device must not be in developer mode. \* Any device identity emitted by the verification is tightly bound to the hardware of the current device. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise device policy. The Enterprise Machine Key does not reside in the `"system"` token and is not accessible by any other API.
      *
      * @param challenge A challenge as emitted by the Verified Access Web API.
+     * @param registerKey If set, the current Enterprise Machine Key is registered with the `"system"` token and relinquishes the Enterprise Machine Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise Machine Key.
      * @param callback Called back with the challenge response.
      * @deprecated Use {@link challengeKey} instead.
      * @since Chrome 50
@@ -8583,16 +8639,38 @@ declare namespace chrome {
       challenge: ArrayBuffer,
+      /**
+       * @since Chrome 59
+       */
+      registerKey?: boolean,
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;
     /**
-     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on Chrome OS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate Chrome OS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
+     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
+     *
+     * @chrome-returns-extra since Pending
+     * @param challenge A challenge as emitted by the Verified Access Web API.
+     * @param registerKey If set, the current Enterprise User Key is registered with the `"user"` token and relinquishes the Enterprise User Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise User Key.
+     * @deprecated Use {@link challengeKey} instead.
+     * @since Chrome 50
+     * @chrome-deprecated-since Chrome 110
+     */
+    export function challengeUserKey(
+      challenge: ArrayBuffer,
+      registerKey: boolean,
+    ): Promise<ArrayBuffer>;
+    /**
+     * Challenges a hardware-backed Enterprise User Key and emits the response as part of a remote attestation protocol. Only useful on ChromeOS and in conjunction with the Verified Access Web API which both issues challenges and verifies responses. A successful verification by the Verified Access Web API is a strong signal of all of the following: \* The current device is a legitimate ChromeOS device. \* The current device is managed by the domain specified during verification. \* The current signed-in user is managed by the domain specified during verification. \* The current device state complies with enterprise user policy. For example, a policy may specify that the device must not be in developer mode. \* The public key emitted by the verification is tightly bound to the hardware of the current device and to the current signed-in user. This function is highly restricted and will fail if the current device is not managed, the current user is not managed, or if this operation has not explicitly been enabled for the caller by enterprise user policy. The Enterprise User Key does not reside in the `"user"` token and is not accessible by any other API.
      *
      * @param challenge A challenge as emitted by the Verified Access Web API.
      * @param registerKey If set, the current Enterprise User Key is registered with the `"user"` token and relinquishes the Enterprise User Key role. The key can then be associated with a certificate and used like any other signing key. This key is 2048-bit RSA. Subsequent calls to this function will then generate a new Enterprise User Key.
@@ -8610,7 +8688,7 @@ declare namespace chrome {
       /**
        * @param response The challenge response.
        */
-      callback: (
+      callback?: (
         response: ArrayBuffer,
       ) => void,
     ): void;

package/package.json CHANGED Viewed

@@ -5,7 +5,7 @@
   "type": "module",
   "name": "chrome-types",
   "config": {
-    "build-hash": "3c560711b82205f6"
+    "build-hash": "40a875d0356797b9"
   },
   "repository": {
     "type": "git",
@@ -16,5 +16,5 @@
     "url": "https://github.com/GoogleChrome/chrome-types/issues"
   },
   "homepage": "https://github.com/GoogleChrome/chrome-types",
-  "version": "0.1.308"
+  "version": "0.1.309"
 }