Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@simplewebauthn/server
Advanced tools
@simplewebauthn/server - npm Package Compare versions
Comparing version 9.0.3 to 10.0.0
@@ -1,4 +0,8 @@ | ||
| import type { AuthenticationExtensionsClientInputs, PublicKeyCredentialDescriptorFuture, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '../deps.js'; | ||
| import type { AuthenticationExtensionsClientInputs, AuthenticatorTransportFuture, Base64URLString, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '../deps.js'; | ||
| export type GenerateAuthenticationOptionsOpts = { | ||
| allowCredentials?: PublicKeyCredentialDescriptorFuture[]; | ||
| rpID: string; | ||
| allowCredentials?: { | ||
| id: Base64URLString; | ||
| transports?: AuthenticatorTransportFuture[]; | ||
| }[]; | ||
| challenge?: string | Uint8Array; | ||
@@ -8,17 +12,15 @@ timeout?: number; | ||
| extensions?: AuthenticationExtensionsClientInputs; | ||
| rpID?: string; | ||
| }; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login" | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator authentication | ||
| * | ||
| * @param allowCredentials Authenticators previously registered by the user, if any. If undefined | ||
| * the client will ask the user which credential they want to use | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * user for authentication | ||
| * @param timeout How long (in ms) the user can take to complete authentication | ||
| * @param userVerification Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise | ||
| * set to `'preferred'` or `'required'` as desired. | ||
| * @param extensions Additional plugins the authenticator or browser should use during authentication | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * **Options:** | ||
| * | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param allowCredentials **(Optional)** - Authenticators previously registered by the user, if any. If undefined the client will ask the user which credential they want to use | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back user for authentication. Defaults to generating a random value | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete authentication. Defaults to `60000` | ||
| * @param userVerification **(Optional)** - Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise set to `'preferred'` or `'required'` as desired. Defaults to `"preferred"` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during authentication | ||
| */ | ||
| export declare function generateAuthenticationOptions(options?: GenerateAuthenticationOptionsOpts): Promise<PublicKeyCredentialRequestOptionsJSON>; | ||
| export declare function generateAuthenticationOptions(options: GenerateAuthenticationOptionsOpts): Promise<PublicKeyCredentialRequestOptionsJSON>; |
| import { isoBase64URL, isoUint8Array } from '../helpers/iso/index.js'; | ||
| import { generateChallenge } from '../helpers/generateChallenge.js'; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login" | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator authentication | ||
| * | ||
| * @param allowCredentials Authenticators previously registered by the user, if any. If undefined | ||
| * the client will ask the user which credential they want to use | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * user for authentication | ||
| * @param timeout How long (in ms) the user can take to complete authentication | ||
| * @param userVerification Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise | ||
| * set to `'preferred'` or `'required'` as desired. | ||
| * @param extensions Additional plugins the authenticator or browser should use during authentication | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * **Options:** | ||
| * | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param allowCredentials **(Optional)** - Authenticators previously registered by the user, if any. If undefined the client will ask the user which credential they want to use | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back user for authentication. Defaults to generating a random value | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete authentication. Defaults to `60000` | ||
| * @param userVerification **(Optional)** - Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise set to `'preferred'` or `'required'` as desired. Defaults to `"preferred"` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during authentication | ||
| */ | ||
| export async function generateAuthenticationOptions(options = {}) { | ||
| export async function generateAuthenticationOptions(options) { | ||
| const { allowCredentials, challenge = await generateChallenge(), timeout = 60000, userVerification = 'preferred', extensions, rpID, } = options; | ||
@@ -26,12 +25,18 @@ /** | ||
| return { | ||
| rpId: rpID, | ||
| challenge: isoBase64URL.fromBuffer(_challenge), | ||
| allowCredentials: allowCredentials?.map((cred) => ({ | ||
| ...cred, | ||
| id: isoBase64URL.fromBuffer(cred.id), | ||
| })), | ||
| allowCredentials: allowCredentials?.map((cred) => { | ||
| if (!isoBase64URL.isBase64URL(cred.id)) { | ||
| throw new Error(`excludeCredential id "${cred.id}" is not a valid base64url string`); | ||
| } | ||
| return { | ||
| ...cred, | ||
| id: isoBase64URL.trimPadding(cred.id), | ||
| type: 'public-key', | ||
| }; | ||
| }), | ||
| timeout, | ||
| userVerification, | ||
| extensions, | ||
| rpId: rpID, | ||
| }; | ||
| } |
@@ -1,2 +0,2 @@ | ||
| import type { AuthenticationResponseJSON, AuthenticatorDevice, CredentialDeviceType, UserVerificationRequirement } from '../deps.js'; | ||
| import type { AuthenticationResponseJSON, AuthenticatorDevice, Base64URLString, CredentialDeviceType, UserVerificationRequirement } from '../deps.js'; | ||
| import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js'; | ||
@@ -8,4 +8,4 @@ export type VerifyAuthenticationResponseOpts = { | ||
| expectedRPID: string | string[]; | ||
| authenticator: AuthenticatorDevice; | ||
| expectedType?: string | string[]; | ||
| authenticator: AuthenticatorDevice; | ||
| requireUserVerification?: boolean; | ||
@@ -17,20 +17,15 @@ advancedFIDOConfig?: { | ||
| /** | ||
| * Verify that the user has legitimately completed the login process | ||
| * Verify that the user has legitimately completed the authentication process | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateAuthenticationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.get') | ||
| * @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature | ||
| * requirements | ||
| * @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the | ||
| * User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional | ||
| * unless this value is `"required"` | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.get') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements | ||
| * @param advancedFIDOConfig.userVerification **(Optional)** - Enable alternative rules for evaluating the User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional unless this value is `"required"` | ||
| */ | ||
@@ -61,3 +56,3 @@ export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): Promise<VerifiedAuthenticationResponse>; | ||
| authenticationInfo: { | ||
| credentialID: Uint8Array; | ||
| credentialID: Base64URLString; | ||
| newCounter: number; | ||
@@ -64,0 +59,0 @@ userVerified: boolean; |
@@ -9,20 +9,15 @@ import { decodeClientDataJSON } from '../helpers/decodeClientDataJSON.js'; | ||
| /** | ||
| * Verify that the user has legitimately completed the login process | ||
| * Verify that the user has legitimately completed the authentication process | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateAuthenticationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.get') | ||
| * @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature | ||
| * requirements | ||
| * @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the | ||
| * User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional | ||
| * unless this value is `"required"` | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.get') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements | ||
| * @param advancedFIDOConfig.userVerification **(Optional)** - Enable alternative rules for evaluating the User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional unless this value is `"required"` | ||
| */ | ||
@@ -88,6 +83,6 @@ export async function verifyAuthenticationResponse(options) { | ||
| } | ||
| if (!isoBase64URL.isBase64url(assertionResponse.authenticatorData)) { | ||
| if (!isoBase64URL.isBase64URL(assertionResponse.authenticatorData)) { | ||
| throw new Error('Credential response authenticatorData was not a base64url string'); | ||
| } | ||
| if (!isoBase64URL.isBase64url(assertionResponse.signature)) { | ||
| if (!isoBase64URL.isBase64URL(assertionResponse.signature)) { | ||
| throw new Error('Credential response signature was not a base64url string'); | ||
@@ -94,0 +89,0 @@ } |
@@ -1,2 +0,2 @@ | ||
| export type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticationResponseJSON, AuthenticatorDevice, AuthenticatorSelectionCriteria, Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, Crypto, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture, PublicKeyCredentialParameters, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, UserVerificationRequirement, } from '@simplewebauthn/types'; | ||
| export type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticationResponseJSON, AuthenticatorDevice, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, Crypto, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialParameters, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, UserVerificationRequirement, } from '@simplewebauthn/types'; | ||
| export * as tinyCbor from '@levischuck/tiny-cbor'; | ||
@@ -3,0 +3,0 @@ export { default as base64 } from '@hexagon/base64'; |
@@ -11,3 +11,3 @@ import { isoBase64URL } from './iso/index.js'; | ||
| if (typeof certBuffer === 'string') { | ||
| if (isoBase64URL.isBase64url(certBuffer)) { | ||
| if (isoBase64URL.isBase64URL(certBuffer)) { | ||
| b64cert = isoBase64URL.toBase64(certBuffer); | ||
@@ -14,0 +14,0 @@ } |
@@ -0,5 +1,6 @@ | ||
| import type { Base64URLString } from '../deps.js'; | ||
| /** | ||
| * Decode an authenticator's base64url-encoded clientDataJSON to JSON | ||
| */ | ||
| export declare function decodeClientDataJSON(data: string): ClientDataJSON; | ||
| export declare function decodeClientDataJSON(data: Base64URLString): ClientDataJSON; | ||
| export type ClientDataJSON = { | ||
@@ -6,0 +7,0 @@ type: string; |
@@ -6,3 +6,3 @@ import { isoBase64URL } from './iso/index.js'; | ||
| export function decodeClientDataJSON(data) { | ||
| const toString = isoBase64URL.toString(data); | ||
| const toString = isoBase64URL.toUTF8String(data); | ||
| const clientData = JSON.parse(toString); | ||
@@ -9,0 +9,0 @@ return _decodeClientDataJSONInternals.stubThis(clientData); |
@@ -8,2 +8,3 @@ import { convertAAGUIDToString } from './convertAAGUIDToString.js'; | ||
| import { generateChallenge } from './generateChallenge.js'; | ||
| import { generateUserID } from './generateUserID.js'; | ||
| import { getCertificateInfo } from './getCertificateInfo.js'; | ||
@@ -17,3 +18,3 @@ import { isCertRevoked } from './isCertRevoked.js'; | ||
| import * as cose from './cose.js'; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, generateUserID, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; | ||
| import type { AttestationFormat, AttestationObject, AttestationStatement } from './decodeAttestationObject.js'; | ||
@@ -20,0 +21,0 @@ import type { CertificateInfo } from './getCertificateInfo.js'; |
@@ -8,2 +8,3 @@ import { convertAAGUIDToString } from './convertAAGUIDToString.js'; | ||
| import { generateChallenge } from './generateChallenge.js'; | ||
| import { generateUserID } from './generateUserID.js'; | ||
| import { getCertificateInfo } from './getCertificateInfo.js'; | ||
@@ -17,2 +18,2 @@ import { isCertRevoked } from './isCertRevoked.js'; | ||
| import * as cose from './cose.js'; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, generateUserID, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; |
@@ -0,1 +1,2 @@ | ||
| import type { Base64URLString } from '../../deps.js'; | ||
| /** | ||
@@ -23,9 +24,9 @@ * Decode from a Base64URL-encoded string to an ArrayBuffer. Best used when converting a | ||
| /** | ||
| * Encode a string to base64url | ||
| * Encode a UTF-8 string to base64url | ||
| */ | ||
| export declare function fromString(ascii: string): string; | ||
| export declare function fromUTF8String(utf8String: string): string; | ||
| /** | ||
| * Decode a base64url string into its original string | ||
| * Decode a base64url string into its original UTF-8 string | ||
| */ | ||
| export declare function toString(base64urlString: string): string; | ||
| export declare function toUTF8String(base64urlString: string): string; | ||
| /** | ||
@@ -38,2 +39,6 @@ * Confirm that the string is encoded into base64 | ||
| */ | ||
| export declare function isBase64url(input: string): boolean; | ||
| export declare function isBase64URL(input: string): boolean; | ||
| /** | ||
| * Remove optional padding from a base64url-encoded string | ||
| */ | ||
| export declare function trimPadding(input: Base64URLString): Base64URLString; |
@@ -33,11 +33,11 @@ import { base64 } from '../../deps.js'; | ||
| /** | ||
| * Encode a string to base64url | ||
| * Encode a UTF-8 string to base64url | ||
| */ | ||
| export function fromString(ascii) { | ||
| return base64.fromString(ascii, true); | ||
| export function fromUTF8String(utf8String) { | ||
| return base64.fromString(utf8String, true); | ||
| } | ||
| /** | ||
| * Decode a base64url string into its original string | ||
| * Decode a base64url string into its original UTF-8 string | ||
| */ | ||
| export function toString(base64urlString) { | ||
| export function toUTF8String(base64urlString) { | ||
| return base64.toString(base64urlString, true); | ||
@@ -54,6 +54,12 @@ } | ||
| */ | ||
| export function isBase64url(input) { | ||
| export function isBase64URL(input) { | ||
| // Trim padding characters from the string if present | ||
| input = input.replace(/=/g, ''); | ||
| input = trimPadding(input); | ||
| return base64.validate(input, true); | ||
| } | ||
| /** | ||
| * Remove optional padding from a base64url-encoded string | ||
| */ | ||
| export function trimPadding(input) { | ||
| return input.replace(/=/g, ''); | ||
| } |
@@ -1,9 +0,1 @@ | ||
| /// <reference types="node" /> | ||
| /// <reference types="node" /> | ||
| /// <reference types="node" /> | ||
| /// <reference types="node" /> | ||
| /// <reference types="node/crypto.js" /> | ||
| /// <reference types="node/crypto.js" /> | ||
| /// <reference types="node/stream.js" /> | ||
| /// <reference types="node/stream.js" /> | ||
| import type { Crypto } from '../../../deps.js'; | ||
@@ -19,285 +11,4 @@ /** | ||
| export declare const _getWebCryptoInternals: { | ||
| stubThisImportNodeCrypto: () => Promise<{ | ||
| default: typeof import("crypto"); | ||
| createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash; | ||
| createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash; | ||
| createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac; | ||
| createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac; | ||
| createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB; | ||
| createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB; | ||
| createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB; | ||
| createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB; | ||
| createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| generateKey(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void; | ||
| generateKey(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void; | ||
| generateKeySync(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }): import("crypto").KeyObject; | ||
| generateKeySync(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }): import("crypto").KeyObject; | ||
| createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject; | ||
| createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject; | ||
| createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject; | ||
| createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject; | ||
| createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject; | ||
| createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject; | ||
| createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject; | ||
| createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject; | ||
| createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign; | ||
| createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign; | ||
| createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify; | ||
| createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify; | ||
| createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup; | ||
| getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup; | ||
| createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup; | ||
| createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup; | ||
| pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer; | ||
| pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer; | ||
| randomBytes(size: number): Buffer; | ||
| randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| randomBytes(size: number): Buffer; | ||
| randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| pseudoRandomBytes(size: number): Buffer; | ||
| pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| pseudoRandomBytes(size: number): Buffer; | ||
| pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| randomInt(max: number): number; | ||
| randomInt(min: number, max: number): number; | ||
| randomInt(max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(max: number): number; | ||
| randomInt(min: number, max: number): number; | ||
| randomInt(max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number | undefined, size?: number | undefined): T; | ||
| randomFillSync<T_1 extends NodeJS.ArrayBufferView>(buffer: T_1, offset?: number | undefined, size?: number | undefined): T_1; | ||
| randomFill<T_2 extends NodeJS.ArrayBufferView>(buffer: T_2, callback: (err: Error | null, buf: T_2) => void): void; | ||
| randomFill<T_3 extends NodeJS.ArrayBufferView>(buffer: T_3, offset: number, callback: (err: Error | null, buf: T_3) => void): void; | ||
| randomFill<T_4 extends NodeJS.ArrayBufferView>(buffer: T_4, offset: number, size: number, callback: (err: Error | null, buf: T_4) => void): void; | ||
| randomFill<T_5 extends NodeJS.ArrayBufferView>(buffer: T_5, callback: (err: Error | null, buf: T_5) => void): void; | ||
| randomFill<T_6 extends NodeJS.ArrayBufferView>(buffer: T_6, offset: number, callback: (err: Error | null, buf: T_6) => void): void; | ||
| randomFill<T_7 extends NodeJS.ArrayBufferView>(buffer: T_7, offset: number, size: number, callback: (err: Error | null, buf: T_7) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer; | ||
| scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer; | ||
| publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| getCiphers(): string[]; | ||
| getCiphers(): string[]; | ||
| getCurves(): string[]; | ||
| getCurves(): string[]; | ||
| getFips(): 0 | 1; | ||
| getFips(): 0 | 1; | ||
| setFips(bool: boolean): void; | ||
| setFips(bool: boolean): void; | ||
| getHashes(): string[]; | ||
| getHashes(): string[]; | ||
| createECDH(curveName: string): import("crypto").ECDH; | ||
| createECDH(curveName: string): import("crypto").ECDH; | ||
| timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean; | ||
| timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPair: typeof import("crypto").generateKeyPair; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void; | ||
| diffieHellman(options: { | ||
| privateKey: import("crypto").KeyObject; | ||
| publicKey: import("crypto").KeyObject; | ||
| }): Buffer; | ||
| diffieHellman(options: { | ||
| privateKey: import("crypto").KeyObject; | ||
| publicKey: import("crypto").KeyObject; | ||
| }): Buffer; | ||
| getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined; | ||
| getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined; | ||
| hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void; | ||
| hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void; | ||
| hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer; | ||
| hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer; | ||
| secureHeapUsed(): import("crypto").SecureHeapUsage; | ||
| secureHeapUsed(): import("crypto").SecureHeapUsage; | ||
| randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`; | ||
| randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`; | ||
| generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void; | ||
| generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void; | ||
| generatePrimeSync(size: number): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer; | ||
| generatePrimeSync(size: number): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer; | ||
| checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean; | ||
| checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean; | ||
| setEngine(engine: string, flags?: number | undefined): void; | ||
| setEngine(engine: string, flags?: number | undefined): void; | ||
| getRandomValues<T_8 extends import("crypto").webcrypto.BufferSource>(typedArray: T_8): T_8; | ||
| getRandomValues<T_9 extends import("crypto").webcrypto.BufferSource>(typedArray: T_9): T_9; | ||
| Certificate: typeof import("crypto").Certificate; | ||
| constants: typeof import("crypto").constants; | ||
| fips: boolean; | ||
| Hash: typeof import("crypto").Hash; | ||
| Hmac: typeof import("crypto").Hmac; | ||
| KeyObject: typeof import("crypto").KeyObject; | ||
| Cipher: typeof import("crypto").Cipher; | ||
| Decipher: typeof import("crypto").Decipher; | ||
| Sign: typeof import("crypto").Sign; | ||
| Verify: typeof import("crypto").Verify; | ||
| DiffieHellman: typeof import("crypto").DiffieHellman; | ||
| DiffieHellmanGroup: import("crypto").DiffieHellmanGroupConstructor; | ||
| ECDH: typeof import("crypto").ECDH; | ||
| DEFAULT_ENCODING: BufferEncoding; | ||
| X509Certificate: typeof import("crypto").X509Certificate; | ||
| subtle: import("crypto").webcrypto.SubtleCrypto; | ||
| webcrypto: import("crypto").webcrypto.Crypto; | ||
| } | { | ||
| webcrypto: undefined; | ||
| }>; | ||
| stubThisGlobalThisCrypto: () => globalThis.Crypto; | ||
| setCachedCrypto: (newCrypto: Crypto | undefined) => void; | ||
| }; |
@@ -6,25 +6,30 @@ let webCrypto = undefined; | ||
| */ | ||
| export async function getWebCrypto() { | ||
| if (webCrypto) { | ||
| return webCrypto; | ||
| } | ||
| export function getWebCrypto() { | ||
| /** | ||
| * Naively attempt to access Crypto as a global object, which popular alternative run-times | ||
| * support. | ||
| * Hello there! If you came here wondering why this method is asynchronous when use of | ||
| * `globalThis.crypto` is not, it's to minimize a bunch of refactor related to making this | ||
| * synchronous. For example, `generateRegistrationOptions()` and `generateAuthenticationOptions()` | ||
| * become synchronous if we make this synchronous (since nothing else in that method is async) | ||
| * which represents a breaking API change in this library's core API. | ||
| * | ||
| * TODO: If it's after February 2025 when you read this then consider whether it still makes sense | ||
| * to keep this method asynchronous. | ||
| */ | ||
| const _globalThisCrypto = _getWebCryptoInternals.stubThisGlobalThisCrypto(); | ||
| if (_globalThisCrypto) { | ||
| webCrypto = _globalThisCrypto; | ||
| return webCrypto; | ||
| } | ||
| /** | ||
| * `globalThis.crypto` isn't available, so attempt a Node import... | ||
| */ | ||
| const _nodeCrypto = await _getWebCryptoInternals.stubThisImportNodeCrypto(); | ||
| if (_nodeCrypto?.webcrypto) { | ||
| webCrypto = _nodeCrypto.webcrypto; | ||
| return webCrypto; | ||
| } | ||
| // We tried to access it both in Node and globally, so bail out | ||
| throw new MissingWebCrypto(); | ||
| const toResolve = new Promise((resolve, reject) => { | ||
| if (webCrypto) { | ||
| return resolve(webCrypto); | ||
| } | ||
| /** | ||
| * Naively attempt to access Crypto as a global object, which popular ESM-centric run-times | ||
| * support (and Node v20+) | ||
| */ | ||
| const _globalThisCrypto = _getWebCryptoInternals.stubThisGlobalThisCrypto(); | ||
| if (_globalThisCrypto) { | ||
| webCrypto = _globalThisCrypto; | ||
| return resolve(webCrypto); | ||
| } | ||
| // We tried to access it both in Node and globally, so bail out | ||
| return reject(new MissingWebCrypto()); | ||
| }); | ||
| return toResolve; | ||
| } | ||
@@ -40,22 +45,2 @@ export class MissingWebCrypto extends Error { | ||
| export const _getWebCryptoInternals = { | ||
| stubThisImportNodeCrypto: async () => { | ||
| try { | ||
| // dnt-shim-ignore | ||
| /** | ||
| * The `webpackIgnore` here is to help support Next.js' Edge runtime. | ||
| * See https://github.com/MasterKale/SimpleWebAuthn/issues/517 for more info. | ||
| */ | ||
| const _nodeCrypto = await import(/* webpackIgnore: true */ 'crypto'); | ||
| return _nodeCrypto; | ||
| } | ||
| catch (_err) { | ||
| /** | ||
| * Intentionally declaring webcrypto as undefined because we're assuming the Node import | ||
| * failed due to either: | ||
| * - `import()` isn't supported | ||
| * - `node:crypto` is unavailable. | ||
| */ | ||
| return { webcrypto: undefined }; | ||
| } | ||
| }, | ||
| stubThisGlobalThisCrypto: () => globalThis.crypto, | ||
@@ -62,0 +47,0 @@ // Make it possible to reset the `webCrypto` at the top of the file |
@@ -8,6 +8,6 @@ import { isoBase64URL } from '../helpers/iso/index.js'; | ||
| return [ | ||
| JSON.parse(isoBase64URL.toString(parts[0])), | ||
| JSON.parse(isoBase64URL.toString(parts[1])), | ||
| JSON.parse(isoBase64URL.toUTF8String(parts[0])), | ||
| JSON.parse(isoBase64URL.toUTF8String(parts[1])), | ||
| parts[2], | ||
| ]; | ||
| } |
@@ -1,7 +0,7 @@ | ||
| import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture } from '../deps.js'; | ||
| import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON } from '../deps.js'; | ||
| export type GenerateRegistrationOptionsOpts = { | ||
| rpName: string; | ||
| rpID: string; | ||
| userID: string; | ||
| userName: string; | ||
| userID?: Uint8Array; | ||
| challenge?: string | Uint8Array; | ||
@@ -11,3 +11,6 @@ userDisplayName?: string; | ||
| attestationType?: AttestationConveyancePreference; | ||
| excludeCredentials?: PublicKeyCredentialDescriptorFuture[]; | ||
| excludeCredentials?: { | ||
| id: Base64URLString; | ||
| transports?: AuthenticatorTransportFuture[]; | ||
| }[]; | ||
| authenticatorSelection?: AuthenticatorSelectionCriteria; | ||
@@ -24,22 +27,19 @@ extensions?: AuthenticationExtensionsClientInputs; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration" | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator registration | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param rpName User-visible, "friendly" website/service name | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * @param userID User's website-specific unique ID | ||
| * @param userName User's website-specific username (email, etc...) | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * @param userDisplayName User's actual name | ||
| * @param timeout How long (in ms) the user can take to complete attestation | ||
| * @param attestationType Specific attestation statement | ||
| * @param excludeCredentials Authenticators registered by the user so the user can't register the | ||
| * same credential multiple times | ||
| * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that | ||
| * may be used | ||
| * @param extensions Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param rpName - User-visible, "friendly" website/service name | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param userName - User's website-specific username (email, etc...) | ||
| * @param userID **(Optional)** - User's website-specific unique ID. Defaults to generating a random identifier | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back. Defaults to generating a random value | ||
| * @param userDisplayName **(Optional)** - User's actual name. Defaults to `""` | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete attestation. Defaults to `60000` | ||
| * @param attestationType **(Optional)** - Specific attestation statement. Defaults to `"none"` | ||
| * @param excludeCredentials **(Optional)** - Authenticators registered by the user so the user can't register the same credential multiple times. Defaults to `[]` | ||
| * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]` | ||
| */ | ||
| export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<PublicKeyCredentialCreationOptionsJSON>; |
| import { generateChallenge } from '../helpers/generateChallenge.js'; | ||
| import { generateUserID } from '../helpers/generateUserID.js'; | ||
| import { isoBase64URL, isoUint8Array } from '../helpers/iso/index.js'; | ||
@@ -49,24 +50,21 @@ /** | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration" | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator registration | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param rpName User-visible, "friendly" website/service name | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * @param userID User's website-specific unique ID | ||
| * @param userName User's website-specific username (email, etc...) | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * @param userDisplayName User's actual name | ||
| * @param timeout How long (in ms) the user can take to complete attestation | ||
| * @param attestationType Specific attestation statement | ||
| * @param excludeCredentials Authenticators registered by the user so the user can't register the | ||
| * same credential multiple times | ||
| * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that | ||
| * may be used | ||
| * @param extensions Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param rpName - User-visible, "friendly" website/service name | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param userName - User's website-specific username (email, etc...) | ||
| * @param userID **(Optional)** - User's website-specific unique ID. Defaults to generating a random identifier | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back. Defaults to generating a random value | ||
| * @param userDisplayName **(Optional)** - User's actual name. Defaults to `""` | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete attestation. Defaults to `60000` | ||
| * @param attestationType **(Optional)** - Specific attestation statement. Defaults to `"none"` | ||
| * @param excludeCredentials **(Optional)** - Authenticators registered by the user so the user can't register the same credential multiple times. Defaults to `[]` | ||
| * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]` | ||
| */ | ||
| export async function generateRegistrationOptions(options) { | ||
| const { rpName, rpID, userID, userName, challenge = await generateChallenge(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options; | ||
| const { rpName, rpID, userName, userID, challenge = await generateChallenge(), userDisplayName = '', timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options; | ||
| /** | ||
@@ -119,2 +117,16 @@ * Prepare pubKeyCredParams from the array of algorithm ID's | ||
| } | ||
| /** | ||
| * Explicitly disallow use of strings for userID anymore because `isoBase64URL.fromBuffer()` below | ||
| * will return an empty string if one gets through! | ||
| */ | ||
| if (typeof userID === 'string') { | ||
| throw new Error(`String values for \`userID\` are no longer supported. See https://simplewebauthn.dev/docs/advanced/server/custom-user-ids`); | ||
| } | ||
| /** | ||
| * Generate a user ID if one is not provided | ||
| */ | ||
| let _userID = userID; | ||
| if (!_userID) { | ||
| _userID = await generateUserID(); | ||
| } | ||
| return { | ||
@@ -127,3 +139,3 @@ challenge: isoBase64URL.fromBuffer(_challenge), | ||
| user: { | ||
| id: userID, | ||
| id: isoBase64URL.fromBuffer(_userID), | ||
| name: userName, | ||
@@ -135,6 +147,12 @@ displayName: userDisplayName, | ||
| attestation: attestationType, | ||
| excludeCredentials: excludeCredentials.map((cred) => ({ | ||
| ...cred, | ||
| id: isoBase64URL.fromBuffer(cred.id), | ||
| })), | ||
| excludeCredentials: excludeCredentials.map((cred) => { | ||
| if (!isoBase64URL.isBase64URL(cred.id)) { | ||
| throw new Error(`excludeCredential id "${cred.id}" is not a valid base64url string`); | ||
| } | ||
| return { | ||
| ...cred, | ||
| id: isoBase64URL.trimPadding(cred.id), | ||
| type: 'public-key', | ||
| }; | ||
| }), | ||
| authenticatorSelection, | ||
@@ -141,0 +159,0 @@ extensions: { |
@@ -26,4 +26,4 @@ import { toHash } from '../../helpers/toHash.js'; | ||
| const jwtParts = jwt.split('.'); | ||
| const HEADER = JSON.parse(isoBase64URL.toString(jwtParts[0])); | ||
| const PAYLOAD = JSON.parse(isoBase64URL.toString(jwtParts[1])); | ||
| const HEADER = JSON.parse(isoBase64URL.toUTF8String(jwtParts[0])); | ||
| const PAYLOAD = JSON.parse(isoBase64URL.toUTF8String(jwtParts[1])); | ||
| const SIGNATURE = jwtParts[2]; | ||
@@ -30,0 +30,0 @@ /** |
@@ -1,2 +0,2 @@ | ||
| import type { COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON } from '../deps.js'; | ||
| import type { Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON } from '../deps.js'; | ||
| import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject.js'; | ||
@@ -18,12 +18,9 @@ import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js'; | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateRegistrationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.create') | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateRegistrationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.create') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to all supported algorithm IDs | ||
| */ | ||
@@ -63,3 +60,3 @@ export declare function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>; | ||
| aaguid: string; | ||
| credentialID: Uint8Array; | ||
| credentialID: Base64URLString; | ||
| credentialPublicKey: Uint8Array; | ||
@@ -66,0 +63,0 @@ credentialType: 'public-key'; |
@@ -24,12 +24,9 @@ import { decodeAttestationObject, } from '../helpers/decodeAttestationObject.js'; | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateRegistrationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.create') | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateRegistrationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.create') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to all supported algorithm IDs | ||
| */ | ||
@@ -198,3 +195,3 @@ export async function verifyRegistrationResponse(options) { | ||
| aaguid: convertAAGUIDToString(aaguid), | ||
| credentialID, | ||
| credentialID: isoBase64URL.fromBuffer(credentialID), | ||
| credentialPublicKey, | ||
@@ -201,0 +198,0 @@ credentialType, |
@@ -5,3 +5,3 @@ { | ||
| "name": "@simplewebauthn/server", | ||
| "version": "9.0.3", | ||
| "version": "10.0.0", | ||
| "description": "SimpleWebAuthn for Servers", | ||
@@ -20,3 +20,3 @@ "license": "MIT", | ||
| "engines": { | ||
| "node": ">=16.0.0" | ||
| "node": ">=20.0.0" | ||
| }, | ||
@@ -61,3 +61,3 @@ "bugs": { | ||
| "@peculiar/asn1-x509": "^2.3.8", | ||
| "@simplewebauthn/types": "^9.0.1", | ||
| "@simplewebauthn/types": "^10.0.0", | ||
| "cross-fetch": "^4.0.0" | ||
@@ -64,0 +64,0 @@ }, |
@@ -7,3 +7,3 @@ # @simplewebauthn/server <!-- omit in toc --> | ||
| - [Installation](#installation) | ||
| - [Node LTS 16.x or higher](#node-lts-16x-or-higher) | ||
| - [Node LTS 20.x or higher](#node-lts-20x-or-higher) | ||
| - [Deno v1.33.x or higher](#deno-v133x-or-higher) | ||
@@ -15,3 +15,3 @@ - [Usage](#usage) | ||
| ### Node LTS 16.x or higher | ||
| ### Node LTS 20.x or higher | ||
@@ -18,0 +18,0 @@ This package is available on **npm** and supports **both CommonJS and |
@@ -1,4 +0,8 @@ | ||
| import type { AuthenticationExtensionsClientInputs, PublicKeyCredentialDescriptorFuture, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '../deps.js'; | ||
| import type { AuthenticationExtensionsClientInputs, AuthenticatorTransportFuture, Base64URLString, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '../deps.js'; | ||
| export type GenerateAuthenticationOptionsOpts = { | ||
| allowCredentials?: PublicKeyCredentialDescriptorFuture[]; | ||
| rpID: string; | ||
| allowCredentials?: { | ||
| id: Base64URLString; | ||
| transports?: AuthenticatorTransportFuture[]; | ||
| }[]; | ||
| challenge?: string | Uint8Array; | ||
@@ -8,17 +12,15 @@ timeout?: number; | ||
| extensions?: AuthenticationExtensionsClientInputs; | ||
| rpID?: string; | ||
| }; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login" | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator authentication | ||
| * | ||
| * @param allowCredentials Authenticators previously registered by the user, if any. If undefined | ||
| * the client will ask the user which credential they want to use | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * user for authentication | ||
| * @param timeout How long (in ms) the user can take to complete authentication | ||
| * @param userVerification Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise | ||
| * set to `'preferred'` or `'required'` as desired. | ||
| * @param extensions Additional plugins the authenticator or browser should use during authentication | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * **Options:** | ||
| * | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param allowCredentials **(Optional)** - Authenticators previously registered by the user, if any. If undefined the client will ask the user which credential they want to use | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back user for authentication. Defaults to generating a random value | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete authentication. Defaults to `60000` | ||
| * @param userVerification **(Optional)** - Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise set to `'preferred'` or `'required'` as desired. Defaults to `"preferred"` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during authentication | ||
| */ | ||
| export declare function generateAuthenticationOptions(options?: GenerateAuthenticationOptionsOpts): Promise<PublicKeyCredentialRequestOptionsJSON>; | ||
| export declare function generateAuthenticationOptions(options: GenerateAuthenticationOptionsOpts): Promise<PublicKeyCredentialRequestOptionsJSON>; |
@@ -7,15 +7,14 @@ "use strict"; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login" | ||
| * Prepare a value to pass into navigator.credentials.get(...) for authenticator authentication | ||
| * | ||
| * @param allowCredentials Authenticators previously registered by the user, if any. If undefined | ||
| * the client will ask the user which credential they want to use | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * user for authentication | ||
| * @param timeout How long (in ms) the user can take to complete authentication | ||
| * @param userVerification Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise | ||
| * set to `'preferred'` or `'required'` as desired. | ||
| * @param extensions Additional plugins the authenticator or browser should use during authentication | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * **Options:** | ||
| * | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param allowCredentials **(Optional)** - Authenticators previously registered by the user, if any. If undefined the client will ask the user which credential they want to use | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back user for authentication. Defaults to generating a random value | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete authentication. Defaults to `60000` | ||
| * @param userVerification **(Optional)** - Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise set to `'preferred'` or `'required'` as desired. Defaults to `"preferred"` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during authentication | ||
| */ | ||
| async function generateAuthenticationOptions(options = {}) { | ||
| async function generateAuthenticationOptions(options) { | ||
| const { allowCredentials, challenge = await (0, generateChallenge_js_1.generateChallenge)(), timeout = 60000, userVerification = 'preferred', extensions, rpID, } = options; | ||
@@ -30,13 +29,19 @@ /** | ||
| return { | ||
| rpId: rpID, | ||
| challenge: index_js_1.isoBase64URL.fromBuffer(_challenge), | ||
| allowCredentials: allowCredentials?.map((cred) => ({ | ||
| ...cred, | ||
| id: index_js_1.isoBase64URL.fromBuffer(cred.id), | ||
| })), | ||
| allowCredentials: allowCredentials?.map((cred) => { | ||
| if (!index_js_1.isoBase64URL.isBase64URL(cred.id)) { | ||
| throw new Error(`excludeCredential id "${cred.id}" is not a valid base64url string`); | ||
| } | ||
| return { | ||
| ...cred, | ||
| id: index_js_1.isoBase64URL.trimPadding(cred.id), | ||
| type: 'public-key', | ||
| }; | ||
| }), | ||
| timeout, | ||
| userVerification, | ||
| extensions, | ||
| rpId: rpID, | ||
| }; | ||
| } | ||
| exports.generateAuthenticationOptions = generateAuthenticationOptions; |
@@ -1,2 +0,2 @@ | ||
| import type { AuthenticationResponseJSON, AuthenticatorDevice, CredentialDeviceType, UserVerificationRequirement } from '../deps.js'; | ||
| import type { AuthenticationResponseJSON, AuthenticatorDevice, Base64URLString, CredentialDeviceType, UserVerificationRequirement } from '../deps.js'; | ||
| import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js'; | ||
@@ -8,4 +8,4 @@ export type VerifyAuthenticationResponseOpts = { | ||
| expectedRPID: string | string[]; | ||
| authenticator: AuthenticatorDevice; | ||
| expectedType?: string | string[]; | ||
| authenticator: AuthenticatorDevice; | ||
| requireUserVerification?: boolean; | ||
@@ -17,20 +17,15 @@ advancedFIDOConfig?: { | ||
| /** | ||
| * Verify that the user has legitimately completed the login process | ||
| * Verify that the user has legitimately completed the authentication process | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateAuthenticationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.get') | ||
| * @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature | ||
| * requirements | ||
| * @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the | ||
| * User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional | ||
| * unless this value is `"required"` | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.get') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements | ||
| * @param advancedFIDOConfig.userVerification **(Optional)** - Enable alternative rules for evaluating the User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional unless this value is `"required"` | ||
| */ | ||
@@ -61,3 +56,3 @@ export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): Promise<VerifiedAuthenticationResponse>; | ||
| authenticationInfo: { | ||
| credentialID: Uint8Array; | ||
| credentialID: Base64URLString; | ||
| newCounter: number; | ||
@@ -64,0 +59,0 @@ userVerified: boolean; |
@@ -12,20 +12,15 @@ "use strict"; | ||
| /** | ||
| * Verify that the user has legitimately completed the login process | ||
| * Verify that the user has legitimately completed the authentication process | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateAuthenticationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.get') | ||
| * @param authenticator An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param advancedFIDOConfig (Optional) Options for satisfying more stringent FIDO RP feature | ||
| * requirements | ||
| * @param advancedFIDOConfig.userVerification (Optional) Enable alternative rules for evaluating the | ||
| * User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional | ||
| * unless this value is `"required"` | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAssertion()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.get') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements | ||
| * @param advancedFIDOConfig.userVerification **(Optional)** - Enable alternative rules for evaluating the User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional unless this value is `"required"` | ||
| */ | ||
@@ -91,6 +86,6 @@ async function verifyAuthenticationResponse(options) { | ||
| } | ||
| if (!index_js_1.isoBase64URL.isBase64url(assertionResponse.authenticatorData)) { | ||
| if (!index_js_1.isoBase64URL.isBase64URL(assertionResponse.authenticatorData)) { | ||
| throw new Error('Credential response authenticatorData was not a base64url string'); | ||
| } | ||
| if (!index_js_1.isoBase64URL.isBase64url(assertionResponse.signature)) { | ||
| if (!index_js_1.isoBase64URL.isBase64URL(assertionResponse.signature)) { | ||
| throw new Error('Credential response signature was not a base64url string'); | ||
@@ -97,0 +92,0 @@ } |
@@ -1,2 +0,2 @@ | ||
| export type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticationResponseJSON, AuthenticatorDevice, AuthenticatorSelectionCriteria, Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, Crypto, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture, PublicKeyCredentialParameters, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, UserVerificationRequirement, } from '@simplewebauthn/types'; | ||
| export type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticationResponseJSON, AuthenticatorDevice, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, Crypto, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialParameters, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, UserVerificationRequirement, } from '@simplewebauthn/types'; | ||
| export * as tinyCbor from '@levischuck/tiny-cbor'; | ||
@@ -3,0 +3,0 @@ export { default as base64 } from '@hexagon/base64'; |
@@ -14,3 +14,3 @@ "use strict"; | ||
| if (typeof certBuffer === 'string') { | ||
| if (index_js_1.isoBase64URL.isBase64url(certBuffer)) { | ||
| if (index_js_1.isoBase64URL.isBase64URL(certBuffer)) { | ||
| b64cert = index_js_1.isoBase64URL.toBase64(certBuffer); | ||
@@ -17,0 +17,0 @@ } |
@@ -0,5 +1,6 @@ | ||
| import type { Base64URLString } from '../deps.js'; | ||
| /** | ||
| * Decode an authenticator's base64url-encoded clientDataJSON to JSON | ||
| */ | ||
| export declare function decodeClientDataJSON(data: string): ClientDataJSON; | ||
| export declare function decodeClientDataJSON(data: Base64URLString): ClientDataJSON; | ||
| export type ClientDataJSON = { | ||
@@ -6,0 +7,0 @@ type: string; |
@@ -9,3 +9,3 @@ "use strict"; | ||
| function decodeClientDataJSON(data) { | ||
| const toString = index_js_1.isoBase64URL.toString(data); | ||
| const toString = index_js_1.isoBase64URL.toUTF8String(data); | ||
| const clientData = JSON.parse(toString); | ||
@@ -12,0 +12,0 @@ return exports._decodeClientDataJSONInternals.stubThis(clientData); |
@@ -8,2 +8,3 @@ import { convertAAGUIDToString } from './convertAAGUIDToString.js'; | ||
| import { generateChallenge } from './generateChallenge.js'; | ||
| import { generateUserID } from './generateUserID.js'; | ||
| import { getCertificateInfo } from './getCertificateInfo.js'; | ||
@@ -17,3 +18,3 @@ import { isCertRevoked } from './isCertRevoked.js'; | ||
| import * as cose from './cose.js'; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; | ||
| export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, cose, decodeAttestationObject, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, generateUserID, getCertificateInfo, isCertRevoked, isoBase64URL, isoCBOR, isoCrypto, isoUint8Array, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, }; | ||
| import type { AttestationFormat, AttestationObject, AttestationStatement } from './decodeAttestationObject.js'; | ||
@@ -20,0 +21,0 @@ import type { CertificateInfo } from './getCertificateInfo.js'; |
@@ -26,3 +26,3 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.verifySignature = exports.validateCertificatePath = exports.toHash = exports.parseAuthenticatorData = exports.isoUint8Array = exports.isoCrypto = exports.isoCBOR = exports.isoBase64URL = exports.isCertRevoked = exports.getCertificateInfo = exports.generateChallenge = exports.decodeCredentialPublicKey = exports.decodeClientDataJSON = exports.decodeAttestationObject = exports.cose = exports.convertCOSEtoPKCS = exports.convertCertBufferToPEM = exports.convertAAGUIDToString = void 0; | ||
| exports.verifySignature = exports.validateCertificatePath = exports.toHash = exports.parseAuthenticatorData = exports.isoUint8Array = exports.isoCrypto = exports.isoCBOR = exports.isoBase64URL = exports.isCertRevoked = exports.getCertificateInfo = exports.generateUserID = exports.generateChallenge = exports.decodeCredentialPublicKey = exports.decodeClientDataJSON = exports.decodeAttestationObject = exports.cose = exports.convertCOSEtoPKCS = exports.convertCertBufferToPEM = exports.convertAAGUIDToString = void 0; | ||
| const convertAAGUIDToString_js_1 = require("./convertAAGUIDToString.js"); | ||
@@ -42,2 +42,4 @@ Object.defineProperty(exports, "convertAAGUIDToString", { enumerable: true, get: function () { return convertAAGUIDToString_js_1.convertAAGUIDToString; } }); | ||
| Object.defineProperty(exports, "generateChallenge", { enumerable: true, get: function () { return generateChallenge_js_1.generateChallenge; } }); | ||
| const generateUserID_js_1 = require("./generateUserID.js"); | ||
| Object.defineProperty(exports, "generateUserID", { enumerable: true, get: function () { return generateUserID_js_1.generateUserID; } }); | ||
| const getCertificateInfo_js_1 = require("./getCertificateInfo.js"); | ||
@@ -44,0 +46,0 @@ Object.defineProperty(exports, "getCertificateInfo", { enumerable: true, get: function () { return getCertificateInfo_js_1.getCertificateInfo; } }); |
@@ -0,1 +1,2 @@ | ||
| import type { Base64URLString } from '../../deps.js'; | ||
| /** | ||
@@ -23,9 +24,9 @@ * Decode from a Base64URL-encoded string to an ArrayBuffer. Best used when converting a | ||
| /** | ||
| * Encode a string to base64url | ||
| * Encode a UTF-8 string to base64url | ||
| */ | ||
| export declare function fromString(ascii: string): string; | ||
| export declare function fromUTF8String(utf8String: string): string; | ||
| /** | ||
| * Decode a base64url string into its original string | ||
| * Decode a base64url string into its original UTF-8 string | ||
| */ | ||
| export declare function toString(base64urlString: string): string; | ||
| export declare function toUTF8String(base64urlString: string): string; | ||
| /** | ||
@@ -38,2 +39,6 @@ * Confirm that the string is encoded into base64 | ||
| */ | ||
| export declare function isBase64url(input: string): boolean; | ||
| export declare function isBase64URL(input: string): boolean; | ||
| /** | ||
| * Remove optional padding from a base64url-encoded string | ||
| */ | ||
| export declare function trimPadding(input: Base64URLString): Base64URLString; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.isBase64url = exports.isBase64 = exports.toString = exports.fromString = exports.toBase64 = exports.fromBuffer = exports.toBuffer = void 0; | ||
| exports.trimPadding = exports.isBase64URL = exports.isBase64 = exports.toUTF8String = exports.fromUTF8String = exports.toBase64 = exports.fromBuffer = exports.toBuffer = void 0; | ||
| const deps_js_1 = require("../../deps.js"); | ||
@@ -39,15 +39,15 @@ /** | ||
| /** | ||
| * Encode a string to base64url | ||
| * Encode a UTF-8 string to base64url | ||
| */ | ||
| function fromString(ascii) { | ||
| return deps_js_1.base64.fromString(ascii, true); | ||
| function fromUTF8String(utf8String) { | ||
| return deps_js_1.base64.fromString(utf8String, true); | ||
| } | ||
| exports.fromString = fromString; | ||
| exports.fromUTF8String = fromUTF8String; | ||
| /** | ||
| * Decode a base64url string into its original string | ||
| * Decode a base64url string into its original UTF-8 string | ||
| */ | ||
| function toString(base64urlString) { | ||
| function toUTF8String(base64urlString) { | ||
| return deps_js_1.base64.toString(base64urlString, true); | ||
| } | ||
| exports.toString = toString; | ||
| exports.toUTF8String = toUTF8String; | ||
| /** | ||
@@ -63,7 +63,14 @@ * Confirm that the string is encoded into base64 | ||
| */ | ||
| function isBase64url(input) { | ||
| function isBase64URL(input) { | ||
| // Trim padding characters from the string if present | ||
| input = input.replace(/=/g, ''); | ||
| input = trimPadding(input); | ||
| return deps_js_1.base64.validate(input, true); | ||
| } | ||
| exports.isBase64url = isBase64url; | ||
| exports.isBase64URL = isBase64URL; | ||
| /** | ||
| * Remove optional padding from a base64url-encoded string | ||
| */ | ||
| function trimPadding(input) { | ||
| return input.replace(/=/g, ''); | ||
| } | ||
| exports.trimPadding = trimPadding; |
@@ -1,8 +0,1 @@ | ||
| /// <reference types="node" /> | ||
| /// <reference types="node" /> | ||
| /// <reference types="node" /> | ||
| /// <reference types="node/crypto.js" /> | ||
| /// <reference types=".deno/@types+node@18.16.19/node_modules/@types/node/crypto.js" /> | ||
| /// <reference types="node/stream.js" /> | ||
| /// <reference types=".deno/@types+node@18.16.19/node_modules/@types/node/stream.js" /> | ||
| import type { Crypto } from '../../../deps.js'; | ||
@@ -18,285 +11,4 @@ /** | ||
| export declare const _getWebCryptoInternals: { | ||
| stubThisImportNodeCrypto: () => Promise<{ | ||
| default: typeof import("crypto"); | ||
| createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash; | ||
| createHash(algorithm: string, options?: import("crypto").HashOptions | undefined): import("crypto").Hash; | ||
| createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac; | ||
| createHmac(algorithm: string, key: import("crypto").KeyObject | import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Hmac; | ||
| createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB; | ||
| createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createCipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").CipherCCM; | ||
| createCipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").CipherOCB; | ||
| createCipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").CipherGCM; | ||
| createCipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Cipher; | ||
| createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipher(algorithm: import("crypto").CipherCCMTypes, password: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipher(algorithm: import("crypto").CipherGCMTypes, password: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipher(algorithm: string, password: import("crypto").BinaryLike, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB; | ||
| createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| createDecipheriv(algorithm: import("crypto").CipherCCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherCCMOptions): import("crypto").DecipherCCM; | ||
| createDecipheriv(algorithm: import("crypto").CipherOCBTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options: import("crypto").CipherOCBOptions): import("crypto").DecipherOCB; | ||
| createDecipheriv(algorithm: import("crypto").CipherGCMTypes, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike, options?: import("crypto").CipherGCMOptions | undefined): import("crypto").DecipherGCM; | ||
| createDecipheriv(algorithm: string, key: import("crypto").CipherKey, iv: import("crypto").BinaryLike | null, options?: import("stream").TransformOptions | undefined): import("crypto").Decipher; | ||
| generateKey(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void; | ||
| generateKey(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }, callback: (err: Error | null, key: import("crypto").KeyObject) => void): void; | ||
| generateKeySync(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }): import("crypto").KeyObject; | ||
| generateKeySync(type: "hmac" | "aes", options: { | ||
| length: number; | ||
| }): import("crypto").KeyObject; | ||
| createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject; | ||
| createPrivateKey(key: string | import("crypto").PrivateKeyInput | Buffer | import("crypto").JsonWebKeyInput): import("crypto").KeyObject; | ||
| createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject; | ||
| createPublicKey(key: string | import("crypto").KeyObject | Buffer | import("crypto").JsonWebKeyInput | import("crypto").PublicKeyInput): import("crypto").KeyObject; | ||
| createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject; | ||
| createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject; | ||
| createSecretKey(key: NodeJS.ArrayBufferView): import("crypto").KeyObject; | ||
| createSecretKey(key: string, encoding: BufferEncoding): import("crypto").KeyObject; | ||
| createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign; | ||
| createSign(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Sign; | ||
| createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify; | ||
| createVerify(algorithm: string, options?: import("stream").WritableOptions | undefined): import("crypto").Verify; | ||
| createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(primeLength: number, generator?: number | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: ArrayBuffer | NodeJS.ArrayBufferView, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator?: number | ArrayBuffer | NodeJS.ArrayBufferView | undefined): import("crypto").DiffieHellman; | ||
| createDiffieHellman(prime: string, primeEncoding: import("crypto").BinaryToTextEncoding, generator: string, generatorEncoding: import("crypto").BinaryToTextEncoding): import("crypto").DiffieHellman; | ||
| getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup; | ||
| getDiffieHellman(groupName: string): import("crypto").DiffieHellmanGroup; | ||
| createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup; | ||
| createDiffieHellmanGroup(name: string): import("crypto").DiffieHellmanGroup; | ||
| pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| pbkdf2(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer; | ||
| pbkdf2Sync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, iterations: number, keylen: number, digest: string): Buffer; | ||
| randomBytes(size: number): Buffer; | ||
| randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| randomBytes(size: number): Buffer; | ||
| randomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| pseudoRandomBytes(size: number): Buffer; | ||
| pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| pseudoRandomBytes(size: number): Buffer; | ||
| pseudoRandomBytes(size: number, callback: (err: Error | null, buf: Buffer) => void): void; | ||
| randomInt(max: number): number; | ||
| randomInt(min: number, max: number): number; | ||
| randomInt(max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(max: number): number; | ||
| randomInt(min: number, max: number): number; | ||
| randomInt(max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomInt(min: number, max: number, callback: (err: Error | null, value: number) => void): void; | ||
| randomFillSync<T extends NodeJS.ArrayBufferView>(buffer: T, offset?: number | undefined, size?: number | undefined): T; | ||
| randomFillSync<T_1 extends NodeJS.ArrayBufferView>(buffer: T_1, offset?: number | undefined, size?: number | undefined): T_1; | ||
| randomFill<T_2 extends NodeJS.ArrayBufferView>(buffer: T_2, callback: (err: Error | null, buf: T_2) => void): void; | ||
| randomFill<T_3 extends NodeJS.ArrayBufferView>(buffer: T_3, offset: number, callback: (err: Error | null, buf: T_3) => void): void; | ||
| randomFill<T_4 extends NodeJS.ArrayBufferView>(buffer: T_4, offset: number, size: number, callback: (err: Error | null, buf: T_4) => void): void; | ||
| randomFill<T_5 extends NodeJS.ArrayBufferView>(buffer: T_5, callback: (err: Error | null, buf: T_5) => void): void; | ||
| randomFill<T_6 extends NodeJS.ArrayBufferView>(buffer: T_6, offset: number, callback: (err: Error | null, buf: T_6) => void): void; | ||
| randomFill<T_7 extends NodeJS.ArrayBufferView>(buffer: T_7, offset: number, size: number, callback: (err: Error | null, buf: T_7) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scrypt(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options: import("crypto").ScryptOptions, callback: (err: Error | null, derivedKey: Buffer) => void): void; | ||
| scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer; | ||
| scryptSync(password: import("crypto").BinaryLike, salt: import("crypto").BinaryLike, keylen: number, options?: import("crypto").ScryptOptions | undefined): Buffer; | ||
| publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicEncrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| publicDecrypt(key: import("crypto").RsaPublicKey | import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateDecrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| privateEncrypt(privateKey: import("crypto").RsaPrivateKey | import("crypto").KeyLike, buffer: NodeJS.ArrayBufferView): Buffer; | ||
| getCiphers(): string[]; | ||
| getCiphers(): string[]; | ||
| getCurves(): string[]; | ||
| getCurves(): string[]; | ||
| getFips(): 0 | 1; | ||
| getFips(): 0 | 1; | ||
| setFips(bool: boolean): void; | ||
| setFips(bool: boolean): void; | ||
| getHashes(): string[]; | ||
| getHashes(): string[]; | ||
| createECDH(curveName: string): import("crypto").ECDH; | ||
| createECDH(curveName: string): import("crypto").ECDH; | ||
| timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean; | ||
| timingSafeEqual(a: NodeJS.ArrayBufferView, b: NodeJS.ArrayBufferView): boolean; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa", options: import("crypto").RSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "rsa-pss", options: import("crypto").RSAPSSKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "dsa", options: import("crypto").DSAKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ec", options: import("crypto").ECKeyPairKeyObjectOptions): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed25519", options: import("crypto").ED25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed25519", options?: import("crypto").ED25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "ed448", options: import("crypto").ED448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "ed448", options?: import("crypto").ED448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x25519", options: import("crypto").X25519KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x25519", options?: import("crypto").X25519KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "pem">): import("crypto").KeyPairSyncResult<string, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"pem", "der">): import("crypto").KeyPairSyncResult<string, Buffer>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "pem">): import("crypto").KeyPairSyncResult<Buffer, string>; | ||
| generateKeyPairSync(type: "x448", options: import("crypto").X448KeyPairOptions<"der", "der">): import("crypto").KeyPairSyncResult<Buffer, Buffer>; | ||
| generateKeyPairSync(type: "x448", options?: import("crypto").X448KeyPairKeyObjectOptions | undefined): import("crypto").KeyPairKeyObjectResult; | ||
| generateKeyPair: typeof import("crypto").generateKeyPair; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput): Buffer; | ||
| sign(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").SignKeyObjectInput | import("crypto").SignPrivateKeyInput, callback: (error: Error | null, data: Buffer) => void): void; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView): boolean; | ||
| verify(algorithm: string | null | undefined, data: NodeJS.ArrayBufferView, key: import("crypto").KeyLike | import("crypto").VerifyKeyObjectInput | import("crypto").VerifyPublicKeyInput | import("crypto").VerifyJsonWebKeyInput, signature: NodeJS.ArrayBufferView, callback: (error: Error | null, result: boolean) => void): void; | ||
| diffieHellman(options: { | ||
| privateKey: import("crypto").KeyObject; | ||
| publicKey: import("crypto").KeyObject; | ||
| }): Buffer; | ||
| diffieHellman(options: { | ||
| privateKey: import("crypto").KeyObject; | ||
| publicKey: import("crypto").KeyObject; | ||
| }): Buffer; | ||
| getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined; | ||
| getCipherInfo(nameOrNid: string | number, options?: import("crypto").CipherInfoOptions | undefined): import("crypto").CipherInfo | undefined; | ||
| hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void; | ||
| hkdf(digest: string, irm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number, callback: (err: Error | null, derivedKey: ArrayBuffer) => void): void; | ||
| hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer; | ||
| hkdfSync(digest: string, ikm: import("crypto").KeyObject | import("crypto").BinaryLike, salt: import("crypto").BinaryLike, info: import("crypto").BinaryLike, keylen: number): ArrayBuffer; | ||
| secureHeapUsed(): import("crypto").SecureHeapUsage; | ||
| secureHeapUsed(): import("crypto").SecureHeapUsage; | ||
| randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`; | ||
| randomUUID(options?: import("crypto").RandomUUIDOptions | undefined): `${string}-${string}-${string}-${string}-${string}`; | ||
| generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void; | ||
| generatePrime(size: number, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsBigInt, callback: (err: Error | null, prime: bigint) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer, callback: (err: Error | null, prime: ArrayBuffer) => void): void; | ||
| generatePrime(size: number, options: import("crypto").GeneratePrimeOptions, callback: (err: Error | null, prime: bigint | ArrayBuffer) => void): void; | ||
| generatePrimeSync(size: number): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer; | ||
| generatePrimeSync(size: number): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsBigInt): bigint; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptionsArrayBuffer): ArrayBuffer; | ||
| generatePrimeSync(size: number, options: import("crypto").GeneratePrimeOptions): bigint | ArrayBuffer; | ||
| checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrime(value: import("crypto").LargeNumberLike, options: import("crypto").CheckPrimeOptions, callback: (err: Error | null, result: boolean) => void): void; | ||
| checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean; | ||
| checkPrimeSync(candidate: import("crypto").LargeNumberLike, options?: import("crypto").CheckPrimeOptions | undefined): boolean; | ||
| setEngine(engine: string, flags?: number | undefined): void; | ||
| setEngine(engine: string, flags?: number | undefined): void; | ||
| getRandomValues<T_8 extends import("crypto").webcrypto.BufferSource>(typedArray: T_8): T_8; | ||
| getRandomValues<T_9 extends import("crypto").webcrypto.BufferSource>(typedArray: T_9): T_9; | ||
| Certificate: typeof import("crypto").Certificate; | ||
| constants: typeof import("crypto").constants; | ||
| fips: boolean; | ||
| Hash: typeof import("crypto").Hash; | ||
| Hmac: typeof import("crypto").Hmac; | ||
| KeyObject: typeof import("crypto").KeyObject; | ||
| Cipher: typeof import("crypto").Cipher; | ||
| Decipher: typeof import("crypto").Decipher; | ||
| Sign: typeof import("crypto").Sign; | ||
| Verify: typeof import("crypto").Verify; | ||
| DiffieHellman: typeof import("crypto").DiffieHellman; | ||
| DiffieHellmanGroup: import("crypto").DiffieHellmanGroupConstructor; | ||
| ECDH: typeof import("crypto").ECDH; | ||
| DEFAULT_ENCODING: BufferEncoding; | ||
| X509Certificate: typeof import("crypto").X509Certificate; | ||
| subtle: import("crypto").webcrypto.SubtleCrypto; | ||
| webcrypto: import("crypto").webcrypto.Crypto; | ||
| } | { | ||
| webcrypto: undefined; | ||
| }>; | ||
| stubThisGlobalThisCrypto: () => globalThis.Crypto; | ||
| setCachedCrypto: (newCrypto: Crypto | undefined) => void; | ||
| }; |
| "use strict"; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| var desc = Object.getOwnPropertyDescriptor(m, k); | ||
| if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { | ||
| desc = { enumerable: true, get: function() { return m[k]; } }; | ||
| } | ||
| Object.defineProperty(o, k2, desc); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
| Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
| }) : function(o, v) { | ||
| o["default"] = v; | ||
| }); | ||
| var __importStar = (this && this.__importStar) || function (mod) { | ||
| if (mod && mod.__esModule) return mod; | ||
| var result = {}; | ||
| if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
| __setModuleDefault(result, mod); | ||
| return result; | ||
| }; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
@@ -32,25 +9,30 @@ exports._getWebCryptoInternals = exports.MissingWebCrypto = exports.getWebCrypto = void 0; | ||
| */ | ||
| async function getWebCrypto() { | ||
| if (webCrypto) { | ||
| return webCrypto; | ||
| } | ||
| function getWebCrypto() { | ||
| /** | ||
| * Naively attempt to access Crypto as a global object, which popular alternative run-times | ||
| * support. | ||
| * Hello there! If you came here wondering why this method is asynchronous when use of | ||
| * `globalThis.crypto` is not, it's to minimize a bunch of refactor related to making this | ||
| * synchronous. For example, `generateRegistrationOptions()` and `generateAuthenticationOptions()` | ||
| * become synchronous if we make this synchronous (since nothing else in that method is async) | ||
| * which represents a breaking API change in this library's core API. | ||
| * | ||
| * TODO: If it's after February 2025 when you read this then consider whether it still makes sense | ||
| * to keep this method asynchronous. | ||
| */ | ||
| const _globalThisCrypto = exports._getWebCryptoInternals.stubThisGlobalThisCrypto(); | ||
| if (_globalThisCrypto) { | ||
| webCrypto = _globalThisCrypto; | ||
| return webCrypto; | ||
| } | ||
| /** | ||
| * `globalThis.crypto` isn't available, so attempt a Node import... | ||
| */ | ||
| const _nodeCrypto = await exports._getWebCryptoInternals.stubThisImportNodeCrypto(); | ||
| if (_nodeCrypto?.webcrypto) { | ||
| webCrypto = _nodeCrypto.webcrypto; | ||
| return webCrypto; | ||
| } | ||
| // We tried to access it both in Node and globally, so bail out | ||
| throw new MissingWebCrypto(); | ||
| const toResolve = new Promise((resolve, reject) => { | ||
| if (webCrypto) { | ||
| return resolve(webCrypto); | ||
| } | ||
| /** | ||
| * Naively attempt to access Crypto as a global object, which popular ESM-centric run-times | ||
| * support (and Node v20+) | ||
| */ | ||
| const _globalThisCrypto = exports._getWebCryptoInternals.stubThisGlobalThisCrypto(); | ||
| if (_globalThisCrypto) { | ||
| webCrypto = _globalThisCrypto; | ||
| return resolve(webCrypto); | ||
| } | ||
| // We tried to access it both in Node and globally, so bail out | ||
| return reject(new MissingWebCrypto()); | ||
| }); | ||
| return toResolve; | ||
| } | ||
@@ -68,22 +50,2 @@ exports.getWebCrypto = getWebCrypto; | ||
| exports._getWebCryptoInternals = { | ||
| stubThisImportNodeCrypto: async () => { | ||
| try { | ||
| // dnt-shim-ignore | ||
| /** | ||
| * The `webpackIgnore` here is to help support Next.js' Edge runtime. | ||
| * See https://github.com/MasterKale/SimpleWebAuthn/issues/517 for more info. | ||
| */ | ||
| const _nodeCrypto = await Promise.resolve().then(() => __importStar(require(/* webpackIgnore: true */ 'crypto'))); | ||
| return _nodeCrypto; | ||
| } | ||
| catch (_err) { | ||
| /** | ||
| * Intentionally declaring webcrypto as undefined because we're assuming the Node import | ||
| * failed due to either: | ||
| * - `import()` isn't supported | ||
| * - `node:crypto` is unavailable. | ||
| */ | ||
| return { webcrypto: undefined }; | ||
| } | ||
| }, | ||
| stubThisGlobalThisCrypto: () => globalThis.crypto, | ||
@@ -90,0 +52,0 @@ // Make it possible to reset the `webCrypto` at the top of the file |
@@ -11,4 +11,4 @@ "use strict"; | ||
| return [ | ||
| JSON.parse(index_js_1.isoBase64URL.toString(parts[0])), | ||
| JSON.parse(index_js_1.isoBase64URL.toString(parts[1])), | ||
| JSON.parse(index_js_1.isoBase64URL.toUTF8String(parts[0])), | ||
| JSON.parse(index_js_1.isoBase64URL.toUTF8String(parts[1])), | ||
| parts[2], | ||
@@ -15,0 +15,0 @@ ]; |
@@ -1,7 +0,7 @@ | ||
| import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialDescriptorFuture } from '../deps.js'; | ||
| import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON } from '../deps.js'; | ||
| export type GenerateRegistrationOptionsOpts = { | ||
| rpName: string; | ||
| rpID: string; | ||
| userID: string; | ||
| userName: string; | ||
| userID?: Uint8Array; | ||
| challenge?: string | Uint8Array; | ||
@@ -11,3 +11,6 @@ userDisplayName?: string; | ||
| attestationType?: AttestationConveyancePreference; | ||
| excludeCredentials?: PublicKeyCredentialDescriptorFuture[]; | ||
| excludeCredentials?: { | ||
| id: Base64URLString; | ||
| transports?: AuthenticatorTransportFuture[]; | ||
| }[]; | ||
| authenticatorSelection?: AuthenticatorSelectionCriteria; | ||
@@ -24,22 +27,19 @@ extensions?: AuthenticationExtensionsClientInputs; | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration" | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator registration | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param rpName User-visible, "friendly" website/service name | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * @param userID User's website-specific unique ID | ||
| * @param userName User's website-specific username (email, etc...) | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * @param userDisplayName User's actual name | ||
| * @param timeout How long (in ms) the user can take to complete attestation | ||
| * @param attestationType Specific attestation statement | ||
| * @param excludeCredentials Authenticators registered by the user so the user can't register the | ||
| * same credential multiple times | ||
| * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that | ||
| * may be used | ||
| * @param extensions Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param rpName - User-visible, "friendly" website/service name | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param userName - User's website-specific username (email, etc...) | ||
| * @param userID **(Optional)** - User's website-specific unique ID. Defaults to generating a random identifier | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back. Defaults to generating a random value | ||
| * @param userDisplayName **(Optional)** - User's actual name. Defaults to `""` | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete attestation. Defaults to `60000` | ||
| * @param attestationType **(Optional)** - Specific attestation statement. Defaults to `"none"` | ||
| * @param excludeCredentials **(Optional)** - Authenticators registered by the user so the user can't register the same credential multiple times. Defaults to `[]` | ||
| * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]` | ||
| */ | ||
| export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): Promise<PublicKeyCredentialCreationOptionsJSON>; |
@@ -5,2 +5,3 @@ "use strict"; | ||
| const generateChallenge_js_1 = require("../helpers/generateChallenge.js"); | ||
| const generateUserID_js_1 = require("../helpers/generateUserID.js"); | ||
| const index_js_1 = require("../helpers/iso/index.js"); | ||
@@ -53,24 +54,21 @@ /** | ||
| /** | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration" | ||
| * Prepare a value to pass into navigator.credentials.create(...) for authenticator registration | ||
| * | ||
| * **Options:** | ||
| * | ||
| * @param rpName User-visible, "friendly" website/service name | ||
| * @param rpID Valid domain name (after `https://`) | ||
| * @param userID User's website-specific unique ID | ||
| * @param userName User's website-specific username (email, etc...) | ||
| * @param challenge Random value the authenticator needs to sign and pass back | ||
| * @param userDisplayName User's actual name | ||
| * @param timeout How long (in ms) the user can take to complete attestation | ||
| * @param attestationType Specific attestation statement | ||
| * @param excludeCredentials Authenticators registered by the user so the user can't register the | ||
| * same credential multiple times | ||
| * @param authenticatorSelection Advanced criteria for restricting the types of authenticators that | ||
| * may be used | ||
| * @param extensions Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param rpName - User-visible, "friendly" website/service name | ||
| * @param rpID - Valid domain name (after `https://`) | ||
| * @param userName - User's website-specific username (email, etc...) | ||
| * @param userID **(Optional)** - User's website-specific unique ID. Defaults to generating a random identifier | ||
| * @param challenge **(Optional)** - Random value the authenticator needs to sign and pass back. Defaults to generating a random value | ||
| * @param userDisplayName **(Optional)** - User's actual name. Defaults to `""` | ||
| * @param timeout **(Optional)** - How long (in ms) the user can take to complete attestation. Defaults to `60000` | ||
| * @param attestationType **(Optional)** - Specific attestation statement. Defaults to `"none"` | ||
| * @param excludeCredentials **(Optional)** - Authenticators registered by the user so the user can't register the same credential multiple times. Defaults to `[]` | ||
| * @param authenticatorSelection **(Optional)** - Advanced criteria for restricting the types of authenticators that may be used. Defaults to `{ residentKey: 'preferred', userVerification: 'preferred' }` | ||
| * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during attestation | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to `[-8, -7, -257]` | ||
| */ | ||
| async function generateRegistrationOptions(options) { | ||
| const { rpName, rpID, userID, userName, challenge = await (0, generateChallenge_js_1.generateChallenge)(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options; | ||
| const { rpName, rpID, userName, userID, challenge = await (0, generateChallenge_js_1.generateChallenge)(), userDisplayName = '', timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options; | ||
| /** | ||
@@ -123,2 +121,16 @@ * Prepare pubKeyCredParams from the array of algorithm ID's | ||
| } | ||
| /** | ||
| * Explicitly disallow use of strings for userID anymore because `isoBase64URL.fromBuffer()` below | ||
| * will return an empty string if one gets through! | ||
| */ | ||
| if (typeof userID === 'string') { | ||
| throw new Error(`String values for \`userID\` are no longer supported. See https://simplewebauthn.dev/docs/advanced/server/custom-user-ids`); | ||
| } | ||
| /** | ||
| * Generate a user ID if one is not provided | ||
| */ | ||
| let _userID = userID; | ||
| if (!_userID) { | ||
| _userID = await (0, generateUserID_js_1.generateUserID)(); | ||
| } | ||
| return { | ||
@@ -131,3 +143,3 @@ challenge: index_js_1.isoBase64URL.fromBuffer(_challenge), | ||
| user: { | ||
| id: userID, | ||
| id: index_js_1.isoBase64URL.fromBuffer(_userID), | ||
| name: userName, | ||
@@ -139,6 +151,12 @@ displayName: userDisplayName, | ||
| attestation: attestationType, | ||
| excludeCredentials: excludeCredentials.map((cred) => ({ | ||
| ...cred, | ||
| id: index_js_1.isoBase64URL.fromBuffer(cred.id), | ||
| })), | ||
| excludeCredentials: excludeCredentials.map((cred) => { | ||
| if (!index_js_1.isoBase64URL.isBase64URL(cred.id)) { | ||
| throw new Error(`excludeCredential id "${cred.id}" is not a valid base64url string`); | ||
| } | ||
| return { | ||
| ...cred, | ||
| id: index_js_1.isoBase64URL.trimPadding(cred.id), | ||
| type: 'public-key', | ||
| }; | ||
| }), | ||
| authenticatorSelection, | ||
@@ -145,0 +163,0 @@ extensions: { |
@@ -29,4 +29,4 @@ "use strict"; | ||
| const jwtParts = jwt.split('.'); | ||
| const HEADER = JSON.parse(index_js_1.isoBase64URL.toString(jwtParts[0])); | ||
| const PAYLOAD = JSON.parse(index_js_1.isoBase64URL.toString(jwtParts[1])); | ||
| const HEADER = JSON.parse(index_js_1.isoBase64URL.toUTF8String(jwtParts[0])); | ||
| const PAYLOAD = JSON.parse(index_js_1.isoBase64URL.toUTF8String(jwtParts[1])); | ||
| const SIGNATURE = jwtParts[2]; | ||
@@ -33,0 +33,0 @@ /** |
@@ -1,2 +0,2 @@ | ||
| import type { COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON } from '../deps.js'; | ||
| import type { Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, RegistrationResponseJSON } from '../deps.js'; | ||
| import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject.js'; | ||
@@ -18,12 +18,9 @@ import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js'; | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateRegistrationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.create') | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateRegistrationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.create') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to all supported algorithm IDs | ||
| */ | ||
@@ -63,3 +60,3 @@ export declare function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>; | ||
| aaguid: string; | ||
| credentialID: Uint8Array; | ||
| credentialID: Base64URLString; | ||
| credentialPublicKey: Uint8Array; | ||
@@ -66,0 +63,0 @@ credentialType: 'public-key'; |
@@ -27,12 +27,9 @@ "use strict"; | ||
| * | ||
| * @param response Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge The base64url-encoded `options.challenge` returned by | ||
| * `generateRegistrationOptions()` | ||
| * @param expectedOrigin Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType (Optional) The response type expected ('webauthn.create') | ||
| * @param requireUserVerification (Optional) Enforce user verification by the authenticator | ||
| * (via PIN, fingerprint, etc...) | ||
| * @param supportedAlgorithmIDs Array of numeric COSE algorithm identifiers supported for | ||
| * attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms | ||
| * @param response - Response returned by **@simplewebauthn/browser**'s `startAuthentication()` | ||
| * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateRegistrationOptions()` | ||
| * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on | ||
| * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options | ||
| * @param expectedType **(Optional)** - The response type expected ('webauthn.create') | ||
| * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true` | ||
| * @param supportedAlgorithmIDs **(Optional)** - Array of numeric COSE algorithm identifiers supported for attestation by this RP. See https://www.iana.org/assignments/cose/cose.xhtml#algorithms. Defaults to all supported algorithm IDs | ||
| */ | ||
@@ -201,3 +198,3 @@ async function verifyRegistrationResponse(options) { | ||
| aaguid: (0, convertAAGUIDToString_js_1.convertAAGUIDToString)(aaguid), | ||
| credentialID, | ||
| credentialID: index_js_1.isoBase64URL.fromBuffer(credentialID), | ||
| credentialPublicKey, | ||
@@ -204,0 +201,0 @@ credentialType, |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Number of package files
- increased by1.51%
269
Worsened metrics
- Total package byte prevSize
- decreased by-12.21%
477563
- Lines of code
- decreased by-4.63%
11003
Dependency changes
+ Added@simplewebauthn/types@10.0.0(transitive)
- Removed@simplewebauthn/types@9.0.1(transitive)