UNPKG

@didtools/key-webauthn

Version:

Implements support to authenticate, authorize and verify blocks produced by webauthn/passkey compatible hardware authenticators and OS/software implementations.

github.com/ceramicnetwork/js-did

ceramicnetwork/js-did

56 lines (55 loc) 2.27 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
export interface CredentialSignResponse extends Credential { response: { clientDataJSON: Uint8Array; authenticatorData: Uint8Array; signature: Uint8Array; }; } export declare function authenticatorSign(challenge: Uint8Array, credentialId?: Uint8Array | string): Promise<{ signature: Uint8Array; recovered: [Uint8Array, Uint8Array]; credential: CredentialSignResponse; }>; export declare function verify(signature: Uint8Array, publicKey: Uint8Array, authData: Uint8Array, clientDataJSON: Uint8Array): boolean; export declare function randomBytes(n: number): Uint8Array; export interface AttestationObject { fmt: string; attStmt: any; authData: Uint8Array; } export declare function decodeAttestationObject(attestationObject: Uint8Array | ArrayBuffer): AttestationObject; /** * Extracts PublicKey from AuthenticatorData as received from hardware key. * * See box `CREDENTIAL PUBLIC KEY` in picture: * https://w3c.github.io/webauthn/images/fido-attestation-structures.svg * @param {Uint8Array|ArrayBuffer} authData Use getAuthenticatorData(response). */ export declare function decodeAuthenticatorData(authData: Uint8Array): { rpidHash: Uint8Array; flags: number; signCounter: number; aaguid: Uint8Array; credentialId: Uint8Array; publicKey: Uint8Array; cose: Map<number, any>; }; /** * Normalize authenticatorData across browsers/runtimes. */ export declare function getAuthenticatorData(response: any): Uint8Array; /** * Normalize ArrayBuffer|Uint8Array|node:Buffer => Uint8Array or throw */ export declare function assertU8(o: any): Uint8Array; /** * Recovers both recovery bit 0|1 candidates from * an authenticator produced signature. * @param signature Authenticator generated signature * @param authenticatorData Authenticator Data * @param clientDataJSON Authenticator generated clientDataJSON - watch out for https://goo.gl/yabPex * @returns Recovered tuple of pk0 and pk1 */ export declare function recoverPublicKeys(signature: Uint8Array, authenticatorData: Uint8Array, clientDataJSON: Uint8Array): [Uint8Array, Uint8Array]; export declare function decodePubFromDID(did: string): Uint8Array; export declare function encodeDIDFromPub(publicKey: Uint8Array): string;