UNPKG

ndwallet-core

Version:

Core cryptographic library for NDWallet browser environments

143 lines (142 loc) 4.8 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
import { AuthenticationResponseJSON, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON } from '@simplewebauthn/types'; /** * Server configuration object */ export interface ServerConfig { serverUrl: string; apiKey: string; } /** * Encrypted share object */ export interface EncryptedShare { iv: number[]; data: number[]; } /** * Secret question object */ export interface SecretQuestion { id: string; question: string; } /** * User object */ export interface User { id: string; email: string; credential: UserCredential; } /** * User credential object */ export interface UserCredential { id: string; authCredentialId: string; publicKey: string; serverShare: EncryptedShare; lastUsedAt: string; } /** * Registration start response object */ export interface RegistrationStartResponse { deviceId: string; deviceSecret: string; options: PublicKeyCredentialCreationOptionsJSON; } /** * Registration complete response object */ export interface RegistrationCompleteResponse { userId: string; email: string; credentialId: string; token: string; } /** * Authentication start response object */ export interface AuthenticationStartResponse { userId: string; email: string; credentialId: string; serverShare: EncryptedShare; options: PublicKeyCredentialRequestOptionsJSON; prfSalt?: string; backupServerShare?: EncryptedShare; backupShareCid?: string; secretQuestion?: SecretQuestion; } /** * Authentication complete response object */ export interface AuthenticationCompleteResponse { userId: string; email: string; credentialId: string; token: string; } /** * Set server configuration for user module * @param config - Configuration object containing server URL and API key */ export declare function setServerConfig(config: ServerConfig): void; /** * Check if a user exists by email * @param email - The user's email address * @returns Promise resolving to a boolean indicating if the user exists */ export declare function checkUserExists(email: string): Promise<boolean>; /** * Start the authentication process for a user * @param email - The user's email address * @param credentialId - The user's credential ID (optional) * @param deviceToken - The device token for the user (optional) * @returns Authentication options and server data */ export declare function startUserAuthentication(email: string, credentialId?: string, deviceToken?: string): Promise<AuthenticationStartResponse>; /** * Complete the authentication process * @param credentialId - The user's credential ID * @param authenticationResponse - The WebAuthn response from the authenticator * @returns Authentication completion data */ export declare function completeUserAuthentication(credentialId: string, authenticationResponse: AuthenticationResponseJSON): Promise<AuthenticationCompleteResponse>; /** * Start the registration process for a new user * @param email - The user's email address * @param serverShare - The encrypted share for the server data * @param backupShare - The encrypted share for the backup data * @param secretQuestionId - The security question ID (optional) * @param deviceToken - The device token for the user (optional) * @returns Registration options and server data */ export declare function startUserRegistration(email: string, serverShare: EncryptedShare, backupShare: EncryptedShare, secretQuestionId?: number, deviceToken?: string): Promise<RegistrationStartResponse>; /** * Complete the registration process * @param email - The user's email address * @param deviceServerShare - The encrypted share for the server data (using device passkey) * @param registrationResponse - The WebAuthn response from the authenticator * @param prfSalt - The PRF salt used for key derivation * @returns Registration completion data */ export declare function completeUserRegistration(email: string, deviceId: string, deviceServerShare: EncryptedShare, registrationResponse: any, prfSalt: string): Promise<RegistrationCompleteResponse>; /** * Get user data. * @param email - The user's email address * @returns User data including credential details and encrypted server share */ export declare function getUserData(email: string): Promise<User>; /** * Fetch the list of secret questions from the server * @returns Promise resolving to an array of SecretQuestion objects */ export declare function allSecretQuestions(): Promise<SecretQuestion[]>; /** * Get the secret question for a specific user * @param email - The user's email address * @returns The secret question object or null if not found */ export declare function getSecretQuestion(email: string): Promise<SecretQuestion | null>;