5 files changed, 56 insertions, 69 deletions

diff --git a/example/fido-conformance.ts b/example/fido-conformance.ts
index 8871e27..5fae14d 100644
--- a/example/fido-conformance.ts
+++ b/example/fido-conformance.ts
@@ -97,6 +97,8 @@ const inMemoryUserDeviceDB: { [username: string]: LoggedInFIDOUser } = {
 // A cheap way of remembering who's "logged in" between the request for options and the response
 let loggedInUsername: string | undefined = undefined;
 
+const supportedAlgorithmIDs = [-7, -8, -35, -36, -37, -38, -39, -257, -258, -259, -65535];
+
 /**
  * [FIDO2] Server Tests > MakeCredential Request
  */
@@ -134,7 +136,7 @@ fidoConformanceRouter.post('/attestation/options', (req, res) => {
       type: 'public-key',
       transports: ['usb', 'ble', 'nfc', 'internal'],
     })),
-    supportedAlgorithmIDs: [-7, -8, -36, -37, -38, -39, -257, -258, -259, -65535],
+    supportedAlgorithmIDs,
   });
 
   user.currentChallenge = opts.challenge;
@@ -162,6 +164,7 @@ fidoConformanceRouter.post('/attestation/result', async (req, res) => {
       credential: body,
       expectedChallenge: `${expectedChallenge}`,
       expectedOrigin,
+      supportedAlgorithmIDs,
     });
   } catch (error) {
     const _error: Error = error as Error;
@@ -227,7 +230,7 @@ fidoConformanceRouter.post('/assertion/options', (req, res) => {
   });
 });
 
-fidoConformanceRouter.post('/assertion/result', (req, res) => {
+fidoConformanceRouter.post('/assertion/result', async (req, res) => {
   const body: AuthenticationCredentialJSON = req.body;
   const { id } = body;
 
@@ -237,27 +240,29 @@ fidoConformanceRouter.post('/assertion/result', (req, res) => {
   const expectedChallenge = user.currentChallenge;
   const userVerification = user.currentAuthenticationUserVerification;
 
+  if (!id) {
+    const msg = `Invalid id: ${id}`;
+    console.error(`RP - authentication: ${msg}`);
+    return res.status(400).send({ errorMessage: msg });
+  }
+
   const credIDBuffer = base64url.toBuffer(id);
   const existingDevice = user.devices.find(device => device.credentialID.equals(credIDBuffer));
 
   if (!existingDevice) {
-    throw new Error(`Could not find device matching ${id}`);
-  }
-
-  let requireUserVerification = false;
-  if (userVerification === 'required') {
-    requireUserVerification = true;
+    const msg = `Could not find device matching ${id}`;
+    console.error(`RP - authentication: ${msg}`);
+    return res.status(400).send({ errorMessage: msg });
   }
 
   let verification;
   try {
-    verification = verifyAuthenticationResponse({
+    verification = await verifyAuthenticationResponse({
       credential: body,
       expectedChallenge: `${expectedChallenge}`,
       expectedOrigin,
       expectedRPID: rpID,
       authenticator: existingDevice,
-      requireUserVerification,
       advancedFIDOConfig: { userVerification },
     });
   } catch (error) {
diff --git a/example/index.ts b/example/index.ts
index 9d3c903..330b84b 100644
--- a/example/index.ts
+++ b/example/index.ts
@@ -230,7 +230,7 @@ app.get('/generate-authentication-options', (req, res) => {
   res.send(options);
 });
 
-app.post('/verify-authentication', (req, res) => {
+app.post('/verify-authentication', async (req, res) => {
   const body: AuthenticationCredentialJSON = req.body;
 
   const user = inMemoryUserDeviceDB[loggedInUserId];
@@ -261,7 +261,7 @@ app.post('/verify-authentication', (req, res) => {
       authenticator: dbAuthenticator,
       requireUserVerification: true,
     };
-    verification = verifyAuthenticationResponse(opts);
+    verification = await verifyAuthenticationResponse(opts);
   } catch (error) {
     const _error = error as Error;
     console.error(_error);
diff --git a/example/package-lock.json b/example/package-lock.json
index 7b0625b..f7b380e 100644
--- a/example/package-lock.json
+++ b/example/package-lock.json
@@ -9,7 +9,7 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "@simplewebauthn/server": "5.4.5",
+        "@simplewebauthn/server": "6.0.0",
         "base64url": "^3.0.1",
         "dotenv": "^10.0.0",
         "express": "^4.17.1",
@@ -45,6 +45,17 @@
         "node": ">=12"
       }
     },
+    "node_modules/@noble/ed25519": {
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/@noble/ed25519/-/ed25519-1.6.1.tgz",
+      "integrity": "sha512-Gptpue6qPmg7p1E5LBO5GDtXw5WMc2DVtUmu4EQequOcoCvum1dT9sY6s9M8aSJWq9YopCN4jmTOAvqMdw3q7w==",
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://paulmillr.com/funding/"
+        }
+      ]
+    },
     "node_modules/@peculiar/asn1-android": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/@peculiar/asn1-android/-/asn1-android-2.2.0.tgz",
@@ -78,31 +89,30 @@
       }
     },
     "node_modules/@simplewebauthn/server": {
-      "version": "5.4.5",
-      "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-5.4.5.tgz",
-      "integrity": "sha512-o7Tn0X8s2465ijG25Ehmckoxqgx94R8jtMHNxoxd6zXXme2fgSC1nRLnZz8bUBoho1jeG3eZ516LiRtmsOdQZw==",
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-6.0.0.tgz",
+      "integrity": "sha512-khWsyWRwK5yldvdjMfz4bImuKv6KO2yYQmVX584Rjc8x1ajGSW5xpap/SClXdNvWrpRw8vByx4luZsH0aL83Mg==",
       "dependencies": {
+        "@noble/ed25519": "^1.6.1",
         "@peculiar/asn1-android": "^2.1.7",
         "@peculiar/asn1-schema": "^2.1.7",
         "@peculiar/asn1-x509": "^2.1.7",
-        "@simplewebauthn/typescript-types": "^5.4.0",
+        "@simplewebauthn/typescript-types": "^6.0.0",
         "base64url": "^3.0.1",
         "cbor": "^5.1.0",
         "debug": "^4.3.2",
-        "elliptic": "^6.5.3",
         "jsrsasign": "^10.4.0",
         "jwk-to-pem": "^2.0.4",
-        "node-fetch": "^2.6.0",
-        "node-rsa": "^1.1.1"
+        "node-fetch": "^2.6.0"
       },
       "engines": {
-        "node": ">=10.0.0"
+        "node": ">=14.0.0"
       }
     },
     "node_modules/@simplewebauthn/typescript-types": {
-      "version": "5.4.0",
-      "resolved": "https://registry.npmjs.org/@simplewebauthn/typescript-types/-/typescript-types-5.4.0.tgz",
-      "integrity": "sha512-LeJq6Jx+o7D6iIlCy8CH5jCjwVcUvAReEo66VcF3nysfc/yKW5yCAPLSRmPITF4CRZTfnVPxUBUcveUQL6aBMA=="
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/@simplewebauthn/typescript-types/-/typescript-types-6.0.0.tgz",
+      "integrity": "sha512-zBs5duUHwQ2CCnHckalMJycv8p2mfWGv+m9sI3WxnK3QR7Lw0/014zKkhC+Uygz5XSHuvPAxeMft6FbrP/OmtQ=="
     },
     "node_modules/@tsconfig/node10": {
       "version": "1.0.8",
@@ -277,14 +287,6 @@
       "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
       "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI="
     },
-    "node_modules/asn1": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz",
-      "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==",
-      "dependencies": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
     "node_modules/asn1.js": {
       "version": "5.4.1",
       "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
@@ -1004,14 +1006,6 @@
         }
       }
     },
-    "node_modules/node-rsa": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/node-rsa/-/node-rsa-1.1.1.tgz",
-      "integrity": "sha512-Jd4cvbJMryN21r5HgxQOpMEqv+ooke/korixNNK3mGqfGJmy0M77WDDzo/05969+OkMy3XW1UuZsSmW9KQm7Fw==",
-      "dependencies": {
-        "asn1": "^0.2.4"
-      }
-    },
     "node_modules/nodemon": {
       "version": "2.0.19",
       "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.19.tgz",
@@ -1525,6 +1519,11 @@
         "@cspotcode/source-map-consumer": "0.8.0"
       }
     },
+    "@noble/ed25519": {
+      "version": "1.6.1",
+      "resolved": "https://registry.npmjs.org/@noble/ed25519/-/ed25519-1.6.1.tgz",
+      "integrity": "sha512-Gptpue6qPmg7p1E5LBO5GDtXw5WMc2DVtUmu4EQequOcoCvum1dT9sY6s9M8aSJWq9YopCN4jmTOAvqMdw3q7w=="
+    },
     "@peculiar/asn1-android": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/@peculiar/asn1-android/-/asn1-android-2.2.0.tgz",
@@ -1558,28 +1557,27 @@
       }
     },
     "@simplewebauthn/server": {
-      "version": "5.4.5",
-      "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-5.4.5.tgz",
-      "integrity": "sha512-o7Tn0X8s2465ijG25Ehmckoxqgx94R8jtMHNxoxd6zXXme2fgSC1nRLnZz8bUBoho1jeG3eZ516LiRtmsOdQZw==",
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-6.0.0.tgz",
+      "integrity": "sha512-khWsyWRwK5yldvdjMfz4bImuKv6KO2yYQmVX584Rjc8x1ajGSW5xpap/SClXdNvWrpRw8vByx4luZsH0aL83Mg==",
       "requires": {
+        "@noble/ed25519": "^1.6.1",
         "@peculiar/asn1-android": "^2.1.7",
         "@peculiar/asn1-schema": "^2.1.7",
         "@peculiar/asn1-x509": "^2.1.7",
-        "@simplewebauthn/typescript-types": "^5.4.0",
+        "@simplewebauthn/typescript-types": "^6.0.0",
         "base64url": "^3.0.1",
         "cbor": "^5.1.0",
         "debug": "^4.3.2",
-        "elliptic": "^6.5.3",
         "jsrsasign": "^10.4.0",
         "jwk-to-pem": "^2.0.4",
-        "node-fetch": "^2.6.0",
-        "node-rsa": "^1.1.1"
+        "node-fetch": "^2.6.0"
       }
     },
     "@simplewebauthn/typescript-types": {
-      "version": "5.4.0",
-      "resolved": "https://registry.npmjs.org/@simplewebauthn/typescript-types/-/typescript-types-5.4.0.tgz",
-      "integrity": "sha512-LeJq6Jx+o7D6iIlCy8CH5jCjwVcUvAReEo66VcF3nysfc/yKW5yCAPLSRmPITF4CRZTfnVPxUBUcveUQL6aBMA=="
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/@simplewebauthn/typescript-types/-/typescript-types-6.0.0.tgz",
+      "integrity": "sha512-zBs5duUHwQ2CCnHckalMJycv8p2mfWGv+m9sI3WxnK3QR7Lw0/014zKkhC+Uygz5XSHuvPAxeMft6FbrP/OmtQ=="
     },
     "@tsconfig/node10": {
       "version": "1.0.8",
@@ -1739,14 +1737,6 @@
       "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
       "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI="
     },
-    "asn1": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.6.tgz",
-      "integrity": "sha512-ix/FxPn0MDjeyJ7i/yoHGFt/EX6LyNbxSEhPPXODPL+KB0VPk86UYfL0lMdy+KCnv+fmvIzySwaK5COwqVbWTQ==",
-      "requires": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
     "asn1.js": {
       "version": "5.4.1",
       "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
@@ -2309,14 +2299,6 @@
         "whatwg-url": "^5.0.0"
       }
     },
-    "node-rsa": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/node-rsa/-/node-rsa-1.1.1.tgz",
-      "integrity": "sha512-Jd4cvbJMryN21r5HgxQOpMEqv+ooke/korixNNK3mGqfGJmy0M77WDDzo/05969+OkMy3XW1UuZsSmW9KQm7Fw==",
-      "requires": {
-        "asn1": "^0.2.4"
-      }
-    },
     "nodemon": {
       "version": "2.0.19",
       "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.19.tgz",
diff --git a/example/package.json b/example/package.json
index 1346735..14a84c1 100644
--- a/example/package.json
+++ b/example/package.json
@@ -11,7 +11,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@simplewebauthn/server": "5.4.5",
+    "@simplewebauthn/server": "6.0.0",
     "base64url": "^3.0.1",
     "dotenv": "^10.0.0",
     "express": "^4.17.1",
diff --git a/example/public/index.html b/example/public/index.html
index 278e40a..3629e55 100644
--- a/example/public/index.html
+++ b/example/public/index.html
@@ -121,7 +121,7 @@
     </div>
     <script>
       const {
-        browserSupportsWebauthn,
+        browserSupportsWebAuthn,
         startRegistration,
       } = SimpleWebAuthnBrowser;
 
@@ -141,7 +141,7 @@
       }
 
       // Hide the Begin button if the browser is incapable of using WebAuthn
-      if (!browserSupportsWebauthn()) {
+      if (!browserSupportsWebAuthn()) {
         document.querySelector('.controls').style.display = 'none';
         document.querySelector('.systemError').innerText = "It seems this browser doesn't support WebAuthn...";
       } else {