Create a new Passport instance.
The account_id is used to identify the account in the Windows Credential Manager.
If an account with the given id already exists, it will be used.
You can check if an account exists with the accountExists
getter.
import { Passport } from 'passport-desktop';
const passport = new Passport('my-account-id');
The id of the account in the Windows Credential Manager.
Whether the account exists in the Windows Credential Manager. This is only updated if the account exists when the Passport instance is created and when createAccount or deleteAccount are called. If the account is deleted or created outside of this instance, this value will not be updated.
Create a new passport account. You can optionally pass a KeyCreationOption to customize the key creation. If no option is passed, an existing key will be replaced. If the account does not exist, it will be created.
import { Passport, KeyCreationOption } from 'passport-desktop';
const passport = new Passport('my-account-id');
await passport.createAccount(KeyCreationOption.FailIfExists);
Optional
creationOption: null | KeyCreationOptionThe KeyCreationOption to use when creating the key.
Get the public key of the account. If the account does not exist, an error will be thrown. The encoding of the key can be specified, defaulting to Pkcs1RsaPublicKey.
In order to verify a signature using this public key,
use the Pkcs1RsaPublicKey
encoding and pass the result to the crypto
module.
import { Passport, PublicKeyEncoding } from 'passport-desktop';
import { createPublicKey } from 'node:crypto';
const passport = new Passport('my-account-id');
// Create the key pair
await passport.createAccount();
const keyBuffer = await passport.getPublicKey(PublicKeyEncoding.Pkcs1RsaPublicKey);
// Use these options to load the public key
const key = createPublicKey({
key: keyBuffer,
format: 'der',
type: 'pkcs1'
});
Optional
encoding: null | PublicKeyEncodingThe encoding to use for the public key.
The public key.
Sign a challenge with the private key. If the account does not exist, an error will be thrown. This will open a Windows Hello dialog to verify the user. If the challenge is not verified, an error will be thrown.
The signature can be verified with the public key, for example
using the crypto
module.
import { Passport, PublicKeyEncoding } from 'passport-desktop';
import { randomBytes, createPublicKey, createVerify } from 'node:crypto';
const passport = new Passport('my-account-id');
// Create the key pair
await passport.createAccount();
// Create a challenge and sign it
const challenge = randomBytes(32);
const signature = await passport.sign(challenge);
// Verify the signature with the public key
const keyBuffer = await passport.getPublicKey(PublicKeyEncoding.Pkcs1RsaPublicKey);
const key = createPublicKey({
key: keyBuffer,
format: 'der',
type: 'pkcs1'
});
// Create a verifier and verify the challenge
const verify = createVerify('SHA256');
verify.write(challenge);
verify.end();
verify.verify(key, signature); // true
The challenge to sign.
The signature.
Static
accountStatic
availableStatic
requestRequest verification from the user. This will show a dialog to the user asking them to verify their identity. If the user accepts, the returned value will be Verified. If the user rejects or cancels the dialog, the returned value will be another value from VerificationResult specifying the rejection reason.
import { Passport, VerificationResult } from 'passport-desktop';
const result = await Passport.requestVerification('Please verify your identity');
if (result === VerificationResult.Verified) {
console.log('User verified');
} else {
console.log('User rejected verification');
}
The message to show to the user.
The result of the verification request.
Generated using TypeDoc
The Passport module provides an interface to the Windows Hello API. It allows you to create a key pair and sign data using the private key. The public key can be exported in a variety of formats.
Example