npm - @azure/attestation - Versions diffs - 1.0.1-alpha.20241022.1 → 1.0.1-alpha.20241023.1 - Mend

@azure/attestation 1.0.1-alpha.20241022.1 → 1.0.1-alpha.20241023.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (610) hide show

package/dist/index.js DELETED Viewed

@@ -1,2881 +0,0 @@
-'use strict';
-Object.defineProperty(exports, '__esModule', { value: true });
-var coreClient = require('@azure/core-client');
-var coreTracing = require('@azure/core-tracing');
-var logger$1 = require('@azure/logger');
-var coreAuth = require('@azure/core-auth');
-var jsrsasign = require('jsrsasign');
-function _interopNamespaceDefault(e) {
-    var n = Object.create(null);
-    if (e) {
-        Object.keys(e).forEach(function (k) {
-            if (k !== 'default') {
-                var d = Object.getOwnPropertyDescriptor(e, k);
-                Object.defineProperty(n, k, d.get ? d : {
-                    enumerable: true,
-                    get: function () { return e[k]; }
-                });
-            }
-        });
-    }
-    n.default = e;
-    return Object.freeze(n);
-}
-var coreClient__namespace = /*#__PURE__*/_interopNamespaceDefault(coreClient);
-var jsrsasign__namespace = /*#__PURE__*/_interopNamespaceDefault(jsrsasign);
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Known values of {@link AttestationType} that the service accepts. */
-exports.KnownAttestationType = void 0;
-(function (KnownAttestationType) {
-    /** Intel Software Guard eXtensions */
-    KnownAttestationType["SgxEnclave"] = "SgxEnclave";
-    /** OpenEnclave extensions to SGX */
-    KnownAttestationType["OpenEnclave"] = "OpenEnclave";
-    /** Edge TPM Virtualization Based Security */
-    KnownAttestationType["Tpm"] = "Tpm";
-})(exports.KnownAttestationType || (exports.KnownAttestationType = {}));
-/** Known values of {@link DataType} that the service accepts. */
-var KnownDataType;
-(function (KnownDataType) {
-    /** The contents of the field should be treated as binary and not interpreted by MAA. */
-    KnownDataType["Binary"] = "Binary";
-    /** The contents of the field should be treated as a JSON object and may be further interpreted by MAA. */
-    KnownDataType["Json"] = "JSON";
-})(KnownDataType || (KnownDataType = {}));
-/** Known values of {@link CertificateModification} that the service accepts. */
-exports.KnownCertificateModification = void 0;
-(function (KnownCertificateModification) {
-    /** After the operation was performed, the certificate is in the set of certificates. */
-    KnownCertificateModification["IsPresent"] = "IsPresent";
-    /** After the operation was performed, the certificate is no longer present in the set of certificates. */
-    KnownCertificateModification["IsAbsent"] = "IsAbsent";
-})(exports.KnownCertificateModification || (exports.KnownCertificateModification = {}));
-/** Known values of {@link PolicyModification} that the service accepts. */
-exports.KnownPolicyModification = void 0;
-(function (KnownPolicyModification) {
-    /** The specified policy object was updated. */
-    KnownPolicyModification["Updated"] = "Updated";
-    /** The specified policy object was removed. */
-    KnownPolicyModification["Removed"] = "Removed";
-})(exports.KnownPolicyModification || (exports.KnownPolicyModification = {}));
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-const decoder = typeof Buffer === "undefined" ? new TextDecoder("ascii") : undefined;
-const encoder = typeof Buffer === "undefined" ? new TextEncoder() : undefined;
-const decode = decoder
-    ? (buffer) => decoder.decode(buffer)
-    : (buffer) => buffer.toString("ascii");
-const encode = encoder
-    ? (str) => encoder.encode(str)
-    : (str) => Buffer.from(str, "utf8");
-/**
- * Converts a string into a utf8 encoded byte array.
- * @param content - The utf8 string to convert.
- * @internal
- */
-function stringToBytes(content) {
-    return encode(content);
-}
-/**
- * Converts a utf8 string into a byte array.
- * @param content - The utf8 string to convert.
- * @internal
- */
-function bytesToString(content) {
-    return decode(content);
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * The TypeDeserializer class enables easy access to the Attestation Model serialization
- * and deserialization APIs.
- */
-class TypeDeserializer {
-    /**
-     * Deserializes a JSON object into a model type.
-     * @param rawJson - The JSON encoded object to convert into model type.
-     * @param bodyMapper - A mapping between type names and {@link Mapper} objects
-     *  which defines the model properties for the type. the {@link bodyTypeName}
-     *  must be one of the properties in the {@link bodyMapper} parameter.
-     * @param bodyTypeName - The name of the type of the body.
-     * @returns The deserialized type. It is the responsibility of the caller to cast to the
-     *      expected return type.
-     *
-     * @internal
-     */
-    static deserialize(rawJson, typeMappers, bodyTypeName) {
-        const serializer = coreClient.createSerializer(typeMappers);
-        return serializer.deserialize(typeMappers[bodyTypeName], rawJson, bodyTypeName);
-    }
-    /**
-     * Serializes a JSON object into a model type.
-     * @param objectToSerialize - The JSON encoded object to convert into model type.
-     * @param bodyMapper - A {@link Mapper} object which defines the model properties for the type.
-     * @returns The serialized type as a JSON encoded string.
-     *
-     * @internal
-     */
-    static serialize(objectToSerialize, typeMappers, bodyMapper) {
-        const serializer = coreClient.createSerializer(typeMappers);
-        return JSON.stringify(serializer.serialize(bodyMapper, objectToSerialize));
-    }
-}
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-const PolicyResponse = {
-    type: {
-        name: "Composite",
-        className: "PolicyResponse",
-        modelProperties: {
-            token: {
-                constraints: {
-                    Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-                },
-                serializedName: "token",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const CloudError = {
-    type: {
-        name: "Composite",
-        className: "CloudError",
-        modelProperties: {
-            error: {
-                serializedName: "error",
-                type: {
-                    name: "Composite",
-                    className: "CloudErrorBody"
-                }
-            }
-        }
-    }
-};
-const CloudErrorBody = {
-    type: {
-        name: "Composite",
-        className: "CloudErrorBody",
-        modelProperties: {
-            code: {
-                serializedName: "code",
-                type: {
-                    name: "String"
-                }
-            },
-            message: {
-                serializedName: "message",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const PolicyCertificatesResponse = {
-    type: {
-        name: "Composite",
-        className: "PolicyCertificatesResponse",
-        modelProperties: {
-            token: {
-                constraints: {
-                    Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-                },
-                serializedName: "token",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const PolicyCertificatesModifyResponse = {
-    type: {
-        name: "Composite",
-        className: "PolicyCertificatesModifyResponse",
-        modelProperties: {
-            token: {
-                constraints: {
-                    Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-                },
-                serializedName: "token",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const AttestOpenEnclaveRequest = {
-    type: {
-        name: "Composite",
-        className: "AttestOpenEnclaveRequest",
-        modelProperties: {
-            report: {
-                serializedName: "report",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            runtimeData: {
-                serializedName: "runtimeData",
-                type: {
-                    name: "Composite",
-                    className: "RuntimeData"
-                }
-            },
-            initTimeData: {
-                serializedName: "initTimeData",
-                type: {
-                    name: "Composite",
-                    className: "InitTimeData"
-                }
-            },
-            draftPolicyForAttestation: {
-                serializedName: "draftPolicyForAttestation",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const RuntimeData = {
-    type: {
-        name: "Composite",
-        className: "RuntimeData",
-        modelProperties: {
-            data: {
-                serializedName: "data",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            dataType: {
-                serializedName: "dataType",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const InitTimeData = {
-    type: {
-        name: "Composite",
-        className: "InitTimeData",
-        modelProperties: {
-            data: {
-                serializedName: "data",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            dataType: {
-                serializedName: "dataType",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const AttestationResponse = {
-    type: {
-        name: "Composite",
-        className: "AttestationResponse",
-        modelProperties: {
-            token: {
-                constraints: {
-                    Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-                },
-                serializedName: "token",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const AttestSgxEnclaveRequest = {
-    type: {
-        name: "Composite",
-        className: "AttestSgxEnclaveRequest",
-        modelProperties: {
-            quote: {
-                serializedName: "quote",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            runtimeData: {
-                serializedName: "runtimeData",
-                type: {
-                    name: "Composite",
-                    className: "RuntimeData"
-                }
-            },
-            initTimeData: {
-                serializedName: "initTimeData",
-                type: {
-                    name: "Composite",
-                    className: "InitTimeData"
-                }
-            },
-            draftPolicyForAttestation: {
-                serializedName: "draftPolicyForAttestation",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const TpmAttestationRequest = {
-    type: {
-        name: "Composite",
-        className: "TpmAttestationRequest",
-        modelProperties: {
-            data: {
-                serializedName: "data",
-                type: {
-                    name: "Base64Url"
-                }
-            }
-        }
-    }
-};
-const TpmAttestationResponse = {
-    type: {
-        name: "Composite",
-        className: "TpmAttestationResponse",
-        modelProperties: {
-            data: {
-                serializedName: "data",
-                type: {
-                    name: "Base64Url"
-                }
-            }
-        }
-    }
-};
-const JsonWebKeySet = {
-    type: {
-        name: "Composite",
-        className: "JsonWebKeySet",
-        modelProperties: {
-            keys: {
-                serializedName: "keys",
-                required: true,
-                type: {
-                    name: "Sequence",
-                    element: {
-                        type: {
-                            name: "Composite",
-                            className: "JsonWebKey"
-                        }
-                    }
-                }
-            }
-        }
-    }
-};
-const JsonWebKey = {
-    type: {
-        name: "Composite",
-        className: "JsonWebKey",
-        modelProperties: {
-            alg: {
-                serializedName: "alg",
-                type: {
-                    name: "String"
-                }
-            },
-            crv: {
-                serializedName: "crv",
-                type: {
-                    name: "String"
-                }
-            },
-            d: {
-                serializedName: "d",
-                type: {
-                    name: "String"
-                }
-            },
-            dp: {
-                serializedName: "dp",
-                type: {
-                    name: "String"
-                }
-            },
-            dq: {
-                serializedName: "dq",
-                type: {
-                    name: "String"
-                }
-            },
-            e: {
-                serializedName: "e",
-                type: {
-                    name: "String"
-                }
-            },
-            k: {
-                serializedName: "k",
-                type: {
-                    name: "String"
-                }
-            },
-            kid: {
-                serializedName: "kid",
-                type: {
-                    name: "String"
-                }
-            },
-            kty: {
-                serializedName: "kty",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            n: {
-                serializedName: "n",
-                type: {
-                    name: "String"
-                }
-            },
-            p: {
-                serializedName: "p",
-                type: {
-                    name: "String"
-                }
-            },
-            q: {
-                serializedName: "q",
-                type: {
-                    name: "String"
-                }
-            },
-            qi: {
-                serializedName: "qi",
-                type: {
-                    name: "String"
-                }
-            },
-            use: {
-                serializedName: "use",
-                type: {
-                    name: "String"
-                }
-            },
-            x: {
-                serializedName: "x",
-                type: {
-                    name: "String"
-                }
-            },
-            x5C: {
-                serializedName: "x5c",
-                type: {
-                    name: "Sequence",
-                    element: {
-                        type: {
-                            name: "String"
-                        }
-                    }
-                }
-            },
-            y: {
-                serializedName: "y",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const AttestationCertificateManagementBody = {
-    type: {
-        name: "Composite",
-        className: "AttestationCertificateManagementBody",
-        modelProperties: {
-            policyCertificate: {
-                serializedName: "policyCertificate",
-                type: {
-                    name: "Composite",
-                    className: "JsonWebKey"
-                }
-            }
-        }
-    }
-};
-const PolicyCertificatesResult = {
-    type: {
-        name: "Composite",
-        className: "PolicyCertificatesResult",
-        modelProperties: {
-            policyCertificates: {
-                serializedName: "x-ms-policy-certificates",
-                type: {
-                    name: "Composite",
-                    className: "JsonWebKeySet"
-                }
-            }
-        }
-    }
-};
-const PolicyCertificatesModificationResult = {
-    type: {
-        name: "Composite",
-        className: "PolicyCertificatesModificationResult",
-        modelProperties: {
-            certificateThumbprint: {
-                serializedName: "x-ms-certificate-thumbprint",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            certificateResolution: {
-                serializedName: "x-ms-policycertificates-result",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const StoredAttestationPolicy$1 = {
-    type: {
-        name: "Composite",
-        className: "StoredAttestationPolicy",
-        modelProperties: {
-            attestationPolicy: {
-                serializedName: "AttestationPolicy",
-                type: {
-                    name: "Base64Url"
-                }
-            }
-        }
-    }
-};
-const PolicyResult = {
-    type: {
-        name: "Composite",
-        className: "PolicyResult",
-        modelProperties: {
-            policyResolution: {
-                serializedName: "x-ms-policy-result",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            policyTokenHash: {
-                serializedName: "x-ms-policy-token-hash",
-                required: true,
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            policySigner: {
-                serializedName: "x-ms-policy-signer",
-                type: {
-                    name: "Composite",
-                    className: "JsonWebKey"
-                }
-            },
-            policy: {
-                constraints: {
-                    Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-                },
-                serializedName: "x-ms-policy",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-const GeneratedAttestationResult = {
-    type: {
-        name: "Composite",
-        className: "GeneratedAttestationResult",
-        modelProperties: {
-            jti: {
-                serializedName: "jti",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            iss: {
-                serializedName: "iss",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            iat: {
-                serializedName: "iat",
-                type: {
-                    name: "Number"
-                }
-            },
-            exp: {
-                serializedName: "exp",
-                type: {
-                    name: "Number"
-                }
-            },
-            nbf: {
-                serializedName: "nbf",
-                type: {
-                    name: "Number"
-                }
-            },
-            cnf: {
-                serializedName: "cnf",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            nonce: {
-                serializedName: "nonce",
-                type: {
-                    name: "String"
-                }
-            },
-            version: {
-                serializedName: "x-ms-ver",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            runtimeClaims: {
-                serializedName: "x-ms-runtime",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            inittimeClaims: {
-                serializedName: "x-ms-inittime",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            policyClaims: {
-                serializedName: "x-ms-policy",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            verifierType: {
-                serializedName: "x-ms-attestation-type",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            policySigner: {
-                serializedName: "x-ms-policy-signer",
-                type: {
-                    name: "Composite",
-                    className: "JsonWebKey"
-                }
-            },
-            policyHash: {
-                serializedName: "x-ms-policy-hash",
-                required: true,
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            isDebuggable: {
-                serializedName: "x-ms-sgx-is-debuggable",
-                required: true,
-                type: {
-                    name: "Boolean"
-                }
-            },
-            productId: {
-                serializedName: "x-ms-sgx-product-id",
-                required: true,
-                type: {
-                    name: "Number"
-                }
-            },
-            mrEnclave: {
-                serializedName: "x-ms-sgx-mrenclave",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            mrSigner: {
-                serializedName: "x-ms-sgx-mrsigner",
-                required: true,
-                type: {
-                    name: "String"
-                }
-            },
-            svn: {
-                serializedName: "x-ms-sgx-svn",
-                required: true,
-                type: {
-                    name: "Number"
-                }
-            },
-            enclaveHeldData: {
-                serializedName: "x-ms-sgx-ehd",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            sgxCollateral: {
-                serializedName: "x-ms-sgx-collateral",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            deprecatedVersion: {
-                serializedName: "ver",
-                type: {
-                    name: "String"
-                }
-            },
-            deprecatedIsDebuggable: {
-                serializedName: "is-debuggable",
-                type: {
-                    name: "Boolean"
-                }
-            },
-            deprecatedSgxCollateral: {
-                serializedName: "maa-attestationcollateral",
-                type: {
-                    name: "Dictionary",
-                    value: { type: { name: "any" } }
-                }
-            },
-            deprecatedEnclaveHeldData: {
-                serializedName: "aas-ehd",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            deprecatedEnclaveHeldData2: {
-                serializedName: "maa-ehd",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            deprecatedProductId: {
-                serializedName: "product-id",
-                type: {
-                    name: "Number"
-                }
-            },
-            deprecatedMrEnclave: {
-                serializedName: "sgx-mrenclave",
-                type: {
-                    name: "String"
-                }
-            },
-            deprecatedMrSigner: {
-                serializedName: "sgx-mrsigner",
-                type: {
-                    name: "String"
-                }
-            },
-            deprecatedSvn: {
-                serializedName: "svn",
-                type: {
-                    name: "Number"
-                }
-            },
-            deprecatedTee: {
-                serializedName: "tee",
-                type: {
-                    name: "String"
-                }
-            },
-            deprecatedPolicySigner: {
-                serializedName: "policy_signer",
-                type: {
-                    name: "Composite",
-                    className: "JsonWebKey"
-                }
-            },
-            deprecatedPolicyHash: {
-                serializedName: "policy_hash",
-                type: {
-                    name: "Base64Url"
-                }
-            },
-            deprecatedRpData: {
-                serializedName: "rp_data",
-                type: {
-                    name: "String"
-                }
-            }
-        }
-    }
-};
-var Mappers = /*#__PURE__*/Object.freeze({
-    __proto__: null,
-    AttestOpenEnclaveRequest: AttestOpenEnclaveRequest,
-    AttestSgxEnclaveRequest: AttestSgxEnclaveRequest,
-    AttestationCertificateManagementBody: AttestationCertificateManagementBody,
-    AttestationResponse: AttestationResponse,
-    CloudError: CloudError,
-    CloudErrorBody: CloudErrorBody,
-    GeneratedAttestationResult: GeneratedAttestationResult,
-    InitTimeData: InitTimeData,
-    JsonWebKey: JsonWebKey,
-    JsonWebKeySet: JsonWebKeySet,
-    PolicyCertificatesModificationResult: PolicyCertificatesModificationResult,
-    PolicyCertificatesModifyResponse: PolicyCertificatesModifyResponse,
-    PolicyCertificatesResponse: PolicyCertificatesResponse,
-    PolicyCertificatesResult: PolicyCertificatesResult,
-    PolicyResponse: PolicyResponse,
-    PolicyResult: PolicyResult,
-    RuntimeData: RuntimeData,
-    StoredAttestationPolicy: StoredAttestationPolicy$1,
-    TpmAttestationRequest: TpmAttestationRequest,
-    TpmAttestationResponse: TpmAttestationResponse
-});
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- */
-/**
- * Represents a stored attestation policy sent to the attestation service.
- */
-class StoredAttestationPolicy {
-    constructor(value) {
-        this.attestationPolicy = stringToBytes(value);
-    }
-    /**
-     * Serializes a StoredAttestationPolicy object to a JSON encoded string.
-     *
-     * @returns The serialized JSON policy.
-     */
-    serialize() {
-        return TypeDeserializer.serialize(this, { StoredAttestationPolicy: StoredAttestationPolicy$1 }, StoredAttestationPolicy$1);
-    }
-    /**
-     * Deserializes a stored attestation policy object returned from the attestation service.
-     *
-     * @param value - Raw JSON object from service to serialize as an attestation policy.
-     * @returns Stored attestation policy.
-     */
-    static deserialize(value) {
-        return TypeDeserializer.deserialize(value, { StoredAttestationPolicy: StoredAttestationPolicy$1 }, "StoredAttestationPolicy");
-    }
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * Encodes a string in base64 format.
- * @param value - the string to encode
- */
-/**
- * Encodes a byte array in base64 format.
- * @param value - the Uint8Array to encode
- */
-function base64EncodeByteArray(value) {
-    // Buffer.from accepts <ArrayBuffer> | <SharedArrayBuffer>-- the TypeScript definition is off here
-    // https://nodejs.org/api/buffer.html#buffer_class_method_buffer_from_arraybuffer_byteoffset_length
-    const bufferValue = value instanceof Buffer ? value : Buffer.from(value.buffer);
-    return bufferValue.toString("base64");
-}
-/**
- * Decodes a base64 string into a byte array.
- * @param value - the base64 string to decode
- */
-function base64DecodeString(value) {
-    return Buffer.from(value, "base64");
-}
-/**
- * Adds missing padding to a Base64 encoded string
- * @param unpadded - The unpadded input string
- * @returns The padded string
- */
-function fixPadding(unpadded) {
-    const count = 3 - ((unpadded.length + 3) % 4);
-    return unpadded + "=".repeat(count);
-}
-/**
- * Decodes a base64url string into a byte array.
- * @param value - the base64url string to decode
- */
-function base64UrlDecodeString(value) {
-    const encoded = value.replace(/-/g, "+").replace(/_/g, "/");
-    const paddedEncoded = fixPadding(encoded);
-    return base64DecodeString(paddedEncoded);
-}
-function hexToByteArray(value) {
-    if (value.length % 2 !== 0) {
-        throw new Error("base64FromHex: Input must be a multiple of 2 characters");
-    }
-    const byteArray = new Array();
-    for (let i = 0; i < value.length; i += 2) {
-        byteArray.push(parseInt(value.substr(i, 2), 16));
-    }
-    return Uint8Array.from(byteArray);
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-// eslint-disable-next-line @typescript-eslint/triple-slash-reference
-/// <reference path="../jsrsasign.d.ts"/>
-/** Create an AttestationSigningKey from the provided private key and certificate.
- *
- * @param privateKey - PEM encoded DER Encoded RSA or ECDS key.
- * @param certificate - PEM encoded DER encoded X.509 certificate.
- */
-function verifyAttestationSigningKey(privateKey, certificate) {
-    //
-    // Ensure that the key and certificate are associated with each other.
-    //
-    // Sign a buffer with the key, then verify the signature with the
-    // certificate.
-    const x509 = new jsrsasign__namespace.X509();
-    x509.readCertPEM(certificate);
-    const alg = x509.getSignatureAlgorithmName();
-    const signer = new jsrsasign__namespace.KJUR.crypto.Signature({ alg: alg });
-    // Confirm that the certificate and private key are related to each other.
-    const bufferToSign = "1234";
-    signer.init(privateKey);
-    signer.updateString(bufferToSign);
-    const sigVal = signer.sign();
-    const verifier = new jsrsasign__namespace.KJUR.crypto.Signature({ alg: alg });
-    verifier.init(x509.getPublicKey());
-    verifier.updateString(bufferToSign);
-    if (!verifier.verify(sigVal)) {
-        throw new Error("verifyAttestationSigningKey: Key does not match Certificate.");
-    }
-    return { certificate: certificate, privateKey: privateKey };
-}
-/**
- *
- * @param base64 - Base64 encoded DER object to encode as PEM.
- * @param pemType - PEM object type - typically "CERTIFICATE" |
- */
-function pemFromBase64(base64, pemType) {
-    let pem = "-----BEGIN " + pemType + "-----\n";
-    while (base64 !== "") {
-        pem += base64.substr(0, 64) + "\n";
-        base64 = base64.substr(64);
-    }
-    pem += "-----END " + pemType + "-----\n";
-    return pem;
-}
-/**
- * Converts a hex encoded string to its base64 equivalent.
- * @param value - Hex encoded value
- */
-function hexToBase64(value) {
-    return base64EncodeByteArray(hexToByteArray(value));
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- *
- * @param key  - JsonWebKey for signing key.
- * @returns AttestationSigner created from the JsonWebKey.
- *
- * @internal
- */
-function _attestationSignerFromGenerated(key) {
-    var _a, _b;
-    return {
-        keyId: key === null || key === void 0 ? void 0 : key.kid,
-        certificates: (_b = (_a = key === null || key === void 0 ? void 0 : key.x5C) === null || _a === void 0 ? void 0 : _a.map((cert) => pemFromBase64(cert, "CERTIFICATE"))) !== null && _b !== void 0 ? _b : [],
-    };
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-// eslint-disable-next-line @typescript-eslint/triple-slash-reference
-/// <reference path="../jsrsasign.d.ts"/>
-/**
- *
- * An AttestationToken represents an RFC 7515 JSON Web Signature object.
- *
- * It can represent either the token returned by the attestation service,
- * or it can be used to create a token locally which can be used to verify
- * attestation policy changes.
- */
-class AttestationTokenImpl {
-    /**
-     * @internal
-     *
-     * @param token - Attetation token returned by the attestation service.
-     */
-    constructor(token) {
-        this._token = token;
-        const pieces = token.split(".");
-        if (pieces.length !== 3) {
-            throw Error("Incorrectly formatted token:");
-        }
-        this._headerBytes = base64UrlDecodeString(pieces[0]);
-        this._header = safeJsonParse(bytesToString(this._headerBytes));
-        this._bodyBytes = base64UrlDecodeString(pieces[1]);
-        this._body = safeJsonParse(bytesToString(this._bodyBytes));
-        //      this._signature = base64UrlDecodeString(pieces[2]);
-        this._jwsVerifier = jsrsasign__namespace.KJUR.jws.JWS.parse(token);
-    }
-    /**
-     * Returns the deserialized body of the AttestationToken object.
-     *
-     * @returns The body of the attestation token as an object.
-     */
-    getBody() {
-        return this._jwsVerifier.payloadObj;
-    }
-    /**
-     * the token to a string.
-     *
-     * @remarks
-     * Serializes the token to a string.
-     *
-     * @returns The token serialized to a RFC 7515 JSON Web Signature.
-     */
-    serialize() {
-        return this._token;
-    }
-    /**
-     * Returns the set of problems discovered in the attestation token.
-     *
-     * @param possibleSigners - the set of possible signers for this attestation token.
-     * @param options - validation options
-     * @returns an array of string values. If there are no problems, returns an empty array.
-     */
-    getTokenProblems(possibleSigners, options = {
-        validateExpirationTime: true,
-        validateToken: true,
-        validateNotBeforeTime: true,
-    }) {
-        let problems = new Array();
-        if (!options.validateToken) {
-            return problems;
-        }
-        let foundSigner = undefined;
-        if (this.algorithm !== "none") {
-            const signers = this.getCandidateSigners(possibleSigners);
-            signers.some((signer) => {
-                const cert = this.certFromSigner(signer);
-                //          const pubKeyObj = cert.getPublicKey();
-                const isValid = jsrsasign__namespace.KJUR.jws.JWS.verify(this._token, cert);
-                if (isValid) {
-                    foundSigner = signer;
-                }
-            });
-            if (foundSigner === undefined) {
-                problems.push("Attestation Token is not properly signed.");
-            }
-        }
-        // If the token has a body, check the expiration time and issuer.
-        if (this._body !== undefined) {
-            problems = problems.concat(this.validateTimeProperties(options));
-            problems = problems.concat(this.validateIssuer(options));
-        }
-        if (options.validateAttestationToken !== undefined) {
-            // If there is a validation error, the getProblemsCallback will return the list of
-            // problems found.
-            const validationErrors = options.validateAttestationToken(this, foundSigner);
-            if (validationErrors) {
-                problems = problems.concat(validationErrors);
-            }
-        }
-        return problems;
-    }
-    validateIssuer(options) {
-        const problems = new Array();
-        if (this.issuer && options.validateIssuer) {
-            if (this.issuer !== options.expectedIssuer) {
-                problems.push("Found issuer: " + this.issuer + "; expected issuer: " + options.expectedIssuer);
-            }
-        }
-        return problems;
-    }
-    /**
-     * Validate the expiration and notbefore time claims in the JSON web token.
-     *
-     * @param options - Options to be used validating the time properties.
-     */
-    validateTimeProperties(options) {
-        var _a, _b;
-        // Calculate the current time as a number of seconds since the start of the
-        // Unix epoch.
-        const problems = new Array();
-        const timeNow = Math.floor(new Date().getTime() / 1000);
-        // Validate expiration time.
-        if (this.expiresOn !== undefined && options.validateExpirationTime) {
-            const expTime = this.expiresOn.getTime() / 1000;
-            if (timeNow > expTime) {
-                const delta = timeNow - expTime;
-                if (delta > ((_a = options.timeValidationSlack) !== null && _a !== void 0 ? _a : 0)) {
-                    problems.push("AttestationToken has expired.");
-                }
-            }
-        }
-        // Validate not before time.
-        if (this.notBefore !== undefined && options.validateNotBeforeTime) {
-            const nbfTime = this.notBefore.getTime() / 1000;
-            if (nbfTime > timeNow) {
-                const delta = nbfTime - timeNow;
-                if (delta > ((_b = options.timeValidationSlack) !== null && _b !== void 0 ? _b : 0)) {
-                    problems.push("AttestationToken is not yet valid.");
-                }
-            }
-        }
-        return problems;
-    }
-    certFromSigner(signer) {
-        // return the PEM encoded certificate.
-        return signer.certificates[0];
-    }
-    getCandidateSigners(possibleSigningCertificates) {
-        const candidateSigners = new Array();
-        const desiredKeyId = this.keyId;
-        if (desiredKeyId !== undefined && possibleSigningCertificates !== undefined) {
-            possibleSigningCertificates.forEach((possibleSigner) => {
-                if (possibleSigner.keyId === desiredKeyId) {
-                    candidateSigners.push(possibleSigner);
-                }
-            });
-            // If we didn't find any candidate signers looking through the provided
-            // signing certificates, then maybe there's a certificate chain in the
-            // token itself that might be used to sign the token.
-            if (candidateSigners.length === 0) {
-                if (this.certificateChain !== undefined && this.certificateChain !== null) {
-                    candidateSigners.push(this.certificateChain);
-                }
-            }
-        }
-        else {
-            possibleSigningCertificates === null || possibleSigningCertificates === void 0 ? void 0 : possibleSigningCertificates.map((value) => candidateSigners.push(value));
-            if (this.certificateChain !== undefined) {
-                candidateSigners.push(this.certificateChain);
-            }
-        }
-        return candidateSigners;
-    }
-    /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */
-    /**
-     * Returns the algorithm from the header of the JSON Web Signature.
-     *
-     *  See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})
-     *  for details.
-     *
-     * If the value of algorithm is "none" it indicates that the token is unsecured.
-     */
-    get algorithm() {
-        var _a;
-        return (_a = this._header) === null || _a === void 0 ? void 0 : _a.alg;
-    }
-    /**
-     *  Json Web Signature Header "kid".
-     *   See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})
-     *   for details.
-     */
-    get keyId() {
-        return this._header.kid;
-    }
-    /**
-     * Json Web Signature Header "crit".
-     *
-     *   See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})
-     *   for details.
-     *
-     */
-    get critical() {
-        return this._header.crit;
-    }
-    /**
-     * Json Web Token Header "content type".
-     * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})
-     *
-     */
-    get contentType() {
-        return this._header.cty;
-    }
-    /**
-     * Json Web Token Header "key URL".
-     *
-     * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})
-     *
-     */
-    get keyUrl() {
-        return this._header.jku;
-    }
-    /**
-     * Json Web Token Header "X509 Url".
-     * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})
-     *
-     */
-    get x509Url() {
-        return this._header.x5u;
-    }
-    /** Json Web Token Header "Typ".
-     *
-     * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})
-     *
-     */
-    get type() {
-        return this._header.typ;
-    }
-    /**
-     * Json Web Token Header "x509 thumprint".
-     * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})
-     */
-    get certificateThumbprint() {
-        return this._header.x5t;
-    }
-    /** Json Web Token Header "x509 SHA256 thumprint".
-     *
-     * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})
-     *
-     */
-    get certificateSha256Thumbprint() {
-        return this._header["x5t#256"];
-    }
-    /** Json Web Token Header "x509 certificate chain".
-     *
-     * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})
-     *
-     */
-    get certificateChain() {
-        let jwk;
-        if (this._header.jwk !== undefined) {
-            jwk = TypeDeserializer.deserialize(this._header.jwk, [JsonWebKey], "JsonWebKey");
-        }
-        else {
-            jwk = TypeDeserializer.deserialize(this._header, { JsonWebKey: JsonWebKey }, "JsonWebKey");
-        }
-        return _attestationSignerFromGenerated(jwk);
-    }
-    /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */
-    /** Issuer of the attestation token.
-     * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})
-     *   for details.
-     */
-    get issuer() {
-        return this._body.iss;
-    }
-    /** Expiration time for the token, from JWT body.
-     *
-     * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})
-     *   for details.
-     */
-    get expiresOn() {
-        return this._body.exp ? new Date(this._body.exp * 1000) : undefined;
-    }
-    /** Issuance time for the token, from JWT body.
-     *
-     * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})
-     *   for details.
-     */
-    get issuedAt() {
-        return this._body.iat ? new Date(this._body.iat * 1000) : undefined;
-    }
-    /**
-     * Not Before time for the token, from JWT body.
-     *
-     * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})
-     *   for details.
-     */
-    get notBefore() {
-        return this._body.nbf ? new Date(this._body.nbf * 1000) : undefined;
-    }
-    /**
-     * Creates a new attestation token from a body and signing key.
-     * @param body - stringified body of the body of the token to be created.
-     * @param signer - Optional signing key used to sign the newly created token.
-     * @returns an {@link AttestationToken | attestation token}
-     */
-    static create(params) {
-        var _a;
-        const header = { alg: "none" };
-        if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {
-            throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
-        }
-        if (params.privateKey && params.certificate) {
-            verifyAttestationSigningKey(params.privateKey, params.certificate);
-        }
-        if (params.privateKey || params.certificate) {
-            const x5c = new jsrsasign__namespace.X509();
-            x5c.readCertPEM(params.certificate);
-            const pubKey = x5c.getPublicKey();
-            if (pubKey instanceof jsrsasign__namespace.RSAKey) {
-                header.alg = "RS256";
-            }
-            else if (pubKey instanceof jsrsasign__namespace.KJUR.crypto.ECDSA) {
-                header.alg = "ES256";
-            }
-            else {
-                throw new Error("Unknown public key type: " + typeof pubKey);
-            }
-            header.x5c = [hexToBase64(x5c.hex)];
-        }
-        else {
-            header.alg = "none";
-        }
-        const encodedToken = jsrsasign__namespace.KJUR.jws.JWS.sign(header.alg, header, (_a = params.body) !== null && _a !== void 0 ? _a : "", params.privateKey);
-        return new AttestationTokenImpl(encodedToken);
-    }
-}
-function isObject(thing) {
-    return Object.prototype.toString.call(thing) === "[object Object]";
-}
-function safeJsonParse(thing) {
-    if (isObject(thing))
-        return thing;
-    try {
-        return JSON.parse(thing);
-    }
-    catch (e) {
-        return undefined;
-    }
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/** Constructs an AttestationToken containing an Attestation Policy document.
- *
- * @param policy - Attestation policy to embed in the attestation token.
- * @param privateKey - optional private key used to sign the attestation token.
- * @param certificate - optional certificate used to verify the attestation token.
- *
- * @remarks Note that if the attestation instance is running in `Isolated` mode,
- *  the privateKey and certificate are required. If the attestation instance
- *  is running in `AAD` mode, they are optional.
- *
- * @throws {@link Error} when the key in the certificate provided does not match the private key.
- */
-function createAttestationPolicyToken(policy, privateKey, certificate) {
-    const token = AttestationTokenImpl.create({
-        body: new StoredAttestationPolicy(policy).serialize(),
-        privateKey: privateKey,
-        certificate: certificate,
-    });
-    return token;
-}
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-const tracingClient = coreTracing.createTracingClient({
-    namespace: "Azure.Security.Attestation",
-    packageName: "@azure/attestation",
-    packageVersion: "1.0.1"
-});
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-const accept = {
-    parameterPath: "accept",
-    mapper: {
-        defaultValue: "application/json",
-        isConstant: true,
-        serializedName: "Accept",
-        type: {
-            name: "String"
-        }
-    }
-};
-const instanceUrl = {
-    parameterPath: "instanceUrl",
-    mapper: {
-        serializedName: "instanceUrl",
-        required: true,
-        type: {
-            name: "String"
-        }
-    },
-    skipEncoding: true
-};
-const apiVersion = {
-    parameterPath: "apiVersion",
-    mapper: {
-        defaultValue: "2020-10-01",
-        isConstant: true,
-        serializedName: "api-version",
-        type: {
-            name: "String"
-        }
-    }
-};
-const attestationType = {
-    parameterPath: "attestationType",
-    mapper: {
-        serializedName: "attestationType",
-        required: true,
-        type: {
-            name: "String"
-        }
-    }
-};
-const contentType = {
-    parameterPath: ["options", "contentType"],
-    mapper: {
-        defaultValue: "text/plain",
-        isConstant: true,
-        serializedName: "Content-Type",
-        type: {
-            name: "String"
-        }
-    }
-};
-const newAttestationPolicy = {
-    parameterPath: "newAttestationPolicy",
-    mapper: {
-        serializedName: "newAttestationPolicy",
-        required: true,
-        type: {
-            name: "String"
-        }
-    }
-};
-const accept1 = {
-    parameterPath: "accept",
-    mapper: {
-        defaultValue: "application/json",
-        isConstant: true,
-        serializedName: "Accept",
-        type: {
-            name: "String"
-        }
-    }
-};
-const policyJws = {
-    parameterPath: "policyJws",
-    mapper: {
-        serializedName: "policyJws",
-        required: true,
-        type: {
-            name: "String"
-        }
-    }
-};
-const contentType1 = {
-    parameterPath: ["options", "contentType"],
-    mapper: {
-        defaultValue: "application/json",
-        isConstant: true,
-        serializedName: "Content-Type",
-        type: {
-            name: "String"
-        }
-    }
-};
-const policyCertificateToAdd = {
-    parameterPath: "policyCertificateToAdd",
-    mapper: {
-        constraints: {
-            Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-        },
-        serializedName: "policyCertificateToAdd",
-        required: true,
-        type: {
-            name: "String"
-        }
-    }
-};
-const policyCertificateToRemove = {
-    parameterPath: "policyCertificateToRemove",
-    mapper: {
-        constraints: {
-            Pattern: new RegExp("[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]*\\.[A-Za-z0-9_-]*")
-        },
-        serializedName: "policyCertificateToRemove",
-        required: true,
-        type: {
-            name: "String"
-        }
-    }
-};
-const request = {
-    parameterPath: "request",
-    mapper: AttestOpenEnclaveRequest
-};
-const request1 = {
-    parameterPath: "request",
-    mapper: AttestSgxEnclaveRequest
-};
-const request2 = {
-    parameterPath: "request",
-    mapper: TpmAttestationRequest
-};
-const accept2 = {
-    parameterPath: "accept",
-    mapper: {
-        defaultValue: "application/jwk+json, application/json",
-        isConstant: true,
-        serializedName: "Accept",
-        type: {
-            name: "String"
-        }
-    }
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Class containing Policy operations. */
-class PolicyImpl {
-    /**
-     * Initialize a new instance of the class Policy class.
-     * @param client Reference to the service client
-     */
-    constructor(client) {
-        this.client = client;
-    }
-    /**
-     * Retrieves the current policy for an attestation type.
-     * @param attestationType Specifies the trusted execution environment to be used to validate the
-     *                        evidence
-     * @param options The options parameters.
-     */
-    async get(attestationType, options) {
-        return tracingClient.withSpan("GeneratedClient.get", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ attestationType, options }, getOperationSpec$3);
-        });
-    }
-    /**
-     * Sets the policy for a given attestation type.
-     * @param attestationType Specifies the trusted execution environment to be used to validate the
-     *                        evidence
-     * @param newAttestationPolicy JWT Expressing the new policy whose body is a StoredAttestationPolicy
-     *                             object.
-     * @param options The options parameters.
-     */
-    async set(attestationType, newAttestationPolicy, options) {
-        return tracingClient.withSpan("GeneratedClient.set", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ attestationType, newAttestationPolicy, options }, setOperationSpec);
-        });
-    }
-    /**
-     * Resets the attestation policy for the specified tenant and reverts to the default policy.
-     * @param attestationType Specifies the trusted execution environment to be used to validate the
-     *                        evidence
-     * @param policyJws JSON Web Signature with an empty policy document
-     * @param options The options parameters.
-     */
-    async reset(attestationType, policyJws, options) {
-        return tracingClient.withSpan("GeneratedClient.reset", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ attestationType, policyJws, options }, resetOperationSpec);
-        });
-    }
-}
-// Operation Specifications
-const serializer$4 = coreClient__namespace.createSerializer(Mappers, /* isXml */ false);
-const getOperationSpec$3 = {
-    path: "/policies/{attestationType}",
-    httpMethod: "GET",
-    responses: {
-        200: {
-            bodyMapper: PolicyResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl, attestationType],
-    headerParameters: [accept],
-    serializer: serializer$4
-};
-const setOperationSpec = {
-    path: "/policies/{attestationType}",
-    httpMethod: "PUT",
-    responses: {
-        200: {
-            bodyMapper: PolicyResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: newAttestationPolicy,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl, attestationType],
-    headerParameters: [contentType, accept1],
-    mediaType: "text",
-    serializer: serializer$4
-};
-const resetOperationSpec = {
-    path: "/policies/{attestationType}:reset",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: PolicyResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: policyJws,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl, attestationType],
-    headerParameters: [contentType, accept1],
-    mediaType: "text",
-    serializer: serializer$4
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Class containing PolicyCertificates operations. */
-class PolicyCertificatesImpl {
-    /**
-     * Initialize a new instance of the class PolicyCertificates class.
-     * @param client Reference to the service client
-     */
-    constructor(client) {
-        this.client = client;
-    }
-    /**
-     * Retrieves the set of certificates used to express policy for the current tenant.
-     * @param options The options parameters.
-     */
-    async get(options) {
-        return tracingClient.withSpan("GeneratedClient.get", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ options }, getOperationSpec$2);
-        });
-    }
-    /**
-     * Adds a new attestation policy certificate to the set of policy management certificates.
-     * @param policyCertificateToAdd An RFC7519 JSON Web Token whose body is an RFC7517 JSON Web Key
-     *                               object. The RFC7519 JWT must be signed with one of the existing signing certificates
-     * @param options The options parameters.
-     */
-    async add(policyCertificateToAdd, options) {
-        return tracingClient.withSpan("GeneratedClient.add", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ policyCertificateToAdd, options }, addOperationSpec);
-        });
-    }
-    /**
-     * Removes the specified policy management certificate. Note that the final policy management
-     * certificate cannot be removed.
-     * @param policyCertificateToRemove An RFC7519 JSON Web Token whose body is an
-     *                                  AttestationCertificateManagementBody object. The RFC7519 JWT must be signed with one of the existing
-     *                                  signing certificates
-     * @param options The options parameters.
-     */
-    async remove(policyCertificateToRemove, options) {
-        return tracingClient.withSpan("GeneratedClient.remove", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ policyCertificateToRemove, options }, removeOperationSpec);
-        });
-    }
-}
-// Operation Specifications
-const serializer$3 = coreClient__namespace.createSerializer(Mappers, /* isXml */ false);
-const getOperationSpec$2 = {
-    path: "/certificates",
-    httpMethod: "GET",
-    responses: {
-        200: {
-            bodyMapper: PolicyCertificatesResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept],
-    serializer: serializer$3
-};
-const addOperationSpec = {
-    path: "/certificates:add",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: PolicyCertificatesModifyResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: policyCertificateToAdd,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept, contentType1],
-    mediaType: "json",
-    serializer: serializer$3
-};
-const removeOperationSpec = {
-    path: "/certificates:remove",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: PolicyCertificatesModifyResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: policyCertificateToRemove,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept, contentType1],
-    mediaType: "json",
-    serializer: serializer$3
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Class containing Attestation operations. */
-class AttestationImpl {
-    /**
-     * Initialize a new instance of the class Attestation class.
-     * @param client Reference to the service client
-     */
-    constructor(client) {
-        this.client = client;
-    }
-    /**
-     * Processes an OpenEnclave report , producing an artifact. The type of artifact produced is dependent
-     * upon attestation policy.
-     * @param request Request object containing the quote
-     * @param options The options parameters.
-     */
-    async attestOpenEnclave(request, options) {
-        return tracingClient.withSpan("GeneratedClient.attestOpenEnclave", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ request, options }, attestOpenEnclaveOperationSpec);
-        });
-    }
-    /**
-     * Processes an SGX enclave quote, producing an artifact. The type of artifact produced is dependent
-     * upon attestation policy.
-     * @param request Request object containing the quote
-     * @param options The options parameters.
-     */
-    async attestSgxEnclave(request, options) {
-        return tracingClient.withSpan("GeneratedClient.attestSgxEnclave", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ request, options }, attestSgxEnclaveOperationSpec);
-        });
-    }
-    /**
-     * Processes attestation evidence from a VBS enclave, producing an attestation result. The attestation
-     * result produced is dependent upon the attestation policy.
-     * @param request Request object
-     * @param options The options parameters.
-     */
-    async attestTpm(request, options) {
-        return tracingClient.withSpan("GeneratedClient.attestTpm", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ request, options }, attestTpmOperationSpec);
-        });
-    }
-}
-// Operation Specifications
-const serializer$2 = coreClient__namespace.createSerializer(Mappers, /* isXml */ false);
-const attestOpenEnclaveOperationSpec = {
-    path: "/attest/OpenEnclave",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: AttestationResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: request,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept, contentType1],
-    mediaType: "json",
-    serializer: serializer$2
-};
-const attestSgxEnclaveOperationSpec = {
-    path: "/attest/SgxEnclave",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: AttestationResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: request1,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept, contentType1],
-    mediaType: "json",
-    serializer: serializer$2
-};
-const attestTpmOperationSpec = {
-    path: "/attest/Tpm",
-    httpMethod: "POST",
-    responses: {
-        200: {
-            bodyMapper: TpmAttestationResponse
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    requestBody: request2,
-    queryParameters: [apiVersion],
-    urlParameters: [instanceUrl],
-    headerParameters: [accept, contentType1],
-    mediaType: "json",
-    serializer: serializer$2
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Class containing SigningCertificates operations. */
-class SigningCertificatesImpl {
-    /**
-     * Initialize a new instance of the class SigningCertificates class.
-     * @param client Reference to the service client
-     */
-    constructor(client) {
-        this.client = client;
-    }
-    /**
-     * Retrieves metadata signing certificates in use by the attestation service
-     * @param options The options parameters.
-     */
-    async get(options) {
-        return tracingClient.withSpan("GeneratedClient.get", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ options }, getOperationSpec$1);
-        });
-    }
-}
-// Operation Specifications
-const serializer$1 = coreClient__namespace.createSerializer(Mappers, /* isXml */ false);
-const getOperationSpec$1 = {
-    path: "/certs",
-    httpMethod: "GET",
-    responses: {
-        200: {
-            bodyMapper: JsonWebKeySet
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    urlParameters: [instanceUrl],
-    headerParameters: [accept2],
-    serializer: serializer$1
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-/** Class containing MetadataConfiguration operations. */
-class MetadataConfigurationImpl {
-    /**
-     * Initialize a new instance of the class MetadataConfiguration class.
-     * @param client Reference to the service client
-     */
-    constructor(client) {
-        this.client = client;
-    }
-    /**
-     * Retrieves metadata about the attestation signing keys in use by the attestation service
-     * @param options The options parameters.
-     */
-    async get(options) {
-        return tracingClient.withSpan("GeneratedClient.get", options !== null && options !== void 0 ? options : {}, async (options) => {
-            return this.client.sendOperationRequest({ options }, getOperationSpec);
-        });
-    }
-}
-// Operation Specifications
-const serializer = coreClient__namespace.createSerializer(Mappers, /* isXml */ false);
-const getOperationSpec = {
-    path: "/.well-known/openid-configuration",
-    httpMethod: "GET",
-    responses: {
-        200: {
-            bodyMapper: {
-                type: { name: "Dictionary", value: { type: { name: "any" } } }
-            }
-        },
-        default: {
-            bodyMapper: CloudError
-        }
-    },
-    urlParameters: [instanceUrl],
-    headerParameters: [accept],
-    serializer
-};
-/*
- * Copyright (c) Microsoft Corporation.
- * Licensed under the MIT License.
- *
- * Code generated by Microsoft (R) AutoRest Code Generator.
- * Changes may cause incorrect behavior and will be lost if the code is regenerated.
- */
-class GeneratedClient extends coreClient__namespace.ServiceClient {
-    /**
-     * Initializes a new instance of the GeneratedClient class.
-     * @param instanceUrl The attestation instance base URI, for example https://mytenant.attest.azure.net.
-     * @param options The parameter options
-     */
-    constructor(instanceUrl, options) {
-        var _a, _b;
-        if (instanceUrl === undefined) {
-            throw new Error("'instanceUrl' cannot be null");
-        }
-        // Initializing default values for options
-        if (!options) {
-            options = {};
-        }
-        const defaults = {
-            requestContentType: "application/json; charset=utf-8"
-        };
-        const packageDetails = `azsdk-js-attestation/1.0.1`;
-        const userAgentPrefix = options.userAgentOptions && options.userAgentOptions.userAgentPrefix
-            ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}`
-            : `${packageDetails}`;
-        const optionsWithDefaults = Object.assign(Object.assign(Object.assign({}, defaults), options), { userAgentOptions: {
-                userAgentPrefix
-            }, baseUri: (_b = (_a = options.endpoint) !== null && _a !== void 0 ? _a : options.baseUri) !== null && _b !== void 0 ? _b : "{instanceUrl}" });
-        super(optionsWithDefaults);
-        // Parameter assignments
-        this.instanceUrl = instanceUrl;
-        // Assigning values to Constant parameters
-        this.apiVersion = options.apiVersion || "2020-10-01";
-        this.policy = new PolicyImpl(this);
-        this.policyCertificates = new PolicyCertificatesImpl(this);
-        this.attestation = new AttestationImpl(this);
-        this.signingCertificates = new SigningCertificatesImpl(this);
-        this.metadataConfiguration = new MetadataConfigurationImpl(this);
-        this.addCustomApiVersionPolicy(options.apiVersion);
-    }
-    /** A function that adds a policy that sets the api-version (or equivalent) to reflect the library version. */
-    addCustomApiVersionPolicy(apiVersion) {
-        if (!apiVersion) {
-            return;
-        }
-        const apiVersionPolicy = {
-            name: "CustomApiVersionPolicy",
-            async sendRequest(request, next) {
-                const param = request.url.split("?");
-                if (param.length > 1) {
-                    const newParams = param[1].split("&").map((item) => {
-                        if (item.indexOf("api-version") > -1) {
-                            return "api-version=" + apiVersion;
-                        }
-                        else {
-                            return item;
-                        }
-                    });
-                    request.url = param[0] + "?" + newParams.join("&");
-                }
-                return next(request);
-            }
-        };
-        this.pipeline.addPolicy(apiVersionPolicy);
-    }
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * The \@azure/logger configuration for this package.
- *
- * @internal
- */
-const logger = logger$1.createClientLogger("attestation");
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/** Create an AttestationResponse object.
- *
- * @param token - Token which was returned from the attestation service.
- * @param value - Value for the response. Usually derived from the body of the token
- *    returned by the service.
- * @returns - A newly created AttestationResponse object.
- */
-function createAttestationResponse(token, value) {
-    return { token: token, body: value };
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA
- */
-class AttestationResultImpl {
-    /**
-     *
-     * @param params - The parameters for the constructor.
-     *
-     * @hidden
-     */
-    constructor(params) {
-        this._issuer = params.issuer;
-        this._nonce = params.nonce;
-        this._version = params.version;
-        this._uniqueId = params.uniqueId;
-        this._runTimeClaims = params.runTimeClaims;
-        this._initTimeClaims = params.initTimeClaims;
-        this._policyClaims = params.policyClaims;
-        this._verifierType = params.verifierType;
-        this._policySigner = params.policySigner;
-        this._policyHash = params.policyHash;
-        this._isDebuggable = params.isDebuggable;
-        this._productId = params.productId;
-        this._mrEnclave = params.mrEnclave;
-        this._mrSigner = params.mrSigner;
-        this._svn = params.svn;
-        this._enclaveHeldData = params.enclaveHeldData;
-        this._sgxCollateral = params.sgxCollateral;
-    }
-    /**
-     * Unique Identifier for the token
-     *
-     */
-    get uniqueId() {
-        return this._uniqueId;
-    }
-    /**
-     * Returns the issuer of the attestation token. MUST be the same as the
-     * endpoint used when constructing the attestation client instance.
-     */
-    get issuer() {
-        return this._issuer;
-    }
-    /**
-     * Returns the "nonce" value specified in the Attest request.
-     */
-    get nonce() {
-        return this._nonce;
-    }
-    /**
-     * The Schema version of this structure. Current Value: 1.0
-     */
-    get version() {
-        return this._version;
-    }
-    /**
-     * Runtime Claims
-     */
-    get runTimeClaims() {
-        return this._runTimeClaims;
-    }
-    /**
-     * Inittime Claims
-     */
-    get initTimeClaims() {
-        return this._initTimeClaims;
-    }
-    /**
-     * Policy Generated Claims
-     */
-    get policyClaims() {
-        return this._policyClaims;
-    }
-    /**
-     * The Attestation type being attested.
-     */
-    get verifierType() {
-        return this._verifierType;
-    }
-    /**
-     * The certificate used to sign the policy object, if specified.
-     */
-    get policySigner() {
-        return this._policySigner;
-    }
-    /**
-     * The SHA256 hash of the BASE64URL encoded policy text used for attestation
-     */
-    get policyHash() {
-        return this._policyHash;
-    }
-    /**
-     * True if the enclave is debuggable, false otherwise
-     */
-    get isDebuggable() {
-        return this._isDebuggable;
-    }
-    /**
-     * The SGX Product ID for the enclave.
-     */
-    get productId() {
-        return this._productId;
-    }
-    /**
-     * The HEX encoded SGX MRENCLAVE value for the enclave.
-     */
-    get mrEnclave() {
-        return this._mrEnclave;
-    }
-    /**
-     * The HEX encoded SGX MRSIGNER value for the enclave.
-     */
-    get mrSigner() {
-        return this._mrSigner;
-    }
-    /**
-     * The SGX SVN value for the enclave.
-     */
-    get svn() {
-        return this._svn;
-    }
-    /**
-     * A copy of the RuntimeData specified as an input to the attest call.
-     */
-    get enclaveHeldData() {
-        return this._enclaveHeldData;
-    }
-    /**
-     * The SGX SVN value for the enclave.
-     */
-    get sgxCollateral() {
-        return this._sgxCollateral;
-    }
-}
-/**
- *
- * @param generated - Generated attestation result object.
- * @returns newly created AttestationResult from the generated result.
- *
- * @internal
- */
-function _attestationResultFromGenerated(generated) {
-    return new AttestationResultImpl({
-        issuer: generated.iss,
-        version: generated.version,
-        nonce: generated.nonce,
-        uniqueId: generated.jti,
-        policySigner: generated.policySigner
-            ? _attestationSignerFromGenerated(generated.policySigner)
-            : undefined,
-        runTimeClaims: generated.runtimeClaims,
-        initTimeClaims: generated.inittimeClaims,
-        policyClaims: generated.policyClaims,
-        verifierType: generated.verifierType,
-        policyHash: generated.policyHash,
-        isDebuggable: generated.isDebuggable,
-        productId: generated.productId,
-        mrEnclave: generated.mrEnclave,
-        mrSigner: generated.mrSigner,
-        svn: generated.svn,
-        enclaveHeldData: generated.enclaveHeldData,
-        sgxCollateral: generated.sgxCollateral,
-    });
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * Converts an attestation input from Uint8Array/Buffer/Blob to Uint8Array.
- *
- * @param input - Input to attestation API.
- * @returns Promise which completes with the input data as a Uint8Array.
- */
-async function Uint8ArrayFromInput(input) {
-    if (input === undefined) {
-        return input;
-    }
-    if (input.byteLength === undefined) {
-        throw TypeError("Blob is unsupported in node.");
-    }
-    // We've eliminated the 'Blob' case above, so we know this must be either a Buffer or Uint8Array.
-    return input;
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * Attestation Client class.
- *
- * The AttestationClient class enables access to the Attestation related APIs:
- *
- * - getOpenIdMetadata
- * - getAttestationSigners
- * - attestSgxEnclave
- * - attestOpenEnclave
- * - attestTpm
- */
-class AttestationClient {
-    constructor(endpoint, credentialsOrOptions, clientOptions = {}) {
-        let credentialScopes = undefined;
-        let credential = undefined;
-        let options;
-        if (credentialsOrOptions && coreAuth.isTokenCredential(credentialsOrOptions)) {
-            credential = credentialsOrOptions;
-            credentialScopes = ["https://attest.azure.net/.default"];
-            options = clientOptions;
-        }
-        else {
-            options = credentialsOrOptions || {};
-        }
-        const internalPipelineOptions = Object.assign(Object.assign({}, options), {
-            credentialScopes: credentialScopes,
-            credential: credential,
-            loggingOptions: {
-                logger: logger.info,
-                allowedHeaderNames: ["x-ms-request-id", "x-ms-maa-service-version"],
-            },
-        });
-        this._client = new GeneratedClient(endpoint, internalPipelineOptions);
-        this._validationOptions = options.validationOptions;
-    }
-    /** Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.
-     *
-     * @param report - An OpenEnclave report generated by an SGX enclave.
-     * @param options - Operation options for the attestOpenEnclave API call.
-     * @returns Returns an AttestationResponse whose body is an AttestationResult describing
-     *    the claims returned by the attestation service.
-     *
-     * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.
-     * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.
-     * @throws {@link Error} if the `initTimeJson` option is provided and the value of `initTimeJson` is not JSON.
-     * @throws {@link Error} if the `runTimeJson` option is provided and the value of `runTimeJson` is not JSON.
-     */
-    async attestOpenEnclave(report, options = {}) {
-        return tracingClient.withSpan("AttestationClient-attestOpenEnclave", options, async (updatedOptions) => {
-            var _a, _b, _c, _d;
-            if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {
-                throw new Error("Cannot provide both initTimeData and initTimeJson.");
-            }
-            if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {
-                throw new Error("Cannot provide both runTimeData and runTimeJson.");
-            }
-            const initData = await Uint8ArrayFromInput((_a = options.initTimeData) !== null && _a !== void 0 ? _a : options.initTimeJson);
-            const initTimeData = initData
-                ? {
-                    data: initData,
-                    dataType: options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,
-                }
-                : undefined;
-            const runData = await Uint8ArrayFromInput((_b = options.runTimeData) !== null && _b !== void 0 ? _b : options.runTimeJson);
-            const runTimeData = runData
-                ? {
-                    data: runData,
-                    dataType: options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,
-                }
-                : undefined;
-            const attestationResponse = await this._client.attestation.attestOpenEnclave({
-                report: await Uint8ArrayFromInput(report),
-                initTimeData: initTimeData,
-                runtimeData: runTimeData,
-                draftPolicyForAttestation: (_c = options.draftPolicyForAttestation) !== null && _c !== void 0 ? _c : undefined,
-            }, updatedOptions);
-            const token = new AttestationTokenImpl(attestationResponse.token);
-            const problems = token.getTokenProblems(await this._signingKeys(), (_d = options.validationOptions) !== null && _d !== void 0 ? _d : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            const attestationResult = TypeDeserializer.deserialize(token.getBody(), {
-                GeneratedAttestationResult: GeneratedAttestationResult,
-                JsonWebKey: JsonWebKey,
-            }, "GeneratedAttestationResult");
-            return createAttestationResponse(token, _attestationResultFromGenerated(attestationResult));
-        });
-    }
-    /** Attests a quote generated from SGX Enclave using the Intel SDK.
-     *
-     * @param quote - An SGX quote generated by an SGX enclave.
-     * @param options - Operation options for the attestOpenEnclave API call.
-     * @returns Returns an AttestationResponse whose body is an AttestationResult describing
-     *    the claims returned by the attestation service.
-     * @throws {@link Error} if the `initTimeData` option and `initTimeJson` option is provided.
-     * @throws {@link Error} if the `runTimeData` option and `runTimeJson` option is provided.
-     */
-    async attestSgxEnclave(quote, options = {}) {
-        return tracingClient.withSpan("AttestationClient-attestSgxEnclave", options, async (updatedOptions) => {
-            var _a, _b, _c, _d;
-            if (options.initTimeData !== undefined && options.initTimeJson !== undefined) {
-                throw new Error("Cannot provide both initTimeData and initTimeJson.");
-            }
-            if (options.runTimeData !== undefined && options.runTimeJson !== undefined) {
-                throw new Error("Cannot provide both runTimeData and runTimeJson.");
-            }
-            const initData = await Uint8ArrayFromInput((_a = options.initTimeData) !== null && _a !== void 0 ? _a : options.initTimeJson);
-            const initTimeData = initData
-                ? {
-                    data: initData,
-                    dataType: options.initTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,
-                }
-                : undefined;
-            const runData = await Uint8ArrayFromInput((_b = options.runTimeData) !== null && _b !== void 0 ? _b : options.runTimeJson);
-            const runTimeData = runData
-                ? {
-                    data: runData,
-                    dataType: options.runTimeJson !== undefined ? KnownDataType.Json : KnownDataType.Binary,
-                }
-                : undefined;
-            const attestationResponse = await this._client.attestation.attestSgxEnclave({
-                quote: await Uint8ArrayFromInput(quote),
-                initTimeData: initTimeData,
-                runtimeData: runTimeData,
-                draftPolicyForAttestation: (_c = options.draftPolicyForAttestation) !== null && _c !== void 0 ? _c : undefined,
-            }, updatedOptions);
-            const token = new AttestationTokenImpl(attestationResponse.token);
-            const problems = token.getTokenProblems(await this._signingKeys(), (_d = options.validationOptions) !== null && _d !== void 0 ? _d : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            const attestationResult = TypeDeserializer.deserialize(token.getBody(), {
-                GeneratedAttestationResult: GeneratedAttestationResult,
-                JsonWebKey: JsonWebKey,
-            }, "GeneratedAttestationResult");
-            return createAttestationResponse(token, _attestationResultFromGenerated(attestationResult));
-        });
-    }
-    /** Attest a TPM based enclave.
-     * See the  {@link https://docs.microsoft.com/en-us/azure/attestation/virtualization-based-security-protocol | TPM Attestation Protocol Reference} for more information.
-     *
-     * @param request - Incoming request to send to the TPM attestation service, Utf8 encoded.
-     * @param options - Pipeline options for TPM attestation request.
-     * @returns A structure containing the response from the TPM attestation, Utf8 encoded.
-     *
-     * @remarks
-     *
-     * The incoming requests to the TPM attestation API are stringified JSON objects.
-     *
-     * @example
-     * For example, the initial call for a TPM attestation operation is:
-     *
-     * ```js
-     * const encodedPayload = JSON.stringify({ payload: { type: "aikcert" } });
-     * const result = await client.attestTpm(encodedPayload);
-     * ```
-     *
-     * where stringToBytes converts the string to UTF8.
-     *
-     * Note that the attestTpm requires an attestation client which is configured with
-     * authentication credentials.
-     *
-     */
-    async attestTpm(request, options = {}) {
-        return tracingClient.withSpan("AttestationClient-attestSgxEnclave", options, async (updatedOptions) => {
-            const response = await this._client.attestation.attestTpm({ data: stringToBytes(request) }, updatedOptions);
-            if (response.data) {
-                return bytesToString(response.data);
-            }
-            else {
-                throw Error("Internal error - response data cannot be undefined.");
-            }
-        });
-    }
-    /**
-     * Returns the list of attestation signers which can be used to sign attestation
-     * service tokens.
-     *
-     * @param options - Client operation options.
-     * @returns the set of AttestationSigners which may be used to sign attestation tokens.
-     */
-    async getAttestationSigners(
-    // eslint-disable-next-line @azure/azure-sdk/ts-naming-options
-    options = {}) {
-        return tracingClient.withSpan("AttestationClient-getAttestationSigners", options, async (updatedOptions) => {
-            var _a;
-            const signingCertificates = await this._client.signingCertificates.get(updatedOptions);
-            const signers = new Array();
-            (_a = signingCertificates.keys) === null || _a === void 0 ? void 0 : _a.forEach((element) => {
-                signers.push(_attestationSignerFromGenerated(element));
-            });
-            return signers;
-        });
-    }
-    /**
-     * Returns the OpenID Metadata discovery document for the attestation service instance.
-     * @param options - Client operation options.
-     * @returns The OpenID metadata discovery document for the attestation service.
-     */
-    async getOpenIdMetadata(
-    // eslint-disable-next-line @azure/azure-sdk/ts-naming-options
-    options = {}) {
-        return tracingClient.withSpan("AttestationClient-getOpenIdMetadata", options, async (updatedOptions) => {
-            const configs = await this._client.metadataConfiguration.get(updatedOptions);
-            return configs;
-        });
-    }
-    async _signingKeys() {
-        var _a;
-        if (this._signers !== undefined) {
-            return this._signers;
-        }
-        const jwks = await this._client.signingCertificates.get();
-        const signers = new Array();
-        (_a = jwks.keys) === null || _a === void 0 ? void 0 : _a.forEach((element) => {
-            signers.push(_attestationSignerFromGenerated(element));
-        });
-        this._signers = signers;
-        return this._signers;
-    }
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/**
- * Create a new instance of a {@link PolicyResult} from a raw JSON object.
- * @param rawJson - JSON Policy Result object returned from the Attestation service.
- * @returns a newly created {@link PolicyResult} object whose contents reflect the JSON received from
- *  the attestation service.
- */
-function _policyResultFromGenerated(rawJson) {
-    const policyResult = TypeDeserializer.deserialize(rawJson, { PolicyResult: PolicyResult, JsonWebKey: JsonWebKey }, "PolicyResult");
-    return {
-        policyResolution: policyResult.policyResolution,
-        policyTokenHash: policyResult.policyTokenHash,
-        policy: policyResult.policy,
-        policySigner: policyResult.policySigner
-            ? _attestationSignerFromGenerated(policyResult.policySigner)
-            : undefined,
-    };
-}
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-/* eslint-disable @azure/azure-sdk/ts-naming-options */
-/**
- * Attestation Client class.
- *
- * The AttestationClient class enables access to the Attestation related APIs:
- *
- * - getPolicy
- * - setPolicy
- * - resetPolicy
- * - getPolicyManagementCertificates
- * - addPolicyManagementCertificate
- * - removePolicyManagementCertificate
- */
-class AttestationAdministrationClient {
-    /**
-     * Creates an instance of AttestationAdministrationClient.
-     *
-     * Example usage:
-     * ```ts
-     * import { AttestationAdministrationClient } from "@azure/attestation";
-     *
-     * const client = new AttestationAdministrationClient(
-     *    "<service endpoint>",
-     *    new TokenCredential("<>")
-     * );
-     * ```
-     *
-     * @param endpoint - The attestation instance endpoint, for example https://mytenant.attest.azure.net.
-     * @param credential - Used to authenticate requests to the service.
-     * @param options - Used to configure the Form Recognizer client.
-     */
-    constructor(endpoint, credentials, options = {}) {
-        this._validationOptions = options.validationOptions;
-        const internalPipelineOptions = Object.assign(Object.assign({}, options), {
-            credential: credentials,
-            credentialScopes: ["https://attest.azure.net/.default"],
-            loggingOptions: {
-                logger: logger.info,
-                allowedHeaderNames: ["x-ms-request-id", "x-ms-maa-service-version"],
-            },
-        });
-        this._client = new GeneratedClient(endpoint, internalPipelineOptions);
-    }
-    /**
-     * Retrieves the attestation policy document from the server, and returns it
-     * to the caller.
-     *
-     * @param attestationType - AttestationType for which to retrieve policy.
-     * @param options - Pipeline and client options for the `getPolicy` call.
-     * @returns `AttestationResponse<string>` - the `value` property is the
-     *      attestation policy,  the `token` property will be the actual token
-     *      returned by the attestation service.
-     */
-    async getPolicy(attestationType, options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-getPolicy", options, async (updatedOptions) => {
-            var _a;
-            const getPolicyResult = await this._client.policy.get(attestationType, updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(getPolicyResult.token);
-            // Validate the token returned from the service.
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyResult object to retrieve the underlying policy
-            //  token
-            const policyResult = _policyResultFromGenerated(token.getBody());
-            // The policyResult.policy value will be a JSON Web Signature representing
-            // the actual policy object being retrieved. Serialize the token to an
-            // AttestationToken object so we can access the body properties on the token.
-            if (!policyResult.policy) {
-                throw Error("Server returned an invalid getPolicy response!");
-            }
-            const policyToken = new AttestationTokenImpl(policyResult.policy);
-            const storedPolicy = StoredAttestationPolicy.deserialize(policyToken.getBody());
-            // Finally, retrieve the stored attestationPolicy value and return that
-            // as the AttestationResponse to the caller.
-            return createAttestationResponse(token, bytesToString(storedPolicy.attestationPolicy));
-        });
-    }
-    /**
-     * Sets the attestation policy for the specified {@link attestationType}.
-     *
-     * @param attestationType - Attestation Type for which to set policy.
-     * @param newPolicyDocument - Policy document to be set.
-     * @param options - call options.
-     * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.
-     *  Clients can use the PolicyResult to validate that the policy was actually
-     *  set by the attestation service.
-     *
-     * @remarks
-     *
-     * Please note that if the attestation service instance is running in "Isolated"
-     * mode, the {@link signingKey} must be one of the signing keys configured for the
-     * service instance.
-     *
-     * @throws {@link Error} when a private key is specified without a certificate and vice versa.
-     * @throws {@link Error} when the key in the certificate provided does not match the private key.
-     */
-    async setPolicy(attestationType, newPolicyDocument, options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-setPolicy", options, async (updatedOptions) => {
-            var _a;
-            if ((!options.privateKey && options.certificate) ||
-                (options.privateKey && !options.certificate)) {
-                throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
-            }
-            if (options.privateKey && options.certificate) {
-                verifyAttestationSigningKey(options.privateKey, options.certificate);
-            }
-            const storedAttestationPolicy = new StoredAttestationPolicy(newPolicyDocument).serialize();
-            const setPolicyToken = AttestationTokenImpl.create(Object.assign({ body: storedAttestationPolicy }, options));
-            const setPolicyResult = await this._client.policy.set(attestationType, setPolicyToken.serialize(), updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(setPolicyResult.token);
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyResult object to retrieve the underlying policy
-            //  token
-            const policyResult = _policyResultFromGenerated(token.getBody());
-            // The policyResult.policy value will be a JSON Web Signature representing
-            // the actual policy object being retrieved. Serialize the token to an
-            // AttestationToken object so we can access the body properties on the token.
-            return createAttestationResponse(token, policyResult);
-        });
-    }
-    /**
-     * Resets the attestation policy for the specified {@link attestationType} to
-     * the default value.
-     *
-     * @param attestationType - Attestation Type for which to set policy.
-     * @param options - call options.
-     * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.
-     *  Clients can use the PolicyResult to validate that the policy was actually
-     *  reset by the attestation service.
-     *
-     * @remarks
-     *
-     * Please note that if the attestation service instance is running in "Isolated"
-     * mode, the {@link signingKey} must be one of the signing keys configured for the
-     * service instance.
-     *
-     * @throws {@link Error} when a private key is specified without a certificate and vice versa.
-     * @throws {@link Error} when the key in the certificate provided does not match the private key.
-     */
-    async resetPolicy(attestationType, options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-setPolicy", options, async (updatedOptions) => {
-            var _a;
-            if ((!options.privateKey && options.certificate) ||
-                (options.privateKey && !options.certificate)) {
-                throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
-            }
-            if (options.privateKey && options.certificate) {
-                verifyAttestationSigningKey(options.privateKey, options.certificate);
-            }
-            const resetPolicyToken = AttestationTokenImpl.create({
-                privateKey: options.privateKey,
-                certificate: options.certificate,
-            });
-            const resetPolicyResult = await this._client.policy.reset(attestationType, resetPolicyToken.serialize(), updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(resetPolicyResult.token);
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyResult object to retrieve the underlying policy
-            //  token
-            const policyResult = _policyResultFromGenerated(token.getBody());
-            // The policyResult.policy value will be a JSON Web Signature representing
-            // the actual policy object being retrieved. Serialize the token to an
-            // AttestationToken object so we can access the body properties on the token.
-            return createAttestationResponse(token, policyResult);
-        });
-    }
-    /** Returns the set of policy management certificates for this attestation instance.
-     *
-     * @remarks If the attestation instance is not in `Isolated` mode, this list will
-     *    always be empty.
-     *
-     * @param options - Options for the call to the attestation service.
-     * @returns AttestationResponse wrapping a list of Attestation Signers.
-     */
-    async getPolicyManagementCertificates(options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-getPolicyManagementCertificates", options, async (updatedOptions) => {
-            var _a;
-            const getCertificatesResult = await this._client.policyCertificates.get(updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(getCertificatesResult.token);
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyResult object to retrieve the underlying policy
-            //  token
-            const jwks = TypeDeserializer.deserialize(token.getBody(), {
-                PolicyCertificatesResult: PolicyCertificatesResult,
-                JsonWebKeySet: JsonWebKeySet,
-                JsonWebKey: JsonWebKey,
-            }, "PolicyCertificatesResult");
-            const policyCertificates = new Array();
-            jwks.policyCertificates.keys.forEach((jwk) => {
-                policyCertificates.push(_attestationSignerFromGenerated(jwk));
-            });
-            return createAttestationResponse(token, policyCertificates);
-        });
-    }
-    /** Add a new certificate chain to the set of policy management certificates.
-     *
-     * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.
-     * @param privateKey - Existing attestation private key used to sign the incoming request.
-     * @param certificate - Existing attestation certificate used to verify the incoming request.
-     * @param options - Options used in the call to the service.
-     * @returns An attestation response including a PolicyCertificatesModificationResult
-     *
-     * @remarks This API is only supported on `isolated` attestation instances.
-     *
-     * The signing key MUST be one of the existing attestation signing certificates. The
-     * new pemCertificate is signed using the signingKey and the service will validate the
-     * signature before allowing the addition.
-     *
-     * @throws {@link Error} when a private key is specified without a certificate and vice versa.
-     * @throws {@link Error} when the key in the certificate provided does not match the private key.
-     *
-     */
-    async addPolicyManagementCertificate(pemCertificate, privateKey, certificate, options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-addPolicyManagementCertificate", options, async (updatedOptions) => {
-            var _a;
-            if ((!privateKey && certificate) || (privateKey && !certificate)) {
-                throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
-            }
-            if (privateKey && certificate) {
-                verifyAttestationSigningKey(privateKey, certificate);
-            }
-            const cert = new jsrsasign__namespace.X509();
-            cert.readCertPEM(pemCertificate);
-            const kty = this.keyTypeFromCertificate(cert);
-            const jwk = {
-                x5C: [hexToBase64(cert.hex)],
-                kty: kty,
-            };
-            const addBody = {
-                policyCertificate: jwk,
-            };
-            const addCertToken = AttestationTokenImpl.create({
-                body: TypeDeserializer.serialize(addBody, {
-                    AttestationCertificateManagementBody: AttestationCertificateManagementBody,
-                    JsonWebKey: JsonWebKey,
-                }, AttestationCertificateManagementBody),
-                privateKey: privateKey,
-                certificate: certificate,
-            });
-            const addCertificateResult = await this._client.policyCertificates.add(addCertToken.serialize(), updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(addCertificateResult.token);
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyCertificatesModificationResult object.
-            const result = TypeDeserializer.deserialize(token.getBody(), {
-                PolicyCertificatesModificationResult: PolicyCertificatesModificationResult,
-                JsonWebKeySet: JsonWebKeySet,
-                JsonWebKey: JsonWebKey,
-            }, "PolicyCertificatesModificationResult");
-            return createAttestationResponse(token, result);
-        });
-    }
-    keyTypeFromCertificate(cert) {
-        let kty;
-        switch (cert.getSignatureAlgorithmName()) {
-            case "SHA256withRSA":
-            case "SHA384withRSA":
-            case "SHA512withRSA":
-                kty = "RSA";
-                break;
-            case "SHA256withECDSA":
-            case "SHA384withECDSA":
-                kty = "EC";
-                break;
-            default:
-                kty = "RSA";
-                break;
-        }
-        return kty;
-    }
-    /** Add a new certificate chain to the set of policy management certificates.
-     *
-     * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.
-     * @param privateKey - Existing attestation private key used to sign the incoming request.
-     * @param certificate - Existing attestation certificate used to verify the incoming request.
-     * @param options - Options used in the call to the service.
-     * @returns An attestation response including a PolicyCertificatesModificationResult
-     *
-     * @remarks This API is only supported on `isolated` attestation instances.
-     *
-     * The signing key MUST be one of the existing attestation signing certificates. The
-     * new pemCertificate is signed using the signingKey and the service will validate the
-     * signature before allowing the addition.
-     *
-     * @throws {@link Error} when a private key is specified without a certificate and vice versa.
-     * @throws {@link Error} when the key in the certificate provided does not match the private key.
-     */
-    async removePolicyManagementCertificate(pemCertificate, privateKey, certificate, options = {}) {
-        return tracingClient.withSpan("AttestationAdministrationClient-removePolicyManagementCertificate", options, async (updatedOptions) => {
-            var _a;
-            if ((!privateKey && certificate) || (privateKey && !certificate)) {
-                throw new Error("If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.");
-            }
-            if (privateKey && certificate) {
-                verifyAttestationSigningKey(privateKey, certificate);
-            }
-            const cert = new jsrsasign__namespace.X509();
-            cert.readCertPEM(pemCertificate);
-            const kty = this.keyTypeFromCertificate(cert);
-            const jwk = {
-                x5C: [hexToBase64(cert.hex)],
-                kty: kty,
-            };
-            const addBody = {
-                policyCertificate: jwk,
-            };
-            const removeCertToken = AttestationTokenImpl.create({
-                body: TypeDeserializer.serialize(addBody, {
-                    AttestationCertificateManagementBody: AttestationCertificateManagementBody,
-                    JsonWebKey: JsonWebKey,
-                }, AttestationCertificateManagementBody),
-                privateKey: privateKey,
-                certificate: certificate,
-            });
-            const removeCertificateResult = await this._client.policyCertificates.remove(removeCertToken.serialize(), updatedOptions);
-            // The attestation token returned from the service has a PolicyResult
-            // object as the body.
-            const token = new AttestationTokenImpl(removeCertificateResult.token);
-            const problems = token.getTokenProblems(await this.signingKeys(), (_a = options.validationOptions) !== null && _a !== void 0 ? _a : this._validationOptions);
-            if (problems.length) {
-                throw new Error(problems.join(";"));
-            }
-            // Deserialize the PolicyCertificatesModificationResult object.
-            const result = TypeDeserializer.deserialize(token.getBody(), {
-                PolicyCertificatesModificationResult: PolicyCertificatesModificationResult,
-                JsonWebKeySet: JsonWebKeySet,
-                JsonWebKey: JsonWebKey,
-            }, "PolicyCertificatesModificationResult");
-            return createAttestationResponse(token, result);
-        });
-    }
-    async signingKeys() {
-        var _a;
-        if (this._signers !== undefined) {
-            return this._signers;
-        }
-        const jwks = await this._client.signingCertificates.get();
-        const signers = new Array();
-        (_a = jwks.keys) === null || _a === void 0 ? void 0 : _a.forEach((element) => {
-            signers.push(_attestationSignerFromGenerated(element));
-        });
-        this._signers = signers;
-        return this._signers;
-    }
-}
-exports.AttestationAdministrationClient = AttestationAdministrationClient;
-exports.AttestationClient = AttestationClient;
-exports.createAttestationPolicyToken = createAttestationPolicyToken;
-//# sourceMappingURL=index.js.map