@azure/attestation 1.0.1-alpha.20241029.1 → 1.0.1-alpha.20241031.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/dist/attestation.d.ts +3 -3
  2. package/dist/browser/attestationAdministrationClient.d.ts +3 -3
  3. package/dist/browser/attestationAdministrationClient.d.ts.map +1 -1
  4. package/dist/browser/attestationAdministrationClient.js.map +1 -1
  5. package/dist/browser/attestationClient.d.ts +4 -4
  6. package/dist/browser/attestationClient.d.ts.map +1 -1
  7. package/dist/browser/attestationClient.js +1 -1
  8. package/dist/browser/attestationClient.js.map +1 -1
  9. package/dist/browser/models/attestationPolicyToken.d.ts +1 -1
  10. package/dist/browser/models/attestationPolicyToken.d.ts.map +1 -1
  11. package/dist/browser/models/attestationPolicyToken.js +0 -1
  12. package/dist/browser/models/attestationPolicyToken.js.map +1 -1
  13. package/dist/browser/models/attestationResponse.d.ts +1 -1
  14. package/dist/browser/models/attestationResponse.d.ts.map +1 -1
  15. package/dist/browser/models/attestationResponse.js.map +1 -1
  16. package/dist/browser/models/attestationResult.d.ts +2 -2
  17. package/dist/browser/models/attestationResult.d.ts.map +1 -1
  18. package/dist/browser/models/attestationResult.js.map +1 -1
  19. package/dist/browser/models/attestationSigner.d.ts +1 -1
  20. package/dist/browser/models/attestationSigner.d.ts.map +1 -1
  21. package/dist/browser/models/attestationSigner.js.map +1 -1
  22. package/dist/browser/models/attestationToken.d.ts +1 -1
  23. package/dist/browser/models/attestationToken.d.ts.map +1 -1
  24. package/dist/browser/models/attestationToken.js.map +1 -1
  25. package/dist/browser/models/policyResult.d.ts +2 -2
  26. package/dist/browser/models/policyResult.d.ts.map +1 -1
  27. package/dist/browser/models/policyResult.js.map +1 -1
  28. package/dist/browser/utils/typeDeserializer.d.ts +1 -1
  29. package/dist/browser/utils/typeDeserializer.d.ts.map +1 -1
  30. package/dist/browser/utils/typeDeserializer.js.map +1 -1
  31. package/dist/commonjs/attestationAdministrationClient.d.ts +3 -3
  32. package/dist/commonjs/attestationAdministrationClient.d.ts.map +1 -1
  33. package/dist/commonjs/attestationAdministrationClient.js.map +1 -1
  34. package/dist/commonjs/attestationClient.d.ts +4 -4
  35. package/dist/commonjs/attestationClient.d.ts.map +1 -1
  36. package/dist/commonjs/attestationClient.js.map +1 -1
  37. package/dist/commonjs/models/attestationPolicyToken.d.ts +1 -1
  38. package/dist/commonjs/models/attestationPolicyToken.d.ts.map +1 -1
  39. package/dist/commonjs/models/attestationPolicyToken.js +0 -1
  40. package/dist/commonjs/models/attestationPolicyToken.js.map +1 -1
  41. package/dist/commonjs/models/attestationResponse.d.ts +1 -1
  42. package/dist/commonjs/models/attestationResponse.d.ts.map +1 -1
  43. package/dist/commonjs/models/attestationResponse.js.map +1 -1
  44. package/dist/commonjs/models/attestationResult.d.ts +2 -2
  45. package/dist/commonjs/models/attestationResult.d.ts.map +1 -1
  46. package/dist/commonjs/models/attestationResult.js.map +1 -1
  47. package/dist/commonjs/models/attestationSigner.d.ts +1 -1
  48. package/dist/commonjs/models/attestationSigner.d.ts.map +1 -1
  49. package/dist/commonjs/models/attestationSigner.js.map +1 -1
  50. package/dist/commonjs/models/attestationToken.d.ts +1 -1
  51. package/dist/commonjs/models/attestationToken.d.ts.map +1 -1
  52. package/dist/commonjs/models/attestationToken.js.map +1 -1
  53. package/dist/commonjs/models/policyResult.d.ts +2 -2
  54. package/dist/commonjs/models/policyResult.d.ts.map +1 -1
  55. package/dist/commonjs/models/policyResult.js.map +1 -1
  56. package/dist/commonjs/utils/typeDeserializer.d.ts +1 -1
  57. package/dist/commonjs/utils/typeDeserializer.d.ts.map +1 -1
  58. package/dist/commonjs/utils/typeDeserializer.js.map +1 -1
  59. package/dist/esm/attestationAdministrationClient.d.ts +3 -3
  60. package/dist/esm/attestationAdministrationClient.d.ts.map +1 -1
  61. package/dist/esm/attestationAdministrationClient.js.map +1 -1
  62. package/dist/esm/attestationClient.d.ts +4 -4
  63. package/dist/esm/attestationClient.d.ts.map +1 -1
  64. package/dist/esm/attestationClient.js +1 -1
  65. package/dist/esm/attestationClient.js.map +1 -1
  66. package/dist/esm/models/attestationPolicyToken.d.ts +1 -1
  67. package/dist/esm/models/attestationPolicyToken.d.ts.map +1 -1
  68. package/dist/esm/models/attestationPolicyToken.js +0 -1
  69. package/dist/esm/models/attestationPolicyToken.js.map +1 -1
  70. package/dist/esm/models/attestationResponse.d.ts +1 -1
  71. package/dist/esm/models/attestationResponse.d.ts.map +1 -1
  72. package/dist/esm/models/attestationResponse.js.map +1 -1
  73. package/dist/esm/models/attestationResult.d.ts +2 -2
  74. package/dist/esm/models/attestationResult.d.ts.map +1 -1
  75. package/dist/esm/models/attestationResult.js.map +1 -1
  76. package/dist/esm/models/attestationSigner.d.ts +1 -1
  77. package/dist/esm/models/attestationSigner.d.ts.map +1 -1
  78. package/dist/esm/models/attestationSigner.js.map +1 -1
  79. package/dist/esm/models/attestationToken.d.ts +1 -1
  80. package/dist/esm/models/attestationToken.d.ts.map +1 -1
  81. package/dist/esm/models/attestationToken.js.map +1 -1
  82. package/dist/esm/models/policyResult.d.ts +2 -2
  83. package/dist/esm/models/policyResult.d.ts.map +1 -1
  84. package/dist/esm/models/policyResult.js.map +1 -1
  85. package/dist/esm/utils/typeDeserializer.d.ts +1 -1
  86. package/dist/esm/utils/typeDeserializer.d.ts.map +1 -1
  87. package/dist/esm/utils/typeDeserializer.js.map +1 -1
  88. package/dist/react-native/attestationAdministrationClient.d.ts +3 -3
  89. package/dist/react-native/attestationAdministrationClient.d.ts.map +1 -1
  90. package/dist/react-native/attestationAdministrationClient.js.map +1 -1
  91. package/dist/react-native/attestationClient.d.ts +4 -4
  92. package/dist/react-native/attestationClient.d.ts.map +1 -1
  93. package/dist/react-native/attestationClient.js +1 -1
  94. package/dist/react-native/attestationClient.js.map +1 -1
  95. package/dist/react-native/models/attestationPolicyToken.d.ts +1 -1
  96. package/dist/react-native/models/attestationPolicyToken.d.ts.map +1 -1
  97. package/dist/react-native/models/attestationPolicyToken.js +0 -1
  98. package/dist/react-native/models/attestationPolicyToken.js.map +1 -1
  99. package/dist/react-native/models/attestationResponse.d.ts +1 -1
  100. package/dist/react-native/models/attestationResponse.d.ts.map +1 -1
  101. package/dist/react-native/models/attestationResponse.js.map +1 -1
  102. package/dist/react-native/models/attestationResult.d.ts +2 -2
  103. package/dist/react-native/models/attestationResult.d.ts.map +1 -1
  104. package/dist/react-native/models/attestationResult.js.map +1 -1
  105. package/dist/react-native/models/attestationSigner.d.ts +1 -1
  106. package/dist/react-native/models/attestationSigner.d.ts.map +1 -1
  107. package/dist/react-native/models/attestationSigner.js.map +1 -1
  108. package/dist/react-native/models/attestationToken.d.ts +1 -1
  109. package/dist/react-native/models/attestationToken.d.ts.map +1 -1
  110. package/dist/react-native/models/attestationToken.js.map +1 -1
  111. package/dist/react-native/models/policyResult.d.ts +2 -2
  112. package/dist/react-native/models/policyResult.d.ts.map +1 -1
  113. package/dist/react-native/models/policyResult.js.map +1 -1
  114. package/dist/react-native/utils/typeDeserializer.d.ts +1 -1
  115. package/dist/react-native/utils/typeDeserializer.d.ts.map +1 -1
  116. package/dist/react-native/utils/typeDeserializer.js.map +1 -1
  117. package/package.json +1 -1
package/dist/commonjs/models/attestationResponse.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AttestationToken } from "./attestationToken.js";
1
+ import type { AttestationToken } from "./attestationToken.js";
2
2
  /**
3
3
  * An AttestationResponse represents the response from the Microsoft Azure
4
4
  * Attestation service. It has two properties:
package/dist/commonjs/models/attestationResponse.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationResponse.d.ts","sourceRoot":"","sources":["../../../src/models/attestationResponse.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB,CAAC,CAAC;IACpC;;OAEG;IACH,KAAK,EAAE,gBAAgB,CAAC;IAExB;;;OAGG;IAEH,IAAI,EAAE,CAAC,CAAC;CACT;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CAAC,CAAC,EACzC,KAAK,EAAE,gBAAgB,EACvB,KAAK,EAAE,CAAC,GACP,mBAAmB,CAAC,CAAC,CAAC,CAExB"}
1
+ {"version":3,"file":"attestationResponse.d.ts","sourceRoot":"","sources":["../../../src/models/attestationResponse.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAE9D;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB,CAAC,CAAC;IACpC;;OAEG;IACH,KAAK,EAAE,gBAAgB,CAAC;IAExB;;;OAGG;IAEH,IAAI,EAAE,CAAC,CAAC;CACT;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CAAC,CAAC,EACzC,KAAK,EAAE,gBAAgB,EACvB,KAAK,EAAE,CAAC,GACP,mBAAmB,CAAC,CAAC,CAAC,CAExB"}
package/dist/commonjs/models/attestationResponse.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationResponse.js","sourceRoot":"","sources":["../../../src/models/attestationResponse.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAkClC,8DAKC;AAZD;;;;;;GAMG;AACH,SAAgB,yBAAyB,CACvC,KAAuB,EACvB,KAAQ;IAER,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACvC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AttestationToken } from \"./attestationToken.js\";\n\n/**\n * An AttestationResponse represents the response from the Microsoft Azure\n * Attestation service. It has two properties:\n *\n * @param token - The attestation token returned from the attestation service.\n * @param body - The value of the response from the attestation service.\n * @typeparam T - The type of the {@link body} property.\n *\n */\nexport interface AttestationResponse<T> {\n /**\n * The Attestation Token returned from the attestation service.\n */\n token: AttestationToken;\n\n /**\n * The value of the response from the attestation service, derived\n * from the body of the {@link token} property.\n */\n\n body: T;\n}\n\n/** Create an AttestationResponse object.\n *\n * @param token - Token which was returned from the attestation service.\n * @param value - Value for the response. Usually derived from the body of the token\n * returned by the service.\n * @returns - A newly created AttestationResponse object.\n */\nexport function createAttestationResponse<T>(\n token: AttestationToken,\n value: T,\n): AttestationResponse<T> {\n return { token: token, body: value };\n}\n"]}
1
+ {"version":3,"file":"attestationResponse.js","sourceRoot":"","sources":["../../../src/models/attestationResponse.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAkClC,8DAKC;AAZD;;;;;;GAMG;AACH,SAAgB,yBAAyB,CACvC,KAAuB,EACvB,KAAQ;IAER,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACvC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AttestationToken } from \"./attestationToken.js\";\n\n/**\n * An AttestationResponse represents the response from the Microsoft Azure\n * Attestation service. It has two properties:\n *\n * @param token - The attestation token returned from the attestation service.\n * @param body - The value of the response from the attestation service.\n * @typeparam T - The type of the {@link body} property.\n *\n */\nexport interface AttestationResponse<T> {\n /**\n * The Attestation Token returned from the attestation service.\n */\n token: AttestationToken;\n\n /**\n * The value of the response from the attestation service, derived\n * from the body of the {@link token} property.\n */\n\n body: T;\n}\n\n/** Create an AttestationResponse object.\n *\n * @param token - Token which was returned from the attestation service.\n * @param value - Value for the response. Usually derived from the body of the token\n * returned by the service.\n * @returns - A newly created AttestationResponse object.\n */\nexport function createAttestationResponse<T>(\n token: AttestationToken,\n value: T,\n): AttestationResponse<T> {\n return { token: token, body: value };\n}\n"]}
package/dist/commonjs/models/attestationResult.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { AttestationSigner } from "./index.js";
2
- import { GeneratedAttestationResult } from "../generated/index.js";
1
+ import type { AttestationSigner } from "./index.js";
2
+ import type { GeneratedAttestationResult } from "../generated/index.js";
3
3
  /**
4
4
  * Defines the contents of the {@link AttestationResult.sgxCollateral} claim in
5
5
  * an {@link AttestationResult}.
package/dist/commonjs/models/attestationResult.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationResult.d.ts","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC/C,OAAO,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AAGnE;;;GAGG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;;;;OAKG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;OAKG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,OAAO,CAAC;IACvB;;;;;;;;;;;OAWG;IACH,cAAc,EAAE,OAAO,CAAC;IAExB;;OAEG;IACH,YAAY,EAAE,OAAO,CAAC;IAEtB;;;OAGG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC;;;OAGG;IACH,UAAU,EAAE,UAAU,CAAC;IACvB;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;;;;;;OAQG;IACH,eAAe,CAAC,EAAE,UAAU,CAAC;IAE7B;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,4BAA4B,CAAC;CAC9C;AAED;;GAEG;AACH,qBAAa,qBAAsB,YAAW,iBAAiB;IAC7D;;;;;OAKG;gBACS,MAAM,EAAE;QAClB,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,YAAY,EAAE,MAAM,CAAC;QACrB,YAAY,CAAC,EAAE,iBAAiB,CAAC;QACjC,UAAU,EAAE,UAAU,CAAC;QACvB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,eAAe,CAAC,EAAE,UAAU,CAAC;QAC7B,aAAa,CAAC,EAAE,4BAA4B,CAAC;KAC9C;IAoBD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,cAAc,CAAC,CAAU;IACjC,OAAO,CAAC,eAAe,CAAC,CAAU;IAClC,OAAO,CAAC,aAAa,CAAC,CAAU;IAChC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,aAAa,CAAC,CAAoB;IAC1C,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,aAAa,CAAC,CAAU;IAChC,OAAO,CAAC,UAAU,CAAC,CAAS;IAC5B,OAAO,CAAC,UAAU,CAAC,CAAS;IAC5B,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAC,CAAS;IACtB,OAAO,CAAC,gBAAgB,CAAC,CAAa;IACtC,OAAO,CAAC,cAAc,CAAC,CAA+B;IAEtD;;;OAGG;IACH,IAAI,QAAQ,IAAI,MAAM,CAErB;IAED;;;OAGG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;OAEG;IACH,IAAI,KAAK,IAAI,MAAM,GAAG,SAAS,CAE9B;IAED;;OAEG;IACH,IAAI,OAAO,IAAI,MAAM,CAEpB;IAED;;OAEG;IACH,IAAI,aAAa,IAAI,OAAO,CAE3B;IACD;;OAEG;IACH,IAAI,cAAc,IAAI,OAAO,CAE5B;IAED;;OAEG;IACH,IAAI,YAAY,IAAI,OAAO,CAE1B;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,MAAM,CAEzB;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,iBAAiB,GAAG,SAAS,CAEhD;IACD;;OAEG;IACH,IAAI,UAAU,IAAI,UAAU,CAE3B;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,OAAO,GAAG,SAAS,CAEtC;IACD;;OAEG;IACH,IAAI,SAAS,IAAI,MAAM,GAAG,SAAS,CAElC;IACD;;OAEG;IACH,IAAI,SAAS,IAAI,MAAM,GAAG,SAAS,CAElC;IACD;;OAEG;IACH,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAEjC;IACD;;OAEG;IACH,IAAI,GAAG,IAAI,MAAM,GAAG,SAAS,CAE5B;IACD;;OAEG;IACH,IAAI,eAAe,IAAI,UAAU,GAAG,SAAS,CAE5C;IACD;;OAEG;IACH,IAAI,aAAa,IAAI,4BAA4B,GAAG,SAAS,CAE5D;CACF;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,SAAS,EAAE,0BAA0B,GACpC,qBAAqB,CAsBvB"}
1
+ {"version":3,"file":"attestationResult.d.ts","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AACpD,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AAGxE;;;GAGG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;;;;OAKG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;;;;;OAMG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;;OAKG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;;;OAKG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;;;;;;;;;;;OAYG;IACH,aAAa,EAAE,OAAO,CAAC;IACvB;;;;;;;;;;;OAWG;IACH,cAAc,EAAE,OAAO,CAAC;IAExB;;OAEG;IACH,YAAY,EAAE,OAAO,CAAC;IAEtB;;;OAGG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC;;;OAGG;IACH,UAAU,EAAE,UAAU,CAAC;IACvB;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb;;;;;;;;OAQG;IACH,eAAe,CAAC,EAAE,UAAU,CAAC;IAE7B;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,4BAA4B,CAAC;CAC9C;AAED;;GAEG;AACH,qBAAa,qBAAsB,YAAW,iBAAiB;IAC7D;;;;;OAKG;gBACS,MAAM,EAAE;QAClB,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,YAAY,EAAE,MAAM,CAAC;QACrB,YAAY,CAAC,EAAE,iBAAiB,CAAC;QACjC,UAAU,EAAE,UAAU,CAAC;QACvB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,eAAe,CAAC,EAAE,UAAU,CAAC;QAC7B,aAAa,CAAC,EAAE,4BAA4B,CAAC;KAC9C;IAoBD,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAC,CAAS;IACxB,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,cAAc,CAAC,CAAU;IACjC,OAAO,CAAC,eAAe,CAAC,CAAU;IAClC,OAAO,CAAC,aAAa,CAAC,CAAU;IAChC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,aAAa,CAAC,CAAoB;IAC1C,OAAO,CAAC,WAAW,CAAa;IAChC,OAAO,CAAC,aAAa,CAAC,CAAU;IAChC,OAAO,CAAC,UAAU,CAAC,CAAS;IAC5B,OAAO,CAAC,UAAU,CAAC,CAAS;IAC5B,OAAO,CAAC,SAAS,CAAC,CAAS;IAC3B,OAAO,CAAC,IAAI,CAAC,CAAS;IACtB,OAAO,CAAC,gBAAgB,CAAC,CAAa;IACtC,OAAO,CAAC,cAAc,CAAC,CAA+B;IAEtD;;;OAGG;IACH,IAAI,QAAQ,IAAI,MAAM,CAErB;IAED;;;OAGG;IACH,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED;;OAEG;IACH,IAAI,KAAK,IAAI,MAAM,GAAG,SAAS,CAE9B;IAED;;OAEG;IACH,IAAI,OAAO,IAAI,MAAM,CAEpB;IAED;;OAEG;IACH,IAAI,aAAa,IAAI,OAAO,CAE3B;IACD;;OAEG;IACH,IAAI,cAAc,IAAI,OAAO,CAE5B;IAED;;OAEG;IACH,IAAI,YAAY,IAAI,OAAO,CAE1B;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,MAAM,CAEzB;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,iBAAiB,GAAG,SAAS,CAEhD;IACD;;OAEG;IACH,IAAI,UAAU,IAAI,UAAU,CAE3B;IACD;;OAEG;IACH,IAAI,YAAY,IAAI,OAAO,GAAG,SAAS,CAEtC;IACD;;OAEG;IACH,IAAI,SAAS,IAAI,MAAM,GAAG,SAAS,CAElC;IACD;;OAEG;IACH,IAAI,SAAS,IAAI,MAAM,GAAG,SAAS,CAElC;IACD;;OAEG;IACH,IAAI,QAAQ,IAAI,MAAM,GAAG,SAAS,CAEjC;IACD;;OAEG;IACH,IAAI,GAAG,IAAI,MAAM,GAAG,SAAS,CAE5B;IACD;;OAEG;IACH,IAAI,eAAe,IAAI,UAAU,GAAG,SAAS,CAE5C;IACD;;OAEG;IACH,IAAI,aAAa,IAAI,4BAA4B,GAAG,SAAS,CAE5D;CACF;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,SAAS,EAAE,0BAA0B,GACpC,qBAAqB,CAsBvB"}
package/dist/commonjs/models/attestationResult.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationResult.js","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAiXlC,0EAwBC;AArYD,iEAAyE;AAqLzE;;GAEG;AACH,MAAa,qBAAqB;IAChC;;;;;OAKG;IACH,YAAY,MAkBX;QACC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC;QACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;IAC7C,CAAC;IAoBD;;;OAGG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IACD;;OAEG;IACH,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IACD;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IACD;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IACD;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF;AA5KD,sDA4KC;AAED;;;;;;GAMG;AACH,SAAgB,+BAA+B,CAC7C,SAAqC;IAErC,OAAO,IAAI,qBAAqB,CAAC;QAC/B,MAAM,EAAE,SAAS,CAAC,GAAG;QACrB,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,QAAQ,EAAE,SAAS,CAAC,GAAG;QACvB,YAAY,EAAE,SAAS,CAAC,YAAY;YAClC,CAAC,CAAC,IAAA,sDAA+B,EAAC,SAAS,CAAC,YAAY,CAAC;YACzD,CAAC,CAAC,SAAS;QACb,aAAa,EAAE,SAAS,CAAC,aAAa;QACtC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,SAAS,CAAC,aAAa;KACvC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AttestationSigner } from \"./index.js\";\nimport { GeneratedAttestationResult } from \"../generated/index.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * Defines the contents of the {@link AttestationResult.sgxCollateral} claim in\n * an {@link AttestationResult}.\n */\nexport interface AttestationSgxCollateralInfo {\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcertshash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Identity.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidhash?: string;\n /**\n * Hex encoded Sha256 hash of the SGX Quote or OpenEnclave Report validated\n * by this token.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n quotehash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocertshash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info for the device being attested.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfohash?: string;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport interface AttestationResult {\n /**\n * Unique Identifier for the token.\n *\n * Corresponds to the 'jti' claim defined in\n * {@link https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7 | RFC 7519 section 4.1.7}\n */\n uniqueId: string;\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n issuer: string;\n\n /**\n * Returns the \"nonce\" value if one was specified in the Attest request.\n */\n nonce?: string;\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n version: string;\n\n /**\n * Returns the runtime claims in the token.\n *\n * This value will match the input `runTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `runtimeClaims` property will only be populated if the\n * `runtimeJson` parameter to the `Attest` API is specified. It will\n * not be populated if the `runtimeData` parameter is specified.\n */\n runTimeClaims: unknown;\n /**\n * Returns the initialization time claims in the token.\n * This value will match the input `initTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `initTimeClaims` property will only be populated if the `initTimeJson`\n * parameter to the `Attest` API is specified. It will not be populated if\n * the `initTimeData` parameter is specified.\n */\n initTimeClaims: unknown;\n\n /**\n * Returns the set of claims generated by the attestation policy on the instance.\n */\n policyClaims: unknown;\n\n /**\n * Returns the verifier which generated this attestation token. Normally one of:\n * \"SGX\" or \"TPM\", but others can be specified.\n */\n verifierType: string;\n /**\n * The certificate used to sign the policy object, if specified.\n */\n policySigner?: AttestationSigner;\n /**\n * The base64url encoded SHA256 hash of the BASE64URL encoded policy text\n * used for attestation.\n */\n policyHash: Uint8Array;\n /**\n * True if the enclave is debuggable, false otherwise. Only valid if `verifierType` is SGX.\n */\n isDebuggable?: boolean;\n\n /**\n * The SGX Product ID for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n productId?: number;\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrEnclave?: string;\n\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrSigner?: string;\n\n /**\n * The SGX SVN value for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n svn?: number;\n\n /**\n * Returns the value of the runtime_data field specified as an input to the\n * {@link AttestationClient.attestSgxEnclave} or {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `enclaveHeldData` property will only be populated if the\n * `runtimeData` parameter to the `Attest` API is specified.\n */\n enclaveHeldData?: Uint8Array;\n\n /**\n * Returns a set of information describing the complete set of inputs to the\n * Attestation validation logic.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n sgxCollateral?: AttestationSgxCollateralInfo;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport class AttestationResultImpl implements AttestationResult {\n /**\n *\n * @param params - The parameters for the constructor.\n *\n * @hidden\n */\n constructor(params: {\n issuer: string;\n version: string;\n nonce?: string;\n uniqueId: string;\n runTimeClaims?: unknown;\n initTimeClaims?: unknown;\n policyClaims?: unknown;\n verifierType: string;\n policySigner?: AttestationSigner;\n policyHash: Uint8Array;\n isDebuggable?: boolean;\n productId?: number;\n mrEnclave?: string;\n mrSigner?: string;\n svn?: number;\n enclaveHeldData?: Uint8Array;\n sgxCollateral?: AttestationSgxCollateralInfo;\n }) {\n this._issuer = params.issuer;\n this._nonce = params.nonce;\n this._version = params.version;\n this._uniqueId = params.uniqueId;\n this._runTimeClaims = params.runTimeClaims;\n this._initTimeClaims = params.initTimeClaims;\n this._policyClaims = params.policyClaims;\n this._verifierType = params.verifierType;\n this._policySigner = params.policySigner;\n this._policyHash = params.policyHash;\n this._isDebuggable = params.isDebuggable;\n this._productId = params.productId;\n this._mrEnclave = params.mrEnclave;\n this._mrSigner = params.mrSigner;\n this._svn = params.svn;\n this._enclaveHeldData = params.enclaveHeldData;\n this._sgxCollateral = params.sgxCollateral;\n }\n\n private _issuer: string;\n private _version: string;\n private _nonce?: string;\n private _uniqueId: string;\n private _runTimeClaims?: unknown;\n private _initTimeClaims?: unknown;\n private _policyClaims?: unknown;\n private _verifierType: string;\n private _policySigner?: AttestationSigner;\n private _policyHash: Uint8Array;\n private _isDebuggable?: boolean;\n private _productId?: number;\n private _mrEnclave?: string;\n private _mrSigner?: string;\n private _svn?: number;\n private _enclaveHeldData?: Uint8Array;\n private _sgxCollateral?: AttestationSgxCollateralInfo;\n\n /**\n * Unique Identifier for the token\n *\n */\n get uniqueId(): string {\n return this._uniqueId;\n }\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n get issuer(): string {\n return this._issuer;\n }\n\n /**\n * Returns the \"nonce\" value specified in the Attest request.\n */\n get nonce(): string | undefined {\n return this._nonce;\n }\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n get version(): string {\n return this._version;\n }\n\n /**\n * Runtime Claims\n */\n get runTimeClaims(): unknown {\n return this._runTimeClaims;\n }\n /**\n * Inittime Claims\n */\n get initTimeClaims(): unknown {\n return this._initTimeClaims;\n }\n\n /**\n * Policy Generated Claims\n */\n get policyClaims(): unknown {\n return this._policyClaims;\n }\n /**\n * The Attestation type being attested.\n */\n get verifierType(): string {\n return this._verifierType;\n }\n /**\n * The certificate used to sign the policy object, if specified.\n */\n get policySigner(): AttestationSigner | undefined {\n return this._policySigner;\n }\n /**\n * The SHA256 hash of the BASE64URL encoded policy text used for attestation\n */\n get policyHash(): Uint8Array {\n return this._policyHash;\n }\n /**\n * True if the enclave is debuggable, false otherwise\n */\n get isDebuggable(): boolean | undefined {\n return this._isDebuggable;\n }\n /**\n * The SGX Product ID for the enclave.\n */\n get productId(): number | undefined {\n return this._productId;\n }\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave.\n */\n get mrEnclave(): string | undefined {\n return this._mrEnclave;\n }\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave.\n */\n get mrSigner(): string | undefined {\n return this._mrSigner;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get svn(): number | undefined {\n return this._svn;\n }\n /**\n * A copy of the RuntimeData specified as an input to the attest call.\n */\n get enclaveHeldData(): Uint8Array | undefined {\n return this._enclaveHeldData;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get sgxCollateral(): AttestationSgxCollateralInfo | undefined {\n return this._sgxCollateral;\n }\n}\n\n/**\n *\n * @param generated - Generated attestation result object.\n * @returns newly created AttestationResult from the generated result.\n *\n * @internal\n */\nexport function _attestationResultFromGenerated(\n generated: GeneratedAttestationResult,\n): AttestationResultImpl {\n return new AttestationResultImpl({\n issuer: generated.iss,\n version: generated.version,\n nonce: generated.nonce,\n uniqueId: generated.jti,\n policySigner: generated.policySigner\n ? _attestationSignerFromGenerated(generated.policySigner)\n : undefined,\n runTimeClaims: generated.runtimeClaims,\n initTimeClaims: generated.inittimeClaims,\n policyClaims: generated.policyClaims,\n verifierType: generated.verifierType,\n policyHash: generated.policyHash,\n isDebuggable: generated.isDebuggable,\n productId: generated.productId,\n mrEnclave: generated.mrEnclave,\n mrSigner: generated.mrSigner,\n svn: generated.svn,\n enclaveHeldData: generated.enclaveHeldData,\n sgxCollateral: generated.sgxCollateral,\n });\n}\n"]}
1
+ {"version":3,"file":"attestationResult.js","sourceRoot":"","sources":["../../../src/models/attestationResult.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAiXlC,0EAwBC;AArYD,iEAAyE;AAqLzE;;GAEG;AACH,MAAa,qBAAqB;IAChC;;;;;OAKG;IACH,YAAY,MAkBX;QACC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC;QAC3B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,cAAc,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,YAAY,CAAC;QACzC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC;QACvB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,CAAC;IAC7C,CAAC;IAoBD;;;OAGG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;;OAGG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IACD;;OAEG;IACH,IAAI,cAAc;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,UAAU;QACZ,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IACD;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IACD;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IACD;;OAEG;IACH,IAAI,GAAG;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IACD;;OAEG;IACH,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IACD;;OAEG;IACH,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF;AA5KD,sDA4KC;AAED;;;;;;GAMG;AACH,SAAgB,+BAA+B,CAC7C,SAAqC;IAErC,OAAO,IAAI,qBAAqB,CAAC;QAC/B,MAAM,EAAE,SAAS,CAAC,GAAG;QACrB,OAAO,EAAE,SAAS,CAAC,OAAO;QAC1B,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,QAAQ,EAAE,SAAS,CAAC,GAAG;QACvB,YAAY,EAAE,SAAS,CAAC,YAAY;YAClC,CAAC,CAAC,IAAA,sDAA+B,EAAC,SAAS,CAAC,YAAY,CAAC;YACzD,CAAC,CAAC,SAAS;QACb,aAAa,EAAE,SAAS,CAAC,aAAa;QACtC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,UAAU,EAAE,SAAS,CAAC,UAAU;QAChC,YAAY,EAAE,SAAS,CAAC,YAAY;QACpC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;QAC5B,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,aAAa,EAAE,SAAS,CAAC,aAAa;KACvC,CAAC,CAAC;AACL,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AttestationSigner } from \"./index.js\";\nimport type { GeneratedAttestationResult } from \"../generated/index.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * Defines the contents of the {@link AttestationResult.sgxCollateral} claim in\n * an {@link AttestationResult}.\n */\nexport interface AttestationSgxCollateralInfo {\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcertshash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidcrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the Quoting Enclave Identity.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n qeidhash?: string;\n /**\n * Hex encoded Sha256 hash of the SGX Quote or OpenEnclave Report validated\n * by this token.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n quotehash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificates.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocertshash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info Certificate CRL.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfocrlhash?: string;\n /**\n * Hex encoded Sha256 hash of the TCB Info for the device being attested.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n tcbinfohash?: string;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport interface AttestationResult {\n /**\n * Unique Identifier for the token.\n *\n * Corresponds to the 'jti' claim defined in\n * {@link https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.7 | RFC 7519 section 4.1.7}\n */\n uniqueId: string;\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n issuer: string;\n\n /**\n * Returns the \"nonce\" value if one was specified in the Attest request.\n */\n nonce?: string;\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n version: string;\n\n /**\n * Returns the runtime claims in the token.\n *\n * This value will match the input `runTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `runtimeClaims` property will only be populated if the\n * `runtimeJson` parameter to the `Attest` API is specified. It will\n * not be populated if the `runtimeData` parameter is specified.\n */\n runTimeClaims: unknown;\n /**\n * Returns the initialization time claims in the token.\n * This value will match the input `initTimeJson` property to the\n * {@link AttestationClient.attestSgxEnclave} or\n * {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `initTimeClaims` property will only be populated if the `initTimeJson`\n * parameter to the `Attest` API is specified. It will not be populated if\n * the `initTimeData` parameter is specified.\n */\n initTimeClaims: unknown;\n\n /**\n * Returns the set of claims generated by the attestation policy on the instance.\n */\n policyClaims: unknown;\n\n /**\n * Returns the verifier which generated this attestation token. Normally one of:\n * \"SGX\" or \"TPM\", but others can be specified.\n */\n verifierType: string;\n /**\n * The certificate used to sign the policy object, if specified.\n */\n policySigner?: AttestationSigner;\n /**\n * The base64url encoded SHA256 hash of the BASE64URL encoded policy text\n * used for attestation.\n */\n policyHash: Uint8Array;\n /**\n * True if the enclave is debuggable, false otherwise. Only valid if `verifierType` is SGX.\n */\n isDebuggable?: boolean;\n\n /**\n * The SGX Product ID for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n productId?: number;\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrEnclave?: string;\n\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the\n * `verifierType` field is \"SGX\"\n */\n mrSigner?: string;\n\n /**\n * The SGX SVN value for the enclave. Only valid if the `verifierType` field is \"SGX\"\n */\n svn?: number;\n\n /**\n * Returns the value of the runtime_data field specified as an input to the\n * {@link AttestationClient.attestSgxEnclave} or {@link AttestationClient.attestOpenEnclave} API.\n *\n * @remarks\n *\n * The `enclaveHeldData` property will only be populated if the\n * `runtimeData` parameter to the `Attest` API is specified.\n */\n enclaveHeldData?: Uint8Array;\n\n /**\n * Returns a set of information describing the complete set of inputs to the\n * Attestation validation logic.\n *\n * See the {@link https://software.intel.com/content/www/us/en/develop/articles/quote-verification-attestation-with-intel-sgx-dcap.html | Intel SGX documentation }\n * for more information on quote validation.\n */\n sgxCollateral?: AttestationSgxCollateralInfo;\n}\n\n/**\n * A Microsoft Azure Attestation response token body - the body of a response token issued by MAA\n */\nexport class AttestationResultImpl implements AttestationResult {\n /**\n *\n * @param params - The parameters for the constructor.\n *\n * @hidden\n */\n constructor(params: {\n issuer: string;\n version: string;\n nonce?: string;\n uniqueId: string;\n runTimeClaims?: unknown;\n initTimeClaims?: unknown;\n policyClaims?: unknown;\n verifierType: string;\n policySigner?: AttestationSigner;\n policyHash: Uint8Array;\n isDebuggable?: boolean;\n productId?: number;\n mrEnclave?: string;\n mrSigner?: string;\n svn?: number;\n enclaveHeldData?: Uint8Array;\n sgxCollateral?: AttestationSgxCollateralInfo;\n }) {\n this._issuer = params.issuer;\n this._nonce = params.nonce;\n this._version = params.version;\n this._uniqueId = params.uniqueId;\n this._runTimeClaims = params.runTimeClaims;\n this._initTimeClaims = params.initTimeClaims;\n this._policyClaims = params.policyClaims;\n this._verifierType = params.verifierType;\n this._policySigner = params.policySigner;\n this._policyHash = params.policyHash;\n this._isDebuggable = params.isDebuggable;\n this._productId = params.productId;\n this._mrEnclave = params.mrEnclave;\n this._mrSigner = params.mrSigner;\n this._svn = params.svn;\n this._enclaveHeldData = params.enclaveHeldData;\n this._sgxCollateral = params.sgxCollateral;\n }\n\n private _issuer: string;\n private _version: string;\n private _nonce?: string;\n private _uniqueId: string;\n private _runTimeClaims?: unknown;\n private _initTimeClaims?: unknown;\n private _policyClaims?: unknown;\n private _verifierType: string;\n private _policySigner?: AttestationSigner;\n private _policyHash: Uint8Array;\n private _isDebuggable?: boolean;\n private _productId?: number;\n private _mrEnclave?: string;\n private _mrSigner?: string;\n private _svn?: number;\n private _enclaveHeldData?: Uint8Array;\n private _sgxCollateral?: AttestationSgxCollateralInfo;\n\n /**\n * Unique Identifier for the token\n *\n */\n get uniqueId(): string {\n return this._uniqueId;\n }\n\n /**\n * Returns the issuer of the attestation token. MUST be the same as the\n * endpoint used when constructing the attestation client instance.\n */\n get issuer(): string {\n return this._issuer;\n }\n\n /**\n * Returns the \"nonce\" value specified in the Attest request.\n */\n get nonce(): string | undefined {\n return this._nonce;\n }\n\n /**\n * The Schema version of this structure. Current Value: 1.0\n */\n get version(): string {\n return this._version;\n }\n\n /**\n * Runtime Claims\n */\n get runTimeClaims(): unknown {\n return this._runTimeClaims;\n }\n /**\n * Inittime Claims\n */\n get initTimeClaims(): unknown {\n return this._initTimeClaims;\n }\n\n /**\n * Policy Generated Claims\n */\n get policyClaims(): unknown {\n return this._policyClaims;\n }\n /**\n * The Attestation type being attested.\n */\n get verifierType(): string {\n return this._verifierType;\n }\n /**\n * The certificate used to sign the policy object, if specified.\n */\n get policySigner(): AttestationSigner | undefined {\n return this._policySigner;\n }\n /**\n * The SHA256 hash of the BASE64URL encoded policy text used for attestation\n */\n get policyHash(): Uint8Array {\n return this._policyHash;\n }\n /**\n * True if the enclave is debuggable, false otherwise\n */\n get isDebuggable(): boolean | undefined {\n return this._isDebuggable;\n }\n /**\n * The SGX Product ID for the enclave.\n */\n get productId(): number | undefined {\n return this._productId;\n }\n /**\n * The HEX encoded SGX MRENCLAVE value for the enclave.\n */\n get mrEnclave(): string | undefined {\n return this._mrEnclave;\n }\n /**\n * The HEX encoded SGX MRSIGNER value for the enclave.\n */\n get mrSigner(): string | undefined {\n return this._mrSigner;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get svn(): number | undefined {\n return this._svn;\n }\n /**\n * A copy of the RuntimeData specified as an input to the attest call.\n */\n get enclaveHeldData(): Uint8Array | undefined {\n return this._enclaveHeldData;\n }\n /**\n * The SGX SVN value for the enclave.\n */\n get sgxCollateral(): AttestationSgxCollateralInfo | undefined {\n return this._sgxCollateral;\n }\n}\n\n/**\n *\n * @param generated - Generated attestation result object.\n * @returns newly created AttestationResult from the generated result.\n *\n * @internal\n */\nexport function _attestationResultFromGenerated(\n generated: GeneratedAttestationResult,\n): AttestationResultImpl {\n return new AttestationResultImpl({\n issuer: generated.iss,\n version: generated.version,\n nonce: generated.nonce,\n uniqueId: generated.jti,\n policySigner: generated.policySigner\n ? _attestationSignerFromGenerated(generated.policySigner)\n : undefined,\n runTimeClaims: generated.runtimeClaims,\n initTimeClaims: generated.inittimeClaims,\n policyClaims: generated.policyClaims,\n verifierType: generated.verifierType,\n policyHash: generated.policyHash,\n isDebuggable: generated.isDebuggable,\n productId: generated.productId,\n mrEnclave: generated.mrEnclave,\n mrSigner: generated.mrSigner,\n svn: generated.svn,\n enclaveHeldData: generated.enclaveHeldData,\n sgxCollateral: generated.sgxCollateral,\n });\n}\n"]}
package/dist/commonjs/models/attestationSigner.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { JsonWebKey } from "../generated/models/index.js";
1
+ import type { JsonWebKey } from "../generated/models/index.js";
2
2
  /**
3
3
  * An AttestationSigner represents a signing certificate chain/Key ID combination
4
4
  * returned by the attestation service.
package/dist/commonjs/models/attestationSigner.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationSigner.d.ts","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAG1D;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;;OAIG;IACH,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAAC,GAAG,CAAC,EAAE,UAAU,GAAG,iBAAiB,CAKnF"}
1
+ {"version":3,"file":"attestationSigner.d.ts","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAG/D;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;;OAIG;IACH,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAAC,GAAG,CAAC,EAAE,UAAU,GAAG,iBAAiB,CAKnF"}
package/dist/commonjs/models/attestationSigner.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationSigner.js","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AA+BlC,0EAKC;AAjCD,oDAAoD;AAqBpD;;;;;;GAMG;AACH,SAAgB,+BAA+B,CAAC,GAAgB;;IAC9D,OAAO;QACL,KAAK,EAAE,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG;QACf,YAAY,EAAE,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,0CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAA,0BAAa,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,mCAAI,EAAE;KAChF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { JsonWebKey } from \"../generated/models/index.js\";\nimport { pemFromBase64 } from \"../utils/helpers.js\";\n\n/**\n * An AttestationSigner represents a signing certificate chain/Key ID combination\n * returned by the attestation service.\n */\nexport interface AttestationSigner {\n /**\n * The Key ID for the signer, as defined by the \"kid\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.5 | RFC 7517 section 4.5}\n */\n keyId?: string;\n\n /**\n * An array of X.509 certificates DER encoded and PEM encoded one of which\n * will be used to sign an attestation token. Also the \"x5c\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.7 | RFC 7517 section 4.7}\n */\n certificates: string[];\n}\n\n/**\n *\n * @param key - JsonWebKey for signing key.\n * @returns AttestationSigner created from the JsonWebKey.\n *\n * @internal\n */\nexport function _attestationSignerFromGenerated(key?: JsonWebKey): AttestationSigner {\n return {\n keyId: key?.kid,\n certificates: key?.x5C?.map((cert) => pemFromBase64(cert, \"CERTIFICATE\")) ?? [],\n };\n}\n"]}
1
+ {"version":3,"file":"attestationSigner.js","sourceRoot":"","sources":["../../../src/models/attestationSigner.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AA+BlC,0EAKC;AAjCD,oDAAoD;AAqBpD;;;;;;GAMG;AACH,SAAgB,+BAA+B,CAAC,GAAgB;;IAC9D,OAAO;QACL,KAAK,EAAE,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG;QACf,YAAY,EAAE,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,0CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAA,0BAAa,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,mCAAI,EAAE;KAChF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { JsonWebKey } from \"../generated/models/index.js\";\nimport { pemFromBase64 } from \"../utils/helpers.js\";\n\n/**\n * An AttestationSigner represents a signing certificate chain/Key ID combination\n * returned by the attestation service.\n */\nexport interface AttestationSigner {\n /**\n * The Key ID for the signer, as defined by the \"kid\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.5 | RFC 7517 section 4.5}\n */\n keyId?: string;\n\n /**\n * An array of X.509 certificates DER encoded and PEM encoded one of which\n * will be used to sign an attestation token. Also the \"x5c\" parameter in\n * {@link https://datatracker.ietf.org/doc/html/rfc7517#section-4.7 | RFC 7517 section 4.7}\n */\n certificates: string[];\n}\n\n/**\n *\n * @param key - JsonWebKey for signing key.\n * @returns AttestationSigner created from the JsonWebKey.\n *\n * @internal\n */\nexport function _attestationSignerFromGenerated(key?: JsonWebKey): AttestationSigner {\n return {\n keyId: key?.kid,\n certificates: key?.x5C?.map((cert) => pemFromBase64(cert, \"CERTIFICATE\")) ?? [],\n };\n}\n"]}
package/dist/commonjs/models/attestationToken.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { AttestationSigner } from "./attestationSigner.js";
1
+ import type { AttestationSigner } from "./attestationSigner.js";
2
2
  /**
3
3
  * Options used to validate attestation tokens.
4
4
  *
package/dist/commonjs/models/attestationToken.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationToken.d.ts","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,iBAAiB,EAAmC,MAAM,wBAAwB,CAAC;AAM5F;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,iCAAiC;IAChD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;;OAGG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B;;;;;;;;;;;;;;OAcG;IACH,wBAAwB,CAAC,EAAE,CACzB,KAAK,EAAE,gBAAgB,EACvB,MAAM,CAAC,EAAE,iBAAiB,KACvB,MAAM,EAAE,GAAG,SAAS,CAAC;CAC3B;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,OAAO,IAAI,OAAO,CAAC;IAEnB;;;;;;;OAOG;IACH,SAAS,IAAI,MAAM,CAAC;IAEpB;;;;;OAKG;IACH,gBAAgB,CACd,eAAe,CAAC,EAAE,iBAAiB,EAAE,EACrC,OAAO,CAAC,EAAE,iCAAiC,GAC1C,MAAM,EAAE,CAAC;IAEZ,yDAAyD;IAEzD;;;;;;;OAOG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;OAIG;IACH,2BAA2B,CAAC,EAAE,MAAM,CAAC;IAErC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IAErC,qDAAqD;IAErD;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,SAAS,CAAC,EAAE,IAAI,CAAC;IAEjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,IAAI,CAAC;IAEhB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED;;;;;;;GAOG;AACH,qBAAa,oBAAqB,YAAW,gBAAgB;IAC3D;;;;OAIG;gBACS,KAAK,EAAE,MAAM;IAgBzB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,YAAY,CAAa;IACjC,OAAO,CAAC,OAAO,CAAM;IACrB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAM;IAGnB,OAAO,CAAC,YAAY,CAAM;IAE1B;;;;OAIG;IACI,OAAO,IAAI,OAAO;IAIzB;;;;;;;OAOG;IACI,SAAS,IAAI,MAAM;IAI1B;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAe,CAAC,EAAE,iBAAiB,EAAE,EACrC,OAAO,GAAE,iCAIR,GACA,MAAM,EAAE;IA2CX,OAAO,CAAC,cAAc;IAWtB;;;;OAIG;IACH,OAAO,CAAC,sBAAsB;IA8B9B,OAAO,CAAC,cAAc;IAKtB,OAAO,CAAC,mBAAmB;IA+B3B,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS,IAAI,MAAM,CAE7B;IAED;;;;OAIG;IACH,IAAW,KAAK,IAAI,MAAM,GAAG,SAAS,CAErC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ,IAAI,OAAO,GAAG,SAAS,CAEzC;IAED;;;;OAIG;IACH,IAAW,WAAW,IAAI,MAAM,GAAG,SAAS,CAE3C;IAED;;;;;OAKG;IACH,IAAW,MAAM,IAAI,MAAM,GAAG,SAAS,CAEtC;IAED;;;;OAIG;IACH,IAAW,OAAO,IAAI,MAAM,GAAG,SAAS,CAEvC;IAED;;;;OAIG;IACH,IAAW,IAAI,IAAI,MAAM,GAAG,SAAS,CAEpC;IAED;;;OAGG;IACH,IAAW,qBAAqB,IAAI,MAAM,GAAG,SAAS,CAErD;IAED;;;;OAIG;IACH,IAAW,2BAA2B,IAAI,MAAM,GAAG,SAAS,CAE3D;IAED;;;;OAIG;IACH,IAAW,gBAAgB,IAAI,iBAAiB,GAAG,SAAS,CAgB3D;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM,IAAI,MAAM,GAAG,SAAS,CAEtC;IAED;;;;OAIG;IACH,IAAW,SAAS,IAAI,IAAI,GAAG,SAAS,CAEvC;IAED;;;;OAIG;IACH,IAAW,QAAQ,IAAI,IAAI,GAAG,SAAS,CAEtC;IAED;;;;;OAKG;IACH,IAAW,SAAS,IAAI,IAAI,GAAG,SAAS,CAEvC;IAED;;;;;OAKG;WACW,MAAM,CAAC,MAAM,EAAE;QAC3B,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,gBAAgB;CAwCrB"}
1
+ {"version":3,"file":"attestationToken.d.ts","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAOhE;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,iCAAiC;IAChD;;OAEG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;OAEG;IACH,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC;;OAEG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC;;OAEG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;;OAGG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAE7B;;;;;;;;;;;;;;OAcG;IACH,wBAAwB,CAAC,EAAE,CACzB,KAAK,EAAE,gBAAgB,EACvB,MAAM,CAAC,EAAE,iBAAiB,KACvB,MAAM,EAAE,GAAG,SAAS,CAAC;CAC3B;AAED;;;;;;;GAOG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,OAAO,IAAI,OAAO,CAAC;IAEnB;;;;;;;OAOG;IACH,SAAS,IAAI,MAAM,CAAC;IAEpB;;;;;OAKG;IACH,gBAAgB,CACd,eAAe,CAAC,EAAE,iBAAiB,EAAE,EACrC,OAAO,CAAC,EAAE,iCAAiC,GAC1C,MAAM,EAAE,CAAC;IAEZ,yDAAyD;IAEzD;;;;;;;OAOG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;;OAKG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;;OAIG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;;;OAIG;IACH,2BAA2B,CAAC,EAAE,MAAM,CAAC;IAErC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,iBAAiB,CAAC;IAErC,qDAAqD;IAErD;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;;;OAIG;IACH,SAAS,CAAC,EAAE,IAAI,CAAC;IAEjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,IAAI,CAAC;IAEhB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED;;;;;;;GAOG;AACH,qBAAa,oBAAqB,YAAW,gBAAgB;IAC3D;;;;OAIG;gBACS,KAAK,EAAE,MAAM;IAgBzB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,YAAY,CAAa;IACjC,OAAO,CAAC,OAAO,CAAM;IACrB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAM;IAGnB,OAAO,CAAC,YAAY,CAAM;IAE1B;;;;OAIG;IACI,OAAO,IAAI,OAAO;IAIzB;;;;;;;OAOG;IACI,SAAS,IAAI,MAAM;IAI1B;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAe,CAAC,EAAE,iBAAiB,EAAE,EACrC,OAAO,GAAE,iCAIR,GACA,MAAM,EAAE;IA2CX,OAAO,CAAC,cAAc;IAWtB;;;;OAIG;IACH,OAAO,CAAC,sBAAsB;IA8B9B,OAAO,CAAC,cAAc;IAKtB,OAAO,CAAC,mBAAmB;IA+B3B,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS,IAAI,MAAM,CAE7B;IAED;;;;OAIG;IACH,IAAW,KAAK,IAAI,MAAM,GAAG,SAAS,CAErC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ,IAAI,OAAO,GAAG,SAAS,CAEzC;IAED;;;;OAIG;IACH,IAAW,WAAW,IAAI,MAAM,GAAG,SAAS,CAE3C;IAED;;;;;OAKG;IACH,IAAW,MAAM,IAAI,MAAM,GAAG,SAAS,CAEtC;IAED;;;;OAIG;IACH,IAAW,OAAO,IAAI,MAAM,GAAG,SAAS,CAEvC;IAED;;;;OAIG;IACH,IAAW,IAAI,IAAI,MAAM,GAAG,SAAS,CAEpC;IAED;;;OAGG;IACH,IAAW,qBAAqB,IAAI,MAAM,GAAG,SAAS,CAErD;IAED;;;;OAIG;IACH,IAAW,2BAA2B,IAAI,MAAM,GAAG,SAAS,CAE3D;IAED;;;;OAIG;IACH,IAAW,gBAAgB,IAAI,iBAAiB,GAAG,SAAS,CAgB3D;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM,IAAI,MAAM,GAAG,SAAS,CAEtC;IAED;;;;OAIG;IACH,IAAW,SAAS,IAAI,IAAI,GAAG,SAAS,CAEvC;IAED;;;;OAIG;IACH,IAAW,QAAQ,IAAI,IAAI,GAAG,SAAS,CAEtC;IAED;;;;;OAKG;IACH,IAAW,SAAS,IAAI,IAAI,GAAG,SAAS,CAEvC;IAED;;;;;OAKG;WACW,MAAM,CAAC,MAAM,EAAE;QAC3B,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,gBAAgB;CAwCrB"}
package/dist/commonjs/models/attestationToken.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationToken.js","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAElC,qEAAqE;AACrE,yCAAyC;AACzC,6DAAuC;AAGvC,kDAA2D;AAC3D,8CAAiD;AACjD,iEAA4F;AAE5F,gFAA0D;AAC1D,sEAAgE;AAChE,oDAA+E;AAkN/E;;;;;;;GAOG;AACH,MAAa,oBAAoB;IAC/B;;;;OAIG;IACH,YAAY,KAAa;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QAEpB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,IAAA,uBAAa,EAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,GAAG,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,aAAa,CAAC,IAAA,uBAAa,EAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,2DAA2D;QAE3D,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAWD;;;;OAIG;IACI,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAqC,EACrC,UAA6C;QAC3C,sBAAsB,EAAE,IAAI;QAC5B,aAAa,EAAE,IAAI;QACnB,qBAAqB,EAAE,IAAI;KAC5B;QAED,IAAI,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACnC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,WAAW,GAAkC,SAAS,CAAC;QAC3D,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC;YAE1D,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtB,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACzC,kDAAkD;gBAElD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;gBAEjE,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,GAAG,MAAM,CAAC;gBACvB,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,OAAO,CAAC,wBAAwB,KAAK,SAAS,EAAE,CAAC;YACnD,kFAAkF;YAClF,kBAAkB;YAClB,MAAM,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC7E,IAAI,gBAAgB,EAAE,CAAC;gBACrB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,OAA0C;QAC/D,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,IAAI,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3C,QAAQ,CAAC,IAAI,CACX,gBAAgB,GAAG,IAAI,CAAC,MAAM,GAAG,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAChF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD;;;;OAIG;IACK,sBAAsB,CAAC,OAA0C;;QACvE,2EAA2E;QAC3E,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAExD,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YACnE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,MAAyB;QAC9C,sCAAsC;QACtC,OAAO,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IAEO,mBAAmB,CACzB,2BAAiD;QAEjD,MAAM,gBAAgB,GAAG,IAAI,KAAK,EAAqB,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC;QAEhC,IAAI,YAAY,KAAK,SAAS,IAAI,2BAA2B,KAAK,SAAS,EAAE,CAAC;YAC5E,2BAA2B,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;gBACrD,IAAI,cAAc,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;oBAC1C,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,uEAAuE;YACvE,sEAAsE;YACtE,qDAAqD;YACrD,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;oBAC1E,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2BAA2B,aAA3B,2BAA2B,uBAA3B,2BAA2B,CAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACxC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS;;QAClB,OAAO,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,KAAK;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;OAKG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,IAAW,qBAAqB;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,2BAA2B;QACpC,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED;;;;OAIG;IACH,IAAW,gBAAgB;QACzB,IAAI,GAAe,CAAC;QACpB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACnC,GAAG,GAAG,sCAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,CAAC,GAAG,EAChB,CAAC,OAAO,CAAC,UAAU,CAAC,EACpB,YAAY,CACC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,sCAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,EACZ,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EAClC,YAAY,CACC,CAAC;QAClB,CAAC;QACD,OAAO,IAAA,sDAA+B,EAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;OAIG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,MAIpB;;QACC,MAAM,MAAM,GAGR,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;QAEpB,IAAI,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7F,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAA,wCAA2B,EAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACjC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACpC,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;YAClC,IAAI,MAAM,YAAY,SAAS,CAAC,MAAM,EAAE,CAAC;gBACvC,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,IAAI,MAAM,YAAY,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,MAAM,CAAC,CAAC;YAC/D,CAAC;YACD,MAAM,CAAC,GAAG,GAAG,CAAC,IAAA,wBAAW,EAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAC9C,MAAM,CAAC,GAAG,EACV,MAAM,EACN,MAAA,MAAM,CAAC,IAAI,mCAAI,EAAE,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,OAAO,IAAI,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;CACF;AAtYD,oDAsYC;AAED,SAAS,QAAQ,CAAC,KAAU;IAC1B,OAAO,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,iBAAiB,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAU;IAC/B,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\n\nimport { JsonWebKey } from \"../generated/models/index.js\";\nimport { base64UrlDecodeString } from \"../utils/base64.js\";\nimport { bytesToString } from \"../utils/utf8.js\";\nimport { AttestationSigner, _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\nimport * as Mappers from \"../generated/models/mappers.js\";\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport { hexToBase64, verifyAttestationSigningKey } from \"../utils/helpers.js\";\n\n/**\n * Options used to validate attestation tokens.\n *\n * @typeparam issuer - if provided, specifies the expected issuer of the attestation token.\n * @typeparam validateExpirationTime - if true, validate the expiration time in the token.\n * @typeparam validateNotBeforeTime - if true, validate the \"not before\" time in the token.\n * @typeparam validateToken - if true, validate the token.\n * @typeparam timeValidationSlack - the validation time slack in the time based validations.\n *\n * @remarks\n *\n * If validateToken, validateNotBeforeTime, or validateExpirationTime are not\n * provided, they are all assumed to be 'true'.\n *\n */\nexport interface AttestationTokenValidationOptions {\n /**\n * If true, validate the attestation token, if false, skip validation.\n */\n validateToken?: boolean;\n /**\n * If true, validate the expiration time for the token.\n */\n validateExpirationTime?: boolean;\n /**\n * If true, validate the \"not before\" time for the token.\n */\n validateNotBeforeTime?: boolean;\n /**\n * If true, validate the issuer of the token.\n */\n validateIssuer?: boolean;\n /**\n * The expected issuer for the {@link AttestationToken}. Only checked if {@link validateIssuer} is set.\n */\n expectedIssuer?: string;\n\n /**\n * Tolerance time (in seconds) used to accound for clock drift between the local machine\n * and the server creating the token.\n */\n timeValidationSlack?: number;\n\n /**\n * Validation function which allows developers to provide their own validation\n * functionality for the attestation token. This can be used to perform additional\n * validations for signing certificate in AttestationSigner.\n *\n * @param token - Attestation Token to validate.\n * @param signer - Signing Certificate which validated the token.\n *\n * @remarks\n *\n * If there is a problem with token validation, the validateAttestationCallback function\n * will return an array of strings indicating the set of problems found in the token.\n *\n * @returns an array of problems in the token, or undefined if there are no problems.\n */\n validateAttestationToken?: (\n token: AttestationToken,\n signer?: AttestationSigner,\n ) => string[] | undefined;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport interface AttestationToken {\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n getBody(): unknown;\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n serialize(): string;\n\n /**\n * Validates the attestation token to verify that it is semantically correct.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n */\n getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options?: AttestationTokenValidationOptions,\n ): string[];\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n algorithm: string;\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n keyId?: string;\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n critical?: boolean;\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n contentType?: string;\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n keyUrl?: string;\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n x509Url?: string;\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n type?: string;\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n certificateThumbprint?: string;\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n certificateSha256Thumbprint?: string;\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n certificateChain?: AttestationSigner;\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuer?: string;\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n expiresOn?: Date;\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuedAt?: Date;\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n notBefore?: Date;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport class AttestationTokenImpl implements AttestationToken {\n /**\n * @internal\n *\n * @param token - Attetation token returned by the attestation service.\n */\n constructor(token: string) {\n this._token = token;\n\n const pieces = token.split(\".\");\n if (pieces.length !== 3) {\n throw Error(\"Incorrectly formatted token:\");\n }\n this._headerBytes = base64UrlDecodeString(pieces[0]);\n this._header = safeJsonParse(bytesToString(this._headerBytes));\n this._bodyBytes = base64UrlDecodeString(pieces[1]);\n this._body = safeJsonParse(bytesToString(this._bodyBytes));\n // this._signature = base64UrlDecodeString(pieces[2]);\n\n this._jwsVerifier = jsrsasign.KJUR.jws.JWS.parse(token);\n }\n\n private _token: string;\n private _headerBytes: Uint8Array;\n private _header: any;\n private _bodyBytes: Uint8Array;\n private _body: any;\n // private _signature: Uint8Array;\n\n private _jwsVerifier: any; // jsrsasign.KJUR.jws.JWS.JWSResult;\n\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n public getBody(): unknown {\n return this._jwsVerifier.payloadObj;\n }\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n public serialize(): string {\n return this._token;\n }\n\n /**\n * Returns the set of problems discovered in the attestation token.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n * @returns an array of string values. If there are no problems, returns an empty array.\n */\n public getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options: AttestationTokenValidationOptions = {\n validateExpirationTime: true,\n validateToken: true,\n validateNotBeforeTime: true,\n },\n ): string[] {\n let problems = new Array<string>();\n if (!options.validateToken) {\n return problems;\n }\n\n let foundSigner: AttestationSigner | undefined = undefined;\n if (this.algorithm !== \"none\") {\n const signers = this.getCandidateSigners(possibleSigners);\n\n signers.some((signer) => {\n const cert = this.certFromSigner(signer);\n // const pubKeyObj = cert.getPublicKey();\n\n const isValid = jsrsasign.KJUR.jws.JWS.verify(this._token, cert);\n\n if (isValid) {\n foundSigner = signer;\n }\n });\n\n if (foundSigner === undefined) {\n problems.push(\"Attestation Token is not properly signed.\");\n }\n }\n\n // If the token has a body, check the expiration time and issuer.\n if (this._body !== undefined) {\n problems = problems.concat(this.validateTimeProperties(options));\n problems = problems.concat(this.validateIssuer(options));\n }\n\n if (options.validateAttestationToken !== undefined) {\n // If there is a validation error, the getProblemsCallback will return the list of\n // problems found.\n const validationErrors = options.validateAttestationToken(this, foundSigner);\n if (validationErrors) {\n problems = problems.concat(validationErrors);\n }\n }\n return problems;\n }\n\n private validateIssuer(options: AttestationTokenValidationOptions): string[] {\n const problems = new Array<string>();\n if (this.issuer && options.validateIssuer) {\n if (this.issuer !== options.expectedIssuer) {\n problems.push(\n \"Found issuer: \" + this.issuer + \"; expected issuer: \" + options.expectedIssuer,\n );\n }\n }\n return problems;\n }\n /**\n * Validate the expiration and notbefore time claims in the JSON web token.\n *\n * @param options - Options to be used validating the time properties.\n */\n private validateTimeProperties(options: AttestationTokenValidationOptions): string[] {\n // Calculate the current time as a number of seconds since the start of the\n // Unix epoch.\n const problems = new Array<string>();\n const timeNow = Math.floor(new Date().getTime() / 1000);\n\n // Validate expiration time.\n if (this.expiresOn !== undefined && options.validateExpirationTime) {\n const expTime = this.expiresOn.getTime() / 1000;\n if (timeNow > expTime) {\n const delta = timeNow - expTime;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken has expired.\");\n }\n }\n }\n\n // Validate not before time.\n if (this.notBefore !== undefined && options.validateNotBeforeTime) {\n const nbfTime = this.notBefore.getTime() / 1000;\n if (nbfTime > timeNow) {\n const delta = nbfTime - timeNow;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken is not yet valid.\");\n }\n }\n }\n return problems;\n }\n\n private certFromSigner(signer: AttestationSigner): string {\n // return the PEM encoded certificate.\n return signer.certificates[0];\n }\n\n private getCandidateSigners(\n possibleSigningCertificates?: AttestationSigner[],\n ): AttestationSigner[] {\n const candidateSigners = new Array<AttestationSigner>();\n\n const desiredKeyId = this.keyId;\n\n if (desiredKeyId !== undefined && possibleSigningCertificates !== undefined) {\n possibleSigningCertificates.forEach((possibleSigner) => {\n if (possibleSigner.keyId === desiredKeyId) {\n candidateSigners.push(possibleSigner);\n }\n });\n\n // If we didn't find any candidate signers looking through the provided\n // signing certificates, then maybe there's a certificate chain in the\n // token itself that might be used to sign the token.\n if (candidateSigners.length === 0) {\n if (this.certificateChain !== undefined && this.certificateChain !== null) {\n candidateSigners.push(this.certificateChain);\n }\n }\n } else {\n possibleSigningCertificates?.map((value) => candidateSigners.push(value));\n if (this.certificateChain !== undefined) {\n candidateSigners.push(this.certificateChain);\n }\n }\n return candidateSigners;\n }\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n public get algorithm(): string {\n return this._header?.alg;\n }\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n public get keyId(): string | undefined {\n return this._header.kid;\n }\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n public get critical(): boolean | undefined {\n return this._header.crit;\n }\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n public get contentType(): string | undefined {\n return this._header.cty;\n }\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n public get keyUrl(): string | undefined {\n return this._header.jku;\n }\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n public get x509Url(): string | undefined {\n return this._header.x5u;\n }\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n public get type(): string | undefined {\n return this._header.typ;\n }\n\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n public get certificateThumbprint(): string | undefined {\n return this._header.x5t;\n }\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n public get certificateSha256Thumbprint(): string | undefined {\n return this._header[\"x5t#256\"];\n }\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n public get certificateChain(): AttestationSigner | undefined {\n let jwk: JsonWebKey;\n if (this._header.jwk !== undefined) {\n jwk = TypeDeserializer.deserialize(\n this._header.jwk,\n [Mappers.JsonWebKey],\n \"JsonWebKey\",\n ) as JsonWebKey;\n } else {\n jwk = TypeDeserializer.deserialize(\n this._header,\n { JsonWebKey: Mappers.JsonWebKey },\n \"JsonWebKey\",\n ) as JsonWebKey;\n }\n return _attestationSignerFromGenerated(jwk);\n }\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuer(): string | undefined {\n return this._body.iss;\n }\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n public get expiresOn(): Date | undefined {\n return this._body.exp ? new Date(this._body.exp * 1000) : undefined;\n }\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuedAt(): Date | undefined {\n return this._body.iat ? new Date(this._body.iat * 1000) : undefined;\n }\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n public get notBefore(): Date | undefined {\n return this._body.nbf ? new Date(this._body.nbf * 1000) : undefined;\n }\n\n /**\n * Creates a new attestation token from a body and signing key.\n * @param body - stringified body of the body of the token to be created.\n * @param signer - Optional signing key used to sign the newly created token.\n * @returns an {@link AttestationToken | attestation token}\n */\n public static create(params: {\n body?: string;\n privateKey?: string;\n certificate?: string;\n }): AttestationToken {\n const header: {\n alg: string;\n [k: string]: any;\n } = { alg: \"none\" };\n\n if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (params.privateKey && params.certificate) {\n verifyAttestationSigningKey(params.privateKey, params.certificate);\n }\n\n if (params.privateKey || params.certificate) {\n const x5c = new jsrsasign.X509();\n x5c.readCertPEM(params.certificate);\n const pubKey = x5c.getPublicKey();\n if (pubKey instanceof jsrsasign.RSAKey) {\n header.alg = \"RS256\";\n } else if (pubKey instanceof jsrsasign.KJUR.crypto.ECDSA) {\n header.alg = \"ES256\";\n } else {\n throw new Error(\"Unknown public key type: \" + typeof pubKey);\n }\n header.x5c = [hexToBase64(x5c.hex)];\n } else {\n header.alg = \"none\";\n }\n\n const encodedToken = jsrsasign.KJUR.jws.JWS.sign(\n header.alg,\n header,\n params.body ?? \"\",\n params.privateKey,\n );\n return new AttestationTokenImpl(encodedToken);\n }\n}\n\nfunction isObject(thing: any): boolean {\n return Object.prototype.toString.call(thing) === \"[object Object]\";\n}\n\nfunction safeJsonParse(thing: any): any {\n if (isObject(thing)) return thing;\n try {\n return JSON.parse(thing);\n } catch (e: any) {\n return undefined;\n }\n}\n"]}
1
+ {"version":3,"file":"attestationToken.js","sourceRoot":"","sources":["../../../src/models/attestationToken.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAElC,qEAAqE;AACrE,yCAAyC;AACzC,6DAAuC;AAGvC,kDAA2D;AAC3D,8CAAiD;AAEjD,iEAAyE;AAEzE,gFAA0D;AAC1D,sEAAgE;AAChE,oDAA+E;AAkN/E;;;;;;;GAOG;AACH,MAAa,oBAAoB;IAC/B;;;;OAIG;IACH,YAAY,KAAa;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC;QAEpB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,IAAA,uBAAa,EAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,GAAG,IAAA,iCAAqB,EAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,aAAa,CAAC,IAAA,uBAAa,EAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,2DAA2D;QAE3D,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAWD;;;;OAIG;IACI,OAAO;QACZ,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACI,SAAS;QACd,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAED;;;;;;OAMG;IACI,gBAAgB,CACrB,eAAqC,EACrC,UAA6C;QAC3C,sBAAsB,EAAE,IAAI;QAC5B,aAAa,EAAE,IAAI;QACnB,qBAAqB,EAAE,IAAI;KAC5B;QAED,IAAI,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACnC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,WAAW,GAAkC,SAAS,CAAC;QAC3D,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC,CAAC;YAE1D,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;gBACtB,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACzC,kDAAkD;gBAElD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;gBAEjE,IAAI,OAAO,EAAE,CAAC;oBACZ,WAAW,GAAG,MAAM,CAAC;gBACvB,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC7B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,OAAO,CAAC,wBAAwB,KAAK,SAAS,EAAE,CAAC;YACnD,kFAAkF;YAClF,kBAAkB;YAClB,MAAM,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC7E,IAAI,gBAAgB,EAAE,CAAC;gBACrB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,OAA0C;QAC/D,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,IAAI,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3C,QAAQ,CAAC,IAAI,CACX,gBAAgB,GAAG,IAAI,CAAC,MAAM,GAAG,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAChF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD;;;;OAIG;IACK,sBAAsB,CAAC,OAA0C;;QACvE,2EAA2E;QAC3E,cAAc;QACd,MAAM,QAAQ,GAAG,IAAI,KAAK,EAAU,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QAExD,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;YACnE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,qBAAqB,EAAE,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;YAChD,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;gBACtB,MAAM,KAAK,GAAG,OAAO,GAAG,OAAO,CAAC;gBAChC,IAAI,KAAK,GAAG,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,CAAC,CAAC,EAAE,CAAC;oBAC/C,QAAQ,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,cAAc,CAAC,MAAyB;QAC9C,sCAAsC;QACtC,OAAO,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IAEO,mBAAmB,CACzB,2BAAiD;QAEjD,MAAM,gBAAgB,GAAG,IAAI,KAAK,EAAqB,CAAC;QAExD,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC;QAEhC,IAAI,YAAY,KAAK,SAAS,IAAI,2BAA2B,KAAK,SAAS,EAAE,CAAC;YAC5E,2BAA2B,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;gBACrD,IAAI,cAAc,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;oBAC1C,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,uEAAuE;YACvE,sEAAsE;YACtE,qDAAqD;YACrD,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAClC,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;oBAC1E,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2BAA2B,aAA3B,2BAA2B,uBAA3B,2BAA2B,CAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1E,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;gBACxC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QACD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,yDAAyD;IAEzD;;;;;;;OAOG;IACH,IAAW,SAAS;;QAClB,OAAO,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,KAAK;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;;OAMG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,IAAW,WAAW;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;;OAKG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;OAGG;IACH,IAAW,qBAAqB;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;IAC1B,CAAC;IAED;;;;OAIG;IACH,IAAW,2BAA2B;QACpC,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAED;;;;OAIG;IACH,IAAW,gBAAgB;QACzB,IAAI,GAAe,CAAC;QACpB,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACnC,GAAG,GAAG,sCAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,CAAC,GAAG,EAChB,CAAC,OAAO,CAAC,UAAU,CAAC,EACpB,YAAY,CACC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,sCAAgB,CAAC,WAAW,CAChC,IAAI,CAAC,OAAO,EACZ,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EAClC,YAAY,CACC,CAAC;QAClB,CAAC;QACD,OAAO,IAAA,sDAA+B,EAAC,GAAG,CAAC,CAAC;IAC9C,CAAC;IAED,qDAAqD;IAErD;;;OAGG;IACH,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC;IACxB,CAAC;IAED;;;;OAIG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;OAIG;IACH,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACH,IAAW,SAAS;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,MAAM,CAAC,MAIpB;;QACC,MAAM,MAAM,GAGR,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;QAEpB,IAAI,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7F,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAA,wCAA2B,EAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACjC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACpC,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC;YAClC,IAAI,MAAM,YAAY,SAAS,CAAC,MAAM,EAAE,CAAC;gBACvC,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,IAAI,MAAM,YAAY,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,2BAA2B,GAAG,OAAO,MAAM,CAAC,CAAC;YAC/D,CAAC;YACD,MAAM,CAAC,GAAG,GAAG,CAAC,IAAA,wBAAW,EAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC;QACtB,CAAC;QAED,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAC9C,MAAM,CAAC,GAAG,EACV,MAAM,EACN,MAAA,MAAM,CAAC,IAAI,mCAAI,EAAE,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,OAAO,IAAI,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,CAAC;CACF;AAtYD,oDAsYC;AAED,SAAS,QAAQ,CAAC,KAAU;IAC1B,OAAO,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,iBAAiB,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAU;IAC/B,IAAI,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\n\nimport type { JsonWebKey } from \"../generated/models/index.js\";\nimport { base64UrlDecodeString } from \"../utils/base64.js\";\nimport { bytesToString } from \"../utils/utf8.js\";\nimport type { AttestationSigner } from \"./attestationSigner.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\nimport * as Mappers from \"../generated/models/mappers.js\";\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport { hexToBase64, verifyAttestationSigningKey } from \"../utils/helpers.js\";\n\n/**\n * Options used to validate attestation tokens.\n *\n * @typeparam issuer - if provided, specifies the expected issuer of the attestation token.\n * @typeparam validateExpirationTime - if true, validate the expiration time in the token.\n * @typeparam validateNotBeforeTime - if true, validate the \"not before\" time in the token.\n * @typeparam validateToken - if true, validate the token.\n * @typeparam timeValidationSlack - the validation time slack in the time based validations.\n *\n * @remarks\n *\n * If validateToken, validateNotBeforeTime, or validateExpirationTime are not\n * provided, they are all assumed to be 'true'.\n *\n */\nexport interface AttestationTokenValidationOptions {\n /**\n * If true, validate the attestation token, if false, skip validation.\n */\n validateToken?: boolean;\n /**\n * If true, validate the expiration time for the token.\n */\n validateExpirationTime?: boolean;\n /**\n * If true, validate the \"not before\" time for the token.\n */\n validateNotBeforeTime?: boolean;\n /**\n * If true, validate the issuer of the token.\n */\n validateIssuer?: boolean;\n /**\n * The expected issuer for the {@link AttestationToken}. Only checked if {@link validateIssuer} is set.\n */\n expectedIssuer?: string;\n\n /**\n * Tolerance time (in seconds) used to accound for clock drift between the local machine\n * and the server creating the token.\n */\n timeValidationSlack?: number;\n\n /**\n * Validation function which allows developers to provide their own validation\n * functionality for the attestation token. This can be used to perform additional\n * validations for signing certificate in AttestationSigner.\n *\n * @param token - Attestation Token to validate.\n * @param signer - Signing Certificate which validated the token.\n *\n * @remarks\n *\n * If there is a problem with token validation, the validateAttestationCallback function\n * will return an array of strings indicating the set of problems found in the token.\n *\n * @returns an array of problems in the token, or undefined if there are no problems.\n */\n validateAttestationToken?: (\n token: AttestationToken,\n signer?: AttestationSigner,\n ) => string[] | undefined;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport interface AttestationToken {\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n getBody(): unknown;\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n serialize(): string;\n\n /**\n * Validates the attestation token to verify that it is semantically correct.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n */\n getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options?: AttestationTokenValidationOptions,\n ): string[];\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n algorithm: string;\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n keyId?: string;\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n critical?: boolean;\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n contentType?: string;\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n keyUrl?: string;\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n x509Url?: string;\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n type?: string;\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n certificateThumbprint?: string;\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n certificateSha256Thumbprint?: string;\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n certificateChain?: AttestationSigner;\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuer?: string;\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n expiresOn?: Date;\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n issuedAt?: Date;\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n notBefore?: Date;\n}\n\n/**\n *\n * An AttestationToken represents an RFC 7515 JSON Web Signature object.\n *\n * It can represent either the token returned by the attestation service,\n * or it can be used to create a token locally which can be used to verify\n * attestation policy changes.\n */\nexport class AttestationTokenImpl implements AttestationToken {\n /**\n * @internal\n *\n * @param token - Attetation token returned by the attestation service.\n */\n constructor(token: string) {\n this._token = token;\n\n const pieces = token.split(\".\");\n if (pieces.length !== 3) {\n throw Error(\"Incorrectly formatted token:\");\n }\n this._headerBytes = base64UrlDecodeString(pieces[0]);\n this._header = safeJsonParse(bytesToString(this._headerBytes));\n this._bodyBytes = base64UrlDecodeString(pieces[1]);\n this._body = safeJsonParse(bytesToString(this._bodyBytes));\n // this._signature = base64UrlDecodeString(pieces[2]);\n\n this._jwsVerifier = jsrsasign.KJUR.jws.JWS.parse(token);\n }\n\n private _token: string;\n private _headerBytes: Uint8Array;\n private _header: any;\n private _bodyBytes: Uint8Array;\n private _body: any;\n // private _signature: Uint8Array;\n\n private _jwsVerifier: any; // jsrsasign.KJUR.jws.JWS.JWSResult;\n\n /**\n * Returns the deserialized body of the AttestationToken object.\n *\n * @returns The body of the attestation token as an object.\n */\n public getBody(): unknown {\n return this._jwsVerifier.payloadObj;\n }\n\n /**\n * the token to a string.\n *\n * @remarks\n * Serializes the token to a string.\n *\n * @returns The token serialized to a RFC 7515 JSON Web Signature.\n */\n public serialize(): string {\n return this._token;\n }\n\n /**\n * Returns the set of problems discovered in the attestation token.\n *\n * @param possibleSigners - the set of possible signers for this attestation token.\n * @param options - validation options\n * @returns an array of string values. If there are no problems, returns an empty array.\n */\n public getTokenProblems(\n possibleSigners?: AttestationSigner[],\n options: AttestationTokenValidationOptions = {\n validateExpirationTime: true,\n validateToken: true,\n validateNotBeforeTime: true,\n },\n ): string[] {\n let problems = new Array<string>();\n if (!options.validateToken) {\n return problems;\n }\n\n let foundSigner: AttestationSigner | undefined = undefined;\n if (this.algorithm !== \"none\") {\n const signers = this.getCandidateSigners(possibleSigners);\n\n signers.some((signer) => {\n const cert = this.certFromSigner(signer);\n // const pubKeyObj = cert.getPublicKey();\n\n const isValid = jsrsasign.KJUR.jws.JWS.verify(this._token, cert);\n\n if (isValid) {\n foundSigner = signer;\n }\n });\n\n if (foundSigner === undefined) {\n problems.push(\"Attestation Token is not properly signed.\");\n }\n }\n\n // If the token has a body, check the expiration time and issuer.\n if (this._body !== undefined) {\n problems = problems.concat(this.validateTimeProperties(options));\n problems = problems.concat(this.validateIssuer(options));\n }\n\n if (options.validateAttestationToken !== undefined) {\n // If there is a validation error, the getProblemsCallback will return the list of\n // problems found.\n const validationErrors = options.validateAttestationToken(this, foundSigner);\n if (validationErrors) {\n problems = problems.concat(validationErrors);\n }\n }\n return problems;\n }\n\n private validateIssuer(options: AttestationTokenValidationOptions): string[] {\n const problems = new Array<string>();\n if (this.issuer && options.validateIssuer) {\n if (this.issuer !== options.expectedIssuer) {\n problems.push(\n \"Found issuer: \" + this.issuer + \"; expected issuer: \" + options.expectedIssuer,\n );\n }\n }\n return problems;\n }\n /**\n * Validate the expiration and notbefore time claims in the JSON web token.\n *\n * @param options - Options to be used validating the time properties.\n */\n private validateTimeProperties(options: AttestationTokenValidationOptions): string[] {\n // Calculate the current time as a number of seconds since the start of the\n // Unix epoch.\n const problems = new Array<string>();\n const timeNow = Math.floor(new Date().getTime() / 1000);\n\n // Validate expiration time.\n if (this.expiresOn !== undefined && options.validateExpirationTime) {\n const expTime = this.expiresOn.getTime() / 1000;\n if (timeNow > expTime) {\n const delta = timeNow - expTime;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken has expired.\");\n }\n }\n }\n\n // Validate not before time.\n if (this.notBefore !== undefined && options.validateNotBeforeTime) {\n const nbfTime = this.notBefore.getTime() / 1000;\n if (nbfTime > timeNow) {\n const delta = nbfTime - timeNow;\n if (delta > (options.timeValidationSlack ?? 0)) {\n problems.push(\"AttestationToken is not yet valid.\");\n }\n }\n }\n return problems;\n }\n\n private certFromSigner(signer: AttestationSigner): string {\n // return the PEM encoded certificate.\n return signer.certificates[0];\n }\n\n private getCandidateSigners(\n possibleSigningCertificates?: AttestationSigner[],\n ): AttestationSigner[] {\n const candidateSigners = new Array<AttestationSigner>();\n\n const desiredKeyId = this.keyId;\n\n if (desiredKeyId !== undefined && possibleSigningCertificates !== undefined) {\n possibleSigningCertificates.forEach((possibleSigner) => {\n if (possibleSigner.keyId === desiredKeyId) {\n candidateSigners.push(possibleSigner);\n }\n });\n\n // If we didn't find any candidate signers looking through the provided\n // signing certificates, then maybe there's a certificate chain in the\n // token itself that might be used to sign the token.\n if (candidateSigners.length === 0) {\n if (this.certificateChain !== undefined && this.certificateChain !== null) {\n candidateSigners.push(this.certificateChain);\n }\n }\n } else {\n possibleSigningCertificates?.map((value) => candidateSigners.push(value));\n if (this.certificateChain !== undefined) {\n candidateSigners.push(this.certificateChain);\n }\n }\n return candidateSigners;\n }\n\n /** ********* JSON WEB SIGNATURE (RFC 7515) PROPERTIES */\n\n /**\n * Returns the algorithm from the header of the JSON Web Signature.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.1 | RFC 7515 Section 4.1.1})\n * for details.\n *\n * If the value of algorithm is \"none\" it indicates that the token is unsecured.\n */\n public get algorithm(): string {\n return this._header?.alg;\n }\n\n /**\n * Json Web Signature Header \"kid\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.4 | RFC 7515 Section 4.1.4})\n * for details.\n */\n public get keyId(): string | undefined {\n return this._header.kid;\n }\n\n /**\n * Json Web Signature Header \"crit\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11 | RFC 7515 Section 4.1.11})\n * for details.\n *\n */\n public get critical(): boolean | undefined {\n return this._header.crit;\n }\n\n /**\n * Json Web Token Header \"content type\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.10 | RFC 7515 Section 4.1.10})\n *\n */\n public get contentType(): string | undefined {\n return this._header.cty;\n }\n\n /**\n * Json Web Token Header \"key URL\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.2 | RFC 7515 Section 4.1.2})\n *\n */\n public get keyUrl(): string | undefined {\n return this._header.jku;\n }\n\n /**\n * Json Web Token Header \"X509 Url\".\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.5 | RFC 7515 Section 4.1.5})\n *\n */\n public get x509Url(): string | undefined {\n return this._header.x5u;\n }\n\n /** Json Web Token Header \"Typ\".\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.9 | RFC 7515 Section 4.1.9})\n *\n */\n public get type(): string | undefined {\n return this._header.typ;\n }\n\n /**\n * Json Web Token Header \"x509 thumprint\".\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.7 | RFC 7515 Section 4.1.7})\n */\n public get certificateThumbprint(): string | undefined {\n return this._header.x5t;\n }\n\n /** Json Web Token Header \"x509 SHA256 thumprint\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.8 | RFC 7515 Section 4.1.8})\n *\n */\n public get certificateSha256Thumbprint(): string | undefined {\n return this._header[\"x5t#256\"];\n }\n\n /** Json Web Token Header \"x509 certificate chain\".\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.6 | RFC 7515 Section 4.1.6})\n *\n */\n public get certificateChain(): AttestationSigner | undefined {\n let jwk: JsonWebKey;\n if (this._header.jwk !== undefined) {\n jwk = TypeDeserializer.deserialize(\n this._header.jwk,\n [Mappers.JsonWebKey],\n \"JsonWebKey\",\n ) as JsonWebKey;\n } else {\n jwk = TypeDeserializer.deserialize(\n this._header,\n { JsonWebKey: Mappers.JsonWebKey },\n \"JsonWebKey\",\n ) as JsonWebKey;\n }\n return _attestationSignerFromGenerated(jwk);\n }\n\n /** ********* JSON WEB TOKEN (RFC 7519) PROPERTIES */\n\n /** Issuer of the attestation token.\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuer(): string | undefined {\n return this._body.iss;\n }\n\n /** Expiration time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.4 | RFC 7519 Section 4.1.4})\n * for details.\n */\n public get expiresOn(): Date | undefined {\n return this._body.exp ? new Date(this._body.exp * 1000) : undefined;\n }\n\n /** Issuance time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.6 | RFC 7519 Section 4.1.6})\n * for details.\n */\n public get issuedAt(): Date | undefined {\n return this._body.iat ? new Date(this._body.iat * 1000) : undefined;\n }\n\n /**\n * Not Before time for the token, from JWT body.\n *\n * See {@link https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.5 | RFC 7519 Section 4.1.5})\n * for details.\n */\n public get notBefore(): Date | undefined {\n return this._body.nbf ? new Date(this._body.nbf * 1000) : undefined;\n }\n\n /**\n * Creates a new attestation token from a body and signing key.\n * @param body - stringified body of the body of the token to be created.\n * @param signer - Optional signing key used to sign the newly created token.\n * @returns an {@link AttestationToken | attestation token}\n */\n public static create(params: {\n body?: string;\n privateKey?: string;\n certificate?: string;\n }): AttestationToken {\n const header: {\n alg: string;\n [k: string]: any;\n } = { alg: \"none\" };\n\n if ((!params.privateKey && params.certificate) || (params.privateKey && !params.certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (params.privateKey && params.certificate) {\n verifyAttestationSigningKey(params.privateKey, params.certificate);\n }\n\n if (params.privateKey || params.certificate) {\n const x5c = new jsrsasign.X509();\n x5c.readCertPEM(params.certificate);\n const pubKey = x5c.getPublicKey();\n if (pubKey instanceof jsrsasign.RSAKey) {\n header.alg = \"RS256\";\n } else if (pubKey instanceof jsrsasign.KJUR.crypto.ECDSA) {\n header.alg = \"ES256\";\n } else {\n throw new Error(\"Unknown public key type: \" + typeof pubKey);\n }\n header.x5c = [hexToBase64(x5c.hex)];\n } else {\n header.alg = \"none\";\n }\n\n const encodedToken = jsrsasign.KJUR.jws.JWS.sign(\n header.alg,\n header,\n params.body ?? \"\",\n params.privateKey,\n );\n return new AttestationTokenImpl(encodedToken);\n }\n}\n\nfunction isObject(thing: any): boolean {\n return Object.prototype.toString.call(thing) === \"[object Object]\";\n}\n\nfunction safeJsonParse(thing: any): any {\n if (isObject(thing)) return thing;\n try {\n return JSON.parse(thing);\n } catch (e: any) {\n return undefined;\n }\n}\n"]}
package/dist/commonjs/models/policyResult.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { PolicyModification } from "./index.js";
2
- import { AttestationSigner } from "./attestationSigner.js";
1
+ import type { PolicyModification } from "./index.js";
2
+ import type { AttestationSigner } from "./attestationSigner.js";
3
3
  /**
4
4
  * The result of a policy certificate modification
5
5
  */
package/dist/commonjs/models/policyResult.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"policyResult.d.ts","sourceRoot":"","sources":["../../../src/models/policyResult.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAMhD,OAAO,EAAE,iBAAiB,EAAmC,MAAM,wBAAwB,CAAC;AAE5F;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,gBAAgB,EAAE,kBAAkB,CAAC;IACrC;;OAEG;IACH,eAAe,EAAE,UAAU,CAAC;IAC5B;;OAEG;IACH,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,OAAO,GAAG,YAAY,CAczE"}
1
+ {"version":3,"file":"policyResult.d.ts","sourceRoot":"","sources":["../../../src/models/policyResult.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAMrD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAGhE;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,gBAAgB,EAAE,kBAAkB,CAAC;IACrC;;OAEG;IACH,eAAe,EAAE,UAAU,CAAC;IAC5B;;OAEG;IACH,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,OAAO,GAAG,YAAY,CAczE"}
package/dist/commonjs/models/policyResult.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"policyResult.js","sourceRoot":"","sources":["../../../src/models/policyResult.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AA4ClC,gEAcC;;AAjDD,gFAA0D;AAI1D,sEAAgE;AAChE,iEAA4F;AAwB5F;;;;;GAKG;AACH,SAAgB,0BAA0B,CAAC,OAAgB;IACzD,MAAM,YAAY,GAA0B,sCAAgB,CAAC,WAAW,CACtE,OAAO,EACP,EAAE,YAAY,EAAE,OAAO,CAAC,YAAY,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EACtE,cAAc,CACU,CAAC;IAC3B,OAAO;QACL,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;QAC/C,eAAe,EAAE,YAAY,CAAC,eAAe;QAC7C,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,YAAY,EAAE,YAAY,CAAC,YAAY;YACrC,CAAC,CAAC,IAAA,sDAA+B,EAAC,YAAY,CAAC,YAAY,CAAC;YAC5D,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n */\n\nimport { PolicyModification } from \"./index.js\";\nimport * as Mappers from \"../generated/models/mappers.js\";\n\nimport { PolicyResult as GeneratedPolicyResult } from \"../generated/models/index.js\";\n\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport { AttestationSigner, _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * The result of a policy certificate modification\n */\nexport interface PolicyResult {\n /**\n * The result of the operation\n */\n policyResolution: PolicyModification;\n /**\n * The SHA256 hash of the policy object modified\n */\n policyTokenHash: Uint8Array;\n /**\n * The certificate used to sign the policy object, if specified\n */\n policySigner?: AttestationSigner;\n /**\n * A JSON Web Token containing a StoredAttestationPolicy object with the attestation policy\n */\n policy?: string;\n}\n\n/**\n * Create a new instance of a {@link PolicyResult} from a raw JSON object.\n * @param rawJson - JSON Policy Result object returned from the Attestation service.\n * @returns a newly created {@link PolicyResult} object whose contents reflect the JSON received from\n * the attestation service.\n */\nexport function _policyResultFromGenerated(rawJson: unknown): PolicyResult {\n const policyResult: GeneratedPolicyResult = TypeDeserializer.deserialize(\n rawJson,\n { PolicyResult: Mappers.PolicyResult, JsonWebKey: Mappers.JsonWebKey },\n \"PolicyResult\",\n ) as GeneratedPolicyResult;\n return {\n policyResolution: policyResult.policyResolution,\n policyTokenHash: policyResult.policyTokenHash,\n policy: policyResult.policy,\n policySigner: policyResult.policySigner\n ? _attestationSignerFromGenerated(policyResult.policySigner)\n : undefined,\n };\n}\n"]}
1
+ {"version":3,"file":"policyResult.js","sourceRoot":"","sources":["../../../src/models/policyResult.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AA6ClC,gEAcC;;AAlDD,gFAA0D;AAI1D,sEAAgE;AAEhE,iEAAyE;AAwBzE;;;;;GAKG;AACH,SAAgB,0BAA0B,CAAC,OAAgB;IACzD,MAAM,YAAY,GAA0B,sCAAgB,CAAC,WAAW,CACtE,OAAO,EACP,EAAE,YAAY,EAAE,OAAO,CAAC,YAAY,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,EACtE,cAAc,CACU,CAAC;IAC3B,OAAO;QACL,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;QAC/C,eAAe,EAAE,YAAY,CAAC,eAAe;QAC7C,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,YAAY,EAAE,YAAY,CAAC,YAAY;YACrC,CAAC,CAAC,IAAA,sDAA+B,EAAC,YAAY,CAAC,YAAY,CAAC;YAC5D,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/*\n * Copyright (c) Microsoft Corporation.\n * Licensed under the MIT License.\n *\n */\n\nimport type { PolicyModification } from \"./index.js\";\nimport * as Mappers from \"../generated/models/mappers.js\";\n\nimport type { PolicyResult as GeneratedPolicyResult } from \"../generated/models/index.js\";\n\nimport { TypeDeserializer } from \"../utils/typeDeserializer.js\";\nimport type { AttestationSigner } from \"./attestationSigner.js\";\nimport { _attestationSignerFromGenerated } from \"./attestationSigner.js\";\n\n/**\n * The result of a policy certificate modification\n */\nexport interface PolicyResult {\n /**\n * The result of the operation\n */\n policyResolution: PolicyModification;\n /**\n * The SHA256 hash of the policy object modified\n */\n policyTokenHash: Uint8Array;\n /**\n * The certificate used to sign the policy object, if specified\n */\n policySigner?: AttestationSigner;\n /**\n * A JSON Web Token containing a StoredAttestationPolicy object with the attestation policy\n */\n policy?: string;\n}\n\n/**\n * Create a new instance of a {@link PolicyResult} from a raw JSON object.\n * @param rawJson - JSON Policy Result object returned from the Attestation service.\n * @returns a newly created {@link PolicyResult} object whose contents reflect the JSON received from\n * the attestation service.\n */\nexport function _policyResultFromGenerated(rawJson: unknown): PolicyResult {\n const policyResult: GeneratedPolicyResult = TypeDeserializer.deserialize(\n rawJson,\n { PolicyResult: Mappers.PolicyResult, JsonWebKey: Mappers.JsonWebKey },\n \"PolicyResult\",\n ) as GeneratedPolicyResult;\n return {\n policyResolution: policyResult.policyResolution,\n policyTokenHash: policyResult.policyTokenHash,\n policy: policyResult.policy,\n policySigner: policyResult.policySigner\n ? _attestationSignerFromGenerated(policyResult.policySigner)\n : undefined,\n };\n}\n"]}
package/dist/commonjs/utils/typeDeserializer.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { Mapper } from "@azure/core-client";
1
+ import type { Mapper } from "@azure/core-client";
2
2
  /**
3
3
  * The TypeDeserializer class enables easy access to the Attestation Model serialization
4
4
  * and deserialization APIs.
package/dist/commonjs/utils/typeDeserializer.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"typeDeserializer.d.ts","sourceRoot":"","sources":["../../../src/utils/typeDeserializer.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAoB,MAAM,oBAAoB,CAAC;AAE9D;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B;;;;;;;;;;;OAWG;WACW,WAAW,CACvB,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;KAAE,EACnC,YAAY,EAAE,MAAM,GACnB,OAAO;IAKV;;;;;;;OAOG;WACW,SAAS,CACrB,iBAAiB,EAAE,OAAO,EAC1B,WAAW,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,EACtC,UAAU,EAAE,MAAM,GACjB,MAAM;CAIV"}
1
+ {"version":3,"file":"typeDeserializer.d.ts","sourceRoot":"","sources":["../../../src/utils/typeDeserializer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAGjD;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B;;;;;;;;;;;OAWG;WACW,WAAW,CACvB,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;KAAE,EACnC,YAAY,EAAE,MAAM,GACnB,OAAO;IAKV;;;;;;;OAOG;WACW,SAAS,CACrB,iBAAiB,EAAE,OAAO,EAC1B,WAAW,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,EACtC,UAAU,EAAE,MAAM,GACjB,MAAM;CAIV"}
package/dist/commonjs/utils/typeDeserializer.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"typeDeserializer.js","sourceRoot":"","sources":["../../../src/utils/typeDeserializer.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAElC,oDAA8D;AAE9D;;;GAGG;AACH,MAAa,gBAAgB;IAC3B;;;;;;;;;;;OAWG;IACI,MAAM,CAAC,WAAW,CACvB,OAAgB,EAChB,WAAmC,EACnC,YAAoB;QAEpB,MAAM,UAAU,GAAG,IAAA,8BAAgB,EAAC,WAAW,CAAC,CAAC;QACjD,OAAO,UAAU,CAAC,WAAW,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAClF,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,SAAS,CACrB,iBAA0B,EAC1B,WAAsC,EACtC,UAAkB;QAElB,MAAM,UAAU,GAAG,IAAA,8BAAgB,EAAC,WAAW,CAAC,CAAC;QACjD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAC7E,CAAC;CACF;AAtCD,4CAsCC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { Mapper, createSerializer } from \"@azure/core-client\";\n\n/**\n * The TypeDeserializer class enables easy access to the Attestation Model serialization\n * and deserialization APIs.\n */\nexport class TypeDeserializer {\n /**\n * Deserializes a JSON object into a model type.\n * @param rawJson - The JSON encoded object to convert into model type.\n * @param bodyMapper - A mapping between type names and {@link Mapper} objects\n * which defines the model properties for the type. the {@link bodyTypeName}\n * must be one of the properties in the {@link bodyMapper} parameter.\n * @param bodyTypeName - The name of the type of the body.\n * @returns The deserialized type. It is the responsibility of the caller to cast to the\n * expected return type.\n *\n * @internal\n */\n public static deserialize(\n rawJson: unknown,\n typeMappers: { [key: string]: any },\n bodyTypeName: string,\n ): unknown {\n const serializer = createSerializer(typeMappers);\n return serializer.deserialize(typeMappers[bodyTypeName], rawJson, bodyTypeName);\n }\n\n /**\n * Serializes a JSON object into a model type.\n * @param objectToSerialize - The JSON encoded object to convert into model type.\n * @param bodyMapper - A {@link Mapper} object which defines the model properties for the type.\n * @returns The serialized type as a JSON encoded string.\n *\n * @internal\n */\n public static serialize(\n objectToSerialize: unknown,\n typeMappers: { [key: string]: Mapper },\n bodyMapper: Mapper,\n ): string {\n const serializer = createSerializer(typeMappers);\n return JSON.stringify(serializer.serialize(bodyMapper, objectToSerialize));\n }\n}\n"]}
1
+ {"version":3,"file":"typeDeserializer.js","sourceRoot":"","sources":["../../../src/utils/typeDeserializer.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAGlC,oDAAsD;AAEtD;;;GAGG;AACH,MAAa,gBAAgB;IAC3B;;;;;;;;;;;OAWG;IACI,MAAM,CAAC,WAAW,CACvB,OAAgB,EAChB,WAAmC,EACnC,YAAoB;QAEpB,MAAM,UAAU,GAAG,IAAA,8BAAgB,EAAC,WAAW,CAAC,CAAC;QACjD,OAAO,UAAU,CAAC,WAAW,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;IAClF,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,SAAS,CACrB,iBAA0B,EAC1B,WAAsC,EACtC,UAAkB;QAElB,MAAM,UAAU,GAAG,IAAA,8BAAgB,EAAC,WAAW,CAAC,CAAC;QACjD,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAC7E,CAAC;CACF;AAtCD,4CAsCC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { Mapper } from \"@azure/core-client\";\nimport { createSerializer } from \"@azure/core-client\";\n\n/**\n * The TypeDeserializer class enables easy access to the Attestation Model serialization\n * and deserialization APIs.\n */\nexport class TypeDeserializer {\n /**\n * Deserializes a JSON object into a model type.\n * @param rawJson - The JSON encoded object to convert into model type.\n * @param bodyMapper - A mapping between type names and {@link Mapper} objects\n * which defines the model properties for the type. the {@link bodyTypeName}\n * must be one of the properties in the {@link bodyMapper} parameter.\n * @param bodyTypeName - The name of the type of the body.\n * @returns The deserialized type. It is the responsibility of the caller to cast to the\n * expected return type.\n *\n * @internal\n */\n public static deserialize(\n rawJson: unknown,\n typeMappers: { [key: string]: any },\n bodyTypeName: string,\n ): unknown {\n const serializer = createSerializer(typeMappers);\n return serializer.deserialize(typeMappers[bodyTypeName], rawJson, bodyTypeName);\n }\n\n /**\n * Serializes a JSON object into a model type.\n * @param objectToSerialize - The JSON encoded object to convert into model type.\n * @param bodyMapper - A {@link Mapper} object which defines the model properties for the type.\n * @returns The serialized type as a JSON encoded string.\n *\n * @internal\n */\n public static serialize(\n objectToSerialize: unknown,\n typeMappers: { [key: string]: Mapper },\n bodyMapper: Mapper,\n ): string {\n const serializer = createSerializer(typeMappers);\n return JSON.stringify(serializer.serialize(bodyMapper, objectToSerialize));\n }\n}\n"]}
package/dist/esm/attestationAdministrationClient.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import { AttestationResponse, AttestationSigner, AttestationTokenValidationOptions, AttestationType, PolicyCertificatesModificationResult, PolicyResult } from "./models/index.js";
2
- import { CommonClientOptions, OperationOptions } from "@azure/core-client";
3
- import { TokenCredential } from "@azure/core-auth";
1
+ import type { AttestationResponse, AttestationSigner, AttestationTokenValidationOptions, AttestationType, PolicyCertificatesModificationResult, PolicyResult } from "./models/index.js";
2
+ import type { CommonClientOptions, OperationOptions } from "@azure/core-client";
3
+ import type { TokenCredential } from "@azure/core-auth";
4
4
  /**
5
5
  * Attestation Client Construction Options.
6
6
  */
package/dist/esm/attestationAdministrationClient.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationAdministrationClient.d.ts","sourceRoot":"","sources":["../../src/attestationAdministrationClient.ts"],"names":[],"mappings":"AAgBA,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,iCAAiC,EACjC,eAAe,EACf,oCAAoC,EACpC,YAAY,EACb,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAenD;;GAEG;AACH,MAAM,WAAW,sCAAuC,SAAQ,mBAAmB;IACjF;;;OAGG;IACH,iBAAiB,CAAC,EAAE,iCAAiC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,+CAAgD,SAAQ,gBAAgB;IACvF;;;OAGG;IACH,iBAAiB,CAAC,EAAE,iCAAiC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,qDACf,SAAQ,+CAA+C;IACvD;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,gEACf,SAAQ,+CAA+C;CAAG;AAE5D;;;;;;;;;;;GAWG;AACH,qBAAa,+BAA+B;IAC1C;;;;;;;;;;;;;;;;OAgBG;gBAGD,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,eAAe,EAC5B,OAAO,GAAE,sCAA2C;IAmBtD;;;;;;;;;OASG;IACU,SAAS,CACpB,eAAe,EAAE,eAAe,EAChC,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;IA6CvC;;;;;;;;;;;;;;;;;;OAkBG;IACU,SAAS,CACpB,eAAe,EAAE,eAAe,EAChC,iBAAiB,EAAE,MAAM,EACzB,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IAqD7C;;;;;;;;;;;;;;;;;;OAkBG;IAEU,WAAW,CACtB,eAAe,EAAE,eAAe,EAChC,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IAoD7C;;;;;;;OAOG;IACU,+BAA+B,CAC1C,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAuCpD;;;;;;;;;;;;;;;;;OAiBG;IACU,8BAA8B,CACzC,cAAc,EAAE,MAAM,EACtB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,oCAAoC,CAAC,CAAC;IAwErE,OAAO,CAAC,sBAAsB;IAmB9B;;;;;;;;;;;;;;;;OAgBG;IACU,iCAAiC,CAC5C,cAAc,EAAE,MAAM,EACtB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,oCAAoC,CAAC,CAAC;YAwEvD,WAAW;IAazB,OAAO,CAAC,OAAO,CAAkB;IACjC,OAAO,CAAC,QAAQ,CAAC,CAAsB;IACvC,OAAO,CAAC,kBAAkB,CAAC,CAAoC;CAChE"}
1
+ {"version":3,"file":"attestationAdministrationClient.d.ts","sourceRoot":"","sources":["../../src/attestationAdministrationClient.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EACV,mBAAmB,EACnB,iBAAiB,EACjB,iCAAiC,EACjC,eAAe,EACf,oCAAoC,EACpC,YAAY,EACb,MAAM,mBAAmB,CAAC;AAG3B,OAAO,KAAK,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAChF,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAexD;;GAEG;AACH,MAAM,WAAW,sCAAuC,SAAQ,mBAAmB;IACjF;;;OAGG;IACH,iBAAiB,CAAC,EAAE,iCAAiC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,+CAAgD,SAAQ,gBAAgB;IACvF;;;OAGG;IACH,iBAAiB,CAAC,EAAE,iCAAiC,CAAC;CACvD;AAED;;GAEG;AACH,MAAM,WAAW,qDACf,SAAQ,+CAA+C;IACvD;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,gEACf,SAAQ,+CAA+C;CAAG;AAE5D;;;;;;;;;;;GAWG;AACH,qBAAa,+BAA+B;IAC1C;;;;;;;;;;;;;;;;OAgBG;gBAGD,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,eAAe,EAC5B,OAAO,GAAE,sCAA2C;IAmBtD;;;;;;;;;OASG;IACU,SAAS,CACpB,eAAe,EAAE,eAAe,EAChC,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;IA6CvC;;;;;;;;;;;;;;;;;;OAkBG;IACU,SAAS,CACpB,eAAe,EAAE,eAAe,EAChC,iBAAiB,EAAE,MAAM,EACzB,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IAqD7C;;;;;;;;;;;;;;;;;;OAkBG;IAEU,WAAW,CACtB,eAAe,EAAE,eAAe,EAChC,OAAO,GAAE,qDAA0D,GAClE,OAAO,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;IAoD7C;;;;;;;OAOG;IACU,+BAA+B,CAC1C,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAuCpD;;;;;;;;;;;;;;;;;OAiBG;IACU,8BAA8B,CACzC,cAAc,EAAE,MAAM,EACtB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,oCAAoC,CAAC,CAAC;IAwErE,OAAO,CAAC,sBAAsB;IAmB9B;;;;;;;;;;;;;;;;OAgBG;IACU,iCAAiC,CAC5C,cAAc,EAAE,MAAM,EACtB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,gEAAqE,GAC7E,OAAO,CAAC,mBAAmB,CAAC,oCAAoC,CAAC,CAAC;YAwEvD,WAAW;IAazB,OAAO,CAAC,OAAO,CAAkB;IACjC,OAAO,CAAC,QAAQ,CAAC,CAAsB;IACvC,OAAO,CAAC,kBAAkB,CAAC,CAAoC;CAChE"}
package/dist/esm/attestationAdministrationClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"attestationAdministrationClient.js","sourceRoot":"","sources":["../../src/attestationAdministrationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,uDAAuD;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AASrC,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAUhD,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAI9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAEzD,qEAAqE;AACrE,yCAAyC;AACzC,OAAO,KAAK,SAAS,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAC5E,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAqDvD;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,+BAA+B;IAC1C;;;;;;;;;;;;;;;;OAgBG;IAEH,YACE,QAAgB,EAChB,WAA4B,EAC5B,UAAkD,EAAE;QAEpD,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;QAEpD,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,UAAU,EAAE,WAAW;YACvB,gBAAgB,EAAE,CAAC,mCAAmC,CAAC;YACvD,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;IACxE,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,SAAS,CACpB,eAAgC,EAChC,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;YAEvF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAE9D,gDAAgD;YAChD,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBACzB,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,oBAAoB,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAElE,MAAM,YAAY,GAAG,uBAAuB,CAAC,WAAW,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YAEhF,uEAAuE;YACvE,4CAA4C;YAC5C,OAAO,yBAAyB,CAC9B,KAAK,EACL,aAAa,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAC9C,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACI,KAAK,CAAC,SAAS,CACpB,eAAgC,EAChC,iBAAyB,EACzB,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IACE,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC;gBAC5C,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAC5C,CAAC;gBACD,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBAC9C,2BAA2B,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,uBAAuB,GAAG,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,CAAC,SAAS,EAAE,CAAC;YAC3F,MAAM,cAAc,GAAG,oBAAoB,CAAC,MAAM,iBAChD,IAAI,EAAE,uBAAuB,IAC1B,OAAO,EACV,CAAC;YAEH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CACnD,eAAe,EACf,cAAc,CAAC,SAAS,EAAE,EAC1B,cAAc,CACf,CAAC;YAEF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAC9D,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,OAAO,yBAAyB,CAAe,KAAK,EAAE,YAAY,CAAC,CAAC;QACtE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IAEI,KAAK,CAAC,WAAW,CACtB,eAAgC,EAChC,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IACE,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC;gBAC5C,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAC5C,CAAC;gBACD,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBAC9C,2BAA2B,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBACnD,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC,CAAC,CAAC;YAEH,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CACvD,eAAe,EACf,gBAAgB,CAAC,SAAS,EAAE,EAC5B,cAAc,CACf,CAAC;YAEF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,OAAO,yBAAyB,CAAe,KAAK,EAAE,YAAY,CAAC,CAAC;QACtE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,+BAA+B,CAC1C,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,iEAAiE,EACjE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACxF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACpE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAW,CACvC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,wBAAwB,EAAE,OAAO,CAAC,wBAAwB;gBAC1D,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,0BAA0B,CACC,CAAC;YAE9B,MAAM,kBAAkB,GAAG,IAAI,KAAK,EAAqB,CAAC;YAC1D,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBAC3C,kBAAkB,CAAC,IAAI,CAAC,+BAA+B,CAAC,GAAG,CAAC,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC;YAEH,OAAO,yBAAyB,CAAsB,KAAK,EAAE,kBAAkB,CAAC,CAAC;QACnF,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACI,KAAK,CAAC,8BAA8B,CACzC,cAAsB,EACtB,UAAkB,EAClB,WAAmB,EACnB,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,gEAAgE,EAChE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,CAAC,CAAC,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,UAAU,IAAI,WAAW,EAAE,CAAC;gBAC9B,2BAA2B,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACjC,MAAM,GAAG,GAAG,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAE9C,MAAM,GAAG,GAAe;gBACtB,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC5B,GAAG,EAAE,GAAG;aACT,CAAC;YAEF,MAAM,OAAO,GAAyC;gBACpD,iBAAiB,EAAE,GAAG;aACvB,CAAC;YAEF,MAAM,YAAY,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBAC/C,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAC9B,OAAO,EACP;oBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;oBAClF,UAAU,EAAE,OAAO,CAAC,UAAU;iBAC/B,EACD,OAAO,CAAC,oCAAoC,CAC7C;gBACD,UAAU,EAAE,UAAU;gBACtB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,GAAG,CACpE,YAAY,CAAC,SAAS,EAAE,EACxB,cAAc,CACf,CAAC;YACF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YACnE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,+DAA+D;YAC/D,MAAM,MAAM,GAAG,gBAAgB,CAAC,WAAW,CACzC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;gBAClF,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,sCAAsC,CACC,CAAC;YAE1C,OAAO,yBAAyB,CAAuC,KAAK,EAAE,MAAM,CAAC,CAAC;QACxF,CAAC,CACF,CAAC;IACJ,CAAC;IAEO,sBAAsB,CAAC,IAAS;QACtC,IAAI,GAAW,CAAC;QAChB,QAAQ,IAAI,CAAC,yBAAyB,EAAE,EAAE,CAAC;YACzC,KAAK,eAAe,CAAC;YACrB,KAAK,eAAe,CAAC;YACrB,KAAK,eAAe;gBAClB,GAAG,GAAG,KAAK,CAAC;gBACZ,MAAM;YACR,KAAK,iBAAiB,CAAC;YACvB,KAAK,iBAAiB;gBACpB,GAAG,GAAG,IAAI,CAAC;gBACX,MAAM;YACR;gBACE,GAAG,GAAG,KAAK,CAAC;gBACZ,MAAM;QACV,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACI,KAAK,CAAC,iCAAiC,CAC5C,cAAsB,EACtB,UAAkB,EAClB,WAAmB,EACnB,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,mEAAmE,EACnE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,CAAC,CAAC,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,UAAU,IAAI,WAAW,EAAE,CAAC;gBAC9B,2BAA2B,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACjC,MAAM,GAAG,GAAG,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAE9C,MAAM,GAAG,GAAe;gBACtB,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC5B,GAAG,EAAE,GAAG;aACT,CAAC;YAEF,MAAM,OAAO,GAAyC;gBACpD,iBAAiB,EAAE,GAAG;aACvB,CAAC;YAEF,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBAClD,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAC9B,OAAO,EACP;oBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;oBAClF,UAAU,EAAE,OAAO,CAAC,UAAU;iBAC/B,EACD,OAAO,CAAC,oCAAoC,CAC7C;gBACD,UAAU,EAAE,UAAU;gBACtB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAC1E,eAAe,CAAC,SAAS,EAAE,EAC3B,cAAc,CACf,CAAC;YACF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,+DAA+D;YAC/D,MAAM,MAAM,GAAG,gBAAgB,CAAC,WAAW,CACzC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;gBAClF,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,sCAAsC,CACC,CAAC;YAE1C,OAAO,yBAAyB,CAAuC,KAAK,EAAE,MAAM,CAAC,CAAC;QACxF,CAAC,CACF,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,WAAW;;QACvB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CAKF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/* eslint-disable @azure/azure-sdk/ts-naming-options */\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\nimport { logger } from \"./logger.js\";\n\nimport {\n AttestationCertificateManagementBody,\n GeneratedClientOptionalParams,\n JsonWebKey,\n PolicyCertificatesResult,\n} from \"./generated/models/index.js\";\n\nimport { bytesToString } from \"./utils/utf8.js\";\n\nimport {\n AttestationResponse,\n AttestationSigner,\n AttestationTokenValidationOptions,\n AttestationType,\n PolicyCertificatesModificationResult,\n PolicyResult,\n} from \"./models/index.js\";\nimport { StoredAttestationPolicy } from \"./models/storedAttestationPolicy.js\";\n\nimport { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport { TokenCredential } from \"@azure/core-auth\";\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\nimport { hexToBase64 } from \"./utils/helpers.js\";\nimport { _policyResultFromGenerated } from \"./models/policyResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { verifyAttestationSigningKey } from \"./utils/helpers.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationAdministrationClientOptions extends CommonClientOptions {\n /**\n * Options to be used globally to validate attestation tokens received from\n * the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Administration Client operations.\n */\nexport interface AttestationAdministrationClientOperationOptions extends OperationOptions {\n /**\n * Options to be used globally to validate attestation tokens received from\n * the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the administration Policy operations.\n */\nexport interface AttestationAdministrationClientPolicyOperationOptions\n extends AttestationAdministrationClientOperationOptions {\n /**\n * Optional Private key used to sign the token sent to the attestation service.\n *\n * Required for Isolated Mode attestation instances.\n */\n privateKey?: string;\n\n /**\n * Optional certificate which can validate the token sent to the attestation service.\n *\n * Required for Isolated Mode attestation instances.\n *\n * If the service instance is in Isolated mode, the certificate *must* be one\n * of the configured policy management certificates.\n */\n certificate?: string;\n}\n\n/**\n * Operation options for the Policy Certificates operations.\n */\nexport interface AttestationAdministrationClientPolicyCertificateOperationOptions\n extends AttestationAdministrationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getPolicy\n * - setPolicy\n * - resetPolicy\n * - getPolicyManagementCertificates\n * - addPolicyManagementCertificate\n * - removePolicyManagementCertificate\n */\nexport class AttestationAdministrationClient {\n /**\n * Creates an instance of AttestationAdministrationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationAdministrationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationAdministrationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\")\n * );\n * ```\n *\n * @param endpoint - The attestation instance endpoint, for example https://mytenant.attest.azure.net.\n * @param credential - Used to authenticate requests to the service.\n * @param options - Used to configure the Form Recognizer client.\n */\n\n constructor(\n endpoint: string,\n credentials: TokenCredential,\n options: AttestationAdministrationClientOptions = {},\n ) {\n this._validationOptions = options.validationOptions;\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credential: credentials,\n credentialScopes: [\"https://attest.azure.net/.default\"],\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n }\n\n /**\n * Retrieves the attestation policy document from the server, and returns it\n * to the caller.\n *\n * @param attestationType - AttestationType for which to retrieve policy.\n * @param options - Pipeline and client options for the `getPolicy` call.\n * @returns `AttestationResponse<string>` - the `value` property is the\n * attestation policy, the `token` property will be the actual token\n * returned by the attestation service.\n */\n public async getPolicy(\n attestationType: AttestationType,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<string>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-getPolicy\",\n options,\n async (updatedOptions) => {\n const getPolicyResult = await this._client.policy.get(attestationType, updatedOptions);\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(getPolicyResult.token);\n\n // Validate the token returned from the service.\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n if (!policyResult.policy) {\n throw Error(\"Server returned an invalid getPolicy response!\");\n }\n\n const policyToken = new AttestationTokenImpl(policyResult.policy);\n\n const storedPolicy = StoredAttestationPolicy.deserialize(policyToken.getBody());\n\n // Finally, retrieve the stored attestationPolicy value and return that\n // as the AttestationResponse to the caller.\n return createAttestationResponse<string>(\n token,\n bytesToString(storedPolicy.attestationPolicy),\n );\n },\n );\n }\n\n /**\n * Sets the attestation policy for the specified {@link attestationType}.\n *\n * @param attestationType - Attestation Type for which to set policy.\n * @param newPolicyDocument - Policy document to be set.\n * @param options - call options.\n * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.\n * Clients can use the PolicyResult to validate that the policy was actually\n * set by the attestation service.\n *\n * @remarks\n *\n * Please note that if the attestation service instance is running in \"Isolated\"\n * mode, the {@link signingKey} must be one of the signing keys configured for the\n * service instance.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n public async setPolicy(\n attestationType: AttestationType,\n newPolicyDocument: string,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<PolicyResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-setPolicy\",\n options,\n async (updatedOptions) => {\n if (\n (!options.privateKey && options.certificate) ||\n (options.privateKey && !options.certificate)\n ) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (options.privateKey && options.certificate) {\n verifyAttestationSigningKey(options.privateKey, options.certificate);\n }\n\n const storedAttestationPolicy = new StoredAttestationPolicy(newPolicyDocument).serialize();\n const setPolicyToken = AttestationTokenImpl.create({\n body: storedAttestationPolicy,\n ...options,\n });\n\n const setPolicyResult = await this._client.policy.set(\n attestationType,\n setPolicyToken.serialize(),\n updatedOptions,\n );\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(setPolicyResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n return createAttestationResponse<PolicyResult>(token, policyResult);\n },\n );\n }\n\n /**\n * Resets the attestation policy for the specified {@link attestationType} to\n * the default value.\n *\n * @param attestationType - Attestation Type for which to set policy.\n * @param options - call options.\n * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.\n * Clients can use the PolicyResult to validate that the policy was actually\n * reset by the attestation service.\n *\n * @remarks\n *\n * Please note that if the attestation service instance is running in \"Isolated\"\n * mode, the {@link signingKey} must be one of the signing keys configured for the\n * service instance.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n\n public async resetPolicy(\n attestationType: AttestationType,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<PolicyResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-setPolicy\",\n options,\n async (updatedOptions) => {\n if (\n (!options.privateKey && options.certificate) ||\n (options.privateKey && !options.certificate)\n ) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (options.privateKey && options.certificate) {\n verifyAttestationSigningKey(options.privateKey, options.certificate);\n }\n\n const resetPolicyToken = AttestationTokenImpl.create({\n privateKey: options.privateKey,\n certificate: options.certificate,\n });\n\n const resetPolicyResult = await this._client.policy.reset(\n attestationType,\n resetPolicyToken.serialize(),\n updatedOptions,\n );\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(resetPolicyResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n return createAttestationResponse<PolicyResult>(token, policyResult);\n },\n );\n }\n\n /** Returns the set of policy management certificates for this attestation instance.\n *\n * @remarks If the attestation instance is not in `Isolated` mode, this list will\n * always be empty.\n *\n * @param options - Options for the call to the attestation service.\n * @returns AttestationResponse wrapping a list of Attestation Signers.\n */\n public async getPolicyManagementCertificates(\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<AttestationSigner[]>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-getPolicyManagementCertificates\",\n options,\n async (updatedOptions) => {\n const getCertificatesResult = await this._client.policyCertificates.get(updatedOptions);\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(getCertificatesResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const jwks = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesResult: Mappers.PolicyCertificatesResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesResult\",\n ) as PolicyCertificatesResult;\n\n const policyCertificates = new Array<AttestationSigner>();\n jwks.policyCertificates.keys.forEach((jwk) => {\n policyCertificates.push(_attestationSignerFromGenerated(jwk));\n });\n\n return createAttestationResponse<AttestationSigner[]>(token, policyCertificates);\n },\n );\n }\n\n /** Add a new certificate chain to the set of policy management certificates.\n *\n * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.\n * @param privateKey - Existing attestation private key used to sign the incoming request.\n * @param certificate - Existing attestation certificate used to verify the incoming request.\n * @param options - Options used in the call to the service.\n * @returns An attestation response including a PolicyCertificatesModificationResult\n *\n * @remarks This API is only supported on `isolated` attestation instances.\n *\n * The signing key MUST be one of the existing attestation signing certificates. The\n * new pemCertificate is signed using the signingKey and the service will validate the\n * signature before allowing the addition.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n *\n */\n public async addPolicyManagementCertificate(\n pemCertificate: string,\n privateKey: string,\n certificate: string,\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<PolicyCertificatesModificationResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-addPolicyManagementCertificate\",\n options,\n async (updatedOptions) => {\n if ((!privateKey && certificate) || (privateKey && !certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (privateKey && certificate) {\n verifyAttestationSigningKey(privateKey, certificate);\n }\n\n const cert = new jsrsasign.X509();\n cert.readCertPEM(pemCertificate);\n const kty = this.keyTypeFromCertificate(cert);\n\n const jwk: JsonWebKey = {\n x5C: [hexToBase64(cert.hex)],\n kty: kty,\n };\n\n const addBody: AttestationCertificateManagementBody = {\n policyCertificate: jwk,\n };\n\n const addCertToken = AttestationTokenImpl.create({\n body: TypeDeserializer.serialize(\n addBody,\n {\n AttestationCertificateManagementBody: Mappers.AttestationCertificateManagementBody,\n JsonWebKey: Mappers.JsonWebKey,\n },\n Mappers.AttestationCertificateManagementBody,\n ),\n privateKey: privateKey,\n certificate: certificate,\n });\n\n const addCertificateResult = await this._client.policyCertificates.add(\n addCertToken.serialize(),\n updatedOptions,\n );\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(addCertificateResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyCertificatesModificationResult object.\n const result = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesModificationResult: Mappers.PolicyCertificatesModificationResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesModificationResult\",\n ) as PolicyCertificatesModificationResult;\n\n return createAttestationResponse<PolicyCertificatesModificationResult>(token, result);\n },\n );\n }\n\n private keyTypeFromCertificate(cert: any): string {\n let kty: string;\n switch (cert.getSignatureAlgorithmName()) {\n case \"SHA256withRSA\":\n case \"SHA384withRSA\":\n case \"SHA512withRSA\":\n kty = \"RSA\";\n break;\n case \"SHA256withECDSA\":\n case \"SHA384withECDSA\":\n kty = \"EC\";\n break;\n default:\n kty = \"RSA\";\n break;\n }\n return kty;\n }\n\n /** Add a new certificate chain to the set of policy management certificates.\n *\n * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.\n * @param privateKey - Existing attestation private key used to sign the incoming request.\n * @param certificate - Existing attestation certificate used to verify the incoming request.\n * @param options - Options used in the call to the service.\n * @returns An attestation response including a PolicyCertificatesModificationResult\n *\n * @remarks This API is only supported on `isolated` attestation instances.\n *\n * The signing key MUST be one of the existing attestation signing certificates. The\n * new pemCertificate is signed using the signingKey and the service will validate the\n * signature before allowing the addition.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n public async removePolicyManagementCertificate(\n pemCertificate: string,\n privateKey: string,\n certificate: string,\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<PolicyCertificatesModificationResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-removePolicyManagementCertificate\",\n options,\n async (updatedOptions) => {\n if ((!privateKey && certificate) || (privateKey && !certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (privateKey && certificate) {\n verifyAttestationSigningKey(privateKey, certificate);\n }\n\n const cert = new jsrsasign.X509();\n cert.readCertPEM(pemCertificate);\n const kty = this.keyTypeFromCertificate(cert);\n\n const jwk: JsonWebKey = {\n x5C: [hexToBase64(cert.hex)],\n kty: kty,\n };\n\n const addBody: AttestationCertificateManagementBody = {\n policyCertificate: jwk,\n };\n\n const removeCertToken = AttestationTokenImpl.create({\n body: TypeDeserializer.serialize(\n addBody,\n {\n AttestationCertificateManagementBody: Mappers.AttestationCertificateManagementBody,\n JsonWebKey: Mappers.JsonWebKey,\n },\n Mappers.AttestationCertificateManagementBody,\n ),\n privateKey: privateKey,\n certificate: certificate,\n });\n\n const removeCertificateResult = await this._client.policyCertificates.remove(\n removeCertToken.serialize(),\n updatedOptions,\n );\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(removeCertificateResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyCertificatesModificationResult object.\n const result = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesModificationResult: Mappers.PolicyCertificatesModificationResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesModificationResult\",\n ) as PolicyCertificatesModificationResult;\n\n return createAttestationResponse<PolicyCertificatesModificationResult>(token, result);\n },\n );\n }\n\n private async signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n\n private _client: GeneratedClient;\n private _signers?: AttestationSigner[];\n private _validationOptions?: AttestationTokenValidationOptions;\n}\n"]}
1
+ {"version":3,"file":"attestationAdministrationClient.js","sourceRoot":"","sources":["../../src/attestationAdministrationClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,uDAAuD;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AACjE,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AASrC,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAUhD,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAI9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAC;AAC/D,OAAO,KAAK,OAAO,MAAM,+BAA+B,CAAC;AAEzD,qEAAqE;AACrE,yCAAyC;AACzC,OAAO,KAAK,SAAS,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AACtE,OAAO,EAAE,+BAA+B,EAAE,MAAM,+BAA+B,CAAC;AAChF,OAAO,EAAE,2BAA2B,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AAC5E,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAqDvD;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,+BAA+B;IAC1C;;;;;;;;;;;;;;;;OAgBG;IAEH,YACE,QAAgB,EAChB,WAA4B,EAC5B,UAAkD,EAAE;QAEpD,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,iBAAiB,CAAC;QAEpD,MAAM,uBAAuB,mCACxB,OAAO,GACP;YACD,UAAU,EAAE,WAAW;YACvB,gBAAgB,EAAE,CAAC,mCAAmC,CAAC;YACvD,cAAc,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,IAAI;gBACnB,kBAAkB,EAAE,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;aACpE;SACF,CACF,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,eAAe,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;IACxE,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,SAAS,CACpB,eAAgC,EAChC,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAC;YAEvF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAE9D,gDAAgD;YAChD,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBACzB,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,oBAAoB,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAElE,MAAM,YAAY,GAAG,uBAAuB,CAAC,WAAW,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC;YAEhF,uEAAuE;YACvE,4CAA4C;YAC5C,OAAO,yBAAyB,CAC9B,KAAK,EACL,aAAa,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAC9C,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACI,KAAK,CAAC,SAAS,CACpB,eAAgC,EAChC,iBAAyB,EACzB,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IACE,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC;gBAC5C,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAC5C,CAAC;gBACD,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBAC9C,2BAA2B,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,uBAAuB,GAAG,IAAI,uBAAuB,CAAC,iBAAiB,CAAC,CAAC,SAAS,EAAE,CAAC;YAC3F,MAAM,cAAc,GAAG,oBAAoB,CAAC,MAAM,iBAChD,IAAI,EAAE,uBAAuB,IAC1B,OAAO,EACV,CAAC;YAEH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CACnD,eAAe,EACf,cAAc,CAAC,SAAS,EAAE,EAC1B,cAAc,CACf,CAAC;YAEF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAC9D,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,OAAO,yBAAyB,CAAe,KAAK,EAAE,YAAY,CAAC,CAAC;QACtE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IAEI,KAAK,CAAC,WAAW,CACtB,eAAgC,EAChC,UAAiE,EAAE;QAEnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,2CAA2C,EAC3C,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IACE,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC;gBAC5C,CAAC,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAC5C,CAAC;gBACD,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;gBAC9C,2BAA2B,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,gBAAgB,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBACnD,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC,CAAC,CAAC;YAEH,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CACvD,eAAe,EACf,gBAAgB,CAAC,SAAS,EAAE,EAC5B,cAAc,CACf,CAAC;YAEF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,YAAY,GAAG,0BAA0B,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAEjE,0EAA0E;YAC1E,sEAAsE;YACtE,6EAA6E;YAC7E,OAAO,yBAAyB,CAAe,KAAK,EAAE,YAAY,CAAC,CAAC;QACtE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,+BAA+B,CAC1C,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,iEAAiE,EACjE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACxF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;YACpE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,wEAAwE;YACxE,SAAS;YACT,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAW,CACvC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,wBAAwB,EAAE,OAAO,CAAC,wBAAwB;gBAC1D,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,0BAA0B,CACC,CAAC;YAE9B,MAAM,kBAAkB,GAAG,IAAI,KAAK,EAAqB,CAAC;YAC1D,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;gBAC3C,kBAAkB,CAAC,IAAI,CAAC,+BAA+B,CAAC,GAAG,CAAC,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC;YAEH,OAAO,yBAAyB,CAAsB,KAAK,EAAE,kBAAkB,CAAC,CAAC;QACnF,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACI,KAAK,CAAC,8BAA8B,CACzC,cAAsB,EACtB,UAAkB,EAClB,WAAmB,EACnB,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,gEAAgE,EAChE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,CAAC,CAAC,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,UAAU,IAAI,WAAW,EAAE,CAAC;gBAC9B,2BAA2B,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACjC,MAAM,GAAG,GAAG,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAE9C,MAAM,GAAG,GAAe;gBACtB,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC5B,GAAG,EAAE,GAAG;aACT,CAAC;YAEF,MAAM,OAAO,GAAyC;gBACpD,iBAAiB,EAAE,GAAG;aACvB,CAAC;YAEF,MAAM,YAAY,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBAC/C,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAC9B,OAAO,EACP;oBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;oBAClF,UAAU,EAAE,OAAO,CAAC,UAAU;iBAC/B,EACD,OAAO,CAAC,oCAAoC,CAC7C;gBACD,UAAU,EAAE,UAAU;gBACtB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,GAAG,CACpE,YAAY,CAAC,SAAS,EAAE,EACxB,cAAc,CACf,CAAC;YACF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YACnE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,+DAA+D;YAC/D,MAAM,MAAM,GAAG,gBAAgB,CAAC,WAAW,CACzC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;gBAClF,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,sCAAsC,CACC,CAAC;YAE1C,OAAO,yBAAyB,CAAuC,KAAK,EAAE,MAAM,CAAC,CAAC;QACxF,CAAC,CACF,CAAC;IACJ,CAAC;IAEO,sBAAsB,CAAC,IAAS;QACtC,IAAI,GAAW,CAAC;QAChB,QAAQ,IAAI,CAAC,yBAAyB,EAAE,EAAE,CAAC;YACzC,KAAK,eAAe,CAAC;YACrB,KAAK,eAAe,CAAC;YACrB,KAAK,eAAe;gBAClB,GAAG,GAAG,KAAK,CAAC;gBACZ,MAAM;YACR,KAAK,iBAAiB,CAAC;YACvB,KAAK,iBAAiB;gBACpB,GAAG,GAAG,IAAI,CAAC;gBACX,MAAM;YACR;gBACE,GAAG,GAAG,KAAK,CAAC;gBACZ,MAAM;QACV,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACI,KAAK,CAAC,iCAAiC,CAC5C,cAAsB,EACtB,UAAkB,EAClB,WAAmB,EACnB,UAA4E,EAAE;QAE9E,OAAO,aAAa,CAAC,QAAQ,CAC3B,mEAAmE,EACnE,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,IAAI,CAAC,CAAC,UAAU,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACjE,MAAM,IAAI,KAAK,CACb,8HAA8H,CAC/H,CAAC;YACJ,CAAC;YAED,IAAI,UAAU,IAAI,WAAW,EAAE,CAAC;gBAC9B,2BAA2B,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACjC,MAAM,GAAG,GAAG,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAE9C,MAAM,GAAG,GAAe;gBACtB,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAC5B,GAAG,EAAE,GAAG;aACT,CAAC;YAEF,MAAM,OAAO,GAAyC;gBACpD,iBAAiB,EAAE,GAAG;aACvB,CAAC;YAEF,MAAM,eAAe,GAAG,oBAAoB,CAAC,MAAM,CAAC;gBAClD,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAC9B,OAAO,EACP;oBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;oBAClF,UAAU,EAAE,OAAO,CAAC,UAAU;iBAC/B,EACD,OAAO,CAAC,oCAAoC,CAC7C;gBACD,UAAU,EAAE,UAAU;gBACtB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAC1E,eAAe,CAAC,SAAS,EAAE,EAC3B,cAAc,CACf,CAAC;YACF,qEAAqE;YACrE,sBAAsB;YACtB,MAAM,KAAK,GAAG,IAAI,oBAAoB,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,QAAQ,GAAG,KAAK,CAAC,gBAAgB,CACrC,MAAM,IAAI,CAAC,WAAW,EAAE,EACxB,MAAA,OAAO,CAAC,iBAAiB,mCAAI,IAAI,CAAC,kBAAkB,CACrD,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACtC,CAAC;YAED,+DAA+D;YAC/D,MAAM,MAAM,GAAG,gBAAgB,CAAC,WAAW,CACzC,KAAK,CAAC,OAAO,EAAE,EACf;gBACE,oCAAoC,EAAE,OAAO,CAAC,oCAAoC;gBAClF,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,EACD,sCAAsC,CACC,CAAC;YAE1C,OAAO,yBAAyB,CAAuC,KAAK,EAAE,MAAM,CAAC,CAAC;QACxF,CAAC,CACF,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,WAAW;;QACvB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,QAAQ,CAAC;QACvB,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAwB,IAAI,KAAK,EAAE,CAAC;QACjD,MAAA,IAAI,CAAC,IAAI,0CAAE,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;CAKF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/* eslint-disable @azure/azure-sdk/ts-naming-options */\nimport { GeneratedClient } from \"./generated/generatedClient.js\";\nimport { logger } from \"./logger.js\";\n\nimport type {\n AttestationCertificateManagementBody,\n GeneratedClientOptionalParams,\n JsonWebKey,\n PolicyCertificatesResult,\n} from \"./generated/models/index.js\";\n\nimport { bytesToString } from \"./utils/utf8.js\";\n\nimport type {\n AttestationResponse,\n AttestationSigner,\n AttestationTokenValidationOptions,\n AttestationType,\n PolicyCertificatesModificationResult,\n PolicyResult,\n} from \"./models/index.js\";\nimport { StoredAttestationPolicy } from \"./models/storedAttestationPolicy.js\";\n\nimport type { CommonClientOptions, OperationOptions } from \"@azure/core-client\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { TypeDeserializer } from \"./utils/typeDeserializer.js\";\nimport * as Mappers from \"./generated/models/mappers.js\";\n\n// eslint-disable-next-line @typescript-eslint/triple-slash-reference\n/// <reference path=\"../jsrsasign.d.ts\"/>\nimport * as jsrsasign from \"jsrsasign\";\nimport { hexToBase64 } from \"./utils/helpers.js\";\nimport { _policyResultFromGenerated } from \"./models/policyResult.js\";\nimport { _attestationSignerFromGenerated } from \"./models/attestationSigner.js\";\nimport { verifyAttestationSigningKey } from \"./utils/helpers.js\";\nimport { createAttestationResponse } from \"./models/attestationResponse.js\";\nimport { AttestationTokenImpl } from \"./models/attestationToken.js\";\nimport { tracingClient } from \"./generated/tracing.js\";\n\n/**\n * Attestation Client Construction Options.\n */\nexport interface AttestationAdministrationClientOptions extends CommonClientOptions {\n /**\n * Options to be used globally to validate attestation tokens received from\n * the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the Attestation Administration Client operations.\n */\nexport interface AttestationAdministrationClientOperationOptions extends OperationOptions {\n /**\n * Options to be used globally to validate attestation tokens received from\n * the attestation service.\n */\n validationOptions?: AttestationTokenValidationOptions;\n}\n\n/**\n * Operation options for the administration Policy operations.\n */\nexport interface AttestationAdministrationClientPolicyOperationOptions\n extends AttestationAdministrationClientOperationOptions {\n /**\n * Optional Private key used to sign the token sent to the attestation service.\n *\n * Required for Isolated Mode attestation instances.\n */\n privateKey?: string;\n\n /**\n * Optional certificate which can validate the token sent to the attestation service.\n *\n * Required for Isolated Mode attestation instances.\n *\n * If the service instance is in Isolated mode, the certificate *must* be one\n * of the configured policy management certificates.\n */\n certificate?: string;\n}\n\n/**\n * Operation options for the Policy Certificates operations.\n */\nexport interface AttestationAdministrationClientPolicyCertificateOperationOptions\n extends AttestationAdministrationClientOperationOptions {}\n\n/**\n * Attestation Client class.\n *\n * The AttestationClient class enables access to the Attestation related APIs:\n *\n * - getPolicy\n * - setPolicy\n * - resetPolicy\n * - getPolicyManagementCertificates\n * - addPolicyManagementCertificate\n * - removePolicyManagementCertificate\n */\nexport class AttestationAdministrationClient {\n /**\n * Creates an instance of AttestationAdministrationClient.\n *\n * Example usage:\n * ```ts\n * import { AttestationAdministrationClient } from \"@azure/attestation\";\n *\n * const client = new AttestationAdministrationClient(\n * \"<service endpoint>\",\n * new TokenCredential(\"<>\")\n * );\n * ```\n *\n * @param endpoint - The attestation instance endpoint, for example https://mytenant.attest.azure.net.\n * @param credential - Used to authenticate requests to the service.\n * @param options - Used to configure the Form Recognizer client.\n */\n\n constructor(\n endpoint: string,\n credentials: TokenCredential,\n options: AttestationAdministrationClientOptions = {},\n ) {\n this._validationOptions = options.validationOptions;\n\n const internalPipelineOptions: GeneratedClientOptionalParams = {\n ...options,\n ...{\n credential: credentials,\n credentialScopes: [\"https://attest.azure.net/.default\"],\n loggingOptions: {\n logger: logger.info,\n allowedHeaderNames: [\"x-ms-request-id\", \"x-ms-maa-service-version\"],\n },\n },\n };\n\n this._client = new GeneratedClient(endpoint, internalPipelineOptions);\n }\n\n /**\n * Retrieves the attestation policy document from the server, and returns it\n * to the caller.\n *\n * @param attestationType - AttestationType for which to retrieve policy.\n * @param options - Pipeline and client options for the `getPolicy` call.\n * @returns `AttestationResponse<string>` - the `value` property is the\n * attestation policy, the `token` property will be the actual token\n * returned by the attestation service.\n */\n public async getPolicy(\n attestationType: AttestationType,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<string>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-getPolicy\",\n options,\n async (updatedOptions) => {\n const getPolicyResult = await this._client.policy.get(attestationType, updatedOptions);\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(getPolicyResult.token);\n\n // Validate the token returned from the service.\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n if (!policyResult.policy) {\n throw Error(\"Server returned an invalid getPolicy response!\");\n }\n\n const policyToken = new AttestationTokenImpl(policyResult.policy);\n\n const storedPolicy = StoredAttestationPolicy.deserialize(policyToken.getBody());\n\n // Finally, retrieve the stored attestationPolicy value and return that\n // as the AttestationResponse to the caller.\n return createAttestationResponse<string>(\n token,\n bytesToString(storedPolicy.attestationPolicy),\n );\n },\n );\n }\n\n /**\n * Sets the attestation policy for the specified {@link attestationType}.\n *\n * @param attestationType - Attestation Type for which to set policy.\n * @param newPolicyDocument - Policy document to be set.\n * @param options - call options.\n * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.\n * Clients can use the PolicyResult to validate that the policy was actually\n * set by the attestation service.\n *\n * @remarks\n *\n * Please note that if the attestation service instance is running in \"Isolated\"\n * mode, the {@link signingKey} must be one of the signing keys configured for the\n * service instance.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n public async setPolicy(\n attestationType: AttestationType,\n newPolicyDocument: string,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<PolicyResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-setPolicy\",\n options,\n async (updatedOptions) => {\n if (\n (!options.privateKey && options.certificate) ||\n (options.privateKey && !options.certificate)\n ) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (options.privateKey && options.certificate) {\n verifyAttestationSigningKey(options.privateKey, options.certificate);\n }\n\n const storedAttestationPolicy = new StoredAttestationPolicy(newPolicyDocument).serialize();\n const setPolicyToken = AttestationTokenImpl.create({\n body: storedAttestationPolicy,\n ...options,\n });\n\n const setPolicyResult = await this._client.policy.set(\n attestationType,\n setPolicyToken.serialize(),\n updatedOptions,\n );\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(setPolicyResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n return createAttestationResponse<PolicyResult>(token, policyResult);\n },\n );\n }\n\n /**\n * Resets the attestation policy for the specified {@link attestationType} to\n * the default value.\n *\n * @param attestationType - Attestation Type for which to set policy.\n * @param options - call options.\n * @returns An {@link AttestationResponse} wrapping a {@link PolicyResult}.\n * Clients can use the PolicyResult to validate that the policy was actually\n * reset by the attestation service.\n *\n * @remarks\n *\n * Please note that if the attestation service instance is running in \"Isolated\"\n * mode, the {@link signingKey} must be one of the signing keys configured for the\n * service instance.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n\n public async resetPolicy(\n attestationType: AttestationType,\n options: AttestationAdministrationClientPolicyOperationOptions = {},\n ): Promise<AttestationResponse<PolicyResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-setPolicy\",\n options,\n async (updatedOptions) => {\n if (\n (!options.privateKey && options.certificate) ||\n (options.privateKey && !options.certificate)\n ) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (options.privateKey && options.certificate) {\n verifyAttestationSigningKey(options.privateKey, options.certificate);\n }\n\n const resetPolicyToken = AttestationTokenImpl.create({\n privateKey: options.privateKey,\n certificate: options.certificate,\n });\n\n const resetPolicyResult = await this._client.policy.reset(\n attestationType,\n resetPolicyToken.serialize(),\n updatedOptions,\n );\n\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(resetPolicyResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const policyResult = _policyResultFromGenerated(token.getBody());\n\n // The policyResult.policy value will be a JSON Web Signature representing\n // the actual policy object being retrieved. Serialize the token to an\n // AttestationToken object so we can access the body properties on the token.\n return createAttestationResponse<PolicyResult>(token, policyResult);\n },\n );\n }\n\n /** Returns the set of policy management certificates for this attestation instance.\n *\n * @remarks If the attestation instance is not in `Isolated` mode, this list will\n * always be empty.\n *\n * @param options - Options for the call to the attestation service.\n * @returns AttestationResponse wrapping a list of Attestation Signers.\n */\n public async getPolicyManagementCertificates(\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<AttestationSigner[]>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-getPolicyManagementCertificates\",\n options,\n async (updatedOptions) => {\n const getCertificatesResult = await this._client.policyCertificates.get(updatedOptions);\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(getCertificatesResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyResult object to retrieve the underlying policy\n // token\n const jwks = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesResult: Mappers.PolicyCertificatesResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesResult\",\n ) as PolicyCertificatesResult;\n\n const policyCertificates = new Array<AttestationSigner>();\n jwks.policyCertificates.keys.forEach((jwk) => {\n policyCertificates.push(_attestationSignerFromGenerated(jwk));\n });\n\n return createAttestationResponse<AttestationSigner[]>(token, policyCertificates);\n },\n );\n }\n\n /** Add a new certificate chain to the set of policy management certificates.\n *\n * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.\n * @param privateKey - Existing attestation private key used to sign the incoming request.\n * @param certificate - Existing attestation certificate used to verify the incoming request.\n * @param options - Options used in the call to the service.\n * @returns An attestation response including a PolicyCertificatesModificationResult\n *\n * @remarks This API is only supported on `isolated` attestation instances.\n *\n * The signing key MUST be one of the existing attestation signing certificates. The\n * new pemCertificate is signed using the signingKey and the service will validate the\n * signature before allowing the addition.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n *\n */\n public async addPolicyManagementCertificate(\n pemCertificate: string,\n privateKey: string,\n certificate: string,\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<PolicyCertificatesModificationResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-addPolicyManagementCertificate\",\n options,\n async (updatedOptions) => {\n if ((!privateKey && certificate) || (privateKey && !certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (privateKey && certificate) {\n verifyAttestationSigningKey(privateKey, certificate);\n }\n\n const cert = new jsrsasign.X509();\n cert.readCertPEM(pemCertificate);\n const kty = this.keyTypeFromCertificate(cert);\n\n const jwk: JsonWebKey = {\n x5C: [hexToBase64(cert.hex)],\n kty: kty,\n };\n\n const addBody: AttestationCertificateManagementBody = {\n policyCertificate: jwk,\n };\n\n const addCertToken = AttestationTokenImpl.create({\n body: TypeDeserializer.serialize(\n addBody,\n {\n AttestationCertificateManagementBody: Mappers.AttestationCertificateManagementBody,\n JsonWebKey: Mappers.JsonWebKey,\n },\n Mappers.AttestationCertificateManagementBody,\n ),\n privateKey: privateKey,\n certificate: certificate,\n });\n\n const addCertificateResult = await this._client.policyCertificates.add(\n addCertToken.serialize(),\n updatedOptions,\n );\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(addCertificateResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyCertificatesModificationResult object.\n const result = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesModificationResult: Mappers.PolicyCertificatesModificationResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesModificationResult\",\n ) as PolicyCertificatesModificationResult;\n\n return createAttestationResponse<PolicyCertificatesModificationResult>(token, result);\n },\n );\n }\n\n private keyTypeFromCertificate(cert: any): string {\n let kty: string;\n switch (cert.getSignatureAlgorithmName()) {\n case \"SHA256withRSA\":\n case \"SHA384withRSA\":\n case \"SHA512withRSA\":\n kty = \"RSA\";\n break;\n case \"SHA256withECDSA\":\n case \"SHA384withECDSA\":\n kty = \"EC\";\n break;\n default:\n kty = \"RSA\";\n break;\n }\n return kty;\n }\n\n /** Add a new certificate chain to the set of policy management certificates.\n *\n * @param pemCertificate - PEM encoded certificate to add to the set of policy management certificates.\n * @param privateKey - Existing attestation private key used to sign the incoming request.\n * @param certificate - Existing attestation certificate used to verify the incoming request.\n * @param options - Options used in the call to the service.\n * @returns An attestation response including a PolicyCertificatesModificationResult\n *\n * @remarks This API is only supported on `isolated` attestation instances.\n *\n * The signing key MUST be one of the existing attestation signing certificates. The\n * new pemCertificate is signed using the signingKey and the service will validate the\n * signature before allowing the addition.\n *\n * @throws {@link Error} when a private key is specified without a certificate and vice versa.\n * @throws {@link Error} when the key in the certificate provided does not match the private key.\n */\n public async removePolicyManagementCertificate(\n pemCertificate: string,\n privateKey: string,\n certificate: string,\n options: AttestationAdministrationClientPolicyCertificateOperationOptions = {},\n ): Promise<AttestationResponse<PolicyCertificatesModificationResult>> {\n return tracingClient.withSpan(\n \"AttestationAdministrationClient-removePolicyManagementCertificate\",\n options,\n async (updatedOptions) => {\n if ((!privateKey && certificate) || (privateKey && !certificate)) {\n throw new Error(\n \"If privateKey is specified, certificate must also be provided. If certificate is provided, privateKey must also be provided.\",\n );\n }\n\n if (privateKey && certificate) {\n verifyAttestationSigningKey(privateKey, certificate);\n }\n\n const cert = new jsrsasign.X509();\n cert.readCertPEM(pemCertificate);\n const kty = this.keyTypeFromCertificate(cert);\n\n const jwk: JsonWebKey = {\n x5C: [hexToBase64(cert.hex)],\n kty: kty,\n };\n\n const addBody: AttestationCertificateManagementBody = {\n policyCertificate: jwk,\n };\n\n const removeCertToken = AttestationTokenImpl.create({\n body: TypeDeserializer.serialize(\n addBody,\n {\n AttestationCertificateManagementBody: Mappers.AttestationCertificateManagementBody,\n JsonWebKey: Mappers.JsonWebKey,\n },\n Mappers.AttestationCertificateManagementBody,\n ),\n privateKey: privateKey,\n certificate: certificate,\n });\n\n const removeCertificateResult = await this._client.policyCertificates.remove(\n removeCertToken.serialize(),\n updatedOptions,\n );\n // The attestation token returned from the service has a PolicyResult\n // object as the body.\n const token = new AttestationTokenImpl(removeCertificateResult.token);\n const problems = token.getTokenProblems(\n await this.signingKeys(),\n options.validationOptions ?? this._validationOptions,\n );\n if (problems.length) {\n throw new Error(problems.join(\";\"));\n }\n\n // Deserialize the PolicyCertificatesModificationResult object.\n const result = TypeDeserializer.deserialize(\n token.getBody(),\n {\n PolicyCertificatesModificationResult: Mappers.PolicyCertificatesModificationResult,\n JsonWebKeySet: Mappers.JsonWebKeySet,\n JsonWebKey: Mappers.JsonWebKey,\n },\n \"PolicyCertificatesModificationResult\",\n ) as PolicyCertificatesModificationResult;\n\n return createAttestationResponse<PolicyCertificatesModificationResult>(token, result);\n },\n );\n }\n\n private async signingKeys(): Promise<AttestationSigner[]> {\n if (this._signers !== undefined) {\n return this._signers;\n }\n const jwks = await this._client.signingCertificates.get();\n const signers: AttestationSigner[] = new Array();\n jwks.keys?.forEach((element) => {\n signers.push(_attestationSignerFromGenerated(element));\n });\n this._signers = signers;\n return this._signers;\n }\n\n private _client: GeneratedClient;\n private _signers?: AttestationSigner[];\n private _validationOptions?: AttestationTokenValidationOptions;\n}\n"]}