@reclaimprotocol/attestor-core 4.0.3 → 5.0.1-beta.2

package/lib/server/utils/gcp-attestation.js

@@ -0,0 +1,237 @@
+import crypto, { X509Certificate } from "crypto";
+let gcpKeysCache = null;
+let gcpKeysCacheTime = 0;
+const GCP_KEYS_CACHE_TTL = 36e5;
+const GCP_CONFIDENTIAL_SPACE_ROOT_CA = `-----BEGIN CERTIFICATE-----
+MIIGCDCCA/CgAwIBAgITYBvRy5g9aYYMh7tJS7pFwafL6jANBgkqhkiG9w0BAQsF
+ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT
+DU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBMTEMxFTATBgNVBAsTDEdv
+b2dsZSBDbG91ZDEjMCEGA1UEAxMaQ29uZmlkZW50aWFsIFNwYWNlIFJvb3QgQ0Ew
+HhcNMjQwMTE5MjIxMDUwWhcNMzQwMTE2MjIxMDQ5WjCBizELMAkGA1UEBhMCVVMx
+EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzAR
+BgNVBAoTCkdvb2dsZSBMTEMxFTATBgNVBAsTDEdvb2dsZSBDbG91ZDEjMCEGA1UE
+AxMaQ29uZmlkZW50aWFsIFNwYWNlIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCvRuZasczAqhMZe1ODHJ6MFLX8EYVV+RN7xiO9GpuA53iz
+l9Oxgp3NXik3FbYn+7bcIkMMSQpCr6K0jbSQCZT6d5P5PJT5DpNGYjLHkW67/fl+
+Bu7eSMb0qRCa1jS+3OhNK7t7SIaHm1XdmSRghjwoglKRuk3CGrF4Zia9RcE/p2MU
+69GyJZpqHYwTplNr3x4zF+2nJk86GywDP+sGwSPWfcmqY04VQD7ZPDEZZ/qgzdoL
+5ilE92eQnAsy+6m6LxBEHHVcFpfDtNVUIt2VMCWLBeOKUQcn5js756xblInqw/Qt
+QRR0An0yfRjBuGvmMjAwETDo5ETY/fc+nbQVYJzNQTc9EOpFFWPpw/ZjFcN9Amnd
+dxYUETFXPmBYerMez0LKNtGpfKYHHhMMTI3mj0m/V9fCbfh2YbBUnMS2Swd20YSI
+Mi/HiGaqOpGUqXMeQVw7phGTS3QYK8ZM65sC/QhIQzXdsiLDgFBitVnlIu3lIv6C
+uiHvXeSJBRlRxQ8Vu+t6J7hBdl0etWBKAu9Vti46af5cjC03dspkHR3MAUGcrLWE
+TkQ0msQAKvIAlwyQRLuQOI5D6pF+6af1Nbl+vR7sLCbDWdMqm1E9X6KyFKd6e3rn
+E9O4dkFJp35WvR2gqIAkUoa+Vq1MXLFYG4imanZKH0igrIblbawRCr3Gr24FXQID
+AQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQUF+fBOE6Th1snpKuvIb6S8/mtPL4wHwYDVR0jBBgwFoAUF+fBOE6Th1snpKuv
+Ib6S8/mtPL4wDQYJKoZIhvcNAQELBQADggIBAGtCuV5eHxWcffylK9GPumaD6Yjd
+cs76KDBe3mky5ItBIrEOeZq3z47zM4dbKZHhFuoq4yAaO1MyApnG0w9wIQLBDndI
+ovtkw6j9/64aqPWpNaoB5MB0SahCUCgI83Dx9SRqGmjPI/MTMfwDLdE5EF9gFmVI
+oH62YnG2aa/sc6m/8wIK8WtTJazEI16/8GPG4ZUhwT6aR3IGGnEBPMbMd5VZQ0Hw
+VbHBKWK3UykaSCxnEg8uaNx/rhNaOWuWtos4qL00dYyGV7ZXg4fpAq7244QUgkWV
+AtVcU2SPBjDd30OFHASnenDHRzQdOtHaxLp4a4WaY3jb2V6Sn3LfE8zSy6GevxmN
+COIWW3xnPF8rwKz4ABEPqECe37zzu3W1nzZAFtdkhPBNnlWYkIusTMtU+8v6EPKp
+GIIRphpaDhtGPJQukpENOfk2728lenPycRfjxwA96UKWq0dKZC45MwBEK9Jngn8Q
+cPmpPmx7pSMkSxEX2Vos2JNaNmCKJd2VaXz8M6F2cxscRdh9TbAYAjGEEjE1nLUH
+2YHDS8Y7xYNFIDSFaJAlqGcCUbzjGhrwHGj4voTe9ZvlmngrcA/ptSuBidvsnRDw
+kNPLowCd0NqxYYSLNL7GroYCFPxoBpr+++4vsCaXalbs8iJxdU2EPqG4MB4xWKYg
+uyT5CnJulxSC5CT1
+-----END CERTIFICATE-----`;
+function base64urlDecode(input) {
+  let base64 = input.replace(/-/g, "+").replace(/_/g, "/");
+  while (base64.length % 4) {
+    base64 += "=";
+  }
+  return Buffer.from(base64, "base64");
+}
+async function fetchGooglePublicKeys(logger) {
+  const now = Date.now();
+  if (gcpKeysCache && now - gcpKeysCacheTime < GCP_KEYS_CACHE_TTL) {
+    if (logger) {
+      logger.debug("Using cached Google public keys");
+    }
+    return gcpKeysCache;
+  }
+  if (logger) {
+    logger.info("Fetching Google public keys from https://www.googleapis.com/oauth2/v3/certs");
+  }
+  const response = await fetch("https://www.googleapis.com/oauth2/v3/certs");
+  if (!response.ok) {
+    throw new Error(`Failed to fetch Google keys: ${response.status} ${response.statusText}`);
+  }
+  const keys = await response.json();
+  gcpKeysCache = keys;
+  gcpKeysCacheTime = now;
+  if (logger) {
+    logger.info(`Fetched ${keys.keys.length} Google public keys`);
+  }
+  return keys;
+}
+function jwkToPublicKey(jwk) {
+  return crypto.createPublicKey({
+    key: {
+      kty: "RSA",
+      n: jwk.n,
+      e: jwk.e
+    },
+    format: "jwk"
+  });
+}
+function verifyX5cChain(x5cChain, logger) {
+  if (!x5cChain || x5cChain.length === 0) {
+    throw new Error("Empty x5c certificate chain");
+  }
+  const leafCertPem = `-----BEGIN CERTIFICATE-----
+${x5cChain[0]}
+-----END CERTIFICATE-----`;
+  const leafCert = new X509Certificate(leafCertPem);
+  if (logger) {
+    logger.info(`x5c leaf certificate: subject=${leafCert.subject}, issuer=${leafCert.issuer}`);
+  }
+  const rootCert = new X509Certificate(GCP_CONFIDENTIAL_SPACE_ROOT_CA);
+  let currentCert = leafCert;
+  for (let i = 1; i < x5cChain.length; i++) {
+    const intermediatePem = `-----BEGIN CERTIFICATE-----
+${x5cChain[i]}
+-----END CERTIFICATE-----`;
+    const intermediateCert = new X509Certificate(intermediatePem);
+    const isValid = currentCert.verify(intermediateCert.publicKey);
+    if (!isValid) {
+      throw new Error(`Certificate chain verification failed at level ${i}`);
+    }
+    if (logger) {
+      logger.debug(`Verified cert level ${i}: ${intermediateCert.subject}`);
+    }
+    currentCert = intermediateCert;
+  }
+  const isRootValid = currentCert.verify(rootCert.publicKey);
+  if (!isRootValid) {
+    throw new Error("Certificate chain does not root to GCP Confidential Space Root CA");
+  }
+  if (logger) {
+    logger.info("x5c certificate chain verified successfully");
+  }
+  return leafCert.publicKey;
+}
+async function validateGcpAttestationAndExtractKey(attestationBytes, logger) {
+  const errors = [];
+  try {
+    const jwtString = Buffer.from(attestationBytes).toString("utf8");
+    const parts = jwtString.split(".");
+    if (parts.length !== 3) {
+      errors.push("Invalid JWT format: expected 3 parts");
+      return { isValid: false, errors };
+    }
+    const [headerB64, payloadB64, signatureB64] = parts;
+    const headerJson = base64urlDecode(headerB64).toString("utf8");
+    const payloadJson = base64urlDecode(payloadB64).toString("utf8");
+    const header = JSON.parse(headerJson);
+    const payload = JSON.parse(payloadJson);
+    if (logger) {
+      logger.info(`GCP JWT header: kid=${header.kid}, alg=${header.alg}`);
+      logger.info(`GCP JWT payload: iss=${payload.iss}, aud=${payload.aud}`);
+    }
+    const now = Math.floor(Date.now() / 1e3);
+    const validIssuers = [
+      "https://accounts.google.com",
+      "https://confidentialcomputing.googleapis.com"
+    ];
+    if (!validIssuers.includes(payload.iss)) {
+      errors.push(`Invalid issuer: expected one of ${validIssuers.join(", ")}, got "${payload.iss}"`);
+    }
+    if (payload.exp <= now) {
+      errors.push(`Token expired: exp=${payload.exp}, now=${now}`);
+    }
+    if (payload.iat > now + 60) {
+      errors.push(`Token issued in future: iat=${payload.iat}, now=${now}`);
+    }
+    const hasReclaimAudience = payload.aud?.includes("reclaimprotocol.org");
+    const hasGcpStsAudience = payload.aud?.includes("sts.googleapis.com");
+    if (!hasReclaimAudience && !hasGcpStsAudience) {
+      errors.push(`Invalid audience: expected "reclaimprotocol.org" or "sts.googleapis.com", got "${payload.aud}"`);
+    }
+    if (errors.length > 0) {
+      return { isValid: false, errors };
+    }
+    let publicKey;
+    if (header.x5c && header.x5c.length > 0) {
+      if (logger) {
+        logger.info(`Using x5c certificate chain (${header.x5c.length} certificates)`);
+      }
+      publicKey = verifyX5cChain(header.x5c, logger);
+    } else if (header.kid) {
+      if (logger) {
+        logger.info(`Using OIDC token with kid: ${header.kid}`);
+      }
+      const jwks = await fetchGooglePublicKeys(logger);
+      const jwk = jwks.keys.find((k) => k.kid === header.kid);
+      if (!jwk) {
+        errors.push(`No public key found for kid: ${header.kid}`);
+        return { isValid: false, errors };
+      }
+      publicKey = jwkToPublicKey(jwk);
+    } else {
+      errors.push("JWT header must contain either x5c or kid field");
+      return { isValid: false, errors };
+    }
+    const signedData = `${headerB64}.${payloadB64}`;
+    const signature = base64urlDecode(signatureB64);
+    const verify = crypto.createVerify("RSA-SHA256");
+    verify.update(signedData);
+    const isSignatureValid = verify.verify(publicKey, signature);
+    if (!isSignatureValid) {
+      errors.push("Signature verification failed");
+      return { isValid: false, errors };
+    }
+    if (logger) {
+      logger.info("GCP JWT signature verified successfully");
+    }
+    if (!payload.eat_nonce) {
+      errors.push("No eat_nonce field found in JWT payload");
+      return { isValid: false, errors };
+    }
+    const match = payload.eat_nonce.match(/^(tee_[kt])_public_key:0x([0-9a-fA-F]{40})$/);
+    if (!match) {
+      errors.push(`Invalid eat_nonce format: ${payload.eat_nonce}`);
+      return { isValid: false, errors };
+    }
+    const userDataType = match[1];
+    const hexAddress = match[2];
+    const ethAddress = new Uint8Array(Buffer.from(hexAddress, "hex"));
+    if (logger) {
+      logger.info(`Extracted address from eat_nonce: ${payload.eat_nonce}`);
+    }
+    let pcr0 = "gcp-no-digest";
+    if (payload.google?.compute_engine?.image_digest) {
+      pcr0 = payload.google.compute_engine.image_digest;
+    } else if (payload.submods?.container?.image_digest) {
+      pcr0 = payload.submods.container.image_digest;
+    }
+    if (payload.dbgstat === "enabled" && pcr0.startsWith("sha256:")) {
+      pcr0 = "debug_" + pcr0;
+    }
+    const envVars = payload.submods?.container?.env || {};
+    if (logger) {
+      const hexAddr = Buffer.from(ethAddress).toString("hex");
+      logger.info(`Extracted ETH address from GCP attestation: 0x${hexAddr}, type: ${userDataType}, pcr0: ${pcr0}`);
+      if (Object.keys(envVars).length > 0) {
+        logger.debug(`Environment variables: ${Object.keys(envVars).join(", ")}`);
+      }
+    }
+    return {
+      isValid: true,
+      errors: [],
+      ethAddress,
+      userDataType,
+      pcr0,
+      envVars
+    };
+  } catch (error) {
+    const errorMsg = error instanceof Error ? error.message : String(error);
+    errors.push(`GCP attestation validation error: ${errorMsg}`);
+    return { isValid: false, errors };
+  }
+}
+export {
+  validateGcpAttestationAndExtractKey
+};

package/lib/server/utils/generics.d.ts

@@ -1,5 +1,5 @@
-import { IncomingMessage } from 'http';
-import { ServiceSignatureType } from '../../proto/api';
+import type { IncomingMessage } from 'http';
+import type { ServiceSignatureType } from '#src/proto/api.ts';
 /**
  * Sign message using the PRIVATE_KEY env var.
  */
@@ -19,4 +19,4 @@ export declare function niceParseJsonObject(data: string, key: string): any;
  * Extract any initial messages sent via the query string,
  * in the `messages` parameter.
  */
-export declare function getInitialMessagesFromQuery(req: IncomingMessage): import("../../proto/api").RPCMessage[];
+export declare function getInitialMessagesFromQuery(req: IncomingMessage): import("#src/proto/api.ts").RPCMessage[];

package/lib/server/utils/generics.js

@@ -1,59 +1,45 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.signAsAttestor = signAsAttestor;
-exports.getAttestorAddress = getAttestorAddress;
-exports.niceParseJsonObject = niceParseJsonObject;
-exports.getInitialMessagesFromQuery = getInitialMessagesFromQuery;
-const tls_1 = require("@reclaimprotocol/tls");
-const api_1 = require("../../proto/api");
-const utils_1 = require("../../utils");
-const env_1 = require("../../utils/env");
-const signatures_1 = require("../../utils/signatures");
-const PRIVATE_KEY = (0, env_1.getEnvVariable)('PRIVATE_KEY');
-/**
- * Sign message using the PRIVATE_KEY env var.
- */
+import { RPCMessages } from "../../proto/api.js";
+import { getEnvVariable } from "../../utils/env.js";
+import { AttestorError, strToUint8Array } from "../../utils/index.js";
+import { SIGNATURES } from "../../utils/signatures/index.js";
+const PRIVATE_KEY = getEnvVariable("PRIVATE_KEY");
 function signAsAttestor(data, scheme) {
-    const { sign } = signatures_1.SIGNATURES[scheme];
-    return sign(typeof data === 'string' ? (0, tls_1.strToUint8Array)(data) : data, PRIVATE_KEY);
+  const { sign } = SIGNATURES[scheme];
+  return sign(
+    typeof data === "string" ? strToUint8Array(data) : data,
+    PRIVATE_KEY
+  );
 }
-/**
- * Obtain the address on chain, from the PRIVATE_KEY env var.
- */
 function getAttestorAddress(scheme) {
-    const { getAddress, getPublicKey } = signatures_1.SIGNATURES[scheme];
-    const publicKey = getPublicKey(PRIVATE_KEY);
-    return getAddress(publicKey);
+  const { getAddress, getPublicKey } = SIGNATURES[scheme];
+  const publicKey = getPublicKey(PRIVATE_KEY);
+  return getAddress(publicKey);
 }
-/**
- * Nice parse JSON with a key.
- * If the data is empty, returns an empty object.
- * And if the JSON is invalid, throws a bad request error,
- * with the key in the error message.
- */
 function niceParseJsonObject(data, key) {
-    if (!data) {
-        return {};
-    }
-    try {
-        return JSON.parse(data);
-    }
-    catch (e) {
-        throw utils_1.AttestorError.badRequest(`Invalid JSON in ${key}: ${e.message}`);
-    }
+  if (!data) {
+    return {};
+  }
+  try {
+    return JSON.parse(data);
+  } catch (e) {
+    throw AttestorError.badRequest(
+      `Invalid JSON in ${key}: ${e.message}`
+    );
+  }
 }
-/**
- * Extract any initial messages sent via the query string,
- * in the `messages` parameter.
- */
 function getInitialMessagesFromQuery(req) {
-    const url = new URL(req.url, 'http://localhost');
-    const messagesB64 = url.searchParams.get('messages');
-    if (!(messagesB64 === null || messagesB64 === void 0 ? void 0 : messagesB64.length)) {
-        return [];
-    }
-    const msgsBytes = Buffer.from(messagesB64, 'base64');
-    const msgs = api_1.RPCMessages.decode(msgsBytes);
-    return msgs.messages;
+  const url = new URL(req.url, "http://localhost");
+  const messagesB64 = url.searchParams.get("messages");
+  if (!messagesB64?.length) {
+    return [];
+  }
+  const msgsBytes = Buffer.from(messagesB64, "base64");
+  const msgs = RPCMessages.decode(msgsBytes);
+  return msgs.messages;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2VuZXJpY3MuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2VydmVyL3V0aWxzL2dlbmVyaWNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBWUEsd0NBU0M7QUFLRCxnREFJQztBQVFELGtEQVlDO0FBTUQsa0VBVUM7QUFsRUQsOENBQXNEO0FBRXRELHVDQUFpRTtBQUNqRSxxQ0FBeUM7QUFDekMsdUNBQThDO0FBQzlDLHFEQUFpRDtBQUVqRCxNQUFNLFdBQVcsR0FBRyxJQUFBLG9CQUFjLEVBQUMsYUFBYSxDQUFFLENBQUE7QUFFbEQ7O0dBRUc7QUFDSCxTQUFnQixjQUFjLENBQzdCLElBQXlCLEVBQ3pCLE1BQTRCO0lBRTVCLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyx1QkFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQ25DLE9BQU8sSUFBSSxDQUNWLE9BQU8sSUFBSSxLQUFLLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBQSxxQkFBZSxFQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQ3ZELFdBQVcsQ0FDWCxDQUFBO0FBQ0YsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBZ0Isa0JBQWtCLENBQUMsTUFBNEI7SUFDOUQsTUFBTSxFQUFFLFVBQVUsRUFBRSxZQUFZLEVBQUUsR0FBRyx1QkFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFBO0lBQ3ZELE1BQU0sU0FBUyxHQUFHLFlBQVksQ0FBQyxXQUFXLENBQUMsQ0FBQTtJQUMzQyxPQUFPLFVBQVUsQ0FBQyxTQUFTLENBQUMsQ0FBQTtBQUM3QixDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxTQUFnQixtQkFBbUIsQ0FBQyxJQUFZLEVBQUUsR0FBVztJQUM1RCxJQUFHLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDVixPQUFPLEVBQUUsQ0FBQTtJQUNWLENBQUM7SUFFRCxJQUFJLENBQUM7UUFDSixPQUFPLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUE7SUFDeEIsQ0FBQztJQUFDLE9BQU0sQ0FBQyxFQUFFLENBQUM7UUFDWCxNQUFNLHFCQUFhLENBQUMsVUFBVSxDQUM3QixtQkFBbUIsR0FBRyxLQUFLLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FDdEMsQ0FBQTtJQUNGLENBQUM7QUFDRixDQUFDO0FBRUQ7OztHQUdHO0FBQ0gsU0FBZ0IsMkJBQTJCLENBQUMsR0FBb0I7SUFDL0QsTUFBTSxHQUFHLEdBQUcsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLEdBQUksRUFBRSxrQkFBa0IsQ0FBQyxDQUFBO0lBQ2pELE1BQU0sV0FBVyxHQUFHLEdBQUcsQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFBO0lBQ3BELElBQUcsQ0FBQyxDQUFBLFdBQVcsYUFBWCxXQUFXLHVCQUFYLFdBQVcsQ0FBRSxNQUFNLENBQUEsRUFBRSxDQUFDO1FBQ3pCLE9BQU8sRUFBRSxDQUFBO0lBQ1YsQ0FBQztJQUVELE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxDQUFBO0lBQ3BELE1BQU0sSUFBSSxHQUFHLGlCQUFXLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBQzFDLE9BQU8sSUFBSSxDQUFDLFFBQVEsQ0FBQTtBQUNyQixDQUFDIn0=
+export {
+  getAttestorAddress,
+  getInitialMessagesFromQuery,
+  niceParseJsonObject,
+  signAsAttestor
+};