@reclaimprotocol/attestor-core 5.0.7 → 5.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,165 @@
1
+ import { BinaryReader, BinaryWriter } from "@bufbuild/protobuf/wire";
2
+ export declare const protobufPackage = "tdx";
3
+ export interface QuoteV4 {
4
+ /** Header of quote structure */
5
+ header: Header | undefined;
6
+ /** TD report by which quote is generated */
7
+ tdQuoteBody: TDQuoteBody | undefined;
8
+ /** Size of the Quote Signature Data structure */
9
+ signedDataSize: number;
10
+ /** Quote Signature Data structure. */
11
+ signedData: Ecdsa256BitQuoteV4AuthData | undefined;
12
+ /** Extra bytes included to fill the quote buffer */
13
+ extraBytes: Uint8Array;
14
+ }
15
+ export interface Header {
16
+ /** Version 4 supported */
17
+ version: number;
18
+ /**
19
+ * Type of attestation key used by quoting enclave
20
+ * Values :
21
+ * 2 (ECDSA-256-with-P-256 curve)
22
+ * 3 (ECDSA-384-with-P-384 curve) (Currently not supported)
23
+ */
24
+ attestationKeyType: number;
25
+ /**
26
+ * TEE for this attestation
27
+ * TDX : 0x00000081
28
+ */
29
+ teeType: number;
30
+ /** should be 2 bytes */
31
+ qeSvn: Uint8Array;
32
+ /** should be 2 bytes */
33
+ pceSvn: Uint8Array;
34
+ /** Unique vendor id of QE vendor */
35
+ qeVendorId: Uint8Array;
36
+ /** Custom user defined data */
37
+ userData: Uint8Array;
38
+ }
39
+ export interface TDQuoteBody {
40
+ /** should be 16 bytes */
41
+ teeTcbSvn: Uint8Array;
42
+ /** should be 48 bytes */
43
+ mrSeam: Uint8Array;
44
+ /** should be 48 bytes */
45
+ mrSignerSeam: Uint8Array;
46
+ /** should be 8 bytes */
47
+ seamAttributes: Uint8Array;
48
+ /** should be 8 bytes */
49
+ tdAttributes: Uint8Array;
50
+ /** should be 8 bytes */
51
+ xfam: Uint8Array;
52
+ /** should be 48 bytes */
53
+ mrTd: Uint8Array;
54
+ /** should be 48 bytes */
55
+ mrConfigId: Uint8Array;
56
+ /** should be 48 bytes */
57
+ mrOwner: Uint8Array;
58
+ /** should be 48 bytes */
59
+ mrOwnerConfig: Uint8Array;
60
+ /** should be 48 * rtmrsCount */
61
+ rtmrs: Uint8Array[];
62
+ /** should be 64 bytes */
63
+ reportData: Uint8Array;
64
+ }
65
+ export interface Ecdsa256BitQuoteV4AuthData {
66
+ /** The ECDSA 256-bit signature. */
67
+ signature: Uint8Array;
68
+ /** The ECDSA 256-bit public key of the attestation key. */
69
+ ecdsaAttestationKey: Uint8Array;
70
+ /** The certification data. */
71
+ certificationData: CertificationData | undefined;
72
+ }
73
+ export interface CertificationData {
74
+ /**
75
+ * Supported values:
76
+ * - 1 (PCK identifier: PPID in plain text, CPUSVN and PCESVN)
77
+ * - 2 (PCK identifier: PPID encrypted using RSA-2048-OAEP, CPUSVN and PCESVN)
78
+ * - 3 (PCK identifier: PPID encrypted using RSA-3072-OAEP, CPUSVN and PCESVN)
79
+ * - 4 (PCK Leaf Certificate in plain text, currently not supported)
80
+ * - 5 (Concatenated PCK Cert Chain)
81
+ * - 6 (QE Report Certification Data)
82
+ * - 7 (PLATFORM_MANIFEST, currently not supported)
83
+ */
84
+ certificateDataType: number;
85
+ /** Size of Certification Data field */
86
+ size: number;
87
+ qeReportCertificationData: QEReportCertificationData | undefined;
88
+ }
89
+ export interface QEReportCertificationData {
90
+ qeReport: EnclaveReport | undefined;
91
+ /** should be 64 bytes */
92
+ qeReportSignature: Uint8Array;
93
+ qeAuthData: QeAuthData | undefined;
94
+ pckCertificateChainData: PCKCertificateChainData | undefined;
95
+ }
96
+ export interface PCKCertificateChainData {
97
+ /**
98
+ * Supported values:
99
+ * - 1 (PCK identifier: PPID in plain text, CPUSVN and PCESVN)
100
+ * - 2 (PCK identifier: PPID encrypted using RSA-2048-OAEP, CPUSVN and PCESVN)
101
+ * - 3 (PCK identifier: PPID encrypted using RSA-3072-OAEP, CPUSVN and PCESVN)
102
+ * - 4 (PCK Leaf Certificate in plain text, currently not supported)
103
+ * - 5 (Concatenated PCK Cert Chain)
104
+ * - 6 (QE Report Certification Data)
105
+ * - 7 (PLATFORM_MANIFEST, currently not supported)
106
+ */
107
+ certificateDataType: number;
108
+ /** Size of Certification Data field */
109
+ size: number;
110
+ pckCertChain: Uint8Array;
111
+ }
112
+ export interface QeAuthData {
113
+ /** The parsed data size. */
114
+ parsedDataSize: number;
115
+ /** The data. */
116
+ data: Uint8Array;
117
+ }
118
+ export interface EnclaveReport {
119
+ /** should be 16 bytes */
120
+ cpuSvn: Uint8Array;
121
+ /** should be 4 bytes */
122
+ miscSelect: number;
123
+ /** should be 28 bytes */
124
+ reserved1: Uint8Array;
125
+ /** should be 16 bytes */
126
+ attributes: Uint8Array;
127
+ /** should be 32 bytes */
128
+ mrEnclave: Uint8Array;
129
+ /** should be 32 bytes */
130
+ reserved2: Uint8Array;
131
+ /** should be 32 bytes */
132
+ mrSigner: Uint8Array;
133
+ /** should be 96 bytes */
134
+ reserved3: Uint8Array;
135
+ /** should be 2 bytes */
136
+ isvProdId: number;
137
+ /** should be 2 bytes */
138
+ isvSvn: number;
139
+ /** should be 60 bytes */
140
+ reserved4: Uint8Array;
141
+ /** should be 64 bytes */
142
+ reportData: Uint8Array;
143
+ }
144
+ export declare const QuoteV4: MessageFns<QuoteV4>;
145
+ export declare const Header: MessageFns<Header>;
146
+ export declare const TDQuoteBody: MessageFns<TDQuoteBody>;
147
+ export declare const Ecdsa256BitQuoteV4AuthData: MessageFns<Ecdsa256BitQuoteV4AuthData>;
148
+ export declare const CertificationData: MessageFns<CertificationData>;
149
+ export declare const QEReportCertificationData: MessageFns<QEReportCertificationData>;
150
+ export declare const PCKCertificateChainData: MessageFns<PCKCertificateChainData>;
151
+ export declare const QeAuthData: MessageFns<QeAuthData>;
152
+ export declare const EnclaveReport: MessageFns<EnclaveReport>;
153
+ type Builtin = Date | Function | Uint8Array | string | number | boolean | bigint | undefined;
154
+ export type DeepPartial<T> = T extends Builtin ? T : T extends globalThis.Array<infer U> ? globalThis.Array<DeepPartial<U>> : T extends ReadonlyArray<infer U> ? ReadonlyArray<DeepPartial<U>> : T extends {} ? {
155
+ [K in keyof T]?: DeepPartial<T[K]>;
156
+ } : Partial<T>;
157
+ export interface MessageFns<T> {
158
+ encode(message: T, writer?: BinaryWriter): BinaryWriter;
159
+ decode(input: BinaryReader | Uint8Array, length?: number): T;
160
+ fromJSON(object: any): T;
161
+ toJSON(message: T): unknown;
162
+ create(base?: DeepPartial<T>): T;
163
+ fromPartial(object: DeepPartial<T>): T;
164
+ }
165
+ export {};
@@ -0,0 +1,104 @@
1
+ import { BinaryReader, BinaryWriter } from "@bufbuild/protobuf/wire";
2
+ export declare const protobufPackage = "tpm";
3
+ /** Enum values come from TCG Algorithm Registry - v1.27 - Table 3 */
4
+ export declare const ObjectType: {
5
+ readonly OBJECT_INVALID: 0;
6
+ readonly RSA: 1;
7
+ readonly ECC: 35;
8
+ readonly UNRECOGNIZED: -1;
9
+ };
10
+ export type ObjectType = typeof ObjectType[keyof typeof ObjectType];
11
+ export declare namespace ObjectType {
12
+ type OBJECT_INVALID = typeof ObjectType.OBJECT_INVALID;
13
+ type RSA = typeof ObjectType.RSA;
14
+ type ECC = typeof ObjectType.ECC;
15
+ type UNRECOGNIZED = typeof ObjectType.UNRECOGNIZED;
16
+ }
17
+ export declare function objectTypeFromJSON(object: any): ObjectType;
18
+ export declare function objectTypeToJSON(object: ObjectType): string;
19
+ export declare const HashAlgo: {
20
+ readonly HASH_INVALID: 0;
21
+ readonly SHA1: 4;
22
+ readonly SHA256: 11;
23
+ readonly SHA384: 12;
24
+ readonly SHA512: 13;
25
+ readonly UNRECOGNIZED: -1;
26
+ };
27
+ export type HashAlgo = typeof HashAlgo[keyof typeof HashAlgo];
28
+ export declare namespace HashAlgo {
29
+ type HASH_INVALID = typeof HashAlgo.HASH_INVALID;
30
+ type SHA1 = typeof HashAlgo.SHA1;
31
+ type SHA256 = typeof HashAlgo.SHA256;
32
+ type SHA384 = typeof HashAlgo.SHA384;
33
+ type SHA512 = typeof HashAlgo.SHA512;
34
+ type UNRECOGNIZED = typeof HashAlgo.UNRECOGNIZED;
35
+ }
36
+ export declare function hashAlgoFromJSON(object: any): HashAlgo;
37
+ export declare function hashAlgoToJSON(object: HashAlgo): string;
38
+ /**
39
+ * SealedBytes stores the result of a TPM2_Seal. The private portion (priv) has
40
+ * already been encrypted and is no longer sensitive. The hash algorithm is
41
+ * assumed to be SHA256.
42
+ */
43
+ export interface SealedBytes {
44
+ priv: Uint8Array;
45
+ pub: Uint8Array;
46
+ pcrs: number[];
47
+ hash: HashAlgo;
48
+ srk: ObjectType;
49
+ certifiedPcrs: PCRs | undefined;
50
+ creationData: Uint8Array;
51
+ ticket: Uint8Array;
52
+ }
53
+ export interface ImportBlob {
54
+ duplicate: Uint8Array;
55
+ encryptedSeed: Uint8Array;
56
+ publicArea: Uint8Array;
57
+ pcrs: PCRs | undefined;
58
+ }
59
+ export interface Quote {
60
+ /** TPM2 quote, encoded as a TPMS_ATTEST */
61
+ quote: Uint8Array;
62
+ /** TPM2 signature, encoded as a TPMT_SIGNATURE */
63
+ rawSig: Uint8Array;
64
+ /** PCR values of the bank being quoted */
65
+ pcrs: PCRs | undefined;
66
+ }
67
+ export interface PCRs {
68
+ hash: HashAlgo;
69
+ pcrs: {
70
+ [key: number]: Uint8Array;
71
+ };
72
+ }
73
+ export interface PCRs_PcrsEntry {
74
+ key: number;
75
+ value: Uint8Array;
76
+ }
77
+ /** Contains information corresponding an object certified with TPM2_Certify. */
78
+ export interface CertifiedBlob {
79
+ /** Public area of certified object, encoded as a TPMT_PUBLIC */
80
+ pubArea: Uint8Array;
81
+ /** TPM2 certification, encoded as a TPMS_ATTEST */
82
+ certifyInfo: Uint8Array;
83
+ /** TPM2 signature, encoded as a TPMT_Signature */
84
+ rawSig: Uint8Array;
85
+ }
86
+ export declare const SealedBytes: MessageFns<SealedBytes>;
87
+ export declare const ImportBlob: MessageFns<ImportBlob>;
88
+ export declare const Quote: MessageFns<Quote>;
89
+ export declare const PCRs: MessageFns<PCRs>;
90
+ export declare const PCRs_PcrsEntry: MessageFns<PCRs_PcrsEntry>;
91
+ export declare const CertifiedBlob: MessageFns<CertifiedBlob>;
92
+ type Builtin = Date | Function | Uint8Array | string | number | boolean | bigint | undefined;
93
+ export type DeepPartial<T> = T extends Builtin ? T : T extends globalThis.Array<infer U> ? globalThis.Array<DeepPartial<U>> : T extends ReadonlyArray<infer U> ? ReadonlyArray<DeepPartial<U>> : T extends {} ? {
94
+ [K in keyof T]?: DeepPartial<T[K]>;
95
+ } : Partial<T>;
96
+ export interface MessageFns<T> {
97
+ encode(message: T, writer?: BinaryWriter): BinaryWriter;
98
+ decode(input: BinaryReader | Uint8Array, length?: number): T;
99
+ fromJSON(object: any): T;
100
+ toJSON(message: T): unknown;
101
+ create(base?: DeepPartial<T>): T;
102
+ fromPartial(object: DeepPartial<T>): T;
103
+ }
104
+ export {};
@@ -1,5 +1,4 @@
1
1
  import '../../providers/http/patch-parse5-tree.ts';
2
- import RE2 from 're2';
3
2
  import type { ArraySlice, CompleteTLSPacket, ProviderParams, Transcript } from '../../types/index.ts';
4
3
  import type { HttpRequest, HttpResponse } from '../../utils/index.ts';
5
4
  export type JSONIndex = {
@@ -64,7 +63,7 @@ export declare function convertResponsePosToAbsolutePos(pos: number, bodyStartId
64
63
  */
65
64
  export declare function getRedactionsForChunkHeaders(from: number, to: number, chunks?: ArraySlice[]): ArraySlice[];
66
65
  export declare function parseHttpResponse(buff: Uint8Array): HttpResponse;
67
- export declare function makeRegex(str: string): RE2;
66
+ export declare function makeRegex(str: string): RegExp;
68
67
  /**
69
68
  * Try to match strings that contain templates like {{param}}
70
69
  * against redacted string that has *** instead of that param
@@ -0,0 +1,13 @@
1
+ /**
2
+ * SEV-SNP base-image allowlist (the pin point for base UKI hashes).
3
+ *
4
+ * The attestor pins only the per-cloud base UKI (PCR 11: SHA-256 on GCP,
5
+ * SHA-384 on AWS) — that is its root of trust. The cross-cloud app bundle
6
+ * digest (PCR 8) is NOT pinned here; it is published into the claim context
7
+ * for the claim consumer to verify against its own policy.
8
+ *
9
+ * Rotate by editing this list or by setting SNP_BASE_ALLOWLIST (comma-separated,
10
+ * with or without the snp-base: prefix).
11
+ */
12
+ /** Throws unless the base UKI hash is pinned. */
13
+ export declare function assertSevSnpBaseAllowed(base: string): void;
@@ -0,0 +1,15 @@
1
+ /**
2
+ * GCP SEV-SNP leg: go-tpm-tools Attestation. AK cert chains to the Google vTPM
3
+ * root; the SEV report binds sha512(akPub||bound) (anti-splice); the AK-signed
4
+ * TPM2 quote (SHA-256 bank) over PCRs proves PCR 8 (app) + PCR 11 (base).
5
+ * Ports go-tpm-tools quote.Verify + the report_data binding.
6
+ */
7
+ import { type SevSnpEnvelope } from '../../../server/utils/sev-snp/verify.ts';
8
+ /**
9
+ * Verifies the GCP leg: AK->Google root, SEV report bound to sha512(akPub||bound),
10
+ * AK-signed SHA-256 quote (nonce sha256(bound)) -> PCRs, PCR8 proves the app hash.
11
+ */
12
+ export declare function verifyGcpLeg(env: SevSnpEnvelope, bound: Buffer, now: Date): {
13
+ app: string;
14
+ base: string;
15
+ };
@@ -0,0 +1,19 @@
1
+ /**
2
+ * AWS NitroTPM attestation document verifier (the AWS code-identity proof).
3
+ *
4
+ * Port of reclaim-tee shared/snp_combined_aws.go verifyNitroTPMDocument: the doc
5
+ * is a COSE_Sign1 (ES384) whose leaf cert chains to the pinned AWS Nitro root;
6
+ * its nitrotpm_pcrs carry PCR 8 (app) + PCR 11 (base) and user_data carries the
7
+ * hardware binding.
8
+ */
9
+ export interface NitroTpmResult {
10
+ pcr8: Buffer;
11
+ pcr11: Buffer;
12
+ userData: Buffer;
13
+ }
14
+ /**
15
+ * Verifies the NitroTPM COSE_Sign1 document and returns PCR 8 / PCR 11 and
16
+ * user_data. Throws on any signature/chain failure. `now` defaults to the real
17
+ * clock (production freshness); tests may pass a time inside the leaf's window.
18
+ */
19
+ export declare function verifyNitroTpmDocument(docBytes: Uint8Array, now?: Date): Promise<NitroTpmResult>;
@@ -0,0 +1,11 @@
1
+ /**
2
+ * AMD SEV-SNP report verifier (proves genuine SEV-SNP hardware + report_data
3
+ * binding). Port of the go-sev-guest verification reclaim-tee invokes:
4
+ * reconstruct the report ABI, verify the ECDSA-P384 report signature against the
5
+ * VLEK/VCEK whose cert chains to the pinned AMD Milan ARK, and check report_data.
6
+ */
7
+ /**
8
+ * Verifies the SEV-SNP report: genuine AMD hardware (report sig -> VLEK/VCEK ->
9
+ * Milan ARK) and report_data == expectedReportData. Throws on any failure.
10
+ */
11
+ export declare function verifySevReport(sevBytes: Uint8Array, expectedReportData: Buffer, now?: Date): void;
@@ -0,0 +1,59 @@
1
+ /**
2
+ * SEV-SNP combined attestation verifier (replaces the dead Nitro path).
3
+ *
4
+ * Faithful TS port of reclaim-tee shared/snp_combined_{aws,verify}.go:
5
+ * a 1-byte cloud tag (0x01 GCP / 0x02 AWS) then a CBOR envelope carrying the
6
+ * cross-cloud app hash, the cloud-specific hardware evidence, and the
7
+ * presentable nonce list (the SEV-SNP analogue of a CS JWT eat_nonce).
8
+ */
9
+ export declare const SEV_TAG_GCP = 1;
10
+ export declare const SEV_TAG_AWS = 2;
11
+ export declare const SNP_APP_PREFIX = "snp-app:";
12
+ export declare const SNP_BASE_PREFIX = "snp-base:";
13
+ export declare const APP_PCR = 8;
14
+ export declare const BASE_PCR = 11;
15
+ export interface SevSnpEnvelope {
16
+ app: Uint8Array;
17
+ tpm?: Uint8Array;
18
+ nitrotpm?: Uint8Array;
19
+ sev?: Uint8Array;
20
+ nonces?: string[];
21
+ }
22
+ export interface SevSnpResult {
23
+ teeType: 'tee_k' | 'tee_t';
24
+ ethAddress: string;
25
+ app: string;
26
+ base: string;
27
+ nonces: string[];
28
+ }
29
+ /** Splits the 1-byte cloud tag from the CBOR envelope. */
30
+ export declare function parseSevSnpEnvelope(att: Uint8Array): Promise<{
31
+ tag: number;
32
+ env: SevSnpEnvelope;
33
+ }>;
34
+ /**
35
+ * snpNonceCommitment: sha256 over, for each nonce, the 8-byte big-endian byte
36
+ * length followed by the utf-8 bytes. Binding this in report_data/user_data is
37
+ * what makes the carried nonces unforgeable.
38
+ */
39
+ export declare function snpNonceCommitment(nonces: string[]): Buffer;
40
+ /**
41
+ * expectedPCR8: the value the loader produces by extending a pristine (all-zero)
42
+ * PCR 8 once with alg(appHash), i.e. alg(0^algSize || alg(appHash)). GCP uses the
43
+ * SHA-256 bank, AWS the SHA-384 bank.
44
+ */
45
+ export declare function expectedPCR8(appHash: Uint8Array, alg: 'sha256' | 'sha384'): Buffer;
46
+ export declare function appBaseIdentity(appHash: Uint8Array, pcr11: Uint8Array): {
47
+ app: string;
48
+ base: string;
49
+ };
50
+ export declare function extractTeeKeyFromNonces(nonces: string[]): {
51
+ teeType: 'tee_k' | 'tee_t';
52
+ ethAddress: string;
53
+ };
54
+ /**
55
+ * Verifies a claim-path combined SEV-SNP attestation end to end and returns the
56
+ * tee type, eth signing key, app/base identities, and the presentable nonces.
57
+ * `now` defaults to the real clock; tests may pass a time in the leaf window.
58
+ */
59
+ export declare function verifyCombinedSevSnp(att: Uint8Array, now?: Date): Promise<SevSnpResult>;
@@ -0,0 +1 @@
1
+ export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@reclaimprotocol/attestor-core",
3
- "version": "5.0.7",
3
+ "version": "5.0.8",
4
4
  "description": "",
5
5
  "type": "module",
6
6
  "imports": {
@@ -105,12 +105,14 @@
105
105
  "parse5": "^8.0.0",
106
106
  "parse5-htmlparser2-tree-adapter": "^8.0.0",
107
107
  "pino": "^9.14.0",
108
- "re2": "^1.24.0",
109
108
  "serve-static": "^1.16.3",
110
109
  "snarkjs": "^0.7.6",
111
110
  "ws": "^8.20.0",
112
111
  "xpath": "^0.0.34"
113
112
  },
113
+ "optionalDependencies": {
114
+ "re2": "*"
115
+ },
114
116
  "devDependencies": {
115
117
  "@adiwajshing/eslint-config": "github:adiwajshing/eslint-config",
116
118
  "@commitlint/cli": "^17.8.1",
@@ -134,6 +136,7 @@
134
136
  "tsc-alias": "^1.8.17",
135
137
  "typechain": "^8.3.2",
136
138
  "typescript": "^5.9.3",
139
+ "re2": "^1.24.0",
137
140
  "whatwg-url": "^14.2.0",
138
141
  "yaml": "^2.8.3"
139
142
  },