@super-protocol/addons-tee 0.8.13 → 0.8.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/bindings/sgx-native/build/Release/libmbedcrypto_gramine.so.15 +0 -0
  2. package/bindings/sgx-native/build/Release/libmbedx509_gramine.so.6 +0 -0
  3. package/bindings/sgx-native/build/Release/libsgx_dcap_quoteverify.so.1 +0 -0
  4. package/bindings/sgx-native/build/Release/libtdx_attest.so.1 +0 -0
  5. package/bindings/sgx-native/build/Release/sgx_native.node +0 -0
  6. package/dist/index.d.ts +0 -1
  7. package/dist/index.js +1 -5
  8. package/dist/sgx-native-module/consts.d.ts +0 -90
  9. package/dist/sgx-native-module/consts.js +2 -94
  10. package/dist/sgx-native-module/dcap-quote-verify.service.d.ts +1 -47
  11. package/dist/sgx-native-module/dcap-quote-verify.service.js +3 -37
  12. package/dist/sgx-native-module/errors.d.ts +0 -3
  13. package/dist/sgx-native-module/errors.js +2 -9
  14. package/dist/sgx-native-module/tdx-tests.d.ts +1 -0
  15. package/dist/sgx-native-module/tdx-tests.js +64 -0
  16. package/package.json +1 -1
  17. package/dist/quote-validator/constants.d.ts +0 -3
  18. package/dist/quote-validator/constants.js +0 -7
  19. package/dist/quote-validator/index.d.ts +0 -1
  20. package/dist/quote-validator/index.js +0 -9
  21. package/dist/quote-validator/sgx-untrusted-validator.d.ts +0 -12
  22. package/dist/quote-validator/sgx-untrusted-validator.js +0 -150
  23. package/test_sgx_env/Dockerfile +0 -16
  24. package/test_sgx_env/build-and-run-tests.sh +0 -27
  25. package/test_sgx_env/gsc-config.yaml +0 -14
  26. package/test_sgx_env/node16-base.manifest +0 -13
  27. package/test_sgx_env/sgx_default_qcnl.conf +0 -20
package/dist/index.d.ts CHANGED
@@ -1,2 +1 @@
1
1
  export * as SgxNative from "./sgx-native-module";
2
- export * from "./quote-validator";
package/dist/index.js CHANGED
@@ -22,11 +22,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
22
22
  __setModuleDefault(result, mod);
23
23
  return result;
24
24
  };
25
- var __exportStar = (this && this.__exportStar) || function(m, exports) {
26
- for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
27
- };
28
25
  Object.defineProperty(exports, "__esModule", { value: true });
29
26
  exports.SgxNative = void 0;
30
27
  exports.SgxNative = __importStar(require("./sgx-native-module"));
31
- __exportStar(require("./quote-validator"), exports);
32
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxpRUFBaUQ7QUFDakQsb0RBQWtDIn0=
28
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxpRUFBaUQifQ==
package/dist/sgx-native-module/consts.d.ts CHANGED
@@ -13,96 +13,6 @@ export declare enum KeyPolicy {
13
13
  SGX_KEYPOLICY_ISVFAMILYID = 16,
14
14
  SGX_KEYPOLICY_ISVEXTPRODID = 32
15
15
  }
16
- export declare enum DcapQuoteVerificationStatus {
17
- OK = 0,
18
- UNSUPPORTED_CERT_FORMAT = 1,
19
- SGX_ROOT_CA_MISSING = 2,
20
- SGX_ROOT_CA_INVALID = 3,
21
- SGX_ROOT_CA_INVALID_EXTENSIONS = 4,
22
- SGX_ROOT_CA_INVALID_ISSUER = 5,
23
- SGX_ROOT_CA_UNTRUSTED = 6,
24
- SGX_INTERMEDIATE_CA_MISSING = 7,
25
- SGX_INTERMEDIATE_CA_INVALID = 8,
26
- SGX_INTERMEDIATE_CA_INVALID_EXTENSIONS = 9,
27
- SGX_INTERMEDIATE_CA_INVALID_ISSUER = 10,
28
- SGX_INTERMEDIATE_CA_REVOKED = 11,
29
- SGX_PCK_MISSING = 12,
30
- SGX_PCK_INVALID = 13,
31
- SGX_PCK_INVALID_EXTENSIONS = 14,
32
- SGX_PCK_INVALID_ISSUER = 15,
33
- SGX_PCK_REVOKED = 16,
34
- TRUSTED_ROOT_CA_INVALID = 17,
35
- SGX_PCK_CERT_CHAIN_UNTRUSTED = 18,
36
- SGX_TCB_INFO_UNSUPPORTED_FORMAT = 19,
37
- SGX_TCB_INFO_INVALID = 20,
38
- TCB_INFO_INVALID_SIGNATURE = 21,
39
- SGX_TCB_SIGNING_CERT_MISSING = 22,
40
- SGX_TCB_SIGNING_CERT_INVALID = 23,
41
- SGX_TCB_SIGNING_CERT_INVALID_EXTENSIONS = 24,
42
- SGX_TCB_SIGNING_CERT_INVALID_ISSUER = 25,
43
- SGX_TCB_SIGNING_CERT_CHAIN_UNTRUSTED = 26,
44
- SGX_TCB_SIGNING_CERT_REVOKED = 27,
45
- SGX_CRL_UNSUPPORTED_FORMAT = 28,
46
- SGX_CRL_UNKNOWN_ISSUER = 29,
47
- SGX_CRL_INVALID = 30,
48
- SGX_CRL_INVALID_EXTENSIONS = 31,
49
- SGX_CRL_INVALID_SIGNATURE = 32,
50
- SGX_CA_CERT_UNSUPPORTED_FORMAT = 33,
51
- SGX_CA_CERT_INVALID = 34,
52
- TRUSTED_ROOT_CA_UNSUPPORTED_FORMAT = 35,
53
- MISSING_PARAMETERS = 36,
54
- UNSUPPORTED_QUOTE_FORMAT = 37,
55
- UNSUPPORTED_PCK_CERT_FORMAT = 38,
56
- INVALID_PCK_CERT = 39,
57
- UNSUPPORTED_PCK_RL_FORMAT = 40,
58
- INVALID_PCK_CRL = 41,
59
- UNSUPPORTED_TCB_INFO_FORMAT = 42,
60
- PCK_REVOKED = 43,
61
- TCB_INFO_MISMATCH = 44,
62
- TCB_OUT_OF_DATE = 45,
63
- TCB_REVOKED = 46,
64
- TCB_CONFIGURATION_NEEDED = 47,
65
- TCB_OUT_OF_DATE_CONFIGURATION_NEEDED = 48,
66
- TCB_NOT_SUPPORTED = 49,
67
- TCB_UNRECOGNIZED_STATUS = 50,
68
- UNSUPPORTED_QE_CERTIFICATION = 51,
69
- INVALID_QE_CERTIFICATION_DATA_SIZE = 52,
70
- UNSUPPORTED_QE_CERTIFICATION_DATA_TYPE = 53,
71
- PCK_CERT_MISMATCH = 54,
72
- INVALID_QE_REPORT_SIGNATURE = 55,
73
- INVALID_QE_REPORT_DATA = 56,
74
- INVALID_QUOTE_SIGNATURE = 57,
75
- SGX_QE_IDENTITY_UNSUPPORTED_FORMAT = 58,
76
- SGX_QE_IDENTITY_INVALID = 59,
77
- SGX_QE_IDENTITY_INVALID_SIGNATURE = 60,
78
- SGX_ENCLAVE_REPORT_UNSUPPORTED_FORMAT = 61,
79
- SGX_ENCLAVE_IDENTITY_UNSUPPORTED_FORMAT = 62,
80
- SGX_ENCLAVE_IDENTITY_INVALID = 63,
81
- SGX_ENCLAVE_IDENTITY_UNSUPPORTED_VERSION = 64,
82
- SGX_ENCLAVE_IDENTITY_OUT_OF_DATE = 65,
83
- SGX_ENCLAVE_REPORT_MISCSELECT_MISMATCH = 66,
84
- SGX_ENCLAVE_REPORT_ATTRIBUTES_MISMATCH = 67,
85
- SGX_ENCLAVE_REPORT_MRENCLAVE_MISMATCH = 68,
86
- SGX_ENCLAVE_REPORT_MRSIGNER_MISMATCH = 69,
87
- SGX_ENCLAVE_REPORT_ISVPRODID_MISMATCH = 70,
88
- SGX_ENCLAVE_REPORT_ISVSVN_OUT_OF_DATE = 71,
89
- UNSUPPORTED_QE_IDENTITY_FORMAT = 72,
90
- QE_IDENTITY_OUT_OF_DATE = 73,
91
- QE_IDENTITY_MISMATCH = 74,
92
- SGX_TCB_INFO_EXPIRED = 75,
93
- SGX_ENCLAVE_IDENTITY_INVALID_SIGNATURE = 76,
94
- INVALID_PARAMETER = 77,
95
- SGX_PCK_CERT_CHAIN_EXPIRED = 78,
96
- SGX_CRL_EXPIRED = 79,
97
- SGX_SIGNING_CERT_CHAIN_EXPIRED = 80,
98
- SGX_ENCLAVE_IDENTITY_EXPIRED = 81,
99
- TCB_SW_HARDENING_NEEDED = 82,
100
- TCB_CONFIGURATION_AND_SW_HARDENING_NEEDED = 83,
101
- SGX_ENCLAVE_REPORT_ISVSVN_REVOKED = 84
102
- }
103
- export declare const DcapQuoteVerificationStatusMap: {
104
- [key: string]: string;
105
- };
106
16
  export declare enum PckFlag {
107
17
  PCK_FLAG_FALSE = 0,
108
18
  PCK_FLAG_TRUE = 1,
package/dist/sgx-native-module/consts.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.PckFlag = exports.DcapQuoteVerificationStatusMap = exports.DcapQuoteVerificationStatus = exports.KeyPolicy = exports.KeyType = void 0;
3
+ exports.PckFlag = exports.KeyPolicy = exports.KeyType = void 0;
4
4
  var KeyType;
5
5
  (function (KeyType) {
6
6
  // Launch key
@@ -29,102 +29,10 @@ var KeyPolicy;
29
29
  // Derive key with the enclave's ISVEXTPRODID
30
30
  KeyPolicy[KeyPolicy["SGX_KEYPOLICY_ISVEXTPRODID"] = 32] = "SGX_KEYPOLICY_ISVEXTPRODID";
31
31
  })(KeyPolicy = exports.KeyPolicy || (exports.KeyPolicy = {}));
32
- var DcapQuoteVerificationStatus;
33
- (function (DcapQuoteVerificationStatus) {
34
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["OK"] = 0] = "OK";
35
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_CERT_FORMAT"] = 1] = "UNSUPPORTED_CERT_FORMAT";
36
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ROOT_CA_MISSING"] = 2] = "SGX_ROOT_CA_MISSING";
37
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ROOT_CA_INVALID"] = 3] = "SGX_ROOT_CA_INVALID";
38
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ROOT_CA_INVALID_EXTENSIONS"] = 4] = "SGX_ROOT_CA_INVALID_EXTENSIONS";
39
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ROOT_CA_INVALID_ISSUER"] = 5] = "SGX_ROOT_CA_INVALID_ISSUER";
40
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ROOT_CA_UNTRUSTED"] = 6] = "SGX_ROOT_CA_UNTRUSTED";
41
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_INTERMEDIATE_CA_MISSING"] = 7] = "SGX_INTERMEDIATE_CA_MISSING";
42
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_INTERMEDIATE_CA_INVALID"] = 8] = "SGX_INTERMEDIATE_CA_INVALID";
43
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_INTERMEDIATE_CA_INVALID_EXTENSIONS"] = 9] = "SGX_INTERMEDIATE_CA_INVALID_EXTENSIONS";
44
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_INTERMEDIATE_CA_INVALID_ISSUER"] = 10] = "SGX_INTERMEDIATE_CA_INVALID_ISSUER";
45
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_INTERMEDIATE_CA_REVOKED"] = 11] = "SGX_INTERMEDIATE_CA_REVOKED";
46
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_MISSING"] = 12] = "SGX_PCK_MISSING";
47
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_INVALID"] = 13] = "SGX_PCK_INVALID";
48
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_INVALID_EXTENSIONS"] = 14] = "SGX_PCK_INVALID_EXTENSIONS";
49
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_INVALID_ISSUER"] = 15] = "SGX_PCK_INVALID_ISSUER";
50
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_REVOKED"] = 16] = "SGX_PCK_REVOKED";
51
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TRUSTED_ROOT_CA_INVALID"] = 17] = "TRUSTED_ROOT_CA_INVALID";
52
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_CERT_CHAIN_UNTRUSTED"] = 18] = "SGX_PCK_CERT_CHAIN_UNTRUSTED";
53
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_INFO_UNSUPPORTED_FORMAT"] = 19] = "SGX_TCB_INFO_UNSUPPORTED_FORMAT";
54
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_INFO_INVALID"] = 20] = "SGX_TCB_INFO_INVALID";
55
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_INFO_INVALID_SIGNATURE"] = 21] = "TCB_INFO_INVALID_SIGNATURE";
56
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_MISSING"] = 22] = "SGX_TCB_SIGNING_CERT_MISSING";
57
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_INVALID"] = 23] = "SGX_TCB_SIGNING_CERT_INVALID";
58
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_INVALID_EXTENSIONS"] = 24] = "SGX_TCB_SIGNING_CERT_INVALID_EXTENSIONS";
59
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_INVALID_ISSUER"] = 25] = "SGX_TCB_SIGNING_CERT_INVALID_ISSUER";
60
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_CHAIN_UNTRUSTED"] = 26] = "SGX_TCB_SIGNING_CERT_CHAIN_UNTRUSTED";
61
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_SIGNING_CERT_REVOKED"] = 27] = "SGX_TCB_SIGNING_CERT_REVOKED";
62
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_UNSUPPORTED_FORMAT"] = 28] = "SGX_CRL_UNSUPPORTED_FORMAT";
63
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_UNKNOWN_ISSUER"] = 29] = "SGX_CRL_UNKNOWN_ISSUER";
64
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_INVALID"] = 30] = "SGX_CRL_INVALID";
65
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_INVALID_EXTENSIONS"] = 31] = "SGX_CRL_INVALID_EXTENSIONS";
66
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_INVALID_SIGNATURE"] = 32] = "SGX_CRL_INVALID_SIGNATURE";
67
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CA_CERT_UNSUPPORTED_FORMAT"] = 33] = "SGX_CA_CERT_UNSUPPORTED_FORMAT";
68
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CA_CERT_INVALID"] = 34] = "SGX_CA_CERT_INVALID";
69
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TRUSTED_ROOT_CA_UNSUPPORTED_FORMAT"] = 35] = "TRUSTED_ROOT_CA_UNSUPPORTED_FORMAT";
70
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["MISSING_PARAMETERS"] = 36] = "MISSING_PARAMETERS";
71
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_QUOTE_FORMAT"] = 37] = "UNSUPPORTED_QUOTE_FORMAT";
72
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_PCK_CERT_FORMAT"] = 38] = "UNSUPPORTED_PCK_CERT_FORMAT";
73
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_PCK_CERT"] = 39] = "INVALID_PCK_CERT";
74
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_PCK_RL_FORMAT"] = 40] = "UNSUPPORTED_PCK_RL_FORMAT";
75
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_PCK_CRL"] = 41] = "INVALID_PCK_CRL";
76
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_TCB_INFO_FORMAT"] = 42] = "UNSUPPORTED_TCB_INFO_FORMAT";
77
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["PCK_REVOKED"] = 43] = "PCK_REVOKED";
78
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_INFO_MISMATCH"] = 44] = "TCB_INFO_MISMATCH";
79
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_OUT_OF_DATE"] = 45] = "TCB_OUT_OF_DATE";
80
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_REVOKED"] = 46] = "TCB_REVOKED";
81
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_CONFIGURATION_NEEDED"] = 47] = "TCB_CONFIGURATION_NEEDED";
82
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_OUT_OF_DATE_CONFIGURATION_NEEDED"] = 48] = "TCB_OUT_OF_DATE_CONFIGURATION_NEEDED";
83
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_NOT_SUPPORTED"] = 49] = "TCB_NOT_SUPPORTED";
84
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_UNRECOGNIZED_STATUS"] = 50] = "TCB_UNRECOGNIZED_STATUS";
85
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_QE_CERTIFICATION"] = 51] = "UNSUPPORTED_QE_CERTIFICATION";
86
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_QE_CERTIFICATION_DATA_SIZE"] = 52] = "INVALID_QE_CERTIFICATION_DATA_SIZE";
87
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_QE_CERTIFICATION_DATA_TYPE"] = 53] = "UNSUPPORTED_QE_CERTIFICATION_DATA_TYPE";
88
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["PCK_CERT_MISMATCH"] = 54] = "PCK_CERT_MISMATCH";
89
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_QE_REPORT_SIGNATURE"] = 55] = "INVALID_QE_REPORT_SIGNATURE";
90
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_QE_REPORT_DATA"] = 56] = "INVALID_QE_REPORT_DATA";
91
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_QUOTE_SIGNATURE"] = 57] = "INVALID_QUOTE_SIGNATURE";
92
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_QE_IDENTITY_UNSUPPORTED_FORMAT"] = 58] = "SGX_QE_IDENTITY_UNSUPPORTED_FORMAT";
93
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_QE_IDENTITY_INVALID"] = 59] = "SGX_QE_IDENTITY_INVALID";
94
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_QE_IDENTITY_INVALID_SIGNATURE"] = 60] = "SGX_QE_IDENTITY_INVALID_SIGNATURE";
95
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_UNSUPPORTED_FORMAT"] = 61] = "SGX_ENCLAVE_REPORT_UNSUPPORTED_FORMAT";
96
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_UNSUPPORTED_FORMAT"] = 62] = "SGX_ENCLAVE_IDENTITY_UNSUPPORTED_FORMAT";
97
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_INVALID"] = 63] = "SGX_ENCLAVE_IDENTITY_INVALID";
98
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_UNSUPPORTED_VERSION"] = 64] = "SGX_ENCLAVE_IDENTITY_UNSUPPORTED_VERSION";
99
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_OUT_OF_DATE"] = 65] = "SGX_ENCLAVE_IDENTITY_OUT_OF_DATE";
100
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_MISCSELECT_MISMATCH"] = 66] = "SGX_ENCLAVE_REPORT_MISCSELECT_MISMATCH";
101
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_ATTRIBUTES_MISMATCH"] = 67] = "SGX_ENCLAVE_REPORT_ATTRIBUTES_MISMATCH";
102
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_MRENCLAVE_MISMATCH"] = 68] = "SGX_ENCLAVE_REPORT_MRENCLAVE_MISMATCH";
103
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_MRSIGNER_MISMATCH"] = 69] = "SGX_ENCLAVE_REPORT_MRSIGNER_MISMATCH";
104
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_ISVPRODID_MISMATCH"] = 70] = "SGX_ENCLAVE_REPORT_ISVPRODID_MISMATCH";
105
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_ISVSVN_OUT_OF_DATE"] = 71] = "SGX_ENCLAVE_REPORT_ISVSVN_OUT_OF_DATE";
106
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["UNSUPPORTED_QE_IDENTITY_FORMAT"] = 72] = "UNSUPPORTED_QE_IDENTITY_FORMAT";
107
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["QE_IDENTITY_OUT_OF_DATE"] = 73] = "QE_IDENTITY_OUT_OF_DATE";
108
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["QE_IDENTITY_MISMATCH"] = 74] = "QE_IDENTITY_MISMATCH";
109
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_TCB_INFO_EXPIRED"] = 75] = "SGX_TCB_INFO_EXPIRED";
110
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_INVALID_SIGNATURE"] = 76] = "SGX_ENCLAVE_IDENTITY_INVALID_SIGNATURE";
111
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["INVALID_PARAMETER"] = 77] = "INVALID_PARAMETER";
112
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_PCK_CERT_CHAIN_EXPIRED"] = 78] = "SGX_PCK_CERT_CHAIN_EXPIRED";
113
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_CRL_EXPIRED"] = 79] = "SGX_CRL_EXPIRED";
114
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_SIGNING_CERT_CHAIN_EXPIRED"] = 80] = "SGX_SIGNING_CERT_CHAIN_EXPIRED";
115
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_IDENTITY_EXPIRED"] = 81] = "SGX_ENCLAVE_IDENTITY_EXPIRED";
116
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_SW_HARDENING_NEEDED"] = 82] = "TCB_SW_HARDENING_NEEDED";
117
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["TCB_CONFIGURATION_AND_SW_HARDENING_NEEDED"] = 83] = "TCB_CONFIGURATION_AND_SW_HARDENING_NEEDED";
118
- DcapQuoteVerificationStatus[DcapQuoteVerificationStatus["SGX_ENCLAVE_REPORT_ISVSVN_REVOKED"] = 84] = "SGX_ENCLAVE_REPORT_ISVSVN_REVOKED";
119
- })(DcapQuoteVerificationStatus = exports.DcapQuoteVerificationStatus || (exports.DcapQuoteVerificationStatus = {}));
120
- exports.DcapQuoteVerificationStatusMap = Object.entries(DcapQuoteVerificationStatus).reduce((obj, [value, key]) => {
121
- obj[key] = value;
122
- return obj;
123
- }, {});
124
32
  var PckFlag;
125
33
  (function (PckFlag) {
126
34
  PckFlag[PckFlag["PCK_FLAG_FALSE"] = 0] = "PCK_FLAG_FALSE";
127
35
  PckFlag[PckFlag["PCK_FLAG_TRUE"] = 1] = "PCK_FLAG_TRUE";
128
36
  PckFlag[PckFlag["PCK_FLAG_UNDEFINED"] = 2] = "PCK_FLAG_UNDEFINED";
129
37
  })(PckFlag = exports.PckFlag || (exports.PckFlag = {}));
130
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL2NvbnN0cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxJQUFZLE9BZVg7QUFmRCxXQUFZLE9BQU87SUFDZixhQUFhO0lBQ2IsNkVBQWlDLENBQUE7SUFFakMsbUJBQW1CO0lBQ25CLDJFQUFnQyxDQUFBO0lBRWhDLHdCQUF3QjtJQUN4QixxRkFBcUMsQ0FBQTtJQUVyQyxhQUFhO0lBQ2IscUVBQTZCLENBQUE7SUFFN0IsV0FBVztJQUNYLGlFQUEyQixDQUFBO0FBQy9CLENBQUMsRUFmVyxPQUFPLEdBQVAsZUFBTyxLQUFQLGVBQU8sUUFlbEI7QUFFRCxJQUFZLFNBa0JYO0FBbEJELFdBQVksU0FBUztJQUNqQiw4REFBOEQ7SUFDOUQsK0VBQWdDLENBQUE7SUFFaEMsNkRBQTZEO0lBQzdELDZFQUErQixDQUFBO0lBRS9CLDZDQUE2QztJQUM3QyxtRkFBa0MsQ0FBQTtJQUVsQyx5Q0FBeUM7SUFDekMsNkVBQStCLENBQUE7SUFFL0IsNENBQTRDO0lBQzVDLG9GQUFrQyxDQUFBO0lBRWxDLDZDQUE2QztJQUM3QyxzRkFBbUMsQ0FBQTtBQUN2QyxDQUFDLEVBbEJXLFNBQVMsR0FBVCxpQkFBUyxLQUFULGlCQUFTLFFBa0JwQjtBQUVELElBQVksMkJBb0dYO0FBcEdELFdBQVksMkJBQTJCO0lBQ25DLHlFQUFNLENBQUE7SUFFTixtSEFBdUIsQ0FBQTtJQUV2QiwyR0FBbUIsQ0FBQTtJQUNuQiwyR0FBbUIsQ0FBQTtJQUNuQixpSUFBOEIsQ0FBQTtJQUM5Qix5SEFBMEIsQ0FBQTtJQUMxQiwrR0FBcUIsQ0FBQTtJQUVyQiwySEFBMkIsQ0FBQTtJQUMzQiwySEFBMkIsQ0FBQTtJQUMzQixpSkFBc0MsQ0FBQTtJQUN0QywwSUFBa0MsQ0FBQTtJQUNsQyw0SEFBMkIsQ0FBQTtJQUUzQixvR0FBZSxDQUFBO0lBQ2Ysb0dBQWUsQ0FBQTtJQUNmLDBIQUEwQixDQUFBO0lBQzFCLGtIQUFzQixDQUFBO0lBQ3RCLG9HQUFlLENBQUE7SUFFZixvSEFBdUIsQ0FBQTtJQUN2Qiw4SEFBNEIsQ0FBQTtJQUU1QixvSUFBK0IsQ0FBQTtJQUMvQiw4R0FBb0IsQ0FBQTtJQUNwQiwwSEFBMEIsQ0FBQTtJQUUxQiw4SEFBNEIsQ0FBQTtJQUM1Qiw4SEFBNEIsQ0FBQTtJQUM1QixvSkFBdUMsQ0FBQTtJQUN2Qyw0SUFBbUMsQ0FBQTtJQUNuQyw4SUFBb0MsQ0FBQTtJQUNwQyw4SEFBNEIsQ0FBQTtJQUU1QiwwSEFBMEIsQ0FBQTtJQUMxQixrSEFBc0IsQ0FBQTtJQUN0QixvR0FBZSxDQUFBO0lBQ2YsMEhBQTBCLENBQUE7SUFDMUIsd0hBQXlCLENBQUE7SUFFekIsa0lBQThCLENBQUE7SUFDOUIsNEdBQW1CLENBQUE7SUFDbkIsMElBQWtDLENBQUE7SUFFbEMsMEdBQWtCLENBQUE7SUFFbEIsc0hBQXdCLENBQUE7SUFDeEIsNEhBQTJCLENBQUE7SUFDM0Isc0dBQWdCLENBQUE7SUFDaEIsd0hBQXlCLENBQUE7SUFDekIsb0dBQWUsQ0FBQTtJQUNmLDRIQUEyQixDQUFBO0lBQzNCLDRGQUFXLENBQUE7SUFDWCx3R0FBaUIsQ0FBQTtJQUNqQixvR0FBZSxDQUFBO0lBQ2YsNEZBQVcsQ0FBQTtJQUNYLHNIQUF3QixDQUFBO0lBQ3hCLDhJQUFvQyxDQUFBO0lBQ3BDLHdHQUFpQixDQUFBO0lBQ2pCLG9IQUF1QixDQUFBO0lBQ3ZCLDhIQUE0QixDQUFBO0lBQzVCLDBJQUFrQyxDQUFBO0lBQ2xDLGtKQUFzQyxDQUFBO0lBQ3RDLHdHQUFpQixDQUFBO0lBQ2pCLDRIQUEyQixDQUFBO0lBQzNCLGtIQUFzQixDQUFBO0lBQ3RCLG9IQUF1QixDQUFBO0lBRXZCLDBJQUFrQyxDQUFBO0lBQ2xDLG9IQUF1QixDQUFBO0lBQ3ZCLHdJQUFpQyxDQUFBO0lBRWpDLGdKQUFxQyxDQUFBO0lBQ3JDLG9KQUF1QyxDQUFBO0lBQ3ZDLDhIQUE0QixDQUFBO0lBQzVCLHNKQUF3QyxDQUFBO0lBQ3hDLHNJQUFnQyxDQUFBO0lBQ2hDLGtKQUFzQyxDQUFBO0lBQ3RDLGtKQUFzQyxDQUFBO0lBQ3RDLGdKQUFxQyxDQUFBO0lBQ3JDLDhJQUFvQyxDQUFBO0lBQ3BDLGdKQUFxQyxDQUFBO0lBQ3JDLGdKQUFxQyxDQUFBO0lBRXJDLGtJQUE4QixDQUFBO0lBQzlCLG9IQUF1QixDQUFBO0lBQ3ZCLDhHQUFvQixDQUFBO0lBQ3BCLDhHQUFvQixDQUFBO0lBQ3BCLGtKQUFzQyxDQUFBO0lBQ3RDLHdHQUFpQixDQUFBO0lBQ2pCLDBIQUEwQixDQUFBO0lBQzFCLG9HQUFlLENBQUE7SUFDZixrSUFBOEIsQ0FBQTtJQUM5Qiw4SEFBNEIsQ0FBQTtJQUM1QixvSEFBdUIsQ0FBQTtJQUN2Qix3SkFBeUMsQ0FBQTtJQUN6Qyx3SUFBaUMsQ0FBQTtBQUNyQyxDQUFDLEVBcEdXLDJCQUEyQixHQUEzQixtQ0FBMkIsS0FBM0IsbUNBQTJCLFFBb0d0QztBQUVZLFFBQUEsOEJBQThCLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDLE1BQU0sQ0FDNUYsQ0FBQyxHQUE4QixFQUFFLENBQUMsS0FBSyxFQUFFLEdBQUcsQ0FBQyxFQUFFLEVBQUU7SUFDN0MsR0FBRyxDQUFDLEdBQUcsQ0FBQyxHQUFHLEtBQUssQ0FBQztJQUVqQixPQUFPLEdBQUcsQ0FBQztBQUNmLENBQUMsRUFDRCxFQUFFLENBQ0wsQ0FBQztBQUVGLElBQVksT0FJWDtBQUpELFdBQVksT0FBTztJQUNmLHlEQUFrQixDQUFBO0lBQ2xCLHVEQUFhLENBQUE7SUFDYixpRUFBa0IsQ0FBQTtBQUN0QixDQUFDLEVBSlcsT0FBTyxHQUFQLGVBQU8sS0FBUCxlQUFPLFFBSWxCIn0=
38
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL2NvbnN0cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxJQUFZLE9BZVg7QUFmRCxXQUFZLE9BQU87SUFDZixhQUFhO0lBQ2IsNkVBQWlDLENBQUE7SUFFakMsbUJBQW1CO0lBQ25CLDJFQUFnQyxDQUFBO0lBRWhDLHdCQUF3QjtJQUN4QixxRkFBcUMsQ0FBQTtJQUVyQyxhQUFhO0lBQ2IscUVBQTZCLENBQUE7SUFFN0IsV0FBVztJQUNYLGlFQUEyQixDQUFBO0FBQy9CLENBQUMsRUFmVyxPQUFPLEdBQVAsZUFBTyxLQUFQLGVBQU8sUUFlbEI7QUFFRCxJQUFZLFNBa0JYO0FBbEJELFdBQVksU0FBUztJQUNqQiw4REFBOEQ7SUFDOUQsK0VBQWdDLENBQUE7SUFFaEMsNkRBQTZEO0lBQzdELDZFQUErQixDQUFBO0lBRS9CLDZDQUE2QztJQUM3QyxtRkFBa0MsQ0FBQTtJQUVsQyx5Q0FBeUM7SUFDekMsNkVBQStCLENBQUE7SUFFL0IsNENBQTRDO0lBQzVDLG9GQUFrQyxDQUFBO0lBRWxDLDZDQUE2QztJQUM3QyxzRkFBbUMsQ0FBQTtBQUN2QyxDQUFDLEVBbEJXLFNBQVMsR0FBVCxpQkFBUyxLQUFULGlCQUFTLFFBa0JwQjtBQUVELElBQVksT0FJWDtBQUpELFdBQVksT0FBTztJQUNmLHlEQUFrQixDQUFBO0lBQ2xCLHVEQUFhLENBQUE7SUFDYixpRUFBa0IsQ0FBQTtBQUN0QixDQUFDLEVBSlcsT0FBTyxHQUFQLGVBQU8sS0FBUCxlQUFPLFFBSWxCIn0=
package/dist/sgx-native-module/dcap-quote-verify.service.d.ts CHANGED
@@ -1,54 +1,8 @@
1
1
  /// <reference types="node" />
2
- import { DcapQuoteVerificationStatus } from "./consts";
3
2
  export declare class DcapQuoteVerifyService {
4
3
  private readonly quoteVerifier;
5
4
  constructor();
6
- static checkErrorOrThrow(result: DcapQuoteVerificationStatus): void;
7
5
  extractQuoteFromCert(pemOrDerCert: Buffer): Promise<Buffer>;
8
6
  validateQuoteVerifierEnclave(quote: Buffer, checkSecurity?: boolean): Promise<void>;
9
- validateQuote({ quote, pemPckCertificate, pemIntermediateCrl, tcbInfoJson, qeIdentityJson, }: {
10
- quote: Buffer;
11
- pemPckCertificate: string;
12
- pemIntermediateCrl: string;
13
- tcbInfoJson: string;
14
- qeIdentityJson: string;
15
- }): Promise<void>;
16
- validateEnclaveReport({ enclaveReport, enclaveIdentity, }: {
17
- enclaveReport: Buffer;
18
- enclaveIdentity: string;
19
- }): Promise<void>;
20
- libraryEnclaveGetVersion(): string;
21
- libraryVersion(): string;
22
- getQeCertificationData({ quote }: {
23
- quote: Buffer;
24
- }): Promise<{
25
- pemCertChain?: string;
26
- qeCertType?: number;
27
- }>;
28
- validatePckCertificate({ pemCertChain, pemRootCaCrl, pemIntermediateCaCrl, pemRootCaCertificate, expirationCheckDate, }: {
29
- pemCertChain: string;
30
- pemRootCaCrl: string;
31
- pemIntermediateCaCrl: string;
32
- pemRootCaCertificate: string;
33
- expirationCheckDate: number;
34
- }): Promise<void>;
35
- validateTcbInfo({ tcbInfoJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate, }: {
36
- tcbInfoJson: string;
37
- pemCertChain: string;
38
- pemRootCaCrl: string;
39
- pemRootCaCertificate: string;
40
- expirationCheckDate: number;
41
- }): Promise<void>;
42
- validateEnclaveIdentity({ enclaveIdentityJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate, }: {
43
- enclaveIdentityJson: string;
44
- pemCertChain: string;
45
- pemRootCaCrl: string;
46
- pemRootCaCertificate: string;
47
- expirationCheckDate: number;
48
- }): Promise<void>;
49
- validatePckRevocationList({ pemCrl, pemCaCertChain, pemTrustedRootCaCert, }: {
50
- pemCrl: string;
51
- pemCaCertChain: string;
52
- pemTrustedRootCaCert: string;
53
- }): Promise<void>;
7
+ generateTDXQuote(userData: Buffer): Promise<Buffer>;
54
8
  }
package/dist/sgx-native-module/dcap-quote-verify.service.js CHANGED
@@ -8,11 +8,6 @@ class DcapQuoteVerifyService {
8
8
  constructor() {
9
9
  this.quoteVerifier = new SgxAttestationVerifier();
10
10
  }
11
- static checkErrorOrThrow(result) {
12
- if (result !== consts_1.DcapQuoteVerificationStatus.OK) {
13
- throw new errors_1.AttestationDcapQuoteVerifyServiceError(consts_1.DcapQuoteVerificationStatusMap[result]);
14
- }
15
- }
16
11
  async extractQuoteFromCert(pemOrDerCert) {
17
12
  if (!pemOrDerCert?.length) {
18
13
  throw new errors_1.AttestationDcapQuoteVerifyEnclaveError("empty certificate");
@@ -32,38 +27,9 @@ class DcapQuoteVerifyService {
32
27
  throw new errors_1.QuoteValidationError(verifyResult.verificationResult);
33
28
  }
34
29
  }
35
- async validateQuote({ quote, pemPckCertificate, pemIntermediateCrl, tcbInfoJson, qeIdentityJson, }) {
36
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyQuote(quote, pemPckCertificate, pemIntermediateCrl, tcbInfoJson, qeIdentityJson));
37
- }
38
- async validateEnclaveReport({ enclaveReport, enclaveIdentity, }) {
39
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyEnclaveReport(enclaveReport, enclaveIdentity));
40
- }
41
- libraryEnclaveGetVersion() {
42
- return this.quoteVerifier.enclaveGetVersion();
43
- }
44
- libraryVersion() {
45
- return this.quoteVerifier.getVersion();
46
- }
47
- async getQeCertificationData({ quote }) {
48
- const [status, pemCertChain, qeCertType] = this.quoteVerifier.getQECertificationData(quote);
49
- DcapQuoteVerifyService.checkErrorOrThrow(status);
50
- return {
51
- pemCertChain,
52
- qeCertType,
53
- };
54
- }
55
- async validatePckCertificate({ pemCertChain, pemRootCaCrl, pemIntermediateCaCrl, pemRootCaCertificate, expirationCheckDate, }) {
56
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyPCKCertificate(pemCertChain, [pemRootCaCrl, pemIntermediateCaCrl], pemRootCaCertificate, expirationCheckDate));
57
- }
58
- async validateTcbInfo({ tcbInfoJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate, }) {
59
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyTCBInfo(tcbInfoJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate));
60
- }
61
- async validateEnclaveIdentity({ enclaveIdentityJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate, }) {
62
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyEnclaveIdentity(enclaveIdentityJson, pemCertChain, pemRootCaCrl, pemRootCaCertificate, expirationCheckDate));
63
- }
64
- async validatePckRevocationList({ pemCrl, pemCaCertChain, pemTrustedRootCaCert, }) {
65
- DcapQuoteVerifyService.checkErrorOrThrow(this.quoteVerifier.verifyPCKRevocationList(pemCrl, pemCaCertChain, pemTrustedRootCaCert));
30
+ async generateTDXQuote(userData) {
31
+ return this.quoteVerifier.generateTDXQuote(userData);
66
32
  }
67
33
  }
68
34
  exports.DcapQuoteVerifyService = DcapQuoteVerifyService;
69
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGNhcC1xdW90ZS12ZXJpZnkuc2VydmljZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9zZ3gtbmF0aXZlLW1vZHVsZS9kY2FwLXF1b3RlLXZlcmlmeS5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLE1BQU0sRUFBRSxzQkFBc0IsRUFBRSxHQUFHLE9BQU8sQ0FBQyx5REFBeUQsQ0FBQyxDQUFDO0FBQ3RHLHFDQUtrQjtBQUNsQixxQ0FLa0I7QUFxRGxCLE1BQWEsc0JBQXNCO0lBRy9CO1FBQ0ksSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLHNCQUFzQixFQUFFLENBQUM7SUFDdEQsQ0FBQztJQUVELE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxNQUFtQztRQUN4RCxJQUFJLE1BQU0sS0FBSyxvQ0FBMkIsQ0FBQyxFQUFFLEVBQUU7WUFDM0MsTUFBTSxJQUFJLCtDQUFzQyxDQUFDLHVDQUE4QixDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7U0FDNUY7SUFDTCxDQUFDO0lBRUQsS0FBSyxDQUFDLG9CQUFvQixDQUFDLFlBQW9CO1FBQzNDLElBQUksQ0FBQyxZQUFZLEVBQUUsTUFBTSxFQUFFO1lBQ3ZCLE1BQU0sSUFBSSwrQ0FBc0MsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1NBQ3pFO1FBRUQsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLG9CQUFvQixDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRCxLQUFLLENBQUMsNEJBQTRCLENBQUMsS0FBYSxFQUFFLGFBQXVCO1FBQ3JFLGFBQWEsR0FBRyxhQUFhLElBQUksS0FBSyxDQUFDO1FBRXZDLElBQUksQ0FBQyxLQUFLLEVBQUUsTUFBTSxFQUFFO1lBQ2hCLE1BQU0sSUFBSSwrQ0FBc0MsQ0FBQyxhQUFhLENBQUMsQ0FBQztTQUNuRTtRQUVELE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQy9ELElBQUksYUFBYSxJQUFJLFlBQVksQ0FBQyxVQUFVLEtBQUssZ0JBQU8sQ0FBQyxhQUFhLEVBQUU7WUFDcEUsTUFBTSxJQUFJLHFDQUE0QixDQUFDLFlBQVksQ0FBQyxDQUFDO1NBQ3hEO1FBQ0QsSUFBSSxZQUFZLENBQUMsa0JBQWtCLEtBQUssQ0FBQyxFQUFFO1lBQ3ZDLE1BQU0sSUFBSSw2QkFBb0IsQ0FBQyxZQUFZLENBQUMsa0JBQWtCLENBQUMsQ0FBQztTQUNuRTtJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsYUFBYSxDQUFDLEVBQ2hCLEtBQUssRUFDTCxpQkFBaUIsRUFDakIsa0JBQWtCLEVBQ2xCLFdBQVcsRUFDWCxjQUFjLEdBT2pCO1FBQ0csc0JBQXNCLENBQUMsaUJBQWlCLENBQ3BDLElBQUksQ0FBQyxhQUFhLENBQUMsV0FBVyxDQUFDLEtBQUssRUFBRSxpQkFBaUIsRUFBRSxrQkFBa0IsRUFBRSxXQUFXLEVBQUUsY0FBYyxDQUFDLENBQzVHLENBQUM7SUFDTixDQUFDO0lBRUQsS0FBSyxDQUFDLHFCQUFxQixDQUFDLEVBQ3hCLGFBQWEsRUFDYixlQUFlLEdBSWxCO1FBQ0csc0JBQXNCLENBQUMsaUJBQWlCLENBQ3BDLElBQUksQ0FBQyxhQUFhLENBQUMsbUJBQW1CLENBQUMsYUFBYSxFQUFFLGVBQWUsQ0FBQyxDQUN6RSxDQUFDO0lBQ04sQ0FBQztJQUVELHdCQUF3QjtRQUNwQixPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztJQUNsRCxDQUFDO0lBRUQsY0FBYztRQUNWLE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLEVBQUUsQ0FBQztJQUMzQyxDQUFDO0lBRUQsS0FBSyxDQUFDLHNCQUFzQixDQUFDLEVBQUUsS0FBSyxFQUFxQjtRQUlyRCxNQUFNLENBQUMsTUFBTSxFQUFFLFlBQVksRUFBRSxVQUFVLENBQUMsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLHNCQUFzQixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRTVGLHNCQUFzQixDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRWpELE9BQU87WUFDSCxZQUFZO1lBQ1osVUFBVTtTQUNiLENBQUM7SUFDTixDQUFDO0lBRUQsS0FBSyxDQUFDLHNCQUFzQixDQUFDLEVBQ3pCLFlBQVksRUFDWixZQUFZLEVBQ1osb0JBQW9CLEVBQ3BCLG9CQUFvQixFQUNwQixtQkFBbUIsR0FPdEI7UUFDRyxzQkFBc0IsQ0FBQyxpQkFBaUIsQ0FDcEMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxvQkFBb0IsQ0FDbkMsWUFBWSxFQUNaLENBQUMsWUFBWSxFQUFFLG9CQUFvQixDQUFDLEVBQ3BDLG9CQUFvQixFQUNwQixtQkFBbUIsQ0FDdEIsQ0FDSixDQUFDO0lBQ04sQ0FBQztJQUVELEtBQUssQ0FBQyxlQUFlLENBQUMsRUFDbEIsV0FBVyxFQUNYLFlBQVksRUFDWixZQUFZLEVBQ1osb0JBQW9CLEVBQ3BCLG1CQUFtQixHQU90QjtRQUNHLHNCQUFzQixDQUFDLGlCQUFpQixDQUNwQyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FDNUIsV0FBVyxFQUNYLFlBQVksRUFDWixZQUFZLEVBQ1osb0JBQW9CLEVBQ3BCLG1CQUFtQixDQUN0QixDQUNKLENBQUM7SUFDTixDQUFDO0lBRUQsS0FBSyxDQUFDLHVCQUF1QixDQUFDLEVBQzFCLG1CQUFtQixFQUNuQixZQUFZLEVBQ1osWUFBWSxFQUNaLG9CQUFvQixFQUNwQixtQkFBbUIsR0FPdEI7UUFDRyxzQkFBc0IsQ0FBQyxpQkFBaUIsQ0FDcEMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxxQkFBcUIsQ0FDcEMsbUJBQW1CLEVBQ25CLFlBQVksRUFDWixZQUFZLEVBQ1osb0JBQW9CLEVBQ3BCLG1CQUFtQixDQUN0QixDQUNKLENBQUM7SUFDTixDQUFDO0lBRUQsS0FBSyxDQUFDLHlCQUF5QixDQUFDLEVBQzVCLE1BQU0sRUFDTixjQUFjLEVBQ2Qsb0JBQW9CLEdBS3ZCO1FBQ0csc0JBQXNCLENBQUMsaUJBQWlCLENBQ3BDLElBQUksQ0FBQyxhQUFhLENBQUMsdUJBQXVCLENBQUMsTUFBTSxFQUFFLGNBQWMsRUFBRSxvQkFBb0IsQ0FBQyxDQUMzRixDQUFDO0lBQ04sQ0FBQztDQUNKO0FBN0tELHdEQTZLQyJ9
35
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGNhcC1xdW90ZS12ZXJpZnkuc2VydmljZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9zZ3gtbmF0aXZlLW1vZHVsZS9kY2FwLXF1b3RlLXZlcmlmeS5zZXJ2aWNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLE1BQU0sRUFBRSxzQkFBc0IsRUFBRSxHQUFHLE9BQU8sQ0FBQyx5REFBeUQsQ0FBQyxDQUFDO0FBQ3RHLHFDQUFnRTtBQUNoRSxxQ0FBc0g7QUFRdEgsTUFBYSxzQkFBc0I7SUFHL0I7UUFDSSxJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksc0JBQXNCLEVBQUUsQ0FBQztJQUN0RCxDQUFDO0lBRUQsS0FBSyxDQUFDLG9CQUFvQixDQUFDLFlBQW9CO1FBQzNDLElBQUksQ0FBQyxZQUFZLEVBQUUsTUFBTSxFQUFFO1lBQ3ZCLE1BQU0sSUFBSSwrQ0FBc0MsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO1NBQ3pFO1FBRUQsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLG9CQUFvQixDQUFDLFlBQVksQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRCxLQUFLLENBQUMsNEJBQTRCLENBQUMsS0FBYSxFQUFFLGFBQXVCO1FBQ3JFLGFBQWEsR0FBRyxhQUFhLElBQUksS0FBSyxDQUFDO1FBRXZDLElBQUksQ0FBQyxLQUFLLEVBQUUsTUFBTSxFQUFFO1lBQ2hCLE1BQU0sSUFBSSwrQ0FBc0MsQ0FBQyxhQUFhLENBQUMsQ0FBQztTQUNuRTtRQUVELE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQy9ELElBQUksYUFBYSxJQUFJLFlBQVksQ0FBQyxVQUFVLEtBQUssZ0JBQU8sQ0FBQyxhQUFhLEVBQUU7WUFDcEUsTUFBTSxJQUFJLHFDQUE0QixDQUFDLFlBQVksQ0FBQyxDQUFDO1NBQ3hEO1FBQ0QsSUFBSSxZQUFZLENBQUMsa0JBQWtCLEtBQUssQ0FBQyxFQUFFO1lBQ3ZDLE1BQU0sSUFBSSw2QkFBb0IsQ0FBQyxZQUFZLENBQUMsa0JBQWtCLENBQUMsQ0FBQztTQUNuRTtJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsZ0JBQWdCLENBQUMsUUFBZ0I7UUFDbkMsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3pELENBQUM7Q0FDSjtBQWxDRCx3REFrQ0MifQ==
package/dist/sgx-native-module/errors.d.ts CHANGED
@@ -1,7 +1,4 @@
1
1
  import { QuoteVerificationResultType } from "./consts";
2
- export declare class AttestationDcapQuoteVerifyServiceError extends Error {
3
- constructor(msg?: string);
4
- }
5
2
  export declare class AttestationDcapQuoteVerifyEnclaveError extends Error {
6
3
  constructor(msg?: string);
7
4
  }
package/dist/sgx-native-module/errors.js CHANGED
@@ -1,14 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.PkiServiceError = exports.QuoteSecurityValidationError = exports.QuoteValidationError = exports.AttestationDcapQuoteVerifyEnclaveError = exports.AttestationDcapQuoteVerifyServiceError = void 0;
3
+ exports.PkiServiceError = exports.QuoteSecurityValidationError = exports.QuoteValidationError = exports.AttestationDcapQuoteVerifyEnclaveError = void 0;
4
4
  const consts_1 = require("./consts");
5
- class AttestationDcapQuoteVerifyServiceError extends Error {
6
- constructor(msg) {
7
- super(msg);
8
- this.name = AttestationDcapQuoteVerifyServiceError.name;
9
- }
10
- }
11
- exports.AttestationDcapQuoteVerifyServiceError = AttestationDcapQuoteVerifyServiceError;
12
5
  class AttestationDcapQuoteVerifyEnclaveError extends Error {
13
6
  constructor(msg) {
14
7
  super(msg);
@@ -66,4 +59,4 @@ class PkiServiceError extends Error {
66
59
  }
67
60
  }
68
61
  exports.PkiServiceError = PkiServiceError;
69
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXJyb3JzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL2Vycm9ycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxxQ0FBZ0U7QUFFaEUsTUFBYSxzQ0FBdUMsU0FBUSxLQUFLO0lBQzdELFlBQVksR0FBWTtRQUNwQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDWCxJQUFJLENBQUMsSUFBSSxHQUFHLHNDQUFzQyxDQUFDLElBQUksQ0FBQztJQUM1RCxDQUFDO0NBQ0o7QUFMRCx3RkFLQztBQUVELE1BQWEsc0NBQXVDLFNBQVEsS0FBSztJQUM3RCxZQUFZLEdBQVk7UUFDcEIsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ1gsSUFBSSxDQUFDLElBQUksR0FBRyxzQ0FBc0MsQ0FBQyxJQUFJLENBQUM7SUFDNUQsQ0FBQztDQUNKO0FBTEQsd0ZBS0M7QUFFRCxNQUFhLG9CQUFxQixTQUFRLHNDQUFzQztJQUU1RSxZQUE0QixZQUFvQjtRQUM1QyxLQUFLLEVBQUUsQ0FBQztRQURnQixpQkFBWSxHQUFaLFlBQVksQ0FBUTtRQUR6QyxrQkFBYSxHQUFHLEtBQUssQ0FBQztRQUd6QixJQUFJLENBQUMsWUFBWSxHQUFHLFlBQVksQ0FBQztRQUNqQyxJQUFJLENBQUMsYUFBYSxHQUFHLEtBQUssQ0FBQztRQUUzQixRQUFRLFlBQVksRUFBRTtZQUNsQixLQUFLLE1BQU07Z0JBQ1AsSUFBSSxDQUFDLE9BQU8sR0FBRzs0RkFDNkQsQ0FBQztnQkFDN0UsTUFBTTtZQUNWLEtBQUssTUFBTSxDQUFDO1lBQ1osS0FBSyxNQUFNLENBQUM7WUFDWixLQUFLLE1BQU07Z0JBQ1AsSUFBSSxDQUFDLE9BQU8sR0FBRztvRkFDcUQsQ0FBQztnQkFDckUsTUFBTTtZQUNWLEtBQUssTUFBTSxDQUFDO1lBQ1osS0FBSyxNQUFNO2dCQUNQLElBQUksQ0FBQyxPQUFPLEdBQUc7NkhBQzhGLENBQUM7Z0JBQzlHLE1BQU07WUFDVjtnQkFDSSxJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQztnQkFDMUIsSUFBSSxDQUFDLE9BQU8sR0FBRyxxREFBcUQsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO2dCQUN4RyxNQUFNO1NBQ2I7SUFDTCxDQUFDO0NBQ0o7QUE3QkQsb0RBNkJDO0FBRUQsTUFBYSw0QkFBNkIsU0FBUSxzQ0FBc0M7SUFDcEYsWUFBNEIsWUFBeUM7UUFDakUsS0FBSyxFQUFFLENBQUM7UUFEZ0IsaUJBQVksR0FBWixZQUFZLENBQTZCO1FBRWpFLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO1FBQ2pDLElBQUksQ0FBQyxPQUFPLEdBQUcsc0NBQXNDLENBQUM7UUFDdEQsSUFBSSxZQUFZLENBQUMsVUFBVSxLQUFLLGdCQUFPLENBQUMsYUFBYSxFQUFFO1lBQ25ELElBQUksQ0FBQyxPQUFPLEdBQUcsOERBQThELENBQUM7U0FDakY7SUFDTCxDQUFDO0NBQ0o7QUFURCxvRUFTQztBQUVELE1BQWEsZUFBZ0IsU0FBUSxLQUFLO0lBQ3RDLFlBQVksR0FBWTtRQUNwQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDWCxJQUFJLENBQUMsSUFBSSxHQUFHLGVBQWUsQ0FBQyxJQUFJLENBQUM7SUFDckMsQ0FBQztDQUNKO0FBTEQsMENBS0MifQ==
62
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXJyb3JzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL2Vycm9ycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxxQ0FBZ0U7QUFFaEUsTUFBYSxzQ0FBdUMsU0FBUSxLQUFLO0lBQzdELFlBQVksR0FBWTtRQUNwQixLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDWCxJQUFJLENBQUMsSUFBSSxHQUFHLHNDQUFzQyxDQUFDLElBQUksQ0FBQztJQUM1RCxDQUFDO0NBQ0o7QUFMRCx3RkFLQztBQUVELE1BQWEsb0JBQXFCLFNBQVEsc0NBQXNDO0lBRTVFLFlBQTRCLFlBQW9CO1FBQzVDLEtBQUssRUFBRSxDQUFDO1FBRGdCLGlCQUFZLEdBQVosWUFBWSxDQUFRO1FBRHpDLGtCQUFhLEdBQUcsS0FBSyxDQUFDO1FBR3pCLElBQUksQ0FBQyxZQUFZLEdBQUcsWUFBWSxDQUFDO1FBQ2pDLElBQUksQ0FBQyxhQUFhLEdBQUcsS0FBSyxDQUFDO1FBRTNCLFFBQVEsWUFBWSxFQUFFO1lBQ2xCLEtBQUssTUFBTTtnQkFDUCxJQUFJLENBQUMsT0FBTyxHQUFHOzRGQUM2RCxDQUFDO2dCQUM3RSxNQUFNO1lBQ1YsS0FBSyxNQUFNLENBQUM7WUFDWixLQUFLLE1BQU0sQ0FBQztZQUNaLEtBQUssTUFBTTtnQkFDUCxJQUFJLENBQUMsT0FBTyxHQUFHO29GQUNxRCxDQUFDO2dCQUNyRSxNQUFNO1lBQ1YsS0FBSyxNQUFNLENBQUM7WUFDWixLQUFLLE1BQU07Z0JBQ1AsSUFBSSxDQUFDLE9BQU8sR0FBRzs2SEFDOEYsQ0FBQztnQkFDOUcsTUFBTTtZQUNWO2dCQUNJLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDO2dCQUMxQixJQUFJLENBQUMsT0FBTyxHQUFHLHFEQUFxRCxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hHLE1BQU07U0FDYjtJQUNMLENBQUM7Q0FDSjtBQTdCRCxvREE2QkM7QUFFRCxNQUFhLDRCQUE2QixTQUFRLHNDQUFzQztJQUNwRixZQUE0QixZQUF5QztRQUNqRSxLQUFLLEVBQUUsQ0FBQztRQURnQixpQkFBWSxHQUFaLFlBQVksQ0FBNkI7UUFFakUsSUFBSSxDQUFDLFlBQVksR0FBRyxZQUFZLENBQUM7UUFDakMsSUFBSSxDQUFDLE9BQU8sR0FBRyxzQ0FBc0MsQ0FBQztRQUN0RCxJQUFJLFlBQVksQ0FBQyxVQUFVLEtBQUssZ0JBQU8sQ0FBQyxhQUFhLEVBQUU7WUFDbkQsSUFBSSxDQUFDLE9BQU8sR0FBRyw4REFBOEQsQ0FBQztTQUNqRjtJQUNMLENBQUM7Q0FDSjtBQVRELG9FQVNDO0FBRUQsTUFBYSxlQUFnQixTQUFRLEtBQUs7SUFDdEMsWUFBWSxHQUFZO1FBQ3BCLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNYLElBQUksQ0FBQyxJQUFJLEdBQUcsZUFBZSxDQUFDLElBQUksQ0FBQztJQUNyQyxDQUFDO0NBQ0o7QUFMRCwwQ0FLQyJ9
package/dist/sgx-native-module/tdx-tests.d.ts ADDED
@@ -0,0 +1 @@
1
+ export {};
package/dist/sgx-native-module/tdx-tests.js ADDED
@@ -0,0 +1,64 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
25
+ var __importDefault = (this && this.__importDefault) || function (mod) {
26
+ return (mod && mod.__esModule) ? mod : { "default": mod };
27
+ };
28
+ Object.defineProperty(exports, "__esModule", { value: true });
29
+ const SgxNative = __importStar(require("../sgx-native-module"));
30
+ const assert_1 = __importDefault(require("assert"));
31
+ const crypto_1 = __importDefault(require("crypto"));
32
+ const dcapVerifyService = new SgxNative.DcapQuoteVerifyService();
33
+ async function GenerateTdxQuoteTest() {
34
+ const userData = crypto_1.default.randomBytes(64);
35
+ const quote = await dcapVerifyService.generateTDXQuote(userData);
36
+ try {
37
+ await dcapVerifyService.validateQuoteVerifierEnclave(quote);
38
+ }
39
+ catch (error) {
40
+ console.log(error);
41
+ if (error instanceof SgxNative.QuoteValidationError) {
42
+ assert_1.default.equal(error.criticalError, false);
43
+ }
44
+ else {
45
+ (0, assert_1.default)(false);
46
+ }
47
+ }
48
+ console.log("GenerateTdxQuoteTest: Success");
49
+ }
50
+ async function GenerateTdxQuoteNegativeTest() {
51
+ await assert_1.default.rejects(async () => {
52
+ const tooLonguserData = crypto_1.default.randomBytes(65);
53
+ await dcapVerifyService.generateTDXQuote(tooLonguserData);
54
+ }, {
55
+ name: "TypeError",
56
+ message: /Invalid user data size*/,
57
+ });
58
+ console.log("GenerateTdxQuoteNegativeTest: Success");
59
+ }
60
+ (async () => {
61
+ await GenerateTdxQuoteTest();
62
+ await GenerateTdxQuoteNegativeTest();
63
+ })();
64
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGR4LXRlc3RzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NneC1uYXRpdmUtbW9kdWxlL3RkeC10ZXN0cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsZ0VBQWtEO0FBQ2xELG9EQUE0QjtBQUM1QixvREFBNEI7QUFFNUIsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLFNBQVMsQ0FBQyxzQkFBc0IsRUFBRSxDQUFDO0FBRWpFLEtBQUssVUFBVSxvQkFBb0I7SUFDL0IsTUFBTSxRQUFRLEdBQUcsZ0JBQU0sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDeEMsTUFBTSxLQUFLLEdBQUcsTUFBTSxpQkFBaUIsQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUNqRSxJQUFJO1FBQ0EsTUFBTSxpQkFBaUIsQ0FBQyw0QkFBNEIsQ0FBQyxLQUFLLENBQUMsQ0FBQztLQUMvRDtJQUFDLE9BQU8sS0FBSyxFQUFFO1FBQ1osT0FBTyxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNuQixJQUFJLEtBQUssWUFBWSxTQUFTLENBQUMsb0JBQW9CLEVBQUU7WUFDakQsZ0JBQU0sQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLGFBQWEsRUFBRSxLQUFLLENBQUMsQ0FBQztTQUM1QzthQUFNO1lBQ0gsSUFBQSxnQkFBTSxFQUFDLEtBQUssQ0FBQyxDQUFDO1NBQ2pCO0tBQ0o7SUFDRCxPQUFPLENBQUMsR0FBRyxDQUFDLCtCQUErQixDQUFDLENBQUM7QUFDakQsQ0FBQztBQUVELEtBQUssVUFBVSw0QkFBNEI7SUFDdkMsTUFBTSxnQkFBTSxDQUFDLE9BQU8sQ0FDaEIsS0FBSyxJQUFJLEVBQUU7UUFDUCxNQUFNLGVBQWUsR0FBRyxnQkFBTSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUMvQyxNQUFNLGlCQUFpQixDQUFDLGdCQUFnQixDQUFDLGVBQWUsQ0FBQyxDQUFDO0lBQzlELENBQUMsRUFDRDtRQUNJLElBQUksRUFBRSxXQUFXO1FBQ2pCLE9BQU8sRUFBRSx5QkFBeUI7S0FDckMsQ0FDSixDQUFDO0lBRUYsT0FBTyxDQUFDLEdBQUcsQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO0FBQ3pELENBQUM7QUFFRCxDQUFDLEtBQUssSUFBSSxFQUFFO0lBQ1IsTUFBTSxvQkFBb0IsRUFBRSxDQUFDO0lBQzdCLE1BQU0sNEJBQTRCLEVBQUUsQ0FBQztBQUN6QyxDQUFDLENBQUMsRUFBRSxDQUFDIn0=
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@super-protocol/addons-tee",
3
- "version": "0.8.13",
3
+ "version": "0.8.14",
4
4
  "description": "The TEE trusted loader addons",
5
5
  "tags": [
6
6
  "tee"
package/dist/quote-validator/constants.d.ts DELETED
@@ -1,3 +0,0 @@
1
- export declare const BASE_URL = "https://api.trustedservices.intel.com/sgx/certification/v3";
2
- export declare const CRL_URL_EXTENSION_OID = "2.5.29.31";
3
- export declare const FMSPC_EXTENSION_OID = "1.2.840.113741.1.13.1.4";
package/dist/quote-validator/constants.js DELETED
@@ -1,7 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.FMSPC_EXTENSION_OID = exports.CRL_URL_EXTENSION_OID = exports.BASE_URL = void 0;
4
- exports.BASE_URL = "https://api.trustedservices.intel.com/sgx/certification/v3";
5
- exports.CRL_URL_EXTENSION_OID = "2.5.29.31";
6
- exports.FMSPC_EXTENSION_OID = "1.2.840.113741.1.13.1.4";
7
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3F1b3RlLXZhbGlkYXRvci9jb25zdGFudHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQWEsUUFBQSxRQUFRLEdBQUcsNERBQTRELENBQUM7QUFDeEUsUUFBQSxxQkFBcUIsR0FBRyxXQUFXLENBQUM7QUFDcEMsUUFBQSxtQkFBbUIsR0FBRyx5QkFBeUIsQ0FBQyJ9
package/dist/quote-validator/index.d.ts DELETED
@@ -1 +0,0 @@
1
- export { default as SGXUntrustedValidator } from "./sgx-untrusted-validator";
package/dist/quote-validator/index.js DELETED
@@ -1,9 +0,0 @@
1
- "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
- Object.defineProperty(exports, "__esModule", { value: true });
6
- exports.SGXUntrustedValidator = void 0;
7
- var sgx_untrusted_validator_1 = require("./sgx-untrusted-validator");
8
- Object.defineProperty(exports, "SGXUntrustedValidator", { enumerable: true, get: function () { return __importDefault(sgx_untrusted_validator_1).default; } });
9
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcXVvdGUtdmFsaWRhdG9yL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7OztBQUFBLHFFQUE2RTtBQUFwRSxpSkFBQSxPQUFPLE9BQXlCIn0=
package/dist/quote-validator/sgx-untrusted-validator.d.ts DELETED
@@ -1,12 +0,0 @@
1
- /// <reference types="node" />
2
- declare class SGXUntrustedValidator {
3
- private dqvc;
4
- constructor();
5
- validate(quote: Buffer): Promise<void>;
6
- private fetchRootCrl;
7
- private fetchIntermediateCrl;
8
- private fetchTcbInfo;
9
- private fetchQeIdentity;
10
- private splitChain;
11
- }
12
- export default SGXUntrustedValidator;
package/dist/quote-validator/sgx-untrusted-validator.js DELETED
@@ -1,150 +0,0 @@
1
- "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
- Object.defineProperty(exports, "__esModule", { value: true });
6
- const axios_1 = __importDefault(require("axios"));
7
- const sgx_native_module_1 = require("../sgx-native-module");
8
- const constants_1 = require("./constants");
9
- // TODO: SP-323 check if possible to remove one of this libs
10
- const x509_1 = require("@fidm/x509");
11
- // @ts-ignore no types for this lib
12
- const asn1_tree_1 = __importDefault(require("asn1-tree"));
13
- class SGXUntrustedValidator {
14
- constructor() {
15
- this.dqvc = new sgx_native_module_1.DcapQuoteVerifyService();
16
- }
17
- async validate(quote) {
18
- // Extract certs from quote
19
- const quoteCerts = await this.dqvc.getQeCertificationData({ quote });
20
- const [pckCert, intermediateCert, rootCert] = this.splitChain(quoteCerts.pemCertChain);
21
- // Fetch CRLs and real root cert
22
- const [rootCrl, { intermediateCrl, realRootCert }] = await Promise.all([
23
- this.fetchRootCrl(rootCert),
24
- this.fetchIntermediateCrl(),
25
- ]);
26
- // Compare root cert from quote with root cert from Intel
27
- if (rootCert !== realRootCert)
28
- throw new Error("Invalid root certificate");
29
- // Validate pck cert
30
- const expirationDate = Math.floor(Date.now() / 1000);
31
- await this.dqvc.validatePckCertificate({
32
- pemCertChain: pckCert + intermediateCert + rootCert,
33
- pemIntermediateCaCrl: intermediateCrl,
34
- pemRootCaCrl: rootCrl,
35
- pemRootCaCertificate: rootCert,
36
- expirationCheckDate: expirationDate,
37
- });
38
- // Fetch and validate TCB info and enclave identity
39
- const [tcbInfo, qeIdentity] = await Promise.all([
40
- this.fetchTcbInfo(pckCert, rootCert, rootCrl),
41
- this.fetchQeIdentity(rootCert, rootCrl),
42
- ]);
43
- // Validate quote
44
- await this.dqvc.validateQuote({
45
- quote,
46
- pemPckCertificate: pckCert,
47
- pemIntermediateCrl: intermediateCrl,
48
- tcbInfoJson: tcbInfo,
49
- qeIdentityJson: qeIdentity,
50
- });
51
- }
52
- async fetchRootCrl(rootCert) {
53
- // Extract root CRL url form root cert
54
- const rootCertParsed = x509_1.Certificate.fromPEM(Buffer.from(rootCert));
55
- const rootCertExtension = rootCertParsed.extensions.find((item) => item.oid === constants_1.CRL_URL_EXTENSION_OID);
56
- if (!rootCertExtension)
57
- throw new Error("CRL url not found in root certificate");
58
- let rootCrlUrl = Buffer.from(rootCertExtension.value).toString();
59
- rootCrlUrl = rootCrlUrl.substring(rootCrlUrl.indexOf("http"), rootCrlUrl.length);
60
- // Fetch root CRL
61
- const rootCrlResult = await axios_1.default.get(rootCrlUrl, { responseType: "arraybuffer" });
62
- let rootCrl = rootCrlResult.data;
63
- // Convert to pem from der
64
- rootCrl = `-----BEGIN X509 CRL-----\n${rootCrl
65
- .toString("base64")
66
- .match(/.{0,64}/g)
67
- .join("\n")}-----END X509 CRL-----`;
68
- return rootCrl;
69
- }
70
- async fetchIntermediateCrl() {
71
- const intermediateCrlResult = await axios_1.default.get(`${constants_1.BASE_URL}/pckcrl?ca=platform&encoding=pem`);
72
- // Get root cert from intel response
73
- const mainChain = decodeURIComponent(intermediateCrlResult.headers["sgx-pck-crl-issuer-chain"]);
74
- const [, realRootCert] = this.splitChain(mainChain);
75
- return {
76
- intermediateCrl: intermediateCrlResult.data,
77
- realRootCert,
78
- };
79
- }
80
- async fetchTcbInfo(pckCert, rootCert, rootCrl) {
81
- // Extract FMSPC from pck cert
82
- const pckCertParsed = x509_1.Certificate.fromPEM(Buffer.from(pckCert));
83
- const fmspcExtensions = pckCertParsed.extensions
84
- .map((item) => {
85
- // Check top level oid part
86
- if (constants_1.FMSPC_EXTENSION_OID.indexOf(item.oid) !== 0)
87
- return null;
88
- // Get deep oid part
89
- const oidItemsLeft = constants_1.FMSPC_EXTENSION_OID.substring(item.oid.length, constants_1.FMSPC_EXTENSION_OID.length)
90
- .split(".")
91
- .filter((item) => item);
92
- // Return value, if full oid found on top level
93
- if (!oidItemsLeft.length)
94
- return item.value;
95
- // Decode deep tree structure
96
- let fmspcTreeItem = asn1_tree_1.default.decode(item.value);
97
- try {
98
- // Find deep item in tree by oid part
99
- oidItemsLeft.forEach((key) => (fmspcTreeItem = fmspcTreeItem.elements[+key - 1]));
100
- // Return value (second sub item, oid first sub item) of deep item
101
- return fmspcTreeItem.elements[1].value;
102
- }
103
- catch (e) {
104
- return null;
105
- }
106
- })
107
- .filter((item) => item);
108
- if (!fmspcExtensions.length)
109
- throw new Error("FMSPC not found in pck certificate");
110
- const FMSPC = Buffer.from(fmspcExtensions[0]).toString("hex");
111
- // Fetch TCB info and issuer chain
112
- const tcbInfoResult = await axios_1.default.get(`${constants_1.BASE_URL}/tcb?fmspc=${FMSPC}`);
113
- const tcbInfo = JSON.stringify(tcbInfoResult.data);
114
- const tcbInfoChain = decodeURIComponent(tcbInfoResult.headers["sgx-tcb-info-issuer-chain"]);
115
- // Validate TCB info
116
- const expirationDate = Math.floor(Date.now() / 1000);
117
- await this.dqvc.validateTcbInfo({
118
- tcbInfoJson: tcbInfo,
119
- pemCertChain: tcbInfoChain,
120
- pemRootCaCrl: rootCrl,
121
- pemRootCaCertificate: rootCert,
122
- expirationCheckDate: expirationDate,
123
- });
124
- return tcbInfo;
125
- }
126
- async fetchQeIdentity(rootCert, rootCrl) {
127
- // Fetch enclave identity and issuer chain
128
- const qeIdentityResult = await axios_1.default.get(`${constants_1.BASE_URL}/qe/identity`);
129
- const qeIdentity = JSON.stringify(qeIdentityResult.data);
130
- const qeIdentityChain = decodeURIComponent(qeIdentityResult.headers["sgx-enclave-identity-issuer-chain"]);
131
- // Validate enclave identity
132
- const expirationDate = Math.floor(Date.now() / 1000);
133
- await this.dqvc.validateEnclaveIdentity({
134
- enclaveIdentityJson: qeIdentity,
135
- pemCertChain: qeIdentityChain,
136
- pemRootCaCrl: rootCrl,
137
- pemRootCaCertificate: rootCert,
138
- expirationCheckDate: expirationDate,
139
- });
140
- return qeIdentity;
141
- }
142
- splitChain(chain) {
143
- return chain
144
- .split("-----BEGIN CERTIFICATE-----")
145
- .filter((cert) => cert)
146
- .map((cert) => `-----BEGIN CERTIFICATE-----` + cert);
147
- }
148
- }
149
- exports.default = SGXUntrustedValidator;
150
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2d4LXVudHJ1c3RlZC12YWxpZGF0b3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcXVvdGUtdmFsaWRhdG9yL3NneC11bnRydXN0ZWQtdmFsaWRhdG9yLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsa0RBQTBCO0FBQzFCLDREQUE4RDtBQUM5RCwyQ0FBbUY7QUFFbkYsNERBQTREO0FBQzVELHFDQUF5QztBQUN6QyxtQ0FBbUM7QUFDbkMsMERBQWlDO0FBRWpDLE1BQU0scUJBQXFCO0lBR3ZCO1FBQ0ksSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLDBDQUFzQixFQUFFLENBQUM7SUFDN0MsQ0FBQztJQUVNLEtBQUssQ0FBQyxRQUFRLENBQUMsS0FBYTtRQUMvQiwyQkFBMkI7UUFDM0IsTUFBTSxVQUFVLEdBQUcsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHNCQUFzQixDQUFDLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUNyRSxNQUFNLENBQUMsT0FBTyxFQUFFLGdCQUFnQixFQUFFLFFBQVEsQ0FBQyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsVUFBVSxDQUFDLFlBQWEsQ0FBQyxDQUFDO1FBRXhGLGdDQUFnQztRQUNoQyxNQUFNLENBQUMsT0FBTyxFQUFFLEVBQUUsZUFBZSxFQUFFLFlBQVksRUFBRSxDQUFDLEdBQUcsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDO1lBQ25FLElBQUksQ0FBQyxZQUFZLENBQUMsUUFBUSxDQUFDO1lBQzNCLElBQUksQ0FBQyxvQkFBb0IsRUFBRTtTQUM5QixDQUFDLENBQUM7UUFFSCx5REFBeUQ7UUFDekQsSUFBSSxRQUFRLEtBQUssWUFBWTtZQUFFLE1BQU0sSUFBSSxLQUFLLENBQUMsMEJBQTBCLENBQUMsQ0FBQztRQUUzRSxvQkFBb0I7UUFDcEIsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBRyxFQUFFLEdBQUcsSUFBSSxDQUFDLENBQUM7UUFDckQsTUFBTSxJQUFJLENBQUMsSUFBSSxDQUFDLHNCQUFzQixDQUFDO1lBQ25DLFlBQVksRUFBRSxPQUFPLEdBQUcsZ0JBQWdCLEdBQUcsUUFBUTtZQUNuRCxvQkFBb0IsRUFBRSxlQUFlO1lBQ3JDLFlBQVksRUFBRSxPQUFPO1lBQ3JCLG9CQUFvQixFQUFFLFFBQVE7WUFDOUIsbUJBQW1CLEVBQUUsY0FBYztTQUN0QyxDQUFDLENBQUM7UUFFSCxtREFBbUQ7UUFDbkQsTUFBTSxDQUFDLE9BQU8sRUFBRSxVQUFVLENBQUMsR0FBRyxNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUM7WUFDNUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLE9BQU8sQ0FBQztZQUM3QyxJQUFJLENBQUMsZUFBZSxDQUFDLFFBQVEsRUFBRSxPQUFPLENBQUM7U0FDMUMsQ0FBQyxDQUFDO1FBRUgsaUJBQWlCO1FBQ2pCLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUM7WUFDMUIsS0FBSztZQUNMLGlCQUFpQixFQUFFLE9BQU87WUFDMUIsa0JBQWtCLEVBQUUsZUFBZTtZQUNuQyxXQUFXLEVBQUUsT0FBTztZQUNwQixjQUFjLEVBQUUsVUFBVTtTQUM3QixDQUFDLENBQUM7SUFDUCxDQUFDO0lBRU8sS0FBSyxDQUFDLFlBQVksQ0FBQyxRQUFnQjtRQUN2QyxzQ0FBc0M7UUFDdEMsTUFBTSxjQUFjLEdBQUcsa0JBQVcsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDO1FBQ2xFLE1BQU0saUJBQWlCLEdBQUcsY0FBYyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFTLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxHQUFHLEtBQUssaUNBQXFCLENBQUMsQ0FBQztRQUM1RyxJQUFJLENBQUMsaUJBQWlCO1lBQUUsTUFBTSxJQUFJLEtBQUssQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO1FBQ2pGLElBQUksVUFBVSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsaUJBQWtCLENBQUMsS0FBSyxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDbEUsVUFBVSxHQUFHLFVBQVUsQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsRUFBRSxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFakYsaUJBQWlCO1FBQ2pCLE1BQU0sYUFBYSxHQUFHLE1BQU0sZUFBSyxDQUFDLEdBQUcsQ0FBQyxVQUFVLEVBQUUsRUFBRSxZQUFZLEVBQUUsYUFBYSxFQUFFLENBQUMsQ0FBQztRQUNuRixJQUFJLE9BQU8sR0FBRyxhQUFhLENBQUMsSUFBSSxDQUFDO1FBRWpDLDBCQUEwQjtRQUMxQixPQUFPLEdBQUcsNkJBQTZCLE9BQU87YUFDekMsUUFBUSxDQUFDLFFBQVEsQ0FBQzthQUNsQixLQUFLLENBQUMsVUFBVSxDQUFFO2FBQ2xCLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCLENBQUM7UUFFeEMsT0FBTyxPQUFPLENBQUM7SUFDbkIsQ0FBQztJQUVPLEtBQUssQ0FBQyxvQkFBb0I7UUFDOUIsTUFBTSxxQkFBcUIsR0FBRyxNQUFNLGVBQUssQ0FBQyxHQUFHLENBQUMsR0FBRyxvQkFBUSxrQ0FBa0MsQ0FBQyxDQUFDO1FBRTdGLG9DQUFvQztRQUNwQyxNQUFNLFNBQVMsR0FBRyxrQkFBa0IsQ0FBQyxxQkFBcUIsQ0FBQyxPQUFPLENBQUMsMEJBQTBCLENBQUMsQ0FBQyxDQUFDO1FBQ2hHLE1BQU0sQ0FBQyxFQUFFLFlBQVksQ0FBQyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLENBQUM7UUFFcEQsT0FBTztZQUNILGVBQWUsRUFBRSxxQkFBcUIsQ0FBQyxJQUFJO1lBQzNDLFlBQVk7U0FDZixDQUFDO0lBQ04sQ0FBQztJQUVPLEtBQUssQ0FBQyxZQUFZLENBQUMsT0FBZSxFQUFFLFFBQWdCLEVBQUUsT0FBZTtRQUN6RSw4QkFBOEI7UUFDOUIsTUFBTSxhQUFhLEdBQUcsa0JBQVcsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBQ2hFLE1BQU0sZUFBZSxHQUFHLGFBQWEsQ0FBQyxVQUFVO2FBQzNDLEdBQUcsQ0FBQyxDQUFDLElBQVMsRUFBRSxFQUFFO1lBQ2YsMkJBQTJCO1lBQzNCLElBQUksK0JBQW1CLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDO2dCQUFFLE9BQU8sSUFBSSxDQUFDO1lBRTdELG9CQUFvQjtZQUNwQixNQUFNLFlBQVksR0FBRywrQkFBbUIsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsK0JBQW1CLENBQUMsTUFBTSxDQUFDO2lCQUMxRixLQUFLLENBQUMsR0FBRyxDQUFDO2lCQUNWLE1BQU0sQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUM7WUFFNUIsK0NBQStDO1lBQy9DLElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTTtnQkFBRSxPQUFPLElBQUksQ0FBQyxLQUFLLENBQUM7WUFFNUMsNkJBQTZCO1lBQzdCLElBQUksYUFBYSxHQUFHLG1CQUFRLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUNoRCxJQUFJO2dCQUNBLHFDQUFxQztnQkFDckMsWUFBWSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEdBQUcsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ2xGLGtFQUFrRTtnQkFDbEUsT0FBTyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQzthQUMxQztZQUFDLE9BQU8sQ0FBQyxFQUFFO2dCQUNSLE9BQU8sSUFBSSxDQUFDO2FBQ2Y7UUFDTCxDQUFDLENBQUM7YUFDRCxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzVCLElBQUksQ0FBQyxlQUFlLENBQUMsTUFBTTtZQUFFLE1BQU0sSUFBSSxLQUFLLENBQUMsb0NBQW9DLENBQUMsQ0FBQztRQUNuRixNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUU5RCxrQ0FBa0M7UUFDbEMsTUFBTSxhQUFhLEdBQUcsTUFBTSxlQUFLLENBQUMsR0FBRyxDQUFDLEdBQUcsb0JBQVEsY0FBYyxLQUFLLEVBQUUsQ0FBQyxDQUFDO1FBQ3hFLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ25ELE1BQU0sWUFBWSxHQUFHLGtCQUFrQixDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsMkJBQTJCLENBQUMsQ0FBQyxDQUFDO1FBRTVGLG9CQUFvQjtRQUNwQixNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsQ0FBQztRQUNyRCxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDO1lBQzVCLFdBQVcsRUFBRSxPQUFPO1lBQ3BCLFlBQVksRUFBRSxZQUFZO1lBQzFCLFlBQVksRUFBRSxPQUFPO1lBQ3JCLG9CQUFvQixFQUFFLFFBQVE7WUFDOUIsbUJBQW1CLEVBQUUsY0FBYztTQUN0QyxDQUFDLENBQUM7UUFFSCxPQUFPLE9BQU8sQ0FBQztJQUNuQixDQUFDO0lBRU8sS0FBSyxDQUFDLGVBQWUsQ0FBQyxRQUFnQixFQUFFLE9BQWU7UUFDM0QsMENBQTBDO1FBQzFDLE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxlQUFLLENBQUMsR0FBRyxDQUFDLEdBQUcsb0JBQVEsY0FBYyxDQUFDLENBQUM7UUFDcEUsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN6RCxNQUFNLGVBQWUsR0FBRyxrQkFBa0IsQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsbUNBQW1DLENBQUMsQ0FBQyxDQUFDO1FBRTFHLDRCQUE0QjtRQUM1QixNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUMsQ0FBQztRQUNyRCxNQUFNLElBQUksQ0FBQyxJQUFJLENBQUMsdUJBQXVCLENBQUM7WUFDcEMsbUJBQW1CLEVBQUUsVUFBVTtZQUMvQixZQUFZLEVBQUUsZUFBZTtZQUM3QixZQUFZLEVBQUUsT0FBTztZQUNyQixvQkFBb0IsRUFBRSxRQUFRO1lBQzlCLG1CQUFtQixFQUFFLGNBQWM7U0FDdEMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxVQUFVLENBQUM7SUFDdEIsQ0FBQztJQUVPLFVBQVUsQ0FBQyxLQUFhO1FBQzVCLE9BQU8sS0FBSzthQUNQLEtBQUssQ0FBQyw2QkFBNkIsQ0FBQzthQUNwQyxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQzthQUN0QixHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLDZCQUE2QixHQUFHLElBQUksQ0FBQyxDQUFDO0lBQzdELENBQUM7Q0FDSjtBQUVELGtCQUFlLHFCQUFxQixDQUFDIn0=
package/test_sgx_env/Dockerfile DELETED
@@ -1,16 +0,0 @@
1
- FROM node:16-buster-slim
2
-
3
- RUN apt update && apt install -y libcurl4 libcjson1 curl gnupg2 && rm -rf /var/lib/apt/lists/*
4
- RUN curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - \
5
- && echo 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main' >> /etc/apt/sources.list.d/intel-sgx.list \
6
- && apt-get update \
7
- && apt install libsgx-dcap-default-qpl libsgx-urts -y
8
-
9
- COPY ./sgx_default_qcnl.conf /etc/sgx_default_qcnl.conf
10
-
11
-
12
- RUN mkdir -p /sp/run
13
-
14
- WORKDIR /sp/run
15
-
16
- ENTRYPOINT ["/usr/local/bin/node", "/sp/run/dist/sgx-native-module/sgx-tests.js"]
package/test_sgx_env/build-and-run-tests.sh DELETED
@@ -1,27 +0,0 @@
1
- #!/bin/bash
2
- set -e
3
- SCRIPT_DIR="$( cd "$( dirname "$0" )" && pwd )"
4
-
5
- GSC_FIXED_COMMIT="v1.6"
6
- BASE_IMAGE_NAME="node16-sgx-tests"
7
-
8
- docker rmi gsc-${BASE_IMAGE_NAME} -f
9
- docker rmi gsc-${BASE_IMAGE_NAME}-unsigned -f
10
- docker rmi ${BASE_IMAGE_NAME} -f
11
-
12
- docker build -t ${BASE_IMAGE_NAME} --rm .
13
-
14
- rm -f enclave-key.pem
15
- openssl genrsa -3 -out enclave-key.pem 3072
16
-
17
- rm -rf ./gsc
18
- git clone https://github.com/gramineproject/gsc && cd gsc && git reset --hard "${GSC_FIXED_COMMIT}"
19
-
20
- ./gsc build ${BASE_IMAGE_NAME} ../node16-base.manifest -c ../gsc-config.yaml
21
- ./gsc sign-image ${BASE_IMAGE_NAME} ../enclave-key.pem -c ../gsc-config.yaml
22
-
23
- pushd ${SCRIPT_DIR}/..
24
- npm install && npm run build
25
- popd
26
-
27
- docker run --rm -it --device=/dev/sgx_enclave -v /dev/sgx:/dev/sgx -v ${SCRIPT_DIR}/../:/sp/run -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket gsc-${BASE_IMAGE_NAME}
package/test_sgx_env/gsc-config.yaml DELETED
@@ -1,14 +0,0 @@
1
- # Specify the OS distro. Currently tested distros are Ubuntu 18.04 and Ubuntu 20.04.
2
- Distro: "ubuntu:20.04"
3
-
4
- # If you're using your own fork and branch of Gramine, specify the GitHub link and the branch name
5
- # below; typically, you want to keep the default values though
6
- Gramine:
7
- Repository: "https://github.com/Super-Protocol/sp-gramine.git"
8
- Branch: "v1.6.1-sp"
9
-
10
- # Specify the Intel SGX driver installed on your machine (more specifically, on the machine where
11
- # the graminized Docker container will run); there are several variants of the SGX driver:
12
- SGXDriver:
13
- Repository: "https://github.com/intel/SGXDataCenterAttestationPrimitives.git"
14
- Branch: "DCAP_1.12 && cp -r driver/linux/* ."
package/test_sgx_env/node16-base.manifest DELETED
@@ -1,13 +0,0 @@
1
- sgx.nonpie_binary = true
2
- sgx.enclave_size = "1G"
3
- sgx.max_threads = 64
4
-
5
- sys.enable_sigterm_injection = true
6
- sys.insecure__allow_eventfd = true
7
-
8
- sgx.allowed_files = [
9
- "file:/sp/run/",
10
- ]
11
-
12
- sgx.remote_attestation = "dcap"
13
- sgx.isvsvn = 0
package/test_sgx_env/sgx_default_qcnl.conf DELETED
@@ -1,20 +0,0 @@
1
- # PCCS server address
2
- PCCS_URL=https://intelpccs.svc:8081/sgx/certification/v3/
3
-
4
- # To accept insecure HTTPS certificate, set this option to FALSE
5
- USE_SECURE_CERT=TRUE
6
-
7
- # You can use Intel PCS to get quote verification collateral
8
- COLLATERAL_SERVICE=https://api.trustedservices.intel.com/sgx/certification/v3/
9
-
10
- # If you use PCCS service to get quote verification collateral, you can specify which API version is to be used
11
- # The legacy 3.0 API will return CRLs in HEX encoded DER format, while the new 3.1 API will return raw DER format
12
- PCCS_API_VERSION=3.1
13
-
14
- # Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed.
15
- # It will first wait one second and then for all forthcoming retries it will double the waiting time
16
- # By using RETRY_DELAY you disable this exponential backoff algorithm
17
- #RETRY_TIMES=6
18
-
19
- # Sleep this amount of seconds before each retry when a transfer has failed with a transient error
20
- #RETRY_DELAY=10