@super-protocol/addons-tee 0.8.16 → 0.8.17-beta.2

package/dist/sgx-native-module/sev-snp.js

@@ -0,0 +1,534 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SevSNP = exports.getDefaultArkHashes = exports.ARK_GENOA = exports.ARK_MILAN = exports.EMPTY_INITRD_SHA256_HASH = exports.AMD_EPYC_MILAN_CPUINFO = exports.SevSNPCertType = exports.SupportedAmdSevSnpGenerations = void 0;
+const amd_sev_snp_napi_rs_1 = require("../../bindings/amd-sev-snp-napi-rs/");
+const sdk_js_1 = require("@super-protocol/sdk-js");
+const axios_1 = __importDefault(require("axios"));
+const pki_service_1 = require("./pki.service");
+const forge = __importStar(require("node-forge"));
+const fs = __importStar(require("fs/promises"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const child_process_1 = require("child_process");
+const crypto_1 = require("crypto");
+const msgpack5_1 = __importDefault(require("msgpack5"));
+var SupportedAmdSevSnpGenerations;
+(function (SupportedAmdSevSnpGenerations) {
+    SupportedAmdSevSnpGenerations["Milan"] = "Milan";
+    SupportedAmdSevSnpGenerations["Genoa"] = "Genoa";
+})(SupportedAmdSevSnpGenerations || (exports.SupportedAmdSevSnpGenerations = SupportedAmdSevSnpGenerations = {}));
+var SevSNPCertType;
+(function (SevSNPCertType) {
+    SevSNPCertType["ARK"] = "ARK";
+    SevSNPCertType["ASK"] = "ASK";
+    SevSNPCertType["VCEK"] = "VCEK";
+})(SevSNPCertType || (exports.SevSNPCertType = SevSNPCertType = {}));
+exports.AMD_EPYC_MILAN_CPUINFO = {
+    family: 25,
+    model: 1,
+    stepping: 1,
+};
+exports.EMPTY_INITRD_SHA256_HASH = Buffer.from("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "hex");
+exports.ARK_MILAN = `-----BEGIN CERTIFICATE-----
+MIIGYzCCBBKgAwIBAgIDAQAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC
+BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS
+BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg
+Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp
+Y2VzMRIwEAYDVQQDDAlBUkstTWlsYW4wHhcNMjAxMDIyMTcyMzA1WhcNNDUxMDIy
+MTcyMzA1WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS
+BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j
+ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLU1pbGFuMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEA0Ld52RJOdeiJlqK2JdsVmD7FktuotWwX1fNg
+W41XY9Xz1HEhSUmhLz9Cu9DHRlvgJSNxbeYYsnJfvyjx1MfU0V5tkKiU1EesNFta
+1kTA0szNisdYc9isqk7mXT5+KfGRbfc4V/9zRIcE8jlHN61S1ju8X93+6dxDUrG2
+SzxqJ4BhqyYmUDruPXJSX4vUc01P7j98MpqOS95rORdGHeI52Naz5m2B+O+vjsC0
+60d37jY9LFeuOP4Meri8qgfi2S5kKqg/aF6aPtuAZQVR7u3KFYXP59XmJgtcog05
+gmI0T/OitLhuzVvpZcLph0odh/1IPXqx3+MnjD97A7fXpqGd/y8KxX7jksTEzAOg
+bKAeam3lm+3yKIcTYMlsRMXPcjNbIvmsBykD//xSniusuHBkgnlENEWx1UcbQQrs
++gVDkuVPhsnzIRNgYvM48Y+7LGiJYnrmE8xcrexekBxrva2V9TJQqnN3Q53kt5vi
+Qi3+gCfmkwC0F0tirIZbLkXPrPwzZ0M9eNxhIySb2npJfgnqz55I0u33wh4r0ZNQ
+eTGfw03MBUtyuzGesGkcw+loqMaq1qR4tjGbPYxCvpCq7+OgpCCoMNit2uLo9M18
+fHz10lOMT8nWAUvRZFzteXCm+7PHdYPlmQwUw3LvenJ/ILXoQPHfbkH0CyPfhl1j
+WhJFZasCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSFrBrRQ/fI
+rFXUxR1BSKvVeErUUzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG
+KWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvTWlsYW4vY3JsMEYGCSqG
+SIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI
+AWUDBAICBQCiAwIBMKMDAgEBA4ICAQC6m0kDp6zv4Ojfgy+zleehsx6ol0ocgVel
+ETobpx+EuCsqVFRPK1jZ1sp/lyd9+0fQ0r66n7kagRk4Ca39g66WGTJMeJdqYriw
+STjjDCKVPSesWXYPVAyDhmP5n2v+BYipZWhpvqpaiO+EGK5IBP+578QeW/sSokrK
+dHaLAxG2LhZxj9aF73fqC7OAJZ5aPonw4RE299FVarh1Tx2eT3wSgkDgutCTB1Yq
+zT5DuwvAe+co2CIVIzMDamYuSFjPN0BCgojl7V+bTou7dMsqIu/TW/rPCX9/EUcp
+KGKqPQ3P+N9r1hjEFY1plBg93t53OOo49GNI+V1zvXPLI6xIFVsh+mto2RtgEX/e
+pmMKTNN6psW88qg7c1hTWtN6MbRuQ0vm+O+/2tKBF2h8THb94OvvHHoFDpbCELlq
+HnIYhxy0YKXGyaW1NjfULxrrmxVW4wcn5E8GddmvNa6yYm8scJagEi13mhGu4Jqh
+3QU3sf8iUSUr09xQDwHtOQUVIqx4maBZPBtSMf+qUDtjXSSq8lfWcd8bLr9mdsUn
+JZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH
+CViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4
+AFZEAwoKCQ==
+-----END CERTIFICATE-----`;
+exports.ARK_GENOA = `-----BEGIN CERTIFICATE-----
+MIIGYzCCBBKgAwIBAgIDAgAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC
+BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS
+BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg
+Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp
+Y2VzMRIwEAYDVQQDDAlBUkstR2Vub2EwHhcNMjIwMTI2MTUzNDM3WhcNNDcwMTI2
+MTUzNDM3WjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS
+BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j
+ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLUdlbm9hMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEA3Cd95S/uFOuRIskW9vz9VDBF69NDQF79oRhL
+/L2PVQGhK3YdfEBgpF/JiwWFBsT/fXDhzA01p3LkcT/7LdjcRfKXjHl+0Qq/M4dZ
+kh6QDoUeKzNBLDcBKDDGWo3v35NyrxbA1DnkYwUKU5AAk4P94tKXLp80oxt84ahy
+HoLmc/LqsGsp+oq1Bz4PPsYLwTG4iMKVaaT90/oZ4I8oibSru92vJhlqWO27d/Rx
+c3iUMyhNeGToOvgx/iUo4gGpG61NDpkEUvIzuKcaMx8IdTpWg2DF6SwF0IgVMffn
+vtJmA68BwJNWo1E4PLJdaPfBifcJpuBFwNVQIPQEVX3aP89HJSp8YbY9lySS6PlV
+EqTBBtaQmi4ATGmMR+n2K/e+JAhU2Gj7jIpJhOkdH9firQDnmlA2SFfJ/Cc0mGNz
+W9RmIhyOUnNFoclmkRhl3/AQU5Ys9Qsan1jT/EiyT+pCpmnA+y9edvhDCbOG8F2o
+xHGRdTBkylungrkXJGYiwGrR8kaiqv7NN8QhOBMqYjcbrkEr0f8QMKklIS5ruOfq
+lLMCBw8JLB3LkjpWgtD7OpxkzSsohN47Uom86RY6lp72g8eXHP1qYrnvhzaG1S70
+vw6OkbaaC9EjiH/uHgAJQGxon7u0Q7xgoREWA/e7JcBQwLg80Hq/sbRuqesxz7wB
+WSY254cCAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSfXfn+Ddjz
+WtAzGiXvgSlPvjGoWzAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG
+KWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvR2Vub2EvY3JsMEYGCSqG
+SIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI
+AWUDBAICBQCiAwIBMKMDAgEBA4ICAQAdIlPBC7DQmvH7kjlOznFx3i21SzOPDs5L
+7SgFjMC9rR07292GQCA7Z7Ulq97JQaWeD2ofGGse5swj4OQfKfVv/zaJUFjvosZO
+nfZ63epu8MjWgBSXJg5QE/Al0zRsZsp53DBTdA+Uv/s33fexdenT1mpKYzhIg/cK
+tz4oMxq8JKWJ8Po1CXLzKcfrTphjlbkh8AVKMXeBd2SpM33B1YP4g1BOdk013kqb
+7bRHZ1iB2JHG5cMKKbwRCSAAGHLTzASgDcXr9Fp7Z3liDhGu/ci1opGmkp12QNiJ
+uBbkTU+xDZHm5X8Jm99BX7NEpzlOwIVR8ClgBDyuBkBC2ljtr3ZSaUIYj2xuyWN9
+5KFY49nWxcz90CFa3Hzmy4zMQmBe9dVyls5eL5p9bkXcgRMDTbgmVZiAf4afe8DL
+dmQcYcMFQbHhgVzMiyZHGJgcCrQmA7MkTwEIds1wx/HzMcwU4qqNBAoZV7oeIIPx
+dqFXfPqHqiRlEbRDfX1TG5NFVaeByX0GyH6jzYVuezETzruaky6fp2bl2bczxPE8
+HdS38ijiJmm9vl50RGUeOAXjSuInGR4bsRufeGPB9peTa9BcBOeTWzstqTUB/F/q
+aZCIZKr4X6TyfUuSDz/1JDAGl+lxdM0P9+lLaP9NahQjHCVf0zf1c1salVuGFk2w
+/wMz1R1BHg==
+-----END CERTIFICATE-----`;
+function getDefaultArkHashes() {
+    const ark_hashes = {};
+    ark_hashes["ARK-Milan"] = SevSNP.getCertHash({
+        type: SevSNPCertType.ARK,
+        format: pki_service_1.CertificateFormat.PEM,
+        cert: exports.ARK_MILAN,
+    });
+    ark_hashes["ARK-Genoa"] = SevSNP.getCertHash({
+        type: SevSNPCertType.ARK,
+        format: pki_service_1.CertificateFormat.PEM,
+        cert: exports.ARK_GENOA,
+    });
+    return ark_hashes;
+}
+exports.getDefaultArkHashes = getDefaultArkHashes;
+class SevSNP {
+    static serializeSNPReport(report) {
+        const msgpack = (0, msgpack5_1.default)();
+        return msgpack.encode(report).slice();
+    }
+    static deserializeSNPReport(serialized) {
+        let parsedReport;
+        try {
+            const msgpack = (0, msgpack5_1.default)();
+            parsedReport = msgpack.decode(serialized);
+        }
+        catch (e) {
+            throw new Error("Failed to decode Buffer" + e.message);
+        }
+        const requiredFields = [
+            {
+                key: "report",
+                type: "Buffer",
+            },
+            {
+                key: "cmdLineHash",
+                type: "Buffer",
+            },
+            {
+                key: "build",
+                type: "string",
+            },
+            {
+                key: "cpuSig",
+                type: "number",
+            },
+            {
+                key: "cores",
+                type: "number",
+            },
+        ];
+        for (const { key, type } of requiredFields) {
+            if (type === "Buffer") {
+                if (!Buffer.isBuffer(parsedReport[key])) {
+                    throw new Error(`Invalid or missing field: ${key}`);
+                }
+            }
+            else {
+                if (typeof parsedReport[key] !== type) {
+                    throw new Error(`Invalid or missing field: ${key}`);
+                }
+            }
+        }
+        if (!parsedReport.certs || !Array.isArray(parsedReport.certs))
+            throw new Error("Invalid or missing field: certs");
+        for (const cert of parsedReport.certs) {
+            if (!cert.format || typeof cert.format !== "string")
+                throw new Error("Invalid or missing field: cert.format");
+            if (!cert.type || typeof cert.type !== "string")
+                throw new Error("Invalid or missing field: cert.type");
+            if (!cert.cert || (typeof cert.cert !== "string" && !Buffer.isBuffer(cert.cert)))
+                throw new Error("Invalid or missing field: cert.cert");
+        }
+        const deserializedReport = {
+            ...parsedReport,
+        };
+        return deserializedReport;
+    }
+    static convertCertToPem(cert) {
+        const pemHeader = "-----BEGIN CERTIFICATE-----\n";
+        const pemFooter = "\n-----END CERTIFICATE-----";
+        if (cert.slice(0, pemHeader.length).compare(Buffer.from(pemHeader)) === 0) {
+            return cert.toString();
+        }
+        const formattedBase64 = cert
+            .toString("base64")
+            .match(/.{1,64}/g)
+            ?.join("\n");
+        return pemHeader + formattedBase64 + pemFooter;
+    }
+    static convertPemToDer(cert) {
+        return Buffer.from(forge.pki.pemToDer(cert).getBytes(), "binary");
+    }
+    static splitCerts(certsPem) {
+        const certRegex = /-----BEGIN CERTIFICATE-----(?:\s|.)*?-----END CERTIFICATE-----/g;
+        const matches = certsPem.match(certRegex);
+        return Array.from(matches || []);
+    }
+    static async readCmdLine() {
+        const data = await fs.readFile("/proc/cmdline", "utf-8");
+        // Workaround: VM in direct boot mode sometimes adds to the end of the cmdline initrd=initrd, need to remove it
+        return data.replace(/initrd=initrd\s*/, "");
+    }
+    /**
+     * Method for generation AMD SEV-SNP Report
+     * @param userData - The data that will be included in the report and will be signed
+     */
+    static async generateSNPReport(userData) {
+        if (userData.length > amd_sev_snp_napi_rs_1.SNP_REPORT_DATA_SIZE) {
+            throw new Error(`userData cannot exceed ${amd_sev_snp_napi_rs_1.SNP_REPORT_DATA_SIZE} bytes.`);
+        }
+        const paddedUserData = Buffer.alloc(64);
+        userData.copy(paddedUserData);
+        const report = (0, amd_sev_snp_napi_rs_1.getSnpReport)(paddedUserData, 0);
+        const cpuInfo = (0, amd_sev_snp_napi_rs_1.getCpuInfo)();
+        const cpuSig = (0, amd_sev_snp_napi_rs_1.getCpuSig)(cpuInfo);
+        const cores = (0, amd_sev_snp_napi_rs_1.getLogicalCoresCount)();
+        const cmdLine = await SevSNP.readCmdLine();
+        return {
+            report,
+            cpuSig,
+            cores,
+            cmdLineHash: SevSNP.calculateCmdlineHash(cmdLine),
+            build: SevSNP.extractBuildFromCmdline(cmdLine),
+        };
+    }
+    /**
+     * Method for fetch certificates from AMD KDS
+     * @param report - report generated by the `generateSNPReport` method
+     * @param options - options for working with HTTP, allows you to configure repetitions and the interval between them,
+     *                  as well as the format of the returned certificates
+     */
+    static async getReportChain(report, options) {
+        const retryMax = options?.retryMax ?? 2;
+        const retryInterval = options?.retryInterval ?? 10000;
+        const certFormat = options?.certFormat ?? pki_service_1.CertificateFormat.DER;
+        const certs = [];
+        const axiosInstance = axios_1.default.create();
+        let vcek = Buffer.alloc(0);
+        let cpuGeneration = SupportedAmdSevSnpGenerations.Milan;
+        const generations = Object.values(SupportedAmdSevSnpGenerations);
+        for (const generation of generations) {
+            cpuGeneration = generation;
+            const vcekUrl = (0, amd_sev_snp_napi_rs_1.getVcekKdsUrl)(report.report, generation);
+            try {
+                const response = await sdk_js_1.helpers.tryWithInterval({
+                    checkResult(response) {
+                        return { isResultOk: response.status === 200 };
+                    },
+                    handler() {
+                        return axiosInstance.get(vcekUrl, {
+                            responseType: "arraybuffer",
+                        });
+                    },
+                    checkError(err) {
+                        if (axios_1.default.isAxiosError(err) && err.response) {
+                            const status = err.response.status;
+                            return { retryable: status == 429 };
+                        }
+                        return { retryable: axios_1.default.isAxiosError(err) };
+                    },
+                    retryInterval,
+                    retryMax,
+                });
+                vcek = response.data;
+                break;
+            }
+            catch (err) {
+                const isLast = generation === generations[generations.length - 1];
+                if (isLast) {
+                    throw err;
+                }
+            }
+        }
+        const pemVcek = SevSNP.convertCertToPem(vcek);
+        certs.push({
+            type: SevSNPCertType.VCEK,
+            format: certFormat,
+            cert: certFormat === pki_service_1.CertificateFormat.PEM ? pemVcek : SevSNP.convertPemToDer(pemVcek),
+        });
+        const caUrl = `${amd_sev_snp_napi_rs_1.KDS_CERT_SITE}/${amd_sev_snp_napi_rs_1.KDS_VCEK}/${cpuGeneration}/cert_chain`;
+        const response = await sdk_js_1.helpers.tryWithInterval({
+            checkResult(response) {
+                return { isResultOk: response.status === 200 };
+            },
+            handler() {
+                return axiosInstance.get(caUrl, {
+                    responseType: "arraybuffer",
+                });
+            },
+            checkError(err) {
+                if (axios_1.default.isAxiosError(err) && err.response) {
+                    const status = err.response.status;
+                    return { retryable: status == 429 };
+                }
+                return { retryable: axios_1.default.isAxiosError(err) };
+            },
+            retryInterval,
+            retryMax,
+        });
+        const CAChain = SevSNP.splitCerts(response.data.toString());
+        if (CAChain.length !== 2) {
+            throw new Error("Cert chain must have 2 certificates");
+        }
+        certs.push({
+            type: SevSNPCertType.ARK,
+            format: certFormat,
+            cert: certFormat === pki_service_1.CertificateFormat.PEM ? CAChain[1] : SevSNP.convertPemToDer(CAChain[1]),
+        });
+        certs.push({
+            type: SevSNPCertType.ASK,
+            format: certFormat,
+            cert: certFormat === pki_service_1.CertificateFormat.PEM ? CAChain[0] : SevSNP.convertPemToDer(CAChain[0]),
+        });
+        return certs;
+    }
+    /**
+     * Method for generation AMD SEV-SNP Report and fetching certificates
+     * @param userData - @see generateSNPReport
+     * @param options - @see getReportChain
+     */
+    static async generateSNPReportWithChain(userData, options) {
+        const report = await SevSNP.generateSNPReport(userData);
+        const certs = await SevSNP.getReportChain(report, options);
+        return {
+            ...report,
+            certs: certs,
+        };
+    }
+    static async runSubProcess(binaryPath, args = [], options = {}) {
+        return new Promise((resolve, reject) => {
+            const subprocess = (0, child_process_1.spawn)(binaryPath, args, {
+                cwd: options.cwd,
+                stdio: "pipe",
+            });
+            let stdout = "";
+            let stderr = "";
+            subprocess.stdout?.on("data", (chunk) => (stdout += chunk.toString()));
+            subprocess.stderr?.on("data", (chunk) => (stderr += chunk.toString()));
+            let timeoutId;
+            if (options.timeoutMs && options.timeoutMs > 0) {
+                timeoutId = setTimeout(() => {
+                    subprocess.kill();
+                    reject(new Error(`Process timed out after ${options.timeoutMs}ms`));
+                }, options.timeoutMs);
+            }
+            subprocess.on("close", (exitCode) => {
+                if (timeoutId)
+                    clearTimeout(timeoutId);
+                resolve({
+                    exitCode: exitCode || 0,
+                    stdout,
+                    stderr,
+                });
+            });
+            subprocess.on("error", (error) => {
+                if (timeoutId)
+                    clearTimeout(timeoutId);
+                reject(new Error(`Failed to start process: ${error.message}`));
+            });
+        });
+    }
+    static getCertHash(cert) {
+        const hash = (0, crypto_1.createHash)("sha256");
+        if (cert.format === pki_service_1.CertificateFormat.PEM) {
+            hash.update(SevSNP.convertPemToDer(cert.cert));
+        }
+        else {
+            hash.update(cert.cert);
+        }
+        return hash.digest();
+    }
+    static isValidArk(ARK, trustedHashes) {
+        const ArkCert = forge.pki.certificateFromPem(ARK.format === pki_service_1.CertificateFormat.PEM ? ARK.cert : SevSNP.convertCertToPem(ARK.cert));
+        const ArkCN = ArkCert.subject.attributes.find((attr) => attr.name === "commonName")?.value;
+        if (!ArkCN) {
+            throw new Error("Can't extract CN from ARK certificate");
+        }
+        const ArkHash = SevSNP.getCertHash(ARK);
+        const TrustedHash = (trustedHashes && trustedHashes[ArkCN]) || Buffer.alloc(0);
+        return ArkHash.equals(TrustedHash);
+    }
+    /**
+     * AMD SEV-SNP verification method
+     * @param report - report with full certificate chain
+     * @param options - trustedHashes - map of trusted AMD ARK Certificates (CommonName as Key, Sha256 Hash of Der Certificate as Value) - optional
+     *                  timeoutMs - timeout of the utility snpnost in ms
+     *                  snpGuestBinaryPath - path for snpguest util
+     */
+    static async verifyReport(report, options) {
+        const trustedHashes = options?.trustedHashes ?? getDefaultArkHashes();
+        const timeoutMs = options?.timeoutMs ?? 10000;
+        const snpGuestBinaryPath = options?.snpGuestBinaryPath ?? path.resolve(__dirname, "../../bindings/utils/virtee/snpguest");
+        const tmpDir = options?.tmpDir ?? path.join(os.tmpdir(), "temp-");
+        if (!path.isAbsolute(snpGuestBinaryPath)) {
+            throw new Error("snpGuestBinaryPath must be an absolute path");
+        }
+        const ARK = report.certs.find((cert) => cert.type === SevSNPCertType.ARK);
+        if (!ARK) {
+            throw new Error("Can't find ARK certificate in certificate chain");
+        }
+        if (!SevSNP.isValidArk(ARK, trustedHashes)) {
+            throw new Error("The supplied certificate chain contains an untrusted root certificate");
+        }
+        const tempDir = await fs.mkdtemp(tmpDir);
+        try {
+            for (const certEntry of report.certs) {
+                const fileName = certEntry.type.toLowerCase();
+                const extension = certEntry.format === pki_service_1.CertificateFormat.PEM ? "pem" : "der";
+                await fs.writeFile(`${tempDir}/${fileName}.${extension}`, certEntry.cert, certEntry.format === pki_service_1.CertificateFormat.PEM ? "utf8" : undefined);
+            }
+            const reportPath = `${tempDir}/report.bin`;
+            await fs.writeFile(reportPath, report.report);
+            const snpguestRes = await SevSNP.runSubProcess(snpGuestBinaryPath, ["verify", "attestation", tempDir, reportPath], { timeoutMs });
+            if (snpguestRes.exitCode != 0) {
+                throw new Error(`Error validating report. Output: ${snpguestRes.stdout}\n${snpguestRes.stderr}`);
+            }
+        }
+        finally {
+            await fs.rm(tempDir, {
+                recursive: true,
+                force: true,
+            });
+        }
+    }
+    static calcMrEnclave(measure, vmpl, policy) {
+        const hash = (0, crypto_1.createHash)("sha256");
+        hash.update(measure);
+        const vmplBuf = Buffer.alloc(4);
+        vmplBuf.writeUInt32LE(vmpl, 0);
+        hash.update(vmplBuf);
+        const policyBuf = Buffer.alloc(8);
+        policyBuf.writeBigUint64LE(policy, 0);
+        hash.update(policyBuf);
+        return hash.digest();
+    }
+    /**
+     * Method for obtaining mrEnclave from report. MrEnclave includes report measure, report vmpl and report policy
+     * @param report - report without certificates
+     */
+    static getMrEnclave(report) {
+        const measure = (0, amd_sev_snp_napi_rs_1.getReportMeasure)(report);
+        const vmpl = (0, amd_sev_snp_napi_rs_1.getReportVmpl)(report);
+        const policy = (0, amd_sev_snp_napi_rs_1.getReportPolicy)(report);
+        return SevSNP.calcMrEnclave(measure, vmpl, policy);
+    }
+    /**
+     * Method for obtaining reportData. This data was passed when generating the report
+     * @param report - report without certificates
+     */
+    static async getReportData(report) {
+        return (0, amd_sev_snp_napi_rs_1.getReportData)(report);
+    }
+    /**
+     * Method for obtaining measure. Please do not confuse with mrenclave. Report measure is part of mrEnclave.
+     * @param report - report without certificates
+     */
+    static async getReportMeasure(report) {
+        return (0, amd_sev_snp_napi_rs_1.getReportMeasure)(report);
+    }
+    static async calculateFileSha256(filePath) {
+        const fileData = await fs.readFile(filePath);
+        const hash = (0, crypto_1.createHash)("sha256");
+        hash.update(fileData);
+        return hash.digest();
+    }
+    static calculateCmdlineHash(cmdLine) {
+        const cmdLineBytes = Buffer.concat([Buffer.from(cmdLine.trim(), "utf-8"), Buffer.from([0])]);
+        const hash = (0, crypto_1.createHash)("sha256");
+        hash.update(cmdLineBytes);
+        return hash.digest();
+    }
+    /**
+     * The method allows to get the expected mrEnclave without generating a report
+     * @param params - @see CalcSnpMrEnclaveParams
+     */
+    static async calcSnpMrEnclave(params) {
+        const measure = (0, amd_sev_snp_napi_rs_1.calcSnpMeasure)(params.ovmfPath, params.kernelHash, params.initrdHash ?? exports.EMPTY_INITRD_SHA256_HASH, params.cmdLineHash, params.vcpuSig, params.vcpuCount);
+        return SevSNP.calcMrEnclave(measure, params.vmpl ?? 0, params.policy ?? BigInt(0x30000));
+    }
+    static extractBuildFromCmdline(cmdLine, paramName = "build") {
+        const regex = new RegExp(`${paramName}=([^\\s]+)`);
+        const match = cmdLine.match(regex);
+        if (match) {
+            return match[1];
+        }
+        else {
+            throw new Error(`${paramName} parameter not found`);
+        }
+    }
+    /**
+     * Compute the 32-bit CPUID signature from family, model, and stepping.
+     * This computation is described in AMD's CPUID Specification, publication #25481
+     * https://www.amd.com/system/files/TechDocs/25481.pdf
+     * See section: CPUID Fn0000_0001_EAX Family, Model, Stepping Identifiers
+     * @param cpuInfo - Structure containing family, model and stepping @see CpuInfo
+     */
+    static getCpuSig(cpuInfo) {
+        return (0, amd_sev_snp_napi_rs_1.getCpuSig)(cpuInfo);
+    }
+}
+exports.SevSNP = SevSNP;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2V2LXNucC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9zZ3gtbmF0aXZlLW1vZHVsZS9zZXYtc25wLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsNkVBZTZDO0FBQzdDLG1EQUErRDtBQUMvRCxrREFBNkM7QUFDN0MsK0NBQWtEO0FBQ2xELGtEQUFvQztBQUVwQyxnREFBa0M7QUFDbEMsMkNBQTZCO0FBQzdCLHVDQUF5QjtBQUN6QixpREFBc0M7QUFDdEMsbUNBQW9DO0FBQ3BDLHdEQUFnQztBQUVoQyxJQUFZLDZCQUdYO0FBSEQsV0FBWSw2QkFBNkI7SUFDckMsZ0RBQWUsQ0FBQTtJQUNmLGdEQUFlLENBQUE7QUFDbkIsQ0FBQyxFQUhXLDZCQUE2Qiw2Q0FBN0IsNkJBQTZCLFFBR3hDO0FBRUQsSUFBWSxjQUlYO0FBSkQsV0FBWSxjQUFjO0lBQ3RCLDZCQUFXLENBQUE7SUFDWCw2QkFBVyxDQUFBO0lBQ1gsK0JBQWEsQ0FBQTtBQUNqQixDQUFDLEVBSlcsY0FBYyw4QkFBZCxjQUFjLFFBSXpCO0FBOEJZLFFBQUEsc0JBQXNCLEdBQVk7SUFDM0MsTUFBTSxFQUFFLEVBQUU7SUFDVixLQUFLLEVBQUUsQ0FBQztJQUNSLFFBQVEsRUFBRSxDQUFDO0NBQ2QsQ0FBQztBQUVXLFFBQUEsd0JBQXdCLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FDL0Msa0VBQWtFLEVBQ2xFLEtBQUssQ0FDUixDQUFDO0FBR1csUUFBQSxTQUFTLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzswQkFvQ0MsQ0FBQztBQUVkLFFBQUEsU0FBUyxHQUFHOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7MEJBb0NDLENBQUM7QUFFM0IsU0FBZ0IsbUJBQW1CO0lBQy9CLE1BQU0sVUFBVSxHQUE4QixFQUFFLENBQUM7SUFFakQsVUFBVSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxXQUFXLENBQUM7UUFDekMsSUFBSSxFQUFFLGNBQWMsQ0FBQyxHQUFHO1FBQ3hCLE1BQU0sRUFBRSwrQkFBaUIsQ0FBQyxHQUFHO1FBQzdCLElBQUksRUFBRSxpQkFBUztLQUNsQixDQUFDLENBQUM7SUFFSCxVQUFVLENBQUMsV0FBVyxDQUFDLEdBQUcsTUFBTSxDQUFDLFdBQVcsQ0FBQztRQUN6QyxJQUFJLEVBQUUsY0FBYyxDQUFDLEdBQUc7UUFDeEIsTUFBTSxFQUFFLCtCQUFpQixDQUFDLEdBQUc7UUFDN0IsSUFBSSxFQUFFLGlCQUFTO0tBQ2xCLENBQUMsQ0FBQztJQUVILE9BQU8sVUFBVSxDQUFDO0FBQ3RCLENBQUM7QUFoQkQsa0RBZ0JDO0FBRUQsTUFBYSxNQUFNO0lBQ1IsTUFBTSxDQUFDLGtCQUFrQixDQUFDLE1BQTBCO1FBQ3ZELE1BQU0sT0FBTyxHQUFHLElBQUEsa0JBQVEsR0FBRSxDQUFDO1FBRTNCLE9BQU8sT0FBTyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUMxQyxDQUFDO0lBRU0sTUFBTSxDQUFDLG9CQUFvQixDQUFDLFVBQWtCO1FBQ2pELElBQUksWUFBWSxDQUFDO1FBQ2pCLElBQUksQ0FBQztZQUNELE1BQU0sT0FBTyxHQUFHLElBQUEsa0JBQVEsR0FBRSxDQUFDO1lBQzNCLFlBQVksR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQzlDLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyx5QkFBeUIsR0FBSSxDQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdEUsQ0FBQztRQUVELE1BQU0sY0FBYyxHQUFzRDtZQUN0RTtnQkFDSSxHQUFHLEVBQUUsUUFBUTtnQkFDYixJQUFJLEVBQUUsUUFBUTthQUNqQjtZQUNEO2dCQUNJLEdBQUcsRUFBRSxhQUFhO2dCQUNsQixJQUFJLEVBQUUsUUFBUTthQUNqQjtZQUNEO2dCQUNJLEdBQUcsRUFBRSxPQUFPO2dCQUNaLElBQUksRUFBRSxRQUFRO2FBQ2pCO1lBQ0Q7Z0JBQ0ksR0FBRyxFQUFFLFFBQVE7Z0JBQ2IsSUFBSSxFQUFFLFFBQVE7YUFDakI7WUFDRDtnQkFDSSxHQUFHLEVBQUUsT0FBTztnQkFDWixJQUFJLEVBQUUsUUFBUTthQUNqQjtTQUNKLENBQUM7UUFFRixLQUFLLE1BQU0sRUFBRSxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksY0FBYyxFQUFFLENBQUM7WUFDekMsSUFBSSxJQUFJLEtBQUssUUFBUSxFQUFFLENBQUM7Z0JBQ3BCLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLENBQUM7b0JBQ3RDLE1BQU0sSUFBSSxLQUFLLENBQUMsNkJBQTZCLEdBQUcsRUFBRSxDQUFDLENBQUM7Z0JBQ3hELENBQUM7WUFDTCxDQUFDO2lCQUFNLENBQUM7Z0JBQ0osSUFBSSxPQUFPLFlBQVksQ0FBQyxHQUFHLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQztvQkFDcEMsTUFBTSxJQUFJLEtBQUssQ0FBQyw2QkFBNkIsR0FBRyxFQUFFLENBQUMsQ0FBQztnQkFDeEQsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBRUQsSUFBSSxDQUFDLFlBQVksQ0FBQyxLQUFLLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQyxLQUFLLENBQUM7WUFDekQsTUFBTSxJQUFJLEtBQUssQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO1FBRXZELEtBQUssTUFBTSxJQUFJLElBQUksWUFBWSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ3BDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxJQUFJLE9BQU8sSUFBSSxDQUFDLE1BQU0sS0FBSyxRQUFRO2dCQUMvQyxNQUFNLElBQUksS0FBSyxDQUFDLHVDQUF1QyxDQUFDLENBQUM7WUFDN0QsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLElBQUksT0FBTyxJQUFJLENBQUMsSUFBSSxLQUFLLFFBQVE7Z0JBQUUsTUFBTSxJQUFJLEtBQUssQ0FBQyxxQ0FBcUMsQ0FBQyxDQUFDO1lBQ3hHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsT0FBTyxJQUFJLENBQUMsSUFBSSxLQUFLLFFBQVEsSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUM1RSxNQUFNLElBQUksS0FBSyxDQUFDLHFDQUFxQyxDQUFDLENBQUM7UUFDL0QsQ0FBQztRQUVELE1BQU0sa0JBQWtCLEdBQXVCO1lBQzNDLEdBQUcsWUFBWTtTQUNsQixDQUFDO1FBRUYsT0FBTyxrQkFBa0IsQ0FBQztJQUM5QixDQUFDO0lBRVMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLElBQVk7UUFDMUMsTUFBTSxTQUFTLEdBQUcsK0JBQStCLENBQUM7UUFDbEQsTUFBTSxTQUFTLEdBQUcsNkJBQTZCLENBQUM7UUFFaEQsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxTQUFTLENBQUMsTUFBTSxDQUFDLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUN4RSxPQUFPLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUMzQixDQUFDO1FBQ0QsTUFBTSxlQUFlLEdBQUcsSUFBSTthQUN2QixRQUFRLENBQUMsUUFBUSxDQUFDO2FBQ2xCLEtBQUssQ0FBQyxVQUFVLENBQUM7WUFDbEIsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFakIsT0FBTyxTQUFTLEdBQUcsZUFBZSxHQUFHLFNBQVMsQ0FBQztJQUNuRCxDQUFDO0lBRVMsTUFBTSxDQUFDLGVBQWUsQ0FBQyxJQUFZO1FBQ3pDLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLEVBQUUsRUFBRSxRQUFRLENBQUMsQ0FBQztJQUN0RSxDQUFDO0lBRVMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxRQUFnQjtRQUN4QyxNQUFNLFNBQVMsR0FBRyxpRUFBaUUsQ0FBQztRQUNwRixNQUFNLE9BQU8sR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBRTFDLE9BQU8sS0FBSyxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVTLE1BQU0sQ0FBQyxLQUFLLENBQUMsV0FBVztRQUM5QixNQUFNLElBQUksR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsZUFBZSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ3pELCtHQUErRztRQUMvRyxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsa0JBQWtCLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDaEQsQ0FBQztJQUVEOzs7T0FHRztJQUNJLE1BQU0sQ0FBQyxLQUFLLENBQUMsaUJBQWlCLENBQUMsUUFBZ0I7UUFDbEQsSUFBSSxRQUFRLENBQUMsTUFBTSxHQUFHLDBDQUFvQixFQUFFLENBQUM7WUFDekMsTUFBTSxJQUFJLEtBQUssQ0FBQywwQkFBMEIsMENBQW9CLFNBQVMsQ0FBQyxDQUFDO1FBQzdFLENBQUM7UUFFRCxNQUFNLGNBQWMsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3hDLFFBQVEsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLENBQUM7UUFFOUIsTUFBTSxNQUFNLEdBQUcsSUFBQSxrQ0FBWSxFQUFDLGNBQWMsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUMvQyxNQUFNLE9BQU8sR0FBRyxJQUFBLGdDQUFVLEdBQUUsQ0FBQztRQUM3QixNQUFNLE1BQU0sR0FBRyxJQUFBLCtCQUFTLEVBQUMsT0FBTyxDQUFDLENBQUM7UUFDbEMsTUFBTSxLQUFLLEdBQUcsSUFBQSwwQ0FBb0IsR0FBRSxDQUFDO1FBQ3JDLE1BQU0sT0FBTyxHQUFHLE1BQU0sTUFBTSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBRTNDLE9BQU87WUFDSCxNQUFNO1lBQ04sTUFBTTtZQUNOLEtBQUs7WUFDTCxXQUFXLEVBQUUsTUFBTSxDQUFDLG9CQUFvQixDQUFDLE9BQU8sQ0FBQztZQUNqRCxLQUFLLEVBQUUsTUFBTSxDQUFDLHVCQUF1QixDQUFDLE9BQU8sQ0FBQztTQUNqRCxDQUFDO0lBQ04sQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ksTUFBTSxDQUFDLEtBQUssQ0FBQyxjQUFjLENBQzlCLE1BQWlCLEVBQ2pCLE9BSUM7UUFFRCxNQUFNLFFBQVEsR0FBRyxPQUFPLEVBQUUsUUFBUSxJQUFJLENBQUMsQ0FBQztRQUN4QyxNQUFNLGFBQWEsR0FBRyxPQUFPLEVBQUUsYUFBYSxJQUFJLEtBQUssQ0FBQztRQUN0RCxNQUFNLFVBQVUsR0FBRyxPQUFPLEVBQUUsVUFBVSxJQUFJLCtCQUFpQixDQUFDLEdBQUcsQ0FBQztRQUNoRSxNQUFNLEtBQUssR0FBYyxFQUFFLENBQUM7UUFFNUIsTUFBTSxhQUFhLEdBQUcsZUFBSyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3JDLElBQUksSUFBSSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDM0IsSUFBSSxhQUFhLEdBQUcsNkJBQTZCLENBQUMsS0FBSyxDQUFDO1FBQ3hELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUMsNkJBQTZCLENBQUMsQ0FBQztRQUNqRSxLQUFLLE1BQU0sVUFBVSxJQUFJLFdBQVcsRUFBRSxDQUFDO1lBQ25DLGFBQWEsR0FBRyxVQUFVLENBQUM7WUFDM0IsTUFBTSxPQUFPLEdBQUcsSUFBQSxtQ0FBYSxFQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDekQsSUFBSSxDQUFDO2dCQUNELE1BQU0sUUFBUSxHQUFHLE1BQU0sZ0JBQVUsQ0FBQyxlQUFlLENBQWdCO29CQUM3RCxXQUFXLENBQUMsUUFBUTt3QkFDaEIsT0FBTyxFQUFFLFVBQVUsRUFBRSxRQUFRLENBQUMsTUFBTSxLQUFLLEdBQUcsRUFBRSxDQUFDO29CQUNuRCxDQUFDO29CQUNELE9BQU87d0JBQ0gsT0FBTyxhQUFhLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRTs0QkFDOUIsWUFBWSxFQUFFLGFBQWE7eUJBQzlCLENBQUMsQ0FBQztvQkFDUCxDQUFDO29CQUNELFVBQVUsQ0FBQyxHQUFHO3dCQUNWLElBQUksZUFBSyxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsSUFBSSxHQUFHLENBQUMsUUFBUSxFQUFFLENBQUM7NEJBQzFDLE1BQU0sTUFBTSxHQUFHLEdBQUcsQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDOzRCQUVuQyxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sSUFBSSxHQUFHLEVBQUUsQ0FBQzt3QkFDeEMsQ0FBQzt3QkFFRCxPQUFPLEVBQUUsU0FBUyxFQUFFLGVBQUssQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztvQkFDbEQsQ0FBQztvQkFDRCxhQUFhO29CQUNiLFFBQVE7aUJBQ1gsQ0FBQyxDQUFDO2dCQUNILElBQUksR0FBRyxRQUFRLENBQUMsSUFBSSxDQUFDO2dCQUNyQixNQUFNO1lBQ1YsQ0FBQztZQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7Z0JBQ1gsTUFBTSxNQUFNLEdBQUcsVUFBVSxLQUFLLFdBQVcsQ0FBQyxXQUFXLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUNsRSxJQUFJLE1BQU0sRUFBRSxDQUFDO29CQUNULE1BQU0sR0FBRyxDQUFDO2dCQUNkLENBQUM7WUFDTCxDQUFDO1FBQ0wsQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM5QyxLQUFLLENBQUMsSUFBSSxDQUFDO1lBQ1AsSUFBSSxFQUFFLGNBQWMsQ0FBQyxJQUFJO1lBQ3pCLE1BQU0sRUFBRSxVQUFVO1lBQ2xCLElBQUksRUFBRSxVQUFVLEtBQUssK0JBQWlCLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxlQUFlLENBQUMsT0FBTyxDQUFDO1NBQ3pGLENBQUMsQ0FBQztRQUVILE1BQU0sS0FBSyxHQUFHLEdBQUcsbUNBQWEsSUFBSSw4QkFBUSxJQUFJLGFBQWEsYUFBYSxDQUFDO1FBQ3pFLE1BQU0sUUFBUSxHQUFHLE1BQU0sZ0JBQVUsQ0FBQyxlQUFlLENBQWdCO1lBQzdELFdBQVcsQ0FBQyxRQUFRO2dCQUNoQixPQUFPLEVBQUUsVUFBVSxFQUFFLFFBQVEsQ0FBQyxNQUFNLEtBQUssR0FBRyxFQUFFLENBQUM7WUFDbkQsQ0FBQztZQUNELE9BQU87Z0JBQ0gsT0FBTyxhQUFhLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRTtvQkFDNUIsWUFBWSxFQUFFLGFBQWE7aUJBQzlCLENBQUMsQ0FBQztZQUNQLENBQUM7WUFDRCxVQUFVLENBQUMsR0FBRztnQkFDVixJQUFJLGVBQUssQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLFFBQVEsRUFBRSxDQUFDO29CQUMxQyxNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQztvQkFFbkMsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLElBQUksR0FBRyxFQUFFLENBQUM7Z0JBQ3hDLENBQUM7Z0JBRUQsT0FBTyxFQUFFLFNBQVMsRUFBRSxlQUFLLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDbEQsQ0FBQztZQUNELGFBQWE7WUFDYixRQUFRO1NBQ1gsQ0FBQyxDQUFDO1FBRUgsTUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFDNUQsSUFBSSxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ3ZCLE1BQU0sSUFBSSxLQUFLLENBQUMscUNBQXFDLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBRUQsS0FBSyxDQUFDLElBQUksQ0FBQztZQUNQLElBQUksRUFBRSxjQUFjLENBQUMsR0FBRztZQUN4QixNQUFNLEVBQUUsVUFBVTtZQUNsQixJQUFJLEVBQUUsVUFBVSxLQUFLLCtCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsZUFBZSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQztTQUMvRixDQUFDLENBQUM7UUFDSCxLQUFLLENBQUMsSUFBSSxDQUFDO1lBQ1AsSUFBSSxFQUFFLGNBQWMsQ0FBQyxHQUFHO1lBQ3hCLE1BQU0sRUFBRSxVQUFVO1lBQ2xCLElBQUksRUFBRSxVQUFVLEtBQUssK0JBQWlCLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxlQUFlLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDO1NBQy9GLENBQUMsQ0FBQztRQUVILE9BQU8sS0FBSyxDQUFDO0lBQ2pCLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksTUFBTSxDQUFDLEtBQUssQ0FBQywwQkFBMEIsQ0FDMUMsUUFBZ0IsRUFDaEIsT0FJQztRQUVELE1BQU0sTUFBTSxHQUFHLE1BQU0sTUFBTSxDQUFDLGlCQUFpQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3hELE1BQU0sS0FBSyxHQUFHLE1BQU0sTUFBTSxDQUFDLGNBQWMsQ0FBQyxNQUFNLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFFM0QsT0FBTztZQUNILEdBQUcsTUFBTTtZQUNULEtBQUssRUFBRSxLQUFLO1NBQ2YsQ0FBQztJQUNOLENBQUM7SUFFUyxNQUFNLENBQUMsS0FBSyxDQUFDLGFBQWEsQ0FDaEMsVUFBa0IsRUFDbEIsT0FBaUIsRUFBRSxFQUNuQixVQUFnRCxFQUFFO1FBRWxELE9BQU8sSUFBSSxPQUFPLENBQUMsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLEVBQUU7WUFDbkMsTUFBTSxVQUFVLEdBQUcsSUFBQSxxQkFBSyxFQUFDLFVBQVUsRUFBRSxJQUFJLEVBQUU7Z0JBQ3ZDLEdBQUcsRUFBRSxPQUFPLENBQUMsR0FBRztnQkFDaEIsS0FBSyxFQUFFLE1BQU07YUFDaEIsQ0FBQyxDQUFDO1lBRUgsSUFBSSxNQUFNLEdBQUcsRUFBRSxDQUFDO1lBQ2hCLElBQUksTUFBTSxHQUFHLEVBQUUsQ0FBQztZQUVoQixVQUFVLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUMsTUFBTSxJQUFJLEtBQUssQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFDdkUsVUFBVSxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTSxFQUFFLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDLE1BQU0sSUFBSSxLQUFLLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDO1lBRXZFLElBQUksU0FBcUMsQ0FBQztZQUMxQyxJQUFJLE9BQU8sQ0FBQyxTQUFTLElBQUksT0FBTyxDQUFDLFNBQVMsR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDN0MsU0FBUyxHQUFHLFVBQVUsQ0FBQyxHQUFHLEVBQUU7b0JBQ3hCLFVBQVUsQ0FBQyxJQUFJLEVBQUUsQ0FBQztvQkFDbEIsTUFBTSxDQUFDLElBQUksS0FBSyxDQUFDLDJCQUEyQixPQUFPLENBQUMsU0FBUyxJQUFJLENBQUMsQ0FBQyxDQUFDO2dCQUN4RSxDQUFDLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQzFCLENBQUM7WUFFRCxVQUFVLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUFFO2dCQUNoQyxJQUFJLFNBQVM7b0JBQUUsWUFBWSxDQUFDLFNBQVMsQ0FBQyxDQUFDO2dCQUN2QyxPQUFPLENBQUM7b0JBQ0osUUFBUSxFQUFFLFFBQVEsSUFBSSxDQUFDO29CQUN2QixNQUFNO29CQUNOLE1BQU07aUJBQ1QsQ0FBQyxDQUFDO1lBQ1AsQ0FBQyxDQUFDLENBQUM7WUFFSCxVQUFVLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxDQUFDLEtBQUssRUFBRSxFQUFFO2dCQUM3QixJQUFJLFNBQVM7b0JBQUUsWUFBWSxDQUFDLFNBQVMsQ0FBQyxDQUFDO2dCQUN2QyxNQUFNLENBQUMsSUFBSSxLQUFLLENBQUMsNEJBQTRCLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFDbkUsQ0FBQyxDQUFDLENBQUM7UUFDUCxDQUFDLENBQUMsQ0FBQztJQUNQLENBQUM7SUFFTSxNQUFNLENBQUMsV0FBVyxDQUFDLElBQWE7UUFDbkMsTUFBTSxJQUFJLEdBQUcsSUFBQSxtQkFBVSxFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ2xDLElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSywrQkFBaUIsQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUN4QyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxlQUFlLENBQUMsSUFBSSxDQUFDLElBQWMsQ0FBQyxDQUFDLENBQUM7UUFDN0QsQ0FBQzthQUFNLENBQUM7WUFDSixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFjLENBQUMsQ0FBQztRQUNyQyxDQUFDO1FBRUQsT0FBTyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVTLE1BQU0sQ0FBQyxVQUFVLENBQUMsR0FBWSxFQUFFLGFBQXdCO1FBQzlELE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQ3hDLEdBQUcsQ0FBQyxNQUFNLEtBQUssK0JBQWlCLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBRSxHQUFHLENBQUMsSUFBZSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLElBQWMsQ0FBQyxDQUM1RyxDQUFDO1FBQ0YsTUFBTSxLQUFLLEdBQUcsT0FBTyxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsSUFBSSxLQUFLLFlBQVksQ0FBQyxFQUFFLEtBRXRFLENBQUM7UUFDaEIsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ1QsTUFBTSxJQUFJLEtBQUssQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3hDLE1BQU0sV0FBVyxHQUFHLENBQUMsYUFBYSxJQUFJLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFL0UsT0FBTyxPQUFPLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxNQUFNLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FDNUIsTUFBMEIsRUFDMUIsT0FLQztRQUVELE1BQU0sYUFBYSxHQUFHLE9BQU8sRUFBRSxhQUFhLElBQUksbUJBQW1CLEVBQUUsQ0FBQztRQUN0RSxNQUFNLFNBQVMsR0FBRyxPQUFPLEVBQUUsU0FBUyxJQUFJLEtBQUssQ0FBQztRQUM5QyxNQUFNLGtCQUFrQixHQUNwQixPQUFPLEVBQUUsa0JBQWtCLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTLEVBQUUsc0NBQXNDLENBQUMsQ0FBQztRQUNuRyxNQUFNLE1BQU0sR0FBRyxPQUFPLEVBQUUsTUFBTSxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRWxFLElBQUksQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQztZQUN2QyxNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxDQUFDLENBQUM7UUFDbkUsQ0FBQztRQUNELE1BQU0sR0FBRyxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsSUFBSSxLQUFLLGNBQWMsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUMxRSxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDUCxNQUFNLElBQUksS0FBSyxDQUFDLGlEQUFpRCxDQUFDLENBQUM7UUFDdkUsQ0FBQztRQUVELElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLEdBQUcsRUFBRSxhQUFhLENBQUMsRUFBRSxDQUFDO1lBQ3pDLE1BQU0sSUFBSSxLQUFLLENBQUMsdUVBQXVFLENBQUMsQ0FBQztRQUM3RixDQUFDO1FBRUQsTUFBTSxPQUFPLEdBQUcsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ3pDLElBQUksQ0FBQztZQUNELEtBQUssTUFBTSxTQUFTLElBQUksTUFBTSxDQUFDLEtBQUssRUFBRSxDQUFDO2dCQUNuQyxNQUFNLFFBQVEsR0FBRyxTQUFTLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO2dCQUM5QyxNQUFNLFNBQVMsR0FBRyxTQUFTLENBQUMsTUFBTSxLQUFLLCtCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUM7Z0JBQzdFLE1BQU0sRUFBRSxDQUFDLFNBQVMsQ0FDZCxHQUFHLE9BQU8sSUFBSSxRQUFRLElBQUksU0FBUyxFQUFFLEVBQ3JDLFNBQVMsQ0FBQyxJQUFJLEVBQ2QsU0FBUyxDQUFDLE1BQU0sS0FBSywrQkFBaUIsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUNsRSxDQUFDO1lBQ04sQ0FBQztZQUNELE1BQU0sVUFBVSxHQUFHLEdBQUcsT0FBTyxhQUFhLENBQUM7WUFDM0MsTUFBTSxFQUFFLENBQUMsU0FBUyxDQUFDLFVBQVUsRUFBRSxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDOUMsTUFBTSxXQUFXLEdBQUcsTUFBTSxNQUFNLENBQUMsYUFBYSxDQUMxQyxrQkFBa0IsRUFDbEIsQ0FBQyxRQUFRLEVBQUUsYUFBYSxFQUFFLE9BQU8sRUFBRSxVQUFVLENBQUMsRUFDOUMsRUFBRSxTQUFTLEVBQUUsQ0FDaEIsQ0FBQztZQUNGLElBQUksV0FBVyxDQUFDLFFBQVEsSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDNUIsTUFBTSxJQUFJLEtBQUssQ0FBQyxvQ0FBb0MsV0FBVyxDQUFDLE1BQU0sS0FBSyxXQUFXLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztZQUNyRyxDQUFDO1FBQ0wsQ0FBQztnQkFBUyxDQUFDO1lBQ1AsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRTtnQkFDakIsU0FBUyxFQUFFLElBQUk7Z0JBQ2YsS0FBSyxFQUFFLElBQUk7YUFDZCxDQUFDLENBQUM7UUFDUCxDQUFDO0lBQ0wsQ0FBQztJQUVTLE1BQU0sQ0FBQyxhQUFhLENBQUMsT0FBZSxFQUFFLElBQVksRUFBRSxNQUFjO1FBQ3hFLE1BQU0sSUFBSSxHQUFHLElBQUEsbUJBQVUsRUFBQyxRQUFRLENBQUMsQ0FBQztRQUNsQyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRXJCLE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDaEMsT0FBTyxDQUFDLGFBQWEsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDL0IsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUVyQixNQUFNLFNBQVMsR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xDLFNBQVMsQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUV2QixPQUFPLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztJQUN6QixDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksTUFBTSxDQUFDLFlBQVksQ0FBQyxNQUFjO1FBQ3JDLE1BQU0sT0FBTyxHQUFHLElBQUEsc0NBQWdCLEVBQUMsTUFBTSxDQUFDLENBQUM7UUFDekMsTUFBTSxJQUFJLEdBQUcsSUFBQSxtQ0FBYSxFQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ25DLE1BQU0sTUFBTSxHQUFHLElBQUEscUNBQWUsRUFBQyxNQUFNLENBQUMsQ0FBQztRQUV2QyxPQUFPLE1BQU0sQ0FBQyxhQUFhLENBQUMsT0FBTyxFQUFFLElBQUksRUFBRSxNQUFNLENBQUMsQ0FBQztJQUN2RCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksTUFBTSxDQUFDLEtBQUssQ0FBQyxhQUFhLENBQUMsTUFBYztRQUM1QyxPQUFPLElBQUEsbUNBQWEsRUFBQyxNQUFNLENBQUMsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksTUFBTSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFjO1FBQy9DLE9BQU8sSUFBQSxzQ0FBZ0IsRUFBQyxNQUFNLENBQUMsQ0FBQztJQUNwQyxDQUFDO0lBRVMsTUFBTSxDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQyxRQUFnQjtRQUN2RCxNQUFNLFFBQVEsR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDN0MsTUFBTSxJQUFJLEdBQUcsSUFBQSxtQkFBVSxFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFdEIsT0FBTyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVTLE1BQU0sQ0FBQyxvQkFBb0IsQ0FBQyxPQUFlO1FBQ2pELE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsRUFBRSxPQUFPLENBQUMsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDN0YsTUFBTSxJQUFJLEdBQUcsSUFBQSxtQkFBVSxFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFMUIsT0FBTyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7SUFDekIsQ0FBQztJQUVEOzs7T0FHRztJQUNJLE1BQU0sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsTUFBOEI7UUFDL0QsTUFBTSxPQUFPLEdBQUcsSUFBQSxvQ0FBYyxFQUMxQixNQUFNLENBQUMsUUFBUSxFQUNmLE1BQU0sQ0FBQyxVQUFVLEVBQ2pCLE1BQU0sQ0FBQyxVQUFVLElBQUksZ0NBQXdCLEVBQzdDLE1BQU0sQ0FBQyxXQUFXLEVBQ2xCLE1BQU0sQ0FBQyxPQUFPLEVBQ2QsTUFBTSxDQUFDLFNBQVMsQ0FDbkIsQ0FBQztRQUVGLE9BQU8sTUFBTSxDQUFDLGFBQWEsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLElBQUksSUFBSSxDQUFDLEVBQUUsTUFBTSxDQUFDLE1BQU0sSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUM3RixDQUFDO0lBRVMsTUFBTSxDQUFDLHVCQUF1QixDQUFDLE9BQWUsRUFBRSxTQUFTLEdBQUcsT0FBTztRQUN6RSxNQUFNLEtBQUssR0FBRyxJQUFJLE1BQU0sQ0FBQyxHQUFHLFNBQVMsWUFBWSxDQUFDLENBQUM7UUFDbkQsTUFBTSxLQUFLLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNuQyxJQUFJLEtBQUssRUFBRSxDQUFDO1lBQ1IsT0FBTyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDcEIsQ0FBQzthQUFNLENBQUM7WUFDSixNQUFNLElBQUksS0FBSyxDQUFDLEdBQUcsU0FBUyxzQkFBc0IsQ0FBQyxDQUFDO1FBQ3hELENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ksTUFBTSxDQUFDLFNBQVMsQ0FBQyxPQUFnQjtRQUNwQyxPQUFPLElBQUEsK0JBQVMsRUFBQyxPQUFPLENBQUMsQ0FBQztJQUM5QixDQUFDO0NBQ0o7QUFwZUQsd0JBb2VDIn0=

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@super-protocol/addons-tee",
-  "version": "0.8.16",
+  "version": "0.8.17-beta.2",
   "description": "The TEE trusted loader addons",
   "tags": [
     "tee"
@@ -32,30 +32,32 @@
     "start": "yarn build",
     "start:watch": "nodemon",
     "start:prod": "node --enable-source-maps ./dist/index.js",
-    "test": "jest",
+    "test": "jest --verbose",
     "test:watch": "jest --watch",
     "test:cov": "jest --coverage",
     "test:debug": "node --inspect-brk node_modules/.bin/jest -i"
   },
   "dependencies": {
-    "@fidm/x509": "^1.2.1",
+    "@super-protocol/eslint-config-typescript": "2.0.1",
     "asn1-tree": "^0.1.1",
-    "axios": "^0.24.0"
+    "msgpack5": "^6.0.2",
+    "node-forge": "^1.3.1"
+  },
+  "peerDependencies": {
+    "@super-protocol/dto-js": ">=1.0.0-beta.0 <2.0",
+    "@super-protocol/sdk-js": ">=3.0.5 <4.0",
+    "axios": "^1.5.1"
   },
   "devDependencies": {
     "@peculiar/x509": "^1.9.3",
     "@types/jest": "^27.5.2",
+    "@types/lodash": "^4.17.5",
+    "@types/msgpack5": "^3.4.6",
     "@types/node": "^17.0.0",
-    "@typescript-eslint/eslint-plugin": "^5.8.0",
-    "@typescript-eslint/parser": "^5.8.0",
-    "eslint": "^8.5.0",
-    "eslint-config-prettier": "^8.3.0",
-    "eslint-plugin-prettier": "^4.0.0",
-    "jest": "^27.5.1",
+    "@types/node-forge": "^1.3.1",
+    "jest": "^29.7.0",
     "nodemon": "^2.0.15",
-    "prettier": "^2.5.1",
-    "ts-jest": "^27.1.5",
-    "typescript": "^4.5.4"
+    "ts-jest": "^29.1.2"
   },
   "jest": {
     "moduleFileExtensions": [
@@ -72,6 +74,11 @@
       "**/*.(t|j)s"
     ],
     "coverageDirectory": "../coverage",
-    "testEnvironment": "node"
+    "testEnvironment": "node",
+    "transformIgnorePatterns": [
+      "/bindings/",
+      "/node_modules/",
+      "/dist/"
+    ]
   }
 }

package/dist/sgx-native-module/sgx-tests.d.ts

@@ -1 +0,0 @@
-export {};