@super-protocol/pki-client 1.0.7 → 1.3.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/challengeProvider/challengeProviderUntrusted.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderUntrusted.js +4 -3
- package/dist/pkiClient.d.ts +1 -1
- package/dist/pkiClient.js +8 -4
- package/package.json +6 -5
- package/dist/helpers.d.ts +0 -2
- package/dist/helpers.js +0 -6
- package/dist/types.d.ts +0 -48
- package/dist/types.js +0 -18
|
@@ -3,6 +3,6 @@ import { ChallengeProvider } from './challengeProvider';
|
|
|
3
3
|
import { Challenge } from '@super-protocol/pki-common';
|
|
4
4
|
export declare class ChallengeProviderUntrusted implements ChallengeProvider {
|
|
5
5
|
private readonly deviceId;
|
|
6
|
-
constructor(deviceId:
|
|
6
|
+
constructor(deviceId: Buffer);
|
|
7
7
|
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
8
8
|
}
|
|
@@ -3,16 +3,17 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.ChallengeProviderUntrusted = void 0;
|
|
4
4
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
5
5
|
class ChallengeProviderUntrusted {
|
|
6
|
+
deviceId;
|
|
6
7
|
constructor(deviceId) {
|
|
7
8
|
this.deviceId = deviceId;
|
|
8
9
|
}
|
|
9
10
|
async generateChallenge(userData) {
|
|
10
11
|
return {
|
|
11
12
|
type: pki_common_1.ChallengeType.Untrusted,
|
|
12
|
-
|
|
13
|
-
|
|
13
|
+
userDataBase64: userData.toString('base64'),
|
|
14
|
+
idBase64: this.deviceId.toString('base64'),
|
|
14
15
|
};
|
|
15
16
|
}
|
|
16
17
|
}
|
|
17
18
|
exports.ChallengeProviderUntrusted = ChallengeProviderUntrusted;
|
|
18
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
19
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJVbnRydXN0ZWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJVbnRydXN0ZWQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsMkRBQXNFO0FBRXRFLE1BQWEsMEJBQTBCO0lBQ047SUFBN0IsWUFBNkIsUUFBZ0I7UUFBaEIsYUFBUSxHQUFSLFFBQVEsQ0FBUTtJQUFHLENBQUM7SUFFakQsS0FBSyxDQUFDLGlCQUFpQixDQUFDLFFBQWdCO1FBQ3BDLE9BQU87WUFDSCxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxTQUFTO1lBQzdCLGNBQWMsRUFBRSxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztZQUMzQyxRQUFRLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDO1NBQzdDLENBQUM7SUFDTixDQUFDO0NBQ0o7QUFWRCxnRUFVQyJ9
|
package/dist/pkiClient.d.ts
CHANGED
|
@@ -11,5 +11,5 @@ export declare class PkiClient {
|
|
|
11
11
|
private readonly challengeProvider;
|
|
12
12
|
private readonly attestationServiceClient;
|
|
13
13
|
constructor(options?: SgxPkiClientOptions);
|
|
14
|
-
generateSslCertificate(): Promise<TeeSslCertificate>;
|
|
14
|
+
generateSslCertificate(domains: string[]): Promise<TeeSslCertificate>;
|
|
15
15
|
}
|
package/dist/pkiClient.js
CHANGED
|
@@ -4,7 +4,7 @@ exports.PkiClient = void 0;
|
|
|
4
4
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
5
5
|
const challengeProvider_1 = require("./challengeProvider");
|
|
6
6
|
const pki_api_client_1 = require("@super-protocol/pki-api-client");
|
|
7
|
-
const AS_BASE_URL = 'https://tee.superprotocol.com:
|
|
7
|
+
const AS_BASE_URL = 'https://tee.superprotocol.com:30666/api/v1/pki';
|
|
8
8
|
const AS_CA = `-----BEGIN RSA PRIVATE KEY-----
|
|
9
9
|
MIIG4wIBAAKCAYEA52+Wv0au32saO1uMlLx02Z7Ns6hcL1bNBsq800Z/T3xRHei5
|
|
10
10
|
fRqhOqzF2FkWRcEv16s4eLkuqlIeKSRUXYk3JkZ0SZhqIY+XVYiuPDhY4dY1Awg7
|
|
@@ -45,6 +45,9 @@ ga4kuEaqAXBP9r7b1+CUq3OC5qzYpxL9DEDsImvDrNFHg7gTHumnJ0Q29zUK4Emy
|
|
|
45
45
|
xyrzzUK6ZJ/QC21VTAa/5gHOPlcZOWsDpITuwDrQ4uATkITaRhF0
|
|
46
46
|
-----END RSA PRIVATE KEY-----`;
|
|
47
47
|
class PkiClient {
|
|
48
|
+
keyPair;
|
|
49
|
+
challengeProvider;
|
|
50
|
+
attestationServiceClient;
|
|
48
51
|
constructor(options = {}) {
|
|
49
52
|
if (options.privateKeyPem) {
|
|
50
53
|
this.keyPair = {
|
|
@@ -61,21 +64,22 @@ class PkiClient {
|
|
|
61
64
|
options.attestationServiceClient ||
|
|
62
65
|
new pki_api_client_1.StaticAttestationServiceClient(AS_BASE_URL, AS_CA);
|
|
63
66
|
}
|
|
64
|
-
async generateSslCertificate() {
|
|
67
|
+
async generateSslCertificate(domains) {
|
|
65
68
|
const keys = this.keyPair;
|
|
66
69
|
const publicKeyHash = (0, pki_common_1.getPublicKeyHash)(keys.publicKeyPem);
|
|
67
70
|
const challenge = await this.challengeProvider.generateChallenge(publicKeyHash);
|
|
68
71
|
const cert = await this.attestationServiceClient.generateCertificate({
|
|
72
|
+
domains,
|
|
69
73
|
publicKeyPem: keys.publicKeyPem,
|
|
70
74
|
challenge,
|
|
71
75
|
});
|
|
72
76
|
return {
|
|
73
77
|
certPem: cert.certPem,
|
|
74
78
|
caBundle: cert.rootCertsPem,
|
|
75
|
-
|
|
79
|
+
domains: cert.domains,
|
|
76
80
|
keyPair: keys,
|
|
77
81
|
};
|
|
78
82
|
}
|
|
79
83
|
}
|
|
80
84
|
exports.PkiClient = PkiClient;
|
|
81
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
85
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGtpQ2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3BraUNsaWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwyREFNb0M7QUFDcEMsMkRBQThFO0FBQzlFLG1FQUd3QztBQUV4QyxNQUFNLFdBQVcsR0FBRyxnREFBZ0QsQ0FBQztBQUNyRSxNQUFNLEtBQUssR0FBRzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OEJBc0NnQixDQUFDO0FBUS9CLE1BQWEsU0FBUztJQUNELE9BQU8sQ0FBYTtJQUNwQixpQkFBaUIsQ0FBb0I7SUFDckMsd0JBQXdCLENBQTJCO0lBRXBFLFlBQVksVUFBK0IsRUFBRTtRQUN6QyxJQUFJLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUN4QixJQUFJLENBQUMsT0FBTyxHQUFHO2dCQUNYLGFBQWEsRUFBRSxPQUFPLENBQUMsYUFBYTtnQkFDcEMsWUFBWSxFQUFFLElBQUEsb0NBQXVCLEVBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQzthQUMvRCxDQUFDO1FBQ04sQ0FBQzthQUFNLENBQUM7WUFDSixJQUFJLENBQUMsT0FBTyxHQUFHLElBQUEsNEJBQWUsR0FBRSxDQUFDO1FBQ3JDLENBQUM7UUFDRCxJQUFJLENBQUMsaUJBQWlCO1lBQ2xCLE9BQU8sQ0FBQyxpQkFBaUIsSUFBSSxJQUFJLHdDQUFvQixFQUFFLENBQUM7UUFDNUQsSUFBSSxDQUFDLHdCQUF3QjtZQUN6QixPQUFPLENBQUMsd0JBQXdCO2dCQUNoQyxJQUFJLCtDQUE4QixDQUFDLFdBQVcsRUFBRSxLQUFLLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRUQsS0FBSyxDQUFDLHNCQUFzQixDQUN4QixPQUFpQjtRQUVqQixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDO1FBQzFCLE1BQU0sYUFBYSxHQUFHLElBQUEsNkJBQWdCLEVBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQzFELE1BQU0sU0FBUyxHQUNYLE1BQU0sSUFBSSxDQUFDLGlCQUFpQixDQUFDLGlCQUFpQixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ2xFLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLHdCQUF3QixDQUFDLG1CQUFtQixDQUFDO1lBQ2pFLE9BQU87WUFDUCxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0IsU0FBUztTQUNaLENBQUMsQ0FBQztRQUNILE9BQU87WUFDSCxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsUUFBUSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQzNCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztZQUNyQixPQUFPLEVBQUUsSUFBSTtTQUNoQixDQUFDO0lBQ04sQ0FBQztDQUNKO0FBeENELDhCQXdDQyJ9
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-client",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.3.9",
|
|
4
4
|
"public": true,
|
|
5
5
|
"description": "",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -15,13 +15,14 @@
|
|
|
15
15
|
"scripts": {
|
|
16
16
|
"build": "tsc -b",
|
|
17
17
|
"lint": "eslint --max-warnings=0 src",
|
|
18
|
-
"lint:fix": "eslint --fix src"
|
|
18
|
+
"lint:fix": "eslint --fix src",
|
|
19
|
+
"publish": "npm publish --access public"
|
|
19
20
|
},
|
|
20
21
|
"author": "Super Protocol",
|
|
21
22
|
"license": "ISC",
|
|
22
23
|
"dependencies": {
|
|
23
|
-
"@super-protocol/pki-api-client": "
|
|
24
|
-
"@super-protocol/pki-common": "
|
|
24
|
+
"@super-protocol/pki-api-client": "*",
|
|
25
|
+
"@super-protocol/pki-common": "*",
|
|
25
26
|
"@super-protocol/tee-lib": "^0.2.6"
|
|
26
27
|
}
|
|
27
|
-
}
|
|
28
|
+
}
|
package/dist/helpers.d.ts
DELETED
package/dist/helpers.js
DELETED
|
@@ -1,6 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.generateDomain = void 0;
|
|
4
|
-
const generateDomain = (baseDomain, challengeType, id) => `*.${id}.${challengeType}.${baseDomain}`;
|
|
5
|
-
exports.generateDomain = generateDomain;
|
|
6
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9oZWxwZXJzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUVPLE1BQU0sY0FBYyxHQUFHLENBQzFCLFVBQWtCLEVBQ2xCLGFBQTRCLEVBQzVCLEVBQVUsRUFDWixFQUFFLENBQUMsS0FBSyxFQUFFLElBQUksYUFBYSxJQUFJLFVBQVUsRUFBRSxDQUFDO0FBSmpDLFFBQUEsY0FBYyxrQkFJbUIifQ==
|
package/dist/types.d.ts
DELETED
|
@@ -1,48 +0,0 @@
|
|
|
1
|
-
export declare enum ChallengeType {
|
|
2
|
-
Untrusted = "untrusted",
|
|
3
|
-
SGXDCAP = "sgx-dcap",
|
|
4
|
-
SGXIAS = "sgx-ias",
|
|
5
|
-
TDX = "tdx",
|
|
6
|
-
AMDSEV = "amd-sev",
|
|
7
|
-
TDXSuperLoader = "tdx-super-loader"
|
|
8
|
-
}
|
|
9
|
-
export interface UntrustedChallenge {
|
|
10
|
-
type: ChallengeType.Untrusted;
|
|
11
|
-
userData: string;
|
|
12
|
-
id: string;
|
|
13
|
-
}
|
|
14
|
-
export interface SGXDCAPChallenge {
|
|
15
|
-
type: ChallengeType.SGXDCAP;
|
|
16
|
-
quoteBase64: string;
|
|
17
|
-
}
|
|
18
|
-
export type Challenge = UntrustedChallenge | SGXDCAPChallenge;
|
|
19
|
-
export interface PkiCertParams {
|
|
20
|
-
serialNumber: string;
|
|
21
|
-
notBefore: string;
|
|
22
|
-
notAfter: string;
|
|
23
|
-
commonName: string;
|
|
24
|
-
countryName: string;
|
|
25
|
-
stateName: string;
|
|
26
|
-
localityName: string;
|
|
27
|
-
organizationName: string;
|
|
28
|
-
organizationUnitName: string;
|
|
29
|
-
}
|
|
30
|
-
export interface PkiUntrustedStaticKeyStorage {
|
|
31
|
-
type: 'untrusted-static';
|
|
32
|
-
publicKeyPem: string;
|
|
33
|
-
privateKeyPem: string;
|
|
34
|
-
}
|
|
35
|
-
export interface PkiInMemoryKeyStorage {
|
|
36
|
-
type: 'in-memory';
|
|
37
|
-
}
|
|
38
|
-
export interface PkiSuperDecentralizedSecretKeyStorage {
|
|
39
|
-
type: 'super';
|
|
40
|
-
}
|
|
41
|
-
export interface PkiTrustedKeyStorage {
|
|
42
|
-
type: 'trusted';
|
|
43
|
-
storage: PkiInMemoryKeyStorage | PkiSuperDecentralizedSecretKeyStorage;
|
|
44
|
-
}
|
|
45
|
-
export declare enum PkiRole {
|
|
46
|
-
root = "root",
|
|
47
|
-
subroot = "subroot"
|
|
48
|
-
}
|
package/dist/types.js
DELETED
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.PkiRole = exports.ChallengeType = void 0;
|
|
4
|
-
var ChallengeType;
|
|
5
|
-
(function (ChallengeType) {
|
|
6
|
-
ChallengeType["Untrusted"] = "untrusted";
|
|
7
|
-
ChallengeType["SGXDCAP"] = "sgx-dcap";
|
|
8
|
-
ChallengeType["SGXIAS"] = "sgx-ias";
|
|
9
|
-
ChallengeType["TDX"] = "tdx";
|
|
10
|
-
ChallengeType["AMDSEV"] = "amd-sev";
|
|
11
|
-
ChallengeType["TDXSuperLoader"] = "tdx-super-loader";
|
|
12
|
-
})(ChallengeType || (exports.ChallengeType = ChallengeType = {}));
|
|
13
|
-
var PkiRole;
|
|
14
|
-
(function (PkiRole) {
|
|
15
|
-
PkiRole["root"] = "root";
|
|
16
|
-
PkiRole["subroot"] = "subroot";
|
|
17
|
-
})(PkiRole || (exports.PkiRole = PkiRole = {}));
|
|
18
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsSUFBWSxhQU9YO0FBUEQsV0FBWSxhQUFhO0lBQ3JCLHdDQUF1QixDQUFBO0lBQ3ZCLHFDQUFvQixDQUFBO0lBQ3BCLG1DQUFrQixDQUFBO0lBQ2xCLDRCQUFXLENBQUE7SUFDWCxtQ0FBa0IsQ0FBQTtJQUNsQixvREFBbUMsQ0FBQTtBQUN2QyxDQUFDLEVBUFcsYUFBYSw2QkFBYixhQUFhLFFBT3hCO0FBOENELElBQVksT0FHWDtBQUhELFdBQVksT0FBTztJQUNmLHdCQUFhLENBQUE7SUFDYiw4QkFBbUIsQ0FBQTtBQUN2QixDQUFDLEVBSFcsT0FBTyx1QkFBUCxPQUFPLFFBR2xCIn0=
|