@super-protocol/pki-client 1.6.2 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/challengeProvider/challengeNvidiaCCHelper.d.ts +10 -0
- package/dist/challengeProvider/challengeNvidiaCCHelper.js +40 -0
- package/dist/challengeProvider/challengeProviderSnp.js +5 -2
- package/dist/challengeProvider/challengeProviderTdx.js +5 -2
- package/dist/challengeProvider/index.d.ts +1 -0
- package/dist/challengeProvider/index.js +2 -1
- package/package.json +4 -3
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import { NvidiaCCToken } from '@super-protocol/pki-common';
|
|
3
|
+
export declare class ChallengeNvidiaCCHelper {
|
|
4
|
+
private static getNvidiaToken;
|
|
5
|
+
static getTokenHash(token: NvidiaCCToken): Buffer;
|
|
6
|
+
static getTokenAndCombinedChallengeData(baseUserData: Buffer): Promise<{
|
|
7
|
+
nvidiaTokens: NvidiaCCToken | undefined;
|
|
8
|
+
challengeData: Buffer;
|
|
9
|
+
}>;
|
|
10
|
+
}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ChallengeNvidiaCCHelper = void 0;
|
|
4
|
+
const sp_nvtrust_wrapper_1 = require("@super-protocol/sp-nvtrust-wrapper");
|
|
5
|
+
const crypto_1 = require("crypto");
|
|
6
|
+
class ChallengeNvidiaCCHelper {
|
|
7
|
+
static async getNvidiaToken() {
|
|
8
|
+
//TODO: add nvswitchToken here
|
|
9
|
+
const wrapper = new sp_nvtrust_wrapper_1.NvtrustWrapper();
|
|
10
|
+
const topology = await wrapper.getGPUTopology();
|
|
11
|
+
if (!topology.gpuCount) {
|
|
12
|
+
return;
|
|
13
|
+
}
|
|
14
|
+
const nonce = sp_nvtrust_wrapper_1.NvtrustWrapper.generateNonce();
|
|
15
|
+
const gpuTokenRaw = await wrapper.getNvidiaToken({
|
|
16
|
+
device: sp_nvtrust_wrapper_1.NvidiaDeviceType.GPU,
|
|
17
|
+
nonce,
|
|
18
|
+
ppcieMode: false,
|
|
19
|
+
});
|
|
20
|
+
return { gpuToken: gpuTokenRaw.jwt };
|
|
21
|
+
}
|
|
22
|
+
static getTokenHash(token) {
|
|
23
|
+
const hash = (0, crypto_1.createHash)('sha256');
|
|
24
|
+
hash.update(JSON.stringify(token));
|
|
25
|
+
return hash.digest();
|
|
26
|
+
}
|
|
27
|
+
static async getTokenAndCombinedChallengeData(baseUserData) {
|
|
28
|
+
const nvidiaTokens = await ChallengeNvidiaCCHelper.getNvidiaToken();
|
|
29
|
+
const nvidiaTokenHash = nvidiaTokens && ChallengeNvidiaCCHelper.getTokenHash(nvidiaTokens);
|
|
30
|
+
const challengeData = nvidiaTokenHash
|
|
31
|
+
? Buffer.concat([baseUserData, nvidiaTokenHash])
|
|
32
|
+
: baseUserData;
|
|
33
|
+
if (challengeData.length > 64) {
|
|
34
|
+
throw new Error('challengeData length exceeds 64 bytes');
|
|
35
|
+
}
|
|
36
|
+
return { nvidiaTokens, challengeData };
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
exports.ChallengeNvidiaCCHelper = ChallengeNvidiaCCHelper;
|
|
40
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlTnZpZGlhQ0NIZWxwZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlTnZpZGlhQ0NIZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsMkVBRzRDO0FBRTVDLG1DQUFvQztBQUVwQyxNQUFhLHVCQUF1QjtJQUN4QixNQUFNLENBQUMsS0FBSyxDQUFDLGNBQWM7UUFDL0IsOEJBQThCO1FBQzlCLE1BQU0sT0FBTyxHQUFHLElBQUksbUNBQWMsRUFBRSxDQUFDO1FBQ3JDLE1BQU0sUUFBUSxHQUFHLE1BQU0sT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDO1FBRWhELElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDckIsT0FBTztRQUNYLENBQUM7UUFFRCxNQUFNLEtBQUssR0FBRyxtQ0FBYyxDQUFDLGFBQWEsRUFBRSxDQUFDO1FBQzdDLE1BQU0sV0FBVyxHQUFHLE1BQU0sT0FBTyxDQUFDLGNBQWMsQ0FBQztZQUM3QyxNQUFNLEVBQUUscUNBQWdCLENBQUMsR0FBRztZQUM1QixLQUFLO1lBQ0wsU0FBUyxFQUFFLEtBQUs7U0FDbkIsQ0FBQyxDQUFDO1FBQ0gsT0FBTyxFQUFFLFFBQVEsRUFBRSxXQUFXLENBQUMsR0FBRyxFQUFFLENBQUM7SUFDekMsQ0FBQztJQUVELE1BQU0sQ0FBQyxZQUFZLENBQUMsS0FBb0I7UUFDcEMsTUFBTSxJQUFJLEdBQUcsSUFBQSxtQkFBVSxFQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ2xDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDO1FBQ25DLE9BQU8sSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO0lBQ3pCLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLGdDQUFnQyxDQUN6QyxZQUFvQjtRQUtwQixNQUFNLFlBQVksR0FBRyxNQUFNLHVCQUF1QixDQUFDLGNBQWMsRUFBRSxDQUFDO1FBQ3BFLE1BQU0sZUFBZSxHQUNqQixZQUFZLElBQUksdUJBQXVCLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRXZFLE1BQU0sYUFBYSxHQUFHLGVBQWU7WUFDakMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxZQUFZLEVBQUUsZUFBZSxDQUFDLENBQUM7WUFDaEQsQ0FBQyxDQUFDLFlBQVksQ0FBQztRQUVuQixJQUFJLGFBQWEsQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDNUIsTUFBTSxJQUFJLEtBQUssQ0FBQyx1Q0FBdUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFDRCxPQUFPLEVBQUUsWUFBWSxFQUFFLGFBQWEsRUFBRSxDQUFDO0lBQzNDLENBQUM7Q0FDSjtBQTVDRCwwREE0Q0MifQ==
|
|
@@ -24,18 +24,21 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
26
|
exports.ChallengeProviderSNP = void 0;
|
|
27
|
+
const challengeNvidiaCCHelper_1 = require("./challengeNvidiaCCHelper");
|
|
27
28
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
28
29
|
class ChallengeProviderSNP {
|
|
29
30
|
async generateChallenge(userData) {
|
|
30
31
|
// This module depends on native library that cannot be compiled for all architectures / operating systems.
|
|
31
32
|
// That is why we load it dynamically and use only when it's really needed.
|
|
32
33
|
const { SgxNative } = await Promise.resolve().then(() => __importStar(require('@super-protocol/addons-tee')));
|
|
33
|
-
const
|
|
34
|
+
const { challengeData, nvidiaTokens } = await challengeNvidiaCCHelper_1.ChallengeNvidiaCCHelper.getTokenAndCombinedChallengeData(userData);
|
|
35
|
+
const report = await SgxNative.SevSNP.generateSNPReportWithChain(challengeData);
|
|
34
36
|
return {
|
|
35
37
|
type: pki_common_1.ChallengeType.AMDSEV,
|
|
36
38
|
serializedReportBase64: SgxNative.SevSNP.serializeSNPReport(report).toString('base64'),
|
|
39
|
+
nvidiaTokens,
|
|
37
40
|
};
|
|
38
41
|
}
|
|
39
42
|
}
|
|
40
43
|
exports.ChallengeProviderSNP = ChallengeProviderSNP;
|
|
41
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
44
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJTbnAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJTbnAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1RUFBb0U7QUFFcEUsMkRBQXNFO0FBRXRFLE1BQWEsb0JBQW9CO0lBQzdCLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQyxRQUFnQjtRQUNwQywyR0FBMkc7UUFDM0csMkVBQTJFO1FBQzNFLE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyx3REFBYSw0QkFBNEIsR0FBQyxDQUFDO1FBRWpFLE1BQU0sRUFBRSxhQUFhLEVBQUUsWUFBWSxFQUFFLEdBQ2pDLE1BQU0saURBQXVCLENBQUMsZ0NBQWdDLENBQzFELFFBQVEsQ0FDWCxDQUFDO1FBQ04sTUFBTSxNQUFNLEdBQ1IsTUFBTSxTQUFTLENBQUMsTUFBTSxDQUFDLDBCQUEwQixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3JFLE9BQU87WUFDSCxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxNQUFNO1lBQzFCLHNCQUFzQixFQUNsQixTQUFTLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLE1BQU0sQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7WUFDbEUsWUFBWTtTQUNmLENBQUM7SUFDTixDQUFDO0NBQ0o7QUFuQkQsb0RBbUJDIn0=
|
|
@@ -24,19 +24,22 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
26
|
exports.ChallengeProviderTdx = void 0;
|
|
27
|
+
const challengeNvidiaCCHelper_1 = require("./challengeNvidiaCCHelper");
|
|
27
28
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
28
29
|
class ChallengeProviderTdx {
|
|
29
30
|
async generateChallenge(userData) {
|
|
30
31
|
// This module depends on native library that cannot be compiled for all architectures / operating systems.
|
|
31
32
|
// That is why we load it dynamically and use only when it's really needed.
|
|
32
33
|
const { SgxNative } = await Promise.resolve().then(() => __importStar(require('@super-protocol/addons-tee')));
|
|
34
|
+
const { challengeData, nvidiaTokens } = await challengeNvidiaCCHelper_1.ChallengeNvidiaCCHelper.getTokenAndCombinedChallengeData(userData);
|
|
33
35
|
const dcapVerifyService = new SgxNative.DcapQuoteVerifyService();
|
|
34
|
-
const quoteData = await dcapVerifyService.generateTDXQuote(
|
|
36
|
+
const quoteData = await dcapVerifyService.generateTDXQuote(challengeData);
|
|
35
37
|
return {
|
|
36
38
|
type: pki_common_1.ChallengeType.TDX,
|
|
37
39
|
quoteBase64: quoteData.toString('base64'),
|
|
40
|
+
nvidiaTokens,
|
|
38
41
|
};
|
|
39
42
|
}
|
|
40
43
|
}
|
|
41
44
|
exports.ChallengeProviderTdx = ChallengeProviderTdx;
|
|
42
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJUZHguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJUZHgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1RUFBb0U7QUFFcEUsMkRBQXNFO0FBRXRFLE1BQWEsb0JBQW9CO0lBQzdCLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQyxRQUFnQjtRQUNwQywyR0FBMkc7UUFDM0csMkVBQTJFO1FBQzNFLE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyx3REFBYSw0QkFBNEIsR0FBQyxDQUFDO1FBRWpFLE1BQU0sRUFBRSxhQUFhLEVBQUUsWUFBWSxFQUFFLEdBQ2pDLE1BQU0saURBQXVCLENBQUMsZ0NBQWdDLENBQzFELFFBQVEsQ0FDWCxDQUFDO1FBRU4sTUFBTSxpQkFBaUIsR0FBRyxJQUFJLFNBQVMsQ0FBQyxzQkFBc0IsRUFBRSxDQUFDO1FBRWpFLE1BQU0sU0FBUyxHQUNYLE1BQU0saUJBQWlCLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDNUQsT0FBTztZQUNILElBQUksRUFBRSwwQkFBYSxDQUFDLEdBQUc7WUFDdkIsV0FBVyxFQUFFLFNBQVMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDO1lBQ3pDLFlBQVk7U0FDZixDQUFDO0lBQ04sQ0FBQztDQUNKO0FBckJELG9EQXFCQyJ9
|
|
@@ -19,4 +19,5 @@ __exportStar(require("./challengeProviderSgx"), exports);
|
|
|
19
19
|
__exportStar(require("./challengeProviderTdx"), exports);
|
|
20
20
|
__exportStar(require("./challengeProviderUntrusted"), exports);
|
|
21
21
|
__exportStar(require("./challengeProviderSnp"), exports);
|
|
22
|
-
|
|
22
|
+
__exportStar(require("./challengeNvidiaCCHelper"), exports);
|
|
23
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUFvQztBQUNwQyx5REFBdUM7QUFDdkMseURBQXVDO0FBQ3ZDLCtEQUE2QztBQUM3Qyx5REFBdUM7QUFDdkMsNERBQTBDIn0=
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-client",
|
|
3
|
-
"version": "1.6.
|
|
3
|
+
"version": "1.6.3",
|
|
4
4
|
"public": true,
|
|
5
5
|
"description": "",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -20,9 +20,10 @@
|
|
|
20
20
|
"author": "Super Protocol",
|
|
21
21
|
"license": "ISC",
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@super-protocol/addons-tee": "^0.9.
|
|
23
|
+
"@super-protocol/addons-tee": "^0.9.3",
|
|
24
24
|
"@super-protocol/pki-api-client": "*",
|
|
25
25
|
"@super-protocol/pki-common": "*",
|
|
26
|
+
"@super-protocol/sp-nvtrust-wrapper": "^1.0.8",
|
|
26
27
|
"yaml": "^2.6.0"
|
|
27
28
|
}
|
|
28
|
-
}
|
|
29
|
+
}
|