@super-protocol/pki-client 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/challengeProvider/challengeProvider.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderCertificate.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderCertificate.js +3 -2
- package/dist/challengeProvider/challengeProviderSevSnp.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderSevSnp.js +3 -2
- package/dist/challengeProvider/challengeProviderSgx.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderSgx.js +3 -2
- package/dist/challengeProvider/challengeProviderTdx.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderTdx.js +3 -2
- package/dist/challengeProvider/challengeProviderToken.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderToken.js +3 -2
- package/dist/challengeProvider/challengeProviderUntrusted.d.ts +1 -1
- package/dist/challengeProvider/challengeProviderUntrusted.js +3 -2
- package/dist/pkiClient.d.ts +4 -2
- package/dist/pkiClient.js +4 -2
- package/dist/pkiClientConfig.d.ts +18 -0
- package/dist/pkiClientConfig.js +3 -1
- package/dist/pkiClientFactory.js +7 -2
- package/package.json +2 -2
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { Challenge } from '@super-protocol/pki-common';
|
|
3
3
|
export interface ChallengeProvider {
|
|
4
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
4
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
5
5
|
}
|
|
@@ -8,7 +8,7 @@ export declare class ChallengeProviderCertificate implements ChallengeProvider {
|
|
|
8
8
|
private orderPrivateKey;
|
|
9
9
|
private initialized;
|
|
10
10
|
constructor(orderCertsPath: string);
|
|
11
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
11
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
12
12
|
private readOrderCerts;
|
|
13
13
|
private signUserData;
|
|
14
14
|
}
|
|
@@ -40,7 +40,7 @@ class ChallengeProviderCertificate {
|
|
|
40
40
|
constructor(orderCertsPath) {
|
|
41
41
|
this.orderCertsPath = orderCertsPath;
|
|
42
42
|
}
|
|
43
|
-
async generateChallenge(userData) {
|
|
43
|
+
async generateChallenge(userData, networkKey) {
|
|
44
44
|
if (!this.initialized) {
|
|
45
45
|
try {
|
|
46
46
|
await this.readOrderCerts();
|
|
@@ -55,6 +55,7 @@ class ChallengeProviderCertificate {
|
|
|
55
55
|
userDataSignatureBase64: this.signUserData(userData),
|
|
56
56
|
orderCertificate: this.orderCert,
|
|
57
57
|
orderCABundle: this.orderCaBundle,
|
|
58
|
+
networkKey,
|
|
58
59
|
};
|
|
59
60
|
}
|
|
60
61
|
async readOrderCerts() {
|
|
@@ -76,4 +77,4 @@ class ChallengeProviderCertificate {
|
|
|
76
77
|
}
|
|
77
78
|
}
|
|
78
79
|
exports.ChallengeProviderCertificate = ChallengeProviderCertificate;
|
|
79
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
80
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJDZXJ0aWZpY2F0ZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9jaGFsbGVuZ2VQcm92aWRlci9jaGFsbGVuZ2VQcm92aWRlckNlcnRpZmljYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQ0EsMkRBQXNFO0FBQ3RFLGdEQUFrQztBQUNsQywyQ0FBNkI7QUFDN0Isb0RBQTRCO0FBRTVCLE1BQWEsNEJBQTRCO0lBTVI7SUFMckIsU0FBUyxDQUFVO0lBQ25CLGFBQWEsQ0FBVTtJQUN2QixlQUFlLENBQVU7SUFDekIsV0FBVyxHQUFHLEtBQUssQ0FBQztJQUU1QixZQUE2QixjQUFzQjtRQUF0QixtQkFBYyxHQUFkLGNBQWMsQ0FBUTtJQUFHLENBQUM7SUFDdkQsS0FBSyxDQUFDLGlCQUFpQixDQUNuQixRQUFnQixFQUNoQixVQUFtQjtRQUVuQixJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ3BCLElBQUksQ0FBQztnQkFDRCxNQUFNLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztnQkFDNUIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUM7WUFDNUIsQ0FBQztZQUFDLE9BQU8sS0FBVSxFQUFFLENBQUM7Z0JBQ2xCLE1BQU0sSUFBSSxLQUFLLENBQ1gsNkNBQTZDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FDL0QsQ0FBQztZQUNOLENBQUM7UUFDTCxDQUFDO1FBQ0QsT0FBTztZQUNILElBQUksRUFBRSwwQkFBYSxDQUFDLFdBQVc7WUFDL0IsdUJBQXVCLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxRQUFRLENBQUM7WUFDcEQsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFNBQVM7WUFDaEMsYUFBYSxFQUFFLElBQUksQ0FBQyxhQUFhO1lBQ2pDLFVBQVU7U0FDYixDQUFDO0lBQ04sQ0FBQztJQUNPLEtBQUssQ0FBQyxjQUFjO1FBQ3hCLElBQUksQ0FBQyxTQUFTLEdBQUcsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUM5QixJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxjQUFjLEVBQUUsZ0JBQWdCLENBQUMsRUFDaEQsTUFBTSxDQUNULENBQUM7UUFDRixJQUFJLENBQUMsZUFBZSxHQUFHLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FDcEMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsY0FBYyxFQUFFLGdCQUFnQixDQUFDLEVBQ2hELE1BQU0sQ0FDVCxDQUFDO1FBQ0YsSUFBSSxDQUFDLGFBQWEsR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQ2xDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsRUFBRSwwQkFBMEIsQ0FBQyxFQUMxRCxNQUFNLENBQ1QsQ0FBQztJQUNOLENBQUM7SUFFTyxZQUFZLENBQUMsUUFBZ0I7UUFDakMsTUFBTSxhQUFhLEdBQUcsZ0JBQU0sQ0FBQyxnQkFBZ0IsQ0FBQztZQUMxQyxHQUFHLEVBQUUsSUFBSSxDQUFDLGVBQWU7WUFDekIsTUFBTSxFQUFFLEtBQUs7WUFDYixJQUFJLEVBQUUsT0FBTztTQUNoQixDQUFDLENBQUM7UUFDSCxNQUFNLE1BQU0sR0FBRyxnQkFBTSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUMzQyxNQUFNLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3hCLE1BQU0sQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNiLE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDN0MsT0FBTyxTQUFTLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7Q0FDSjtBQXhERCxvRUF3REMifQ==
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
import { ChallengeProvider } from './challengeProvider';
|
|
3
3
|
import { Challenge } from '@super-protocol/pki-common';
|
|
4
4
|
export declare class ChallengeProviderSevSnp implements ChallengeProvider {
|
|
5
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
5
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
6
6
|
}
|
|
@@ -27,7 +27,7 @@ exports.ChallengeProviderSevSnp = void 0;
|
|
|
27
27
|
const challengeNvidiaCCHelper_1 = require("./challengeNvidiaCCHelper");
|
|
28
28
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
29
29
|
class ChallengeProviderSevSnp {
|
|
30
|
-
async generateChallenge(userData) {
|
|
30
|
+
async generateChallenge(userData, networkKey) {
|
|
31
31
|
// This module depends on native library that cannot be compiled for all architectures / operating systems.
|
|
32
32
|
// That is why we load it dynamically and use only when it's really needed.
|
|
33
33
|
const { SgxNative } = await Promise.resolve().then(() => __importStar(require('@super-protocol/addons-tee')));
|
|
@@ -37,8 +37,9 @@ class ChallengeProviderSevSnp {
|
|
|
37
37
|
type: pki_common_1.ChallengeType.SEVSNP,
|
|
38
38
|
serializedReportBase64: SgxNative.SevSNP.serializeSNPReport(report).toString('base64'),
|
|
39
39
|
nvidiaTokens,
|
|
40
|
+
networkKey,
|
|
40
41
|
};
|
|
41
42
|
}
|
|
42
43
|
}
|
|
43
44
|
exports.ChallengeProviderSevSnp = ChallengeProviderSevSnp;
|
|
44
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJTZXZTbnAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJTZXZTbnAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1RUFBb0U7QUFFcEUsMkRBQXNFO0FBRXRFLE1BQWEsdUJBQXVCO0lBQ2hDLEtBQUssQ0FBQyxpQkFBaUIsQ0FDbkIsUUFBZ0IsRUFDaEIsVUFBbUI7UUFFbkIsMkdBQTJHO1FBQzNHLDJFQUEyRTtRQUMzRSxNQUFNLEVBQUUsU0FBUyxFQUFFLEdBQUcsd0RBQWEsNEJBQTRCLEdBQUMsQ0FBQztRQUVqRSxNQUFNLEVBQUUsYUFBYSxFQUFFLFlBQVksRUFBRSxHQUNqQyxNQUFNLGlEQUF1QixDQUFDLGdDQUFnQyxDQUMxRCxRQUFRLENBQ1gsQ0FBQztRQUNOLE1BQU0sTUFBTSxHQUNSLE1BQU0sU0FBUyxDQUFDLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNyRSxPQUFPO1lBQ0gsSUFBSSxFQUFFLDBCQUFhLENBQUMsTUFBTTtZQUMxQixzQkFBc0IsRUFDbEIsU0FBUyxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDO1lBQ2xFLFlBQVk7WUFDWixVQUFVO1NBQ2IsQ0FBQztJQUNOLENBQUM7Q0FDSjtBQXZCRCwwREF1QkMifQ==
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
import { ChallengeProvider } from './challengeProvider';
|
|
3
3
|
import { Challenge } from '@super-protocol/pki-common';
|
|
4
4
|
export declare class ChallengeProviderSgx implements ChallengeProvider {
|
|
5
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
5
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
6
6
|
}
|
|
@@ -26,7 +26,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
26
26
|
exports.ChallengeProviderSgx = void 0;
|
|
27
27
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
28
28
|
class ChallengeProviderSgx {
|
|
29
|
-
async generateChallenge(userData) {
|
|
29
|
+
async generateChallenge(userData, networkKey) {
|
|
30
30
|
// This module depends on native library that cannot be compiled for all architectures / operating systems.
|
|
31
31
|
// That is why we load it dynamically and use only when it's really needed.
|
|
32
32
|
const { SgxNative } = await Promise.resolve().then(() => __importStar(require('@super-protocol/addons-tee')));
|
|
@@ -35,8 +35,9 @@ class ChallengeProviderSgx {
|
|
|
35
35
|
return {
|
|
36
36
|
type: pki_common_1.ChallengeType.SGXDCAP,
|
|
37
37
|
quoteBase64: quoteData.toString('base64'),
|
|
38
|
+
networkKey,
|
|
38
39
|
};
|
|
39
40
|
}
|
|
40
41
|
}
|
|
41
42
|
exports.ChallengeProviderSgx = ChallengeProviderSgx;
|
|
42
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
43
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJTZ3guanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJTZ3gudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFBc0U7QUFFdEUsTUFBYSxvQkFBb0I7SUFDN0IsS0FBSyxDQUFDLGlCQUFpQixDQUNuQixRQUFnQixFQUNoQixVQUFtQjtRQUVuQiwyR0FBMkc7UUFDM0csMkVBQTJFO1FBQzNFLE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyx3REFBYSw0QkFBNEIsR0FBQyxDQUFDO1FBQ2pFLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxTQUFTLENBQUMsc0JBQXNCLEVBQUUsQ0FBQztRQUNqRSxNQUFNLFNBQVMsR0FBRyxNQUFNLGlCQUFpQixDQUFDLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3JFLE9BQU87WUFDSCxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxPQUFPO1lBQzNCLFdBQVcsRUFBRSxTQUFTLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztZQUN6QyxVQUFVO1NBQ2IsQ0FBQztJQUNOLENBQUM7Q0FDSjtBQWhCRCxvREFnQkMifQ==
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
import { ChallengeProvider } from './challengeProvider';
|
|
3
3
|
import { Challenge } from '@super-protocol/pki-common';
|
|
4
4
|
export declare class ChallengeProviderTdx implements ChallengeProvider {
|
|
5
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
5
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
6
6
|
}
|
|
@@ -27,7 +27,7 @@ exports.ChallengeProviderTdx = void 0;
|
|
|
27
27
|
const challengeNvidiaCCHelper_1 = require("./challengeNvidiaCCHelper");
|
|
28
28
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
29
29
|
class ChallengeProviderTdx {
|
|
30
|
-
async generateChallenge(userData) {
|
|
30
|
+
async generateChallenge(userData, networkKey) {
|
|
31
31
|
// This module depends on native library that cannot be compiled for all architectures / operating systems.
|
|
32
32
|
// That is why we load it dynamically and use only when it's really needed.
|
|
33
33
|
const { SgxNative } = await Promise.resolve().then(() => __importStar(require('@super-protocol/addons-tee')));
|
|
@@ -38,8 +38,9 @@ class ChallengeProviderTdx {
|
|
|
38
38
|
type: pki_common_1.ChallengeType.TDX,
|
|
39
39
|
quoteBase64: quoteData.toString('base64'),
|
|
40
40
|
nvidiaTokens,
|
|
41
|
+
networkKey,
|
|
41
42
|
};
|
|
42
43
|
}
|
|
43
44
|
}
|
|
44
45
|
exports.ChallengeProviderTdx = ChallengeProviderTdx;
|
|
45
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
46
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJUZHguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJUZHgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSx1RUFBb0U7QUFFcEUsMkRBQXNFO0FBRXRFLE1BQWEsb0JBQW9CO0lBQzdCLEtBQUssQ0FBQyxpQkFBaUIsQ0FDbkIsUUFBZ0IsRUFDaEIsVUFBbUI7UUFFbkIsMkdBQTJHO1FBQzNHLDJFQUEyRTtRQUMzRSxNQUFNLEVBQUUsU0FBUyxFQUFFLEdBQUcsd0RBQWEsNEJBQTRCLEdBQUMsQ0FBQztRQUVqRSxNQUFNLEVBQUUsYUFBYSxFQUFFLFlBQVksRUFBRSxHQUNqQyxNQUFNLGlEQUF1QixDQUFDLGdDQUFnQyxDQUMxRCxRQUFRLENBQ1gsQ0FBQztRQUVOLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxTQUFTLENBQUMsc0JBQXNCLEVBQUUsQ0FBQztRQUVqRSxNQUFNLFNBQVMsR0FDWCxNQUFNLGlCQUFpQixDQUFDLGdCQUFnQixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQzVELE9BQU87WUFDSCxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxHQUFHO1lBQ3ZCLFdBQVcsRUFBRSxTQUFTLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztZQUN6QyxZQUFZO1lBQ1osVUFBVTtTQUNiLENBQUM7SUFDTixDQUFDO0NBQ0o7QUF6QkQsb0RBeUJDIn0=
|
|
@@ -4,5 +4,5 @@ import { Challenge } from '@super-protocol/pki-common';
|
|
|
4
4
|
export declare class ChallengeProviderToken implements ChallengeProvider {
|
|
5
5
|
private readonly token;
|
|
6
6
|
constructor(token: string);
|
|
7
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
7
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
8
8
|
}
|
|
@@ -7,13 +7,14 @@ class ChallengeProviderToken {
|
|
|
7
7
|
constructor(token) {
|
|
8
8
|
this.token = token;
|
|
9
9
|
}
|
|
10
|
-
async generateChallenge(userData) {
|
|
10
|
+
async generateChallenge(userData, networkKey) {
|
|
11
11
|
return {
|
|
12
12
|
type: pki_common_1.ChallengeType.Token,
|
|
13
13
|
userDataBase64: userData.toString('base64'),
|
|
14
14
|
token: this.token,
|
|
15
|
+
networkKey,
|
|
15
16
|
};
|
|
16
17
|
}
|
|
17
18
|
}
|
|
18
19
|
exports.ChallengeProviderToken = ChallengeProviderToken;
|
|
19
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJUb2tlbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9jaGFsbGVuZ2VQcm92aWRlci9jaGFsbGVuZ2VQcm92aWRlclRva2VuLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLDJEQUFzRTtBQUV0RSxNQUFhLHNCQUFzQjtJQUNGO0lBQTdCLFlBQTZCLEtBQWE7UUFBYixVQUFLLEdBQUwsS0FBSyxDQUFRO0lBQUcsQ0FBQztJQUM5QyxLQUFLLENBQUMsaUJBQWlCLENBQ25CLFFBQWdCLEVBQ2hCLFVBQW1CO1FBRW5CLE9BQU87WUFDSCxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxLQUFLO1lBQ3pCLGNBQWMsRUFBRSxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztZQUMzQyxLQUFLLEVBQUUsSUFBSSxDQUFDLEtBQUs7WUFDakIsVUFBVTtTQUNiLENBQUM7SUFDTixDQUFDO0NBQ0o7QUFiRCx3REFhQyJ9
|
|
@@ -4,5 +4,5 @@ import { Challenge } from '@super-protocol/pki-common';
|
|
|
4
4
|
export declare class ChallengeProviderUntrusted implements ChallengeProvider {
|
|
5
5
|
private readonly deviceId;
|
|
6
6
|
constructor(deviceId: Buffer);
|
|
7
|
-
generateChallenge(userData: Buffer): Promise<Challenge>;
|
|
7
|
+
generateChallenge(userData: Buffer, networkKey?: string): Promise<Challenge>;
|
|
8
8
|
}
|
|
@@ -7,13 +7,14 @@ class ChallengeProviderUntrusted {
|
|
|
7
7
|
constructor(deviceId) {
|
|
8
8
|
this.deviceId = deviceId;
|
|
9
9
|
}
|
|
10
|
-
async generateChallenge(userData) {
|
|
10
|
+
async generateChallenge(userData, networkKey) {
|
|
11
11
|
return {
|
|
12
12
|
type: pki_common_1.ChallengeType.Untrusted,
|
|
13
13
|
userDataBase64: userData.toString('base64'),
|
|
14
14
|
idBase64: this.deviceId.toString('base64'),
|
|
15
|
+
networkKey,
|
|
15
16
|
};
|
|
16
17
|
}
|
|
17
18
|
}
|
|
18
19
|
exports.ChallengeProviderUntrusted = ChallengeProviderUntrusted;
|
|
19
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2hhbGxlbmdlUHJvdmlkZXJVbnRydXN0ZWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY2hhbGxlbmdlUHJvdmlkZXIvY2hhbGxlbmdlUHJvdmlkZXJVbnRydXN0ZWQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsMkRBQXNFO0FBRXRFLE1BQWEsMEJBQTBCO0lBQ047SUFBN0IsWUFBNkIsUUFBZ0I7UUFBaEIsYUFBUSxHQUFSLFFBQVEsQ0FBUTtJQUFHLENBQUM7SUFFakQsS0FBSyxDQUFDLGlCQUFpQixDQUNuQixRQUFnQixFQUNoQixVQUFtQjtRQUVuQixPQUFPO1lBQ0gsSUFBSSxFQUFFLDBCQUFhLENBQUMsU0FBUztZQUM3QixjQUFjLEVBQUUsUUFBUSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7WUFDM0MsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztZQUMxQyxVQUFVO1NBQ2IsQ0FBQztJQUNOLENBQUM7Q0FDSjtBQWRELGdFQWNDIn0=
|
package/dist/pkiClient.d.ts
CHANGED
|
@@ -2,10 +2,11 @@ import { CertificateType, TeeSslCertificate, TeeSslCertificateFromCsr } from '@s
|
|
|
2
2
|
import { ChallengeProvider } from './challengeProvider';
|
|
3
3
|
import { AttestationServiceClient } from '@super-protocol/pki-api-client';
|
|
4
4
|
import { GetSslCertificateParams } from './types';
|
|
5
|
-
export interface
|
|
5
|
+
export interface PkiClientOptions {
|
|
6
6
|
privateKeyPem?: string;
|
|
7
7
|
challengeProvider?: ChallengeProvider;
|
|
8
8
|
attestationServiceClient: AttestationServiceClient;
|
|
9
|
+
networkKey?: string;
|
|
9
10
|
}
|
|
10
11
|
export interface GenerateCertificateOptions {
|
|
11
12
|
certType: CertificateType;
|
|
@@ -14,8 +15,9 @@ export declare class PkiClient {
|
|
|
14
15
|
private readonly keyPair?;
|
|
15
16
|
private readonly challengeProvider;
|
|
16
17
|
private readonly attestationServiceClient;
|
|
18
|
+
private readonly networkKey?;
|
|
17
19
|
private readonly defaultOptions;
|
|
18
|
-
constructor(options:
|
|
20
|
+
constructor(options: PkiClientOptions);
|
|
19
21
|
getCaCert(certType?: CertificateType): Promise<string>;
|
|
20
22
|
generateSslCertificate(params: GetSslCertificateParams, options?: GenerateCertificateOptions): Promise<TeeSslCertificate>;
|
|
21
23
|
generateSslCertificate(domains: string[], options?: GenerateCertificateOptions): Promise<TeeSslCertificate>;
|
package/dist/pkiClient.js
CHANGED
|
@@ -7,6 +7,7 @@ class PkiClient {
|
|
|
7
7
|
keyPair;
|
|
8
8
|
challengeProvider;
|
|
9
9
|
attestationServiceClient;
|
|
10
|
+
networkKey;
|
|
10
11
|
defaultOptions = {
|
|
11
12
|
certType: pki_common_1.CertificateType.Basic,
|
|
12
13
|
};
|
|
@@ -20,6 +21,7 @@ class PkiClient {
|
|
|
20
21
|
this.challengeProvider =
|
|
21
22
|
options.challengeProvider || new challengeProvider_1.ChallengeProviderSgx();
|
|
22
23
|
this.attestationServiceClient = options.attestationServiceClient;
|
|
24
|
+
this.networkKey = options.networkKey;
|
|
23
25
|
}
|
|
24
26
|
async getCaCert(certType = pki_common_1.CertificateType.Basic) {
|
|
25
27
|
return this.attestationServiceClient.getCaCert({ type: certType });
|
|
@@ -71,8 +73,8 @@ class PkiClient {
|
|
|
71
73
|
}
|
|
72
74
|
generateChallenge(publicKeyPem) {
|
|
73
75
|
const publicKeyHash = (0, pki_common_1.getPublicKeyPemHash)(publicKeyPem);
|
|
74
|
-
return this.challengeProvider.generateChallenge(publicKeyHash);
|
|
76
|
+
return this.challengeProvider.generateChallenge(publicKeyHash, this.networkKey);
|
|
75
77
|
}
|
|
76
78
|
}
|
|
77
79
|
exports.PkiClient = PkiClient;
|
|
78
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
80
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGtpQ2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3BraUNsaWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwyREFXb0M7QUFDcEMsMkRBQThFO0FBZTlFLE1BQWEsU0FBUztJQUNELE9BQU8sQ0FBYztJQUNyQixpQkFBaUIsQ0FBb0I7SUFDckMsd0JBQXdCLENBQTJCO0lBQ25ELFVBQVUsQ0FBVTtJQUNwQixjQUFjLEdBQUc7UUFDOUIsUUFBUSxFQUFFLDRCQUFlLENBQUMsS0FBSztLQUNsQyxDQUFDO0lBRUYsWUFBWSxPQUF5QjtRQUNqQyxJQUFJLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUN4QixJQUFJLENBQUMsT0FBTyxHQUFHO2dCQUNYLGFBQWEsRUFBRSxPQUFPLENBQUMsYUFBYTtnQkFDcEMsWUFBWSxFQUFFLElBQUEsb0NBQXVCLEVBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQzthQUMvRCxDQUFDO1FBQ04sQ0FBQztRQUVELElBQUksQ0FBQyxpQkFBaUI7WUFDbEIsT0FBTyxDQUFDLGlCQUFpQixJQUFJLElBQUksd0NBQW9CLEVBQUUsQ0FBQztRQUM1RCxJQUFJLENBQUMsd0JBQXdCLEdBQUcsT0FBTyxDQUFDLHdCQUF3QixDQUFDO1FBQ2pFLElBQUksQ0FBQyxVQUFVLEdBQUcsT0FBTyxDQUFDLFVBQVUsQ0FBQztJQUN6QyxDQUFDO0lBRUQsS0FBSyxDQUFDLFNBQVMsQ0FBQyxRQUFRLEdBQUcsNEJBQWUsQ0FBQyxLQUFLO1FBQzVDLE9BQU8sSUFBSSxDQUFDLHdCQUF3QixDQUFDLFNBQVMsQ0FBQyxFQUFFLElBQUksRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFDO0lBQ3ZFLENBQUM7SUFVRCxLQUFLLENBQUMsc0JBQXNCLENBQ3hCLE1BQTBDLEVBQzFDLFVBQXNDLElBQUksQ0FBQyxjQUFjO1FBRXpELElBQUksVUFBOEIsQ0FBQztRQUNuQyxJQUFJLE9BQWlCLENBQUM7UUFDdEIsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUM7WUFDeEIsT0FBTyxHQUFHLE1BQU0sQ0FBQztRQUNyQixDQUFDO2FBQU0sQ0FBQztZQUNKLFVBQVUsR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDO1lBQy9CLE9BQU8sR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDO1FBQzdCLENBQUM7UUFFRCxNQUFNLElBQUksR0FDTixJQUFJLENBQUMsT0FBTztZQUNaLENBQUMsT0FBTyxDQUFDLFFBQVEsS0FBSyw0QkFBZSxDQUFDLEtBQUs7Z0JBQ3ZDLENBQUMsQ0FBQyxJQUFBLCtCQUFrQixHQUFFO2dCQUN0QixDQUFDLENBQUMsSUFBQSw4QkFBaUIsR0FBRSxDQUFDLENBQUM7UUFDL0IsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ2xFLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLHdCQUF3QixDQUFDLG1CQUFtQixDQUNoRTtZQUNJLFVBQVU7WUFDVixPQUFPO1lBQ1AsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQy9CLFNBQVM7U0FDWixFQUNEO1lBQ0ksSUFBSSxFQUFFLE9BQU8sQ0FBQyxRQUFRO1NBQ3pCLENBQ0osQ0FBQztRQUNGLE9BQU87WUFDSCxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsUUFBUSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQzNCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztZQUNyQixPQUFPLEVBQUUsSUFBSTtTQUNoQixDQUFDO0lBQ04sQ0FBQztJQUVELEtBQUssQ0FBQyw2QkFBNkIsQ0FDL0IsTUFBYyxFQUNkLFVBQXNDLElBQUksQ0FBQyxjQUFjO1FBRXpELE1BQU0sU0FBUyxHQUFHLElBQUEsZ0NBQW1CLEVBQUMsTUFBTSxDQUFDLENBQUM7UUFDOUMsTUFBTSxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDMUQsTUFBTSxJQUFJLEdBQ04sTUFBTSxJQUFJLENBQUMsd0JBQXdCLENBQUMsMEJBQTBCLENBQzFEO1lBQ0ksTUFBTTtZQUNOLFNBQVM7U0FDWixFQUNEO1lBQ0ksSUFBSSxFQUFFLE9BQU8sQ0FBQyxRQUFRO1NBQ3pCLENBQ0osQ0FBQztRQUVOLE9BQU87WUFDSCxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsUUFBUSxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQzNCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztTQUN4QixDQUFDO0lBQ04sQ0FBQztJQUVPLGlCQUFpQixDQUFDLFlBQW9CO1FBQzFDLE1BQU0sYUFBYSxHQUFHLElBQUEsZ0NBQW1CLEVBQUMsWUFBWSxDQUFDLENBQUM7UUFDeEQsT0FBTyxJQUFJLENBQUMsaUJBQWlCLENBQUMsaUJBQWlCLENBQzNDLGFBQWEsRUFDYixJQUFJLENBQUMsVUFBVSxDQUNsQixDQUFDO0lBQ04sQ0FBQztDQUNKO0FBeEdELDhCQXdHQyJ9
|
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
import { ChallengeType } from '@super-protocol/pki-common';
|
|
2
2
|
import { Static } from '@sinclair/typebox';
|
|
3
|
+
declare const CaTeePkiCertProviderChallenge: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TObject<{
|
|
4
|
+
type: import("@sinclair/typebox").TLiteral<ChallengeType.Untrusted>;
|
|
5
|
+
idHex: import("@sinclair/typebox").TString;
|
|
6
|
+
commonIdHex: import("@sinclair/typebox").TString;
|
|
7
|
+
}>, import("@sinclair/typebox").TObject<{
|
|
8
|
+
type: import("@sinclair/typebox").TLiteral<ChallengeType.TDX>;
|
|
9
|
+
}>, import("@sinclair/typebox").TObject<{
|
|
10
|
+
type: import("@sinclair/typebox").TLiteral<ChallengeType.SEVSNP>;
|
|
11
|
+
}>, import("@sinclair/typebox").TObject<{
|
|
12
|
+
type: import("@sinclair/typebox").TLiteral<ChallengeType.SGXDCAP>;
|
|
13
|
+
}>, import("@sinclair/typebox").TObject<{
|
|
14
|
+
type: import("@sinclair/typebox").TLiteral<ChallengeType.Token>;
|
|
15
|
+
}>]>;
|
|
3
16
|
declare const PkiClientConfigSchema: import("@sinclair/typebox").TObject<{
|
|
4
17
|
clientCertProvider: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TObject<{
|
|
5
18
|
type: import("@sinclair/typebox").TLiteral<"pki-ca">;
|
|
@@ -19,14 +32,17 @@ declare const PkiClientConfigSchema: import("@sinclair/typebox").TObject<{
|
|
|
19
32
|
baseUrl: import("@sinclair/typebox").TString;
|
|
20
33
|
caBundle: import("@sinclair/typebox").TString;
|
|
21
34
|
accessTokenFilePath: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
35
|
+
disableServerIdentityCheck: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
|
|
22
36
|
}>, import("@sinclair/typebox").TObject<{
|
|
23
37
|
type: import("@sinclair/typebox").TLiteral<"static">;
|
|
24
38
|
certPem: import("@sinclair/typebox").TString;
|
|
25
39
|
publicKeyPem: import("@sinclair/typebox").TString;
|
|
26
40
|
privateKeyPem: import("@sinclair/typebox").TString;
|
|
27
41
|
}>]>;
|
|
42
|
+
networkKey: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
28
43
|
}>;
|
|
29
44
|
export type PkiClientConfig = Static<typeof PkiClientConfigSchema>;
|
|
45
|
+
export type ChallengeConfig = Static<typeof CaTeePkiCertProviderChallenge>;
|
|
30
46
|
export declare const PkiClientConfigSchemaCompiled: import("@sinclair/typebox/compiler").TypeCheck<import("@sinclair/typebox").TObject<{
|
|
31
47
|
clientCertProvider: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TObject<{
|
|
32
48
|
type: import("@sinclair/typebox").TLiteral<"pki-ca">;
|
|
@@ -46,11 +62,13 @@ export declare const PkiClientConfigSchemaCompiled: import("@sinclair/typebox/co
|
|
|
46
62
|
baseUrl: import("@sinclair/typebox").TString;
|
|
47
63
|
caBundle: import("@sinclair/typebox").TString;
|
|
48
64
|
accessTokenFilePath: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
65
|
+
disableServerIdentityCheck: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TBoolean>;
|
|
49
66
|
}>, import("@sinclair/typebox").TObject<{
|
|
50
67
|
type: import("@sinclair/typebox").TLiteral<"static">;
|
|
51
68
|
certPem: import("@sinclair/typebox").TString;
|
|
52
69
|
publicKeyPem: import("@sinclair/typebox").TString;
|
|
53
70
|
privateKeyPem: import("@sinclair/typebox").TString;
|
|
54
71
|
}>]>;
|
|
72
|
+
networkKey: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
55
73
|
}>>;
|
|
56
74
|
export {};
|
package/dist/pkiClientConfig.js
CHANGED
|
@@ -34,6 +34,7 @@ const CaTeePkiCertProviderConfigSchema = typebox_1.Type.Object({
|
|
|
34
34
|
baseUrl: typebox_1.Type.String({ minLength: 1 }),
|
|
35
35
|
caBundle: typebox_1.Type.String({ minLength: 1 }),
|
|
36
36
|
accessTokenFilePath: typebox_1.Type.Optional(typebox_1.Type.String({ minLength: 1 })),
|
|
37
|
+
disableServerIdentityCheck: typebox_1.Type.Optional(typebox_1.Type.Boolean()),
|
|
37
38
|
});
|
|
38
39
|
const StaticTeePkiCertProviderConfigSchema = typebox_1.Type.Object({
|
|
39
40
|
type: typebox_1.Type.Literal('static'),
|
|
@@ -47,6 +48,7 @@ const TeePkiCertProviderConfigSchema = typebox_1.Type.Union([
|
|
|
47
48
|
]);
|
|
48
49
|
const PkiClientConfigSchema = typebox_1.Type.Object({
|
|
49
50
|
clientCertProvider: TeePkiCertProviderConfigSchema,
|
|
51
|
+
networkKey: typebox_1.Type.Optional(typebox_1.Type.String({ minLength: 1 })),
|
|
50
52
|
});
|
|
51
53
|
exports.PkiClientConfigSchemaCompiled = compiler_1.TypeCompiler.Compile(PkiClientConfigSchema);
|
|
52
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
54
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGtpQ2xpZW50Q29uZmlnLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3BraUNsaWVudENvbmZpZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwyREFBMkQ7QUFDM0QsK0NBQWlEO0FBQ2pELHlEQUEwRDtBQUUxRCxNQUFNLHNDQUFzQyxHQUFHLGNBQUksQ0FBQyxNQUFNLENBQUM7SUFDdkQsSUFBSSxFQUFFLGNBQUksQ0FBQyxPQUFPLENBQUMsMEJBQWEsQ0FBQyxTQUFTLENBQUM7SUFDM0MsS0FBSyxFQUFFLGNBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLENBQUM7SUFDcEMsV0FBVyxFQUFFLGNBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLENBQUM7Q0FDN0MsQ0FBQyxDQUFDO0FBRUgsTUFBTSxnQ0FBZ0MsR0FBRyxjQUFJLENBQUMsTUFBTSxDQUFDO0lBQ2pELElBQUksRUFBRSxjQUFJLENBQUMsT0FBTyxDQUFDLDBCQUFhLENBQUMsR0FBRyxDQUFDO0NBQ3hDLENBQUMsQ0FBQztBQUVILE1BQU0sZ0NBQWdDLEdBQUcsY0FBSSxDQUFDLE1BQU0sQ0FBQztJQUNqRCxJQUFJLEVBQUUsY0FBSSxDQUFDLE9BQU8sQ0FBQywwQkFBYSxDQUFDLE1BQU0sQ0FBQztDQUMzQyxDQUFDLENBQUM7QUFFSCxNQUFNLGdDQUFnQyxHQUFHLGNBQUksQ0FBQyxNQUFNLENBQUM7SUFDakQsSUFBSSxFQUFFLGNBQUksQ0FBQyxPQUFPLENBQUMsMEJBQWEsQ0FBQyxPQUFPLENBQUM7Q0FDNUMsQ0FBQyxDQUFDO0FBRUgsTUFBTSxrQ0FBa0MsR0FBRyxjQUFJLENBQUMsTUFBTSxDQUFDO0lBQ25ELElBQUksRUFBRSxjQUFJLENBQUMsT0FBTyxDQUFDLDBCQUFhLENBQUMsS0FBSyxDQUFDO0NBQzFDLENBQUMsQ0FBQztBQUVILE1BQU0sNkJBQTZCLEdBQUcsY0FBSSxDQUFDLEtBQUssQ0FBQztJQUM3QyxzQ0FBc0M7SUFDdEMsZ0NBQWdDO0lBQ2hDLGdDQUFnQztJQUNoQyxnQ0FBZ0M7SUFDaEMsa0NBQWtDO0NBQ3JDLENBQUMsQ0FBQztBQUVILE1BQU0sZ0NBQWdDLEdBQUcsY0FBSSxDQUFDLE1BQU0sQ0FBQztJQUNqRCxJQUFJLEVBQUUsY0FBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUM7SUFDNUIsU0FBUyxFQUFFLDZCQUE2QjtJQUN4QyxPQUFPLEVBQUUsY0FBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsQ0FBQztJQUN0QyxRQUFRLEVBQUUsY0FBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsQ0FBQztJQUN2QyxtQkFBbUIsRUFBRSxjQUFJLENBQUMsUUFBUSxDQUFDLGNBQUksQ0FBQyxNQUFNLENBQUMsRUFBRSxTQUFTLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNqRSwwQkFBMEIsRUFBRSxjQUFJLENBQUMsUUFBUSxDQUFDLGNBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQztDQUM1RCxDQUFDLENBQUM7QUFFSCxNQUFNLG9DQUFvQyxHQUFHLGNBQUksQ0FBQyxNQUFNLENBQUM7SUFDckQsSUFBSSxFQUFFLGNBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDO0lBQzVCLE9BQU8sRUFBRSxjQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsRUFBRSxDQUFDO0lBQ3RDLFlBQVksRUFBRSxjQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsRUFBRSxDQUFDO0lBQzNDLGFBQWEsRUFBRSxjQUFJLENBQUMsTUFBTSxDQUFDLEVBQUUsU0FBUyxFQUFFLENBQUMsRUFBRSxDQUFDO0NBQy9DLENBQUMsQ0FBQztBQUVILE1BQU0sOEJBQThCLEdBQUcsY0FBSSxDQUFDLEtBQUssQ0FBQztJQUM5QyxnQ0FBZ0M7SUFDaEMsb0NBQW9DO0NBQ3ZDLENBQUMsQ0FBQztBQUVILE1BQU0scUJBQXFCLEdBQUcsY0FBSSxDQUFDLE1BQU0sQ0FBQztJQUN0QyxrQkFBa0IsRUFBRSw4QkFBOEI7SUFDbEQsVUFBVSxFQUFFLGNBQUksQ0FBQyxRQUFRLENBQUMsY0FBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLFNBQVMsRUFBRSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0NBQzNELENBQUMsQ0FBQztBQUtVLFFBQUEsNkJBQTZCLEdBQUcsdUJBQVksQ0FBQyxPQUFPLENBQzdELHFCQUFxQixDQUN4QixDQUFDIn0=
|
package/dist/pkiClientFactory.js
CHANGED
|
@@ -61,6 +61,10 @@ class PkiClientFactory {
|
|
|
61
61
|
ca: [...tls.rootCertificates, ca],
|
|
62
62
|
cert: cert + intermediateCertificates,
|
|
63
63
|
key: certs.keyPair.privateKeyPem,
|
|
64
|
+
...(this.config.clientCertProvider.type === 'pki-ca' &&
|
|
65
|
+
this.config.clientCertProvider.disableServerIdentityCheck && {
|
|
66
|
+
checkServerIdentity: () => undefined,
|
|
67
|
+
}),
|
|
64
68
|
});
|
|
65
69
|
return httpsAgent;
|
|
66
70
|
}
|
|
@@ -106,14 +110,15 @@ class PkiClientFactory {
|
|
|
106
110
|
default:
|
|
107
111
|
throw new Error(`Challenge type "${challengeType} is not supported yet"`);
|
|
108
112
|
}
|
|
109
|
-
const attestationServiceClient = new pki_api_client_1.StaticAttestationServiceClient(this.config.clientCertProvider.baseUrl, this.config.clientCertProvider.caBundle);
|
|
113
|
+
const attestationServiceClient = new pki_api_client_1.StaticAttestationServiceClient(this.config.clientCertProvider.baseUrl, this.config.clientCertProvider.caBundle, undefined, this.config.clientCertProvider.disableServerIdentityCheck);
|
|
110
114
|
const pkiClient = new pkiClient_1.PkiClient({
|
|
111
115
|
challengeProvider,
|
|
112
116
|
attestationServiceClient,
|
|
117
|
+
networkKey: this.config.networkKey,
|
|
113
118
|
});
|
|
114
119
|
return await pkiClient.generateSslCertificate(['localhost']);
|
|
115
120
|
}
|
|
116
121
|
}
|
|
117
122
|
}
|
|
118
123
|
exports.PkiClientFactory = PkiClientFactory;
|
|
119
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
124
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGtpQ2xpZW50RmFjdG9yeS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9wa2lDbGllbnRGYWN0b3J5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsdURBRzJCO0FBQzNCLDJEQU82QjtBQUM3QiwyREFJb0M7QUFDcEMsbUVBQWdGO0FBQ2hGLDJDQUF3QztBQUN4Qyw0REFBK0I7QUFDL0IsdUNBQXlCO0FBQ3pCLDJDQUE2QjtBQUM3Qix5Q0FBMkI7QUFDM0IsK0NBQTRDO0FBRTVDLE1BQWEsZ0JBQWdCO0lBY0k7SUFiWixXQUFXLENBQTZCO0lBRWxELE1BQU0sQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUFDLElBQVk7UUFDM0MsTUFBTSxJQUFJLEdBQUcsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDdEQsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQW9CLENBQUM7UUFDbkQsTUFBTSxXQUFXLEdBQUcsK0NBQTZCLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2hFLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNmLE1BQU0sS0FBSyxHQUFHLCtDQUE2QixDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNuRSxNQUFNLElBQUksS0FBSyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQztRQUMzQyxDQUFDO1FBQ0QsT0FBTyxJQUFJLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRCxZQUE2QixNQUF1QjtRQUF2QixXQUFNLEdBQU4sTUFBTSxDQUFpQjtRQUNoRCxJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztJQUM3QyxDQUFDO0lBRUQsS0FBSyxDQUFDLGFBQWE7UUFDZixNQUFNLEtBQUssR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUM7UUFDckMsTUFBTSxFQUFFLElBQUksRUFBRSx3QkFBd0IsRUFBRSxFQUFFLEVBQUUsR0FDeEMsSUFBQSw0Q0FBK0IsRUFBQyxLQUFLLENBQUMsQ0FBQztRQUMzQyxNQUFNLFVBQVUsR0FBRyxJQUFJLG9CQUFLLENBQUMsS0FBSyxDQUFDO1lBQy9CLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxDQUFDLGdCQUFnQixFQUFFLEVBQUUsQ0FBQztZQUNqQyxJQUFJLEVBQUUsSUFBSSxHQUFHLHdCQUF3QjtZQUNyQyxHQUFHLEVBQUUsS0FBSyxDQUFDLE9BQU8sQ0FBQyxhQUFhO1lBQ2hDLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLElBQUksS0FBSyxRQUFRO2dCQUNoRCxJQUFJLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLDBCQUEwQixJQUFJO2dCQUN6RCxtQkFBbUIsRUFBRSxHQUFHLEVBQUUsQ0FBQyxTQUFTO2FBQ3ZDLENBQUM7U0FDVCxDQUFDLENBQUM7UUFDSCxPQUFPLFVBQVUsQ0FBQztJQUN0QixDQUFDO0lBRUQsS0FBSyxDQUFDLE9BQU87UUFDVCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUM7UUFDcEMsT0FBTyxJQUFJLENBQUM7SUFDaEIsQ0FBQztJQUVPLEtBQUssQ0FBQyxjQUFjO1FBQ3hCLFFBQVEsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUMxQyxLQUFLLFFBQVE7Z0JBQ1QsT0FBTztvQkFDSCxPQUFPLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPO29CQUMvQyxPQUFPLEVBQUU7d0JBQ0wsWUFBWSxFQUNSLElBQUksQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUMsWUFBWTt3QkFDL0MsYUFBYSxFQUNULElBQUksQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUMsYUFBYTtxQkFDbkQ7b0JBQ0QsUUFBUSxFQUFFLEVBQUU7b0JBQ1osT0FBTyxFQUFFLENBQUMsRUFBRSxDQUFDO2lCQUNoQixDQUFDO1lBQ04sS0FBSyxRQUFRO2dCQUNULElBQUksaUJBQW9DLENBQUM7Z0JBQ3pDLE1BQU0sYUFBYSxHQUNmLElBQUksQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQztnQkFDbEQsUUFBUSxhQUFhLEVBQUUsQ0FBQztvQkFDcEIsS0FBSywwQkFBYSxDQUFDLFNBQVM7d0JBQ3hCLGlCQUFpQixHQUFHLElBQUksOENBQTBCLENBQzlDLE1BQU0sQ0FBQyxJQUFJLENBQ1AsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUM5QyxLQUFLLENBQ1IsQ0FDSixDQUFDO3dCQUNGLE1BQU07b0JBQ1YsS0FBSywwQkFBYSxDQUFDLE9BQU87d0JBQ3RCLGlCQUFpQixHQUFHLElBQUksd0NBQW9CLEVBQUUsQ0FBQzt3QkFDL0MsTUFBTTtvQkFDVixLQUFLLDBCQUFhLENBQUMsR0FBRzt3QkFDbEIsaUJBQWlCLEdBQUcsSUFBSSx3Q0FBb0IsRUFBRSxDQUFDO3dCQUMvQyxNQUFNO29CQUNWLEtBQUssMEJBQWEsQ0FBQyxNQUFNO3dCQUNyQixpQkFBaUIsR0FBRyxJQUFJLDJDQUF1QixFQUFFLENBQUM7d0JBQ2xELE1BQU07b0JBQ1YsS0FBSywwQkFBYSxDQUFDLEtBQUs7d0JBQ3BCLElBQ0ksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLGtCQUFrQixDQUFDLG1CQUFtQixFQUNyRCxDQUFDOzRCQUNDLE1BQU0sSUFBSSxLQUFLLENBQ1gsK0RBQStELENBQ2xFLENBQUM7d0JBQ04sQ0FBQzt3QkFDRCxNQUFNLEtBQUssR0FBRyxNQUFNLElBQUEsbUJBQVEsRUFDeEIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxtQkFBbUIsRUFDbEQsTUFBTSxDQUNULENBQUM7d0JBQ0YsaUJBQWlCLEdBQUcsSUFBSSwwQ0FBc0IsQ0FDMUMsS0FBSyxDQUFDLElBQUksRUFBRSxDQUNmLENBQUM7d0JBQ0YsTUFBTTtvQkFDVjt3QkFDSSxNQUFNLElBQUksS0FBSyxDQUNYLG1CQUFtQixhQUFhLHdCQUF3QixDQUMzRCxDQUFDO2dCQUNWLENBQUM7Z0JBQ0QsTUFBTSx3QkFBd0IsR0FDMUIsSUFBSSwrQ0FBOEIsQ0FDOUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLEVBQ3RDLElBQUksQ0FBQyxNQUFNLENBQUMsa0JBQWtCLENBQUMsUUFBUSxFQUN2QyxTQUFTLEVBQ1QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQywwQkFBMEIsQ0FDNUQsQ0FBQztnQkFDTixNQUFNLFNBQVMsR0FBRyxJQUFJLHFCQUFTLENBQUM7b0JBQzVCLGlCQUFpQjtvQkFDakIsd0JBQXdCO29CQUN4QixVQUFVLEVBQUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVO2lCQUNyQyxDQUFDLENBQUM7Z0JBQ0gsT0FBTyxNQUFNLFNBQVMsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7UUFDckUsQ0FBQztJQUNMLENBQUM7Q0FDSjtBQS9HRCw0Q0ErR0MifQ==
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-client",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.1.0",
|
|
4
4
|
"public": true,
|
|
5
5
|
"description": "",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -22,7 +22,7 @@
|
|
|
22
22
|
"dependencies": {
|
|
23
23
|
"@super-protocol/addons-tee": "^1.0.0",
|
|
24
24
|
"@super-protocol/pki-api-client": "^2.0.0",
|
|
25
|
-
"@super-protocol/pki-common": "^2.0.
|
|
25
|
+
"@super-protocol/pki-common": "^2.0.1",
|
|
26
26
|
"@super-protocol/sp-nvtrust-wrapper": "^1.0.9",
|
|
27
27
|
"yaml": "^2.6.0"
|
|
28
28
|
}
|