@super-protocol/pki-common 2.0.4 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/helpers.d.ts +8 -0
- package/dist/helpers.js +38 -2
- package/dist/index.d.ts +1 -0
- package/dist/index.js +2 -1
- package/dist/schemas.d.ts +13 -0
- package/dist/schemas.js +24 -0
- package/dist/types.d.ts +8 -13
- package/dist/types.js +1 -3
- package/package.json +2 -1
package/dist/helpers.d.ts
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
/// <reference types="node" />
|
|
3
3
|
import { Challenge, ChallengeType, ChallengeWithNvidiaToken, IntermediateCertificates, KeyPairPem, TeeSslCertificate } from './types';
|
|
4
4
|
import { KeyObject } from 'crypto';
|
|
5
|
+
export type DetectedCpuType = ChallengeType.TDX | ChallengeType.SEVSNP | ChallengeType.Untrusted;
|
|
6
|
+
export declare const detectCpuType: () => DetectedCpuType;
|
|
5
7
|
export declare const binaryIdToDomainName: (binaryId: Buffer) => string;
|
|
6
8
|
export declare const generateDomain: (baseDomain: string, challengeType: ChallengeType, binaryId: Buffer) => string;
|
|
7
9
|
export declare const getPublicKeyFromPrivate: (privateKeyPem: string) => string;
|
|
@@ -18,4 +20,10 @@ export declare const extractIntermediateCertificates: {
|
|
|
18
20
|
};
|
|
19
21
|
export declare const hasChallengeNvidiaToken: (challenge: Challenge) => challenge is Required<ChallengeWithNvidiaToken>;
|
|
20
22
|
export declare const isFileExisted: (filePath: string) => Promise<boolean>;
|
|
23
|
+
/**
|
|
24
|
+
* Wrapper around sortCertsFromLeafToRoot that handles the single self-signed cert case.
|
|
25
|
+
* sortCertsFromLeafToRoot returns [] for a single self-signed cert (leaf detection bug),
|
|
26
|
+
* so we skip sorting entirely when there is only one certificate.
|
|
27
|
+
*/
|
|
28
|
+
export declare const sortCertsFromLeafToRootWrapper: (certsPem: string, sortFn: (pem: string) => string[]) => string[];
|
|
21
29
|
export declare const compareKeys: (keyPemOne: string, keyPemTwo: string) => boolean;
|
package/dist/helpers.js
CHANGED
|
@@ -23,12 +23,35 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.compareKeys = exports.isFileExisted = exports.hasChallengeNvidiaToken = exports.extractIntermediateCertificates = exports.extractCommonNameFromSubject = exports.splitCerts = exports.getPublicKeyFromCsr = exports.generateRsaKeyPair = exports.generateEcKeyPair = exports.getPublicKeyHash = exports.getPublicKeyPemHash = exports.getPublicKeyFromPrivate = exports.generateDomain = exports.binaryIdToDomainName = void 0;
|
|
26
|
+
exports.compareKeys = exports.sortCertsFromLeafToRootWrapper = exports.isFileExisted = exports.hasChallengeNvidiaToken = exports.extractIntermediateCertificates = exports.extractCommonNameFromSubject = exports.splitCerts = exports.getPublicKeyFromCsr = exports.generateRsaKeyPair = exports.generateEcKeyPair = exports.getPublicKeyHash = exports.getPublicKeyPemHash = exports.getPublicKeyFromPrivate = exports.generateDomain = exports.binaryIdToDomainName = exports.detectCpuType = void 0;
|
|
27
27
|
const types_1 = require("./types");
|
|
28
28
|
const crypto_1 = require("crypto");
|
|
29
29
|
const base32 = __importStar(require("hi-base32"));
|
|
30
30
|
const fs_1 = require("fs");
|
|
31
31
|
const x509_1 = require("@peculiar/x509");
|
|
32
|
+
const detectCpuType = () => {
|
|
33
|
+
try {
|
|
34
|
+
const tdxPath = '/dev/tdx_guest';
|
|
35
|
+
const sevPath = '/dev/sev-guest';
|
|
36
|
+
if ((0, fs_1.existsSync)(tdxPath)) {
|
|
37
|
+
const stats = (0, fs_1.statSync)(tdxPath);
|
|
38
|
+
if (stats.isCharacterDevice()) {
|
|
39
|
+
return types_1.ChallengeType.TDX;
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
if ((0, fs_1.existsSync)(sevPath)) {
|
|
43
|
+
const stats = (0, fs_1.statSync)(sevPath);
|
|
44
|
+
if (stats.isCharacterDevice()) {
|
|
45
|
+
return types_1.ChallengeType.SEVSNP;
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
catch {
|
|
50
|
+
// If we can't check devices, fall back to untrusted
|
|
51
|
+
}
|
|
52
|
+
return types_1.ChallengeType.Untrusted;
|
|
53
|
+
};
|
|
54
|
+
exports.detectCpuType = detectCpuType;
|
|
32
55
|
const binaryIdToDomainName = (binaryId) => base32.encode(binaryId.subarray(0, 16)).replace(/=+$/, '').toLowerCase();
|
|
33
56
|
exports.binaryIdToDomainName = binaryIdToDomainName;
|
|
34
57
|
const generateDomain = (baseDomain, challengeType, binaryId) => `${(0, exports.binaryIdToDomainName)(binaryId)}.${challengeType}.${baseDomain}`;
|
|
@@ -148,6 +171,19 @@ const isFileExisted = (filePath) => fs_1.promises
|
|
|
148
171
|
.then(() => true)
|
|
149
172
|
.catch(() => false);
|
|
150
173
|
exports.isFileExisted = isFileExisted;
|
|
174
|
+
/**
|
|
175
|
+
* Wrapper around sortCertsFromLeafToRoot that handles the single self-signed cert case.
|
|
176
|
+
* sortCertsFromLeafToRoot returns [] for a single self-signed cert (leaf detection bug),
|
|
177
|
+
* so we skip sorting entirely when there is only one certificate.
|
|
178
|
+
*/
|
|
179
|
+
const sortCertsFromLeafToRootWrapper = (certsPem, sortFn) => {
|
|
180
|
+
const certs = (0, exports.splitCerts)(certsPem);
|
|
181
|
+
if (certs.length <= 1) {
|
|
182
|
+
return certs;
|
|
183
|
+
}
|
|
184
|
+
return sortFn(certsPem);
|
|
185
|
+
};
|
|
186
|
+
exports.sortCertsFromLeafToRootWrapper = sortCertsFromLeafToRootWrapper;
|
|
151
187
|
const compareKeys = (keyPemOne, keyPemTwo) => {
|
|
152
188
|
const privateJwk = (0, crypto_1.createPublicKey)(keyPemOne).export({ format: 'jwk' });
|
|
153
189
|
const publicJwk = (0, crypto_1.createPublicKey)(keyPemTwo).export({ format: 'jwk' });
|
|
@@ -168,4 +204,4 @@ const compareKeys = (keyPemOne, keyPemTwo) => {
|
|
|
168
204
|
return false;
|
|
169
205
|
};
|
|
170
206
|
exports.compareKeys = compareKeys;
|
|
171
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
207
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9oZWxwZXJzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsbUNBT2lCO0FBQ2pCLG1DQUtnQjtBQUVoQixrREFBb0M7QUFDcEMsMkJBQStEO0FBQy9ELHlDQUEwRDtBQU9uRCxNQUFNLGFBQWEsR0FBRyxHQUFvQixFQUFFO0lBQy9DLElBQUksQ0FBQztRQUNELE1BQU0sT0FBTyxHQUFHLGdCQUFnQixDQUFDO1FBQ2pDLE1BQU0sT0FBTyxHQUFHLGdCQUFnQixDQUFDO1FBRWpDLElBQUksSUFBQSxlQUFVLEVBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUN0QixNQUFNLEtBQUssR0FBRyxJQUFBLGFBQVEsRUFBQyxPQUFPLENBQUMsQ0FBQztZQUNoQyxJQUFJLEtBQUssQ0FBQyxpQkFBaUIsRUFBRSxFQUFFLENBQUM7Z0JBQzVCLE9BQU8scUJBQWEsQ0FBQyxHQUFHLENBQUM7WUFDN0IsQ0FBQztRQUNMLENBQUM7UUFFRCxJQUFJLElBQUEsZUFBVSxFQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDdEIsTUFBTSxLQUFLLEdBQUcsSUFBQSxhQUFRLEVBQUMsT0FBTyxDQUFDLENBQUM7WUFDaEMsSUFBSSxLQUFLLENBQUMsaUJBQWlCLEVBQUUsRUFBRSxDQUFDO2dCQUM1QixPQUFPLHFCQUFhLENBQUMsTUFBTSxDQUFDO1lBQ2hDLENBQUM7UUFDTCxDQUFDO0lBQ0wsQ0FBQztJQUFDLE1BQU0sQ0FBQztRQUNMLG9EQUFvRDtJQUN4RCxDQUFDO0lBRUQsT0FBTyxxQkFBYSxDQUFDLFNBQVMsQ0FBQztBQUNuQyxDQUFDLENBQUM7QUF2QlcsUUFBQSxhQUFhLGlCQXVCeEI7QUFFSyxNQUFNLG9CQUFvQixHQUFHLENBQUMsUUFBZ0IsRUFBRSxFQUFFLENBQ3JELE1BQU0sQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDLFdBQVcsRUFBRSxDQUFDO0FBRGhFLFFBQUEsb0JBQW9CLHdCQUM0QztBQUV0RSxNQUFNLGNBQWMsR0FBRyxDQUMxQixVQUFrQixFQUNsQixhQUE0QixFQUM1QixRQUFnQixFQUNsQixFQUFFLENBQUMsR0FBRyxJQUFBLDRCQUFvQixFQUFDLFFBQVEsQ0FBQyxJQUFJLGFBQWEsSUFBSSxVQUFVLEVBQUUsQ0FBQztBQUozRCxRQUFBLGNBQWMsa0JBSTZDO0FBRWpFLE1BQU0sdUJBQXVCLEdBQUcsQ0FBQyxhQUFxQixFQUFVLEVBQUU7SUFDckUsT0FBTyxJQUFBLHdCQUFlLEVBQUMsYUFBYSxDQUFDLENBQUMsTUFBTSxDQUFDO1FBQ3pDLElBQUksRUFBRSxNQUFNO1FBQ1osTUFBTSxFQUFFLEtBQUs7S0FDaEIsQ0FBVyxDQUFDO0FBQ2pCLENBQUMsQ0FBQztBQUxXLFFBQUEsdUJBQXVCLDJCQUtsQztBQUVLLE1BQU0sbUJBQW1CLEdBQUcsQ0FBQyxZQUFvQixFQUFFLEVBQUU7SUFDeEQsTUFBTSxTQUFTLEdBQUcsSUFBQSx3QkFBZSxFQUFDLFlBQVksQ0FBQyxDQUFDO0lBQ2hELE9BQU8sSUFBQSx3QkFBZ0IsRUFBQyxTQUFTLENBQUMsQ0FBQztBQUN2QyxDQUFDLENBQUM7QUFIVyxRQUFBLG1CQUFtQix1QkFHOUI7QUFFSyxNQUFNLGdCQUFnQixHQUFHLENBQUMsU0FBb0IsRUFBRSxFQUFFO0lBQ3JELE1BQU0sR0FBRyxHQUFHLFNBQVMsQ0FBQyxNQUFNLENBQUM7UUFDekIsSUFBSSxFQUFFLE1BQU07UUFDWixNQUFNLEVBQUUsS0FBSztLQUNoQixDQUFDLENBQUM7SUFDSCxNQUFNLElBQUksR0FBRyxJQUFBLG1CQUFVLEVBQUMsUUFBUSxDQUFDLENBQUM7SUFDbEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNqQixPQUFPLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztBQUN6QixDQUFDLENBQUM7QUFSVyxRQUFBLGdCQUFnQixvQkFRM0I7QUFFSyxNQUFNLGlCQUFpQixHQUFHLEdBQWUsRUFBRTtJQUM5QyxNQUFNLElBQUksR0FBRyxJQUFBLDRCQUFtQixFQUFDLElBQUksRUFBRTtRQUNuQyxVQUFVLEVBQUUsV0FBVztRQUN2QixpQkFBaUIsRUFBRTtZQUNmLElBQUksRUFBRSxNQUFNO1lBQ1osTUFBTSxFQUFFLEtBQUs7U0FDaEI7UUFDRCxrQkFBa0IsRUFBRTtZQUNoQixJQUFJLEVBQUUsT0FBTztZQUNiLE1BQU0sRUFBRSxLQUFLO1NBQ2hCO0tBQ0osQ0FBQyxDQUFDO0lBQ0gsT0FBTztRQUNILFlBQVksRUFBRSxJQUFJLENBQUMsU0FBUztRQUM1QixhQUFhLEVBQUUsSUFBSSxDQUFDLFVBQVU7S0FDakMsQ0FBQztBQUNOLENBQUMsQ0FBQztBQWhCVyxRQUFBLGlCQUFpQixxQkFnQjVCO0FBRUssTUFBTSxrQkFBa0IsR0FBRyxHQUFlLEVBQUU7SUFDL0MsTUFBTSxJQUFJLEdBQUcsSUFBQSw0QkFBbUIsRUFBQyxLQUFLLEVBQUU7UUFDcEMsYUFBYSxFQUFFLElBQUk7UUFDbkIsaUJBQWlCLEVBQUU7WUFDZixJQUFJLEVBQUUsTUFBTTtZQUNaLE1BQU0sRUFBRSxLQUFLO1NBQ2hCO1FBQ0Qsa0JBQWtCLEVBQUU7WUFDaEIsSUFBSSxFQUFFLE9BQU87WUFDYixNQUFNLEVBQUUsS0FBSztTQUNoQjtLQUNKLENBQUMsQ0FBQztJQUNILE9BQU87UUFDSCxZQUFZLEVBQUUsSUFBSSxDQUFDLFNBQVM7UUFDNUIsYUFBYSxFQUFFLElBQUksQ0FBQyxVQUFVO0tBQ2pDLENBQUM7QUFDTixDQUFDLENBQUM7QUFoQlcsUUFBQSxrQkFBa0Isc0JBZ0I3QjtBQUVLLE1BQU0sbUJBQW1CLEdBQUcsQ0FBQyxNQUFjLEVBQVUsRUFBRTtJQUMxRCxNQUFNLEdBQUcsR0FBRyxJQUFJLCtCQUF3QixDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ2pELE9BQU8sSUFBQSx3QkFBZSxFQUFDO1FBQ25CLEdBQUcsRUFBRSxHQUFHLENBQUMsU0FBUyxDQUFDLE9BQWlCO1FBQ3BDLE1BQU0sRUFBRSxLQUFLO1FBQ2IsSUFBSSxFQUFFLE1BQU07S0FDZixDQUFDLENBQUMsTUFBTSxDQUFDO1FBQ04sTUFBTSxFQUFFLEtBQUs7UUFDYixJQUFJLEVBQUUsTUFBTTtLQUNmLENBQVcsQ0FBQztBQUNqQixDQUFDLENBQUM7QUFWVyxRQUFBLG1CQUFtQix1QkFVOUI7QUFFSyxNQUFNLFVBQVUsR0FBRyxDQUFDLFFBQWdCLEVBQVksRUFBRTtJQUNyRCxNQUFNLFNBQVMsR0FDWCxpRUFBaUUsQ0FBQztJQUN0RSxNQUFNLE9BQU8sR0FBRyxRQUFRLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQzFDLE9BQU8sS0FBSyxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUksRUFBRSxDQUFDLENBQUM7QUFDckMsQ0FBQyxDQUFDO0FBTFcsUUFBQSxVQUFVLGNBS3JCO0FBRUssTUFBTSw0QkFBNEIsR0FBRyxDQUN4QyxPQUFlLEVBQ0csRUFBRTtJQUNwQixPQUFPLE9BQU8sQ0FBQyxLQUFLLENBQUMsY0FBYyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsRUFBRSxJQUFJLEVBQUUsQ0FBQztBQUN0RCxDQUFDLENBQUM7QUFKVyxRQUFBLDRCQUE0QixnQ0FJdkM7QUFFSyxNQUFNLCtCQUErQixHQUd4QyxDQUFDLFlBQXdDLEVBQTRCLEVBQUU7SUFDdkUsSUFBSSxTQUFTLENBQUM7SUFDZCxJQUFJLFdBQVcsQ0FBQztJQUNoQixJQUFJLE9BQU8sWUFBWSxLQUFLLFFBQVEsRUFBRSxDQUFDO1FBQ25DLE1BQU0sYUFBYSxHQUFHLElBQUEsa0JBQVUsRUFBQyxZQUFZLENBQUMsQ0FBQztRQUMvQyxNQUFNLENBQUMsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsYUFBYSxDQUFDO1FBQ3RDLFNBQVMsR0FBRyxJQUFJLENBQUM7UUFDakIsV0FBVyxHQUFHLElBQUksQ0FBQztJQUN2QixDQUFDO1NBQU0sQ0FBQztRQUNKLFdBQVcsR0FBRyxZQUFZLENBQUMsT0FBTyxDQUFDO1FBQ25DLFNBQVMsR0FBRyxJQUFBLGtCQUFVLEVBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ2xELENBQUM7SUFDRCxNQUFNLEVBQUUsR0FBRyxTQUFTLENBQUMsR0FBRyxFQUFFLENBQUM7SUFFM0IsT0FBTztRQUNILElBQUksRUFBRSxXQUFXLEdBQUcsSUFBSTtRQUN4Qix3QkFBd0IsRUFBRSxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxHQUFHLElBQUk7UUFDckQsRUFBRSxFQUFFLEVBQUUsR0FBRyxJQUFJO0tBQ2hCLENBQUM7QUFDTixDQUFDLENBQUM7QUF0QlcsUUFBQSwrQkFBK0IsbUNBc0IxQztBQUVLLE1BQU0sdUJBQXVCLEdBQUcsQ0FDbkMsU0FBb0IsRUFDMkIsRUFBRTtJQUNqRCxPQUFPLENBQ0g7UUFDSSxxQkFBYSxDQUFDLE1BQU07UUFDcEIscUJBQWEsQ0FBQyxHQUFHO1FBQ2pCLHFCQUFhLENBQUMsU0FBUztLQUMxQixDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDO1FBQzFCLE9BQU8sQ0FBRSxTQUFzQyxDQUFDLFlBQVksQ0FBQyxDQUNoRSxDQUFDO0FBQ04sQ0FBQyxDQUFDO0FBWFcsUUFBQSx1QkFBdUIsMkJBV2xDO0FBRUssTUFBTSxhQUFhLEdBQUcsQ0FBQyxRQUFnQixFQUFvQixFQUFFLENBQ2hFLGFBQVE7S0FDSCxNQUFNLENBQUMsUUFBUSxFQUFFLGNBQVMsQ0FBQyxJQUFJLENBQUM7S0FDaEMsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDLElBQUksQ0FBQztLQUNoQixLQUFLLENBQUMsR0FBRyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUM7QUFKZixRQUFBLGFBQWEsaUJBSUU7QUFFNUI7Ozs7R0FJRztBQUNJLE1BQU0sOEJBQThCLEdBQUcsQ0FDMUMsUUFBZ0IsRUFDaEIsTUFBaUMsRUFDekIsRUFBRTtJQUNWLE1BQU0sS0FBSyxHQUFHLElBQUEsa0JBQVUsRUFBQyxRQUFRLENBQUMsQ0FBQztJQUNuQyxJQUFJLEtBQUssQ0FBQyxNQUFNLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDcEIsT0FBTyxLQUFLLENBQUM7SUFDakIsQ0FBQztJQUNELE9BQU8sTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDO0FBQzVCLENBQUMsQ0FBQztBQVRXLFFBQUEsOEJBQThCLGtDQVN6QztBQUVLLE1BQU0sV0FBVyxHQUFHLENBQUMsU0FBaUIsRUFBRSxTQUFpQixFQUFXLEVBQUU7SUFDekUsTUFBTSxVQUFVLEdBQUcsSUFBQSx3QkFBZSxFQUFDLFNBQVMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxFQUFFLE1BQU0sRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQ3hFLE1BQU0sU0FBUyxHQUFHLElBQUEsd0JBQWUsRUFBQyxTQUFTLENBQUMsQ0FBQyxNQUFNLENBQUMsRUFBRSxNQUFNLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztJQUV2RSxJQUFJLFNBQVMsQ0FBQyxHQUFHLEtBQUssVUFBVSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ25DLE9BQU8sS0FBSyxDQUFDO0lBQ2pCLENBQUM7SUFFRCxJQUFJLFNBQVMsQ0FBQyxHQUFHLEtBQUssS0FBSyxFQUFFLENBQUM7UUFDMUIsT0FBTyxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxJQUFJLFVBQVUsQ0FBQyxDQUFDLElBQUksU0FBUyxDQUFDLENBQUMsS0FBSyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDM0UsQ0FBQztJQUVELElBQUksU0FBUyxDQUFDLEdBQUcsS0FBSyxJQUFJLEVBQUUsQ0FBQztRQUN6QixPQUFPLENBQUMsQ0FBQyxDQUNMLFNBQVMsQ0FBQyxDQUFDO1lBQ1gsVUFBVSxDQUFDLENBQUM7WUFDWixTQUFTLENBQUMsQ0FBQyxLQUFLLFVBQVUsQ0FBQyxDQUFDO1lBQzVCLFNBQVMsQ0FBQyxDQUFDO1lBQ1gsVUFBVSxDQUFDLENBQUM7WUFDWixTQUFTLENBQUMsQ0FBQyxLQUFLLFVBQVUsQ0FBQyxDQUFDLENBQy9CLENBQUM7SUFDTixDQUFDO0lBRUQsT0FBTyxLQUFLLENBQUM7QUFDakIsQ0FBQyxDQUFDO0FBeEJXLFFBQUEsV0FBVyxlQXdCdEIifQ==
|
package/dist/index.d.ts
CHANGED
package/dist/index.js
CHANGED
|
@@ -19,4 +19,5 @@ __exportStar(require("./helpers"), exports);
|
|
|
19
19
|
__exportStar(require("./constants"), exports);
|
|
20
20
|
__exportStar(require("./singleFlight"), exports);
|
|
21
21
|
__exportStar(require("./pinoLog"), exports);
|
|
22
|
-
|
|
22
|
+
__exportStar(require("./schemas"), exports);
|
|
23
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDBDQUF3QjtBQUN4Qiw0Q0FBMEI7QUFDMUIsOENBQTRCO0FBQzVCLGlEQUErQjtBQUMvQiw0Q0FBMEI7QUFDMUIsNENBQTBCIn0=
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
export declare const CertificateTypeSchema: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TLiteral<"basic">, import("@sinclair/typebox").TLiteral<"lite">]>;
|
|
2
|
+
export declare const NetworkTypeSchema: import("@sinclair/typebox").TUnion<[import("@sinclair/typebox").TLiteral<"trusted">, import("@sinclair/typebox").TLiteral<"untrusted">]>;
|
|
3
|
+
export declare const PkiCertParamsSchema: import("@sinclair/typebox").TObject<{
|
|
4
|
+
lifetimeDays: import("@sinclair/typebox").TNumber;
|
|
5
|
+
commonName: import("@sinclair/typebox").TString;
|
|
6
|
+
countryName: import("@sinclair/typebox").TString;
|
|
7
|
+
stateName: import("@sinclair/typebox").TString;
|
|
8
|
+
localityName: import("@sinclair/typebox").TString;
|
|
9
|
+
organizationName: import("@sinclair/typebox").TString;
|
|
10
|
+
organizationUnitName: import("@sinclair/typebox").TString;
|
|
11
|
+
alternativeDnsName: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
12
|
+
ocspUrl: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TString>;
|
|
13
|
+
}>;
|
package/dist/schemas.js
ADDED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.PkiCertParamsSchema = exports.NetworkTypeSchema = exports.CertificateTypeSchema = void 0;
|
|
4
|
+
const typebox_1 = require("@sinclair/typebox");
|
|
5
|
+
exports.CertificateTypeSchema = typebox_1.Type.Union([
|
|
6
|
+
typebox_1.Type.Literal('basic'),
|
|
7
|
+
typebox_1.Type.Literal('lite'),
|
|
8
|
+
]);
|
|
9
|
+
exports.NetworkTypeSchema = typebox_1.Type.Union([
|
|
10
|
+
typebox_1.Type.Literal('trusted'),
|
|
11
|
+
typebox_1.Type.Literal('untrusted'),
|
|
12
|
+
]);
|
|
13
|
+
exports.PkiCertParamsSchema = typebox_1.Type.Object({
|
|
14
|
+
lifetimeDays: typebox_1.Type.Number({ minimum: 1, maximum: 18250 }),
|
|
15
|
+
commonName: typebox_1.Type.String(),
|
|
16
|
+
countryName: typebox_1.Type.String(),
|
|
17
|
+
stateName: typebox_1.Type.String(),
|
|
18
|
+
localityName: typebox_1.Type.String(),
|
|
19
|
+
organizationName: typebox_1.Type.String(),
|
|
20
|
+
organizationUnitName: typebox_1.Type.String(),
|
|
21
|
+
alternativeDnsName: typebox_1.Type.Optional(typebox_1.Type.String()),
|
|
22
|
+
ocspUrl: typebox_1.Type.Optional(typebox_1.Type.String()),
|
|
23
|
+
});
|
|
24
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2NoZW1hcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9zY2hlbWFzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLCtDQUF5QztBQUU1QixRQUFBLHFCQUFxQixHQUFHLGNBQUksQ0FBQyxLQUFLLENBQUM7SUFDNUMsY0FBSSxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUM7SUFDckIsY0FBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUM7Q0FDdkIsQ0FBQyxDQUFDO0FBRVUsUUFBQSxpQkFBaUIsR0FBRyxjQUFJLENBQUMsS0FBSyxDQUFDO0lBQ3hDLGNBQUksQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDO0lBQ3ZCLGNBQUksQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDO0NBQzVCLENBQUMsQ0FBQztBQUVVLFFBQUEsbUJBQW1CLEdBQUcsY0FBSSxDQUFDLE1BQU0sQ0FBQztJQUMzQyxZQUFZLEVBQUUsY0FBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxDQUFDO0lBQ3pELFVBQVUsRUFBRSxjQUFJLENBQUMsTUFBTSxFQUFFO0lBQ3pCLFdBQVcsRUFBRSxjQUFJLENBQUMsTUFBTSxFQUFFO0lBQzFCLFNBQVMsRUFBRSxjQUFJLENBQUMsTUFBTSxFQUFFO0lBQ3hCLFlBQVksRUFBRSxjQUFJLENBQUMsTUFBTSxFQUFFO0lBQzNCLGdCQUFnQixFQUFFLGNBQUksQ0FBQyxNQUFNLEVBQUU7SUFDL0Isb0JBQW9CLEVBQUUsY0FBSSxDQUFDLE1BQU0sRUFBRTtJQUNuQyxrQkFBa0IsRUFBRSxjQUFJLENBQUMsUUFBUSxDQUFDLGNBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztJQUNoRCxPQUFPLEVBQUUsY0FBSSxDQUFDLFFBQVEsQ0FBQyxjQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7Q0FDeEMsQ0FBQyxDQUFDIn0=
|
package/dist/types.d.ts
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { Static } from '@sinclair/typebox';
|
|
2
|
+
import { NetworkTypeSchema, PkiCertParamsSchema } from './schemas';
|
|
1
3
|
export declare enum ChallengeType {
|
|
2
4
|
Untrusted = "untrusted",
|
|
3
5
|
SGXDCAP = "sgx-dcap",
|
|
@@ -7,7 +9,7 @@ export declare enum ChallengeType {
|
|
|
7
9
|
Certificate = "certificate",
|
|
8
10
|
Token = "token"
|
|
9
11
|
}
|
|
10
|
-
export type NetworkType =
|
|
12
|
+
export type NetworkType = Static<typeof NetworkTypeSchema>;
|
|
11
13
|
export interface BaseChallenge {
|
|
12
14
|
networkID?: string;
|
|
13
15
|
}
|
|
@@ -47,17 +49,12 @@ export interface TokenChallenge extends BaseChallenge {
|
|
|
47
49
|
}
|
|
48
50
|
export type Challenge = UntrustedChallenge | SGXDCAPChallenge | TDXChallenge | SNPChallenge | CertificateChallenge | TokenChallenge;
|
|
49
51
|
export type ChallengeWithNvidiaToken = SNPChallenge | TDXChallenge;
|
|
50
|
-
export interface
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
countryName: string;
|
|
55
|
-
stateName: string;
|
|
56
|
-
localityName: string;
|
|
57
|
-
organizationName: string;
|
|
58
|
-
organizationUnitName: string;
|
|
59
|
-
ocspUrl?: string;
|
|
52
|
+
export interface CertificateChallengeInfo {
|
|
53
|
+
challenge: Challenge;
|
|
54
|
+
idHex: string;
|
|
55
|
+
commonIdHex?: string;
|
|
60
56
|
}
|
|
57
|
+
export type PkiCertParams = Static<typeof PkiCertParamsSchema>;
|
|
61
58
|
export interface PkiUntrustedStaticKeyStorage {
|
|
62
59
|
type: 'untrusted-static';
|
|
63
60
|
basicPrivateKeyPem: string;
|
|
@@ -75,8 +72,6 @@ export interface PkiTrustedKeyStorage {
|
|
|
75
72
|
storage: PkiInMemoryKeyStorage | PkiSuperDecentralizedSecretKeyStorage;
|
|
76
73
|
}
|
|
77
74
|
export declare enum PkiRole {
|
|
78
|
-
root = "root",
|
|
79
|
-
subroot = "subroot",
|
|
80
75
|
swarm = "swarm"
|
|
81
76
|
}
|
|
82
77
|
export interface KeyPairPem {
|
package/dist/types.js
CHANGED
|
@@ -13,8 +13,6 @@ var ChallengeType;
|
|
|
13
13
|
})(ChallengeType || (exports.ChallengeType = ChallengeType = {}));
|
|
14
14
|
var PkiRole;
|
|
15
15
|
(function (PkiRole) {
|
|
16
|
-
PkiRole["root"] = "root";
|
|
17
|
-
PkiRole["subroot"] = "subroot";
|
|
18
16
|
PkiRole["swarm"] = "swarm";
|
|
19
17
|
})(PkiRole || (exports.PkiRole = PkiRole = {}));
|
|
20
18
|
var SignatureVerification;
|
|
@@ -35,4 +33,4 @@ var LogLevel;
|
|
|
35
33
|
LogLevel["Debug"] = "debug";
|
|
36
34
|
LogLevel["Trace"] = "trace";
|
|
37
35
|
})(LogLevel || (exports.LogLevel = LogLevel = {}));
|
|
38
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
36
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBR0EsSUFBWSxhQVFYO0FBUkQsV0FBWSxhQUFhO0lBQ3JCLHdDQUF1QixDQUFBO0lBQ3ZCLHFDQUFvQixDQUFBO0lBQ3BCLG1DQUFrQixDQUFBO0lBQ2xCLDRCQUFXLENBQUE7SUFDWCxtQ0FBa0IsQ0FBQTtJQUNsQiw0Q0FBMkIsQ0FBQTtJQUMzQixnQ0FBZSxDQUFBO0FBQ25CLENBQUMsRUFSVyxhQUFhLDZCQUFiLGFBQWEsUUFReEI7QUF1RkQsSUFBWSxPQUVYO0FBRkQsV0FBWSxPQUFPO0lBQ2YsMEJBQWUsQ0FBQTtBQUNuQixDQUFDLEVBRlcsT0FBTyx1QkFBUCxPQUFPLFFBRWxCO0FBZ0JELElBQVkscUJBRVg7QUFGRCxXQUFZLHFCQUFxQjtJQUM3QiwwQ0FBaUIsQ0FBQTtBQUNyQixDQUFDLEVBRlcscUJBQXFCLHFDQUFyQixxQkFBcUIsUUFFaEM7QUFzQkQsSUFBWSxlQUdYO0FBSEQsV0FBWSxlQUFlO0lBQ3ZCLGtDQUFlLENBQUE7SUFDZixnQ0FBYSxDQUFBO0FBQ2pCLENBQUMsRUFIVyxlQUFlLCtCQUFmLGVBQWUsUUFHMUI7QUFVRCxJQUFZLFFBT1g7QUFQRCxXQUFZLFFBQVE7SUFDaEIsMkJBQWUsQ0FBQTtJQUNmLDJCQUFlLENBQUE7SUFDZix5QkFBYSxDQUFBO0lBQ2IseUJBQWEsQ0FBQTtJQUNiLDJCQUFlLENBQUE7SUFDZiwyQkFBZSxDQUFBO0FBQ25CLENBQUMsRUFQVyxRQUFRLHdCQUFSLFFBQVEsUUFPbkIifQ==
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-common",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.0.1",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.js",
|
|
@@ -20,6 +20,7 @@
|
|
|
20
20
|
"license": "ISC",
|
|
21
21
|
"dependencies": {
|
|
22
22
|
"@peculiar/x509": "^1.13.0",
|
|
23
|
+
"@sinclair/typebox": "0.33.22",
|
|
23
24
|
"hi-base32": "^0.5.1",
|
|
24
25
|
"pino": "^9.4.0"
|
|
25
26
|
}
|