@super-protocol/pki-sync-client 2.0.0 → 2.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +3 -3
- package/dist/sync-client.d.ts +1 -0
- package/dist/sync-client.js +36 -5
- package/package.json +2 -2
package/dist/cli.js
CHANGED
|
@@ -46,9 +46,9 @@ async function main() {
|
|
|
46
46
|
demandOption: true,
|
|
47
47
|
})
|
|
48
48
|
.option('own-challenge', {
|
|
49
|
-
describe: 'Own challenge string for authentication',
|
|
49
|
+
describe: 'Own challenge string for authentication (auto, tdx, sev, untrusted)',
|
|
50
50
|
type: 'string',
|
|
51
|
-
|
|
51
|
+
default: 'auto',
|
|
52
52
|
})
|
|
53
53
|
.option('verbose', {
|
|
54
54
|
alias: 'v',
|
|
@@ -73,4 +73,4 @@ main().catch((error) => {
|
|
|
73
73
|
console.error('Error:', error.message);
|
|
74
74
|
process.exit(1);
|
|
75
75
|
});
|
|
76
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
76
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2NsaS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSxrREFBMEI7QUFDMUIsMkNBQXdDO0FBQ3hDLHFDQUFzRDtBQUN0RCwrQ0FBMkM7QUFFM0MsTUFBTSxzQkFBc0IsR0FBRywwQkFBMEIsQ0FBQztBQUUxRCxLQUFLLFVBQVUsSUFBSSxDQUFDLElBQVM7SUFDekIsSUFBSSxDQUFDO1FBQ0QsTUFBTSxNQUFNLEdBQUcsSUFBQSxvQkFBVyxFQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN4QyxNQUFNLFFBQVEsR0FBRyxJQUFBLHNCQUFhLEVBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRTlDLE1BQU0sTUFBTSxHQUFHLElBQUksd0JBQVUsQ0FBQztZQUMxQixPQUFPLEVBQUUsUUFBUSxDQUFDLGVBQWUsQ0FBQyxDQUFDLE9BQU87WUFDMUMsVUFBVSxFQUFFLFFBQVEsQ0FBQyxlQUFlLENBQUMsQ0FBQyxVQUFVO1lBQ2hELFFBQVEsRUFBRSxRQUFRLENBQUMsZUFBZSxDQUFDLENBQUMsUUFBUTtZQUM1QyxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0IsT0FBTyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ3JCLDBCQUEwQixFQUFFLElBQUksQ0FBQywwQkFBMEI7U0FDOUQsQ0FBQyxDQUFDO1FBRUgsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRTFCLE9BQU8sQ0FBQyxHQUFHLENBQUMsNkJBQTZCLENBQUMsQ0FBQztJQUMvQyxDQUFDO0lBQUMsT0FBTyxLQUFVLEVBQUUsQ0FBQztRQUNsQixPQUFPLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDN0MsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNwQixDQUFDO0FBQ0wsQ0FBQztBQUVELEtBQUssVUFBVSxJQUFJO0lBQ2YsTUFBTSxJQUFBLGVBQUssRUFBQyxJQUFBLGlCQUFPLEVBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDO1NBQzdCLEtBQUssQ0FBQywwQkFBMEIsQ0FBQztTQUNqQyxPQUFPLENBQ0osTUFBTSxFQUNOLDhCQUE4QixFQUM5QixDQUFDLEtBQUssRUFBRSxFQUFFO1FBQ04sT0FBTyxLQUFLO2FBQ1AsTUFBTSxDQUFDLFdBQVcsRUFBRTtZQUNqQixRQUFRLEVBQUUseUNBQXlDO1lBQ25ELElBQUksRUFBRSxRQUFRO1lBQ2QsT0FBTyxFQUFFLHNCQUFzQjtTQUNsQyxDQUFDO2FBQ0QsTUFBTSxDQUFDLFFBQVEsRUFBRTtZQUNkLEtBQUssRUFBRSxHQUFHO1lBQ1YsUUFBUSxFQUFFLG9DQUFvQztZQUM5QyxJQUFJLEVBQUUsUUFBUTtZQUNkLFlBQVksRUFBRSxJQUFJO1NBQ3JCLENBQUM7YUFDRCxNQUFNLENBQUMsZUFBZSxFQUFFO1lBQ3JCLFFBQVEsRUFDSixxRUFBcUU7WUFDekUsSUFBSSxFQUFFLFFBQVE7WUFDZCxPQUFPLEVBQUUsTUFBTTtTQUNsQixDQUFDO2FBQ0QsTUFBTSxDQUFDLFNBQVMsRUFBRTtZQUNmLEtBQUssRUFBRSxHQUFHO1lBQ1YsUUFBUSxFQUFFLGdCQUFnQjtZQUMxQixJQUFJLEVBQUUsU0FBUztZQUNmLE9BQU8sRUFBRSxLQUFLO1NBQ2pCLENBQUM7YUFDRCxNQUFNLENBQUMsK0JBQStCLEVBQUU7WUFDckMsUUFBUSxFQUFFLHNDQUFzQztZQUNoRCxJQUFJLEVBQUUsU0FBUztZQUNmLE9BQU8sRUFBRSxLQUFLO1NBQ2pCLENBQUMsQ0FBQztJQUNYLENBQUMsRUFDRCxJQUFJLENBQ1A7U0FDQSxhQUFhLENBQUMsQ0FBQyxFQUFFLDRCQUE0QixDQUFDO1NBQzlDLElBQUksRUFBRTtTQUNOLEtBQUssQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDO1NBQ2xCLE9BQU8sRUFBRTtTQUNULEtBQUssQ0FBQyxTQUFTLEVBQUUsR0FBRyxDQUFDO1NBQ3JCLEtBQUssRUFBRSxDQUFDO0FBQ2pCLENBQUM7QUFFRCxJQUFJLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRTtJQUNuQixPQUFPLENBQUMsS0FBSyxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDdkMsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUNwQixDQUFDLENBQUMsQ0FBQyJ9
|
package/dist/sync-client.d.ts
CHANGED
package/dist/sync-client.js
CHANGED
|
@@ -31,18 +31,44 @@ const pki_client_1 = require("@super-protocol/pki-client");
|
|
|
31
31
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
32
32
|
const axios_1 = __importDefault(require("axios"));
|
|
33
33
|
const fs = __importStar(require("fs"));
|
|
34
|
+
const path = __importStar(require("path"));
|
|
34
35
|
class SyncClient {
|
|
35
36
|
options;
|
|
36
37
|
challenge;
|
|
38
|
+
static detectCpuType() {
|
|
39
|
+
try {
|
|
40
|
+
const tdxPath = '/dev/tdx_guest';
|
|
41
|
+
const sevPath = '/dev/sev-guest';
|
|
42
|
+
if (fs.existsSync(tdxPath)) {
|
|
43
|
+
const stats = fs.statSync(tdxPath);
|
|
44
|
+
if (stats.isCharacterDevice()) {
|
|
45
|
+
return 'tdx';
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
if (fs.existsSync(sevPath)) {
|
|
49
|
+
const stats = fs.statSync(sevPath);
|
|
50
|
+
if (stats.isCharacterDevice()) {
|
|
51
|
+
return 'sev';
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
catch (error) {
|
|
56
|
+
// If we can't check devices, fall back to untrusted
|
|
57
|
+
}
|
|
58
|
+
return 'untrusted';
|
|
59
|
+
}
|
|
37
60
|
constructor(options) {
|
|
38
61
|
this.options = options;
|
|
39
|
-
|
|
62
|
+
const challengeType = options.ownChallenge === 'auto'
|
|
63
|
+
? SyncClient.detectCpuType()
|
|
64
|
+
: options.ownChallenge;
|
|
65
|
+
if (challengeType === 'tdx') {
|
|
40
66
|
this.challenge = { type: pki_common_1.ChallengeType.TDX };
|
|
41
67
|
}
|
|
42
|
-
else if (
|
|
68
|
+
else if (challengeType === 'sev') {
|
|
43
69
|
this.challenge = { type: pki_common_1.ChallengeType.SEVSNP };
|
|
44
70
|
}
|
|
45
|
-
else if (
|
|
71
|
+
else if (challengeType === 'untrusted') {
|
|
46
72
|
this.challenge = {
|
|
47
73
|
type: pki_common_1.ChallengeType.Untrusted,
|
|
48
74
|
idHex: 'aaaaaa',
|
|
@@ -50,7 +76,7 @@ class SyncClient {
|
|
|
50
76
|
};
|
|
51
77
|
}
|
|
52
78
|
else {
|
|
53
|
-
throw new Error(`Unsupported challenge type: ${
|
|
79
|
+
throw new Error(`Unsupported challenge type: ${challengeType}. Supported: tdx, sev, untrusted, auto`);
|
|
54
80
|
}
|
|
55
81
|
}
|
|
56
82
|
log(message) {
|
|
@@ -86,6 +112,11 @@ class SyncClient {
|
|
|
86
112
|
throw new Error(`Secret "${secret.secretName}" not found in response`);
|
|
87
113
|
}
|
|
88
114
|
const content = Buffer.from(base64Content, 'base64');
|
|
115
|
+
// Ensure directory exists
|
|
116
|
+
const dir = path.dirname(secret.saveTo);
|
|
117
|
+
if (!fs.existsSync(dir)) {
|
|
118
|
+
await fs.promises.mkdir(dir, { recursive: true });
|
|
119
|
+
}
|
|
89
120
|
await fs.promises.writeFile(secret.saveTo, content);
|
|
90
121
|
this.log(`Saved secret "${secret.secretName}" to ${secret.saveTo}`);
|
|
91
122
|
}
|
|
@@ -101,4 +132,4 @@ class SyncClient {
|
|
|
101
132
|
}
|
|
102
133
|
}
|
|
103
134
|
exports.SyncClient = SyncClient;
|
|
104
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
135
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3luYy1jbGllbnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvc3luYy1jbGllbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFDQSwyREFJb0M7QUFDcEMsMkRBQTJEO0FBQzNELGtEQUEwQjtBQUMxQix1Q0FBeUI7QUFDekIsMkNBQTZCO0FBVzdCLE1BQWEsVUFBVTtJQUNYLE9BQU8sQ0FBb0I7SUFDM0IsU0FBUyxDQUFrQjtJQUUzQixNQUFNLENBQUMsYUFBYTtRQUN4QixJQUFJLENBQUM7WUFDRCxNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQztZQUNqQyxNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQztZQUVqQyxJQUFJLEVBQUUsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDekIsTUFBTSxLQUFLLEdBQUcsRUFBRSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDbkMsSUFBSSxLQUFLLENBQUMsaUJBQWlCLEVBQUUsRUFBRSxDQUFDO29CQUM1QixPQUFPLEtBQUssQ0FBQztnQkFDakIsQ0FBQztZQUNMLENBQUM7WUFFRCxJQUFJLEVBQUUsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDekIsTUFBTSxLQUFLLEdBQUcsRUFBRSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDbkMsSUFBSSxLQUFLLENBQUMsaUJBQWlCLEVBQUUsRUFBRSxDQUFDO29CQUM1QixPQUFPLEtBQUssQ0FBQztnQkFDakIsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNiLG9EQUFvRDtRQUN4RCxDQUFDO1FBRUQsT0FBTyxXQUFXLENBQUM7SUFDdkIsQ0FBQztJQUVELFlBQVksT0FBMEI7UUFDbEMsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUM7UUFFdkIsTUFBTSxhQUFhLEdBQ2YsT0FBTyxDQUFDLFlBQVksS0FBSyxNQUFNO1lBQzNCLENBQUMsQ0FBQyxVQUFVLENBQUMsYUFBYSxFQUFFO1lBQzVCLENBQUMsQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDO1FBRS9CLElBQUksYUFBYSxLQUFLLEtBQUssRUFBRSxDQUFDO1lBQzFCLElBQUksQ0FBQyxTQUFTLEdBQUcsRUFBRSxJQUFJLEVBQUUsMEJBQWEsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUNqRCxDQUFDO2FBQU0sSUFBSSxhQUFhLEtBQUssS0FBSyxFQUFFLENBQUM7WUFDakMsSUFBSSxDQUFDLFNBQVMsR0FBRyxFQUFFLElBQUksRUFBRSwwQkFBYSxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3BELENBQUM7YUFBTSxJQUFJLGFBQWEsS0FBSyxXQUFXLEVBQUUsQ0FBQztZQUN2QyxJQUFJLENBQUMsU0FBUyxHQUFHO2dCQUNiLElBQUksRUFBRSwwQkFBYSxDQUFDLFNBQVM7Z0JBQzdCLEtBQUssRUFBRSxRQUFRO2dCQUNmLFdBQVcsRUFBRSxRQUFRO2FBQ3hCLENBQUM7UUFDTixDQUFDO2FBQU0sQ0FBQztZQUNKLE1BQU0sSUFBSSxLQUFLLENBQ1gsK0JBQStCLGFBQWEsd0NBQXdDLENBQ3ZGLENBQUM7UUFDTixDQUFDO0lBQ0wsQ0FBQztJQUVPLEdBQUcsQ0FBQyxPQUFlO1FBQ3ZCLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxPQUFPLElBQUksS0FBSyxFQUFFLENBQUM7WUFDaEMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN6QixDQUFDO0lBQ0wsQ0FBQztJQUVELEtBQUssQ0FBQyxJQUFJLENBQUMsTUFBa0I7UUFDekIsS0FBSyxNQUFNLE1BQU0sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQztnQkFDRCxJQUFJLENBQUMsR0FBRyxDQUFDLGtCQUFrQixNQUFNLEVBQUUsQ0FBQyxDQUFDO2dCQUVyQyxNQUFNLFNBQVMsR0FBb0I7b0JBQy9CLGtCQUFrQixFQUFFO3dCQUNoQixJQUFJLEVBQUUsUUFBUTt3QkFDZCxTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVM7d0JBQ3pCLE9BQU8sRUFBRSxXQUFXLE1BQU0sYUFBYTt3QkFDdkMsUUFBUSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTt3QkFDL0IsMEJBQTBCLEVBQ3RCLElBQUksQ0FBQyxPQUFPLENBQUMsMEJBQTBCLElBQUksS0FBSztxQkFDdkQ7b0JBQ0QsVUFBVSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVTtpQkFDdEMsQ0FBQztnQkFFRixNQUFNLGdCQUFnQixHQUFHLElBQUksNkJBQWdCLENBQUMsU0FBUyxDQUFDLENBQUM7Z0JBQ3pELE1BQU0sVUFBVSxHQUFHLE1BQU0sZ0JBQWdCLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBRTFELDJCQUEyQjtnQkFDM0IsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQztnQkFFNUQscUNBQXFDO2dCQUNyQyxNQUFNLFFBQVEsR0FBRyxNQUFNLGVBQUssQ0FBQyxJQUFJLENBQzdCLFdBQVcsTUFBTSxxQkFBcUIsRUFDdEMsRUFBRSxPQUFPLEVBQUUsV0FBVyxFQUFFLEVBQ3hCLEVBQUUsVUFBVSxFQUFFLENBQ2pCLENBQUM7Z0JBRUYsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FBQztnQkFFN0IseUJBQXlCO2dCQUN6QixLQUFLLE1BQU0sTUFBTSxJQUFJLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztvQkFDbEMsTUFBTSxhQUFhLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxDQUFDLENBQUM7b0JBQ3hELElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQzt3QkFDakIsTUFBTSxJQUFJLEtBQUssQ0FDWCxXQUFXLE1BQU0sQ0FBQyxVQUFVLHlCQUF5QixDQUN4RCxDQUFDO29CQUNOLENBQUM7b0JBQ0QsTUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLEVBQUUsUUFBUSxDQUFDLENBQUM7b0JBRXJELDBCQUEwQjtvQkFDMUIsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUM7b0JBQ3hDLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7d0JBQ3RCLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsR0FBRyxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7b0JBQ3RELENBQUM7b0JBRUQsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLE9BQU8sQ0FBQyxDQUFDO29CQUVwRCxJQUFJLENBQUMsR0FBRyxDQUNKLGlCQUFpQixNQUFNLENBQUMsVUFBVSxRQUFRLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FDNUQsQ0FBQztnQkFDTixDQUFDO2dCQUVELElBQUksQ0FBQyxHQUFHLENBQUMsb0NBQW9DLE1BQU0sRUFBRSxDQUFDLENBQUM7Z0JBQ3ZELE9BQU8sQ0FBQyw2QkFBNkI7WUFDekMsQ0FBQztZQUFDLE9BQU8sS0FBVSxFQUFFLENBQUM7Z0JBQ2xCLElBQUksQ0FBQyxHQUFHLENBQ0osOEJBQThCLE1BQU0sS0FBSyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQzNELENBQUM7Z0JBQ0YsMEJBQTBCO1lBQzlCLENBQUM7UUFDTCxDQUFDO1FBRUQsTUFBTSxJQUFJLEtBQUssQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7Q0FDSjtBQS9IRCxnQ0ErSEMifQ==
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/pki-sync-client",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.2",
|
|
4
4
|
"description": "PKI sync client utility",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -22,7 +22,7 @@
|
|
|
22
22
|
"license": "ISC",
|
|
23
23
|
"dependencies": {
|
|
24
24
|
"@sinclair/typebox": "0.33.22",
|
|
25
|
-
"@super-protocol/pki-client": "^2.1.
|
|
25
|
+
"@super-protocol/pki-client": "^2.1.1",
|
|
26
26
|
"@super-protocol/pki-common": "^2.0.1",
|
|
27
27
|
"axios": "^1.7.0",
|
|
28
28
|
"js-yaml": "^4.1.0",
|