@super-protocol/sdk-js 2.2.0-beta.12 → 2.2.0-beta.120
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/RIGenerator.d.ts +2 -0
- package/dist/cjs/RIGenerator.js +6 -4
- package/dist/cjs/TIIGenerator.d.ts +2 -1
- package/dist/cjs/TIIGenerator.js +13 -3
- package/dist/cjs/TeeInputGeneratorBase.d.ts +1 -1
- package/dist/cjs/TeeInputGeneratorBase.js +20 -32
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/cjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/cjs/config.d.ts +0 -1
- package/dist/cjs/config.js +1 -2
- package/dist/cjs/constants.d.ts +5 -4
- package/dist/cjs/constants.js +31 -7
- package/dist/cjs/contracts/abi.d.ts +929 -122
- package/dist/cjs/contracts/abi.js +1168 -134
- package/dist/cjs/crypto/index.d.ts +1 -0
- package/dist/cjs/crypto/index.js +16 -1
- package/dist/cjs/errors/base.error.d.ts +3 -0
- package/dist/cjs/errors/base.error.js +19 -0
- package/dist/cjs/errors/index.d.ts +2 -0
- package/dist/cjs/errors/index.js +8 -0
- package/dist/cjs/errors/not-found.error.d.ts +3 -0
- package/dist/cjs/errors/not-found.error.js +8 -0
- package/dist/cjs/errors/utils.d.ts +1 -0
- package/dist/cjs/errors/utils.js +25 -0
- package/dist/cjs/index.d.ts +11 -1
- package/dist/cjs/index.js +19 -2
- package/dist/cjs/models/Offer.d.ts +48 -6
- package/dist/cjs/models/Offer.js +159 -16
- package/dist/cjs/models/Order.d.ts +2 -90
- package/dist/cjs/models/Order.js +20 -91
- package/dist/cjs/models/Provider.js +1 -1
- package/dist/cjs/models/TCB.js +13 -5
- package/dist/cjs/models/TeeOffer.d.ts +35 -13
- package/dist/cjs/models/TeeOffer.js +119 -44
- package/dist/cjs/proto/Compression.d.ts +1 -1
- package/dist/cjs/proto/TRI.d.ts +41 -6
- package/dist/cjs/proto/TRI.js +18 -1
- package/dist/cjs/proto/TeeProperties.d.ts +5 -5
- package/dist/cjs/providers/storage/IStorageProvider.d.ts +1 -1
- package/dist/cjs/providers/storage/S3StorageProvider.d.ts +8 -7
- package/dist/cjs/providers/storage/S3StorageProvider.js +77 -38
- package/dist/cjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/cjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/cjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/cjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/cjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/cjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/cjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/cjs/providers/storage/StorjCredentialsManager.js +109 -0
- package/dist/cjs/providers/storage/StorjStorageProvider.js +26 -3
- package/dist/cjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/cjs/providers/storage/fs-storage-provider.js +143 -0
- package/dist/cjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/cjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/cjs/providers/storage/parseStorageCredentials.js +21 -0
- package/dist/cjs/providers/storage/types.d.ts +22 -0
- package/dist/cjs/staticModels/Consensus.d.ts +3 -2
- package/dist/cjs/staticModels/Consensus.js +22 -11
- package/dist/cjs/staticModels/LoaderSecretsPublicKeys.js +3 -3
- package/dist/cjs/staticModels/LoaderSessions.d.ts +2 -2
- package/dist/cjs/staticModels/LoaderSessions.js +5 -5
- package/dist/cjs/staticModels/OfferResources.d.ts +3 -1
- package/dist/cjs/staticModels/OfferResources.js +33 -8
- package/dist/cjs/staticModels/Offers.js +10 -2
- package/dist/cjs/staticModels/OffersStorageAllocated.d.ts +1 -2
- package/dist/cjs/staticModels/OffersStorageAllocated.js +10 -10
- package/dist/cjs/staticModels/OffersStorageRequests.js +4 -3
- package/dist/cjs/staticModels/Orders.d.ts +5 -4
- package/dist/cjs/staticModels/Orders.js +7 -6
- package/dist/cjs/staticModels/SecretRequests.d.ts +1 -1
- package/dist/cjs/staticModels/SecretRequests.js +14 -7
- package/dist/cjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/cjs/staticModels/TeeOffers.js +5 -38
- package/dist/cjs/tee/QuoteParser.d.ts +61 -6
- package/dist/cjs/tee/QuoteParser.js +251 -30
- package/dist/cjs/tee/QuoteValidator.d.ts +13 -0
- package/dist/cjs/tee/QuoteValidator.js +149 -35
- package/dist/cjs/tee/TcbSerializer.d.ts +20 -0
- package/dist/cjs/tee/TcbSerializer.js +27 -0
- package/dist/cjs/tee/TeeBlockVerifier.d.ts +1 -6
- package/dist/cjs/tee/TeeBlockVerifier.js +5 -52
- package/dist/cjs/tee/TeeCertificateService.d.ts +13 -0
- package/dist/cjs/tee/TeeCertificateService.js +42 -0
- package/dist/cjs/tee/errors.d.ts +6 -3
- package/dist/cjs/tee/errors.js +9 -5
- package/dist/cjs/tee/helpers.d.ts +1 -1
- package/dist/cjs/tee/helpers.js +2 -7
- package/dist/cjs/tee/types.d.ts +50 -9
- package/dist/cjs/tee/types.js +32 -1
- package/dist/cjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/cjs/types/Offer.d.ts +33 -7
- package/dist/cjs/types/Offer.js +17 -2
- package/dist/cjs/types/OfferVersion.d.ts +13 -0
- package/dist/cjs/types/OfferVersion.js +9 -0
- package/dist/cjs/types/Order.d.ts +8 -2
- package/dist/cjs/types/Order.js +3 -1
- package/dist/cjs/types/SlotInfo.d.ts +1 -0
- package/dist/cjs/types/Superpro.d.ts +2 -1
- package/dist/cjs/types/Superpro.js +2 -1
- package/dist/cjs/types/TeeOfferInfo.d.ts +2 -1
- package/dist/cjs/types/index.d.ts +1 -0
- package/dist/cjs/types/index.js +2 -1
- package/dist/cjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/cjs/utils/CryptoKeysTransformer.d.ts +6 -1
- package/dist/cjs/utils/CryptoKeysTransformer.js +48 -3
- package/dist/cjs/utils/NonceTracker.js +1 -1
- package/dist/cjs/utils/helper.d.ts +7 -1
- package/dist/cjs/utils/helper.js +87 -2
- package/dist/cjs/utils/helpers/OrderArgsHelper.d.ts +17 -0
- package/dist/cjs/utils/helpers/OrderArgsHelper.js +87 -0
- package/dist/cjs/utils/helpers/index.d.ts +2 -0
- package/dist/cjs/utils/helpers/index.js +3 -1
- package/dist/cjs/utils/helpers/uploadObjectToStorage.d.ts +13 -0
- package/dist/cjs/utils/helpers/uploadObjectToStorage.js +55 -0
- package/dist/cjs/utils/schema-validators/index.d.ts +1 -0
- package/dist/cjs/utils/schema-validators/index.js +6 -0
- package/dist/cjs/utils/schema-validators/validator.d.ts +7 -0
- package/dist/cjs/utils/schema-validators/validator.js +49 -0
- package/dist/mjs/RIGenerator.d.ts +2 -0
- package/dist/mjs/RIGenerator.js +6 -4
- package/dist/mjs/TIIGenerator.d.ts +2 -1
- package/dist/mjs/TIIGenerator.js +13 -3
- package/dist/mjs/TeeInputGeneratorBase.d.ts +1 -1
- package/dist/mjs/TeeInputGeneratorBase.js +20 -32
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/mjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/mjs/config.d.ts +0 -1
- package/dist/mjs/config.js +1 -2
- package/dist/mjs/constants.d.ts +5 -4
- package/dist/mjs/constants.js +30 -6
- package/dist/mjs/contracts/abi.d.ts +929 -122
- package/dist/mjs/contracts/abi.js +1166 -132
- package/dist/mjs/crypto/index.d.ts +1 -0
- package/dist/mjs/crypto/index.js +2 -1
- package/dist/mjs/errors/base.error.d.ts +3 -0
- package/dist/mjs/errors/base.error.js +15 -0
- package/dist/mjs/errors/index.d.ts +2 -0
- package/dist/mjs/errors/index.js +3 -0
- package/dist/mjs/errors/not-found.error.d.ts +3 -0
- package/dist/mjs/errors/not-found.error.js +4 -0
- package/dist/mjs/errors/utils.d.ts +1 -0
- package/dist/mjs/errors/utils.js +18 -0
- package/dist/mjs/index.d.ts +11 -1
- package/dist/mjs/index.js +11 -2
- package/dist/mjs/models/Offer.d.ts +48 -6
- package/dist/mjs/models/Offer.js +161 -18
- package/dist/mjs/models/Order.d.ts +2 -90
- package/dist/mjs/models/Order.js +20 -91
- package/dist/mjs/models/Provider.js +1 -1
- package/dist/mjs/models/TCB.js +13 -5
- package/dist/mjs/models/TeeOffer.d.ts +35 -13
- package/dist/mjs/models/TeeOffer.js +115 -40
- package/dist/mjs/proto/Compression.d.ts +1 -1
- package/dist/mjs/proto/TRI.d.ts +41 -6
- package/dist/mjs/proto/TRI.js +18 -1
- package/dist/mjs/proto/TeeProperties.d.ts +5 -5
- package/dist/mjs/providers/storage/IStorageProvider.d.ts +1 -1
- package/dist/mjs/providers/storage/S3StorageProvider.d.ts +8 -7
- package/dist/mjs/providers/storage/S3StorageProvider.js +74 -38
- package/dist/mjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/mjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/mjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/mjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/mjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/mjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/mjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/mjs/providers/storage/StorjCredentialsManager.js +82 -0
- package/dist/mjs/providers/storage/StorjStorageProvider.js +3 -3
- package/dist/mjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/mjs/providers/storage/fs-storage-provider.js +113 -0
- package/dist/mjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/mjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/mjs/providers/storage/parseStorageCredentials.js +17 -0
- package/dist/mjs/providers/storage/types.d.ts +22 -0
- package/dist/mjs/staticModels/Consensus.d.ts +3 -2
- package/dist/mjs/staticModels/Consensus.js +22 -11
- package/dist/mjs/staticModels/LoaderSecretsPublicKeys.js +4 -4
- package/dist/mjs/staticModels/LoaderSessions.d.ts +2 -2
- package/dist/mjs/staticModels/LoaderSessions.js +6 -6
- package/dist/mjs/staticModels/OfferResources.d.ts +3 -1
- package/dist/mjs/staticModels/OfferResources.js +34 -9
- package/dist/mjs/staticModels/Offers.js +10 -2
- package/dist/mjs/staticModels/OffersStorageAllocated.d.ts +1 -2
- package/dist/mjs/staticModels/OffersStorageAllocated.js +11 -11
- package/dist/mjs/staticModels/OffersStorageRequests.js +5 -4
- package/dist/mjs/staticModels/Orders.d.ts +5 -4
- package/dist/mjs/staticModels/Orders.js +7 -6
- package/dist/mjs/staticModels/SecretRequests.d.ts +1 -1
- package/dist/mjs/staticModels/SecretRequests.js +15 -8
- package/dist/mjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/mjs/staticModels/TeeOffers.js +5 -38
- package/dist/mjs/store.js +2 -2
- package/dist/mjs/tee/QuoteParser.d.ts +61 -6
- package/dist/mjs/tee/QuoteParser.js +248 -29
- package/dist/mjs/tee/QuoteValidator.d.ts +13 -0
- package/dist/mjs/tee/QuoteValidator.js +149 -35
- package/dist/mjs/tee/TcbSerializer.d.ts +20 -0
- package/dist/mjs/tee/TcbSerializer.js +23 -0
- package/dist/mjs/tee/TeeBlockVerifier.d.ts +1 -6
- package/dist/mjs/tee/TeeBlockVerifier.js +5 -52
- package/dist/mjs/tee/TeeCertificateService.d.ts +13 -0
- package/dist/mjs/tee/TeeCertificateService.js +35 -0
- package/dist/mjs/tee/errors.d.ts +6 -3
- package/dist/mjs/tee/errors.js +7 -4
- package/dist/mjs/tee/helpers.d.ts +1 -1
- package/dist/mjs/tee/helpers.js +2 -7
- package/dist/mjs/tee/types.d.ts +50 -9
- package/dist/mjs/tee/types.js +28 -2
- package/dist/mjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/mjs/types/Offer.d.ts +33 -7
- package/dist/mjs/types/Offer.js +16 -1
- package/dist/mjs/types/OfferVersion.d.ts +13 -0
- package/dist/mjs/types/OfferVersion.js +6 -0
- package/dist/mjs/types/Order.d.ts +8 -2
- package/dist/mjs/types/Order.js +3 -1
- package/dist/mjs/types/SlotInfo.d.ts +1 -0
- package/dist/mjs/types/Superpro.d.ts +2 -1
- package/dist/mjs/types/Superpro.js +2 -1
- package/dist/mjs/types/TeeOfferInfo.d.ts +2 -1
- package/dist/mjs/types/index.d.ts +1 -0
- package/dist/mjs/types/index.js +2 -1
- package/dist/mjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/mjs/utils/CryptoKeysTransformer.d.ts +6 -1
- package/dist/mjs/utils/CryptoKeysTransformer.js +48 -3
- package/dist/mjs/utils/NonceTracker.js +1 -1
- package/dist/mjs/utils/helper.d.ts +7 -1
- package/dist/mjs/utils/helper.js +80 -1
- package/dist/mjs/utils/helpers/OrderArgsHelper.d.ts +17 -0
- package/dist/mjs/utils/helpers/OrderArgsHelper.js +80 -0
- package/dist/mjs/utils/helpers/index.d.ts +2 -0
- package/dist/mjs/utils/helpers/index.js +3 -1
- package/dist/mjs/utils/helpers/uploadObjectToStorage.d.ts +13 -0
- package/dist/mjs/utils/helpers/uploadObjectToStorage.js +48 -0
- package/dist/mjs/utils/schema-validators/index.d.ts +1 -0
- package/dist/mjs/utils/schema-validators/index.js +2 -0
- package/dist/mjs/utils/schema-validators/validator.d.ts +7 -0
- package/dist/mjs/utils/schema-validators/validator.js +45 -0
- package/package.json +7 -6
|
@@ -23,38 +23,17 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.TeeSgxParser = void 0;
|
|
26
|
+
exports.TeeTdxParser = exports.TeeSgxParser = exports.TeeParser = void 0;
|
|
27
27
|
const x509_1 = require("@fidm/x509");
|
|
28
28
|
const asn1js = __importStar(require("asn1js"));
|
|
29
29
|
const pkijs = __importStar(require("pkijs"));
|
|
30
30
|
const buffer_1 = require("buffer");
|
|
31
31
|
const errors_js_1 = require("./errors.js");
|
|
32
|
+
const types_js_1 = require("./types.js");
|
|
32
33
|
const helpers_js_1 = require("./helpers.js");
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
static
|
|
36
|
-
static reportSize = 384;
|
|
37
|
-
static userDataOffset = 28;
|
|
38
|
-
static userDataSize = 20;
|
|
39
|
-
static cpuSvnSize = 16;
|
|
40
|
-
static reportMrEnclaveOffset = 64;
|
|
41
|
-
static reportMrEnclaveSize = 32;
|
|
42
|
-
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
43
|
-
static reportMrSignerSize = 32;
|
|
44
|
-
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
45
|
-
static reportIsvProdIdSize = 2;
|
|
46
|
-
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
47
|
-
static reportIsvSvnSize = 2;
|
|
48
|
-
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
49
|
-
static reportUserDataSize = 64;
|
|
50
|
-
static reportUserDataSHA256Size = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
51
|
-
static ecdsaP256SignatureSize = 64;
|
|
52
|
-
static ecdsaP256PublicKeySize = 64;
|
|
53
|
-
getDataAndAdvance(blob, size) {
|
|
54
|
-
const buf = buffer_1.Buffer.from(blob.data.subarray(0, size));
|
|
55
|
-
blob.data = buffer_1.Buffer.from(blob.data.subarray(size));
|
|
56
|
-
return buf;
|
|
57
|
-
}
|
|
34
|
+
const crypto = __importStar(require("crypto"));
|
|
35
|
+
class TeeParser {
|
|
36
|
+
static reportDataHashSize = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
58
37
|
extractRS(cert) {
|
|
59
38
|
const derSignature = Buffer.from(cert.signatureValue.valueBlock.valueHexView).toString('hex');
|
|
60
39
|
const parsedSignature = helpers_js_1.Signature.importFromDER(derSignature);
|
|
@@ -81,6 +60,78 @@ class TeeSgxParser {
|
|
|
81
60
|
signature: x509Signature,
|
|
82
61
|
};
|
|
83
62
|
}
|
|
63
|
+
getDataAndAdvance(blob, size) {
|
|
64
|
+
const buf = buffer_1.Buffer.from(blob.data.subarray(0, size));
|
|
65
|
+
blob.data = buffer_1.Buffer.from(blob.data.subarray(size));
|
|
66
|
+
return buf;
|
|
67
|
+
}
|
|
68
|
+
static determineQuoteType(quote) {
|
|
69
|
+
let type = types_js_1.QuoteType.SGX;
|
|
70
|
+
if (quote.length < 48) {
|
|
71
|
+
throw new errors_js_1.TeeQuoteParserError('data has invalid length');
|
|
72
|
+
}
|
|
73
|
+
const version = Buffer.from(quote).readUInt16LE(0);
|
|
74
|
+
if (version === 4) {
|
|
75
|
+
const quoteType = Buffer.from(quote).readUInt32LE(4);
|
|
76
|
+
if (quoteType === 0x00000081) {
|
|
77
|
+
type = types_js_1.QuoteType.TDX;
|
|
78
|
+
}
|
|
79
|
+
else if (quoteType !== 0x00000000) {
|
|
80
|
+
throw new errors_js_1.TeeQuoteParserError(`Unknown quote type ${quoteType}`);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
else if (version !== 3) {
|
|
84
|
+
throw new errors_js_1.TeeQuoteParserError(`Unknown quote version ${version}`);
|
|
85
|
+
}
|
|
86
|
+
return { type, version };
|
|
87
|
+
}
|
|
88
|
+
static getMrEnclave(quote) {
|
|
89
|
+
const teeType = TeeParser.determineQuoteType(quote);
|
|
90
|
+
switch (teeType.type) {
|
|
91
|
+
case types_js_1.QuoteType.SGX: {
|
|
92
|
+
const sgxParser = new TeeSgxParser();
|
|
93
|
+
const parsedSgxQuote = sgxParser.parseQuote(quote);
|
|
94
|
+
const parsedReport = sgxParser.parseReport(parsedSgxQuote.report);
|
|
95
|
+
return parsedReport.mrEnclave;
|
|
96
|
+
}
|
|
97
|
+
case types_js_1.QuoteType.TDX: {
|
|
98
|
+
const tdxParser = new TeeTdxParser();
|
|
99
|
+
const parsedTdxQuote = tdxParser.parseQuote(quote);
|
|
100
|
+
const tdBody = tdxParser.parseBody(parsedTdxQuote.tdQuoteBody);
|
|
101
|
+
const hash = crypto.createHash('sha256');
|
|
102
|
+
hash.update(tdBody.tdAttributes);
|
|
103
|
+
hash.update(tdBody.mrTd);
|
|
104
|
+
hash.update(tdBody.rtmr0);
|
|
105
|
+
hash.update(tdBody.rtmr1);
|
|
106
|
+
hash.update(tdBody.rtmr2);
|
|
107
|
+
hash.update(tdBody.rtmr3);
|
|
108
|
+
return hash.digest();
|
|
109
|
+
}
|
|
110
|
+
default:
|
|
111
|
+
throw new errors_js_1.TeeQuoteParserError(`Unknown quote type`);
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
exports.TeeParser = TeeParser;
|
|
116
|
+
class TeeSgxParser extends TeeParser {
|
|
117
|
+
static quoteHeaderSize = 48;
|
|
118
|
+
static pceSvnOffset = 10;
|
|
119
|
+
static reportSize = 384;
|
|
120
|
+
static userDataOffset = 28;
|
|
121
|
+
static userDataSize = 20;
|
|
122
|
+
static cpuSvnSize = 16;
|
|
123
|
+
static reportMrEnclaveOffset = 64;
|
|
124
|
+
static reportMrEnclaveSize = 32;
|
|
125
|
+
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
126
|
+
static reportMrSignerSize = 32;
|
|
127
|
+
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
128
|
+
static reportIsvProdIdSize = 2;
|
|
129
|
+
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
130
|
+
static reportIsvSvnSize = 2;
|
|
131
|
+
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
132
|
+
static reportUserDataSize = 64;
|
|
133
|
+
static ecdsaP256SignatureSize = 64;
|
|
134
|
+
static ecdsaP256PublicKeySize = 64;
|
|
84
135
|
parseQuote(data) {
|
|
85
136
|
const { quoteHeaderSize, pceSvnOffset, reportSize, userDataOffset, userDataSize, ecdsaP256SignatureSize, ecdsaP256PublicKeySize, } = TeeSgxParser;
|
|
86
137
|
if (data.length < quoteHeaderSize + reportSize) {
|
|
@@ -123,9 +174,10 @@ class TeeSgxParser {
|
|
|
123
174
|
if (certificationDataSize != qeCertificationData.length) {
|
|
124
175
|
throw new errors_js_1.TeeQuoteParserError(`certificationDataSize has invalid length: $PqeCertificationData.length} instead of ${certificationDataSize} expected`);
|
|
125
176
|
}
|
|
126
|
-
const certsPems = (0, helpers_js_1.splitChain)(qeCertificationData.toString()); // [device, platform, root]
|
|
177
|
+
const certsPems = (0, helpers_js_1.splitChain)(qeCertificationData.toString()) || []; // [device, platform, root]
|
|
127
178
|
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
128
179
|
return {
|
|
180
|
+
quoteType: types_js_1.QuoteType.SGX,
|
|
129
181
|
rawHeader: quoteHeader,
|
|
130
182
|
header: {
|
|
131
183
|
version,
|
|
@@ -158,7 +210,7 @@ class TeeSgxParser {
|
|
|
158
210
|
};
|
|
159
211
|
}
|
|
160
212
|
parseReport(data) {
|
|
161
|
-
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize,
|
|
213
|
+
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize, reportDataHashSize, } = TeeSgxParser;
|
|
162
214
|
if (data.length < reportSize) {
|
|
163
215
|
throw new errors_js_1.TeeQuoteParserError('data has invalid length');
|
|
164
216
|
}
|
|
@@ -173,7 +225,7 @@ class TeeSgxParser {
|
|
|
173
225
|
.slice(reportIsvSvnOffset, reportIsvSvnOffset + reportIsvSvnSize)
|
|
174
226
|
.readUInt16LE(0);
|
|
175
227
|
const userData = report.slice(reportDataOffset, reportDataOffset + reportUserDataSize);
|
|
176
|
-
const dataHash = report.slice(reportDataOffset, reportDataOffset +
|
|
228
|
+
const dataHash = report.slice(reportDataOffset, reportDataOffset + reportDataHashSize);
|
|
177
229
|
return {
|
|
178
230
|
cpuSvn,
|
|
179
231
|
mrEnclave,
|
|
@@ -186,4 +238,173 @@ class TeeSgxParser {
|
|
|
186
238
|
}
|
|
187
239
|
}
|
|
188
240
|
exports.TeeSgxParser = TeeSgxParser;
|
|
189
|
-
|
|
241
|
+
class TeeTdxParser extends TeeParser {
|
|
242
|
+
//High-level quote structure
|
|
243
|
+
static quoteHeaderSize = 48;
|
|
244
|
+
static tdQuoteBodySize = 584;
|
|
245
|
+
static quoteSignatureDataLen = 4;
|
|
246
|
+
// Header fields
|
|
247
|
+
static headerVersionSize = 2;
|
|
248
|
+
static headerAttestationKeyTypeSize = 2;
|
|
249
|
+
static headerTeeTypeSize = 4;
|
|
250
|
+
static headerReserved1Size = 2;
|
|
251
|
+
static headerReserved2Size = 2;
|
|
252
|
+
static headerQeVendorIdSize = 16;
|
|
253
|
+
static headerUserDataSize = 20;
|
|
254
|
+
// Body fiedls
|
|
255
|
+
static bodyTeeTcbSvnSize = 16;
|
|
256
|
+
static bodyMrSeamSize = 48;
|
|
257
|
+
static bodyMrSignerSeamSize = 48;
|
|
258
|
+
static bodySeamAttributesSize = 8;
|
|
259
|
+
static bodyTdAttributesSize = 8;
|
|
260
|
+
static bodyXfamSize = 8;
|
|
261
|
+
static bodyMrTdSize = 48;
|
|
262
|
+
static bodyMrConfigIdSize = 48;
|
|
263
|
+
static bodyMrOwnerSize = 48;
|
|
264
|
+
static bodyMrOwnerConfigSize = 48;
|
|
265
|
+
static bodyRtmr0Size = 48;
|
|
266
|
+
static bodyRtmr1Size = 48;
|
|
267
|
+
static bodyRtmr2Size = 48;
|
|
268
|
+
static bodyRtmr3Size = 48;
|
|
269
|
+
static bodyReportDataSize = 64;
|
|
270
|
+
// Signature fields
|
|
271
|
+
static sigQuoteSignatureSize = 64;
|
|
272
|
+
static sigAttestationKeySize = 64;
|
|
273
|
+
static sigCertDataTypeSize = 2;
|
|
274
|
+
static sigCertDataSzSize = 4;
|
|
275
|
+
static sigQeReportSize = 384;
|
|
276
|
+
static sigQeReportSignatureSize = 64;
|
|
277
|
+
static sigQeAuthenticationDataSzSize = 2;
|
|
278
|
+
static sigSignatureTypeSize = 2;
|
|
279
|
+
static sigSignatureSzSize = 4;
|
|
280
|
+
parseQuote(data) {
|
|
281
|
+
const { quoteHeaderSize, tdQuoteBodySize, quoteSignatureDataLen, sigQuoteSignatureSize, sigAttestationKeySize, sigCertDataTypeSize, sigCertDataSzSize, sigQeReportSize, sigQeReportSignatureSize, sigQeAuthenticationDataSzSize, sigSignatureTypeSize, sigSignatureSzSize, } = TeeTdxParser;
|
|
282
|
+
const expectedSize = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen;
|
|
283
|
+
if (data.length < expectedSize) {
|
|
284
|
+
throw new errors_js_1.TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedSize}`);
|
|
285
|
+
}
|
|
286
|
+
const quoteRemainder = { data: buffer_1.Buffer.from(data) };
|
|
287
|
+
const rawHeader = this.getDataAndAdvance(quoteRemainder, quoteHeaderSize);
|
|
288
|
+
const tdQuoteBody = this.getDataAndAdvance(quoteRemainder, tdQuoteBodySize);
|
|
289
|
+
const signatureLen = this.getDataAndAdvance(quoteRemainder, quoteSignatureDataLen);
|
|
290
|
+
const certificationDataSize = signatureLen.readUInt32LE(0);
|
|
291
|
+
const expectedQuoteLen = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen + certificationDataSize;
|
|
292
|
+
if (data.length < expectedQuoteLen) {
|
|
293
|
+
throw new errors_js_1.TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedQuoteLen}`);
|
|
294
|
+
}
|
|
295
|
+
const signature = { data: this.getDataAndAdvance(quoteRemainder, certificationDataSize) };
|
|
296
|
+
const quoteSignature = this.getDataAndAdvance(signature, sigQuoteSignatureSize);
|
|
297
|
+
const ecdsaAttestationKey = this.getDataAndAdvance(signature, sigAttestationKeySize);
|
|
298
|
+
const certDataType = this.getDataAndAdvance(signature, sigCertDataTypeSize).readUint16LE(); //expected 6
|
|
299
|
+
if (certDataType !== 6)
|
|
300
|
+
throw new errors_js_1.TeeQuoteParserError(`certDataType has invalid value ${certDataType}, expected 6`);
|
|
301
|
+
const certDataSize = this.getDataAndAdvance(signature, sigCertDataSzSize).readUint32LE();
|
|
302
|
+
if (signature.data.length < certDataSize)
|
|
303
|
+
throw new errors_js_1.TeeQuoteParserError(`certData has invalid length ${data.length}, expected not less than ${certDataSize}`);
|
|
304
|
+
const qeReport = this.getDataAndAdvance(signature, sigQeReportSize);
|
|
305
|
+
const qeReportSignature = this.getDataAndAdvance(signature, sigQeReportSignatureSize);
|
|
306
|
+
const qeAuthenticationDataSize = this.getDataAndAdvance(signature, sigQeAuthenticationDataSzSize).readUint16LE();
|
|
307
|
+
if (signature.data.length < qeAuthenticationDataSize)
|
|
308
|
+
throw new errors_js_1.TeeQuoteParserError(`qeAuthenticationData has invalid length ${data.length}, expected not less than ${qeAuthenticationDataSize}`);
|
|
309
|
+
const qeAuthenticationData = this.getDataAndAdvance(signature, qeAuthenticationDataSize);
|
|
310
|
+
const qeCertificationDataType = this.getDataAndAdvance(signature, sigSignatureTypeSize).readUint16LE(); //expected 5
|
|
311
|
+
if (qeCertificationDataType !== 5)
|
|
312
|
+
throw new errors_js_1.TeeQuoteParserError(`signatureType has invalid value ${qeCertificationDataType}, expected 5`);
|
|
313
|
+
const signatureSize = this.getDataAndAdvance(signature, sigSignatureSzSize).readUint32LE();
|
|
314
|
+
if (signature.data.length < signatureSize)
|
|
315
|
+
throw new errors_js_1.TeeQuoteParserError(`certChain has invalid length ${data.length}, expected not less than ${signatureSize}`);
|
|
316
|
+
const qeCertificationData = this.getDataAndAdvance(signature, signatureSize);
|
|
317
|
+
const certsPems = (0, helpers_js_1.splitChain)(qeCertificationData.toString()) || []; // [device, platform, root]
|
|
318
|
+
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
319
|
+
return {
|
|
320
|
+
quoteType: types_js_1.QuoteType.TDX,
|
|
321
|
+
rawHeader,
|
|
322
|
+
header: this.parseHeader(rawHeader),
|
|
323
|
+
tdQuoteBody,
|
|
324
|
+
quoteSignature,
|
|
325
|
+
ecdsaAttestationKey,
|
|
326
|
+
certDataType,
|
|
327
|
+
qeReport,
|
|
328
|
+
qeReportSignature,
|
|
329
|
+
qeAuthenticationData,
|
|
330
|
+
qeCertificationDataType,
|
|
331
|
+
qeCertificationData,
|
|
332
|
+
certificates: {
|
|
333
|
+
device: {
|
|
334
|
+
pem: certsPems[0],
|
|
335
|
+
x509Data: certsData[0],
|
|
336
|
+
},
|
|
337
|
+
platform: {
|
|
338
|
+
pem: certsPems[1],
|
|
339
|
+
x509Data: certsData[1],
|
|
340
|
+
},
|
|
341
|
+
root: {
|
|
342
|
+
pem: certsPems[2],
|
|
343
|
+
x509Data: certsData[2],
|
|
344
|
+
},
|
|
345
|
+
},
|
|
346
|
+
};
|
|
347
|
+
}
|
|
348
|
+
parseHeader(data) {
|
|
349
|
+
const { headerVersionSize, headerAttestationKeyTypeSize, headerTeeTypeSize, headerReserved1Size, headerReserved2Size, headerQeVendorIdSize, headerUserDataSize, } = TeeTdxParser;
|
|
350
|
+
const headerRemainder = { data: buffer_1.Buffer.from(data) };
|
|
351
|
+
const version = this.getDataAndAdvance(headerRemainder, headerVersionSize).readUInt16LE();
|
|
352
|
+
const attestationKeyType = this.getDataAndAdvance(headerRemainder, headerAttestationKeyTypeSize).readUInt16LE();
|
|
353
|
+
const teeType = this.getDataAndAdvance(headerRemainder, headerTeeTypeSize).readUInt32LE();
|
|
354
|
+
const reserved1 = this.getDataAndAdvance(headerRemainder, headerReserved1Size);
|
|
355
|
+
const reserved2 = this.getDataAndAdvance(headerRemainder, headerReserved2Size);
|
|
356
|
+
const qeVendorId = this.getDataAndAdvance(headerRemainder, headerQeVendorIdSize);
|
|
357
|
+
const userData = this.getDataAndAdvance(headerRemainder, headerUserDataSize);
|
|
358
|
+
return {
|
|
359
|
+
version,
|
|
360
|
+
attestationKeyType,
|
|
361
|
+
teeType,
|
|
362
|
+
reserved1,
|
|
363
|
+
reserved2,
|
|
364
|
+
qeVendorId,
|
|
365
|
+
userData,
|
|
366
|
+
};
|
|
367
|
+
}
|
|
368
|
+
parseBody(data) {
|
|
369
|
+
const { bodyTeeTcbSvnSize, bodyMrSeamSize, bodyMrSignerSeamSize, bodySeamAttributesSize, bodyTdAttributesSize, bodyXfamSize, bodyMrTdSize, bodyMrConfigIdSize, bodyMrOwnerSize, bodyMrOwnerConfigSize, bodyRtmr0Size, bodyRtmr1Size, bodyRtmr2Size, bodyRtmr3Size, bodyReportDataSize, reportDataHashSize, } = TeeTdxParser;
|
|
370
|
+
const bodyRemainder = { data: buffer_1.Buffer.from(data) };
|
|
371
|
+
if (bodyRemainder.data.length !== TeeTdxParser.tdQuoteBodySize)
|
|
372
|
+
throw new errors_js_1.TeeQuoteParserError(`body has invalid length ${bodyRemainder.data.length}, expected ${TeeTdxParser.tdQuoteBodySize}`);
|
|
373
|
+
const teeTcbSvn = this.getDataAndAdvance(bodyRemainder, bodyTeeTcbSvnSize);
|
|
374
|
+
const mrSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSeamSize);
|
|
375
|
+
const mrSignerSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSignerSeamSize);
|
|
376
|
+
const seamAttributes = this.getDataAndAdvance(bodyRemainder, bodySeamAttributesSize);
|
|
377
|
+
const tdAttributes = this.getDataAndAdvance(bodyRemainder, bodyTdAttributesSize);
|
|
378
|
+
const xfam = this.getDataAndAdvance(bodyRemainder, bodyXfamSize);
|
|
379
|
+
const mrTd = this.getDataAndAdvance(bodyRemainder, bodyMrTdSize);
|
|
380
|
+
const mrConfigId = this.getDataAndAdvance(bodyRemainder, bodyMrConfigIdSize);
|
|
381
|
+
const mrOwner = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerSize);
|
|
382
|
+
const mrOwnerConfig = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerConfigSize);
|
|
383
|
+
const rtmr0 = this.getDataAndAdvance(bodyRemainder, bodyRtmr0Size);
|
|
384
|
+
const rtmr1 = this.getDataAndAdvance(bodyRemainder, bodyRtmr1Size);
|
|
385
|
+
const rtmr2 = this.getDataAndAdvance(bodyRemainder, bodyRtmr2Size);
|
|
386
|
+
const rtmr3 = this.getDataAndAdvance(bodyRemainder, bodyRtmr3Size);
|
|
387
|
+
const reportData = this.getDataAndAdvance(bodyRemainder, bodyReportDataSize);
|
|
388
|
+
const dataHash = reportData.slice(0, reportDataHashSize);
|
|
389
|
+
return {
|
|
390
|
+
teeTcbSvn,
|
|
391
|
+
mrSeam,
|
|
392
|
+
mrSignerSeam,
|
|
393
|
+
seamAttributes,
|
|
394
|
+
tdAttributes,
|
|
395
|
+
xfam,
|
|
396
|
+
mrTd,
|
|
397
|
+
mrConfigId,
|
|
398
|
+
mrOwner,
|
|
399
|
+
mrOwnerConfig,
|
|
400
|
+
rtmr0,
|
|
401
|
+
rtmr1,
|
|
402
|
+
rtmr2,
|
|
403
|
+
rtmr3,
|
|
404
|
+
reportData,
|
|
405
|
+
dataHash,
|
|
406
|
+
};
|
|
407
|
+
}
|
|
408
|
+
}
|
|
409
|
+
exports.TeeTdxParser = TeeTdxParser;
|
|
410
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUXVvdGVQYXJzZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdGVlL1F1b3RlUGFyc2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEscUNBQXlDO0FBQ3pDLCtDQUFpQztBQUNqQyw2Q0FBK0I7QUFDL0IsbUNBQXdDO0FBQ3hDLDJDQUFrRDtBQUNsRCx5Q0FTb0I7QUFDcEIsNkNBQXFEO0FBQ3JELCtDQUFpQztBQUVqQyxNQUFzQixTQUFTO0lBQzdCLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUMsQ0FBQyx1REFBdUQ7SUFDdEYsU0FBUyxDQUFDLElBQXVCO1FBQ3pDLE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzlGLE1BQU0sZUFBZSxHQUFHLHNCQUFTLENBQUMsYUFBYSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRTlELE9BQU87WUFDTCxDQUFDLEVBQUUsZUFBZSxDQUFDLENBQUM7WUFDcEIsQ0FBQyxFQUFFLGVBQWUsQ0FBQyxDQUFDO1lBQ3BCLFlBQVk7U0FDYixDQUFDO0lBQ0osQ0FBQztJQUVTLFFBQVEsQ0FBQyxHQUFXO1FBQzVCLE1BQU0sSUFBSSxHQUFHLGtCQUFXLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztRQUNuRCxNQUFNLGVBQWUsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNqRCxNQUFNLFdBQVcsR0FBRyxJQUFJLEtBQUssQ0FBQyxXQUFXLENBQUMsRUFBRSxNQUFNLEVBQUUsZUFBZSxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUM7UUFFOUUsTUFBTSxHQUFHLEdBQUcsV0FBVyxDQUFDLE9BQU8sQ0FBQztRQUVoQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLENBQUMsRUFBRSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFN0MsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNqRSxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDckUsTUFBTSxhQUFhLEdBQUcsSUFBSSxHQUFHLFNBQVMsQ0FBQztRQUN2QyxNQUFNLGFBQWEsR0FBRyxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUVuQyxPQUFPO1lBQ0wsV0FBVyxFQUFFLElBQUksR0FBRyxVQUFVLENBQUMsQ0FBQyxDQUFDO1lBQ2pDLFNBQVMsRUFBRSxhQUFhO1lBQ3hCLFdBQVcsRUFBRSxJQUFJLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQztZQUNqQyxTQUFTLEVBQUUsYUFBYTtTQUN6QixDQUFDO0lBQ0osQ0FBQztJQUVTLGlCQUFpQixDQUFDLElBQW9CLEVBQUUsSUFBWTtRQUM1RCxNQUFNLEdBQUcsR0FBRyxlQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsRUFBRSxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBQ25ELElBQUksQ0FBQyxJQUFJLEdBQUcsZUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBRWhELE9BQU8sR0FBRyxDQUFDO0lBQ2IsQ0FBQztJQUVNLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxLQUFpQjtRQUNoRCxJQUFJLElBQUksR0FBRyxvQkFBUyxDQUFDLEdBQUcsQ0FBQztRQUV6QixJQUFJLEtBQUssQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdEIsTUFBTSxJQUFJLCtCQUFtQixDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDM0QsQ0FBQztRQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRW5ELElBQUksT0FBTyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2xCLE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ3JELElBQUksU0FBUyxLQUFLLFVBQVUsRUFBRSxDQUFDO2dCQUM3QixJQUFJLEdBQUcsb0JBQVMsQ0FBQyxHQUFHLENBQUM7WUFDdkIsQ0FBQztpQkFBTSxJQUFJLFNBQVMsS0FBSyxVQUFVLEVBQUUsQ0FBQztnQkFDcEMsTUFBTSxJQUFJLCtCQUFtQixDQUFDLHNCQUFzQixTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBQ25FLENBQUM7UUFDSCxDQUFDO2FBQU0sSUFBSSxPQUFPLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDekIsTUFBTSxJQUFJLCtCQUFtQixDQUFDLHlCQUF5QixPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ3BFLENBQUM7UUFFRCxPQUFPLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxDQUFDO0lBQzNCLENBQUM7SUFFTSxNQUFNLENBQUMsWUFBWSxDQUFDLEtBQWlCO1FBQzFDLE1BQU0sT0FBTyxHQUFHLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNwRCxRQUFRLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNyQixLQUFLLG9CQUFTLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztnQkFDbkIsTUFBTSxTQUFTLEdBQUcsSUFBSSxZQUFZLEVBQUUsQ0FBQztnQkFDckMsTUFBTSxjQUFjLEdBQUcsU0FBUyxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDbkQsTUFBTSxZQUFZLEdBQUcsU0FBUyxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7Z0JBRWxFLE9BQU8sWUFBWSxDQUFDLFNBQVMsQ0FBQztZQUNoQyxDQUFDO1lBQ0QsS0FBSyxvQkFBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ25CLE1BQU0sU0FBUyxHQUFHLElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ3JDLE1BQU0sY0FBYyxHQUFHLFNBQVMsQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ25ELE1BQU0sTUFBTSxHQUFHLFNBQVMsQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUMvRCxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUN6QyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztnQkFDakMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ3pCLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUMxQixJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDMUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzFCLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUUxQixPQUFPLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUN2QixDQUFDO1lBQ0Q7Z0JBQ0UsTUFBTSxJQUFJLCtCQUFtQixDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDeEQsQ0FBQztJQUNILENBQUM7O0FBNUZILDhCQTZGQztBQUVELE1BQWEsWUFBYSxTQUFRLFNBQVM7SUFDekMsTUFBTSxDQUFVLGVBQWUsR0FBRyxFQUFFLENBQUM7SUFDckMsTUFBTSxDQUFVLFlBQVksR0FBRyxFQUFFLENBQUM7SUFDbEMsTUFBTSxDQUFVLFVBQVUsR0FBRyxHQUFHLENBQUM7SUFDakMsTUFBTSxDQUFVLGNBQWMsR0FBRyxFQUFFLENBQUM7SUFDcEMsTUFBTSxDQUFVLFlBQVksR0FBRyxFQUFFLENBQUM7SUFDbEMsTUFBTSxDQUFVLFVBQVUsR0FBRyxFQUFFLENBQUM7SUFDaEMsTUFBTSxDQUFVLHFCQUFxQixHQUFHLEVBQUUsQ0FBQztJQUMzQyxNQUFNLENBQVUsbUJBQW1CLEdBQUcsRUFBRSxDQUFDO0lBQ3pDLE1BQU0sQ0FBVSxvQkFBb0IsR0FDbEMsWUFBWSxDQUFDLHFCQUFxQixHQUFHLFlBQVksQ0FBQyxtQkFBbUIsR0FBRyxjQUFjLENBQUMsRUFBRSxDQUFDO0lBQzVGLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUM7SUFDeEMsTUFBTSxDQUFVLHFCQUFxQixHQUNuQyxZQUFZLENBQUMsb0JBQW9CLEdBQUcsWUFBWSxDQUFDLGtCQUFrQixHQUFHLGNBQWMsQ0FBQyxFQUFFLENBQUM7SUFDMUYsTUFBTSxDQUFVLG1CQUFtQixHQUFHLENBQUMsQ0FBQztJQUN4QyxNQUFNLENBQVUsa0JBQWtCLEdBQ2hDLFlBQVksQ0FBQyxxQkFBcUIsR0FBRyxZQUFZLENBQUMsbUJBQW1CLENBQUM7SUFDeEUsTUFBTSxDQUFVLGdCQUFnQixHQUFHLENBQUMsQ0FBQztJQUNyQyxNQUFNLENBQVUsZ0JBQWdCLEdBQzlCLFlBQVksQ0FBQyxrQkFBa0IsR0FBRyxZQUFZLENBQUMsZ0JBQWdCLEdBQUcsY0FBYyxDQUFDLEVBQUUsQ0FBQztJQUN0RixNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxzQkFBc0IsR0FBRyxFQUFFLENBQUM7SUFDNUMsTUFBTSxDQUFVLHNCQUFzQixHQUFHLEVBQUUsQ0FBQztJQUU1QyxVQUFVLENBQUMsSUFBZ0I7UUFDekIsTUFBTSxFQUNKLGVBQWUsRUFDZixZQUFZLEVBQ1osVUFBVSxFQUNWLGNBQWMsRUFDZCxZQUFZLEVBQ1osc0JBQXNCLEVBQ3RCLHNCQUFzQixHQUN2QixHQUFHLFlBQVksQ0FBQztRQUVqQixJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsZUFBZSxHQUFHLFVBQVUsRUFBRSxDQUFDO1lBQy9DLE1BQU0sSUFBSSwrQkFBbUIsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFDO1FBQzNELENBQUM7UUFDRCxNQUFNLGNBQWMsR0FBRyxFQUFFLElBQUksRUFBRSxlQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7UUFDakQsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUM1RSxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBRWxFLE1BQU0sT0FBTyxHQUFHLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFNUMsTUFBTSxrQkFBa0IsR0FBRyxXQUFXLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRXZELElBQUksa0JBQWtCLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDM0IsTUFBTSxJQUFJLCtCQUFtQixDQUFDLDhEQUE4RCxDQUFDLENBQUM7UUFDaEcsQ0FBQztRQUVELE1BQU0sTUFBTSxHQUFHLFdBQVcsQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFdEQsTUFBTSxRQUFRLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQyxjQUFjLEVBQUUsY0FBYyxHQUFHLFlBQVksQ0FBQyxDQUFDO1FBRWxGLE1BQU0scUJBQXFCLEdBQUcsY0FBYyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbEUsY0FBYyxDQUFDLElBQUksR0FBRyxlQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFakUsSUFBSSxxQkFBcUIsSUFBSSxjQUFjLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ3hELE1BQU0sSUFBSSwrQkFBbUIsQ0FDM0IsNkNBQTZDLGNBQWMsQ0FBQyxJQUFJLENBQUMsTUFBTSxlQUFlLHFCQUFxQixXQUFXLENBQ3ZILENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSw4QkFBOEIsR0FBRztZQUNyQyxJQUFJLEVBQUUsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxxQkFBcUIsQ0FBQztTQUNwRSxDQUFDO1FBQ0YsTUFBTSx5QkFBeUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQ3RELDhCQUE4QixFQUM5QixzQkFBc0IsQ0FDdkIsQ0FBQztRQUNGLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUNoRCw4QkFBOEIsRUFDOUIsc0JBQXNCLENBQ3ZCLENBQUM7UUFDRixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsOEJBQThCLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFDcEYsTUFBTSxpQkFBaUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQzlDLDhCQUE4QixFQUM5QixzQkFBc0IsQ0FDdkIsQ0FBQztRQUNGLE1BQU0sd0JBQXdCLEdBQUcsOEJBQThCLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNyRiw4QkFBOEIsQ0FBQyxJQUFJLEdBQUcsZUFBSSxDQUFDLElBQUksQ0FDN0MsOEJBQThCLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsQ0FDaEQsQ0FBQztRQUVGLElBQUksOEJBQThCLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyx3QkFBd0IsRUFBRSxDQUFDO1lBQzFFLE1BQU0sSUFBSSwrQkFBbUIsQ0FDM0IsZ0RBQWdELDhCQUE4QixDQUFDLElBQUksQ0FBQyxNQUFNLGVBQWUsd0JBQXdCLFdBQVcsQ0FDN0ksQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLG9CQUFvQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDakQsOEJBQThCLEVBQzlCLHdCQUF3QixDQUN6QixDQUFDO1FBRUYsTUFBTSx1QkFBdUIsR0FBRyw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRXBGLElBQUksdUJBQXVCLEdBQUcsQ0FBQyxJQUFJLHVCQUF1QixHQUFHLENBQUMsRUFBRSxDQUFDO1lBQy9ELE1BQU0sSUFBSSwrQkFBbUIsQ0FDM0IsNENBQTRDLHVCQUF1QixFQUFFLENBQ3RFLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxxQkFBcUIsR0FBRyw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xGLE1BQU0sbUJBQW1CLEdBQUcsOEJBQThCLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFFaEYsSUFBSSxxQkFBcUIsSUFBSSxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUN4RCxNQUFNLElBQUksK0JBQW1CLENBQzNCLHNGQUFzRixxQkFBcUIsV0FBVyxDQUN2SCxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sU0FBUyxHQUFHLElBQUEsdUJBQVUsRUFBQyxtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLDJCQUEyQjtRQUMvRixNQUFNLFNBQVMsR0FBRyxTQUFTLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFFN0QsT0FBTztZQUNMLFNBQVMsRUFBRSxvQkFBUyxDQUFDLEdBQUc7WUFDeEIsU0FBUyxFQUFFLFdBQVc7WUFDdEIsTUFBTSxFQUFFO2dCQUNOLE9BQU87Z0JBQ1Asa0JBQWtCO2dCQUNsQixNQUFNO2dCQUNOLFFBQVE7YUFDVDtZQUNELE1BQU07WUFDTix5QkFBeUI7WUFDekIsbUJBQW1CO1lBQ25CLFFBQVE7WUFDUixpQkFBaUI7WUFDakIsb0JBQW9CO1lBQ3BCLHVCQUF1QjtZQUN2QixtQkFBbUI7WUFDbkIsWUFBWSxFQUFFO2dCQUNaLE1BQU0sRUFBRTtvQkFDTixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELFFBQVEsRUFBRTtvQkFDUixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELElBQUksRUFBRTtvQkFDSixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2FBQ0Y7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELFdBQVcsQ0FBQyxJQUFnQjtRQUMxQixNQUFNLEVBQ0osVUFBVSxFQUNWLFVBQVUsRUFDVixxQkFBcUIsRUFDckIsbUJBQW1CLEVBQ25CLG9CQUFvQixFQUNwQixrQkFBa0IsRUFDbEIscUJBQXFCLEVBQ3JCLG1CQUFtQixFQUNuQixrQkFBa0IsRUFDbEIsZ0JBQWdCLEVBQ2hCLGdCQUFnQixFQUNoQixrQkFBa0IsRUFDbEIsa0JBQWtCLEdBQ25CLEdBQUcsWUFBWSxDQUFDO1FBRWpCLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxVQUFVLEVBQUUsQ0FBQztZQUM3QixNQUFNLElBQUksK0JBQW1CLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsZUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUMvQixNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxVQUFVLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDM0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FDNUIscUJBQXFCLEVBQ3JCLHFCQUFxQixHQUFHLG1CQUFtQixDQUM1QyxDQUFDO1FBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxvQkFBb0IsRUFBRSxvQkFBb0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sU0FBUyxHQUFHLE1BQU07YUFDckIsS0FBSyxDQUFDLHFCQUFxQixFQUFFLHFCQUFxQixHQUFHLG1CQUFtQixDQUFDO2FBQ3pFLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNuQixNQUFNLE1BQU0sR0FBRyxNQUFNO2FBQ2xCLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxrQkFBa0IsR0FBRyxnQkFBZ0IsQ0FBQzthQUNoRSxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbkIsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFBRSxnQkFBZ0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3ZGLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLEVBQUUsZ0JBQWdCLEdBQUcsa0JBQWtCLENBQUMsQ0FBQztRQUV2RixPQUFPO1lBQ0wsTUFBTTtZQUNOLFNBQVM7WUFDVCxRQUFRO1lBQ1IsU0FBUztZQUNULE1BQU07WUFDTixRQUFRO1lBQ1IsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDOztBQW5NSCxvQ0FvTUM7QUFFRCxNQUFhLFlBQWEsU0FBUSxTQUFTO0lBQ3pDLDRCQUE0QjtJQUM1QixNQUFNLENBQVUsZUFBZSxHQUFHLEVBQUUsQ0FBQztJQUNyQyxNQUFNLENBQVUsZUFBZSxHQUFHLEdBQUcsQ0FBQztJQUN0QyxNQUFNLENBQVUscUJBQXFCLEdBQUcsQ0FBQyxDQUFDO0lBRTFDLGdCQUFnQjtJQUNoQixNQUFNLENBQVUsaUJBQWlCLEdBQUcsQ0FBQyxDQUFDO0lBQ3RDLE1BQU0sQ0FBVSw0QkFBNEIsR0FBRyxDQUFDLENBQUM7SUFDakQsTUFBTSxDQUFVLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQVUsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxtQkFBbUIsR0FBRyxDQUFDLENBQUM7SUFDeEMsTUFBTSxDQUFVLG9CQUFvQixHQUFHLEVBQUUsQ0FBQztJQUMxQyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBRXhDLGNBQWM7SUFDZCxNQUFNLENBQVUsaUJBQWlCLEdBQUcsRUFBRSxDQUFDO0lBQ3ZDLE1BQU0sQ0FBVSxjQUFjLEdBQUcsRUFBRSxDQUFDO0lBQ3BDLE1BQU0sQ0FBVSxvQkFBb0IsR0FBRyxFQUFFLENBQUM7SUFDMUMsTUFBTSxDQUFVLHNCQUFzQixHQUFHLENBQUMsQ0FBQztJQUMzQyxNQUFNLENBQVUsb0JBQW9CLEdBQUcsQ0FBQyxDQUFDO0lBQ3pDLE1BQU0sQ0FBVSxZQUFZLEdBQUcsQ0FBQyxDQUFDO0lBQ2pDLE1BQU0sQ0FBVSxZQUFZLEdBQUcsRUFBRSxDQUFDO0lBQ2xDLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUM7SUFDeEMsTUFBTSxDQUFVLGVBQWUsR0FBRyxFQUFFLENBQUM7SUFDckMsTUFBTSxDQUFVLHFCQUFxQixHQUFHLEVBQUUsQ0FBQztJQUMzQyxNQUFNLENBQVUsYUFBYSxHQUFHLEVBQUUsQ0FBQztJQUNuQyxNQUFNLENBQVUsYUFBYSxHQUFHLEVBQUUsQ0FBQztJQUNuQyxNQUFNLENBQVUsYUFBYSxHQUFHLEVBQUUsQ0FBQztJQUNuQyxNQUFNLENBQVUsYUFBYSxHQUFHLEVBQUUsQ0FBQztJQUNuQyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBRXhDLG1CQUFtQjtJQUNuQixNQUFNLENBQVUscUJBQXFCLEdBQUcsRUFBRSxDQUFDO0lBQzNDLE1BQU0sQ0FBVSxxQkFBcUIsR0FBRyxFQUFFLENBQUM7SUFDM0MsTUFBTSxDQUFVLG1CQUFtQixHQUFHLENBQUMsQ0FBQztJQUN4QyxNQUFNLENBQVUsaUJBQWlCLEdBQUcsQ0FBQyxDQUFDO0lBQ3RDLE1BQU0sQ0FBVSxlQUFlLEdBQUcsR0FBRyxDQUFDO0lBQ3RDLE1BQU0sQ0FBVSx3QkFBd0IsR0FBRyxFQUFFLENBQUM7SUFDOUMsTUFBTSxDQUFVLDZCQUE2QixHQUFHLENBQUMsQ0FBQztJQUNsRCxNQUFNLENBQVUsb0JBQW9CLEdBQUcsQ0FBQyxDQUFDO0lBQ3pDLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxDQUFDLENBQUM7SUFFdkMsVUFBVSxDQUFDLElBQWdCO1FBQ3pCLE1BQU0sRUFDSixlQUFlLEVBQ2YsZUFBZSxFQUNmLHFCQUFxQixFQUVyQixxQkFBcUIsRUFDckIscUJBQXFCLEVBQ3JCLG1CQUFtQixFQUNuQixpQkFBaUIsRUFDakIsZUFBZSxFQUNmLHdCQUF3QixFQUN4Qiw2QkFBNkIsRUFDN0Isb0JBQW9CLEVBQ3BCLGtCQUFrQixHQUNuQixHQUFHLFlBQVksQ0FBQztRQUVqQixNQUFNLFlBQVksR0FBRyxlQUFlLEdBQUcsZUFBZSxHQUFHLHFCQUFxQixDQUFDO1FBQy9FLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxZQUFZLEVBQUUsQ0FBQztZQUMvQixNQUFNLElBQUksK0JBQW1CLENBQzNCLDRCQUE0QixJQUFJLENBQUMsTUFBTSw0QkFBNEIsWUFBWSxFQUFFLENBQ2xGLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsRUFBRSxJQUFJLEVBQUUsZUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBQ2pELE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsZUFBZSxDQUFDLENBQUM7UUFDMUUsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUM1RSxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLHFCQUFxQixDQUFDLENBQUM7UUFDbkYsTUFBTSxxQkFBcUIsR0FBRyxZQUFZLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTNELE1BQU0sZ0JBQWdCLEdBQ3BCLGVBQWUsR0FBRyxlQUFlLEdBQUcscUJBQXFCLEdBQUcscUJBQXFCLENBQUM7UUFDcEYsSUFBSSxJQUFJLENBQUMsTUFBTSxHQUFHLGdCQUFnQixFQUFFLENBQUM7WUFDbkMsTUFBTSxJQUFJLCtCQUFtQixDQUMzQiw0QkFBNEIsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLGdCQUFnQixFQUFFLENBQ3RGLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxTQUFTLEdBQUcsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxxQkFBcUIsQ0FBQyxFQUFFLENBQUM7UUFFMUYsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO1FBQ2hGLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO1FBRXJGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsbUJBQW1CLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLFlBQVk7UUFDeEcsSUFBSSxZQUFZLEtBQUssQ0FBQztZQUNwQixNQUFNLElBQUksK0JBQW1CLENBQUMsa0NBQWtDLFlBQVksY0FBYyxDQUFDLENBQUM7UUFFOUYsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxpQkFBaUIsQ0FBQyxDQUFDLFlBQVksRUFBRSxDQUFDO1FBRXpGLElBQUksU0FBUyxDQUFDLElBQUksQ0FBQyxNQUFNLEdBQUcsWUFBWTtZQUN0QyxNQUFNLElBQUksK0JBQW1CLENBQzNCLCtCQUErQixJQUFJLENBQUMsTUFBTSw0QkFBNEIsWUFBWSxFQUFFLENBQ3JGLENBQUM7UUFFSixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBQ3BFLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSx3QkFBd0IsQ0FBQyxDQUFDO1FBRXRGLE1BQU0sd0JBQXdCLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUNyRCxTQUFTLEVBQ1QsNkJBQTZCLENBQzlCLENBQUMsWUFBWSxFQUFFLENBQUM7UUFFakIsSUFBSSxTQUFTLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyx3QkFBd0I7WUFDbEQsTUFBTSxJQUFJLCtCQUFtQixDQUMzQiwyQ0FBMkMsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLHdCQUF3QixFQUFFLENBQzdHLENBQUM7UUFFSixNQUFNLG9CQUFvQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsd0JBQXdCLENBQUMsQ0FBQztRQUV6RixNQUFNLHVCQUF1QixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDcEQsU0FBUyxFQUNULG9CQUFvQixDQUNyQixDQUFDLFlBQVksRUFBRSxDQUFDLENBQUMsWUFBWTtRQUM5QixJQUFJLHVCQUF1QixLQUFLLENBQUM7WUFDL0IsTUFBTSxJQUFJLCtCQUFtQixDQUMzQixtQ0FBbUMsdUJBQXVCLGNBQWMsQ0FDekUsQ0FBQztRQUVKLE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsa0JBQWtCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUUzRixJQUFJLFNBQVMsQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLGFBQWE7WUFDdkMsTUFBTSxJQUFJLCtCQUFtQixDQUMzQixnQ0FBZ0MsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLGFBQWEsRUFBRSxDQUN2RixDQUFDO1FBRUosTUFBTSxtQkFBbUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLGFBQWEsQ0FBQyxDQUFDO1FBRTdFLE1BQU0sU0FBUyxHQUFHLElBQUEsdUJBQVUsRUFBQyxtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLDJCQUEyQjtRQUMvRixNQUFNLFNBQVMsR0FBRyxTQUFTLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFFN0QsT0FBTztZQUNMLFNBQVMsRUFBRSxvQkFBUyxDQUFDLEdBQUc7WUFDeEIsU0FBUztZQUNULE1BQU0sRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQztZQUNuQyxXQUFXO1lBQ1gsY0FBYztZQUNkLG1CQUFtQjtZQUNuQixZQUFZO1lBQ1osUUFBUTtZQUNSLGlCQUFpQjtZQUNqQixvQkFBb0I7WUFDcEIsdUJBQXVCO1lBQ3ZCLG1CQUFtQjtZQUNuQixZQUFZLEVBQUU7Z0JBQ1osTUFBTSxFQUFFO29CQUNOLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7Z0JBQ0QsUUFBUSxFQUFFO29CQUNSLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7Z0JBQ0QsSUFBSSxFQUFFO29CQUNKLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7YUFDRjtTQUNGLENBQUM7SUFDSixDQUFDO0lBRUQsV0FBVyxDQUFDLElBQWdCO1FBQzFCLE1BQU0sRUFDSixpQkFBaUIsRUFDakIsNEJBQTRCLEVBQzVCLGlCQUFpQixFQUNqQixtQkFBbUIsRUFDbkIsbUJBQW1CLEVBQ25CLG9CQUFvQixFQUNwQixrQkFBa0IsR0FDbkIsR0FBRyxZQUFZLENBQUM7UUFFakIsTUFBTSxlQUFlLEdBQUcsRUFBRSxJQUFJLEVBQUUsZUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBRWxELE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUMxRixNQUFNLGtCQUFrQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDL0MsZUFBZSxFQUNmLDRCQUE0QixDQUM3QixDQUFDLFlBQVksRUFBRSxDQUFDO1FBQ2pCLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUMxRixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxFQUFFLG1CQUFtQixDQUFDLENBQUM7UUFDL0UsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsRUFBRSxtQkFBbUIsQ0FBQyxDQUFDO1FBQy9FLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUNqRixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFFN0UsT0FBTztZQUNMLE9BQU87WUFDUCxrQkFBa0I7WUFDbEIsT0FBTztZQUNQLFNBQVM7WUFDVCxTQUFTO1lBQ1QsVUFBVTtZQUNWLFFBQVE7U0FDVCxDQUFDO0lBQ0osQ0FBQztJQUVELFNBQVMsQ0FBQyxJQUFnQjtRQUN4QixNQUFNLEVBQ0osaUJBQWlCLEVBQ2pCLGNBQWMsRUFDZCxvQkFBb0IsRUFDcEIsc0JBQXNCLEVBQ3RCLG9CQUFvQixFQUNwQixZQUFZLEVBQ1osWUFBWSxFQUNaLGtCQUFrQixFQUNsQixlQUFlLEVBQ2YscUJBQXFCLEVBQ3JCLGFBQWEsRUFDYixhQUFhLEVBQ2IsYUFBYSxFQUNiLGFBQWEsRUFDYixrQkFBa0IsRUFDbEIsa0JBQWtCLEdBQ25CLEdBQUcsWUFBWSxDQUFDO1FBRWpCLE1BQU0sYUFBYSxHQUFHLEVBQUUsSUFBSSxFQUFFLGVBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUVoRCxJQUFJLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLFlBQVksQ0FBQyxlQUFlO1lBQzVELE1BQU0sSUFBSSwrQkFBbUIsQ0FDM0IsMkJBQTJCLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxjQUFjLFlBQVksQ0FBQyxlQUFlLEVBQUUsQ0FDakcsQ0FBQztRQUVKLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztRQUMzRSxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGNBQWMsQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUNqRixNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLHNCQUFzQixDQUFDLENBQUM7UUFDckYsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2pGLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDakUsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNqRSxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFDN0UsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUN2RSxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLHFCQUFxQixDQUFDLENBQUM7UUFDbkYsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUNuRSxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsYUFBYSxDQUFDLENBQUM7UUFDbkUsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFDN0UsTUFBTSxRQUFRLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztRQUN6RCxPQUFPO1lBQ0wsU0FBUztZQUNULE1BQU07WUFDTixZQUFZO1lBQ1osY0FBYztZQUNkLFlBQVk7WUFDWixJQUFJO1lBQ0osSUFBSTtZQUNKLFVBQVU7WUFDVixPQUFPO1lBQ1AsYUFBYTtZQUNiLEtBQUs7WUFDTCxLQUFLO1lBQ0wsS0FBSztZQUNMLEtBQUs7WUFDTCxVQUFVO1lBQ1YsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDOztBQW5RSCxvQ0FvUUMifQ==
|
|
@@ -5,12 +5,23 @@ export interface ValidationResult {
|
|
|
5
5
|
description: string;
|
|
6
6
|
error?: unknown;
|
|
7
7
|
}
|
|
8
|
+
export type GetMrEnclaveSignatureFn = (mrEnclave: Buffer) => Promise<Buffer>;
|
|
9
|
+
export type CheckSignatureOptions = {
|
|
10
|
+
getMrEnclaveSignature: GetMrEnclaveSignatureFn;
|
|
11
|
+
};
|
|
8
12
|
export declare class QuoteValidator {
|
|
9
13
|
private readonly isDefault;
|
|
10
14
|
private readonly baseUrl;
|
|
11
15
|
private readonly teeSgxParser;
|
|
16
|
+
private readonly teeTdxParser;
|
|
12
17
|
private logger;
|
|
13
18
|
constructor(baseUrl: string);
|
|
19
|
+
static getSignature(mrEnclave: Buffer, options?: {
|
|
20
|
+
baseURL?: string;
|
|
21
|
+
retryMax?: number;
|
|
22
|
+
retryInterval?: number;
|
|
23
|
+
}): Promise<Buffer>;
|
|
24
|
+
static checkSignature(quote: Buffer, options?: CheckSignatureOptions): Promise<void>;
|
|
14
25
|
private splitChain;
|
|
15
26
|
private findSequenceByOID;
|
|
16
27
|
private searchForSequence;
|
|
@@ -32,6 +43,8 @@ export declare class QuoteValidator {
|
|
|
32
43
|
private getTcbStatus;
|
|
33
44
|
private getQuoteValidationStatus;
|
|
34
45
|
private getQuoteValidationStatusDescription;
|
|
46
|
+
checkQuote(quote: Uint8Array, dataBlob: Uint8Array): Promise<void>;
|
|
47
|
+
checkSignature(quoteBuffer: Buffer): Promise<void>;
|
|
35
48
|
validate(quoteBuffer: Buffer): Promise<ValidationResult>;
|
|
36
49
|
isQuoteHasUserData(quoteBuffer: Buffer, userDataBuffer: Buffer): Promise<boolean>;
|
|
37
50
|
private getSha256Hash;
|