@super-protocol/sdk-js 2.2.0-beta.12 → 2.2.0-beta.120
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/RIGenerator.d.ts +2 -0
- package/dist/cjs/RIGenerator.js +6 -4
- package/dist/cjs/TIIGenerator.d.ts +2 -1
- package/dist/cjs/TIIGenerator.js +13 -3
- package/dist/cjs/TeeInputGeneratorBase.d.ts +1 -1
- package/dist/cjs/TeeInputGeneratorBase.js +20 -32
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/cjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/cjs/config.d.ts +0 -1
- package/dist/cjs/config.js +1 -2
- package/dist/cjs/constants.d.ts +5 -4
- package/dist/cjs/constants.js +31 -7
- package/dist/cjs/contracts/abi.d.ts +929 -122
- package/dist/cjs/contracts/abi.js +1168 -134
- package/dist/cjs/crypto/index.d.ts +1 -0
- package/dist/cjs/crypto/index.js +16 -1
- package/dist/cjs/errors/base.error.d.ts +3 -0
- package/dist/cjs/errors/base.error.js +19 -0
- package/dist/cjs/errors/index.d.ts +2 -0
- package/dist/cjs/errors/index.js +8 -0
- package/dist/cjs/errors/not-found.error.d.ts +3 -0
- package/dist/cjs/errors/not-found.error.js +8 -0
- package/dist/cjs/errors/utils.d.ts +1 -0
- package/dist/cjs/errors/utils.js +25 -0
- package/dist/cjs/index.d.ts +11 -1
- package/dist/cjs/index.js +19 -2
- package/dist/cjs/models/Offer.d.ts +48 -6
- package/dist/cjs/models/Offer.js +159 -16
- package/dist/cjs/models/Order.d.ts +2 -90
- package/dist/cjs/models/Order.js +20 -91
- package/dist/cjs/models/Provider.js +1 -1
- package/dist/cjs/models/TCB.js +13 -5
- package/dist/cjs/models/TeeOffer.d.ts +35 -13
- package/dist/cjs/models/TeeOffer.js +119 -44
- package/dist/cjs/proto/Compression.d.ts +1 -1
- package/dist/cjs/proto/TRI.d.ts +41 -6
- package/dist/cjs/proto/TRI.js +18 -1
- package/dist/cjs/proto/TeeProperties.d.ts +5 -5
- package/dist/cjs/providers/storage/IStorageProvider.d.ts +1 -1
- package/dist/cjs/providers/storage/S3StorageProvider.d.ts +8 -7
- package/dist/cjs/providers/storage/S3StorageProvider.js +77 -38
- package/dist/cjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/cjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/cjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/cjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/cjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/cjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/cjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/cjs/providers/storage/StorjCredentialsManager.js +109 -0
- package/dist/cjs/providers/storage/StorjStorageProvider.js +26 -3
- package/dist/cjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/cjs/providers/storage/fs-storage-provider.js +143 -0
- package/dist/cjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/cjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/cjs/providers/storage/parseStorageCredentials.js +21 -0
- package/dist/cjs/providers/storage/types.d.ts +22 -0
- package/dist/cjs/staticModels/Consensus.d.ts +3 -2
- package/dist/cjs/staticModels/Consensus.js +22 -11
- package/dist/cjs/staticModels/LoaderSecretsPublicKeys.js +3 -3
- package/dist/cjs/staticModels/LoaderSessions.d.ts +2 -2
- package/dist/cjs/staticModels/LoaderSessions.js +5 -5
- package/dist/cjs/staticModels/OfferResources.d.ts +3 -1
- package/dist/cjs/staticModels/OfferResources.js +33 -8
- package/dist/cjs/staticModels/Offers.js +10 -2
- package/dist/cjs/staticModels/OffersStorageAllocated.d.ts +1 -2
- package/dist/cjs/staticModels/OffersStorageAllocated.js +10 -10
- package/dist/cjs/staticModels/OffersStorageRequests.js +4 -3
- package/dist/cjs/staticModels/Orders.d.ts +5 -4
- package/dist/cjs/staticModels/Orders.js +7 -6
- package/dist/cjs/staticModels/SecretRequests.d.ts +1 -1
- package/dist/cjs/staticModels/SecretRequests.js +14 -7
- package/dist/cjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/cjs/staticModels/TeeOffers.js +5 -38
- package/dist/cjs/tee/QuoteParser.d.ts +61 -6
- package/dist/cjs/tee/QuoteParser.js +251 -30
- package/dist/cjs/tee/QuoteValidator.d.ts +13 -0
- package/dist/cjs/tee/QuoteValidator.js +149 -35
- package/dist/cjs/tee/TcbSerializer.d.ts +20 -0
- package/dist/cjs/tee/TcbSerializer.js +27 -0
- package/dist/cjs/tee/TeeBlockVerifier.d.ts +1 -6
- package/dist/cjs/tee/TeeBlockVerifier.js +5 -52
- package/dist/cjs/tee/TeeCertificateService.d.ts +13 -0
- package/dist/cjs/tee/TeeCertificateService.js +42 -0
- package/dist/cjs/tee/errors.d.ts +6 -3
- package/dist/cjs/tee/errors.js +9 -5
- package/dist/cjs/tee/helpers.d.ts +1 -1
- package/dist/cjs/tee/helpers.js +2 -7
- package/dist/cjs/tee/types.d.ts +50 -9
- package/dist/cjs/tee/types.js +32 -1
- package/dist/cjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/cjs/types/Offer.d.ts +33 -7
- package/dist/cjs/types/Offer.js +17 -2
- package/dist/cjs/types/OfferVersion.d.ts +13 -0
- package/dist/cjs/types/OfferVersion.js +9 -0
- package/dist/cjs/types/Order.d.ts +8 -2
- package/dist/cjs/types/Order.js +3 -1
- package/dist/cjs/types/SlotInfo.d.ts +1 -0
- package/dist/cjs/types/Superpro.d.ts +2 -1
- package/dist/cjs/types/Superpro.js +2 -1
- package/dist/cjs/types/TeeOfferInfo.d.ts +2 -1
- package/dist/cjs/types/index.d.ts +1 -0
- package/dist/cjs/types/index.js +2 -1
- package/dist/cjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/cjs/utils/CryptoKeysTransformer.d.ts +6 -1
- package/dist/cjs/utils/CryptoKeysTransformer.js +48 -3
- package/dist/cjs/utils/NonceTracker.js +1 -1
- package/dist/cjs/utils/helper.d.ts +7 -1
- package/dist/cjs/utils/helper.js +87 -2
- package/dist/cjs/utils/helpers/OrderArgsHelper.d.ts +17 -0
- package/dist/cjs/utils/helpers/OrderArgsHelper.js +87 -0
- package/dist/cjs/utils/helpers/index.d.ts +2 -0
- package/dist/cjs/utils/helpers/index.js +3 -1
- package/dist/cjs/utils/helpers/uploadObjectToStorage.d.ts +13 -0
- package/dist/cjs/utils/helpers/uploadObjectToStorage.js +55 -0
- package/dist/cjs/utils/schema-validators/index.d.ts +1 -0
- package/dist/cjs/utils/schema-validators/index.js +6 -0
- package/dist/cjs/utils/schema-validators/validator.d.ts +7 -0
- package/dist/cjs/utils/schema-validators/validator.js +49 -0
- package/dist/mjs/RIGenerator.d.ts +2 -0
- package/dist/mjs/RIGenerator.js +6 -4
- package/dist/mjs/TIIGenerator.d.ts +2 -1
- package/dist/mjs/TIIGenerator.js +13 -3
- package/dist/mjs/TeeInputGeneratorBase.d.ts +1 -1
- package/dist/mjs/TeeInputGeneratorBase.js +20 -32
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/mjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/mjs/config.d.ts +0 -1
- package/dist/mjs/config.js +1 -2
- package/dist/mjs/constants.d.ts +5 -4
- package/dist/mjs/constants.js +30 -6
- package/dist/mjs/contracts/abi.d.ts +929 -122
- package/dist/mjs/contracts/abi.js +1166 -132
- package/dist/mjs/crypto/index.d.ts +1 -0
- package/dist/mjs/crypto/index.js +2 -1
- package/dist/mjs/errors/base.error.d.ts +3 -0
- package/dist/mjs/errors/base.error.js +15 -0
- package/dist/mjs/errors/index.d.ts +2 -0
- package/dist/mjs/errors/index.js +3 -0
- package/dist/mjs/errors/not-found.error.d.ts +3 -0
- package/dist/mjs/errors/not-found.error.js +4 -0
- package/dist/mjs/errors/utils.d.ts +1 -0
- package/dist/mjs/errors/utils.js +18 -0
- package/dist/mjs/index.d.ts +11 -1
- package/dist/mjs/index.js +11 -2
- package/dist/mjs/models/Offer.d.ts +48 -6
- package/dist/mjs/models/Offer.js +161 -18
- package/dist/mjs/models/Order.d.ts +2 -90
- package/dist/mjs/models/Order.js +20 -91
- package/dist/mjs/models/Provider.js +1 -1
- package/dist/mjs/models/TCB.js +13 -5
- package/dist/mjs/models/TeeOffer.d.ts +35 -13
- package/dist/mjs/models/TeeOffer.js +115 -40
- package/dist/mjs/proto/Compression.d.ts +1 -1
- package/dist/mjs/proto/TRI.d.ts +41 -6
- package/dist/mjs/proto/TRI.js +18 -1
- package/dist/mjs/proto/TeeProperties.d.ts +5 -5
- package/dist/mjs/providers/storage/IStorageProvider.d.ts +1 -1
- package/dist/mjs/providers/storage/S3StorageProvider.d.ts +8 -7
- package/dist/mjs/providers/storage/S3StorageProvider.js +74 -38
- package/dist/mjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/mjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/mjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/mjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/mjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/mjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/mjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/mjs/providers/storage/StorjCredentialsManager.js +82 -0
- package/dist/mjs/providers/storage/StorjStorageProvider.js +3 -3
- package/dist/mjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/mjs/providers/storage/fs-storage-provider.js +113 -0
- package/dist/mjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/mjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/mjs/providers/storage/parseStorageCredentials.js +17 -0
- package/dist/mjs/providers/storage/types.d.ts +22 -0
- package/dist/mjs/staticModels/Consensus.d.ts +3 -2
- package/dist/mjs/staticModels/Consensus.js +22 -11
- package/dist/mjs/staticModels/LoaderSecretsPublicKeys.js +4 -4
- package/dist/mjs/staticModels/LoaderSessions.d.ts +2 -2
- package/dist/mjs/staticModels/LoaderSessions.js +6 -6
- package/dist/mjs/staticModels/OfferResources.d.ts +3 -1
- package/dist/mjs/staticModels/OfferResources.js +34 -9
- package/dist/mjs/staticModels/Offers.js +10 -2
- package/dist/mjs/staticModels/OffersStorageAllocated.d.ts +1 -2
- package/dist/mjs/staticModels/OffersStorageAllocated.js +11 -11
- package/dist/mjs/staticModels/OffersStorageRequests.js +5 -4
- package/dist/mjs/staticModels/Orders.d.ts +5 -4
- package/dist/mjs/staticModels/Orders.js +7 -6
- package/dist/mjs/staticModels/SecretRequests.d.ts +1 -1
- package/dist/mjs/staticModels/SecretRequests.js +15 -8
- package/dist/mjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/mjs/staticModels/TeeOffers.js +5 -38
- package/dist/mjs/store.js +2 -2
- package/dist/mjs/tee/QuoteParser.d.ts +61 -6
- package/dist/mjs/tee/QuoteParser.js +248 -29
- package/dist/mjs/tee/QuoteValidator.d.ts +13 -0
- package/dist/mjs/tee/QuoteValidator.js +149 -35
- package/dist/mjs/tee/TcbSerializer.d.ts +20 -0
- package/dist/mjs/tee/TcbSerializer.js +23 -0
- package/dist/mjs/tee/TeeBlockVerifier.d.ts +1 -6
- package/dist/mjs/tee/TeeBlockVerifier.js +5 -52
- package/dist/mjs/tee/TeeCertificateService.d.ts +13 -0
- package/dist/mjs/tee/TeeCertificateService.js +35 -0
- package/dist/mjs/tee/errors.d.ts +6 -3
- package/dist/mjs/tee/errors.js +7 -4
- package/dist/mjs/tee/helpers.d.ts +1 -1
- package/dist/mjs/tee/helpers.js +2 -7
- package/dist/mjs/tee/types.d.ts +50 -9
- package/dist/mjs/tee/types.js +28 -2
- package/dist/mjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/mjs/types/Offer.d.ts +33 -7
- package/dist/mjs/types/Offer.js +16 -1
- package/dist/mjs/types/OfferVersion.d.ts +13 -0
- package/dist/mjs/types/OfferVersion.js +6 -0
- package/dist/mjs/types/Order.d.ts +8 -2
- package/dist/mjs/types/Order.js +3 -1
- package/dist/mjs/types/SlotInfo.d.ts +1 -0
- package/dist/mjs/types/Superpro.d.ts +2 -1
- package/dist/mjs/types/Superpro.js +2 -1
- package/dist/mjs/types/TeeOfferInfo.d.ts +2 -1
- package/dist/mjs/types/index.d.ts +1 -0
- package/dist/mjs/types/index.js +2 -1
- package/dist/mjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/mjs/utils/CryptoKeysTransformer.d.ts +6 -1
- package/dist/mjs/utils/CryptoKeysTransformer.js +48 -3
- package/dist/mjs/utils/NonceTracker.js +1 -1
- package/dist/mjs/utils/helper.d.ts +7 -1
- package/dist/mjs/utils/helper.js +80 -1
- package/dist/mjs/utils/helpers/OrderArgsHelper.d.ts +17 -0
- package/dist/mjs/utils/helpers/OrderArgsHelper.js +80 -0
- package/dist/mjs/utils/helpers/index.d.ts +2 -0
- package/dist/mjs/utils/helpers/index.js +3 -1
- package/dist/mjs/utils/helpers/uploadObjectToStorage.d.ts +13 -0
- package/dist/mjs/utils/helpers/uploadObjectToStorage.js +48 -0
- package/dist/mjs/utils/schema-validators/index.d.ts +1 -0
- package/dist/mjs/utils/schema-validators/index.js +2 -0
- package/dist/mjs/utils/schema-validators/validator.d.ts +7 -0
- package/dist/mjs/utils/schema-validators/validator.js +45 -0
- package/package.json +7 -6
|
@@ -3,32 +3,11 @@ import * as asn1js from 'asn1js';
|
|
|
3
3
|
import * as pkijs from 'pkijs';
|
|
4
4
|
import { Buffer as Blob } from 'buffer';
|
|
5
5
|
import { TeeQuoteParserError } from './errors.js';
|
|
6
|
+
import { QuoteType, } from './types.js';
|
|
6
7
|
import { splitChain, Signature } from './helpers.js';
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
static
|
|
10
|
-
static reportSize = 384;
|
|
11
|
-
static userDataOffset = 28;
|
|
12
|
-
static userDataSize = 20;
|
|
13
|
-
static cpuSvnSize = 16;
|
|
14
|
-
static reportMrEnclaveOffset = 64;
|
|
15
|
-
static reportMrEnclaveSize = 32;
|
|
16
|
-
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
17
|
-
static reportMrSignerSize = 32;
|
|
18
|
-
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
19
|
-
static reportIsvProdIdSize = 2;
|
|
20
|
-
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
21
|
-
static reportIsvSvnSize = 2;
|
|
22
|
-
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
23
|
-
static reportUserDataSize = 64;
|
|
24
|
-
static reportUserDataSHA256Size = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
25
|
-
static ecdsaP256SignatureSize = 64;
|
|
26
|
-
static ecdsaP256PublicKeySize = 64;
|
|
27
|
-
getDataAndAdvance(blob, size) {
|
|
28
|
-
const buf = Blob.from(blob.data.subarray(0, size));
|
|
29
|
-
blob.data = Blob.from(blob.data.subarray(size));
|
|
30
|
-
return buf;
|
|
31
|
-
}
|
|
8
|
+
import * as crypto from 'crypto';
|
|
9
|
+
export class TeeParser {
|
|
10
|
+
static reportDataHashSize = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
32
11
|
extractRS(cert) {
|
|
33
12
|
const derSignature = Buffer.from(cert.signatureValue.valueBlock.valueHexView).toString('hex');
|
|
34
13
|
const parsedSignature = Signature.importFromDER(derSignature);
|
|
@@ -55,6 +34,77 @@ export class TeeSgxParser {
|
|
|
55
34
|
signature: x509Signature,
|
|
56
35
|
};
|
|
57
36
|
}
|
|
37
|
+
getDataAndAdvance(blob, size) {
|
|
38
|
+
const buf = Blob.from(blob.data.subarray(0, size));
|
|
39
|
+
blob.data = Blob.from(blob.data.subarray(size));
|
|
40
|
+
return buf;
|
|
41
|
+
}
|
|
42
|
+
static determineQuoteType(quote) {
|
|
43
|
+
let type = QuoteType.SGX;
|
|
44
|
+
if (quote.length < 48) {
|
|
45
|
+
throw new TeeQuoteParserError('data has invalid length');
|
|
46
|
+
}
|
|
47
|
+
const version = Buffer.from(quote).readUInt16LE(0);
|
|
48
|
+
if (version === 4) {
|
|
49
|
+
const quoteType = Buffer.from(quote).readUInt32LE(4);
|
|
50
|
+
if (quoteType === 0x00000081) {
|
|
51
|
+
type = QuoteType.TDX;
|
|
52
|
+
}
|
|
53
|
+
else if (quoteType !== 0x00000000) {
|
|
54
|
+
throw new TeeQuoteParserError(`Unknown quote type ${quoteType}`);
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
else if (version !== 3) {
|
|
58
|
+
throw new TeeQuoteParserError(`Unknown quote version ${version}`);
|
|
59
|
+
}
|
|
60
|
+
return { type, version };
|
|
61
|
+
}
|
|
62
|
+
static getMrEnclave(quote) {
|
|
63
|
+
const teeType = TeeParser.determineQuoteType(quote);
|
|
64
|
+
switch (teeType.type) {
|
|
65
|
+
case QuoteType.SGX: {
|
|
66
|
+
const sgxParser = new TeeSgxParser();
|
|
67
|
+
const parsedSgxQuote = sgxParser.parseQuote(quote);
|
|
68
|
+
const parsedReport = sgxParser.parseReport(parsedSgxQuote.report);
|
|
69
|
+
return parsedReport.mrEnclave;
|
|
70
|
+
}
|
|
71
|
+
case QuoteType.TDX: {
|
|
72
|
+
const tdxParser = new TeeTdxParser();
|
|
73
|
+
const parsedTdxQuote = tdxParser.parseQuote(quote);
|
|
74
|
+
const tdBody = tdxParser.parseBody(parsedTdxQuote.tdQuoteBody);
|
|
75
|
+
const hash = crypto.createHash('sha256');
|
|
76
|
+
hash.update(tdBody.tdAttributes);
|
|
77
|
+
hash.update(tdBody.mrTd);
|
|
78
|
+
hash.update(tdBody.rtmr0);
|
|
79
|
+
hash.update(tdBody.rtmr1);
|
|
80
|
+
hash.update(tdBody.rtmr2);
|
|
81
|
+
hash.update(tdBody.rtmr3);
|
|
82
|
+
return hash.digest();
|
|
83
|
+
}
|
|
84
|
+
default:
|
|
85
|
+
throw new TeeQuoteParserError(`Unknown quote type`);
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
export class TeeSgxParser extends TeeParser {
|
|
90
|
+
static quoteHeaderSize = 48;
|
|
91
|
+
static pceSvnOffset = 10;
|
|
92
|
+
static reportSize = 384;
|
|
93
|
+
static userDataOffset = 28;
|
|
94
|
+
static userDataSize = 20;
|
|
95
|
+
static cpuSvnSize = 16;
|
|
96
|
+
static reportMrEnclaveOffset = 64;
|
|
97
|
+
static reportMrEnclaveSize = 32;
|
|
98
|
+
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
99
|
+
static reportMrSignerSize = 32;
|
|
100
|
+
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
101
|
+
static reportIsvProdIdSize = 2;
|
|
102
|
+
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
103
|
+
static reportIsvSvnSize = 2;
|
|
104
|
+
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
105
|
+
static reportUserDataSize = 64;
|
|
106
|
+
static ecdsaP256SignatureSize = 64;
|
|
107
|
+
static ecdsaP256PublicKeySize = 64;
|
|
58
108
|
parseQuote(data) {
|
|
59
109
|
const { quoteHeaderSize, pceSvnOffset, reportSize, userDataOffset, userDataSize, ecdsaP256SignatureSize, ecdsaP256PublicKeySize, } = TeeSgxParser;
|
|
60
110
|
if (data.length < quoteHeaderSize + reportSize) {
|
|
@@ -97,9 +147,10 @@ export class TeeSgxParser {
|
|
|
97
147
|
if (certificationDataSize != qeCertificationData.length) {
|
|
98
148
|
throw new TeeQuoteParserError(`certificationDataSize has invalid length: $PqeCertificationData.length} instead of ${certificationDataSize} expected`);
|
|
99
149
|
}
|
|
100
|
-
const certsPems = splitChain(qeCertificationData.toString()); // [device, platform, root]
|
|
150
|
+
const certsPems = splitChain(qeCertificationData.toString()) || []; // [device, platform, root]
|
|
101
151
|
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
102
152
|
return {
|
|
153
|
+
quoteType: QuoteType.SGX,
|
|
103
154
|
rawHeader: quoteHeader,
|
|
104
155
|
header: {
|
|
105
156
|
version,
|
|
@@ -132,7 +183,7 @@ export class TeeSgxParser {
|
|
|
132
183
|
};
|
|
133
184
|
}
|
|
134
185
|
parseReport(data) {
|
|
135
|
-
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize,
|
|
186
|
+
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize, reportDataHashSize, } = TeeSgxParser;
|
|
136
187
|
if (data.length < reportSize) {
|
|
137
188
|
throw new TeeQuoteParserError('data has invalid length');
|
|
138
189
|
}
|
|
@@ -147,7 +198,7 @@ export class TeeSgxParser {
|
|
|
147
198
|
.slice(reportIsvSvnOffset, reportIsvSvnOffset + reportIsvSvnSize)
|
|
148
199
|
.readUInt16LE(0);
|
|
149
200
|
const userData = report.slice(reportDataOffset, reportDataOffset + reportUserDataSize);
|
|
150
|
-
const dataHash = report.slice(reportDataOffset, reportDataOffset +
|
|
201
|
+
const dataHash = report.slice(reportDataOffset, reportDataOffset + reportDataHashSize);
|
|
151
202
|
return {
|
|
152
203
|
cpuSvn,
|
|
153
204
|
mrEnclave,
|
|
@@ -159,4 +210,172 @@ export class TeeSgxParser {
|
|
|
159
210
|
};
|
|
160
211
|
}
|
|
161
212
|
}
|
|
162
|
-
|
|
213
|
+
export class TeeTdxParser extends TeeParser {
|
|
214
|
+
//High-level quote structure
|
|
215
|
+
static quoteHeaderSize = 48;
|
|
216
|
+
static tdQuoteBodySize = 584;
|
|
217
|
+
static quoteSignatureDataLen = 4;
|
|
218
|
+
// Header fields
|
|
219
|
+
static headerVersionSize = 2;
|
|
220
|
+
static headerAttestationKeyTypeSize = 2;
|
|
221
|
+
static headerTeeTypeSize = 4;
|
|
222
|
+
static headerReserved1Size = 2;
|
|
223
|
+
static headerReserved2Size = 2;
|
|
224
|
+
static headerQeVendorIdSize = 16;
|
|
225
|
+
static headerUserDataSize = 20;
|
|
226
|
+
// Body fiedls
|
|
227
|
+
static bodyTeeTcbSvnSize = 16;
|
|
228
|
+
static bodyMrSeamSize = 48;
|
|
229
|
+
static bodyMrSignerSeamSize = 48;
|
|
230
|
+
static bodySeamAttributesSize = 8;
|
|
231
|
+
static bodyTdAttributesSize = 8;
|
|
232
|
+
static bodyXfamSize = 8;
|
|
233
|
+
static bodyMrTdSize = 48;
|
|
234
|
+
static bodyMrConfigIdSize = 48;
|
|
235
|
+
static bodyMrOwnerSize = 48;
|
|
236
|
+
static bodyMrOwnerConfigSize = 48;
|
|
237
|
+
static bodyRtmr0Size = 48;
|
|
238
|
+
static bodyRtmr1Size = 48;
|
|
239
|
+
static bodyRtmr2Size = 48;
|
|
240
|
+
static bodyRtmr3Size = 48;
|
|
241
|
+
static bodyReportDataSize = 64;
|
|
242
|
+
// Signature fields
|
|
243
|
+
static sigQuoteSignatureSize = 64;
|
|
244
|
+
static sigAttestationKeySize = 64;
|
|
245
|
+
static sigCertDataTypeSize = 2;
|
|
246
|
+
static sigCertDataSzSize = 4;
|
|
247
|
+
static sigQeReportSize = 384;
|
|
248
|
+
static sigQeReportSignatureSize = 64;
|
|
249
|
+
static sigQeAuthenticationDataSzSize = 2;
|
|
250
|
+
static sigSignatureTypeSize = 2;
|
|
251
|
+
static sigSignatureSzSize = 4;
|
|
252
|
+
parseQuote(data) {
|
|
253
|
+
const { quoteHeaderSize, tdQuoteBodySize, quoteSignatureDataLen, sigQuoteSignatureSize, sigAttestationKeySize, sigCertDataTypeSize, sigCertDataSzSize, sigQeReportSize, sigQeReportSignatureSize, sigQeAuthenticationDataSzSize, sigSignatureTypeSize, sigSignatureSzSize, } = TeeTdxParser;
|
|
254
|
+
const expectedSize = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen;
|
|
255
|
+
if (data.length < expectedSize) {
|
|
256
|
+
throw new TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedSize}`);
|
|
257
|
+
}
|
|
258
|
+
const quoteRemainder = { data: Blob.from(data) };
|
|
259
|
+
const rawHeader = this.getDataAndAdvance(quoteRemainder, quoteHeaderSize);
|
|
260
|
+
const tdQuoteBody = this.getDataAndAdvance(quoteRemainder, tdQuoteBodySize);
|
|
261
|
+
const signatureLen = this.getDataAndAdvance(quoteRemainder, quoteSignatureDataLen);
|
|
262
|
+
const certificationDataSize = signatureLen.readUInt32LE(0);
|
|
263
|
+
const expectedQuoteLen = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen + certificationDataSize;
|
|
264
|
+
if (data.length < expectedQuoteLen) {
|
|
265
|
+
throw new TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedQuoteLen}`);
|
|
266
|
+
}
|
|
267
|
+
const signature = { data: this.getDataAndAdvance(quoteRemainder, certificationDataSize) };
|
|
268
|
+
const quoteSignature = this.getDataAndAdvance(signature, sigQuoteSignatureSize);
|
|
269
|
+
const ecdsaAttestationKey = this.getDataAndAdvance(signature, sigAttestationKeySize);
|
|
270
|
+
const certDataType = this.getDataAndAdvance(signature, sigCertDataTypeSize).readUint16LE(); //expected 6
|
|
271
|
+
if (certDataType !== 6)
|
|
272
|
+
throw new TeeQuoteParserError(`certDataType has invalid value ${certDataType}, expected 6`);
|
|
273
|
+
const certDataSize = this.getDataAndAdvance(signature, sigCertDataSzSize).readUint32LE();
|
|
274
|
+
if (signature.data.length < certDataSize)
|
|
275
|
+
throw new TeeQuoteParserError(`certData has invalid length ${data.length}, expected not less than ${certDataSize}`);
|
|
276
|
+
const qeReport = this.getDataAndAdvance(signature, sigQeReportSize);
|
|
277
|
+
const qeReportSignature = this.getDataAndAdvance(signature, sigQeReportSignatureSize);
|
|
278
|
+
const qeAuthenticationDataSize = this.getDataAndAdvance(signature, sigQeAuthenticationDataSzSize).readUint16LE();
|
|
279
|
+
if (signature.data.length < qeAuthenticationDataSize)
|
|
280
|
+
throw new TeeQuoteParserError(`qeAuthenticationData has invalid length ${data.length}, expected not less than ${qeAuthenticationDataSize}`);
|
|
281
|
+
const qeAuthenticationData = this.getDataAndAdvance(signature, qeAuthenticationDataSize);
|
|
282
|
+
const qeCertificationDataType = this.getDataAndAdvance(signature, sigSignatureTypeSize).readUint16LE(); //expected 5
|
|
283
|
+
if (qeCertificationDataType !== 5)
|
|
284
|
+
throw new TeeQuoteParserError(`signatureType has invalid value ${qeCertificationDataType}, expected 5`);
|
|
285
|
+
const signatureSize = this.getDataAndAdvance(signature, sigSignatureSzSize).readUint32LE();
|
|
286
|
+
if (signature.data.length < signatureSize)
|
|
287
|
+
throw new TeeQuoteParserError(`certChain has invalid length ${data.length}, expected not less than ${signatureSize}`);
|
|
288
|
+
const qeCertificationData = this.getDataAndAdvance(signature, signatureSize);
|
|
289
|
+
const certsPems = splitChain(qeCertificationData.toString()) || []; // [device, platform, root]
|
|
290
|
+
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
291
|
+
return {
|
|
292
|
+
quoteType: QuoteType.TDX,
|
|
293
|
+
rawHeader,
|
|
294
|
+
header: this.parseHeader(rawHeader),
|
|
295
|
+
tdQuoteBody,
|
|
296
|
+
quoteSignature,
|
|
297
|
+
ecdsaAttestationKey,
|
|
298
|
+
certDataType,
|
|
299
|
+
qeReport,
|
|
300
|
+
qeReportSignature,
|
|
301
|
+
qeAuthenticationData,
|
|
302
|
+
qeCertificationDataType,
|
|
303
|
+
qeCertificationData,
|
|
304
|
+
certificates: {
|
|
305
|
+
device: {
|
|
306
|
+
pem: certsPems[0],
|
|
307
|
+
x509Data: certsData[0],
|
|
308
|
+
},
|
|
309
|
+
platform: {
|
|
310
|
+
pem: certsPems[1],
|
|
311
|
+
x509Data: certsData[1],
|
|
312
|
+
},
|
|
313
|
+
root: {
|
|
314
|
+
pem: certsPems[2],
|
|
315
|
+
x509Data: certsData[2],
|
|
316
|
+
},
|
|
317
|
+
},
|
|
318
|
+
};
|
|
319
|
+
}
|
|
320
|
+
parseHeader(data) {
|
|
321
|
+
const { headerVersionSize, headerAttestationKeyTypeSize, headerTeeTypeSize, headerReserved1Size, headerReserved2Size, headerQeVendorIdSize, headerUserDataSize, } = TeeTdxParser;
|
|
322
|
+
const headerRemainder = { data: Blob.from(data) };
|
|
323
|
+
const version = this.getDataAndAdvance(headerRemainder, headerVersionSize).readUInt16LE();
|
|
324
|
+
const attestationKeyType = this.getDataAndAdvance(headerRemainder, headerAttestationKeyTypeSize).readUInt16LE();
|
|
325
|
+
const teeType = this.getDataAndAdvance(headerRemainder, headerTeeTypeSize).readUInt32LE();
|
|
326
|
+
const reserved1 = this.getDataAndAdvance(headerRemainder, headerReserved1Size);
|
|
327
|
+
const reserved2 = this.getDataAndAdvance(headerRemainder, headerReserved2Size);
|
|
328
|
+
const qeVendorId = this.getDataAndAdvance(headerRemainder, headerQeVendorIdSize);
|
|
329
|
+
const userData = this.getDataAndAdvance(headerRemainder, headerUserDataSize);
|
|
330
|
+
return {
|
|
331
|
+
version,
|
|
332
|
+
attestationKeyType,
|
|
333
|
+
teeType,
|
|
334
|
+
reserved1,
|
|
335
|
+
reserved2,
|
|
336
|
+
qeVendorId,
|
|
337
|
+
userData,
|
|
338
|
+
};
|
|
339
|
+
}
|
|
340
|
+
parseBody(data) {
|
|
341
|
+
const { bodyTeeTcbSvnSize, bodyMrSeamSize, bodyMrSignerSeamSize, bodySeamAttributesSize, bodyTdAttributesSize, bodyXfamSize, bodyMrTdSize, bodyMrConfigIdSize, bodyMrOwnerSize, bodyMrOwnerConfigSize, bodyRtmr0Size, bodyRtmr1Size, bodyRtmr2Size, bodyRtmr3Size, bodyReportDataSize, reportDataHashSize, } = TeeTdxParser;
|
|
342
|
+
const bodyRemainder = { data: Blob.from(data) };
|
|
343
|
+
if (bodyRemainder.data.length !== TeeTdxParser.tdQuoteBodySize)
|
|
344
|
+
throw new TeeQuoteParserError(`body has invalid length ${bodyRemainder.data.length}, expected ${TeeTdxParser.tdQuoteBodySize}`);
|
|
345
|
+
const teeTcbSvn = this.getDataAndAdvance(bodyRemainder, bodyTeeTcbSvnSize);
|
|
346
|
+
const mrSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSeamSize);
|
|
347
|
+
const mrSignerSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSignerSeamSize);
|
|
348
|
+
const seamAttributes = this.getDataAndAdvance(bodyRemainder, bodySeamAttributesSize);
|
|
349
|
+
const tdAttributes = this.getDataAndAdvance(bodyRemainder, bodyTdAttributesSize);
|
|
350
|
+
const xfam = this.getDataAndAdvance(bodyRemainder, bodyXfamSize);
|
|
351
|
+
const mrTd = this.getDataAndAdvance(bodyRemainder, bodyMrTdSize);
|
|
352
|
+
const mrConfigId = this.getDataAndAdvance(bodyRemainder, bodyMrConfigIdSize);
|
|
353
|
+
const mrOwner = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerSize);
|
|
354
|
+
const mrOwnerConfig = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerConfigSize);
|
|
355
|
+
const rtmr0 = this.getDataAndAdvance(bodyRemainder, bodyRtmr0Size);
|
|
356
|
+
const rtmr1 = this.getDataAndAdvance(bodyRemainder, bodyRtmr1Size);
|
|
357
|
+
const rtmr2 = this.getDataAndAdvance(bodyRemainder, bodyRtmr2Size);
|
|
358
|
+
const rtmr3 = this.getDataAndAdvance(bodyRemainder, bodyRtmr3Size);
|
|
359
|
+
const reportData = this.getDataAndAdvance(bodyRemainder, bodyReportDataSize);
|
|
360
|
+
const dataHash = reportData.slice(0, reportDataHashSize);
|
|
361
|
+
return {
|
|
362
|
+
teeTcbSvn,
|
|
363
|
+
mrSeam,
|
|
364
|
+
mrSignerSeam,
|
|
365
|
+
seamAttributes,
|
|
366
|
+
tdAttributes,
|
|
367
|
+
xfam,
|
|
368
|
+
mrTd,
|
|
369
|
+
mrConfigId,
|
|
370
|
+
mrOwner,
|
|
371
|
+
mrOwnerConfig,
|
|
372
|
+
rtmr0,
|
|
373
|
+
rtmr1,
|
|
374
|
+
rtmr2,
|
|
375
|
+
rtmr3,
|
|
376
|
+
reportData,
|
|
377
|
+
dataHash,
|
|
378
|
+
};
|
|
379
|
+
}
|
|
380
|
+
}
|
|
381
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUXVvdGVQYXJzZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdGVlL1F1b3RlUGFyc2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDekMsT0FBTyxLQUFLLE1BQU0sTUFBTSxRQUFRLENBQUM7QUFDakMsT0FBTyxLQUFLLEtBQUssTUFBTSxPQUFPLENBQUM7QUFDL0IsT0FBTyxFQUFFLE1BQU0sSUFBSSxJQUFJLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDeEMsT0FBTyxFQUFFLG1CQUFtQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBQ2xELE9BQU8sRUFRTCxTQUFTLEdBQ1YsTUFBTSxZQUFZLENBQUM7QUFDcEIsT0FBTyxFQUFFLFVBQVUsRUFBRSxTQUFTLEVBQUUsTUFBTSxjQUFjLENBQUM7QUFDckQsT0FBTyxLQUFLLE1BQU0sTUFBTSxRQUFRLENBQUM7QUFFakMsTUFBTSxPQUFnQixTQUFTO0lBQzdCLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUMsQ0FBQyx1REFBdUQ7SUFDdEYsU0FBUyxDQUFDLElBQXVCO1FBQ3pDLE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzlGLE1BQU0sZUFBZSxHQUFHLFNBQVMsQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFOUQsT0FBTztZQUNMLENBQUMsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUNwQixDQUFDLEVBQUUsZUFBZSxDQUFDLENBQUM7WUFDcEIsWUFBWTtTQUNiLENBQUM7SUFDSixDQUFDO0lBRVMsUUFBUSxDQUFDLEdBQVc7UUFDNUIsTUFBTSxJQUFJLEdBQUcsV0FBVyxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFDbkQsTUFBTSxlQUFlLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDakQsTUFBTSxXQUFXLEdBQUcsSUFBSSxLQUFLLENBQUMsV0FBVyxDQUFDLEVBQUUsTUFBTSxFQUFFLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBRTlFLE1BQU0sR0FBRyxHQUFHLFdBQVcsQ0FBQyxPQUFPLENBQUM7UUFFaEMsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRTdDLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakUsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sYUFBYSxHQUFHLElBQUksR0FBRyxTQUFTLENBQUM7UUFDdkMsTUFBTSxhQUFhLEdBQUcsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFbkMsT0FBTztZQUNMLFdBQVcsRUFBRSxJQUFJLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQztZQUNqQyxTQUFTLEVBQUUsYUFBYTtZQUN4QixXQUFXLEVBQUUsSUFBSSxHQUFHLFVBQVUsQ0FBQyxDQUFDLENBQUM7WUFDakMsU0FBUyxFQUFFLGFBQWE7U0FDekIsQ0FBQztJQUNKLENBQUM7SUFFUyxpQkFBaUIsQ0FBQyxJQUFvQixFQUFFLElBQVk7UUFDNUQsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUNuRCxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUVoRCxPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFTSxNQUFNLENBQUMsa0JBQWtCLENBQUMsS0FBaUI7UUFDaEQsSUFBSSxJQUFJLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQztRQUV6QixJQUFJLEtBQUssQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDM0QsQ0FBQztRQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRW5ELElBQUksT0FBTyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2xCLE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ3JELElBQUksU0FBUyxLQUFLLFVBQVUsRUFBRSxDQUFDO2dCQUM3QixJQUFJLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQztZQUN2QixDQUFDO2lCQUFNLElBQUksU0FBUyxLQUFLLFVBQVUsRUFBRSxDQUFDO2dCQUNwQyxNQUFNLElBQUksbUJBQW1CLENBQUMsc0JBQXNCLFNBQVMsRUFBRSxDQUFDLENBQUM7WUFDbkUsQ0FBQztRQUNILENBQUM7YUFBTSxJQUFJLE9BQU8sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUN6QixNQUFNLElBQUksbUJBQW1CLENBQUMseUJBQXlCLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDcEUsQ0FBQztRQUVELE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUM7SUFDM0IsQ0FBQztJQUVNLE1BQU0sQ0FBQyxZQUFZLENBQUMsS0FBaUI7UUFDMUMsTUFBTSxPQUFPLEdBQUcsU0FBUyxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3BELFFBQVEsT0FBTyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ3JCLEtBQUssU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ25CLE1BQU0sU0FBUyxHQUFHLElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ3JDLE1BQU0sY0FBYyxHQUFHLFNBQVMsQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ25ELE1BQU0sWUFBWSxHQUFHLFNBQVMsQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO2dCQUVsRSxPQUFPLFlBQVksQ0FBQyxTQUFTLENBQUM7WUFDaEMsQ0FBQztZQUNELEtBQUssU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBQ25CLE1BQU0sU0FBUyxHQUFHLElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ3JDLE1BQU0sY0FBYyxHQUFHLFNBQVMsQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ25ELE1BQU0sTUFBTSxHQUFHLFNBQVMsQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUMvRCxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUN6QyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztnQkFDakMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ3pCLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUMxQixJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDMUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzFCLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUUxQixPQUFPLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUN2QixDQUFDO1lBQ0Q7Z0JBQ0UsTUFBTSxJQUFJLG1CQUFtQixDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDeEQsQ0FBQztJQUNILENBQUM7O0FBR0gsTUFBTSxPQUFPLFlBQWEsU0FBUSxTQUFTO0lBQ3pDLE1BQU0sQ0FBVSxlQUFlLEdBQUcsRUFBRSxDQUFDO0lBQ3JDLE1BQU0sQ0FBVSxZQUFZLEdBQUcsRUFBRSxDQUFDO0lBQ2xDLE1BQU0sQ0FBVSxVQUFVLEdBQUcsR0FBRyxDQUFDO0lBQ2pDLE1BQU0sQ0FBVSxjQUFjLEdBQUcsRUFBRSxDQUFDO0lBQ3BDLE1BQU0sQ0FBVSxZQUFZLEdBQUcsRUFBRSxDQUFDO0lBQ2xDLE1BQU0sQ0FBVSxVQUFVLEdBQUcsRUFBRSxDQUFDO0lBQ2hDLE1BQU0sQ0FBVSxxQkFBcUIsR0FBRyxFQUFFLENBQUM7SUFDM0MsTUFBTSxDQUFVLG1CQUFtQixHQUFHLEVBQUUsQ0FBQztJQUN6QyxNQUFNLENBQVUsb0JBQW9CLEdBQ2xDLFlBQVksQ0FBQyxxQkFBcUIsR0FBRyxZQUFZLENBQUMsbUJBQW1CLEdBQUcsY0FBYyxDQUFDLEVBQUUsQ0FBQztJQUM1RixNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxxQkFBcUIsR0FDbkMsWUFBWSxDQUFDLG9CQUFvQixHQUFHLFlBQVksQ0FBQyxrQkFBa0IsR0FBRyxjQUFjLENBQUMsRUFBRSxDQUFDO0lBQzFGLE1BQU0sQ0FBVSxtQkFBbUIsR0FBRyxDQUFDLENBQUM7SUFDeEMsTUFBTSxDQUFVLGtCQUFrQixHQUNoQyxZQUFZLENBQUMscUJBQXFCLEdBQUcsWUFBWSxDQUFDLG1CQUFtQixDQUFDO0lBQ3hFLE1BQU0sQ0FBVSxnQkFBZ0IsR0FBRyxDQUFDLENBQUM7SUFDckMsTUFBTSxDQUFVLGdCQUFnQixHQUM5QixZQUFZLENBQUMsa0JBQWtCLEdBQUcsWUFBWSxDQUFDLGdCQUFnQixHQUFHLGNBQWMsQ0FBQyxFQUFFLENBQUM7SUFDdEYsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUN4QyxNQUFNLENBQVUsc0JBQXNCLEdBQUcsRUFBRSxDQUFDO0lBQzVDLE1BQU0sQ0FBVSxzQkFBc0IsR0FBRyxFQUFFLENBQUM7SUFFNUMsVUFBVSxDQUFDLElBQWdCO1FBQ3pCLE1BQU0sRUFDSixlQUFlLEVBQ2YsWUFBWSxFQUNaLFVBQVUsRUFDVixjQUFjLEVBQ2QsWUFBWSxFQUNaLHNCQUFzQixFQUN0QixzQkFBc0IsR0FDdkIsR0FBRyxZQUFZLENBQUM7UUFFakIsSUFBSSxJQUFJLENBQUMsTUFBTSxHQUFHLGVBQWUsR0FBRyxVQUFVLEVBQUUsQ0FBQztZQUMvQyxNQUFNLElBQUksbUJBQW1CLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBQ0QsTUFBTSxjQUFjLEdBQUcsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBQ2pELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsZUFBZSxDQUFDLENBQUM7UUFDNUUsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUVsRSxNQUFNLE9BQU8sR0FBRyxXQUFXLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTVDLE1BQU0sa0JBQWtCLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUV2RCxJQUFJLGtCQUFrQixHQUFHLENBQUMsRUFBRSxDQUFDO1lBQzNCLE1BQU0sSUFBSSxtQkFBbUIsQ0FBQyw4REFBOEQsQ0FBQyxDQUFDO1FBQ2hHLENBQUM7UUFFRCxNQUFNLE1BQU0sR0FBRyxXQUFXLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRXRELE1BQU0sUUFBUSxHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsY0FBYyxFQUFFLGNBQWMsR0FBRyxZQUFZLENBQUMsQ0FBQztRQUVsRixNQUFNLHFCQUFxQixHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ2xFLGNBQWMsQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWpFLElBQUkscUJBQXFCLElBQUksY0FBYyxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUN4RCxNQUFNLElBQUksbUJBQW1CLENBQzNCLDZDQUE2QyxjQUFjLENBQUMsSUFBSSxDQUFDLE1BQU0sZUFBZSxxQkFBcUIsV0FBVyxDQUN2SCxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sOEJBQThCLEdBQUc7WUFDckMsSUFBSSxFQUFFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUscUJBQXFCLENBQUM7U0FDcEUsQ0FBQztRQUNGLE1BQU0seUJBQXlCLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUN0RCw4QkFBOEIsRUFDOUIsc0JBQXNCLENBQ3ZCLENBQUM7UUFDRixNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDaEQsOEJBQThCLEVBQzlCLHNCQUFzQixDQUN2QixDQUFDO1FBQ0YsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLDhCQUE4QixFQUFFLFVBQVUsQ0FBQyxDQUFDO1FBQ3BGLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUM5Qyw4QkFBOEIsRUFDOUIsc0JBQXNCLENBQ3ZCLENBQUM7UUFDRixNQUFNLHdCQUF3QixHQUFHLDhCQUE4QixDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDckYsOEJBQThCLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQzdDLDhCQUE4QixDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQ2hELENBQUM7UUFFRixJQUFJLDhCQUE4QixDQUFDLElBQUksQ0FBQyxNQUFNLEdBQUcsd0JBQXdCLEVBQUUsQ0FBQztZQUMxRSxNQUFNLElBQUksbUJBQW1CLENBQzNCLGdEQUFnRCw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsTUFBTSxlQUFlLHdCQUF3QixXQUFXLENBQzdJLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxvQkFBb0IsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQ2pELDhCQUE4QixFQUM5Qix3QkFBd0IsQ0FDekIsQ0FBQztRQUVGLE1BQU0sdUJBQXVCLEdBQUcsOEJBQThCLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVwRixJQUFJLHVCQUF1QixHQUFHLENBQUMsSUFBSSx1QkFBdUIsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUMvRCxNQUFNLElBQUksbUJBQW1CLENBQzNCLDRDQUE0Qyx1QkFBdUIsRUFBRSxDQUN0RSxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0scUJBQXFCLEdBQUcsOEJBQThCLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNsRixNQUFNLG1CQUFtQixHQUFHLDhCQUE4QixDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBRWhGLElBQUkscUJBQXFCLElBQUksbUJBQW1CLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDeEQsTUFBTSxJQUFJLG1CQUFtQixDQUMzQixzRkFBc0YscUJBQXFCLFdBQVcsQ0FDdkgsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLFNBQVMsR0FBRyxVQUFVLENBQUMsbUJBQW1CLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQywyQkFBMkI7UUFDL0YsTUFBTSxTQUFTLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBRTdELE9BQU87WUFDTCxTQUFTLEVBQUUsU0FBUyxDQUFDLEdBQUc7WUFDeEIsU0FBUyxFQUFFLFdBQVc7WUFDdEIsTUFBTSxFQUFFO2dCQUNOLE9BQU87Z0JBQ1Asa0JBQWtCO2dCQUNsQixNQUFNO2dCQUNOLFFBQVE7YUFDVDtZQUNELE1BQU07WUFDTix5QkFBeUI7WUFDekIsbUJBQW1CO1lBQ25CLFFBQVE7WUFDUixpQkFBaUI7WUFDakIsb0JBQW9CO1lBQ3BCLHVCQUF1QjtZQUN2QixtQkFBbUI7WUFDbkIsWUFBWSxFQUFFO2dCQUNaLE1BQU0sRUFBRTtvQkFDTixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELFFBQVEsRUFBRTtvQkFDUixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELElBQUksRUFBRTtvQkFDSixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2FBQ0Y7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELFdBQVcsQ0FBQyxJQUFnQjtRQUMxQixNQUFNLEVBQ0osVUFBVSxFQUNWLFVBQVUsRUFDVixxQkFBcUIsRUFDckIsbUJBQW1CLEVBQ25CLG9CQUFvQixFQUNwQixrQkFBa0IsRUFDbEIscUJBQXFCLEVBQ3JCLG1CQUFtQixFQUNuQixrQkFBa0IsRUFDbEIsZ0JBQWdCLEVBQ2hCLGdCQUFnQixFQUNoQixrQkFBa0IsRUFDbEIsa0JBQWtCLEdBQ25CLEdBQUcsWUFBWSxDQUFDO1FBRWpCLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxVQUFVLEVBQUUsQ0FBQztZQUM3QixNQUFNLElBQUksbUJBQW1CLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUMvQixNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxVQUFVLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDM0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FDNUIscUJBQXFCLEVBQ3JCLHFCQUFxQixHQUFHLG1CQUFtQixDQUM1QyxDQUFDO1FBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxvQkFBb0IsRUFBRSxvQkFBb0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sU0FBUyxHQUFHLE1BQU07YUFDckIsS0FBSyxDQUFDLHFCQUFxQixFQUFFLHFCQUFxQixHQUFHLG1CQUFtQixDQUFDO2FBQ3pFLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNuQixNQUFNLE1BQU0sR0FBRyxNQUFNO2FBQ2xCLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxrQkFBa0IsR0FBRyxnQkFBZ0IsQ0FBQzthQUNoRSxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbkIsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFBRSxnQkFBZ0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3ZGLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLEVBQUUsZ0JBQWdCLEdBQUcsa0JBQWtCLENBQUMsQ0FBQztRQUV2RixPQUFPO1lBQ0wsTUFBTTtZQUNOLFNBQVM7WUFDVCxRQUFRO1lBQ1IsU0FBUztZQUNULE1BQU07WUFDTixRQUFRO1lBQ1IsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDOztBQUdILE1BQU0sT0FBTyxZQUFhLFNBQVEsU0FBUztJQUN6Qyw0QkFBNEI7SUFDNUIsTUFBTSxDQUFVLGVBQWUsR0FBRyxFQUFFLENBQUM7SUFDckMsTUFBTSxDQUFVLGVBQWUsR0FBRyxHQUFHLENBQUM7SUFDdEMsTUFBTSxDQUFVLHFCQUFxQixHQUFHLENBQUMsQ0FBQztJQUUxQyxnQkFBZ0I7SUFDaEIsTUFBTSxDQUFVLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQVUsNEJBQTRCLEdBQUcsQ0FBQyxDQUFDO0lBQ2pELE1BQU0sQ0FBVSxpQkFBaUIsR0FBRyxDQUFDLENBQUM7SUFDdEMsTUFBTSxDQUFVLG1CQUFtQixHQUFHLENBQUMsQ0FBQztJQUN4QyxNQUFNLENBQVUsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxvQkFBb0IsR0FBRyxFQUFFLENBQUM7SUFDMUMsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUV4QyxjQUFjO0lBQ2QsTUFBTSxDQUFVLGlCQUFpQixHQUFHLEVBQUUsQ0FBQztJQUN2QyxNQUFNLENBQVUsY0FBYyxHQUFHLEVBQUUsQ0FBQztJQUNwQyxNQUFNLENBQVUsb0JBQW9CLEdBQUcsRUFBRSxDQUFDO0lBQzFDLE1BQU0sQ0FBVSxzQkFBc0IsR0FBRyxDQUFDLENBQUM7SUFDM0MsTUFBTSxDQUFVLG9CQUFvQixHQUFHLENBQUMsQ0FBQztJQUN6QyxNQUFNLENBQVUsWUFBWSxHQUFHLENBQUMsQ0FBQztJQUNqQyxNQUFNLENBQVUsWUFBWSxHQUFHLEVBQUUsQ0FBQztJQUNsQyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxlQUFlLEdBQUcsRUFBRSxDQUFDO0lBQ3JDLE1BQU0sQ0FBVSxxQkFBcUIsR0FBRyxFQUFFLENBQUM7SUFDM0MsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUV4QyxtQkFBbUI7SUFDbkIsTUFBTSxDQUFVLHFCQUFxQixHQUFHLEVBQUUsQ0FBQztJQUMzQyxNQUFNLENBQVUscUJBQXFCLEdBQUcsRUFBRSxDQUFDO0lBQzNDLE1BQU0sQ0FBVSxtQkFBbUIsR0FBRyxDQUFDLENBQUM7SUFDeEMsTUFBTSxDQUFVLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQVUsZUFBZSxHQUFHLEdBQUcsQ0FBQztJQUN0QyxNQUFNLENBQVUsd0JBQXdCLEdBQUcsRUFBRSxDQUFDO0lBQzlDLE1BQU0sQ0FBVSw2QkFBNkIsR0FBRyxDQUFDLENBQUM7SUFDbEQsTUFBTSxDQUFVLG9CQUFvQixHQUFHLENBQUMsQ0FBQztJQUN6QyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsQ0FBQyxDQUFDO0lBRXZDLFVBQVUsQ0FBQyxJQUFnQjtRQUN6QixNQUFNLEVBQ0osZUFBZSxFQUNmLGVBQWUsRUFDZixxQkFBcUIsRUFFckIscUJBQXFCLEVBQ3JCLHFCQUFxQixFQUNyQixtQkFBbUIsRUFDbkIsaUJBQWlCLEVBQ2pCLGVBQWUsRUFDZix3QkFBd0IsRUFDeEIsNkJBQTZCLEVBQzdCLG9CQUFvQixFQUNwQixrQkFBa0IsR0FDbkIsR0FBRyxZQUFZLENBQUM7UUFFakIsTUFBTSxZQUFZLEdBQUcsZUFBZSxHQUFHLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQztRQUMvRSxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsWUFBWSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiw0QkFBNEIsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLFlBQVksRUFBRSxDQUNsRixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sY0FBYyxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUNqRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBQzFFLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsZUFBZSxDQUFDLENBQUM7UUFDNUUsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO1FBQ25GLE1BQU0scUJBQXFCLEdBQUcsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUUzRCxNQUFNLGdCQUFnQixHQUNwQixlQUFlLEdBQUcsZUFBZSxHQUFHLHFCQUFxQixHQUFHLHFCQUFxQixDQUFDO1FBQ3BGLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ25DLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsNEJBQTRCLElBQUksQ0FBQyxNQUFNLDRCQUE0QixnQkFBZ0IsRUFBRSxDQUN0RixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sU0FBUyxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUscUJBQXFCLENBQUMsRUFBRSxDQUFDO1FBRTFGLE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUscUJBQXFCLENBQUMsQ0FBQztRQUNoRixNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUscUJBQXFCLENBQUMsQ0FBQztRQUVyRixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLG1CQUFtQixDQUFDLENBQUMsWUFBWSxFQUFFLENBQUMsQ0FBQyxZQUFZO1FBQ3hHLElBQUksWUFBWSxLQUFLLENBQUM7WUFDcEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLGtDQUFrQyxZQUFZLGNBQWMsQ0FBQyxDQUFDO1FBRTlGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUV6RixJQUFJLFNBQVMsQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLFlBQVk7WUFDdEMsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiwrQkFBK0IsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLFlBQVksRUFBRSxDQUNyRixDQUFDO1FBRUosTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUNwRSxNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsd0JBQXdCLENBQUMsQ0FBQztRQUV0RixNQUFNLHdCQUF3QixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDckQsU0FBUyxFQUNULDZCQUE2QixDQUM5QixDQUFDLFlBQVksRUFBRSxDQUFDO1FBRWpCLElBQUksU0FBUyxDQUFDLElBQUksQ0FBQyxNQUFNLEdBQUcsd0JBQXdCO1lBQ2xELE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsMkNBQTJDLElBQUksQ0FBQyxNQUFNLDRCQUE0Qix3QkFBd0IsRUFBRSxDQUM3RyxDQUFDO1FBRUosTUFBTSxvQkFBb0IsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLHdCQUF3QixDQUFDLENBQUM7UUFFekYsTUFBTSx1QkFBdUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQ3BELFNBQVMsRUFDVCxvQkFBb0IsQ0FDckIsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLFlBQVk7UUFDOUIsSUFBSSx1QkFBdUIsS0FBSyxDQUFDO1lBQy9CLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsbUNBQW1DLHVCQUF1QixjQUFjLENBQ3pFLENBQUM7UUFFSixNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLGtCQUFrQixDQUFDLENBQUMsWUFBWSxFQUFFLENBQUM7UUFFM0YsSUFBSSxTQUFTLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyxhQUFhO1lBQ3ZDLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsZ0NBQWdDLElBQUksQ0FBQyxNQUFNLDRCQUE0QixhQUFhLEVBQUUsQ0FDdkYsQ0FBQztRQUVKLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUU3RSxNQUFNLFNBQVMsR0FBRyxVQUFVLENBQUMsbUJBQW1CLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQywyQkFBMkI7UUFDL0YsTUFBTSxTQUFTLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBRTdELE9BQU87WUFDTCxTQUFTLEVBQUUsU0FBUyxDQUFDLEdBQUc7WUFDeEIsU0FBUztZQUNULE1BQU0sRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFNBQVMsQ0FBQztZQUNuQyxXQUFXO1lBQ1gsY0FBYztZQUNkLG1CQUFtQjtZQUNuQixZQUFZO1lBQ1osUUFBUTtZQUNSLGlCQUFpQjtZQUNqQixvQkFBb0I7WUFDcEIsdUJBQXVCO1lBQ3ZCLG1CQUFtQjtZQUNuQixZQUFZLEVBQUU7Z0JBQ1osTUFBTSxFQUFFO29CQUNOLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7Z0JBQ0QsUUFBUSxFQUFFO29CQUNSLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7Z0JBQ0QsSUFBSSxFQUFFO29CQUNKLEdBQUcsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO29CQUNqQixRQUFRLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztpQkFDdkI7YUFDRjtTQUNGLENBQUM7SUFDSixDQUFDO0lBRUQsV0FBVyxDQUFDLElBQWdCO1FBQzFCLE1BQU0sRUFDSixpQkFBaUIsRUFDakIsNEJBQTRCLEVBQzVCLGlCQUFpQixFQUNqQixtQkFBbUIsRUFDbkIsbUJBQW1CLEVBQ25CLG9CQUFvQixFQUNwQixrQkFBa0IsR0FDbkIsR0FBRyxZQUFZLENBQUM7UUFFakIsTUFBTSxlQUFlLEdBQUcsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBRWxELE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUMxRixNQUFNLGtCQUFrQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDL0MsZUFBZSxFQUNmLDRCQUE0QixDQUM3QixDQUFDLFlBQVksRUFBRSxDQUFDO1FBQ2pCLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUMxRixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxFQUFFLG1CQUFtQixDQUFDLENBQUM7UUFDL0UsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsRUFBRSxtQkFBbUIsQ0FBQyxDQUFDO1FBQy9FLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUNqRixNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFFN0UsT0FBTztZQUNMLE9BQU87WUFDUCxrQkFBa0I7WUFDbEIsT0FBTztZQUNQLFNBQVM7WUFDVCxTQUFTO1lBQ1QsVUFBVTtZQUNWLFFBQVE7U0FDVCxDQUFDO0lBQ0osQ0FBQztJQUVELFNBQVMsQ0FBQyxJQUFnQjtRQUN4QixNQUFNLEVBQ0osaUJBQWlCLEVBQ2pCLGNBQWMsRUFDZCxvQkFBb0IsRUFDcEIsc0JBQXNCLEVBQ3RCLG9CQUFvQixFQUNwQixZQUFZLEVBQ1osWUFBWSxFQUNaLGtCQUFrQixFQUNsQixlQUFlLEVBQ2YscUJBQXFCLEVBQ3JCLGFBQWEsRUFDYixhQUFhLEVBQ2IsYUFBYSxFQUNiLGFBQWEsRUFDYixrQkFBa0IsRUFDbEIsa0JBQWtCLEdBQ25CLEdBQUcsWUFBWSxDQUFDO1FBRWpCLE1BQU0sYUFBYSxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUVoRCxJQUFJLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLFlBQVksQ0FBQyxlQUFlO1lBQzVELE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsMkJBQTJCLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxjQUFjLFlBQVksQ0FBQyxlQUFlLEVBQUUsQ0FDakcsQ0FBQztRQUVKLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztRQUMzRSxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGNBQWMsQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsb0JBQW9CLENBQUMsQ0FBQztRQUNqRixNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLHNCQUFzQixDQUFDLENBQUM7UUFDckYsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2pGLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsWUFBWSxDQUFDLENBQUM7UUFDakUsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNqRSxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFDN0UsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUN2RSxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLHFCQUFxQixDQUFDLENBQUM7UUFDbkYsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUNuRSxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsYUFBYSxDQUFDLENBQUM7UUFDbkUsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGtCQUFrQixDQUFDLENBQUM7UUFDN0UsTUFBTSxRQUFRLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztRQUN6RCxPQUFPO1lBQ0wsU0FBUztZQUNULE1BQU07WUFDTixZQUFZO1lBQ1osY0FBYztZQUNkLFlBQVk7WUFDWixJQUFJO1lBQ0osSUFBSTtZQUNKLFVBQVU7WUFDVixPQUFPO1lBQ1AsYUFBYTtZQUNiLEtBQUs7WUFDTCxLQUFLO1lBQ0wsS0FBSztZQUNMLEtBQUs7WUFDTCxVQUFVO1lBQ1YsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDIn0=
|
|
@@ -5,12 +5,23 @@ export interface ValidationResult {
|
|
|
5
5
|
description: string;
|
|
6
6
|
error?: unknown;
|
|
7
7
|
}
|
|
8
|
+
export type GetMrEnclaveSignatureFn = (mrEnclave: Buffer) => Promise<Buffer>;
|
|
9
|
+
export type CheckSignatureOptions = {
|
|
10
|
+
getMrEnclaveSignature: GetMrEnclaveSignatureFn;
|
|
11
|
+
};
|
|
8
12
|
export declare class QuoteValidator {
|
|
9
13
|
private readonly isDefault;
|
|
10
14
|
private readonly baseUrl;
|
|
11
15
|
private readonly teeSgxParser;
|
|
16
|
+
private readonly teeTdxParser;
|
|
12
17
|
private logger;
|
|
13
18
|
constructor(baseUrl: string);
|
|
19
|
+
static getSignature(mrEnclave: Buffer, options?: {
|
|
20
|
+
baseURL?: string;
|
|
21
|
+
retryMax?: number;
|
|
22
|
+
retryInterval?: number;
|
|
23
|
+
}): Promise<Buffer>;
|
|
24
|
+
static checkSignature(quote: Buffer, options?: CheckSignatureOptions): Promise<void>;
|
|
14
25
|
private splitChain;
|
|
15
26
|
private findSequenceByOID;
|
|
16
27
|
private searchForSequence;
|
|
@@ -32,6 +43,8 @@ export declare class QuoteValidator {
|
|
|
32
43
|
private getTcbStatus;
|
|
33
44
|
private getQuoteValidationStatus;
|
|
34
45
|
private getQuoteValidationStatusDescription;
|
|
46
|
+
checkQuote(quote: Uint8Array, dataBlob: Uint8Array): Promise<void>;
|
|
47
|
+
checkSignature(quoteBuffer: Buffer): Promise<void>;
|
|
35
48
|
validate(quoteBuffer: Buffer): Promise<ValidationResult>;
|
|
36
49
|
isQuoteHasUserData(quoteBuffer: Buffer, userDataBuffer: Buffer): Promise<boolean>;
|
|
37
50
|
private getSha256Hash;
|