@super-protocol/sdk-js 2.2.0-beta.8 → 2.2.0-beta.81
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/RIGenerator.d.ts +1 -0
- package/dist/cjs/RIGenerator.js +2 -1
- package/dist/cjs/TIIGenerator.d.ts +2 -1
- package/dist/cjs/TIIGenerator.js +13 -3
- package/dist/cjs/TeeInputGeneratorBase.js +7 -6
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/cjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/cjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/cjs/config.d.ts +0 -1
- package/dist/cjs/config.js +1 -2
- package/dist/cjs/constants.d.ts +4 -4
- package/dist/cjs/constants.js +30 -7
- package/dist/cjs/contracts/abi.d.ts +327 -26
- package/dist/cjs/contracts/abi.js +6536 -6152
- package/dist/cjs/crypto/index.d.ts +1 -0
- package/dist/cjs/crypto/index.js +16 -1
- package/dist/cjs/errors/base.error.d.ts +3 -0
- package/dist/cjs/errors/base.error.js +19 -0
- package/dist/cjs/errors/index.d.ts +2 -0
- package/dist/cjs/errors/index.js +8 -0
- package/dist/cjs/errors/not-found.error.d.ts +3 -0
- package/dist/cjs/errors/not-found.error.js +8 -0
- package/dist/cjs/errors/utils.d.ts +1 -0
- package/dist/cjs/errors/utils.js +25 -0
- package/dist/cjs/index.d.ts +8 -1
- package/dist/cjs/index.js +15 -2
- package/dist/cjs/models/Offer.d.ts +6 -2
- package/dist/cjs/models/Offer.js +21 -6
- package/dist/cjs/models/Provider.js +1 -1
- package/dist/cjs/models/TCB.js +13 -5
- package/dist/cjs/models/TeeOffer.d.ts +3 -3
- package/dist/cjs/models/TeeOffer.js +15 -12
- package/dist/cjs/proto/TRI.d.ts +39 -4
- package/dist/cjs/proto/TRI.js +18 -1
- package/dist/cjs/providers/storage/S3StorageProvider.d.ts +7 -6
- package/dist/cjs/providers/storage/S3StorageProvider.js +35 -19
- package/dist/cjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/cjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/cjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/cjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/cjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/cjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/cjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/cjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/cjs/providers/storage/StorjCredentialsManager.js +86 -0
- package/dist/cjs/providers/storage/StorjStorageProvider.js +2 -2
- package/dist/cjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/cjs/providers/storage/fs-storage-provider.js +143 -0
- package/dist/cjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/cjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/cjs/providers/storage/parseStorageCredentials.js +21 -0
- package/dist/cjs/providers/storage/types.d.ts +22 -0
- package/dist/cjs/staticModels/LoaderSecretsPublicKeys.d.ts +1 -1
- package/dist/cjs/staticModels/LoaderSecretsPublicKeys.js +9 -5
- package/dist/cjs/staticModels/LoaderSessions.d.ts +3 -3
- package/dist/cjs/staticModels/LoaderSessions.js +11 -7
- package/dist/cjs/staticModels/OfferResources.d.ts +3 -2
- package/dist/cjs/staticModels/OfferResources.js +30 -10
- package/dist/cjs/staticModels/OffersStorageAllocated.d.ts +2 -3
- package/dist/cjs/staticModels/OffersStorageAllocated.js +15 -11
- package/dist/cjs/staticModels/OffersStorageRequests.d.ts +1 -1
- package/dist/cjs/staticModels/OffersStorageRequests.js +10 -5
- package/dist/cjs/staticModels/Orders.js +3 -2
- package/dist/cjs/staticModels/SecretRequests.d.ts +2 -2
- package/dist/cjs/staticModels/SecretRequests.js +19 -10
- package/dist/cjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/cjs/staticModels/TeeOffers.js +1 -32
- package/dist/cjs/tee/QuoteParser.d.ts +61 -6
- package/dist/cjs/tee/QuoteParser.js +248 -29
- package/dist/cjs/tee/QuoteValidator.d.ts +11 -0
- package/dist/cjs/tee/QuoteValidator.js +119 -30
- package/dist/cjs/tee/TeeBlockVerifier.d.ts +3 -4
- package/dist/cjs/tee/TeeBlockVerifier.js +2 -8
- package/dist/cjs/tee/errors.d.ts +6 -3
- package/dist/cjs/tee/errors.js +9 -5
- package/dist/cjs/tee/types.d.ts +50 -9
- package/dist/cjs/tee/types.js +32 -1
- package/dist/cjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/cjs/types/Order.d.ts +1 -0
- package/dist/cjs/types/SlotInfo.d.ts +1 -0
- package/dist/cjs/types/Superpro.d.ts +2 -1
- package/dist/cjs/types/Superpro.js +2 -1
- package/dist/cjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/cjs/utils/CryptoKeysTransformer.d.ts +7 -1
- package/dist/cjs/utils/CryptoKeysTransformer.js +66 -7
- package/dist/cjs/utils/NonceTracker.js +1 -1
- package/dist/cjs/utils/helper.d.ts +7 -1
- package/dist/cjs/utils/helper.js +87 -2
- package/dist/cjs/utils/helpers/OrderArgsHelper.d.ts +16 -0
- package/dist/cjs/utils/helpers/OrderArgsHelper.js +79 -0
- package/dist/cjs/utils/helpers/index.d.ts +1 -0
- package/dist/cjs/utils/helpers/index.js +2 -1
- package/dist/mjs/RIGenerator.d.ts +1 -0
- package/dist/mjs/RIGenerator.js +2 -1
- package/dist/mjs/TIIGenerator.d.ts +2 -1
- package/dist/mjs/TIIGenerator.js +13 -3
- package/dist/mjs/TeeInputGeneratorBase.js +7 -6
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.d.ts +1 -0
- package/dist/mjs/analytics/eventProviders/BrowserEventProvider.js +3 -3
- package/dist/mjs/analytics/transports/AxiosTransport.js +1 -1
- package/dist/mjs/config.d.ts +0 -1
- package/dist/mjs/config.js +1 -2
- package/dist/mjs/constants.d.ts +4 -4
- package/dist/mjs/constants.js +29 -6
- package/dist/mjs/contracts/abi.d.ts +327 -26
- package/dist/mjs/contracts/abi.js +6536 -6152
- package/dist/mjs/crypto/index.d.ts +1 -0
- package/dist/mjs/crypto/index.js +2 -1
- package/dist/mjs/errors/base.error.d.ts +3 -0
- package/dist/mjs/errors/base.error.js +15 -0
- package/dist/mjs/errors/index.d.ts +2 -0
- package/dist/mjs/errors/index.js +3 -0
- package/dist/mjs/errors/not-found.error.d.ts +3 -0
- package/dist/mjs/errors/not-found.error.js +4 -0
- package/dist/mjs/errors/utils.d.ts +1 -0
- package/dist/mjs/errors/utils.js +18 -0
- package/dist/mjs/index.d.ts +8 -1
- package/dist/mjs/index.js +8 -2
- package/dist/mjs/models/Offer.d.ts +6 -2
- package/dist/mjs/models/Offer.js +21 -6
- package/dist/mjs/models/Provider.js +1 -1
- package/dist/mjs/models/TCB.js +13 -5
- package/dist/mjs/models/TeeOffer.d.ts +3 -3
- package/dist/mjs/models/TeeOffer.js +16 -13
- package/dist/mjs/proto/TRI.d.ts +39 -4
- package/dist/mjs/proto/TRI.js +18 -1
- package/dist/mjs/providers/storage/S3StorageProvider.d.ts +7 -6
- package/dist/mjs/providers/storage/S3StorageProvider.js +32 -19
- package/dist/mjs/providers/storage/StorageAdapter.d.ts +9 -7
- package/dist/mjs/providers/storage/StorageAdapter.js +27 -29
- package/dist/mjs/providers/storage/StorageContentWriter.d.ts +2 -2
- package/dist/mjs/providers/storage/StorageContentWriter.js +5 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.d.ts +8 -5
- package/dist/mjs/providers/storage/StorageKeyValueAdapter.js +30 -16
- package/dist/mjs/providers/storage/StorjAdapter.d.ts +5 -4
- package/dist/mjs/providers/storage/StorjAdapter.js +15 -9
- package/dist/mjs/providers/storage/StorjCredentialsManager.d.ts +24 -0
- package/dist/mjs/providers/storage/StorjCredentialsManager.js +82 -0
- package/dist/mjs/providers/storage/StorjStorageProvider.js +2 -2
- package/dist/mjs/providers/storage/fs-storage-provider.d.ts +19 -0
- package/dist/mjs/providers/storage/fs-storage-provider.js +113 -0
- package/dist/mjs/providers/storage/getStorageProvider.js +4 -1
- package/dist/mjs/providers/storage/parseStorageCredentials.d.ts +5 -0
- package/dist/mjs/providers/storage/parseStorageCredentials.js +17 -0
- package/dist/mjs/providers/storage/types.d.ts +22 -0
- package/dist/mjs/staticModels/LoaderSecretsPublicKeys.d.ts +1 -1
- package/dist/mjs/staticModels/LoaderSecretsPublicKeys.js +10 -6
- package/dist/mjs/staticModels/LoaderSessions.d.ts +3 -3
- package/dist/mjs/staticModels/LoaderSessions.js +12 -8
- package/dist/mjs/staticModels/OfferResources.d.ts +3 -2
- package/dist/mjs/staticModels/OfferResources.js +31 -11
- package/dist/mjs/staticModels/OffersStorageAllocated.d.ts +2 -3
- package/dist/mjs/staticModels/OffersStorageAllocated.js +16 -12
- package/dist/mjs/staticModels/OffersStorageRequests.d.ts +1 -1
- package/dist/mjs/staticModels/OffersStorageRequests.js +11 -6
- package/dist/mjs/staticModels/Orders.js +3 -2
- package/dist/mjs/staticModels/SecretRequests.d.ts +2 -2
- package/dist/mjs/staticModels/SecretRequests.js +20 -11
- package/dist/mjs/staticModels/TeeOffers.d.ts +0 -2
- package/dist/mjs/staticModels/TeeOffers.js +1 -32
- package/dist/mjs/store.js +2 -2
- package/dist/mjs/tee/QuoteParser.d.ts +61 -6
- package/dist/mjs/tee/QuoteParser.js +245 -28
- package/dist/mjs/tee/QuoteValidator.d.ts +11 -0
- package/dist/mjs/tee/QuoteValidator.js +119 -30
- package/dist/mjs/tee/TeeBlockVerifier.d.ts +3 -4
- package/dist/mjs/tee/TeeBlockVerifier.js +2 -8
- package/dist/mjs/tee/errors.d.ts +6 -3
- package/dist/mjs/tee/errors.js +7 -4
- package/dist/mjs/tee/types.d.ts +50 -9
- package/dist/mjs/tee/types.js +28 -2
- package/dist/mjs/types/DistributedSecretStorage.d.ts +7 -0
- package/dist/mjs/types/Order.d.ts +1 -0
- package/dist/mjs/types/SlotInfo.d.ts +1 -0
- package/dist/mjs/types/Superpro.d.ts +2 -1
- package/dist/mjs/types/Superpro.js +2 -1
- package/dist/mjs/types/storage/StorageAccess.d.ts +3 -3
- package/dist/mjs/utils/CryptoKeysTransformer.d.ts +7 -1
- package/dist/mjs/utils/CryptoKeysTransformer.js +66 -7
- package/dist/mjs/utils/NonceTracker.js +1 -1
- package/dist/mjs/utils/helper.d.ts +7 -1
- package/dist/mjs/utils/helper.js +80 -1
- package/dist/mjs/utils/helpers/OrderArgsHelper.d.ts +16 -0
- package/dist/mjs/utils/helpers/OrderArgsHelper.js +72 -0
- package/dist/mjs/utils/helpers/index.d.ts +1 -0
- package/dist/mjs/utils/helpers/index.js +2 -1
- package/package.json +4 -4
|
@@ -1,5 +1,25 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
1
|
+
/// <reference types="node" />
|
|
2
|
+
import * as pkijs from 'pkijs';
|
|
3
|
+
import { Buffer as Blob } from 'buffer';
|
|
4
|
+
import { BinaryType, TeeSgxQuoteDataType, TeeSgxReportDataType, ChunkedX509Cert, TeeTdxQuoteDataType, TeeTdxBodyType, TeeTdxHeaderData, QuoteType } from './types.js';
|
|
5
|
+
export declare abstract class TeeParser {
|
|
6
|
+
static readonly reportDataHashSize = 32;
|
|
7
|
+
protected extractRS(cert: pkijs.Certificate): {
|
|
8
|
+
r: string;
|
|
9
|
+
s: string;
|
|
10
|
+
derSignature: string;
|
|
11
|
+
};
|
|
12
|
+
protected parsePem(pem: string): ChunkedX509Cert;
|
|
13
|
+
protected getDataAndAdvance(blob: {
|
|
14
|
+
data: Blob;
|
|
15
|
+
}, size: number): Blob;
|
|
16
|
+
static determineQuoteType(quote: BinaryType): {
|
|
17
|
+
type: QuoteType;
|
|
18
|
+
version: number;
|
|
19
|
+
};
|
|
20
|
+
static getMrEnclave(quote: BinaryType): BinaryType;
|
|
21
|
+
}
|
|
22
|
+
export declare class TeeSgxParser extends TeeParser {
|
|
3
23
|
static readonly quoteHeaderSize = 48;
|
|
4
24
|
static readonly pceSvnOffset = 10;
|
|
5
25
|
static readonly reportSize = 384;
|
|
@@ -16,12 +36,47 @@ export declare class TeeSgxParser {
|
|
|
16
36
|
static readonly reportIsvSvnSize = 2;
|
|
17
37
|
static readonly reportDataOffset: number;
|
|
18
38
|
static readonly reportUserDataSize = 64;
|
|
19
|
-
static readonly reportUserDataSHA256Size = 32;
|
|
20
39
|
static readonly ecdsaP256SignatureSize = 64;
|
|
21
40
|
static readonly ecdsaP256PublicKeySize = 64;
|
|
22
|
-
private getDataAndAdvance;
|
|
23
|
-
private extractRS;
|
|
24
|
-
private parsePem;
|
|
25
41
|
parseQuote(data: BinaryType): TeeSgxQuoteDataType;
|
|
26
42
|
parseReport(data: BinaryType): TeeSgxReportDataType;
|
|
27
43
|
}
|
|
44
|
+
export declare class TeeTdxParser extends TeeParser {
|
|
45
|
+
static readonly quoteHeaderSize = 48;
|
|
46
|
+
static readonly tdQuoteBodySize = 584;
|
|
47
|
+
static readonly quoteSignatureDataLen = 4;
|
|
48
|
+
static readonly headerVersionSize = 2;
|
|
49
|
+
static readonly headerAttestationKeyTypeSize = 2;
|
|
50
|
+
static readonly headerTeeTypeSize = 4;
|
|
51
|
+
static readonly headerReserved1Size = 2;
|
|
52
|
+
static readonly headerReserved2Size = 2;
|
|
53
|
+
static readonly headerQeVendorIdSize = 16;
|
|
54
|
+
static readonly headerUserDataSize = 20;
|
|
55
|
+
static readonly bodyTeeTcbSvnSize = 16;
|
|
56
|
+
static readonly bodyMrSeamSize = 48;
|
|
57
|
+
static readonly bodyMrSignerSeamSize = 48;
|
|
58
|
+
static readonly bodySeamAttributesSize = 8;
|
|
59
|
+
static readonly bodyTdAttributesSize = 8;
|
|
60
|
+
static readonly bodyXfamSize = 8;
|
|
61
|
+
static readonly bodyMrTdSize = 48;
|
|
62
|
+
static readonly bodyMrConfigIdSize = 48;
|
|
63
|
+
static readonly bodyMrOwnerSize = 48;
|
|
64
|
+
static readonly bodyMrOwnerConfigSize = 48;
|
|
65
|
+
static readonly bodyRtmr0Size = 48;
|
|
66
|
+
static readonly bodyRtmr1Size = 48;
|
|
67
|
+
static readonly bodyRtmr2Size = 48;
|
|
68
|
+
static readonly bodyRtmr3Size = 48;
|
|
69
|
+
static readonly bodyReportDataSize = 64;
|
|
70
|
+
static readonly sigQuoteSignatureSize = 64;
|
|
71
|
+
static readonly sigAttestationKeySize = 64;
|
|
72
|
+
static readonly sigCertDataTypeSize = 2;
|
|
73
|
+
static readonly sigCertDataSzSize = 4;
|
|
74
|
+
static readonly sigQeReportSize = 384;
|
|
75
|
+
static readonly sigQeReportSignatureSize = 64;
|
|
76
|
+
static readonly sigQeAuthenticationDataSzSize = 2;
|
|
77
|
+
static readonly sigSignatureTypeSize = 2;
|
|
78
|
+
static readonly sigSignatureSzSize = 4;
|
|
79
|
+
parseQuote(data: BinaryType): TeeTdxQuoteDataType;
|
|
80
|
+
parseHeader(data: BinaryType): TeeTdxHeaderData;
|
|
81
|
+
parseBody(data: BinaryType): TeeTdxBodyType;
|
|
82
|
+
}
|
|
@@ -3,32 +3,11 @@ import * as asn1js from 'asn1js';
|
|
|
3
3
|
import * as pkijs from 'pkijs';
|
|
4
4
|
import { Buffer as Blob } from 'buffer';
|
|
5
5
|
import { TeeQuoteParserError } from './errors.js';
|
|
6
|
+
import { QuoteType, } from './types.js';
|
|
6
7
|
import { splitChain, Signature } from './helpers.js';
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
static
|
|
10
|
-
static reportSize = 384;
|
|
11
|
-
static userDataOffset = 28;
|
|
12
|
-
static userDataSize = 20;
|
|
13
|
-
static cpuSvnSize = 16;
|
|
14
|
-
static reportMrEnclaveOffset = 64;
|
|
15
|
-
static reportMrEnclaveSize = 32;
|
|
16
|
-
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
17
|
-
static reportMrSignerSize = 32;
|
|
18
|
-
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
19
|
-
static reportIsvProdIdSize = 2;
|
|
20
|
-
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
21
|
-
static reportIsvSvnSize = 2;
|
|
22
|
-
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
23
|
-
static reportUserDataSize = 64;
|
|
24
|
-
static reportUserDataSHA256Size = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
25
|
-
static ecdsaP256SignatureSize = 64;
|
|
26
|
-
static ecdsaP256PublicKeySize = 64;
|
|
27
|
-
getDataAndAdvance(blob, size) {
|
|
28
|
-
const buf = Blob.from(blob.data.subarray(0, size));
|
|
29
|
-
blob.data = Blob.from(blob.data.subarray(size));
|
|
30
|
-
return buf;
|
|
31
|
-
}
|
|
8
|
+
import * as crypto from 'crypto';
|
|
9
|
+
export class TeeParser {
|
|
10
|
+
static reportDataHashSize = 32; /* 64 in report, but we need 32 only for sha256 hash */
|
|
32
11
|
extractRS(cert) {
|
|
33
12
|
const derSignature = Buffer.from(cert.signatureValue.valueBlock.valueHexView).toString('hex');
|
|
34
13
|
const parsedSignature = Signature.importFromDER(derSignature);
|
|
@@ -55,6 +34,75 @@ export class TeeSgxParser {
|
|
|
55
34
|
signature: x509Signature,
|
|
56
35
|
};
|
|
57
36
|
}
|
|
37
|
+
getDataAndAdvance(blob, size) {
|
|
38
|
+
const buf = Blob.from(blob.data.subarray(0, size));
|
|
39
|
+
blob.data = Blob.from(blob.data.subarray(size));
|
|
40
|
+
return buf;
|
|
41
|
+
}
|
|
42
|
+
static determineQuoteType(quote) {
|
|
43
|
+
let type = QuoteType.SGX;
|
|
44
|
+
if (quote.length < 48) {
|
|
45
|
+
throw new TeeQuoteParserError('data has invalid length');
|
|
46
|
+
}
|
|
47
|
+
const version = Buffer.from(quote).readUInt16LE(0);
|
|
48
|
+
if (version === 4) {
|
|
49
|
+
const quoteType = Buffer.from(quote).readUInt32LE(4);
|
|
50
|
+
if (quoteType === 0x00000081) {
|
|
51
|
+
type = QuoteType.TDX;
|
|
52
|
+
}
|
|
53
|
+
else if (quoteType !== 0x00000000) {
|
|
54
|
+
throw new TeeQuoteParserError(`Unknown quote type ${quoteType}`);
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
else if (version !== 3) {
|
|
58
|
+
throw new TeeQuoteParserError(`Unknown quote version ${version}`);
|
|
59
|
+
}
|
|
60
|
+
return { type, version };
|
|
61
|
+
}
|
|
62
|
+
static getMrEnclave(quote) {
|
|
63
|
+
const teeType = TeeParser.determineQuoteType(quote);
|
|
64
|
+
switch (teeType.type) {
|
|
65
|
+
case QuoteType.SGX:
|
|
66
|
+
const sgxParser = new TeeSgxParser();
|
|
67
|
+
const parsedSgxQuote = sgxParser.parseQuote(quote);
|
|
68
|
+
const parsedReport = sgxParser.parseReport(parsedSgxQuote.report);
|
|
69
|
+
return parsedReport.mrEnclave;
|
|
70
|
+
case QuoteType.TDX:
|
|
71
|
+
const tdxParser = new TeeTdxParser();
|
|
72
|
+
const parsedTdxQuote = tdxParser.parseQuote(quote);
|
|
73
|
+
const tdBody = tdxParser.parseBody(parsedTdxQuote.tdQuoteBody);
|
|
74
|
+
const hash = crypto.createHash('sha256');
|
|
75
|
+
hash.update(tdBody.tdAttributes);
|
|
76
|
+
hash.update(tdBody.mrTd);
|
|
77
|
+
hash.update(tdBody.rtmr0);
|
|
78
|
+
hash.update(tdBody.rtmr1);
|
|
79
|
+
hash.update(tdBody.rtmr2);
|
|
80
|
+
hash.update(tdBody.rtmr3);
|
|
81
|
+
return hash.digest();
|
|
82
|
+
default:
|
|
83
|
+
throw new TeeQuoteParserError(`Unknown quote type`);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
export class TeeSgxParser extends TeeParser {
|
|
88
|
+
static quoteHeaderSize = 48;
|
|
89
|
+
static pceSvnOffset = 10;
|
|
90
|
+
static reportSize = 384;
|
|
91
|
+
static userDataOffset = 28;
|
|
92
|
+
static userDataSize = 20;
|
|
93
|
+
static cpuSvnSize = 16;
|
|
94
|
+
static reportMrEnclaveOffset = 64;
|
|
95
|
+
static reportMrEnclaveSize = 32;
|
|
96
|
+
static reportMrSignerOffset = TeeSgxParser.reportMrEnclaveOffset + TeeSgxParser.reportMrEnclaveSize + /* reserved */ 32;
|
|
97
|
+
static reportMrSignerSize = 32;
|
|
98
|
+
static reportIsvProdIdOffset = TeeSgxParser.reportMrSignerOffset + TeeSgxParser.reportMrSignerSize + /* reserved */ 96;
|
|
99
|
+
static reportIsvProdIdSize = 2;
|
|
100
|
+
static reportIsvSvnOffset = TeeSgxParser.reportIsvProdIdOffset + TeeSgxParser.reportIsvProdIdSize;
|
|
101
|
+
static reportIsvSvnSize = 2;
|
|
102
|
+
static reportDataOffset = TeeSgxParser.reportIsvSvnOffset + TeeSgxParser.reportIsvSvnSize + /* reserved */ 60;
|
|
103
|
+
static reportUserDataSize = 64;
|
|
104
|
+
static ecdsaP256SignatureSize = 64;
|
|
105
|
+
static ecdsaP256PublicKeySize = 64;
|
|
58
106
|
parseQuote(data) {
|
|
59
107
|
const { quoteHeaderSize, pceSvnOffset, reportSize, userDataOffset, userDataSize, ecdsaP256SignatureSize, ecdsaP256PublicKeySize, } = TeeSgxParser;
|
|
60
108
|
if (data.length < quoteHeaderSize + reportSize) {
|
|
@@ -100,6 +148,7 @@ export class TeeSgxParser {
|
|
|
100
148
|
const certsPems = splitChain(qeCertificationData.toString()); // [device, platform, root]
|
|
101
149
|
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
102
150
|
return {
|
|
151
|
+
quoteType: QuoteType.SGX,
|
|
103
152
|
rawHeader: quoteHeader,
|
|
104
153
|
header: {
|
|
105
154
|
version,
|
|
@@ -132,7 +181,7 @@ export class TeeSgxParser {
|
|
|
132
181
|
};
|
|
133
182
|
}
|
|
134
183
|
parseReport(data) {
|
|
135
|
-
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize,
|
|
184
|
+
const { reportSize, cpuSvnSize, reportMrEnclaveOffset, reportMrEnclaveSize, reportMrSignerOffset, reportMrSignerSize, reportIsvProdIdOffset, reportIsvProdIdSize, reportIsvSvnOffset, reportIsvSvnSize, reportDataOffset, reportUserDataSize, reportDataHashSize, } = TeeSgxParser;
|
|
136
185
|
if (data.length < reportSize) {
|
|
137
186
|
throw new TeeQuoteParserError('data has invalid length');
|
|
138
187
|
}
|
|
@@ -147,7 +196,7 @@ export class TeeSgxParser {
|
|
|
147
196
|
.slice(reportIsvSvnOffset, reportIsvSvnOffset + reportIsvSvnSize)
|
|
148
197
|
.readUInt16LE(0);
|
|
149
198
|
const userData = report.slice(reportDataOffset, reportDataOffset + reportUserDataSize);
|
|
150
|
-
const dataHash = report.slice(reportDataOffset, reportDataOffset +
|
|
199
|
+
const dataHash = report.slice(reportDataOffset, reportDataOffset + reportDataHashSize);
|
|
151
200
|
return {
|
|
152
201
|
cpuSvn,
|
|
153
202
|
mrEnclave,
|
|
@@ -159,4 +208,172 @@ export class TeeSgxParser {
|
|
|
159
208
|
};
|
|
160
209
|
}
|
|
161
210
|
}
|
|
162
|
-
|
|
211
|
+
export class TeeTdxParser extends TeeParser {
|
|
212
|
+
//High-level quote structure
|
|
213
|
+
static quoteHeaderSize = 48;
|
|
214
|
+
static tdQuoteBodySize = 584;
|
|
215
|
+
static quoteSignatureDataLen = 4;
|
|
216
|
+
// Header fields
|
|
217
|
+
static headerVersionSize = 2;
|
|
218
|
+
static headerAttestationKeyTypeSize = 2;
|
|
219
|
+
static headerTeeTypeSize = 4;
|
|
220
|
+
static headerReserved1Size = 2;
|
|
221
|
+
static headerReserved2Size = 2;
|
|
222
|
+
static headerQeVendorIdSize = 16;
|
|
223
|
+
static headerUserDataSize = 20;
|
|
224
|
+
// Body fiedls
|
|
225
|
+
static bodyTeeTcbSvnSize = 16;
|
|
226
|
+
static bodyMrSeamSize = 48;
|
|
227
|
+
static bodyMrSignerSeamSize = 48;
|
|
228
|
+
static bodySeamAttributesSize = 8;
|
|
229
|
+
static bodyTdAttributesSize = 8;
|
|
230
|
+
static bodyXfamSize = 8;
|
|
231
|
+
static bodyMrTdSize = 48;
|
|
232
|
+
static bodyMrConfigIdSize = 48;
|
|
233
|
+
static bodyMrOwnerSize = 48;
|
|
234
|
+
static bodyMrOwnerConfigSize = 48;
|
|
235
|
+
static bodyRtmr0Size = 48;
|
|
236
|
+
static bodyRtmr1Size = 48;
|
|
237
|
+
static bodyRtmr2Size = 48;
|
|
238
|
+
static bodyRtmr3Size = 48;
|
|
239
|
+
static bodyReportDataSize = 64;
|
|
240
|
+
// Signature fields
|
|
241
|
+
static sigQuoteSignatureSize = 64;
|
|
242
|
+
static sigAttestationKeySize = 64;
|
|
243
|
+
static sigCertDataTypeSize = 2;
|
|
244
|
+
static sigCertDataSzSize = 4;
|
|
245
|
+
static sigQeReportSize = 384;
|
|
246
|
+
static sigQeReportSignatureSize = 64;
|
|
247
|
+
static sigQeAuthenticationDataSzSize = 2;
|
|
248
|
+
static sigSignatureTypeSize = 2;
|
|
249
|
+
static sigSignatureSzSize = 4;
|
|
250
|
+
parseQuote(data) {
|
|
251
|
+
const { quoteHeaderSize, tdQuoteBodySize, quoteSignatureDataLen, sigQuoteSignatureSize, sigAttestationKeySize, sigCertDataTypeSize, sigCertDataSzSize, sigQeReportSize, sigQeReportSignatureSize, sigQeAuthenticationDataSzSize, sigSignatureTypeSize, sigSignatureSzSize, } = TeeTdxParser;
|
|
252
|
+
const expectedSize = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen;
|
|
253
|
+
if (data.length < expectedSize) {
|
|
254
|
+
throw new TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedSize}`);
|
|
255
|
+
}
|
|
256
|
+
const quoteRemainder = { data: Blob.from(data) };
|
|
257
|
+
const rawHeader = this.getDataAndAdvance(quoteRemainder, quoteHeaderSize);
|
|
258
|
+
const tdQuoteBody = this.getDataAndAdvance(quoteRemainder, tdQuoteBodySize);
|
|
259
|
+
const signatureLen = this.getDataAndAdvance(quoteRemainder, quoteSignatureDataLen);
|
|
260
|
+
const certificationDataSize = signatureLen.readUInt32LE(0);
|
|
261
|
+
const expectedQuoteLen = quoteHeaderSize + tdQuoteBodySize + quoteSignatureDataLen + certificationDataSize;
|
|
262
|
+
if (data.length < expectedQuoteLen) {
|
|
263
|
+
throw new TeeQuoteParserError(`quote has invalid length ${data.length}, expected not less than ${expectedQuoteLen}`);
|
|
264
|
+
}
|
|
265
|
+
const signature = { data: this.getDataAndAdvance(quoteRemainder, certificationDataSize) };
|
|
266
|
+
const quoteSignature = this.getDataAndAdvance(signature, sigQuoteSignatureSize);
|
|
267
|
+
const ecdsaAttestationKey = this.getDataAndAdvance(signature, sigAttestationKeySize);
|
|
268
|
+
const certDataType = this.getDataAndAdvance(signature, sigCertDataTypeSize).readUint16LE(); //expected 6
|
|
269
|
+
if (certDataType !== 6)
|
|
270
|
+
throw new TeeQuoteParserError(`certDataType has invalid value ${certDataType}, expected 6`);
|
|
271
|
+
const certDataSize = this.getDataAndAdvance(signature, sigCertDataSzSize).readUint32LE();
|
|
272
|
+
if (signature.data.length < certDataSize)
|
|
273
|
+
throw new TeeQuoteParserError(`certData has invalid length ${data.length}, expected not less than ${certDataSize}`);
|
|
274
|
+
const qeReport = this.getDataAndAdvance(signature, sigQeReportSize);
|
|
275
|
+
const qeReportSignature = this.getDataAndAdvance(signature, sigQeReportSignatureSize);
|
|
276
|
+
const qeAuthenticationDataSize = this.getDataAndAdvance(signature, sigQeAuthenticationDataSzSize).readUint16LE();
|
|
277
|
+
if (signature.data.length < qeAuthenticationDataSize)
|
|
278
|
+
throw new TeeQuoteParserError(`qeAuthenticationData has invalid length ${data.length}, expected not less than ${qeAuthenticationDataSize}`);
|
|
279
|
+
const qeAuthenticationData = this.getDataAndAdvance(signature, qeAuthenticationDataSize);
|
|
280
|
+
const qeCertificationDataType = this.getDataAndAdvance(signature, sigSignatureTypeSize).readUint16LE(); //expected 5
|
|
281
|
+
if (qeCertificationDataType !== 5)
|
|
282
|
+
throw new TeeQuoteParserError(`signatureType has invalid value ${qeCertificationDataType}, expected 5`);
|
|
283
|
+
const signatureSize = this.getDataAndAdvance(signature, sigSignatureSzSize).readUint32LE();
|
|
284
|
+
if (signature.data.length < signatureSize)
|
|
285
|
+
throw new TeeQuoteParserError(`certChain has invalid length ${data.length}, expected not less than ${signatureSize}`);
|
|
286
|
+
const qeCertificationData = this.getDataAndAdvance(signature, signatureSize);
|
|
287
|
+
const certsPems = splitChain(qeCertificationData.toString()); // [device, platform, root]
|
|
288
|
+
const certsData = certsPems.map((pem) => this.parsePem(pem));
|
|
289
|
+
return {
|
|
290
|
+
quoteType: QuoteType.TDX,
|
|
291
|
+
rawHeader,
|
|
292
|
+
header: this.parseHeader(rawHeader),
|
|
293
|
+
tdQuoteBody,
|
|
294
|
+
quoteSignature,
|
|
295
|
+
ecdsaAttestationKey,
|
|
296
|
+
certDataType,
|
|
297
|
+
qeReport,
|
|
298
|
+
qeReportSignature,
|
|
299
|
+
qeAuthenticationData,
|
|
300
|
+
qeCertificationDataType,
|
|
301
|
+
qeCertificationData,
|
|
302
|
+
certificates: {
|
|
303
|
+
device: {
|
|
304
|
+
pem: certsPems[0],
|
|
305
|
+
x509Data: certsData[0],
|
|
306
|
+
},
|
|
307
|
+
platform: {
|
|
308
|
+
pem: certsPems[1],
|
|
309
|
+
x509Data: certsData[1],
|
|
310
|
+
},
|
|
311
|
+
root: {
|
|
312
|
+
pem: certsPems[2],
|
|
313
|
+
x509Data: certsData[2],
|
|
314
|
+
},
|
|
315
|
+
},
|
|
316
|
+
};
|
|
317
|
+
}
|
|
318
|
+
parseHeader(data) {
|
|
319
|
+
const { headerVersionSize, headerAttestationKeyTypeSize, headerTeeTypeSize, headerReserved1Size, headerReserved2Size, headerQeVendorIdSize, headerUserDataSize, } = TeeTdxParser;
|
|
320
|
+
const headerRemainder = { data: Blob.from(data) };
|
|
321
|
+
const version = this.getDataAndAdvance(headerRemainder, headerVersionSize).readUInt16LE();
|
|
322
|
+
const attestationKeyType = this.getDataAndAdvance(headerRemainder, headerAttestationKeyTypeSize).readUInt16LE();
|
|
323
|
+
const teeType = this.getDataAndAdvance(headerRemainder, headerTeeTypeSize).readUInt32LE();
|
|
324
|
+
const reserved1 = this.getDataAndAdvance(headerRemainder, headerReserved1Size);
|
|
325
|
+
const reserved2 = this.getDataAndAdvance(headerRemainder, headerReserved2Size);
|
|
326
|
+
const qeVendorId = this.getDataAndAdvance(headerRemainder, headerQeVendorIdSize);
|
|
327
|
+
const userData = this.getDataAndAdvance(headerRemainder, headerUserDataSize);
|
|
328
|
+
return {
|
|
329
|
+
version,
|
|
330
|
+
attestationKeyType,
|
|
331
|
+
teeType,
|
|
332
|
+
reserved1,
|
|
333
|
+
reserved2,
|
|
334
|
+
qeVendorId,
|
|
335
|
+
userData,
|
|
336
|
+
};
|
|
337
|
+
}
|
|
338
|
+
parseBody(data) {
|
|
339
|
+
const { bodyTeeTcbSvnSize, bodyMrSeamSize, bodyMrSignerSeamSize, bodySeamAttributesSize, bodyTdAttributesSize, bodyXfamSize, bodyMrTdSize, bodyMrConfigIdSize, bodyMrOwnerSize, bodyMrOwnerConfigSize, bodyRtmr0Size, bodyRtmr1Size, bodyRtmr2Size, bodyRtmr3Size, bodyReportDataSize, reportDataHashSize, } = TeeTdxParser;
|
|
340
|
+
const bodyRemainder = { data: Blob.from(data) };
|
|
341
|
+
if (bodyRemainder.data.length !== TeeTdxParser.tdQuoteBodySize)
|
|
342
|
+
throw new TeeQuoteParserError(`body has invalid length ${bodyRemainder.data.length}, expected ${TeeTdxParser.tdQuoteBodySize}`);
|
|
343
|
+
const teeTcbSvn = this.getDataAndAdvance(bodyRemainder, bodyTeeTcbSvnSize);
|
|
344
|
+
const mrSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSeamSize);
|
|
345
|
+
const mrSignerSeam = this.getDataAndAdvance(bodyRemainder, bodyMrSignerSeamSize);
|
|
346
|
+
const seamAttributes = this.getDataAndAdvance(bodyRemainder, bodySeamAttributesSize);
|
|
347
|
+
const tdAttributes = this.getDataAndAdvance(bodyRemainder, bodyTdAttributesSize);
|
|
348
|
+
const xfam = this.getDataAndAdvance(bodyRemainder, bodyXfamSize);
|
|
349
|
+
const mrTd = this.getDataAndAdvance(bodyRemainder, bodyMrTdSize);
|
|
350
|
+
const mrConfigId = this.getDataAndAdvance(bodyRemainder, bodyMrConfigIdSize);
|
|
351
|
+
const mrOwner = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerSize);
|
|
352
|
+
const mrOwnerConfig = this.getDataAndAdvance(bodyRemainder, bodyMrOwnerConfigSize);
|
|
353
|
+
const rtmr0 = this.getDataAndAdvance(bodyRemainder, bodyRtmr0Size);
|
|
354
|
+
const rtmr1 = this.getDataAndAdvance(bodyRemainder, bodyRtmr1Size);
|
|
355
|
+
const rtmr2 = this.getDataAndAdvance(bodyRemainder, bodyRtmr2Size);
|
|
356
|
+
const rtmr3 = this.getDataAndAdvance(bodyRemainder, bodyRtmr3Size);
|
|
357
|
+
const reportData = this.getDataAndAdvance(bodyRemainder, bodyReportDataSize);
|
|
358
|
+
const dataHash = reportData.slice(0, reportDataHashSize);
|
|
359
|
+
return {
|
|
360
|
+
teeTcbSvn,
|
|
361
|
+
mrSeam,
|
|
362
|
+
mrSignerSeam,
|
|
363
|
+
seamAttributes,
|
|
364
|
+
tdAttributes,
|
|
365
|
+
xfam,
|
|
366
|
+
mrTd,
|
|
367
|
+
mrConfigId,
|
|
368
|
+
mrOwner,
|
|
369
|
+
mrOwnerConfig,
|
|
370
|
+
rtmr0,
|
|
371
|
+
rtmr1,
|
|
372
|
+
rtmr2,
|
|
373
|
+
rtmr3,
|
|
374
|
+
reportData,
|
|
375
|
+
dataHash,
|
|
376
|
+
};
|
|
377
|
+
}
|
|
378
|
+
}
|
|
379
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUXVvdGVQYXJzZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdGVlL1F1b3RlUGFyc2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDekMsT0FBTyxLQUFLLE1BQU0sTUFBTSxRQUFRLENBQUM7QUFDakMsT0FBTyxLQUFLLEtBQUssTUFBTSxPQUFPLENBQUM7QUFDL0IsT0FBTyxFQUFFLE1BQU0sSUFBSSxJQUFJLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDeEMsT0FBTyxFQUFFLG1CQUFtQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBQ2xELE9BQU8sRUFRTCxTQUFTLEdBQ1YsTUFBTSxZQUFZLENBQUM7QUFDcEIsT0FBTyxFQUFFLFVBQVUsRUFBRSxTQUFTLEVBQUUsTUFBTSxjQUFjLENBQUM7QUFDckQsT0FBTyxLQUFLLE1BQU0sTUFBTSxRQUFRLENBQUM7QUFFakMsTUFBTSxPQUFnQixTQUFTO0lBQzdCLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUMsQ0FBQyx1REFBdUQ7SUFDdEYsU0FBUyxDQUFDLElBQXVCO1FBQ3pDLE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzlGLE1BQU0sZUFBZSxHQUFHLFNBQVMsQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFOUQsT0FBTztZQUNMLENBQUMsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUNwQixDQUFDLEVBQUUsZUFBZSxDQUFDLENBQUM7WUFDcEIsWUFBWTtTQUNiLENBQUM7SUFDSixDQUFDO0lBRVMsUUFBUSxDQUFDLEdBQVc7UUFDNUIsTUFBTSxJQUFJLEdBQUcsV0FBVyxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFDbkQsTUFBTSxlQUFlLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDakQsTUFBTSxXQUFXLEdBQUcsSUFBSSxLQUFLLENBQUMsV0FBVyxDQUFDLEVBQUUsTUFBTSxFQUFFLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBRTlFLE1BQU0sR0FBRyxHQUFHLFdBQVcsQ0FBQyxPQUFPLENBQUM7UUFFaEMsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLEVBQUUsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRTdDLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDakUsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sYUFBYSxHQUFHLElBQUksR0FBRyxTQUFTLENBQUM7UUFDdkMsTUFBTSxhQUFhLEdBQUcsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFbkMsT0FBTztZQUNMLFdBQVcsRUFBRSxJQUFJLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQztZQUNqQyxTQUFTLEVBQUUsYUFBYTtZQUN4QixXQUFXLEVBQUUsSUFBSSxHQUFHLFVBQVUsQ0FBQyxDQUFDLENBQUM7WUFDakMsU0FBUyxFQUFFLGFBQWE7U0FDekIsQ0FBQztJQUNKLENBQUM7SUFFUyxpQkFBaUIsQ0FBQyxJQUFvQixFQUFFLElBQVk7UUFDNUQsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUNuRCxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUVoRCxPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFTSxNQUFNLENBQUMsa0JBQWtCLENBQUMsS0FBaUI7UUFDaEQsSUFBSSxJQUFJLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQztRQUV6QixJQUFJLEtBQUssQ0FBQyxNQUFNLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDM0QsQ0FBQztRQUVELE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRW5ELElBQUksT0FBTyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2xCLE1BQU0sU0FBUyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ3JELElBQUksU0FBUyxLQUFLLFVBQVUsRUFBRSxDQUFDO2dCQUM3QixJQUFJLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQztZQUN2QixDQUFDO2lCQUFNLElBQUksU0FBUyxLQUFLLFVBQVUsRUFBRSxDQUFDO2dCQUNwQyxNQUFNLElBQUksbUJBQW1CLENBQUMsc0JBQXNCLFNBQVMsRUFBRSxDQUFDLENBQUM7WUFDbkUsQ0FBQztRQUNILENBQUM7YUFBTSxJQUFJLE9BQU8sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUN6QixNQUFNLElBQUksbUJBQW1CLENBQUMseUJBQXlCLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDcEUsQ0FBQztRQUVELE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLENBQUM7SUFDM0IsQ0FBQztJQUVNLE1BQU0sQ0FBQyxZQUFZLENBQUMsS0FBaUI7UUFDMUMsTUFBTSxPQUFPLEdBQUcsU0FBUyxDQUFDLGtCQUFrQixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3BELFFBQVEsT0FBTyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ3JCLEtBQUssU0FBUyxDQUFDLEdBQUc7Z0JBQ2hCLE1BQU0sU0FBUyxHQUFHLElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ3JDLE1BQU0sY0FBYyxHQUFHLFNBQVMsQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQ25ELE1BQU0sWUFBWSxHQUFHLFNBQVMsQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO2dCQUNsRSxPQUFPLFlBQVksQ0FBQyxTQUFTLENBQUM7WUFDaEMsS0FBSyxTQUFTLENBQUMsR0FBRztnQkFDaEIsTUFBTSxTQUFTLEdBQUcsSUFBSSxZQUFZLEVBQUUsQ0FBQztnQkFDckMsTUFBTSxjQUFjLEdBQUcsU0FBUyxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDbkQsTUFBTSxNQUFNLEdBQUcsU0FBUyxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsV0FBVyxDQUFDLENBQUM7Z0JBQy9ELE1BQU0sSUFBSSxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQ3pDLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLFlBQVksQ0FBQyxDQUFDO2dCQUNqQyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDekIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzFCLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUMxQixJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztnQkFDMUIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzFCLE9BQU8sSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ3ZCO2dCQUNFLE1BQU0sSUFBSSxtQkFBbUIsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBQ3hELENBQUM7SUFDSCxDQUFDOztBQUdILE1BQU0sT0FBTyxZQUFhLFNBQVEsU0FBUztJQUN6QyxNQUFNLENBQVUsZUFBZSxHQUFHLEVBQUUsQ0FBQztJQUNyQyxNQUFNLENBQVUsWUFBWSxHQUFHLEVBQUUsQ0FBQztJQUNsQyxNQUFNLENBQVUsVUFBVSxHQUFHLEdBQUcsQ0FBQztJQUNqQyxNQUFNLENBQVUsY0FBYyxHQUFHLEVBQUUsQ0FBQztJQUNwQyxNQUFNLENBQVUsWUFBWSxHQUFHLEVBQUUsQ0FBQztJQUNsQyxNQUFNLENBQVUsVUFBVSxHQUFHLEVBQUUsQ0FBQztJQUNoQyxNQUFNLENBQVUscUJBQXFCLEdBQUcsRUFBRSxDQUFDO0lBQzNDLE1BQU0sQ0FBVSxtQkFBbUIsR0FBRyxFQUFFLENBQUM7SUFDekMsTUFBTSxDQUFVLG9CQUFvQixHQUNsQyxZQUFZLENBQUMscUJBQXFCLEdBQUcsWUFBWSxDQUFDLG1CQUFtQixHQUFHLGNBQWMsQ0FBQyxFQUFFLENBQUM7SUFDNUYsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUN4QyxNQUFNLENBQVUscUJBQXFCLEdBQ25DLFlBQVksQ0FBQyxvQkFBb0IsR0FBRyxZQUFZLENBQUMsa0JBQWtCLEdBQUcsY0FBYyxDQUFDLEVBQUUsQ0FBQztJQUMxRixNQUFNLENBQVUsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxrQkFBa0IsR0FDaEMsWUFBWSxDQUFDLHFCQUFxQixHQUFHLFlBQVksQ0FBQyxtQkFBbUIsQ0FBQztJQUN4RSxNQUFNLENBQVUsZ0JBQWdCLEdBQUcsQ0FBQyxDQUFDO0lBQ3JDLE1BQU0sQ0FBVSxnQkFBZ0IsR0FDOUIsWUFBWSxDQUFDLGtCQUFrQixHQUFHLFlBQVksQ0FBQyxnQkFBZ0IsR0FBRyxjQUFjLENBQUMsRUFBRSxDQUFDO0lBQ3RGLE1BQU0sQ0FBVSxrQkFBa0IsR0FBRyxFQUFFLENBQUM7SUFDeEMsTUFBTSxDQUFVLHNCQUFzQixHQUFHLEVBQUUsQ0FBQztJQUM1QyxNQUFNLENBQVUsc0JBQXNCLEdBQUcsRUFBRSxDQUFDO0lBRTVDLFVBQVUsQ0FBQyxJQUFnQjtRQUN6QixNQUFNLEVBQ0osZUFBZSxFQUNmLFlBQVksRUFDWixVQUFVLEVBQ1YsY0FBYyxFQUNkLFlBQVksRUFDWixzQkFBc0IsRUFDdEIsc0JBQXNCLEdBQ3ZCLEdBQUcsWUFBWSxDQUFDO1FBRWpCLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxlQUFlLEdBQUcsVUFBVSxFQUFFLENBQUM7WUFDL0MsTUFBTSxJQUFJLG1CQUFtQixDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDM0QsQ0FBQztRQUNELE1BQU0sY0FBYyxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUNqRCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBQzVFLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsVUFBVSxDQUFDLENBQUM7UUFFbEUsTUFBTSxPQUFPLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUU1QyxNQUFNLGtCQUFrQixHQUFHLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFdkQsSUFBSSxrQkFBa0IsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUMzQixNQUFNLElBQUksbUJBQW1CLENBQUMsOERBQThELENBQUMsQ0FBQztRQUNoRyxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsV0FBVyxDQUFDLFlBQVksQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUV0RCxNQUFNLFFBQVEsR0FBRyxXQUFXLENBQUMsS0FBSyxDQUFDLGNBQWMsRUFBRSxjQUFjLEdBQUcsWUFBWSxDQUFDLENBQUM7UUFFbEYsTUFBTSxxQkFBcUIsR0FBRyxjQUFjLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNsRSxjQUFjLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUVqRSxJQUFJLHFCQUFxQixJQUFJLGNBQWMsQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDeEQsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiw2Q0FBNkMsY0FBYyxDQUFDLElBQUksQ0FBQyxNQUFNLGVBQWUscUJBQXFCLFdBQVcsQ0FDdkgsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLDhCQUE4QixHQUFHO1lBQ3JDLElBQUksRUFBRSxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLHFCQUFxQixDQUFDO1NBQ3BFLENBQUM7UUFDRixNQUFNLHlCQUF5QixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDdEQsOEJBQThCLEVBQzlCLHNCQUFzQixDQUN2QixDQUFDO1FBQ0YsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQ2hELDhCQUE4QixFQUM5QixzQkFBc0IsQ0FDdkIsQ0FBQztRQUNGLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyw4QkFBOEIsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUNwRixNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDOUMsOEJBQThCLEVBQzlCLHNCQUFzQixDQUN2QixDQUFDO1FBQ0YsTUFBTSx3QkFBd0IsR0FBRyw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQ3JGLDhCQUE4QixDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsSUFBSSxDQUM3Qyw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUNoRCxDQUFDO1FBRUYsSUFBSSw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLHdCQUF3QixFQUFFLENBQUM7WUFDMUUsTUFBTSxJQUFJLG1CQUFtQixDQUMzQixnREFBZ0QsOEJBQThCLENBQUMsSUFBSSxDQUFDLE1BQU0sZUFBZSx3QkFBd0IsV0FBVyxDQUM3SSxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUNqRCw4QkFBOEIsRUFDOUIsd0JBQXdCLENBQ3pCLENBQUM7UUFFRixNQUFNLHVCQUF1QixHQUFHLDhCQUE4QixDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFcEYsSUFBSSx1QkFBdUIsR0FBRyxDQUFDLElBQUksdUJBQXVCLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDL0QsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiw0Q0FBNEMsdUJBQXVCLEVBQUUsQ0FDdEUsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLHFCQUFxQixHQUFHLDhCQUE4QixDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbEYsTUFBTSxtQkFBbUIsR0FBRyw4QkFBOEIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztRQUVoRixJQUFJLHFCQUFxQixJQUFJLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ3hELE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0Isc0ZBQXNGLHFCQUFxQixXQUFXLENBQ3ZILENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxTQUFTLEdBQUcsVUFBVSxDQUFDLG1CQUFtQixDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQywyQkFBMkI7UUFDekYsTUFBTSxTQUFTLEdBQUcsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDO1FBRTdELE9BQU87WUFDTCxTQUFTLEVBQUUsU0FBUyxDQUFDLEdBQUc7WUFDeEIsU0FBUyxFQUFFLFdBQVc7WUFDdEIsTUFBTSxFQUFFO2dCQUNOLE9BQU87Z0JBQ1Asa0JBQWtCO2dCQUNsQixNQUFNO2dCQUNOLFFBQVE7YUFDVDtZQUNELE1BQU07WUFDTix5QkFBeUI7WUFDekIsbUJBQW1CO1lBQ25CLFFBQVE7WUFDUixpQkFBaUI7WUFDakIsb0JBQW9CO1lBQ3BCLHVCQUF1QjtZQUN2QixtQkFBbUI7WUFDbkIsWUFBWSxFQUFFO2dCQUNaLE1BQU0sRUFBRTtvQkFDTixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELFFBQVEsRUFBRTtvQkFDUixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2dCQUNELElBQUksRUFBRTtvQkFDSixHQUFHLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDakIsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7aUJBQ3ZCO2FBQ0Y7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELFdBQVcsQ0FBQyxJQUFnQjtRQUMxQixNQUFNLEVBQ0osVUFBVSxFQUNWLFVBQVUsRUFDVixxQkFBcUIsRUFDckIsbUJBQW1CLEVBQ25CLG9CQUFvQixFQUNwQixrQkFBa0IsRUFDbEIscUJBQXFCLEVBQ3JCLG1CQUFtQixFQUNuQixrQkFBa0IsRUFDbEIsZ0JBQWdCLEVBQ2hCLGdCQUFnQixFQUNoQixrQkFBa0IsRUFDbEIsa0JBQWtCLEdBQ25CLEdBQUcsWUFBWSxDQUFDO1FBRWpCLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxVQUFVLEVBQUUsQ0FBQztZQUM3QixNQUFNLElBQUksbUJBQW1CLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUMzRCxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUMvQixNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxVQUFVLENBQUMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDM0QsTUFBTSxTQUFTLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FDNUIscUJBQXFCLEVBQ3JCLHFCQUFxQixHQUFHLG1CQUFtQixDQUM1QyxDQUFDO1FBQ0YsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxvQkFBb0IsRUFBRSxvQkFBb0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQy9GLE1BQU0sU0FBUyxHQUFHLE1BQU07YUFDckIsS0FBSyxDQUFDLHFCQUFxQixFQUFFLHFCQUFxQixHQUFHLG1CQUFtQixDQUFDO2FBQ3pFLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNuQixNQUFNLE1BQU0sR0FBRyxNQUFNO2FBQ2xCLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxrQkFBa0IsR0FBRyxnQkFBZ0IsQ0FBQzthQUNoRSxZQUFZLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbkIsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsRUFBRSxnQkFBZ0IsR0FBRyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3ZGLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLEVBQUUsZ0JBQWdCLEdBQUcsa0JBQWtCLENBQUMsQ0FBQztRQUV2RixPQUFPO1lBQ0wsTUFBTTtZQUNOLFNBQVM7WUFDVCxRQUFRO1lBQ1IsU0FBUztZQUNULE1BQU07WUFDTixRQUFRO1lBQ1IsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDOztBQUdILE1BQU0sT0FBTyxZQUFhLFNBQVEsU0FBUztJQUN6Qyw0QkFBNEI7SUFDNUIsTUFBTSxDQUFVLGVBQWUsR0FBRyxFQUFFLENBQUM7SUFDckMsTUFBTSxDQUFVLGVBQWUsR0FBRyxHQUFHLENBQUM7SUFDdEMsTUFBTSxDQUFVLHFCQUFxQixHQUFHLENBQUMsQ0FBQztJQUUxQyxnQkFBZ0I7SUFDaEIsTUFBTSxDQUFVLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQVUsNEJBQTRCLEdBQUcsQ0FBQyxDQUFDO0lBQ2pELE1BQU0sQ0FBVSxpQkFBaUIsR0FBRyxDQUFDLENBQUM7SUFDdEMsTUFBTSxDQUFVLG1CQUFtQixHQUFHLENBQUMsQ0FBQztJQUN4QyxNQUFNLENBQVUsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxvQkFBb0IsR0FBRyxFQUFFLENBQUM7SUFDMUMsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUV4QyxjQUFjO0lBQ2QsTUFBTSxDQUFVLGlCQUFpQixHQUFHLEVBQUUsQ0FBQztJQUN2QyxNQUFNLENBQVUsY0FBYyxHQUFHLEVBQUUsQ0FBQztJQUNwQyxNQUFNLENBQVUsb0JBQW9CLEdBQUcsRUFBRSxDQUFDO0lBQzFDLE1BQU0sQ0FBVSxzQkFBc0IsR0FBRyxDQUFDLENBQUM7SUFDM0MsTUFBTSxDQUFVLG9CQUFvQixHQUFHLENBQUMsQ0FBQztJQUN6QyxNQUFNLENBQVUsWUFBWSxHQUFHLENBQUMsQ0FBQztJQUNqQyxNQUFNLENBQVUsWUFBWSxHQUFHLEVBQUUsQ0FBQztJQUNsQyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsRUFBRSxDQUFDO0lBQ3hDLE1BQU0sQ0FBVSxlQUFlLEdBQUcsRUFBRSxDQUFDO0lBQ3JDLE1BQU0sQ0FBVSxxQkFBcUIsR0FBRyxFQUFFLENBQUM7SUFDM0MsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGFBQWEsR0FBRyxFQUFFLENBQUM7SUFDbkMsTUFBTSxDQUFVLGtCQUFrQixHQUFHLEVBQUUsQ0FBQztJQUV4QyxtQkFBbUI7SUFDbkIsTUFBTSxDQUFVLHFCQUFxQixHQUFHLEVBQUUsQ0FBQztJQUMzQyxNQUFNLENBQVUscUJBQXFCLEdBQUcsRUFBRSxDQUFDO0lBQzNDLE1BQU0sQ0FBVSxtQkFBbUIsR0FBRyxDQUFDLENBQUM7SUFDeEMsTUFBTSxDQUFVLGlCQUFpQixHQUFHLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQVUsZUFBZSxHQUFHLEdBQUcsQ0FBQztJQUN0QyxNQUFNLENBQVUsd0JBQXdCLEdBQUcsRUFBRSxDQUFDO0lBQzlDLE1BQU0sQ0FBVSw2QkFBNkIsR0FBRyxDQUFDLENBQUM7SUFDbEQsTUFBTSxDQUFVLG9CQUFvQixHQUFHLENBQUMsQ0FBQztJQUN6QyxNQUFNLENBQVUsa0JBQWtCLEdBQUcsQ0FBQyxDQUFDO0lBRXZDLFVBQVUsQ0FBQyxJQUFnQjtRQUN6QixNQUFNLEVBQ0osZUFBZSxFQUNmLGVBQWUsRUFDZixxQkFBcUIsRUFFckIscUJBQXFCLEVBQ3JCLHFCQUFxQixFQUNyQixtQkFBbUIsRUFDbkIsaUJBQWlCLEVBQ2pCLGVBQWUsRUFDZix3QkFBd0IsRUFDeEIsNkJBQTZCLEVBQzdCLG9CQUFvQixFQUNwQixrQkFBa0IsR0FDbkIsR0FBRyxZQUFZLENBQUM7UUFFakIsTUFBTSxZQUFZLEdBQUcsZUFBZSxHQUFHLGVBQWUsR0FBRyxxQkFBcUIsQ0FBQztRQUMvRSxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsWUFBWSxFQUFFLENBQUM7WUFDL0IsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiw0QkFBNEIsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLFlBQVksRUFBRSxDQUNsRixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sY0FBYyxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUNqRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsY0FBYyxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBQzFFLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsZUFBZSxDQUFDLENBQUM7UUFDNUUsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGNBQWMsRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO1FBQ25GLE1BQU0scUJBQXFCLEdBQUcsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUUzRCxNQUFNLGdCQUFnQixHQUNwQixlQUFlLEdBQUcsZUFBZSxHQUFHLHFCQUFxQixHQUFHLHFCQUFxQixDQUFDO1FBQ3BGLElBQUksSUFBSSxDQUFDLE1BQU0sR0FBRyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ25DLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsNEJBQTRCLElBQUksQ0FBQyxNQUFNLDRCQUE0QixnQkFBZ0IsRUFBRSxDQUN0RixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sU0FBUyxHQUFHLEVBQUUsSUFBSSxFQUFFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUscUJBQXFCLENBQUMsRUFBRSxDQUFDO1FBRTFGLE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUscUJBQXFCLENBQUMsQ0FBQztRQUNoRixNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUscUJBQXFCLENBQUMsQ0FBQztRQUVyRixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLG1CQUFtQixDQUFDLENBQUMsWUFBWSxFQUFFLENBQUMsQ0FBQyxZQUFZO1FBQ3hHLElBQUksWUFBWSxLQUFLLENBQUM7WUFDcEIsTUFBTSxJQUFJLG1CQUFtQixDQUFDLGtDQUFrQyxZQUFZLGNBQWMsQ0FBQyxDQUFDO1FBRTlGLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsaUJBQWlCLENBQUMsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUV6RixJQUFJLFNBQVMsQ0FBQyxJQUFJLENBQUMsTUFBTSxHQUFHLFlBQVk7WUFDdEMsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiwrQkFBK0IsSUFBSSxDQUFDLE1BQU0sNEJBQTRCLFlBQVksRUFBRSxDQUNyRixDQUFDO1FBRUosTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxlQUFlLENBQUMsQ0FBQztRQUNwRSxNQUFNLGlCQUFpQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsd0JBQXdCLENBQUMsQ0FBQztRQUV0RixNQUFNLHdCQUF3QixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDckQsU0FBUyxFQUNULDZCQUE2QixDQUM5QixDQUFDLFlBQVksRUFBRSxDQUFDO1FBRWpCLElBQUksU0FBUyxDQUFDLElBQUksQ0FBQyxNQUFNLEdBQUcsd0JBQXdCO1lBQ2xELE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsMkNBQTJDLElBQUksQ0FBQyxNQUFNLDRCQUE0Qix3QkFBd0IsRUFBRSxDQUM3RyxDQUFDO1FBRUosTUFBTSxvQkFBb0IsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLHdCQUF3QixDQUFDLENBQUM7UUFFekYsTUFBTSx1QkFBdUIsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQ3BELFNBQVMsRUFDVCxvQkFBb0IsQ0FDckIsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLFlBQVk7UUFDOUIsSUFBSSx1QkFBdUIsS0FBSyxDQUFDO1lBQy9CLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsbUNBQW1DLHVCQUF1QixjQUFjLENBQ3pFLENBQUM7UUFFSixNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsU0FBUyxFQUFFLGtCQUFrQixDQUFDLENBQUMsWUFBWSxFQUFFLENBQUM7UUFFM0YsSUFBSSxTQUFTLENBQUMsSUFBSSxDQUFDLE1BQU0sR0FBRyxhQUFhO1lBQ3ZDLE1BQU0sSUFBSSxtQkFBbUIsQ0FDM0IsZ0NBQWdDLElBQUksQ0FBQyxNQUFNLDRCQUE0QixhQUFhLEVBQUUsQ0FDdkYsQ0FBQztRQUVKLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFNBQVMsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUU3RSxNQUFNLFNBQVMsR0FBRyxVQUFVLENBQUMsbUJBQW1CLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDLDJCQUEyQjtRQUN6RixNQUFNLFNBQVMsR0FBRyxTQUFTLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFFN0QsT0FBTztZQUNMLFNBQVMsRUFBRSxTQUFTLENBQUMsR0FBRztZQUN4QixTQUFTO1lBQ1QsTUFBTSxFQUFFLElBQUksQ0FBQyxXQUFXLENBQUMsU0FBUyxDQUFDO1lBQ25DLFdBQVc7WUFDWCxjQUFjO1lBQ2QsbUJBQW1CO1lBQ25CLFlBQVk7WUFDWixRQUFRO1lBQ1IsaUJBQWlCO1lBQ2pCLG9CQUFvQjtZQUNwQix1QkFBdUI7WUFDdkIsbUJBQW1CO1lBQ25CLFlBQVksRUFBRTtnQkFDWixNQUFNLEVBQUU7b0JBQ04sR0FBRyxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7b0JBQ2pCLFFBQVEsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO2lCQUN2QjtnQkFDRCxRQUFRLEVBQUU7b0JBQ1IsR0FBRyxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7b0JBQ2pCLFFBQVEsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO2lCQUN2QjtnQkFDRCxJQUFJLEVBQUU7b0JBQ0osR0FBRyxFQUFFLFNBQVMsQ0FBQyxDQUFDLENBQUM7b0JBQ2pCLFFBQVEsRUFBRSxTQUFTLENBQUMsQ0FBQyxDQUFDO2lCQUN2QjthQUNGO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFRCxXQUFXLENBQUMsSUFBZ0I7UUFDMUIsTUFBTSxFQUNKLGlCQUFpQixFQUNqQiw0QkFBNEIsRUFDNUIsaUJBQWlCLEVBQ2pCLG1CQUFtQixFQUNuQixtQkFBbUIsRUFDbkIsb0JBQW9CLEVBQ3BCLGtCQUFrQixHQUNuQixHQUFHLFlBQVksQ0FBQztRQUVqQixNQUFNLGVBQWUsR0FBRyxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7UUFFbEQsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsRUFBRSxpQkFBaUIsQ0FBQyxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQzFGLE1BQU0sa0JBQWtCLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUMvQyxlQUFlLEVBQ2YsNEJBQTRCLENBQzdCLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDakIsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsRUFBRSxpQkFBaUIsQ0FBQyxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQzFGLE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsbUJBQW1CLENBQUMsQ0FBQztRQUMvRSxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsZUFBZSxFQUFFLG1CQUFtQixDQUFDLENBQUM7UUFDL0UsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGVBQWUsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2pGLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztRQUU3RSxPQUFPO1lBQ0wsT0FBTztZQUNQLGtCQUFrQjtZQUNsQixPQUFPO1lBQ1AsU0FBUztZQUNULFNBQVM7WUFDVCxVQUFVO1lBQ1YsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDO0lBRUQsU0FBUyxDQUFDLElBQWdCO1FBQ3hCLE1BQU0sRUFDSixpQkFBaUIsRUFDakIsY0FBYyxFQUNkLG9CQUFvQixFQUNwQixzQkFBc0IsRUFDdEIsb0JBQW9CLEVBQ3BCLFlBQVksRUFDWixZQUFZLEVBQ1osa0JBQWtCLEVBQ2xCLGVBQWUsRUFDZixxQkFBcUIsRUFDckIsYUFBYSxFQUNiLGFBQWEsRUFDYixhQUFhLEVBQ2IsYUFBYSxFQUNiLGtCQUFrQixFQUNsQixrQkFBa0IsR0FDbkIsR0FBRyxZQUFZLENBQUM7UUFFakIsTUFBTSxhQUFhLEdBQUcsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBRWhELElBQUksYUFBYSxDQUFDLElBQUksQ0FBQyxNQUFNLEtBQUssWUFBWSxDQUFDLGVBQWU7WUFDNUQsTUFBTSxJQUFJLG1CQUFtQixDQUMzQiwyQkFBMkIsYUFBYSxDQUFDLElBQUksQ0FBQyxNQUFNLGNBQWMsWUFBWSxDQUFDLGVBQWUsRUFBRSxDQUNqRyxDQUFDO1FBRUosTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxpQkFBaUIsQ0FBQyxDQUFDO1FBQzNFLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsY0FBYyxDQUFDLENBQUM7UUFDckUsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2pGLE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsc0JBQXNCLENBQUMsQ0FBQztRQUNyRixNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLG9CQUFvQixDQUFDLENBQUM7UUFDakYsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUNqRSxNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBQ2pFLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztRQUM3RSxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGVBQWUsQ0FBQyxDQUFDO1FBQ3ZFLE1BQU0sYUFBYSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUscUJBQXFCLENBQUMsQ0FBQztRQUNuRixNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsYUFBYSxDQUFDLENBQUM7UUFDbkUsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsQ0FBQztRQUNuRSxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztRQUM3RSxNQUFNLFFBQVEsR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3pELE9BQU87WUFDTCxTQUFTO1lBQ1QsTUFBTTtZQUNOLFlBQVk7WUFDWixjQUFjO1lBQ2QsWUFBWTtZQUNaLElBQUk7WUFDSixJQUFJO1lBQ0osVUFBVTtZQUNWLE9BQU87WUFDUCxhQUFhO1lBQ2IsS0FBSztZQUNMLEtBQUs7WUFDTCxLQUFLO1lBQ0wsS0FBSztZQUNMLFVBQVU7WUFDVixRQUFRO1NBQ1QsQ0FBQztJQUNKLENBQUMifQ==
|
|
@@ -5,12 +5,23 @@ export interface ValidationResult {
|
|
|
5
5
|
description: string;
|
|
6
6
|
error?: unknown;
|
|
7
7
|
}
|
|
8
|
+
export type GetMrEnclaveSignatureFn = (mrEnclave: Buffer) => Promise<Buffer>;
|
|
9
|
+
export type CheckSignatureOptions = {
|
|
10
|
+
getMrEnclaveSignature: GetMrEnclaveSignatureFn;
|
|
11
|
+
};
|
|
8
12
|
export declare class QuoteValidator {
|
|
9
13
|
private readonly isDefault;
|
|
10
14
|
private readonly baseUrl;
|
|
11
15
|
private readonly teeSgxParser;
|
|
16
|
+
private readonly teeTdxParser;
|
|
12
17
|
private logger;
|
|
13
18
|
constructor(baseUrl: string);
|
|
19
|
+
static getSignature(mrEnclave: Buffer, options?: {
|
|
20
|
+
baseURL?: string;
|
|
21
|
+
retryMax?: number;
|
|
22
|
+
retryInterval?: number;
|
|
23
|
+
}): Promise<Buffer>;
|
|
24
|
+
static checkSignature(quote: Buffer, options?: CheckSignatureOptions): Promise<void>;
|
|
14
25
|
private splitChain;
|
|
15
26
|
private findSequenceByOID;
|
|
16
27
|
private searchForSequence;
|