@super-protocol/sdk-js 3.4.0-beta.15 → 3.4.0-beta.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificates/crl.d.ts +6 -0
- package/dist/cjs/certificates/crl.js +66 -0
- package/dist/cjs/certificates/helper.d.ts +21 -0
- package/dist/cjs/certificates/helper.js +161 -0
- package/dist/cjs/certificates/index.d.ts +2 -0
- package/dist/cjs/certificates/index.js +19 -0
- package/dist/cjs/certificates/ocsp.d.ts +9 -0
- package/dist/cjs/certificates/ocsp.js +124 -0
- package/dist/cjs/certificates/types.d.ts +4 -0
- package/dist/cjs/certificates/types.js +3 -0
- package/dist/cjs/constants.d.ts +5 -0
- package/dist/cjs/constants.js +7 -2
- package/dist/cjs/index.d.ts +1 -0
- package/dist/cjs/index.js +2 -1
- package/dist/cjs/tee/OrderReportService.d.ts +0 -3
- package/dist/cjs/tee/OrderReportService.js +12 -28
- package/dist/cjs/tee/TeeCertificateService.d.ts +0 -4
- package/dist/cjs/tee/TeeCertificateService.js +23 -34
- package/dist/mjs/certificates/crl.d.ts +6 -0
- package/dist/mjs/certificates/crl.js +39 -0
- package/dist/mjs/certificates/helper.d.ts +21 -0
- package/dist/mjs/certificates/helper.js +131 -0
- package/dist/mjs/certificates/index.d.ts +2 -0
- package/dist/mjs/certificates/index.js +3 -0
- package/dist/mjs/certificates/ocsp.d.ts +9 -0
- package/dist/mjs/certificates/ocsp.js +94 -0
- package/dist/mjs/certificates/types.d.ts +4 -0
- package/dist/mjs/certificates/types.js +2 -0
- package/dist/mjs/constants.d.ts +5 -0
- package/dist/mjs/constants.js +6 -1
- package/dist/mjs/index.d.ts +1 -0
- package/dist/mjs/index.js +2 -1
- package/dist/mjs/tee/OrderReportService.d.ts +0 -3
- package/dist/mjs/tee/OrderReportService.js +13 -29
- package/dist/mjs/tee/TeeCertificateService.d.ts +0 -4
- package/dist/mjs/tee/TeeCertificateService.js +23 -34
- package/package.json +2 -2
package/dist/mjs/constants.js
CHANGED
|
@@ -60,6 +60,11 @@ export const OID_CUSTOM_EXTENSION_ORDER_REPORT_HARDWARE_CONTEXT = `${OID_CUSTOM_
|
|
|
60
60
|
export const OID_CUSTOM_EXTENSION_ORDER_REPORT_SIGNATURE_KEY_HASH = `${OID_CUSTOM_EXTENSION_ORDER_REPORT}.2`;
|
|
61
61
|
export const OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH = `${OID_CUSTOM_EXTENSION_ORDER_REPORT}.3`;
|
|
62
62
|
export const OID_CUSTOM_EXTENSION_ORDER_REPORT_HASH = `${OID_CUSTOM_EXTENSION_ORDER_REPORT}.4`;
|
|
63
|
+
export const OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION = '1.3.6.1.5.5.7.1.1';
|
|
64
|
+
export const OID_CRL_DISTRIBUTION_POINTS = '2.5.29.31';
|
|
65
|
+
export const OID_OCSP_ACCESS_METHOD = '1.3.6.1.5.5.7.48.1';
|
|
66
|
+
export const OID_OCSP_ISSUER_ACCESS_METHOD = '1.3.6.1.5.5.7.48.2';
|
|
67
|
+
export const OID_OCSP_NONCE = '1.3.6.1.5.5.7.48.1.2';
|
|
63
68
|
export const SUPERPROTOCOL_CA = `-----BEGIN CERTIFICATE-----
|
|
64
69
|
MIIWgTCCFWmgAwIBAgIBATANBgkqhkiG9w0BAQsFADB2MSIwIAYDVQQDExlTdXBl
|
|
65
70
|
clByb3RvY29sIFRFRSBSb290IENBMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkx
|
|
@@ -183,4 +188,4 @@ Z/dda6qpPxXBiwhpfcFJtpiP0tIYhS6LJgFnSAdEE9G1HwYUrCYsjQ2LCgBQDqYB
|
|
|
183
188
|
balDQD+0bddS+Jvj4ELLmKRk/yX51Lqx6YYr0rSX7t9RaI9F9muzzQ4mWzWA6ief
|
|
184
189
|
YwF1StA=
|
|
185
190
|
-----END CERTIFICATE-----`;
|
|
186
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
191
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2NvbnN0YW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsUUFBUSxFQUFRLGFBQWEsRUFBRSxNQUFNLHdCQUF3QixDQUFDO0FBRXZFLE1BQU0sQ0FBQyxNQUFNLG9CQUFvQixHQUFHLHVCQUF1QixDQUFDO0FBQzVELE1BQU0sQ0FBQyxNQUFNLGVBQWUsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7QUFDL0MsTUFBTSxDQUFDLE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQztBQUNsRCxNQUFNLENBQUMsTUFBTSx5QkFBeUIsR0FBRyxDQUFDLENBQUM7QUFDM0MsTUFBTSxDQUFDLE1BQU0seUJBQXlCLEdBQUcsR0FBRyxDQUFDO0FBQzdDLE1BQU0sQ0FBQyxNQUFNLDZCQUE2QixHQUFHLENBQUMsQ0FBQztBQUMvQyxNQUFNLENBQUMsTUFBTSxxQ0FBcUMsR0FBRyxHQUFHLENBQUM7QUFDekQsTUFBTSxDQUFDLE1BQU0sYUFBYSxHQUFHLEVBQUUsQ0FBQztBQUNoQyxNQUFNLENBQUMsTUFBTSxZQUFZLEdBQUcsRUFBRSxDQUFDO0FBQy9CLE1BQU0sQ0FBQyxNQUFNLE9BQU8sR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUNwQyxNQUFNLENBQUMsTUFBTSxRQUFRLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUNoQyxNQUFNLENBQUMsTUFBTSxZQUFZLEdBQUcsQ0FBQyxHQUFHLEVBQUUsQ0FBQztBQUNuQyxNQUFNLENBQUMsTUFBTSwrQkFBK0IsR0FBRyxHQUFHLENBQUM7QUFDbkQsTUFBTSxDQUFDLE1BQU0sd0JBQXdCLEdBQUcsNENBQTRDLENBQUM7QUFDckYsTUFBTSxDQUFDLE1BQU0sOEJBQThCLEdBQUcsRUFBRSxDQUFDO0FBQ2pELE1BQU0sQ0FBQyxNQUFNLDhCQUE4QixHQUFHLElBQUksQ0FBQztBQUNuRCxNQUFNLENBQUMsTUFBTSxnQ0FBZ0MsR0FBRyxLQUFLLENBQUM7QUFDdEQsTUFBTSxDQUFDLE1BQU0scUJBQXFCLEdBQUcsR0FBRyxDQUFDO0FBQ3pDLE1BQU0sQ0FBQyxNQUFNLHFCQUFxQixHQUFHLEtBQUssQ0FBQztBQUMzQyxNQUFNLENBQUMsTUFBTSwyQkFBMkIsR0FBRyw0Q0FBNEMsQ0FBQztBQUN4RixNQUFNLENBQUMsTUFBTSwyQkFBMkIsR0FBRywwQ0FBMEMsQ0FBQztBQUN0RixNQUFNLENBQUMsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLENBQUMsb0JBQW9CLENBQUMsQ0FBQztBQUMvRCxNQUFNLENBQUMsTUFBTSxpQkFBaUIsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLENBQUM7QUFDbkQsTUFBTSxDQUFDLE1BQU0scUJBQXFCLEdBQUcsQ0FBQyxDQUFDO0FBQ3ZDLE1BQU0sQ0FBQyxNQUFNLFVBQVUsR0FBRyxHQUFHLENBQUM7QUFDOUIsTUFBTSxDQUFDLE1BQU0sU0FBUyxHQUFTO0lBQzdCLElBQUksRUFBRSxrRUFBa0U7SUFDeEUsSUFBSSxFQUFFLGFBQWEsQ0FBQyxNQUFNO0lBQzFCLFFBQVEsRUFBRSxRQUFRLENBQUMsTUFBTTtDQUMxQixDQUFDO0FBQ0YsTUFBTSxDQUFDLE1BQU0sMkJBQTJCLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FDcEQsa0VBQWtFLEVBQ2xFLEtBQUssQ0FDTixDQUFDO0FBQ0YsTUFBTSxDQUFDLE1BQU0sOEJBQThCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzswQkF3QnBCLENBQUM7QUFDM0IsTUFBTSxDQUFDLE1BQU0saUNBQWlDLEdBQUcsa0JBQWtCLENBQUM7QUFDcEUsTUFBTSxDQUFDLE1BQU0sa0RBQWtELEdBQUcsR0FBRyxpQ0FBaUMsSUFBSSxDQUFDO0FBQzNHLE1BQU0sQ0FBQyxNQUFNLG9EQUFvRCxHQUFHLEdBQUcsaUNBQWlDLElBQUksQ0FBQztBQUM3RyxNQUFNLENBQUMsTUFBTSxvREFBb0QsR0FBRyxHQUFHLGlDQUFpQyxJQUFJLENBQUM7QUFDN0csTUFBTSxDQUFDLE1BQU0sc0NBQXNDLEdBQUcsR0FBRyxpQ0FBaUMsSUFBSSxDQUFDO0FBQy9GLE1BQU0sQ0FBQyxNQUFNLDBDQUEwQyxHQUFHLG1CQUFtQixDQUFDO0FBQzlFLE1BQU0sQ0FBQyxNQUFNLDJCQUEyQixHQUFHLFdBQVcsQ0FBQztBQUN2RCxNQUFNLENBQUMsTUFBTSxzQkFBc0IsR0FBRyxvQkFBb0IsQ0FBQztBQUMzRCxNQUFNLENBQUMsTUFBTSw2QkFBNkIsR0FBRyxvQkFBb0IsQ0FBQztBQUNsRSxNQUFNLENBQUMsTUFBTSxjQUFjLEdBQUcsc0JBQXNCLENBQUM7QUFDckQsTUFBTSxDQUFDLE1BQU0sZ0JBQWdCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzBCQTBITixDQUFDIn0=
|
package/dist/mjs/index.d.ts
CHANGED
|
@@ -4,6 +4,7 @@ export { Config } from './connectors/BaseConnector.js';
|
|
|
4
4
|
export { default as BlockchainEventsListener } from './connectors/BlockchainEventsListener.js';
|
|
5
5
|
export { default as Crypto } from './crypto/index.js';
|
|
6
6
|
export * from './crypto/index.js';
|
|
7
|
+
export * from './certificates/index.js';
|
|
7
8
|
export { default as TIIGenerator } from './TIIGenerator.js';
|
|
8
9
|
export * from './TIIGenerator.js';
|
|
9
10
|
export { default as RIGenerator } from './RIGenerator.js';
|
package/dist/mjs/index.js
CHANGED
|
@@ -3,6 +3,7 @@ export * from './connectors/BlockchainConnector.js';
|
|
|
3
3
|
export { default as BlockchainEventsListener } from './connectors/BlockchainEventsListener.js';
|
|
4
4
|
export { default as Crypto } from './crypto/index.js';
|
|
5
5
|
export * from './crypto/index.js';
|
|
6
|
+
export * from './certificates/index.js';
|
|
6
7
|
export { default as TIIGenerator } from './TIIGenerator.js';
|
|
7
8
|
export * from './TIIGenerator.js';
|
|
8
9
|
export { default as RIGenerator } from './RIGenerator.js';
|
|
@@ -87,4 +88,4 @@ export * from './errors/index.js';
|
|
|
87
88
|
export * from './utils/schema-utils/index.js';
|
|
88
89
|
export * as ResourceLoaderUtils from './utils/resourceLoaders/index.js';
|
|
89
90
|
export { TeeSignatureVerifier } from './tee/TeeSignatureVerifier.js';
|
|
90
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
91
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLE9BQU8sSUFBSSxtQkFBbUIsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBRXJGLGNBQWMscUNBQXFDLENBQUM7QUFJcEQsT0FBTyxFQUFFLE9BQU8sSUFBSSx3QkFBd0IsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBRS9GLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDdEQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxjQUFjLHlCQUF5QixDQUFDO0FBRXhDLE9BQU8sRUFBRSxPQUFPLElBQUksWUFBWSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDNUQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLFdBQVcsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQzFELGNBQWMsbUJBQW1CLENBQUM7QUFFbEMsT0FBTyxFQUFFLE9BQU8sSUFBSSxTQUFTLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUNuRSxjQUFjLDZCQUE2QixDQUFDO0FBRTVDLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDN0QsY0FBYywwQkFBMEIsQ0FBQztBQUV6QyxPQUFPLEVBQUUsT0FBTyxJQUFJLFlBQVksRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQ3pFLGNBQWMsZ0NBQWdDLENBQUM7QUFFL0MsT0FBTyxFQUFFLE9BQU8sSUFBSSxZQUFZLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN6RSxjQUFjLGdDQUFnQyxDQUFDO0FBRS9DLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDN0QsY0FBYywwQkFBMEIsQ0FBQztBQUV6QyxPQUFPLEVBQUUsT0FBTyxJQUFJLFNBQVMsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ25FLGNBQWMsNkJBQTZCLENBQUM7QUFFNUMsT0FBTyxFQUFFLE9BQU8sSUFBSSxnQkFBZ0IsRUFBRSxNQUFNLG9DQUFvQyxDQUFDO0FBQ2pGLGNBQWMsb0NBQW9DLENBQUM7QUFFbkQsT0FBTyxFQUFFLE9BQU8sSUFBSSxhQUFhLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUMzRSxjQUFjLGlDQUFpQyxDQUFDO0FBRWhELE9BQU8sRUFBRSxPQUFPLElBQUksUUFBUSxFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDakUsY0FBYyw0QkFBNEIsQ0FBQztBQUUzQyxPQUFPLEVBQUUsT0FBTyxJQUFJLEtBQUssRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELGNBQWMseUJBQXlCLENBQUM7QUFFeEMsT0FBTyxFQUFFLE9BQU8sSUFBSSxRQUFRLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUNqRSxjQUFjLDRCQUE0QixDQUFDO0FBRTNDLE9BQU8sRUFBRSxPQUFPLElBQUksY0FBYyxFQUFFLE1BQU0sa0NBQWtDLENBQUM7QUFDN0UsY0FBYyxrQ0FBa0MsQ0FBQztBQUVqRCxPQUFPLEVBQUUsT0FBTyxJQUFJLHVCQUF1QixFQUFFLE1BQU0sMkNBQTJDLENBQUM7QUFDL0YsY0FBYywyQ0FBMkMsQ0FBQztBQUUxRCxPQUFPLEVBQUUsT0FBTyxJQUFJLGNBQWMsRUFBRSxNQUFNLGtDQUFrQyxDQUFDO0FBQzdFLGNBQWMsa0NBQWtDLENBQUM7QUFFakQsT0FBTyxFQUFFLE9BQU8sSUFBSSxzQkFBc0IsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBQzdGLGNBQWMsMENBQTBDLENBQUM7QUFFekQsT0FBTyxFQUFFLE9BQU8sSUFBSSxxQkFBcUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBQzNGLGNBQWMseUNBQXlDLENBQUM7QUFFeEQsT0FBTyxFQUFFLE9BQU8sSUFBSSxjQUFjLEVBQUUsTUFBTSxrQ0FBa0MsQ0FBQztBQUM3RSxjQUFjLGtDQUFrQyxDQUFDO0FBRWpELE9BQU8sRUFBRSxPQUFPLElBQUksS0FBSyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDckQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLFFBQVEsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQzNELGNBQWMsc0JBQXNCLENBQUM7QUFFckMsT0FBTyxFQUFFLE9BQU8sSUFBSSxRQUFRLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUMzRCxjQUFjLHNCQUFzQixDQUFDO0FBRXJDLE9BQU8sRUFBRSxPQUFPLElBQUksS0FBSyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDckQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLEdBQUcsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ2pELGNBQWMsaUJBQWlCLENBQUM7QUFFaEMsY0FBYyxrQkFBa0IsQ0FBQztBQUVqQyxPQUFPLEtBQUssc0JBQXNCLE1BQU0sZ0RBQWdELENBQUM7QUFDekYsT0FBTyxFQUFFLE9BQU8sSUFBSSxZQUFZLEVBQWUsTUFBTSxxQ0FBcUMsQ0FBQztBQUMzRixPQUFPLEVBQ0wsT0FBTyxJQUFJLHFCQUFxQixHQUVqQyxNQUFNLDhDQUE4QyxDQUFDO0FBQ3RELE9BQU8sRUFBRSxPQUFPLElBQUksc0JBQXNCLEVBQUUsTUFBTSwrQ0FBK0MsQ0FBQztBQUVsRyxPQUFPLEVBQ0wsT0FBTyxJQUFJLGNBQWMsRUFDekIsV0FBVyxHQUVaLE1BQU0sdUNBQXVDLENBQUM7QUFDL0MsT0FBTyxFQUNMLE9BQU8sSUFBSSxvQkFBb0IsRUFFL0IsaUJBQWlCLEdBQ2xCLE1BQU0sNkNBQTZDLENBQUM7QUFLckQsT0FBTyxFQUFFLE9BQU8sSUFBSSxrQkFBa0IsRUFBRSxNQUFNLDJDQUEyQyxDQUFDO0FBRTFGLE9BQU8sRUFBRSx1QkFBdUIsRUFBRSxNQUFNLGdEQUFnRCxDQUFDO0FBQ3pGLE9BQU8sRUFDTCxzQkFBc0IsRUFDdEIsdUJBQXVCLEdBQ3hCLE1BQU0sZ0RBQWdELENBQUM7QUFFeEQsY0FBYyxrQ0FBa0MsQ0FBQztBQUNqRCxPQUFPLEtBQUssT0FBTyxNQUFNLDBCQUEwQixDQUFDO0FBQ3BELE9BQU8sS0FBSyxTQUFTLE1BQU0sZ0JBQWdCLENBQUM7QUFFNUMsT0FBTyxFQUFFLGlDQUFpQyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFFekUsT0FBTyxnQkFBZ0IsQ0FBQztBQUV4QixjQUFjLGlCQUFpQixDQUFDO0FBQ2hDLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUMzQyxPQUFPLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxTQUFTLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUM3RSxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDekQsY0FBYyxtQkFBbUIsQ0FBQztBQUNsQyxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUM3RCxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUVqRSxjQUFjLHNCQUFzQixDQUFDO0FBQ3JDLE9BQU8sRUFBRSxPQUFPLElBQUksU0FBUyxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDaEUsT0FBTyxFQUFFLE9BQU8sSUFBSSxpQkFBaUIsRUFBRSxNQUFNLGlEQUFpRCxDQUFDO0FBQy9GLE9BQU8sRUFBRSxPQUFPLElBQUksb0JBQW9CLEVBQUUsTUFBTSxvREFBb0QsQ0FBQztBQUNyRyxPQUFPLEVBQUUsT0FBTyxJQUFJLGNBQWMsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBQ3JGLE9BQU8sRUFBRSxPQUFPLElBQUksY0FBYyxFQUFFLE1BQU0sMENBQTBDLENBQUM7QUFDckYsY0FBYyx3QkFBd0IsQ0FBQztBQUN2QyxjQUFjLHdCQUF3QixDQUFDO0FBQ3ZDLGNBQWMseUJBQXlCLENBQUM7QUFDeEMsY0FBYyxtQkFBbUIsQ0FBQztBQUNsQyxjQUFjLCtCQUErQixDQUFDO0FBQzlDLE9BQU8sS0FBSyxtQkFBbUIsTUFBTSxrQ0FBa0MsQ0FBQztBQUN4RSxPQUFPLEVBQUUsb0JBQW9CLEVBQUMsTUFBTSwrQkFBK0IsQ0FBQSJ9
|
|
@@ -1,12 +1,9 @@
|
|
|
1
1
|
/// <reference types="node" />
|
|
2
2
|
import { OrderReport } from '@super-protocol/dto-js';
|
|
3
3
|
export declare class OrderReportService {
|
|
4
|
-
private static readonly teeCertificateService;
|
|
5
4
|
static encode(orderReport: OrderReport): Promise<Buffer>;
|
|
6
5
|
static decode(encodedOrderReport: Buffer): Promise<OrderReport>;
|
|
7
|
-
static removeRootCertificateFromChain(certsDer: Buffer[]): Buffer[];
|
|
8
6
|
static validateOrderReport(orderReport: OrderReport): Promise<void>;
|
|
9
|
-
private static certsToDerArray;
|
|
10
7
|
private static hashToBinary;
|
|
11
8
|
private static binaryHashToHash;
|
|
12
9
|
}
|
|
@@ -1,20 +1,19 @@
|
|
|
1
|
-
import forge from 'node-forge';
|
|
2
1
|
import { promisify } from 'util';
|
|
3
2
|
import zlib from 'zlib';
|
|
4
3
|
import { Encoding, } from '@super-protocol/dto-js';
|
|
5
4
|
import { OrderReportProto } from '../proto/OrderReport.js';
|
|
6
|
-
import {
|
|
7
|
-
import { OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH, SUPERPROTOCOL_CA, } from '../constants.js';
|
|
5
|
+
import { OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH } from '../constants.js';
|
|
8
6
|
import { calculateObjectHash } from '../utils/helpers/calculateObjectHash.js';
|
|
7
|
+
import { CertificatesHelper } from '../certificates/helper.js';
|
|
8
|
+
import { TeeCertificateService } from './TeeCertificateService.js';
|
|
9
9
|
const gzipPromise = promisify(zlib.gzip);
|
|
10
10
|
const unzipPromise = promisify(zlib.unzip);
|
|
11
|
-
const rootCertDer = Buffer.from(forge.pki.pemToDer(SUPERPROTOCOL_CA).bytes(), 'binary');
|
|
12
11
|
export class OrderReportService {
|
|
13
|
-
static teeCertificateService = new TeeCertificateService();
|
|
14
12
|
static async encode(orderReport) {
|
|
15
|
-
const
|
|
13
|
+
const { certs } = CertificatesHelper.extractCAFromChain(orderReport.certificate);
|
|
14
|
+
const certsDer = CertificatesHelper.pemChainToDer(certs);
|
|
16
15
|
const orderReportProto = {
|
|
17
|
-
certificates:
|
|
16
|
+
certificates: certsDer,
|
|
18
17
|
workloadInfo: {
|
|
19
18
|
runtimeInfo: orderReport.workloadInfo.runtimeInfo.map((ri) => ({
|
|
20
19
|
type: ri.type,
|
|
@@ -33,14 +32,7 @@ export class OrderReportService {
|
|
|
33
32
|
static async decode(encodedOrderReport) {
|
|
34
33
|
const decompressed = await unzipPromise(encodedOrderReport);
|
|
35
34
|
const orderReportProto = OrderReportProto.decode(decompressed);
|
|
36
|
-
const certsPem = orderReportProto.certificates
|
|
37
|
-
contentDomain: null,
|
|
38
|
-
dekInfo: null,
|
|
39
|
-
headers: [],
|
|
40
|
-
procType: null,
|
|
41
|
-
type: 'CERTIFICATE',
|
|
42
|
-
body: Buffer.from(derCert).toString('binary'),
|
|
43
|
-
}));
|
|
35
|
+
const certsPem = CertificatesHelper.derChainToPem(orderReportProto.certificates);
|
|
44
36
|
if (!orderReportProto.workloadInfo) {
|
|
45
37
|
throw new Error(`Wrong order report! Missing workloadInfo`);
|
|
46
38
|
}
|
|
@@ -59,34 +51,26 @@ export class OrderReportService {
|
|
|
59
51
|
return result;
|
|
60
52
|
});
|
|
61
53
|
return {
|
|
62
|
-
certificate: certsPem
|
|
54
|
+
certificate: certsPem,
|
|
63
55
|
workloadInfo: {
|
|
64
56
|
runtimeInfo,
|
|
65
57
|
created: orderReportProto.workloadInfo.created,
|
|
66
58
|
},
|
|
67
59
|
};
|
|
68
60
|
}
|
|
69
|
-
static removeRootCertificateFromChain(certsDer) {
|
|
70
|
-
return certsDer.filter((certDer) => !certDer.equals(rootCertDer));
|
|
71
|
-
}
|
|
72
61
|
static async validateOrderReport(orderReport) {
|
|
73
|
-
|
|
74
|
-
|
|
62
|
+
const teeCertificateService = new TeeCertificateService();
|
|
63
|
+
await teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
64
|
+
const workloadInfoHashFromCert = CertificatesHelper.getExtensionValue(orderReport.certificate, OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
75
65
|
if (!workloadInfoHashFromCert) {
|
|
76
66
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
77
67
|
}
|
|
78
68
|
const workloadInfoHash = await calculateObjectHash(orderReport.workloadInfo);
|
|
79
|
-
const isHashMatch = Buffer.compare(
|
|
69
|
+
const isHashMatch = Buffer.compare(workloadInfoHashFromCert, Buffer.from(workloadInfoHash.hash, workloadInfoHash.encoding)) === 0;
|
|
80
70
|
if (!isHashMatch) {
|
|
81
71
|
throw new Error(`WorkloadInfoHash in the certificate doesn't match the WorkloadInfoHash in the orderReport`);
|
|
82
72
|
}
|
|
83
73
|
}
|
|
84
|
-
static certsToDerArray(certificate) {
|
|
85
|
-
const certs = this.teeCertificateService.splitPemCerts(certificate);
|
|
86
|
-
return certs.map((pemCert) => {
|
|
87
|
-
return Buffer.from(forge.pki.pemToDer(pemCert).bytes(), 'binary');
|
|
88
|
-
});
|
|
89
|
-
}
|
|
90
74
|
static hashToBinary(hash) {
|
|
91
75
|
if (!hash) {
|
|
92
76
|
return;
|
|
@@ -107,4 +91,4 @@ export class OrderReportService {
|
|
|
107
91
|
};
|
|
108
92
|
}
|
|
109
93
|
}
|
|
110
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
94
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLE1BQU0sQ0FBQztBQUNqQyxPQUFPLElBQUksTUFBTSxNQUFNLENBQUM7QUFDeEIsT0FBTyxFQUNMLFFBQVEsR0FNVCxNQUFNLHdCQUF3QixDQUFDO0FBR2hDLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sRUFBRSxvREFBb0QsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3ZGLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBQzlFLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQy9ELE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBRW5FLE1BQU0sV0FBVyxHQUFHLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDekMsTUFBTSxZQUFZLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUUzQyxNQUFNLE9BQU8sa0JBQWtCO0lBQzdCLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLFdBQXdCO1FBQzFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQyxrQkFBa0IsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDakYsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXpELE1BQU0sZ0JBQWdCLEdBQXFCO1lBQ3pDLFlBQVksRUFBRSxRQUFRO1lBQ3RCLFlBQVksRUFBRTtnQkFDWixXQUFXLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO29CQUM3RCxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJO29CQUNiLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7b0JBQ2hDLGdCQUFnQixFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDO29CQUN4RCxRQUFRLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDO2lCQUN6QyxDQUFDLENBQUM7Z0JBQ0gsT0FBTyxFQUFFLFdBQVcsQ0FBQyxZQUFZLENBQUMsT0FBTzthQUMxQztTQUNGLENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxNQUFNLFdBQVcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUU1RCxPQUFPLFVBQVUsQ0FBQztJQUNwQixDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsa0JBQTBCO1FBQzVDLE1BQU0sWUFBWSxHQUFHLE1BQU0sWUFBWSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDNUQsTUFBTSxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFL0QsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLGdCQUFnQixDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRWpGLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNuQyxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7UUFDOUQsQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFrQixnQkFBZ0IsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFO1lBQzNGLE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFlO2dCQUM3QixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQUk7Z0JBQ2xCLElBQUksRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBRTthQUMzQyxDQUFDO1lBQ0YsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDN0IsTUFBTSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUM1RSxDQUFDO1lBQ0QsSUFBSSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3JCLE1BQU0sQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUM1RCxDQUFDO1lBQ0QsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPO1lBQ0wsV0FBVyxFQUFFLFFBQVE7WUFDckIsWUFBWSxFQUFFO2dCQUNaLFdBQVc7Z0JBQ1gsT0FBTyxFQUFFLGdCQUFnQixDQUFDLFlBQWEsQ0FBQyxPQUFPO2FBQ2hEO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLG1CQUFtQixDQUFDLFdBQXdCO1FBQ3ZELE1BQU0scUJBQXFCLEdBQUcsSUFBSSxxQkFBcUIsRUFBRSxDQUFDO1FBQzFELE1BQU0scUJBQXFCLENBQUMsMEJBQTBCLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRWhGLE1BQU0sd0JBQXdCLEdBQUcsa0JBQWtCLENBQUMsaUJBQWlCLENBQ25FLFdBQVcsQ0FBQyxXQUFXLEVBQ3ZCLG9EQUFvRCxDQUNyRCxDQUFDO1FBQ0YsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFDOUIsTUFBTSxJQUFJLEtBQUssQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1FBQ2pFLENBQUM7UUFDRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sbUJBQW1CLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRTdFLE1BQU0sV0FBVyxHQUNmLE1BQU0sQ0FBQyxPQUFPLENBQ1osd0JBQXdCLEVBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUM5RCxLQUFLLENBQUMsQ0FBQztRQUNWLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUNiLDJGQUEyRixDQUM1RixDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsWUFBWSxDQUFDLElBQVc7UUFDckMsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1YsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPO1lBQ0wsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ2YsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDO1NBQzVDLENBQUM7SUFDSixDQUFDO0lBRU8sTUFBTSxDQUFDLGdCQUFnQixDQUFDLFVBQWtDO1FBQ2hFLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQixPQUFPO1FBQ1QsQ0FBQztRQUVELE9BQU87WUFDTCxJQUFJLEVBQUUsVUFBVSxDQUFDLElBQXFCO1lBQ3RDLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQztZQUN6RCxRQUFRLEVBQUUsUUFBUSxDQUFDLEdBQUc7U0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRiJ9
|
|
@@ -9,10 +9,6 @@ export declare class TeeCertificateService {
|
|
|
9
9
|
private readonly certOidQuote;
|
|
10
10
|
private getCertificatePublicKey;
|
|
11
11
|
parseAndValidateCertificate(certificatePem: string | Buffer, sgxApiUrl: string): Promise<ParseTlsCertificateResult>;
|
|
12
|
-
fromRawToPem(data: Uint8Array): string;
|
|
13
|
-
splitPemCerts(certs: string): string[];
|
|
14
|
-
validateCertChain(certsPem: string, caPem: string): boolean;
|
|
15
|
-
getExtensionValue(certPem: string, oid: string): string | undefined;
|
|
16
12
|
validateTeeReportCertChain(certsPem: string): Promise<void>;
|
|
17
13
|
private validateChallengeSgx;
|
|
18
14
|
private validateChallengeTdxAndSnp;
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
import forge from 'node-forge';
|
|
2
|
+
import { X509Certificate } from 'crypto';
|
|
2
3
|
import { TeeSgxParser } from './QuoteParser.js';
|
|
3
4
|
import { QuoteValidator } from './QuoteValidator.js';
|
|
4
5
|
import { SUPERPROTOCOL_CA } from '../constants.js';
|
|
5
6
|
import { ChallengeType, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID, OID_CUSTOM_EXTENSION_CHALLENGE_ID, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE, } from '@super-protocol/pki-common';
|
|
6
7
|
import { TeeSignatureVerifier } from './TeeSignatureVerifier.js';
|
|
7
8
|
import { InvalidSignatureError } from './errors.js';
|
|
9
|
+
import { CertificatesHelper } from '../certificates/index.js';
|
|
8
10
|
export class TeeCertificateService {
|
|
9
11
|
certOidQuote = '0.6.9.42.840.113741.1337.6';
|
|
10
12
|
getCertificatePublicKey(certificate) {
|
|
@@ -31,36 +33,23 @@ export class TeeCertificateService {
|
|
|
31
33
|
dataHash: Buffer.from(report.dataHash),
|
|
32
34
|
};
|
|
33
35
|
}
|
|
34
|
-
fromRawToPem(data) {
|
|
35
|
-
const base64 = Buffer.from(data).toString('base64');
|
|
36
|
-
return `-----BEGIN CERTIFICATE-----\n${base64.match(/.{1,64}/g).join('\n')}\n-----END CERTIFICATE-----`;
|
|
37
|
-
}
|
|
38
|
-
splitPemCerts(certs) {
|
|
39
|
-
const pemRegex = /(-----BEGIN CERTIFICATE-----[\s\S]*?-----END CERTIFICATE-----)/g;
|
|
40
|
-
return certs.match(pemRegex) || [];
|
|
41
|
-
}
|
|
42
|
-
validateCertChain(certsPem, caPem) {
|
|
43
|
-
const certs = this.splitPemCerts(certsPem).map((cert) => forge.pki.certificateFromPem(cert));
|
|
44
|
-
const ca = forge.pki.certificateFromPem(caPem);
|
|
45
|
-
try {
|
|
46
|
-
return forge.pki.verifyCertificateChain(forge.pki.createCaStore([ca]), certs);
|
|
47
|
-
}
|
|
48
|
-
catch (err) {
|
|
49
|
-
return false;
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
|
-
getExtensionValue(certPem, oid) {
|
|
53
|
-
const cert = forge.pki.certificateFromPem(certPem);
|
|
54
|
-
const extension = cert.extensions.find((ext) => ext.id === oid);
|
|
55
|
-
return extension?.value;
|
|
56
|
-
}
|
|
57
36
|
async validateTeeReportCertChain(certsPem) {
|
|
58
|
-
const
|
|
59
|
-
if (!
|
|
60
|
-
throw new Error(`Cert chain is invalid
|
|
37
|
+
const { success, errorMessage } = await CertificatesHelper.validateCertChain(certsPem, SUPERPROTOCOL_CA);
|
|
38
|
+
if (!success) {
|
|
39
|
+
throw new Error(`Cert chain is invalid! (${errorMessage})`);
|
|
40
|
+
}
|
|
41
|
+
const challenges = CertificatesHelper.splitPemCerts(certsPem)
|
|
42
|
+
.filter((cert) => {
|
|
43
|
+
const x509 = new X509Certificate(cert);
|
|
44
|
+
// Root certificate doesn't have challenge
|
|
45
|
+
return x509.issuer !== x509.subject;
|
|
46
|
+
})
|
|
47
|
+
.map((cert) => CertificatesHelper.getExtensionValue(cert, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE)?.toString('binary'));
|
|
48
|
+
if (challenges.some((challenge) => !challenge || challenge === ChallengeType.Untrusted)) {
|
|
49
|
+
throw new Error(`Cert chain has cert without or Untrusted challenge`);
|
|
61
50
|
}
|
|
62
|
-
const
|
|
63
|
-
switch (
|
|
51
|
+
const leafCertChallengeType = challenges[0];
|
|
52
|
+
switch (leafCertChallengeType) {
|
|
64
53
|
case ChallengeType.SGXDCAP:
|
|
65
54
|
this.validateChallengeSgx(certsPem);
|
|
66
55
|
break;
|
|
@@ -69,28 +58,28 @@ export class TeeCertificateService {
|
|
|
69
58
|
await this.validateChallengeTdxAndSnp(certsPem);
|
|
70
59
|
break;
|
|
71
60
|
default:
|
|
72
|
-
throw new Error(`Challenge type ${
|
|
61
|
+
throw new Error(`Challenge type ${leafCertChallengeType || `[none]`} is missing or not allowed!`);
|
|
73
62
|
}
|
|
74
63
|
}
|
|
75
64
|
validateChallengeSgx(certPem) {
|
|
76
|
-
const mrSignerBinaryString =
|
|
65
|
+
const mrSignerBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
77
66
|
if (!mrSignerBinaryString) {
|
|
78
67
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
79
68
|
}
|
|
80
69
|
try {
|
|
81
|
-
TeeSignatureVerifier.validateSignatureSgx(
|
|
70
|
+
TeeSignatureVerifier.validateSignatureSgx(mrSignerBinaryString);
|
|
82
71
|
}
|
|
83
72
|
catch (err) {
|
|
84
73
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
85
74
|
}
|
|
86
75
|
}
|
|
87
76
|
async validateChallengeTdxAndSnp(certPem) {
|
|
88
|
-
const mrEnclaveBinaryString =
|
|
77
|
+
const mrEnclaveBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
89
78
|
if (!mrEnclaveBinaryString) {
|
|
90
79
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
91
80
|
}
|
|
92
81
|
try {
|
|
93
|
-
await TeeSignatureVerifier.validateSignatureTdxAndSnp(
|
|
82
|
+
await TeeSignatureVerifier.validateSignatureTdxAndSnp(mrEnclaveBinaryString);
|
|
94
83
|
}
|
|
95
84
|
catch (err) {
|
|
96
85
|
const message = `Tdx signature is invalid!`;
|
|
@@ -101,4 +90,4 @@ export class TeeCertificateService {
|
|
|
101
90
|
}
|
|
102
91
|
}
|
|
103
92
|
}
|
|
104
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
93
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE1BQU0sWUFBWSxDQUFDO0FBQy9CLE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDekMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQ2hELE9BQU8sRUFBRSxjQUFjLEVBQUUsTUFBTSxxQkFBcUIsQ0FBQztBQUNyRCxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUNuRCxPQUFPLEVBQ0wsYUFBYSxFQUNiLHdDQUF3QyxFQUN4QyxpQ0FBaUMsRUFDakMsbUNBQW1DLEdBQ3BDLE1BQU0sNEJBQTRCLENBQUM7QUFDcEMsT0FBTyxFQUFFLG9CQUFvQixFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDakUsT0FBTyxFQUFFLHFCQUFxQixFQUFFLE1BQU0sYUFBYSxDQUFDO0FBQ3BELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBUzlELE1BQU0sT0FBTyxxQkFBcUI7SUFDZixZQUFZLEdBQUcsNEJBQTRCLENBQUM7SUFFckQsdUJBQXVCLENBQUMsV0FBa0M7UUFDaEUsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLElBQUk7YUFDNUIsS0FBSyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQyxTQUFTLENBQUMsQ0FBQzthQUN2RCxRQUFRLEVBQUUsQ0FBQztRQUVkLE9BQU8sTUFBTSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDN0MsQ0FBQztJQUVELEtBQUssQ0FBQywyQkFBMkIsQ0FDL0IsY0FBK0IsRUFDL0IsU0FBaUI7UUFFakIsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FBQyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUMsY0FBYyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQyxjQUFjLENBQUM7UUFDekYsTUFBTSxXQUFXLEdBQUcsS0FBSyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUN0RCxNQUFNLFVBQVUsR0FBRyxXQUFXLENBQUMsVUFBVSxDQUFDO1FBRTFDLE1BQU0sS0FBSyxHQUFHLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEtBQUssSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQ3JFLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssRUFBRSxRQUFRLENBQUMsQ0FBQztRQUN2RCxNQUFNLFNBQVMsR0FBRyxJQUFJLGNBQWMsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUNoRCxNQUFNLFNBQVMsQ0FBQyxVQUFVLENBQUMsV0FBVyxFQUFFLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDO1FBRW5GLE1BQU0sTUFBTSxHQUFHLElBQUksWUFBWSxFQUFFLENBQUM7UUFDbEMsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNuRCxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUV0RCxPQUFPO1lBQ0wsUUFBUSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUM7WUFDbEQsU0FBUyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQztZQUN4QyxRQUFRLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDO1lBQ3RDLFFBQVEsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUM7U0FDdkMsQ0FBQztJQUNKLENBQUM7SUFFRCxLQUFLLENBQUMsMEJBQTBCLENBQUMsUUFBZ0I7UUFDL0MsTUFBTSxFQUFFLE9BQU8sRUFBRSxZQUFZLEVBQUUsR0FBRyxNQUFNLGtCQUFrQixDQUFDLGlCQUFpQixDQUMxRSxRQUFRLEVBQ1IsZ0JBQWdCLENBQ2pCLENBQUM7UUFDRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLDJCQUEyQixZQUFZLEdBQUcsQ0FBQyxDQUFDO1FBQzlELENBQUM7UUFFRCxNQUFNLFVBQVUsR0FBRyxrQkFBa0IsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDO2FBQzFELE1BQU0sQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFO1lBQ2YsTUFBTSxJQUFJLEdBQUcsSUFBSSxlQUFlLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDdkMsMENBQTBDO1lBQzFDLE9BQU8sSUFBSSxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQUMsT0FBTyxDQUFDO1FBQ3RDLENBQUMsQ0FBQzthQUNELEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQ1osa0JBQWtCLENBQUMsaUJBQWlCLENBQUMsSUFBSSxFQUFFLG1DQUFtQyxDQUFDLEVBQUUsUUFBUSxDQUN2RixRQUFRLENBQ1QsQ0FDRixDQUFDO1FBQ0osSUFBSSxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxDQUFDLFNBQVMsSUFBSSxTQUFTLEtBQUssYUFBYSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7WUFDeEYsTUFBTSxJQUFJLEtBQUssQ0FBQyxvREFBb0QsQ0FBQyxDQUFDO1FBQ3hFLENBQUM7UUFFRCxNQUFNLHFCQUFxQixHQUFHLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUU1QyxRQUFRLHFCQUFxQixFQUFFLENBQUM7WUFDOUIsS0FBSyxhQUFhLENBQUMsT0FBTztnQkFDeEIsSUFBSSxDQUFDLG9CQUFvQixDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUNwQyxNQUFNO1lBQ1IsS0FBSyxhQUFhLENBQUMsR0FBRyxDQUFDO1lBQ3ZCLEtBQUssYUFBYSxDQUFDLE1BQU07Z0JBQ3ZCLE1BQU0sSUFBSSxDQUFDLDBCQUEwQixDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUNoRCxNQUFNO1lBRVI7Z0JBQ0UsTUFBTSxJQUFJLEtBQUssQ0FDYixrQkFBa0IscUJBQXFCLElBQUksUUFBUSw2QkFBNkIsQ0FDakYsQ0FBQztRQUNOLENBQUM7SUFDSCxDQUFDO0lBRU8sb0JBQW9CLENBQUMsT0FBZTtRQUMxQyxNQUFNLG9CQUFvQixHQUFHLGtCQUFrQixDQUFDLGlCQUFpQixDQUMvRCxPQUFPLEVBQ1Asd0NBQXdDLENBQ3pDLENBQUM7UUFDRixJQUFJLENBQUMsb0JBQW9CLEVBQUUsQ0FBQztZQUMxQixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztRQUVELElBQUksQ0FBQztZQUNILG9CQUFvQixDQUFDLG9CQUFvQixDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDbEUsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztJQUNILENBQUM7SUFFTyxLQUFLLENBQUMsMEJBQTBCLENBQUMsT0FBZTtRQUN0RCxNQUFNLHFCQUFxQixHQUFHLGtCQUFrQixDQUFDLGlCQUFpQixDQUNoRSxPQUFPLEVBQ1AsaUNBQWlDLENBQ2xDLENBQUM7UUFDRixJQUFJLENBQUMscUJBQXFCLEVBQUUsQ0FBQztZQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLHlDQUF5QyxDQUFDLENBQUM7UUFDN0QsQ0FBQztRQUVELElBQUksQ0FBQztZQUNILE1BQU0sb0JBQW9CLENBQUMsMEJBQTBCLENBQUMscUJBQXFCLENBQUMsQ0FBQztRQUMvRSxDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLE1BQU0sT0FBTyxHQUFHLDJCQUEyQixDQUFDO1lBQzVDLElBQUksR0FBRyxZQUFZLHFCQUFxQixFQUFFLENBQUM7Z0JBQ3pDLE1BQU0sSUFBSSxLQUFLLENBQUMsR0FBRyxPQUFPLElBQUksR0FBRyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDL0MsQ0FBQztZQUNELE1BQU0sSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDM0IsQ0FBQztJQUNILENBQUM7Q0FDRiJ9
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/sdk-js",
|
|
3
|
-
"version": "3.4.0-beta.
|
|
3
|
+
"version": "3.4.0-beta.16",
|
|
4
4
|
"main": "dist/cjs/index.js",
|
|
5
5
|
"module": "dist/mjs/index.js",
|
|
6
6
|
"exports": {
|
|
@@ -77,7 +77,7 @@
|
|
|
77
77
|
"object-hash": "^3.0.0",
|
|
78
78
|
"p-queue": "6.6.2",
|
|
79
79
|
"pino": "^7.2.0",
|
|
80
|
-
"pkijs": "^3.
|
|
80
|
+
"pkijs": "^3.2.4",
|
|
81
81
|
"protobufjs": "^6.11.2",
|
|
82
82
|
"ua-parser-js": "^1.0.37",
|
|
83
83
|
"uuid": "^9.0.1",
|