@super-protocol/sdk-js 3.4.0-beta.16 → 3.4.0-beta.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/constants.d.ts +0 -5
- package/dist/cjs/constants.js +2 -7
- package/dist/cjs/index.d.ts +0 -1
- package/dist/cjs/index.js +1 -2
- package/dist/cjs/tee/OrderReportService.d.ts +3 -0
- package/dist/cjs/tee/OrderReportService.js +28 -12
- package/dist/cjs/tee/TeeCertificateService.d.ts +4 -0
- package/dist/cjs/tee/TeeCertificateService.js +34 -23
- package/dist/cjs/utils/TxManager.js +16 -27
- package/dist/mjs/constants.d.ts +0 -5
- package/dist/mjs/constants.js +1 -6
- package/dist/mjs/index.d.ts +0 -1
- package/dist/mjs/index.js +1 -2
- package/dist/mjs/tee/OrderReportService.d.ts +3 -0
- package/dist/mjs/tee/OrderReportService.js +29 -13
- package/dist/mjs/tee/TeeCertificateService.d.ts +4 -0
- package/dist/mjs/tee/TeeCertificateService.js +34 -23
- package/dist/mjs/utils/TxManager.js +17 -28
- package/package.json +2 -2
- package/dist/cjs/certificates/crl.d.ts +0 -6
- package/dist/cjs/certificates/crl.js +0 -66
- package/dist/cjs/certificates/helper.d.ts +0 -21
- package/dist/cjs/certificates/helper.js +0 -161
- package/dist/cjs/certificates/index.d.ts +0 -2
- package/dist/cjs/certificates/index.js +0 -19
- package/dist/cjs/certificates/ocsp.d.ts +0 -9
- package/dist/cjs/certificates/ocsp.js +0 -124
- package/dist/cjs/certificates/types.d.ts +0 -4
- package/dist/cjs/certificates/types.js +0 -3
- package/dist/mjs/certificates/crl.d.ts +0 -6
- package/dist/mjs/certificates/crl.js +0 -39
- package/dist/mjs/certificates/helper.d.ts +0 -21
- package/dist/mjs/certificates/helper.js +0 -131
- package/dist/mjs/certificates/index.d.ts +0 -2
- package/dist/mjs/certificates/index.js +0 -3
- package/dist/mjs/certificates/ocsp.d.ts +0 -9
- package/dist/mjs/certificates/ocsp.js +0 -94
- package/dist/mjs/certificates/types.d.ts +0 -4
- package/dist/mjs/certificates/types.js +0 -2
|
@@ -1,19 +1,20 @@
|
|
|
1
|
+
import forge from 'node-forge';
|
|
1
2
|
import { promisify } from 'util';
|
|
2
3
|
import zlib from 'zlib';
|
|
3
4
|
import { Encoding, } from '@super-protocol/dto-js';
|
|
4
5
|
import { OrderReportProto } from '../proto/OrderReport.js';
|
|
5
|
-
import { OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH } from '../constants.js';
|
|
6
|
-
import { calculateObjectHash } from '../utils/helpers/calculateObjectHash.js';
|
|
7
|
-
import { CertificatesHelper } from '../certificates/helper.js';
|
|
8
6
|
import { TeeCertificateService } from './TeeCertificateService.js';
|
|
7
|
+
import { OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH, SUPERPROTOCOL_CA, } from '../constants.js';
|
|
8
|
+
import { calculateObjectHash } from '../utils/helpers/calculateObjectHash.js';
|
|
9
9
|
const gzipPromise = promisify(zlib.gzip);
|
|
10
10
|
const unzipPromise = promisify(zlib.unzip);
|
|
11
|
+
const rootCertDer = Buffer.from(forge.pki.pemToDer(SUPERPROTOCOL_CA).bytes(), 'binary');
|
|
11
12
|
export class OrderReportService {
|
|
13
|
+
static teeCertificateService = new TeeCertificateService();
|
|
12
14
|
static async encode(orderReport) {
|
|
13
|
-
const
|
|
14
|
-
const certsDer = CertificatesHelper.pemChainToDer(certs);
|
|
15
|
+
const certsDer = this.certsToDerArray(orderReport.certificate);
|
|
15
16
|
const orderReportProto = {
|
|
16
|
-
certificates: certsDer,
|
|
17
|
+
certificates: this.removeRootCertificateFromChain(certsDer),
|
|
17
18
|
workloadInfo: {
|
|
18
19
|
runtimeInfo: orderReport.workloadInfo.runtimeInfo.map((ri) => ({
|
|
19
20
|
type: ri.type,
|
|
@@ -32,7 +33,14 @@ export class OrderReportService {
|
|
|
32
33
|
static async decode(encodedOrderReport) {
|
|
33
34
|
const decompressed = await unzipPromise(encodedOrderReport);
|
|
34
35
|
const orderReportProto = OrderReportProto.decode(decompressed);
|
|
35
|
-
const certsPem =
|
|
36
|
+
const certsPem = orderReportProto.certificates.map((derCert) => forge.pem.encode({
|
|
37
|
+
contentDomain: null,
|
|
38
|
+
dekInfo: null,
|
|
39
|
+
headers: [],
|
|
40
|
+
procType: null,
|
|
41
|
+
type: 'CERTIFICATE',
|
|
42
|
+
body: Buffer.from(derCert).toString('binary'),
|
|
43
|
+
}));
|
|
36
44
|
if (!orderReportProto.workloadInfo) {
|
|
37
45
|
throw new Error(`Wrong order report! Missing workloadInfo`);
|
|
38
46
|
}
|
|
@@ -51,26 +59,34 @@ export class OrderReportService {
|
|
|
51
59
|
return result;
|
|
52
60
|
});
|
|
53
61
|
return {
|
|
54
|
-
certificate: certsPem,
|
|
62
|
+
certificate: certsPem.join('').trim(),
|
|
55
63
|
workloadInfo: {
|
|
56
64
|
runtimeInfo,
|
|
57
65
|
created: orderReportProto.workloadInfo.created,
|
|
58
66
|
},
|
|
59
67
|
};
|
|
60
68
|
}
|
|
69
|
+
static removeRootCertificateFromChain(certsDer) {
|
|
70
|
+
return certsDer.filter((certDer) => !certDer.equals(rootCertDer));
|
|
71
|
+
}
|
|
61
72
|
static async validateOrderReport(orderReport) {
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
const workloadInfoHashFromCert = CertificatesHelper.getExtensionValue(orderReport.certificate, OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
73
|
+
await this.teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
74
|
+
const workloadInfoHashFromCert = this.teeCertificateService.getExtensionValue(orderReport.certificate, OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
65
75
|
if (!workloadInfoHashFromCert) {
|
|
66
76
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
67
77
|
}
|
|
68
78
|
const workloadInfoHash = await calculateObjectHash(orderReport.workloadInfo);
|
|
69
|
-
const isHashMatch = Buffer.compare(workloadInfoHashFromCert, Buffer.from(workloadInfoHash.hash, workloadInfoHash.encoding)) === 0;
|
|
79
|
+
const isHashMatch = Buffer.compare(Buffer.from(workloadInfoHashFromCert, 'binary'), Buffer.from(workloadInfoHash.hash, workloadInfoHash.encoding)) === 0;
|
|
70
80
|
if (!isHashMatch) {
|
|
71
81
|
throw new Error(`WorkloadInfoHash in the certificate doesn't match the WorkloadInfoHash in the orderReport`);
|
|
72
82
|
}
|
|
73
83
|
}
|
|
84
|
+
static certsToDerArray(certificate) {
|
|
85
|
+
const certs = this.teeCertificateService.splitPemCerts(certificate);
|
|
86
|
+
return certs.map((pemCert) => {
|
|
87
|
+
return Buffer.from(forge.pki.pemToDer(pemCert).bytes(), 'binary');
|
|
88
|
+
});
|
|
89
|
+
}
|
|
74
90
|
static hashToBinary(hash) {
|
|
75
91
|
if (!hash) {
|
|
76
92
|
return;
|
|
@@ -91,4 +107,4 @@ export class OrderReportService {
|
|
|
91
107
|
};
|
|
92
108
|
}
|
|
93
109
|
}
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
110
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE1BQU0sWUFBWSxDQUFDO0FBQy9CLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxNQUFNLENBQUM7QUFDakMsT0FBTyxJQUFJLE1BQU0sTUFBTSxDQUFDO0FBQ3hCLE9BQU8sRUFDTCxRQUFRLEdBTVQsTUFBTSx3QkFBd0IsQ0FBQztBQUdoQyxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUMzRCxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUNuRSxPQUFPLEVBQ0wsb0RBQW9ELEVBQ3BELGdCQUFnQixHQUNqQixNQUFNLGlCQUFpQixDQUFDO0FBQ3pCLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBRTlFLE1BQU0sV0FBVyxHQUFHLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDekMsTUFBTSxZQUFZLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUMzQyxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUUsUUFBUSxDQUFDLENBQUM7QUFFeEYsTUFBTSxPQUFPLGtCQUFrQjtJQUNyQixNQUFNLENBQVUscUJBQXFCLEdBQUcsSUFBSSxxQkFBcUIsRUFBRSxDQUFDO0lBRTVFLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLFdBQXdCO1FBQzFDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRS9ELE1BQU0sZ0JBQWdCLEdBQXFCO1lBQ3pDLFlBQVksRUFBRSxJQUFJLENBQUMsOEJBQThCLENBQUMsUUFBUSxDQUFDO1lBQzNELFlBQVksRUFBRTtnQkFDWixXQUFXLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO29CQUM3RCxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJO29CQUNiLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7b0JBQ2hDLGdCQUFnQixFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDO29CQUN4RCxRQUFRLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDO2lCQUN6QyxDQUFDLENBQUM7Z0JBQ0gsT0FBTyxFQUFFLFdBQVcsQ0FBQyxZQUFZLENBQUMsT0FBTzthQUMxQztTQUNGLENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxNQUFNLFdBQVcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUU1RCxPQUFPLFVBQVUsQ0FBQztJQUNwQixDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsa0JBQTBCO1FBQzVDLE1BQU0sWUFBWSxHQUFHLE1BQU0sWUFBWSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDNUQsTUFBTSxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFL0QsTUFBTSxRQUFRLEdBQUcsZ0JBQWdCLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQzdELEtBQUssQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDO1lBQ2YsYUFBYSxFQUFFLElBQUk7WUFDbkIsT0FBTyxFQUFFLElBQUk7WUFDYixPQUFPLEVBQUUsRUFBRTtZQUNYLFFBQVEsRUFBRSxJQUFJO1lBQ2QsSUFBSSxFQUFFLGFBQWE7WUFDbkIsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztTQUM5QyxDQUFDLENBQ0gsQ0FBQztRQUVGLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNuQyxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7UUFDOUQsQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFrQixnQkFBZ0IsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFO1lBQzNGLE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFlO2dCQUM3QixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQUk7Z0JBQ2xCLElBQUksRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBRTthQUMzQyxDQUFDO1lBQ0YsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDN0IsTUFBTSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUM1RSxDQUFDO1lBQ0QsSUFBSSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3JCLE1BQU0sQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUM1RCxDQUFDO1lBQ0QsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPO1lBQ0wsV0FBVyxFQUFFLFFBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFO1lBQ3JDLFlBQVksRUFBRTtnQkFDWixXQUFXO2dCQUNYLE9BQU8sRUFBRSxnQkFBZ0IsQ0FBQyxZQUFhLENBQUMsT0FBTzthQUNoRDtTQUNGLENBQUM7SUFDSixDQUFDO0lBRUQsTUFBTSxDQUFDLDhCQUE4QixDQUFDLFFBQWtCO1FBQ3RELE9BQU8sUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7SUFDcEUsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQUMsV0FBd0I7UUFDdkQsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsMEJBQTBCLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRXJGLE1BQU0sd0JBQXdCLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGlCQUFpQixDQUMzRSxXQUFXLENBQUMsV0FBVyxFQUN2QixvREFBb0QsQ0FDckQsQ0FBQztRQUNGLElBQUksQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1lBQzlCLE1BQU0sSUFBSSxLQUFLLENBQUMsNkNBQTZDLENBQUMsQ0FBQztRQUNqRSxDQUFDO1FBQ0QsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLG1CQUFtQixDQUFDLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUU3RSxNQUFNLFdBQVcsR0FDZixNQUFNLENBQUMsT0FBTyxDQUNaLE1BQU0sQ0FBQyxJQUFJLENBQUMsd0JBQXdCLEVBQUUsUUFBUSxDQUFDLEVBQy9DLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUM5RCxLQUFLLENBQUMsQ0FBQztRQUNWLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUNiLDJGQUEyRixDQUM1RixDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsZUFBZSxDQUFDLFdBQW1CO1FBQ2hELE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxhQUFhLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFcEUsT0FBTyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUU7WUFDM0IsT0FBTyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQ3BFLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVPLE1BQU0sQ0FBQyxZQUFZLENBQUMsSUFBVztRQUNyQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDVixPQUFPO1FBQ1QsQ0FBQztRQUVELE9BQU87WUFDTCxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDZixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUM7U0FDNUMsQ0FBQztJQUNKLENBQUM7SUFFTyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsVUFBa0M7UUFDaEUsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ2hCLE9BQU87UUFDVCxDQUFDO1FBRUQsT0FBTztZQUNMLElBQUksRUFBRSxVQUFVLENBQUMsSUFBcUI7WUFDdEMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDO1lBQ3pELFFBQVEsRUFBRSxRQUFRLENBQUMsR0FBRztTQUN2QixDQUFDO0lBQ0osQ0FBQyJ9
|
|
@@ -9,6 +9,10 @@ export declare class TeeCertificateService {
|
|
|
9
9
|
private readonly certOidQuote;
|
|
10
10
|
private getCertificatePublicKey;
|
|
11
11
|
parseAndValidateCertificate(certificatePem: string | Buffer, sgxApiUrl: string): Promise<ParseTlsCertificateResult>;
|
|
12
|
+
fromRawToPem(data: Uint8Array): string;
|
|
13
|
+
splitPemCerts(certs: string): string[];
|
|
14
|
+
validateCertChain(certsPem: string, caPem: string): boolean;
|
|
15
|
+
getExtensionValue(certPem: string, oid: string): string | undefined;
|
|
12
16
|
validateTeeReportCertChain(certsPem: string): Promise<void>;
|
|
13
17
|
private validateChallengeSgx;
|
|
14
18
|
private validateChallengeTdxAndSnp;
|
|
@@ -1,12 +1,10 @@
|
|
|
1
1
|
import forge from 'node-forge';
|
|
2
|
-
import { X509Certificate } from 'crypto';
|
|
3
2
|
import { TeeSgxParser } from './QuoteParser.js';
|
|
4
3
|
import { QuoteValidator } from './QuoteValidator.js';
|
|
5
4
|
import { SUPERPROTOCOL_CA } from '../constants.js';
|
|
6
5
|
import { ChallengeType, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID, OID_CUSTOM_EXTENSION_CHALLENGE_ID, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE, } from '@super-protocol/pki-common';
|
|
7
6
|
import { TeeSignatureVerifier } from './TeeSignatureVerifier.js';
|
|
8
7
|
import { InvalidSignatureError } from './errors.js';
|
|
9
|
-
import { CertificatesHelper } from '../certificates/index.js';
|
|
10
8
|
export class TeeCertificateService {
|
|
11
9
|
certOidQuote = '0.6.9.42.840.113741.1337.6';
|
|
12
10
|
getCertificatePublicKey(certificate) {
|
|
@@ -33,23 +31,36 @@ export class TeeCertificateService {
|
|
|
33
31
|
dataHash: Buffer.from(report.dataHash),
|
|
34
32
|
};
|
|
35
33
|
}
|
|
36
|
-
|
|
37
|
-
const
|
|
38
|
-
|
|
39
|
-
|
|
34
|
+
fromRawToPem(data) {
|
|
35
|
+
const base64 = Buffer.from(data).toString('base64');
|
|
36
|
+
return `-----BEGIN CERTIFICATE-----\n${base64.match(/.{1,64}/g).join('\n')}\n-----END CERTIFICATE-----`;
|
|
37
|
+
}
|
|
38
|
+
splitPemCerts(certs) {
|
|
39
|
+
const pemRegex = /(-----BEGIN CERTIFICATE-----[\s\S]*?-----END CERTIFICATE-----)/g;
|
|
40
|
+
return certs.match(pemRegex) || [];
|
|
41
|
+
}
|
|
42
|
+
validateCertChain(certsPem, caPem) {
|
|
43
|
+
const certs = this.splitPemCerts(certsPem).map((cert) => forge.pki.certificateFromPem(cert));
|
|
44
|
+
const ca = forge.pki.certificateFromPem(caPem);
|
|
45
|
+
try {
|
|
46
|
+
return forge.pki.verifyCertificateChain(forge.pki.createCaStore([ca]), certs);
|
|
40
47
|
}
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
48
|
+
catch (err) {
|
|
49
|
+
return false;
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
getExtensionValue(certPem, oid) {
|
|
53
|
+
const cert = forge.pki.certificateFromPem(certPem);
|
|
54
|
+
const extension = cert.extensions.find((ext) => ext.id === oid);
|
|
55
|
+
return extension?.value;
|
|
56
|
+
}
|
|
57
|
+
async validateTeeReportCertChain(certsPem) {
|
|
58
|
+
const isCertChainValid = this.validateCertChain(certsPem, SUPERPROTOCOL_CA);
|
|
59
|
+
if (!isCertChainValid) {
|
|
60
|
+
throw new Error(`Cert chain is invalid!`);
|
|
50
61
|
}
|
|
51
|
-
const
|
|
52
|
-
switch (
|
|
62
|
+
const challengeType = this.getExtensionValue(certsPem, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE);
|
|
63
|
+
switch (challengeType) {
|
|
53
64
|
case ChallengeType.SGXDCAP:
|
|
54
65
|
this.validateChallengeSgx(certsPem);
|
|
55
66
|
break;
|
|
@@ -58,28 +69,28 @@ export class TeeCertificateService {
|
|
|
58
69
|
await this.validateChallengeTdxAndSnp(certsPem);
|
|
59
70
|
break;
|
|
60
71
|
default:
|
|
61
|
-
throw new Error(`Challenge type ${
|
|
72
|
+
throw new Error(`Challenge type ${challengeType || `[none]`} is missing or not allowed!`);
|
|
62
73
|
}
|
|
63
74
|
}
|
|
64
75
|
validateChallengeSgx(certPem) {
|
|
65
|
-
const mrSignerBinaryString =
|
|
76
|
+
const mrSignerBinaryString = this.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
66
77
|
if (!mrSignerBinaryString) {
|
|
67
78
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
68
79
|
}
|
|
69
80
|
try {
|
|
70
|
-
TeeSignatureVerifier.validateSignatureSgx(mrSignerBinaryString);
|
|
81
|
+
TeeSignatureVerifier.validateSignatureSgx(Buffer.from(mrSignerBinaryString, 'binary'));
|
|
71
82
|
}
|
|
72
83
|
catch (err) {
|
|
73
84
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
74
85
|
}
|
|
75
86
|
}
|
|
76
87
|
async validateChallengeTdxAndSnp(certPem) {
|
|
77
|
-
const mrEnclaveBinaryString =
|
|
88
|
+
const mrEnclaveBinaryString = this.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
78
89
|
if (!mrEnclaveBinaryString) {
|
|
79
90
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
80
91
|
}
|
|
81
92
|
try {
|
|
82
|
-
await TeeSignatureVerifier.validateSignatureTdxAndSnp(mrEnclaveBinaryString);
|
|
93
|
+
await TeeSignatureVerifier.validateSignatureTdxAndSnp(Buffer.from(mrEnclaveBinaryString, 'binary'));
|
|
83
94
|
}
|
|
84
95
|
catch (err) {
|
|
85
96
|
const message = `Tdx signature is invalid!`;
|
|
@@ -90,4 +101,4 @@ export class TeeCertificateService {
|
|
|
90
101
|
}
|
|
91
102
|
}
|
|
92
103
|
}
|
|
93
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
104
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE1BQU0sWUFBWSxDQUFDO0FBQy9CLE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxrQkFBa0IsQ0FBQztBQUNoRCxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0scUJBQXFCLENBQUM7QUFDckQsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDbkQsT0FBTyxFQUNMLGFBQWEsRUFDYix3Q0FBd0MsRUFDeEMsaUNBQWlDLEVBQ2pDLG1DQUFtQyxHQUNwQyxNQUFNLDRCQUE0QixDQUFDO0FBQ3BDLE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQ2pFLE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQVNwRCxNQUFNLE9BQU8scUJBQXFCO0lBQ2YsWUFBWSxHQUFHLDRCQUE0QixDQUFDO0lBRXJELHVCQUF1QixDQUFDLFdBQWtDO1FBQ2hFLE1BQU0sWUFBWSxHQUFHLEtBQUssQ0FBQyxJQUFJO2FBQzVCLEtBQUssQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxXQUFXLENBQUMsU0FBUyxDQUFDLENBQUM7YUFDdkQsUUFBUSxFQUFFLENBQUM7UUFFZCxPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBQzdDLENBQUM7SUFFRCxLQUFLLENBQUMsMkJBQTJCLENBQy9CLGNBQStCLEVBQy9CLFNBQWlCO1FBRWpCLE1BQU0sR0FBRyxHQUFHLE1BQU0sQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDLENBQUMsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLENBQUMsY0FBYyxDQUFDO1FBQ3pGLE1BQU0sV0FBVyxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDdEQsTUFBTSxVQUFVLEdBQUcsV0FBVyxDQUFDLFVBQVUsQ0FBQztRQUUxQyxNQUFNLEtBQUssR0FBRyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsRUFBRSxLQUFLLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUNyRSxNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxLQUFLLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDdkQsTUFBTSxTQUFTLEdBQUcsSUFBSSxjQUFjLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDaEQsTUFBTSxTQUFTLENBQUMsVUFBVSxDQUFDLFdBQVcsRUFBRSxJQUFJLENBQUMsdUJBQXVCLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQztRQUVuRixNQUFNLE1BQU0sR0FBRyxJQUFJLFlBQVksRUFBRSxDQUFDO1FBQ2xDLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDbkQsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLFdBQVcsQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFdEQsT0FBTztZQUNMLFFBQVEsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDO1lBQ2xELFNBQVMsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxTQUFTLENBQUM7WUFDeEMsUUFBUSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQztZQUN0QyxRQUFRLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDO1NBQ3ZDLENBQUM7SUFDSixDQUFDO0lBRUQsWUFBWSxDQUFDLElBQWdCO1FBQzNCLE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3BELE9BQU8sZ0NBQWdDLE1BQU0sQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyw2QkFBNkIsQ0FBQztJQUMzRyxDQUFDO0lBRUQsYUFBYSxDQUFDLEtBQWE7UUFDekIsTUFBTSxRQUFRLEdBQUcsaUVBQWlFLENBQUM7UUFDbkYsT0FBTyxLQUFLLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEVBQUUsQ0FBQztJQUNyQyxDQUFDO0lBRUQsaUJBQWlCLENBQUMsUUFBZ0IsRUFBRSxLQUFhO1FBQy9DLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7UUFDN0YsTUFBTSxFQUFFLEdBQUcsS0FBSyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUUvQyxJQUFJLENBQUM7WUFDSCxPQUFPLEtBQUssQ0FBQyxHQUFHLENBQUMsc0JBQXNCLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxhQUFhLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ2hGLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0lBQ0gsQ0FBQztJQUVELGlCQUFpQixDQUFDLE9BQWUsRUFBRSxHQUFXO1FBQzVDLE1BQU0sSUFBSSxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDbkQsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEtBQUssR0FBRyxDQUFDLENBQUM7UUFDaEUsT0FBTyxTQUFTLEVBQUUsS0FBSyxDQUFDO0lBQzFCLENBQUM7SUFFRCxLQUFLLENBQUMsMEJBQTBCLENBQUMsUUFBZ0I7UUFDL0MsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsUUFBUSxFQUFFLGdCQUFnQixDQUFDLENBQUM7UUFDNUUsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDdEIsTUFBTSxJQUFJLEtBQUssQ0FBQyx3QkFBd0IsQ0FBQyxDQUFDO1FBQzVDLENBQUM7UUFFRCxNQUFNLGFBQWEsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsUUFBUSxFQUFFLG1DQUFtQyxDQUFDLENBQUM7UUFFNUYsUUFBUSxhQUFhLEVBQUUsQ0FBQztZQUN0QixLQUFLLGFBQWEsQ0FBQyxPQUFPO2dCQUN4QixJQUFJLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQ3BDLE1BQU07WUFDUixLQUFLLGFBQWEsQ0FBQyxHQUFHLENBQUM7WUFDdkIsS0FBSyxhQUFhLENBQUMsTUFBTTtnQkFDdkIsTUFBTSxJQUFJLENBQUMsMEJBQTBCLENBQUMsUUFBUSxDQUFDLENBQUM7Z0JBQ2hELE1BQU07WUFFUjtnQkFDRSxNQUFNLElBQUksS0FBSyxDQUFDLGtCQUFrQixhQUFhLElBQUksUUFBUSw2QkFBNkIsQ0FBQyxDQUFDO1FBQzlGLENBQUM7SUFDSCxDQUFDO0lBRU8sb0JBQW9CLENBQUMsT0FBZTtRQUMxQyxNQUFNLG9CQUFvQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDakQsT0FBTyxFQUNQLHdDQUF3QyxDQUN6QyxDQUFDO1FBQ0YsSUFBSSxDQUFDLG9CQUFvQixFQUFFLENBQUM7WUFDMUIsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxvQkFBb0IsQ0FBQyxvQkFBb0IsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLG9CQUFvQixFQUFFLFFBQVEsQ0FBQyxDQUFDLENBQUM7UUFDekYsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztJQUNILENBQUM7SUFFTyxLQUFLLENBQUMsMEJBQTBCLENBQUMsT0FBZTtRQUN0RCxNQUFNLHFCQUFxQixHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FDbEQsT0FBTyxFQUNQLGlDQUFpQyxDQUNsQyxDQUFDO1FBQ0YsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDM0IsTUFBTSxJQUFJLEtBQUssQ0FBQyx5Q0FBeUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxNQUFNLG9CQUFvQixDQUFDLDBCQUEwQixDQUNuRCxNQUFNLENBQUMsSUFBSSxDQUFDLHFCQUFxQixFQUFFLFFBQVEsQ0FBQyxDQUM3QyxDQUFDO1FBQ0osQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLE9BQU8sR0FBRywyQkFBMkIsQ0FBQztZQUM1QyxJQUFJLEdBQUcsWUFBWSxxQkFBcUIsRUFBRSxDQUFDO2dCQUN6QyxNQUFNLElBQUksS0FBSyxDQUFDLEdBQUcsT0FBTyxJQUFJLEdBQUcsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQy9DLENBQUM7WUFDRCxNQUFNLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzNCLENBQUM7SUFDSCxDQUFDO0NBQ0YifQ==
|
|
@@ -3,7 +3,7 @@ import rootLogger from '../logger.js';
|
|
|
3
3
|
import store from '../store.js';
|
|
4
4
|
import { checkForUsingExternalTxManager, checkIfActionAccountInitialized, createTransactionOptions, multiplyBigIntByNumber, } from './helper.js';
|
|
5
5
|
import Superpro from '../staticModels/Superpro.js';
|
|
6
|
-
import { BLOCKCHAIN_CALL_RETRY_ATTEMPTS, BLOCKCHAIN_CALL_RETRY_INTERVAL
|
|
6
|
+
import { BLOCKCHAIN_CALL_RETRY_ATTEMPTS, BLOCKCHAIN_CALL_RETRY_INTERVAL } from '../constants.js';
|
|
7
7
|
import lodash from 'lodash';
|
|
8
8
|
import Bottleneck from 'bottleneck';
|
|
9
9
|
import { tryWithInterval } from './helpers/tryWithInterval.js';
|
|
@@ -122,36 +122,25 @@ class TxManager {
|
|
|
122
122
|
maxPriorityFeePerGas,
|
|
123
123
|
maxFeePerGas,
|
|
124
124
|
};
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
catch (e) {
|
|
131
|
-
TxManager.logger.debug({ error: e }, 'Fail to calculate estimated gas');
|
|
132
|
-
estimatedGas = defaultGasLimit;
|
|
133
|
-
}
|
|
125
|
+
if (transactionOptions.gas) {
|
|
126
|
+
TxManager.logger.warn({
|
|
127
|
+
specifiedGas: transactionOptions.gas,
|
|
128
|
+
}, 'Gas overriding');
|
|
129
|
+
txData.gas = transactionOptions.gas;
|
|
134
130
|
}
|
|
135
131
|
else {
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
132
|
+
let estimatedGas;
|
|
133
|
+
const txDataForEstimate = {
|
|
134
|
+
...txData,
|
|
135
|
+
gas: undefined,
|
|
136
|
+
};
|
|
137
|
+
if (transactionCall) {
|
|
138
|
+
estimatedGas = await transactionCall.estimateGas(txDataForEstimate);
|
|
142
139
|
}
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
// defaultGasLimit is max gas limit
|
|
146
|
-
txData.gas = txData.gas < defaultGasLimit ? txData.gas : defaultGasLimit;
|
|
147
|
-
if (transactionOptions.gas) {
|
|
148
|
-
if (transactionOptions.gas < estimatedGas) {
|
|
149
|
-
TxManager.logger.warn({
|
|
150
|
-
estimated: estimatedGas,
|
|
151
|
-
specified: transactionOptions.gas,
|
|
152
|
-
}, 'Overriding gas is lower than estimated');
|
|
140
|
+
else {
|
|
141
|
+
estimatedGas = await store.web3Https.eth.estimateGas(txDataForEstimate);
|
|
153
142
|
}
|
|
154
|
-
txData.gas =
|
|
143
|
+
txData.gas = multiplyBigIntByNumber(estimatedGas, store.gasLimitMultiplier);
|
|
155
144
|
}
|
|
156
145
|
let nonceTracker;
|
|
157
146
|
// TODO: Consider a better way to organize different strategies for publishing transactions.
|
|
@@ -204,4 +193,4 @@ class TxManager {
|
|
|
204
193
|
}
|
|
205
194
|
}
|
|
206
195
|
export default TxManager;
|
|
207
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
196
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVHhNYW5hZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3V0aWxzL1R4TWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLFlBQVksTUFBTSxtQkFBbUIsQ0FBQztBQUM3QyxPQUFPLFVBQVUsTUFBTSxjQUFjLENBQUM7QUFDdEMsT0FBTyxLQUFLLE1BQU0sYUFBYSxDQUFDO0FBUWhDLE9BQU8sRUFDTCw4QkFBOEIsRUFDOUIsK0JBQStCLEVBQy9CLHdCQUF3QixFQUN4QixzQkFBc0IsR0FDdkIsTUFBTSxhQUFhLENBQUM7QUFDckIsT0FBTyxRQUFRLE1BQU0sNkJBQTZCLENBQUM7QUFDbkQsT0FBTyxFQUFFLDhCQUE4QixFQUFFLDhCQUE4QixFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDakcsT0FBTyxNQUFNLE1BQU0sUUFBUSxDQUFDO0FBRTVCLE9BQU8sVUFBVSxNQUFNLFlBQVksQ0FBQztBQUVwQyxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sOEJBQThCLENBQUM7QUFRL0QsTUFBTSxvQkFBcUIsU0FBUSxLQUFLO0lBQ3RCLGFBQWEsQ0FBVTtJQUN2QyxZQUFZLGFBQXNCLEVBQUUsT0FBZTtRQUNqRCxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDZixJQUFJLENBQUMsSUFBSSxHQUFHLHNCQUFzQixDQUFDO1FBQ25DLElBQUksQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDO0lBQ3JDLENBQUM7Q0FDRjtBQUVELE1BQU0sT0FBTyxpQ0FBa0MsU0FBUSxvQkFBb0I7SUFDekUsWUFBWSxhQUFzQixFQUFFLE9BQWU7UUFDakQsS0FBSyxDQUFDLGFBQWEsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5QixJQUFJLENBQUMsSUFBSSxHQUFHLG1DQUFtQyxDQUFDO0lBQ2xELENBQUM7Q0FDRjtBQUlELE1BQU0sU0FBUztJQUNMLE1BQU0sQ0FBQyxJQUFJLENBQU87SUFDbEIsTUFBTSxDQUFDLHlCQUF5QixDQUFVO0lBQzFDLE1BQU0sQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQzdELE1BQU0sQ0FBQyxhQUFhLEdBQXdDLEVBQUUsQ0FBQztJQUMvRCxNQUFNLENBQUMsTUFBTSxHQUFzQyxFQUFFLENBQUM7SUFDdkQsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFVLEVBQUUsNEJBQXFDLEtBQUs7UUFDdkUsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7UUFDakIsSUFBSSxDQUFDLHlCQUF5QixHQUFHLHlCQUF5QixDQUFDO0lBQzdELENBQUM7SUFFTyxNQUFNLENBQUMsa0JBQWtCO1FBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZixNQUFNLEtBQUssQ0FBQywrQ0FBK0MsQ0FBQyxDQUFDO1FBQy9ELENBQUM7SUFDSCxDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBZTtRQUM3QyxJQUFJLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDO1lBQUUsT0FBTztRQUN4QyxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxHQUFHLElBQUksWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDbkUsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDLFdBQVcsRUFBRSxDQUFDO0lBQ2xELENBQUM7SUFFTSxNQUFNLENBQUMsT0FBTyxDQUNuQixXQUFtQyxFQUNuQyxrQkFBdUMsRUFDdkMsS0FBYSxRQUFRLENBQUMsT0FBTztRQUU3QixNQUFNLE1BQU0sR0FBMkI7WUFDckMsRUFBRTtZQUNGLElBQUksRUFBRSxXQUFXLENBQUMsU0FBUyxFQUFFO1NBQzlCLENBQUM7UUFFRixPQUFPLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEVBQUUsa0JBQWtCLEVBQUUsV0FBVyxDQUFDLENBQUM7SUFDL0UsQ0FBQztJQUVNLE1BQU0sQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQ3BDLE1BQThCLEVBQzlCLGtCQUF1QyxFQUN2QyxlQUF3QztRQUV4QyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztRQUMxQiwrQkFBK0IsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBRXBELE1BQU0sU0FBUyxHQUFHLE1BQU0sd0JBQXdCLENBQUMsSUFBSSxDQUFDLHlCQUF5QixFQUFFO1lBQy9FLEdBQUcsa0JBQWtCO1NBQ3RCLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDcEIsTUFBTSxLQUFLLENBQ1QsNkZBQTZGLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBOEI7WUFDbEQsR0FBSSxTQUF3QztZQUM1QyxJQUFJLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxJQUFJLElBQUksQ0FBQyxJQUFJO1lBQzNDLG9CQUFvQixFQUFFLDhCQUE4QixDQUFDLGtCQUFrQixDQUFDO1NBQ3pFLENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBSSxVQUFVLENBQUM7Z0JBQ2xELGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYTtnQkFDbEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxZQUFZO2FBQzVCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFFRCxJQUFJLHFCQUFxQixDQUFDO1FBQzFCLElBQUksSUFBSSxDQUFDLHlCQUF5QixFQUFFLENBQUM7WUFDbkMscUJBQXFCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLENBQ3ZFLFNBQVMsQ0FBQywyQkFBMkIsQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLENBQUMsQ0FDaEUsQ0FBQztRQUNKLENBQUM7YUFBTSxDQUFDO1lBQ04scUJBQXFCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLENBQ3ZFLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLEVBQUUsZUFBZSxDQUFDLENBQ3pFLENBQUM7UUFDSixDQUFDO1FBQ0QsT0FBTyxxQkFBcUIsQ0FBQztJQUMvQixDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQywyQkFBMkIsQ0FDOUMsTUFBOEIsRUFDOUIsa0JBQTZDO1FBRTdDLE1BQU0sRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLEdBQUcsa0JBQWtCLENBQUM7UUFFMUMsTUFBTSxtQkFBbUIsR0FBRztZQUMxQixJQUFJLEVBQUUsSUFBSTtZQUNWLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRTtZQUNiLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSTtZQUNqQixLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7U0FDcEIsQ0FBQztRQUNGLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUNwQjtZQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUMsTUFBTSxDQUFDLENBQUM7U0FDbkQsRUFDRCxpQ0FBaUMsQ0FDbEMsQ0FBQztRQUNGLE1BQU0sTUFBTSxHQUFHLENBQUMsTUFBTSxJQUFLLENBQUMsUUFBUyxDQUFDLE9BQU8sQ0FBQztZQUM1QyxNQUFNLEVBQUUscUJBQXFCO1lBQzdCLE1BQU0sRUFBRSxDQUFDLG1CQUFtQixDQUFDO1NBQzlCLENBQUMsQ0FBa0IsQ0FBQztRQUVyQixNQUFNLHFCQUFxQixHQUFHLE1BQU0sZUFBZSxDQUFDO1lBQ2xELE9BQU8sRUFBRSxLQUFLLElBQUksRUFBRSxDQUFDLE1BQU0sSUFBSyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUM7WUFDbEUsV0FBVyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUU7Z0JBQ3RCLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3pDLENBQUM7WUFDRCxhQUFhLEVBQUUsOEJBQThCO1lBQzdDLFFBQVEsRUFBRSw4QkFBOEI7U0FDekMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxxQkFBcUIsQ0FBQztJQUMvQixDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQ3hCLFdBQW1DLEVBQ25DLGtCQUF1QztRQUV2QyxNQUFNLElBQUksR0FBRyxrQkFBa0IsRUFBRSxJQUFJLElBQUksS0FBSyxDQUFDLGFBQWEsQ0FBQztRQUU3RCxJQUFJLENBQUM7WUFDSCxPQUFPLE1BQU0sV0FBVyxDQUFDLElBQUksQ0FBQyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7UUFDMUMsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDVixDQUFpQixDQUFDLFVBQVUsR0FBSSxDQUFjLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSx5QkFBeUIsQ0FBQztZQUMxRixNQUFNLENBQUMsQ0FBQztRQUNWLENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FDdEMsTUFBOEIsRUFDOUIsa0JBQTZDLEVBQzdDLGVBQXdDO1FBRXhDLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLG9CQUFvQixFQUFFLFlBQVksRUFBRSxJQUFJLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQztRQUVuRixNQUFNLEdBQUc7WUFDUCxHQUFHLE1BQU07WUFDVCxJQUFJO1lBQ0osR0FBRztZQUNILG9CQUFvQjtZQUNwQixZQUFZO1NBQ2IsQ0FBQztRQUVGLElBQUksa0JBQWtCLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDM0IsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ25CO2dCQUNFLFlBQVksRUFBRSxrQkFBa0IsQ0FBQyxHQUFHO2FBQ3JDLEVBQ0QsZ0JBQWdCLENBQ2pCLENBQUM7WUFDRixNQUFNLENBQUMsR0FBRyxHQUFHLGtCQUFrQixDQUFDLEdBQUcsQ0FBQztRQUN0QyxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksWUFBWSxDQUFDO1lBQ2pCLE1BQU0saUJBQWlCLEdBQUc7Z0JBQ3hCLEdBQUcsTUFBTTtnQkFDVCxHQUFHLEVBQUUsU0FBUzthQUNmLENBQUM7WUFDRixJQUFJLGVBQWUsRUFBRSxDQUFDO2dCQUNwQixZQUFZLEdBQUcsTUFBTSxlQUFlLENBQUMsV0FBVyxDQUFDLGlCQUF3QyxDQUFDLENBQUM7WUFDN0YsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFlBQVksR0FBRyxNQUFNLEtBQUssQ0FBQyxTQUFVLENBQUMsR0FBRyxDQUFDLFdBQVcsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1lBQzNFLENBQUM7WUFDRCxNQUFNLENBQUMsR0FBRyxHQUFHLHNCQUFzQixDQUFDLFlBQVksRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUM5RSxDQUFDO1FBRUQsSUFBSSxZQUFZLENBQUM7UUFDakIsNEZBQTRGO1FBQzVGLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDNUYsWUFBWSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsa0JBQWtCLENBQUMsSUFBSyxDQUFDLENBQUM7WUFDNUQsTUFBTSxZQUFZLENBQUMsNEJBQTRCLEVBQUUsQ0FBQztZQUNsRCxNQUFNLENBQUMsS0FBSyxHQUFHLFlBQVksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUM3QyxDQUFDO1FBQ0QsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxJQUFLLENBQUMsQ0FBQztRQUN4RCxJQUFJLENBQUM7WUFDSCxJQUFJLHFCQUFxQixDQUFDO1lBQzFCLElBQUksVUFBVSxFQUFFLENBQUM7Z0JBQ2YsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxDQUFDO2dCQUM1RSxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixDQUFDLENBQUM7Z0JBQ2hELENBQUM7Z0JBRUQsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO29CQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsZUFBZTtvQkFDOUIsTUFBTSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsTUFBTSxDQUFDLENBQUM7aUJBQ3RDLEVBQ0QsK0JBQStCLENBQ2hDLENBQUM7Z0JBRUYscUJBQXFCLEdBQUcsTUFBTSxJQUFLLENBQUMsR0FBRyxDQUFDLHFCQUFxQixDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsQ0FBQztnQkFFckYsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO29CQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsZUFBZTtvQkFDOUIsYUFBYSxFQUFFLHFCQUFxQixDQUFDLFdBQVc7b0JBQ2hELFNBQVMsRUFBRSxxQkFBcUIsQ0FBQyxPQUFPO2lCQUN6QyxFQUNELG9CQUFvQixDQUNyQixDQUFDO1lBQ0osQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUNwQjtvQkFDRSxNQUFNLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxNQUFNLENBQUMsQ0FBQztpQkFDdEMsRUFDRCxpQ0FBaUMsQ0FDbEMsQ0FBQztnQkFFRixxQkFBcUIsR0FBRyxNQUFNLElBQUssQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ2xFLENBQUM7WUFFRCxJQUFJLFlBQVk7Z0JBQUUsWUFBWSxDQUFDLHNCQUFzQixDQUFDLE1BQU0sQ0FBQyxLQUFNLENBQUMsQ0FBQztZQUVyRSxPQUFPLHFCQUFxQixDQUFDO1FBQy9CLENBQUM7UUFBQyxPQUFPLENBQVUsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sT0FBTyxHQUFHLG9DQUFvQyxDQUFDO1lBQ3JELFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUNuQyxJQUFJLFlBQVk7Z0JBQUUsTUFBTSxZQUFZLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztZQUMxRCxJQUFLLENBQXFCLENBQUMsT0FBTyxFQUFFLFFBQVEsQ0FBQywwQ0FBMEMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3pGLE1BQU0sSUFBSSxpQ0FBaUMsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDMUQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sSUFBSSxvQkFBb0IsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDN0MsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDOztBQUdILGVBQWUsU0FBUyxDQUFDIn0=
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/sdk-js",
|
|
3
|
-
"version": "3.4.0-beta.
|
|
3
|
+
"version": "3.4.0-beta.18",
|
|
4
4
|
"main": "dist/cjs/index.js",
|
|
5
5
|
"module": "dist/mjs/index.js",
|
|
6
6
|
"exports": {
|
|
@@ -77,7 +77,7 @@
|
|
|
77
77
|
"object-hash": "^3.0.0",
|
|
78
78
|
"p-queue": "6.6.2",
|
|
79
79
|
"pino": "^7.2.0",
|
|
80
|
-
"pkijs": "^3.
|
|
80
|
+
"pkijs": "^3.0.15",
|
|
81
81
|
"protobufjs": "^6.11.2",
|
|
82
82
|
"ua-parser-js": "^1.0.37",
|
|
83
83
|
"uuid": "^9.0.1",
|
|
@@ -1,66 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.CRLHelper = void 0;
|
|
27
|
-
const pkijs = __importStar(require("pkijs"));
|
|
28
|
-
const helper_js_1 = require("./helper.js");
|
|
29
|
-
const constants_js_1 = require("../constants.js");
|
|
30
|
-
const index_js_1 = require("../index.js");
|
|
31
|
-
class CRLHelper {
|
|
32
|
-
static async getCRLFromCerts(certs) {
|
|
33
|
-
const crlRequestsData = certs.map(this.getCRLRequestData).filter(Boolean);
|
|
34
|
-
if (!crlRequestsData.length) {
|
|
35
|
-
return [];
|
|
36
|
-
}
|
|
37
|
-
const crlResponseResults = await Promise.allSettled(crlRequestsData.map((reqData) => this.getCRLResponse(reqData)));
|
|
38
|
-
const rejectedCRLResponses = crlResponseResults
|
|
39
|
-
.filter(index_js_1.helpers.isRejected)
|
|
40
|
-
.map((result) => result.reason);
|
|
41
|
-
if (rejectedCRLResponses.length) {
|
|
42
|
-
throw new Error(`Can't get CRL responses for some certificates (reasons=${rejectedCRLResponses.join(';\n')})`);
|
|
43
|
-
}
|
|
44
|
-
return crlResponseResults.filter(index_js_1.helpers.isFulfilled).map((result) => result.value);
|
|
45
|
-
}
|
|
46
|
-
static getCRLRequestData(cert) {
|
|
47
|
-
const authorityExtension = helper_js_1.CertificatesHelper.getExtensionValue(cert, constants_js_1.OID_CRL_DISTRIBUTION_POINTS);
|
|
48
|
-
if (!authorityExtension) {
|
|
49
|
-
return;
|
|
50
|
-
}
|
|
51
|
-
const extensionValue = pkijs.ExtensionValueFactory.fromBER(constants_js_1.OID_CRL_DISTRIBUTION_POINTS, authorityExtension);
|
|
52
|
-
const findType6DistributionPointExtension = (entry) => entry.type === 6;
|
|
53
|
-
const crlUrlDistributionPoints = extensionValue?.distributionPoints.find((point) => point.distributionPoint?.some(findType6DistributionPointExtension));
|
|
54
|
-
const crlUrl = crlUrlDistributionPoints?.distributionPoint?.find(findType6DistributionPointExtension)?.value;
|
|
55
|
-
if (!crlUrl) {
|
|
56
|
-
return;
|
|
57
|
-
}
|
|
58
|
-
return { crlUrl };
|
|
59
|
-
}
|
|
60
|
-
static async getCRLResponse(data) {
|
|
61
|
-
const response = await helper_js_1.CertificatesHelper.downloadCertWithCache(data.crlUrl);
|
|
62
|
-
return pkijs.CertificateRevocationList.fromBER(response);
|
|
63
|
-
}
|
|
64
|
-
}
|
|
65
|
-
exports.CRLHelper = CRLHelper;
|
|
66
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NlcnRpZmljYXRlcy9jcmwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw2Q0FBK0I7QUFDL0IsMkNBQWlEO0FBQ2pELGtEQUE4RDtBQUM5RCwwQ0FBc0M7QUFJdEMsTUFBYSxTQUFTO0lBQ3BCLE1BQU0sQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUMxQixLQUEwQjtRQUUxQixNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQXFCLENBQUM7UUFDOUYsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUM1QixPQUFPLEVBQUUsQ0FBQztRQUNaLENBQUM7UUFFRCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sT0FBTyxDQUFDLFVBQVUsQ0FDakQsZUFBZSxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUMvRCxDQUFDO1FBRUYsTUFBTSxvQkFBb0IsR0FBRyxrQkFBa0I7YUFDNUMsTUFBTSxDQUFDLGtCQUFPLENBQUMsVUFBVSxDQUFDO2FBQzFCLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2xDLElBQUksb0JBQW9CLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDaEMsTUFBTSxJQUFJLEtBQUssQ0FDYiwwREFBMEQsb0JBQW9CLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsa0JBQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN0RixDQUFDO0lBRU8sTUFBTSxDQUFDLGlCQUFpQixDQUFDLElBQXVCO1FBQ3RELE1BQU0sa0JBQWtCLEdBQUcsOEJBQWtCLENBQUMsaUJBQWlCLENBQzdELElBQUksRUFDSiwwQ0FBMkIsQ0FDNUIsQ0FBQztRQUNGLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQ3hCLE9BQU87UUFDVCxDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLE9BQU8sQ0FDeEQsMENBQTJCLEVBQzNCLGtCQUFrQixDQUNZLENBQUM7UUFFakMsTUFBTSxtQ0FBbUMsR0FBRyxDQUFDLEtBQXdCLEVBQVcsRUFBRSxDQUNoRixLQUFLLENBQUMsSUFBSSxLQUFLLENBQUMsQ0FBQztRQUVuQixNQUFNLHdCQUF3QixHQUFHLGNBQWMsRUFBRSxrQkFBa0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUNoRixLQUFLLENBQUMsaUJBQXFELEVBQUUsSUFBSSxDQUNoRSxtQ0FBbUMsQ0FDcEMsQ0FDRixDQUFDO1FBQ0YsTUFBTSxNQUFNLEdBQ1Ysd0JBQXdCLEVBQUUsaUJBQzNCLEVBQUUsSUFBSSxDQUFDLG1DQUFtQyxDQUFDLEVBQUUsS0FBSyxDQUFDO1FBQ3BELElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNaLE9BQU87UUFDVCxDQUFDO1FBRUQsT0FBTyxFQUFFLE1BQU0sRUFBRSxDQUFDO0lBQ3BCLENBQUM7SUFFTyxNQUFNLENBQUMsS0FBSyxDQUFDLGNBQWMsQ0FDakMsSUFBb0I7UUFFcEIsTUFBTSxRQUFRLEdBQUcsTUFBTSw4QkFBa0IsQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0UsT0FBTyxLQUFLLENBQUMseUJBQXlCLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQzNELENBQUM7Q0FDRjtBQWhFRCw4QkFnRUMifQ==
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
/// <reference types="node" />
|
|
2
|
-
import * as pkijs from 'pkijs';
|
|
3
|
-
import { ValidateCertChainResult } from './types.js';
|
|
4
|
-
export declare class CertificatesHelper {
|
|
5
|
-
private static downloadedCertificateCache;
|
|
6
|
-
static derToPem(data: ArrayBuffer): string;
|
|
7
|
-
static pemToDer(certPem: string): Uint8Array;
|
|
8
|
-
static splitPemCerts(certs: string): string[];
|
|
9
|
-
static getDomain(certPem: string): string | undefined;
|
|
10
|
-
static getExtensionValue(certParam: string | pkijs.Certificate, oid: string): Buffer | undefined;
|
|
11
|
-
static extractCAFromChain(certsPem: string): {
|
|
12
|
-
certs: string;
|
|
13
|
-
ca: string;
|
|
14
|
-
};
|
|
15
|
-
static pemChainToDer(certsPem: string): Uint8Array[];
|
|
16
|
-
static derChainToPem(certsDer: Uint8Array[]): string;
|
|
17
|
-
static downloadCertWithCache(url: string): Promise<Buffer>;
|
|
18
|
-
static validateCertChain(certsPem: string | string[], caPem: string | string[], options?: {
|
|
19
|
-
offline?: boolean;
|
|
20
|
-
}): Promise<ValidateCertChainResult>;
|
|
21
|
-
}
|