@super-protocol/sdk-js 3.4.0-beta.17 → 3.4.0-beta.19

package/dist/cjs/certificates/crl.d.ts

@@ -0,0 +1,6 @@
+import * as pkijs from 'pkijs';
+export declare class CRLHelper {
+    static getCRLFromCerts(certs: pkijs.Certificate[]): Promise<pkijs.CertificateRevocationList[]>;
+    private static getCRLRequestData;
+    private static getCRLResponse;
+}

package/dist/cjs/certificates/crl.js

@@ -0,0 +1,66 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CRLHelper = void 0;
+const pkijs = __importStar(require("pkijs"));
+const helper_js_1 = require("./helper.js");
+const constants_js_1 = require("../constants.js");
+const index_js_1 = require("../index.js");
+class CRLHelper {
+    static async getCRLFromCerts(certs) {
+        const crlRequestsData = certs.map(this.getCRLRequestData).filter(Boolean);
+        if (!crlRequestsData.length) {
+            return [];
+        }
+        const crlResponseResults = await Promise.allSettled(crlRequestsData.map((reqData) => this.getCRLResponse(reqData)));
+        const rejectedCRLResponses = crlResponseResults
+            .filter(index_js_1.helpers.isRejected)
+            .map((result) => result.reason);
+        if (rejectedCRLResponses.length) {
+            throw new Error(`Can't get CRL responses for some certificates (reasons=${rejectedCRLResponses.join(';\n')})`);
+        }
+        return crlResponseResults.filter(index_js_1.helpers.isFulfilled).map((result) => result.value);
+    }
+    static getCRLRequestData(cert) {
+        const authorityExtension = helper_js_1.CertificatesHelper.getExtensionValue(cert, constants_js_1.OID_CRL_DISTRIBUTION_POINTS);
+        if (!authorityExtension) {
+            return;
+        }
+        const extensionValue = pkijs.ExtensionValueFactory.fromBER(constants_js_1.OID_CRL_DISTRIBUTION_POINTS, authorityExtension);
+        const findType6DistributionPointExtension = (entry) => entry.type === 6;
+        const crlUrlDistributionPoints = extensionValue?.distributionPoints.find((point) => point.distributionPoint?.some(findType6DistributionPointExtension));
+        const crlUrl = crlUrlDistributionPoints?.distributionPoint?.find(findType6DistributionPointExtension)?.value;
+        if (!crlUrl) {
+            return;
+        }
+        return { crlUrl };
+    }
+    static async getCRLResponse(data) {
+        const response = await helper_js_1.CertificatesHelper.downloadCertWithCache(data.crlUrl);
+        return pkijs.CertificateRevocationList.fromBER(response);
+    }
+}
+exports.CRLHelper = CRLHelper;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NlcnRpZmljYXRlcy9jcmwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw2Q0FBK0I7QUFDL0IsMkNBQWlEO0FBQ2pELGtEQUE4RDtBQUM5RCwwQ0FBc0M7QUFJdEMsTUFBYSxTQUFTO0lBQ3BCLE1BQU0sQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUMxQixLQUEwQjtRQUUxQixNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQXFCLENBQUM7UUFDOUYsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUM1QixPQUFPLEVBQUUsQ0FBQztRQUNaLENBQUM7UUFFRCxNQUFNLGtCQUFrQixHQUFHLE1BQU0sT0FBTyxDQUFDLFVBQVUsQ0FDakQsZUFBZSxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUMvRCxDQUFDO1FBRUYsTUFBTSxvQkFBb0IsR0FBRyxrQkFBa0I7YUFDNUMsTUFBTSxDQUFDLGtCQUFPLENBQUMsVUFBVSxDQUFDO2FBQzFCLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2xDLElBQUksb0JBQW9CLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDaEMsTUFBTSxJQUFJLEtBQUssQ0FDYiwwREFBMEQsb0JBQW9CLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxrQkFBa0IsQ0FBQyxNQUFNLENBQUMsa0JBQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN0RixDQUFDO0lBRU8sTUFBTSxDQUFDLGlCQUFpQixDQUFDLElBQXVCO1FBQ3RELE1BQU0sa0JBQWtCLEdBQUcsOEJBQWtCLENBQUMsaUJBQWlCLENBQzdELElBQUksRUFDSiwwQ0FBMkIsQ0FDNUIsQ0FBQztRQUNGLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQ3hCLE9BQU87UUFDVCxDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLE9BQU8sQ0FDeEQsMENBQTJCLEVBQzNCLGtCQUFrQixDQUNZLENBQUM7UUFFakMsTUFBTSxtQ0FBbUMsR0FBRyxDQUFDLEtBQXdCLEVBQVcsRUFBRSxDQUNoRixLQUFLLENBQUMsSUFBSSxLQUFLLENBQUMsQ0FBQztRQUVuQixNQUFNLHdCQUF3QixHQUFHLGNBQWMsRUFBRSxrQkFBa0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUNoRixLQUFLLENBQUMsaUJBQXFELEVBQUUsSUFBSSxDQUNoRSxtQ0FBbUMsQ0FDcEMsQ0FDRixDQUFDO1FBQ0YsTUFBTSxNQUFNLEdBQ1Ysd0JBQXdCLEVBQUUsaUJBQzNCLEVBQUUsSUFBSSxDQUFDLG1DQUFtQyxDQUFDLEVBQUUsS0FBSyxDQUFDO1FBQ3BELElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNaLE9BQU87UUFDVCxDQUFDO1FBRUQsT0FBTyxFQUFFLE1BQU0sRUFBRSxDQUFDO0lBQ3BCLENBQUM7SUFFTyxNQUFNLENBQUMsS0FBSyxDQUFDLGNBQWMsQ0FDakMsSUFBb0I7UUFFcEIsTUFBTSxRQUFRLEdBQUcsTUFBTSw4QkFBa0IsQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0UsT0FBTyxLQUFLLENBQUMseUJBQXlCLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQzNELENBQUM7Q0FDRjtBQWhFRCw4QkFnRUMifQ==

package/dist/cjs/certificates/helper.d.ts

@@ -0,0 +1,23 @@
+/// <reference types="node" />
+import * as pkijs from 'pkijs';
+import { ValidateCertChainResult } from './types.js';
+export declare class CertificatesHelper {
+    private static downloadedCertificateCache;
+    static derToPem(data: ArrayBuffer): string;
+    static pemToDer(certPem: string): Uint8Array;
+    static splitPemCerts(certs: string): string[];
+    static getDomain(certPem: string): string | undefined;
+    static getExtensionValue(certParam: string | pkijs.Certificate, oid: string): Buffer | undefined;
+    static extractCAFromChain(certsPem: string): {
+        certs: string;
+        ca: string;
+    };
+    static pemChainToDer(certsPem: string): Uint8Array[];
+    static derChainToPem(certsDer: Uint8Array[]): string;
+    static downloadCertWithCache(url: string): Promise<Buffer>;
+    static sortCertsFromLeafToRoot(certsPem: string | string[]): pkijs.Certificate[];
+    static validateCertChain(certsPem: string | string[], caPem: string | string[], options?: {
+        offline?: boolean;
+    }): Promise<ValidateCertChainResult>;
+    private static toPkiCerts;
+}

package/dist/cjs/certificates/helper.js

@@ -0,0 +1,179 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CertificatesHelper = void 0;
+const crypto_1 = require("crypto");
+const lodash_1 = __importDefault(require("lodash"));
+const axios_1 = __importDefault(require("axios"));
+const node_forge_1 = __importDefault(require("node-forge"));
+const pkijs = __importStar(require("pkijs"));
+const memory_js_1 = require("../utils/cache/memory.js");
+const ocsp_js_1 = require("./ocsp.js");
+const crl_js_1 = require("./crl.js");
+//pkijs initCryptoEngine method doesn't work properly in nodejs
+//https://github.com/PeculiarVentures/PKI.js/blob/91c596be220c5010b38415a68bd100942dfd321e/src/CryptoEngine/CryptoEngineInit.ts#L4
+try {
+    pkijs.getEngine();
+}
+catch (err) {
+    if (err.message === `Please call 'setEngine' before call to 'getEngine'`) {
+        pkijs.setEngine('Node', new pkijs.CryptoEngine({ name: 'Node', crypto: require('crypto').webcrypto }));
+    }
+}
+class CertificatesHelper {
+    static downloadedCertificateCache = (0, memory_js_1.createMemoryCache)();
+    static derToPem(data) {
+        return node_forge_1.default.pem.encode({
+            contentDomain: null,
+            dekInfo: null,
+            headers: [],
+            procType: null,
+            type: 'CERTIFICATE',
+            body: Buffer.from(data).toString('binary'),
+        });
+    }
+    static pemToDer(certPem) {
+        return Buffer.from(node_forge_1.default.pki.pemToDer(certPem).bytes(), 'binary');
+    }
+    static splitPemCerts(certs) {
+        const pemRegex = /(-----BEGIN CERTIFICATE-----[\s\S]*?-----END CERTIFICATE-----)/g;
+        return certs.match(pemRegex) || [];
+    }
+    static getDomain(certPem) {
+        const cert = node_forge_1.default.pki.certificateFromPem(certPem);
+        return cert.subject.attributes.find((attribute) => attribute.name === 'commonName')
+            ?.value;
+    }
+    static getExtensionValue(certParam, oid) {
+        const cert = typeof certParam === 'string'
+            ? pkijs.Certificate.fromBER(CertificatesHelper.pemToDer(certParam))
+            : certParam;
+        const extension = cert.extensions?.find((ext) => ext.extnID === oid);
+        return extension && Buffer.from(extension.extnValue.valueBlock.toBER());
+    }
+    static extractCAFromChain(certsPem) {
+        const certs = CertificatesHelper.splitPemCerts(certsPem);
+        const splitCerts = lodash_1.default.partition(certs, (cert) => {
+            const x509 = new crypto_1.X509Certificate(cert);
+            return x509.issuer !== x509.subject;
+        });
+        return {
+            certs: splitCerts[0].join('\n'),
+            ca: splitCerts[1].join('\n'),
+        };
+    }
+    static pemChainToDer(certsPem) {
+        const certs = CertificatesHelper.splitPemCerts(certsPem);
+        return certs.map((certPem) => CertificatesHelper.pemToDer(certPem));
+    }
+    static derChainToPem(certsDer) {
+        return certsDer.map(CertificatesHelper.derToPem).join('').trim();
+    }
+    static async downloadCertWithCache(url) {
+        const responseData = await CertificatesHelper.downloadedCertificateCache.wrap(url, async () => {
+            const response = await (0, axios_1.default)(url, {
+                responseType: 'arraybuffer',
+            });
+            return response?.data;
+        }, {
+            ttl: 5 * 60 * 1000, //5 min
+        });
+        return responseData;
+    }
+    static sortCertsFromLeafToRoot(certsPem) {
+        const allCerts = CertificatesHelper.toPkiCerts(certsPem);
+        const leafs = allCerts.filter((certToCheck) => !allCerts.some((certsToCheckWith) => certToCheck.subject.isEqual(certsToCheckWith.issuer)));
+        const buildChain = (leaf) => {
+            const chain = [leaf];
+            let currentCert = leaf;
+            do {
+                currentCert = allCerts.find((potentialIssuer) => currentCert?.issuer.isEqual(potentialIssuer.subject) &&
+                    !currentCert.subject.isEqual(currentCert.issuer));
+                if (currentCert) {
+                    chain.push(currentCert);
+                }
+            } while (currentCert);
+            return chain;
+        };
+        const chains = leafs.map(buildChain).sort((one, two) => two.length - one.length);
+        return chains.flat();
+    }
+    static async validateCertChain(certsPem, caPem, options = {}) {
+        const { offline } = options;
+        // reverse() is needed because pkijs expects certificates to be ordered from root to leaf
+        const sortedCerts = CertificatesHelper.sortCertsFromLeafToRoot(certsPem).reverse();
+        const ca = CertificatesHelper.toPkiCerts(caPem);
+        try {
+            const crls = offline ? [] : await crl_js_1.CRLHelper.getCRLFromCerts(sortedCerts);
+            const ocspBaseResponses = offline
+                ? []
+                : await ocsp_js_1.OCSPHelper.getOCSPResponseFromCerts(sortedCerts, ca);
+            const chainEngine = new pkijs.CertificateChainValidationEngine({
+                certs: sortedCerts,
+                trustedCerts: ca,
+                ocsps: ocspBaseResponses,
+                crls,
+            });
+            const verifyResult = await chainEngine.verify();
+            if (!verifyResult.result) {
+                return {
+                    success: false,
+                    errorMessage: verifyResult.resultMessage,
+                };
+            }
+            /**
+             * When verifying a certificate chain, chainEngine.verify() attempts to find a valid
+             * certification path using the provided certificates. It may ignore certificates that
+             * don't belong to the valid chain.
+             *
+             * This check ensures that all certificates we initially provided were actually used
+             * in the valid certification path that CertificateChainValidationEngine constructed.
+             * If any certificate was ignored/not used, we throw an error.
+             */
+            const isEachCertVerified = sortedCerts.every((cert) => verifyResult.certificatePath?.find((verifiedCert) => verifiedCert.serialNumber.isEqual(cert.serialNumber)));
+            if (!isEachCertVerified) {
+                throw new Error('Some of certificates do not belong to chain');
+            }
+            return {
+                success: true,
+            };
+        }
+        catch (err) {
+            return {
+                success: false,
+                errorMessage: err.message,
+            };
+        }
+    }
+    static toPkiCerts(certs) {
+        const certsArray = Array.isArray(certs) ? certs : CertificatesHelper.splitPemCerts(certs);
+        return certsArray.map((certPem) => pkijs.Certificate.fromBER(CertificatesHelper.pemToDer(certPem)));
+    }
+}
+exports.CertificatesHelper = CertificatesHelper;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NlcnRpZmljYXRlcy9oZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxtQ0FBeUM7QUFDekMsb0RBQXVCO0FBQ3ZCLGtEQUEwQjtBQUMxQiw0REFBK0I7QUFDL0IsNkNBQStCO0FBQy9CLHdEQUE2RDtBQUU3RCx1Q0FBdUM7QUFDdkMscUNBQXFDO0FBRXJDLCtEQUErRDtBQUMvRCxrSUFBa0k7QUFDbEksSUFBSSxDQUFDO0lBQ0gsS0FBSyxDQUFDLFNBQVMsRUFBRSxDQUFDO0FBQ3BCLENBQUM7QUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO0lBQ2IsSUFBSyxHQUFhLENBQUMsT0FBTyxLQUFLLG9EQUFvRCxFQUFFLENBQUM7UUFDcEYsS0FBSyxDQUFDLFNBQVMsQ0FDYixNQUFNLEVBQ04sSUFBSSxLQUFLLENBQUMsWUFBWSxDQUFDLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQzlFLENBQUM7SUFDSixDQUFDO0FBQ0gsQ0FBQztBQUVELE1BQWEsa0JBQWtCO0lBQ3JCLE1BQU0sQ0FBQywwQkFBMEIsR0FBRyxJQUFBLDZCQUFpQixHQUFFLENBQUM7SUFFaEUsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFpQjtRQUMvQixPQUFPLG9CQUFLLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQztZQUN0QixhQUFhLEVBQUUsSUFBSTtZQUNuQixPQUFPLEVBQUUsSUFBSTtZQUNiLE9BQU8sRUFBRSxFQUFFO1lBQ1gsUUFBUSxFQUFFLElBQUk7WUFDZCxJQUFJLEVBQUUsYUFBYTtZQUNuQixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDO1NBQzNDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxNQUFNLENBQUMsUUFBUSxDQUFDLE9BQWU7UUFDN0IsT0FBTyxNQUFNLENBQUMsSUFBSSxDQUFDLG9CQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxRQUFRLENBQUMsQ0FBQztJQUNwRSxDQUFDO0lBRUQsTUFBTSxDQUFDLGFBQWEsQ0FBQyxLQUFhO1FBQ2hDLE1BQU0sUUFBUSxHQUFHLGlFQUFpRSxDQUFDO1FBQ25GLE9BQU8sS0FBSyxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDckMsQ0FBQztJQUVELE1BQU0sQ0FBQyxTQUFTLENBQUMsT0FBZTtRQUM5QixNQUFNLElBQUksR0FBRyxvQkFBSyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNuRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsU0FBUyxDQUFDLElBQUksS0FBSyxZQUFZLENBQUM7WUFDakYsRUFBRSxLQUFlLENBQUM7SUFDdEIsQ0FBQztJQUVELE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxTQUFxQyxFQUFFLEdBQVc7UUFDekUsTUFBTSxJQUFJLEdBQ1IsT0FBTyxTQUFTLEtBQUssUUFBUTtZQUMzQixDQUFDLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ25FLENBQUMsQ0FBQyxTQUFTLENBQUM7UUFDaEIsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEtBQUssR0FBRyxDQUFDLENBQUM7UUFDckUsT0FBTyxTQUFTLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzFFLENBQUM7SUFFRCxNQUFNLENBQUMsa0JBQWtCLENBQUMsUUFBZ0I7UUFDeEMsTUFBTSxLQUFLLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3pELE1BQU0sVUFBVSxHQUFHLGdCQUFDLENBQUMsU0FBUyxDQUFDLEtBQUssRUFBRSxDQUFDLElBQUksRUFBRSxFQUFFO1lBQzdDLE1BQU0sSUFBSSxHQUFHLElBQUksd0JBQWUsQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUV2QyxPQUFPLElBQUksQ0FBQyxNQUFNLEtBQUssSUFBSSxDQUFDLE9BQU8sQ0FBQztRQUN0QyxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU87WUFDTCxLQUFLLEVBQUUsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7WUFDL0IsRUFBRSxFQUFFLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDO1NBQzdCLENBQUM7SUFDSixDQUFDO0lBRUQsTUFBTSxDQUFDLGFBQWEsQ0FBQyxRQUFnQjtRQUNuQyxNQUFNLEtBQUssR0FBRyxrQkFBa0IsQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFekQsT0FBTyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUN0RSxDQUFDO0lBRUQsTUFBTSxDQUFDLGFBQWEsQ0FBQyxRQUFzQjtRQUN6QyxPQUFPLFFBQVEsQ0FBQyxHQUFHLENBQUMsa0JBQWtCLENBQUMsUUFBUSxDQUFDLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ25FLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLHFCQUFxQixDQUFDLEdBQVc7UUFDNUMsTUFBTSxZQUFZLEdBQUcsTUFBTSxrQkFBa0IsQ0FBQywwQkFBMEIsQ0FBQyxJQUFJLENBQzNFLEdBQUcsRUFDSCxLQUFLLElBQUksRUFBRTtZQUNULE1BQU0sUUFBUSxHQUFHLE1BQU0sSUFBQSxlQUFLLEVBQUMsR0FBRyxFQUFFO2dCQUNoQyxZQUFZLEVBQUUsYUFBYTthQUM1QixDQUFDLENBQUM7WUFDSCxPQUFPLFFBQVEsRUFBRSxJQUFJLENBQUM7UUFDeEIsQ0FBQyxFQUNEO1lBQ0UsR0FBRyxFQUFFLENBQUMsR0FBRyxFQUFFLEdBQUcsSUFBSSxFQUFFLE9BQU87U0FDNUIsQ0FDRixDQUFDO1FBRUYsT0FBTyxZQUFZLENBQUM7SUFDdEIsQ0FBQztJQUVELE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxRQUEyQjtRQUN4RCxNQUFNLFFBQVEsR0FBRyxrQkFBa0IsQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFekQsTUFBTSxLQUFLLEdBQUcsUUFBUSxDQUFDLE1BQU0sQ0FDM0IsQ0FBQyxXQUFXLEVBQUUsRUFBRSxDQUNkLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUM3RixDQUFDO1FBRUYsTUFBTSxVQUFVLEdBQUcsQ0FBQyxJQUF1QixFQUF1QixFQUFFO1lBQ2xFLE1BQU0sS0FBSyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDckIsSUFBSSxXQUFXLEdBQWtDLElBQUksQ0FBQztZQUV0RCxHQUFHLENBQUM7Z0JBQ0YsV0FBVyxHQUFHLFFBQVEsQ0FBQyxJQUFJLENBQ3pCLENBQUMsZUFBZSxFQUFFLEVBQUUsQ0FDbEIsV0FBVyxFQUFFLE1BQU0sQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFDLE9BQU8sQ0FBQztvQkFDcEQsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLENBQ25ELENBQUM7Z0JBRUYsSUFBSSxXQUFXLEVBQUUsQ0FBQztvQkFDaEIsS0FBSyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztnQkFDMUIsQ0FBQztZQUNILENBQUMsUUFBUSxXQUFXLEVBQUU7WUFFdEIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDLENBQUM7UUFFRixNQUFNLE1BQU0sR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2pGLE9BQU8sTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLGlCQUFpQixDQUM1QixRQUEyQixFQUMzQixLQUF3QixFQUN4QixVQUFpQyxFQUFFO1FBRW5DLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxPQUFPLENBQUM7UUFFNUIseUZBQXlGO1FBQ3pGLE1BQU0sV0FBVyxHQUFHLGtCQUFrQixDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBRW5GLE1BQU0sRUFBRSxHQUFHLGtCQUFrQixDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUVoRCxJQUFJLENBQUM7WUFDSCxNQUFNLElBQUksR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsTUFBTSxrQkFBUyxDQUFDLGVBQWUsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUN6RSxNQUFNLGlCQUFpQixHQUFHLE9BQU87Z0JBQy9CLENBQUMsQ0FBQyxFQUFFO2dCQUNKLENBQUMsQ0FBQyxNQUFNLG9CQUFVLENBQUMsd0JBQXdCLENBQUMsV0FBVyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1lBRS9ELE1BQU0sV0FBVyxHQUFHLElBQUksS0FBSyxDQUFDLGdDQUFnQyxDQUFDO2dCQUM3RCxLQUFLLEVBQUUsV0FBVztnQkFDbEIsWUFBWSxFQUFFLEVBQUU7Z0JBQ2hCLEtBQUssRUFBRSxpQkFBaUI7Z0JBQ3hCLElBQUk7YUFDTCxDQUFDLENBQUM7WUFFSCxNQUFNLFlBQVksR0FBRyxNQUFNLFdBQVcsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNoRCxJQUFJLENBQUMsWUFBWSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUN6QixPQUFPO29CQUNMLE9BQU8sRUFBRSxLQUFLO29CQUNkLFlBQVksRUFBRSxZQUFZLENBQUMsYUFBYTtpQkFDekMsQ0FBQztZQUNKLENBQUM7WUFFRDs7Ozs7Ozs7ZUFRRztZQUNILE1BQU0sa0JBQWtCLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQ3BELFlBQVksQ0FBQyxlQUFlLEVBQUUsSUFBSSxDQUFDLENBQUMsWUFBWSxFQUFFLEVBQUUsQ0FDbEQsWUFBWSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUNyRCxDQUNGLENBQUM7WUFDRixJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztnQkFDeEIsTUFBTSxJQUFJLEtBQUssQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1lBQ2pFLENBQUM7WUFFRCxPQUFPO2dCQUNMLE9BQU8sRUFBRSxJQUFJO2FBQ2QsQ0FBQztRQUNKLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxZQUFZLEVBQUcsR0FBYSxDQUFDLE9BQU87YUFDckMsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLFVBQVUsQ0FBQyxLQUF3QjtRQUNoRCxNQUFNLFVBQVUsR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLGtCQUFrQixDQUFDLGFBQWEsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMxRixPQUFPLFVBQVUsQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUNoQyxLQUFLLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FDaEUsQ0FBQztJQUNKLENBQUM7O0FBakxILGdEQWtMQyJ9

package/dist/cjs/certificates/index.d.ts

@@ -0,0 +1,2 @@
+export * from './helper.js';
+export * from './types.js';

package/dist/cjs/certificates/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./helper.js"), exports);
+__exportStar(require("./types.js"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY2VydGlmaWNhdGVzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSw4Q0FBNEI7QUFDNUIsNkNBQTJCIn0=

package/dist/cjs/certificates/ocsp.d.ts

@@ -0,0 +1,9 @@
+import * as pkijs from 'pkijs';
+export declare class OCSPHelper {
+    static getOCSPResponseFromCerts(certs: pkijs.Certificate[], ca: pkijs.Certificate[]): Promise<pkijs.BasicOCSPResponse[]>;
+    private static getOCSPRequestData;
+    private static getOCSPResponse;
+    private static sendOCSPRequest;
+    private static getNonceForRequest;
+    private static getNonceFromResponse;
+}

package/dist/cjs/certificates/ocsp.js

@@ -0,0 +1,124 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OCSPHelper = void 0;
+const pkijs = __importStar(require("pkijs"));
+const asn1js = __importStar(require("asn1js"));
+const axios_1 = __importDefault(require("axios"));
+const constants_js_1 = require("../constants.js");
+const helper_js_1 = require("./helper.js");
+const index_js_1 = require("../index.js");
+class OCSPHelper {
+    static async getOCSPResponseFromCerts(certs, ca) {
+        const ocspRequestsData = certs
+            .map(OCSPHelper.getOCSPRequestData)
+            .filter(Boolean);
+        if (!ocspRequestsData.length) {
+            return [];
+        }
+        const ocspResponseResults = await Promise.allSettled(ocspRequestsData.map((ocspReqData) => OCSPHelper.getOCSPResponse(ocspReqData, ca)));
+        const rejectedOCSPResponses = ocspResponseResults
+            .filter(index_js_1.helpers.isRejected)
+            .map((result) => result.reason);
+        if (rejectedOCSPResponses.length) {
+            throw new Error(`Can't get OCSP responses for some certificates (reasons=${rejectedOCSPResponses.join(';\n')})`);
+        }
+        return ocspResponseResults.filter(index_js_1.helpers.isFulfilled).map((result) => result.value);
+    }
+    static getOCSPRequestData(cert) {
+        const authorityExtension = helper_js_1.CertificatesHelper.getExtensionValue(cert, constants_js_1.OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION);
+        if (!authorityExtension) {
+            return;
+        }
+        const extensionValue = pkijs.ExtensionValueFactory.fromBER(constants_js_1.OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION, authorityExtension);
+        const ocspUrl = extensionValue.accessDescriptions.find((desc) => desc.accessMethod === constants_js_1.OID_OCSP_ACCESS_METHOD)?.accessLocation.value;
+        const issuerCertUrl = extensionValue.accessDescriptions.find((desc) => desc.accessMethod === constants_js_1.OID_OCSP_ISSUER_ACCESS_METHOD)?.accessLocation.value;
+        if (!ocspUrl || !issuerCertUrl) {
+            // TODO: throw error?
+            return;
+        }
+        return { ocspUrl, issuerCertUrl, cert };
+    }
+    static async getOCSPResponse(data, ca) {
+        const { ocspUrl, issuerCertUrl, cert } = data;
+        const issuerCertRaw = await helper_js_1.CertificatesHelper.downloadCertWithCache(issuerCertUrl);
+        const issuerCertificate = pkijs.Certificate.fromBER(issuerCertRaw);
+        const ocspReq = new pkijs.OCSPRequest();
+        await ocspReq.createForCertificate(cert, {
+            hashAlgorithm: 'SHA-256',
+            issuerCertificate,
+        });
+        const reqNonce = OCSPHelper.getNonceForRequest();
+        ocspReq.tbsRequest.requestExtensions = [
+            new pkijs.Extension({
+                extnID: index_js_1.constants.OID_OCSP_NONCE,
+                extnValue: new asn1js.OctetString({ valueHex: reqNonce.buffer }).toBER(),
+            }),
+        ];
+        const ocspBasicResp = await OCSPHelper.sendOCSPRequest(ocspUrl, ocspReq);
+        const respNonce = await OCSPHelper.getNonceFromResponse(ocspBasicResp);
+        if (respNonce && Buffer.compare(reqNonce, respNonce) !== 0) {
+            throw new Error(`OCSP nonces from request and response do not match`);
+        }
+        const trustedCerts = [];
+        if (!ocspBasicResp.certs) {
+            ocspBasicResp.certs = [issuerCertificate];
+            trustedCerts.push(...ca);
+        }
+        else {
+            trustedCerts.push(issuerCertificate);
+        }
+        await ocspBasicResp.verify({ trustedCerts });
+        return ocspBasicResp;
+    }
+    static async sendOCSPRequest(ocspUrl, ocspReq) {
+        const ocspResponse = await (0, axios_1.default)(ocspUrl, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/ocsp-request',
+            },
+            responseType: 'arraybuffer',
+            data: ocspReq.toSchema(true).toBER(),
+        });
+        const ocspRespSimpl = pkijs.OCSPResponse.fromBER(ocspResponse.data);
+        if (!ocspRespSimpl.responseBytes) {
+            throw new Error('"No "ResponseBytes" in the OCSP Response - nothing to verify');
+        }
+        const ocspBasicResp = pkijs.BasicOCSPResponse.fromBER(ocspRespSimpl.responseBytes.response.valueBlock.valueHexView);
+        return ocspBasicResp;
+    }
+    static getNonceForRequest() {
+        return pkijs.getRandomValues(new Uint8Array(32));
+    }
+    static getNonceFromResponse(ocspBasicResp) {
+        const nonceExtension = ocspBasicResp.tbsResponseData?.responseExtensions?.find((extension) => extension.extnID === index_js_1.constants.OID_OCSP_NONCE);
+        return nonceExtension?.extnValue.valueBlock.valueHexView;
+    }
+}
+exports.OCSPHelper = OCSPHelper;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2NzcC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jZXJ0aWZpY2F0ZXMvb2NzcC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDZDQUErQjtBQUMvQiwrQ0FBaUM7QUFDakMsa0RBQTBCO0FBQzFCLGtEQUl5QjtBQUN6QiwyQ0FBaUQ7QUFDakQsMENBQWlEO0FBSWpELE1BQWEsVUFBVTtJQUNyQixNQUFNLENBQUMsS0FBSyxDQUFDLHdCQUF3QixDQUNuQyxLQUEwQixFQUMxQixFQUF1QjtRQUV2QixNQUFNLGdCQUFnQixHQUFHLEtBQUs7YUFDM0IsR0FBRyxDQUFDLFVBQVUsQ0FBQyxrQkFBa0IsQ0FBQzthQUNsQyxNQUFNLENBQUMsT0FBTyxDQUFzQixDQUFDO1FBRXhDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUM3QixPQUFPLEVBQUUsQ0FBQztRQUNaLENBQUM7UUFFRCxNQUFNLG1CQUFtQixHQUFHLE1BQU0sT0FBTyxDQUFDLFVBQVUsQ0FDbEQsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLENBQUMsV0FBVyxFQUFFLEVBQUUsQ0FBQyxVQUFVLENBQUMsZUFBZSxDQUFDLFdBQVcsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUNuRixDQUFDO1FBRUYsTUFBTSxxQkFBcUIsR0FBRyxtQkFBbUI7YUFDOUMsTUFBTSxDQUFDLGtCQUFPLENBQUMsVUFBVSxDQUFDO2FBQzFCLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2xDLElBQUkscUJBQXFCLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDakMsTUFBTSxJQUFJLEtBQUssQ0FDYiwyREFBMkQscUJBQXFCLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQ2hHLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxtQkFBbUIsQ0FBQyxNQUFNLENBQUMsa0JBQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUN2RixDQUFDO0lBRU8sTUFBTSxDQUFDLGtCQUFrQixDQUFDLElBQXVCO1FBQ3ZELE1BQU0sa0JBQWtCLEdBQUcsOEJBQWtCLENBQUMsaUJBQWlCLENBQzdELElBQUksRUFDSix5REFBMEMsQ0FDM0MsQ0FBQztRQUNGLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQ3hCLE9BQU87UUFDVCxDQUFDO1FBRUQsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLHFCQUFxQixDQUFDLE9BQU8sQ0FDeEQseURBQTBDLEVBQzFDLGtCQUFrQixDQUNFLENBQUM7UUFFdkIsTUFBTSxPQUFPLEdBQUcsY0FBYyxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FDcEQsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxZQUFZLEtBQUsscUNBQXNCLENBQ3ZELEVBQUUsY0FBYyxDQUFDLEtBQUssQ0FBQztRQUV4QixNQUFNLGFBQWEsR0FBRyxjQUFjLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUMxRCxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLFlBQVksS0FBSyw0Q0FBNkIsQ0FDOUQsRUFBRSxjQUFjLENBQUMsS0FBSyxDQUFDO1FBRXhCLElBQUksQ0FBQyxPQUFPLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUMvQixxQkFBcUI7WUFDckIsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLGFBQWEsRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUMxQyxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQ2xDLElBQXFCLEVBQ3JCLEVBQXVCO1FBRXZCLE1BQU0sRUFBRSxPQUFPLEVBQUUsYUFBYSxFQUFFLElBQUksRUFBRSxHQUFHLElBQUksQ0FBQztRQUM5QyxNQUFNLGFBQWEsR0FBRyxNQUFNLDhCQUFrQixDQUFDLHFCQUFxQixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3BGLE1BQU0saUJBQWlCLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsYUFBYSxDQUFDLENBQUM7UUFDbkUsTUFBTSxPQUFPLEdBQUcsSUFBSSxLQUFLLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDeEMsTUFBTSxPQUFPLENBQUMsb0JBQW9CLENBQUMsSUFBSSxFQUFFO1lBQ3ZDLGFBQWEsRUFBRSxTQUFTO1lBQ3hCLGlCQUFpQjtTQUNsQixDQUFDLENBQUM7UUFDSCxNQUFNLFFBQVEsR0FBRyxVQUFVLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztRQUNqRCxPQUFPLENBQUMsVUFBVSxDQUFDLGlCQUFpQixHQUFHO1lBQ3JDLElBQUksS0FBSyxDQUFDLFNBQVMsQ0FBQztnQkFDbEIsTUFBTSxFQUFFLG9CQUFTLENBQUMsY0FBYztnQkFDaEMsU0FBUyxFQUFFLElBQUksTUFBTSxDQUFDLFdBQVcsQ0FBQyxFQUFFLFFBQVEsRUFBRSxRQUFRLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxLQUFLLEVBQUU7YUFDekUsQ0FBQztTQUNILENBQUM7UUFFRixNQUFNLGFBQWEsR0FBRyxNQUFNLFVBQVUsQ0FBQyxlQUFlLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRXpFLE1BQU0sU0FBUyxHQUFHLE1BQU0sVUFBVSxDQUFDLG9CQUFvQixDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3ZFLElBQUksU0FBUyxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLFNBQVMsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQzNELE1BQU0sSUFBSSxLQUFLLENBQUMsb0RBQW9ELENBQUMsQ0FBQztRQUN4RSxDQUFDO1FBRUQsTUFBTSxZQUFZLEdBQXdCLEVBQUUsQ0FBQztRQUM3QyxJQUFJLENBQUMsYUFBYSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ3pCLGFBQWEsQ0FBQyxLQUFLLEdBQUcsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1lBQzFDLFlBQVksQ0FBQyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztRQUMzQixDQUFDO2FBQU0sQ0FBQztZQUNOLFlBQVksQ0FBQyxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQztRQUN2QyxDQUFDO1FBRUQsTUFBTSxhQUFhLENBQUMsTUFBTSxDQUFDLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQztRQUM3QyxPQUFPLGFBQWEsQ0FBQztJQUN2QixDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQ2xDLE9BQWUsRUFDZixPQUEwQjtRQUUxQixNQUFNLFlBQVksR0FBRyxNQUFNLElBQUEsZUFBSyxFQUFDLE9BQU8sRUFBRTtZQUN4QyxNQUFNLEVBQUUsTUFBTTtZQUNkLE9BQU8sRUFBRTtnQkFDUCxjQUFjLEVBQUUsMEJBQTBCO2FBQzNDO1lBQ0QsWUFBWSxFQUFFLGFBQWE7WUFDM0IsSUFBSSxFQUFFLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUMsS0FBSyxFQUFFO1NBQ3JDLENBQUMsQ0FBQztRQUVILE1BQU0sYUFBYSxHQUFHLEtBQUssQ0FBQyxZQUFZLENBQUMsT0FBTyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNwRSxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sSUFBSSxLQUFLLENBQUMsOERBQThELENBQUMsQ0FBQztRQUNsRixDQUFDO1FBRUQsTUFBTSxhQUFhLEdBQUcsS0FBSyxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FDbkQsYUFBYSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLFlBQVksQ0FDN0QsQ0FBQztRQUVGLE9BQU8sYUFBYSxDQUFDO0lBQ3ZCLENBQUM7SUFFTyxNQUFNLENBQUMsa0JBQWtCO1FBQy9CLE9BQU8sS0FBSyxDQUFDLGVBQWUsQ0FBQyxJQUFJLFVBQVUsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFTyxNQUFNLENBQUMsb0JBQW9CLENBQ2pDLGFBQXNDO1FBRXRDLE1BQU0sY0FBYyxHQUFHLGFBQWEsQ0FBQyxlQUFlLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxDQUM1RSxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsU0FBUyxDQUFDLE1BQU0sS0FBSyxvQkFBUyxDQUFDLGNBQWMsQ0FDN0QsQ0FBQztRQUNGLE9BQU8sY0FBYyxFQUFFLFNBQVMsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDO0lBQzNELENBQUM7Q0FDRjtBQXZJRCxnQ0F1SUMifQ==

package/dist/cjs/certificates/types.d.ts

@@ -0,0 +1,4 @@
+export type ValidateCertChainResult = {
+    success: boolean;
+    errorMessage?: string;
+};

package/dist/cjs/certificates/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY2VydGlmaWNhdGVzL3R5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==

package/dist/cjs/constants.d.ts

@@ -33,4 +33,9 @@ export declare const OID_CUSTOM_EXTENSION_ORDER_REPORT_HARDWARE_CONTEXT = "1.3.6
 export declare const OID_CUSTOM_EXTENSION_ORDER_REPORT_SIGNATURE_KEY_HASH = "1.3.6.1.3.8888.2.2";
 export declare const OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH = "1.3.6.1.3.8888.2.3";
 export declare const OID_CUSTOM_EXTENSION_ORDER_REPORT_HASH = "1.3.6.1.3.8888.2.4";
+export declare const OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION = "1.3.6.1.5.5.7.1.1";
+export declare const OID_CRL_DISTRIBUTION_POINTS = "2.5.29.31";
+export declare const OID_OCSP_ACCESS_METHOD = "1.3.6.1.5.5.7.48.1";
+export declare const OID_OCSP_ISSUER_ACCESS_METHOD = "1.3.6.1.5.5.7.48.2";
+export declare const OID_OCSP_NONCE = "1.3.6.1.5.5.7.48.1.2";
 export declare const SUPERPROTOCOL_CA = "-----BEGIN CERTIFICATE-----\nMIIWgTCCFWmgAwIBAgIBATANBgkqhkiG9w0BAQsFADB2MSIwIAYDVQQDExlTdXBl\nclByb3RvY29sIFRFRSBSb290IENBMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkx\nETAPBgNVBAcTCE5ldyBZb3JrMRYwFAYDVQQKEw1TdXBlclByb3RvY29sMQswCQYD\nVQQLEwJJVDAeFw0yNDA4MDEwMDAwMDBaFw0zNDA4MDEwMDAwMDBaMHYxIjAgBgNV\nBAMTGVN1cGVyUHJvdG9jb2wgVEVFIFJvb3QgQ0ExCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJOWTERMA8GA1UEBxMITmV3IFlvcmsxFjAUBgNVBAoTDVN1cGVyUHJvdG9j\nb2wxCzAJBgNVBAsTAklUMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA\nzglA7RQrU/3zTBOPToH8awa9H+bbuKIgXI7f04HIaLNSrbmiBM/4VndGHRJeW8YC\nNk9uI/A1asGn8YZZTwO9PoSFoxECcAicoVZBKCiu6rSwfCMtyrT96vSPgFM5rkJU\nkof7Sq+hiHM9gEyVgVnaj/bgqMFH6VbOQIRoXRp7TsfCGNrN5biOG4JZXN6i++jq\nZ8jRVWxJxmIOPenStyo56HxH77UzVmS6cP4h3ZSrU+dfzDzCt2DOYu70AL84xGEL\n8DrbzEkVsJ9hfgYEbrlqz1ZUxRK/sePzbpSMjLQgmpG19cO8Fiiw97zCMZ7cqaMm\nsw3QR+qDMr0F7/NwbVo3uwIDAQABo4ITGDCCExQwDAYDVR0TBAUwAwEB/zALBgNV\nHQ8EBAMCAvQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW\nBBSQ7zEN1IhJiwxL6iijRvUGOEPTAzAmBgNVHREEHzAdghtjYS50ZWUtZGV2LnN1\ncGVycHJvdG9jb2wuaW8wghKPBgsGCSqGSIb4TYo5BgSCEn4DAAIAAAAAAAkADQCT\nmnIz95xMqZQKDbOVfwYHG66I9FykKwvt/jQQCevuIgAAAAALDhAP//8AAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAAAAAAAOcAAAAA\nAAAAGs00+IfPwYb3wq4VwoEW0198mjskxvWclPjltUG9B2UAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAADTqfKiANP6A8gnpfND4RC97piHrKl9gOTqwWHGu\na5edAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAJ+nweKqz+nQJEZBiHgbktLiaAZj+hbLMUzRQaXO\n5vUbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADKEAAAOBkNJBM9MpAE\n1ULeXAvIzhmBokK1V69OIzmM8/sCqbNFnU3UXTvkkwGMJyV0Hxmrx5zwONSlFa7Y\nZUFe6JaOZdAHH3Sp7tOMqu9V942UT6y+BHHTHbBW4BWqPppF2uhRn5lIBy8UZAS6\nWt6ZFEiOkCTQDGrMrV7EA/ABcYpZss0LDhAP//8AAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVAAAAAAAAAOcAAAAAAAAAzh2omsH1SoBy\nV8TlfHgUDLxmUtTVh9YPBYMSWieSvnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAIxPV3XXllA+lhN/d8aKgpoAVqyN7XAUCwgbCUSQxXv/AAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAJAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAKP9h/uxkPlnxiBt+FJ1sCWR3TZxtbgnqHBtPilCnsc/AAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9bSJMCJpO6weDPAs3WXRDR3mnj9UdEZXL\nyaQ/Qviq6A3jVtUIoKhYOjL3W36u+zK1jbZ+90kgTbFuPcXo6VxdIAAAAQIDBAUG\nBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHwUAYg4AAC0tLS0tQkVHSU4gQ0VSVElG\nSUNBVEUtLS0tLQpNSUlFOGpDQ0JKaWdBd0lCQWdJVWZ3Nm44NU9Ob2FkQjh1TmVN\nd0ZtWS9iZWlRVXdDZ1lJS29aSXpqMEVBd0l3CmNERWlNQ0FHQTFVRUF3d1pTVzUw\nWld3Z1UwZFlJRkJEU3lCUWJHRjBabTl5YlNCRFFURWFNQmdHQTFVRUNnd1IKU1c1\nMFpXd2dRMjl5Y0c5eVlYUnBiMjR4RkRBU0JnTlZCQWNNQzFOaGJuUmhJRU5zWVhK\naE1Rc3dDUVlEVlFRSQpEQUpEUVRFTE1Ba0dBMVVFQmhNQ1ZWTXdIaGNOTWpNd016\nQTVNVGN3TVRFMFdoY05NekF3TXpBNU1UY3dNVEUwCldqQndNU0l3SUFZRFZRUURE\nQmxKYm5SbGJDQlRSMWdnVUVOTElFTmxjblJwWm1sallYUmxNUm93R0FZRFZRUUsK\nREJGSmJuUmxiQ0JEYjNKd2IzSmhkR2x2YmpFVU1CSUdBMVVFQnd3TFUyRnVkR0Vn\nUTJ4aGNtRXhDekFKQmdOVgpCQWdNQWtOQk1Rc3dDUVlEVlFRR0V3SlZVekJaTUJN\nR0J5cUdTTTQ5QWdFR0NDcUdTTTQ5QXdFSEEwSUFCRk83CmlveHJwNFBoOXNwTXE2\nbDRKc05YSVVCeE9jR21rREFXNDJrZ3NBOWwvS3ZFNkRJRmpyLzF3UTdMcjRQdUln\nUEsKV2F3aHBrUnJYaDZadk5uWFpCZWpnZ01PTUlJRENqQWZCZ05WSFNNRUdEQVdn\nQlNWYjEzTnZSdmg2VUJKeWRUMApNODRCVnd2ZVZEQnJCZ05WSFI4RVpEQmlNR0Nn\nWHFCY2hscG9kSFJ3Y3pvdkwyRndhUzUwY25WemRHVmtjMlZ5CmRtbGpaWE11YVc1\nMFpXd3VZMjl0TDNObmVDOWpaWEowYVdacFkyRjBhVzl1TDNZMEwzQmphMk55YkQ5\nallUMXcKYkdGMFptOXliU1psYm1OdlpHbHVaejFrWlhJd0hRWURWUjBPQkJZRUZI\nZ2FucEY0VXV2SmpCZ2VEQmgvM0xvbAoxU3dwTUE0R0ExVWREd0VCL3dRRUF3SUd3\nREFNQmdOVkhSTUJBZjhFQWpBQU1JSUNPd1lKS29aSWh2aE5BUTBCCkJJSUNMREND\nQWlnd0hnWUtLb1pJaHZoTkFRMEJBUVFRUDVwUHZoK0VwcVMxSkpRdGVXN0JrREND\nQVdVR0NpcUcKU0liNFRRRU5BUUl3Z2dGVk1CQUdDeXFHU0liNFRRRU5BUUlCQWdF\nSE1CQUdDeXFHU0liNFRRRU5BUUlDQWdFSgpNQkFHQ3lxR1NJYjRUUUVOQVFJREFn\nRURNQkFHQ3lxR1NJYjRUUUVOQVFJRUFnRURNQkVHQ3lxR1NJYjRUUUVOCkFRSUZB\nZ0lBL3pBUkJnc3Foa2lHK0UwQkRRRUNCZ0lDQVA4d0VBWUxLb1pJaHZoTkFRMEJB\nZ2NDQVFBd0VBWUwKS29aSWh2aE5BUTBCQWdnQ0FRQXdFQVlMS29aSWh2aE5BUTBC\nQWdrQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWdvQwpBUUF3RUFZTEtvWklodmhOQVEw\nQkFnc0NBUUF3RUFZTEtvWklodmhOQVEwQkFnd0NBUUF3RUFZTEtvWklodmhOCkFR\nMEJBZzBDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZzRDQVFBd0VBWUxLb1pJaHZoTkFR\nMEJBZzhDQVFBd0VBWUwKS29aSWh2aE5BUTBCQWhBQ0FRQXdFQVlMS29aSWh2aE5B\nUTBCQWhFQ0FRMHdId1lMS29aSWh2aE5BUTBCQWhJRQpFQWNKQXdQLy93QUFBQUFB\nQUFBQUFBQXdFQVlLS29aSWh2aE5BUTBCQXdRQ0FBQXdGQVlLS29aSWh2aE5BUTBC\nCkJBUUdNR0JxQUFBQU1BOEdDaXFHU0liNFRRRU5BUVVLQVFFd0hnWUtLb1pJaHZo\nTkFRMEJCZ1FRVnZnMnVWdHYKMU1rM0xTYU9mSjRWSkRCRUJnb3Foa2lHK0UwQkRR\nRUhNRFl3RUFZTEtvWklodmhOQVEwQkJ3RUJBZjh3RUFZTApLb1pJaHZoTkFRMEJC\nd0lCQWY4d0VBWUxLb1pJaHZoTkFRMEJCd01CQWY4d0NnWUlLb1pJemowRUF3SURT\nQUF3ClJRSWhBSWVacWV6bGxETEZjcEFYVmlrellqVVFvOEtGVllqY05SOU14TXFh\nMHRjaUFpQUgvcGYzZ3VKMEhpTVkKWUN4QTRFZGZWcGVBZ3p3WnEweEpuNlNRN2tV\nK3BBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJ\nRklDQVRFLS0tLS0KTUlJQ2xqQ0NBajJnQXdJQkFnSVZBSlZ2WGMyOUcrSHBRRW5K\nMVBRenpnRlhDOTVVTUFvR0NDcUdTTTQ5QkFNQwpNR2d4R2pBWUJnTlZCQU1NRVVs\ndWRHVnNJRk5IV0NCU2IyOTBJRU5CTVJvd0dBWURWUVFLREJGSmJuUmxiQ0JECmIz\nSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJn\nTlZCQWdNQWtOQk1Rc3cKQ1FZRFZRUUdFd0pWVXpBZUZ3MHhPREExTWpFeE1EVXdN\nVEJhRncwek16QTFNakV4TURVd01UQmFNSEF4SWpBZwpCZ05WQkFNTUdVbHVkR1Zz\nSUZOSFdDQlFRMHNnVUd4aGRHWnZjbTBnUTBFeEdqQVlCZ05WQkFvTUVVbHVkR1Zz\nCklFTnZjbkJ2Y21GMGFXOXVNUlF3RWdZRFZRUUhEQXRUWVc1MFlTQkRiR0Z5WVRF\nTE1Ba0dBMVVFQ0F3Q1EwRXgKQ3pBSkJnTlZCQVlUQWxWVE1Ga3dFd1lIS29aSXpq\nMENBUVlJS29aSXpqMERBUWNEUWdBRU5TQi83dDIxbFhTTwoyQ3V6cHh3NzRlSkI3\nMkV5REdnVzVyWEN0eDJ0VlRMcTZoS2s2eitVaVJaQ25xUjdwc092Z3FGZVN4bG1U\nbEpsCmVUbWkyV1l6M3FPQnV6Q0J1REFmQmdOVkhTTUVHREFXZ0JRaVpReldXcDAw\naWZPRHRKVlN2MUFiT1NjR3JEQlMKQmdOVkhSOEVTekJKTUVlZ1JhQkRoa0ZvZEhS\nd2N6b3ZMMk5sY25ScFptbGpZWFJsY3k1MGNuVnpkR1ZrYzJWeQpkbWxqWlhNdWFX\nNTBaV3d1WTI5dEwwbHVkR1ZzVTBkWVVtOXZkRU5CTG1SbGNqQWRCZ05WSFE0RUZn\nUVVsVzlkCnpiMGI0ZWxBU2NuVTlEUE9BVmNMM2xRd0RnWURWUjBQQVFIL0JBUURB\nZ0VHTUJJR0ExVWRFd0VCL3dRSU1BWUIKQWY4Q0FRQXdDZ1lJS29aSXpqMEVBd0lE\nUndBd1JBSWdYc1ZraTB3K2k2VllHVzNVRi8yMnVhWGUwWUpEajFVZQpuQStUakQx\nYWk1Y0NJQ1liMVNBbUQ1eGtmVFZwdm80VW95aVNZeHJEV0xtVVI0Q0k5Tkt5ZlBO\nKwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNB\nVEUtLS0tLQpNSUlDanpDQ0FqU2dBd0lCQWdJVUltVU0xbHFkTkluemc3U1ZVcjlR\nR3prbkJxd3dDZ1lJS29aSXpqMEVBd0l3CmFERWFNQmdHQTFVRUF3d1JTVzUwWld3\nZ1UwZFlJRkp2YjNRZ1EwRXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnYKY25CdmNt\nRjBhVzl1TVJRd0VnWURWUVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNB\nd0NRMEV4Q3pBSgpCZ05WQkFZVEFsVlRNQjRYRFRFNE1EVXlNVEV3TkRVeE1Gb1hE\nVFE1TVRJek1USXpOVGsxT1Zvd2FERWFNQmdHCkExVUVBd3dSU1c1MFpXd2dVMGRZ\nSUZKdmIzUWdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52Y25CdmNtRjAKYVc5\ndU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBF\neEN6QUpCZ05WQkFZVApBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFR\nY0RRZ0FFQzZuRXdNRElZWk9qL2lQV3NDemFFS2k3CjFPaU9TTFJGaFdHamJuQlZK\nZlZua1k0dTNJamtEWVlMME14TzRtcXN5WWpsQmFsVFZZeEZQMnNKQks1emxLT0IK\ndXpDQnVEQWZCZ05WSFNNRUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3YxQWJPU2NH\nckRCU0JnTlZIUjhFU3pCSgpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxjblJwWm1s\nallYUmxjeTUwY25WemRHVmtjMlZ5ZG1salpYTXVhVzUwClpXd3VZMjl0TDBsdWRH\nVnNVMGRZVW05dmRFTkJMbVJsY2pBZEJnTlZIUTRFRmdRVUltVU0xbHFkTkluemc3\nU1YKVXI5UUd6a25CcXd3RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFVZEV3RUIv\nd1FJTUFZQkFmOENBUUV3Q2dZSQpLb1pJemowRUF3SURTUUF3UmdJaEFPVy81UWtS\nK1M5Q2lTRGNOb293THVQUkxzV0dmL1lpN0dTWDk0Qmd3VHdnCkFpRUE0SjBsckhv\nTXMrWG81by9zWDZPOVFXeEhSQXZaVUdPZFJRN2N2cVJYYXFJPQotLS0tLUVORCBD\nRVJUSUZJQ0FURS0tLS0tCgAwDQYJKoZIhvcNAQELBQADggEBAGHbT1NQEW0t5uYp\nmskVka8DDrgVEM8She2htuRXNeeTpaImsFWQhQeSqlK/yc3NH2/+RfGGu4UT/zgS\n4T/oLc8HosQFZxkvcESz1YKtSqHYhfuavlDuR6K0/RS6wy1dADvA6X3b57dJ81EP\nZ/dda6qpPxXBiwhpfcFJtpiP0tIYhS6LJgFnSAdEE9G1HwYUrCYsjQ2LCgBQDqYB\n9AWDmUBh8SSdRQzYJfmHG8LTXox/8mD9Hq8HPhzEzSFwu/Yy+KZX9uxEw0vPvmVI\nbalDQD+0bddS+Jvj4ELLmKRk/yX51Lqx6YYr0rSX7t9RaI9F9muzzQ4mWzWA6ief\nYwF1StA=\n-----END CERTIFICATE-----";

package/dist/cjs/constants.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.SUPERPROTOCOL_CA = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_SIGNATURE_KEY_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HARDWARE_CONTEXT = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT = exports.TEE_LOADER_TRUSTED_CERTIFICATE = exports.TEE_LOADER_TRUSTED_MRSIGNER = exports.ZERO_HASH = exports.HTTPS_PORT = exports.DEFAULT_OFFER_VERSION = exports.AMOY_TX_GAS_LIMIT = exports.AMOY_TX_COST_LIMIT = exports.POLYGON_MAIN_GASSTATION_URL = exports.POLYGON_AMOY_GASSTATION_URL = exports.POLYGON_AMOY_CHAIN_ID = exports.POLYGON_MAIN_CHAIN_ID = exports.BLOCKCHAIN_BATCH_REQUEST_TIMEOUT = exports.BLOCKCHAIN_CALL_RETRY_INTERVAL = exports.BLOCKCHAIN_CALL_RETRY_ATTEMPTS = exports.POLYGON_MATIC_EVENT_PATH = exports.BLOCK_SIZE_TO_FETCH_TRANSACTION = exports.FIVE_MINUTES = exports.ONE_HOUR = exports.ONE_DAY = exports.txIntervalMs = exports.txConcurrency = exports.defaultMaxPriorityFeePerGasMultiplier = exports.defaultMaxFeePerGasMultiplier = exports.defaultGasLimitMultiplier = exports.defaultGasPriceMultiplier = exports.defaultGasPrice = exports.defaultGasLimit = exports.defaultBlockchainUrl = void 0;
+exports.SUPERPROTOCOL_CA = exports.OID_OCSP_NONCE = exports.OID_OCSP_ISSUER_ACCESS_METHOD = exports.OID_OCSP_ACCESS_METHOD = exports.OID_CRL_DISTRIBUTION_POINTS = exports.OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_SIGNATURE_KEY_HASH = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HARDWARE_CONTEXT = exports.OID_CUSTOM_EXTENSION_ORDER_REPORT = exports.TEE_LOADER_TRUSTED_CERTIFICATE = exports.TEE_LOADER_TRUSTED_MRSIGNER = exports.ZERO_HASH = exports.HTTPS_PORT = exports.DEFAULT_OFFER_VERSION = exports.AMOY_TX_GAS_LIMIT = exports.AMOY_TX_COST_LIMIT = exports.POLYGON_MAIN_GASSTATION_URL = exports.POLYGON_AMOY_GASSTATION_URL = exports.POLYGON_AMOY_CHAIN_ID = exports.POLYGON_MAIN_CHAIN_ID = exports.BLOCKCHAIN_BATCH_REQUEST_TIMEOUT = exports.BLOCKCHAIN_CALL_RETRY_INTERVAL = exports.BLOCKCHAIN_CALL_RETRY_ATTEMPTS = exports.POLYGON_MATIC_EVENT_PATH = exports.BLOCK_SIZE_TO_FETCH_TRANSACTION = exports.FIVE_MINUTES = exports.ONE_HOUR = exports.ONE_DAY = exports.txIntervalMs = exports.txConcurrency = exports.defaultMaxPriorityFeePerGasMultiplier = exports.defaultMaxFeePerGasMultiplier = exports.defaultGasLimitMultiplier = exports.defaultGasPriceMultiplier = exports.defaultGasPrice = exports.defaultGasLimit = exports.defaultBlockchainUrl = void 0;
 const dto_js_1 = require("@super-protocol/dto-js");
 exports.defaultBlockchainUrl = 'http://127.0.0.1:8545';
 exports.defaultGasLimit = BigInt(7000000);
@@ -63,6 +63,11 @@ exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HARDWARE_CONTEXT = `${exports.OID_CUST
 exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_SIGNATURE_KEY_HASH = `${exports.OID_CUSTOM_EXTENSION_ORDER_REPORT}.2`;
 exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH = `${exports.OID_CUSTOM_EXTENSION_ORDER_REPORT}.3`;
 exports.OID_CUSTOM_EXTENSION_ORDER_REPORT_HASH = `${exports.OID_CUSTOM_EXTENSION_ORDER_REPORT}.4`;
+exports.OID_AUTHORITY_INFORMATION_ACCESS_EXTENSION = '1.3.6.1.5.5.7.1.1';
+exports.OID_CRL_DISTRIBUTION_POINTS = '2.5.29.31';
+exports.OID_OCSP_ACCESS_METHOD = '1.3.6.1.5.5.7.48.1';
+exports.OID_OCSP_ISSUER_ACCESS_METHOD = '1.3.6.1.5.5.7.48.2';
+exports.OID_OCSP_NONCE = '1.3.6.1.5.5.7.48.1.2';
 exports.SUPERPROTOCOL_CA = `-----BEGIN CERTIFICATE-----
 MIIWgTCCFWmgAwIBAgIBATANBgkqhkiG9w0BAQsFADB2MSIwIAYDVQQDExlTdXBl
 clByb3RvY29sIFRFRSBSb290IENBMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkx
@@ -186,4 +191,4 @@ Z/dda6qpPxXBiwhpfcFJtpiP0tIYhS6LJgFnSAdEE9G1HwYUrCYsjQ2LCgBQDqYB
 balDQD+0bddS+Jvj4ELLmKRk/yX51Lqx6YYr0rSX7t9RaI9F9muzzQ4mWzWA6ief
 YwF1StA=
 -----END CERTIFICATE-----`;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2NvbnN0YW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtREFBdUU7QUFFMUQsUUFBQSxvQkFBb0IsR0FBRyx1QkFBdUIsQ0FBQztBQUMvQyxRQUFBLGVBQWUsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7QUFDbEMsUUFBQSxlQUFlLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0FBQ3JDLFFBQUEseUJBQXlCLEdBQUcsQ0FBQyxDQUFDO0FBQzlCLFFBQUEseUJBQXlCLEdBQUcsR0FBRyxDQUFDO0FBQ2hDLFFBQUEsNkJBQTZCLEdBQUcsQ0FBQyxDQUFDO0FBQ2xDLFFBQUEscUNBQXFDLEdBQUcsR0FBRyxDQUFDO0FBQzVDLFFBQUEsYUFBYSxHQUFHLEVBQUUsQ0FBQztBQUNuQixRQUFBLFlBQVksR0FBRyxFQUFFLENBQUM7QUFDbEIsUUFBQSxPQUFPLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLENBQUM7QUFDdkIsUUFBQSxRQUFRLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUNuQixRQUFBLFlBQVksR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO0FBQ3RCLFFBQUEsK0JBQStCLEdBQUcsR0FBRyxDQUFDO0FBQ3RDLFFBQUEsd0JBQXdCLEdBQUcsNENBQTRDLENBQUM7QUFDeEUsUUFBQSw4QkFBOEIsR0FBRyxFQUFFLENBQUM7QUFDcEMsUUFBQSw4QkFBOEIsR0FBRyxJQUFJLENBQUM7QUFDdEMsUUFBQSxnQ0FBZ0MsR0FBRyxLQUFLLENBQUM7QUFDekMsUUFBQSxxQkFBcUIsR0FBRyxHQUFHLENBQUM7QUFDNUIsUUFBQSxxQkFBcUIsR0FBRyxLQUFLLENBQUM7QUFDOUIsUUFBQSwyQkFBMkIsR0FBRyw0Q0FBNEMsQ0FBQztBQUMzRSxRQUFBLDJCQUEyQixHQUFHLDBDQUEwQyxDQUFDO0FBQ3pFLFFBQUEsa0JBQWtCLEdBQUcsTUFBTSxDQUFDLG9CQUFvQixDQUFDLENBQUM7QUFDbEQsUUFBQSxpQkFBaUIsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLENBQUM7QUFDdEMsUUFBQSxxQkFBcUIsR0FBRyxDQUFDLENBQUM7QUFDMUIsUUFBQSxVQUFVLEdBQUcsR0FBRyxDQUFDO0FBQ2pCLFFBQUEsU0FBUyxHQUFTO0lBQzdCLElBQUksRUFBRSxrRUFBa0U7SUFDeEUsSUFBSSxFQUFFLHNCQUFhLENBQUMsTUFBTTtJQUMxQixRQUFRLEVBQUUsaUJBQVEsQ0FBQyxNQUFNO0NBQzFCLENBQUM7QUFDVyxRQUFBLDJCQUEyQixHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQ3BELGtFQUFrRSxFQUNsRSxLQUFLLENBQ04sQ0FBQztBQUNXLFFBQUEsOEJBQThCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzswQkF3QnBCLENBQUM7QUFDZCxRQUFBLGlDQUFpQyxHQUFHLGtCQUFrQixDQUFDO0FBQ3ZELFFBQUEsa0RBQWtELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQzlGLFFBQUEsb0RBQW9ELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2hHLFFBQUEsb0RBQW9ELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2hHLFFBQUEsc0NBQXNDLEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2xGLFFBQUEsZ0JBQWdCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzBCQTBITixDQUFDIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uc3RhbnRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2NvbnN0YW50cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtREFBdUU7QUFFMUQsUUFBQSxvQkFBb0IsR0FBRyx1QkFBdUIsQ0FBQztBQUMvQyxRQUFBLGVBQWUsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7QUFDbEMsUUFBQSxlQUFlLEdBQUcsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDO0FBQ3JDLFFBQUEseUJBQXlCLEdBQUcsQ0FBQyxDQUFDO0FBQzlCLFFBQUEseUJBQXlCLEdBQUcsR0FBRyxDQUFDO0FBQ2hDLFFBQUEsNkJBQTZCLEdBQUcsQ0FBQyxDQUFDO0FBQ2xDLFFBQUEscUNBQXFDLEdBQUcsR0FBRyxDQUFDO0FBQzVDLFFBQUEsYUFBYSxHQUFHLEVBQUUsQ0FBQztBQUNuQixRQUFBLFlBQVksR0FBRyxFQUFFLENBQUM7QUFDbEIsUUFBQSxPQUFPLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLENBQUM7QUFDdkIsUUFBQSxRQUFRLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUNuQixRQUFBLFlBQVksR0FBRyxDQUFDLEdBQUcsRUFBRSxDQUFDO0FBQ3RCLFFBQUEsK0JBQStCLEdBQUcsR0FBRyxDQUFDO0FBQ3RDLFFBQUEsd0JBQXdCLEdBQUcsNENBQTRDLENBQUM7QUFDeEUsUUFBQSw4QkFBOEIsR0FBRyxFQUFFLENBQUM7QUFDcEMsUUFBQSw4QkFBOEIsR0FBRyxJQUFJLENBQUM7QUFDdEMsUUFBQSxnQ0FBZ0MsR0FBRyxLQUFLLENBQUM7QUFDekMsUUFBQSxxQkFBcUIsR0FBRyxHQUFHLENBQUM7QUFDNUIsUUFBQSxxQkFBcUIsR0FBRyxLQUFLLENBQUM7QUFDOUIsUUFBQSwyQkFBMkIsR0FBRyw0Q0FBNEMsQ0FBQztBQUMzRSxRQUFBLDJCQUEyQixHQUFHLDBDQUEwQyxDQUFDO0FBQ3pFLFFBQUEsa0JBQWtCLEdBQUcsTUFBTSxDQUFDLG9CQUFvQixDQUFDLENBQUM7QUFDbEQsUUFBQSxpQkFBaUIsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLENBQUM7QUFDdEMsUUFBQSxxQkFBcUIsR0FBRyxDQUFDLENBQUM7QUFDMUIsUUFBQSxVQUFVLEdBQUcsR0FBRyxDQUFDO0FBQ2pCLFFBQUEsU0FBUyxHQUFTO0lBQzdCLElBQUksRUFBRSxrRUFBa0U7SUFDeEUsSUFBSSxFQUFFLHNCQUFhLENBQUMsTUFBTTtJQUMxQixRQUFRLEVBQUUsaUJBQVEsQ0FBQyxNQUFNO0NBQzFCLENBQUM7QUFDVyxRQUFBLDJCQUEyQixHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQ3BELGtFQUFrRSxFQUNsRSxLQUFLLENBQ04sQ0FBQztBQUNXLFFBQUEsOEJBQThCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzswQkF3QnBCLENBQUM7QUFDZCxRQUFBLGlDQUFpQyxHQUFHLGtCQUFrQixDQUFDO0FBQ3ZELFFBQUEsa0RBQWtELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQzlGLFFBQUEsb0RBQW9ELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2hHLFFBQUEsb0RBQW9ELEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2hHLFFBQUEsc0NBQXNDLEdBQUcsR0FBRyx5Q0FBaUMsSUFBSSxDQUFDO0FBQ2xGLFFBQUEsMENBQTBDLEdBQUcsbUJBQW1CLENBQUM7QUFDakUsUUFBQSwyQkFBMkIsR0FBRyxXQUFXLENBQUM7QUFDMUMsUUFBQSxzQkFBc0IsR0FBRyxvQkFBb0IsQ0FBQztBQUM5QyxRQUFBLDZCQUE2QixHQUFHLG9CQUFvQixDQUFDO0FBQ3JELFFBQUEsY0FBYyxHQUFHLHNCQUFzQixDQUFDO0FBQ3hDLFFBQUEsZ0JBQWdCLEdBQUc7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OzBCQTBITixDQUFDIn0=

package/dist/cjs/index.d.ts

@@ -4,6 +4,7 @@ export { Config } from './connectors/BaseConnector.js';
 export { default as BlockchainEventsListener } from './connectors/BlockchainEventsListener.js';
 export { default as Crypto } from './crypto/index.js';
 export * from './crypto/index.js';
+export * from './certificates/index.js';
 export { default as TIIGenerator } from './TIIGenerator.js';
 export * from './TIIGenerator.js';
 export { default as RIGenerator } from './RIGenerator.js';

package/dist/cjs/index.js

@@ -39,6 +39,7 @@ Object.defineProperty(exports, "BlockchainEventsListener", { enumerable: true, g
 var index_js_1 = require("./crypto/index.js");
 Object.defineProperty(exports, "Crypto", { enumerable: true, get: function () { return __importDefault(index_js_1).default; } });
 __exportStar(require("./crypto/index.js"), exports);
+__exportStar(require("./certificates/index.js"), exports);
 var TIIGenerator_js_1 = require("./TIIGenerator.js");
 Object.defineProperty(exports, "TIIGenerator", { enumerable: true, get: function () { return __importDefault(TIIGenerator_js_1).default; } });
 __exportStar(require("./TIIGenerator.js"), exports);
@@ -173,4 +174,4 @@ __exportStar(require("./utils/schema-utils/index.js"), exports);
 exports.ResourceLoaderUtils = __importStar(require("./utils/resourceLoaders/index.js"));
 var TeeSignatureVerifier_js_1 = require("./tee/TeeSignatureVerifier.js");
 Object.defineProperty(exports, "TeeSignatureVerifier", { enumerable: true, get: function () { return TeeSignatureVerifier_js_1.TeeSignatureVerifier; } });
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsOEVBQXFGO0FBQTVFLDhJQUFBLE9BQU8sT0FBdUI7QUFFdkMsc0VBQW9EO0FBSXBELHdGQUErRjtBQUF0Rix3SkFBQSxPQUFPLE9BQTRCO0FBRTVDLDhDQUFzRDtBQUE3QyxtSEFBQSxPQUFPLE9BQVU7QUFDMUIsb0RBQWtDO0FBRWxDLHFEQUE0RDtBQUFuRCxnSUFBQSxPQUFPLE9BQWdCO0FBQ2hDLG9EQUFrQztBQUVsQyxtREFBMEQ7QUFBakQsOEhBQUEsT0FBTyxPQUFlO0FBQy9CLG9EQUFrQztBQUVsQyw0REFBbUU7QUFBMUQsMEhBQUEsT0FBTyxPQUFhO0FBQzdCLDhEQUE0QztBQUU1QyxzREFBNkQ7QUFBcEQsb0hBQUEsT0FBTyxPQUFVO0FBQzFCLDJEQUF5QztBQUV6QyxrRUFBeUU7QUFBaEUsZ0lBQUEsT0FBTyxPQUFnQjtBQUNoQyxpRUFBK0M7QUFFL0Msa0VBQXlFO0FBQWhFLGdJQUFBLE9BQU8sT0FBZ0I7QUFDaEMsaUVBQStDO0FBRS9DLHNEQUE2RDtBQUFwRCxvSEFBQSxPQUFPLE9BQVU7QUFDMUIsMkRBQXlDO0FBRXpDLDREQUFtRTtBQUExRCwwSEFBQSxPQUFPLE9BQWE7QUFDN0IsOERBQTRDO0FBRTVDLDBFQUFpRjtBQUF4RSx3SUFBQSxPQUFPLE9BQW9CO0FBQ3BDLHFFQUFtRDtBQUVuRCxvRUFBMkU7QUFBbEUsa0lBQUEsT0FBTyxPQUFpQjtBQUNqQyxrRUFBZ0Q7QUFFaEQsMERBQWlFO0FBQXhELHdIQUFBLE9BQU8sT0FBWTtBQUM1Qiw2REFBMkM7QUFFM0Msb0RBQTJEO0FBQWxELGtIQUFBLE9BQU8sT0FBUztBQUN6QiwwREFBd0M7QUFFeEMsMERBQWlFO0FBQXhELHdIQUFBLE9BQU8sT0FBWTtBQUM1Qiw2REFBMkM7QUFFM0Msc0VBQTZFO0FBQXBFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsbUVBQWlEO0FBRWpELHdGQUErRjtBQUF0RixzSkFBQSxPQUFPLE9BQTJCO0FBQzNDLDRFQUEwRDtBQUUxRCxzRUFBNkU7QUFBcEUsb0lBQUEsT0FBTyxPQUFrQjtBQUNsQyxtRUFBaUQ7QUFFakQsc0ZBQTZGO0FBQXBGLG9KQUFBLE9BQU8sT0FBMEI7QUFDMUMsMkVBQXlEO0FBRXpELG9GQUEyRjtBQUFsRixrSkFBQSxPQUFPLE9BQXlCO0FBQ3pDLDBFQUF3RDtBQUV4RCxzRUFBNkU7QUFBcEUsb0lBQUEsT0FBTyxPQUFrQjtBQUNsQyxtRUFBaUQ7QUFFakQsOENBQXFEO0FBQTVDLGtIQUFBLE9BQU8sT0FBUztBQUN6QixvREFBa0M7QUFFbEMsb0RBQTJEO0FBQWxELHdIQUFBLE9BQU8sT0FBWTtBQUM1Qix1REFBcUM7QUFFckMsb0RBQTJEO0FBQWxELHdIQUFBLE9BQU8sT0FBWTtBQUM1Qix1REFBcUM7QUFFckMsOENBQXFEO0FBQTVDLGtIQUFBLE9BQU8sT0FBUztBQUN6QixvREFBa0M7QUFFbEMsMENBQWlEO0FBQXhDLDhHQUFBLE9BQU8sT0FBTztBQUN2QixrREFBZ0M7QUFFaEMsbURBQWlDO0FBRWpDLHlHQUF5RjtBQUN6Rix1RUFBMkY7QUFBbEYsZ0lBQUEsT0FBTyxPQUFnQjtBQUNoQyx5RkFHc0Q7QUFGcEQsa0pBQUEsT0FBTyxPQUF5QjtBQUdsQywyRkFBa0c7QUFBekYsb0pBQUEsT0FBTyxPQUEwQjtBQUUxQywyRUFJK0M7QUFIN0Msb0lBQUEsT0FBTyxPQUFrQjtBQUN6QixnSEFBQSxXQUFXLE9BQUE7QUFHYix1RkFJcUQ7QUFIbkQsZ0pBQUEsT0FBTyxPQUF3QjtBQUUvQiw0SEFBQSxpQkFBaUIsT0FBQTtBQU1uQixtRkFBMEY7QUFBakYsNElBQUEsT0FBTyxPQUFzQjtBQUV0Qyw2RkFBeUY7QUFBaEYscUlBQUEsdUJBQXVCLE9BQUE7QUFDaEMsNkZBR3dEO0FBRnRELG9JQUFBLHNCQUFzQixPQUFBO0FBQ3RCLHFJQUFBLHVCQUF1QixPQUFBO0FBR3pCLG1FQUFpRDtBQUNqRCxvRUFBb0Q7QUFDcEQsNERBQTRDO0FBRTVDLHFEQUF5RTtBQUFoRSxpSUFBQSxpQ0FBaUMsT0FBQTtBQUUxQywwQkFBd0I7QUFFeEIsa0RBQWdDO0FBQ2hDLDJDQUEyQztBQUFsQyxxR0FBQSxTQUFTLE9BQUE7QUFDbEIsdURBQTZFO0FBQXBFLDhHQUFBLFlBQVksT0FBQTtBQUFFLDhHQUFBLFlBQVksT0FBQTtBQUFFLDJHQUFBLFNBQVMsT0FBQTtBQUM5Qyw2REFBeUQ7QUFBaEQsbUhBQUEsY0FBYyxPQUFBO0FBQ3ZCLG9EQUFrQztBQUNsQyxpRUFBNkQ7QUFBcEQsdUhBQUEsZ0JBQWdCLE9BQUE7QUFDekIsMkVBQXVFO0FBQTlELGlJQUFBLHFCQUFxQixPQUFBO0FBQzlCLHFFQUFpRTtBQUF4RCwySEFBQSxrQkFBa0IsT0FBQTtBQUUzQix1REFBcUM7QUFDckMseURBQWdFO0FBQXZELDBIQUFBLE9BQU8sT0FBYTtBQUM3Qix3RkFBK0Y7QUFBdEYsMElBQUEsT0FBTyxPQUFxQjtBQUNyQyw4RkFBcUc7QUFBNUYsZ0pBQUEsT0FBTyxPQUF3QjtBQUN4Qyw4RUFBcUY7QUFBNUUsb0lBQUEsT0FBTyxPQUFrQjtBQUNsQyw4RUFBcUY7QUFBNUUsb0lBQUEsT0FBTyxPQUFrQjtBQUNsQyx5REFBdUM7QUFDdkMseURBQXVDO0FBQ3ZDLDBEQUF3QztBQUN4QyxvREFBa0M7QUFDbEMsZ0VBQThDO0FBQzlDLHdGQUF3RTtBQUN4RSx5RUFBcUU7QUFBNUQsK0hBQUEsb0JBQW9CLE9BQUEifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsOEVBQXFGO0FBQTVFLDhJQUFBLE9BQU8sT0FBdUI7QUFFdkMsc0VBQW9EO0FBSXBELHdGQUErRjtBQUF0Rix3SkFBQSxPQUFPLE9BQTRCO0FBRTVDLDhDQUFzRDtBQUE3QyxtSEFBQSxPQUFPLE9BQVU7QUFDMUIsb0RBQWtDO0FBRWxDLDBEQUF3QztBQUV4QyxxREFBNEQ7QUFBbkQsZ0lBQUEsT0FBTyxPQUFnQjtBQUNoQyxvREFBa0M7QUFFbEMsbURBQTBEO0FBQWpELDhIQUFBLE9BQU8sT0FBZTtBQUMvQixvREFBa0M7QUFFbEMsNERBQW1FO0FBQTFELDBIQUFBLE9BQU8sT0FBYTtBQUM3Qiw4REFBNEM7QUFFNUMsc0RBQTZEO0FBQXBELG9IQUFBLE9BQU8sT0FBVTtBQUMxQiwyREFBeUM7QUFFekMsa0VBQXlFO0FBQWhFLGdJQUFBLE9BQU8sT0FBZ0I7QUFDaEMsaUVBQStDO0FBRS9DLGtFQUF5RTtBQUFoRSxnSUFBQSxPQUFPLE9BQWdCO0FBQ2hDLGlFQUErQztBQUUvQyxzREFBNkQ7QUFBcEQsb0hBQUEsT0FBTyxPQUFVO0FBQzFCLDJEQUF5QztBQUV6Qyw0REFBbUU7QUFBMUQsMEhBQUEsT0FBTyxPQUFhO0FBQzdCLDhEQUE0QztBQUU1QywwRUFBaUY7QUFBeEUsd0lBQUEsT0FBTyxPQUFvQjtBQUNwQyxxRUFBbUQ7QUFFbkQsb0VBQTJFO0FBQWxFLGtJQUFBLE9BQU8sT0FBaUI7QUFDakMsa0VBQWdEO0FBRWhELDBEQUFpRTtBQUF4RCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsNkRBQTJDO0FBRTNDLG9EQUEyRDtBQUFsRCxrSEFBQSxPQUFPLE9BQVM7QUFDekIsMERBQXdDO0FBRXhDLDBEQUFpRTtBQUF4RCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsNkRBQTJDO0FBRTNDLHNFQUE2RTtBQUFwRSxvSUFBQSxPQUFPLE9BQWtCO0FBQ2xDLG1FQUFpRDtBQUVqRCx3RkFBK0Y7QUFBdEYsc0pBQUEsT0FBTyxPQUEyQjtBQUMzQyw0RUFBMEQ7QUFFMUQsc0VBQTZFO0FBQXBFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsbUVBQWlEO0FBRWpELHNGQUE2RjtBQUFwRixvSkFBQSxPQUFPLE9BQTBCO0FBQzFDLDJFQUF5RDtBQUV6RCxvRkFBMkY7QUFBbEYsa0pBQUEsT0FBTyxPQUF5QjtBQUN6QywwRUFBd0Q7QUFFeEQsc0VBQTZFO0FBQXBFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsbUVBQWlEO0FBRWpELDhDQUFxRDtBQUE1QyxrSEFBQSxPQUFPLE9BQVM7QUFDekIsb0RBQWtDO0FBRWxDLG9EQUEyRDtBQUFsRCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsdURBQXFDO0FBRXJDLG9EQUEyRDtBQUFsRCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsdURBQXFDO0FBRXJDLDhDQUFxRDtBQUE1QyxrSEFBQSxPQUFPLE9BQVM7QUFDekIsb0RBQWtDO0FBRWxDLDBDQUFpRDtBQUF4Qyw4R0FBQSxPQUFPLE9BQU87QUFDdkIsa0RBQWdDO0FBRWhDLG1EQUFpQztBQUVqQyx5R0FBeUY7QUFDekYsdUVBQTJGO0FBQWxGLGdJQUFBLE9BQU8sT0FBZ0I7QUFDaEMseUZBR3NEO0FBRnBELGtKQUFBLE9BQU8sT0FBeUI7QUFHbEMsMkZBQWtHO0FBQXpGLG9KQUFBLE9BQU8sT0FBMEI7QUFFMUMsMkVBSStDO0FBSDdDLG9JQUFBLE9BQU8sT0FBa0I7QUFDekIsZ0hBQUEsV0FBVyxPQUFBO0FBR2IsdUZBSXFEO0FBSG5ELGdKQUFBLE9BQU8sT0FBd0I7QUFFL0IsNEhBQUEsaUJBQWlCLE9BQUE7QUFNbkIsbUZBQTBGO0FBQWpGLDRJQUFBLE9BQU8sT0FBc0I7QUFFdEMsNkZBQXlGO0FBQWhGLHFJQUFBLHVCQUF1QixPQUFBO0FBQ2hDLDZGQUd3RDtBQUZ0RCxvSUFBQSxzQkFBc0IsT0FBQTtBQUN0QixxSUFBQSx1QkFBdUIsT0FBQTtBQUd6QixtRUFBaUQ7QUFDakQsb0VBQW9EO0FBQ3BELDREQUE0QztBQUU1QyxxREFBeUU7QUFBaEUsaUlBQUEsaUNBQWlDLE9BQUE7QUFFMUMsMEJBQXdCO0FBRXhCLGtEQUFnQztBQUNoQywyQ0FBMkM7QUFBbEMscUdBQUEsU0FBUyxPQUFBO0FBQ2xCLHVEQUE2RTtBQUFwRSw4R0FBQSxZQUFZLE9BQUE7QUFBRSw4R0FBQSxZQUFZLE9BQUE7QUFBRSwyR0FBQSxTQUFTLE9BQUE7QUFDOUMsNkRBQXlEO0FBQWhELG1IQUFBLGNBQWMsT0FBQTtBQUN2QixvREFBa0M7QUFDbEMsaUVBQTZEO0FBQXBELHVIQUFBLGdCQUFnQixPQUFBO0FBQ3pCLDJFQUF1RTtBQUE5RCxpSUFBQSxxQkFBcUIsT0FBQTtBQUM5QixxRUFBaUU7QUFBeEQsMkhBQUEsa0JBQWtCLE9BQUE7QUFFM0IsdURBQXFDO0FBQ3JDLHlEQUFnRTtBQUF2RCwwSEFBQSxPQUFPLE9BQWE7QUFDN0Isd0ZBQStGO0FBQXRGLDBJQUFBLE9BQU8sT0FBcUI7QUFDckMsOEZBQXFHO0FBQTVGLGdKQUFBLE9BQU8sT0FBd0I7QUFDeEMsOEVBQXFGO0FBQTVFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsOEVBQXFGO0FBQTVFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMseURBQXVDO0FBQ3ZDLHlEQUF1QztBQUN2QywwREFBd0M7QUFDeEMsb0RBQWtDO0FBQ2xDLGdFQUE4QztBQUM5Qyx3RkFBd0U7QUFDeEUseUVBQW1FO0FBQTFELCtIQUFBLG9CQUFvQixPQUFBIn0=

package/dist/cjs/tee/OrderReportService.d.ts

@@ -1,12 +1,9 @@
 /// <reference types="node" />
 import { OrderReport } from '@super-protocol/dto-js';
 export declare class OrderReportService {
-    private static readonly teeCertificateService;
     static encode(orderReport: OrderReport): Promise<Buffer>;
     static decode(encodedOrderReport: Buffer): Promise<OrderReport>;
-    static removeRootCertificateFromChain(certsDer: Buffer[]): Buffer[];
     static validateOrderReport(orderReport: OrderReport): Promise<void>;
-    private static certsToDerArray;
     private static hashToBinary;
     private static binaryHashToHash;
 }