@super-protocol/sdk-js 3.4.0-beta.20 → 3.4.0-beta.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificates/helper.js +9 -12
- package/dist/cjs/certificates/types.d.ts +1 -1
- package/dist/cjs/providers/storage/fs-storage-provider.js +3 -4
- package/dist/cjs/tee/OrderReportService.js +2 -3
- package/dist/cjs/tee/TeeCertificateService.d.ts +14 -13
- package/dist/cjs/tee/TeeCertificateService.js +52 -49
- package/dist/mjs/certificates/helper.js +9 -12
- package/dist/mjs/certificates/types.d.ts +1 -1
- package/dist/mjs/providers/storage/fs-storage-provider.js +3 -4
- package/dist/mjs/tee/OrderReportService.js +2 -3
- package/dist/mjs/tee/TeeCertificateService.d.ts +14 -13
- package/dist/mjs/tee/TeeCertificateService.js +51 -45
- package/package.json +1 -1
|
@@ -27,7 +27,6 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
27
27
|
};
|
|
28
28
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
29
|
exports.CertificatesHelper = void 0;
|
|
30
|
-
const crypto_1 = require("crypto");
|
|
31
30
|
const lodash_1 = __importDefault(require("lodash"));
|
|
32
31
|
const axios_1 = __importDefault(require("axios"));
|
|
33
32
|
const node_forge_1 = __importDefault(require("node-forge"));
|
|
@@ -77,14 +76,12 @@ class CertificatesHelper {
|
|
|
77
76
|
return extension && Buffer.from(extension.extnValue.valueBlock.toBER());
|
|
78
77
|
}
|
|
79
78
|
static extractCAFromChain(certsPem) {
|
|
80
|
-
const certs = CertificatesHelper.
|
|
81
|
-
const splitCerts = lodash_1.default.partition(certs, (cert) =>
|
|
82
|
-
|
|
83
|
-
return x509.issuer !== x509.subject;
|
|
84
|
-
});
|
|
79
|
+
const certs = CertificatesHelper.toPkiCerts(certsPem);
|
|
80
|
+
const splitCerts = lodash_1.default.partition(certs, (cert) => !cert.issuer.isEqual(cert.subject));
|
|
81
|
+
const toPemChain = (certs) => certs.map((cert) => CertificatesHelper.derToPem(cert.toSchema().toBER())).join('\n');
|
|
85
82
|
return {
|
|
86
|
-
certs: splitCerts[0]
|
|
87
|
-
ca: splitCerts[1]
|
|
83
|
+
certs: toPemChain(splitCerts[0]),
|
|
84
|
+
ca: toPemChain(splitCerts[1]),
|
|
88
85
|
};
|
|
89
86
|
}
|
|
90
87
|
static pemChainToDer(certsPem) {
|
|
@@ -142,7 +139,7 @@ class CertificatesHelper {
|
|
|
142
139
|
const verifyResult = await chainEngine.verify();
|
|
143
140
|
if (!verifyResult.result) {
|
|
144
141
|
return {
|
|
145
|
-
|
|
142
|
+
isValid: false,
|
|
146
143
|
errorMessage: verifyResult.resultMessage,
|
|
147
144
|
};
|
|
148
145
|
}
|
|
@@ -160,12 +157,12 @@ class CertificatesHelper {
|
|
|
160
157
|
throw new Error('Some of certificates do not belong to chain');
|
|
161
158
|
}
|
|
162
159
|
return {
|
|
163
|
-
|
|
160
|
+
isValid: true,
|
|
164
161
|
};
|
|
165
162
|
}
|
|
166
163
|
catch (err) {
|
|
167
164
|
return {
|
|
168
|
-
|
|
165
|
+
isValid: false,
|
|
169
166
|
errorMessage: err.message,
|
|
170
167
|
};
|
|
171
168
|
}
|
|
@@ -176,4 +173,4 @@ class CertificatesHelper {
|
|
|
176
173
|
}
|
|
177
174
|
}
|
|
178
175
|
exports.CertificatesHelper = CertificatesHelper;
|
|
179
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
176
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NlcnRpZmljYXRlcy9oZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxvREFBdUI7QUFDdkIsa0RBQTBCO0FBQzFCLDREQUErQjtBQUMvQiw2Q0FBK0I7QUFDL0Isd0RBQTZEO0FBRTdELHVDQUF1QztBQUN2QyxxQ0FBcUM7QUFFckMsK0RBQStEO0FBQy9ELGtJQUFrSTtBQUNsSSxJQUFJLENBQUM7SUFDSCxLQUFLLENBQUMsU0FBUyxFQUFFLENBQUM7QUFDcEIsQ0FBQztBQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7SUFDYixJQUFLLEdBQWEsQ0FBQyxPQUFPLEtBQUssb0RBQW9ELEVBQUUsQ0FBQztRQUNwRixLQUFLLENBQUMsU0FBUyxDQUNiLE1BQU0sRUFDTixJQUFJLEtBQUssQ0FBQyxZQUFZLENBQUMsRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FDOUUsQ0FBQztJQUNKLENBQUM7QUFDSCxDQUFDO0FBRUQsTUFBYSxrQkFBa0I7SUFDckIsTUFBTSxDQUFDLDBCQUEwQixHQUFHLElBQUEsNkJBQWlCLEdBQUUsQ0FBQztJQUVoRSxNQUFNLENBQUMsUUFBUSxDQUFDLElBQWlCO1FBQy9CLE9BQU8sb0JBQUssQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDO1lBQ3RCLGFBQWEsRUFBRSxJQUFJO1lBQ25CLE9BQU8sRUFBRSxJQUFJO1lBQ2IsT0FBTyxFQUFFLEVBQUU7WUFDWCxRQUFRLEVBQUUsSUFBSTtZQUNkLElBQUksRUFBRSxhQUFhO1lBQ25CLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7U0FDM0MsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBZTtRQUM3QixPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQUMsb0JBQUssQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0lBQ3BFLENBQUM7SUFFRCxNQUFNLENBQUMsYUFBYSxDQUFDLEtBQWE7UUFDaEMsTUFBTSxRQUFRLEdBQUcsaUVBQWlFLENBQUM7UUFDbkYsT0FBTyxLQUFLLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxJQUFJLEVBQUUsQ0FBQztJQUNyQyxDQUFDO0lBRUQsTUFBTSxDQUFDLFNBQVMsQ0FBQyxPQUFlO1FBQzlCLE1BQU0sSUFBSSxHQUFHLG9CQUFLLENBQUMsR0FBRyxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ25ELE9BQU8sSUFBSSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxTQUFTLENBQUMsSUFBSSxLQUFLLFlBQVksQ0FBQztZQUNqRixFQUFFLEtBQWUsQ0FBQztJQUN0QixDQUFDO0lBRUQsTUFBTSxDQUFDLGlCQUFpQixDQUFDLFNBQXFDLEVBQUUsR0FBVztRQUN6RSxNQUFNLElBQUksR0FDUixPQUFPLFNBQVMsS0FBSyxRQUFRO1lBQzNCLENBQUMsQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLE9BQU8sQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLENBQUM7WUFDbkUsQ0FBQyxDQUFDLFNBQVMsQ0FBQztRQUNoQixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLElBQUksQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLE1BQU0sS0FBSyxHQUFHLENBQUMsQ0FBQztRQUNyRSxPQUFPLFNBQVMsSUFBSSxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDLEtBQUssRUFBRSxDQUFDLENBQUM7SUFDMUUsQ0FBQztJQUVELE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxRQUFnQjtRQUN4QyxNQUFNLEtBQUssR0FBRyxrQkFBa0IsQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDdEQsTUFBTSxVQUFVLEdBQUcsZ0JBQUMsQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBRXBGLE1BQU0sVUFBVSxHQUFHLENBQUMsS0FBMEIsRUFBVSxFQUFFLENBQ3hELEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUV2RixPQUFPO1lBQ0wsS0FBSyxFQUFFLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDaEMsRUFBRSxFQUFFLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDOUIsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsYUFBYSxDQUFDLFFBQWdCO1FBQ25DLE1BQU0sS0FBSyxHQUFHLGtCQUFrQixDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUV6RCxPQUFPLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFRCxNQUFNLENBQUMsYUFBYSxDQUFDLFFBQXNCO1FBQ3pDLE9BQU8sUUFBUSxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDbkUsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMscUJBQXFCLENBQUMsR0FBVztRQUM1QyxNQUFNLFlBQVksR0FBRyxNQUFNLGtCQUFrQixDQUFDLDBCQUEwQixDQUFDLElBQUksQ0FDM0UsR0FBRyxFQUNILEtBQUssSUFBSSxFQUFFO1lBQ1QsTUFBTSxRQUFRLEdBQUcsTUFBTSxJQUFBLGVBQUssRUFBQyxHQUFHLEVBQUU7Z0JBQ2hDLFlBQVksRUFBRSxhQUFhO2FBQzVCLENBQUMsQ0FBQztZQUNILE9BQU8sUUFBUSxFQUFFLElBQUksQ0FBQztRQUN4QixDQUFDLEVBQ0Q7WUFDRSxHQUFHLEVBQUUsQ0FBQyxHQUFHLEVBQUUsR0FBRyxJQUFJLEVBQUUsT0FBTztTQUM1QixDQUNGLENBQUM7UUFFRixPQUFPLFlBQVksQ0FBQztJQUN0QixDQUFDO0lBRUQsTUFBTSxDQUFDLHVCQUF1QixDQUFDLFFBQTJCO1FBQ3hELE1BQU0sUUFBUSxHQUFHLGtCQUFrQixDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUV6RCxNQUFNLEtBQUssR0FBRyxRQUFRLENBQUMsTUFBTSxDQUMzQixDQUFDLFdBQVcsRUFBRSxFQUFFLENBQ2QsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUMsZ0JBQWdCLEVBQUUsRUFBRSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQzdGLENBQUM7UUFFRixNQUFNLFVBQVUsR0FBRyxDQUFDLElBQXVCLEVBQXVCLEVBQUU7WUFDbEUsTUFBTSxLQUFLLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUNyQixJQUFJLFdBQVcsR0FBa0MsSUFBSSxDQUFDO1lBRXRELEdBQUcsQ0FBQztnQkFDRixXQUFXLEdBQUcsUUFBUSxDQUFDLElBQUksQ0FDekIsQ0FBQyxlQUFlLEVBQUUsRUFBRSxDQUNsQixXQUFXLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxlQUFlLENBQUMsT0FBTyxDQUFDO29CQUNwRCxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxNQUFNLENBQUMsQ0FDbkQsQ0FBQztnQkFFRixJQUFJLFdBQVcsRUFBRSxDQUFDO29CQUNoQixLQUFLLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO2dCQUMxQixDQUFDO1lBQ0gsQ0FBQyxRQUFRLFdBQVcsRUFBRTtZQUV0QixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUMsQ0FBQztRQUVGLE1BQU0sTUFBTSxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLE1BQU0sR0FBRyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDakYsT0FBTyxNQUFNLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDdkIsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsaUJBQWlCLENBQzVCLFFBQTJCLEVBQzNCLEtBQXdCLEVBQ3hCLFVBQWlDLEVBQUU7UUFFbkMsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLE9BQU8sQ0FBQztRQUU1Qix5RkFBeUY7UUFDekYsTUFBTSxXQUFXLEdBQUcsa0JBQWtCLENBQUMsdUJBQXVCLENBQUMsUUFBUSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7UUFFbkYsTUFBTSxFQUFFLEdBQUcsa0JBQWtCLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRWhELElBQUksQ0FBQztZQUNILE1BQU0sSUFBSSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLGtCQUFTLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1lBQ3pFLE1BQU0saUJBQWlCLEdBQUcsT0FBTztnQkFDL0IsQ0FBQyxDQUFDLEVBQUU7Z0JBQ0osQ0FBQyxDQUFDLE1BQU0sb0JBQVUsQ0FBQyx3QkFBd0IsQ0FBQyxXQUFXLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFFL0QsTUFBTSxXQUFXLEdBQUcsSUFBSSxLQUFLLENBQUMsZ0NBQWdDLENBQUM7Z0JBQzdELEtBQUssRUFBRSxXQUFXO2dCQUNsQixZQUFZLEVBQUUsRUFBRTtnQkFDaEIsS0FBSyxFQUFFLGlCQUFpQjtnQkFDeEIsSUFBSTthQUNMLENBQUMsQ0FBQztZQUVILE1BQU0sWUFBWSxHQUFHLE1BQU0sV0FBVyxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ2hELElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTSxFQUFFLENBQUM7Z0JBQ3pCLE9BQU87b0JBQ0wsT0FBTyxFQUFFLEtBQUs7b0JBQ2QsWUFBWSxFQUFFLFlBQVksQ0FBQyxhQUFhO2lCQUN6QyxDQUFDO1lBQ0osQ0FBQztZQUVEOzs7Ozs7OztlQVFHO1lBQ0gsTUFBTSxrQkFBa0IsR0FBRyxXQUFXLENBQUMsS0FBSyxDQUFDLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FDcEQsWUFBWSxDQUFDLGVBQWUsRUFBRSxJQUFJLENBQUMsQ0FBQyxZQUFZLEVBQUUsRUFBRSxDQUNsRCxZQUFZLENBQUMsWUFBWSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQ3JELENBQ0YsQ0FBQztZQUNGLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO2dCQUN4QixNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxDQUFDLENBQUM7WUFDakUsQ0FBQztZQUVELE9BQU87Z0JBQ0wsT0FBTyxFQUFFLElBQUk7YUFDZCxDQUFDO1FBQ0osQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLFlBQVksRUFBRyxHQUFhLENBQUMsT0FBTzthQUNyQyxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQXdCO1FBQ2hELE1BQU0sVUFBVSxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsa0JBQWtCLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzFGLE9BQU8sVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQ2hDLEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUNoRSxDQUFDO0lBQ0osQ0FBQzs7QUFoTEgsZ0RBaUxDIn0=
|
|
@@ -29,7 +29,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
29
29
|
exports.FSStorageProvider = void 0;
|
|
30
30
|
const fs_1 = __importDefault(require("fs"));
|
|
31
31
|
const path = __importStar(require("path"));
|
|
32
|
-
const promises_1 = require("fs/promises");
|
|
33
32
|
const index_js_1 = require("../../errors/index.js");
|
|
34
33
|
class FSStorageProvider {
|
|
35
34
|
bucket;
|
|
@@ -101,11 +100,11 @@ class FSStorageProvider {
|
|
|
101
100
|
}
|
|
102
101
|
async ensureDirectoryExists(directory, createIfNotExists = true) {
|
|
103
102
|
try {
|
|
104
|
-
await
|
|
103
|
+
await fs_1.default.promises.access(directory, fs_1.default.promises.constants.F_OK);
|
|
105
104
|
}
|
|
106
105
|
catch (error) {
|
|
107
106
|
if (createIfNotExists) {
|
|
108
|
-
await
|
|
107
|
+
await fs_1.default.promises.mkdir(directory, { recursive: true });
|
|
109
108
|
}
|
|
110
109
|
else {
|
|
111
110
|
throw new index_js_1.NotFoundError(`Directory does not exist: ${directory}`);
|
|
@@ -140,4 +139,4 @@ class FSStorageProvider {
|
|
|
140
139
|
}
|
|
141
140
|
}
|
|
142
141
|
exports.FSStorageProvider = FSStorageProvider;
|
|
143
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
142
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnMtc3RvcmFnZS1wcm92aWRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9wcm92aWRlcnMvc3RvcmFnZS9mcy1zdG9yYWdlLXByb3ZpZGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQ0EsNENBQW9CO0FBQ3BCLDJDQUE2QjtBQUk3QixvREFBc0Q7QUFFdEQsTUFBYSxpQkFBaUI7SUFDWCxNQUFNLENBQVM7SUFDZixNQUFNLENBQVM7SUFFaEMsWUFBWSxXQUEwQjtRQUNwQyxJQUFJLENBQUMsTUFBTSxHQUFHLFdBQVcsQ0FBQyxNQUFNLENBQUM7UUFDakMsSUFBSSxDQUFDLE1BQU0sR0FBRyxXQUFXLENBQUMsTUFBTSxDQUFDO0lBQ25DLENBQUM7SUFFTyxXQUFXLENBQUMsVUFBa0I7UUFDcEMsT0FBTyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLE1BQU0sRUFBRSxVQUFVLENBQUMsQ0FBQztJQUN6RCxDQUFDO0lBRU8saUJBQWlCLENBQ3ZCLFdBQTRCLEVBQzVCLFlBQTZCLEVBQzdCLGFBQXFCLEVBQ3JCLGdCQUEyRDtRQUUzRCxJQUFJLFlBQVksR0FBRyxDQUFDLENBQUM7UUFFckIsT0FBTyxJQUFJLE9BQU8sQ0FBTyxDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUUsRUFBRTtZQUMzQyxZQUFZLENBQUMsRUFBRSxDQUFDLE9BQU8sRUFBRSxPQUFPLENBQUMsQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ3RELFdBQVc7aUJBQ1IsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDLEtBQUssRUFBRSxFQUFFO2dCQUN0QixNQUFNLFdBQVcsR0FBRyxZQUFZLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDO2dCQUM5QyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQ2pCLFdBQVcsQ0FBQyxLQUFLLEVBQUUsQ0FBQztvQkFDcEIsWUFBWSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsV0FBVyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQztvQkFFakUsWUFBWSxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUM7b0JBQzdCLElBQUksQ0FBQyxDQUFDLGdCQUFnQixFQUFFLENBQUM7d0JBQ3ZCLGdCQUFnQixDQUFDLGFBQWEsRUFBRSxZQUFZLENBQUMsQ0FBQztvQkFDaEQsQ0FBQztnQkFDSCxDQUFDO1lBQ0gsQ0FBQyxDQUFDO2lCQUNELEVBQUUsQ0FBQyxLQUFLLEVBQUUsR0FBRyxFQUFFO2dCQUNkLFlBQVksQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUNyQixDQUFDLENBQUM7aUJBQ0QsRUFBRSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztRQUN6QixDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsVUFBVSxDQUNkLFdBQTRCLEVBQzVCLFVBQWtCLEVBQ2xCLGFBQXFCLEVBQ3JCLGdCQUF5RTtRQUV6RSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDakIsTUFBTSxJQUFJLEtBQUssQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO1FBQy9DLENBQUM7UUFFRCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQzlDLE1BQU0sSUFBSSxDQUFDLHFCQUFxQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQztRQUV6RCxNQUFNLFlBQVksR0FBRyxZQUFFLENBQUMsaUJBQWlCLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDcEQsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsV0FBVyxFQUFFLFlBQVksRUFBRSxhQUFhLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQztJQUMzRixDQUFDO0lBRUQsS0FBSyxDQUFDLFlBQVksQ0FDaEIsVUFBa0IsRUFDbEIsTUFBc0IsRUFDdEIsZ0JBQXlFO1FBRXpFLE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxNQUFNLElBQUksQ0FBQyxDQUFDO1FBQ2xDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDOUMsSUFBSSxLQUFlLENBQUM7UUFDcEIsSUFBSSxDQUFDO1lBQ0gsS0FBSyxHQUFHLE1BQU0sWUFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDM0MsQ0FBQztRQUFDLE1BQU0sQ0FBQztZQUNQLE1BQU0sSUFBSSx3QkFBYSxDQUFDLHdCQUF3QixRQUFRLEVBQUUsQ0FBQyxDQUFDO1FBQzlELENBQUM7UUFDRCxNQUFNLEtBQUssR0FBRyxNQUFNLEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssQ0FBQyxJQUFJLENBQUM7UUFDMUQsSUFBSSxPQUFPLEdBQUcsTUFBTSxDQUFDO1FBQ3JCLE1BQU0sVUFBVSxHQUFHLFlBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLEVBQUU7WUFDL0MsS0FBSyxFQUFFLE1BQU07WUFDYixHQUFHLEVBQUUsS0FBSztTQUNYLENBQUMsQ0FBQztRQUVILFVBQVUsQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLENBQUMsS0FBSyxFQUFFLEVBQUU7WUFDOUIsT0FBTyxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUM7WUFDeEIsSUFBSSxnQkFBZ0IsRUFBRSxDQUFDO2dCQUNyQixnQkFBZ0IsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDbkMsQ0FBQztRQUNILENBQUMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxVQUFVLENBQUM7SUFDcEIsQ0FBQztJQUVELEtBQUssQ0FBQyxZQUFZLENBQUMsVUFBa0I7UUFDbkMsTUFBTSxZQUFFLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLFVBQVUsQ0FBQyxFQUFFLEVBQUUsS0FBSyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7SUFDdEUsQ0FBQztJQUVPLEtBQUssQ0FBQyxxQkFBcUIsQ0FBQyxTQUFpQixFQUFFLGlCQUFpQixHQUFHLElBQUk7UUFDN0UsSUFBSSxDQUFDO1lBQ0gsTUFBTSxZQUFFLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUUsWUFBRSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDbEUsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixJQUFJLGlCQUFpQixFQUFFLENBQUM7Z0JBQ3RCLE1BQU0sWUFBRSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsU0FBUyxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7WUFDMUQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sSUFBSSx3QkFBYSxDQUFDLDZCQUE2QixTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBQ3BFLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVELEtBQUssQ0FBQyxXQUFXLENBQUMsVUFBa0I7UUFDbEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUM5QyxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUMzQyxNQUFNLE9BQU8sR0FBRyxNQUFNLFlBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLFFBQVEsRUFBRSxFQUFFLGFBQWEsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTdFLE9BQU8sT0FBTyxDQUFDLEdBQUcsQ0FDaEIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEVBQUUsTUFBTSxFQUFFLEVBQUU7WUFDM0IsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3BELE1BQU0sVUFBVSxHQUFHLE1BQU0sWUFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7WUFDdEQsT0FBTztnQkFDTCxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUk7Z0JBQ2pCLElBQUksRUFBRSxVQUFVLENBQUMsSUFBSTtnQkFDckIsUUFBUSxFQUFFLE1BQU0sQ0FBQyxXQUFXLEVBQUU7Z0JBQzlCLFNBQVMsRUFBRSxVQUFVLENBQUMsU0FBUztnQkFDL0IsR0FBRyxDQUFDLE1BQU0sQ0FBQyxXQUFXLEVBQUUsSUFBSTtvQkFDMUIsYUFBYSxFQUFFLENBQUMsTUFBTSxZQUFFLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLE1BQU07aUJBQzlELENBQUM7YUFDSCxDQUFDO1FBQ0osQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7SUFFRCxLQUFLLENBQUMsYUFBYSxDQUFDLFVBQWtCO1FBQ3BDLE1BQU0sUUFBUSxHQUFHLE1BQU0sWUFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO1FBRXRFLE9BQU8sUUFBUSxDQUFDLElBQUksQ0FBQztJQUN2QixDQUFDO0lBRUQsS0FBSyxDQUFDLGVBQWUsQ0FBQyxVQUFrQjtRQUN0QyxNQUFNLFFBQVEsR0FBRyxNQUFNLFlBQUUsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQztRQUV0RSxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUM7SUFDeEIsQ0FBQztDQUNGO0FBM0lELDhDQTJJQyJ9
|
|
@@ -65,8 +65,7 @@ class OrderReportService {
|
|
|
65
65
|
};
|
|
66
66
|
}
|
|
67
67
|
static async validateOrderReport(orderReport) {
|
|
68
|
-
|
|
69
|
-
await teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
68
|
+
await TeeCertificateService_js_1.TeeCertificateService.validateTeeCertChainOrFail(orderReport.certificate);
|
|
70
69
|
const workloadInfoHashFromCert = helper_js_1.CertificatesHelper.getExtensionValue(orderReport.certificate, constants_js_1.OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
71
70
|
if (!workloadInfoHashFromCert) {
|
|
72
71
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
@@ -98,4 +97,4 @@ class OrderReportService {
|
|
|
98
97
|
}
|
|
99
98
|
}
|
|
100
99
|
exports.OrderReportService = OrderReportService;
|
|
101
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
100
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsK0JBQWlDO0FBQ2pDLGdEQUF3QjtBQUN4QixtREFPZ0M7QUFHaEMsNERBQTJEO0FBQzNELGtEQUF1RjtBQUN2RixvRkFBOEU7QUFDOUUseURBQStEO0FBQy9ELHlFQUFtRTtBQUVuRSxNQUFNLFdBQVcsR0FBRyxJQUFBLGdCQUFTLEVBQUMsY0FBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0FBQ3pDLE1BQU0sWUFBWSxHQUFHLElBQUEsZ0JBQVMsRUFBQyxjQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7QUFFM0MsTUFBYSxrQkFBa0I7SUFDN0IsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsV0FBd0I7UUFDMUMsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLDhCQUFrQixDQUFDLGtCQUFrQixDQUFDLFdBQVcsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNqRixNQUFNLFFBQVEsR0FBRyw4QkFBa0IsQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFekQsTUFBTSxnQkFBZ0IsR0FBcUI7WUFDekMsWUFBWSxFQUFFLFFBQVE7WUFDdEIsWUFBWSxFQUFFO2dCQUNaLFdBQVcsRUFBRSxXQUFXLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7b0JBQzdELElBQUksRUFBRSxFQUFFLENBQUMsSUFBSTtvQkFDYixJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQztvQkFDaEMsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUM7b0JBQ3hELFFBQVEsRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxRQUFRLENBQUM7aUJBQ3pDLENBQUMsQ0FBQztnQkFDSCxPQUFPLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxPQUFPO2FBQzFDO1NBQ0YsQ0FBQztRQUVGLE1BQU0sT0FBTyxHQUFHLGlDQUFnQixDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ25FLE1BQU0sVUFBVSxHQUFHLE1BQU0sV0FBVyxDQUFDLE9BQU8sRUFBRSxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRTVELE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxrQkFBMEI7UUFDNUMsTUFBTSxZQUFZLEdBQUcsTUFBTSxZQUFZLENBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUM1RCxNQUFNLGdCQUFnQixHQUFHLGlDQUFnQixDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUUvRCxNQUFNLFFBQVEsR0FBRyw4QkFBa0IsQ0FBQyxhQUFhLENBQUMsZ0JBQWdCLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFakYsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ25DLE1BQU0sSUFBSSxLQUFLLENBQUMsMENBQTBDLENBQUMsQ0FBQztRQUM5RCxDQUFDO1FBRUQsTUFBTSxXQUFXLEdBQWtCLGdCQUFnQixDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUU7WUFDM0YsTUFBTSxNQUFNLEdBQWdCO2dCQUMxQixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQWU7Z0JBQzdCLElBQUksRUFBRSxPQUFPLENBQUMsSUFBSTtnQkFDbEIsSUFBSSxFQUFFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFFO2FBQzNDLENBQUM7WUFDRixJQUFJLE9BQU8sQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUM3QixNQUFNLENBQUMsZ0JBQWdCLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1lBQzVFLENBQUM7WUFDRCxJQUFJLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztnQkFDckIsTUFBTSxDQUFDLFFBQVEsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQzVELENBQUM7WUFDRCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDLENBQUMsQ0FBQztRQUVILE9BQU87WUFDTCxXQUFXLEVBQUUsUUFBUTtZQUNyQixZQUFZLEVBQUU7Z0JBQ1osV0FBVztnQkFDWCxPQUFPLEVBQUUsZ0JBQWdCLENBQUMsWUFBYSxDQUFDLE9BQU87YUFDaEQ7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQUMsV0FBd0I7UUFDdkQsTUFBTSxnREFBcUIsQ0FBQywwQkFBMEIsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFaEYsTUFBTSx3QkFBd0IsR0FBRyw4QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDbkUsV0FBVyxDQUFDLFdBQVcsRUFDdkIsbUVBQW9ELENBQ3JELENBQUM7UUFDRixJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUM5QixNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxDQUFDLENBQUM7UUFDakUsQ0FBQztRQUNELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFBLDRDQUFtQixFQUFDLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUU3RSxNQUFNLFdBQVcsR0FDZixNQUFNLENBQUMsT0FBTyxDQUNaLHdCQUF3QixFQUN4QixNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksRUFBRSxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FDOUQsS0FBSyxDQUFDLENBQUM7UUFDVixJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDakIsTUFBTSxJQUFJLEtBQUssQ0FDYiwyRkFBMkYsQ0FDNUYsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLFlBQVksQ0FBQyxJQUFXO1FBQ3JDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNWLE9BQU87UUFDVCxDQUFDO1FBRUQsT0FBTztZQUNMLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQztTQUM1QyxDQUFDO0lBQ0osQ0FBQztJQUVPLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFrQztRQUNoRSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDaEIsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPO1lBQ0wsSUFBSSxFQUFFLFVBQVUsQ0FBQyxJQUFxQjtZQUN0QyxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLGlCQUFRLENBQUMsR0FBRyxDQUFDO1lBQ3pELFFBQVEsRUFBRSxpQkFBUSxDQUFDLEdBQUc7U0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQXpHRCxnREF5R0MifQ==
|
|
@@ -1,15 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
export declare enum ValidateTeeCertChainErrorCode {
|
|
2
|
+
CERT_CHAIN_IS_INVALID = "CERT_CHAIN_IS_INVALID",
|
|
3
|
+
NOT_ALLOWED_CHALLENGE = "NOT_ALLOWED_CHALLENGE",
|
|
4
|
+
CHALLENGE_IS_INVALID = "CHALLENGE_IS_INVALID"
|
|
5
|
+
}
|
|
6
|
+
export interface ValidateTeeCertChainResult {
|
|
7
|
+
isValid: boolean;
|
|
8
|
+
errorCode?: string;
|
|
9
|
+
errorMessage?: string;
|
|
10
|
+
}
|
|
8
11
|
export declare class TeeCertificateService {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
private validateChallengeSgx;
|
|
14
|
-
private validateChallengeTdxAndSnp;
|
|
12
|
+
static validateTeeCertChainOrFail(certsPem: string): Promise<void>;
|
|
13
|
+
static validateTeeCertChain(certsPem: string): Promise<ValidateTeeCertChainResult>;
|
|
14
|
+
private static validateChallengeSgx;
|
|
15
|
+
private static validateChallengeTdxAndSnp;
|
|
15
16
|
}
|
|
@@ -1,67 +1,70 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.TeeCertificateService = void 0;
|
|
7
|
-
const node_forge_1 = __importDefault(require("node-forge"));
|
|
8
|
-
const QuoteParser_js_1 = require("./QuoteParser.js");
|
|
9
|
-
const QuoteValidator_js_1 = require("./QuoteValidator.js");
|
|
3
|
+
exports.TeeCertificateService = exports.ValidateTeeCertChainErrorCode = void 0;
|
|
10
4
|
const constants_js_1 = require("../constants.js");
|
|
11
5
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
12
6
|
const TeeSignatureVerifier_js_1 = require("./TeeSignatureVerifier.js");
|
|
13
7
|
const errors_js_1 = require("./errors.js");
|
|
14
8
|
const index_js_1 = require("../certificates/index.js");
|
|
9
|
+
var ValidateTeeCertChainErrorCode;
|
|
10
|
+
(function (ValidateTeeCertChainErrorCode) {
|
|
11
|
+
ValidateTeeCertChainErrorCode["CERT_CHAIN_IS_INVALID"] = "CERT_CHAIN_IS_INVALID";
|
|
12
|
+
ValidateTeeCertChainErrorCode["NOT_ALLOWED_CHALLENGE"] = "NOT_ALLOWED_CHALLENGE";
|
|
13
|
+
ValidateTeeCertChainErrorCode["CHALLENGE_IS_INVALID"] = "CHALLENGE_IS_INVALID";
|
|
14
|
+
})(ValidateTeeCertChainErrorCode || (exports.ValidateTeeCertChainErrorCode = ValidateTeeCertChainErrorCode = {}));
|
|
15
15
|
class TeeCertificateService {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
return Buffer.from(publicKeyDer, 'binary');
|
|
22
|
-
}
|
|
23
|
-
async parseAndValidateCertificate(certificatePem, sgxApiUrl) {
|
|
24
|
-
const pem = Buffer.isBuffer(certificatePem) ? certificatePem.toString() : certificatePem;
|
|
25
|
-
const certificate = node_forge_1.default.pki.certificateFromPem(pem);
|
|
26
|
-
const extensions = certificate.extensions;
|
|
27
|
-
const quote = extensions.find((ext) => ext.id === this.certOidQuote);
|
|
28
|
-
const quoteBuffer = Buffer.from(quote.value, 'binary');
|
|
29
|
-
const validator = new QuoteValidator_js_1.QuoteValidator(sgxApiUrl);
|
|
30
|
-
await validator.checkQuote(quoteBuffer, this.getCertificatePublicKey(certificate));
|
|
31
|
-
const parser = new QuoteParser_js_1.TeeSgxParser();
|
|
32
|
-
const parsedQuote = parser.parseQuote(quoteBuffer);
|
|
33
|
-
const report = parser.parseReport(parsedQuote.report);
|
|
34
|
-
return {
|
|
35
|
-
userData: Buffer.from(parsedQuote.header.userData),
|
|
36
|
-
mrEnclave: Buffer.from(report.mrEnclave),
|
|
37
|
-
mrSigner: Buffer.from(report.mrSigner),
|
|
38
|
-
dataHash: Buffer.from(report.dataHash),
|
|
39
|
-
};
|
|
16
|
+
static async validateTeeCertChainOrFail(certsPem) {
|
|
17
|
+
const result = await TeeCertificateService.validateTeeCertChain(certsPem);
|
|
18
|
+
if (!result.isValid) {
|
|
19
|
+
throw new Error(result.errorMessage);
|
|
20
|
+
}
|
|
40
21
|
}
|
|
41
|
-
async
|
|
42
|
-
const {
|
|
43
|
-
if (!
|
|
44
|
-
|
|
22
|
+
static async validateTeeCertChain(certsPem) {
|
|
23
|
+
const { isValid, errorMessage } = await index_js_1.CertificatesHelper.validateCertChain(certsPem, constants_js_1.SUPERPROTOCOL_CA);
|
|
24
|
+
if (!isValid) {
|
|
25
|
+
return {
|
|
26
|
+
isValid: false,
|
|
27
|
+
errorCode: ValidateTeeCertChainErrorCode.CERT_CHAIN_IS_INVALID,
|
|
28
|
+
errorMessage: `Cert chain is invalid! (${errorMessage})`,
|
|
29
|
+
};
|
|
45
30
|
}
|
|
46
31
|
const sortedCerts = index_js_1.CertificatesHelper.sortCertsFromLeafToRoot(certsPem);
|
|
47
32
|
const challenges = sortedCerts.map((cert) => index_js_1.CertificatesHelper.getExtensionValue(cert, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_TYPE)?.toString('binary'));
|
|
48
33
|
if (challenges.some((challenge) => !challenge || challenge === pki_common_1.ChallengeType.Untrusted)) {
|
|
49
|
-
|
|
34
|
+
return {
|
|
35
|
+
isValid: false,
|
|
36
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
37
|
+
errorMessage: `Cert chain has cert without or Untrusted challenge`,
|
|
38
|
+
};
|
|
50
39
|
}
|
|
51
40
|
const leafCertChallengeType = challenges[0];
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
41
|
+
try {
|
|
42
|
+
switch (leafCertChallengeType) {
|
|
43
|
+
case pki_common_1.ChallengeType.SGXDCAP:
|
|
44
|
+
TeeCertificateService.validateChallengeSgx(certsPem);
|
|
45
|
+
break;
|
|
46
|
+
case pki_common_1.ChallengeType.TDX:
|
|
47
|
+
case pki_common_1.ChallengeType.AMDSEV:
|
|
48
|
+
await TeeCertificateService.validateChallengeTdxAndSnp(certsPem);
|
|
49
|
+
break;
|
|
50
|
+
default:
|
|
51
|
+
return {
|
|
52
|
+
isValid: false,
|
|
53
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
54
|
+
errorMessage: `Challenge type ${leafCertChallengeType || `[none]`} is missing or not allowed!`,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
catch (err) {
|
|
59
|
+
return {
|
|
60
|
+
isValid: false,
|
|
61
|
+
errorCode: ValidateTeeCertChainErrorCode.CHALLENGE_IS_INVALID,
|
|
62
|
+
errorMessage: `Challenge is not valid! (${err.message})`,
|
|
63
|
+
};
|
|
62
64
|
}
|
|
65
|
+
return { isValid: true };
|
|
63
66
|
}
|
|
64
|
-
validateChallengeSgx(certPem) {
|
|
67
|
+
static validateChallengeSgx(certPem) {
|
|
65
68
|
const mrSignerBinaryString = index_js_1.CertificatesHelper.getExtensionValue(certPem, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
66
69
|
if (!mrSignerBinaryString) {
|
|
67
70
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
@@ -73,7 +76,7 @@ class TeeCertificateService {
|
|
|
73
76
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
74
77
|
}
|
|
75
78
|
}
|
|
76
|
-
async validateChallengeTdxAndSnp(certPem) {
|
|
79
|
+
static async validateChallengeTdxAndSnp(certPem) {
|
|
77
80
|
const mrEnclaveBinaryString = index_js_1.CertificatesHelper.getExtensionValue(certPem, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
78
81
|
if (!mrEnclaveBinaryString) {
|
|
79
82
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
@@ -91,4 +94,4 @@ class TeeCertificateService {
|
|
|
91
94
|
}
|
|
92
95
|
}
|
|
93
96
|
exports.TeeCertificateService = TeeCertificateService;
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
97
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsa0RBQW1EO0FBQ25ELDJEQUtvQztBQUNwQyx1RUFBaUU7QUFDakUsMkNBQW9EO0FBQ3BELHVEQUE4RDtBQUU5RCxJQUFZLDZCQUlYO0FBSkQsV0FBWSw2QkFBNkI7SUFDdkMsZ0ZBQStDLENBQUE7SUFDL0MsZ0ZBQStDLENBQUE7SUFDL0MsOEVBQTZDLENBQUE7QUFDL0MsQ0FBQyxFQUpXLDZCQUE2Qiw2Q0FBN0IsNkJBQTZCLFFBSXhDO0FBT0QsTUFBYSxxQkFBcUI7SUFDaEMsTUFBTSxDQUFDLEtBQUssQ0FBQywwQkFBMEIsQ0FBQyxRQUFnQjtRQUN0RCxNQUFNLE1BQU0sR0FBRyxNQUFNLHFCQUFxQixDQUFDLG9CQUFvQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQzFFLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDcEIsTUFBTSxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDdkMsQ0FBQztJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLG9CQUFvQixDQUFDLFFBQWdCO1FBQ2hELE1BQU0sRUFBRSxPQUFPLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDMUUsUUFBUSxFQUNSLCtCQUFnQixDQUNqQixDQUFDO1FBRUYsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO2dCQUM5RCxZQUFZLEVBQUUsMkJBQTJCLFlBQVksR0FBRzthQUN6RCxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFHLDZCQUFrQixDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRXpFLE1BQU0sVUFBVSxHQUFHLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUMxQyw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsZ0RBQW1DLENBQUMsRUFBRSxRQUFRLENBQ3ZGLFFBQVEsQ0FDVCxDQUNGLENBQUM7UUFDRixJQUFJLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxTQUFTLEVBQUUsRUFBRSxDQUFDLENBQUMsU0FBUyxJQUFJLFNBQVMsS0FBSywwQkFBYSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7WUFDeEYsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO2dCQUM5RCxZQUFZLEVBQUUsb0RBQW9EO2FBQ25FLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxxQkFBcUIsR0FBRyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFNUMsSUFBSSxDQUFDO1lBQ0gsUUFBUSxxQkFBcUIsRUFBRSxDQUFDO2dCQUM5QixLQUFLLDBCQUFhLENBQUMsT0FBTztvQkFDeEIscUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3JELE1BQU07Z0JBQ1IsS0FBSywwQkFBYSxDQUFDLEdBQUcsQ0FBQztnQkFDdkIsS0FBSywwQkFBYSxDQUFDLE1BQU07b0JBQ3ZCLE1BQU0scUJBQXFCLENBQUMsMEJBQTBCLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ2pFLE1BQU07Z0JBRVI7b0JBQ0UsT0FBTzt3QkFDTCxPQUFPLEVBQUUsS0FBSzt3QkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO3dCQUM5RCxZQUFZLEVBQUUsa0JBQWtCLHFCQUFxQixJQUFJLFFBQVEsNkJBQTZCO3FCQUMvRixDQUFDO1lBQ04sQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMsb0JBQW9CO2dCQUM3RCxZQUFZLEVBQUUsNEJBQTZCLEdBQWEsQ0FBQyxPQUFPLEdBQUc7YUFDcEUsQ0FBQztRQUNKLENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0lBQzNCLENBQUM7SUFFTyxNQUFNLENBQUMsb0JBQW9CLENBQUMsT0FBZTtRQUNqRCxNQUFNLG9CQUFvQixHQUFHLDZCQUFrQixDQUFDLGlCQUFpQixDQUMvRCxPQUFPLEVBQ1AscURBQXdDLENBQ3pDLENBQUM7UUFDRixJQUFJLENBQUMsb0JBQW9CLEVBQUUsQ0FBQztZQUMxQixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztRQUVELElBQUksQ0FBQztZQUNILDhDQUFvQixDQUFDLG9CQUFvQixDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDbEUsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsS0FBSyxDQUFDLDBCQUEwQixDQUFDLE9BQWU7UUFDN0QsTUFBTSxxQkFBcUIsR0FBRyw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDaEUsT0FBTyxFQUNQLDhDQUFpQyxDQUNsQyxDQUFDO1FBQ0YsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDM0IsTUFBTSxJQUFJLEtBQUssQ0FBQyx5Q0FBeUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxNQUFNLDhDQUFvQixDQUFDLDBCQUEwQixDQUFDLHFCQUFxQixDQUFDLENBQUM7UUFDL0UsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLE9BQU8sR0FBRywyQkFBMkIsQ0FBQztZQUM1QyxJQUFJLEdBQUcsWUFBWSxpQ0FBcUIsRUFBRSxDQUFDO2dCQUN6QyxNQUFNLElBQUksS0FBSyxDQUFDLEdBQUcsT0FBTyxJQUFJLEdBQUcsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQy9DLENBQUM7WUFDRCxNQUFNLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzNCLENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUF0R0Qsc0RBc0dDIn0=
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { X509Certificate } from 'crypto';
|
|
2
1
|
import _ from 'lodash';
|
|
3
2
|
import axios from 'axios';
|
|
4
3
|
import forge from 'node-forge';
|
|
@@ -48,14 +47,12 @@ export class CertificatesHelper {
|
|
|
48
47
|
return extension && Buffer.from(extension.extnValue.valueBlock.toBER());
|
|
49
48
|
}
|
|
50
49
|
static extractCAFromChain(certsPem) {
|
|
51
|
-
const certs = CertificatesHelper.
|
|
52
|
-
const splitCerts = _.partition(certs, (cert) =>
|
|
53
|
-
|
|
54
|
-
return x509.issuer !== x509.subject;
|
|
55
|
-
});
|
|
50
|
+
const certs = CertificatesHelper.toPkiCerts(certsPem);
|
|
51
|
+
const splitCerts = _.partition(certs, (cert) => !cert.issuer.isEqual(cert.subject));
|
|
52
|
+
const toPemChain = (certs) => certs.map((cert) => CertificatesHelper.derToPem(cert.toSchema().toBER())).join('\n');
|
|
56
53
|
return {
|
|
57
|
-
certs: splitCerts[0]
|
|
58
|
-
ca: splitCerts[1]
|
|
54
|
+
certs: toPemChain(splitCerts[0]),
|
|
55
|
+
ca: toPemChain(splitCerts[1]),
|
|
59
56
|
};
|
|
60
57
|
}
|
|
61
58
|
static pemChainToDer(certsPem) {
|
|
@@ -113,7 +110,7 @@ export class CertificatesHelper {
|
|
|
113
110
|
const verifyResult = await chainEngine.verify();
|
|
114
111
|
if (!verifyResult.result) {
|
|
115
112
|
return {
|
|
116
|
-
|
|
113
|
+
isValid: false,
|
|
117
114
|
errorMessage: verifyResult.resultMessage,
|
|
118
115
|
};
|
|
119
116
|
}
|
|
@@ -131,12 +128,12 @@ export class CertificatesHelper {
|
|
|
131
128
|
throw new Error('Some of certificates do not belong to chain');
|
|
132
129
|
}
|
|
133
130
|
return {
|
|
134
|
-
|
|
131
|
+
isValid: true,
|
|
135
132
|
};
|
|
136
133
|
}
|
|
137
134
|
catch (err) {
|
|
138
135
|
return {
|
|
139
|
-
|
|
136
|
+
isValid: false,
|
|
140
137
|
errorMessage: err.message,
|
|
141
138
|
};
|
|
142
139
|
}
|
|
@@ -146,4 +143,4 @@ export class CertificatesHelper {
|
|
|
146
143
|
return certsArray.map((certPem) => pkijs.Certificate.fromBER(CertificatesHelper.pemToDer(certPem)));
|
|
147
144
|
}
|
|
148
145
|
}
|
|
149
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
146
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NlcnRpZmljYXRlcy9oZWxwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxDQUFDLE1BQU0sUUFBUSxDQUFDO0FBQ3ZCLE9BQU8sS0FBSyxNQUFNLE9BQU8sQ0FBQztBQUMxQixPQUFPLEtBQUssTUFBTSxZQUFZLENBQUM7QUFDL0IsT0FBTyxLQUFLLEtBQUssTUFBTSxPQUFPLENBQUM7QUFDL0IsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFFN0QsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUN2QyxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sVUFBVSxDQUFDO0FBRXJDLCtEQUErRDtBQUMvRCxrSUFBa0k7QUFDbEksSUFBSSxDQUFDO0lBQ0gsS0FBSyxDQUFDLFNBQVMsRUFBRSxDQUFDO0FBQ3BCLENBQUM7QUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO0lBQ2IsSUFBSyxHQUFhLENBQUMsT0FBTyxLQUFLLG9EQUFvRCxFQUFFLENBQUM7UUFDcEYsS0FBSyxDQUFDLFNBQVMsQ0FDYixNQUFNLEVBQ04sSUFBSSxLQUFLLENBQUMsWUFBWSxDQUFDLEVBQUUsSUFBSSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDLFNBQVMsRUFBRSxDQUFDLENBQzlFLENBQUM7SUFDSixDQUFDO0FBQ0gsQ0FBQztBQUVELE1BQU0sT0FBTyxrQkFBa0I7SUFDckIsTUFBTSxDQUFDLDBCQUEwQixHQUFHLGlCQUFpQixFQUFFLENBQUM7SUFFaEUsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFpQjtRQUMvQixPQUFPLEtBQUssQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDO1lBQ3RCLGFBQWEsRUFBRSxJQUFJO1lBQ25CLE9BQU8sRUFBRSxJQUFJO1lBQ2IsT0FBTyxFQUFFLEVBQUU7WUFDWCxRQUFRLEVBQUUsSUFBSTtZQUNkLElBQUksRUFBRSxhQUFhO1lBQ25CLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7U0FDM0MsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBZTtRQUM3QixPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUUsUUFBUSxDQUFDLENBQUM7SUFDcEUsQ0FBQztJQUVELE1BQU0sQ0FBQyxhQUFhLENBQUMsS0FBYTtRQUNoQyxNQUFNLFFBQVEsR0FBRyxpRUFBaUUsQ0FBQztRQUNuRixPQUFPLEtBQUssQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3JDLENBQUM7SUFFRCxNQUFNLENBQUMsU0FBUyxDQUFDLE9BQWU7UUFDOUIsTUFBTSxJQUFJLEdBQUcsS0FBSyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNuRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsU0FBUyxDQUFDLElBQUksS0FBSyxZQUFZLENBQUM7WUFDakYsRUFBRSxLQUFlLENBQUM7SUFDdEIsQ0FBQztJQUVELE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxTQUFxQyxFQUFFLEdBQVc7UUFDekUsTUFBTSxJQUFJLEdBQ1IsT0FBTyxTQUFTLEtBQUssUUFBUTtZQUMzQixDQUFDLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLENBQUMsUUFBUSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ25FLENBQUMsQ0FBQyxTQUFTLENBQUM7UUFDaEIsTUFBTSxTQUFTLEdBQUcsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEtBQUssR0FBRyxDQUFDLENBQUM7UUFDckUsT0FBTyxTQUFTLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzFFLENBQUM7SUFFRCxNQUFNLENBQUMsa0JBQWtCLENBQUMsUUFBZ0I7UUFDeEMsTUFBTSxLQUFLLEdBQUcsa0JBQWtCLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3RELE1BQU0sVUFBVSxHQUFHLENBQUMsQ0FBQyxTQUFTLENBQUMsS0FBSyxFQUFFLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1FBRXBGLE1BQU0sVUFBVSxHQUFHLENBQUMsS0FBMEIsRUFBVSxFQUFFLENBQ3hELEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUV2RixPQUFPO1lBQ0wsS0FBSyxFQUFFLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDaEMsRUFBRSxFQUFFLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7U0FDOUIsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsYUFBYSxDQUFDLFFBQWdCO1FBQ25DLE1BQU0sS0FBSyxHQUFHLGtCQUFrQixDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUV6RCxPQUFPLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFRCxNQUFNLENBQUMsYUFBYSxDQUFDLFFBQXNCO1FBQ3pDLE9BQU8sUUFBUSxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDbkUsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMscUJBQXFCLENBQUMsR0FBVztRQUM1QyxNQUFNLFlBQVksR0FBRyxNQUFNLGtCQUFrQixDQUFDLDBCQUEwQixDQUFDLElBQUksQ0FDM0UsR0FBRyxFQUNILEtBQUssSUFBSSxFQUFFO1lBQ1QsTUFBTSxRQUFRLEdBQUcsTUFBTSxLQUFLLENBQUMsR0FBRyxFQUFFO2dCQUNoQyxZQUFZLEVBQUUsYUFBYTthQUM1QixDQUFDLENBQUM7WUFDSCxPQUFPLFFBQVEsRUFBRSxJQUFJLENBQUM7UUFDeEIsQ0FBQyxFQUNEO1lBQ0UsR0FBRyxFQUFFLENBQUMsR0FBRyxFQUFFLEdBQUcsSUFBSSxFQUFFLE9BQU87U0FDNUIsQ0FDRixDQUFDO1FBRUYsT0FBTyxZQUFZLENBQUM7SUFDdEIsQ0FBQztJQUVELE1BQU0sQ0FBQyx1QkFBdUIsQ0FBQyxRQUEyQjtRQUN4RCxNQUFNLFFBQVEsR0FBRyxrQkFBa0IsQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFekQsTUFBTSxLQUFLLEdBQUcsUUFBUSxDQUFDLE1BQU0sQ0FDM0IsQ0FBQyxXQUFXLEVBQUUsRUFBRSxDQUNkLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDLGdCQUFnQixFQUFFLEVBQUUsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUM3RixDQUFDO1FBRUYsTUFBTSxVQUFVLEdBQUcsQ0FBQyxJQUF1QixFQUF1QixFQUFFO1lBQ2xFLE1BQU0sS0FBSyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDckIsSUFBSSxXQUFXLEdBQWtDLElBQUksQ0FBQztZQUV0RCxHQUFHLENBQUM7Z0JBQ0YsV0FBVyxHQUFHLFFBQVEsQ0FBQyxJQUFJLENBQ3pCLENBQUMsZUFBZSxFQUFFLEVBQUUsQ0FDbEIsV0FBVyxFQUFFLE1BQU0sQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFDLE9BQU8sQ0FBQztvQkFDcEQsQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLENBQ25ELENBQUM7Z0JBRUYsSUFBSSxXQUFXLEVBQUUsQ0FBQztvQkFDaEIsS0FBSyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztnQkFDMUIsQ0FBQztZQUNILENBQUMsUUFBUSxXQUFXLEVBQUU7WUFFdEIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDLENBQUM7UUFFRixNQUFNLE1BQU0sR0FBRyxLQUFLLENBQUMsR0FBRyxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQ2pGLE9BQU8sTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO0lBQ3ZCLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLGlCQUFpQixDQUM1QixRQUEyQixFQUMzQixLQUF3QixFQUN4QixVQUFpQyxFQUFFO1FBRW5DLE1BQU0sRUFBRSxPQUFPLEVBQUUsR0FBRyxPQUFPLENBQUM7UUFFNUIseUZBQXlGO1FBQ3pGLE1BQU0sV0FBVyxHQUFHLGtCQUFrQixDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBRW5GLE1BQU0sRUFBRSxHQUFHLGtCQUFrQixDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUVoRCxJQUFJLENBQUM7WUFDSCxNQUFNLElBQUksR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsTUFBTSxTQUFTLENBQUMsZUFBZSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1lBQ3pFLE1BQU0saUJBQWlCLEdBQUcsT0FBTztnQkFDL0IsQ0FBQyxDQUFDLEVBQUU7Z0JBQ0osQ0FBQyxDQUFDLE1BQU0sVUFBVSxDQUFDLHdCQUF3QixDQUFDLFdBQVcsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUUvRCxNQUFNLFdBQVcsR0FBRyxJQUFJLEtBQUssQ0FBQyxnQ0FBZ0MsQ0FBQztnQkFDN0QsS0FBSyxFQUFFLFdBQVc7Z0JBQ2xCLFlBQVksRUFBRSxFQUFFO2dCQUNoQixLQUFLLEVBQUUsaUJBQWlCO2dCQUN4QixJQUFJO2FBQ0wsQ0FBQyxDQUFDO1lBRUgsTUFBTSxZQUFZLEdBQUcsTUFBTSxXQUFXLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDaEQsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDekIsT0FBTztvQkFDTCxPQUFPLEVBQUUsS0FBSztvQkFDZCxZQUFZLEVBQUUsWUFBWSxDQUFDLGFBQWE7aUJBQ3pDLENBQUM7WUFDSixDQUFDO1lBRUQ7Ozs7Ozs7O2VBUUc7WUFDSCxNQUFNLGtCQUFrQixHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUNwRCxZQUFZLENBQUMsZUFBZSxFQUFFLElBQUksQ0FBQyxDQUFDLFlBQVksRUFBRSxFQUFFLENBQ2xELFlBQVksQ0FBQyxZQUFZLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FDckQsQ0FDRixDQUFDO1lBQ0YsSUFBSSxDQUFDLGtCQUFrQixFQUFFLENBQUM7Z0JBQ3hCLE1BQU0sSUFBSSxLQUFLLENBQUMsNkNBQTZDLENBQUMsQ0FBQztZQUNqRSxDQUFDO1lBRUQsT0FBTztnQkFDTCxPQUFPLEVBQUUsSUFBSTthQUNkLENBQUM7UUFDSixDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsWUFBWSxFQUFHLEdBQWEsQ0FBQyxPQUFPO2FBQ3JDLENBQUM7UUFDSixDQUFDO0lBQ0gsQ0FBQztJQUVPLE1BQU0sQ0FBQyxVQUFVLENBQUMsS0FBd0I7UUFDaEQsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxrQkFBa0IsQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDMUYsT0FBTyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FDaEMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsa0JBQWtCLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQ2hFLENBQUM7SUFDSixDQUFDIn0=
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
import fs from 'fs';
|
|
2
2
|
import * as path from 'path';
|
|
3
|
-
import { access, constants as FS_CONSTANTS, mkdir } from 'fs/promises';
|
|
4
3
|
import { NotFoundError } from '../../errors/index.js';
|
|
5
4
|
export class FSStorageProvider {
|
|
6
5
|
bucket;
|
|
@@ -72,11 +71,11 @@ export class FSStorageProvider {
|
|
|
72
71
|
}
|
|
73
72
|
async ensureDirectoryExists(directory, createIfNotExists = true) {
|
|
74
73
|
try {
|
|
75
|
-
await access(directory,
|
|
74
|
+
await fs.promises.access(directory, fs.promises.constants.F_OK);
|
|
76
75
|
}
|
|
77
76
|
catch (error) {
|
|
78
77
|
if (createIfNotExists) {
|
|
79
|
-
await mkdir(directory, { recursive: true });
|
|
78
|
+
await fs.promises.mkdir(directory, { recursive: true });
|
|
80
79
|
}
|
|
81
80
|
else {
|
|
82
81
|
throw new NotFoundError(`Directory does not exist: ${directory}`);
|
|
@@ -110,4 +109,4 @@ export class FSStorageProvider {
|
|
|
110
109
|
return fileStat.mtime;
|
|
111
110
|
}
|
|
112
111
|
}
|
|
113
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
112
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZnMtc3RvcmFnZS1wcm92aWRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9wcm92aWRlcnMvc3RvcmFnZS9mcy1zdG9yYWdlLXByb3ZpZGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQztBQUNwQixPQUFPLEtBQUssSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUk3QixPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFFdEQsTUFBTSxPQUFPLGlCQUFpQjtJQUNYLE1BQU0sQ0FBUztJQUNmLE1BQU0sQ0FBUztJQUVoQyxZQUFZLFdBQTBCO1FBQ3BDLElBQUksQ0FBQyxNQUFNLEdBQUcsV0FBVyxDQUFDLE1BQU0sQ0FBQztRQUNqQyxJQUFJLENBQUMsTUFBTSxHQUFHLFdBQVcsQ0FBQyxNQUFNLENBQUM7SUFDbkMsQ0FBQztJQUVPLFdBQVcsQ0FBQyxVQUFrQjtRQUNwQyxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxDQUFDO0lBQ3pELENBQUM7SUFFTyxpQkFBaUIsQ0FDdkIsV0FBNEIsRUFDNUIsWUFBNkIsRUFDN0IsYUFBcUIsRUFDckIsZ0JBQTJEO1FBRTNELElBQUksWUFBWSxHQUFHLENBQUMsQ0FBQztRQUVyQixPQUFPLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLE1BQU0sRUFBRSxFQUFFO1lBQzNDLFlBQVksQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxDQUFDLEVBQUUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFDdEQsV0FBVztpQkFDUixJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsS0FBSyxFQUFFLEVBQUU7Z0JBQ3RCLE1BQU0sV0FBVyxHQUFHLFlBQVksQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLENBQUM7Z0JBQzlDLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztvQkFDakIsV0FBVyxDQUFDLEtBQUssRUFBRSxDQUFDO29CQUNwQixZQUFZLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDO29CQUVqRSxZQUFZLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQztvQkFDN0IsSUFBSSxDQUFDLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQzt3QkFDdkIsZ0JBQWdCLENBQUMsYUFBYSxFQUFFLFlBQVksQ0FBQyxDQUFDO29CQUNoRCxDQUFDO2dCQUNILENBQUM7WUFDSCxDQUFDLENBQUM7aUJBQ0QsRUFBRSxDQUFDLEtBQUssRUFBRSxHQUFHLEVBQUU7Z0JBQ2QsWUFBWSxDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQ3JCLENBQUMsQ0FBQztpQkFDRCxFQUFFLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQ3pCLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELEtBQUssQ0FBQyxVQUFVLENBQ2QsV0FBNEIsRUFDNUIsVUFBa0IsRUFDbEIsYUFBcUIsRUFDckIsZ0JBQXlFO1FBRXpFLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUFDLDJCQUEyQixDQUFDLENBQUM7UUFDL0MsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDOUMsTUFBTSxJQUFJLENBQUMscUJBQXFCLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDO1FBRXpELE1BQU0sWUFBWSxHQUFHLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUNwRCxNQUFNLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxXQUFXLEVBQUUsWUFBWSxFQUFFLGFBQWEsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO0lBQzNGLENBQUM7SUFFRCxLQUFLLENBQUMsWUFBWSxDQUNoQixVQUFrQixFQUNsQixNQUFzQixFQUN0QixnQkFBeUU7UUFFekUsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLE1BQU0sSUFBSSxDQUFDLENBQUM7UUFDbEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUM5QyxJQUFJLEtBQWUsQ0FBQztRQUNwQixJQUFJLENBQUM7WUFDSCxLQUFLLEdBQUcsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUMzQyxDQUFDO1FBQUMsTUFBTSxDQUFDO1lBQ1AsTUFBTSxJQUFJLGFBQWEsQ0FBQyx3QkFBd0IsUUFBUSxFQUFFLENBQUMsQ0FBQztRQUM5RCxDQUFDO1FBQ0QsTUFBTSxLQUFLLEdBQUcsTUFBTSxHQUFHLENBQUMsTUFBTSxDQUFDLE1BQU0sSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLENBQUMsSUFBSSxDQUFDO1FBQzFELElBQUksT0FBTyxHQUFHLE1BQU0sQ0FBQztRQUNyQixNQUFNLFVBQVUsR0FBRyxFQUFFLENBQUMsZ0JBQWdCLENBQUMsUUFBUSxFQUFFO1lBQy9DLEtBQUssRUFBRSxNQUFNO1lBQ2IsR0FBRyxFQUFFLEtBQUs7U0FDWCxDQUFDLENBQUM7UUFFSCxVQUFVLENBQUMsRUFBRSxDQUFDLE1BQU0sRUFBRSxDQUFDLEtBQUssRUFBRSxFQUFFO1lBQzlCLE9BQU8sSUFBSSxLQUFLLENBQUMsTUFBTSxDQUFDO1lBQ3hCLElBQUksZ0JBQWdCLEVBQUUsQ0FBQztnQkFDckIsZ0JBQWdCLENBQUMsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQ25DLENBQUM7UUFDSCxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFRCxLQUFLLENBQUMsWUFBWSxDQUFDLFVBQWtCO1FBQ25DLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsRUFBRSxFQUFFLEtBQUssRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ3RFLENBQUM7SUFFTyxLQUFLLENBQUMscUJBQXFCLENBQUMsU0FBaUIsRUFBRSxpQkFBaUIsR0FBRyxJQUFJO1FBQzdFLElBQUksQ0FBQztZQUNILE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ2xFLENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsSUFBSSxpQkFBaUIsRUFBRSxDQUFDO2dCQUN0QixNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLFNBQVMsRUFBRSxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1lBQzFELENBQUM7aUJBQU0sQ0FBQztnQkFDTixNQUFNLElBQUksYUFBYSxDQUFDLDZCQUE2QixTQUFTLEVBQUUsQ0FBQyxDQUFDO1lBQ3BFLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVELEtBQUssQ0FBQyxXQUFXLENBQUMsVUFBa0I7UUFDbEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUM5QyxNQUFNLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUMzQyxNQUFNLE9BQU8sR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLFFBQVEsRUFBRSxFQUFFLGFBQWEsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBRTdFLE9BQU8sT0FBTyxDQUFDLEdBQUcsQ0FDaEIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxLQUFLLEVBQUUsTUFBTSxFQUFFLEVBQUU7WUFDM0IsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3BELE1BQU0sVUFBVSxHQUFHLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUM7WUFDdEQsT0FBTztnQkFDTCxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUk7Z0JBQ2pCLElBQUksRUFBRSxVQUFVLENBQUMsSUFBSTtnQkFDckIsUUFBUSxFQUFFLE1BQU0sQ0FBQyxXQUFXLEVBQUU7Z0JBQzlCLFNBQVMsRUFBRSxVQUFVLENBQUMsU0FBUztnQkFDL0IsR0FBRyxDQUFDLE1BQU0sQ0FBQyxXQUFXLEVBQUUsSUFBSTtvQkFDMUIsYUFBYSxFQUFFLENBQUMsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLE1BQU07aUJBQzlELENBQUM7YUFDSCxDQUFDO1FBQ0osQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7SUFFRCxLQUFLLENBQUMsYUFBYSxDQUFDLFVBQWtCO1FBQ3BDLE1BQU0sUUFBUSxHQUFHLE1BQU0sRUFBRSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO1FBRXRFLE9BQU8sUUFBUSxDQUFDLElBQUksQ0FBQztJQUN2QixDQUFDO0lBRUQsS0FBSyxDQUFDLGVBQWUsQ0FBQyxVQUFrQjtRQUN0QyxNQUFNLFFBQVEsR0FBRyxNQUFNLEVBQUUsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQztRQUV0RSxPQUFPLFFBQVEsQ0FBQyxLQUFLLENBQUM7SUFDeEIsQ0FBQztDQUNGIn0=
|
|
@@ -59,8 +59,7 @@ export class OrderReportService {
|
|
|
59
59
|
};
|
|
60
60
|
}
|
|
61
61
|
static async validateOrderReport(orderReport) {
|
|
62
|
-
|
|
63
|
-
await teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
62
|
+
await TeeCertificateService.validateTeeCertChainOrFail(orderReport.certificate);
|
|
64
63
|
const workloadInfoHashFromCert = CertificatesHelper.getExtensionValue(orderReport.certificate, OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
65
64
|
if (!workloadInfoHashFromCert) {
|
|
66
65
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
@@ -91,4 +90,4 @@ export class OrderReportService {
|
|
|
91
90
|
};
|
|
92
91
|
}
|
|
93
92
|
}
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
93
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLE1BQU0sQ0FBQztBQUNqQyxPQUFPLElBQUksTUFBTSxNQUFNLENBQUM7QUFDeEIsT0FBTyxFQUNMLFFBQVEsR0FNVCxNQUFNLHdCQUF3QixDQUFDO0FBR2hDLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sRUFBRSxvREFBb0QsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3ZGLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBQzlFLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQy9ELE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBRW5FLE1BQU0sV0FBVyxHQUFHLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDekMsTUFBTSxZQUFZLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUUzQyxNQUFNLE9BQU8sa0JBQWtCO0lBQzdCLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLFdBQXdCO1FBQzFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQyxrQkFBa0IsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDakYsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXpELE1BQU0sZ0JBQWdCLEdBQXFCO1lBQ3pDLFlBQVksRUFBRSxRQUFRO1lBQ3RCLFlBQVksRUFBRTtnQkFDWixXQUFXLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO29CQUM3RCxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJO29CQUNiLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7b0JBQ2hDLGdCQUFnQixFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDO29CQUN4RCxRQUFRLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDO2lCQUN6QyxDQUFDLENBQUM7Z0JBQ0gsT0FBTyxFQUFFLFdBQVcsQ0FBQyxZQUFZLENBQUMsT0FBTzthQUMxQztTQUNGLENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxNQUFNLFdBQVcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUU1RCxPQUFPLFVBQVUsQ0FBQztJQUNwQixDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsa0JBQTBCO1FBQzVDLE1BQU0sWUFBWSxHQUFHLE1BQU0sWUFBWSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDNUQsTUFBTSxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFL0QsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLGdCQUFnQixDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRWpGLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNuQyxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7UUFDOUQsQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFrQixnQkFBZ0IsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFO1lBQzNGLE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFlO2dCQUM3QixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQUk7Z0JBQ2xCLElBQUksRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBRTthQUMzQyxDQUFDO1lBQ0YsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDN0IsTUFBTSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUM1RSxDQUFDO1lBQ0QsSUFBSSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3JCLE1BQU0sQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUM1RCxDQUFDO1lBQ0QsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPO1lBQ0wsV0FBVyxFQUFFLFFBQVE7WUFDckIsWUFBWSxFQUFFO2dCQUNaLFdBQVc7Z0JBQ1gsT0FBTyxFQUFFLGdCQUFnQixDQUFDLFlBQWEsQ0FBQyxPQUFPO2FBQ2hEO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLG1CQUFtQixDQUFDLFdBQXdCO1FBQ3ZELE1BQU0scUJBQXFCLENBQUMsMEJBQTBCLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRWhGLE1BQU0sd0JBQXdCLEdBQUcsa0JBQWtCLENBQUMsaUJBQWlCLENBQ25FLFdBQVcsQ0FBQyxXQUFXLEVBQ3ZCLG9EQUFvRCxDQUNyRCxDQUFDO1FBQ0YsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFDOUIsTUFBTSxJQUFJLEtBQUssQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1FBQ2pFLENBQUM7UUFDRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sbUJBQW1CLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRTdFLE1BQU0sV0FBVyxHQUNmLE1BQU0sQ0FBQyxPQUFPLENBQ1osd0JBQXdCLEVBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUM5RCxLQUFLLENBQUMsQ0FBQztRQUNWLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUNiLDJGQUEyRixDQUM1RixDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsWUFBWSxDQUFDLElBQVc7UUFDckMsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1YsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPO1lBQ0wsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ2YsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDO1NBQzVDLENBQUM7SUFDSixDQUFDO0lBRU8sTUFBTSxDQUFDLGdCQUFnQixDQUFDLFVBQWtDO1FBQ2hFLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQixPQUFPO1FBQ1QsQ0FBQztRQUVELE9BQU87WUFDTCxJQUFJLEVBQUUsVUFBVSxDQUFDLElBQXFCO1lBQ3RDLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQztZQUN6RCxRQUFRLEVBQUUsUUFBUSxDQUFDLEdBQUc7U0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRiJ9
|
|
@@ -1,15 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
export declare enum ValidateTeeCertChainErrorCode {
|
|
2
|
+
CERT_CHAIN_IS_INVALID = "CERT_CHAIN_IS_INVALID",
|
|
3
|
+
NOT_ALLOWED_CHALLENGE = "NOT_ALLOWED_CHALLENGE",
|
|
4
|
+
CHALLENGE_IS_INVALID = "CHALLENGE_IS_INVALID"
|
|
5
|
+
}
|
|
6
|
+
export interface ValidateTeeCertChainResult {
|
|
7
|
+
isValid: boolean;
|
|
8
|
+
errorCode?: string;
|
|
9
|
+
errorMessage?: string;
|
|
10
|
+
}
|
|
8
11
|
export declare class TeeCertificateService {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
private validateChallengeSgx;
|
|
14
|
-
private validateChallengeTdxAndSnp;
|
|
12
|
+
static validateTeeCertChainOrFail(certsPem: string): Promise<void>;
|
|
13
|
+
static validateTeeCertChain(certsPem: string): Promise<ValidateTeeCertChainResult>;
|
|
14
|
+
private static validateChallengeSgx;
|
|
15
|
+
private static validateChallengeTdxAndSnp;
|
|
15
16
|
}
|
|
@@ -1,61 +1,67 @@
|
|
|
1
|
-
import forge from 'node-forge';
|
|
2
|
-
import { TeeSgxParser } from './QuoteParser.js';
|
|
3
|
-
import { QuoteValidator } from './QuoteValidator.js';
|
|
4
1
|
import { SUPERPROTOCOL_CA } from '../constants.js';
|
|
5
2
|
import { ChallengeType, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID, OID_CUSTOM_EXTENSION_CHALLENGE_ID, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE, } from '@super-protocol/pki-common';
|
|
6
3
|
import { TeeSignatureVerifier } from './TeeSignatureVerifier.js';
|
|
7
4
|
import { InvalidSignatureError } from './errors.js';
|
|
8
5
|
import { CertificatesHelper } from '../certificates/index.js';
|
|
6
|
+
export var ValidateTeeCertChainErrorCode;
|
|
7
|
+
(function (ValidateTeeCertChainErrorCode) {
|
|
8
|
+
ValidateTeeCertChainErrorCode["CERT_CHAIN_IS_INVALID"] = "CERT_CHAIN_IS_INVALID";
|
|
9
|
+
ValidateTeeCertChainErrorCode["NOT_ALLOWED_CHALLENGE"] = "NOT_ALLOWED_CHALLENGE";
|
|
10
|
+
ValidateTeeCertChainErrorCode["CHALLENGE_IS_INVALID"] = "CHALLENGE_IS_INVALID";
|
|
11
|
+
})(ValidateTeeCertChainErrorCode || (ValidateTeeCertChainErrorCode = {}));
|
|
9
12
|
export class TeeCertificateService {
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
return Buffer.from(publicKeyDer, 'binary');
|
|
16
|
-
}
|
|
17
|
-
async parseAndValidateCertificate(certificatePem, sgxApiUrl) {
|
|
18
|
-
const pem = Buffer.isBuffer(certificatePem) ? certificatePem.toString() : certificatePem;
|
|
19
|
-
const certificate = forge.pki.certificateFromPem(pem);
|
|
20
|
-
const extensions = certificate.extensions;
|
|
21
|
-
const quote = extensions.find((ext) => ext.id === this.certOidQuote);
|
|
22
|
-
const quoteBuffer = Buffer.from(quote.value, 'binary');
|
|
23
|
-
const validator = new QuoteValidator(sgxApiUrl);
|
|
24
|
-
await validator.checkQuote(quoteBuffer, this.getCertificatePublicKey(certificate));
|
|
25
|
-
const parser = new TeeSgxParser();
|
|
26
|
-
const parsedQuote = parser.parseQuote(quoteBuffer);
|
|
27
|
-
const report = parser.parseReport(parsedQuote.report);
|
|
28
|
-
return {
|
|
29
|
-
userData: Buffer.from(parsedQuote.header.userData),
|
|
30
|
-
mrEnclave: Buffer.from(report.mrEnclave),
|
|
31
|
-
mrSigner: Buffer.from(report.mrSigner),
|
|
32
|
-
dataHash: Buffer.from(report.dataHash),
|
|
33
|
-
};
|
|
13
|
+
static async validateTeeCertChainOrFail(certsPem) {
|
|
14
|
+
const result = await TeeCertificateService.validateTeeCertChain(certsPem);
|
|
15
|
+
if (!result.isValid) {
|
|
16
|
+
throw new Error(result.errorMessage);
|
|
17
|
+
}
|
|
34
18
|
}
|
|
35
|
-
async
|
|
36
|
-
const {
|
|
37
|
-
if (!
|
|
38
|
-
|
|
19
|
+
static async validateTeeCertChain(certsPem) {
|
|
20
|
+
const { isValid, errorMessage } = await CertificatesHelper.validateCertChain(certsPem, SUPERPROTOCOL_CA);
|
|
21
|
+
if (!isValid) {
|
|
22
|
+
return {
|
|
23
|
+
isValid: false,
|
|
24
|
+
errorCode: ValidateTeeCertChainErrorCode.CERT_CHAIN_IS_INVALID,
|
|
25
|
+
errorMessage: `Cert chain is invalid! (${errorMessage})`,
|
|
26
|
+
};
|
|
39
27
|
}
|
|
40
28
|
const sortedCerts = CertificatesHelper.sortCertsFromLeafToRoot(certsPem);
|
|
41
29
|
const challenges = sortedCerts.map((cert) => CertificatesHelper.getExtensionValue(cert, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE)?.toString('binary'));
|
|
42
30
|
if (challenges.some((challenge) => !challenge || challenge === ChallengeType.Untrusted)) {
|
|
43
|
-
|
|
31
|
+
return {
|
|
32
|
+
isValid: false,
|
|
33
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
34
|
+
errorMessage: `Cert chain has cert without or Untrusted challenge`,
|
|
35
|
+
};
|
|
44
36
|
}
|
|
45
37
|
const leafCertChallengeType = challenges[0];
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
38
|
+
try {
|
|
39
|
+
switch (leafCertChallengeType) {
|
|
40
|
+
case ChallengeType.SGXDCAP:
|
|
41
|
+
TeeCertificateService.validateChallengeSgx(certsPem);
|
|
42
|
+
break;
|
|
43
|
+
case ChallengeType.TDX:
|
|
44
|
+
case ChallengeType.AMDSEV:
|
|
45
|
+
await TeeCertificateService.validateChallengeTdxAndSnp(certsPem);
|
|
46
|
+
break;
|
|
47
|
+
default:
|
|
48
|
+
return {
|
|
49
|
+
isValid: false,
|
|
50
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
51
|
+
errorMessage: `Challenge type ${leafCertChallengeType || `[none]`} is missing or not allowed!`,
|
|
52
|
+
};
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
catch (err) {
|
|
56
|
+
return {
|
|
57
|
+
isValid: false,
|
|
58
|
+
errorCode: ValidateTeeCertChainErrorCode.CHALLENGE_IS_INVALID,
|
|
59
|
+
errorMessage: `Challenge is not valid! (${err.message})`,
|
|
60
|
+
};
|
|
56
61
|
}
|
|
62
|
+
return { isValid: true };
|
|
57
63
|
}
|
|
58
|
-
validateChallengeSgx(certPem) {
|
|
64
|
+
static validateChallengeSgx(certPem) {
|
|
59
65
|
const mrSignerBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
60
66
|
if (!mrSignerBinaryString) {
|
|
61
67
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
@@ -67,7 +73,7 @@ export class TeeCertificateService {
|
|
|
67
73
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
68
74
|
}
|
|
69
75
|
}
|
|
70
|
-
async validateChallengeTdxAndSnp(certPem) {
|
|
76
|
+
static async validateChallengeTdxAndSnp(certPem) {
|
|
71
77
|
const mrEnclaveBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
72
78
|
if (!mrEnclaveBinaryString) {
|
|
73
79
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
@@ -84,4 +90,4 @@ export class TeeCertificateService {
|
|
|
84
90
|
}
|
|
85
91
|
}
|
|
86
92
|
}
|
|
87
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
93
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDbkQsT0FBTyxFQUNMLGFBQWEsRUFDYix3Q0FBd0MsRUFDeEMsaUNBQWlDLEVBQ2pDLG1DQUFtQyxHQUNwQyxNQUFNLDRCQUE0QixDQUFDO0FBQ3BDLE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQ2pFLE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUNwRCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUU5RCxNQUFNLENBQU4sSUFBWSw2QkFJWDtBQUpELFdBQVksNkJBQTZCO0lBQ3ZDLGdGQUErQyxDQUFBO0lBQy9DLGdGQUErQyxDQUFBO0lBQy9DLDhFQUE2QyxDQUFBO0FBQy9DLENBQUMsRUFKVyw2QkFBNkIsS0FBN0IsNkJBQTZCLFFBSXhDO0FBT0QsTUFBTSxPQUFPLHFCQUFxQjtJQUNoQyxNQUFNLENBQUMsS0FBSyxDQUFDLDBCQUEwQixDQUFDLFFBQWdCO1FBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0scUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDMUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNwQixNQUFNLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUN2QyxDQUFDO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsb0JBQW9CLENBQUMsUUFBZ0I7UUFDaEQsTUFBTSxFQUFFLE9BQU8sRUFBRSxZQUFZLEVBQUUsR0FBRyxNQUFNLGtCQUFrQixDQUFDLGlCQUFpQixDQUMxRSxRQUFRLEVBQ1IsZ0JBQWdCLENBQ2pCLENBQUM7UUFFRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDYixPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLFNBQVMsRUFBRSw2QkFBNkIsQ0FBQyxxQkFBcUI7Z0JBQzlELFlBQVksRUFBRSwyQkFBMkIsWUFBWSxHQUFHO2FBQ3pELENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxXQUFXLEdBQUcsa0JBQWtCLENBQUMsdUJBQXVCLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFekUsTUFBTSxVQUFVLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQzFDLGtCQUFrQixDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxtQ0FBbUMsQ0FBQyxFQUFFLFFBQVEsQ0FDdkYsUUFBUSxDQUNULENBQ0YsQ0FBQztRQUNGLElBQUksVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsQ0FBQyxTQUFTLElBQUksU0FBUyxLQUFLLGFBQWEsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1lBQ3hGLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLHFCQUFxQjtnQkFDOUQsWUFBWSxFQUFFLG9EQUFvRDthQUNuRSxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0scUJBQXFCLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTVDLElBQUksQ0FBQztZQUNILFFBQVEscUJBQXFCLEVBQUUsQ0FBQztnQkFDOUIsS0FBSyxhQUFhLENBQUMsT0FBTztvQkFDeEIscUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3JELE1BQU07Z0JBQ1IsS0FBSyxhQUFhLENBQUMsR0FBRyxDQUFDO2dCQUN2QixLQUFLLGFBQWEsQ0FBQyxNQUFNO29CQUN2QixNQUFNLHFCQUFxQixDQUFDLDBCQUEwQixDQUFDLFFBQVEsQ0FBQyxDQUFDO29CQUNqRSxNQUFNO2dCQUVSO29CQUNFLE9BQU87d0JBQ0wsT0FBTyxFQUFFLEtBQUs7d0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLHFCQUFxQjt3QkFDOUQsWUFBWSxFQUFFLGtCQUFrQixxQkFBcUIsSUFBSSxRQUFRLDZCQUE2QjtxQkFDL0YsQ0FBQztZQUNOLENBQUM7UUFDSCxDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLG9CQUFvQjtnQkFDN0QsWUFBWSxFQUFFLDRCQUE2QixHQUFhLENBQUMsT0FBTyxHQUFHO2FBQ3BFLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUMzQixDQUFDO0lBRU8sTUFBTSxDQUFDLG9CQUFvQixDQUFDLE9BQWU7UUFDakQsTUFBTSxvQkFBb0IsR0FBRyxrQkFBa0IsQ0FBQyxpQkFBaUIsQ0FDL0QsT0FBTyxFQUNQLHdDQUF3QyxDQUN6QyxDQUFDO1FBQ0YsSUFBSSxDQUFDLG9CQUFvQixFQUFFLENBQUM7WUFDMUIsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxvQkFBb0IsQ0FBQyxvQkFBb0IsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2xFLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQywwQkFBMEIsQ0FBQyxPQUFlO1FBQzdELE1BQU0scUJBQXFCLEdBQUcsa0JBQWtCLENBQUMsaUJBQWlCLENBQ2hFLE9BQU8sRUFDUCxpQ0FBaUMsQ0FDbEMsQ0FBQztRQUNGLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQzNCLE1BQU0sSUFBSSxLQUFLLENBQUMseUNBQXlDLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBRUQsSUFBSSxDQUFDO1lBQ0gsTUFBTSxvQkFBb0IsQ0FBQywwQkFBMEIsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO1FBQy9FLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsTUFBTSxPQUFPLEdBQUcsMkJBQTJCLENBQUM7WUFDNUMsSUFBSSxHQUFHLFlBQVkscUJBQXFCLEVBQUUsQ0FBQztnQkFDekMsTUFBTSxJQUFJLEtBQUssQ0FBQyxHQUFHLE9BQU8sSUFBSSxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUMvQyxDQUFDO1lBQ0QsTUFBTSxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMzQixDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=
|