@super-protocol/sdk-js 3.4.0-beta.21 → 3.4.0-beta.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificates/helper.js +3 -3
- package/dist/cjs/certificates/types.d.ts +1 -1
- package/dist/cjs/index.js +1 -1
- package/dist/cjs/tee/OrderReportService.js +2 -3
- package/dist/cjs/tee/TeeCertificateService.d.ts +14 -13
- package/dist/cjs/tee/TeeCertificateService.js +52 -49
- package/dist/cjs/utils/TxManager.js +16 -27
- package/dist/mjs/certificates/helper.js +3 -3
- package/dist/mjs/certificates/types.d.ts +1 -1
- package/dist/mjs/index.js +1 -1
- package/dist/mjs/tee/OrderReportService.js +2 -3
- package/dist/mjs/tee/TeeCertificateService.d.ts +14 -13
- package/dist/mjs/tee/TeeCertificateService.js +51 -45
- package/dist/mjs/utils/TxManager.js +17 -28
- package/package.json +1 -1
|
@@ -139,7 +139,7 @@ class CertificatesHelper {
|
|
|
139
139
|
const verifyResult = await chainEngine.verify();
|
|
140
140
|
if (!verifyResult.result) {
|
|
141
141
|
return {
|
|
142
|
-
|
|
142
|
+
isValid: false,
|
|
143
143
|
errorMessage: verifyResult.resultMessage,
|
|
144
144
|
};
|
|
145
145
|
}
|
|
@@ -157,12 +157,12 @@ class CertificatesHelper {
|
|
|
157
157
|
throw new Error('Some of certificates do not belong to chain');
|
|
158
158
|
}
|
|
159
159
|
return {
|
|
160
|
-
|
|
160
|
+
isValid: true,
|
|
161
161
|
};
|
|
162
162
|
}
|
|
163
163
|
catch (err) {
|
|
164
164
|
return {
|
|
165
|
-
|
|
165
|
+
isValid: false,
|
|
166
166
|
errorMessage: err.message,
|
|
167
167
|
};
|
|
168
168
|
}
|
package/dist/cjs/index.js
CHANGED
|
@@ -174,4 +174,4 @@ __exportStar(require("./utils/schema-utils/index.js"), exports);
|
|
|
174
174
|
exports.ResourceLoaderUtils = __importStar(require("./utils/resourceLoaders/index.js"));
|
|
175
175
|
var TeeSignatureVerifier_js_1 = require("./tee/TeeSignatureVerifier.js");
|
|
176
176
|
Object.defineProperty(exports, "TeeSignatureVerifier", { enumerable: true, get: function () { return TeeSignatureVerifier_js_1.TeeSignatureVerifier; } });
|
|
177
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
177
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsOEVBQXFGO0FBQTVFLDhJQUFBLE9BQU8sT0FBdUI7QUFFdkMsc0VBQW9EO0FBSXBELHdGQUErRjtBQUF0Rix3SkFBQSxPQUFPLE9BQTRCO0FBRTVDLDhDQUFzRDtBQUE3QyxtSEFBQSxPQUFPLE9BQVU7QUFDMUIsb0RBQWtDO0FBRWxDLDBEQUF3QztBQUV4QyxxREFBNEQ7QUFBbkQsZ0lBQUEsT0FBTyxPQUFnQjtBQUNoQyxvREFBa0M7QUFFbEMsbURBQTBEO0FBQWpELDhIQUFBLE9BQU8sT0FBZTtBQUMvQixvREFBa0M7QUFFbEMsNERBQW1FO0FBQTFELDBIQUFBLE9BQU8sT0FBYTtBQUM3Qiw4REFBNEM7QUFFNUMsc0RBQTZEO0FBQXBELG9IQUFBLE9BQU8sT0FBVTtBQUMxQiwyREFBeUM7QUFFekMsa0VBQXlFO0FBQWhFLGdJQUFBLE9BQU8sT0FBZ0I7QUFDaEMsaUVBQStDO0FBRS9DLGtFQUF5RTtBQUFoRSxnSUFBQSxPQUFPLE9BQWdCO0FBQ2hDLGlFQUErQztBQUUvQyxzREFBNkQ7QUFBcEQsb0hBQUEsT0FBTyxPQUFVO0FBQzFCLDJEQUF5QztBQUV6Qyw0REFBbUU7QUFBMUQsMEhBQUEsT0FBTyxPQUFhO0FBQzdCLDhEQUE0QztBQUU1QywwRUFBaUY7QUFBeEUsd0lBQUEsT0FBTyxPQUFvQjtBQUNwQyxxRUFBbUQ7QUFFbkQsb0VBQTJFO0FBQWxFLGtJQUFBLE9BQU8sT0FBaUI7QUFDakMsa0VBQWdEO0FBRWhELDBEQUFpRTtBQUF4RCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsNkRBQTJDO0FBRTNDLG9EQUEyRDtBQUFsRCxrSEFBQSxPQUFPLE9BQVM7QUFDekIsMERBQXdDO0FBRXhDLDBEQUFpRTtBQUF4RCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsNkRBQTJDO0FBRTNDLHNFQUE2RTtBQUFwRSxvSUFBQSxPQUFPLE9BQWtCO0FBQ2xDLG1FQUFpRDtBQUVqRCx3RkFBK0Y7QUFBdEYsc0pBQUEsT0FBTyxPQUEyQjtBQUMzQyw0RUFBMEQ7QUFFMUQsc0VBQTZFO0FBQXBFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsbUVBQWlEO0FBRWpELHNGQUE2RjtBQUFwRixvSkFBQSxPQUFPLE9BQTBCO0FBQzFDLDJFQUF5RDtBQUV6RCxvRkFBMkY7QUFBbEYsa0pBQUEsT0FBTyxPQUF5QjtBQUN6QywwRUFBd0Q7QUFFeEQsc0VBQTZFO0FBQXBFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsbUVBQWlEO0FBRWpELDhDQUFxRDtBQUE1QyxrSEFBQSxPQUFPLE9BQVM7QUFDekIsb0RBQWtDO0FBRWxDLG9EQUEyRDtBQUFsRCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsdURBQXFDO0FBRXJDLG9EQUEyRDtBQUFsRCx3SEFBQSxPQUFPLE9BQVk7QUFDNUIsdURBQXFDO0FBRXJDLDhDQUFxRDtBQUE1QyxrSEFBQSxPQUFPLE9BQVM7QUFDekIsb0RBQWtDO0FBRWxDLDBDQUFpRDtBQUF4Qyw4R0FBQSxPQUFPLE9BQU87QUFDdkIsa0RBQWdDO0FBRWhDLG1EQUFpQztBQUVqQyx5R0FBeUY7QUFDekYsdUVBQTJGO0FBQWxGLGdJQUFBLE9BQU8sT0FBZ0I7QUFDaEMseUZBR3NEO0FBRnBELGtKQUFBLE9BQU8sT0FBeUI7QUFHbEMsMkZBQWtHO0FBQXpGLG9KQUFBLE9BQU8sT0FBMEI7QUFFMUMsMkVBSStDO0FBSDdDLG9JQUFBLE9BQU8sT0FBa0I7QUFDekIsZ0hBQUEsV0FBVyxPQUFBO0FBR2IsdUZBSXFEO0FBSG5ELGdKQUFBLE9BQU8sT0FBd0I7QUFFL0IsNEhBQUEsaUJBQWlCLE9BQUE7QUFNbkIsbUZBQTBGO0FBQWpGLDRJQUFBLE9BQU8sT0FBc0I7QUFFdEMsNkZBQXlGO0FBQWhGLHFJQUFBLHVCQUF1QixPQUFBO0FBQ2hDLDZGQUd3RDtBQUZ0RCxvSUFBQSxzQkFBc0IsT0FBQTtBQUN0QixxSUFBQSx1QkFBdUIsT0FBQTtBQUd6QixtRUFBaUQ7QUFDakQsb0VBQW9EO0FBQ3BELDREQUE0QztBQUU1QyxxREFBeUU7QUFBaEUsaUlBQUEsaUNBQWlDLE9BQUE7QUFFMUMsMEJBQXdCO0FBRXhCLGtEQUFnQztBQUNoQywyQ0FBMkM7QUFBbEMscUdBQUEsU0FBUyxPQUFBO0FBQ2xCLHVEQUE2RTtBQUFwRSw4R0FBQSxZQUFZLE9BQUE7QUFBRSw4R0FBQSxZQUFZLE9BQUE7QUFBRSwyR0FBQSxTQUFTLE9BQUE7QUFDOUMsNkRBQXlEO0FBQWhELG1IQUFBLGNBQWMsT0FBQTtBQUN2QixvREFBa0M7QUFDbEMsaUVBQTZEO0FBQXBELHVIQUFBLGdCQUFnQixPQUFBO0FBQ3pCLDJFQUF1RTtBQUE5RCxpSUFBQSxxQkFBcUIsT0FBQTtBQUM5QixxRUFBaUU7QUFBeEQsMkhBQUEsa0JBQWtCLE9BQUE7QUFFM0IsdURBQXFDO0FBQ3JDLHlEQUFnRTtBQUF2RCwwSEFBQSxPQUFPLE9BQWE7QUFDN0Isd0ZBQStGO0FBQXRGLDBJQUFBLE9BQU8sT0FBcUI7QUFDckMsOEZBQXFHO0FBQTVGLGdKQUFBLE9BQU8sT0FBd0I7QUFDeEMsOEVBQXFGO0FBQTVFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMsOEVBQXFGO0FBQTVFLG9JQUFBLE9BQU8sT0FBa0I7QUFDbEMseURBQXVDO0FBQ3ZDLHlEQUF1QztBQUN2QywwREFBd0M7QUFDeEMsb0RBQWtDO0FBQ2xDLGdFQUE4QztBQUM5Qyx3RkFBd0U7QUFDeEUseUVBQXFFO0FBQTVELCtIQUFBLG9CQUFvQixPQUFBIn0=
|
|
@@ -65,8 +65,7 @@ class OrderReportService {
|
|
|
65
65
|
};
|
|
66
66
|
}
|
|
67
67
|
static async validateOrderReport(orderReport) {
|
|
68
|
-
|
|
69
|
-
await teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
68
|
+
await TeeCertificateService_js_1.TeeCertificateService.validateTeeCertChainOrFail(orderReport.certificate);
|
|
70
69
|
const workloadInfoHashFromCert = helper_js_1.CertificatesHelper.getExtensionValue(orderReport.certificate, constants_js_1.OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
71
70
|
if (!workloadInfoHashFromCert) {
|
|
72
71
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
@@ -98,4 +97,4 @@ class OrderReportService {
|
|
|
98
97
|
}
|
|
99
98
|
}
|
|
100
99
|
exports.OrderReportService = OrderReportService;
|
|
101
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
100
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBQUEsK0JBQWlDO0FBQ2pDLGdEQUF3QjtBQUN4QixtREFPZ0M7QUFHaEMsNERBQTJEO0FBQzNELGtEQUF1RjtBQUN2RixvRkFBOEU7QUFDOUUseURBQStEO0FBQy9ELHlFQUFtRTtBQUVuRSxNQUFNLFdBQVcsR0FBRyxJQUFBLGdCQUFTLEVBQUMsY0FBSSxDQUFDLElBQUksQ0FBQyxDQUFDO0FBQ3pDLE1BQU0sWUFBWSxHQUFHLElBQUEsZ0JBQVMsRUFBQyxjQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7QUFFM0MsTUFBYSxrQkFBa0I7SUFDN0IsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsV0FBd0I7UUFDMUMsTUFBTSxFQUFFLEtBQUssRUFBRSxHQUFHLDhCQUFrQixDQUFDLGtCQUFrQixDQUFDLFdBQVcsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNqRixNQUFNLFFBQVEsR0FBRyw4QkFBa0IsQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFekQsTUFBTSxnQkFBZ0IsR0FBcUI7WUFDekMsWUFBWSxFQUFFLFFBQVE7WUFDdEIsWUFBWSxFQUFFO2dCQUNaLFdBQVcsRUFBRSxXQUFXLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7b0JBQzdELElBQUksRUFBRSxFQUFFLENBQUMsSUFBSTtvQkFDYixJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQztvQkFDaEMsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsZ0JBQWdCLENBQUM7b0JBQ3hELFFBQVEsRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxRQUFRLENBQUM7aUJBQ3pDLENBQUMsQ0FBQztnQkFDSCxPQUFPLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxPQUFPO2FBQzFDO1NBQ0YsQ0FBQztRQUVGLE1BQU0sT0FBTyxHQUFHLGlDQUFnQixDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ25FLE1BQU0sVUFBVSxHQUFHLE1BQU0sV0FBVyxDQUFDLE9BQU8sRUFBRSxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBRTVELE9BQU8sVUFBVSxDQUFDO0lBQ3BCLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxrQkFBMEI7UUFDNUMsTUFBTSxZQUFZLEdBQUcsTUFBTSxZQUFZLENBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUM1RCxNQUFNLGdCQUFnQixHQUFHLGlDQUFnQixDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUUvRCxNQUFNLFFBQVEsR0FBRyw4QkFBa0IsQ0FBQyxhQUFhLENBQUMsZ0JBQWdCLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFakYsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ25DLE1BQU0sSUFBSSxLQUFLLENBQUMsMENBQTBDLENBQUMsQ0FBQztRQUM5RCxDQUFDO1FBRUQsTUFBTSxXQUFXLEdBQWtCLGdCQUFnQixDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUU7WUFDM0YsTUFBTSxNQUFNLEdBQWdCO2dCQUMxQixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQWU7Z0JBQzdCLElBQUksRUFBRSxPQUFPLENBQUMsSUFBSTtnQkFDbEIsSUFBSSxFQUFFLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFFO2FBQzNDLENBQUM7WUFDRixJQUFJLE9BQU8sQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO2dCQUM3QixNQUFNLENBQUMsZ0JBQWdCLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1lBQzVFLENBQUM7WUFDRCxJQUFJLE9BQU8sQ0FBQyxRQUFRLEVBQUUsQ0FBQztnQkFDckIsTUFBTSxDQUFDLFFBQVEsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQzVELENBQUM7WUFDRCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDLENBQUMsQ0FBQztRQUVILE9BQU87WUFDTCxXQUFXLEVBQUUsUUFBUTtZQUNyQixZQUFZLEVBQUU7Z0JBQ1osV0FBVztnQkFDWCxPQUFPLEVBQUUsZ0JBQWdCLENBQUMsWUFBYSxDQUFDLE9BQU87YUFDaEQ7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQUMsV0FBd0I7UUFDdkQsTUFBTSxnREFBcUIsQ0FBQywwQkFBMEIsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFaEYsTUFBTSx3QkFBd0IsR0FBRyw4QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDbkUsV0FBVyxDQUFDLFdBQVcsRUFDdkIsbUVBQW9ELENBQ3JELENBQUM7UUFDRixJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUM5QixNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxDQUFDLENBQUM7UUFDakUsQ0FBQztRQUNELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxJQUFBLDRDQUFtQixFQUFDLFdBQVcsQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUU3RSxNQUFNLFdBQVcsR0FDZixNQUFNLENBQUMsT0FBTyxDQUNaLHdCQUF3QixFQUN4QixNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksRUFBRSxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FDOUQsS0FBSyxDQUFDLENBQUM7UUFDVixJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDakIsTUFBTSxJQUFJLEtBQUssQ0FDYiwyRkFBMkYsQ0FDNUYsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLFlBQVksQ0FBQyxJQUFXO1FBQ3JDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNWLE9BQU87UUFDVCxDQUFDO1FBRUQsT0FBTztZQUNMLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNmLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQztTQUM1QyxDQUFDO0lBQ0osQ0FBQztJQUVPLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFrQztRQUNoRSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDaEIsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPO1lBQ0wsSUFBSSxFQUFFLFVBQVUsQ0FBQyxJQUFxQjtZQUN0QyxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUMsUUFBUSxDQUFDLGlCQUFRLENBQUMsR0FBRyxDQUFDO1lBQ3pELFFBQVEsRUFBRSxpQkFBUSxDQUFDLEdBQUc7U0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQXpHRCxnREF5R0MifQ==
|
|
@@ -1,15 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
export declare enum ValidateTeeCertChainErrorCode {
|
|
2
|
+
CERT_CHAIN_IS_INVALID = "CERT_CHAIN_IS_INVALID",
|
|
3
|
+
NOT_ALLOWED_CHALLENGE = "NOT_ALLOWED_CHALLENGE",
|
|
4
|
+
CHALLENGE_IS_INVALID = "CHALLENGE_IS_INVALID"
|
|
5
|
+
}
|
|
6
|
+
export interface ValidateTeeCertChainResult {
|
|
7
|
+
isValid: boolean;
|
|
8
|
+
errorCode?: string;
|
|
9
|
+
errorMessage?: string;
|
|
10
|
+
}
|
|
8
11
|
export declare class TeeCertificateService {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
private validateChallengeSgx;
|
|
14
|
-
private validateChallengeTdxAndSnp;
|
|
12
|
+
static validateTeeCertChainOrFail(certsPem: string): Promise<void>;
|
|
13
|
+
static validateTeeCertChain(certsPem: string): Promise<ValidateTeeCertChainResult>;
|
|
14
|
+
private static validateChallengeSgx;
|
|
15
|
+
private static validateChallengeTdxAndSnp;
|
|
15
16
|
}
|
|
@@ -1,67 +1,70 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.TeeCertificateService = void 0;
|
|
7
|
-
const node_forge_1 = __importDefault(require("node-forge"));
|
|
8
|
-
const QuoteParser_js_1 = require("./QuoteParser.js");
|
|
9
|
-
const QuoteValidator_js_1 = require("./QuoteValidator.js");
|
|
3
|
+
exports.TeeCertificateService = exports.ValidateTeeCertChainErrorCode = void 0;
|
|
10
4
|
const constants_js_1 = require("../constants.js");
|
|
11
5
|
const pki_common_1 = require("@super-protocol/pki-common");
|
|
12
6
|
const TeeSignatureVerifier_js_1 = require("./TeeSignatureVerifier.js");
|
|
13
7
|
const errors_js_1 = require("./errors.js");
|
|
14
8
|
const index_js_1 = require("../certificates/index.js");
|
|
9
|
+
var ValidateTeeCertChainErrorCode;
|
|
10
|
+
(function (ValidateTeeCertChainErrorCode) {
|
|
11
|
+
ValidateTeeCertChainErrorCode["CERT_CHAIN_IS_INVALID"] = "CERT_CHAIN_IS_INVALID";
|
|
12
|
+
ValidateTeeCertChainErrorCode["NOT_ALLOWED_CHALLENGE"] = "NOT_ALLOWED_CHALLENGE";
|
|
13
|
+
ValidateTeeCertChainErrorCode["CHALLENGE_IS_INVALID"] = "CHALLENGE_IS_INVALID";
|
|
14
|
+
})(ValidateTeeCertChainErrorCode || (exports.ValidateTeeCertChainErrorCode = ValidateTeeCertChainErrorCode = {}));
|
|
15
15
|
class TeeCertificateService {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
return Buffer.from(publicKeyDer, 'binary');
|
|
22
|
-
}
|
|
23
|
-
async parseAndValidateCertificate(certificatePem, sgxApiUrl) {
|
|
24
|
-
const pem = Buffer.isBuffer(certificatePem) ? certificatePem.toString() : certificatePem;
|
|
25
|
-
const certificate = node_forge_1.default.pki.certificateFromPem(pem);
|
|
26
|
-
const extensions = certificate.extensions;
|
|
27
|
-
const quote = extensions.find((ext) => ext.id === this.certOidQuote);
|
|
28
|
-
const quoteBuffer = Buffer.from(quote.value, 'binary');
|
|
29
|
-
const validator = new QuoteValidator_js_1.QuoteValidator(sgxApiUrl);
|
|
30
|
-
await validator.checkQuote(quoteBuffer, this.getCertificatePublicKey(certificate));
|
|
31
|
-
const parser = new QuoteParser_js_1.TeeSgxParser();
|
|
32
|
-
const parsedQuote = parser.parseQuote(quoteBuffer);
|
|
33
|
-
const report = parser.parseReport(parsedQuote.report);
|
|
34
|
-
return {
|
|
35
|
-
userData: Buffer.from(parsedQuote.header.userData),
|
|
36
|
-
mrEnclave: Buffer.from(report.mrEnclave),
|
|
37
|
-
mrSigner: Buffer.from(report.mrSigner),
|
|
38
|
-
dataHash: Buffer.from(report.dataHash),
|
|
39
|
-
};
|
|
16
|
+
static async validateTeeCertChainOrFail(certsPem) {
|
|
17
|
+
const result = await TeeCertificateService.validateTeeCertChain(certsPem);
|
|
18
|
+
if (!result.isValid) {
|
|
19
|
+
throw new Error(result.errorMessage);
|
|
20
|
+
}
|
|
40
21
|
}
|
|
41
|
-
async
|
|
42
|
-
const {
|
|
43
|
-
if (!
|
|
44
|
-
|
|
22
|
+
static async validateTeeCertChain(certsPem) {
|
|
23
|
+
const { isValid, errorMessage } = await index_js_1.CertificatesHelper.validateCertChain(certsPem, constants_js_1.SUPERPROTOCOL_CA);
|
|
24
|
+
if (!isValid) {
|
|
25
|
+
return {
|
|
26
|
+
isValid: false,
|
|
27
|
+
errorCode: ValidateTeeCertChainErrorCode.CERT_CHAIN_IS_INVALID,
|
|
28
|
+
errorMessage: `Cert chain is invalid! (${errorMessage})`,
|
|
29
|
+
};
|
|
45
30
|
}
|
|
46
31
|
const sortedCerts = index_js_1.CertificatesHelper.sortCertsFromLeafToRoot(certsPem);
|
|
47
32
|
const challenges = sortedCerts.map((cert) => index_js_1.CertificatesHelper.getExtensionValue(cert, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_TYPE)?.toString('binary'));
|
|
48
33
|
if (challenges.some((challenge) => !challenge || challenge === pki_common_1.ChallengeType.Untrusted)) {
|
|
49
|
-
|
|
34
|
+
return {
|
|
35
|
+
isValid: false,
|
|
36
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
37
|
+
errorMessage: `Cert chain has cert without or Untrusted challenge`,
|
|
38
|
+
};
|
|
50
39
|
}
|
|
51
40
|
const leafCertChallengeType = challenges[0];
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
41
|
+
try {
|
|
42
|
+
switch (leafCertChallengeType) {
|
|
43
|
+
case pki_common_1.ChallengeType.SGXDCAP:
|
|
44
|
+
TeeCertificateService.validateChallengeSgx(certsPem);
|
|
45
|
+
break;
|
|
46
|
+
case pki_common_1.ChallengeType.TDX:
|
|
47
|
+
case pki_common_1.ChallengeType.AMDSEV:
|
|
48
|
+
await TeeCertificateService.validateChallengeTdxAndSnp(certsPem);
|
|
49
|
+
break;
|
|
50
|
+
default:
|
|
51
|
+
return {
|
|
52
|
+
isValid: false,
|
|
53
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
54
|
+
errorMessage: `Challenge type ${leafCertChallengeType || `[none]`} is missing or not allowed!`,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
catch (err) {
|
|
59
|
+
return {
|
|
60
|
+
isValid: false,
|
|
61
|
+
errorCode: ValidateTeeCertChainErrorCode.CHALLENGE_IS_INVALID,
|
|
62
|
+
errorMessage: `Challenge is not valid! (${err.message})`,
|
|
63
|
+
};
|
|
62
64
|
}
|
|
65
|
+
return { isValid: true };
|
|
63
66
|
}
|
|
64
|
-
validateChallengeSgx(certPem) {
|
|
67
|
+
static validateChallengeSgx(certPem) {
|
|
65
68
|
const mrSignerBinaryString = index_js_1.CertificatesHelper.getExtensionValue(certPem, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
66
69
|
if (!mrSignerBinaryString) {
|
|
67
70
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
@@ -73,7 +76,7 @@ class TeeCertificateService {
|
|
|
73
76
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
74
77
|
}
|
|
75
78
|
}
|
|
76
|
-
async validateChallengeTdxAndSnp(certPem) {
|
|
79
|
+
static async validateChallengeTdxAndSnp(certPem) {
|
|
77
80
|
const mrEnclaveBinaryString = index_js_1.CertificatesHelper.getExtensionValue(certPem, pki_common_1.OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
78
81
|
if (!mrEnclaveBinaryString) {
|
|
79
82
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
@@ -91,4 +94,4 @@ class TeeCertificateService {
|
|
|
91
94
|
}
|
|
92
95
|
}
|
|
93
96
|
exports.TeeCertificateService = TeeCertificateService;
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
97
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsa0RBQW1EO0FBQ25ELDJEQUtvQztBQUNwQyx1RUFBaUU7QUFDakUsMkNBQW9EO0FBQ3BELHVEQUE4RDtBQUU5RCxJQUFZLDZCQUlYO0FBSkQsV0FBWSw2QkFBNkI7SUFDdkMsZ0ZBQStDLENBQUE7SUFDL0MsZ0ZBQStDLENBQUE7SUFDL0MsOEVBQTZDLENBQUE7QUFDL0MsQ0FBQyxFQUpXLDZCQUE2Qiw2Q0FBN0IsNkJBQTZCLFFBSXhDO0FBT0QsTUFBYSxxQkFBcUI7SUFDaEMsTUFBTSxDQUFDLEtBQUssQ0FBQywwQkFBMEIsQ0FBQyxRQUFnQjtRQUN0RCxNQUFNLE1BQU0sR0FBRyxNQUFNLHFCQUFxQixDQUFDLG9CQUFvQixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQzFFLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDcEIsTUFBTSxJQUFJLEtBQUssQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDdkMsQ0FBQztJQUNILENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLG9CQUFvQixDQUFDLFFBQWdCO1FBQ2hELE1BQU0sRUFBRSxPQUFPLEVBQUUsWUFBWSxFQUFFLEdBQUcsTUFBTSw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDMUUsUUFBUSxFQUNSLCtCQUFnQixDQUNqQixDQUFDO1FBRUYsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO2dCQUM5RCxZQUFZLEVBQUUsMkJBQTJCLFlBQVksR0FBRzthQUN6RCxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFHLDZCQUFrQixDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBRXpFLE1BQU0sVUFBVSxHQUFHLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUMxQyw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsZ0RBQW1DLENBQUMsRUFBRSxRQUFRLENBQ3ZGLFFBQVEsQ0FDVCxDQUNGLENBQUM7UUFDRixJQUFJLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxTQUFTLEVBQUUsRUFBRSxDQUFDLENBQUMsU0FBUyxJQUFJLFNBQVMsS0FBSywwQkFBYSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7WUFDeEYsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO2dCQUM5RCxZQUFZLEVBQUUsb0RBQW9EO2FBQ25FLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxxQkFBcUIsR0FBRyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFFNUMsSUFBSSxDQUFDO1lBQ0gsUUFBUSxxQkFBcUIsRUFBRSxDQUFDO2dCQUM5QixLQUFLLDBCQUFhLENBQUMsT0FBTztvQkFDeEIscUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3JELE1BQU07Z0JBQ1IsS0FBSywwQkFBYSxDQUFDLEdBQUcsQ0FBQztnQkFDdkIsS0FBSywwQkFBYSxDQUFDLE1BQU07b0JBQ3ZCLE1BQU0scUJBQXFCLENBQUMsMEJBQTBCLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ2pFLE1BQU07Z0JBRVI7b0JBQ0UsT0FBTzt3QkFDTCxPQUFPLEVBQUUsS0FBSzt3QkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMscUJBQXFCO3dCQUM5RCxZQUFZLEVBQUUsa0JBQWtCLHFCQUFxQixJQUFJLFFBQVEsNkJBQTZCO3FCQUMvRixDQUFDO1lBQ04sQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxTQUFTLEVBQUUsNkJBQTZCLENBQUMsb0JBQW9CO2dCQUM3RCxZQUFZLEVBQUUsNEJBQTZCLEdBQWEsQ0FBQyxPQUFPLEdBQUc7YUFDcEUsQ0FBQztRQUNKLENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxDQUFDO0lBQzNCLENBQUM7SUFFTyxNQUFNLENBQUMsb0JBQW9CLENBQUMsT0FBZTtRQUNqRCxNQUFNLG9CQUFvQixHQUFHLDZCQUFrQixDQUFDLGlCQUFpQixDQUMvRCxPQUFPLEVBQ1AscURBQXdDLENBQ3pDLENBQUM7UUFDRixJQUFJLENBQUMsb0JBQW9CLEVBQUUsQ0FBQztZQUMxQixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztRQUVELElBQUksQ0FBQztZQUNILDhDQUFvQixDQUFDLG9CQUFvQixDQUFDLG9CQUFvQixDQUFDLENBQUM7UUFDbEUsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLElBQUksS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7UUFDdkQsQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsS0FBSyxDQUFDLDBCQUEwQixDQUFDLE9BQWU7UUFDN0QsTUFBTSxxQkFBcUIsR0FBRyw2QkFBa0IsQ0FBQyxpQkFBaUIsQ0FDaEUsT0FBTyxFQUNQLDhDQUFpQyxDQUNsQyxDQUFDO1FBQ0YsSUFBSSxDQUFDLHFCQUFxQixFQUFFLENBQUM7WUFDM0IsTUFBTSxJQUFJLEtBQUssQ0FBQyx5Q0FBeUMsQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxNQUFNLDhDQUFvQixDQUFDLDBCQUEwQixDQUFDLHFCQUFxQixDQUFDLENBQUM7UUFDL0UsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLE9BQU8sR0FBRywyQkFBMkIsQ0FBQztZQUM1QyxJQUFJLEdBQUcsWUFBWSxpQ0FBcUIsRUFBRSxDQUFDO2dCQUN6QyxNQUFNLElBQUksS0FBSyxDQUFDLEdBQUcsT0FBTyxJQUFJLEdBQUcsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQy9DLENBQUM7WUFDRCxNQUFNLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzNCLENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUF0R0Qsc0RBc0dDIn0=
|
|
@@ -129,36 +129,25 @@ class TxManager {
|
|
|
129
129
|
maxPriorityFeePerGas,
|
|
130
130
|
maxFeePerGas,
|
|
131
131
|
};
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
catch (e) {
|
|
138
|
-
TxManager.logger.debug({ error: e }, 'Fail to calculate estimated gas');
|
|
139
|
-
estimatedGas = constants_js_1.defaultGasLimit;
|
|
140
|
-
}
|
|
132
|
+
if (transactionOptions.gas) {
|
|
133
|
+
TxManager.logger.warn({
|
|
134
|
+
specifiedGas: transactionOptions.gas,
|
|
135
|
+
}, 'Gas overriding');
|
|
136
|
+
txData.gas = transactionOptions.gas;
|
|
141
137
|
}
|
|
142
138
|
else {
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
139
|
+
let estimatedGas;
|
|
140
|
+
const txDataForEstimate = {
|
|
141
|
+
...txData,
|
|
142
|
+
gas: undefined,
|
|
143
|
+
};
|
|
144
|
+
if (transactionCall) {
|
|
145
|
+
estimatedGas = await transactionCall.estimateGas(txDataForEstimate);
|
|
149
146
|
}
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
// defaultGasLimit is max gas limit
|
|
153
|
-
txData.gas = txData.gas < constants_js_1.defaultGasLimit ? txData.gas : constants_js_1.defaultGasLimit;
|
|
154
|
-
if (transactionOptions.gas) {
|
|
155
|
-
if (transactionOptions.gas < estimatedGas) {
|
|
156
|
-
TxManager.logger.warn({
|
|
157
|
-
estimated: estimatedGas,
|
|
158
|
-
specified: transactionOptions.gas,
|
|
159
|
-
}, 'Overriding gas is lower than estimated');
|
|
147
|
+
else {
|
|
148
|
+
estimatedGas = await store_js_1.default.web3Https.eth.estimateGas(txDataForEstimate);
|
|
160
149
|
}
|
|
161
|
-
txData.gas =
|
|
150
|
+
txData.gas = (0, helper_js_1.multiplyBigIntByNumber)(estimatedGas, store_js_1.default.gasLimitMultiplier);
|
|
162
151
|
}
|
|
163
152
|
let nonceTracker;
|
|
164
153
|
// TODO: Consider a better way to organize different strategies for publishing transactions.
|
|
@@ -211,4 +200,4 @@ class TxManager {
|
|
|
211
200
|
}
|
|
212
201
|
}
|
|
213
202
|
exports.default = TxManager;
|
|
214
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
203
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVHhNYW5hZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3V0aWxzL1R4TWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFDQSx3RUFBNkM7QUFDN0MsNkRBQXNDO0FBQ3RDLDJEQUFnQztBQVFoQywyQ0FLcUI7QUFDckIsOEVBQW1EO0FBQ25ELGtEQUFpRztBQUNqRyxvREFBNEI7QUFFNUIsNERBQW9DO0FBRXBDLHFFQUErRDtBQVEvRCxNQUFNLG9CQUFxQixTQUFRLEtBQUs7SUFDdEIsYUFBYSxDQUFVO0lBQ3ZDLFlBQVksYUFBc0IsRUFBRSxPQUFlO1FBQ2pELEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNmLElBQUksQ0FBQyxJQUFJLEdBQUcsc0JBQXNCLENBQUM7UUFDbkMsSUFBSSxDQUFDLGFBQWEsR0FBRyxhQUFhLENBQUM7SUFDckMsQ0FBQztDQUNGO0FBRUQsTUFBYSxpQ0FBa0MsU0FBUSxvQkFBb0I7SUFDekUsWUFBWSxhQUFzQixFQUFFLE9BQWU7UUFDakQsS0FBSyxDQUFDLGFBQWEsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5QixJQUFJLENBQUMsSUFBSSxHQUFHLG1DQUFtQyxDQUFDO0lBQ2xELENBQUM7Q0FDRjtBQUxELDhFQUtDO0FBSUQsTUFBTSxTQUFTO0lBQ0wsTUFBTSxDQUFDLElBQUksQ0FBTztJQUNsQixNQUFNLENBQUMseUJBQXlCLENBQVU7SUFDMUMsTUFBTSxDQUFDLE1BQU0sR0FBRyxtQkFBVSxDQUFDLEtBQUssQ0FBQyxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQzdELE1BQU0sQ0FBQyxhQUFhLEdBQXdDLEVBQUUsQ0FBQztJQUMvRCxNQUFNLENBQUMsTUFBTSxHQUFzQyxFQUFFLENBQUM7SUFDdkQsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFVLEVBQUUsNEJBQXFDLEtBQUs7UUFDdkUsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7UUFDakIsSUFBSSxDQUFDLHlCQUF5QixHQUFHLHlCQUF5QixDQUFDO0lBQzdELENBQUM7SUFFTyxNQUFNLENBQUMsa0JBQWtCO1FBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZixNQUFNLEtBQUssQ0FBQywrQ0FBK0MsQ0FBQyxDQUFDO1FBQy9ELENBQUM7SUFDSCxDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBZTtRQUM3QyxJQUFJLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDO1lBQUUsT0FBTztRQUN4QyxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxHQUFHLElBQUkseUJBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25FLE1BQU0sSUFBSSxDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQztJQUNsRCxDQUFDO0lBRU0sTUFBTSxDQUFDLE9BQU8sQ0FDbkIsV0FBbUMsRUFDbkMsa0JBQXVDLEVBQ3ZDLEtBQWEscUJBQVEsQ0FBQyxPQUFPO1FBRTdCLE1BQU0sTUFBTSxHQUEyQjtZQUNyQyxFQUFFO1lBQ0YsSUFBSSxFQUFFLFdBQVcsQ0FBQyxTQUFTLEVBQUU7U0FDOUIsQ0FBQztRQUVGLE9BQU8sU0FBUyxDQUFDLGtCQUFrQixDQUFDLE1BQU0sRUFBRSxrQkFBa0IsRUFBRSxXQUFXLENBQUMsQ0FBQztJQUMvRSxDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsQ0FDcEMsTUFBOEIsRUFDOUIsa0JBQXVDLEVBQ3ZDLGVBQXdDO1FBRXhDLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1FBQzFCLElBQUEsMkNBQStCLEVBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUVwRCxNQUFNLFNBQVMsR0FBRyxNQUFNLElBQUEsb0NBQXdCLEVBQUMsSUFBSSxDQUFDLHlCQUF5QixFQUFFO1lBQy9FLEdBQUcsa0JBQWtCO1NBQ3RCLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDcEIsTUFBTSxLQUFLLENBQ1QsNkZBQTZGLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBOEI7WUFDbEQsR0FBSSxTQUF3QztZQUM1QyxJQUFJLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxJQUFJLElBQUksQ0FBQyxJQUFJO1lBQzNDLG9CQUFvQixFQUFFLElBQUEsMENBQThCLEVBQUMsa0JBQWtCLENBQUM7U0FDekUsQ0FBQztRQUVGLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDeEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxJQUFJLG9CQUFVLENBQUM7Z0JBQ2xELGFBQWEsRUFBRSxrQkFBSyxDQUFDLGFBQWE7Z0JBQ2xDLE9BQU8sRUFBRSxrQkFBSyxDQUFDLFlBQVk7YUFDNUIsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUVELElBQUkscUJBQXFCLENBQUM7UUFDMUIsSUFBSSxJQUFJLENBQUMseUJBQXlCLEVBQUUsQ0FBQztZQUNuQyxxQkFBcUIsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLEVBQUUsQ0FDdkUsU0FBUyxDQUFDLDJCQUEyQixDQUFDLE1BQU0sRUFBRSxnQkFBZ0IsQ0FBQyxDQUNoRSxDQUFDO1FBQ0osQ0FBQzthQUFNLENBQUM7WUFDTixxQkFBcUIsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDLFFBQVEsQ0FBQyxHQUFHLEVBQUUsQ0FDdkUsU0FBUyxDQUFDLG1CQUFtQixDQUFDLE1BQU0sRUFBRSxnQkFBZ0IsRUFBRSxlQUFlLENBQUMsQ0FDekUsQ0FBQztRQUNKLENBQUM7UUFDRCxPQUFPLHFCQUFxQixDQUFDO0lBQy9CLENBQUM7SUFFTyxNQUFNLENBQUMsS0FBSyxDQUFDLDJCQUEyQixDQUM5QyxNQUE4QixFQUM5QixrQkFBNkM7UUFFN0MsTUFBTSxFQUFFLElBQUksRUFBRSxJQUFJLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQztRQUUxQyxNQUFNLG1CQUFtQixHQUFHO1lBQzFCLElBQUksRUFBRSxJQUFJO1lBQ1YsRUFBRSxFQUFFLE1BQU0sQ0FBQyxFQUFFO1lBQ2IsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJO1lBQ2pCLEtBQUssRUFBRSxNQUFNLENBQUMsS0FBSztTQUNwQixDQUFDO1FBQ0YsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO1lBQ0UsTUFBTSxFQUFFLGdCQUFNLENBQUMsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUMsTUFBTSxDQUFDLENBQUM7U0FDbkQsRUFDRCxpQ0FBaUMsQ0FDbEMsQ0FBQztRQUNGLE1BQU0sTUFBTSxHQUFHLENBQUMsTUFBTSxJQUFLLENBQUMsUUFBUyxDQUFDLE9BQU8sQ0FBQztZQUM1QyxNQUFNLEVBQUUscUJBQXFCO1lBQzdCLE1BQU0sRUFBRSxDQUFDLG1CQUFtQixDQUFDO1NBQzlCLENBQUMsQ0FBa0IsQ0FBQztRQUVyQixNQUFNLHFCQUFxQixHQUFHLE1BQU0sSUFBQSxvQ0FBZSxFQUFDO1lBQ2xELE9BQU8sRUFBRSxLQUFLLElBQUksRUFBRSxDQUFDLE1BQU0sSUFBSyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUM7WUFDbEUsV0FBVyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUU7Z0JBQ3RCLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3pDLENBQUM7WUFDRCxhQUFhLEVBQUUsNkNBQThCO1lBQzdDLFFBQVEsRUFBRSw2Q0FBOEI7U0FDekMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxxQkFBcUIsQ0FBQztJQUMvQixDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQ3hCLFdBQW1DLEVBQ25DLGtCQUF1QztRQUV2QyxNQUFNLElBQUksR0FBRyxrQkFBa0IsRUFBRSxJQUFJLElBQUksa0JBQUssQ0FBQyxhQUFhLENBQUM7UUFFN0QsSUFBSSxDQUFDO1lBQ0gsT0FBTyxNQUFNLFdBQVcsQ0FBQyxJQUFJLENBQUMsRUFBRSxJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQzFDLENBQUM7UUFBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQ1YsQ0FBaUIsQ0FBQyxVQUFVLEdBQUksQ0FBYyxDQUFDLElBQUksQ0FBQyxPQUFPLElBQUkseUJBQXlCLENBQUM7WUFDMUYsTUFBTSxDQUFDLENBQUM7UUFDVixDQUFDO0lBQ0gsQ0FBQztJQUVPLE1BQU0sQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQ3RDLE1BQThCLEVBQzlCLGtCQUE2QyxFQUM3QyxlQUF3QztRQUV4QyxNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsRUFBRSxvQkFBb0IsRUFBRSxZQUFZLEVBQUUsSUFBSSxFQUFFLEdBQUcsa0JBQWtCLENBQUM7UUFFbkYsTUFBTSxHQUFHO1lBQ1AsR0FBRyxNQUFNO1lBQ1QsSUFBSTtZQUNKLEdBQUc7WUFDSCxvQkFBb0I7WUFDcEIsWUFBWTtTQUNiLENBQUM7UUFFRixJQUFJLGtCQUFrQixDQUFDLEdBQUcsRUFBRSxDQUFDO1lBQzNCLFNBQVMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNuQjtnQkFDRSxZQUFZLEVBQUUsa0JBQWtCLENBQUMsR0FBRzthQUNyQyxFQUNELGdCQUFnQixDQUNqQixDQUFDO1lBQ0YsTUFBTSxDQUFDLEdBQUcsR0FBRyxrQkFBa0IsQ0FBQyxHQUFHLENBQUM7UUFDdEMsQ0FBQzthQUFNLENBQUM7WUFDTixJQUFJLFlBQVksQ0FBQztZQUNqQixNQUFNLGlCQUFpQixHQUFHO2dCQUN4QixHQUFHLE1BQU07Z0JBQ1QsR0FBRyxFQUFFLFNBQVM7YUFDZixDQUFDO1lBQ0YsSUFBSSxlQUFlLEVBQUUsQ0FBQztnQkFDcEIsWUFBWSxHQUFHLE1BQU0sZUFBZSxDQUFDLFdBQVcsQ0FBQyxpQkFBd0MsQ0FBQyxDQUFDO1lBQzdGLENBQUM7aUJBQU0sQ0FBQztnQkFDTixZQUFZLEdBQUcsTUFBTSxrQkFBSyxDQUFDLFNBQVUsQ0FBQyxHQUFHLENBQUMsV0FBVyxDQUFDLGlCQUFpQixDQUFDLENBQUM7WUFDM0UsQ0FBQztZQUNELE1BQU0sQ0FBQyxHQUFHLEdBQUcsSUFBQSxrQ0FBc0IsRUFBQyxZQUFZLEVBQUUsa0JBQUssQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBQzlFLENBQUM7UUFFRCxJQUFJLFlBQVksQ0FBQztRQUNqQiw0RkFBNEY7UUFDNUYsSUFBSSxDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixJQUFJLElBQUksQ0FBQyxhQUFhLENBQUMsa0JBQWtCLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUM1RixZQUFZLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxrQkFBa0IsQ0FBQyxJQUFLLENBQUMsQ0FBQztZQUM1RCxNQUFNLFlBQVksQ0FBQyw0QkFBNEIsRUFBRSxDQUFDO1lBQ2xELE1BQU0sQ0FBQyxLQUFLLEdBQUcsWUFBWSxDQUFDLFlBQVksRUFBRSxDQUFDO1FBQzdDLENBQUM7UUFDRCxNQUFNLFVBQVUsR0FBRyxrQkFBSyxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxJQUFLLENBQUMsQ0FBQztRQUN4RCxJQUFJLENBQUM7WUFDSCxJQUFJLHFCQUFxQixDQUFDO1lBQzFCLElBQUksVUFBVSxFQUFFLENBQUM7Z0JBQ2YsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxDQUFDO2dCQUM1RSxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixDQUFDLENBQUM7Z0JBQ2hELENBQUM7Z0JBRUQsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO29CQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsZUFBZTtvQkFDOUIsTUFBTSxFQUFFLGdCQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDO2lCQUN0QyxFQUNELCtCQUErQixDQUNoQyxDQUFDO2dCQUVGLHFCQUFxQixHQUFHLE1BQU0sSUFBSyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUM7Z0JBRXJGLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUNwQjtvQkFDRSxNQUFNLEVBQUUsTUFBTSxDQUFDLGVBQWU7b0JBQzlCLGFBQWEsRUFBRSxxQkFBcUIsQ0FBQyxXQUFXO29CQUNoRCxTQUFTLEVBQUUscUJBQXFCLENBQUMsT0FBTztpQkFDekMsRUFDRCxvQkFBb0IsQ0FDckIsQ0FBQztZQUNKLENBQUM7aUJBQU0sQ0FBQztnQkFDTixTQUFTLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDcEI7b0JBQ0UsTUFBTSxFQUFFLGdCQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDO2lCQUN0QyxFQUNELGlDQUFpQyxDQUNsQyxDQUFDO2dCQUVGLHFCQUFxQixHQUFHLE1BQU0sSUFBSyxDQUFDLEdBQUcsQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDbEUsQ0FBQztZQUVELElBQUksWUFBWTtnQkFBRSxZQUFZLENBQUMsc0JBQXNCLENBQUMsTUFBTSxDQUFDLEtBQU0sQ0FBQyxDQUFDO1lBRXJFLE9BQU8scUJBQXFCLENBQUM7UUFDL0IsQ0FBQztRQUFDLE9BQU8sQ0FBVSxFQUFFLENBQUM7WUFDcEIsTUFBTSxPQUFPLEdBQUcsb0NBQW9DLENBQUM7WUFDckQsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1lBQ25DLElBQUksWUFBWTtnQkFBRSxNQUFNLFlBQVksQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQzFELElBQUssQ0FBcUIsQ0FBQyxPQUFPLEVBQUUsUUFBUSxDQUFDLDBDQUEwQyxDQUFDLEVBQUUsQ0FBQztnQkFDekYsTUFBTSxJQUFJLGlDQUFpQyxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUMxRCxDQUFDO2lCQUFNLENBQUM7Z0JBQ04sTUFBTSxJQUFJLG9CQUFvQixDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUM3QyxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7O0FBR0gsa0JBQWUsU0FBUyxDQUFDIn0=
|
|
@@ -110,7 +110,7 @@ export class CertificatesHelper {
|
|
|
110
110
|
const verifyResult = await chainEngine.verify();
|
|
111
111
|
if (!verifyResult.result) {
|
|
112
112
|
return {
|
|
113
|
-
|
|
113
|
+
isValid: false,
|
|
114
114
|
errorMessage: verifyResult.resultMessage,
|
|
115
115
|
};
|
|
116
116
|
}
|
|
@@ -128,12 +128,12 @@ export class CertificatesHelper {
|
|
|
128
128
|
throw new Error('Some of certificates do not belong to chain');
|
|
129
129
|
}
|
|
130
130
|
return {
|
|
131
|
-
|
|
131
|
+
isValid: true,
|
|
132
132
|
};
|
|
133
133
|
}
|
|
134
134
|
catch (err) {
|
|
135
135
|
return {
|
|
136
|
-
|
|
136
|
+
isValid: false,
|
|
137
137
|
errorMessage: err.message,
|
|
138
138
|
};
|
|
139
139
|
}
|
package/dist/mjs/index.js
CHANGED
|
@@ -88,4 +88,4 @@ export * from './errors/index.js';
|
|
|
88
88
|
export * from './utils/schema-utils/index.js';
|
|
89
89
|
export * as ResourceLoaderUtils from './utils/resourceLoaders/index.js';
|
|
90
90
|
export { TeeSignatureVerifier } from './tee/TeeSignatureVerifier.js';
|
|
91
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
91
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLE9BQU8sSUFBSSxtQkFBbUIsRUFBRSxNQUFNLHFDQUFxQyxDQUFDO0FBRXJGLGNBQWMscUNBQXFDLENBQUM7QUFJcEQsT0FBTyxFQUFFLE9BQU8sSUFBSSx3QkFBd0IsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBRS9GLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDdEQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxjQUFjLHlCQUF5QixDQUFDO0FBRXhDLE9BQU8sRUFBRSxPQUFPLElBQUksWUFBWSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDNUQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLFdBQVcsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQzFELGNBQWMsbUJBQW1CLENBQUM7QUFFbEMsT0FBTyxFQUFFLE9BQU8sSUFBSSxTQUFTLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUNuRSxjQUFjLDZCQUE2QixDQUFDO0FBRTVDLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDN0QsY0FBYywwQkFBMEIsQ0FBQztBQUV6QyxPQUFPLEVBQUUsT0FBTyxJQUFJLFlBQVksRUFBRSxNQUFNLGdDQUFnQyxDQUFDO0FBQ3pFLGNBQWMsZ0NBQWdDLENBQUM7QUFFL0MsT0FBTyxFQUFFLE9BQU8sSUFBSSxZQUFZLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN6RSxjQUFjLGdDQUFnQyxDQUFDO0FBRS9DLE9BQU8sRUFBRSxPQUFPLElBQUksTUFBTSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDN0QsY0FBYywwQkFBMEIsQ0FBQztBQUV6QyxPQUFPLEVBQUUsT0FBTyxJQUFJLFNBQVMsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ25FLGNBQWMsNkJBQTZCLENBQUM7QUFFNUMsT0FBTyxFQUFFLE9BQU8sSUFBSSxnQkFBZ0IsRUFBRSxNQUFNLG9DQUFvQyxDQUFDO0FBQ2pGLGNBQWMsb0NBQW9DLENBQUM7QUFFbkQsT0FBTyxFQUFFLE9BQU8sSUFBSSxhQUFhLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUMzRSxjQUFjLGlDQUFpQyxDQUFDO0FBRWhELE9BQU8sRUFBRSxPQUFPLElBQUksUUFBUSxFQUFFLE1BQU0sNEJBQTRCLENBQUM7QUFDakUsY0FBYyw0QkFBNEIsQ0FBQztBQUUzQyxPQUFPLEVBQUUsT0FBTyxJQUFJLEtBQUssRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELGNBQWMseUJBQXlCLENBQUM7QUFFeEMsT0FBTyxFQUFFLE9BQU8sSUFBSSxRQUFRLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUNqRSxjQUFjLDRCQUE0QixDQUFDO0FBRTNDLE9BQU8sRUFBRSxPQUFPLElBQUksY0FBYyxFQUFFLE1BQU0sa0NBQWtDLENBQUM7QUFDN0UsY0FBYyxrQ0FBa0MsQ0FBQztBQUVqRCxPQUFPLEVBQUUsT0FBTyxJQUFJLHVCQUF1QixFQUFFLE1BQU0sMkNBQTJDLENBQUM7QUFDL0YsY0FBYywyQ0FBMkMsQ0FBQztBQUUxRCxPQUFPLEVBQUUsT0FBTyxJQUFJLGNBQWMsRUFBRSxNQUFNLGtDQUFrQyxDQUFDO0FBQzdFLGNBQWMsa0NBQWtDLENBQUM7QUFFakQsT0FBTyxFQUFFLE9BQU8sSUFBSSxzQkFBc0IsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBQzdGLGNBQWMsMENBQTBDLENBQUM7QUFFekQsT0FBTyxFQUFFLE9BQU8sSUFBSSxxQkFBcUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBQzNGLGNBQWMseUNBQXlDLENBQUM7QUFFeEQsT0FBTyxFQUFFLE9BQU8sSUFBSSxjQUFjLEVBQUUsTUFBTSxrQ0FBa0MsQ0FBQztBQUM3RSxjQUFjLGtDQUFrQyxDQUFDO0FBRWpELE9BQU8sRUFBRSxPQUFPLElBQUksS0FBSyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDckQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLFFBQVEsRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBQzNELGNBQWMsc0JBQXNCLENBQUM7QUFFckMsT0FBTyxFQUFFLE9BQU8sSUFBSSxRQUFRLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUMzRCxjQUFjLHNCQUFzQixDQUFDO0FBRXJDLE9BQU8sRUFBRSxPQUFPLElBQUksS0FBSyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDckQsY0FBYyxtQkFBbUIsQ0FBQztBQUVsQyxPQUFPLEVBQUUsT0FBTyxJQUFJLEdBQUcsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ2pELGNBQWMsaUJBQWlCLENBQUM7QUFFaEMsY0FBYyxrQkFBa0IsQ0FBQztBQUVqQyxPQUFPLEtBQUssc0JBQXNCLE1BQU0sZ0RBQWdELENBQUM7QUFDekYsT0FBTyxFQUFFLE9BQU8sSUFBSSxZQUFZLEVBQWUsTUFBTSxxQ0FBcUMsQ0FBQztBQUMzRixPQUFPLEVBQ0wsT0FBTyxJQUFJLHFCQUFxQixHQUVqQyxNQUFNLDhDQUE4QyxDQUFDO0FBQ3RELE9BQU8sRUFBRSxPQUFPLElBQUksc0JBQXNCLEVBQUUsTUFBTSwrQ0FBK0MsQ0FBQztBQUVsRyxPQUFPLEVBQ0wsT0FBTyxJQUFJLGNBQWMsRUFDekIsV0FBVyxHQUVaLE1BQU0sdUNBQXVDLENBQUM7QUFDL0MsT0FBTyxFQUNMLE9BQU8sSUFBSSxvQkFBb0IsRUFFL0IsaUJBQWlCLEdBQ2xCLE1BQU0sNkNBQTZDLENBQUM7QUFLckQsT0FBTyxFQUFFLE9BQU8sSUFBSSxrQkFBa0IsRUFBRSxNQUFNLDJDQUEyQyxDQUFDO0FBRTFGLE9BQU8sRUFBRSx1QkFBdUIsRUFBRSxNQUFNLGdEQUFnRCxDQUFDO0FBQ3pGLE9BQU8sRUFDTCxzQkFBc0IsRUFDdEIsdUJBQXVCLEdBQ3hCLE1BQU0sZ0RBQWdELENBQUM7QUFFeEQsY0FBYyxrQ0FBa0MsQ0FBQztBQUNqRCxPQUFPLEtBQUssT0FBTyxNQUFNLDBCQUEwQixDQUFDO0FBQ3BELE9BQU8sS0FBSyxTQUFTLE1BQU0sZ0JBQWdCLENBQUM7QUFFNUMsT0FBTyxFQUFFLGlDQUFpQyxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFFekUsT0FBTyxnQkFBZ0IsQ0FBQztBQUV4QixjQUFjLGlCQUFpQixDQUFDO0FBQ2hDLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUMzQyxPQUFPLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxTQUFTLEVBQUUsTUFBTSxzQkFBc0IsQ0FBQztBQUM3RSxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0seUJBQXlCLENBQUM7QUFDekQsY0FBYyxtQkFBbUIsQ0FBQztBQUNsQyxPQUFPLEVBQUUsZ0JBQWdCLEVBQUUsTUFBTSwyQkFBMkIsQ0FBQztBQUM3RCxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUN2RSxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUVqRSxjQUFjLHNCQUFzQixDQUFDO0FBQ3JDLE9BQU8sRUFBRSxPQUFPLElBQUksU0FBUyxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDaEUsT0FBTyxFQUFFLE9BQU8sSUFBSSxpQkFBaUIsRUFBRSxNQUFNLGlEQUFpRCxDQUFDO0FBQy9GLE9BQU8sRUFBRSxPQUFPLElBQUksb0JBQW9CLEVBQUUsTUFBTSxvREFBb0QsQ0FBQztBQUNyRyxPQUFPLEVBQUUsT0FBTyxJQUFJLGNBQWMsRUFBRSxNQUFNLDBDQUEwQyxDQUFDO0FBQ3JGLE9BQU8sRUFBRSxPQUFPLElBQUksY0FBYyxFQUFFLE1BQU0sMENBQTBDLENBQUM7QUFDckYsY0FBYyx3QkFBd0IsQ0FBQztBQUN2QyxjQUFjLHdCQUF3QixDQUFDO0FBQ3ZDLGNBQWMseUJBQXlCLENBQUM7QUFDeEMsY0FBYyxtQkFBbUIsQ0FBQztBQUNsQyxjQUFjLCtCQUErQixDQUFDO0FBQzlDLE9BQU8sS0FBSyxtQkFBbUIsTUFBTSxrQ0FBa0MsQ0FBQztBQUN4RSxPQUFPLEVBQUUsb0JBQW9CLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQyJ9
|
|
@@ -59,8 +59,7 @@ export class OrderReportService {
|
|
|
59
59
|
};
|
|
60
60
|
}
|
|
61
61
|
static async validateOrderReport(orderReport) {
|
|
62
|
-
|
|
63
|
-
await teeCertificateService.validateTeeReportCertChain(orderReport.certificate);
|
|
62
|
+
await TeeCertificateService.validateTeeCertChainOrFail(orderReport.certificate);
|
|
64
63
|
const workloadInfoHashFromCert = CertificatesHelper.getExtensionValue(orderReport.certificate, OID_CUSTOM_EXTENSION_ORDER_REPORT_WORKLOAD_INFO_HASH);
|
|
65
64
|
if (!workloadInfoHashFromCert) {
|
|
66
65
|
throw new Error(`WorkloadInfoHash is missing in certificate!`);
|
|
@@ -91,4 +90,4 @@ export class OrderReportService {
|
|
|
91
90
|
};
|
|
92
91
|
}
|
|
93
92
|
}
|
|
94
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
93
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiT3JkZXJSZXBvcnRTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9PcmRlclJlcG9ydFNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFNBQVMsRUFBRSxNQUFNLE1BQU0sQ0FBQztBQUNqQyxPQUFPLElBQUksTUFBTSxNQUFNLENBQUM7QUFDeEIsT0FBTyxFQUNMLFFBQVEsR0FNVCxNQUFNLHdCQUF3QixDQUFDO0FBR2hDLE9BQU8sRUFBRSxnQkFBZ0IsRUFBRSxNQUFNLHlCQUF5QixDQUFDO0FBQzNELE9BQU8sRUFBRSxvREFBb0QsRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3ZGLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLHlDQUF5QyxDQUFDO0FBQzlFLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQy9ELE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBRW5FLE1BQU0sV0FBVyxHQUFHLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDekMsTUFBTSxZQUFZLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztBQUUzQyxNQUFNLE9BQU8sa0JBQWtCO0lBQzdCLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLFdBQXdCO1FBQzFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQyxrQkFBa0IsQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDakYsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXpELE1BQU0sZ0JBQWdCLEdBQXFCO1lBQ3pDLFlBQVksRUFBRSxRQUFRO1lBQ3RCLFlBQVksRUFBRTtnQkFDWixXQUFXLEVBQUUsV0FBVyxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDO29CQUM3RCxJQUFJLEVBQUUsRUFBRSxDQUFDLElBQUk7b0JBQ2IsSUFBSSxFQUFFLEVBQUUsQ0FBQyxJQUFJO29CQUNiLElBQUksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUM7b0JBQ2hDLGdCQUFnQixFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDLGdCQUFnQixDQUFDO29CQUN4RCxRQUFRLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUMsUUFBUSxDQUFDO2lCQUN6QyxDQUFDLENBQUM7Z0JBQ0gsT0FBTyxFQUFFLFdBQVcsQ0FBQyxZQUFZLENBQUMsT0FBTzthQUMxQztTQUNGLENBQUM7UUFFRixNQUFNLE9BQU8sR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuRSxNQUFNLFVBQVUsR0FBRyxNQUFNLFdBQVcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUU1RCxPQUFPLFVBQVUsQ0FBQztJQUNwQixDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQUMsa0JBQTBCO1FBQzVDLE1BQU0sWUFBWSxHQUFHLE1BQU0sWUFBWSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDNUQsTUFBTSxnQkFBZ0IsR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7UUFFL0QsTUFBTSxRQUFRLEdBQUcsa0JBQWtCLENBQUMsYUFBYSxDQUFDLGdCQUFnQixDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRWpGLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNuQyxNQUFNLElBQUksS0FBSyxDQUFDLDBDQUEwQyxDQUFDLENBQUM7UUFDOUQsQ0FBQztRQUVELE1BQU0sV0FBVyxHQUFrQixnQkFBZ0IsQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFO1lBQzNGLE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFlO2dCQUM3QixJQUFJLEVBQUUsT0FBTyxDQUFDLElBQUk7Z0JBQ2xCLElBQUksRUFBRSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBRTthQUMzQyxDQUFDO1lBQ0YsSUFBSSxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDN0IsTUFBTSxDQUFDLGdCQUFnQixHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztZQUM1RSxDQUFDO1lBQ0QsSUFBSSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQ3JCLE1BQU0sQ0FBQyxRQUFRLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUM1RCxDQUFDO1lBQ0QsT0FBTyxNQUFNLENBQUM7UUFDaEIsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPO1lBQ0wsV0FBVyxFQUFFLFFBQVE7WUFDckIsWUFBWSxFQUFFO2dCQUNaLFdBQVc7Z0JBQ1gsT0FBTyxFQUFFLGdCQUFnQixDQUFDLFlBQWEsQ0FBQyxPQUFPO2FBQ2hEO1NBQ0YsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLG1CQUFtQixDQUFDLFdBQXdCO1FBQ3ZELE1BQU0scUJBQXFCLENBQUMsMEJBQTBCLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRWhGLE1BQU0sd0JBQXdCLEdBQUcsa0JBQWtCLENBQUMsaUJBQWlCLENBQ25FLFdBQVcsQ0FBQyxXQUFXLEVBQ3ZCLG9EQUFvRCxDQUNyRCxDQUFDO1FBQ0YsSUFBSSxDQUFDLHdCQUF3QixFQUFFLENBQUM7WUFDOUIsTUFBTSxJQUFJLEtBQUssQ0FBQyw2Q0FBNkMsQ0FBQyxDQUFDO1FBQ2pFLENBQUM7UUFDRCxNQUFNLGdCQUFnQixHQUFHLE1BQU0sbUJBQW1CLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBRTdFLE1BQU0sV0FBVyxHQUNmLE1BQU0sQ0FBQyxPQUFPLENBQ1osd0JBQXdCLEVBQ3hCLE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxDQUM5RCxLQUFLLENBQUMsQ0FBQztRQUNWLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixNQUFNLElBQUksS0FBSyxDQUNiLDJGQUEyRixDQUM1RixDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxNQUFNLENBQUMsWUFBWSxDQUFDLElBQVc7UUFDckMsSUFBSSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ1YsT0FBTztRQUNULENBQUM7UUFFRCxPQUFPO1lBQ0wsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ2YsSUFBSSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsUUFBUSxDQUFDO1NBQzVDLENBQUM7SUFDSixDQUFDO0lBRU8sTUFBTSxDQUFDLGdCQUFnQixDQUFDLFVBQWtDO1FBQ2hFLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQixPQUFPO1FBQ1QsQ0FBQztRQUVELE9BQU87WUFDTCxJQUFJLEVBQUUsVUFBVSxDQUFDLElBQXFCO1lBQ3RDLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQztZQUN6RCxRQUFRLEVBQUUsUUFBUSxDQUFDLEdBQUc7U0FDdkIsQ0FBQztJQUNKLENBQUM7Q0FDRiJ9
|
|
@@ -1,15 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
1
|
+
export declare enum ValidateTeeCertChainErrorCode {
|
|
2
|
+
CERT_CHAIN_IS_INVALID = "CERT_CHAIN_IS_INVALID",
|
|
3
|
+
NOT_ALLOWED_CHALLENGE = "NOT_ALLOWED_CHALLENGE",
|
|
4
|
+
CHALLENGE_IS_INVALID = "CHALLENGE_IS_INVALID"
|
|
5
|
+
}
|
|
6
|
+
export interface ValidateTeeCertChainResult {
|
|
7
|
+
isValid: boolean;
|
|
8
|
+
errorCode?: string;
|
|
9
|
+
errorMessage?: string;
|
|
10
|
+
}
|
|
8
11
|
export declare class TeeCertificateService {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
private validateChallengeSgx;
|
|
14
|
-
private validateChallengeTdxAndSnp;
|
|
12
|
+
static validateTeeCertChainOrFail(certsPem: string): Promise<void>;
|
|
13
|
+
static validateTeeCertChain(certsPem: string): Promise<ValidateTeeCertChainResult>;
|
|
14
|
+
private static validateChallengeSgx;
|
|
15
|
+
private static validateChallengeTdxAndSnp;
|
|
15
16
|
}
|
|
@@ -1,61 +1,67 @@
|
|
|
1
|
-
import forge from 'node-forge';
|
|
2
|
-
import { TeeSgxParser } from './QuoteParser.js';
|
|
3
|
-
import { QuoteValidator } from './QuoteValidator.js';
|
|
4
1
|
import { SUPERPROTOCOL_CA } from '../constants.js';
|
|
5
2
|
import { ChallengeType, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID, OID_CUSTOM_EXTENSION_CHALLENGE_ID, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE, } from '@super-protocol/pki-common';
|
|
6
3
|
import { TeeSignatureVerifier } from './TeeSignatureVerifier.js';
|
|
7
4
|
import { InvalidSignatureError } from './errors.js';
|
|
8
5
|
import { CertificatesHelper } from '../certificates/index.js';
|
|
6
|
+
export var ValidateTeeCertChainErrorCode;
|
|
7
|
+
(function (ValidateTeeCertChainErrorCode) {
|
|
8
|
+
ValidateTeeCertChainErrorCode["CERT_CHAIN_IS_INVALID"] = "CERT_CHAIN_IS_INVALID";
|
|
9
|
+
ValidateTeeCertChainErrorCode["NOT_ALLOWED_CHALLENGE"] = "NOT_ALLOWED_CHALLENGE";
|
|
10
|
+
ValidateTeeCertChainErrorCode["CHALLENGE_IS_INVALID"] = "CHALLENGE_IS_INVALID";
|
|
11
|
+
})(ValidateTeeCertChainErrorCode || (ValidateTeeCertChainErrorCode = {}));
|
|
9
12
|
export class TeeCertificateService {
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
return Buffer.from(publicKeyDer, 'binary');
|
|
16
|
-
}
|
|
17
|
-
async parseAndValidateCertificate(certificatePem, sgxApiUrl) {
|
|
18
|
-
const pem = Buffer.isBuffer(certificatePem) ? certificatePem.toString() : certificatePem;
|
|
19
|
-
const certificate = forge.pki.certificateFromPem(pem);
|
|
20
|
-
const extensions = certificate.extensions;
|
|
21
|
-
const quote = extensions.find((ext) => ext.id === this.certOidQuote);
|
|
22
|
-
const quoteBuffer = Buffer.from(quote.value, 'binary');
|
|
23
|
-
const validator = new QuoteValidator(sgxApiUrl);
|
|
24
|
-
await validator.checkQuote(quoteBuffer, this.getCertificatePublicKey(certificate));
|
|
25
|
-
const parser = new TeeSgxParser();
|
|
26
|
-
const parsedQuote = parser.parseQuote(quoteBuffer);
|
|
27
|
-
const report = parser.parseReport(parsedQuote.report);
|
|
28
|
-
return {
|
|
29
|
-
userData: Buffer.from(parsedQuote.header.userData),
|
|
30
|
-
mrEnclave: Buffer.from(report.mrEnclave),
|
|
31
|
-
mrSigner: Buffer.from(report.mrSigner),
|
|
32
|
-
dataHash: Buffer.from(report.dataHash),
|
|
33
|
-
};
|
|
13
|
+
static async validateTeeCertChainOrFail(certsPem) {
|
|
14
|
+
const result = await TeeCertificateService.validateTeeCertChain(certsPem);
|
|
15
|
+
if (!result.isValid) {
|
|
16
|
+
throw new Error(result.errorMessage);
|
|
17
|
+
}
|
|
34
18
|
}
|
|
35
|
-
async
|
|
36
|
-
const {
|
|
37
|
-
if (!
|
|
38
|
-
|
|
19
|
+
static async validateTeeCertChain(certsPem) {
|
|
20
|
+
const { isValid, errorMessage } = await CertificatesHelper.validateCertChain(certsPem, SUPERPROTOCOL_CA);
|
|
21
|
+
if (!isValid) {
|
|
22
|
+
return {
|
|
23
|
+
isValid: false,
|
|
24
|
+
errorCode: ValidateTeeCertChainErrorCode.CERT_CHAIN_IS_INVALID,
|
|
25
|
+
errorMessage: `Cert chain is invalid! (${errorMessage})`,
|
|
26
|
+
};
|
|
39
27
|
}
|
|
40
28
|
const sortedCerts = CertificatesHelper.sortCertsFromLeafToRoot(certsPem);
|
|
41
29
|
const challenges = sortedCerts.map((cert) => CertificatesHelper.getExtensionValue(cert, OID_CUSTOM_EXTENSION_CHALLENGE_TYPE)?.toString('binary'));
|
|
42
30
|
if (challenges.some((challenge) => !challenge || challenge === ChallengeType.Untrusted)) {
|
|
43
|
-
|
|
31
|
+
return {
|
|
32
|
+
isValid: false,
|
|
33
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
34
|
+
errorMessage: `Cert chain has cert without or Untrusted challenge`,
|
|
35
|
+
};
|
|
44
36
|
}
|
|
45
37
|
const leafCertChallengeType = challenges[0];
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
38
|
+
try {
|
|
39
|
+
switch (leafCertChallengeType) {
|
|
40
|
+
case ChallengeType.SGXDCAP:
|
|
41
|
+
TeeCertificateService.validateChallengeSgx(certsPem);
|
|
42
|
+
break;
|
|
43
|
+
case ChallengeType.TDX:
|
|
44
|
+
case ChallengeType.AMDSEV:
|
|
45
|
+
await TeeCertificateService.validateChallengeTdxAndSnp(certsPem);
|
|
46
|
+
break;
|
|
47
|
+
default:
|
|
48
|
+
return {
|
|
49
|
+
isValid: false,
|
|
50
|
+
errorCode: ValidateTeeCertChainErrorCode.NOT_ALLOWED_CHALLENGE,
|
|
51
|
+
errorMessage: `Challenge type ${leafCertChallengeType || `[none]`} is missing or not allowed!`,
|
|
52
|
+
};
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
catch (err) {
|
|
56
|
+
return {
|
|
57
|
+
isValid: false,
|
|
58
|
+
errorCode: ValidateTeeCertChainErrorCode.CHALLENGE_IS_INVALID,
|
|
59
|
+
errorMessage: `Challenge is not valid! (${err.message})`,
|
|
60
|
+
};
|
|
56
61
|
}
|
|
62
|
+
return { isValid: true };
|
|
57
63
|
}
|
|
58
|
-
validateChallengeSgx(certPem) {
|
|
64
|
+
static validateChallengeSgx(certPem) {
|
|
59
65
|
const mrSignerBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_COMMON_ID);
|
|
60
66
|
if (!mrSignerBinaryString) {
|
|
61
67
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
@@ -67,7 +73,7 @@ export class TeeCertificateService {
|
|
|
67
73
|
throw new Error(`SGX challenge signature is wrong!`);
|
|
68
74
|
}
|
|
69
75
|
}
|
|
70
|
-
async validateChallengeTdxAndSnp(certPem) {
|
|
76
|
+
static async validateChallengeTdxAndSnp(certPem) {
|
|
71
77
|
const mrEnclaveBinaryString = CertificatesHelper.getExtensionValue(certPem, OID_CUSTOM_EXTENSION_CHALLENGE_ID);
|
|
72
78
|
if (!mrEnclaveBinaryString) {
|
|
73
79
|
throw new Error(`Challenge id is missing in certificate!`);
|
|
@@ -84,4 +90,4 @@ export class TeeCertificateService {
|
|
|
84
90
|
}
|
|
85
91
|
}
|
|
86
92
|
}
|
|
87
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
93
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVGVlQ2VydGlmaWNhdGVTZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3RlZS9UZWVDZXJ0aWZpY2F0ZVNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDbkQsT0FBTyxFQUNMLGFBQWEsRUFDYix3Q0FBd0MsRUFDeEMsaUNBQWlDLEVBQ2pDLG1DQUFtQyxHQUNwQyxNQUFNLDRCQUE0QixDQUFDO0FBQ3BDLE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBQ2pFLE9BQU8sRUFBRSxxQkFBcUIsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUNwRCxPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSwwQkFBMEIsQ0FBQztBQUU5RCxNQUFNLENBQU4sSUFBWSw2QkFJWDtBQUpELFdBQVksNkJBQTZCO0lBQ3ZDLGdGQUErQyxDQUFBO0lBQy9DLGdGQUErQyxDQUFBO0lBQy9DLDhFQUE2QyxDQUFBO0FBQy9DLENBQUMsRUFKVyw2QkFBNkIsS0FBN0IsNkJBQTZCLFFBSXhDO0FBT0QsTUFBTSxPQUFPLHFCQUFxQjtJQUNoQyxNQUFNLENBQUMsS0FBSyxDQUFDLDBCQUEwQixDQUFDLFFBQWdCO1FBQ3RELE1BQU0sTUFBTSxHQUFHLE1BQU0scUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDMUUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUNwQixNQUFNLElBQUksS0FBSyxDQUFDLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUN2QyxDQUFDO0lBQ0gsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFLLENBQUMsb0JBQW9CLENBQUMsUUFBZ0I7UUFDaEQsTUFBTSxFQUFFLE9BQU8sRUFBRSxZQUFZLEVBQUUsR0FBRyxNQUFNLGtCQUFrQixDQUFDLGlCQUFpQixDQUMxRSxRQUFRLEVBQ1IsZ0JBQWdCLENBQ2pCLENBQUM7UUFFRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDYixPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLFNBQVMsRUFBRSw2QkFBNkIsQ0FBQyxxQkFBcUI7Z0JBQzlELFlBQVksRUFBRSwyQkFBMkIsWUFBWSxHQUFHO2FBQ3pELENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxXQUFXLEdBQUcsa0JBQWtCLENBQUMsdUJBQXVCLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFekUsTUFBTSxVQUFVLEdBQUcsV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFLENBQzFDLGtCQUFrQixDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxtQ0FBbUMsQ0FBQyxFQUFFLFFBQVEsQ0FDdkYsUUFBUSxDQUNULENBQ0YsQ0FBQztRQUNGLElBQUksVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsQ0FBQyxTQUFTLElBQUksU0FBUyxLQUFLLGFBQWEsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1lBQ3hGLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLHFCQUFxQjtnQkFDOUQsWUFBWSxFQUFFLG9EQUFvRDthQUNuRSxDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0scUJBQXFCLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRTVDLElBQUksQ0FBQztZQUNILFFBQVEscUJBQXFCLEVBQUUsQ0FBQztnQkFDOUIsS0FBSyxhQUFhLENBQUMsT0FBTztvQkFDeEIscUJBQXFCLENBQUMsb0JBQW9CLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3JELE1BQU07Z0JBQ1IsS0FBSyxhQUFhLENBQUMsR0FBRyxDQUFDO2dCQUN2QixLQUFLLGFBQWEsQ0FBQyxNQUFNO29CQUN2QixNQUFNLHFCQUFxQixDQUFDLDBCQUEwQixDQUFDLFFBQVEsQ0FBQyxDQUFDO29CQUNqRSxNQUFNO2dCQUVSO29CQUNFLE9BQU87d0JBQ0wsT0FBTyxFQUFFLEtBQUs7d0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLHFCQUFxQjt3QkFDOUQsWUFBWSxFQUFFLGtCQUFrQixxQkFBcUIsSUFBSSxRQUFRLDZCQUE2QjtxQkFDL0YsQ0FBQztZQUNOLENBQUM7UUFDSCxDQUFDO1FBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztZQUNiLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsU0FBUyxFQUFFLDZCQUE2QixDQUFDLG9CQUFvQjtnQkFDN0QsWUFBWSxFQUFFLDRCQUE2QixHQUFhLENBQUMsT0FBTyxHQUFHO2FBQ3BFLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUMzQixDQUFDO0lBRU8sTUFBTSxDQUFDLG9CQUFvQixDQUFDLE9BQWU7UUFDakQsTUFBTSxvQkFBb0IsR0FBRyxrQkFBa0IsQ0FBQyxpQkFBaUIsQ0FDL0QsT0FBTyxFQUNQLHdDQUF3QyxDQUN6QyxDQUFDO1FBQ0YsSUFBSSxDQUFDLG9CQUFvQixFQUFFLENBQUM7WUFDMUIsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7UUFFRCxJQUFJLENBQUM7WUFDSCxvQkFBb0IsQ0FBQyxvQkFBb0IsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBQ2xFLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsTUFBTSxJQUFJLEtBQUssQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1FBQ3ZELENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQywwQkFBMEIsQ0FBQyxPQUFlO1FBQzdELE1BQU0scUJBQXFCLEdBQUcsa0JBQWtCLENBQUMsaUJBQWlCLENBQ2hFLE9BQU8sRUFDUCxpQ0FBaUMsQ0FDbEMsQ0FBQztRQUNGLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO1lBQzNCLE1BQU0sSUFBSSxLQUFLLENBQUMseUNBQXlDLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBRUQsSUFBSSxDQUFDO1lBQ0gsTUFBTSxvQkFBb0IsQ0FBQywwQkFBMEIsQ0FBQyxxQkFBcUIsQ0FBQyxDQUFDO1FBQy9FLENBQUM7UUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1lBQ2IsTUFBTSxPQUFPLEdBQUcsMkJBQTJCLENBQUM7WUFDNUMsSUFBSSxHQUFHLFlBQVkscUJBQXFCLEVBQUUsQ0FBQztnQkFDekMsTUFBTSxJQUFJLEtBQUssQ0FBQyxHQUFHLE9BQU8sSUFBSSxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUMvQyxDQUFDO1lBQ0QsTUFBTSxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMzQixDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=
|
|
@@ -3,7 +3,7 @@ import rootLogger from '../logger.js';
|
|
|
3
3
|
import store from '../store.js';
|
|
4
4
|
import { checkForUsingExternalTxManager, checkIfActionAccountInitialized, createTransactionOptions, multiplyBigIntByNumber, } from './helper.js';
|
|
5
5
|
import Superpro from '../staticModels/Superpro.js';
|
|
6
|
-
import { BLOCKCHAIN_CALL_RETRY_ATTEMPTS, BLOCKCHAIN_CALL_RETRY_INTERVAL
|
|
6
|
+
import { BLOCKCHAIN_CALL_RETRY_ATTEMPTS, BLOCKCHAIN_CALL_RETRY_INTERVAL } from '../constants.js';
|
|
7
7
|
import lodash from 'lodash';
|
|
8
8
|
import Bottleneck from 'bottleneck';
|
|
9
9
|
import { tryWithInterval } from './helpers/tryWithInterval.js';
|
|
@@ -122,36 +122,25 @@ class TxManager {
|
|
|
122
122
|
maxPriorityFeePerGas,
|
|
123
123
|
maxFeePerGas,
|
|
124
124
|
};
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
catch (e) {
|
|
131
|
-
TxManager.logger.debug({ error: e }, 'Fail to calculate estimated gas');
|
|
132
|
-
estimatedGas = defaultGasLimit;
|
|
133
|
-
}
|
|
125
|
+
if (transactionOptions.gas) {
|
|
126
|
+
TxManager.logger.warn({
|
|
127
|
+
specifiedGas: transactionOptions.gas,
|
|
128
|
+
}, 'Gas overriding');
|
|
129
|
+
txData.gas = transactionOptions.gas;
|
|
134
130
|
}
|
|
135
131
|
else {
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
132
|
+
let estimatedGas;
|
|
133
|
+
const txDataForEstimate = {
|
|
134
|
+
...txData,
|
|
135
|
+
gas: undefined,
|
|
136
|
+
};
|
|
137
|
+
if (transactionCall) {
|
|
138
|
+
estimatedGas = await transactionCall.estimateGas(txDataForEstimate);
|
|
142
139
|
}
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
// defaultGasLimit is max gas limit
|
|
146
|
-
txData.gas = txData.gas < defaultGasLimit ? txData.gas : defaultGasLimit;
|
|
147
|
-
if (transactionOptions.gas) {
|
|
148
|
-
if (transactionOptions.gas < estimatedGas) {
|
|
149
|
-
TxManager.logger.warn({
|
|
150
|
-
estimated: estimatedGas,
|
|
151
|
-
specified: transactionOptions.gas,
|
|
152
|
-
}, 'Overriding gas is lower than estimated');
|
|
140
|
+
else {
|
|
141
|
+
estimatedGas = await store.web3Https.eth.estimateGas(txDataForEstimate);
|
|
153
142
|
}
|
|
154
|
-
txData.gas =
|
|
143
|
+
txData.gas = multiplyBigIntByNumber(estimatedGas, store.gasLimitMultiplier);
|
|
155
144
|
}
|
|
156
145
|
let nonceTracker;
|
|
157
146
|
// TODO: Consider a better way to organize different strategies for publishing transactions.
|
|
@@ -204,4 +193,4 @@ class TxManager {
|
|
|
204
193
|
}
|
|
205
194
|
}
|
|
206
195
|
export default TxManager;
|
|
207
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
196
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVHhNYW5hZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL3V0aWxzL1R4TWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLFlBQVksTUFBTSxtQkFBbUIsQ0FBQztBQUM3QyxPQUFPLFVBQVUsTUFBTSxjQUFjLENBQUM7QUFDdEMsT0FBTyxLQUFLLE1BQU0sYUFBYSxDQUFDO0FBUWhDLE9BQU8sRUFDTCw4QkFBOEIsRUFDOUIsK0JBQStCLEVBQy9CLHdCQUF3QixFQUN4QixzQkFBc0IsR0FDdkIsTUFBTSxhQUFhLENBQUM7QUFDckIsT0FBTyxRQUFRLE1BQU0sNkJBQTZCLENBQUM7QUFDbkQsT0FBTyxFQUFFLDhCQUE4QixFQUFFLDhCQUE4QixFQUFFLE1BQU0saUJBQWlCLENBQUM7QUFDakcsT0FBTyxNQUFNLE1BQU0sUUFBUSxDQUFDO0FBRTVCLE9BQU8sVUFBVSxNQUFNLFlBQVksQ0FBQztBQUVwQyxPQUFPLEVBQUUsZUFBZSxFQUFFLE1BQU0sOEJBQThCLENBQUM7QUFRL0QsTUFBTSxvQkFBcUIsU0FBUSxLQUFLO0lBQ3RCLGFBQWEsQ0FBVTtJQUN2QyxZQUFZLGFBQXNCLEVBQUUsT0FBZTtRQUNqRCxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDZixJQUFJLENBQUMsSUFBSSxHQUFHLHNCQUFzQixDQUFDO1FBQ25DLElBQUksQ0FBQyxhQUFhLEdBQUcsYUFBYSxDQUFDO0lBQ3JDLENBQUM7Q0FDRjtBQUVELE1BQU0sT0FBTyxpQ0FBa0MsU0FBUSxvQkFBb0I7SUFDekUsWUFBWSxhQUFzQixFQUFFLE9BQWU7UUFDakQsS0FBSyxDQUFDLGFBQWEsRUFBRSxPQUFPLENBQUMsQ0FBQztRQUM5QixJQUFJLENBQUMsSUFBSSxHQUFHLG1DQUFtQyxDQUFDO0lBQ2xELENBQUM7Q0FDRjtBQUlELE1BQU0sU0FBUztJQUNMLE1BQU0sQ0FBQyxJQUFJLENBQU87SUFDbEIsTUFBTSxDQUFDLHlCQUF5QixDQUFVO0lBQzFDLE1BQU0sQ0FBQyxNQUFNLEdBQUcsVUFBVSxDQUFDLEtBQUssQ0FBQyxFQUFFLFNBQVMsRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQzdELE1BQU0sQ0FBQyxhQUFhLEdBQXdDLEVBQUUsQ0FBQztJQUMvRCxNQUFNLENBQUMsTUFBTSxHQUFzQyxFQUFFLENBQUM7SUFDdkQsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFVLEVBQUUsNEJBQXFDLEtBQUs7UUFDdkUsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7UUFDakIsSUFBSSxDQUFDLHlCQUF5QixHQUFHLHlCQUF5QixDQUFDO0lBQzdELENBQUM7SUFFTyxNQUFNLENBQUMsa0JBQWtCO1FBQy9CLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDZixNQUFNLEtBQUssQ0FBQywrQ0FBK0MsQ0FBQyxDQUFDO1FBQy9ELENBQUM7SUFDSCxDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsT0FBZTtRQUM3QyxJQUFJLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDO1lBQUUsT0FBTztRQUN4QyxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxHQUFHLElBQUksWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDbkUsTUFBTSxJQUFJLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDLFdBQVcsRUFBRSxDQUFDO0lBQ2xELENBQUM7SUFFTSxNQUFNLENBQUMsT0FBTyxDQUNuQixXQUFtQyxFQUNuQyxrQkFBdUMsRUFDdkMsS0FBYSxRQUFRLENBQUMsT0FBTztRQUU3QixNQUFNLE1BQU0sR0FBMkI7WUFDckMsRUFBRTtZQUNGLElBQUksRUFBRSxXQUFXLENBQUMsU0FBUyxFQUFFO1NBQzlCLENBQUM7UUFFRixPQUFPLFNBQVMsQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEVBQUUsa0JBQWtCLEVBQUUsV0FBVyxDQUFDLENBQUM7SUFDL0UsQ0FBQztJQUVNLE1BQU0sQ0FBQyxLQUFLLENBQUMsa0JBQWtCLENBQ3BDLE1BQThCLEVBQzlCLGtCQUF1QyxFQUN2QyxlQUF3QztRQUV4QyxJQUFJLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztRQUMxQiwrQkFBK0IsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBRXBELE1BQU0sU0FBUyxHQUFHLE1BQU0sd0JBQXdCLENBQUMsSUFBSSxDQUFDLHlCQUF5QixFQUFFO1lBQy9FLEdBQUcsa0JBQWtCO1NBQ3RCLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDcEIsTUFBTSxLQUFLLENBQ1QsNkZBQTZGLENBQzlGLENBQUM7UUFDSixDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBOEI7WUFDbEQsR0FBSSxTQUF3QztZQUM1QyxJQUFJLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxJQUFJLElBQUksQ0FBQyxJQUFJO1lBQzNDLG9CQUFvQixFQUFFLDhCQUE4QixDQUFDLGtCQUFrQixDQUFDO1NBQ3pFLENBQUM7UUFFRixJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQ3hDLElBQUksQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLEdBQUcsSUFBSSxVQUFVLENBQUM7Z0JBQ2xELGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYTtnQkFDbEMsT0FBTyxFQUFFLEtBQUssQ0FBQyxZQUFZO2FBQzVCLENBQUMsQ0FBQztRQUNMLENBQUM7UUFFRCxJQUFJLHFCQUFxQixDQUFDO1FBQzFCLElBQUksSUFBSSxDQUFDLHlCQUF5QixFQUFFLENBQUM7WUFDbkMscUJBQXFCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLENBQ3ZFLFNBQVMsQ0FBQywyQkFBMkIsQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLENBQUMsQ0FDaEUsQ0FBQztRQUNKLENBQUM7YUFBTSxDQUFDO1lBQ04scUJBQXFCLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLENBQUMsR0FBRyxFQUFFLENBQ3ZFLFNBQVMsQ0FBQyxtQkFBbUIsQ0FBQyxNQUFNLEVBQUUsZ0JBQWdCLEVBQUUsZUFBZSxDQUFDLENBQ3pFLENBQUM7UUFDSixDQUFDO1FBQ0QsT0FBTyxxQkFBcUIsQ0FBQztJQUMvQixDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQywyQkFBMkIsQ0FDOUMsTUFBOEIsRUFDOUIsa0JBQTZDO1FBRTdDLE1BQU0sRUFBRSxJQUFJLEVBQUUsSUFBSSxFQUFFLEdBQUcsa0JBQWtCLENBQUM7UUFFMUMsTUFBTSxtQkFBbUIsR0FBRztZQUMxQixJQUFJLEVBQUUsSUFBSTtZQUNWLEVBQUUsRUFBRSxNQUFNLENBQUMsRUFBRTtZQUNiLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSTtZQUNqQixLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7U0FDcEIsQ0FBQztRQUNGLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUNwQjtZQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUMsTUFBTSxDQUFDLENBQUM7U0FDbkQsRUFDRCxpQ0FBaUMsQ0FDbEMsQ0FBQztRQUNGLE1BQU0sTUFBTSxHQUFHLENBQUMsTUFBTSxJQUFLLENBQUMsUUFBUyxDQUFDLE9BQU8sQ0FBQztZQUM1QyxNQUFNLEVBQUUscUJBQXFCO1lBQzdCLE1BQU0sRUFBRSxDQUFDLG1CQUFtQixDQUFDO1NBQzlCLENBQUMsQ0FBa0IsQ0FBQztRQUVyQixNQUFNLHFCQUFxQixHQUFHLE1BQU0sZUFBZSxDQUFDO1lBQ2xELE9BQU8sRUFBRSxLQUFLLElBQUksRUFBRSxDQUFDLE1BQU0sSUFBSyxDQUFDLEdBQUcsQ0FBQyxxQkFBcUIsQ0FBQyxNQUFNLENBQUM7WUFDbEUsV0FBVyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUU7Z0JBQ3RCLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3pDLENBQUM7WUFDRCxhQUFhLEVBQUUsOEJBQThCO1lBQzdDLFFBQVEsRUFBRSw4QkFBOEI7U0FDekMsQ0FBQyxDQUFDO1FBRUgsT0FBTyxxQkFBcUIsQ0FBQztJQUMvQixDQUFDO0lBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxNQUFNLENBQ3hCLFdBQW1DLEVBQ25DLGtCQUF1QztRQUV2QyxNQUFNLElBQUksR0FBRyxrQkFBa0IsRUFBRSxJQUFJLElBQUksS0FBSyxDQUFDLGFBQWEsQ0FBQztRQUU3RCxJQUFJLENBQUM7WUFDSCxPQUFPLE1BQU0sV0FBVyxDQUFDLElBQUksQ0FBQyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7UUFDMUMsQ0FBQztRQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDVixDQUFpQixDQUFDLFVBQVUsR0FBSSxDQUFjLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSx5QkFBeUIsQ0FBQztZQUMxRixNQUFNLENBQUMsQ0FBQztRQUNWLENBQUM7SUFDSCxDQUFDO0lBRU8sTUFBTSxDQUFDLEtBQUssQ0FBQyxtQkFBbUIsQ0FDdEMsTUFBOEIsRUFDOUIsa0JBQTZDLEVBQzdDLGVBQXdDO1FBRXhDLE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLG9CQUFvQixFQUFFLFlBQVksRUFBRSxJQUFJLEVBQUUsR0FBRyxrQkFBa0IsQ0FBQztRQUVuRixNQUFNLEdBQUc7WUFDUCxHQUFHLE1BQU07WUFDVCxJQUFJO1lBQ0osR0FBRztZQUNILG9CQUFvQjtZQUNwQixZQUFZO1NBQ2IsQ0FBQztRQUVGLElBQUksa0JBQWtCLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDM0IsU0FBUyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ25CO2dCQUNFLFlBQVksRUFBRSxrQkFBa0IsQ0FBQyxHQUFHO2FBQ3JDLEVBQ0QsZ0JBQWdCLENBQ2pCLENBQUM7WUFDRixNQUFNLENBQUMsR0FBRyxHQUFHLGtCQUFrQixDQUFDLEdBQUcsQ0FBQztRQUN0QyxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksWUFBWSxDQUFDO1lBQ2pCLE1BQU0saUJBQWlCLEdBQUc7Z0JBQ3hCLEdBQUcsTUFBTTtnQkFDVCxHQUFHLEVBQUUsU0FBUzthQUNmLENBQUM7WUFDRixJQUFJLGVBQWUsRUFBRSxDQUFDO2dCQUNwQixZQUFZLEdBQUcsTUFBTSxlQUFlLENBQUMsV0FBVyxDQUFDLGlCQUF3QyxDQUFDLENBQUM7WUFDN0YsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFlBQVksR0FBRyxNQUFNLEtBQUssQ0FBQyxTQUFVLENBQUMsR0FBRyxDQUFDLFdBQVcsQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1lBQzNFLENBQUM7WUFDRCxNQUFNLENBQUMsR0FBRyxHQUFHLHNCQUFzQixDQUFDLFlBQVksRUFBRSxLQUFLLENBQUMsa0JBQWtCLENBQUMsQ0FBQztRQUM5RSxDQUFDO1FBRUQsSUFBSSxZQUFZLENBQUM7UUFDakIsNEZBQTRGO1FBQzVGLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDNUYsWUFBWSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsa0JBQWtCLENBQUMsSUFBSyxDQUFDLENBQUM7WUFDNUQsTUFBTSxZQUFZLENBQUMsNEJBQTRCLEVBQUUsQ0FBQztZQUNsRCxNQUFNLENBQUMsS0FBSyxHQUFHLFlBQVksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUM3QyxDQUFDO1FBQ0QsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxJQUFLLENBQUMsQ0FBQztRQUN4RCxJQUFJLENBQUM7WUFDSCxJQUFJLHFCQUFxQixDQUFDO1lBQzFCLElBQUksVUFBVSxFQUFFLENBQUM7Z0JBQ2YsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFLLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxlQUFlLENBQUMsTUFBTSxFQUFFLFVBQVUsQ0FBQyxDQUFDO2dCQUM1RSxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsRUFBRSxDQUFDO29CQUMzQixNQUFNLElBQUksS0FBSyxDQUFDLDRCQUE0QixDQUFDLENBQUM7Z0JBQ2hELENBQUM7Z0JBRUQsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO29CQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsZUFBZTtvQkFDOUIsTUFBTSxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUMsTUFBTSxDQUFDLENBQUM7aUJBQ3RDLEVBQ0QsK0JBQStCLENBQ2hDLENBQUM7Z0JBRUYscUJBQXFCLEdBQUcsTUFBTSxJQUFLLENBQUMsR0FBRyxDQUFDLHFCQUFxQixDQUFDLE1BQU0sQ0FBQyxjQUFjLENBQUMsQ0FBQztnQkFFckYsU0FBUyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ3BCO29CQUNFLE1BQU0sRUFBRSxNQUFNLENBQUMsZUFBZTtvQkFDOUIsYUFBYSxFQUFFLHFCQUFxQixDQUFDLFdBQVc7b0JBQ2hELFNBQVMsRUFBRSxxQkFBcUIsQ0FBQyxPQUFPO2lCQUN6QyxFQUNELG9CQUFvQixDQUNyQixDQUFDO1lBQ0osQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUNwQjtvQkFDRSxNQUFNLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxNQUFNLENBQUMsQ0FBQztpQkFDdEMsRUFDRCxpQ0FBaUMsQ0FDbEMsQ0FBQztnQkFFRixxQkFBcUIsR0FBRyxNQUFNLElBQUssQ0FBQyxHQUFHLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1lBQ2xFLENBQUM7WUFFRCxJQUFJLFlBQVk7Z0JBQUUsWUFBWSxDQUFDLHNCQUFzQixDQUFDLE1BQU0sQ0FBQyxLQUFNLENBQUMsQ0FBQztZQUVyRSxPQUFPLHFCQUFxQixDQUFDO1FBQy9CLENBQUM7UUFBQyxPQUFPLENBQVUsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sT0FBTyxHQUFHLG9DQUFvQyxDQUFDO1lBQ3JELFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQztZQUNuQyxJQUFJLFlBQVk7Z0JBQUUsTUFBTSxZQUFZLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztZQUMxRCxJQUFLLENBQXFCLENBQUMsT0FBTyxFQUFFLFFBQVEsQ0FBQywwQ0FBMEMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3pGLE1BQU0sSUFBSSxpQ0FBaUMsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDMUQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sSUFBSSxvQkFBb0IsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLENBQUM7WUFDN0MsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDOztBQUdILGVBQWUsU0FBUyxDQUFDIn0=
|