@super-protocol/sp-nvtrust-wrapper 1.0.8 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +22 -1
- package/dist/nvtrust_wrapper.d.ts +6 -1
- package/dist/nvtrust_wrapper.js +81 -45
- package/dist/nvtrust_wrapper.js.map +1 -1
- package/package.json +26 -25
- package/py/nvtrust_wrapper.py +2 -3
- package/py/requirements.txt +1 -1
package/README.md
CHANGED
|
@@ -1 +1,22 @@
|
|
|
1
|
-
# sp-nvtrust-wrapper
|
|
1
|
+
# sp-nvtrust-wrapper
|
|
2
|
+
A Node.js wrapper for the [`nvtrust`](https://github.com/NVIDIA/nvtrust) library, designed to enable attestation for **NVIDIA Confidential Computing**.
|
|
3
|
+
|
|
4
|
+
## 📦 Build Instructions
|
|
5
|
+
|
|
6
|
+
To build the project, run:
|
|
7
|
+
|
|
8
|
+
```bash
|
|
9
|
+
npm install
|
|
10
|
+
npm run postinstall
|
|
11
|
+
npm run build
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
## 🛠️ Troubleshooting
|
|
15
|
+
|
|
16
|
+
### MacOS
|
|
17
|
+
|
|
18
|
+
You may encounter an issue installing the Python `lxml` package on macOS.
|
|
19
|
+
This is often caused by incompatibility with the installed Python version.
|
|
20
|
+
|
|
21
|
+
**Solution:**
|
|
22
|
+
Downgrade Python to version **3.10**, which is known to be compatible with `lxml`.
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import * as proto from './proto/NvtrustWrapperTypes';
|
|
2
2
|
import { NvtrustGPUList } from './proto/TeeDeviceInfo';
|
|
3
|
-
export declare const defaultGPUpolicy = "{\n \"version\"
|
|
3
|
+
export declare const defaultGPUpolicy = "{\n \"version\":\"4.0\",\n \"authorization-rules\":{\n \"type\": \"JWT\",\n \"overall-claims\": {\n \"x-nvidia-ver\": \"3.0\"\n },\n \"detached-claims\":{\n \"x-nvidia-gpu-arch-check\": true,\n \"x-nvidia-gpu-attestation-report-parsed\": true,\n \"x-nvidia-gpu-attestation-report-nonce-match\": true,\n \"x-nvidia-gpu-attestation-report-signature-verified\": true,\n \"x-nvidia-gpu-attestation-report-cert-chain\":\n {\n \"x-nvidia-cert-status\": \"valid\",\n \"x-nvidia-cert-ocsp-status\": \"good\"\n },\n \"x-nvidia-gpu-attestation-report-cert-chain-fwid-match\": true,\n \"x-nvidia-gpu-driver-rim-fetched\": true,\n \"x-nvidia-gpu-driver-rim-schema-validated\": true,\n \"x-nvidia-gpu-driver-rim-signature-verified\": true,\n \"x-nvidia-gpu-driver-rim-version-match\": true,\n \"x-nvidia-gpu-driver-rim-cert-chain\":\n {\n \"x-nvidia-cert-status\": \"valid\",\n \"x-nvidia-cert-ocsp-status\": \"good\"\n },\n \"x-nvidia-gpu-driver-rim-measurements-available\": true,\n \"x-nvidia-gpu-vbios-rim-fetched\": true,\n \"x-nvidia-gpu-vbios-rim-schema-validated\": true,\n \"x-nvidia-gpu-vbios-rim-version-match\": true\n }\n }\n}";
|
|
4
|
+
export declare class InvalidGpuTokenError extends Error {
|
|
5
|
+
constructor(message: string);
|
|
6
|
+
}
|
|
4
7
|
export declare class NvtrustWrapper {
|
|
5
8
|
private readonly tmpDir;
|
|
6
9
|
private readonly timeoutMs;
|
|
@@ -38,6 +41,8 @@ export declare class NvtrustWrapper {
|
|
|
38
41
|
*
|
|
39
42
|
* @param token - The NVIDIA token containing GPU-related data.
|
|
40
43
|
* @returns `NvtrustGPUList` object representing the extracted GPUs information.
|
|
44
|
+
* @throws SyntaxError on badly formatted token
|
|
45
|
+
* @throws InvalidGpuTokenError if the token does not contain the required data
|
|
41
46
|
*/
|
|
42
47
|
static extractGPuInfoFromToken(token: proto.NvidiaToken): NvtrustGPUList;
|
|
43
48
|
}
|
package/dist/nvtrust_wrapper.js
CHANGED
|
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
-
exports.NvtrustWrapper = exports.defaultGPUpolicy = void 0;
|
|
26
|
+
exports.NvtrustWrapper = exports.InvalidGpuTokenError = exports.defaultGPUpolicy = void 0;
|
|
27
27
|
const child_process_1 = require("child_process");
|
|
28
28
|
const fs = __importStar(require("fs/promises"));
|
|
29
29
|
const path = __importStar(require("path"));
|
|
@@ -31,35 +31,55 @@ const fs_1 = require("fs");
|
|
|
31
31
|
const proto = __importStar(require("./proto/NvtrustWrapperTypes"));
|
|
32
32
|
const crypto_1 = require("crypto");
|
|
33
33
|
const jwt = __importStar(require("jsonwebtoken"));
|
|
34
|
+
const zod_1 = require("zod");
|
|
34
35
|
exports.defaultGPUpolicy = `{
|
|
35
|
-
"version":
|
|
36
|
-
"authorization-rules":
|
|
36
|
+
"version":"4.0",
|
|
37
|
+
"authorization-rules":{
|
|
37
38
|
"type": "JWT",
|
|
38
39
|
"overall-claims": {
|
|
39
|
-
"x-nvidia-
|
|
40
|
-
"x-nvidia-ver": "2.0"
|
|
40
|
+
"x-nvidia-ver": "3.0"
|
|
41
41
|
},
|
|
42
|
-
"detached-claims":
|
|
43
|
-
"measres": "success",
|
|
42
|
+
"detached-claims":{
|
|
44
43
|
"x-nvidia-gpu-arch-check": true,
|
|
45
|
-
"x-nvidia-gpu-attestation-report-cert-chain-validated": true,
|
|
46
44
|
"x-nvidia-gpu-attestation-report-parsed": true,
|
|
47
45
|
"x-nvidia-gpu-attestation-report-nonce-match": true,
|
|
48
46
|
"x-nvidia-gpu-attestation-report-signature-verified": true,
|
|
47
|
+
"x-nvidia-gpu-attestation-report-cert-chain":
|
|
48
|
+
{
|
|
49
|
+
"x-nvidia-cert-status": "valid",
|
|
50
|
+
"x-nvidia-cert-ocsp-status": "good"
|
|
51
|
+
},
|
|
52
|
+
"x-nvidia-gpu-attestation-report-cert-chain-fwid-match": true,
|
|
49
53
|
"x-nvidia-gpu-driver-rim-fetched": true,
|
|
50
54
|
"x-nvidia-gpu-driver-rim-schema-validated": true,
|
|
51
|
-
"x-nvidia-gpu-driver-rim-cert-validated": true,
|
|
52
55
|
"x-nvidia-gpu-driver-rim-signature-verified": true,
|
|
56
|
+
"x-nvidia-gpu-driver-rim-version-match": true,
|
|
57
|
+
"x-nvidia-gpu-driver-rim-cert-chain":
|
|
58
|
+
{
|
|
59
|
+
"x-nvidia-cert-status": "valid",
|
|
60
|
+
"x-nvidia-cert-ocsp-status": "good"
|
|
61
|
+
},
|
|
53
62
|
"x-nvidia-gpu-driver-rim-measurements-available": true,
|
|
54
63
|
"x-nvidia-gpu-vbios-rim-fetched": true,
|
|
55
64
|
"x-nvidia-gpu-vbios-rim-schema-validated": true,
|
|
56
|
-
"x-nvidia-gpu-vbios-rim-
|
|
57
|
-
"x-nvidia-gpu-vbios-rim-signature-verified": true,
|
|
58
|
-
"x-nvidia-gpu-vbios-rim-measurements-available": true,
|
|
59
|
-
"x-nvidia-gpu-vbios-index-no-conflict": true
|
|
65
|
+
"x-nvidia-gpu-vbios-rim-version-match": true
|
|
60
66
|
}
|
|
61
67
|
}
|
|
62
68
|
}`;
|
|
69
|
+
const NvidiaJwtPayloadSchema = zod_1.z.object({
|
|
70
|
+
hwmodel: zod_1.z.string(),
|
|
71
|
+
'x-nvidia-gpu-driver-version': zod_1.z.string(),
|
|
72
|
+
'x-nvidia-gpu-vbios-version': zod_1.z.string(),
|
|
73
|
+
dbgstat: zod_1.z.string().optional(),
|
|
74
|
+
});
|
|
75
|
+
class InvalidGpuTokenError extends Error {
|
|
76
|
+
constructor(message) {
|
|
77
|
+
super(message);
|
|
78
|
+
this.name = 'InvalidGpuTokenError';
|
|
79
|
+
Object.setPrototypeOf(this, InvalidGpuTokenError.prototype);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
exports.InvalidGpuTokenError = InvalidGpuTokenError;
|
|
63
83
|
class NvtrustWrapper {
|
|
64
84
|
tmpDir;
|
|
65
85
|
timeoutMs;
|
|
@@ -93,33 +113,44 @@ class NvtrustWrapper {
|
|
|
93
113
|
const logDir = path.join(tempDir, 'logs');
|
|
94
114
|
await fs.mkdir(logDir);
|
|
95
115
|
try {
|
|
116
|
+
const pythonPath = path.join(__dirname, '../py-venv/bin/python3');
|
|
117
|
+
const scriptPath = path.join(__dirname, '../py/nvtrust_wrapper.py');
|
|
118
|
+
await fs.access(pythonPath);
|
|
119
|
+
await fs.access(scriptPath);
|
|
96
120
|
await fs.writeFile(path.join(tempDir, 'request.bin'), serializedRequest);
|
|
97
121
|
return new Promise((resolve, reject) => {
|
|
98
|
-
const pythonProcess = (0, child_process_1.spawn)(
|
|
122
|
+
const pythonProcess = (0, child_process_1.spawn)(pythonPath, ['-B', scriptPath, tempDir], {
|
|
99
123
|
cwd: logDir,
|
|
124
|
+
timeout: this.timeoutMs,
|
|
125
|
+
killSignal: 'SIGKILL',
|
|
100
126
|
});
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
const result = await fs.readFile(path.join(tempDir, 'response.bin'));
|
|
113
|
-
resolve(result);
|
|
127
|
+
pythonProcess.on('close', async (exitCode, signal) => {
|
|
128
|
+
if (exitCode === null) {
|
|
129
|
+
switch (signal) {
|
|
130
|
+
case 'SIGKILL':
|
|
131
|
+
reject(new Error('Process was killed probably due to a timedout'));
|
|
132
|
+
break;
|
|
133
|
+
default:
|
|
134
|
+
reject(new Error(`The process was terminated with an unexpected signal: ${signal}`));
|
|
135
|
+
break;
|
|
136
|
+
}
|
|
137
|
+
return;
|
|
114
138
|
}
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
139
|
+
try {
|
|
140
|
+
if (exitCode === 0) {
|
|
141
|
+
const result = await fs.readFile(path.join(tempDir, 'response.bin'));
|
|
142
|
+
resolve(result);
|
|
143
|
+
}
|
|
144
|
+
else {
|
|
145
|
+
const error = await fs.readFile(path.join(tempDir, 'error.txt'), 'utf-8');
|
|
146
|
+
reject(new Error(`Python error: ${error.trim()}`));
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
catch (e) {
|
|
150
|
+
return reject(new Error(`Failed to read process output: ${e.message}`));
|
|
118
151
|
}
|
|
119
152
|
});
|
|
120
153
|
pythonProcess.on('error', (error) => {
|
|
121
|
-
if (timeoutId)
|
|
122
|
-
clearTimeout(timeoutId);
|
|
123
154
|
reject(new Error(`Failed to start process: ${error.message}`));
|
|
124
155
|
});
|
|
125
156
|
}).finally(async () => {
|
|
@@ -182,6 +213,8 @@ class NvtrustWrapper {
|
|
|
182
213
|
*
|
|
183
214
|
* @param token - The NVIDIA token containing GPU-related data.
|
|
184
215
|
* @returns `NvtrustGPUList` object representing the extracted GPUs information.
|
|
216
|
+
* @throws SyntaxError on badly formatted token
|
|
217
|
+
* @throws InvalidGpuTokenError if the token does not contain the required data
|
|
185
218
|
*/
|
|
186
219
|
static extractGPuInfoFromToken(token) {
|
|
187
220
|
const jsonArray = JSON.parse(token.jwt);
|
|
@@ -189,25 +222,28 @@ class NvtrustWrapper {
|
|
|
189
222
|
if (Array.isArray(jsonArray) && jsonArray.length >= 2) {
|
|
190
223
|
for (const [key, value] of Object.entries(jsonArray[1])) {
|
|
191
224
|
if (key !== 'REMOTE_GPU_CLAIMS') {
|
|
192
|
-
throw new
|
|
225
|
+
throw new InvalidGpuTokenError(`The expected value does not match REMOTE_GPU_CLAIMS. ${key} found`);
|
|
193
226
|
}
|
|
194
227
|
if (Array.isArray(value)) {
|
|
195
228
|
for (const item of value) {
|
|
196
229
|
if (typeof item === 'object' && item !== null && !Array.isArray(item)) {
|
|
197
|
-
for (const
|
|
230
|
+
for (const v of Object.values(item)) {
|
|
198
231
|
try {
|
|
199
|
-
const
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
});
|
|
203
|
-
if (payload) {
|
|
204
|
-
gpus.push({
|
|
205
|
-
model: payload['hwmodel'],
|
|
206
|
-
driverVersion: payload['x-nvidia-gpu-driver-version'],
|
|
207
|
-
vbios: payload['x-nvidia-gpu-vbios-version'],
|
|
208
|
-
dbgStat: payload['dbgstat'] === 'disabled' ? false : true,
|
|
209
|
-
});
|
|
232
|
+
const decoded = jwt.decode(v, { complete: false, json: false });
|
|
233
|
+
if (!decoded || typeof decoded !== 'object') {
|
|
234
|
+
throw new InvalidGpuTokenError('Invalid token payload');
|
|
210
235
|
}
|
|
236
|
+
const parsed = NvidiaJwtPayloadSchema.safeParse(decoded);
|
|
237
|
+
if (!parsed.success) {
|
|
238
|
+
throw new InvalidGpuTokenError('Invalid Nvidia GPU token payload');
|
|
239
|
+
}
|
|
240
|
+
const payload = parsed.data;
|
|
241
|
+
gpus.push({
|
|
242
|
+
model: payload.hwmodel,
|
|
243
|
+
driverVersion: payload['x-nvidia-gpu-driver-version'],
|
|
244
|
+
vbios: payload['x-nvidia-gpu-vbios-version'],
|
|
245
|
+
dbgStat: payload.dbgstat !== 'disabled',
|
|
246
|
+
});
|
|
211
247
|
}
|
|
212
248
|
catch (err) {
|
|
213
249
|
continue;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nvtrust_wrapper.js","sourceRoot":"","sources":["../src/nvtrust_wrapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAsC;AACtC,gDAAkC;AAClC,2CAA6B;AAC7B,2BAA+B;AAC/B,mEAAqD;AAErD,mCAAqC;AACrC,kDAAoC;
|
|
1
|
+
{"version":3,"file":"nvtrust_wrapper.js","sourceRoot":"","sources":["../src/nvtrust_wrapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAsC;AACtC,gDAAkC;AAClC,2CAA6B;AAC7B,2BAA+B;AAC/B,mEAAqD;AAErD,mCAAqC;AACrC,kDAAoC;AACpC,6BAAwB;AAEX,QAAA,gBAAgB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiC9B,CAAC;AAEH,MAAM,sBAAsB,GAAG,OAAC,CAAC,MAAM,CAAC;IACtC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE;IACnB,6BAA6B,EAAE,OAAC,CAAC,MAAM,EAAE;IACzC,4BAA4B,EAAE,OAAC,CAAC,MAAM,EAAE;IACxC,OAAO,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAEH,MAAa,oBAAqB,SAAQ,KAAK;IAC7C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,SAAS,CAAC,CAAC;IAC9D,CAAC;CACF;AAND,oDAMC;AAED,MAAa,cAAc;IACR,MAAM,CAAS;IACf,SAAS,CAAS;IACnC,YAAY,MAAe,EAAE,SAAkB;QAC7C,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,MAAM,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,MAAM,CAAC;IACvC,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAAC,OAAe;QAClD,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,cAAS,CAAC,IAAI,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAExC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC1C,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAEtC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvB,MAAM,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,MAAM,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QACD,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,OAAgC;QACvD,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;QAC3E,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC1C,MAAM,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEvB,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,wBAAwB,CAAC,CAAC;YAClE,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,0BAA0B,CAAC,CAAC;YACpE,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC5B,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAE5B,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,EAAE,iBAAiB,CAAC,CAAC;YAEzE,OAAO,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBACjD,MAAM,aAAa,GAAG,IAAA,qBAAK,EAAC,UAAU,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE;oBACnE,GAAG,EAAE,MAAM;oBACX,OAAO,EAAE,IAAI,CAAC,SAAS;oBACvB,UAAU,EAAE,SAAS;iBACtB,CAAC,CAAC;gBAEH,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE;oBACnD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;wBACtB,QAAQ,MAAM,EAAE,CAAC;4BACf,KAAK,SAAS;gCACZ,MAAM,CAAC,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC,CAAC;gCACnE,MAAM;4BACR;gCACE,MAAM,CACJ,IAAI,KAAK,CAAC,yDAAyD,MAAM,EAAE,CAAC,CAC7E,CAAC;gCACF,MAAM;wBACV,CAAC;wBAED,OAAO;oBACT,CAAC;oBAED,IAAI,CAAC;wBACH,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;4BACnB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC;4BACrE,OAAO,CAAC,MAAM,CAAC,CAAC;wBAClB,CAAC;6BAAM,CAAC;4BACN,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,EAAE,OAAO,CAAC,CAAC;4BAC1E,MAAM,CAAC,IAAI,KAAK,CAAC,iBAAiB,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;wBACrD,CAAC;oBACH,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,kCAAmC,CAAW,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;oBACrF,CAAC;gBACH,CAAC,CAAC,CAAC;gBAEH,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;oBAClC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBACjE,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE;gBACpB,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAC3C,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,OAAO,GAAG,KAAK,CAAC,iBAAiB,CAAC,WAAW,CAAC;YAClD,QAAQ,EAAE,KAAK,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;SAC/C,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,aAAa;QAClB,OAAO,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,cAAc,CAAC,OAA2B;QAC9C,MAAM,OAAO,GAAG,KAAK,CAAC,iBAAiB,CAAC,WAAW,CAAC;YAClD,SAAS,EAAE,OAAO;SACnB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,OAA4B;QAC9C,MAAM,OAAO,GAAG,KAAK,CAAC,iBAAiB,CAAC,WAAW,CAAC;YAClD,aAAa,EAAE,OAAO;SACvB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC9C,OAAO,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,uBAAuB,CAAC,KAAwB;QACrD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,IAAI,GAAqB,EAAE,CAAC;QAClC,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACtD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxD,IAAI,GAAG,KAAK,mBAAmB,EAAE,CAAC;oBAChC,MAAM,IAAI,oBAAoB,CAC5B,wDAAwD,GAAG,QAAQ,CACpE,CAAC;gBACJ,CAAC;gBACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;wBACzB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;4BACtE,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,CAAS,IAAI,CAAC,EAAE,CAAC;gCAC5C,IAAI,CAAC;oCACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;oCAEhE,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;wCAC5C,MAAM,IAAI,oBAAoB,CAAC,uBAAuB,CAAC,CAAC;oCAC1D,CAAC;oCACD,MAAM,MAAM,GAAG,sBAAsB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;oCAEzD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wCACpB,MAAM,IAAI,oBAAoB,CAAC,kCAAkC,CAAC,CAAC;oCACrE,CAAC;oCAED,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;oCAC5B,IAAI,CAAC,IAAI,CAAC;wCACR,KAAK,EAAE,OAAO,CAAC,OAAO;wCACtB,aAAa,EAAE,OAAO,CAAC,6BAA6B,CAAC;wCACrD,KAAK,EAAE,OAAO,CAAC,4BAA4B,CAAC;wCAC5C,OAAO,EAAE,OAAO,CAAC,OAAO,KAAK,UAAU;qCACxC,CAAC,CAAC;gCACL,CAAC;gCAAC,OAAO,GAAG,EAAE,CAAC;oCACb,SAAS;gCACX,CAAC;4BACH,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,CAAC;IAClB,CAAC;CACF;AApMD,wCAoMC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@super-protocol/sp-nvtrust-wrapper",
|
|
3
|
-
"version": "1.0
|
|
3
|
+
"version": "1.1.0",
|
|
4
4
|
"description": "NodeJS wrapper for nvtrust",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -49,34 +49,35 @@
|
|
|
49
49
|
"@super-protocol/eslint-config-typescript": "^2.0.1",
|
|
50
50
|
"@types/jest": "^29.5.14",
|
|
51
51
|
"@types/jsonwebtoken": "^9.0.9",
|
|
52
|
+
"@types/node": "^16.10.3",
|
|
52
53
|
"jest": "^29.7.0",
|
|
53
|
-
"ts-jest": "^29.3.1"
|
|
54
|
+
"ts-jest": "^29.3.1",
|
|
55
|
+
"ts-proto": "^1.110.4"
|
|
54
56
|
},
|
|
55
57
|
"dependencies": {
|
|
56
|
-
"@types/node": "^16.10.3",
|
|
57
58
|
"jsonwebtoken": "^9.0.2",
|
|
58
|
-
"
|
|
59
|
+
"zod": "^3.24.3"
|
|
59
60
|
},
|
|
60
61
|
"jest": {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
62
|
+
"moduleFileExtensions": [
|
|
63
|
+
"js",
|
|
64
|
+
"json",
|
|
65
|
+
"ts"
|
|
66
|
+
],
|
|
67
|
+
"rootDir": "src",
|
|
68
|
+
"testRegex": ".*\\.spec\\.ts$",
|
|
69
|
+
"transform": {
|
|
70
|
+
"^.+\\.(t|j)s$": "ts-jest"
|
|
71
|
+
},
|
|
72
|
+
"collectCoverageFrom": [
|
|
73
|
+
"**/*.(t|j)s"
|
|
74
|
+
],
|
|
75
|
+
"coverageDirectory": "../coverage",
|
|
76
|
+
"testEnvironment": "node",
|
|
77
|
+
"transformIgnorePatterns": [
|
|
78
|
+
"/bindings/",
|
|
79
|
+
"/node_modules/",
|
|
80
|
+
"/dist/"
|
|
81
|
+
]
|
|
82
|
+
}
|
|
82
83
|
}
|
package/py/nvtrust_wrapper.py
CHANGED
|
@@ -14,7 +14,7 @@ def get_nvidia_topology():
|
|
|
14
14
|
|
|
15
15
|
result.gpuCount = nvmlHelper.get_number_of_gpus()
|
|
16
16
|
result.nvswitchCount = nvmlHelper.get_number_of_switches()
|
|
17
|
-
except:
|
|
17
|
+
except Exception as e:
|
|
18
18
|
pass
|
|
19
19
|
|
|
20
20
|
return result
|
|
@@ -44,8 +44,7 @@ def get_nras_token(params: proto.GetNRASToken):
|
|
|
44
44
|
evidence_list = []
|
|
45
45
|
if params.HasField('evidenceList') and len(params.evidenceList.evidence) > 0:
|
|
46
46
|
for evidence in params.evidenceList.evidence:
|
|
47
|
-
|
|
48
|
-
evidence_list.append({"certificate": evidence.certificate, "evidence": evidence.evidence})
|
|
47
|
+
evidence_list.append({"certificate": evidence.certificate, "evidence": evidence.evidence})
|
|
49
48
|
|
|
50
49
|
else:
|
|
51
50
|
evidence_list = client.get_evidence({ 'ppcie_mode': params.ppcieMode })
|
package/py/requirements.txt
CHANGED