routex-settlement 0.1.1 → 0.1.3

package/index.d.ts

@@ -1,12 +1,14 @@
 export declare class KeySettlement {
     private _url;
     private _onErrorResponse;
+    private _onRequestError;
     private _secretKey;
     private _requirements;
     private _yaxiSigningKeys;
     private _serverKey?;
+    private _settlementPromise?;
     private _measurement?;
-    constructor(url: URL, onErrorResponse: (response: Response) => void);
+    constructor(url: URL, onErrorResponse: (response: Response) => void, onRequestError?: (e: Error) => never);
     private _settle;
     measurement(): Uint8Array | undefined;
     private _getServerKey;
@@ -14,6 +16,7 @@ export declare class KeySettlement {
     seal(plaintext: Uint8Array, settlementHeaders?: HeadersInit): Promise<Uint8Array>;
     unseal(ciphertext: Uint8Array): Uint8Array;
     private _verifyAttestation;
+    private _verifyTcbVersion;
     private _verifyReport;
     private _verifyVcekChain;
 }

package/index.js

@@ -9,12 +9,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { chacha20poly1305 } from "@noble/ciphers/chacha";
 import { bytesToUtf8 } from "@noble/ciphers/utils";
-import { bytesToNumberLE, equalBytes } from "@noble/curves/abstract/utils";
+import { equalBytes } from "@noble/curves/utils";
 import { ed25519, x25519 } from "@noble/curves/ed25519";
-import { blake2b } from "@noble/hashes/blake2b";
-import { p384 } from "@noble/curves/p384";
+import { blake2b } from "@noble/hashes/blake2";
+import { p384 } from "@noble/curves/nist";
 import { hkdf } from "@noble/hashes/hkdf";
-import { wrapConstructor } from "@noble/hashes/utils";
+import { createHasher } from "@noble/hashes/utils";
 import { sha256 } from "@noble/hashes/sha2";
 import * as x509 from "@peculiar/x509";
 import { AsnConvert } from "@peculiar/asn1-schema";
@@ -22,11 +22,16 @@ import { SubjectPublicKeyInfo } from "@peculiar/asn1-x509";
 const REQUIREMENTS = {
     Genoa: {
         minCommittedVersion: [0x1, 0x37, 0x26],
-        minCommitedTcbSnp: 0x16,
+        minCommittedTcbSnp: 0x16,
     },
     Milan: {
         minCommittedVersion: [0x1, 0x37, 0x16],
-        minCommitedTcbSnp: 0x17,
+        minCommittedTcbSnp: 0x17,
+    },
+    // for Turin: SB-3019 doesn't list a TCB[SNP] version in the mitigation, only firmware version
+    Turin: {
+        minCommittedVersion: [0x1, 0x37, 0x3b],
+        minCommittedTcbSnp: 0,
     },
 };
 const YAXI_SIGNING_KEYS = {
@@ -200,16 +205,100 @@ JZJ0+tuPMKmBnSH860llKk+VpVQsgqbzDIvOLvD6W1Umq25boxCYJ+TuBoa4s+HH
 CViAvgT9kf/rBq1d+ivj6skkHxuzcxbk1xv6ZGxrteJxVH7KlX7YRdZ6eARKwLe4
 AFZEAwoKCQ==
 -----END CERTIFICATE-----
+`),
+        // ARK-Turin
+        new x509.X509Certificate(`
+-----BEGIN CERTIFICATE-----
+MIIGiTCCBDigAwIBAgIDAwABMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC
+BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS
+BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg
+Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp
+Y2VzMRIwEAYDVQQDDAlBUkstVHVyaW4wHhcNMjMwNTE1MjAyNTIxWhcNNDgwNTE1
+MjAyNTIxWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS
+BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j
+ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJU0VWLVR1cmluMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAnvg5Grv2Emd9lAhKdO64RXU3UESb6JTm0Hhz
+evx1PyxinxYqJL329qTJM0XmdozLYb7rsHxgM5I2pU18M8gect2pN/YB2LQ1/bIq
+37TPDbg7ym0MN6KkZ6aERxAX0voYtdDyNxjDAUjpRpCe1FccAev/Es2n/Fz1G1Tm
+C2XepTQqaKpmt6mnDWSCHCVsQoY0gSibeaG6doM6OiNUCbKXaC7KHH5b/96BD1DJ
+84M+JHqPClFhHqUJwzKF5Qxj4wgWAZzK8UPhiNGjrF6+TBdlFGdSzEqw1jOrCTHd
+uYyLK+5OQ3OIw4S+vZeOVoxJajTIWdsqYP2DLc0HkL0qWOumEOrrc2/4DeETShB0
+MyIpH05kSalyQN2eN5P6ptOB84hddCdbJPEepnD+FqQap1ukw3K8uBcgeBSAF23r
+6UtT8Uc5h7MsWX3MoZiEHcSkDQQ8IedTk7CLjsK6S7b/lfKqfYiRhKgGkRvsEd/M
+DNcumHZKIgzasJwgagzSggiUo9jXp3EWm84fqyxNXzSutPB7qD5P/ULAB+q9Qgvr
+zC8XneaLP0MNrHhM80UejmsBTIktMvFoWVIelYDLdcoi0eMD5DRccfsgrYaY6h/+
+/qf9tgg+mX09UJpuSPRF38oyqnNNFMl5v/tWLgUsChPU6NCQC17Qaqr8mu2ynyyu
+HEs5JVUCAwEAAaOBozCBoDAdBgNVHQ4EFgQUbYJXt6v2sMgUALjxD0WvG9aq628w
+HwYDVR0jBBgwFoAUZKBfceMMCmTYO3XlAVmeK+4GA0QwEgYDVR0TAQH/BAgwBgEB
+/wIBADAOBgNVHQ8BAf8EBAMCAQQwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cHM6Ly9r
+ZHNpbnRmLmFtZC5jb20vdmNlay92MS9UdXJpbi9jcmwwRgYJKoZIhvcNAQEKMDmg
+DzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKID
+AgEwowMCAQEDggIBAAXWJ3DPahralt5kXLPMm9oKlFRqeU3HcS7kA+VBlBA1lQRU
+hXkbXnTvW1GZcgdZvNCB/VlET61KbCzoFIhPIESVjjb/xWX2kg3X0HHmh1EtCDbH
+aUFM5rq6l+S1h7qOauRZebvrwApDzAANvW0LTHRumfGm/kqh9NDtVCIWPUZ1VQIg
+Gx1T3dwmgOK8ncT1J3W5xIyS0Xu3KC6w7oBlq8G2pPgTcCBJ4JBCTXCEXiAAGaTR
+/TJIaSzoZFLhxYhCMjP8WQGToPGDK2i/lZhkcGHnJOQ+lgrXfpLGqBtLlS3QODyV
+P0MomczG4dqw3THP3Y8Aq9c2KE7SylAKsS/bBKCqkj4OrABkDSkMQEz3BBoFD63a
+D5ZG/Qiz+tmhnptyPVcweC9uJlSWYm25KiV4lT52uBjxatDZKQcrpdgcU8+ozzKU
+8ICnZPOwfWeyuNMq/juyd/rzg5IePyyvt+13aJ5MlZBXZxJKoxCYIMKUwZigf0Xs
+BteT8gw10/xk5smIFIB2ERtTQPMuTENgrPTUjOeiqmBg663c2dLVol+MDiT4ltqf
+Em4Kl/cc4f+H6bEwhj1QKAN2ipRf+mP0NfzJb+6ZHNsOvyq/WByYpLXV9JJoiDW/
+8RZwPU/Mn7IuQBauCy78G7FS0ta3q1et74faYBBgeJ6awEasa25CvmsmlU0R
+-----END CERTIFICATE-----
+`),
+        // SEV-Turin
+        new x509.X509Certificate(`
+-----BEGIN CERTIFICATE-----
+MIIGYzCCBBKgAwIBAgIDAwAAMEYGCSqGSIb3DQEBCjA5oA8wDQYJYIZIAWUDBAIC
+BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMKMDAgEBMHsxFDAS
+BgNVBAsMC0VuZ2luZWVyaW5nMQswCQYDVQQGEwJVUzEUMBIGA1UEBwwLU2FudGEg
+Q2xhcmExCzAJBgNVBAgMAkNBMR8wHQYDVQQKDBZBZHZhbmNlZCBNaWNybyBEZXZp
+Y2VzMRIwEAYDVQQDDAlBUkstVHVyaW4wHhcNMjMwNTE1MjAwMzEyWhcNNDgwNTE1
+MjAwMzEyWjB7MRQwEgYDVQQLDAtFbmdpbmVlcmluZzELMAkGA1UEBhMCVVMxFDAS
+BgNVBAcMC1NhbnRhIENsYXJhMQswCQYDVQQIDAJDQTEfMB0GA1UECgwWQWR2YW5j
+ZWQgTWljcm8gRGV2aWNlczESMBAGA1UEAwwJQVJLLVR1cmluMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAwaAriB7EIuVc4ZB1wD3YfDxL+9eyS7+izm0J
+j3W772NINCWl8Bj3w/JD2ZjmbRxWdIq/4d9iarCKorXloJUB1jRdgxqccTx1aOoi
+g4+2w1XhVVJT7K457wT5ZLNJgQaxqa9Etkwjd6+9sOhlCDE9l43kQ0R2BikVJa/u
+yyVOSwEk5w5tXKOuG9jvq6QtAMJasW38wlqRDaKEGtZ9VUgGon27ZuL4sTJuC/az
+z9/iQBw8kEilzOl95AiTkeY5jSEBDWbAqnZk5qlM7kISKG20kgQm14mhNKDI2p2o
+ua+zuAG7i52epoRF2GfU0TYk/yf+vCNB2tnechFQuP2e8bLk95ZdqPi9/UWw4JXj
+tdEA4u2JYplSSUPQVAXKt6LVqujtJcM59JKr2u0XQ75KwxcMp15gSXhBfInvPAwu
+AY4dEwwGqT8oIg4esPHwEsmChhYeDIxPG9R4fx9O0q6p8Gb+HXlTiS47P9YNeOpi
+dOUKzDl/S1OvyhDtSL8LJc24QATFydo/iD/KUdvFTRlD0crkAMkZLoWQ8hLDGc6B
+ZJXsdd7Zf2e4UW3tI/1oh/2t23Ot3zyhTcv5gDbABu0LjVe98uRnS15SMwK//lJt
+9e5BqKvgABkSoABf+B4VFtPVEX0ygrYaFaI9i5ABrxnVBmzXpRb21iI1NlNCfOGU
+PIhVpWECAwEAAaN+MHwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRkoF9x4wwK
+ZNg7deUBWZ4r7gYDRDAPBgNVHRMBAf8EBTADAQH/MDoGA1UdHwQzMDEwL6AtoCuG
+KWh0dHBzOi8va2RzaW50Zi5hbWQuY29tL3ZjZWsvdjEvVHVyaW4vY3JsMEYGCSqG
+SIb3DQEBCjA5oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZI
+AWUDBAICBQCiAwIBMKMDAgEBA4ICAQA/i6Mz4IETMK8YU/HxP7Bfej5i4aXhenJo
+TuiDX0nqx5CDJm9ELhskxAkJ/oLA1O92UoLybfFk4gEpKFtyfiUYex9LogZj5ix0
+sb2qfSSy9CRnOktGqfpel4e3KAhLgF5n2qZrqyq/8EPPldtSjEXn78sZMlIlUcQK
+SnnNCQZVFpktDfDiEiGNuitux3ghHUrcVuxSbZcrXDbsbMF7NDdfLUUS9TijrL33
+lrCXJs7m8kggGyCusiRQKHli1AEswiA4xU+8xsZrByYTopiGYtbJK8s0UCCXylyO
+uKSubvdAnMDJ5GDD0+DX46LSfv7fgGNSG+LOBWdif7KoQf9cIhKJtxGxZCn/tvHm
+wMzu4Jnx8N2vRnT+8DpBqhxtNvdXmrZUelSeQakx4djMKvmTR8Gd25EnC4RppCkj
+bmPxY3zPd1X7raalTn34EOF9DeLsC9JfzkDuojxpHWMm30wKnDo20mlDQk/zKCDa
+2Zc+YjtsTZCrTbvdgCukTKNZOUUVlWRu+sO/OwrmS2p16seHTIqHEbE1LntPv3gk
+CcHGDSUAKx9c0Aol+Dj9xpb2nmGqoDeJ59Ja6REkHCdw5TduXyqqMqfD1AX0/QDN
+devCMKlWBRCQ7DFlog3H1a+r/kuMUZ/Ij9yyKlSgYZMJ4VgNKDgTQdcsAL0MCEMr
+zpacMwFusA==
+-----END CERTIFICATE-----
 `),
     ],
 });
 export class KeySettlement {
-    constructor(url, onErrorResponse) {
+    constructor(url, onErrorResponse, onRequestError) {
         this._requirements = REQUIREMENTS;
         this._yaxiSigningKeys = YAXI_SIGNING_KEYS;
         this._url = url;
         this._onErrorResponse = onErrorResponse;
-        this._secretKey = x25519.utils.randomPrivateKey();
+        this._onRequestError =
+            onRequestError !== null && onRequestError !== void 0 ? onRequestError : ((e) => {
+                throw e;
+            });
+        this._secretKey = x25519.utils.randomSecretKey();
     }
     _settle(headers) {
         return __awaiter(this, void 0, void 0, function* () {
@@ -219,6 +308,10 @@ export class KeySettlement {
                 body: JSON.stringify({
                     publicKey: btoa(bytesToBinaryString(x25519.getPublicKey(this._secretKey))),
                 }),
+            })
+                .catch(this._onRequestError)
+                .finally(() => {
+                this._settlementPromise = undefined;
             });
             if (response.status >= 400) {
                 throw yield this._onErrorResponse(response);
@@ -226,10 +319,10 @@ export class KeySettlement {
             const responseData = yield response.json();
             const measurement = yield this._verifyAttestation(responseData);
             const settlementBoxMessage = JSON.parse(bytesToUtf8(this.unseal(binaryStringToBytes(atob(responseData.chachaBox)))));
-            this._serverKey = [
-                binaryStringToBytes(atob(settlementBoxMessage.publicKey)),
-                settlementBoxMessage.sessionId,
-            ];
+            this._serverKey = {
+                publicKey: binaryStringToBytes(atob(settlementBoxMessage.publicKey)),
+                base64SessionId: settlementBoxMessage.sessionId,
+            };
             this._measurement = measurement;
         });
     }
@@ -239,21 +332,25 @@ export class KeySettlement {
     _getServerKey(settlementHeaders) {
         return __awaiter(this, void 0, void 0, function* () {
             if (this._serverKey == null) {
-                yield this._settle(settlementHeaders);
+                if (this._settlementPromise == null) {
+                    this._settlementPromise = this._settle(settlementHeaders);
+                }
+                yield this._settlementPromise;
             }
             return this._serverKey;
         });
     }
     getBase64SessionId() {
         return __awaiter(this, arguments, void 0, function* (settlementHeaders = {}) {
-            return (yield this._getServerKey(settlementHeaders))[1];
+            return (yield this._getServerKey(settlementHeaders)).base64SessionId;
         });
     }
     seal(plaintext_1) {
         return __awaiter(this, arguments, void 0, function* (plaintext, settlementHeaders = {}) {
-            const serverPublicKey = (yield this._getServerKey(settlementHeaders))[0];
+            const serverPublicKey = (yield this._getServerKey(settlementHeaders))
+                .publicKey;
             const tagLength = 16;
-            const ephemeralSecretKey = x25519.utils.randomPrivateKey();
+            const ephemeralSecretKey = x25519.utils.randomSecretKey();
             const ephemeralPublicKey = x25519.getPublicKey(ephemeralSecretKey);
             const nonce = _getSealNonce(ephemeralPublicKey, serverPublicKey);
             const info = _getInfo(ephemeralPublicKey, serverPublicKey);
@@ -280,13 +377,15 @@ export class KeySettlement {
                 throw new Error("Data in attestation report doesn't match chacha box");
             }
             const encoder = new TextEncoder();
-            const launchMeasurement = binaryStringToBytes(atob(response.systemVersion.launchMeasurement));
+            const launchMeasurementInSystemVersion = binaryStringToBytes(atob(response.systemVersion.launchMeasurement));
             const input = new Uint8Array([
                 ...encoder.encode(response.systemVersion.kind),
                 ...encoder.encode(response.systemVersion.generation.toString()),
-                ...encoder.encode(response.systemVersion.createdAt.replace("Z", "+00:00")),
+                ...encoder.encode(
+                // clerk-report used to use Z for serialization, but not for the signature input
+                response.systemVersion.createdAt.replace("Z", "+00:00")),
                 ...encoder.encode(response.systemVersion.ref),
-                ...launchMeasurement,
+                ...launchMeasurementInSystemVersion,
             ]);
             const key = this._yaxiSigningKeys[response.systemVersion.signature.keyId];
             if (key == null) {
@@ -295,36 +394,108 @@ export class KeySettlement {
             if (!ed25519.verify(binaryStringToBytes(atob(response.systemVersion.signature.value)), input, key)) {
                 throw new Error("Verification failed: Invalid system version signature");
             }
-            if (!equalBytes(attestationReport.slice(REPORT_OFFSETS.measurement, REPORT_OFFSETS.measurement + 48), launchMeasurement)) {
+            if (!equalBytes(attestationReport.slice(REPORT_OFFSETS.measurement, REPORT_OFFSETS.measurement + 48), launchMeasurementInSystemVersion)) {
                 throw new Error("Reported measurement doesn't match expected measurement");
             }
-            return launchMeasurement;
+            return launchMeasurementInSystemVersion;
+        });
+    }
+    _verifyTcbVersion(attestationReport, vcekTcb) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const versionBytes = attestationReport.slice(0, 4);
+            const version = new DataView(versionBytes.buffer).getInt32(0, true);
+            let turinLike;
+            switch (version) {
+                case 0:
+                case 1:
+                    throw new Error("Unsupported Attestation Report Version");
+                case 2: {
+                    const chipId = attestationReport.slice(REPORT_OFFSETS.chipId, 64);
+                    if (equalBytes(chipId, new Uint8Array(64))) {
+                        throw new Error("Could not derive CPU family: MASK_CHIP_ID enabled");
+                    }
+                    turinLike = equalBytes(chipId.slice(8), new Uint8Array(56));
+                    break;
+                }
+                default: // from version 3 onwards CPUID_FAM_ID field should exist
+                    turinLike = attestationReport[REPORT_OFFSETS.cpuIdFamily] == 0x1a;
+            }
+            const reportedTcb = attestationReport.slice(REPORT_OFFSETS.reportedTcb, REPORT_OFFSETS.reportedTcb + 8);
+            let tcb;
+            if (turinLike) {
+                tcb = {
+                    microcode: reportedTcb[7],
+                    snp: reportedTcb[3],
+                    tee: reportedTcb[2],
+                    bootloader: reportedTcb[1],
+                    fmc: reportedTcb[0],
+                };
+            }
+            else {
+                tcb = {
+                    microcode: reportedTcb[7],
+                    snp: reportedTcb[6],
+                    tee: reportedTcb[1],
+                    bootloader: reportedTcb[0],
+                    fmc: 0,
+                };
+            }
+            if (!(tcb.microcode === vcekTcb.microcode &&
+                tcb.snp === vcekTcb.snp &&
+                tcb.tee === vcekTcb.tee &&
+                tcb.bootloader === vcekTcb.bootloader &&
+                tcb.fmc === vcekTcb.fmc)) {
+                throw new Error("Verification failed: REPORTED_TCB doesn't match with VCEK's TCB_VERSION");
+            }
         });
     }
     _verifyReport(attestationReport, vcekChain) {
         return __awaiter(this, void 0, void 0, function* () {
-            const { requirements, publicKey } = yield this._verifyVcekChain(vcekChain);
-            const sig = {
-                r: bytesToNumberLE(attestationReport.slice(REPORT_OFFSETS.signatureR, REPORT_OFFSETS.signatureR + 48)),
-                s: bytesToNumberLE(attestationReport.slice(REPORT_OFFSETS.signatureS, REPORT_OFFSETS.signatureS + 48)),
-            };
-            if (!p384.verify(sig, attestationReport.slice(0, 672), new Uint8Array(publicKey), { prehash: true })) {
+            if (attestationReport.length != 1184) {
+                throw new Error(`Attestation report has unexpected length: ${attestationReport.length}`);
+            }
+            const { requirements, publicKey, vcekTcb } = yield this._verifyVcekChain(vcekChain);
+            if (!equalBytes(attestationReport.slice(REPORT_OFFSETS.signatureR + 48, REPORT_OFFSETS.signatureR + 72), new Uint8Array(24)) ||
+                !equalBytes(attestationReport.slice(REPORT_OFFSETS.signatureS + 48, REPORT_OFFSETS.signatureS + 72), new Uint8Array(24))) {
+                throw new Error("Unexpected signature bits");
+            }
+            const sig = new Uint8Array(96);
+            sig.set(attestationReport
+                .slice(REPORT_OFFSETS.signatureR, REPORT_OFFSETS.signatureR + 48)
+                // Change endianness
+                .reverse(), 0);
+            sig.set(attestationReport
+                .slice(REPORT_OFFSETS.signatureS, REPORT_OFFSETS.signatureS + 48)
+                // Change endianness
+                .reverse(), 48);
+            let valid;
+            try {
+                valid = p384.verify(sig, attestationReport.slice(0, 672), new Uint8Array(publicKey), { lowS: false });
+            }
+            catch (_a) {
+                valid = false;
+            }
+            if (!valid) {
                 throw new Error("Verification failed: Invalid attestation report signature");
             }
-            if ((attestationReport[REPORT_OFFSETS.platInfo] & (1 << 5)) == 0) {
+            if ((attestationReport[REPORT_OFFSETS.platInfo] &
+                (1 << PLATFORM_INFO_BITS.aliasCheckComplete)) ===
+                0) {
                 throw new Error("Verification failed: Alias check complete is false");
             }
-            if ([
-                attestationReport[REPORT_OFFSETS.committedMajor],
-                attestationReport[REPORT_OFFSETS.committedMinor],
-                attestationReport[REPORT_OFFSETS.committedBuild],
-            ] < requirements.minCommittedVersion) {
+            if (attestationReport[REPORT_OFFSETS.committedMajor] <
+                requirements.minCommittedVersion[0] ||
+                attestationReport[REPORT_OFFSETS.committedMinor] <
+                    requirements.minCommittedVersion[1] ||
+                attestationReport[REPORT_OFFSETS.committedBuild] <
+                    requirements.minCommittedVersion[2]) {
                 throw new Error("Verification failed: Firmware version too small");
             }
             if (attestationReport[REPORT_OFFSETS.committedTcbSnp] <
-                requirements.minCommitedTcbSnp) {
+                requirements.minCommittedTcbSnp) {
                 throw new Error("Verification failed: SNP patch level too small");
             }
+            yield this._verifyTcbVersion(attestationReport, vcekTcb);
         });
     }
     _verifyVcekChain(vcek) {
@@ -340,39 +511,54 @@ export class KeySettlement {
             if (chain.length != 3) {
                 throw new Error(`Certificate chain verification failed\n\nChain: ${chain}`);
             }
-            const productExt = chain[0].extensions.find((ext) => ext.type == "1.3.6.1.4.1.3704.1.2");
-            if (!productExt) {
-                throw new Error(`Could not find product name\n\nExtensions: ${chain[0].extensions}`);
+            const find_extension = (oid, type) => {
+                const ext = chain[0].extensions.find((ext) => ext.type == oid);
+                if (!ext) {
+                    throw new Error(`Could not find ${type}\n\nExtensions: ${chain[0].extensions}`);
+                }
+                return new Uint8Array(ext.value);
+            };
+            const productIA5String = find_extension("1.3.6.1.4.1.3704.1.2", "product name");
+            if (productIA5String[0] !== 0x16) {
+                throw new Error(`Unexpected product extension: ${productIA5String}`);
             }
-            const product = String.fromCharCode(...new Uint8Array(productExt.value.slice(2))).split("-", 1)[0];
-            if (!(product in this._requirements)) {
+            const product = String.fromCharCode(...productIA5String.slice(2)).split("-", 1)[0];
+            if (!Object.prototype.hasOwnProperty.call(this._requirements, product)) {
                 throw new Error(`Unexpected product: ${product}`);
             }
             const subjectPublicKeyInfo = AsnConvert.parse(chain[0].publicKey.rawData, SubjectPublicKeyInfo);
+            const bootloader = find_extension("1.3.6.1.4.1.3704.1.3.1", "bootloader version")[2];
+            const tee = find_extension("1.3.6.1.4.1.3704.1.3.2", "TEE")[2];
+            const snp = find_extension("1.3.6.1.4.1.3704.1.3.3", "SNP version")[2];
+            const microcode = find_extension("1.3.6.1.4.1.3704.1.3.8", "microcode")[2];
+            const tcb = {
+                bootloader: bootloader,
+                tee: tee,
+                snp: snp,
+                microcode: microcode,
+                fmc: 0,
+            };
+            const fmc = chain[0].extensions.find((ext) => ext.type == "1.3.6.1.4.1.3704.1.3.9");
+            if (fmc) {
+                tcb.fmc = new Uint8Array(fmc.value)[2];
+            }
             return {
                 requirements: this._requirements[product],
                 publicKey: new Uint8Array(subjectPublicKeyInfo.subjectPublicKey),
+                vcekTcb: tcb,
             };
         });
     }
 }
 export function binaryStringToBytes(binaryString) {
-    const byteArray = new Uint8Array(binaryString.length);
-    for (let i = 0; i < binaryString.length; i++) {
-        byteArray[i] = binaryString.charCodeAt(i);
-    }
-    return byteArray;
+    return Uint8Array.from(binaryString, (c) => c.charCodeAt(0));
 }
 export function bytesToBinaryString(bytes) {
-    let binaryString = "";
-    for (let i = 0; i < bytes.length; i++) {
-        binaryString += String.fromCharCode(bytes[i]);
-    }
-    return binaryString;
+    return String.fromCharCode.apply(null, [...bytes]);
 }
 function _createCipher(publicKey, secretKey, info, nonce) {
     const sharedSecret = x25519.getSharedSecret(secretKey, publicKey);
-    const key = hkdf(wrapConstructor(() => blake2b.create({ dkLen: 64 })), sharedSecret, Uint8Array.from([]), info, 32);
+    const key = hkdf(createHasher(() => blake2b.create({ dkLen: 64 })), sharedSecret, Uint8Array.from([]), info, 32);
     return chacha20poly1305(key, nonce);
 }
 function _getInfo(ephemeralPublicKey, recipientPublicKey) {
@@ -393,6 +579,9 @@ const REPORT_OFFSETS = {
     platInfo: 64,
     reportData: 80,
     measurement: 144,
+    reportedTcb: 384,
+    cpuIdFamily: 392,
+    chipId: 416,
     committedTcbSnp: 486,
     committedBuild: 492,
     committedMinor: 493,
@@ -400,3 +589,6 @@ const REPORT_OFFSETS = {
     signatureR: 672,
     signatureS: 744,
 };
+const PLATFORM_INFO_BITS = {
+    aliasCheckComplete: 5,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "routex-settlement",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "Key settlement for the YAXI routex client",
   "homepage": "https://yaxi.tech",
   "author": "YAXI GmbH",
@@ -16,13 +16,14 @@
   "scripts": {
     "build": "tsc --build",
     "clean": "tsc --build --clean",
+    "fmt": "prettier --write .",
     "lint": "eslint",
     "test": "tsc --build && NODE_OPTIONS=\"$NODE_OPTIONS --experimental-vm-modules\" jest"
   },
   "dependencies": {
-    "@noble/ciphers": "^1.2.1",
-    "@noble/curves": "^1.8.1",
-    "@noble/hashes": "^1.7.1",
+    "@noble/ciphers": "^2.0.0",
+    "@noble/curves": "^2.0.0",
+    "@noble/hashes": "^2.0.0",
     "@peculiar/asn1-schema": "^2.3.15",
     "@peculiar/asn1-x509": "^2.3.15",
     "@peculiar/x509": "^1.12.3"
@@ -31,7 +32,8 @@
     "@eslint/js": "^9.21.0",
     "eslint": "^9.21.0",
     "globals": "^16.0.0",
-    "jest": "^29.7.0",
+    "jest": "^30.1.3",
+    "prettier": "^3.6.2",
     "typescript": "^5.7.3",
     "typescript-eslint": "^8.24.1"
   }