@dooor-ai/trust
Version:
TEE Attestation and Confidential Computing utilities for Dooor OS
61 lines • 2.3 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.getDefaultAttestationToken = getDefaultAttestationToken;
exports.getCustomAttestationToken = getCustomAttestationToken;
exports.getAttestationToken = getAttestationToken;
const fs = require("fs");
const http = require("http");
const DEFAULT_TOKEN_PATH = '/run/container_launcher/attestation_verifier_claims_token';
const DEFAULT_SOCKET_PATH = '/run/container_launcher/teeserver.sock';
async function getDefaultAttestationToken() {
try {
if (fs.existsSync(DEFAULT_TOKEN_PATH)) {
return fs.readFileSync(DEFAULT_TOKEN_PATH, 'utf-8').trim();
}
return 'test-token-not-in-tee-environment';
}
catch {
return 'test-token-fallback';
}
}
function getCustomAttestationToken(opts) {
const { audience, nonces, tokenType = 'OIDC', socketPath = DEFAULT_SOCKET_PATH } = opts;
const requestBody = JSON.stringify({ audience, nonces, token_type: tokenType });
if (!fs.existsSync(socketPath)) {
const fallback = `test-custom-token-${audience}-${nonces.join('-')}`;
return Promise.resolve(fallback);
}
return new Promise((resolve, reject) => {
const req = http.request({
socketPath,
method: 'POST',
path: '/v1/token',
headers: {
'Content-Type': 'application/json',
'Content-Length': Buffer.byteLength(requestBody),
},
}, (res) => {
let data = '';
res.on('data', (chunk) => (data += chunk));
res.on('end', () => {
if (res.statusCode === 200) {
resolve(data);
}
else {
reject(new Error(`Custom token error: HTTP ${res.statusCode} - ${data}`));
}
});
});
req.on('error', (err) => reject(err));
req.write(requestBody);
req.end();
});
}
async function getAttestationToken(options) {
const { audience, nonces } = options;
if (nonces && nonces.length > 0) {
return getCustomAttestationToken({ audience, nonces, tokenType: options.tokenType });
}
return getDefaultAttestationToken();
}
//# sourceMappingURL=attestation.js.map