		const { version } = require('../package.json');

		const DEFAULT_API_URL = 'https://api.evervault.com';
		const DEFAULT_CAGE_RUN_URL = 'https://run.evervault.com';
		const DEFAULT_FUNCTION_RUN_URL = 'https://run.evervault.com';
		const DEFAULT_TUNNEL_HOSTNAME = 'https://relay.evervault.com:443';
		const DEFAULT_CA_HOSTNAME = 'https://ca.evervault.com';
		const DEFAULT_CAGES_CA_HOSTNAME = 'https://cages-ca.evervault.com';
		const DEFAULT_CAGES_HOSTNAME = 'cages.evervault.com';
		const DEFAULT_POLL_INTERVAL = 5;
		@@ -12,3 +14,3 @@
		baseUrl: process.env.EV_API_URL \|\| DEFAULT_API_URL,
		cageRunUrl: process.env.EV_CAGE_RUN_URL \|\| DEFAULT_CAGE_RUN_URL,
		functionRunUrl: process.env.EV_CAGE_RUN_URL \|\| DEFAULT_FUNCTION_RUN_URL,
		headers: {
		@@ -21,2 +23,5 @@ 'API-KEY': apikey,
		certHostname: process.env.EV_CERT_HOSTNAME \|\| DEFAULT_CA_HOSTNAME,
		cagesCertHostname:
		process.env.EV_CAGE_CERT_HOSTNAME \|\| DEFAULT_CAGES_CA_HOSTNAME,
		cagesHostname: process.env.EV_CAGES_HOSTNAME \|\| DEFAULT_CAGES_HOSTNAME,
		pollInterval: process.env.EV_POLL_INTERVAL \|\| DEFAULT_POLL_INTERVAL,
		@@ -23,0 +28,0 @@ },

lib/core/crypto.js

		@@ -270,3 +270,3 @@ const crypto = require('crypto');

		return { encrypt, getSharedSecret };
		return { encrypt, getSharedSecret, generateBytes };
		};

lib/core/http.js

		@@ -52,2 +52,24 @@ const { errors } = require('../utils');

		const getCagesCert = async () => {
		const response = await phin({
		url: `${config.cagesCertHostname}/cages-ca.crt`,
		method: 'GET',
		parse: 'cer',
		})
		.catch(() => {
		// Blindly retry
		return phin({
		url: config.cagesCertHostname,
		method: 'GET',
		parse: 'cer',
		});
		})
		.catch((err) => {
		throw new errors.CertError(
		`Unable to download cert from ${config.cagesCertHostname} (${err.message})`
		);
		});
		return response.body;
		};

		const getRelayOutboundConfig = async () => {
		@@ -85,3 +107,3 @@ const response = await get('v2/relay-outbound').catch((e) => {
		return post(
		`${config.cageRunUrl}/${cageName}`,
		`${config.functionRunUrl}/${cageName}`,
		{
		@@ -113,2 +135,3 @@ ...payload,
		getCert,
		getCagesCert,
		createRunToken,
		@@ -115,0 +138,0 @@ getRelayOutboundConfig,

lib/index.js

		@@ -15,7 +15,6 @@ const crypto = require('crypto');
		httpsHelper,
		cageAttest,
		} = require('./utils');
		const Config = require('./config');
		const { Crypto, Http, RelayOutboundConfig } = require('./core');
		const { threadId } = require('worker_threads');
		const { cp } = require('fs');

		@@ -66,2 +65,18 @@ const originalRequest = https.request;

		async enableCagesBeta(cagesAttestationData) {
		if (cageAttest.hasAttestationBindings()) {
		await cageAttest.trustCagesRootCA(this.http);
		cageAttest.addAttestationListener(this.config.http, cagesAttestationData);
		} else {
		console.error(
		'EVERVAULT ERROR :: Cannot enable Cages Beta without installing the Evervault attestation bindings'
		);
		}
		}

		async generateNonce() {
		const nonce = await this.crypto.generateBytes(16);
		return nonce.toString('base64').replaceAll(/=\|\//g, '');
		}

		async _shouldOverloadHttpModule(options, apiKey) {
		@@ -130,7 +145,9 @@ // DEPRECATED: Remove this method in next major version
		_alwaysIgnoreDomains() {
		const cagesHost = new URL(this.config.http.cageRunUrl).host;
		const functionsHost = new URL(this.config.http.functionRunUrl).host;
		const caHost = new URL(this.config.http.certHostname).host;
		const apiHost = new URL(this.config.http.baseUrl).host;
		const cagesCaHost = new URL(this.config.http.cagesCertHostname).host;
		const cagesHost = this.config.http.cagesHostname;

		return [cagesHost, caHost, apiHost];
		return [functionsHost, cagesCaHost, caHost, apiHost, cagesHost];
		}
		@@ -137,0 +154,0 @@

lib/utils/errors.js

		@@ -26,2 +26,4 @@ class EvervaultError extends Error {

		class CageAttestationError extends EvervaultError {}

		const mapApiResponseToError = ({ statusCode, body, headers }) => {
		@@ -65,2 +67,3 @@ if (statusCode === 401) return new ApiKeyError('Invalid Api Key provided.');
		RelayOutboundConfigError,
		CageAttestationError,
		};

lib/utils/index.js

		@@ -11,2 +11,3 @@ module.exports = {
		httpsHelper: require('./httpsHelper'),
		cageAttest: require('./cageAttest'),
		};

package.json

		{
		"name": "@evervault/sdk",
		"version": "3.6.0",
		"version": "3.7.0",
		"description": "Node.js SDK for Evervault",
		@@ -10,2 +10,3 @@ "main": "lib/index.js",
		"test": "mocha 'tests/*/.test.js'",
		"test:filter": "mocha 'tests/*/.test.js' --grep",
		"test:coverage": "nyc --reporter=text npm run test"
		@@ -72,3 +73,6 @@ },
		}
		},
		"optionalDependencies": {
		"evervault-attestation-bindings": "^0.1.0-alpha.2"
		}
		}

README.md

		@@ -44,4 +44,12 @@ [![Evervault](https://evervault.com/evervault.svg)](https://evervault.com/)
		// Send the decrypted data to a third-party API
		await evervaultClient.enableOutboundRelay()
		const response = await axios.post('https://example.com', encrypted)
		await evervaultClient.enableOutboundRelay();
		const response = await axios.post('https://example.com', encrypted);

		// Enable the Cages beta client
		await evervaultClient.enableCagesBeta({ 'my-cage': { pcr8: '...' } });
		// This connection will be attested by the Cages beta client
		const response = await axios.post(
		'https://my-cage.my-app.cages.evervault.com',
		encrypted
		);
		```
		@@ -73,7 +81,7 @@

		\| Parameter \| Type \| Description \|
		\| --------- \| ------ \| --------------------------------------------- \|
		\| functionName \| String \| Name of the Function to be run \|
		\| data \| Object \| Payload for the Function \|
		\| options \| Object \| [Options for the Function run](#Function-Run-Options) \|
		\| Parameter \| Type \| Description \|
		\| ------------ \| ------ \| ----------------------------------------------------- \|
		\| functionName \| String \| Name of the Function to be run \|
		\| data \| Object \| Payload for the Function \|
		\| options \| Object \| [Options for the Function run](#Function-Run-Options) \|

		@@ -84,5 +92,5 @@ #### Function Run Options

		\| Option \| Type \| Default \| Description \|
		\| ------- \| ------- \| --------- \| ------------------------------------------------------------------------------------ \|
		\| async \| Boolean \| false \| Run your Function in async mode. Async Function runs will be queued for processing. \|
		\| Option \| Type \| Default \| Description \|
		\| ------- \| ------- \| --------- \| ---------------------------------------------------------------------------------------- \|
		\| async \| Boolean \| false \| Run your Function in async mode. Async Function runs will be queued for processing. \|
		\| version \| Number \| undefined \| Specify the version of your Function to run. By default, the latest version will be run. \|
		@@ -98,10 +106,10 @@

		\| Parameter \| Type \| Description \|
		\| ------------- \| ------ \| -------------------------------------------------------- \|
		\| functionName \| String \| Name of the Function the run token should be created for \|
		\| data \| Object \| Payload that the token can be used with \|
		\| Parameter \| Type \| Description \|
		\| ------------ \| ------ \| -------------------------------------------------------- \|
		\| functionName \| String \| Name of the Function the run token should be created for \|
		\| data \| Object \| Payload that the token can be used with \|

		### evervault.enableOutboundRelay()

		`evervault.enableOutboundRelay()` configures your application to proxy HTTP requests using Outbound Relay based on the configuration created in the Evervault dashboard. See [Outbound Relay](https://docs.evervault.com/concepts/outbound-relay/overview) to learn more.
		`evervault.enableOutboundRelay()` configures your application to proxy HTTP requests using Outbound Relay based on the configuration created in the Evervault dashboard. See [Outbound Relay](https://docs.evervault.com/concepts/outbound-relay/overview) to learn more.

		@@ -112,7 +120,29 @@ ```javascript

		\| Option \| Type \| Default \| Description \|
		\| --------------------- \| --------- \| ----------- \| ---------------------------------------------------------------------------------------- \|
		\| `decryptionDomains` \| `Array` \| `undefined` \| Requests sent to any of the domains listed will be proxied through Outbound Relay. This will override the configuration created in the Evervault dashboard. \|
		\| `debugRequests` \| `Boolean` \| `False` \| Output request domains and whether they were sent through Outbound Relay. \|
		\| Option \| Type \| Default \| Description \|
		\| ------------------- \| --------- \| ----------- \| ----------------------------------------------------------------------------------------------------------------------------------------------------------- \|
		\| `decryptionDomains` \| `Array` \| `undefined` \| Requests sent to any of the domains listed will be proxied through Outbound Relay. This will override the configuration created in the Evervault dashboard. \|
		\| `debugRequests` \| `Boolean` \| `False` \| Output request domains and whether they were sent through Outbound Relay. \|

		### evervault.enableCagesBeta()

		`evervault.enableCagesBeta()` configures your client to automatically attest any requests to Cages. See the [Cage attestation docs](https://docs.evervault.com/products/cages#how-does-attestation-work-with-cages) to learn more.

		```javascript
		async evervault.enableCagesBeta([cageAttestationData: Object])
		```

		\| Key \| Type \| Default \| Description \|
		\| ------------ \| -------- \| ----------- \| --------------------------------------------------------------------------------------------------------------------------------------------------------- \|
		\| `<CageName>` \| `Object` \| `undefined` \| Requests to a Cage specified in this object will include a check to verify that the PCRs provided in the object are included in the attestation document. \|

		#### Cages Beta Example

		```javascript
		await evervault.enableCagesBeta({
		'hello-cage': {
		pcr8: '97c5395a83c0d6a04d53ff962663c714c178c24500bf97f78456ed3721d922cf3f940614da4bb90107c439bc4a1443ca',
		},
		});
		```

		## Contributing
		@@ -119,0 +149,0 @@

@evervault/sdk - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics