intel
diff --git a/‎.eslintrc‎
Lines changed: 6 additions & 3 deletions b/‎.eslintrc‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎Dockerfile‎
Lines changed: 11 additions & 8 deletions b/‎Dockerfile‎
Lines changed: 11 additions & 8 deletions
diff --git a/‎README.md‎
Lines changed: 17 additions & 4 deletions b/‎README.md‎
Lines changed: 17 additions & 4 deletions
@@ -10,6 +10,9 @@
     },
     "extends": "eslint:recommended",
     "root": true,
+    "plugins": [
+        "jsdoc"
+    ],
     // Before changing any rule below, please consult documentation (http://eslint.org/docs/rules/)
     "rules": {
 
@@ -47,7 +50,7 @@
         "no-unsafe-finally"           : "error",   // disallow control flow statements in finally blocks
         "no-unsafe-negation"          : "error",
         "use-isnan"                   : "error",   // require calls to isNaN() when checking for NaN
-        "valid-jsdoc"                 : "warn",    // enforce valid JSDoc comments
+        "jsdoc/valid-types"           : "warn",    // enforce valid JSDoc comments
         "valid-typeof"                : "error",   // enforce comparing typeof expressions against valid strings
 
         // Best Practices
@@ -138,7 +141,7 @@
         "no-undef"                   : "error", // disallow the use of undeclared variables unless mentioned in /*global */ comments
         "no-undef-init"              : "error", // disallow initializing variables to undefined
         "no-undefined"               : "off",   // disallow the use of undefined as an identifier
-        "no-unused-vars"             : [ "error", {  "varsIgnorePattern": "^_" } ],  // disallow unused variables
+        "no-unused-vars"             : [ "error", {  "varsIgnorePattern": "^_", "caughtErrors": "none" } ],  // disallow unused variables //TODO: consider removing "caughtErrors"
         "no-use-before-define"       : [ "error", { "functions": false, "classes": false } ],  // disallow the use of variables before they are defined
 
         // Node.js and CommonJS
@@ -227,7 +230,7 @@
         "padding-line-between-statements" : "error", // require or disallow padding lines between statements
         "quote-props"                     : [ "error", "consistent-as-needed", { "keywords": true } ],   // require quotes around object literal property names
         "quotes"                          : [ "error", "single", { "avoidEscape": true } ],   // enforce the consistent use of either backticks, double, or single quotes
-        "require-jsdoc"                   : [ "warn", { "require": { "FunctionDeclaration": true, "MethodDefinition": false, "ClassDeclaration": false } } ],   // require JSDoc comments   //TODO: it should be enabled
+        "jsdoc/require-jsdoc"             : [ "warn", { "require": { "FunctionDeclaration": true, "MethodDefinition": false, "ClassDeclaration": false } } ],   // require JSDoc comments   //TODO: it should be enabled
         "semi"                            : [ "error", "always" ],   // require or disallow semicolons instead of ASI
         "semi-spacing"                    : "error", // enforce consistent spacing before and after semicolons
         "sort-vars"                       : "off",   // require variables within the same declaration block to be sorted
 
@@ -26,8 +26,9 @@
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 # POSSIBILITY OF SUCH DAMAGE.
 #
+ARG REPO=""
 
-FROM node:lts-slim AS qvl-builder
+FROM ${REPO}node:lts-slim AS qvl-builder
 
 ENV DEBIAN_FRONTEND=noninteractive
 # install QVL dependencies
@@ -44,19 +45,21 @@ RUN apt-get update \
  && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
  && wget --progress=dot:giga https://github.com/openssl/openssl/releases/download/openssl-3.0.8/openssl-3.0.8.tar.gz -O /tmp/openssl.tar.gz \
  && echo "6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e /tmp/openssl.tar.gz" | sha256sum --check \
- && mkdir /tmp/openssl && cd /tmp/openssl \
- && tar -xzf /tmp/openssl.tar.gz --strip-components=1 -C /tmp/openssl \
- && ./Configure enable-fips && make -j${nproc} \
- && mkdir /tmp/fips && cp /tmp/openssl/providers/fips.so /tmp/fips && cp /tmp/openssl/providers/fipsmodule.cnf /tmp/fips \
- && rm -rf /tmp/openssl.tar.gz /tmp/openssl
+ && mkdir /tmp/openssl
+
+WORKDIR /tmp/openssl
+RUN tar -xzf "/tmp/openssl.tar.gz" --strip-components=1 -C "/tmp/openssl" \
+ && ./Configure enable-fips && make -j"$(nproc)" \
+ && mkdir "/tmp/fips" && cp "/tmp/openssl/providers/fips.so" "/tmp/fips" && cp "/tmp/openssl/providers/fipsmodule.cnf" "/tmp/fips" \
+ && rm -rf "/tmp/openssl.tar.gz" "/tmp/openssl"
 
 # copy QVL sources
 COPY build/qvls /qvl
 # build and test QVL
 WORKDIR /qvl
 RUN ./runUT -DBUILD_LOGS=ON
 
-FROM node:lts-slim AS qvs-builder
+FROM ${REPO}node:lts-slim AS qvs-builder
 ENV DEBIAN_FRONTEND=noninteractive
 RUN apt-get update \
  && apt-get upgrade --assume-yes -o Dpkg::Options::="--force-confold" \
@@ -112,7 +115,7 @@ COPY --from=qvs-builder-debug /qvs/native /native
 COPY --from=qvs-builder /qvs/src/node_modules /src/node_modules
 COPY --from=qvs-builder /qvs/test/node_modules /test/node_modules
 
-FROM node:lts-slim as app
+FROM ${REPO}node:lts-slim as app
 
 LABEL description="Quote Verification Service"
 
 
@@ -1,3 +1,15 @@
+## Deprecation notice
+
+This repository is going to be archived on 1st of October 2025.
+
+After that, repository will remain available in a read-only state for historical reference, Intel will not be addressing issues, reviewing pull requests, or making any updates going forward.
+
+If you are interested in building your own attestation infrastructure please refer to below solutions:
+- [Intel SGX DCAP with ECDSA-based attestation](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/attestation-services.html)
+- [TrusTEE](https://github.com/confidential-containers/trustee)
+
+---
+
 # Intel® Software Guard Extensions and Intel® Trust Domain Extensions Data Center Attestation Primitives (Intel® SGX and Intel® TDX DCAP) Quote Verification Service
 
 ## Introduction
@@ -7,7 +19,6 @@ It can be used as a part of [SGX attestation](https://www.intel.com/content/www/
 
 Service checks, that provided evidence comes from a genuine, non-revoked SGX/TDX capable platform on given TCB level and generates appriopriate JSON report. Based on that report and by verifying additional evidences (like: MRSIGNER, MRENCLAVE) client can decide whether to trust this enclave or not. 
 
-
 ### Service architecture overview
 
 ![QVS Diagram](diagram.png?raw=true "QVS Diagram")
@@ -32,6 +43,8 @@ QVS for demonstation purposes can be quickly configured and run with self-signed
     - ```$ sudo sh ./get-docker.sh```
  - [jq](https://jqlang.github.io/jq/)
     - ```$ sudo apt-get install jq``` (for Debian/Ubuntu)
+ - [QVL](https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary)
+   - ```$ git clone https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary.git ../QVL```
 
 ### Build
  Execute ```./build.sh```. This script will build QVL, QVS and SSS.
@@ -55,7 +68,7 @@ Using docker builders:
  - [Docker](https://www.docker.com/) (tested with version 20.10.11)
 Without docker:
  - [Node.js](https://nodejs.org/en/) (tested with version 16.13.1) with `npm` and `cmake-js` addon
- - install prerequisites from [QVL](https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary)
+ - download sources and install prerequisites from [QVL](https://github.com/intel/SGX-TDX-DCAP-QuoteVerificationLibrary)
 
 #### Install software dependencies
 For Ubuntu 18.04, the following command can be used to install all necessary software dependencies:
@@ -75,7 +88,7 @@ The build was tested on Ubuntu 18.04 and 20.04.
 
 Here, we assume that the [build prerequisites](#prerequisites-for-linux) are fulfilled. 
 
-Execute ```./build.sh```. This script will build QVL, QVS and finally will create Docker Images for QVS and SSS. 
+Execute ```./build.sh```. As the first argument you can provide path to QVL sources i.e. `./build.sh ../QVL` where `../QVL` is defualt. This script will build QVL, QVS and finally will create Docker Images for QVS and SSS. 
 As a result it creates two docker images: ```qvs:latest``` and ```sss:latest```
 
 Script will build:
@@ -204,7 +217,7 @@ curl --cacert ./configuration-default/certificates/qvs-cert.pem https://localhos
 | ------------ | ------------ | ------------ |
 |  QVS_ATTESTATION_REPORT_SIGNING_CA_CERTIFICATE |   | URL encoded CA certificate (in PEM format) of QVS_ATTESTATION_REPORT_SIGNING_CERTIFICATE. As part of chain it will be returned in `X-IASReport-Signing-Certificate` header to enable verifying report. |
 |  QVS_ATTESTATION_REPORT_SIGNING_CERTIFICATE |   |  URL encoded certificate (in PEM format) that Verification Crypto Service uses to sign reports. Also returned as part of chain in `X-IASReport-Signing-Certificate` header. |
-|  QVS_TRUSTED_ROOT_PUBLIC_KEY | 3059301306072a8648ce3d020106082a8648ce3d030107034200040ba9c4c0c0c86193a3fe23d6b02cda10a8bbd4e88e48b4458561a36e705525f567918e2edc88e40d860bd0cc4ee26aacc988e505a953558c453f6b0904ae7394  | Public key of CA certificate that is root for PCK certificate chain  |
+|  QVS_TRUSTED_ROOT_PUBLIC_KEY | \<root public key for https://api.portal.trustedservices.intel.com/provisioning-certification > | Subject Public Key Info of CA certificate that is root for PCK certificate chain  |
 
 ## API Documentation