tenzro-tee 0.1.0

TEE abstraction layer for Tenzro Network — Intel TDX, AMD SEV-SNP, AWS Nitro, NVIDIA GPU, Intel Tiber Trust Authority
Documentation

tenzro-tee

Hardware TEE (Trusted Execution Environment) abstraction layer for the Tenzro Network.

Overview

tenzro-tee provides a unified abstraction layer for multiple hardware TEE vendors, enabling secure computation, key management, and attestation across Intel TDX, AMD SEV-SNP, AWS Nitro Enclaves, and NVIDIA Confidential Computing platforms. The crate supports runtime detection of available TEE hardware and provides a consistent API across all vendors.

Modules

10 modules: attestation, certs, detection, enclave_crypto, error, registry, traits, intel_tdx (feature), amd_sev_snp (feature), aws_nitro (feature), nvidia_gpu (feature)

TEE Provider Abstraction

  • TeeProvider trait - Unified interface for all TEE vendors
  • TeeRegistry - Manages and tracks available TEE providers
  • AttestationVerifier - Verifies TEE attestation reports with X.509 certificate chains
  • detect_tee() - Runtime detection of available TEE hardware

Supported Vendors

  • Intel TDX - IntelTdxProvider for Intel Trust Domain Extensions
    • Real /dev/tdx-guest ioctl integration
    • TDREPORT to Quote pipeline
    • Intel PCS certificate chain verification
    • QE P-256 ECDSA signature verification over Quote[0..632] against the PCK leaf SPKI
  • AMD SEV-SNP - AmdSevSnpProvider for AMD Secure Encrypted Virtualization
    • Real /dev/sev-guest ioctl integration
    • SNP_GET_REPORT command
    • AMD KDS VCEK certificate fetching and ARK→ASK→VCEK chain verification
  • AWS Nitro - AwsNitroProvider for AWS Nitro Enclaves
    • Real NSM device (/dev/nsm) integration
    • CBOR attestation documents
    • COSE_Sign1 ES384 (P-384 ECDSA) signature verification per RFC 8152 §4.4 — rebuilds Sig_structure1 and verifies the 96-byte signature against the leaf cert SPKI
    • AWS Nitro root CA chain validation
  • NVIDIA GPU - NvidiaGpuProvider for NVIDIA Confidential Computing
    • Supports Hopper, Blackwell, and Ada Lovelace architectures
    • NRAS (NVIDIA Remote Attestation Service) HTTP API integration
    • GPU evidence collection and JWT token verification
    • SPDM-based measurements

Attestation

  • Hardware attestation report generation
  • Remote attestation verification
  • X.509 certificate chain validation with pinned vendor root CAs (Intel, AMD, AWS, NVIDIA)
  • TEE measurement verification
  • Validity period and key usage extension validation
  • Functions: verify_certificate_chain(), parse_x509_certificate(), verify_certificate_signature()

Enclave Encryption

  • Shared AES-256-GCM encryption module (enclave_crypto.rs) used by all vendors
  • Key derivation: HKDF-SHA256(key_id, vendor_tag) with domain separation
  • Wire format: nonce(12) || ciphertext || tag(16)
  • In production: keys sealed by hardware (MKTME/VMSA/KMS/CC memory)
  • In simulation: keys derived from key UUID

Simulation Support

  • Runtime detection via detect_tee() with automatic fallback
  • Environment variables for simulation: TENZRO_SIMULATE_TDX, TENZRO_SIMULATE_SEV_SNP, TENZRO_SIMULATE_NITRO, TENZRO_SIMULATE_GPU
  • Consistent API in both real and simulated modes

Feature Flags

Control which TEE vendors to compile:

  • intel-tdx - Enable Intel TDX support (requires reqwest)
  • amd-sev-snp - Enable AMD SEV-SNP support (requires reqwest)
  • aws-nitro - Enable AWS Nitro support
  • nvidia-gpu - Enable NVIDIA GPU support (requires reqwest)
  • intel-tiber - Enable Intel Tiber Trust Authority hosted attestation (implies intel-tdx)
  • all-tees - Enable all vendors (default)

Usage

Add to Cargo.toml:

[dependencies]
tenzro-tee = { path = "../tenzro-tee", features = ["all-tees"] }

Or select specific vendors:

[dependencies]
tenzro-tee = { path = "../tenzro-tee", features = ["intel-tdx", "nvidia-gpu"] }

Basic Usage

use tenzro_tee::{detect_tee, TeeRegistry, AttestationVerifier, TeeProvider};
use tenzro_types::tee::TeeVendor;

// Detect available TEE hardware
let tee_type = detect_tee()?;
println!("Detected TEE: {:?}", tee_type);

// Create a TEE registry
let mut registry = TeeRegistry::new();

// Register a provider
let provider_id = [0u8; 32];
registry.register_provider(provider_id, tee_type)?;

// Generate an attestation
let tee_provider = registry.get_provider(&tee_type)?;
let attestation = tee_provider.generate_attestation(b"nonce")?;

// Verify the attestation
let verifier = AttestationVerifier::new();
let is_valid = verifier.verify(&attestation)?;

Enclave Encryption

use tenzro_tee::enclave_crypto::{enclave_encrypt_aes256gcm, enclave_decrypt_aes256gcm};
use uuid::Uuid;

// Vendor tag binds the derived AES key to a specific TEE family.
// Use the vendor's `enclave_vendor_tag()` helper to obtain this (e.g. `b"intel-tdx"`).
let key_id = Uuid::new_v4();
let vendor_tag: &[u8] = b"intel-tdx";
let plaintext = b"sensitive data";

// Encrypt: nonce(12) || ciphertext || tag(16)
let ciphertext = enclave_encrypt_aes256gcm(&key_id, vendor_tag, plaintext)?;

// Decrypt with the same key_id + vendor_tag
let decrypted = enclave_decrypt_aes256gcm(&key_id, vendor_tag, &ciphertext)?;
assert_eq!(plaintext, &decrypted[..]);

Dependencies

  • tenzro-types - Shared types
  • tenzro-crypto - Cryptographic primitives
  • x509-cert - X.509 certificate parsing
  • p256, p384, rsa - Public key cryptography
  • der, spki, signature, ecdsa - Certificate chain verification
  • aes-gcm - AES-256-GCM encryption (enclave crypto)
  • sha2 - HKDF key derivation
  • reqwest - HTTP client for remote attestation services (Intel PCS, AMD KDS, NVIDIA NRAS)
  • libc - System calls for /dev/tdx-guest, /dev/sev-guest, /dev/nsm access
  • base64 - Base64 encoding for attestation documents
  • chrono - Certificate validity period checks
  • uuid - Key identifiers
  • dashmap, parking_lot - Concurrent registry management

Test Coverage

80 unit tests + 1 doc test covering:

  • Intel TDX attestation generation and verification
  • AMD SEV-SNP attestation and certificate chain validation
  • AWS Nitro attestation document parsing and signature verification
  • NVIDIA GPU attestation and NRAS integration
  • X.509 certificate chain verification with pinned root CAs
  • Enclave encryption and decryption (all vendors)
  • TEE detection and simulation fallback
  • Registry management and provider lookup

License

Licensed under either of:

at your option.