1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62

/* automatically generated by rust-bindgen 0.66.1 */

extern "C" {
    #[doc = " When the Quoting Verification Library is linked to a process, it needs to know the proper enclave loading policy.\n The library may be linked with a long lived process, such as a service, where it can load the enclaves and leave\n them loaded (persistent). This better ensures that the enclaves will be available upon quote requests and not subject\n to EPC limitations if loaded on demand. However, if the QVL is linked with an application process, there may be many\n applications with the QVL and a better utilization of EPC is to load and unloaded the quote verification enclaves on\n demand (ephemeral).  The library will be shipped with a default policy of loading enclaves and leaving\n them loaded until the library is unloaded (PERSISTENT). If the policy is set to EPHEMERAL, then the QvE will\n be loaded and unloaded on-demand.\n Supported policies:\n  SGX_QL_EPHEMERAL - Default policy. QvE is initialized and terminated on every quote verification function call.\n  SGX_QL_PERSISTENT - All the threads will share single QvE instance, and QvE is initialized on first use and reused until process ends.\n  SGX_QL_EPHEMERAL_QVE_MULTI_THREAD - QvE is loaded per thread and be unloaded before function exit.\n  SGX_QL_PERSISTENT_QVE_MULTI_THREAD - QvE is loaded per thread and only be unloaded before thread exit.\n\n NOTE: QvE load policy should be only set once in one process, otherwise, this function will return error SGX_QL_UNSUPPORTED_LOADING_POLICY.\n\n @param policy Sets the requested enclave loading policy to either SGX_QL_PERSISTENT, SGX_QL_EPHEMERAL or SGX_QL_DEFAULT.\n\n @return SGX_QL_SUCCESS Successfully set the enclave loading policy for the quoting library's enclaves.\n @return SGX_QL_UNSUPPORTED_LOADING_POLICY The selected policy is not supported or it has been set once.\n"]
    pub fn sgx_qv_set_enclave_load_policy(policy: sgx_ql_request_policy_t) -> quote3_error_t;
}
extern "C" {
    #[doc = " Get supplemental data required size.\n @param p_data_size[OUT] - Pointer to hold the size of the buffer in bytes required to contain all of the supplemental data.\n\n @return Status code of the operation, one of:\n      - SGX_QL_SUCCESS\n      - SGX_QL_ERROR_INVALID_PARAMETER\n      - SGX_QL_ERROR_QVL_QVE_MISMATCH\n      - SGX_QL_ENCLAVE_LOAD_ERROR"]
    pub fn sgx_qv_get_quote_supplemental_data_size(p_data_size: *mut u32) -> quote3_error_t;
}
extern "C" {
    #[doc = " Perform ECDSA quote verification.\n\n @param p_quote[IN] - Pointer to SGX Quote.\n @param quote_size[IN] - Size of the buffer pointed to by p_quote (in bytes).\n @param p_quote_collateral[IN] - This is a pointer to the Quote Certification Collateral provided by the caller.\n @param expiration_check_date[IN] - This is the date that the QvE will use to determine if any of the inputted collateral have expired.\n @param p_collateral_expiration_status[OUT] - Address of the outputted expiration status.  This input must not be NULL.\n @param p_quote_verification_result[OUT] - Address of the outputted quote verification result.\n @param p_qve_report_info[IN/OUT] - This parameter can be used in 2 ways.\n        If p_qve_report_info is NOT NULL, the API will use Intel QvE to perform quote verification, and QvE will generate a report using the target_info in sgx_ql_qe_report_info_t structure.\n        if p_qve_report_info is NULL, the API will use QVL library to perform quote verification, note that the results can not be cryptographically authenticated in this mode.\n @param supplemental_data_size[IN] - Size of the buffer pointed to by p_quote (in bytes).\n @param p_supplemental_data[OUT] - The parameter is optional.  If it is NULL, supplemental_data_size must be 0.\n\n @return Status code of the operation, one of:\n      - SGX_QL_SUCCESS\n      - SGX_QL_ERROR_INVALID_PARAMETER\n      - SGX_QL_QUOTE_FORMAT_UNSUPPORTED\n      - SGX_QL_QUOTE_CERTIFICATION_DATA_UNSUPPORTED\n      - SGX_QL_UNABLE_TO_GENERATE_REPORT\n      - SGX_QL_CRL_UNSUPPORTED_FORMAT\n      - SGX_QL_ERROR_UNEXPECTED"]
    pub fn sgx_qv_verify_quote(
        p_quote: *const u8,
        quote_size: u32,
        p_quote_collateral: *const sgx_ql_qve_collateral_t,
        expiration_check_date: time_t,
        p_collateral_expiration_status: *mut u32,
        p_quote_verification_result: *mut sgx_ql_qv_result_t,
        p_qve_report_info: *mut sgx_ql_qe_report_info_t,
        supplemental_data_size: u32,
        p_supplemental_data: *mut u8,
    ) -> quote3_error_t;
}
extern "C" {
    #[doc = " Call quote provider library to get QvE identity.\n\n @param pp_qveid[OUT] - Pointer to the pointer of QvE identity\n @param p_qveid_size[OUT] -  Pointer to the size of QvE identity\n @param pp_qveid_issue_chain[OUT] - Pointer to the pointer QvE identity certificate chain\n @param p_qveid_issue_chain_size[OUT] - Pointer to the QvE identity certificate chain size\n @param pp_root_ca_crl[OUT] - Pointer to the pointer of Intel Root CA CRL\n @param p_root_ca_crl_size[OUT] - Pointer to the Intel Root CA CRL size\n\n @return Status code of the operation, one of:\n      - SGX_QL_SUCCESS\n      - SGX_QL_ERROR_INVALID_PARAMETER\n      - SGX_QL_NO_QVE_IDENTITY_DATA\n      - SGX_QL_ERROR_OUT_OF_MEMORY\n      - SGX_QL_NETWORK_ERROR\n      - SGX_QL_MESSAGE_ERROR\n      - SGX_QL_ERROR_UNEXPECTED"]
    pub fn sgx_qv_get_qve_identity(
        pp_qveid: *mut *mut u8,
        p_qveid_size: *mut u32,
        pp_qveid_issue_chain: *mut *mut u8,
        p_qveid_issue_chain_size: *mut u32,
        pp_root_ca_crl: *mut *mut u8,
        p_root_ca_crl_size: *mut u16,
    ) -> quote3_error_t;
}
extern "C" {
    #[doc = " Call quote provider library to free the p_qve_id, p_qveid_issuer_chain buffer and p_root_ca_crl allocated by sgx_qv_get_qve_identity"]
    pub fn sgx_qv_free_qve_identity(
        p_qveid: *mut u8,
        p_qveid_issue_chain: *mut u8,
        p_root_ca_crl: *mut u8,
    ) -> quote3_error_t;
}
extern "C" {
    pub fn sgx_qv_set_path(
        path_type: sgx_qv_path_type_t,
        p_path: *const core::ffi::c_char,
    ) -> quote3_error_t;
}
extern "C" {
    #[doc = " Get quote verification collateral.\n\n @param p_quote[IN] - Pointer to TDX/SGX Quote.\n @param quote_size[IN] - Size of the buffer pointed to by p_quote (in bytes).\n @param p_quote_collateral[OUT] - This is a pointer to the Quote Certification Collateral retrieved based on Quote\n @param p_collateral_size[OUT] - This is the sizeof collateral including the size of nested fileds\n\n @return Status code of the operation, one of:\n      - SGX_QL_SUCCESS\n      - SGX_QL_ERROR_INVALID_PARAMETER\n      - SGX_QL_PLATFORM_LIB_UNAVAILABLE\n      - SGX_QL_PCK_CERT_CHAIN_ERROR\n      - SGX_QL_PCK_CERT_UNSUPPORTED_FORMAT\n      - SGX_QL_QUOTE_FORMAT_UNSUPPORTED\n      - SGX_QL_OUT_OF_MEMORY\n      - SGX_QL_NO_QUOTE_COLLATERAL_DATA\n      - SGX_QL_ERROR_UNEXPECTED"]
    pub fn tee_qv_get_collateral(
        p_quote: *const u8,
        quote_size: u32,
        pp_quote_collateral: *mut *mut u8,
        p_collateral_size: *mut u32,
    ) -> quote3_error_t;
}
extern "C" {
    #[doc = " Free quote verification collateral buffer, which returned by `tee_qv_get_collateral`\n\n @param p_quote_collateral[IN] - Pointer to collateral\n\n @return Status code of the operation, one of:\n      - SGX_QL_SUCCESS\n      - SGX_QL_ERROR_INVALID_PARAMETER\n      - SGX_QL_QUOTE_FORMAT_UNSUPPORTED"]
    pub fn tee_qv_free_collateral(p_quote_collateral: *mut u8) -> quote3_error_t;
}