Crate mc_sgx_dcap_quoteverify_sys

Crate mc_sgx_dcap_quoteverify_sys 

Source
Expand description

§MobileCoin SGX: DCAP QuoteVerify FFI Bindings

Project ChatLicenseTargetCrates.ioDocs StatusDependency Status

FFI linkage for the sgx_dcap_quoteverify library.

Functions§

sgx_qv_free_qve_identity
Call quote provider library to free the p_qve_id, p_qveid_issuer_chain buffer and p_root_ca_crl allocated by sgx_qv_get_qve_identity
sgx_qv_get_quote_supplemental_data_size
Get supplemental data required size. @param p_data_size[OUT] - Pointer to hold the size of the buffer in bytes required to contain all of the supplemental data.
sgx_qv_get_qve_identity
Call quote provider library to get QvE identity.
sgx_qv_set_enclave_load_policy
When the Quoting Verification Library is linked to a process, it needs to know the proper enclave loading policy. The library may be linked with a long lived process, such as a service, where it can load the enclaves and leave them loaded (persistent). This better ensures that the enclaves will be available upon quote requests and not subject to EPC limitations if loaded on demand. However, if the QVL is linked with an application process, there may be many applications with the QVL and a better utilization of EPC is to load and unloaded the quote verification enclaves on demand (ephemeral). The library will be shipped with a default policy of loading enclaves and leaving them loaded until the library is unloaded (PERSISTENT). If the policy is set to EPHEMERAL, then the QvE will be loaded and unloaded on-demand. Supported policies: SGX_QL_EPHEMERAL - Default policy. QvE is initialized and terminated on every quote verification function call. SGX_QL_PERSISTENT - All the threads will share single QvE instance, and QvE is initialized on first use and reused until process ends. SGX_QL_EPHEMERAL_QVE_MULTI_THREAD - QvE is loaded per thread and be unloaded before function exit. SGX_QL_PERSISTENT_QVE_MULTI_THREAD - QvE is loaded per thread and only be unloaded before thread exit.
sgx_qv_set_path
sgx_qv_verify_quote
Perform ECDSA quote verification.
tee_qv_free_collateral
Free quote verification collateral buffer, which returned by tee_qv_get_collateral
tee_qv_get_collateral
Get quote verification collateral.