Expand description
Parses and verifies Intel TDX quotes (v4 and v5)
This crate is no_std.
This is inspired by tdx-quote-parser for the types and sgx-quote for the no-std parsing using nom.
This is based on the specification described in the Intel TDX DCAP Quoting Library API, appendix 3.
The mock feature flag allows generating mock quotes, which this library can parse and verify. This
is used for testing attestation features on without needing TDX hardware.
The pck feature flag (enabled by default) allows parsing and verifying PCK certificate chains.
Warning: This is in early stages of development and has not been audited.
For quote generation, see configfs-tsm.
Modules§
- pck
- Parse and verify PCK certificate chains
Structs§
- QeReport
Certification Data - Certification data which contains a signature from the PCK
- Quote
- A TDX Quote
- Quote
Body - A TDX quote body
- Quote
Header - A TDX quote header
Enums§
- Attestion
KeyType - Type of the Attestation Key used by the Quoting Enclave
- Certification
Data - Data related to certifying the QE Report
- Certification
Data Inner - Inner Data related to certifying the QE report This is needed to avoid a recursive type
- Quote
Parse Error - An error when parsing a quote
- Quote
Verification Error - An error when verifying a quote with a provisioning certification key (PCK)
- TDXVersion
- Version of TDX used to create the quote
- TEEType
- Type of TEE used
- Verifying
KeyError - An error when handling a verifying key
Traits§
- Verifier
- Verify the provided message bytestring using
Self(e.g. a public key)
Functions§
- decode_
verifying_ key - Helper function to decode bytes to a public key
- encode_
verifying_ key - Helper function to encode a public key as bytes
Type Aliases§
- Signature
- ECDSA/P-256 signature (fixed-size)
- Verifying
Key - ECDSA/P-256 verification key (i.e. public key)