Crates.io | dcap-qvl |
lib.rs | dcap-qvl |
version | 0.1.5 |
source | src |
created_at | 2024-09-02 08:43:25.494279 |
updated_at | 2024-11-07 11:24:24.378559 |
description | This crate implements the quote verification logic for DCAP (Data Center Attestation Primitives) in pure Rust. |
homepage | |
repository | |
max_upload_size | |
id | 1360298 |
size | 156,672 |
This crate implements the quote verification logic for DCAP (Data Center Attestation Primitives) in pure Rust. It supports both SGX (Software Guard Extensions) and TDX (Trust Domain Extensions) quotes.
Add the following dependency to your Cargo.toml
file to use this crate:
[dependencies]
dcap-qvl = "0.1.0"
To get collateral from a PCCS_URL and verify a quote, you can use the following example code:
use dcap_qvl::collateral::get_collateral;
use dcap_qvl::verify::verify;
#[tokio::main]
async fn main() {
// Get PCCS_URL from environment variable. The URL is like "https://localhost:8081/sgx/certification/v4/".
let pccs_url = std::env::var("PCCS_URL").expect("PCCS_URL is not set");
let quote = std::fs::read("tdx_quote").expect("tdx_quote is not found");
let collateral = get_collateral(&pccs_url, "e, std::time::Duration::from_secs(10)).await.expect("failed to get collateral");
let now = std::time::SystemTime::now().duration_since(std::time::UNIX_EPOCH).unwrap().as_secs();
let tcb = verify("e, &collateral, now).expect("failed to verify quote");
println!("{:?}", tcb);
}
use dcap_qvl::collateral::get_collateral_from_pcs;
use dcap_qvl::verify::verify;
#[tokio::main]
async fn main() {
let quote = std::fs::read("tdx_quote").expect("tdx_quote is not found");
let collateral = get_collateral_from_pcs("e, std::time::Duration::from_secs(10)).await.expect("failed to get collateral");
let now = std::time::SystemTime::now().duration_since(std::time::UNIX_EPOCH).unwrap().as_secs();
let tcb = verify("e, &collateral, now).expect("failed to verify quote");
println!("{:?}", tcb);
}
This crate is licensed under the MIT license. See the LICENSE file for details.