Skip to main content

Python bindings for DCAP (Data Center Attestation Primitives) quote verification library

Project description

Python Bindings for DCAP-QVL

Python bindings for parsing and verifying Intel SGX/TDX DCAP (Data Center Attestation Primitives) quotes. Built on a Rust implementation for use in TEE (Trusted Execution Environment) remote attestation workflows.

Quick Start

# Install from PyPI
pip install dcap-qvl

# Basic usage
python -c "
import dcap_qvl
print('DCAP-QVL Python bindings successfully installed!')
print(f'Available functions: {dcap_qvl.__all__}')
"

Features

  • Parse and inspect SGX/TDX quotes (headers, reports, embedded certificates)
  • Extract PCK certificate extension fields (FMSPC, PPID, CPU SVN, etc.) or look up arbitrary OIDs
  • Verify SGX and TDX quotes against collateral data
  • Handle quote collateral data (serialize/deserialize JSON)
  • Asynchronous collateral fetching from PCCS/PCS with async/await support
  • Pure Rust implementation with Python bindings
  • Cross-platform compatibility (Linux, macOS, Windows)
  • Compatible with Python 3.8+

Installation

From PyPI (recommended)

pip install dcap-qvl

Using uv

uv add dcap-qvl

Usage

Parsing Quotes

import dcap_qvl

raw = open("quote.bin", "rb").read()
quote = dcap_qvl.parse_quote(raw)

# Quote type
print(quote.quote_type())  # "SGX" or "TDX"
print(quote.fmspc())       # e.g. "B0C06F000000"

# Header fields
hdr = quote.header
print(hdr.version, hdr.tee_type, hdr.attestation_key_type)

# Report body (TdReport10, TdReport15, or SgxEnclaveReport)
report = quote.report
if quote.is_tdx():
    print(report.mr_td.hex())
    print(report.rt_mr0.hex())
else:
    print(report.mr_enclave.hex())
    print(report.mr_signer.hex())
print(report.report_data.hex())

# Embedded PEM certificate chain
pem = quote.cert_chain_pem_bytes()  # bytes or None

PCK Extension Parsing

# From a parsed quote
ext = quote.pck_extension()  # PckExtension or None
if ext:
    print(ext.fmspc.hex())   # 6-byte FMSPC
    print(ext.ppid.hex())    # PPID
    print(ext.cpu_svn.hex()) # CPU SVN
    print(ext.pce_svn)       # PCE SVN (int)
    print(ext.pce_id.hex())  # PCE ID
    print(ext.sgx_type)      # SGX type (int)

# From a PEM certificate chain directly
ext = dcap_qvl.parse_pck_extension_from_pem(pem_bytes)
print(ext.fmspc.hex())

# Look up any OID in the Intel SGX extension (recursive search)
value = ext.get_value("1.2.840.113741.1.13.1.2.17")  # PCESVN
if value is not None:
    print(value.hex())

Basic Quote Verification

import dcap_qvl
import json
import time

# Load quote data (binary)
with open("path/to/quote", "rb") as f:
    quote_data = f.read()

# Load collateral data (JSON)
with open("path/to/collateral.json", "r") as f:
    collateral_json = json.load(f)

# Create collateral object
collateral = dcap_qvl.QuoteCollateralV3.from_json(json.dumps(collateral_json))

# Verify the quote
now = int(time.time())
try:
    result = dcap_qvl.verify(quote_data, collateral, now)
    print(f"Verification successful! Status: {result.status}")
    print(f"Advisory IDs: {result.advisory_ids}")
except ValueError as e:
    print(f"Verification failed: {e}")

Working with Collateral Data

# Create collateral manually
collateral = dcap_qvl.QuoteCollateralV3(
    pck_crl_issuer_chain="...",
    root_ca_crl=b"...",  # bytes
    pck_crl=b"...",      # bytes
    tcb_info_issuer_chain="...",
    tcb_info="...",      # JSON string
    tcb_info_signature=b"...",  # bytes
    qe_identity_issuer_chain="...",
    qe_identity="...",   # JSON string
    qe_identity_signature=b"...",  # bytes
)

# Serialize to JSON
json_str = collateral.to_json()

# Deserialize from JSON
collateral = dcap_qvl.QuoteCollateralV3.from_json(json_str)

API Reference

Async Collateral Functions

All collateral functions are asynchronous and must be awaited. They use the Rust async runtime for optimal performance.

async get_collateral(pccs_url: str, raw_quote: bytes) -> QuoteCollateralV3

Fetch full collateral (PCK cert chain, TCB info, QE identity, CRLs) for a raw DCAP quote from the given PCCS / PCS URL. Handles every supported certification data type (including cert_type 2 / 3 where the PCK cert is retrieved from PCCS via encrypted PPID).

Parameters:

Returns:

  • QuoteCollateralV3: Quote collateral data (with PCK certificate chain attached)

Raises:

  • ValueError: If the quote is invalid, the HTTP client can't be built, or the PCCS / PCS fetch fails

Example:

import asyncio
import dcap_qvl

async def main():
    pccs_url = "https://api.trustedservices.intel.com"
    quote_data = open("quote.bin", "rb").read()
    collateral = await dcap_qvl.get_collateral(pccs_url, quote_data)
    print(f"Got collateral: {len(collateral.tcb_info)} chars")

asyncio.run(main())

async get_collateral_from_pcs(raw_quote: bytes) -> QuoteCollateralV3

Get collateral from Intel's PCS (default).

Parameters:

  • raw_quote: Raw quote data as bytes

Returns:

  • QuoteCollateralV3: Quote collateral data

Raises:

  • ValueError: If quote is invalid or FMSPC cannot be extracted
  • RuntimeError: If network request fails

Example:

import asyncio
import dcap_qvl

async def main():
    quote_data = open("quote.bin", "rb").read()
    collateral = await dcap_qvl.get_collateral_from_pcs(quote_data)
    print(f"Got collateral from Intel PCS")

asyncio.run(main())

async get_collateral_and_verify(raw_quote: bytes, pccs_url: Optional[str] = None) -> VerifiedReport

Get collateral and verify quote in one step.

Parameters:

  • raw_quote: Raw quote data as bytes
  • pccs_url: Optional PCCS URL (uses Intel PCS if None)

Returns:

  • VerifiedReport: Verification results

Raises:

  • ValueError: If quote is invalid or verification fails
  • RuntimeError: If network request fails

Example:

import asyncio
import dcap_qvl

async def main():
    quote_data = open("quote.bin", "rb").read()
    result = await dcap_qvl.get_collateral_and_verify(quote_data)
    print(f"Status: {result.status}")
    print(f"Advisory IDs: {result.advisory_ids}")

asyncio.run(main())

Classes

QuoteCollateralV3

Represents quote collateral data required for verification.

Constructor:

QuoteCollateralV3(
    pck_crl_issuer_chain: str,
    root_ca_crl: bytes,
    pck_crl: bytes,
    tcb_info_issuer_chain: str,
    tcb_info: str,
    tcb_info_signature: bytes,
    qe_identity_issuer_chain: str,
    qe_identity: str,
    qe_identity_signature: bytes,
)

Methods:

  • to_json() -> str: Serialize to JSON string
  • from_json(json_str: str) -> QuoteCollateralV3: Create from JSON string (static method)

Properties:

  • pck_crl_issuer_chain: str
  • root_ca_crl: bytes
  • pck_crl: bytes
  • tcb_info_issuer_chain: str
  • tcb_info: str
  • tcb_info_signature: bytes
  • qe_identity_issuer_chain: str
  • qe_identity: str
  • qe_identity_signature: bytes

VerifiedReport

Contains the results of quote verification.

Properties:

  • status: str: Verification status (e.g., "OK", "SW_HARDENING_NEEDED", "CONFIGURATION_NEEDED", "OUT_OF_DATE", "REVOKED")
  • advisory_ids: List[str]: List of Intel security advisory IDs (e.g., "INTEL-SA-00334")
  • ppid: bytes: Platform PPID parsed from the PCK certificate

Methods:

  • to_json() -> str: Serialize to JSON string

Quote

Represents a parsed SGX or TDX quote. Created via parse_quote() or Quote.parse().

Properties:

  • header: QuoteHeader: Parsed quote header
  • report: Union[TdReport10, TdReport15, SgxEnclaveReport]: Parsed report body

Methods:

  • parse(raw_quote: bytes) -> Quote: Parse from raw bytes (static method)
  • fmspc() -> str: FMSPC as uppercase hex string
  • ca() -> str: Certificate Authority identifier
  • is_sgx() -> bool / is_tdx() -> bool: Check quote type
  • quote_type() -> str: Returns "SGX" or "TDX"
  • cert_chain_pem_bytes() -> Optional[bytes]: Embedded PEM certificate chain
  • pck_extension() -> Optional[PckExtension]: Parse Intel SGX extension from leaf PCK cert

QuoteHeader

Properties:

  • version: int, attestation_key_type: int, tee_type: int
  • qe_svn: int, pce_svn: int
  • qe_vendor_id: bytes (16 bytes), user_data: bytes (20 bytes)

TdReport10 / TdReport15

TDX TDREPORT structures. TdReport15 extends TdReport10 with tee_tcb_svn2 and mr_service_td.

Properties (TdReport10):

  • tee_tcb_svn: bytes, mr_seam: bytes, mr_signer_seam: bytes, seam_attributes: bytes
  • td_attributes: bytes, xfam: bytes, mr_td: bytes, mr_config_id: bytes
  • mr_owner: bytes, mr_owner_config: bytes
  • rt_mr0: bytes, rt_mr1: bytes, rt_mr2: bytes, rt_mr3: bytes
  • report_data: bytes

SgxEnclaveReport

Properties:

  • cpu_svn: bytes, attributes: bytes
  • mr_enclave: bytes, mr_signer: bytes
  • report_data: bytes

PckExtension

Parsed values from the Intel SGX extension in the PCK leaf certificate.

Properties:

  • ppid: bytes, cpu_svn: bytes, pce_svn: int, pce_id: bytes
  • fmspc: bytes (6 bytes), sgx_type: int
  • platform_instance_id: Optional[bytes]

Methods:

  • get_value(oid: str) -> Optional[bytes]: Look up any OID in the Intel SGX extension by dotted-decimal string. Returns raw DER value bytes, or None if not found.

Functions

parse_quote(raw_quote: bytes) -> Quote

Parse a raw SGX or TDX quote from bytes.

parse_pck_extension_from_pem(pem_bytes: bytes) -> PckExtension

Parse the Intel SGX extension from a PEM-encoded certificate chain (uses the first/leaf certificate).

verify(raw_quote: bytes, collateral: QuoteCollateralV3, now_secs: int) -> VerifiedReport

Verify a quote with the provided collateral data.

Parameters:

  • raw_quote: Raw quote data as bytes
  • collateral: Quote collateral data
  • now_secs: Current timestamp in seconds since Unix epoch

Returns:

  • VerifiedReport: Verification results

Raises:

  • ValueError: If verification fails

verify_with_root_ca(raw_quote: bytes, collateral: QuoteCollateralV3, root_ca_der: bytes, now_secs: int) -> VerifiedReport

Verify a quote with a custom root CA certificate (DER format) instead of the built-in Intel root CA.

Development

Building from Source

If you want to build from source or contribute to development:

# Clone the repository
git clone https://github.com/Phala-Network/dcap-qvl.git
cd dcap-qvl/python-bindings

# Install development dependencies (including maturin)
uv sync

# Build and install the Python extension in development mode
uv run maturin develop --features python

# Run tests
uv run pytest tests/ -v

Note: maturin is only required for building from source. Regular users installing from PyPI don't need maturin.

Running Examples

After installing the package, you can run the examples:

# Download the examples from the repository
git clone https://github.com/Phala-Network/dcap-qvl.git
cd dcap-qvl/python-bindings

# Basic functionality test
python examples/basic_test.py

# Full example (requires sample data files)
python examples/python_example.py

Or if you're using uv for development:

# Basic functionality test
uv run python examples/basic_test.py

# Full example (requires sample data files)
uv run python examples/python_example.py

Testing Across Python Versions

The project includes comprehensive testing across all supported Python versions:

# Quick test across all Python versions
make test_python_versions

# Test current Python version only
make test_python

See PYTHON_TESTING.md for detailed information about Python version compatibility testing.

Requirements

For regular usage (installing from PyPI):

  • Python 3.8+

For development (building from source):

  • Python 3.8+
  • Rust toolchain (rustc, cargo)
  • maturin (automatically installed with uv sync)

License

MIT License - see LICENSE for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dcap_qvl-0.5.2.tar.gz (262.9 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

dcap_qvl-0.5.2-cp38-abi3-win_amd64.whl (2.1 MB view details)

Uploaded CPython 3.8+Windows x86-64

dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_x86_64.whl (2.7 MB view details)

Uploaded CPython 3.8+musllinux: musl 1.1+ x86-64

dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_aarch64.whl (2.5 MB view details)

Uploaded CPython 3.8+musllinux: musl 1.1+ ARM64

dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.7 MB view details)

Uploaded CPython 3.8+manylinux: glibc 2.17+ x86-64

dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (2.5 MB view details)

Uploaded CPython 3.8+manylinux: glibc 2.17+ ARM64

dcap_qvl-0.5.2-cp38-abi3-macosx_11_0_arm64.whl (2.3 MB view details)

Uploaded CPython 3.8+macOS 11.0+ ARM64

dcap_qvl-0.5.2-cp38-abi3-macosx_10_12_x86_64.whl (2.4 MB view details)

Uploaded CPython 3.8+macOS 10.12+ x86-64

File details

Details for the file dcap_qvl-0.5.2.tar.gz.

File metadata

  • Download URL: dcap_qvl-0.5.2.tar.gz
  • Upload date:
  • Size: 262.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for dcap_qvl-0.5.2.tar.gz
Algorithm Hash digest
SHA256 fa9d6d847248844273aee110b3b5a2a96d1360aa8b3ff1035aa078d26e3609a2
MD5 2553575cd040ee646e92fcf82c264aaa
BLAKE2b-256 59ab3b4d19abb3b34545b0ad7443378d08f6ed6bc82dee09e64cabc8e3446fb0

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2.tar.gz:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-win_amd64.whl.

File metadata

  • Download URL: dcap_qvl-0.5.2-cp38-abi3-win_amd64.whl
  • Upload date:
  • Size: 2.1 MB
  • Tags: CPython 3.8+, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 7f37e259b6ea48ee1b9dc11a7d2d092936b818ff4bb46d8b4dde877f7fcf52d9
MD5 18aa845163e58c8fbdcab3892da7cb83
BLAKE2b-256 6624e2e670f07660f6fb806806de73d97bbbe4982147f331dceb07b6ac173850

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-win_amd64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_x86_64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_x86_64.whl
Algorithm Hash digest
SHA256 9cfe19b82f6d72f46d9da592ca6109d1486f7ecb92643833f8a04359247b2126
MD5 f8be260306ce99e3fbe1c383c84b4c05
BLAKE2b-256 a52a218bfe048997e9955261bdb0b9971c729b9c5a84b33cd8aacd665037a868

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_x86_64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_aarch64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_aarch64.whl
Algorithm Hash digest
SHA256 cc9d19d38e16e51a2e0acecc3b954b2f2ed43494984e52c52c918c5c484f2280
MD5 b102b85aa7165a07e1108d35d42ef2b0
BLAKE2b-256 715a1cdaa889ec427902e620c0bcf24f9c795bae5e07fc8cce50b112fa522446

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-musllinux_1_1_aarch64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 4596e96ae5ba10e8bbf91c561c25d55e4fbe080fcdfd5042d6760f16ace3ad1d
MD5 cad9c3ded4c5c50f9fd0511ded8d293c
BLAKE2b-256 de20b6b62cf721ac0adcf4365c45e09405fc8c56010be0084f9749a85f05c355

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 e0dbd4fcf778b97e31b84115a9f224a00e28b80d58cf90a3637dd41cf78e501f
MD5 bf510d34845e8259455352d75bbd71ab
BLAKE2b-256 160bdf76ab53102bc4e43475a258b8f43c9b77a1d8ee6ac1dda1ac7b771224ef

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 7c57d7620b2d0db44df1c0e8496a7eed2cd512db942f851ff451f2fa5f28af1d
MD5 81e3a627c74fb6d7f2bec45bb2619664
BLAKE2b-256 5e53b70a2f6e05208d7ecf3a174e090e65983794c689511dd56837ce280c4a73

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-macosx_11_0_arm64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dcap_qvl-0.5.2-cp38-abi3-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for dcap_qvl-0.5.2-cp38-abi3-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 3d3be363e4629fd390d5f63eeb1af1803f75c57ae9bd4ae3f18602fdac504bda
MD5 fa56e37a2ecb623483562045673f1d3a
BLAKE2b-256 9977fa6e530a574c348338c4a0ff1907662623c2aacee1f45e0c3d702d88121b

See more details on using hashes here.

Provenance

The following attestation bundles were made for dcap_qvl-0.5.2-cp38-abi3-macosx_10_12_x86_64.whl:

Publisher: python-wheels.yml on Phala-Network/dcap-qvl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page