dk-tee-attestation 0.3.0

TEE attestation library for AMD SEV-SNP and Intel TDX platforms

FHEnom TEE Attestation Library

A Python library for generating and verifying TEE (Trusted Execution Environment) attestation reports across different hardware platforms.

Features

• Multi-Platform Support: AMD SEV-SNP and Intel TDX
• Unified API: Single interface for all TEE platforms
• Cryptographic Verification: Full certificate chain validation
• Production Ready: Used in FHEnom AI confidential computing platform

Supported Platforms

• ✅ AMD SEV-SNP (Secure Encrypted Virtualization - Secure Nested Paging)
• 🚧 Intel TDX (Trust Domain Extensions) - Coming soon

Basic Installation (Python API only)

pip install fhenom-tee-attestation

Repository Overview

• dk_tee_attestation/
  Core Python library

• rust_lib/
  Rust library (SEV-SNP firmware bindings) exposed to Python via PyO3

---

Public Python interface (high-level)

The Python interface is intentionally minimal and backend-agnostic.

Attestation engines are instantiated via a factory, and all interaction happens through the abstract AttestationEngine interface.

from dk_tee_attestation import AttestationEngineFactory, AttestationEngineType

engine = AttestationEngineFactory.get(AttestationEngineType.AMD_SEV_SNP)

Generate an attestation report (inside the TEE)

report = engine.get_report(report_data)

• report_data: caller-provided nonce / challenge (bytes)
• returns raw attestation report bytes

Verify an attestation report (verifier side)

engine.verify_report(report_bytes, expected_report_data)

• raises an exception if verification fails
• returns None on successful verification

All verification failures are reported via explicit domain exceptions.

---