Python package to verify Intel SGX ECDSA-based quotes
Project description
SGX DCAP quote verify for Python
This package provides a Python binding to the SGX Quote Verification Library (QVL), which is the reference implementation of ECDSA-based SGX quote verification. It allows you to verify ECDSA-based quotes generated by the Intel provided Quoting Enclave in Python.
Usage
import sgx_dcap_quote_verify
from pathlib import Path
from datetime import datetime
# You can download the trusted root CA in PEM format directly from Intel at :
# <https://certificates.trustedservices.intel.com/Intel_SGX_Provisioning_Certification_RootCA.pem>
trusted_root_ca_certificate = Path("path/to/root_ca_certificate.pem").read_text()
# Get the quote and the collateral from the service you want to attest
pck_certificate = Path("path/to/pck_certificate.pem").read_text()
pck_signing_chain = Path("path/to/pck_signing_chain.pem").read_text()
root_ca_crl = Path("/path/to/root_ca_crl.pem").read_text()
intermediate_ca_crl = Path("/path/to/intermediate_ca_crl.pem").read_text()
tcb_info = Path("/path/to/tcb_info.json").read_text()
tcb_signing_chain = Path("/path/to/tcb_signing_chain.pem").read_text()
quote = Path("/path/to/quote.dat").read_bytes()
qe_identity = Path("/path/to/qe_identity.json").read_text()
# Set the date used to check if the collateral (certificates,CRLs...) is still valid
# Except for test purposes it should be set to the current time as is done below
expiration_date = datetime.now()
# Use the package to check the validity of the quote
attestation_result = sgx_dcap_quote_verify.verify(
trusted_root_ca_certificate,
pck_certificate,
pck_signing_chain,
root_ca_crl,
intermediate_ca_crl,
tcb_info,
tcb_signing_chain,
quote,
qe_identity,
expiration_date,
)
assert attestation_result.ok
assert (
attestation_result.pck_certificate_status
== sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
)
assert (
attestation_result.tcb_info_status
== sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
)
assert (
attestation_result.qe_identity_status
== sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
)
assert (
attestation_result.quote_status
== sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
)
# The attestation result contains the report data, which includes the MR_ENCLAVE
print("mr_enclave =", attestation_result.enclave_report.mr_enclave)
Disclaimer : This package is not endorsed by Intel Corporation. It is provided as is, use it at your own risk.
License
The source code of the binding is provided under Apache-2.0 license.
This software also uses the SGX Quote Verification Library, which is licensed under BSD license. Distribution of the software as a whole, including the external library, may be subject to the terms of the external library's license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for sgx-dcap-quote-verify-python-0.0.3.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 693cec50dad12e85235a7c9318406a22bec16b8327ed5a3cbf4a7727cf1c17a4 |
|
MD5 | 2ce04b52768b724bb92947f450b1283b |
|
BLAKE2b-256 | 6cda7323c1260c8d400a500c3d009358d35ba180884e81627b45b18c10095fc1 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 16d6241fc85fa3fd0cabbe65796fb4b22f0f0d0ca1c9e05680f66a2e066d361c |
|
MD5 | ae1d1bcf7f76908bc1877c4a7f9ea7e5 |
|
BLAKE2b-256 | 52b219ef12b2369ea97d84b71978728ba67450fece29a621f45f4c30d281fe75 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp39-pypy39_pp73-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cd5d3d6b60aa9571e5ac0d309b980e86fd80af72a9d8b93fc021b2feca4b12fb |
|
MD5 | e692fda2c880c089d344c7bdf62e0f8e |
|
BLAKE2b-256 | 41a0d58c7dfc8de8f567741779dafa511606a0f4449c3b4c1b9b15e54660e781 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 70ff29808f933a6da97a182b0289bfb09dd2067cce66e0990172aa8719bf35ec |
|
MD5 | 1af86853d95242c651f0f40ac568d33f |
|
BLAKE2b-256 | af1d2ccdcbf7e434ed507326e8ea3bbddd6212d1e2511972fe97cdc1b1a7c569 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp38-pypy38_pp73-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 735dc1b39585b1df0d2489706f3498179728fe3f5cbd3f75388dc2708994311a |
|
MD5 | 4fbfe525901dad7feb3140a376703a5c |
|
BLAKE2b-256 | fc803258a47ccd0554e1fb93cfd0e1087fb085718ea4e02e695c27bca2edd092 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 604c07c6a772140e947e26a7f0d5f2e15665f1b70d8b62810fb3826b7ac471af |
|
MD5 | 37ad1ae0e850eb49daecda5667064b48 |
|
BLAKE2b-256 | 193bb0b63bc1f54e41515e86ebd8ee4dfa52c50875d2189471c5b9bae4b9d083 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-pp37-pypy37_pp73-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 36be5cd4cc0cfe9a2aca89fc6f45e4f0e57e710f1c94298abfe1399e922e01a8 |
|
MD5 | c0280e0e56884cfe7f57df0915e81e72 |
|
BLAKE2b-256 | 7a9e84e4bcc4e46c37fca96cb25d255802de7a37803d817534b0c64f8e15aead |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-musllinux_1_1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 440425da4354e2864995068aa91ae9c0817c43922da890a76298ff60df9fe561 |
|
MD5 | 84b41bd631c6727abc57118e21543199 |
|
BLAKE2b-256 | ecbe72d6228909a9b159cb8d343f609163fb56026d9935847e9dc7aaab7f7ae5 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1d142793473a608cc90c13eef6215d4c19b01e655bce47b74885812f69009a9a |
|
MD5 | 34be86f305b940edae28a16bcf23ced9 |
|
BLAKE2b-256 | 9036d6de9030e650292c202a750a023d7c36d6634c0b9a2dd1cd6689d13c400d |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b4942f163b7eda4ceff2253c685a2094ac60441027af32a31efde2445c0cf2d5 |
|
MD5 | 7b570a4937e33b4fc224fbb6b045d9be |
|
BLAKE2b-256 | a1cd67f9fdf2570b70b7ecce8b25eb4295c6b807095a9b76e6900e34495e2baa |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-musllinux_1_1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d6959e1329de1a0c460d809fde417c41c6873e7eeac21d049fa04e94d61c569a |
|
MD5 | da5b78a68b6bc306a8caa0f028d27bd8 |
|
BLAKE2b-256 | fc1fb18ae34bfdf3a60cd0ad82e70cc6aa2add769f286d8c93176ef1e8a8e8a9 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d20d56374af6b821a66792745f6da2ffc09d325335a982f20e7440ca0c5fa1ac |
|
MD5 | 7eb6ba82cf49f8f5277acdfce3cb5771 |
|
BLAKE2b-256 | d4441cf7594596b955b0c4be2634a21f63dc0862176d5028096feea47e5f1423 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 10cd479259b823e5da9be561ce894dea14f0da5472cf87fe0e50bb8bd5214993 |
|
MD5 | 7283a6ac96131e07ca6e23bae86a8d44 |
|
BLAKE2b-256 | 9f17c7a0f38f51eeb1792ac2a14164edf6fd0dcdef91a2689ffca1dd905caf75 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-musllinux_1_1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 24d94bf34e51974feacfb71d9a9986c31c25f5da014e95d3fd87630cf1485dda |
|
MD5 | 427ef8727a171fff5fb5c67b19b4fb75 |
|
BLAKE2b-256 | 691a6f95385626e327d737bb9daa4e7d5aa82fd5494f4d8ae140fc1824c2fba4 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f04fcf7802861522fa776e71088a3268b0aa199e3da8ab66a71247296bbd74d1 |
|
MD5 | 0edd4b3f87f84f08c02b5155b2d051f0 |
|
BLAKE2b-256 | 042aa72f2fdca63e0ef89c3bef4b967cd8d34f92486941e5c90864005495395a |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9a84c1384ada1017032f0f4a3a5fff87d4856bca5f9cc10b48f5a9a9764efe30 |
|
MD5 | 145fd7f79019513127580a9030badc78 |
|
BLAKE2b-256 | 0f7a0065d2e287b9774dd0d878b2013e0b5b3892f63ab74358eb050b35a16de1 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-musllinux_1_1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 08ba533eededa0919252ef21511559cef50366610d2a5f6ef5e482e7d1533528 |
|
MD5 | 1aa6a6d2e536b96b092119f9574e383f |
|
BLAKE2b-256 | 20b7a1df86661496fbf3e03c7894a2f0c6fcfb362ecb29342ed0bc882ce71de9 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5aa1ac573da9c9d74bb27d9d429728433b90394f0aec4ad517698d78cdca9aca |
|
MD5 | e65792aaf6ede0cb81d655521d2baafb |
|
BLAKE2b-256 | 6cdf5e6c80b926367dfd3b4942cd077cd19dc77e512c0e62814870b1f5ba1f97 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4b24d2c85b4d0931e3bbe16b9dc2f536c238954137eff8cdf18cb18d03308b59 |
|
MD5 | 6725765f5c0369689f23f414a8a20010 |
|
BLAKE2b-256 | a29d8a697fbc736c166c6a10b4fc2c73a930d84f178c6249ec203cfa2cc48b30 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-musllinux_1_1_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f5adcb29faaf4394f66c0a27a8bdda8b1872b5e2c504939a419cb6f6133f02af |
|
MD5 | 1c4268af1d1b4081da392d64f446bbb7 |
|
BLAKE2b-256 | 31f5488f96fa9ffa411505dc9c3fa2dc19d81d2b77bcd294fb34d031cb47cba6 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 42c2e84a7982dad89444b7d543c93bf3cd7187a1b4298b5af282fc747f5604db |
|
MD5 | b372dd7fc370c9bc02b1d83e85eebfa2 |
|
BLAKE2b-256 | 70a837a5a8aa5287169287e19b7d5641873f180d9b5977da35783b72fa601957 |
Hashes for sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-macosx_10_9_x86_64.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0586c06c3db7e9089d8c3fa1d6391f29ee9c202bdc444d2c55c0a874930c482e |
|
MD5 | f9b3f0720a0a61dfe4fefe91fc80dc9a |
|
BLAKE2b-256 | 09cb0dbf8a3c37f2dfe54d7f01e2707054274baf31e39bda93117e099f5396a8 |