Skip to main content

Python package to verify Intel SGX ECDSA-based quotes

Project description

SGX DCAP quote verify for Python

This package provides a Python binding to the SGX Quote Verification Library (QVL), which is the reference implementation of ECDSA-based SGX quote verification. It allows you to verify ECDSA-based quotes generated by the Intel provided Quoting Enclave in Python.


import sgx_dcap_quote_verify

from pathlib import Path
from datetime import datetime

# You can download the trusted root CA in PEM format directly from Intel at :
# <>
trusted_root_ca_certificate = Path("path/to/root_ca_certificate.pem").read_text()

# Get the quote and the collateral from the service you want to attest
pck_certificate = Path("path/to/pck_certificate.pem").read_text()
pck_signing_chain = Path("path/to/pck_signing_chain.pem").read_text()
root_ca_crl = Path("/path/to/root_ca_crl.pem").read_text()
intermediate_ca_crl = Path("/path/to/intermediate_ca_crl.pem").read_text()
tcb_info = Path("/path/to/tcb_info.json").read_text()
tcb_signing_chain = Path("/path/to/tcb_signing_chain.pem").read_text()
quote = Path("/path/to/quote.dat").read_bytes()
qe_identity = Path("/path/to/qe_identity.json").read_text()

# Set the date used to check if the collateral (certificates,CRLs...) is still valid
# Except for test purposes it should be set to the current time as is done below
expiration_date =

# Use the package to check the validity of the quote
attestation_result = sgx_dcap_quote_verify.verify(

assert attestation_result.ok
assert (
    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
assert (
    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
assert (
    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK
assert (
    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK

# The attestation result contains the report data, which includes the MR_ENCLAVE
print("mr_enclave =", attestation_result.enclave_report.mr_enclave)

Disclaimer : This package is not endorsed by Intel Corporation. It is provided as is, use it at your own risk.


The source code of the binding is provided under Apache-2.0 license.

This software also uses the SGX Quote Verification Library, which is licensed under BSD license. Distribution of the software as a whole, including the external library, may be subject to the terms of the external library's license.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sgx-dcap-quote-verify-python-0.0.3.tar.gz (705.4 kB view hashes)

Uploaded Source

Built Distributions

sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-musllinux_1_1_x86_64.whl (2.1 MB view hashes)

Uploaded CPython 3.11 musllinux: musl 1.1+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.6 MB view hashes)

Uploaded CPython 3.11 manylinux: glibc 2.17+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp311-cp311-macosx_10_9_x86_64.whl (1.4 MB view hashes)

Uploaded CPython 3.11 macOS 10.9+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-musllinux_1_1_x86_64.whl (2.1 MB view hashes)

Uploaded CPython 3.10 musllinux: musl 1.1+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.6 MB view hashes)

Uploaded CPython 3.10 manylinux: glibc 2.17+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp310-cp310-macosx_10_9_x86_64.whl (1.4 MB view hashes)

Uploaded CPython 3.10 macOS 10.9+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-musllinux_1_1_x86_64.whl (2.1 MB view hashes)

Uploaded CPython 3.9 musllinux: musl 1.1+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.6 MB view hashes)

Uploaded CPython 3.9 manylinux: glibc 2.17+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp39-cp39-macosx_10_9_x86_64.whl (1.4 MB view hashes)

Uploaded CPython 3.9 macOS 10.9+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-musllinux_1_1_x86_64.whl (2.1 MB view hashes)

Uploaded CPython 3.8 musllinux: musl 1.1+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.6 MB view hashes)

Uploaded CPython 3.8 manylinux: glibc 2.17+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp38-cp38-macosx_10_9_x86_64.whl (1.3 MB view hashes)

Uploaded CPython 3.8 macOS 10.9+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-musllinux_1_1_x86_64.whl (2.1 MB view hashes)

Uploaded CPython 3.7m musllinux: musl 1.1+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (1.6 MB view hashes)

Uploaded CPython 3.7m manylinux: glibc 2.17+ x86-64

sgx_dcap_quote_verify_python-0.0.3-cp37-cp37m-macosx_10_9_x86_64.whl (1.3 MB view hashes)

Uploaded CPython 3.7m macOS 10.9+ x86-64

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page