{"id":22281608,"url":"https://github.com/mithril-security/sgx-dcap-quote-verify-python","last_synced_at":"2025-07-28T20:31:07.771Z","repository":{"id":65209389,"uuid":"580808237","full_name":"mithril-security/sgx-dcap-quote-verify-python","owner":"mithril-security","description":"Python package to verify Intel SGX ECDSA-based quotes","archived":false,"fork":false,"pushed_at":"2023-06-27T02:02:29.000Z","size":184,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-10T17:17:10.067Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mithril-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-12-21T13:58:41.000Z","updated_at":"2023-07-26T00:44:21.000Z","dependencies_parsed_at":"2023-02-10T07:16:04.258Z","dependency_job_id":null,"html_url":"https://github.com/mithril-security/sgx-dcap-quote-verify-python","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":"pybind/cmake_example","purl":"pkg:github/mithril-security/sgx-dcap-quote-verify-python","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithril-security%2Fsgx-dcap-quote-verify-python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithril-security%2Fsgx-dcap-quote-verify-python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithril-security%2Fsgx-dcap-quote-verify-python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithril-security%2Fsgx-dcap-quote-verify-python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mithril-security","download_url":"https://codeload.github.com/mithril-security/sgx-dcap-quote-verify-python/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithril-security%2Fsgx-dcap-quote-verify-python/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267580457,"owners_count":24110844,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-28T02:00:09.689Z","response_time":68,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-03T16:19:48.157Z","updated_at":"2025-07-28T20:31:07.441Z","avatar_url":"https://github.com/mithril-security.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SGX DCAP quote verify for Python\n\nThis package provides a Python binding to the [SGX Quote Verification Library](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteVerification/QVL) (QVL), which is the reference implementation of ECDSA-based SGX quote verification. It allows you to verify ECDSA-based quotes generated by the Intel provided Quoting Enclave in Python.\n\n## Usage\n\n```py\nimport sgx_dcap_quote_verify\n\nfrom pathlib import Path\nfrom datetime import datetime\n\n# You can download the trusted root CA in PEM format directly from Intel at :\n# \u003chttps://certificates.trustedservices.intel.com/Intel_SGX_Provisioning_Certification_RootCA.pem\u003e\ntrusted_root_ca_certificate = Path(\"path/to/root_ca_certificate.pem\").read_text()\n\n# Get the quote and the collateral from the service you want to attest\npck_certificate = Path(\"path/to/pck_certificate.pem\").read_text()\npck_signing_chain = Path(\"path/to/pck_signing_chain.pem\").read_text()\nroot_ca_crl = Path(\"/path/to/root_ca_crl.pem\").read_text()\nintermediate_ca_crl = Path(\"/path/to/intermediate_ca_crl.pem\").read_text()\ntcb_info = Path(\"/path/to/tcb_info.json\").read_text()\ntcb_signing_chain = Path(\"/path/to/tcb_signing_chain.pem\").read_text()\nquote = Path(\"/path/to/quote.dat\").read_bytes()\nqe_identity = Path(\"/path/to/qe_identity.json\").read_text()\n\n# Set the date used to check if the collateral (certificates,CRLs...) is still valid\n# Except for test purposes it should be set to the current time as is done below\nexpiration_date = datetime.now()\n\n# Use the package to check the validity of the quote\nattestation_result = sgx_dcap_quote_verify.verify(\n    trusted_root_ca_certificate,\n    pck_certificate,\n    pck_signing_chain,\n    root_ca_crl,\n    intermediate_ca_crl,\n    tcb_info,\n    tcb_signing_chain,\n    quote,\n    qe_identity,\n    expiration_date,\n)\n\nassert attestation_result.ok\nassert (\n    attestation_result.pck_certificate_status\n    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK\n)\nassert (\n    attestation_result.tcb_info_status\n    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK\n)\nassert (\n    attestation_result.qe_identity_status\n    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK\n)\nassert (\n    attestation_result.quote_status\n    == sgx_dcap_quote_verify.VerificationStatus.STATUS_OK\n)\n\n# The attestation result contains the report data, which includes the MR_ENCLAVE\nprint(\"mr_enclave =\", attestation_result.enclave_report.mr_enclave)\n```\n\n**Disclaimer** : This package is not endorsed by Intel Corporation. It is provided as is, use it at your own risk.\n\n## License\n\nThe source code of the binding is provided under Apache-2.0 license.\n\nThis software also uses the SGX Quote Verification Library, which is licensed under [BSD license](https://github.com/mithril-security/SGXDataCenterAttestationPrimitives/blob/master/License.txt).\nDistribution of the software as a whole, including the external library, may be subject to the terms of the external library's license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmithril-security%2Fsgx-dcap-quote-verify-python","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmithril-security%2Fsgx-dcap-quote-verify-python","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmithril-security%2Fsgx-dcap-quote-verify-python/lists"}