pub fn tee_verify_quote(
quote: &[u8],
quote_collateral: Option<&[u8]>,
expiration_check_date: i64,
qve_report_info: Option<&mut sgx_ql_qe_report_info_t>,
supp_data_descriptor: Option<&mut tee_supp_data_descriptor_t>
) -> Result<(u32, sgx_ql_qv_result_t), quote3_error_t>Expand description
Perform quote verification for SGX and TDX This API works the same as the old one, but takes a new parameter to describe the supplemental data (p_supp_data_descriptor)
Param
- quote
SGX/TDX Quote, presented as u8 vector. - quote_collateral
Quote Certification Collateral provided by the caller. - expiration_check_date
This is the date that the QvE will use to determine if any of the inputted collateral have expired. - qve_report_info
This parameter can be used in 2 ways.- If qve_report_info is NOT None, the API will use Intel QvE to perform quote verification, and QvE will generate a report using the target_info in sgx_ql_qe_report_info_t structure.
- if qve_report_info is None, the API will use QVL library to perform quote verification, not that the results can not be cryptographically authenticated in this mode.
- supp_datal_descriptor
tee_supp_data_descriptor_t structure. You can specify the major version of supplemental data by setting supp_datal_descriptor.major_version If supp_datal_descriptor is None, no supplemental data is returned. If supp_datal_descriptor.major_version == 0, then return the latest version of the sgx_ql_qv_supplemental_t structure. If supp_datal_descriptor <= latest supported version, return the latest minor version associated with that major version. If supp_datal_descriptor > latest supported version, return an error SGX_QL_SUPPLEMENTAL_DATA_VERSION_NOT_SUPPORTED.
Return
Result type of (collateral_expiration_status, verification_result)
Status code of the operation, one of:
- SGX_QL_ERROR_INVALID_PARAMETER
- SGX_QL_QUOTE_FORMAT_UNSUPPORTED
- SGX_QL_QUOTE_CERTIFICATION_DATA_UNSUPPORTED
- SGX_QL_UNABLE_TO_GENERATE_REPORT
- SGX_QL_CRL_UNSUPPORTED_FORMAT
- SGX_QL_ERROR_UNEXPECTED