tlsnotary/tlsn-quote-verification
1
0
Fork 0
mirror of https://github.com/tlsnotary/tlsn-quote-verification.git synced 2026-01-07 22:53:51 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
542474308cf13a9026234cbe02fef82e01d52540
tlsn-quote-verification/intel-tee-quote-verification-docker/readme.md
Hendrik Eeckhaut 542474308c quote verification with intel-tee-quote-verification
2025-04-02 15:30:49 +02:00

1.2 KiB
Raw Blame History

Intel TEE Quote Verification in Docker

This repository contains code to verify SGX quotes for TLSNotary notary servers running in Intel SGX Trusted Execution Environments (TEEs).

Overview

This Rust program leverages Intel's tee-quote-verification library to automatically fetch and validate Intel's certificates. Since this library is only supported on Linux systems, we use Docker to handle dependencies and ensure compatibility.

Getting the Quote

To retrieve the SGX quote from a notary server:

  1. Visit the info page of the notary server.
  2. Copy the rawQuote field.
  3. Decode the hex-encoded quote.

You can perform these steps in a single command:

curl https://notary.pse.dev/v0.1.0-alpha.9/info | jq -r '.quote.rawQuote' | xxd -r -p > quote.dat

This command fetches the rawQuote, decodes it from hex, and saves it as quote.dat.

Verifying the Quote

The binary has native library dependencies. To simplify running the quote verifier, it can be built and executed within a Docker container.

To verify the quote, run:

./verify.sh quote.dat

This script will:

  1. Build the Docker container (if it hasnt been built already).
  2. Run the quote verification program inside the container.
Reference in New Issue View Git Blame Copy Permalink