Skip to content

TDX Support (continuation of #58) #59

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jdrean merged 19 commits into from
Feb 23, 2026
Merged

TDX Support (continuation of #58) #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
1c7bb73
feat: add TDX quote parsing (abi_tdx.py)
jdrean Feb 23, 2026
6069536
feat: add TDX cryptographic verification (verify_tdx.py)
jdrean Feb 23, 2026
6b5e2d9
feat: add TDX policy validation (validate_tdx.py)
jdrean Feb 23, 2026
8fc0900
feat: add TDX collateral fetching and validation (collateral_tdx.py)
jdrean Feb 23, 2026
ba2c999
feat: add PCK extension parsing with pyasn1 (pck_extensions.py)
jdrean Feb 23, 2026
f43326e
feat: add certificate chain utilities (cert_utils.py, intel_root_ca.py)
jdrean Feb 23, 2026
4105a61
feat: add TDX attestation orchestration (attestation_tdx.py)
jdrean Feb 23, 2026
441dd23
refactor: isolate SEV attestation into dedicated modules
jdrean Feb 23, 2026
f4e0668
feat: add shared attestation types and helpers (types.py)
jdrean Feb 23, 2026
bb1d63d
feat: add Sigstore DSSE verification for hardware measurements
jdrean Feb 23, 2026
98b953e
feat: add secure httpx client with TLS pinning
jdrean Feb 23, 2026
37de88c
refactor: update attestation module exports and format dispatch
jdrean Feb 23, 2026
ddd5e7e
test: add integration and multi-enclave attestation tests
jdrean Feb 23, 2026
2428414
chore: add pyasn1 dependency, update gitignore
jdrean Feb 23, 2026
7fefe37
refactor: remove old SEV module files replaced by dedicated modules
jdrean Feb 23, 2026
34ed960
fix: assert RTMR count before zip comparison, fix stale comment
jdrean Feb 23, 2026
d19cc31
fix: reject unrecognized OIDs and missing fields in PCK TCB extension…
jdrean Feb 23, 2026
da9274e
refactor: move safe_gzip_decompress from types.py to utils.py
jdrean Feb 23, 2026
90198df
refactor: deduplicate DEFAULT_MIN_TCB_EVALUATION_DATA_NUMBER constant
jdrean Feb 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,4 +174,10 @@ cython_debug/
tuf-repo-cdn.sigstore.dev.json
verifier/
tinfoil/tinfoil_verifier/
.DS_Store
.DS_Store

# Logs
*.log

# Generated documentation
docs/_build/
1 change: 1 addition & 0 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ dependencies = [
"requests>=2.31.0",
"cryptography>=42.0.0",
"pyOpenSSL>=25.0.0",
"pyasn1>=0.4.0",
"sigstore>=4.1.0",
"platformdirs>=4.2.0",
"pytest-asyncio>=0.26.0"
Expand Down
34 changes: 28 additions & 6 deletions src/tinfoil/attestation/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,39 @@
from .types import (
PredicateType,
TDX_TYPES,
Measurement,
Verification,
HardwareMeasurement,
AttestationError,
FormatMismatchError,
MeasurementMismatchError,
Rtmr3NotZeroError,
HardwareMeasurementError,
RTMR3_ZERO,
)
from .attestation import (
fetch_attestation,
verify_attestation_json,
verify_sev_attestation_v2,
Measurement,
PredicateType,
from_snp_digest
)
from .attestation_tdx import verify_tdx_attestation_v2, TdxAttestationError, verify_tdx_hardware
from .attestation_sev import verify_sev_attestation_v2, SevAttestationError

__all__ = [
'fetch_attestation',
'verify_sev_attestation_v2',
'verify_tdx_attestation_v2',
'verify_tdx_hardware',
'verify_attestation_json',
'Measurement',
'Verification',
'PredicateType',
'from_snp_digest'
]
'RTMR3_ZERO',
'AttestationError',
'FormatMismatchError',
'MeasurementMismatchError',
'Rtmr3NotZeroError',
'HardwareMeasurementError',
'HardwareMeasurement',
'TdxAttestationError',
'SevAttestationError',
]
0 src/tinfoil/attestation/abi_sevsnp.py → src/tinfoil/attestation/abi_sev.py
View file
Open in desktop
File renamed without changes.
Loading