v0.2.1: Add fn get_collateral_and_verify

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "dcap-qvl"
-version = "0.2.0"
+version = "0.2.1"
 edition = "2021"
 license = "MIT"
 description = "This crate implements the quote verification logic for DCAP (Data Center Attestation Primitives) in pure Rust."

src/collateral.rs

@@ -2,11 +2,13 @@ use alloc::string::{String, ToString};
 use anyhow::{anyhow, Context, Result};
 use scale::Decode;
 
-use crate::quote::Quote;
+use crate::quote::{Header, Quote};
+use crate::verify::VerifiedReport;
 use crate::QuoteCollateralV3;
 
 #[cfg(not(feature = "js"))]
 use core::time::Duration;
+use std::time::SystemTime;
 
 fn get_header(resposne: &reqwest::Response, name: &str) -> Result<String> {
     let value = resposne
@@ -123,3 +125,28 @@ pub async fn get_collateral_from_pcs(
     )
     .await
 }
+
+/// Get collateral and verify the quote.
+pub async fn get_collateral_and_verify(
+    quote: &[u8],
+    pccs_url: Option<&str>,
+) -> Result<VerifiedReport> {
+    let url = pccs_url.unwrap_or_default();
+    let pccs_url = if url.is_empty() {
+        let header = Header::decode(&mut &quote[..]).context("Failed to decode quote header")?;
+        if header.is_sgx() {
+            "https://api.trustedservices.intel.com/sgx/certification/v4"
+        } else {
+            "https://api.trustedservices.intel.com/tdx/certification/v4"
+        }
+    } else {
+        url
+    };
+    let timeout = Duration::from_secs(120);
+    let collateral = get_collateral(pccs_url, quote, timeout).await?;
+    let now = SystemTime::now()
+        .duration_since(SystemTime::UNIX_EPOCH)
+        .context("Failed to get current time")?
+        .as_secs() as u64;
+    crate::verify::verify(quote, &collateral, now)
+}

src/quote.rs

@@ -54,6 +54,12 @@ pub struct Header {
     pub user_data: [u8; 20],
 }
 
+impl Header {
+    pub fn is_sgx(&self) -> bool {
+        self.tee_type == TEE_TYPE_SGX
+    }
+}
+
 #[derive(Decode, Debug)]
 pub struct Body {
     pub body_type: u16,