feat: add platform-specific implementations for quote verification

- Introduced conditional compilation for Intel SGX/TDX quote verification based on target OS and architecture. - Moved Intel-specific logic to a separate module and added a fallback for unsupported platforms. This is done, so we can pull in the `teepot` crate even on `linux-x86_64` without the Intel SGX SDK lib dependency. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2026-04-10 12:24:48 +02:00 · 2025-05-05 14:27:18 +02:00 · 2025-05-05 14:27:18 +02:00 · 2a8614c08f
commit 2a8614c08f
parent 905487dac8
13 changed files with 596 additions and 567 deletions
--- a/crates/teepot/Cargo.toml
+++ b/crates/teepot/Cargo.toml
@ -10,15 +10,15 @@ edition.workspace = true
 authors.workspace = true
 repository.workspace = true

-[target.'cfg(all(target_os = "linux", target_arch = "x86_64"))'.dependencies]
-tdx-attest-rs = { version = "0.1.2", git = "https://github.com/intel/SGXDataCenterAttestationPrimitives.git", rev = "aa239d25a437a28f3f4de92c38f5b6809faac842" }
-teepot-tee-quote-verification-rs = { path = "../teepot-tee-quote-verification-rs" }
-
 [target.'cfg(not(all(target_os = "linux", target_arch = "x86_64")))'.dependencies]
 dcap-qvl = "0.2.3"
 chrono = "0.4.40"
 bytes.workspace = true

+[features]
+default = ["quote_op"]
+quote_op = ["dep:teepot-tee-quote-verification-rs"]
+
 [dependencies]
 anyhow.workspace = true
 asn1_der.workspace = true
@ -49,6 +49,7 @@ serde_json.workspace = true
 sha2.workspace = true
 sha3.workspace = true
 signature.workspace = true
+teepot-tee-quote-verification-rs = { path = "../teepot-tee-quote-verification-rs", optional = true }
 thiserror.workspace = true
 tokio.workspace = true
 tracing.workspace = true