add --tcb_eval_data_num option to zkdcap-sim command

bluele · bluele · commit 8b5a9d49cd46 · 2025-02-27T00:00:45.000+09:00
Signed-off-by: Jun Kimura &lt;jun.kimura@datachain.jp&gt;
diff --git a/app/src/commands/attestation.rs b/app/src/commands/attestation.rs
@@ -437,6 +437,14 @@ pub struct ZKDCAPSIMRemoteAttestation {
         help = "Quote status to include in the report"
     )]
     pub isv_enclave_quote_status: String,
+
+    /// TCB Evaluation Data Number for TCB Info and QE Identity
+    #[clap(
+        long = "tcb_eval_data_num",
+        default_value = "1",
+        help = "TCB Evaluation Data Number"
+    )]
+    pub tcb_eval_data_num: u32,
 }
 
 impl ZKDCAPSIMRemoteAttestation {
@@ -477,7 +485,8 @@ fn run_zkdcap_ra_simulation<E: EnclaveCommandAPI<S>, S: CommitStore>(
             DCAP_SIM_ROOT_KEY_PKCS8.as_bytes(),
         )?
         .with_advisory_ids(cmd.advisory_ids.clone())
-        .with_isv_enclave_quote_status(cmd.isv_enclave_quote_status.as_str())?,
+        .with_isv_enclave_quote_status(cmd.isv_enclave_quote_status.as_str())?
+        .with_tcb_evaluation_data_number(cmd.tcb_eval_data_num),
     )?;
     Ok(())
 }
diff --git a/modules/remote-attestation/src/dcap_simulation.rs b/modules/remote-attestation/src/dcap_simulation.rs
@@ -74,6 +74,7 @@ pub struct DCAPRASimulationOpts {
 
     advisory_ids: Vec<String>,
     isv_enclave_quote_status: Status,
+    tcb_evaluation_data_number: u32,
 }
 
 impl DCAPRASimulationOpts {
@@ -96,6 +97,7 @@ impl DCAPRASimulationOpts {
             root_key,
             advisory_ids: Default::default(),
             isv_enclave_quote_status: Status::Ok,
+            tcb_evaluation_data_number: 1,
         })
     }
 
@@ -122,6 +124,11 @@ impl DCAPRASimulationOpts {
         })?;
         Ok(self)
     }
+
+    pub fn with_tcb_evaluation_data_number(mut self, number: u32) -> Self {
+        self.tcb_evaluation_data_number = number;
+        self
+    }
 }
 
 pub fn run_dcap_ra_simulation(
@@ -253,11 +260,13 @@ pub(crate) fn simulate_gen_quote_and_collaterals(
     // fmspc and tcb_levels must be consistent with the sgx extensions in the pck cert
     let tcb_info = TcbInfoV3Builder::new(true)
         .fmspc([0, 96, 106, 0, 0, 0])
+        .tcb_evaluation_data_number(opts.tcb_evaluation_data_number)
         .tcb_levels(target_tcb_levels)
         .build_and_sign(&tcb_certchain.key)
         .unwrap();
 
     let qe_identity = EnclaveIdentityV2Builder::new(EnclaveIdentityId::QE)
+        .tcb_evaluation_data_number(opts.tcb_evaluation_data_number)
         .tcb_levels_json(json!([
         {
           "tcb": {
