intel-dcap-api 0.6.0

Intel DCAP API Client
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2025 Matter Labs

use intel_dcap_api::{
    ApiClient, ApiVersion, CaType, CrlEncoding, EnclaveIdentityResponse, IntelApiError,
    PckCrlResponse, PlatformFilter, TcbInfoResponse,
};

#[tokio::main]
async fn main() -> Result<(), IntelApiError> {
    for api_version in [ApiVersion::V3, ApiVersion::V4] {
        println!("Using API version: {}", api_version);

        let client = ApiClient::new_with_version(api_version)?;

        // Example: Get SGX TCB Info
        let fmspc_example = "00606A000000"; // Example FMSPC from docs
        match client.get_sgx_tcb_info(fmspc_example, None, None).await {
            Ok(TcbInfoResponse {
                tcb_info_json,
                issuer_chain,
            }) => println!(
                "SGX TCB Info for {}:\n{}\nIssuer Chain: {}",
                fmspc_example, tcb_info_json, issuer_chain
            ),
            Err(e) => eprintln!("Error getting SGX TCB info: {}", e),
        }

        // Example: Get FMSPCs
        match client.get_fmspcs(Some(PlatformFilter::E3)).await {
            // Filter for E3 platform type [cite: 230]
            Ok(fmspc_list) => println!("\nE3 FMSPCs:\n{}", fmspc_list),
            Err(e) => eprintln!("Error getting FMSPCs: {}", e),
        }

        // Example: Get SGX QE Identity
        match client.get_sgx_qe_identity(None, None).await {
            Ok(EnclaveIdentityResponse {
                enclave_identity_json,
                issuer_chain,
            }) => {
                println!(
                    "\nSGX QE Identity:\n{}\nIssuer Chain: {}",
                    enclave_identity_json, issuer_chain
                )
            }
            Err(e) => eprintln!("Error getting SGX QE Identity: {}", e),
        }

        // Example: Get PCK CRL (Platform CA, PEM encoding)
        match client
            .get_pck_crl(CaType::Platform, Some(CrlEncoding::Pem))
            .await
        {
            // [cite: 118, 119]
            Ok(PckCrlResponse {
                crl_data,
                issuer_chain,
            }) => {
                // Attempt to decode PEM for display, otherwise show byte count
                match String::from_utf8(crl_data.clone()) {
                    Ok(pem_string) => println!(
                        "\nPlatform PCK CRL (PEM):\n{}\nIssuer Chain: {}",
                        pem_string, issuer_chain
                    ),
                    Err(_) => println!(
                        "\nPlatform PCK CRL ({} bytes, likely DER):\nIssuer Chain: {}",
                        crl_data.len(),
                        issuer_chain
                    ),
                }
            }
            Err(e) => eprintln!("Error getting PCK CRL: {}", e),
        }
    }

    Ok(())
}