dcap_rs/types/enclave_identity.rs
1use serde::{Deserialize, Serialize};
2
3// EnclaveIdentityV2:
4// type: object
5// description: SGX Enclave Identity data structure encoded as JSON string in case of success
6// (200 HTTP status code)
7// properties:
8// enclaveIdentity:
9// type: object
10// properties:
11// id:
12// type: string
13// description: Identifier of the SGX Enclave issued by Intel. Supported values are QE, QVE and TD_QE
14// version:
15// type: integer
16// example: 2
17// description: Version of the structure
18// issueDate:
19// type: string
20// format: date-time
21// description: >-
22// Representation of date and time the Enclave Identity information
23// was created. The time shall be in UTC and the encoding shall
24// be compliant to ISO 8601 standard (YYYY-MM-DDThh:mm:ssZ)
25// nextUpdate:
26// type: string
27// format: date-time
28// description: >-
29// Representation of date and time by which next Enclave Identity
30// information will be issued. The time shall be in
31// UTC and the encoding shall be compliant to ISO 8601 standard
32// (YYYY-MM-DDThh:mm:ssZ)
33// tcbEvaluationDataNumber:
34// type: integer
35// example: 2
36// description: >-
37// A monotonically increasing sequence number changed
38// when Intel updates the content of the TCB evaluation data
39// set: TCB Info, QE Idenity and QVE Identity. The tcbEvaluationDataNumber
40// update is synchronized across TCB Info for all flavors of
41// SGX CPUs (Family-Model-Stepping-Platform-CustomSKU) and QE/QVE
42// Identity. This sequence number allows users to easily determine
43// when a particular TCB Info/QE Idenity/QVE Identiy superseedes
44// another TCB Info/QE Identity/QVE Identity (value: current
45// TCB Recovery event number stored in the database).
46// miscselect:
47// type: string
48// pattern: ^[0-9a-fA-F]{8}$
49// example: '00000000'
50// description: Base 16-encoded string representing miscselect "golden" value (upon applying mask).
51// miscselectMask:
52// type: string
53// pattern: ^[0-9a-fA-F]{8}$
54// example: '00000000'
55// description: Base 16-encoded string representing mask to be applied to miscselect value retrieved from the platform.
56// attributes:
57// type: string
58// pattern: ^[0-9a-fA-F]{32}$
59// example: '00000000000000000000000000000000'
60// description: Base 16-encoded string representing attributes "golden" value (upon applying mask).
61// attributesMask:
62// type: string
63// pattern: ^[0-9a-fA-F]{32}$
64// example: '00000000000000000000000000000000'
65// description: Base 16-encoded string representing mask to be applied to attributes value retrieved from the platform.
66// mrsigner:
67// type: string
68// pattern: ^[0-9a-fA-F]{64}$
69// example: '0000000000000000000000000000000000000000000000000000000000000000'
70// description: Base 16-encoded string representing mrsigner hash.
71// isvprodid:
72// type: integer
73// example: 0
74// minimum: 0
75// maximum: 65535
76// description: Enclave Product ID.
77// tcbLevels:
78// description: >-
79// Sorted list of supported Enclave TCB levels for given
80// QVE encoded as a JSON array of Enclave TCB level objects.
81// type: array
82// items:
83// type: object
84// properties:
85// tcb:
86// type: object
87// properties:
88// isvsvn:
89// description: SGX Enclave's ISV SVN
90// type: integer
91// tcbDate:
92// type: string
93// format: date-time
94// description: >-
95// If there are security advisories published by Intel after tcbDate
96// that are for issues whose mitigations are currently enforced* by SGX attestation,
97// then the value of tcbStatus for the TCB level will not be UpToDate.
98// Otherwise (i.e., either no advisories after or not currently enforced),
99// the value of tcbStatus for the TCB level will not be OutOfDate.
100//
101// The time shall be in UTC and the encoding shall
102// be compliant to ISO 8601 standard (YYYY-MM-DDThh:mm:ssZ).
103// tcbStatus:
104// type: string
105// enum:
106// - UpToDate
107// - OutOfDate
108// - Revoked
109// description: >-
110// TCB level status. One of the following values:
111//
112// "UpToDate" - TCB level of the SGX platform is up-to-date.
113//
114// "OutOfDate" - TCB level of SGX platform is outdated.
115//
116// "Revoked" - TCB level of SGX platform is revoked.
117// The platform is not trustworthy.
118// advisoryIDs:
119// type: array
120// description: >-
121// Array of Advisory IDs referring to Intel security advisories that
122// provide insight into the reason(s) for the value of tcbStatus for
123// this TCB level when the value is not UpToDate.
124//
125// This field is optional. It will be present only
126// if the list of Advisory IDs is not empty.
127// items:
128// type: string
129// signature:
130// type: string
131// description: Hex-encoded string representation of a signature calculated
132// over qeIdentity body (without whitespaces) using TCB Info Signing Key.
133
134#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
135#[serde(rename_all = "camelCase")]
136pub struct EnclaveIdentityV2 {
137 pub enclave_identity: EnclaveIdentityV2Inner,
138 pub signature: String,
139}
140
141#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
142#[serde(rename_all = "camelCase")]
143pub struct EnclaveIdentityV2Inner {
144 pub id: String,
145 pub version: u64,
146 pub issue_date: String,
147 pub next_update: String,
148 pub tcb_evaluation_data_number: u64,
149 pub miscselect: String,
150 pub miscselect_mask: String,
151 pub attributes: String,
152 pub attributes_mask: String,
153 pub mrsigner: String,
154 pub isvprodid: u16,
155 pub tcb_levels: Vec<EnclaveIdentityV2TcbLevelItem>,
156}
157
158#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
159#[serde(rename_all = "camelCase")]
160pub struct EnclaveIdentityV2TcbLevelItem {
161 pub tcb: EnclaveIdentityV2TcbLevel,
162 pub tcb_date: String,
163 pub tcb_status: String,
164 #[serde(rename(serialize = "advisoryIDs", deserialize = "advisoryIDs"))]
165 #[serde(skip_serializing_if = "Option::is_none")]
166 pub advisory_ids: Option<Vec<String>>,
167}
168
169#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
170#[serde(rename_all = "camelCase")]
171pub struct EnclaveIdentityV2TcbLevel {
172 pub isvsvn: u16,
173}