intel_dcap_api/client/mod.rs
1// SPDX-License-Identifier: Apache-2.0
2// Copyright (c) 2025 Matter Labs
3
4mod enclave_identity;
5mod fmspc;
6mod helpers;
7mod pck_cert;
8mod pck_crl;
9mod registration;
10mod tcb_info;
11
12use crate::{error::IntelApiError, types::ApiVersion};
13use reqwest::Client;
14use url::Url;
15
16// Base URL for the Intel Trusted Services API
17const BASE_URL: &str = "https://api.trustedservices.intel.com";
18
19/// Client for interacting with Intel Trusted Services API.
20///
21/// Provides methods to access both SGX and TDX certification services,
22/// supporting API versions V3 and V4. This client offers functionality
23/// to register platforms, retrieve PCK certificates and CRLs, fetch TCB
24/// information, enclave identities, as well as TCB evaluation data numbers.
25///
26/// # Examples
27///
28/// ```rust,no_run
29/// use intel_dcap_api::ApiClient;
30///
31/// #[tokio::main]
32/// async fn main() -> Result<(), Box<dyn std::error::Error>> {
33/// // Create a client with default settings (V4 API)
34/// let client = ApiClient::new()?;
35///
36/// // Retrieve TCB info for a specific FMSPC
37/// let tcb_info = client.get_sgx_tcb_info("00606A000000", None, None).await?;
38/// println!("TCB Info: {}", tcb_info.tcb_info_json);
39///
40/// Ok(())
41/// }
42/// ```
43#[derive(Clone)]
44pub struct ApiClient {
45 client: Client,
46 base_url: Url,
47 api_version: ApiVersion,
48}
49
50impl ApiClient {
51 /// Creates a new client targeting the latest supported API version (V4).
52 ///
53 /// # Returns
54 ///
55 /// A result containing the newly created `ApiClient` or an `IntelApiError` if there
56 /// was an issue building the underlying HTTP client.
57 ///
58 /// # Errors
59 ///
60 /// This function may fail if the provided TLS version or base URL
61 /// cannot be used to build a `reqwest` client.
62 pub fn new() -> Result<Self, IntelApiError> {
63 // Default to V4
64 Self::new_with_options(BASE_URL, ApiVersion::V4)
65 }
66
67 /// Creates a new client targeting a specific API version.
68 ///
69 /// # Arguments
70 ///
71 /// * `api_version` - The desired API version to use (V3 or V4).
72 ///
73 /// # Errors
74 ///
75 /// Returns an `IntelApiError` if the `reqwest` client cannot be built
76 /// with the specified options.
77 pub fn new_with_version(api_version: ApiVersion) -> Result<Self, IntelApiError> {
78 Self::new_with_options(BASE_URL, api_version)
79 }
80
81 /// Creates a new client with a custom base URL, targeting the latest supported API version (V4).
82 ///
83 /// # Arguments
84 ///
85 /// * `base_url` - The custom base URL for the Intel Trusted Services API.
86 ///
87 /// # Errors
88 ///
89 /// Returns an `IntelApiError` if the `reqwest` client cannot be built
90 /// or if the provided base URL is invalid.
91 pub fn new_with_base_url(base_url: impl reqwest::IntoUrl) -> Result<Self, IntelApiError> {
92 // Default to V4
93 Self::new_with_options(base_url, ApiVersion::V4)
94 }
95
96 /// Creates a new client with a custom base URL and specific API version.
97 ///
98 /// # Arguments
99 ///
100 /// * `base_url` - The custom base URL for the Intel Trusted Services API.
101 /// * `api_version` - The desired API version (V3 or V4).
102 ///
103 /// # Errors
104 ///
105 /// Returns an `IntelApiError` if the `reqwest` client cannot be built
106 /// or if the provided base URL is invalid.
107 pub fn new_with_options(
108 base_url: impl reqwest::IntoUrl,
109 api_version: ApiVersion,
110 ) -> Result<Self, IntelApiError> {
111 Ok(ApiClient {
112 client: Client::builder()
113 .min_tls_version(reqwest::tls::Version::TLS_1_2)
114 .build()?,
115 base_url: base_url.into_url()?,
116 api_version,
117 })
118 }
119}