intel_dcap_api/
responses.rs

1// SPDX-License-Identifier: Apache-2.0
2// Copyright (c) 2025 Matter Labs
3
4/// JSON structure as defined in Appendix A of the API spec.
5/// Content may vary slightly between API v3 and v4.
6pub type TcbInfoJson = String;
7
8/// JSON structure as defined in Appendix B of the API spec.
9/// Content may vary slightly between API v3 and v4.
10pub type EnclaveIdentityJson = String;
11
12/// JSON Array of {tcb, tcbm, cert}.
13/// Content structure expected to be consistent between v3 and v4.
14pub type PckCertsJsonResponse = String;
15
16/// JSON Array of {fmspc, platform}.
17/// Content structure expected to be consistent between v3 and v4.
18pub type FmspcJsonResponse = String;
19
20/// JSON structure as defined in Appendix C of the API spec (V4 ONLY).
21pub type TcbEvaluationDataNumbersJson = String;
22
23/// Response structure for a PCK (Platform Configuration Key) Certificate.
24///
25/// Contains the PCK certificate, its issuer chain, TCB measurement, and FMSPC value.
26#[derive(Debug, Clone)]
27pub struct PckCertificateResponse {
28    /// PEM-encoded PCK certificate.
29    pub pck_cert_pem: String,
30    /// PEM-encoded certificate chain for the PCK certificate issuer.
31    /// Header name differs between v3 ("PCS-Certificate-Issuer-Chain") and v4 ("SGX-PCK-Certificate-Issuer-Chain").
32    pub issuer_chain: String,
33    /// TCBm value associated with the certificate (Hex-encoded).
34    pub tcbm: String,
35    /// FMSPC value associated with the certificate (Hex-encoded).
36    pub fmspc: String,
37}
38
39/// Response structure for multiple PCK (Platform Configuration Key) Certificates.
40///
41/// Contains a JSON array of PCK certificates, their issuer chain, and the associated FMSPC value.
42/// This struct represents the response for retrieving multiple PCK certificates from the Intel SGX API.
43#[derive(Debug, Clone)]
44pub struct PckCertificatesResponse {
45    /// JSON array containing PCK certificates and their associated TCB levels.
46    pub pck_certs_json: PckCertsJsonResponse, // String alias for now
47    /// PEM-encoded certificate chain for the PCK certificate issuer.
48    /// Header name differs between v3 ("PCS-Certificate-Issuer-Chain") and v4 ("SGX-PCK-Certificate-Issuer-Chain").
49    pub issuer_chain: String,
50    /// FMSPC value associated with the certificates (Hex-encoded).
51    pub fmspc: String,
52}
53
54/// Response structure for TCB (Trusted Computing Base) Information.
55///
56/// Contains the JSON representation of TCB information for a specific platform,
57/// along with the certificate chain of the TCB Info signer.
58#[derive(Debug, Clone)]
59pub struct TcbInfoResponse {
60    /// JSON containing TCB information for a specific platform (FMSPC).
61    pub tcb_info_json: TcbInfoJson, // String alias for now
62    /// PEM-encoded certificate chain for the TCB Info signer.
63    /// Header name differs slightly between v3 ("SGX-TCB-Info-Issuer-Chain") and v4 ("TCB-Info-Issuer-Chain" - check spec).
64    pub issuer_chain: String,
65}
66
67/// Response structure for Enclave Identity Information.
68///
69/// Contains the JSON representation of enclave identity details for QE, QvE, or QAE,
70/// along with its issuer chain.
71#[derive(Debug, Clone)]
72pub struct EnclaveIdentityResponse {
73    /// JSON containing information about the QE, QvE, or QAE.
74    pub enclave_identity_json: EnclaveIdentityJson, // String alias for now
75    /// PEM-encoded certificate chain for the Enclave Identity signer.
76    /// Header name seems consistent ("SGX-Enclave-Identity-Issuer-Chain").
77    pub issuer_chain: String,
78}
79
80/// Response structure for TCB Evaluation Data Numbers (V4 ONLY).
81///
82/// Contains the JSON representation of supported TCB Evaluation Data Numbers
83/// and its corresponding issuer chain.
84#[derive(Debug, Clone)]
85pub struct TcbEvaluationDataNumbersResponse {
86    /// JSON containing the list of supported TCB Evaluation Data Numbers (V4 ONLY).
87    pub tcb_evaluation_data_numbers_json: TcbEvaluationDataNumbersJson, // String alias for now
88    /// PEM-encoded certificate chain for the TCB Evaluation Data Numbers signer (V4 ONLY).
89    /// Header: "TCB-Evaluation-Data-Numbers-Issuer-Chain".
90    pub issuer_chain: String,
91}
92
93/// Response structure for Platform Configuration Key Certificate Revocation List (PCK CRL).
94///
95/// Contains the CRL data and its issuer chain for validating platform configuration keys.
96#[derive(Debug, Clone)]
97pub struct PckCrlResponse {
98    /// CRL data (PEM or DER encoded).
99    pub crl_data: Vec<u8>,
100    /// PEM-encoded certificate chain for the CRL issuer.
101    /// Header name differs between v3 ("PCS-CRL-Issuer-Chain") and v4 ("SGX-PCK-CRL-Issuer-Chain").
102    pub issuer_chain: String,
103}
104
105/// Response structure for the request to add a package.
106pub struct AddPackageResponse {
107    /// Platform Membership Certificates
108    pub pck_certs: Vec<u8>,
109    /// The certificate count extracted from the response header.
110    pub pck_cert_count: usize,
111}