Command Line Interface

The package is shipped with a command line interface, that is used to test a QKD server implementing the QKD specifications.

Warning

This command line interface is intended for testing purposes only ! It should not be used for production.

Accessing the command line interface

The command line can be accessed with the cli.py file and also with qkd014-client command line tool installed with the software.

Passing the required arguments

The required arguments, independently of which command is used, are :

  • hostname (of the server implementing the QKD 014 specifications);

  • cert : certificate file path to use;

  • key : private key path associated with the certificate;

  • ca : the root CA path that signed the server’s certificate;

  • force : whether to force insecure connections or not.

These parameters can be given either directly with the command line or using a configuration file.

Through the command line

Here is the way to give all the parameters :

  • hostname can be given with --hostname HOSTNAME or -H HOSTNAME;

  • cert can be given with --cert CERT or -c CERT;

  • key can be given with --key KEY or -k KEY;

  • ca can be given with --ca CA or -r CA;

  • by default force is false. You can set it to true with --force or -f.

Through a configuration file

As an alternative to pass all those arguments on the command line, you can also create a configuration file that looks like

[etsi_qkd_014_client]
hostname = 192.168.1.1
cert = cert.pem
key = key.pem
ca = ca.pem
force = no

Then you should call the script using the --config option:

qkd014-client --config config.ini get_status

Precedence

Configuration file takes priority over the command line arguments. That means that, for instance if the --config is given with a wrong configuration file, the script will raise an exception even if all the other parameters were given to the command line.

You cannot mix command line arguments and configuration file.

Commands

There are 3 different subcommands :

  • get_status command to get the status of the QKD server. This require the SAE ID of the slave SAE.

  • get_key command to get one (or more) key(s). This require at least one additional parameter: the SAE ID of the slave SAE.

  • get_key_with_ID command to get one (or more) key(s), knowing their ID. This require at least two additional parameters: the SAE ID of the slave SAE and the list of the ID(s) of the key(s).

Get status

You can get the status of SAEBOB with:

qkd014-client -H 192.168.10.101 -c clientCert.pem -k clientKey.pem -r rootCA.pem -f get_status SAEBOB

Get key

You can get a key with:

qkd014-client -H 192.168.10.101 -c clientCert.pem -k clientKey.pem -r rootCA.pem -f get_key SAEBOB

Get key with ID

You can get a key with the ID with:

qkd014-client -H 192.168.10.101 -c clientCert.pem -k clientKey.pem -r rootCA.pem -f get_key_with_id SAEALICE 8c3c8d07-4827-47b7-a61b-db9b95f01cb9