QKD014Client
The complete API reference of the client can be found here : QKD014Client
.
The QKD014Client
is the main class that you will use with this module.
It is the one that implements the three main methods described in the specifications :
get_status()
get_key()
get_key_with_key_IDs()
Initialization of the client
To initiate the client you need 4 required parameters :
kme_hostname
: ip address of url of the API;cert_path
: the path of the certificate of the client, signed by the root client CA;key_path
: the path of the key associated to the certificate;ca_path
: the path of the root CA used to sign the server’s certificates.
and 1 optional parameter
force_insecure
: wether to verify or not the certificate of the server (ifforce_insecure
isTrue
, the certificate of the server will not be checked).
The full documentation of this function is etsi_qkd_014_client.client.QKD014Client.__init__()
An example of initialization is given below :
from etsi_qkd_014_client import QKD014Client
client_alice = QKD014Client(
kme_hostname = "192.168.10.101",
cert_path = "clientCert.pem",
key_path = "clientKey.pem",
ca_path = "rootCA.pem",
force_insecure = True
)
that can also be called without the parameters name :
from etsi_qkd_014_client import QKD014Client
client_alice = QKD014Client(
"192.168.10.101",
"clientCert.pem",
"clientKey.pem",
"rootCA.pem",
True
)
Using the client
Return values of the client
If you use one of the three public methods, they will return a tuple composed of an int that is the response code and an instance a class inheriting from QKD014Data
that is the response data.
Response code
The response code is the same as the HTTP response codes.
Only a fraction of them can be returned according to the specifications and here they are :
Code |
Description |
---|---|
200 |
Success |
400 |
Bad request format |
401 |
Unauthorized |
503 |
Error on server side |
In general, the code 200 will then be returned with a Data class corresponding to what was requested, and if another code is returned, it usually comes from with a DataError
instance, that may hold additionnal information on the error.
Data
The main class QKD014Data
is an abstract class from which inherits 6 classes :
DataStatus
;DataKeyRequest
;DataKey
;DataKeyContainer
;DataKeyIDs
;DataError
.
The public methods will however return only one of the three following class :
DataStatus
for theget_status()
method;DataKeyContainer
for theget_key()
andget_key_with_key_IDs()
methods;DataError
in case of an error while calling one of the three methods.
You will also, however, deal with the DataKey
class since the DataKeyContainer
instance will contain a list of those.
Warning
The DataKeyRequest
and DataKeyIDs
are helping classes for the requests, and should not be used as such by the end user.
DataError
An instance of the DataError
class is returned in case an error occurred during the request. As described in the specifications it holds two fields :
message
that is the error message returned by the server;details
that is an optional list of key/value pairs (dict
) containing additional information on the error.
Note
It does not hold the response code, that is returned individually from the data.
DataStatus
An instance of the DataStatus
class is returned in case of a successful request to get_status()
. There are several attributes accessible :
source_kme_id
: KME ID of the KME;target_kme_id
: KME ID of the target KME;master_sae_id
: SAE ID of the calling master SAE;slave_sae_id
: SAE ID of the specified slave SAE;key_size
: Default size of key the KME can deliver to the SAE (in bit);stored_key_count
: Number of stored keys KME can deliver to the SAE;max_key_count
: Maximum number of stored_key_count;max_key_per_request
: Maximum number of keys per request;max_key_size
: Maximum size of key the KME can deliver to the SAE (in bit);min_key_size
: Minimum size of key the KME can deliver to the SAE (in bit);max_sae_id_count
: Maximum number of additional_slave_sae_ids the KME allows. “0” when the KME does not support key multicast;status_extension
: (Option) for future use.
DataKeyContainer
An instance of the DataKeyContainer
class is returned in case of a successful request to get_key()
or get_key_with_key_IDs()
. There are several attributes accessible :
keys
: Array of keys. The number of keys is specified by the “number” parameter in “Get key”. If not specified, the default number of keys is 1. Each element in this array is an instance of the classDataKey
;key_container_extension
: (Option) for future use.
DataKey
Instances of DataKey
are contained in the keys
attribute of an instance of DataKeyContainer
. There are several attributes accessible :
key_id
: ID of the key: UUID format (example: “550e8400-e29b-41d4-a716-446655440000”);key_id_extension
: (Option) for future use;key
: Key data encoded by base64 [7]. The key size is specified by the “size” parameter in “Get key”. If not specified, the “key_size” value in Status data model is used as the default size.key_extension
: (Option) for future use.