QKD014Client

The complete API reference of the client can be found here : QKD014Client.

The QKD014Client is the main class that you will use with this module.

It is the one that implements the three main methods described in the specifications :

  • get_status()

  • get_key()

  • get_key_with_key_IDs()

Initialization of the client

To initiate the client you need 4 required parameters :

  • kme_hostname : ip address of url of the API;

  • cert_path : the path of the certificate of the client, signed by the root client CA;

  • key_path : the path of the key associated to the certificate;

  • ca_path : the path of the root CA used to sign the server’s certificates.

and 1 optional parameter

  • force_insecure : wether to verify or not the certificate of the server (if force_insecure is True, the certificate of the server will not be checked).

The full documentation of this function is etsi_qkd_014_client.client.QKD014Client.__init__()

An example of initialization is given below :

from etsi_qkd_014_client import QKD014Client

client_alice = QKD014Client(
    kme_hostname = "192.168.10.101",
    cert_path = "clientCert.pem",
    key_path = "clientKey.pem",
    ca_path = "rootCA.pem",
    force_insecure = True
 )

that can also be called without the parameters name :

from etsi_qkd_014_client import QKD014Client

client_alice = QKD014Client(
  "192.168.10.101",
  "clientCert.pem",
  "clientKey.pem",
  "rootCA.pem",
  True
)

Using the client

Return values of the client

If you use one of the three public methods, they will return a tuple composed of an int that is the response code and an instance a class inheriting from QKD014Data that is the response data.

Response code

The response code is the same as the HTTP response codes.

Only a fraction of them can be returned according to the specifications and here they are :

Code

Description

200

Success

400

Bad request format

401

Unauthorized

503

Error on server side

In general, the code 200 will then be returned with a Data class corresponding to what was requested, and if another code is returned, it usually comes from with a DataError instance, that may hold additionnal information on the error.

Data

The main class QKD014Data is an abstract class from which inherits 6 classes :

  • DataStatus;

  • DataKeyRequest;

  • DataKey;

  • DataKeyContainer;

  • DataKeyIDs;

  • DataError.

The public methods will however return only one of the three following class :

  • DataStatus for the get_status() method;

  • DataKeyContainer for the get_key() and get_key_with_key_IDs() methods;

  • DataError in case of an error while calling one of the three methods.

You will also, however, deal with the DataKey class since the DataKeyContainer instance will contain a list of those.

Warning

The DataKeyRequest and DataKeyIDs are helping classes for the requests, and should not be used as such by the end user.

DataError

An instance of the DataError class is returned in case an error occurred during the request. As described in the specifications it holds two fields :

  • message that is the error message returned by the server;

  • details that is an optional list of key/value pairs (dict) containing additional information on the error.

Note

It does not hold the response code, that is returned individually from the data.

DataStatus

An instance of the DataStatus class is returned in case of a successful request to get_status(). There are several attributes accessible :

  • source_kme_id: KME ID of the KME;

  • target_kme_id: KME ID of the target KME;

  • master_sae_id: SAE ID of the calling master SAE;

  • slave_sae_id: SAE ID of the specified slave SAE;

  • key_size: Default size of key the KME can deliver to the SAE (in bit);

  • stored_key_count: Number of stored keys KME can deliver to the SAE;

  • max_key_count: Maximum number of stored_key_count;

  • max_key_per_request: Maximum number of keys per request;

  • max_key_size: Maximum size of key the KME can deliver to the SAE (in bit);

  • min_key_size: Minimum size of key the KME can deliver to the SAE (in bit);

  • max_sae_id_count: Maximum number of additional_slave_sae_ids the KME allows. “0” when the KME does not support key multicast;

  • status_extension: (Option) for future use.

DataKeyContainer

An instance of the DataKeyContainer class is returned in case of a successful request to get_key() or get_key_with_key_IDs(). There are several attributes accessible :

  • keys: Array of keys. The number of keys is specified by the “number” parameter in “Get key”. If not specified, the default number of keys is 1. Each element in this array is an instance of the class DataKey;

  • key_container_extension: (Option) for future use.

DataKey

Instances of DataKey are contained in the keys attribute of an instance of DataKeyContainer. There are several attributes accessible :

  • key_id: ID of the key: UUID format (example: “550e8400-e29b-41d4-a716-446655440000”);

  • key_id_extension: (Option) for future use;

  • key: Key data encoded by base64 [7]. The key size is specified by the “size” parameter in “Get key”. If not specified, the “key_size” value in Status data model is used as the default size.

  • key_extension: (Option) for future use.