diff --git a/src/libstrongswan/plugins/qkd/qkd_etsi_api.c b/src/libstrongswan/plugins/qkd/qkd_etsi_api.c index 0b1c43d964..53d707c602 100644 --- a/src/libstrongswan/plugins/qkd/qkd_etsi_api.c +++ b/src/libstrongswan/plugins/qkd/qkd_etsi_api.c @@ -103,6 +103,41 @@ char *request_https(const char *url, chunk_t cert, chunk_t key, chunk_t ca_cert, return chunk.ptr; } +void do_kms_request(qkd_handle_t handle, int endpoint, chunk_t *key_id) { + /** + * Request key and key_id to the KMS. + */ + char url[256]; + char *response; + + // Buffers to store key and key_id + char b_key[256] = {0}; + char b_key_id[256] = {0}; + + if (endpoint == 1){ + // Request key and key_id (Alice) + snprintf(url, sizeof(url), "%s/api/v1/keys/%s/enc_keys", handle->kms_ip.ptr, handle->sae.ptr); + DBG1(DBG_LIB, "\tRead key in KMS:\n"); + response = request_https(url, handle->pub_key, handle->priv_key, handle->root_ca, NULL); + if (response) { + extract_key_and_id(response, b_key, sizeof(b_key), b_key_id, sizeof(b_key_id)); + DBG1(DBG_LIB, "\tKey: %s", b_key); + DBG1(DBG_LIB, "\tID: %s", b_key_id); + free(response); + } + + //*key_id = chunk_clone(chunk_create(b_key_id, QKD_KEY_ID_SIZE)); + // Replace handle's key_id with new one + chunk_free(&handle->key_id); + handle->key_id = chunk_clone(chunk_create(b_key_id, QKD_KEY_ID_SIZE)); + *key_id = chunk_clone(handle->key_id); + + chunk_free(&handle->key); + handle->key = chunk_clone(chunk_create(b_key, QKD_KEY_SIZE)); + // DBG1(DBG_LIB, "\tKey chunk: %s", handle->key.ptr); + } +} + // Function to process JSON to extract Key and Key_ID. void extract_key_and_id(const char *json_str, char *key_buffer, size_t key_buffer_len, char *key_id_buffer, size_t key_id_buffer_len) { json_t *root; @@ -225,7 +260,9 @@ bool qkd_get_key_id(qkd_handle_t handle, chunk_t *key_id) *key_id = chunk_clone(chunk_create(b_key_id, QKD_KEY_ID_SIZE)); // Replace handle's key_id with new one chunk_free(&handle->key_id); - handle->key_id = chunk_clone(*key_id); + handle->key_id = chunk_clone(chunk_create(b_key_id, QKD_KEY_ID_SIZE)); + *key_id = chunk_clone(handle->key_id); + chunk_free(&handle->key); handle->key = chunk_clone(chunk_create(b_key, QKD_KEY_SIZE)); @@ -278,8 +315,8 @@ bool qkd_get_key(qkd_handle_t handle, chunk_t *key) response = request_https(url, handle->pub_key, handle->priv_key, handle->root_ca, post_data); if (response) { extract_key_and_id(response, b_key, sizeof(b_key), b_key_id, sizeof(b_key_id)); - DBG1(DBG_LIB, "\tKey: %s\n", b_key); - DBG1(DBG_LIB, "\tID: %s\n", b_key_id); + DBG1(DBG_LIB, "\tKey: %s", b_key); + DBG1(DBG_LIB, "\tID: %s", b_key_id); free(response); } @@ -288,7 +325,7 @@ bool qkd_get_key(qkd_handle_t handle, chunk_t *key) chunk_free(&handle->key); handle->key = chunk_clone(chunk_create(b_key,QKD_KEY_SIZE)); *key = chunk_clone(handle->key); - qkd_print_key("Retrieved", *key); + //qkd_print_key("Retrieved", *key); return TRUE; } diff --git a/src/libstrongswan/plugins/qkd/qkd_etsi_api.h b/src/libstrongswan/plugins/qkd/qkd_etsi_api.h index e15dceabd1..0540a3e8af 100644 --- a/src/libstrongswan/plugins/qkd/qkd_etsi_api.h +++ b/src/libstrongswan/plugins/qkd/qkd_etsi_api.h @@ -24,8 +24,9 @@ #define QKD_KEY_SIZE 32 #define QKD_KEY_ID_SIZE 37 #define MAX_LINE 256 -#define QKD_CONF_PATH "/etc/swanctl/qkd/" #define QKD_CONF_FILE "/etc/swanctl/qkd/qkd.conf" +#define KMS_CALL_ENC_KEYS 1 +#define KMS_CALL_DEC_KEYS 2 typedef struct qkd_handle_t {