improving, not fully working

qursa-uc3m · Nov 4, 2024 · 3519085 · 3519085
1 parent c59b17b
commit 3519085
Show file tree

Hide file tree

Showing 3 changed files with 158 additions and 67 deletions.
diff --git a/src/libstrongswan/plugins/qkd/qkd_etsi_api.c b/src/libstrongswan/plugins/qkd/qkd_etsi_api.c
@@ -15,8 +15,11 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  */
+
+// qkd_etsi_api.c
 #include "qkd_etsi_api.h"
 #include <utils/debug.h>
+#include <openssl/rand.h> // this can be removed, just for toy model
 
 /* Hardcoded test key */
 static u_char test_key[QKD_KEY_SIZE] = {
@@ -26,28 +29,50 @@ static u_char test_key[QKD_KEY_SIZE] = {
     0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
 };
 
-bool qkd_open(qkd_handle_t *handle)
-{
-    DBG1(DBG_LIB, "QKD_plugin: qkd_open called");
+static u_char test_key_id[QKD_KEY_ID_SIZE] = {
+    0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8
+};
 
-    if (!handle)
+bool qkd_generate_random_key_id(chunk_t *key_id)
+{
+    u_char random_id[QKD_KEY_ID_SIZE];
+
+    // Generate random bytes using OpenSSL
+    if (RAND_bytes(random_id, QKD_KEY_ID_SIZE) != 1)
     {
-        DBG1(DBG_LIB, "QKD_plugin: invalid handle pointer");
+        DBG1(DBG_LIB, "QKD_plugin: failed to generate random key ID");
         return FALSE;
     }
 
-    *handle = malloc_thing(struct qkd_handle_t);
-    if (!*handle)
+    *key_id = chunk_clone(chunk_create(random_id, QKD_KEY_ID_SIZE));
+    return TRUE;
+}
+
+void qkd_print_key(const char *prefix, chunk_t key)
+{
+    char hex[2048] = "";  // Make sure this is large enough
+    chunk_to_hex(key, hex, FALSE);
+    DBG1(DBG_LIB, "QKD_plugin: %s key: %s", prefix, hex);
+}
+
+void qkd_print_key_id(const char *prefix, chunk_t key_id)
+{
+    char hex[256] = "";
+    chunk_to_hex(key_id, hex, FALSE);
+    DBG1(DBG_LIB, "QKD_plugin: %s key ID: %s", prefix, hex);
+}
+
+bool qkd_set_key_id(qkd_handle_t handle, chunk_t key_id)
+{
+    if (!handle || !handle->is_open || key_id.len != QKD_KEY_ID_SIZE)
     {
-        DBG1(DBG_LIB, "QKD_plugin: memory allocation failed for handle");
         return FALSE;
     }
 
-    (*handle)->id = 1;
-    (*handle)->is_open = TRUE;
-    (*handle)->key = chunk_create(test_key, QKD_KEY_SIZE);
-
-    DBG1(DBG_LIB, "QKD_plugin: opened QKD connection with id %d", (*handle)->id);
+    chunk_clear(&handle->key_id);
+    handle->key_id = chunk_clone(key_id);
+
+    qkd_print_key_id("Bob received", key_id);
     return TRUE;
 }
 
@@ -61,8 +86,43 @@ bool qkd_get_key(qkd_handle_t handle, chunk_t *key)
         return FALSE;
     }
 
+    if (handle->key_id.len == 0)
+    {
+        DBG1(DBG_LIB, "QKD_plugin: no key ID set");
+        return FALSE;
+    }
+
+    // For demo, we're still using test_key but in real implementation would use key_id
+    qkd_print_key_id("Using", handle->key_id);
     *key = chunk_clone(handle->key);
-    DBG1(DBG_LIB, "QKD_plugin: key retrieved successfully, length: %d", key->len);
+    qkd_print_key("Retrieved", *key);
+
+    return TRUE;
+}
+
+bool qkd_open(qkd_handle_t *handle)
+{
+    DBG1(DBG_LIB, "QKD_plugin: qkd_open called");
+
+    if (!handle)
+    {
+        DBG1(DBG_LIB, "QKD_plugin: invalid handle pointer");
+        return FALSE;
+    }
+
+    *handle = malloc_thing(struct qkd_handle_t);
+    if (!*handle)
+    {
+        DBG1(DBG_LIB, "QKD_plugin: memory allocation failed for handle");
+        return FALSE;
+    }
+
+    (*handle)->id = 1;
+    (*handle)->is_open = TRUE;
+    (*handle)->key = chunk_create(test_key, QKD_KEY_SIZE);
+    (*handle)->key_id = chunk_create(test_key_id, QKD_KEY_ID_SIZE);
+
+    DBG1(DBG_LIB, "QKD_plugin: opened QKD connection with id %d", (*handle)->id);
     return TRUE;
 }
 
@@ -76,6 +136,10 @@ bool qkd_close(qkd_handle_t handle)
         return FALSE;
     }
 
+    // Properly free chunks before freeing handle
+    chunk_clear(&handle->key);
+    chunk_clear(&handle->key_id);
+
     handle->is_open = FALSE;
     free(handle);
     DBG1(DBG_LIB, "QKD_plugin: connection closed successfully");

diff --git a/src/libstrongswan/plugins/qkd/qkd_etsi_api.h b/src/libstrongswan/plugins/qkd/qkd_etsi_api.h
@@ -16,21 +16,30 @@
  * for more details.
  */
 
+// qkd_etsi_api.h
 #ifndef QKD_ETSI_API_H_
 #define QKD_ETSI_API_H_
 
 #include <library.h>
 
 #define QKD_KEY_SIZE 32
+#define QKD_KEY_ID_SIZE 8
 
 typedef struct qkd_handle_t {
     int id;
-    chunk_t key;
     bool is_open;
+    chunk_t key;
+    chunk_t key_id;  // Key ID is part of the QKD handle
 } *qkd_handle_t;
 
 bool qkd_open(qkd_handle_t *handle);
 bool qkd_get_key(qkd_handle_t handle, chunk_t *key);
+bool qkd_get_key_id(qkd_handle_t handle, chunk_t *key_id);
+bool qkd_set_key_id(qkd_handle_t handle, chunk_t key_id);
 bool qkd_close(qkd_handle_t handle);
 
-#endif // QKD_ETSI_API_H_
+bool qkd_generate_random_key_id(chunk_t *key_id);
+void qkd_print_key(const char *prefix, chunk_t key);
+void qkd_print_key_id(const char *prefix, chunk_t key_id);
+
+#endif
diff --git a/src/libstrongswan/plugins/qkd/qkd_kex.c b/src/libstrongswan/plugins/qkd/qkd_kex.c
@@ -16,34 +16,75 @@
  * for more details.
  */
 
+// qkd_kex.c
 #include "qkd_kex.h"
-//#include "qkd_plugin.h"
 #include "qkd_etsi_api.h"
-
 #include <utils/debug.h>
 
 typedef struct private_qkd_kex_t private_qkd_kex_t;
-
-/**
- * Private data of a qkd_kex_t object.
- */
 struct private_qkd_kex_t {
-    /**
-     * Public qkd_kex_t interface
-     */
     qkd_kex_t public;
-
-    /**
-     * Key exchange method
-     */
     key_exchange_method_t method;
-
-    /**
-     * QKD handle
-     */
     qkd_handle_t handle;
 };
 
+METHOD(key_exchange_t, get_public_key, bool,
+    private_qkd_kex_t *this, chunk_t *value)
+{
+    DBG1(DBG_LIB, "QKD_plugin: get_public_key called - sending key ID");
+
+    if (!this || !value)
+    {
+        return FALSE;
+    }
+
+    qkd_handle_t handle = NULL;
+    if (!qkd_open(&handle))
+    {
+        return FALSE;
+    }
+
+    if (!qkd_get_key_id(handle, value))
+    {
+        DBG1(DBG_LIB, "QKD_plugin: failed to get key ID");
+        qkd_close(handle);
+        return FALSE;
+    }
+
+    DBG1(DBG_LIB, "QKD_plugin: sending key ID of length %d", value->len);
+    qkd_close(handle);
+    return TRUE;
+}
+
+METHOD(key_exchange_t, set_public_key, bool,
+    private_qkd_kex_t *this, chunk_t value)
+{
+    DBG1(DBG_LIB, "QKD_plugin: set_public_key called - receiving key ID");
+
+    if (!this || value.len != QKD_KEY_ID_SIZE)
+    {
+        DBG1(DBG_LIB, "QKD_plugin: invalid key ID received");
+        return FALSE;
+    }
+
+    qkd_handle_t handle = NULL;
+    if (!qkd_open(&handle))
+    {
+        return FALSE;
+    }
+
+    if (!qkd_set_key_id(handle, value))
+    {
+        DBG1(DBG_LIB, "QKD_plugin: failed to store key ID");
+        qkd_close(handle);
+        return FALSE;
+    }
+
+    DBG1(DBG_LIB, "QKD_plugin: stored received key ID");
+    qkd_close(handle);
+    return TRUE;
+}
+
 METHOD(key_exchange_t, get_shared_secret, bool,
     private_qkd_kex_t *this, chunk_t *secret)
 {
@@ -71,44 +112,31 @@ METHOD(key_exchange_t, get_shared_secret, bool,
     }
 
     *secret = chunk_clone(this->public.shared_secret);
-    DBG1(DBG_LIB, "QKD_plugin: successfully retrieved key of length %d", 
-         secret->len);
+    DBG1(DBG_LIB, "QKD_plugin: successfully retrieved key of length %d",
+          secret->len);
 
     qkd_close(handle);
     return TRUE;
 }
 
-METHOD(key_exchange_t, get_method, key_exchange_method_t,
-    private_qkd_kex_t *this)
-{
-    return this->method;
-}
-
 METHOD(key_exchange_t, destroy, void,
     private_qkd_kex_t *this)
 {
     if (this)
     {
         chunk_clear(&this->public.shared_secret);
+        if (this->handle)
+        {
+            qkd_close(this->handle);
+        }
         free(this);
     }
 }
 
-METHOD(key_exchange_t, get_public_key, bool,
-    private_qkd_kex_t *this, chunk_t *value)
-{
-    DBG1(DBG_LIB, "QKD_plugin: get_public_key called");
-    // We don't use public keys in QKD, but we need this for IKE
-    *value = chunk_empty;
-    return TRUE;
-}
-
-METHOD(key_exchange_t, set_public_key, bool,
-    private_qkd_kex_t *this, chunk_t value)
+METHOD(key_exchange_t, get_method, key_exchange_method_t,
+    private_qkd_kex_t *this)
 {
-    DBG1(DBG_LIB, "QKD_plugin: set_public_key called");
-    // We accept any value since we don't use public keys
-    return TRUE;
+    return this->method;
 }
 
 qkd_kex_t *qkd_kex_create(key_exchange_method_t method)
@@ -135,21 +163,11 @@ qkd_kex_t *qkd_kex_create(key_exchange_method_t method)
             },
             .shared_secret = chunk_empty,
         },
-        .method = method
+        .method = method,
+        .handle = NULL
     );
 
     DBG1(DBG_LIB, "QKD_plugin: key exchange object created");
 
-    // Test QKD connection
-    qkd_handle_t handle = NULL;
-    if (!qkd_open(&handle))
-    {
-        DBG1(DBG_LIB, "QKD_plugin: initial QKD test failed");
-        free(this);
-        return NULL;
-    }
-    qkd_close(handle);
-    DBG1(DBG_LIB, "QKD_plugin: initial QKD test successful");
-
     return &this->public;
 }