progress SAE IDs

Author: brunorijsman

client/__main__.py

@@ -77,7 +77,8 @@ async def get_etsi_get_key(slave_sae_id: str, size: int | None = None):
     """
     ETSI QKD 014 API: Get Key.
     """
-    return await _CLIENT.etsi_get_key(slave_sae_id, size=size)
+    master_sae_id = _CLIENT.name  # Currently, SAE names are the same as client names.
+    return await _CLIENT.etsi_get_key(master_sae_id, slave_sae_id, size)
 
 
 @_APP.get(f"/client/{_CLIENT.name}/etsi/api/v1/keys/{{master_sae_id}}/dec_keys")
@@ -87,7 +88,8 @@ async def get_eti_get_key_with_key_ids(master_sae_id: str, key_ID: str):
     """
     # ETSI QKD 014 says that ID in key_ID has to be upper case, which lint doesn't like.
     # pylint: disable=invalid-name
-    return await _CLIENT.etsi_get_key_with_key_ids(master_sae_id, key_ID)
+    slave_sae_id = _CLIENT.name  # Currently, SAE names are the same as client names.
+    return await _CLIENT.etsi_get_key_with_key_ids(master_sae_id, slave_sae_id, key_ID)
 
 
 @_APP.get(f"/client/{_CLIENT.name}/mgmt/v1/status")

client/client.py

@@ -70,7 +70,12 @@ async def etsi_status(self, slave_sae_id: str):
             "max_sae_id_count": 0,
         }
 
-    async def etsi_get_key(self, _slave_sae_id: str, size: int | None = None):
+    async def etsi_get_key(
+        self,
+        master_sae_id: str,
+        slave_sae_id: str,
+        size: int | None = None,
+    ):
         """
         ETSI QKD 014 V1.1.1 Get key API.
         """
@@ -89,25 +94,25 @@ async def etsi_get_key(self, _slave_sae_id: str, size: int | None = None):
             )
         size_in_bytes = size // 8
         key = UserKey.create_random_key(size_in_bytes)
-        await self.scatter_key_amongst_peer_hubs(key)
+        await self.scatter_key_amongst_peer_hubs(master_sae_id, slave_sae_id, key)
         return {
             "keys": {
                 "key_ID": key.key_id,
                 "key": utils.bytes_to_str(key.value),
             }
         }
 
-    async def etsi_get_key_with_key_ids(self, _master_sae_id: str, key_id: str):
+    async def etsi_get_key_with_key_ids(
+        self, master_sae_id: str, slave_sae_id: str, key_id: str
+    ):
         """
         ETSI QKD 014 V1.1.1 Get key with key IDs API.
         """
-        # TODO: Pass the master SAE ID and the slave SAE ID along with the relayed shares
-        #       and check that they match here.
         try:
             key_id = UUID(key_id)
         except ValueError as exc:
             raise exceptions.InvalidKeyIDError(key_id) from exc
-        key = await self.gather_key_from_peer_hubs(key_id)
+        key = await self.gather_key_from_peer_hubs(master_sae_id, slave_sae_id, key_id)
         return {
             "keys": [
                 {
@@ -124,15 +129,22 @@ def start_all_peer_hubs(self) -> None:
         for peer_hub in self._peer_hubs:
             peer_hub.start_register_task()
 
-    async def scatter_key_amongst_peer_hubs(self, key: UserKey) -> None:
+    async def scatter_key_amongst_peer_hubs(
+        self,
+        master_sae_id: str,
+        slave_sae_id: str,
+        key: UserKey,
+    ) -> None:
         """
         Split the key into key shares, and send each key share to a peer hub.
         """
         nr_shares = len(self._peer_hubs)
-        shares = key.split_into_shares(nr_shares, _MIN_NR_SHARES)
+        shares = key.split_into_shares(
+            master_sae_id, slave_sae_id, nr_shares, _MIN_NR_SHARES
+        )
         assert len(shares) == nr_shares
         coroutines = [
-            peer_hub.post_share(share)
+            peer_hub.post_share(master_sae_id, slave_sae_id, share)
             for peer_hub, share in zip(self._peer_hubs, shares)
         ]
         results = await asyncio.gather(*coroutines, return_exceptions=True)
@@ -152,13 +164,21 @@ async def scatter_key_amongst_peer_hubs(self, key: UserKey) -> None:
                 key.key_id, nr_shares_successfully_scattered, _MIN_NR_SHARES, causes
             )
 
-    async def gather_key_from_peer_hubs(self, key_id: UUID) -> UserKey:
+    async def gather_key_from_peer_hubs(
+        self,
+        master_sae_id: str,
+        slave_sae_id: str,
+        key_id: UUID,
+    ) -> UserKey:
         """
         Gather key shares from the peer hubs, and reconstruct the key out of (a subset of)
         the key shares.
         """
         nr_shares_attempted_to_gather = len(self._peer_hubs)
-        coroutines = [peer_hub.get_share(key_id) for peer_hub in self._peer_hubs]
+        coroutines = [
+            peer_hub.get_share(master_sae_id, slave_sae_id, key_id)
+            for peer_hub in self._peer_hubs
+        ]
         results = await asyncio.gather(*coroutines, return_exceptions=True)
         shares = [result for result in results if not isinstance(result, Exception)]
         nr_shares_successfully_gathered = len(shares)

client/peer_hub.py

@@ -212,15 +212,19 @@ async def attempt_request_psrd(self, pool: Pool) -> bool:
         pool.add_block(block)
         return True
 
-    async def post_share(self, share: Share) -> None:
+    async def post_share(
+        self, master_sae_id: str, slave_sae_id: str, share: Share
+    ) -> None:
         """
         Post a key share to the peer hub.
         """
         try:
             url = f"{self._base_url}/dske/api/v1/key-share"
             encryption_key = EncryptionKey.from_pool(self._local_pool, share.size)
             request = APIPostShareRequest(
-                client_name=self._client.name,
+                master_client_name=self._client.name,
+                master_sae_id=master_sae_id,
+                slave_sae_id=slave_sae_id,
                 user_key_id=str(share.user_key_id),
                 share_index=share.share_index,
                 encryption_key_allocation=encryption_key.allocation.to_api(),
@@ -236,14 +240,18 @@ async def post_share(self, share: Share) -> None:
             self.delete_fully_used_blocks()
             self.start_request_psrd_task_if_needed()
 
-    async def get_share(self, key_id: UUID) -> Share:
+    async def get_share(
+        self, master_sae_id: str, slave_sae_id: str, key_id: UUID
+    ) -> Share:
         """
         Get a key share from the peer hub.
         """
         try:
             url = f"{self._base_url}/dske/api/v1/key-share"
             params = {
                 "client_name": self._client.name,
+                "master_sae_id": master_sae_id,
+                "slave_sae_id": slave_sae_id,
                 "key_id": str(key_id),
             }
             response = await self._http_client.get(
@@ -259,7 +267,9 @@ async def get_share(self, key_id: UUID) -> Share:
             encrypted_share_value = str_to_bytes(response.encrypted_share_value)
             share_value = encryption_key.decrypt(encrypted_share_value)
             share = Share(
-                user_key_id=response,
+                master_sae_id=master_sae_id,
+                slave_sae_id=slave_sae_id,
+                user_key_id=response.key_id,
                 share_index=response.share_index,
                 value=share_value,
             )

common/share.py

@@ -12,11 +12,40 @@ class Share:
     can be reconstructed from a subset (`min_nr_shares`) of these shares.
     """
 
-    def __init__(self, user_key_id: UUID, share_index: int, value: bytes | None = None):
+    _master_sae_id: str
+    _slave_sae_id: str
+    _user_key_id: UUID
+    _share_index: int
+    _value: bytes  # TODO: Rename to data
+
+    def __init__(
+        self,
+        master_sae_id: str,
+        slave_sae_id: str,
+        user_key_id: UUID,
+        share_index: int,
+        value: bytes | None = None,
+    ):
+        self._master_sae_id = master_sae_id
+        self._slave_sae_id = slave_sae_id
         self._user_key_id = user_key_id
         self._share_index = share_index
         self._value = value
 
+    @property
+    def master_sae_id(self) -> str:
+        """
+        Get the master SAE ID.
+        """
+        return self._master_sae_id
+
+    @property
+    def slave_sae_id(self) -> str:
+        """
+        Get the slave SAE ID.
+        """
+        return self._slave_sae_id
+
     @property
     def user_key_id(self) -> UUID:
         """
@@ -63,6 +92,8 @@ def to_mgmt(self):
         Get the management status.
         """
         return {
+            "master_sae_id": self._master_sae_id,
+            "slave_sae_id": self._slave_sae_id,
             "key_id": str(self._user_key_id),
             "share_index": self._share_index,
             "value": bytes_to_str(self._value, truncate=True),

common/share_api.py

@@ -11,22 +11,28 @@ class APIPostShareRequest(pydantic.BaseModel):
     Model for the POST share request in the API.
     """
 
-    client_name: str
+    master_client_name: str
+    master_sae_id: str
+    slave_sae_id: str
     user_key_id: str
     share_index: int
     encryption_key_allocation: APIAllocation
     encrypted_share_value: str  # Base64 encoded
 
     def __init__(
         self,
-        client_name: str,
+        master_client_name: str,
+        master_sae_id: str,
+        slave_sae_id: str,
         user_key_id: str,
         share_index: int,
         encryption_key_allocation: APIAllocation,
         encrypted_share_value: str,  # Base64 encoded
     ):
         super().__init__(
-            client_name=client_name,
+            master_client_name=master_client_name,
+            master_sae_id=master_sae_id,
+            slave_sae_id=slave_sae_id,
             user_key_id=user_key_id,
             share_index=share_index,
             encryption_key_allocation=encryption_key_allocation,

common/user_key.py

@@ -56,6 +56,8 @@ def create_random_key(cls, size_in_bytes) -> "UserKey":
 
     def split_into_shares(
         self,
+        master_sae_id: str,
+        slave_sae_id: str,
         nr_shares: int,
         min_nr_shares: int,
     ) -> list[Share]:
@@ -74,6 +76,12 @@ def split_into_shares(
             raise ShamirSplitError(self._key_id, str(exc)) from exc
         shares = []
         for share_index, share_value in share_indexes_and_values:
-            share = Share(self._key_id, share_index, value=share_value)
+            share = Share(
+                master_sae_id,
+                slave_sae_id,
+                self._key_id,
+                share_index,
+                value=share_value,
+            )
             shares.append(share)
         return shares

hub/hub.py

@@ -93,7 +93,7 @@ async def store_share_received_from_client(
         """
         Store a key share posted by a client.
         """
-        client_name = api_post_share_request.client_name
+        client_name = api_post_share_request.master_client_name
         if client_name not in self._peer_clients:
             raise exceptions.ClientNotRegisteredError(client_name)
         peer_client = self._peer_clients[client_name]
@@ -106,7 +106,10 @@ async def store_share_received_from_client(
             api_post_share_request.encrypted_share_value
         )
         share_value = encryption_key.decrypt(encrypted_share_value)
+        # TODO: Check that master and slave client names match registered client
         share = Share(
+            master_sae_id=api_post_share_request.master_sae_id,
+            slave_sae_id=api_post_share_request.slave_sae_id,
             user_key_id=UUID(api_post_share_request.user_key_id),
             share_index=api_post_share_request.share_index,
             value=share_value,