diff --git a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
index de1765bf067c9c182c0a66b3db7be7c9e271953a..13650227b0cb3157f6f2da17a783e4c6346e7089 100644
--- a/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
+++ b/goKMS/api/gen/proto/go/kmsintercom/kmsintercom.pb.go
@@ -1,6 +1,6 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
-// protoc-gen-go v1.33.0
+// protoc-gen-go v1.34.1
// protoc (unknown)
// source: kmsintercom/kmsintercom.proto
@@ -835,7 +835,7 @@ type KeyDeliveryRequest struct {
KmsId string `protobuf:"bytes,3,opt,name=kmsId,proto3" json:"kmsId,omitempty"`
KeyId string `protobuf:"bytes,4,opt,name=keyId,proto3" json:"keyId,omitempty"`
RequestId string `protobuf:"bytes,5,opt,name=requestId,proto3" json:"requestId,omitempty"`
- Key []*Key `protobuf:"bytes,6,rep,name=key,proto3" json:"key,omitempty"`
+ Keys []*Key `protobuf:"bytes,6,rep,name=keys,proto3" json:"keys,omitempty"`
}
func (x *KeyDeliveryRequest) Reset() {
@@ -898,9 +898,9 @@ func (x *KeyDeliveryRequest) GetRequestId() string {
return ""
}
-func (x *KeyDeliveryRequest) GetKey() []*Key {
+func (x *KeyDeliveryRequest) GetKeys() []*Key {
if x != nil {
- return x.Key
+ return x.Keys
}
return nil
}
@@ -1101,7 +1101,7 @@ var file_kmsintercom_kmsintercom_proto_rawDesc = []byte{
0x73, 0x22, 0x39, 0x0a, 0x19, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69,
0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c,
0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28,
- 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xa0, 0x01, 0x0a,
+ 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xa2, 0x01, 0x0a,
0x12, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75,
0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
@@ -1109,80 +1109,80 @@ var file_kmsintercom_kmsintercom_proto_rawDesc = []byte{
0x52, 0x05, 0x6b, 0x6d, 0x73, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64,
0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1c, 0x0a,
0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09,
- 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x12, 0x22, 0x0a, 0x03, 0x6b,
- 0x65, 0x79, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
- 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22,
- 0x33, 0x0a, 0x13, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65,
- 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
- 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
- 0x74, 0x61, 0x6d, 0x70, 0x22, 0x3d, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a, 0x02, 0x69,
- 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6e,
- 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, 0x63,
- 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03,
- 0x6b, 0x65, 0x79, 0x32, 0xb9, 0x06, 0x0a, 0x09, 0x4b, 0x6d, 0x73, 0x54, 0x61, 0x6c, 0x6b, 0x65,
- 0x72, 0x12, 0x6a, 0x0a, 0x14, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70,
- 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
- 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d,
- 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75,
- 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
- 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69,
- 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a,
- 0x0b, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x1f, 0x2e, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x51,
- 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e,
- 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63,
- 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
- 0x00, 0x12, 0x64, 0x0a, 0x11, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46,
- 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
- 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46,
- 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e,
- 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63,
- 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73,
- 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x8e, 0x01, 0x0a, 0x1f, 0x49, 0x6e, 0x74, 0x65,
- 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79,
- 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x2e, 0x6b, 0x6d,
+ 0x52, 0x09, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x04, 0x6b,
+ 0x65, 0x79, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
+ 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x52, 0x04, 0x6b, 0x65, 0x79,
+ 0x73, 0x22, 0x33, 0x0a, 0x13, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79,
+ 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
+ 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d,
+ 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x3d, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x0e, 0x0a,
+ 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a,
+ 0x05, 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f,
+ 0x6e, 0x63, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
+ 0x52, 0x03, 0x6b, 0x65, 0x79, 0x32, 0xb9, 0x06, 0x0a, 0x09, 0x4b, 0x6d, 0x73, 0x54, 0x61, 0x6c,
+ 0x6b, 0x65, 0x72, 0x12, 0x6a, 0x0a, 0x14, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43,
+ 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x28, 0x2e, 0x6b, 0x6d,
0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43,
- 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65,
- 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
- 0x1a, 0x34, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49,
- 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74,
- 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65,
- 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0d, 0x4b, 0x65, 0x79, 0x46,
- 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x21, 0x2e, 0x6b, 0x6d, 0x73, 0x69,
- 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61,
- 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f,
- 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
- 0x22, 0x00, 0x12, 0x61, 0x0a, 0x10, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77,
- 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x24, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
- 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61,
- 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x6b,
- 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65,
- 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f,
- 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f,
- 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73,
- 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f,
- 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
- 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e,
- 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
- 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x0b, 0x4b,
- 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x12, 0x1f, 0x2e, 0x6b, 0x6d, 0x73,
- 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69,
- 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x6b, 0x6d,
- 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c,
- 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42,
- 0xaf, 0x01, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72,
- 0x63, 0x6f, 0x6d, 0x42, 0x10, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d,
- 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3e, 0x63, 0x6f, 0x64, 0x65, 0x2e, 0x66, 0x62,
- 0x69, 0x2e, 0x68, 0x2d, 0x64, 0x61, 0x2e, 0x64, 0x65, 0x2f, 0x64, 0x61, 0x6e, 0x65, 0x74, 0x2f,
- 0x71, 0x75, 0x61, 0x6e, 0x74, 0x2f, 0x65, 0x6b, 0x6d, 0x73, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67,
- 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x6b, 0x6d, 0x73, 0x69,
- 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xa2, 0x02, 0x03, 0x4b, 0x58, 0x58, 0xaa, 0x02, 0x0b,
- 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xca, 0x02, 0x0b, 0x4b, 0x6d,
- 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xe2, 0x02, 0x17, 0x4b, 0x6d, 0x73, 0x69,
- 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64,
- 0x61, 0x74, 0x61, 0xea, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
- 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65,
+ 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72,
+ 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x43, 0x61, 0x70, 0x61,
+ 0x62, 0x69, 0x6c, 0x69, 0x74, 0x69, 0x65, 0x73, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x12,
+ 0x52, 0x0a, 0x0b, 0x53, 0x79, 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x1f,
+ 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e,
+ 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+ 0x20, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79,
+ 0x6e, 0x63, 0x51, 0x6b, 0x64, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
+ 0x65, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64,
+ 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x12, 0x25, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
+ 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79, 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64,
+ 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
+ 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x53, 0x79,
+ 0x6e, 0x63, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x73, 0x46, 0x6f, 0x72, 0x42, 0x75, 0x6c, 0x6b, 0x52,
+ 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x8e, 0x01, 0x0a, 0x1f, 0x49, 0x6e,
+ 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b,
+ 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x2e,
+ 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x49, 0x6e, 0x74, 0x65,
+ 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x4b, 0x65, 0x79,
+ 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65,
+ 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d,
+ 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x43, 0x6f, 0x6d, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+ 0x72, 0x74, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x67, 0x6f, 0x74, 0x69, 0x61, 0x74, 0x69, 0x6f, 0x6e,
+ 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x58, 0x0a, 0x0d, 0x4b, 0x65,
+ 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x21, 0x2e, 0x6b, 0x6d,
+ 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72,
+ 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22,
+ 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79,
+ 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
+ 0x73, 0x65, 0x22, 0x00, 0x12, 0x61, 0x0a, 0x10, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f,
+ 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x12, 0x24, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e,
+ 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b, 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72,
+ 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25,
+ 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x41, 0x63, 0x6b,
+ 0x4b, 0x65, 0x79, 0x46, 0x6f, 0x72, 0x77, 0x61, 0x72, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x73,
+ 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x64, 0x0a, 0x11, 0x4b, 0x65, 0x79, 0x49, 0x64,
+ 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x2e, 0x6b,
+ 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64,
+ 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75,
+ 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f,
+ 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x4e, 0x6f, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
+ 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x52, 0x0a,
+ 0x0b, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x12, 0x1f, 0x2e, 0x6b,
+ 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44, 0x65,
+ 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e,
+ 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x2e, 0x4b, 0x65, 0x79, 0x44,
+ 0x65, 0x6c, 0x69, 0x76, 0x65, 0x72, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
+ 0x00, 0x42, 0xb0, 0x01, 0x0a, 0x0f, 0x63, 0x6f, 0x6d, 0x2e, 0x6b, 0x6d, 0x73, 0x69, 0x6e, 0x74,
+ 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x42, 0x10, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63,
+ 0x6f, 0x6d, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3f, 0x63, 0x6f, 0x64, 0x65, 0x2e,
+ 0x66, 0x62, 0x69, 0x2e, 0x68, 0x2d, 0x64, 0x61, 0x2e, 0x64, 0x65, 0x2f, 0x64, 0x61, 0x6e, 0x65,
+ 0x74, 0x2f, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x2f, 0x67, 0x6f, 0x4b, 0x4d, 0x53, 0x2f, 0x61, 0x70,
+ 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x6b,
+ 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xa2, 0x02, 0x03, 0x4b, 0x58, 0x58,
+ 0xaa, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xca, 0x02,
+ 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0xe2, 0x02, 0x17, 0x4b,
+ 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x63, 0x6f, 0x6d, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65,
+ 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0b, 0x4b, 0x6d, 0x73, 0x69, 0x6e, 0x74, 0x65,
+ 0x72, 0x63, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -1219,7 +1219,7 @@ var file_kmsintercom_kmsintercom_proto_goTypes = []interface{}{
}
var file_kmsintercom_kmsintercom_proto_depIdxs = []int32{
16, // 0: kmsintercom.KeyForwardingRequest.key:type_name -> kmsintercom.Key
- 16, // 1: kmsintercom.KeyDeliveryRequest.key:type_name -> kmsintercom.Key
+ 16, // 1: kmsintercom.KeyDeliveryRequest.keys:type_name -> kmsintercom.Key
0, // 2: kmsintercom.KmsTalker.InterComCapabilities:input_type -> kmsintercom.InterComCapabilitiesRequest
2, // 3: kmsintercom.KmsTalker.SyncQkdBulk:input_type -> kmsintercom.SyncQkdBulkRequest
3, // 4: kmsintercom.KmsTalker.SyncKeyIdsForBulk:input_type -> kmsintercom.SyncKeyIdsForBulkRequest
diff --git a/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto b/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
index 8316bb561d082e96e612ef6dba0c27a4c8d09db4..46bd6fccabb3a3061958b42749d0e65d9a15f60b 100644
--- a/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
+++ b/goKMS/api/kmsintercom/kmsintercom/kmsintercom.proto
@@ -99,7 +99,7 @@ message KeyDeliveryRequest {
string kmsId = 3;
string keyId = 4;
string requestId = 5;
- repeated Key key = 6;
+ repeated Key keys = 6;
}
message KeyDeliveryResponse {
diff --git a/goKMS/config/config.go b/goKMS/config/config.go
index cc59263b425c4758bedf3049d99bb4f9f674b022..d80d67e7ac379bec0f2ce08ef8f59ed00038d9e9 100644
--- a/goKMS/config/config.go
+++ b/goKMS/config/config.go
@@ -3,25 +3,27 @@ package config
import "github.com/google/uuid"
type Config struct {
- Id string `yaml:"Id"`
- Name string `yaml:"Name"`
- InterComAddr string `yaml:"InterComAddr"`
- QuantumAddr string `yaml:"QuantumAddr"`
- GRPCAddr string `yaml:"GRPCAddr"`
- AkmsURL string `yaml:"AkmsURL"`
- AkmsCkmsServerPort string `yaml:"AkmsCkmsServerPort"`
- GnmiBindAddress string `yaml:"GnmiBindAddress"`
- Peers []struct {
- PeerId string `yaml:"PeerId"`
- PeerInterComAddr string `yaml:"PeerInterComAddr"`
- Sync bool `yaml:"Sync"`
- Type string `yaml:"Type"`
- QuantumModule QuantumModule `yaml:"QuantumModule"`
- } `yaml:"Peers"`
- GnmiTLS TLSConfig `yaml:"GnmiTLS"`
- KmsTLS TLSConfig `yaml:"KmsTLS"`
- QuantumModuleTLS TLSConfig `yaml:"QuantumModuleTLS"`
- AkmsCkmsTLS TLSConfig `yaml:"AkmsCkmsTLS"`
+ Id string `yaml:"Id"`
+ Name string `yaml:"Name"`
+ InterComAddr string `yaml:"InterComAddr"`
+ QuantumAddr string `yaml:"QuantumAddr"`
+ GRPCAddr string `yaml:"GRPCAddr"`
+ AkmsURL string `yaml:"AkmsURL"`
+ AkmsCkmsServerPort string `yaml:"AkmsCkmsServerPort"`
+ GnmiBindAddress string `yaml:"GnmiBindAddress"`
+ Peers []Peer `yaml:"Peers"`
+ GnmiTLS TLSConfig `yaml:"GnmiTLS"`
+ KmsTLS TLSConfig `yaml:"KmsTLS"`
+ QuantumModuleTLS TLSConfig `yaml:"QuantumModuleTLS"`
+ AkmsCkmsTLS TLSConfig `yaml:"AkmsCkmsTLS"`
+}
+
+type Peer struct {
+ PeerId string `yaml:"PeerId"`
+ PeerInterComAddr string `yaml:"PeerInterComAddr"`
+ Sync bool `yaml:"Sync"`
+ Type string `yaml:"Type"`
+ QuantumModule QuantumModule `yaml:"QuantumModule"`
}
type TLSConfig struct {
diff --git a/goKMS/gnmiHandlers/kms/keyRoutingSessionsHandler.go b/goKMS/gnmiHandlers/kms/keyRoutingSessionsHandler.go
index 625af8133d95f8a150797a6a9426ea746217f48f..6572621a06af04b75e7d673acfe550658bafb0e7 100644
--- a/goKMS/gnmiHandlers/kms/keyRoutingSessionsHandler.go
+++ b/goKMS/gnmiHandlers/kms/keyRoutingSessionsHandler.go
@@ -183,7 +183,7 @@ func (yh *KeyRoutingSessionHandler) updateOrCreateKeyRoutingSessions(kms *kms.KM
if route.RemoteKMS.Address != "" {
confTempRoutingSessionInitAddress.IpAddress = ygot.String(strings.Split(route.RemoteKMS.Address, ":")[0]) // TODO: maybe split address in remote kms and not in one string?
confTempRoutingSessionInitAddress.Port = ygot.Uint16(route.RemoteKMS.Port)
- confTempRoutingSessionInitAddress.Hostname = ygot.String(strings.Split(route.RemoteKMS.Address, ":")[0]) // TODO: maybe split address in remote kms and not in one string?
+ confTempRoutingSessionInitAddress.Hostname = ygot.String(strings.Split(route.RemoteKMS.Address, ":")[0]) // TODO: get real hostname here
}
if route.RemoteKMS.Id != "" {
confTempRoutingSessionInitAddress.NodeId = ygot.String(route.RemoteKMS.Id)
diff --git a/goKMS/kms/akms/client/client.go b/goKMS/kms/akms/client/client.go
index 5a5c1e8c6367276e3dec1195557c0bef45c4dd46..c8f7430cd8d151eb184258ef10d80c7fb3e4c9b9 100644
--- a/goKMS/kms/akms/client/client.go
+++ b/goKMS/kms/akms/client/client.go
@@ -29,7 +29,7 @@ type KSAKey struct {
Key string `json:"key"`
}
-func (c *CkmsAkmsClient) SendKSAKeys(requestID string, processID string, ksaKeys []KSAKey) error {
+func (c *CkmsAkmsClient) SendKSAKeysToRequestingInstances(requestID string, processID string, ksaKeys []KSAKey) error {
pushRequest := PushKSAKeyRequest{
RequestID: requestID,
ProcessID: processID,
diff --git a/goKMS/kms/kms.go b/goKMS/kms/kms.go
index 83394d6b219b5f27333b003fe694a4d31f210c21..4d9b1cffda3909cf3dc3de778229cca69ab99e19 100644
--- a/goKMS/kms/kms.go
+++ b/goKMS/kms/kms.go
@@ -158,7 +158,14 @@ func NewKMS(kmsUUID uuid.UUID, logOutput io.Writer, logLevel log.Level, logInJso
func (kms *KMS) initializePeers(config *config.Config) error {
var qm peers.QuantumModule
var err error
+
for _, peer := range config.Peers {
+ err = resolveHostnameToIPForQuantumModule(&peer)
+ if err != nil {
+ log.Error(err)
+ continue
+ }
+
pqm := peer.QuantumModule
switch qmt := peer.QuantumModule.QmType; qmt {
case "emulated":
@@ -378,7 +385,7 @@ func (kms *KMS) AssignForwardingRoute(pId, pHop, nHop string, remoteKMS *RemoteK
return nil
}
-func (kms *KMS) GetSpecificPK(remoteKMSId string, keyId uuid.UUID) (*PlatformKey, error) {
+func (kms *KMS) GetSpecificPlatformKey(remoteKMSId string, keyId uuid.UUID) (*PlatformKey, error) {
kms.PKStoreMutex.Lock()
defer kms.PKStoreMutex.Unlock()
@@ -420,7 +427,7 @@ func (kms *KMS) GetRemoteKMS(remoteKMSId string) (*RemoteKMS, error) {
}
// NOTE: address/remoteid still have to decide.
-func (kms *KMS) GenerateAndSendKSAKey(remoteKMSId string, pathId uuid.UUID, requestId string, number int) error {
+func (kms *KMS) GenerateAndSendKSAKey(remoteKMSId string, pathId uuid.UUID, requestID string, number int) error {
if number < 1 {
log.Errorf("number must be positive and at least 1, provided: %d\n", number)
return fmt.Errorf("number must be positive and at least 1, provided: %d", number)
@@ -433,81 +440,34 @@ func (kms *KMS) GenerateAndSendKSAKey(remoteKMSId string, pathId uuid.UUID, requ
return err
}
- pk, err := kms.GetSpecificPK(remoteKMSId, pathId)
+ platformKey, err := kms.GetSpecificPlatformKey(remoteKMSId, pathId)
if err != nil {
log.Error(err)
return err
}
- keys := make([]*pbIC.Key, number)
+ ksaKeys := make([]*pbIC.Key, number)
akmsKSAKeys := make([]client.KSAKey, number)
cryptoAlgo := crypto.NewAES()
for i := 0; i < number; i++ {
- // generate ksa key
- ksaKeyId := uuid.New()
- ksaKey, err := crypto.Random256BitKey()
+ ksaKey, akmsKSAKey, err := generateNewKSAKey(cryptoAlgo, platformKey.Value)
if err != nil {
log.Error(err)
return err
}
- // encrypt the key
- nonce, encryptedKSAKey, err := cryptoAlgo.Encrypt(ksaKey.Key, pk.Value)
- if err != nil {
- log.Error(err)
- return err
- }
-
- ksaKeyAsString := base64.StdEncoding.EncodeToString(ksaKey.Key)
- encryptedKSAKeyAsString := base64.StdEncoding.EncodeToString(encryptedKSAKey)
- nonceAsString := base64.StdEncoding.EncodeToString(nonce)
-
- keys[i] = &pbIC.Key{
- Id: ksaKeyId.String(),
- Nonce: nonceAsString,
- Key: encryptedKSAKeyAsString,
- }
-
- akmsKSAKeys[i] = client.KSAKey{
- KeyID: ksaKeyId.String(),
- Key: ksaKeyAsString,
- }
- }
-
- // TODO: move this somewhere else!
- // send to remote
- gRPCTransportCreds, err := kmstls.GenerateGRPCClientTransportCredsBasedOnTLSFlag(kms.tlsConfig)
- if err != nil {
- return fmt.Errorf("unable to generate gRPC transport creds: %w", err)
- }
-
- remoteConn, err := grpc.Dial(remoteKMS.Address, grpc.WithTransportCredentials(gRPCTransportCreds))
- if err != nil {
- log.Error(err)
- return err
+ ksaKeys[i] = ksaKey
+ akmsKSAKeys[i] = *akmsKSAKey
}
- remoteClient := pbIC.NewKmsTalkerClient(remoteConn)
- // Start the negotiation process for a transport key
- ctx, cancel := context.WithTimeout(context.Background(), time.Second)
- // create a new context with some metadata
- md := metadata.Pairs("hostname", kms.kmsName)
- ctx = metadata.NewOutgoingContext(ctx, md)
- defer cancel()
- _, err = remoteClient.KeyDelivery(ctx, &pbIC.KeyDeliveryRequest{
- KeyId: pk.Id.String(),
- RequestId: requestId,
- KmsId: kms.kmsUUID.String(),
- // TODO: change if multiple keys are generated
- Key: keys,
- })
+ err = kms.sendKSAKeysToPlatformKmsPeer(remoteKMS.Address, platformKey.Id.String(), requestID, ksaKeys)
if err != nil {
log.Error(err)
return err
}
// Use the real processID when we know what it is
- err = kms.CKMSAkmsClient.SendKSAKeys(requestId, pk.ProcessId, akmsKSAKeys)
+ err = kms.CKMSAkmsClient.SendKSAKeysToRequestingInstances(requestID, platformKey.ProcessId, akmsKSAKeys)
if err != nil {
log.Error(err)
return err
@@ -565,3 +525,101 @@ func (kms *KMS) PeersDeepCopy() map[string]*peers.Peer {
return peersCopy
}
+
+func resolveHostnameToIPForQuantumModule(peer *config.Peer) error {
+ const connectionRetries = 60
+ var ipAddr []net.IP
+ var err error
+
+ // If the address is not set, try to resolve the hostname.
+ if peer.QuantumModule.Address == "" && peer.QuantumModule.Hostname != "" {
+ log.Info("Trying to get IP from hostname for quantum module: ", peer.QuantumModule.Hostname)
+ for j := 0; j < connectionRetries; j++ {
+ ipAddr, err = net.LookupIP(peer.QuantumModule.Hostname)
+ if err == nil {
+ break
+ }
+ log.Errorf("Failed to get IP from hostname %s, retrying in 2 seconds (attempt %d/%d)", peer.QuantumModule.Hostname, j+1, connectionRetries)
+ time.Sleep(2 * time.Second)
+ }
+ if err != nil {
+ return fmt.Errorf("IP address not set and failed to resolve hostname for two minutes for quantum module: %s. Error: %s", peer.QuantumModule.Hostname, err.Error())
+ }
+
+ // Just use the first valid IP for now.
+ ipAdrrString := ipAddr[0].String()
+
+ log.Infof("Resolved hostname to IP address for quantum module. Hostname: %s, IP: %s", peer.QuantumModule.Hostname, ipAdrrString)
+ peer.QuantumModule.Address = ipAdrrString
+ } else if peer.QuantumModule.Address == "" && peer.QuantumModule.Hostname == "" {
+ return fmt.Errorf("IP address and hostname not set for quantum module. Erros may occur and the module might not work properly.")
+ }
+
+ return nil
+}
+
+func generateNewKSAKey(cryptoAlgo crypto.CryptoAlgorithm, platformKeyValue []byte) (*pbIC.Key, *client.KSAKey, error) {
+ // generate ksa key
+ ksaKeyId := uuid.New()
+ ksaKey, err := crypto.Random256BitKey()
+ if err != nil {
+ log.Error(err)
+ return nil, nil, err
+ }
+
+ // encrypt the key
+ nonce, encryptedKSAKey, err := cryptoAlgo.Encrypt(ksaKey.Key, platformKeyValue)
+ if err != nil {
+ log.Error(err)
+ return nil, nil, err
+ }
+
+ ksaKeyAsString := base64.StdEncoding.EncodeToString(ksaKey.Key)
+ encryptedKSAKeyAsString := base64.StdEncoding.EncodeToString(encryptedKSAKey)
+ nonceAsString := base64.StdEncoding.EncodeToString(nonce)
+
+ ksaKeyToSend := &pbIC.Key{
+ Id: ksaKeyId.String(),
+ Nonce: nonceAsString,
+ Key: encryptedKSAKeyAsString,
+ }
+
+ akmsKSAKey := &client.KSAKey{
+ KeyID: ksaKeyId.String(),
+ Key: ksaKeyAsString,
+ }
+
+ return ksaKeyToSend, akmsKSAKey, nil
+}
+
+func (kms *KMS) sendKSAKeysToPlatformKmsPeer(kmsPeerAddress, platformKeyID, requestID string, ksaKeys []*pbIC.Key) error {
+ gRPCTransportCreds, err := kmstls.GenerateGRPCClientTransportCredsBasedOnTLSFlag(kms.tlsConfig)
+ if err != nil {
+ return fmt.Errorf("unable to generate gRPC transport creds: %w", err)
+ }
+
+ remoteConn, err := grpc.Dial(kmsPeerAddress, grpc.WithTransportCredentials(gRPCTransportCreds))
+ if err != nil {
+ log.Error(err)
+ return err
+ }
+ remoteClient := pbIC.NewKmsTalkerClient(remoteConn)
+
+ ctx, cancel := context.WithTimeout(context.Background(), time.Second)
+ // create a new context with some metadata
+ md := metadata.Pairs("hostname", kms.kmsName)
+ ctx = metadata.NewOutgoingContext(ctx, md)
+ defer cancel()
+ _, err = remoteClient.KeyDelivery(ctx, &pbIC.KeyDeliveryRequest{
+ KeyId: platformKeyID,
+ RequestId: requestID,
+ KmsId: kms.kmsUUID.String(),
+ Keys: ksaKeys,
+ })
+ if err != nil {
+ log.Error(err)
+ return err
+ }
+
+ return nil
+}
diff --git a/goKMS/kms/kmsintercom.go b/goKMS/kms/kmsintercom.go
index 9868f18450fa06da36bada3db34ed5bc7954507b..042461e0e4cbe9cba6aaf1a3bc60c62c38952456 100644
--- a/goKMS/kms/kmsintercom.go
+++ b/goKMS/kms/kmsintercom.go
@@ -5,6 +5,7 @@ import (
"encoding/base64"
"fmt"
"io"
+ "sync"
"time"
"github.com/google/uuid"
@@ -26,8 +27,9 @@ import (
type kmsTalkerServer struct {
pb.UnimplementedKmsTalkerServer
- keyNegotiationMap map[uuid.UUID]*store.KmsKSElement
- KMS *KMS
+ keyNegotationMutex sync.Mutex
+ keyNegotiationMap map[uuid.UUID]*store.KmsKSElement
+ KMS *KMS
}
// This must somehow find out and agree to a specific key length.
@@ -48,8 +50,7 @@ func (s *kmsTalkerServer) KeyIdNotification(ctx context.Context, in *pb.KeyIdNot
// check if a peer exists
peer, ok := s.KMS.KmsPeers[in.GetKmsId()]
if !ok {
- // TODO: proper error message
- return nil, status.Error(codes.Internal, "peer does not exist")
+ return nil, status.Errorf(codes.Internal, "peer with ID: %s does not exist in peers", in.GetKmsId())
}
eqm, ok := peer.QuantumModule().(*peers.ETSI014HTTPQuantumModule)
@@ -103,8 +104,7 @@ func (s *kmsTalkerServer) SyncQkdBulk(ctx context.Context, in *pb.SyncQkdBulkReq
// check if a peer exists
peer, ok := s.KMS.KmsPeers[in.GetKmsId()]
if !ok {
- // TODO: proper error message
- return nil, status.Errorf(codes.Internal, "peer does not exist")
+ return nil, status.Errorf(codes.Internal, "peer with ID: %s does not exist in peers", in.GetKmsId())
}
eqm, ok := peer.QuantumModule().(*peers.EmulatedQuantumModule)
@@ -204,7 +204,8 @@ func (s *kmsTalkerServer) InterComTransportKeyNegotiation(ctx context.Context, i
return nil, status.Errorf(codes.Internal, "%v", err)
}
- // TODO: mutex
+ s.keyNegotationMutex.Lock()
+ defer s.keyNegotationMutex.Unlock()
s.keyNegotiationMap[pathId] = key
quantumModuleKeyStore.DeleteKey(keyID)
@@ -235,6 +236,8 @@ func (s *kmsTalkerServer) KeyForwarding(ctx context.Context, in *pb.KeyForwardin
log.Infof("%s received a key: %s, from %s", s.KMS.kmsName, in.GetKey(), route.Previous.TcpSocketStr)
+ s.keyNegotationMutex.Lock()
+ defer s.keyNegotationMutex.Unlock()
decryptKey, ok := s.keyNegotiationMap[pathId]
if !ok {
return nil, status.Errorf(codes.InvalidArgument, "")
@@ -295,17 +298,17 @@ func (s *kmsTalkerServer) KeyDelivery(ctx context.Context, in *pb.KeyDeliveryReq
}
// look up PK
- pk, err := s.KMS.GetSpecificPK(in.GetKmsId(), keyId)
+ platformKey, err := s.KMS.GetSpecificPlatformKey(in.GetKmsId(), keyId)
if err != nil {
return nil, status.Errorf(codes.NotFound, "%s", err)
}
// decrypt keys
- akmsKSAKeys := make([]client.KSAKey, len(in.Key))
- for i, key := range in.Key {
+ akmsKSAKeys := make([]client.KSAKey, len(in.Keys))
+ for i, key := range in.Keys {
// decrypt the key
cryptoAlgo := crypto.NewAES()
- decryptedKSAKey, err := s.getDecryptedKey(pk.Value, cryptoAlgo, key)
+ decryptedKSAKey, err := s.getDecryptedKey(platformKey.Value, cryptoAlgo, key)
if err != nil {
return nil, status.Errorf(codes.Internal, "%s", err)
}
@@ -323,8 +326,7 @@ func (s *kmsTalkerServer) KeyDelivery(ctx context.Context, in *pb.KeyDeliveryReq
}
}
- // Use the real processID when we know what it is
- go s.KMS.CKMSAkmsClient.SendKSAKeys(in.GetRequestId(), pk.ProcessId, akmsKSAKeys) //nolint:errcheck
+ go s.KMS.CKMSAkmsClient.SendKSAKeysToRequestingInstances(in.GetRequestId(), platformKey.ProcessId, akmsKSAKeys) //nolint:errcheck
return &pb.KeyDeliveryResponse{Timestamp: time.Now().Unix()}, nil
}
diff --git a/goKMS/kms/peers/qmodule.go b/goKMS/kms/peers/qmodule.go
index 373286fad636867e3198df8a590eae0ae4d5e31a..8af73685cb16e89673e1641370557c4e5e0b8359 100644
--- a/goKMS/kms/peers/qmodule.go
+++ b/goKMS/kms/peers/qmodule.go
@@ -180,9 +180,9 @@ func (eqe *EmulatedQuantumModule) KeyChopper(bulkKey *quantumlayer.QuantumLayerB
return nil, nil, errors.New("KeyChopper: no keySingleSize set")
}
- if bulkKey.BulkKeyLength != len(*bulkKey.BulkKey) {
- if (bulkKey.BulkKeyLength) != (len(*bulkKey.BulkKey) * 8) {
- log.Errorf("Length missmatch, even when converting 'bulkKey.BulkKey' to bytes: %d, %d", bulkKey.BulkKeyLength, len(*bulkKey.BulkKey))
+ if bulkKey.BulkKeyLength != len(bulkKey.BulkKey) {
+ if (bulkKey.BulkKeyLength) != (len(bulkKey.BulkKey) * 8) {
+ log.Errorf("Length missmatch, even when converting 'bulkKey.BulkKey' to bytes: %d, %d", bulkKey.BulkKeyLength, len(bulkKey.BulkKey))
return nil, nil, errors.New("bulkKey length mismatch")
}
}
@@ -192,7 +192,7 @@ func (eqe *EmulatedQuantumModule) KeyChopper(bulkKey *quantumlayer.QuantumLayerB
// Let's chop!
keyData := make(map[uuid.UUID][]byte)
chopFactor := eqe.keyStore.KeySingleSize >> 3
- key := *bulkKey.BulkKey
+ key := bulkKey.BulkKey
counter := 0
for len(key) > int(chopFactor) {
var keyId uuid.UUID
@@ -258,7 +258,6 @@ func NewETSI014HTTPQuantumModule(addr, kmsId, slaveSAEID, masterSAEID string, tl
}
}
- // TODO: we might want to add mastersaeid here aswell
client, err := restclient.NewClientImpl(restClientConf)
if err != nil {
return nil, err
diff --git a/goKMS/kms/quipsec.go b/goKMS/kms/quipsec.go
index 127ec781073d4ba8ccdf9fd959ea7ac10206e04b..f8c57e51a745fd9962c85c5dee85d5bf45a7ea9b 100644
--- a/goKMS/kms/quipsec.go
+++ b/goKMS/kms/quipsec.go
@@ -50,7 +50,7 @@ func (qs *quipSecServer) PushKeys(ctx context.Context, req *pb.PushKeysRequest)
eqm.RawBulkKeys[bulkKeyId] = &quantumlayer.QuantumLayerBulkKey{
BulkKeyId: bulkKeyId,
BulkKeyLength: int(req.GetKeyBulk().GetKeyLength()),
- BulkKey: &req.GetKeyBulk().Keys,
+ BulkKey: req.GetKeyBulk().Keys,
}
eqm.RawBulkKeysMutex.Unlock()
logrus.Debugf("%s received a new bulk from: %s with id: %s and a length of: %d", qs.KMS.kmsName, qm.Address(), req.GetKeyBulk().GetKeyId(), req.GetKeyBulk().GetKeyLength())
diff --git a/goKMS/main.go b/goKMS/main.go
index b204b34f13c6e2e3e83b3b4c3a15eaba51a452bc..f687f743687dc9d33a9467afe1becac7cbe83b9c 100644
--- a/goKMS/main.go
+++ b/goKMS/main.go
@@ -32,9 +32,7 @@ package main
import (
"flag"
- "net"
"os"
- "time"
gnmitarget "code.fbi.h-da.de/danet/gnmi-target"
"code.fbi.h-da.de/danet/gnmi-target/handler"
@@ -92,7 +90,6 @@ func main() {
}
outputTlsSettings(kmsConfig)
- resolveHostnameToIPForQuantumModules(kmsConfig)
kmsInfo := generateKMSInfo(kmsId)
kms := kms.NewKMS(kmsId, os.Stdout, log.GetLevel(), false, kmsConfig)
@@ -125,40 +122,6 @@ func main() {
}
}
-// TODO: a better place would probably kms.NewKMS().
-func resolveHostnameToIPForQuantumModules(config *config.Config) {
- const connectionRetries = 60
- var ipAddr []net.IP
- var err error
-
- for i, peer := range config.Peers {
- // If the address is not set, try to resolve the hostname.
- if peer.QuantumModule.Address == "" && peer.QuantumModule.Hostname != "" {
- log.Info("Trying to get IP from hostname for quantum module: ", peer.QuantumModule.Hostname)
- for j := 0; j < connectionRetries; j++ {
- ipAddr, err = net.LookupIP(peer.QuantumModule.Hostname)
- if err == nil {
- break
- }
- log.Errorf("Failed to get IP from hostname %s, retrying in 2 seconds (attempt %d/%d)", peer.QuantumModule.Hostname, j+1, connectionRetries)
- time.Sleep(2 * time.Second)
- }
- if err != nil {
- log.Errorf("IP address not set and failed to resolve hostname for two minutes for quantum module: %s. Error: %s", peer.QuantumModule.Hostname, err.Error())
- continue
- }
-
- // Just use the first valid IP for now.
- ipAdrrString := ipAddr[0].String()
-
- log.Infof("Resolved hostname to IP address for quantum module. Hostname: %s, IP: %s", peer.QuantumModule.Hostname, ipAdrrString)
- config.Peers[i].QuantumModule.Address = ipAdrrString
- } else if peer.QuantumModule.Address == "" && peer.QuantumModule.Hostname == "" {
- log.Error("IP address and hostname not set for quantum module. Erros may occur and the module might not work properly.")
- }
- }
-}
-
func outputTlsSettings(config *config.Config) {
log.Infof("TLS enabled for gNMIC: %t", config.GnmiTLS.TLS)
if config.GnmiTLS.TLS {
diff --git a/goKMS/restclient/restclient.go b/goKMS/restclient/restclient.go
index e51eb257fb11de2126967ef80342d1f4b79d4732..ef7de47bb2cb475cb8f7353d5377f711748279f0 100644
--- a/goKMS/restclient/restclient.go
+++ b/goKMS/restclient/restclient.go
@@ -33,13 +33,8 @@ func (c *ClientImpl) GetKey(slaveSAEID string) (*restclient.KeyContainer, *http.
func (c *ClientImpl) GetKeyPost(slaveSAEID string) (*restclient.KeyContainer, *http.Response, error) {
postReq := c.restClient.DefaultAPI.GetKeyPost(context.Background(), slaveSAEID)
postReq.KeyRequest(restclient.KeyRequest{
- Number: restclient.PtrInt64(1),
- Size: restclient.PtrInt64(256),
- AdditionalSlaveSAEIDs: []string{
- // TODO: change!
- "asdf",
- "ghjk",
- },
+ Number: restclient.PtrInt64(1),
+ Size: restclient.PtrInt64(256),
ExtensionOptional: []map[string]string{},
})
diff --git a/quantumlayer/main/main.go b/quantumlayer/main/main.go
index 13e48ad1604d2d884ac454bb475d07ddd8c3a09c..946feeb3d95a8866bf5174c8b93827742337e58a 100644
--- a/quantumlayer/main/main.go
+++ b/quantumlayer/main/main.go
@@ -24,12 +24,15 @@ type Config struct {
}
func main() {
- // TODO: flag validation
configPath := flag.String("config", "", "path to the config file")
- logLevel := flag.String("log", "", "logrus lof level (debug, info, warn, error, fatal, panic)")
+ logLevel := flag.String("log", "info", "logrus lof level (debug, info, warn, error, fatal, panic), default: info")
flag.Parse()
+ if *configPath == "" {
+ logrus.Fatal("path to config file required")
+ }
+
// parse string, this is built-in feature of logrus
ll, err := logrus.ParseLevel(*logLevel)
if err != nil {
diff --git a/quantumlayer/quantumlayer.go b/quantumlayer/quantumlayer.go
index 5a1b44d24d3463439ddebc3002aed5fc3a0e65c8..4d1af13a31f59ec7afa1965cd69f79a5ad36f0f7 100644
--- a/quantumlayer/quantumlayer.go
+++ b/quantumlayer/quantumlayer.go
@@ -5,11 +5,9 @@
package quantumlayer
type QuantumLayerBulkKey struct {
- BulkKeyId int64 // the unique ID of this bulk of keys
- BulkKeyLength int // the length, counted in bytes, of bulkKey
- // TODO: Pointer of slice should have a well thought reason;
- // ask Martin if this is really necessary here
- BulkKey *[]byte // the bulk key
+ BulkKeyId int64 // the unique ID of this bulk of keys
+ BulkKeyLength int // the length, counted in bytes, of bulkKey
+ BulkKey []byte // the bulk key
}
type NumberLayer interface {