Refactoring of quant repo
Redo folder structure
We want to redo the folder structure, so that its not a gnmi-target with a KMS anymore, but rather a KMS which also has a gnmi-target as a component. No functional changes, just moving some files and folders around.
Clean up repo for test and local dev data
Currently we have no clear structure on where to put local dev configs, etc. We should clean up a bit.
Use the same component name for the kms
We need one component name for the KMS, the naming should be the same throughout the code. Currently it is a mixture of mostly "kms" and "eKMS" and "KMS" and "ekms". Maybe just use kms?
Give the KMS a name
Current ideas for a name:
goKMSquantKMSdanetKMSdaKMS
Refactor storage/store system
Currently the store system is not very good. It was made for testing and is therefore not sufficient anymore. We need a good interface which meets our needs and then at least an in memory implementation. A DB integration can come later.
Refactor packages/component/struct structure
We need to think about the structure and the packages. kms.excalidraw
Update README.md
With all the new additions and changes we should also upgrade the README.
Hostname/IP handling -> Neil
Currently we support either hostnames or IP addresses for kms peers and quantum modules, but the handling is not optimal, as for example some hostnames get converted to IP addresses via DNS at the startup of the KMS. We should be define a clear handling. The best solution would be to convert hostnames only when necessary.
Improve the Key Syncing/Chopping part
Refactoring of smaller code parts
Make func initializePeers(kms *KMS, config *config.Config) error { to method of the kms struct -> Fabian
We want to make the function to a method of the kms struct.
Quipsec.go: possibly remove two lines -> Malte
In the quipsec.go,what are these two lines doing? Maybe we can remove them?
req.GetKeyBulk().GetKeyId()
req.GetKeyBulk().GetKeys()Interface qmodule.go is not very good
The interface is not good for other qkdn variants like etsi14. Maybe we should change it to reflect other modes better?
Differentiate between peerKMS and peerQM -> Neil
We currently use the world "peer" for KMS peers and QM peer. We should change all occurrences to reflect their type.
crypto.go: Comments, tests, etc -> Malte
The crypto.go is not very expressive. We should add comments, named return variables and one or two tests.
Remove InterComTransportKeyNegotiation? -> Fabian
This is in the API and not necessary anymore as it seems, same for the associated keyNegotiationMap.
-> Still needed, maybe we can adjsut this though when we have proper stores. Or also re-check the forwarding process to maybe use only sent key IDs instead of pathID?
Rework the ways flags are used in main.go -> Neil
We want to keep the flags as well as use the flags vailable in the main. The insecure flag should be renamed though, to make it more clear that we only use this to enable/not enable TLS for the gNMI part. Maybe add the flag to the config file as well, but flags would overwrite if it is set.
Add ETSI14TLS bool to TLSData struct and the struct itself to NewETSI014HTTPQuantumModule -> Neil
Rename the TLS bool in the TLSData struct accordingly.
Start Quantum gRPC server only if quantumAddress is set -> Fabian
Self explanatory.
Check all TODOs in the code -> Fabian + x ?
TODO: discuss which ones need to be solved right now!
Peer struct has both peerKmsId and id fields, should be unified -> Fabian
Reduce complexity in all the functions/methods of the key forwarding processes -> Fabian
We want to have a diagram showing the whole process for better understanding/visualisation of the whole process. Then we can see if we can reduce the complexity of the functions/mehtods along the way. Includes platform key and KSA key exchange.
Check every key word/parameter in config file
Maybe some are not needed anymore or badly worded.