Building the Services

This guide provides instructions for building the Quantum-Safe PKI services from source code. Before proceeding, ensure that you have installed all the prerequisites.

Building from Source

The Quantum-Safe PKI project uses a Makefile to simplify the build process. You can build all services at once or build them individually.

Building All Services

To build all services at once, run the following command from the root directory of the project:

make all

This will compile all services and place the binaries in the bin/ directory.

Building Individual Services

You can also build each service individually using the following commands:

# Build CA Service make ca-service # Build ACME Server make acme-server # Build Transparency Log make transparency-log # Build Signing Service make signing-service # Build Device Service make device-service # Build CLI make cli

Build Options and Flags

The build process supports several options and flags that can be used to customize the build:

Option	Description	Example
`DEBUG=1`	Enable debug symbols and verbose logging	`DEBUG=1 make all`
`RACE=1`	Enable race condition detection	`RACE=1 make all`
`STATIC=1`	Build statically linked binaries	`STATIC=1 make all`
`GOOS=os`	Set target operating system (e.g., linux, darwin, windows)	`GOOS=linux make all`
`GOARCH=arch`	Set target architecture (e.g., amd64, arm64)	`GOARCH=arm64 make all`

Building with Docker

The project includes Dockerfiles for each service, allowing you to build and run the services in containers. To build the Docker images:

# Build all Docker images make docker-build # Build a specific Docker image make docker-build-ca-service make docker-build-acme-server make docker-build-transparency-log make docker-build-signing-service make docker-build-device-service

Building with PKCS#11 Support

The CA Service and Signing Service support storing private keys in PKCS#11 hardware security modules (HSMs). To build with PKCS#11 support:

# Build with PKCS#11 support make PKCS11=1 ca-service signing-service

Note that building with PKCS#11 support requires the PKCS#11 headers to be installed on your system. For SoftHSM (a PKCS#11 simulator), you can install the headers as follows:

# Install SoftHSM development headers (Linux) sudo apt-get install libsofthsm2-dev # Install SoftHSM development headers (macOS) brew install softhsm

Verifying the Build

After building the services, you can verify that they were built correctly by checking the binary versions:

# Check CA Service version ./bin/ca-service --version # Check ACME Server version ./bin/acme-server --version # Check Transparency Log version ./bin/transparency-log --version # Check Signing Service version ./bin/signing-service --version # Check Device Service version ./bin/device-service --version # Check CLI version ./bin/cli --version

Building the Documentation

The project includes documentation in Markdown format. You can build the documentation as HTML using the following command:

make docs

This will generate HTML documentation in the docs/html/ directory.

Cleaning the Build

To clean the build artifacts and start fresh, you can use the following commands:

# Clean all build artifacts make clean # Clean Docker images make docker-clean

Next Steps

Now that you have built the services, you can proceed to:

Configuration: Learn how to configure each service.
Running the Services: Start and operate the services.