Prerequisites

Before you can build and run the Quantum-Safe PKI project, you need to ensure that your development environment meets the following prerequisites.

System Requirements

The Quantum-Safe PKI project is designed to run on Linux, macOS, and Windows (via WSL). The following specifications are recommended:

• CPU: 2+ cores
• RAM: 4GB+ (8GB recommended)
• Disk Space: 1GB+ free space
• Network: Internet connection for downloading dependencies

Software Dependencies

The following software must be installed on your system before building the project:

Required Software

• Go 1.21+: The project is written in Go and requires version 1.21 or higher.

  # Check Go version go version # Install Go (Linux) wget https://golang.org/dl/go1.21.0.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go1.21.0.linux-amd64.tar.gz export PATH=$PATH:/usr/local/go/bin # Install Go (macOS with Homebrew) brew install go

• Git: For cloning the repository and version control.

  # Install Git (Linux) sudo apt-get install git # Install Git (macOS) brew install git

• Make: For building the project using the provided Makefile.

  # Install Make (Linux) sudo apt-get install make # Install Make (macOS) brew install make

Database Requirements

• PostgreSQL 14+: Required for the ACME Server to store account information, orders, and challenges.

  # Install PostgreSQL (Linux) sudo apt-get install postgresql postgresql-contrib # Install PostgreSQL (macOS) brew install postgresql # Start PostgreSQL service sudo service postgresql start # Linux brew services start postgresql # macOS

• SQLite 3: Used by the Signing Service for storing signing logs, SBOMs, and provenance information.

  # Install SQLite (Linux) sudo apt-get install sqlite3 # Install SQLite (macOS) brew install sqlite

Optional Dependencies

• Docker: For containerized deployment of the services.

  # Install Docker (Linux) curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh # Install Docker (macOS) brew install --cask docker

• PKCS#11 HSM or Simulator: For hardware-based key storage (optional, as filesystem storage is supported by default).

  # Install SoftHSM (a PKCS#11 simulator) # Linux sudo apt-get install softhsm2 # macOS brew install softhsm

Network Requirements

The Quantum-Safe PKI services communicate with each other over HTTPS. By default, they use the following ports:

• CA Service: Port 5000
• ACME Server: Port 4000
• Transparency Log: Port 6000
• Signing Service: Port 7000
• Device Service: Port 8000

Ensure that these ports are available and not blocked by firewalls if you plan to run the services on their default ports. The ports can be configured using environment variables if needed.

Development Environment Setup

Follow these steps to set up your development environment:

1. Clone the Repository:

   git clone https://github.com/example/quantum-safe-pki.git cd quantum-safe-pki

2. Set Up Go Environment:

   # Set GOPATH if not already set export GOPATH=$HOME/go export PATH=$PATH:$GOPATH/bin # Install Go dependencies go mod download

3. Create Database for ACME Server:

   # Create PostgreSQL database createdb acme_server # Run migrations psql "postgres://localhost:5432/acme_server" -f acme-server/migrations/0001_create_acme_tables.up.sql

4. Create Key Directory:

   # Create directory for storing keys mkdir -p keys

Next Steps

Once you have set up your development environment with all the prerequisites, you can proceed to:

• Building the Services: Instructions for compiling the services from source code.
• Configuration: Detailed configuration options for each service.
• Running the Services: How to start and operate the services.