Skip to content

wonkybream/quantum-safe-ca

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.github
.github
 
 
qsca
qsca
 
 
scripts
scripts
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

Quantum Safe CA

Ruff

Experimentations with quantum safe algorithms and X509 certificates.

Dependencies:

Please install oqsprovider according to their documentation and configure oqs-provider globally to your OpenSSL.

Should look something like following.

openssl list -providers
# Providers:
#   default
#     name: OpenSSL Default Provider
#     version: 3.4.0
#     status: active
#   oqsprovider
#     name: OpenSSL OQS Provider
#     version: 0.7.1-dev
#     status: active

Usage

Providing few different ways of using this tool. There are few scripts just for playing around with certificates. And then there's the EST server, which tries to be somewhat RFC 7030 compliant.

Creating CA

Creates a certificate chain with two intermediate certificates A and B. This also serves as a test whether you have set up the oqsprovider correctly

# Using classical algorithm
./scripts/full_ca.sh ed25519

# Using quantum-safe algorithm
./scripts/full_ca.sh dilithium3

EST server

Two folders need to be created under resources/ folder, one for server certificate chain (server_chain) and one for iot certificate chain (iot_chain). You can use full_ca.sh script for that.

fastapi dev qsca/main.py

About

Expirements with https://github.com/open-quantum-safe/oqs-provider

Topics

python certificate-authority quantum-algorithms quantum-safe-cryptography

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages