2023-03-25 12:29:09 +00:00
|
|
|
# MastersThesis
|
|
|
|
|
|
|
|
## Building
|
|
|
|
### LINUX
|
|
|
|
- testované na Ubuntu 20.04.5
|
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
**1. Inštalácia potrebných nástrojov**
|
2023-03-25 12:29:09 +00:00
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
```sudo apt install cmake gcc libtool libssl-dev make ninja-build git -y```
|
2023-03-25 12:29:09 +00:00
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
**2. Stiahnutie Open Quantum Safe OpenSSL repozitáru**
|
2023-03-25 12:29:09 +00:00
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
```git clone --branch OQS-OpenSSL_1_1_1-stable https://github.com/open-quantum-safe/openssl.git```
|
|
|
|
|
|
|
|
**3. Stiahnutie a inštalácia liboqs**
|
|
|
|
|
|
|
|
```
|
|
|
|
git clone --branch main https://github.com/open-quantum-safe/liboqs.git
|
2023-03-25 12:29:09 +00:00
|
|
|
cd liboqs
|
|
|
|
mkdir build && cd build
|
|
|
|
cmake -GNinja -DCMAKE_INSTALL_PREFIX=../../openssl/oqs ..
|
|
|
|
ninja
|
2023-03-25 12:44:02 +00:00
|
|
|
ninja install
|
|
|
|
```
|
|
|
|
**4. Build QS OpenSSL fork**
|
2023-03-25 12:29:09 +00:00
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
|
|
|
cd ./openssl
|
2023-03-25 12:29:09 +00:00
|
|
|
./Configure no-shared linux-x86_64 -DOQS_DEFAULT_GROUPS=\"kyber1024:p521_kyber1024:kyber90s1024:p521_kyber90s1024\" -lm
|
|
|
|
make -j 1
|
|
|
|
sudo make install
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
2023-03-28 09:08:06 +00:00
|
|
|
- prepínač `-DOQS_DEFAULT_GROUPS` umožňuje meniť key exchange algoritmy, ktoré bude server podporovať
|
|
|
|
- zoznam všetkých podporovaných algoritmov - https://github.com/open-quantum-safe/openssl#key-exchange
|
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
**5. Vytvorenie CA kľúča a certifikátu**
|
2023-03-28 09:08:06 +00:00
|
|
|
- v tomto príklade je *p256_dilithium2* hybridný algoritmus *dilithium2* s použitím P256 ECDH krivkou
|
2023-03-25 12:29:09 +00:00
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
2023-03-25 12:29:09 +00:00
|
|
|
cd ./openssl/apps
|
|
|
|
./openssl req -x509 -new -newkey p256_dilithium2 -keyout p256_dilithium2_CA.key -out p256_dilithium2_CA.crt -nodes -subj "/CN=oqstest CA" -days 365 -config ./openssl.cnf
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
|
|
|
**6. Vygenerovanie privátneho kľúča pre server**
|
|
|
|
```
|
2023-03-25 12:29:09 +00:00
|
|
|
./openssl req -new -newkey p256_dilithium2 -keyout p256_dilithium2_srv.key -out p256_dilithium2_srv.csr -nodes -subj "/CN=localhost" -config ./openssl.cnf
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
|
|
|
**7. Vygenerovanie certifikátu s CA podpisom pre server**
|
|
|
|
```
|
2023-03-25 12:29:09 +00:00
|
|
|
./openssl x509 -req -in p256_dilithium2_srv.csr -out p256_dilithium2_srv.crt -CA p256_dilithium2_CA.crt -CAkey p256_dilithium2_CA.key -CAcreateserial -days 365
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
|
|
|
**8. Spustenie serveru a klienta**
|
2023-03-28 09:08:06 +00:00
|
|
|
- oba programy je potrebné spustiť v samostatných oknách terminálu
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
2023-03-25 12:29:09 +00:00
|
|
|
./openssl s_server -cert p256_dilithium2_srv.crt -key p256_dilithium2_srv.key -www -tls1_3
|
|
|
|
./openssl s_client -groups kyber1024 -CAfile p256_dilithium2_CA.crt -connect localhost
|
2023-03-25 12:44:02 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
### WINDOWS
|
|
|
|
- testované na Windows 10.0.19043
|
2023-05-09 15:59:42 +00:00
|
|
|
|
|
|
|
**1. Príprava prostredia
|
|
|
|
|
|
|
|
Perl - stiahnutie Perl-u strawberry-perl-5.32.1.1-64bit zo stránky https://strawberryperl.com/
|
|
|
|
|
|
|
|
Cmake - stihnutie CMake-u cmake-3.26.3-windows-x86_64 zo stránky https://cmake.org/download/
|
|
|
|
|
2023-05-09 16:05:13 +00:00
|
|
|
NMAKE - tbd
|
|
|
|
|
2023-05-09 15:59:42 +00:00
|
|
|
Pridanie premenných prostredia:
|
|
|
|
```
|
|
|
|
D:\Strawberry\perl\bin
|
|
|
|
D:\Program Files\CMake\bin
|
2023-05-09 16:05:13 +00:00
|
|
|
D:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\VC\Tools\MSVC\14.35.32215\bin\Hostx86\x86\nmake.exe
|
2023-05-09 15:59:42 +00:00
|
|
|
```
|
|
|
|
pozn. v našom prípade premenná nepomohla a bolo nutné je nekonfigurovať manuálne v Powershelli príkazom
|
2023-05-09 16:05:13 +00:00
|
|
|
`
|
2023-05-09 15:59:42 +00:00
|
|
|
$env:path += ";D:\Program Files\cmake\bin"
|
2023-05-09 16:05:13 +00:00
|
|
|
$env:path += ";d:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\VC\Tools\MSVC\14.35.32215\bin\Hostx86\x86\"
|
|
|
|
`
|
2023-05-09 15:59:42 +00:00
|
|
|
|
|
|
|
**2. Stiahnutie OpenSSL, Open Quantum Safe OpenSSL repozitáru a liboqs**
|
|
|
|
OpenSSL - stiahnutie OpenSSL 1.1.1t zo stránky - https://www.openssl.org/source/
|
|
|
|
Stiahnutý súbor sme extrahovali do priečinka ProgramFiles a premenovali sme ho na openssl
|
|
|
|
|
|
|
|
OpenSSL OQS - stiahnutie OQS OpenSSL repozitáru z GITu - https://github.com/open-quantum-safe/openssl/tree/OQS-OpenSSL_1_1_1-stable
|
|
|
|
Presun stiahnutých súborov do openssl priečinku
|
|
|
|
|
|
|
|
Liboqs - stiahnutie súborov z GITu - https://github.com/open-quantum-safe/liboqs
|
|
|
|
|
|
|
|
**3. Príprava liboqs
|
|
|
|
- prípade chyby prístupu pri príkaze cmake alebo ninja je potrebné spustiť PowerShell ako administrátor
|
|
|
|
```
|
|
|
|
cd liboqs
|
|
|
|
mkdir build
|
|
|
|
cd build
|
|
|
|
cmake -GNinja -DCMAKE_INSTALL_PREFIX='D:\Program Files\openssl\openssl-OQS-OpenSSL_1_1_1-stable\oqs' ..
|
|
|
|
ninja
|
|
|
|
ninja install
|
|
|
|
```
|
|
|
|
|
|
|
|
**4. Build QS OpenSSL fork**
|
|
|
|
```
|
|
|
|
cd ./openssl
|
|
|
|
perl Configure VC-WIN64A no-shared
|
|
|
|
!!!nmake
|
|
|
|
```
|
2023-03-25 12:44:02 +00:00
|
|
|
|
2023-05-09 16:08:22 +00:00
|
|
|
![err-code](https://ctrlv.sk/shots/2023/05/09/QHGf.png)
|
|
|
|
|
2023-03-25 12:44:02 +00:00
|
|
|
## References
|
2023-05-09 15:59:42 +00:00
|
|
|
[Open quantum safe OpenSSL 1.1.1t](https://github.com/open-quantum-safe/openssl)
|