From 565c03beaa52178cfe4ca2da5f10e21cdee753af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jozef=20=C5=A0imko?= Date: Sat, 25 Mar 2023 12:44:02 +0000 Subject: [PATCH] update --- README.md | 53 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index d868caa..fc90bec 100644 --- a/README.md +++ b/README.md @@ -4,40 +4,55 @@ ### LINUX - testované na Ubuntu 20.04.5 -1. Inštalácia potrebných nástrojov -`sudo apt install cmake gcc libtool libssl-dev make ninja-build git -y` +**1. Inštalácia potrebných nástrojov** -2. Stiahnutie Open Quantum Safe OpenSSL repozitáru -`git clone --branch OQS-OpenSSL_1_1_1-stable https://github.com/open-quantum-safe/openssl.git` +```sudo apt install cmake gcc libtool libssl-dev make ninja-build git -y``` -3. Stiahnutie a inštalácia liboqs +**2. Stiahnutie Open Quantum Safe OpenSSL repozitáru** -`git clone --branch main https://github.com/open-quantum-safe/liboqs.git +```git clone --branch OQS-OpenSSL_1_1_1-stable https://github.com/open-quantum-safe/openssl.git``` + +**3. Stiahnutie a inštalácia liboqs** + +``` +git clone --branch main https://github.com/open-quantum-safe/liboqs.git cd liboqs mkdir build && cd build cmake -GNinja -DCMAKE_INSTALL_PREFIX=../../openssl/oqs .. ninja -ninja install` +ninja install +``` +**4. Build QS OpenSSL fork** -4. Build QS OpenSSL fork - -`cd ./openssl +``` +cd ./openssl ./Configure no-shared linux-x86_64 -DOQS_DEFAULT_GROUPS=\"kyber1024:p521_kyber1024:kyber90s1024:p521_kyber90s1024\" -lm make -j 1 sudo make install -` -5. Vytvorenie CA kľúča a certifikátu +``` +**5. Vytvorenie CA kľúča a certifikátu** +``` cd ./openssl/apps ./openssl req -x509 -new -newkey p256_dilithium2 -keyout p256_dilithium2_CA.key -out p256_dilithium2_CA.crt -nodes -subj "/CN=oqstest CA" -days 365 -config ./openssl.cnf - -6. Vygenerovanie privátneho kľúča pre server +``` +**6. Vygenerovanie privátneho kľúča pre server** +``` ./openssl req -new -newkey p256_dilithium2 -keyout p256_dilithium2_srv.key -out p256_dilithium2_srv.csr -nodes -subj "/CN=localhost" -config ./openssl.cnf - -7. Vygenerovanie certifikátu s CA podpisom pre server - +``` +**7. Vygenerovanie certifikátu s CA podpisom pre server** +``` ./openssl x509 -req -in p256_dilithium2_srv.csr -out p256_dilithium2_srv.crt -CA p256_dilithium2_CA.crt -CAkey p256_dilithium2_CA.key -CAcreateserial -days 365 - -8. Spustenie serveru a klienta +``` +**8. Spustenie serveru a klienta** +``` ./openssl s_server -cert p256_dilithium2_srv.crt -key p256_dilithium2_srv.key -www -tls1_3 ./openssl s_client -groups kyber1024 -CAfile p256_dilithium2_CA.crt -connect localhost +``` + +### WINDOWS +- testované na Windows 10.0.19043 +- tbd + +## References +[Open quantum safe OpenSSL 1.1.1t](https://github.com/open-quantum-safe/openssl) \ No newline at end of file