1.6 KiB
MastersThesis
Building
LINUX
- testované na Ubuntu 20.04.5
-
Inštalácia potrebných nástrojov
sudo apt install cmake gcc libtool libssl-dev make ninja-build git -y
-
Stiahnutie Open Quantum Safe OpenSSL repozitáru
git clone --branch OQS-OpenSSL_1_1_1-stable https://github.com/open-quantum-safe/openssl.git
-
Stiahnutie a inštalácia liboqs
git clone --branch main https://github.com/open-quantum-safe/liboqs.git cd liboqs mkdir build && cd build cmake -GNinja -DCMAKE_INSTALL_PREFIX=../../openssl/oqs .. ninja ninja install
- Build QS OpenSSL fork
cd ./openssl ./Configure no-shared linux-x86_64 -DOQS_DEFAULT_GROUPS=\"kyber1024:p521_kyber1024:kyber90s1024:p521_kyber90s1024\" -lm make -j 1 sudo make install
5. Vytvorenie CA kľúča a certifikátu
cd ./openssl/apps ./openssl req -x509 -new -newkey p256_dilithium2 -keyout p256_dilithium2_CA.key -out p256_dilithium2_CA.crt -nodes -subj "/CN=oqstest CA" -days 365 -config ./openssl.cnf
-
Vygenerovanie privátneho kľúča pre server ./openssl req -new -newkey p256_dilithium2 -keyout p256_dilithium2_srv.key -out p256_dilithium2_srv.csr -nodes -subj "/CN=localhost" -config ./openssl.cnf
-
Vygenerovanie certifikátu s CA podpisom pre server
./openssl x509 -req -in p256_dilithium2_srv.csr -out p256_dilithium2_srv.crt -CA p256_dilithium2_CA.crt -CAkey p256_dilithium2_CA.key -CAcreateserial -days 365
- Spustenie serveru a klienta ./openssl s_server -cert p256_dilithium2_srv.crt -key p256_dilithium2_srv.key -www -tls1_3 ./openssl s_client -groups kyber1024 -CAfile p256_dilithium2_CA.crt -connect localhost