Multiplatofrm Post-Quantum cryptography Zenroom scripts for microservices or as a library.
Includes:
- ML-DSA-44 sign: signs a string and returns string, signature and public key of the signer. Uses a private key included in the repo. If you want to create a new sk, use the example Apiroom or use Zenrooom CLI
- ML-DSA-44 verify: verifies the output from above
The scripts can be used in Zenroom, or as a microservice.
When used as standalone, requires NCR to run
With the Makefile
makeDownlod NCR (runs only on Linux):
wget https://github.com/forkbombeu/ncr/releases/latest/download/ncr && chmod +x ncrRun NCR or port 3333:
./ncr -p 3333 -z ../tf-pqcrypto-scripts/contractsThere are already secret and public keys in the folder ./contracts/keys that you can use for testing.
You can also create new keys, using the API create-keys or the corresponding applet that you can open at http://localhost:3333/create-keys/app, the new keys will be stored into ./contracts/keys/keyring.keys.json and ./contracts/keys/pubkeys.keys.json
You can also print out the pubkeys using the API print-pubkeys or the corresponing applet at http://localhost:3333/print-pubkeys/app
Once you have created your keys, you can:
-
Sign a string (using the secret key we just created) with ML-DSA-44
-
verify a ML-DSA-44 signature Note: if instead of a string you want to sign an object or data coming from an endpoint, 1 or 2 lines of Zencode are needed (ask us if you need help at [email protected])
-
encrypt a string using ML-KEM + AES (coming soon)
-
decrypt a string using ML-KEM + AES (coming soon)
Open the browser at http://localhost:3333/docs
You should see something like:
In Swagger, navigate the Generated Applets section, press execute and open the resulting URL in the browser, or access the applets directly from:
- Signature applet: http://localhost:3333/ml-dsa44-sign/app
- Verification applet:http://localhost:3333/ml-dsa44-verify/app
The applets look like:
