allsecurex-quantum-scanner 1.0.0

package/LICENSE

@@ -0,0 +1,46 @@
+AllSecureX Quantum Scanner - Proprietary License
+
+Copyright (c) 2025 AllSecureX. All rights reserved.
+
+This software and associated documentation files (the "Software") are the
+proprietary property of AllSecureX. The Software is licensed, not sold.
+
+TERMS OF USE:
+
+1. LICENSE GRANT
+   Subject to the terms of this agreement and your subscription tier, you are
+   granted a limited, non-exclusive, non-transferable license to use the
+   Software for scanning your own codebases for quantum-vulnerable cryptographic
+   implementations.
+
+2. RESTRICTIONS
+   You may NOT:
+   - Reverse engineer, decompile, or disassemble the Software
+   - Modify, adapt, or create derivative works based on the Software
+   - Rent, lease, lend, sell, sublicense, or distribute the Software
+   - Use the Software to compete with AllSecureX products or services
+   - Remove or alter any proprietary notices in the Software
+
+3. USAGE LIMITS
+   Your use of the Software is subject to the scan limits of your subscription
+   tier (Community: 5/month, Professional: 100/month, Enterprise: Unlimited).
+
+4. DATA PRIVACY
+   The Software performs local analysis and does not transmit source code to
+   AllSecureX servers. Only anonymized findings metadata may be transmitted
+   when cloud sync is enabled.
+
+5. DISCLAIMER OF WARRANTIES
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+
+6. LIMITATION OF LIABILITY
+   IN NO EVENT SHALL ALLSECUREX BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL,
+   EXEMPLARY, OR CONSEQUENTIAL DAMAGES ARISING FROM THE USE OF THE SOFTWARE.
+
+7. TERMINATION
+   This license is effective until terminated. AllSecureX may terminate this
+   license at any time if you breach any of its terms.
+
+For questions about licensing, contact: legal@allsecurex.com

package/README.md

@@ -0,0 +1,112 @@
+# AllSecureX Quantum Scanner
+
+**AI-Driven Post-Quantum Cryptography Assessment Tool**
+
+Scan your codebase for quantum-vulnerable cryptographic implementations and get actionable migration recommendations.
+
+## Installation
+
+```bash
+npm install -g @allsecurex-quantum/scanner
+```
+
+## Quick Start
+
+```bash
+# Authenticate with your API key
+quantum-scanner auth login --key qv_your_api_key_here
+
+# Scan current directory
+quantum-scanner scan .
+
+# Scan with cloud sync
+quantum-scanner scan . --sync
+
+# View quota
+quantum-scanner quota
+```
+
+## Features
+
+- **Private Scanning** - All detection patterns are compiled into the binary; source code never leaves your machine
+- **Comprehensive Detection** - Identifies RSA, ECDSA, DH, DSA, MD5, SHA-1, weak ciphers, and more
+- **Migration Roadmap** - Get prioritized recommendations for quantum-safe alternatives
+- **Crypto Agility Score** - Track your organization's readiness for the post-quantum era
+- **Cloud Sync** - Optionally sync findings to your AllSecureX dashboard
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `quantum-scanner auth login` | Authenticate with your API key |
+| `quantum-scanner auth logout` | Remove stored credentials |
+| `quantum-scanner auth status` | Show authentication status |
+| `quantum-scanner scan <path>` | Scan directory for quantum-vulnerable crypto |
+| `quantum-scanner scan . --sync` | Scan and sync results to cloud |
+| `quantum-scanner scan . --output report.json` | Export results to JSON |
+| `quantum-scanner quota` | Check remaining scans for your tier |
+| `quantum-scanner history` | View scan history |
+| `quantum-scanner report [scan_id]` | View a scan report |
+
+## Scan Tiers
+
+| Tier | Monthly Scans |
+|------|---------------|
+| Community | 5 |
+| Professional | 100 |
+| Enterprise | Unlimited |
+
+Upgrade at [allsecurex.com/pricing](https://allsecurex.com/pricing)
+
+## Detection Categories
+
+| Category | Risk Level | Recommended Replacement |
+|----------|------------|------------------------|
+| RSA | Broken by 2030 | ML-KEM-768 |
+| ECDSA/ECDH | Broken by 2030 | ML-DSA-65 |
+| Diffie-Hellman | Broken by 2030 | ML-KEM-768 |
+| MD5, SHA-1 | Broken Now | SHA-256+ |
+| 3DES, RC4, Blowfish | Broken Now | AES-256-GCM |
+| TLS 1.0/1.1 | Broken Now | TLS 1.3 |
+
+## Output Example
+
+```
+╔══════════════════════════════════════════════════════════════╗
+║           AllSecureX Quantum Scanner Report                  ║
+╚══════════════════════════════════════════════════════════════╝
+
+Scan: my-project
+Files Scanned: 1,234
+Findings: 47
+
+Crypto Agility Score: 65/100
+
+┌─────────────────────────────────────────────────────────────┐
+│ SEVERITY BREAKDOWN                                          │
+├─────────────────────────────────────────────────────────────┤
+│ ⛔ Critical (Broken Now):     12                            │
+│ 🔴 High (Broken by 2030):     23                            │
+│ 🟡 Medium (Uncertain):         8                            │
+│ 🟢 Low (Quantum Safe):         4                            │
+└─────────────────────────────────────────────────────────────┘
+```
+
+## Privacy
+
+Your source code **never leaves your machine**. The scanner binary contains all detection patterns locally. Only anonymized findings metadata is sent to the API when using `--sync`.
+
+## Requirements
+
+- Node.js 16 or later
+- macOS (Intel/ARM), Linux, or Windows
+
+## Support
+
+- Documentation: [allsecurex.com/docs](https://allsecurex.com/docs)
+- Email: support@allsecurex.com
+- Issues: [github.com/allsecurex/quantum-scanner/issues](https://github.com/allsecurex/quantum-scanner/issues)
+
+## License
+
+Proprietary - © 2025 AllSecureX. All rights reserved.

package/bin/quantum-scanner

@@ -0,0 +1,60 @@
+#!/usr/bin/env node
+
+/**
+ * AllSecureX Quantum Scanner - CLI Wrapper
+ *
+ * This wrapper script invokes the platform-specific binary
+ * that was downloaded during npm install.
+ */
+
+const { spawn } = require('child_process');
+const path = require('path');
+const fs = require('fs');
+
+// Determine binary path
+const binDir = __dirname;
+const isWindows = process.platform === 'win32';
+const binaryName = isWindows ? 'quantum-scanner.exe' : 'quantum-scanner-bin';
+const binaryPath = path.join(binDir, binaryName);
+
+// Check if binary exists
+if (!fs.existsSync(binaryPath)) {
+  console.error('\n╔══════════════════════════════════════════════════════════════╗');
+  console.error('║  ❌ Quantum Scanner binary not found!                         ║');
+  console.error('╚══════════════════════════════════════════════════════════════╝\n');
+  console.error('The binary may not have been downloaded correctly during installation.');
+  console.error('\nTo fix this, try:');
+  console.error('  1. npm rebuild @allsecurex-quantum/scanner');
+  console.error('  2. Or reinstall: npm install -g @allsecurex-quantum/scanner');
+  console.error('\nFor manual installation:');
+  console.error('  Visit: https://scanner.allsecurex.com/download\n');
+  process.exit(1);
+}
+
+// Spawn the binary with all arguments passed through
+const child = spawn(binaryPath, process.argv.slice(2), {
+  stdio: 'inherit',
+  env: process.env,
+});
+
+// Handle process exit
+child.on('error', (err) => {
+  if (err.code === 'EACCES') {
+    console.error('\n❌ Permission denied. Try running:');
+    console.error(`   chmod +x "${binaryPath}"\n`);
+  } else {
+    console.error(`\n❌ Error running quantum-scanner: ${err.message}\n`);
+  }
+  process.exit(1);
+});
+
+child.on('exit', (code) => {
+  process.exit(code || 0);
+});
+
+// Forward signals to child process
+['SIGINT', 'SIGTERM', 'SIGQUIT'].forEach((signal) => {
+  process.on(signal, () => {
+    child.kill(signal);
+  });
+});

package/package.json

@@ -0,0 +1,51 @@
+{
+  "name": "allsecurex-quantum-scanner",
+  "version": "1.0.0",
+  "description": "AllSecureX Quantum Scanner - AI-Driven Post-Quantum Cryptography Assessment Tool",
+  "keywords": [
+    "quantum",
+    "cryptography",
+    "security",
+    "scanner",
+    "pqc",
+    "post-quantum",
+    "crypto-agility",
+    "vulnerability",
+    "assessment"
+  ],
+  "author": "AllSecureX <support@allsecurex.com>",
+  "license": "Proprietary",
+  "homepage": "https://allsecurex.com",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/allsecurex/quantum-scanner.git"
+  },
+  "bugs": {
+    "url": "https://github.com/allsecurex/quantum-scanner/issues"
+  },
+  "bin": {
+    "quantum-scanner": "bin/quantum-scanner"
+  },
+  "scripts": {
+    "postinstall": "node scripts/install-binary.js"
+  },
+  "engines": {
+    "node": ">=16.0.0"
+  },
+  "os": [
+    "darwin",
+    "linux",
+    "win32"
+  ],
+  "cpu": [
+    "x64",
+    "arm64"
+  ],
+  "files": [
+    "bin/",
+    "scripts/",
+    "README.md",
+    "LICENSE"
+  ],
+  "publishConfig": {}
+}

package/scripts/install-binary.js

@@ -0,0 +1,206 @@
+#!/usr/bin/env node
+
+/**
+ * AllSecureX Quantum Scanner - Binary Installer
+ *
+ * Downloads the appropriate pre-compiled binary for the user's platform.
+ * Binaries are hosted on S3 and are signed for integrity verification.
+ */
+
+const https = require('https');
+const http = require('http');
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+const crypto = require('crypto');
+
+const BINARY_BASE_URL = 'https://scanner.allsecurex.com/releases';
+const VERSION = require('../package.json').version;
+
+// Platform-specific binary mappings
+const PLATFORM_BINARIES = {
+  'darwin-x64': 'quantum-scanner-darwin-x64',
+  'darwin-arm64': 'quantum-scanner-darwin-arm64',
+  'linux-x64': 'quantum-scanner-linux-x64',
+  'linux-arm64': 'quantum-scanner-linux-arm64',
+  'win32-x64': 'quantum-scanner-win-x64.exe',
+};
+
+// SHA256 checksums for each binary (updated with each release)
+const CHECKSUMS = {
+  'darwin-x64': '',
+  'darwin-arm64': '',
+  'linux-x64': '',
+  'linux-arm64': '',
+  'win32-x64': '',
+};
+
+function getPlatformKey() {
+  const platform = process.platform;
+  const arch = process.arch;
+  return `${platform}-${arch}`;
+}
+
+function getBinaryName() {
+  const platformKey = getPlatformKey();
+  const binary = PLATFORM_BINARIES[platformKey];
+
+  if (!binary) {
+    console.error(`\n❌ Unsupported platform: ${platformKey}`);
+    console.error('Supported platforms:');
+    Object.keys(PLATFORM_BINARIES).forEach(p => console.error(`  - ${p}`));
+    console.error('\nPlease visit https://allsecurex.com/download for manual installation.');
+    process.exit(1);
+  }
+
+  return binary;
+}
+
+function downloadFile(url, destPath) {
+  return new Promise((resolve, reject) => {
+    const protocol = url.startsWith('https') ? https : http;
+    const file = fs.createWriteStream(destPath);
+
+    console.log(`📥 Downloading from ${url}...`);
+
+    const request = protocol.get(url, (response) => {
+      // Handle redirects
+      if (response.statusCode === 301 || response.statusCode === 302) {
+        file.close();
+        fs.unlinkSync(destPath);
+        return downloadFile(response.headers.location, destPath).then(resolve).catch(reject);
+      }
+
+      if (response.statusCode !== 200) {
+        file.close();
+        fs.unlinkSync(destPath);
+        reject(new Error(`Failed to download: HTTP ${response.statusCode}`));
+        return;
+      }
+
+      const totalSize = parseInt(response.headers['content-length'], 10);
+      let downloadedSize = 0;
+
+      response.on('data', (chunk) => {
+        downloadedSize += chunk.length;
+        if (totalSize) {
+          const percent = ((downloadedSize / totalSize) * 100).toFixed(1);
+          process.stdout.write(`\r   Progress: ${percent}% (${formatBytes(downloadedSize)} / ${formatBytes(totalSize)})`);
+        }
+      });
+
+      response.pipe(file);
+
+      file.on('finish', () => {
+        file.close();
+        console.log('\n');
+        resolve();
+      });
+    });
+
+    request.on('error', (err) => {
+      file.close();
+      fs.unlink(destPath, () => {});
+      reject(err);
+    });
+
+    request.setTimeout(60000, () => {
+      request.destroy();
+      file.close();
+      fs.unlink(destPath, () => {});
+      reject(new Error('Download timeout'));
+    });
+  });
+}
+
+function formatBytes(bytes) {
+  if (bytes < 1024) return bytes + ' B';
+  if (bytes < 1024 * 1024) return (bytes / 1024).toFixed(1) + ' KB';
+  return (bytes / (1024 * 1024)).toFixed(1) + ' MB';
+}
+
+function verifyChecksum(filePath, expectedChecksum) {
+  if (!expectedChecksum) {
+    console.log('⚠️  Checksum verification skipped (no checksum available for this release)');
+    return true;
+  }
+
+  console.log('🔐 Verifying checksum...');
+  const fileBuffer = fs.readFileSync(filePath);
+  const hashSum = crypto.createHash('sha256');
+  hashSum.update(fileBuffer);
+  const actualChecksum = hashSum.digest('hex');
+
+  if (actualChecksum !== expectedChecksum) {
+    console.error('❌ Checksum verification failed!');
+    console.error(`   Expected: ${expectedChecksum}`);
+    console.error(`   Got: ${actualChecksum}`);
+    return false;
+  }
+
+  console.log('✅ Checksum verified');
+  return true;
+}
+
+async function install() {
+  console.log('\n╔══════════════════════════════════════════════════════════════╗');
+  console.log('║       AllSecureX Quantum Scanner - Binary Installer          ║');
+  console.log('║       AI-Driven Post-Quantum Cryptography Assessment         ║');
+  console.log('╚══════════════════════════════════════════════════════════════╝\n');
+
+  const platformKey = getPlatformKey();
+  const binaryName = getBinaryName();
+  const downloadUrl = `${BINARY_BASE_URL}/v${VERSION}/${binaryName}`;
+
+  console.log(`📋 Platform: ${platformKey}`);
+  console.log(`📋 Version: ${VERSION}`);
+  console.log(`📋 Binary: ${binaryName}\n`);
+
+  const binDir = path.join(__dirname, '..', 'bin');
+  const binaryPath = path.join(binDir, process.platform === 'win32' ? 'quantum-scanner.exe' : 'quantum-scanner-bin');
+
+  // Ensure bin directory exists
+  if (!fs.existsSync(binDir)) {
+    fs.mkdirSync(binDir, { recursive: true });
+  }
+
+  try {
+    await downloadFile(downloadUrl, binaryPath);
+
+    // Verify checksum
+    const expectedChecksum = CHECKSUMS[platformKey];
+    if (!verifyChecksum(binaryPath, expectedChecksum)) {
+      fs.unlinkSync(binaryPath);
+      console.error('\n❌ Installation failed: Checksum mismatch');
+      console.error('Please try again or contact support@allsecurex.com');
+      process.exit(1);
+    }
+
+    // Make executable on Unix systems
+    if (process.platform !== 'win32') {
+      fs.chmodSync(binaryPath, '755');
+    }
+
+    console.log('✅ Installation complete!\n');
+    console.log('🚀 Get started:');
+    console.log('   quantum-scanner auth login    # Authenticate with your API key');
+    console.log('   quantum-scanner scan .        # Scan current directory');
+    console.log('   quantum-scanner --help        # Show all commands\n');
+    console.log('📚 Documentation: https://allsecurex.com/docs/quantum-scanner');
+    console.log('💬 Support: support@allsecurex.com\n');
+
+  } catch (error) {
+    console.error(`\n❌ Installation failed: ${error.message}`);
+    console.error('\nManual installation:');
+    console.error(`1. Download the binary from: https://scanner.allsecurex.com/download`);
+    console.error(`2. Place it in your PATH as 'quantum-scanner'`);
+    console.error(`3. Make it executable: chmod +x quantum-scanner`);
+    process.exit(1);
+  }
+}
+
+// Run installer
+install().catch((err) => {
+  console.error('Installation error:', err);
+  process.exit(1);
+});