quantumsafe-scan 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- quantumsafe_scan-0.1.0/LICENSE +21 -0
- quantumsafe_scan-0.1.0/PKG-INFO +569 -0
- quantumsafe_scan-0.1.0/README.md +552 -0
- quantumsafe_scan-0.1.0/cli/__init__.py +8 -0
- quantumsafe_scan-0.1.0/cli/cli.py +203 -0
- quantumsafe_scan-0.1.0/cli/recommender.py +150 -0
- quantumsafe_scan-0.1.0/cli/reporter.py +343 -0
- quantumsafe_scan-0.1.0/cli/scanner.py +515 -0
- quantumsafe_scan-0.1.0/cli/scorer.py +54 -0
- quantumsafe_scan-0.1.0/pyproject.toml +37 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/PKG-INFO +569 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/SOURCES.txt +24 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/dependency_links.txt +1 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/entry_points.txt +2 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/requires.txt +1 -0
- quantumsafe_scan-0.1.0/quantumsafe_scan.egg-info/top_level.txt +1 -0
- quantumsafe_scan-0.1.0/setup.cfg +4 -0
- quantumsafe_scan-0.1.0/tests/test_api.py +191 -0
- quantumsafe_scan-0.1.0/tests/test_benchmark.py +30 -0
- quantumsafe_scan-0.1.0/tests/test_conformance.py +92 -0
- quantumsafe_scan-0.1.0/tests/test_features.py +78 -0
- quantumsafe_scan-0.1.0/tests/test_pqc.py +46 -0
- quantumsafe_scan-0.1.0/tests/test_quantum.py +43 -0
- quantumsafe_scan-0.1.0/tests/test_scanner.py +144 -0
- quantumsafe_scan-0.1.0/tests/test_schema.py +46 -0
- quantumsafe_scan-0.1.0/tests/test_scorer.py +54 -0
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 QuantumSafe
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
@@ -0,0 +1,569 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: quantumsafe-scan
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Scan codebases for quantum-vulnerable cryptography and generate a NIST-aligned migration plan.
|
|
5
|
+
Author: QuantumSafe
|
|
6
|
+
License: MIT
|
|
7
|
+
Project-URL: Homepage, https://github.com/Danny-397/Quantamn-Safe
|
|
8
|
+
Keywords: quantum,cryptography,pqc,nist,security,kyber,dilithium
|
|
9
|
+
Classifier: Programming Language :: Python :: 3
|
|
10
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
11
|
+
Classifier: Topic :: Security :: Cryptography
|
|
12
|
+
Requires-Python: >=3.9
|
|
13
|
+
Description-Content-Type: text/markdown
|
|
14
|
+
License-File: LICENSE
|
|
15
|
+
Requires-Dist: rich>=13.0
|
|
16
|
+
Dynamic: license-file
|
|
17
|
+
|
|
18
|
+
# QuantumSafe
|
|
19
|
+
|
|
20
|
+
[](https://github.com/Danny-397/Quantamn-Safe/actions/workflows/ci.yml)
|
|
21
|
+

|
|
22
|
+

|
|
23
|
+

|
|
24
|
+
|
|
25
|
+
**A post-quantum security platform that demonstrates the quantum attack, detects
|
|
26
|
+
the vulnerable cryptography in your code, and implements the quantum-safe fix.**
|
|
27
|
+
|
|
28
|
+
QuantumSafe scans code across 11 languages for the cryptography that quantum
|
|
29
|
+
computers will break (RSA, ECC, Diffie-Hellman) or weaken (AES-128, SHA-256),
|
|
30
|
+
scores the risk 0–100, and maps every finding to its NIST FIPS 203/204/205
|
|
31
|
+
replacement — backed by a real Qiskit implementation of Shor's and Grover's
|
|
32
|
+
algorithms and a from-scratch lattice (LWE) key-encapsulation mechanism.
|
|
33
|
+
|
|
34
|
+
> ⚠️ **Disclaimer.** QuantumSafe is a security-awareness and triage tool. It uses
|
|
35
|
+
> static pattern + AST analysis and is **not** a substitute for a professional
|
|
36
|
+
> cryptographic audit. Findings are heuristic and may include false
|
|
37
|
+
> positives/negatives.
|
|
38
|
+
|
|
39
|
+
---
|
|
40
|
+
|
|
41
|
+
## The three layers
|
|
42
|
+
|
|
43
|
+
QuantumSafe covers the full arc of the post-quantum problem — not just naming it,
|
|
44
|
+
but **executing** the attack, **finding** the vulnerable code, and **running** the
|
|
45
|
+
solution:
|
|
46
|
+
|
|
47
|
+
| Layer | Module | What it does |
|
|
48
|
+
|-------|--------|--------------|
|
|
49
|
+
| **1. Attack** | [`quantum/`](quantum/) | Shor's and Grover's algorithms in **Qiskit**, run on a quantum simulator. Shor factors a number and reconstructs an RSA key — the concrete reason RSA/ECC are rated HIGH. |
|
|
50
|
+
| **2. Detection** | [`cli/`](cli/) | A hybrid **AST + regex** static-analysis engine over 11 languages that scores risk and produces a NIST-aligned migration plan. **100% precision/recall** on a labeled [benchmark](benchmark/). |
|
|
51
|
+
| **3. Fix** | [`pqc/`](pqc/) | A from-scratch **lattice (LWE) key-encapsulation mechanism** — the math behind CRYSTALS-Kyber / ML-KEM — so the recommended fix is runnable and provable. |
|
|
52
|
+
|
|
53
|
+
The detection layer ships through three surfaces that share **one** engine:
|
|
54
|
+
|
|
55
|
+
- A **free CLI** (`pip install quantumsafe-scan`) — scan local dirs or public GitHub
|
|
56
|
+
repos; export JSON / HTML / SARIF / CBOM / SVG badge.
|
|
57
|
+
- A **Flask REST API** — powers the dashboard, ingests scans, handles auth.
|
|
58
|
+
- A **dark, terminal-style web dashboard** — scan history, findings, migration
|
|
59
|
+
plans, and exports. **Free, no paywall.**
|
|
60
|
+
|
|
61
|
+
---
|
|
62
|
+
|
|
63
|
+
## Why it matters
|
|
64
|
+
|
|
65
|
+
RSA-2048 and elliptic-curve crypto secure almost everything — HTTPS/TLS,
|
|
66
|
+
certificates, SSH, code signing, VPNs. **Shor's algorithm breaks all of it.** The
|
|
67
|
+
math is settled; only the hardware is missing (RSA-2048 needs millions of
|
|
68
|
+
error-corrected qubits, and today's machines have a few hundred noisy ones).
|
|
69
|
+
|
|
70
|
+
That gap is the reason to act now, not later:
|
|
71
|
+
|
|
72
|
+
- **"Harvest now, decrypt later":** an adversary can record encrypted traffic
|
|
73
|
+
today and decrypt it once the hardware exists. Anything that must stay secret
|
|
74
|
+
for 5–15 years is effectively at risk *now*.
|
|
75
|
+
- **Migration is slow:** swapping cryptography across a large codebase takes years
|
|
76
|
+
— which is why NIST finalized the post-quantum standards (FIPS 203/204/205) in
|
|
77
|
+
2024.
|
|
78
|
+
|
|
79
|
+
QuantumSafe makes that migration tractable: **find** the vulnerable crypto,
|
|
80
|
+
**understand** why it's vulnerable, and **adopt** the quantum-safe replacement.
|
|
81
|
+
|
|
82
|
+
---
|
|
83
|
+
|
|
84
|
+
## Architecture
|
|
85
|
+
|
|
86
|
+

|
|
87
|
+
|
|
88
|
+
One shared detection engine (`cli/`) sits behind three surfaces — the CLI, the
|
|
89
|
+
REST API, and the web dashboard — and is flanked by two runnable companions: the
|
|
90
|
+
`quantum/` attack module (which *justifies* the risk ratings) and the `pqc/`
|
|
91
|
+
defense module (which *implements* the recommended fix). Full write-up in
|
|
92
|
+
[docs/ARCHITECTURE.md](docs/ARCHITECTURE.md); the diagram is regenerated by
|
|
93
|
+
`python docs/make_architecture.py` (vector source: [docs/architecture.svg](docs/architecture.svg)).
|
|
94
|
+
|
|
95
|
+
## Documentation
|
|
96
|
+
|
|
97
|
+
| Document | What's in it |
|
|
98
|
+
|----------|--------------|
|
|
99
|
+
| [docs/WHITEPAPER.md](docs/WHITEPAPER.md) | Full technical whitepaper: threat model, design, scoring, evaluation, limitations, future work |
|
|
100
|
+
| [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) | Components, the CLI→API→Scanner→Risk→Export pipeline, data flow, deployment topology |
|
|
101
|
+
| [docs/architecture_diagram.txt](docs/architecture_diagram.txt) | One-screen ASCII system diagram |
|
|
102
|
+
| [docs/EXAMPLES.md](docs/EXAMPLES.md) | **Real** scan output — terminal table, JSON, SARIF, HTML, badge |
|
|
103
|
+
| [docs/NIST_MAPPING.md](docs/NIST_MAPPING.md) | Every detected family → its NIST PQC replacement, with the reasoning |
|
|
104
|
+
| [docs/CVE_MAPPING.md](docs/CVE_MAPPING.md) | Findings mapped to general vulnerability classes (no invented CVEs) |
|
|
105
|
+
| [benchmark/RESULTS.md](benchmark/RESULTS.md) | Precision/recall/F1, risk distribution, reproducible charts |
|
|
106
|
+
| [TECHNICAL_OVERVIEW.md](TECHNICAL_OVERVIEW.md) | Design decisions, quantum-threat background, honest limitations |
|
|
107
|
+
|
|
108
|
+
---
|
|
109
|
+
|
|
110
|
+
## Key features
|
|
111
|
+
|
|
112
|
+
- **11-language detection** — Python (AST-aware), JavaScript/TypeScript, Java, Go,
|
|
113
|
+
Ruby, C#, PHP, Rust, C/C++, Kotlin, Swift.
|
|
114
|
+
- **0–100 Quantum Risk Score** computed from real findings (never hardcoded), with
|
|
115
|
+
Low/Medium/High/Critical bands.
|
|
116
|
+
- **NIST-aligned migration plan** — each finding mapped to ML-KEM/ML-DSA/SHA-3/
|
|
117
|
+
AES-256 with the relevant FIPS standard and a complexity estimate.
|
|
118
|
+
- **Six export formats** — terminal, JSON, HTML, **SARIF** (GitHub code scanning),
|
|
119
|
+
**CycloneDX CBOM**, and an embeddable **SVG risk badge**. The SARIF output is
|
|
120
|
+
validated against the official OASIS 2.1.0 JSON Schema and the CBOM against the
|
|
121
|
+
CycloneDX 1.6 crypto structure in the test suite, so they interoperate for real.
|
|
122
|
+
- **Real quantum demos** — Shor + Grover in Qiskit, plus circuit resource
|
|
123
|
+
estimates.
|
|
124
|
+
- **Real post-quantum crypto** — an LWE KEM verified over 200+ key exchanges with
|
|
125
|
+
zero failures.
|
|
126
|
+
- **Measured, not asserted** — a labeled benchmark with adversarial decoys, plus an
|
|
127
|
+
empirical study (88% of real repos affected).
|
|
128
|
+
- **Production practice** — one shared engine for CLI + API, **74 automated
|
|
129
|
+
tests**, CI, Docker, a reusable GitHub Action, and multi-service deploy configs.
|
|
130
|
+
|
|
131
|
+
---
|
|
132
|
+
|
|
133
|
+
## What it detects
|
|
134
|
+
|
|
135
|
+
| Risk | Algorithms |
|
|
136
|
+
|------|------------|
|
|
137
|
+
| **HIGH** — migrate immediately | RSA (any size, incl. RSA-2048/4096), ECDSA / ECDH / ECC, DSA, Diffie-Hellman, MD5, SHA-1 |
|
|
138
|
+
| **MEDIUM** — plan migration | TLS 1.0 / 1.1, 3DES / Triple DES, RC4, RSA key sizes under 2048 |
|
|
139
|
+
| **LOW** — monitor | SHA-256, AES-128, TLS 1.2 |
|
|
140
|
+
|
|
141
|
+
Each finding includes the file, line number, algorithm, risk level, *why* it is
|
|
142
|
+
vulnerable, and a NIST-approved replacement:
|
|
143
|
+
|
|
144
|
+
- RSA/ECC key exchange → **CRYSTALS-Kyber (ML-KEM, FIPS 203)**
|
|
145
|
+
- RSA/ECDSA/DSA signatures → **CRYSTALS-Dilithium (ML-DSA, FIPS 204)** / SPHINCS+ (FIPS 205)
|
|
146
|
+
- Hash functions → **SHA-3** or SHA-256
|
|
147
|
+
- Symmetric encryption → **AES-256**
|
|
148
|
+
|
|
149
|
+
## Quantum Risk Score
|
|
150
|
+
|
|
151
|
+
A 0–100 score computed **from real findings**:
|
|
152
|
+
|
|
153
|
+
```
|
|
154
|
+
score = min(100, 15*HIGH + 5*MEDIUM + 1*LOW)
|
|
155
|
+
```
|
|
156
|
+
|
|
157
|
+
| Score | Band | Meaning |
|
|
158
|
+
|-------|------|---------|
|
|
159
|
+
| 0–30 | Low | Good quantum hygiene |
|
|
160
|
+
| 31–60 | Medium | Plan migration |
|
|
161
|
+
| 61–80 | High | Prioritize migration |
|
|
162
|
+
| 81–100 | Critical | Immediate action required |
|
|
163
|
+
|
|
164
|
+
---
|
|
165
|
+
|
|
166
|
+
## Evaluation (does the detector actually work?)
|
|
167
|
+
|
|
168
|
+
The scanner is measured against a labeled [benchmark](benchmark/) of 15 files
|
|
169
|
+
across 9 languages, including adversarial decoys (crypto names in comments,
|
|
170
|
+
docstrings, log strings, and word-boundary traps like `md5sumLabel`) designed to
|
|
171
|
+
trip a naive matcher. `evaluate.py` runs the scanner twice — a naive line-regex
|
|
172
|
+
baseline vs. the string/comment-aware engine — so the improvement is measured:
|
|
173
|
+
|
|
174
|
+
```bash
|
|
175
|
+
python benchmark/evaluate.py
|
|
176
|
+
```
|
|
177
|
+
|
|
178
|
+
| Configuration | FP | Precision | Recall | F1 |
|
|
179
|
+
|---|--:|--:|--:|--:|
|
|
180
|
+
| Naive line-regex baseline | 14 | 65.0% | 100% | 78.8% |
|
|
181
|
+
| **QuantumSafe (usage-aware)** | **0** | **100%** | **100%** | **100%** |
|
|
182
|
+
|
|
183
|
+
Usage-awareness removes 14 false positives (keywords inside docstrings/log strings)
|
|
184
|
+
without losing a true positive. `evaluate.py` prints the exact false
|
|
185
|
+
positives/negatives so the numbers are auditable, and the thresholds are enforced
|
|
186
|
+
by `tests/test_benchmark.py`. Honest
|
|
187
|
+
limits are documented in [benchmark/README.md](benchmark/README.md) and
|
|
188
|
+
[benchmark/RESULTS.md](benchmark/RESULTS.md) — this is a regression benchmark, not
|
|
189
|
+
a claim of perfection on arbitrary code.
|
|
190
|
+
|
|
191
|
+
These charts are generated from **live scanner output** by
|
|
192
|
+
`python benchmark/graphs/generate_graphs.py` (not hardcoded):
|
|
193
|
+
|
|
194
|
+
| Vulnerabilities by family | Severity split | Scan time vs. files |
|
|
195
|
+
|---|---|---|
|
|
196
|
+
|  |  |  |
|
|
197
|
+
|
|
198
|
+
**See real scan output** — terminal table, JSON, SARIF, HTML, and an SVG risk
|
|
199
|
+
badge from an actual scan — in [docs/EXAMPLES.md](docs/EXAMPLES.md).
|
|
200
|
+
|
|
201
|
+
### Real-world scan: paramiko (the SSH library)
|
|
202
|
+
|
|
203
|
+
Run against a shallow clone of [`paramiko/paramiko`](https://github.com/paramiko/paramiko)
|
|
204
|
+
— the SSH implementation behind Ansible, Fabric, and much of the Python ecosystem.
|
|
205
|
+
SSH key exchange leans on RSA, ECDSA, and Diffie-Hellman, all broken by Shor's
|
|
206
|
+
algorithm, which makes it a textbook "harvest now, decrypt later" target:
|
|
207
|
+
|
|
208
|
+
```bash
|
|
209
|
+
quantumsafe scan --repo https://github.com/paramiko/paramiko
|
|
210
|
+
```
|
|
211
|
+
|
|
212
|
+
| Metric | Result |
|
|
213
|
+
|---|---|
|
|
214
|
+
| Quantum Risk Score | **100 / 100 (Critical)** |
|
|
215
|
+
| Findings (usage-aware) | **110** — 89 HIGH, 6 MEDIUM, 15 LOW |
|
|
216
|
+
| Top algorithms | ECDSA ×23, ECC ×21, SHA-1 ×18, RSA ×15, MD5 ×10, 3DES ×6 |
|
|
217
|
+
| Most-affected files | `paramiko/pkey.py`, `rsakey.py`, `transport.py`, `ecdsakey.py` |
|
|
218
|
+
|
|
219
|
+
The usage-aware engine matters here: a naive line-regex reports **451 raw
|
|
220
|
+
matches**, but most are the same algorithms repeated in docstrings, comments, and
|
|
221
|
+
SSH protocol-name strings (`"ssh-rsa"`, `"ecdsa-sha2-nistp256"`). Focusing on real
|
|
222
|
+
code brings that to **110** findings — a ~4× noise reduction. *Honest caveat: on a
|
|
223
|
+
protocol library, a few of those suppressed string constants are arguably real
|
|
224
|
+
signals, so 110 is a deliberately conservative, code-focused count — not a claim
|
|
225
|
+
that the other 341 were all false positives.*
|
|
226
|
+
|
|
227
|
+
### Empirical study — how widespread is the problem?
|
|
228
|
+
|
|
229
|
+
Scanning 8 widely-used open-source projects ([`study/`](study/), reproducible via
|
|
230
|
+
`python study/run_study.py`):
|
|
231
|
+
|
|
232
|
+
- **88%** contained at least one **HIGH-risk** (Shor-breakable) cryptographic usage.
|
|
233
|
+
- Average Quantum Risk Score: **72.9 / 100**.
|
|
234
|
+
|
|
235
|
+
Full results and caveats: [study/REPORT.md](study/REPORT.md).
|
|
236
|
+
|
|
237
|
+
---
|
|
238
|
+
|
|
239
|
+
## Quantum demonstrations (Shor & Grover)
|
|
240
|
+
|
|
241
|
+
```bash
|
|
242
|
+
pip install -r quantum/requirements.txt
|
|
243
|
+
python quantum/shor.py # quantum order-finding factors N=15, then breaks a toy RSA key
|
|
244
|
+
python quantum/grover.py # recovers a hidden k-bit key in ~sqrt(2^k) steps
|
|
245
|
+
python quantum/resources.py # qubit count, circuit depth, gate counts vs. RSA-2048 estimates
|
|
246
|
+
```
|
|
247
|
+
|
|
248
|
+
- **`shor.py`** uses quantum phase estimation over modular exponentiation to find
|
|
249
|
+
the order of `a mod N`, factors `N`, and reconstructs an RSA private key — the
|
|
250
|
+
concrete reason RSA/ECC are rated **HIGH**.
|
|
251
|
+
- **`grover.py`** uses amplitude amplification to search a key space in ~√N
|
|
252
|
+
queries, halving effective key strength — the reason AES-128/SHA-256 are **LOW**.
|
|
253
|
+
|
|
254
|
+
Honest scope: these run at small scale (factoring 15), the genuine state of the art
|
|
255
|
+
for end-to-end Shor. See [quantum/README.md](quantum/README.md).
|
|
256
|
+
|
|
257
|
+
## Post-quantum solution ([`pqc/`](pqc/))
|
|
258
|
+
|
|
259
|
+
```bash
|
|
260
|
+
pip install -r pqc/requirements.txt
|
|
261
|
+
python pqc/lwe_kem.py # Alice & Bob agree on a shared secret; an eavesdropper can't
|
|
262
|
+
python pqc/benchmark.py # measured latency + key/ciphertext sizes vs RSA & ML-KEM
|
|
263
|
+
```
|
|
264
|
+
|
|
265
|
+
Why a quantum computer can't break it: LWE has **no periodic structure** for Shor
|
|
266
|
+
to exploit. See [pqc/README.md](pqc/README.md).
|
|
267
|
+
|
|
268
|
+
---
|
|
269
|
+
|
|
270
|
+
## CLI: install & usage
|
|
271
|
+
|
|
272
|
+
```bash
|
|
273
|
+
pip install quantumsafe-scan # from PyPI once published
|
|
274
|
+
# or, from this repo:
|
|
275
|
+
pip install -e .
|
|
276
|
+
```
|
|
277
|
+
|
|
278
|
+
### Commands
|
|
279
|
+
|
|
280
|
+
```bash
|
|
281
|
+
# Scan a local directory (colored terminal table)
|
|
282
|
+
quantumsafe scan --path ./myproject
|
|
283
|
+
|
|
284
|
+
# Scan a public GitHub repo (shallow-cloned to a temp dir, then cleaned up)
|
|
285
|
+
quantumsafe scan --repo https://github.com/org/app
|
|
286
|
+
|
|
287
|
+
# Write a report: JSON, HTML, SARIF, CycloneDX CBOM, or an SVG risk badge
|
|
288
|
+
quantumsafe scan --path ./myproject --output report.json
|
|
289
|
+
quantumsafe scan --path ./myproject --output report.html
|
|
290
|
+
quantumsafe scan --path ./myproject --output report.sarif # GitHub code scanning
|
|
291
|
+
quantumsafe scan --path ./myproject --output report.cbom.json # CycloneDX CBOM
|
|
292
|
+
quantumsafe scan --path ./myproject --output badge.svg # embeddable risk badge
|
|
293
|
+
|
|
294
|
+
# Skip paths with glob patterns (repeatable)
|
|
295
|
+
quantumsafe scan --path . --exclude 'tests/*' --exclude 'vendor/*'
|
|
296
|
+
|
|
297
|
+
# Fail the process (exit 1) if any HIGH finding exists — handy in CI
|
|
298
|
+
quantumsafe scan --path . --fail-on-high
|
|
299
|
+
|
|
300
|
+
# Try it on the bundled examples
|
|
301
|
+
quantumsafe scan --path examples
|
|
302
|
+
|
|
303
|
+
# Link the CLI to your dashboard, then scans auto-upload to your history
|
|
304
|
+
quantumsafe auth --key qs_live_xxxxxxxx --api-url https://quantumsafe-api.onrender.com
|
|
305
|
+
quantumsafe scan --path ./myproject # prints results AND syncs to dashboard
|
|
306
|
+
quantumsafe scan --path ./myproject --no-sync # local only, don't upload
|
|
307
|
+
|
|
308
|
+
# Version
|
|
309
|
+
quantumsafe version
|
|
310
|
+
```
|
|
311
|
+
|
|
312
|
+
| Flag | Description |
|
|
313
|
+
|------|-------------|
|
|
314
|
+
| `--path` | Local directory or file to scan |
|
|
315
|
+
| `--repo` | Public `https://github.com/<org>/<repo>` URL |
|
|
316
|
+
| `--output` | Write to `.json`, `.cbom.json` (CycloneDX CBOM), `.html`, `.sarif`, or `.svg` (risk badge); terminal summary still printed |
|
|
317
|
+
| `--exclude` | Glob of paths to skip (repeatable) |
|
|
318
|
+
| `--fail-on-high` | Exit non-zero on any HIGH finding (CI gate) |
|
|
319
|
+
| `--no-sync` | Don't upload the result to your linked dashboard |
|
|
320
|
+
|
|
321
|
+
After `quantumsafe auth --key <key> --api-url <your-api>`, every `quantumsafe scan`
|
|
322
|
+
also uploads its report to your dashboard (`POST /api/v1/scan/import`). Use
|
|
323
|
+
`--no-sync` to keep a scan local.
|
|
324
|
+
|
|
325
|
+
**Suppressing a finding:** add `# quantumsafe: ignore` (any comment style) to the
|
|
326
|
+
line.
|
|
327
|
+
|
|
328
|
+
### Use in CI (GitHub Action)
|
|
329
|
+
|
|
330
|
+
```yaml
|
|
331
|
+
- uses: Danny-397/Quantamn-Safe@main
|
|
332
|
+
with:
|
|
333
|
+
path: .
|
|
334
|
+
exclude: tests/*,vendor/*
|
|
335
|
+
fail-on-high: "true"
|
|
336
|
+
- uses: github/codeql-action/upload-sarif@v3
|
|
337
|
+
with:
|
|
338
|
+
sarif_file: quantumsafe.sarif
|
|
339
|
+
```
|
|
340
|
+
|
|
341
|
+
---
|
|
342
|
+
|
|
343
|
+
## API documentation
|
|
344
|
+
|
|
345
|
+
Base URL (dev): `http://localhost:5000` · all endpoints under `/api/v1`.
|
|
346
|
+
Authentication: **JWT** (`Authorization: Bearer <token>`) for the dashboard, or a
|
|
347
|
+
**CLI API key** (`X-API-Key: qs_live_...`) for the scan endpoint.
|
|
348
|
+
|
|
349
|
+
### Auth
|
|
350
|
+
|
|
351
|
+
```http
|
|
352
|
+
POST /api/v1/auth/register { "email", "password" } -> { token, user }
|
|
353
|
+
POST /api/v1/auth/login { "email", "password" } -> { token, user }
|
|
354
|
+
GET /api/v1/auth/verify?token=... -> { message }
|
|
355
|
+
POST /api/v1/auth/forgot { "email" } -> { message }
|
|
356
|
+
POST /api/v1/auth/reset { "token", "password" } -> { message }
|
|
357
|
+
GET /api/v1/auth/me (JWT) -> { user }
|
|
358
|
+
```
|
|
359
|
+
|
|
360
|
+
### Scanning
|
|
361
|
+
|
|
362
|
+
```http
|
|
363
|
+
POST /api/v1/scan (JWT or X-API-Key)
|
|
364
|
+
{ "repo_url": "https://github.com/org/app" } # or multipart file=<.zip>
|
|
365
|
+
-> { scan_id, report }
|
|
366
|
+
|
|
367
|
+
POST /api/v1/scan/import (X-API-Key) # used by the CLI to upload results
|
|
368
|
+
{ "report": { ...quantumsafe report... } } -> { scan_id }
|
|
369
|
+
|
|
370
|
+
POST /api/v1/demo-scan (public, rate-limited) # landing-page live demo
|
|
371
|
+
{ "code": "..." } -> { report } # runs the real engine, stores nothing
|
|
372
|
+
|
|
373
|
+
GET /api/v1/scans?page=1&per_page=20 (JWT) -> paginated list
|
|
374
|
+
GET /api/v1/scans/{id} (JWT) -> scan + findings
|
|
375
|
+
GET /api/v1/scans/{id}/export?format=json|html|csv|sarif|cbom|svg (JWT)
|
|
376
|
+
GET /api/v1/scans/{id}/migration (JWT) -> grouped migration plan
|
|
377
|
+
GET /api/v1/overview (JWT) -> dashboard stats + trend
|
|
378
|
+
```
|
|
379
|
+
|
|
380
|
+
### API key management
|
|
381
|
+
|
|
382
|
+
```http
|
|
383
|
+
GET /api/v1/user/apikey (JWT) -> { has_api_key, api_key_prefix }
|
|
384
|
+
POST /api/v1/user/apikey (JWT) -> { api_key } # full key shown ONCE
|
|
385
|
+
```
|
|
386
|
+
|
|
387
|
+
All endpoints are rate-limited; CORS is restricted to `FRONTEND_ORIGIN`. GDPR-style
|
|
388
|
+
endpoints (`/user/data` export, `/user/account` delete) let a user export or erase
|
|
389
|
+
all of their data.
|
|
390
|
+
|
|
391
|
+
---
|
|
392
|
+
|
|
393
|
+
## Dashboard
|
|
394
|
+
|
|
395
|
+
| Overview | Findings | Migration plan |
|
|
396
|
+
|---|---|---|
|
|
397
|
+
|  |  |  |
|
|
398
|
+
|
|
399
|
+
A static site (`frontend/`) — no build step. Pages:
|
|
400
|
+
|
|
401
|
+
- **Landing** — hero, in-browser live scanner, feature pillars (free, no paywall).
|
|
402
|
+
- **Auth** — login, register, forgot/reset password.
|
|
403
|
+
- **Dashboard** — Overview (risk score, totals, trend chart, recent scans),
|
|
404
|
+
Scans (paginated), Findings (filterable), Settings (API key + account).
|
|
405
|
+
- **Scan detail** — full findings table, filter by risk, export JSON/HTML/CSV/SARIF/CBOM/SVG.
|
|
406
|
+
- **Migration plan** — findings grouped by risk with NIST replacement, standard
|
|
407
|
+
reference, and estimated complexity.
|
|
408
|
+
- **Research** — a public explainer of Shor/Grover/LWE/Kyber and the NIST standards.
|
|
409
|
+
|
|
410
|
+
Point the dashboard at your API by editing one line in `frontend/config.js`:
|
|
411
|
+
|
|
412
|
+
```js
|
|
413
|
+
window.QUANTUMSAFE_API = "https://quantumsafe-api.onrender.com";
|
|
414
|
+
```
|
|
415
|
+
|
|
416
|
+
(Leave it `""` for local development — it falls back to `http://localhost:5000`.)
|
|
417
|
+
|
|
418
|
+
---
|
|
419
|
+
|
|
420
|
+
## Local development setup
|
|
421
|
+
|
|
422
|
+
Requires Python 3.9+.
|
|
423
|
+
|
|
424
|
+
```bash
|
|
425
|
+
git clone https://github.com/Danny-397/Quantamn-Safe
|
|
426
|
+
cd Quantamn-Safe
|
|
427
|
+
|
|
428
|
+
# 1) Install the shared scanner package (CLI) in editable mode
|
|
429
|
+
pip install -e .
|
|
430
|
+
|
|
431
|
+
# 2) Install backend dependencies
|
|
432
|
+
pip install -r backend/requirements.txt
|
|
433
|
+
|
|
434
|
+
# 3) Configure environment
|
|
435
|
+
cp .env.example .env # fill in SECRET_KEY / JWT_SECRET_KEY at minimum
|
|
436
|
+
|
|
437
|
+
# 4) Run the API (creates SQLite tables automatically)
|
|
438
|
+
cd backend
|
|
439
|
+
python app.py # http://localhost:5000 (health: /health)
|
|
440
|
+
|
|
441
|
+
# 5) Serve the dashboard (any static server)
|
|
442
|
+
cd ../frontend
|
|
443
|
+
python -m http.server 3000 # http://localhost:3000
|
|
444
|
+
```
|
|
445
|
+
|
|
446
|
+
### Run the whole stack with Docker
|
|
447
|
+
|
|
448
|
+
```bash
|
|
449
|
+
docker compose up --build
|
|
450
|
+
# Dashboard -> http://localhost:3000 API -> http://localhost:5000
|
|
451
|
+
```
|
|
452
|
+
|
|
453
|
+
### Tests
|
|
454
|
+
|
|
455
|
+
```bash
|
|
456
|
+
pip install -r requirements-dev.txt
|
|
457
|
+
pytest -q # 65 tests; in-memory DB, no setup
|
|
458
|
+
```
|
|
459
|
+
|
|
460
|
+
Seed a demo account so the dashboard is populated:
|
|
461
|
+
|
|
462
|
+
```bash
|
|
463
|
+
cd backend && python seed_demo.py # demo@quantumsafe.dev / demodemo123
|
|
464
|
+
```
|
|
465
|
+
|
|
466
|
+
Without `MAIL_SERVER` configured, verification/reset emails are printed to the
|
|
467
|
+
server log instead of being sent — so you can develop without SMTP.
|
|
468
|
+
|
|
469
|
+
---
|
|
470
|
+
|
|
471
|
+
## Environment variables
|
|
472
|
+
|
|
473
|
+
See [`.env.example`](.env.example).
|
|
474
|
+
|
|
475
|
+
| Variable | Required | Where to get it |
|
|
476
|
+
|----------|----------|-----------------|
|
|
477
|
+
| `SECRET_KEY` | ✅ | Generate: `python -c "import secrets;print(secrets.token_hex(32))"` |
|
|
478
|
+
| `JWT_SECRET_KEY` | ✅ | Generate the same way (use a different value) |
|
|
479
|
+
| `DATABASE_URL` | prod | Render Postgres dashboard → *Connections* (SQLite used if unset) |
|
|
480
|
+
| `FRONTEND_ORIGIN` | ✅ | Your dashboard URL, e.g. `https://quantumsafe.vercel.app` |
|
|
481
|
+
| `DASHBOARD_URL` | ✅ | Same as above (used in emails) |
|
|
482
|
+
| `API_URL` | ✅ | The deployed API URL (used for email verify links) |
|
|
483
|
+
| `MAIL_SERVER` / `MAIL_PORT` / `MAIL_USE_TLS` | email | Your SMTP provider (e.g. `smtp.gmail.com` / 587 / true) |
|
|
484
|
+
| `MAIL_USERNAME` / `MAIL_PASSWORD` | email | SMTP credentials (Gmail: an App Password) |
|
|
485
|
+
| `MAIL_DEFAULT_SENDER` | email | The "from" address |
|
|
486
|
+
| `RATELIMIT_STORAGE_URI` | optional | `memory://` (dev) or a Redis URL (prod) |
|
|
487
|
+
|
|
488
|
+
---
|
|
489
|
+
|
|
490
|
+
## Deployment
|
|
491
|
+
|
|
492
|
+
[](https://render.com/deploy?repo=https://github.com/Danny-397/Quantamn-Safe)
|
|
493
|
+
|
|
494
|
+
See **[DEPLOYMENT.md](DEPLOYMENT.md)** for the full walkthrough. In short:
|
|
495
|
+
|
|
496
|
+
- **CLI → PyPI:** `python -m build && twine upload dist/*`
|
|
497
|
+
- **Backend → Render:** push the repo; Render reads [`render.yaml`](render.yaml)
|
|
498
|
+
(web service + Postgres). Set the `sync: false` env vars in the dashboard.
|
|
499
|
+
- **Frontend → Vercel:** set Root Directory to `frontend/`; point
|
|
500
|
+
`frontend/config.js` at your Render API URL.
|
|
501
|
+
|
|
502
|
+
---
|
|
503
|
+
|
|
504
|
+
## Project structure
|
|
505
|
+
|
|
506
|
+
```
|
|
507
|
+
Quantamn-Safe/
|
|
508
|
+
├── quantum/ # REAL quantum computing (Qiskit): the attacks themselves
|
|
509
|
+
│ ├── shor.py # Shor's algorithm — factors N, breaks RSA
|
|
510
|
+
│ ├── grover.py # Grover's algorithm — key-search speedup
|
|
511
|
+
│ ├── resources.py # qubit / depth / gate-count estimation
|
|
512
|
+
│ └── README.md
|
|
513
|
+
├── pqc/ # Post-quantum SOLUTION: lattice (LWE) crypto from scratch
|
|
514
|
+
│ ├── lwe_kem.py # quantum-safe key encapsulation (the math behind Kyber)
|
|
515
|
+
│ ├── benchmark.py # latency & sizes vs RSA / ML-KEM
|
|
516
|
+
│ └── README.md
|
|
517
|
+
├── cli/ # the `quantumsafe` package (CLI + shared engine)
|
|
518
|
+
│ ├── scanner.py # AST + regex detection
|
|
519
|
+
│ ├── scorer.py # risk score
|
|
520
|
+
│ ├── recommender.py # NIST recommendations
|
|
521
|
+
│ ├── reporter.py # terminal / JSON / HTML / SARIF / CBOM / SVG output
|
|
522
|
+
│ └── cli.py # argparse entry point
|
|
523
|
+
├── backend/ # Flask REST API
|
|
524
|
+
│ ├── app.py config.py extensions.py models.py
|
|
525
|
+
│ ├── auth.py api.py scanner_service.py
|
|
526
|
+
│ └── requirements.txt
|
|
527
|
+
├── frontend/ # static dashboard (no build step)
|
|
528
|
+
│ ├── index.html login.html dashboard.html scan.html migration.html
|
|
529
|
+
│ ├── research.html privacy.html terms.html
|
|
530
|
+
│ └── style.css app.js config.js
|
|
531
|
+
├── benchmark/ # labeled precision/recall evaluation (+ graphs/)
|
|
532
|
+
├── study/ # empirical scan over real open-source repos
|
|
533
|
+
├── docs/ # whitepaper, architecture, NIST & vuln-class mappings
|
|
534
|
+
├── pyproject.toml # packages cli/ as `quantumsafe`
|
|
535
|
+
└── render.yaml .env.example README.md
|
|
536
|
+
```
|
|
537
|
+
|
|
538
|
+
---
|
|
539
|
+
|
|
540
|
+
## NIST PQC references
|
|
541
|
+
|
|
542
|
+
- **FIPS 203** — Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM / Kyber)
|
|
543
|
+
- **FIPS 204** — Module-Lattice-Based Digital Signature Algorithm (ML-DSA / Dilithium)
|
|
544
|
+
- **FIPS 205** — Stateless Hash-Based Digital Signature Algorithm (SLH-DSA / SPHINCS+)
|
|
545
|
+
- **NIST SP 800-52 Rev. 2** — TLS guidance
|
|
546
|
+
- **NIST SP 800-131A Rev. 2** — transitioning cryptographic algorithms/key lengths
|
|
547
|
+
- **NIST IR 8547** — transition to post-quantum cryptography standards
|
|
548
|
+
|
|
549
|
+
Full reasoning per algorithm: [docs/NIST_MAPPING.md](docs/NIST_MAPPING.md).
|
|
550
|
+
|
|
551
|
+
---
|
|
552
|
+
|
|
553
|
+
## If this were a product
|
|
554
|
+
|
|
555
|
+
QuantumSafe is intentionally **free and open source** — the core scan needs no
|
|
556
|
+
account, and the CLI / GitHub Action are the primary way it's meant to be used.
|
|
557
|
+
That's a deliberate choice, not a missing feature: a login wall would only add
|
|
558
|
+
friction to a tool whose value is instant.
|
|
559
|
+
|
|
560
|
+
For the record, the productization thinking exists even though it isn't built:
|
|
561
|
+
the free tier would stay everything shown here (scan, score, migration plan, all
|
|
562
|
+
exports); a paid tier would be the things that only make sense for an
|
|
563
|
+
organization — scheduled re-scans with drift alerts, multi-repo/org dashboards,
|
|
564
|
+
SSO, and audit-ready CBOM history for compliance. Those are operational features,
|
|
565
|
+
not gates on the core detection, which is the part that should always be open.
|
|
566
|
+
|
|
567
|
+
## License
|
|
568
|
+
|
|
569
|
+
MIT — see [LICENSE](LICENSE).
|