The communication with the remote QRNG is performed by means of web sockets, where for authentication and key exchange, quantum-resistant algorithms (PQC) are used.
An example of such remote QRNG service is our qrng.lumii.lv.
You will need GraalVM based on JDK16+ to compile the native client library (“qrng.dll”, “qrng.dylib”, “libqrng.so”). You can download GraalVM by means of our scripts. Add (as the first element)
/path/to/graalvm/bin to your
PATH variable. In Windows, use the semicolon
; as PATH delimiter. In other operating systems, use the colon
In Linux, specify the
LD_LIBRARY_PATH=/path/to/graalvm/lib environment variable.
In MacOS, specify the
DYLD_LIBRARY_PATH=/path/to/graalvm/lib environment variable.
Native Image for GraalVM
gu install native-image
In Windows, you will need
Visual Studio Community with C++ tools. Visual Studio is free for academic reseach and open source development. However, it is a paid software, if used for commercial purposes.
CMake tools: https://marketplace.visualstudio.com/items?itemName=ms-vscode.cmake-tools
In other operating systems, install dev tools and
git using the appropriate package manager (such as
brew). See Native Image docs.
Clone the Sources
git clone https://github.com/LUMII-Syslab/qrng-client.git
Building the Native Library in Windows
cmd and initialize Visual Studio environment variables (use your version in the path):
"C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\Build\vcvarsall.bat" x64 cd C:\path\to\qrng-client gradlew nativeCompile
If you get an error like
Fatal error: Unsupported OptionOrigin: C:\Users\SysLab\AppData\Local\Temp\native-image822152195599878649args
then this is a GraalVM bug. Split the path shown in the error message into two parts, and invoke:
cd C:\Users\SysLab\AppData\Local\Temp native-image @native-image822152195599878649args
build.gradle, comment the line (otherwise you won’t be able to run tests due to the bug mentioned above):
// dependsOn nativeCompile
Building the Native Library in UNIX (Linux/MacOS)
cd /path/to/qrng-client ./gradlew nativeCompile
Testing the Native Library
You will need these files:
ca.truststore(the root CA certificate used to sign the QRNG server HTTPS certificate and client sertificates)
token.keystore(your client certificate, signed by the CA that serves the QRNG server)
qrng.properties(key passwords and other settings)
Obtain these files from the administrator of the remote QRNG service and put them into the same directory, where the native library has been built (i.e., into
Then run (from the project root):
That will build the
test.exe program (from
src/test/cpp/test.cpp) that tries (twice) to get random numbers from the remote QRNG via a quantum-safe link. The first try is expected to return 10 random bytes. The second try is expected to return an error message.
Work in Progress…
For Linux, we are going to provide the “qrng” systemd service and the “qrng” Linux kernel module, which creates the /dev/qrandom0 device, which communicates with a remote QRNG web service.
On Windows, we are working on qrng.dll, which will provide hooks for Windows API functions CryptGenRandom, BCryptGenRandom, and RtlGenRandom. These functions are used by programs compiled for Windows (e.g., openssl.exe) for obtaining random numbers. We re-implement these functions by returning random numbers obtained from a remote QRNG device.
(Institute of Mathematics and Computer Science, University of Latvia)
MIT + third-party licenses for third-party code (e.g., Apache 2.0 license for the
nl.altindag.ssl package, GPLv2 with Classpath exception for GraalVM-related code that will be compiled into the client, etc.)