Built for Developers — Integrates With Your Stack
Qudo PQC is a drop-in OpenSSL 3.x provider. Add post-quantum cryptography to any OpenSSL-based application without touching a line of application code. Pre-built binaries, native C libraries, and language bindings for every platform.
- ✓Download pre-built binaries for Linux, macOS, or Windows
- ✓Or clone from GitHub and build from source with CMake
- ✓Available for x86_64 (AVX2), ARM64 (NEON), ARM32, and x86-32
- ✓Copy qudoprovider.so to your OpenSSL modules directory
- ✓Copy libqudo-pqc.so (the PQC library) to your OpenSSL lib directory
- ✓Add a few lines to openssl.cnf — no application code changes
- ✓Restart your server — Nginx, Apache, HAProxy all pick it up instantly
- ✓8 KEM algorithms (pure + hybrid key exchange)
- ✓15 signature algorithms (ML-DSA + SLH-DSA)
- ✓Automatic quantum-safe TLS with Chrome, Firefox, and Safari
- ✓Single binary — no need to choose between AVX2 or NEON builds
- ✓Auto-detects AVX2 (Intel/AMD), NEON (ARM), or falls back to portable C99
- ✓Fastest implementation selected at startup with zero configuration
System Requirements
Ensure your system meets these requirements before downloading.
Required
CMake 3.15+ (if building from source)
C99 compiler — GCC 9+, Clang 12+, or MSVC 2019+
Check Your Version
openssl version OpenSSL 3.5.0 8 Apr 2025
From Download to Production in 5 Steps
Everything you need to evaluate, integrate, and deploy Qudo PQC in your environment.
Download
Choose your path — pre-built binaries for your OS and architecture, or build from source via GitHub.
Pre-built binaries # Download for your platform tar -xzf qudoprovider-linux-x86_64.tar.gz # Contains: .so, headers, README
Build from source git clone <repository-url> cd qudo-pqc/qudo-provider ./build.sh -i
Install & Configure
Install the provider into your OpenSSL modules directory. No application code changes — just a configuration update. Every OpenSSL-linked application on the system gains instant access to all PQC algorithms.
# Auto-install both files to OpenSSL directories ./build.sh -i # Or manually: copy provider + PQC library + update config MODULES=$(openssl version -m | grep -oP ""\K[^"]+")) sudo cp qudoprovider.so $MODULES/ sudo cp libqudo-pqc.so $(dirname $MODULES)/ # OpenSSL lib dir # Add to /etc/ssl/openssl.cnf: openssl_conf = openssl_init [openssl_init] providers = provider_sect [provider_sect] default = default_sect qudoprovider = qudoprovider_sect [default_sect] activate = 1 [qudoprovider_sect] activate = 1 module = /usr/lib/ossl-modules/qudoprovider.so
Integrate With Your Application
Choose how to integrate based on your stack. The provider works transparently with any OpenSSL-based application — or use the native C API or language bindings for direct access.
Zero code changes — Nginx, Apache, HAProxy, and any OpenSSL app picks up PQC automatically via openssl.cnf.
Link against libqudo-mlkem, libqudo-mldsa, or libqudo-slhdsa directly. Object API or zero-allocation Direct API.
Python, Java, Go, .NET, Rust — idiomatic wrappers with package manager install (pip, Maven, go get, NuGet, Cargo).
Test & Verify
Run the built-in test suite to confirm correctness, then verify your TLS connections are quantum-safe.
# Run the full test suite cd qudo-pqc/qudo-provider/build ctest --output-on-failure ✓ 5/5 tests passed # Verify PQC algorithms are available openssl list -kem-algorithms -provider qudoprovider openssl list -signature-algorithms -provider qudoprovider
Deploy to Production
Roll out to production with confidence. Start with hybrid mode for a safe migration path, then transition to full PQC when ready.
X25519MLKEM768 — combines classical and PQC key exchange. Secure even if one algorithm is broken. Works with Chrome 131+, Firefox 128+, Safari 18+.
mlkem768 + ML-DSA-65 — full quantum resistance without classical fallback. For environments requiring maximum future-proof security.
Load the provider, update TLS config, restart services. Existing classical clients continue to connect — PQC-capable clients upgrade automatically.
Download Pre-Built Libraries
Pre-compiled binaries for all supported platforms. Choose your OS and architecture, or build from source.
Linux
macOS
Windows
Each archive contains all libraries (libqudo-mlkem, libqudo-mldsa, libqudo-slhdsa, qudoprovider), header files, README, LICENSE, CHANGELOG, and SECURITY. Requires OpenSSL 3.4+ on the target system. Contact us for custom builds or embedded targets.
Build From Source on GitHub
Qudo PQC is fully open source. Clone the repository, inspect the code, run the test suite, and build for any supported platform. Contributions are welcome via pull requests.
- ✓Full source code for all four components
- ✓NIST formally verified reference implementations included
- ✓CI/CD workflows for automated testing
- ✓Cross-compilation toolchains for embedded targets
- ✓Comprehensive test suite with NIST KAT vectors
- ✓Open issues and feature requests on GitHub
# Clone the repository git clone <repository-url> cd qudo-pqc # Build everything (provider + all libraries) cd qudo-provider ./build.sh # Run the full test suite cd build && ctest --output-on-failure # Install to OpenSSL modules directory ./build.sh -i ✓ Provider installed successfully ✓ All 5 test suites passed
Repository Structure
Native Bindings for Every Language
Qudo provides idiomatic wrappers around the core C library for all major languages. Each SDK exposes the full Qudo API including KEM, digital signatures, and hash-based signatures.
Works With Your Existing Tools
Qudo integrates with the servers, cloud platforms, CI/CD pipelines, and PKI systems your team already uses.
- ✓Nginx
- ✓Apache HTTP Server
- ✓HAProxy
- ✓Caddy
- ✓Envoy Proxy
- ✓AWS KMS (Custom Key Store)
- ✓Azure Key Vault (Managed HSM)
- ✓Google Cloud KMS (External Keys)
- ✓Kubernetes (CSI Secrets Store)
- ✓Jenkins
- ✓GitLab CI
- ✓GitHub Actions
- ✓OpenSSL CLI & CA
- ✓EJBCA
- ✓HashiCorp Vault
Start Your Quantum-Safe Migration
Get full access to Qudo PQC algorithms, language bindings, and comprehensive documentation. Evaluate in your own environment with real workloads.