KyotoTech.SaQura.Mcp · v0.3.0 · NuGet

SaQura MCP Server

Introduction

The SaQura MCP server brings SaQura's post-quantum cryptography straight into your AI assistant (Claude, GitHub Copilot, Cursor, Continue.dev …) — via the Model Context Protocol.

  • Try cryptography live from a chat: AES-256-GCM, RSA-4096, PBKDF2-SHA512, PQC-KEM (FrodoKEM / Classic-McEliece + NIST FIPS ML-KEM/ML-DSA/SLH-DSA) — through the real SaQura engine.
  • Generate idiomatic SaQura integration code for .NET, Swift and Kotlin.

NuGet: KyotoTech.SaQura.Mcp (+ 6 platform RID packages) · runs the SaQura engine 1.0.11.

Requirements

  • dnxships with the .NET 10 SDK (downloads & runs the package).
  • MCP client: Claude Desktop, Cursor, VS Code, etc.
  • Transport: stdio

Setup

Claude Desktop / Cursor

Add to your MCP configuration:

{
  "mcpServers": {
    "saqura": {
      "command": "dnx",
      "args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"]
    }
  }
}

VS Code

// .vscode/mcp.json
{
  "servers": {
    "saqura": {
      "type": "stdio",
      "command": "dnx",
      "args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"]
    }
  }
}

Restart the client — the SaQura tools appear automatically.

Tools

The server exposes 17 tools — crypto operations plus onboarding/integration helpers:

ToolParametersWhat it does
saqura_capabilitiesOverview: algorithms, tiers, free-tier limits, platforms.
saqura_get_startedplatformInstall command + minimal example (dotnet/swift/kotlin).
saqura_generate_integrationplatform, operationIdiomatic code snippet (aes/rsa/password/quantum).
saqura_license_statusCurrent tier, watermark status, availability.
saqura_aes_demoplaintextGenerate key → AES-256-GCM encrypt/decrypt (demo).
saqura_aes_encryptplaintext, keyBase64AES-256-GCM
saqura_aes_decryptciphertext, keyBase64AES-256-GCM
saqura_password_hashpasswordPBKDF2-SHA512 (210,000 iterations).
saqura_password_verifypassword, hashVerify password against hash.
saqura_rsa_generate_keypairRSA-4096 key pair (PEM).
saqura_rsa_encryptplaintext, publicKeyRSA-4096 OAEP
saqura_rsa_decryptciphertext, privateKeyRSA-4096 OAEP
saqura_rsa_signdata, privateKeyRSA-PSS-SHA256
saqura_rsa_verifydata, signatureBase64, publicKeyRSA-PSS-SHA256
saqura_quantum_generate_keypairstrength?, generation?PQC key pair (Gen4 default).
saqura_quantum_encryptplaintext, publicKeyBase64PQC-KEM; returns ciphertext + encapsulated secret.
saqura_quantum_decryptciphertextBase64, privateKeyBase64, secretBase64PQC-KEM

Licensing

All cryptography runs locally — no plaintext ever leaves your machine.

By default the server runs on the free tier (demonstration): cryptographic outputs carry a watermark and input sizes are limited. Password hashing is fully functional (hash + verify).

Unlock watermark-free

Provide a SaQura license via an environment variable in your MCP configuration — it is activated at startup and everything still runs locally:

  • SAQURA_LICENSE_FILEpath to a SaQura license file (offline, recommended), or
  • SAQURA_LICENSE_KEYa license key (online activation).
{
  "mcpServers": {
    "saqura": {
      "command": "dnx",
      "args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"],
      "env": { "SAQURA_LICENSE_FILE": "/path/to/your-license.lic" }
    }
  }
}

The same SaQura library license unlocks both the SDKs and the MCP server. Pricing: /pricing.