KyotoTech.SaQura.Mcp · v0.3.0 · NuGet
SaQura MCP Server
Introduction
The SaQura MCP server brings SaQura's post-quantum cryptography straight into your AI assistant (Claude, GitHub Copilot, Cursor, Continue.dev …) — via the Model Context Protocol.
- Try cryptography live from a chat: AES-256-GCM, RSA-4096, PBKDF2-SHA512, PQC-KEM (FrodoKEM / Classic-McEliece + NIST FIPS ML-KEM/ML-DSA/SLH-DSA) — through the real SaQura engine.
- Generate idiomatic SaQura integration code for .NET, Swift and Kotlin.
NuGet: KyotoTech.SaQura.Mcp (+ 6 platform RID packages) · runs the SaQura engine 1.0.11.
Requirements
- dnx — ships with the .NET 10 SDK (downloads & runs the package).
- MCP client: Claude Desktop, Cursor, VS Code, etc.
- Transport: stdio
Setup
Claude Desktop / Cursor
Add to your MCP configuration:
{
"mcpServers": {
"saqura": {
"command": "dnx",
"args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"]
}
}
}VS Code
// .vscode/mcp.json
{
"servers": {
"saqura": {
"type": "stdio",
"command": "dnx",
"args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"]
}
}
}Restart the client — the SaQura tools appear automatically.
Tools
The server exposes 17 tools — crypto operations plus onboarding/integration helpers:
| Tool | Parameters | What it does |
|---|---|---|
saqura_capabilities | — | Overview: algorithms, tiers, free-tier limits, platforms. |
saqura_get_started | platform | Install command + minimal example (dotnet/swift/kotlin). |
saqura_generate_integration | platform, operation | Idiomatic code snippet (aes/rsa/password/quantum). |
saqura_license_status | — | Current tier, watermark status, availability. |
saqura_aes_demo | plaintext | Generate key → AES-256-GCM encrypt/decrypt (demo). |
saqura_aes_encrypt | plaintext, keyBase64 | AES-256-GCM |
saqura_aes_decrypt | ciphertext, keyBase64 | AES-256-GCM |
saqura_password_hash | password | PBKDF2-SHA512 (210,000 iterations). |
saqura_password_verify | password, hash | Verify password against hash. |
saqura_rsa_generate_keypair | — | RSA-4096 key pair (PEM). |
saqura_rsa_encrypt | plaintext, publicKey | RSA-4096 OAEP |
saqura_rsa_decrypt | ciphertext, privateKey | RSA-4096 OAEP |
saqura_rsa_sign | data, privateKey | RSA-PSS-SHA256 |
saqura_rsa_verify | data, signatureBase64, publicKey | RSA-PSS-SHA256 |
saqura_quantum_generate_keypair | strength?, generation? | PQC key pair (Gen4 default). |
saqura_quantum_encrypt | plaintext, publicKeyBase64 | PQC-KEM; returns ciphertext + encapsulated secret. |
saqura_quantum_decrypt | ciphertextBase64, privateKeyBase64, secretBase64 | PQC-KEM |
Licensing
All cryptography runs locally — no plaintext ever leaves your machine.
By default the server runs on the free tier (demonstration): cryptographic outputs carry a watermark and input sizes are limited. Password hashing is fully functional (hash + verify).
Unlock watermark-free
Provide a SaQura license via an environment variable in your MCP configuration — it is activated at startup and everything still runs locally:
SAQURA_LICENSE_FILE— path to a SaQura license file (offline, recommended), orSAQURA_LICENSE_KEY— a license key (online activation).
{
"mcpServers": {
"saqura": {
"command": "dnx",
"args": ["KyotoTech.SaQura.Mcp", "--version", "0.3.0", "--yes"],
"env": { "SAQURA_LICENSE_FILE": "/path/to/your-license.lic" }
}
}
}The same SaQura library license unlocks both the SDKs and the MCP server. Pricing: /pricing.