Class: JWT::PQ::Algorithms::HybridEdDsa

Inherits:

Object

• Object
• JWT::PQ::Algorithms::HybridEdDsa

Includes:

JWA::SigningAlgorithm

Defined in:

lib/jwt/pq/algorithms/hybrid_eddsa.rb

Overview

JWT signing algorithm for hybrid EdDSA + ML-DSA signatures.

The signature is a simple concatenation: ed25519_sig (64 bytes) || ml_dsa_sig. This allows PQ-aware verifiers to validate both, while the fixed 64-byte Ed25519 prefix makes it possible to split the signatures deterministically.

Constant Summary

ED25519_SIG_SIZE =

64

Instance Method Summary

• #header ⇒ Object
• #initialize(alg) ⇒ HybridEdDsa constructor

  A new instance of HybridEdDsa.

• #sign(data:, signing_key:) ⇒ Object
• #verify(data:, signature:, verification_key:) ⇒ Object

Constructor Details

#initialize(alg) ⇒ HybridEdDsa

Returns a new instance of HybridEdDsa.

# File 'lib/jwt/pq/algorithms/hybrid_eddsa.rb', line 18

def initialize(alg)
  @alg = alg
end

Instance Method Details

#header ⇒ Object

# File 'lib/jwt/pq/algorithms/hybrid_eddsa.rb', line 22

def header(*)
  { "alg" => alg, "pq_alg" => ml_dsa_algorithm }
end

#sign(data:, signing_key:) ⇒ Object

# File 'lib/jwt/pq/algorithms/hybrid_eddsa.rb', line 26

def sign(data:, signing_key:)
  key = resolve_signing_key(signing_key)

  ed_sig = key.ed25519_signing_key.sign(data)
  ml_sig = key.ml_dsa_key.sign(data)

  # Concatenate: Ed25519 (64 bytes) || ML-DSA (variable)
  ed_sig + ml_sig
end

#verify(data:, signature:, verification_key:) ⇒ Object

# File 'lib/jwt/pq/algorithms/hybrid_eddsa.rb', line 36

def verify(data:, signature:, verification_key:)
  key = resolve_verification_key(verification_key)

  return false if signature.bytesize <= ED25519_SIG_SIZE

  ed_sig = signature.byteslice(0, ED25519_SIG_SIZE)
  ml_sig = signature.byteslice(ED25519_SIG_SIZE..)

  ed_valid = begin
    key.ed25519_verify_key.verify(ed_sig, data)
    true
  rescue Ed25519::VerifyError
    false
  end

  ml_valid = key.ml_dsa_key.verify(data, ml_sig)

  ed_valid && ml_valid
rescue JWT::PQ::Error
  false
end