Module: JWT::PQ
- Defined in:
- lib/jwt/pq.rb,
lib/jwt/pq/jwk.rb,
lib/jwt/pq/key.rb,
lib/jwt/pq/errors.rb,
lib/jwt/pq/liboqs.rb,
lib/jwt/pq/ml_dsa.rb,
lib/jwt/pq/jwk_set.rb,
lib/jwt/pq/version.rb,
lib/jwt/pq/hybrid_key.rb,
lib/jwt/pq/jwks_loader.rb,
lib/jwt/pq/algorithms/ml_dsa.rb,
lib/jwt/pq/algorithms/hybrid_eddsa.rb
Overview
Post-quantum signature support for the ruby-jwt ecosystem.
Provides ML-DSA (FIPS 204) signatures as JWT algorithms ML-DSA-44,
ML-DSA-65, and ML-DSA-87, plus optional hybrid modes EdDSA+ML-DSA-*
that concatenate an Ed25519 signature with an ML-DSA signature.
Defined Under Namespace
Modules: Algorithms, LibOQS Classes: Error, HybridKey, JWK, JWKSFetchError, JWKSet, Key, KeyError, LiboqsError, MissingDependencyError, MlDsa, SignatureError, UnsupportedAlgorithmError
Constant Summary collapse
- VERSION =
Current gem version.
"0.5.0"
Class Method Summary collapse
-
.hybrid_available? ⇒ Boolean
Whether the
ed25519(orjwt-eddsa) gem is available for hybrid mode. -
.reset_handles! ⇒ void
Drop the cache of liboqs signature handles held by this process.
Class Method Details
.hybrid_available? ⇒ Boolean
Whether the ed25519 (or jwt-eddsa) gem is available for hybrid mode.
Hybrid EdDSA+ML-DSA-* algorithms require the ed25519 gem at runtime.
This method probes for it without raising, so callers can decide whether
to offer hybrid options.
39 40 41 42 43 44 |
# File 'lib/jwt/pq.rb', line 39 def self.hybrid_available? require "ed25519" true rescue LoadError false end |
.reset_handles! ⇒ void
This method returns an undefined value.
Drop the cache of liboqs signature handles held by this process.
Call from a post-fork hook in clustered Rack/Rails servers so that child workers allocate fresh FFI handles instead of reusing pointers inherited from the parent via copy-on-write. The first sign/verify call in the child will lazily rebuild the handle.
60 61 62 |
# File 'lib/jwt/pq.rb', line 60 def self.reset_handles! MlDsa.reset_handles! end |