Class: JWT::PQ::Algorithms::MlDsa Private

Inherits:
Object
  • Object
show all
Includes:
JWA::SigningAlgorithm
Defined in:
lib/jwt/pq/algorithms/ml_dsa.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

JWT signing algorithm implementation for ML-DSA (FIPS 204). Registers ML-DSA-44, ML-DSA-65, and ML-DSA-87 with the ruby-jwt library. Users interact with these algorithms via JWT.encode/JWT.decode by name; they never instantiate this class directly.

Instance Method Summary collapse

Constructor Details

#initialize(alg) ⇒ MlDsa

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of MlDsa.



21
22
23
 
# File 'lib/jwt/pq/algorithms/ml_dsa.rb', line 21

def initialize(alg)
  @alg = alg
end

Instance Method Details

#sign(data:, signing_key:) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



25
26
27
28
 
# File 'lib/jwt/pq/algorithms/ml_dsa.rb', line 25

def sign(data:, signing_key:)
  key = resolve_signing_key(signing_key)
  key.sign(data)
end

#verify(data:, signature:, verification_key:) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



30
31
32
33
34
35
36
37
38
39
40
41
42
 
# File 'lib/jwt/pq/algorithms/ml_dsa.rb', line 30

def verify(data:, signature:, verification_key:)
  unless verification_key.is_a?(JWT::PQ::Key)
    raise_verify_error!(
      "Expected a JWT::PQ::Key, got #{verification_key.class}. " \
      "Use JWT::PQ::Key.generate(:#{alg_symbol}) to create a key."
    )
  end
  verification_key.verify(data, signature)
# :nocov: — defensive rescue; Key#verify returns bool, does not raise PQ::Error in practice
rescue JWT::PQ::Error
  false
  # :nocov:
end