Module: PQCrypto

Defined in:
lib/pq_crypto.rb,
lib/pq_crypto/kem.rb,
lib/pq_crypto/key.rb,
lib/pq_crypto/spki.rb,
lib/pq_crypto/pkcs8.rb,
lib/pq_crypto/errors.rb,
lib/pq_crypto/version.rb,
lib/pq_crypto/internal.rb,
lib/pq_crypto/pkcs8/der.rb,
lib/pq_crypto/signature.rb,
lib/pq_crypto/hybrid_kem.rb,
lib/pq_crypto/serialization.rb,
lib/pq_crypto/algorithm_registry.rb,
lib/pq_crypto/pkcs8/private_key_choice.rb,
ext/pqcrypto/pqcrypto_ruby_secure.c

Defined Under Namespace

Modules: AlgorithmRegistry, HybridKEM, Internal, KEM, Key, NativeBindings, PKCS8, SPKI, Serialization, Signature, Testing Classes: Error, InvalidCiphertextError, InvalidKeyError, SerializationError, UnsupportedAlgorithmError, VerificationError

Constant Summary collapse

SUITES = 
{
  kem: AlgorithmRegistry.supported_kems,
  hybrid_kem: AlgorithmRegistry.supported_hybrid_kems,
  signature: AlgorithmRegistry.supported_signatures,
}.freeze
NATIVE_EXTENSION_LOADED = 
true
VERSION = 
"0.6.1"
ML_KEM_512_PUBLIC_KEY_BYTES = 
INT2NUM(MLKEM512_PUBLICKEYBYTES)
ML_KEM_512_SECRET_KEY_BYTES = 
INT2NUM(MLKEM512_SECRETKEYBYTES)
ML_KEM_512_CIPHERTEXT_BYTES = 
INT2NUM(MLKEM512_CIPHERTEXTBYTES)
ML_KEM_512_SHARED_SECRET_BYTES = 
INT2NUM(MLKEM512_SHAREDSECRETBYTES)
ML_KEM_PUBLIC_KEY_BYTES = 
INT2NUM(PQ_MLKEM_PUBLICKEYBYTES)
ML_KEM_SECRET_KEY_BYTES = 
INT2NUM(PQ_MLKEM_SECRETKEYBYTES)
ML_KEM_CIPHERTEXT_BYTES = 
INT2NUM(PQ_MLKEM_CIPHERTEXTBYTES)
ML_KEM_SHARED_SECRET_BYTES = 
INT2NUM(PQ_MLKEM_SHAREDSECRETBYTES)
ML_KEM_1024_PUBLIC_KEY_BYTES = 
INT2NUM(MLKEM1024_PUBLICKEYBYTES)
ML_KEM_1024_SECRET_KEY_BYTES = 
INT2NUM(MLKEM1024_SECRETKEYBYTES)
ML_KEM_1024_CIPHERTEXT_BYTES = 
INT2NUM(MLKEM1024_CIPHERTEXTBYTES)
ML_KEM_1024_SHARED_SECRET_BYTES = 
INT2NUM(MLKEM1024_SHAREDSECRETBYTES)
HYBRID_KEM_PUBLIC_KEY_BYTES = 
INT2NUM(PQ_HYBRID_PUBLICKEYBYTES)
HYBRID_KEM_SECRET_KEY_BYTES = 
INT2NUM(PQ_HYBRID_SECRETKEYBYTES)
HYBRID_KEM_CIPHERTEXT_BYTES = 
INT2NUM(PQ_HYBRID_CIPHERTEXTBYTES)
HYBRID_KEM_SHARED_SECRET_BYTES = 
INT2NUM(PQ_HYBRID_SHAREDSECRETBYTES)
SIGN_44_PUBLIC_KEY_BYTES = 
INT2NUM(MLDSA44_PUBLICKEYBYTES)
SIGN_44_SECRET_KEY_BYTES = 
INT2NUM(MLDSA44_SECRETKEYBYTES)
SIGN_44_BYTES = 
INT2NUM(MLDSA44_BYTES)
SIGN_PUBLIC_KEY_BYTES = 
INT2NUM(PQ_MLDSA_PUBLICKEYBYTES)
SIGN_SECRET_KEY_BYTES = 
INT2NUM(PQ_MLDSA_SECRETKEYBYTES)
SIGN_BYTES = 
INT2NUM(PQ_MLDSA_BYTES)
SIGN_87_PUBLIC_KEY_BYTES = 
INT2NUM(MLDSA87_PUBLICKEYBYTES)
SIGN_87_SECRET_KEY_BYTES = 
INT2NUM(MLDSA87_SECRETKEYBYTES)
SIGN_87_BYTES = 
INT2NUM(MLDSA87_BYTES)

Class Method Summary collapse

Class Method Details

.__test_ml_dsa_44_keypair_from_seed(seed) ⇒ Object 



1164
1165
1166
1167
1168
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1164

static VALUE pqcrypto__test_ml_dsa_44_keypair_from_seed(VALUE self, VALUE seed) {
    (void)self;
    return pq_run_test_sign_keypair_from_seed(pq_testing_mldsa_44_keypair_nogvl, seed,
                                              MLDSA44_PUBLICKEYBYTES, MLDSA44_SECRETKEYBYTES);
}

.__test_ml_dsa_44_sign_from_seed(message, secret_key, seed) ⇒ Object 



1227
1228
1229
1230
1231
1232
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1227

static VALUE pqcrypto__test_ml_dsa_44_sign_from_seed(VALUE self, VALUE message, VALUE secret_key,
                                                     VALUE seed) {
    (void)self;
    return pq_run_test_sign_from_seed(pq_testing_mldsa_44_sign_nogvl, message, secret_key, seed,
                                      MLDSA44_SECRETKEYBYTES, MLDSA44_BYTES);
}

.__test_ml_dsa_87_keypair_from_seed(seed) ⇒ Object 



1170
1171
1172
1173
1174
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1170

static VALUE pqcrypto__test_ml_dsa_87_keypair_from_seed(VALUE self, VALUE seed) {
    (void)self;
    return pq_run_test_sign_keypair_from_seed(pq_testing_mldsa_87_keypair_nogvl, seed,
                                              MLDSA87_PUBLICKEYBYTES, MLDSA87_SECRETKEYBYTES);
}

.__test_ml_dsa_87_sign_from_seed(message, secret_key, seed) ⇒ Object 



1234
1235
1236
1237
1238
1239
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1234

static VALUE pqcrypto__test_ml_dsa_87_sign_from_seed(VALUE self, VALUE message, VALUE secret_key,
                                                     VALUE seed) {
    (void)self;
    return pq_run_test_sign_from_seed(pq_testing_mldsa_87_sign_nogvl, message, secret_key, seed,
                                      MLDSA87_SECRETKEYBYTES, MLDSA87_BYTES);
}

.__test_ml_kem_1024_encapsulate_from_seed(public_key, seed) ⇒ Object 



1054
1055
1056
1057
1058
1059
1060
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1054

static VALUE pqcrypto__test_ml_kem_1024_encapsulate_from_seed(VALUE self, VALUE public_key,
                                                              VALUE seed) {
    (void)self;
    return pq_run_test_kem_encapsulate_from_seed(
        pq_testing_ml_kem_1024_encapsulate_nogvl, public_key, seed, MLKEM1024_PUBLICKEYBYTES,
        MLKEM1024_CIPHERTEXTBYTES, MLKEM1024_SHAREDSECRETBYTES);
}

.__test_ml_kem_512_encapsulate_from_seed(public_key, seed) ⇒ Object 



1046
1047
1048
1049
1050
1051
1052
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1046

static VALUE pqcrypto__test_ml_kem_512_encapsulate_from_seed(VALUE self, VALUE public_key,
                                                             VALUE seed) {
    (void)self;
    return pq_run_test_kem_encapsulate_from_seed(
        pq_testing_ml_kem_512_encapsulate_nogvl, public_key, seed, MLKEM512_PUBLICKEYBYTES,
        MLKEM512_CIPHERTEXTBYTES, MLKEM512_SHAREDSECRETBYTES);
}

.__test_ml_kem_encapsulate_from_seed(public_key, seed) ⇒ Object 



970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 970

static VALUE pqcrypto__test_ml_kem_encapsulate_from_seed(VALUE self, VALUE public_key, VALUE seed) {
    (void)self;
    pq_validate_bytes_argument(public_key, PQ_MLKEM_PUBLICKEYBYTES, "public key");
    StringValue(seed);

    if ((size_t)RSTRING_LEN(seed) != 32) {
        rb_raise(rb_eArgError, "Deterministic test seed must be 32 bytes");
    }

    kem_encapsulate_call_t call = {0};
    size_t public_key_len = 0;
    size_t seed_len = 0;
    call.public_key = pq_copy_ruby_string(public_key, &public_key_len);
    call.ciphertext = pq_alloc_buffer(PQ_MLKEM_CIPHERTEXTBYTES);
    call.shared_secret = pq_alloc_buffer(PQ_MLKEM_SHAREDSECRETBYTES);
    call.seed = pq_copy_ruby_string(seed, &seed_len);
    call.seed_len = seed_len;

    rb_thread_call_without_gvl(pq_testing_ml_kem_encapsulate_nogvl, &call, NULL, NULL);
    pq_wipe_and_free((uint8_t *)call.public_key, public_key_len);
    pq_wipe_and_free((uint8_t *)call.seed, call.seed_len);

    if (call.result != PQ_SUCCESS) {
        pq_wipe_and_free(call.shared_secret, PQ_MLKEM_SHAREDSECRETBYTES);
        free(call.ciphertext);
        pq_raise_general_error(call.result);
    }

    VALUE result = rb_ary_new2(2);
    rb_ary_push(result, pq_string_from_buffer(call.ciphertext, PQ_MLKEM_CIPHERTEXTBYTES));
    rb_ary_push(result, pq_string_from_buffer(call.shared_secret, PQ_MLKEM_SHAREDSECRETBYTES));

    free(call.ciphertext);
    pq_wipe_and_free(call.shared_secret, PQ_MLKEM_SHAREDSECRETBYTES);
    return result;
}

.__test_ml_kem_keypair_from_seed(seed) ⇒ Object 



937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 937

static VALUE pqcrypto__test_ml_kem_keypair_from_seed(VALUE self, VALUE seed) {
    (void)self;
    StringValue(seed);

    if ((size_t)RSTRING_LEN(seed) != 64) {
        rb_raise(rb_eArgError, "Deterministic ML-KEM test seed must be 64 bytes (FIPS 203 d||z)");
    }

    kem_keypair_call_t call = {0};
    size_t seed_len = 0;
    call.public_key = pq_alloc_buffer(PQ_MLKEM_PUBLICKEYBYTES);
    call.secret_key = pq_alloc_buffer(PQ_MLKEM_SECRETKEYBYTES);
    call.seed = pq_copy_ruby_string(seed, &seed_len);
    call.seed_len = seed_len;

    rb_thread_call_without_gvl(pq_testing_ml_kem_keypair_nogvl, &call, NULL, NULL);
    pq_wipe_and_free((uint8_t *)call.seed, call.seed_len);

    if (call.result != PQ_SUCCESS) {
        pq_wipe_and_free(call.secret_key, PQ_MLKEM_SECRETKEYBYTES);
        free(call.public_key);
        pq_raise_general_error(call.result);
    }

    VALUE result = rb_ary_new2(2);
    rb_ary_push(result, pq_string_from_buffer(call.public_key, PQ_MLKEM_PUBLICKEYBYTES));
    rb_ary_push(result, pq_string_from_buffer(call.secret_key, PQ_MLKEM_SECRETKEYBYTES));

    free(call.public_key);
    pq_wipe_and_free(call.secret_key, PQ_MLKEM_SECRETKEYBYTES);
    return result;
}

.__test_sign_from_seed(message, secret_key, seed) ⇒ Object 



1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1095

static VALUE pqcrypto__test_sign_from_seed(VALUE self, VALUE message, VALUE secret_key,
                                           VALUE seed) {
    (void)self;
    pq_validate_bytes_argument(secret_key, PQ_MLDSA_SECRETKEYBYTES, "secret key");
    StringValue(seed);

    if ((size_t)RSTRING_LEN(seed) != 32) {
        rb_raise(rb_eArgError, "Deterministic test seed must be 32 bytes");
    }

    sign_call_t call = {0};
    size_t secret_key_len = 0;
    size_t seed_len = 0;
    call.secret_key = pq_copy_ruby_string(secret_key, &secret_key_len);
    call.signature_len = PQ_MLDSA_BYTES;
    call.signature = pq_alloc_buffer(PQ_MLDSA_BYTES);
    call.message = pq_copy_ruby_string(message, &call.message_len);
    call.seed = pq_copy_ruby_string(seed, &seed_len);
    call.seed_len = seed_len;

    rb_thread_call_without_gvl(pq_testing_sign_nogvl, &call, NULL, NULL);

    pq_free_buffer(call.message);
    pq_wipe_and_free((uint8_t *)call.secret_key, secret_key_len);
    pq_wipe_and_free((uint8_t *)call.seed, call.seed_len);

    if (call.result != PQ_SUCCESS) {
        pq_free_buffer(call.signature);
        pq_raise_general_error(call.result);
    }

    VALUE result = pq_string_from_buffer(call.signature, call.signature_len);
    pq_free_buffer(call.signature);
    return result;
}

.__test_sign_keypair_from_seed(seed) ⇒ Object 



1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1062

static VALUE pqcrypto__test_sign_keypair_from_seed(VALUE self, VALUE seed) {
    (void)self;
    StringValue(seed);

    if ((size_t)RSTRING_LEN(seed) != 32) {
        rb_raise(rb_eArgError, "Deterministic test seed must be 32 bytes");
    }

    sign_keypair_call_t call = {0};
    size_t seed_len = 0;
    call.public_key = pq_alloc_buffer(PQ_MLDSA_PUBLICKEYBYTES);
    call.secret_key = pq_alloc_buffer(PQ_MLDSA_SECRETKEYBYTES);
    call.seed = pq_copy_ruby_string(seed, &seed_len);
    call.seed_len = seed_len;

    rb_thread_call_without_gvl(pq_testing_sign_keypair_nogvl, &call, NULL, NULL);
    pq_wipe_and_free((uint8_t *)call.seed, call.seed_len);

    if (call.result != PQ_SUCCESS) {
        pq_wipe_and_free(call.secret_key, PQ_MLDSA_SECRETKEYBYTES);
        free(call.public_key);
        pq_raise_general_error(call.result);
    }

    VALUE result = rb_ary_new2(2);
    rb_ary_push(result, pq_string_from_buffer(call.public_key, PQ_MLDSA_PUBLICKEYBYTES));
    rb_ary_push(result, pq_string_from_buffer(call.secret_key, PQ_MLDSA_SECRETKEYBYTES));

    free(call.public_key);
    pq_wipe_and_free(call.secret_key, PQ_MLDSA_SECRETKEYBYTES);
    return result;
}

._native_mldsa_compute_tr(*args) ⇒ Object 



1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1496

static VALUE pqcrypto__native_mldsa_compute_tr(int argc, VALUE *argv, VALUE self) {
    (void)self;
    VALUE algorithm = ID2SYM(rb_intern("ml_dsa_65"));
    VALUE public_key;
    if (argc == 1) {
        public_key = argv[0];
    } else if (argc == 2) {
        algorithm = argv[0];
        public_key = argv[1];
    } else {
        rb_raise(rb_eArgError, "wrong number of arguments (given %d, expected 1..2)", argc);
    }

    const pq_mldsa_profile_t *profile = pq_mldsa_profile_from_value(algorithm);
    pq_validate_bytes_argument(public_key, profile->public_key_len, "public key");

    uint8_t tr[PQ_MLDSA_TRBYTES];
    int rc = pq_mldsa_compute_tr_from_public_key(tr, (const uint8_t *)RSTRING_PTR(public_key),
                                                 profile->public_key_len);
    if (rc != PQ_SUCCESS) {
        pq_raise_general_error(rc);
    }
    return pq_string_from_buffer(tr, sizeof(tr));
}

._native_mldsa_extract_tr(*args) ⇒ Object 



1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1468

static VALUE pqcrypto__native_mldsa_extract_tr(int argc, VALUE *argv, VALUE self) {
    (void)self;
    VALUE algorithm = ID2SYM(rb_intern("ml_dsa_65"));
    VALUE secret_key;
    if (argc == 1) {
        secret_key = argv[0];
    } else if (argc == 2) {
        algorithm = argv[0];
        secret_key = argv[1];
    } else {
        rb_raise(rb_eArgError, "wrong number of arguments (given %d, expected 1..2)", argc);
    }

    const pq_mldsa_profile_t *profile = pq_mldsa_profile_from_value(algorithm);
    pq_validate_bytes_argument(secret_key, profile->secret_key_len, "secret key");

    uint8_t tr[PQ_MLDSA_TRBYTES];
    int rc = pq_mldsa_extract_tr_from_secret_key(tr, (const uint8_t *)RSTRING_PTR(secret_key),
                                                 profile->public_key_len, profile->pk_from_sk);
    if (rc != PQ_SUCCESS) {
        pq_secure_wipe(tr, sizeof(tr));
        pq_raise_general_error(rc);
    }
    VALUE result = pq_string_from_buffer(tr, sizeof(tr));
    pq_secure_wipe(tr, sizeof(tr));
    return result;
}

._native_mldsa_mu_builder_finalize(builder_obj) ⇒ Object 



1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1598

static VALUE pqcrypto__native_mldsa_mu_builder_finalize(VALUE self, VALUE builder_obj) {
    (void)self;
    mu_builder_wrapper_t *wrapper = mu_builder_unwrap(builder_obj);

    uint8_t mu[PQ_MLDSA_MUBYTES];

    mu_finalize_call_t call = {0};
    call.builder = wrapper->builder;
    call.mu_out = mu;

    rb_nogvl(pq_mu_finalize_nogvl, &call, NULL, NULL, PQ_RB_NOGVL_OFFLOAD_SAFE);

    wrapper->builder = NULL;

    if (call.result != PQ_SUCCESS) {
        pq_secure_wipe(mu, sizeof(mu));
        pq_raise_general_error(call.result);
    }

    VALUE result = pq_string_from_buffer(mu, sizeof(mu));
    pq_secure_wipe(mu, sizeof(mu));
    return result;
}

._native_mldsa_mu_builder_new(tr, ctx) ⇒ Object 



1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1521

static VALUE pqcrypto__native_mldsa_mu_builder_new(VALUE self, VALUE tr, VALUE ctx) {
    (void)self;
    pq_validate_bytes_argument(tr, PQ_MLDSA_TRBYTES, "tr");
    StringValue(ctx);

    size_t ctxlen = (size_t)RSTRING_LEN(ctx);
    if (ctxlen > 255) {
        rb_raise(rb_eArgError, "ML-DSA context length must be <= 255 bytes");
    }

    void *builder = pq_mu_builder_new();
    if (builder == NULL) {
        rb_raise(rb_eNoMemError, "Memory allocation failed (mu builder)");
    }

    int rc = pq_mu_builder_init(builder, (const uint8_t *)RSTRING_PTR(tr),
                                (const uint8_t *)RSTRING_PTR(ctx), ctxlen);
    if (rc != PQ_SUCCESS) {
        pq_mu_builder_release(builder);
        pq_raise_general_error(rc);
    }

    mu_builder_wrapper_t *wrapper;
    VALUE obj =
        TypedData_Make_Struct(rb_cObject, mu_builder_wrapper_t, &mu_builder_data_type, wrapper);
    wrapper->builder = builder;
    return obj;
}

._native_mldsa_mu_builder_release(builder_obj) ⇒ Object 



1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1622

static VALUE pqcrypto__native_mldsa_mu_builder_release(VALUE self, VALUE builder_obj) {
    (void)self;
    mu_builder_wrapper_t *wrapper;
    TypedData_Get_Struct(builder_obj, mu_builder_wrapper_t, &mu_builder_data_type, wrapper);
    if (wrapper != NULL && wrapper->builder != NULL) {
        pq_mu_builder_release(wrapper->builder);
        wrapper->builder = NULL;
    }
    return Qnil;
}

._native_mldsa_mu_builder_update(builder_obj, chunk) ⇒ Object 



1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1556

static VALUE pqcrypto__native_mldsa_mu_builder_update(VALUE self, VALUE builder_obj, VALUE chunk) {
    (void)self;
    mu_builder_wrapper_t *wrapper = mu_builder_unwrap(builder_obj);
    StringValue(chunk);

    size_t chunk_len = (size_t)RSTRING_LEN(chunk);
    if (chunk_len == 0) {
        return Qnil;
    }

    if (chunk_len < PQ_MU_ABSORB_NOGVL_MIN_BYTES) {
        int rc =
            pq_mu_builder_absorb(wrapper->builder, (const uint8_t *)RSTRING_PTR(chunk), chunk_len);
        if (rc != PQ_SUCCESS) {
            pq_raise_general_error(rc);
        }
        return Qnil;
    }

    uint8_t *copy = pq_alloc_buffer(chunk_len);
    memcpy(copy, RSTRING_PTR(chunk), chunk_len);

    mu_absorb_call_t call = {0};
    call.builder = wrapper->builder;
    call.chunk = copy;
    call.chunk_len = chunk_len;

    rb_nogvl(pq_mu_absorb_nogvl, &call, NULL, NULL, PQ_RB_NOGVL_OFFLOAD_SAFE);
    free(copy);

    if (call.result != PQ_SUCCESS) {
        pq_raise_general_error(call.result);
    }
    return Qnil;
}

._native_mldsa_sign_mu(*args) ⇒ Object 



1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1640

static VALUE pqcrypto__native_mldsa_sign_mu(int argc, VALUE *argv, VALUE self) {
    (void)self;
    VALUE algorithm = ID2SYM(rb_intern("ml_dsa_65"));
    VALUE mu, secret_key;
    if (argc == 2) {
        mu = argv[0];
        secret_key = argv[1];
    } else if (argc == 3) {
        algorithm = argv[0];
        mu = argv[1];
        secret_key = argv[2];
    } else {
        rb_raise(rb_eArgError, "wrong number of arguments (given %d, expected 2..3)", argc);
    }

    const pq_mldsa_profile_t *profile = pq_mldsa_profile_from_value(algorithm);
    pq_validate_bytes_argument(mu, PQ_MLDSA_MUBYTES, "mu");
    pq_validate_bytes_argument(secret_key, profile->secret_key_len, "secret key");

    sign_mu_call_t call = {0};
    size_t secret_key_len = 0;
    size_t mu_len = 0;
    uint8_t *mu_copy = pq_copy_ruby_string(mu, &mu_len);
    uint8_t *sk_copy = pq_copy_ruby_string(secret_key, &secret_key_len);

    call.mu = mu_copy;
    call.secret_key = sk_copy;
    call.signature_extmu = profile->signature_extmu;
    call.signature_len = profile->signature_len;
    call.signature = pq_alloc_buffer(profile->signature_len);

    rb_nogvl(pq_sign_mu_nogvl, &call, NULL, NULL, PQ_RB_NOGVL_OFFLOAD_SAFE);

    pq_wipe_and_free(mu_copy, mu_len);
    pq_wipe_and_free(sk_copy, secret_key_len);

    if (call.result != PQ_SUCCESS) {
        pq_free_buffer(call.signature);
        pq_raise_general_error(call.result);
    }

    VALUE result = pq_string_from_buffer(call.signature, call.signature_len);
    pq_free_buffer(call.signature);
    return result;
}

._native_mldsa_verify_mu(*args) ⇒ Object 



1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1693

static VALUE pqcrypto__native_mldsa_verify_mu(int argc, VALUE *argv, VALUE self) {
    (void)self;
    VALUE algorithm = ID2SYM(rb_intern("ml_dsa_65"));
    VALUE mu, signature, public_key;
    if (argc == 3) {
        mu = argv[0];
        signature = argv[1];
        public_key = argv[2];
    } else if (argc == 4) {
        algorithm = argv[0];
        mu = argv[1];
        signature = argv[2];
        public_key = argv[3];
    } else {
        rb_raise(rb_eArgError, "wrong number of arguments (given %d, expected 3..4)", argc);
    }

    const pq_mldsa_profile_t *profile = pq_mldsa_profile_from_value(algorithm);
    StringValue(signature);
    pq_validate_bytes_argument(mu, PQ_MLDSA_MUBYTES, "mu");
    pq_validate_bytes_argument(public_key, profile->public_key_len, "public key");

    verify_mu_call_t call = {0};
    size_t public_key_len = 0;
    size_t signature_len = 0;
    size_t mu_len = 0;
    uint8_t *mu_copy = pq_copy_ruby_string(mu, &mu_len);
    uint8_t *pk_copy = pq_copy_ruby_string(public_key, &public_key_len);
    uint8_t *sig_copy = pq_copy_ruby_string(signature, &signature_len);

    call.mu = mu_copy;
    call.public_key = pk_copy;
    call.signature = sig_copy;
    call.signature_len = signature_len;
    call.expected_signature_len = profile->signature_len;
    call.verify_extmu = profile->verify_extmu;

    rb_nogvl(pq_verify_mu_nogvl, &call, NULL, NULL, PQ_RB_NOGVL_OFFLOAD_SAFE);
    pq_wipe_and_free(mu_copy, mu_len);
    pq_free_buffer(pk_copy);
    pq_free_buffer(sig_copy);

    if (call.result == PQ_SUCCESS) {
        return Qtrue;
    }
    if (call.result == PQ_ERROR_VERIFY) {
        return Qfalse;
    }
    pq_raise_general_error(call.result);
}

.backendObject 



147
148
149
 
# File 'lib/pq_crypto.rb', line 147

def backend
  :native_pq_code_package
end

.ct_equalsObject

.hybrid_kem_decapsulate(ciphertext, secret_key) ⇒ Object 



887
888
889
890
891
892
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 887

static VALUE pqcrypto_hybrid_kem_decapsulate(VALUE self, VALUE ciphertext, VALUE secret_key) {
    (void)self;
    return pq_run_kem_decapsulate(pq_hybrid_kem_decapsulate_nogvl, ciphertext,
                                  PQ_HYBRID_CIPHERTEXTBYTES, secret_key, PQ_HYBRID_SECRETKEYBYTES,
                                  PQ_HYBRID_SHAREDSECRETBYTES);
}

.hybrid_kem_decapsulate_expanded(ciphertext, expanded_secret_key) ⇒ Object 



894
895
896
897
898
899
900
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 894

static VALUE pqcrypto_hybrid_kem_decapsulate_expanded(VALUE self, VALUE ciphertext,
                                                      VALUE expanded_secret_key) {
    (void)self;
    return pq_run_kem_decapsulate(pq_hybrid_kem_decapsulate_expanded_nogvl, ciphertext,
                                  PQ_HYBRID_CIPHERTEXTBYTES, expanded_secret_key,
                                  PQ_HYBRID_EXPANDED_SECRETKEYBYTES, PQ_HYBRID_SHAREDSECRETBYTES);
}

.hybrid_kem_decapsulate_expanded_object(ciphertext, expanded_secret_key_obj) ⇒ Object 



902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 902

static VALUE pqcrypto_hybrid_kem_decapsulate_expanded_object(VALUE self, VALUE ciphertext,
                                                             VALUE expanded_secret_key_obj) {
    (void)self;
    hybrid_expanded_key_wrapper_t *wrapper = hybrid_expanded_key_unwrap(expanded_secret_key_obj);
    hybrid_decapsulate_expanded_pkey_call_t call = {0};
    VALUE result;
    size_t copied_ciphertext_len = 0;

    pq_validate_bytes_argument(ciphertext, PQ_HYBRID_CIPHERTEXTBYTES, "ciphertext");

    call.ciphertext = pq_copy_ruby_string(ciphertext, &copied_ciphertext_len);
    call.expanded_secret_key = wrapper->expanded_secret_key;
    call.shared_secret = pq_alloc_buffer(PQ_HYBRID_SHAREDSECRETBYTES);

    if (EVP_PKEY_up_ref(wrapper->x25519_private_pkey) != 1) {
        pq_wipe_and_free((uint8_t *)call.ciphertext, copied_ciphertext_len);
        pq_wipe_and_free(call.shared_secret, PQ_HYBRID_SHAREDSECRETBYTES);
        pq_raise_general_error(PQ_ERROR_OPENSSL);
    }
    call.x25519_private_pkey = wrapper->x25519_private_pkey;

    rb_thread_call_without_gvl(pq_hybrid_kem_decapsulate_expanded_pkey_nogvl, &call, NULL, NULL);
    EVP_PKEY_free((EVP_PKEY *)call.x25519_private_pkey);
    pq_wipe_and_free((uint8_t *)call.ciphertext, copied_ciphertext_len);

    if (call.result != PQ_SUCCESS) {
        pq_wipe_and_free(call.shared_secret, PQ_HYBRID_SHAREDSECRETBYTES);
        pq_raise_general_error(call.result);
    }

    result = pq_string_from_buffer(call.shared_secret, PQ_HYBRID_SHAREDSECRETBYTES);
    pq_wipe_and_free(call.shared_secret, PQ_HYBRID_SHAREDSECRETBYTES);
    return result;
}

.hybrid_kem_encapsulate(public_key) ⇒ Object 



800
801
802
803
804
805
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 800

static VALUE pqcrypto_hybrid_kem_encapsulate(VALUE self, VALUE public_key) {
    (void)self;
    return pq_run_kem_encapsulate(pq_hybrid_kem_encapsulate_nogvl, public_key,
                                  PQ_HYBRID_PUBLICKEYBYTES, PQ_HYBRID_CIPHERTEXTBYTES,
                                  PQ_HYBRID_SHAREDSECRETBYTES);
}

.hybrid_kem_expand_secret_key(secret_key) ⇒ Object 



807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 807

static VALUE pqcrypto_hybrid_kem_expand_secret_key(VALUE self, VALUE secret_key) {
    (void)self;
    hybrid_expand_call_t call = {0};
    VALUE result;
    size_t copied_secret_key_len = 0;

    pq_validate_bytes_argument(secret_key, PQ_HYBRID_SECRETKEYBYTES, "hybrid secret key");

    call.secret_key = pq_copy_ruby_string(secret_key, &copied_secret_key_len);
    call.expanded_secret_key = pq_alloc_buffer(PQ_HYBRID_EXPANDED_SECRETKEYBYTES);

    rb_thread_call_without_gvl(pq_hybrid_kem_expand_secret_key_nogvl, &call, NULL, NULL);
    pq_wipe_and_free((uint8_t *)call.secret_key, copied_secret_key_len);

    if (call.result != PQ_SUCCESS) {
        pq_wipe_and_free(call.expanded_secret_key, PQ_HYBRID_EXPANDED_SECRETKEYBYTES);
        pq_raise_general_error(call.result);
    }

    result = pq_string_from_buffer(call.expanded_secret_key, PQ_HYBRID_EXPANDED_SECRETKEYBYTES);
    pq_wipe_and_free(call.expanded_secret_key, PQ_HYBRID_EXPANDED_SECRETKEYBYTES);
    return result;
}

.hybrid_kem_expand_secret_key_object(secret_key) ⇒ Object 



831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 831

static VALUE pqcrypto_hybrid_kem_expand_secret_key_object(VALUE self, VALUE secret_key) {
    (void)self;
    hybrid_expand_call_t call = {0};
    size_t copied_secret_key_len = 0;

    pq_validate_bytes_argument(secret_key, PQ_HYBRID_SECRETKEYBYTES, "hybrid secret key");

    hybrid_expanded_key_wrapper_t *wrapper;
    VALUE obj = TypedData_Make_Struct(rb_cObject, hybrid_expanded_key_wrapper_t,
                                      &hybrid_expanded_key_data_type, wrapper);
    memset(wrapper->expanded_secret_key, 0, sizeof(wrapper->expanded_secret_key));
    wrapper->x25519_private_pkey = NULL;

    call.secret_key = pq_copy_ruby_string(secret_key, &copied_secret_key_len);
    call.expanded_secret_key = wrapper->expanded_secret_key;

    rb_thread_call_without_gvl(pq_hybrid_kem_expand_secret_key_nogvl, &call, NULL, NULL);
    pq_wipe_and_free((uint8_t *)call.secret_key, copied_secret_key_len);

    if (call.result != PQ_SUCCESS) {
        pq_secure_wipe(wrapper->expanded_secret_key, sizeof(wrapper->expanded_secret_key));
        pq_raise_general_error(call.result);
    }

    const hybrid_expanded_secret_key_t *expanded =
        (const hybrid_expanded_secret_key_t *)wrapper->expanded_secret_key;
    wrapper->x25519_private_pkey = EVP_PKEY_new_raw_private_key(
        EVP_PKEY_X25519, NULL, expanded->x25519_sk, X25519_SECRETKEYBYTES);
    if (!wrapper->x25519_private_pkey) {
        pq_secure_wipe(wrapper->expanded_secret_key, sizeof(wrapper->expanded_secret_key));
        pq_raise_general_error(PQ_ERROR_OPENSSL);
    }

    return obj;
}

.hybrid_kem_expanded_secret_key_wipe(expanded_secret_key_obj) ⇒ Object 



867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 867

static VALUE pqcrypto_hybrid_kem_expanded_secret_key_wipe(VALUE self,
                                                          VALUE expanded_secret_key_obj) {
    (void)self;
    hybrid_expanded_key_wrapper_t *wrapper;

    TypedData_Get_Struct(expanded_secret_key_obj, hybrid_expanded_key_wrapper_t,
                         &hybrid_expanded_key_data_type, wrapper);
    if (!wrapper) {
        return Qnil;
    }

    pq_secure_wipe(wrapper->expanded_secret_key, sizeof(wrapper->expanded_secret_key));
    if (wrapper->x25519_private_pkey) {
        EVP_PKEY_free(wrapper->x25519_private_pkey);
        wrapper->x25519_private_pkey = NULL;
    }

    return Qnil;
}

.hybrid_kem_keypairObject

.ml_dsa_44_keypairObject

.ml_dsa_44_keypair_from_seedObject

.ml_dsa_44_signObject

.ml_dsa_44_verifyObject

.ml_dsa_87_keypairObject

.ml_dsa_87_keypair_from_seedObject

.ml_dsa_87_signObject

.ml_dsa_87_verifyObject

.ml_dsa_keypair_from_seedObject

.ml_kem_1024_decapsulateObject

.ml_kem_1024_encapsulateObject

.ml_kem_1024_keypairObject

.ml_kem_1024_keypair_from_seedObject

.ml_kem_512_decapsulateObject

.ml_kem_512_encapsulateObject

.ml_kem_512_keypairObject

.ml_kem_512_keypair_from_seedObject

.ml_kem_decapsulateObject

.ml_kem_encapsulateObject

.ml_kem_keypairObject

.ml_kem_keypair_from_seedObject

.native_extension_loaded?Boolean

Returns:

  • (Boolean) 


151
152
153
 
# File 'lib/pq_crypto.rb', line 151

def native_extension_loaded?
  true
end

.pkcs8_decrypt_der(der, passphrase) ⇒ Object 



1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1808

static VALUE pqcrypto_pkcs8_decrypt_der(VALUE self, VALUE der, VALUE passphrase) {
    (void)self;
    uint8_t *out = NULL;
    size_t out_len = 0;
    VALUE result;
    int ret;

    StringValue(der);
    StringValue(passphrase);
    ret = pq_pkcs8_decrypt_private_key_info_der(&out, &out_len, (const uint8_t *)RSTRING_PTR(der),
                                                (size_t)RSTRING_LEN(der), RSTRING_PTR(passphrase),
                                                (size_t)RSTRING_LEN(passphrase));
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);
    result = pq_string_from_buffer(out, out_len);
    pq_wipe_and_free(out, out_len);
    return result;
}

.pkcs8_der_to_pem(der, encrypted_value) ⇒ Object 



1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1836

static VALUE pqcrypto_pkcs8_der_to_pem(VALUE self, VALUE der, VALUE encrypted_value) {
    (void)self;
    char *pem = NULL;
    size_t pem_len = 0;
    VALUE result;
    int ret;

    StringValue(der);
    ret = pq_pkcs8_der_to_pem(&pem, &pem_len, (const uint8_t *)RSTRING_PTR(der),
                              (size_t)RSTRING_LEN(der), RTEST(encrypted_value) ? 1 : 0);
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);
    result = rb_str_new(pem, (long)pem_len);
    pq_secure_wipe(pem, pem_len);
    free(pem);
    return result;
}

.pkcs8_encrypt_der(der, passphrase, iterations_value) ⇒ Object 



1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1786

static VALUE pqcrypto_pkcs8_encrypt_der(VALUE self, VALUE der, VALUE passphrase,
                                        VALUE iterations_value) {
    (void)self;
    uint8_t *out = NULL;
    size_t out_len = 0;
    int iterations;
    VALUE result;
    int ret;

    StringValue(der);
    StringValue(passphrase);
    iterations = NUM2INT(iterations_value);
    ret = pq_pkcs8_encrypt_private_key_info_der(&out, &out_len, (const uint8_t *)RSTRING_PTR(der),
                                                (size_t)RSTRING_LEN(der), RSTRING_PTR(passphrase),
                                                (size_t)RSTRING_LEN(passphrase), iterations);
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);
    result = pq_string_from_buffer(out, out_len);
    pq_wipe_and_free(out, out_len);
    return result;
}

.pkcs8_encrypted_der?(der) ⇒ Boolean

Returns:

  • (Boolean) 


1827
1828
1829
1830
1831
1832
1833
1834
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1827

static VALUE pqcrypto_pkcs8_encrypted_der_p(VALUE self, VALUE der) {
    (void)self;
    StringValue(der);
    return pq_pkcs8_der_is_encrypted_private_key_info((const uint8_t *)RSTRING_PTR(der),
                                                      (size_t)RSTRING_LEN(der))
               ? Qtrue
               : Qfalse;
}

.pkcs8_pem_to_der(pem) ⇒ Object 



1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1854

static VALUE pqcrypto_pkcs8_pem_to_der(VALUE self, VALUE pem) {
    (void)self;
    uint8_t *der = NULL;
    size_t der_len = 0;
    int encrypted = 0;
    VALUE result;
    int ret;

    StringValue(pem);
    ret =
        pq_pkcs8_pem_to_der(&der, &der_len, &encrypted, RSTRING_PTR(pem), (size_t)RSTRING_LEN(pem));
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);
    result = rb_ary_new_capa(2);
    rb_ary_push(result, encrypted ? Qtrue : Qfalse);
    rb_ary_push(result, pq_string_from_buffer(der, der_len));
    pq_wipe_and_free(der, der_len);
    return result;
}

.pkcs8_private_key_info_from_der(der) ⇒ Object 



1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1763

static VALUE pqcrypto_pkcs8_private_key_info_from_der(VALUE self, VALUE der) {
    (void)self;
    char *oid_text = NULL;
    uint8_t *private_key = NULL;
    size_t private_key_len = 0;
    VALUE result;
    int ret;

    StringValue(der);
    ret = pq_pkcs8_private_key_info_from_der(&oid_text, &private_key, &private_key_len,
                                             (const uint8_t *)RSTRING_PTR(der),
                                             (size_t)RSTRING_LEN(der));
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);

    result = rb_ary_new_capa(2);
    rb_ary_push(result, rb_str_new_cstr(oid_text));
    rb_ary_push(result, pq_string_from_buffer(private_key, private_key_len));
    free(oid_text);
    pq_wipe_and_free(private_key, private_key_len);
    return result;
}

.pkcs8_private_key_info_to_der(oid_text, private_key) ⇒ Object 



1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1744

static VALUE pqcrypto_pkcs8_private_key_info_to_der(VALUE self, VALUE oid_text, VALUE private_key) {
    (void)self;
    uint8_t *out = NULL;
    size_t out_len = 0;
    VALUE result;
    int ret;

    StringValue(oid_text);
    StringValue(private_key);
    ret = pq_pkcs8_private_key_info_to_der(&out, &out_len, RSTRING_PTR(oid_text),
                                           (const uint8_t *)RSTRING_PTR(private_key),
                                           (size_t)RSTRING_LEN(private_key));
    if (ret != PQ_SUCCESS)
        pq_raise_general_error(ret);
    result = pq_string_from_buffer(out, out_len);
    pq_wipe_and_free(out, out_len);
    return result;
}

.public_key_from_pqc_container_der(der) ⇒ Object 



1929
1930
1931
1932
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1929

static VALUE pqcrypto_public_key_from_pqc_container_der(VALUE self, VALUE der) {
    (void)self;
    return pq_import_container_der(der, pq_public_key_from_pqc_container_der);
}

.public_key_from_pqc_container_pem(pem) ⇒ Object 



1934
1935
1936
1937
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1934

static VALUE pqcrypto_public_key_from_pqc_container_pem(VALUE self, VALUE pem) {
    (void)self;
    return pq_import_container_pem(pem, pq_public_key_from_pqc_container_pem);
}

.public_key_to_pqc_container_der(algorithm, key_bytes) ⇒ Object 



1905
1906
1907
1908
1909
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1905

static VALUE pqcrypto_public_key_to_pqc_container_der(VALUE self, VALUE algorithm,
                                                      VALUE key_bytes) {
    (void)self;
    return pq_export_container_der(algorithm, key_bytes, pq_public_key_to_pqc_container_der);
}

.public_key_to_pqc_container_pem(algorithm, key_bytes) ⇒ Object 



1911
1912
1913
1914
1915
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1911

static VALUE pqcrypto_public_key_to_pqc_container_pem(VALUE self, VALUE algorithm,
                                                      VALUE key_bytes) {
    (void)self;
    return pq_export_container_pem(algorithm, key_bytes, pq_public_key_to_pqc_container_pem);
}

.secret_key_from_pqc_container_der(der) ⇒ Object 



1939
1940
1941
1942
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1939

static VALUE pqcrypto_secret_key_from_pqc_container_der(VALUE self, VALUE der) {
    (void)self;
    return pq_import_container_der(der, pq_secret_key_from_pqc_container_der);
}

.secret_key_from_pqc_container_pem(pem) ⇒ Object 



1944
1945
1946
1947
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1944

static VALUE pqcrypto_secret_key_from_pqc_container_pem(VALUE self, VALUE pem) {
    (void)self;
    return pq_import_container_pem(pem, pq_secret_key_from_pqc_container_pem);
}

.secret_key_to_pqc_container_der(algorithm, key_bytes) ⇒ Object 



1917
1918
1919
1920
1921
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1917

static VALUE pqcrypto_secret_key_to_pqc_container_der(VALUE self, VALUE algorithm,
                                                      VALUE key_bytes) {
    (void)self;
    return pq_export_container_der(algorithm, key_bytes, pq_secret_key_to_pqc_container_der);
}

.secret_key_to_pqc_container_pem(algorithm, key_bytes) ⇒ Object 



1923
1924
1925
1926
1927
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1923

static VALUE pqcrypto_secret_key_to_pqc_container_pem(VALUE self, VALUE algorithm,
                                                      VALUE key_bytes) {
    (void)self;
    return pq_export_container_pem(algorithm, key_bytes, pq_secret_key_to_pqc_container_pem);
}

.secure_wipe(str) ⇒ Object

Raises:

  • (ArgumentError) 


1378
1379
1380
1381
1382
1383
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1378

def secure_wipe(string)
  string = String(string)
  raise ArgumentError, "secure_wipe requires a mutable String" if string.frozen?

  native_secure_wipe(string)
end

.signObject

.sign_keypairObject

.supported_hybrid_kemsObject 



159
160
161
 
# File 'lib/pq_crypto.rb', line 159

def supported_hybrid_kems
  SUITES.fetch(:hybrid_kem).dup
end

.supported_kemsObject 



155
156
157
 
# File 'lib/pq_crypto.rb', line 155

def supported_kems
  SUITES.fetch(:kem).dup
end

.supported_signaturesObject 



163
164
165
 
# File 'lib/pq_crypto.rb', line 163

def supported_signatures
  SUITES.fetch(:signature).dup
end

.verifyObject

.versionObject 



1386
1387
1388
 
# File 'ext/pqcrypto/pqcrypto_ruby_secure.c', line 1386

def version
  native_version
end