qsafe-sdk for Ruby
Post-quantum cryptography SDK for the QSafe API — supports ML-KEM (Kyber) encryption and ML-DSA (Dilithium) signatures.
- API version: 1.0.0
- Ruby: 2.7+
Installation
Add to your Gemfile:
gem 'qsafe-sdk', '~> 1.0'
Then run:
bundle install
Or install directly:
gem install qsafe-sdk
Authentication
| Method | Use case | How to set |
|---|---|---|
| API Key | Programmatic access (recommended) | config.api_key['ApiKeyHeader'] = 'pqc_your_key' |
| JWT Bearer | Managing API keys, user sessions | config.access_token = 'your_jwt_token' |
Getting an API key: Register → Login (JWT) →
POST /api-keys→ copydata.api_key.
Quick Start — API Key Auth (Recommended)
require 'qsafe_sdk'
# Configure API key
QSafe.configure do |config|
config.api_key['ApiKeyHeader'] = 'pqc_your_api_key_here'
end
keypairs_api = QSafe::KeypairsApi.new
crypto_api = QSafe::CryptographicOperationsApi.new
# 1. Generate a KEM keypair
kp = keypairs_api.generate_keypair(QSafe::GenerateKeypairRequest.new(algorithm: 'KYBER768'))
keypair_id = kp.data.id
puts "Keypair: #{keypair_id}"
# 2. Encrypt
enc = crypto_api.encrypt_data(keypair_id, QSafe::EncryptRequest.new(plaintext: 'Hello, quantum-safe world!'))
ciphertext = enc.data.ciphertext
encapsulated_key = enc.data.encapsulated_key
# 3. Decrypt
dec = crypto_api.decrypt_data(keypair_id, QSafe::DecryptRequest.new(
ciphertext: ciphertext,
encapsulated_key: encapsulated_key
))
puts "Decrypted: #{dec.data.plaintext}"
Sign & Verify
# Generate signature keypair
kp = keypairs_api.generate_keypair(QSafe::GenerateKeypairRequest.new(algorithm: 'DILITHIUM3'))
keypair_id = kp.data.id
# Sign
sig = crypto_api.sign_data(keypair_id, QSafe::SignRequest.new(
message: 'I approve this transaction',
hash_algorithm: 'sha256'
))
signature = sig.data.signature
# Verify
ver = crypto_api.verify_signature(keypair_id, QSafe::VerifyRequest.new(
message: 'I approve this transaction',
signature: signature,
hash_algorithm: 'sha256'
))
puts "Valid: #{ver.data.verification_result.valid}"
Quick Start — JWT Auth (for managing API keys)
require 'qsafe_sdk'
auth_api = QSafe::AuthenticationApi.new
# Register
reg = auth_api.register_user(QSafe::RegisterRequest.new(
email: 'you@example.com',
password: 'SecureP@ssw0rd123',
first_name: 'Your',
last_name: 'Name'
))
jwt_token = reg.data.access_token
# Use JWT to create an API key
QSafe.configure { |c| c.access_token = jwt_token }
keys_api = QSafe::APIKeysApi.new
key_resp = keys_api.create_api_key(QSafe::CreateApiKeyRequest.new(
name: 'My Production Key',
permissions: %w[read write crypto_encrypt crypto_decrypt crypto_sign crypto_verify]
))
raw_api_key = key_resp.data.api_key # pqc_xxxx — save this!
puts "API Key: #{raw_api_key}"
API Reference
| Method | Endpoint | Auth |
|---|---|---|
AuthenticationApi#register_user |
POST /auth/register | None |
AuthenticationApi#login_user |
POST /auth/login | None |
APIKeysApi#create_api_key |
POST /api-keys | JWT only |
KeypairsApi#generate_keypair |
POST /generate-keypair | JWT or API key |
CryptographicOperationsApi#encrypt_data |
POST /keypairs/id/encrypt | JWT or API key |
CryptographicOperationsApi#decrypt_data |
POST /keypairs/id/decrypt | JWT or API key |
CryptographicOperationsApi#sign_data |
POST /keypairs/id/sign | JWT or API key |
CryptographicOperationsApi#verify_signature |
POST /keypairs/id/verify | JWT or API key |