pq_crypto 0.2.0 → 0.3.0

data/ext/pqcrypto/pqcrypto_secure.h

@@ -58,6 +58,15 @@ typedef struct {
     uint8_t x25519_ephemeral[X25519_PUBLICKEYBYTES];
 } hybrid_ciphertext_t;
 
+#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
+_Static_assert(sizeof(hybrid_public_key_t) == HYBRID_PUBLICKEYBYTES,
+               "hybrid_public_key_t layout must be packed");
+_Static_assert(sizeof(hybrid_secret_key_t) == HYBRID_SECRETKEYBYTES,
+               "hybrid_secret_key_t layout must be packed");
+_Static_assert(sizeof(hybrid_ciphertext_t) == HYBRID_CIPHERTEXTBYTES,
+               "hybrid_ciphertext_t layout must be packed");
+#endif
+
 void pq_secure_wipe(void *ptr, size_t len);
 
 int pq_mlkem_keypair(uint8_t *public_key, uint8_t *secret_key);
@@ -96,8 +105,6 @@ int pq_secret_key_from_pqc_container_pem(char **algorithm_out, uint8_t **key_out
                                           size_t *key_len_out, const char *input,
                                           size_t input_len);
 
-
-/* Test-only deterministic hooks for regression harness. */
 int pq_testing_mlkem_keypair_from_seed(uint8_t *public_key, uint8_t *secret_key,
                                        const uint8_t *seed, size_t seed_len);
 int pq_testing_mlkem_encapsulate_from_seed(uint8_t *ciphertext, uint8_t *shared_secret,
@@ -110,6 +117,10 @@ int pq_testing_mldsa_sign_from_seed(uint8_t *signature, size_t *signature_len,
                                     const uint8_t *secret_key, const uint8_t *seed,
                                     size_t seed_len);
 
+void pq_testing_set_seed(const uint8_t *seed, size_t len);
+void pq_testing_clear_seed(void);
+int pq_testing_seed_active(void);
+
 const char *pq_version(void);
 
 #define PQ_MLKEM_PUBLICKEYBYTES    MLKEM_PUBLICKEYBYTES

data/lib/pq_crypto/errors.rb

@@ -1,10 +1,16 @@
 # frozen_string_literal: true
 
 module PQCrypto
-  class Error < StandardError; end unless const_defined?(:Error)
-  class UnsupportedAlgorithmError < Error; end unless const_defined?(:UnsupportedAlgorithmError)
-  class InvalidKeyError < Error; end unless const_defined?(:InvalidKeyError)
-  class InvalidCiphertextError < Error; end unless const_defined?(:InvalidCiphertextError)
-  class SerializationError < Error; end unless const_defined?(:SerializationError)
-  class VerificationError < Error; end unless const_defined?(:VerificationError)
+  unless const_defined?(:Error)
+    class Error < StandardError; end
+  end
+
+  class UnsupportedAlgorithmError < Error; end
+  class InvalidKeyError < Error; end
+  class InvalidCiphertextError < Error; end
+  class SerializationError < Error; end
+
+  unless const_defined?(:VerificationError)
+    class VerificationError < Error; end
+  end
 end

data/lib/pq_crypto/hybrid_kem.rb

@@ -2,7 +2,7 @@
 
 module PQCrypto
   module HybridKEM
-    CANONICAL_ALGORITHM = :ml_kem_768_x25519_hkdf_sha256
+    CANONICAL_ALGORITHM = :ml_kem_768_x25519_xwing
 
     DETAILS = {
       CANONICAL_ALGORITHM => {
@@ -13,7 +13,7 @@ module PQCrypto
         secret_key_bytes: HYBRID_KEM_SECRET_KEY_BYTES,
         ciphertext_bytes: HYBRID_KEM_CIPHERTEXT_BYTES,
         shared_secret_bytes: HYBRID_KEM_SHARED_SECRET_BYTES,
-        description: "Hybrid KEM: ML-KEM-768 + X25519 combined via transcript-bound HKDF-SHA256.",
+        description: "Hybrid KEM: ML-KEM-768 + X25519 combined via X-Wing SHA3-256 combiner (draft-connolly-cfrg-xwing-kem).",
       }.freeze,
     }.freeze
 

data/lib/pq_crypto/kem.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "digest"
+
 module PQCrypto
   module KEM
     CANONICAL_ALGORITHM = :ml_kem_768
@@ -120,13 +122,18 @@ module PQCrypto
       end
 
       def ==(other)
-        other.is_a?(PublicKey) && other.algorithm == algorithm && other.to_bytes == @bytes
+        return false unless other.is_a?(PublicKey) && other.algorithm == algorithm
+        PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
       end
 
       alias eql? ==
 
       def hash
-        [self.class, algorithm, @bytes].hash
+        fingerprint.hash
+      end
+
+      def fingerprint
+        Digest::SHA256.digest(@bytes)
       end
 
       private
@@ -170,13 +177,18 @@ module PQCrypto
       end
 
       def ==(other)
-        other.is_a?(SecretKey) && other.algorithm == algorithm && other.to_bytes == @bytes
+        return false unless other.is_a?(SecretKey) && other.algorithm == algorithm
+        PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
       end
 
       alias eql? ==
 
       def hash
-        [self.class, algorithm, @bytes].hash
+        fingerprint.hash
+      end
+
+      def fingerprint
+        Digest::SHA256.digest(@bytes)
       end
 
       private

data/lib/pq_crypto/serialization.rb

@@ -7,9 +7,9 @@ module PQCrypto
         family: :ml_kem,
         oid: "2.25.186599352125448088867056807454444238446",
       }.freeze,
-      ml_kem_768_x25519_hkdf_sha256: {
+      ml_kem_768_x25519_xwing: {
         family: :ml_kem_hybrid,
-        oid: "2.25.260242945110721168101139140490528778800",
+        oid: "2.25.318532651283923671095712569430174917109",
       }.freeze,
       ml_dsa_65: {
         family: :ml_dsa,

data/lib/pq_crypto/signature.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require "digest"
+
 module PQCrypto
   module Signature
     CANONICAL_ALGORITHM = :ml_dsa_65
@@ -18,47 +20,47 @@ module PQCrypto
 
     class << self
       def generate(algorithm = CANONICAL_ALGORITHM)
-        validate_algorithm!(algorithm)
+        resolve_algorithm!(algorithm)
         public_key, secret_key = PQCrypto.__send__(:native_sign_keypair)
         Keypair.new(PublicKey.new(algorithm, public_key), SecretKey.new(algorithm, secret_key))
       end
 
       def public_key_from_bytes(algorithm, bytes)
-        validate_algorithm!(algorithm)
+        resolve_algorithm!(algorithm)
         PublicKey.new(algorithm, bytes)
       end
 
       def secret_key_from_bytes(algorithm, bytes)
-        validate_algorithm!(algorithm)
+        resolve_algorithm!(algorithm)
         SecretKey.new(algorithm, bytes)
       end
 
       def public_key_from_pqc_container_der(der, algorithm = nil)
         resolved_algorithm, bytes = Serialization.public_key_from_pqc_container_der(algorithm, der)
-        validate_algorithm!(resolved_algorithm)
+        resolve_algorithm!(resolved_algorithm)
         PublicKey.new(resolved_algorithm, bytes)
       end
 
       def public_key_from_pqc_container_pem(pem, algorithm = nil)
         resolved_algorithm, bytes = Serialization.public_key_from_pqc_container_pem(algorithm, pem)
-        validate_algorithm!(resolved_algorithm)
+        resolve_algorithm!(resolved_algorithm)
         PublicKey.new(resolved_algorithm, bytes)
       end
 
       def secret_key_from_pqc_container_der(der, algorithm = nil)
         resolved_algorithm, bytes = Serialization.secret_key_from_pqc_container_der(algorithm, der)
-        validate_algorithm!(resolved_algorithm)
+        resolve_algorithm!(resolved_algorithm)
         SecretKey.new(resolved_algorithm, bytes)
       end
 
       def secret_key_from_pqc_container_pem(pem, algorithm = nil)
         resolved_algorithm, bytes = Serialization.secret_key_from_pqc_container_pem(algorithm, pem)
-        validate_algorithm!(resolved_algorithm)
+        resolve_algorithm!(resolved_algorithm)
         SecretKey.new(resolved_algorithm, bytes)
       end
 
       def details(algorithm)
-        DETAILS.fetch(validate_algorithm!(algorithm)).dup
+        DETAILS.fetch(resolve_algorithm!(algorithm)).dup
       end
 
       def supported
@@ -67,7 +69,7 @@ module PQCrypto
 
       private
 
-      def validate_algorithm!(algorithm)
+      def resolve_algorithm!(algorithm)
         return algorithm if DETAILS.key?(algorithm)
 
         raise UnsupportedAlgorithmError, "Unsupported signature algorithm: #{algorithm.inspect}"
@@ -114,27 +116,28 @@ module PQCrypto
 
       def verify(message, signature)
         PQCrypto.__send__(:native_verify, String(message).b, String(signature).b, @bytes)
-      rescue PQCrypto::VerificationError
-        false
       rescue ArgumentError => e
         raise InvalidKeyError, e.message
       end
 
       def verify!(message, signature)
-        ok = verify(message, signature)
-        raise PQCrypto::VerificationError, "Verification failed" unless ok
-
+        raise PQCrypto::VerificationError, "Verification failed" unless verify(message, signature)
         true
       end
 
       def ==(other)
-        other.is_a?(PublicKey) && other.algorithm == algorithm && other.to_bytes == @bytes
+        return false unless other.is_a?(PublicKey) && other.algorithm == algorithm
+        PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
       end
 
       alias eql? ==
 
       def hash
-        [self.class, algorithm, @bytes].hash
+        fingerprint.hash
+      end
+
+      def fingerprint
+        Digest::SHA256.digest(@bytes)
       end
 
       private
@@ -178,13 +181,18 @@ module PQCrypto
       end
 
       def ==(other)
-        other.is_a?(SecretKey) && other.algorithm == algorithm && other.to_bytes == @bytes
+        return false unless other.is_a?(SecretKey) && other.algorithm == algorithm
+        PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
       end
 
       alias eql? ==
 
       def hash
-        [self.class, algorithm, @bytes].hash
+        fingerprint.hash
+      end
+
+      def fingerprint
+        Digest::SHA256.digest(@bytes)
       end
 
       private

data/lib/pq_crypto/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PQCrypto
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/lib/pq_crypto.rb

@@ -35,84 +35,53 @@ require_relative "pq_crypto/serialization"
 module PQCrypto
   SUITES = {
     kem: [:ml_kem_768].freeze,
-    hybrid_kem: [:ml_kem_768_x25519_hkdf_sha256].freeze,
+    hybrid_kem: [:ml_kem_768_x25519_xwing].freeze,
     signature: [:ml_dsa_65].freeze,
   }.freeze
 
-  NATIVE_EXTENSION_LOADED = true unless const_defined?(:NATIVE_EXTENSION_LOADED)
-
-  class << self
-    unless private_method_defined?(:native_ml_kem_keypair)
-      alias_method :native_ml_kem_keypair, :ml_kem_keypair
-      alias_method :native_ml_kem_encapsulate, :ml_kem_encapsulate
-      alias_method :native_ml_kem_decapsulate, :ml_kem_decapsulate
-      alias_method :native_hybrid_kem_keypair, :hybrid_kem_keypair
-      alias_method :native_hybrid_kem_encapsulate, :hybrid_kem_encapsulate
-      alias_method :native_hybrid_kem_decapsulate, :hybrid_kem_decapsulate
-      alias_method :native_sign_keypair, :sign_keypair
-      alias_method :native_sign, :sign
-      alias_method :native_verify, :verify
-      alias_method :native_secure_wipe, :secure_wipe
-      alias_method :native_version, :version
-      alias_method :native_public_key_to_pqc_container_der, :public_key_to_pqc_container_der
-      alias_method :native_public_key_to_pqc_container_pem, :public_key_to_pqc_container_pem
-      alias_method :native_secret_key_to_pqc_container_der, :secret_key_to_pqc_container_der
-      alias_method :native_secret_key_to_pqc_container_pem, :secret_key_to_pqc_container_pem
-      alias_method :native_public_key_from_pqc_container_der, :public_key_from_pqc_container_der
-      alias_method :native_public_key_from_pqc_container_pem, :public_key_from_pqc_container_pem
-      alias_method :native_secret_key_from_pqc_container_der, :secret_key_from_pqc_container_der
-      alias_method :native_secret_key_from_pqc_container_pem, :secret_key_from_pqc_container_pem
-      alias_method :native_test_ml_kem_keypair_from_seed, :__test_ml_kem_keypair_from_seed
-      alias_method :native_test_ml_kem_encapsulate_from_seed, :__test_ml_kem_encapsulate_from_seed
-      alias_method :native_test_sign_keypair_from_seed, :__test_sign_keypair_from_seed
-      alias_method :native_test_sign_from_seed, :__test_sign_from_seed
-
-      private :native_ml_kem_keypair,
-              :native_ml_kem_encapsulate,
-              :native_ml_kem_decapsulate,
-              :native_hybrid_kem_keypair,
-              :native_hybrid_kem_encapsulate,
-              :native_hybrid_kem_decapsulate,
-              :native_sign_keypair,
-              :native_sign,
-              :native_verify,
-              :native_secure_wipe,
-              :native_version,
-              :native_public_key_to_pqc_container_der,
-              :native_public_key_to_pqc_container_pem,
-              :native_secret_key_to_pqc_container_der,
-              :native_secret_key_to_pqc_container_pem,
-              :native_public_key_from_pqc_container_der,
-              :native_public_key_from_pqc_container_pem,
-              :native_secret_key_from_pqc_container_der,
-              :native_secret_key_from_pqc_container_pem,
-              :native_test_ml_kem_keypair_from_seed,
-              :native_test_ml_kem_encapsulate_from_seed,
-              :native_test_sign_keypair_from_seed,
-              :native_test_sign_from_seed,
-              :ml_kem_keypair,
-              :ml_kem_encapsulate,
-              :ml_kem_decapsulate,
-              :hybrid_kem_keypair,
-              :hybrid_kem_encapsulate,
-              :hybrid_kem_decapsulate,
-              :sign_keypair,
-              :sign,
-              :verify,
-              :public_key_to_pqc_container_der,
-              :public_key_to_pqc_container_pem,
-              :secret_key_to_pqc_container_der,
-              :secret_key_to_pqc_container_pem,
-              :public_key_from_pqc_container_der,
-              :public_key_from_pqc_container_pem,
-              :secret_key_from_pqc_container_der,
-              :secret_key_from_pqc_container_pem,
-              :__test_ml_kem_keypair_from_seed,
-              :__test_ml_kem_encapsulate_from_seed,
-              :__test_sign_keypair_from_seed,
-              :__test_sign_from_seed
+  NATIVE_EXTENSION_LOADED = true
+
+  module NativeBindings
+    NATIVE_METHODS = %i[
+      ml_kem_keypair
+      ml_kem_encapsulate
+      ml_kem_decapsulate
+      hybrid_kem_keypair
+      hybrid_kem_encapsulate
+      hybrid_kem_decapsulate
+      sign_keypair
+      sign
+      verify
+      ct_equals
+      secure_wipe
+      version
+      public_key_to_pqc_container_der
+      public_key_to_pqc_container_pem
+      secret_key_to_pqc_container_der
+      secret_key_to_pqc_container_pem
+      public_key_from_pqc_container_der
+      public_key_from_pqc_container_pem
+      secret_key_from_pqc_container_der
+      secret_key_from_pqc_container_pem
+      __test_ml_kem_keypair_from_seed
+      __test_ml_kem_encapsulate_from_seed
+      __test_sign_keypair_from_seed
+      __test_sign_from_seed
+    ].freeze
+
+    class << PQCrypto
+      NativeBindings::NATIVE_METHODS.each do |name|
+        alias_name = :"native_#{name.to_s.sub(/\A__/, '')}"
+        next if private_method_defined?(alias_name)
+        alias_method alias_name, name
+      end
+
+      private(*NativeBindings::NATIVE_METHODS)
+      private(*NativeBindings::NATIVE_METHODS.map { |n| :"native_#{n.to_s.sub(/\A__/, '')}" })
     end
+  end
 
+  class << self
     def version
       native_version
     end

data/script/vendor_libs.rb

@@ -120,7 +120,6 @@ end
 def verify_checksum!(archive, expected_sha256)
   actual = Digest::SHA256.file(archive).hexdigest
   abort "SHA256 mismatch: expected #{expected_sha256}, got #{actual}" unless actual == expected_sha256
-
   actual
 end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: pq_crypto
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Roman Haydarov
 bindir: exe
 cert_chain: []
-date: 2026-04-22 00:00:00.000000000 Z
+date: 2026-04-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -69,6 +69,7 @@ files:
 - ext/pqcrypto/extconf.rb
 - ext/pqcrypto/mldsa_api.h
 - ext/pqcrypto/mlkem_api.h
+- ext/pqcrypto/pq_randombytes.c
 - ext/pqcrypto/pqcrypto_ruby_secure.c
 - ext/pqcrypto/pqcrypto_secure.c
 - ext/pqcrypto/pqcrypto_secure.h
@@ -85,7 +86,6 @@ files:
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SIMD256.c
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SnP.h
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-unrolling.macros
-- ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile.Microsoft_nmake
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/SIMD256-config.h
 - ext/pqcrypto/vendor/pqclean/common/keccak4x/align.h
@@ -99,7 +99,6 @@ files:
 - ext/pqcrypto/vendor/pqclean/common/sp800-185.c
 - ext/pqcrypto/vendor/pqclean/common/sp800-185.h
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/LICENSE
-- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile.Microsoft_nmake
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/api.h
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/cbd.c
@@ -122,7 +121,6 @@ files:
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.c
 - ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.h
 - ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/LICENSE
-- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile
 - ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile.Microsoft_nmake
 - ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/api.h
 - ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/ntt.c

data/ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile

@@ -1,8 +0,0 @@
-KeccakP-1600-times4-SIMD256.o: KeccakP-1600-times4-SIMD256.c \
-  align.h brg_endian.h KeccakP-1600-times4-SnP.h \
-  KeccakP-1600-unrolling.macros SIMD256-config.h
-	$(CC) -O3 -mavx2 -c $< -o $@
-
-.PHONY: clean
-clean:
-	$(RM) KeccakP-1600-times4-SIMD256.o

data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile

@@ -1,19 +0,0 @@
-# This Makefile can be used with GNU Make or BSD Make
-
-LIB=libml-kem-768_clean.a
-HEADERS=api.h cbd.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h symmetric.h verify.h 
-OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o reduce.o symmetric-shake.o verify.o 
-
-CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
-
-all: $(LIB)
-
-%.o: %.c $(HEADERS)
-	$(CC) $(CFLAGS) -c -o $@ $<
-
-$(LIB): $(OBJECTS)
-	$(AR) -r $@ $(OBJECTS)
-
-clean:
-	$(RM) $(OBJECTS)
-	$(RM) $(LIB)

data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile

@@ -1,19 +0,0 @@
-# This Makefile can be used with GNU Make or BSD Make
-
-LIB=libml-dsa-65_clean.a
-HEADERS=api.h ntt.h packing.h params.h poly.h polyvec.h reduce.h rounding.h sign.h symmetric.h 
-OBJECTS=ntt.o packing.o poly.o polyvec.o reduce.o rounding.o sign.o symmetric-shake.o 
-
-CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
-
-all: $(LIB)
-
-%.o: %.c $(HEADERS)
-	$(CC) $(CFLAGS) -c -o $@ $<
-
-$(LIB): $(OBJECTS)
-	$(AR) -r $@ $(OBJECTS)
-
-clean:
-	$(RM) $(OBJECTS)
-	$(RM) $(LIB)