pq_crypto 0.2.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +100 -0
- data/GET_STARTED.md +19 -9
- data/README.md +90 -26
- data/SECURITY.md +84 -13
- data/ext/pqcrypto/extconf.rb +27 -12
- data/ext/pqcrypto/pq_randombytes.c +56 -0
- data/ext/pqcrypto/pqcrypto_ruby_secure.c +35 -20
- data/ext/pqcrypto/pqcrypto_secure.c +319 -525
- data/ext/pqcrypto/pqcrypto_secure.h +23 -4
- data/lib/pq_crypto/errors.rb +12 -6
- data/lib/pq_crypto/hybrid_kem.rb +2 -2
- data/lib/pq_crypto/kem.rb +20 -4
- data/lib/pq_crypto/serialization.rb +2 -2
- data/lib/pq_crypto/signature.rb +26 -18
- data/lib/pq_crypto/version.rb +1 -1
- data/lib/pq_crypto.rb +42 -73
- data/script/vendor_libs.rb +0 -1
- metadata +5 -7
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile +0 -8
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile +0 -19
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile +0 -19
|
@@ -23,9 +23,11 @@
|
|
|
23
23
|
#define X25519_PUBLICKEYBYTES 32
|
|
24
24
|
#define X25519_SECRETKEYBYTES 32
|
|
25
25
|
#define X25519_SHAREDSECRETBYTES 32
|
|
26
|
+
#define XWING_SEEDBYTES 32
|
|
27
|
+
#define XWING_EXPANDEDBYTES 96
|
|
26
28
|
|
|
27
29
|
#define HYBRID_PUBLICKEYBYTES (MLKEM_PUBLICKEYBYTES + X25519_PUBLICKEYBYTES)
|
|
28
|
-
#define HYBRID_SECRETKEYBYTES
|
|
30
|
+
#define HYBRID_SECRETKEYBYTES XWING_SEEDBYTES
|
|
29
31
|
#define HYBRID_CIPHERTEXTBYTES (MLKEM_CIPHERTEXTBYTES + X25519_PUBLICKEYBYTES)
|
|
30
32
|
#define HYBRID_SHAREDSECRETBYTES 32
|
|
31
33
|
|
|
@@ -48,16 +50,31 @@ typedef struct {
|
|
|
48
50
|
uint8_t x25519_pk[X25519_PUBLICKEYBYTES];
|
|
49
51
|
} hybrid_public_key_t;
|
|
50
52
|
|
|
53
|
+
typedef struct {
|
|
54
|
+
uint8_t seed[XWING_SEEDBYTES];
|
|
55
|
+
} hybrid_secret_key_t;
|
|
56
|
+
|
|
51
57
|
typedef struct {
|
|
52
58
|
uint8_t mlkem_sk[MLKEM_SECRETKEYBYTES];
|
|
53
59
|
uint8_t x25519_sk[X25519_SECRETKEYBYTES];
|
|
54
|
-
|
|
60
|
+
uint8_t mlkem_pk[MLKEM_PUBLICKEYBYTES];
|
|
61
|
+
uint8_t x25519_pk[X25519_PUBLICKEYBYTES];
|
|
62
|
+
} hybrid_expanded_secret_key_t;
|
|
55
63
|
|
|
56
64
|
typedef struct {
|
|
57
65
|
uint8_t mlkem_ct[MLKEM_CIPHERTEXTBYTES];
|
|
58
66
|
uint8_t x25519_ephemeral[X25519_PUBLICKEYBYTES];
|
|
59
67
|
} hybrid_ciphertext_t;
|
|
60
68
|
|
|
69
|
+
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L
|
|
70
|
+
_Static_assert(sizeof(hybrid_public_key_t) == HYBRID_PUBLICKEYBYTES,
|
|
71
|
+
"hybrid_public_key_t layout must be packed");
|
|
72
|
+
_Static_assert(sizeof(hybrid_secret_key_t) == HYBRID_SECRETKEYBYTES,
|
|
73
|
+
"hybrid_secret_key_t layout must be packed");
|
|
74
|
+
_Static_assert(sizeof(hybrid_ciphertext_t) == HYBRID_CIPHERTEXTBYTES,
|
|
75
|
+
"hybrid_ciphertext_t layout must be packed");
|
|
76
|
+
#endif
|
|
77
|
+
|
|
61
78
|
void pq_secure_wipe(void *ptr, size_t len);
|
|
62
79
|
|
|
63
80
|
int pq_mlkem_keypair(uint8_t *public_key, uint8_t *secret_key);
|
|
@@ -96,8 +113,6 @@ int pq_secret_key_from_pqc_container_pem(char **algorithm_out, uint8_t **key_out
|
|
|
96
113
|
size_t *key_len_out, const char *input,
|
|
97
114
|
size_t input_len);
|
|
98
115
|
|
|
99
|
-
|
|
100
|
-
/* Test-only deterministic hooks for regression harness. */
|
|
101
116
|
int pq_testing_mlkem_keypair_from_seed(uint8_t *public_key, uint8_t *secret_key,
|
|
102
117
|
const uint8_t *seed, size_t seed_len);
|
|
103
118
|
int pq_testing_mlkem_encapsulate_from_seed(uint8_t *ciphertext, uint8_t *shared_secret,
|
|
@@ -110,6 +125,10 @@ int pq_testing_mldsa_sign_from_seed(uint8_t *signature, size_t *signature_len,
|
|
|
110
125
|
const uint8_t *secret_key, const uint8_t *seed,
|
|
111
126
|
size_t seed_len);
|
|
112
127
|
|
|
128
|
+
void pq_testing_set_seed(const uint8_t *seed, size_t len);
|
|
129
|
+
void pq_testing_clear_seed(void);
|
|
130
|
+
int pq_testing_seed_active(void);
|
|
131
|
+
|
|
113
132
|
const char *pq_version(void);
|
|
114
133
|
|
|
115
134
|
#define PQ_MLKEM_PUBLICKEYBYTES MLKEM_PUBLICKEYBYTES
|
data/lib/pq_crypto/errors.rb
CHANGED
|
@@ -1,10 +1,16 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
module PQCrypto
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
class
|
|
9
|
-
class
|
|
4
|
+
unless const_defined?(:Error)
|
|
5
|
+
class Error < StandardError; end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
class UnsupportedAlgorithmError < Error; end
|
|
9
|
+
class InvalidKeyError < Error; end
|
|
10
|
+
class InvalidCiphertextError < Error; end
|
|
11
|
+
class SerializationError < Error; end
|
|
12
|
+
|
|
13
|
+
unless const_defined?(:VerificationError)
|
|
14
|
+
class VerificationError < Error; end
|
|
15
|
+
end
|
|
10
16
|
end
|
data/lib/pq_crypto/hybrid_kem.rb
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
module PQCrypto
|
|
4
4
|
module HybridKEM
|
|
5
|
-
CANONICAL_ALGORITHM = :
|
|
5
|
+
CANONICAL_ALGORITHM = :ml_kem_768_x25519_xwing
|
|
6
6
|
|
|
7
7
|
DETAILS = {
|
|
8
8
|
CANONICAL_ALGORITHM => {
|
|
@@ -13,7 +13,7 @@ module PQCrypto
|
|
|
13
13
|
secret_key_bytes: HYBRID_KEM_SECRET_KEY_BYTES,
|
|
14
14
|
ciphertext_bytes: HYBRID_KEM_CIPHERTEXT_BYTES,
|
|
15
15
|
shared_secret_bytes: HYBRID_KEM_SHARED_SECRET_BYTES,
|
|
16
|
-
description: "Hybrid KEM: ML-KEM-768 + X25519 combined via
|
|
16
|
+
description: "Hybrid KEM: ML-KEM-768 + X25519 combined via X-Wing SHA3-256 combiner (draft-connolly-cfrg-xwing-kem).",
|
|
17
17
|
}.freeze,
|
|
18
18
|
}.freeze
|
|
19
19
|
|
data/lib/pq_crypto/kem.rb
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "digest"
|
|
4
|
+
|
|
3
5
|
module PQCrypto
|
|
4
6
|
module KEM
|
|
5
7
|
CANONICAL_ALGORITHM = :ml_kem_768
|
|
@@ -120,13 +122,18 @@ module PQCrypto
|
|
|
120
122
|
end
|
|
121
123
|
|
|
122
124
|
def ==(other)
|
|
123
|
-
other.is_a?(PublicKey) && other.algorithm == algorithm
|
|
125
|
+
return false unless other.is_a?(PublicKey) && other.algorithm == algorithm
|
|
126
|
+
PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
|
|
124
127
|
end
|
|
125
128
|
|
|
126
129
|
alias eql? ==
|
|
127
130
|
|
|
128
131
|
def hash
|
|
129
|
-
|
|
132
|
+
fingerprint.hash
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
def fingerprint
|
|
136
|
+
Digest::SHA256.digest(@bytes)
|
|
130
137
|
end
|
|
131
138
|
|
|
132
139
|
private
|
|
@@ -170,13 +177,18 @@ module PQCrypto
|
|
|
170
177
|
end
|
|
171
178
|
|
|
172
179
|
def ==(other)
|
|
173
|
-
other.is_a?(SecretKey) && other.algorithm == algorithm
|
|
180
|
+
return false unless other.is_a?(SecretKey) && other.algorithm == algorithm
|
|
181
|
+
PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
|
|
174
182
|
end
|
|
175
183
|
|
|
176
184
|
alias eql? ==
|
|
177
185
|
|
|
178
186
|
def hash
|
|
179
|
-
|
|
187
|
+
object_id.hash
|
|
188
|
+
end
|
|
189
|
+
|
|
190
|
+
def inspect
|
|
191
|
+
"#<#{self.class}:0x#{object_id.to_s(16)} algorithm=#{algorithm.inspect}>"
|
|
180
192
|
end
|
|
181
193
|
|
|
182
194
|
private
|
|
@@ -194,6 +206,10 @@ module PQCrypto
|
|
|
194
206
|
@ciphertext = String(ciphertext).b
|
|
195
207
|
@shared_secret = String(shared_secret).b
|
|
196
208
|
end
|
|
209
|
+
|
|
210
|
+
def inspect
|
|
211
|
+
"#<#{self.class}:0x#{object_id.to_s(16)} ciphertext_bytes=#{@ciphertext.bytesize} shared_secret_bytes=#{@shared_secret.bytesize}>"
|
|
212
|
+
end
|
|
197
213
|
end
|
|
198
214
|
end
|
|
199
215
|
end
|
|
@@ -7,9 +7,9 @@ module PQCrypto
|
|
|
7
7
|
family: :ml_kem,
|
|
8
8
|
oid: "2.25.186599352125448088867056807454444238446",
|
|
9
9
|
}.freeze,
|
|
10
|
-
|
|
10
|
+
ml_kem_768_x25519_xwing: {
|
|
11
11
|
family: :ml_kem_hybrid,
|
|
12
|
-
oid: "
|
|
12
|
+
oid: "1.3.6.1.4.1.62253.25722",
|
|
13
13
|
}.freeze,
|
|
14
14
|
ml_dsa_65: {
|
|
15
15
|
family: :ml_dsa,
|
data/lib/pq_crypto/signature.rb
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "digest"
|
|
4
|
+
|
|
3
5
|
module PQCrypto
|
|
4
6
|
module Signature
|
|
5
7
|
CANONICAL_ALGORITHM = :ml_dsa_65
|
|
@@ -18,47 +20,47 @@ module PQCrypto
|
|
|
18
20
|
|
|
19
21
|
class << self
|
|
20
22
|
def generate(algorithm = CANONICAL_ALGORITHM)
|
|
21
|
-
|
|
23
|
+
resolve_algorithm!(algorithm)
|
|
22
24
|
public_key, secret_key = PQCrypto.__send__(:native_sign_keypair)
|
|
23
25
|
Keypair.new(PublicKey.new(algorithm, public_key), SecretKey.new(algorithm, secret_key))
|
|
24
26
|
end
|
|
25
27
|
|
|
26
28
|
def public_key_from_bytes(algorithm, bytes)
|
|
27
|
-
|
|
29
|
+
resolve_algorithm!(algorithm)
|
|
28
30
|
PublicKey.new(algorithm, bytes)
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def secret_key_from_bytes(algorithm, bytes)
|
|
32
|
-
|
|
34
|
+
resolve_algorithm!(algorithm)
|
|
33
35
|
SecretKey.new(algorithm, bytes)
|
|
34
36
|
end
|
|
35
37
|
|
|
36
38
|
def public_key_from_pqc_container_der(der, algorithm = nil)
|
|
37
39
|
resolved_algorithm, bytes = Serialization.public_key_from_pqc_container_der(algorithm, der)
|
|
38
|
-
|
|
40
|
+
resolve_algorithm!(resolved_algorithm)
|
|
39
41
|
PublicKey.new(resolved_algorithm, bytes)
|
|
40
42
|
end
|
|
41
43
|
|
|
42
44
|
def public_key_from_pqc_container_pem(pem, algorithm = nil)
|
|
43
45
|
resolved_algorithm, bytes = Serialization.public_key_from_pqc_container_pem(algorithm, pem)
|
|
44
|
-
|
|
46
|
+
resolve_algorithm!(resolved_algorithm)
|
|
45
47
|
PublicKey.new(resolved_algorithm, bytes)
|
|
46
48
|
end
|
|
47
49
|
|
|
48
50
|
def secret_key_from_pqc_container_der(der, algorithm = nil)
|
|
49
51
|
resolved_algorithm, bytes = Serialization.secret_key_from_pqc_container_der(algorithm, der)
|
|
50
|
-
|
|
52
|
+
resolve_algorithm!(resolved_algorithm)
|
|
51
53
|
SecretKey.new(resolved_algorithm, bytes)
|
|
52
54
|
end
|
|
53
55
|
|
|
54
56
|
def secret_key_from_pqc_container_pem(pem, algorithm = nil)
|
|
55
57
|
resolved_algorithm, bytes = Serialization.secret_key_from_pqc_container_pem(algorithm, pem)
|
|
56
|
-
|
|
58
|
+
resolve_algorithm!(resolved_algorithm)
|
|
57
59
|
SecretKey.new(resolved_algorithm, bytes)
|
|
58
60
|
end
|
|
59
61
|
|
|
60
62
|
def details(algorithm)
|
|
61
|
-
DETAILS.fetch(
|
|
63
|
+
DETAILS.fetch(resolve_algorithm!(algorithm)).dup
|
|
62
64
|
end
|
|
63
65
|
|
|
64
66
|
def supported
|
|
@@ -67,7 +69,7 @@ module PQCrypto
|
|
|
67
69
|
|
|
68
70
|
private
|
|
69
71
|
|
|
70
|
-
def
|
|
72
|
+
def resolve_algorithm!(algorithm)
|
|
71
73
|
return algorithm if DETAILS.key?(algorithm)
|
|
72
74
|
|
|
73
75
|
raise UnsupportedAlgorithmError, "Unsupported signature algorithm: #{algorithm.inspect}"
|
|
@@ -114,27 +116,28 @@ module PQCrypto
|
|
|
114
116
|
|
|
115
117
|
def verify(message, signature)
|
|
116
118
|
PQCrypto.__send__(:native_verify, String(message).b, String(signature).b, @bytes)
|
|
117
|
-
rescue PQCrypto::VerificationError
|
|
118
|
-
false
|
|
119
119
|
rescue ArgumentError => e
|
|
120
120
|
raise InvalidKeyError, e.message
|
|
121
121
|
end
|
|
122
122
|
|
|
123
123
|
def verify!(message, signature)
|
|
124
|
-
|
|
125
|
-
raise PQCrypto::VerificationError, "Verification failed" unless ok
|
|
126
|
-
|
|
124
|
+
raise PQCrypto::VerificationError, "Verification failed" unless verify(message, signature)
|
|
127
125
|
true
|
|
128
126
|
end
|
|
129
127
|
|
|
130
128
|
def ==(other)
|
|
131
|
-
other.is_a?(PublicKey) && other.algorithm == algorithm
|
|
129
|
+
return false unless other.is_a?(PublicKey) && other.algorithm == algorithm
|
|
130
|
+
PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
|
|
132
131
|
end
|
|
133
132
|
|
|
134
133
|
alias eql? ==
|
|
135
134
|
|
|
136
135
|
def hash
|
|
137
|
-
|
|
136
|
+
fingerprint.hash
|
|
137
|
+
end
|
|
138
|
+
|
|
139
|
+
def fingerprint
|
|
140
|
+
Digest::SHA256.digest(@bytes)
|
|
138
141
|
end
|
|
139
142
|
|
|
140
143
|
private
|
|
@@ -178,13 +181,18 @@ module PQCrypto
|
|
|
178
181
|
end
|
|
179
182
|
|
|
180
183
|
def ==(other)
|
|
181
|
-
other.is_a?(SecretKey) && other.algorithm == algorithm
|
|
184
|
+
return false unless other.is_a?(SecretKey) && other.algorithm == algorithm
|
|
185
|
+
PQCrypto.__send__(:native_ct_equals, other.to_bytes, @bytes)
|
|
182
186
|
end
|
|
183
187
|
|
|
184
188
|
alias eql? ==
|
|
185
189
|
|
|
186
190
|
def hash
|
|
187
|
-
|
|
191
|
+
object_id.hash
|
|
192
|
+
end
|
|
193
|
+
|
|
194
|
+
def inspect
|
|
195
|
+
"#<#{self.class}:0x#{object_id.to_s(16)} algorithm=#{algorithm.inspect}>"
|
|
188
196
|
end
|
|
189
197
|
|
|
190
198
|
private
|
data/lib/pq_crypto/version.rb
CHANGED
data/lib/pq_crypto.rb
CHANGED
|
@@ -35,84 +35,53 @@ require_relative "pq_crypto/serialization"
|
|
|
35
35
|
module PQCrypto
|
|
36
36
|
SUITES = {
|
|
37
37
|
kem: [:ml_kem_768].freeze,
|
|
38
|
-
hybrid_kem: [:
|
|
38
|
+
hybrid_kem: [:ml_kem_768_x25519_xwing].freeze,
|
|
39
39
|
signature: [:ml_dsa_65].freeze,
|
|
40
40
|
}.freeze
|
|
41
41
|
|
|
42
|
-
NATIVE_EXTENSION_LOADED = true
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
:native_public_key_to_pqc_container_der,
|
|
82
|
-
:native_public_key_to_pqc_container_pem,
|
|
83
|
-
:native_secret_key_to_pqc_container_der,
|
|
84
|
-
:native_secret_key_to_pqc_container_pem,
|
|
85
|
-
:native_public_key_from_pqc_container_der,
|
|
86
|
-
:native_public_key_from_pqc_container_pem,
|
|
87
|
-
:native_secret_key_from_pqc_container_der,
|
|
88
|
-
:native_secret_key_from_pqc_container_pem,
|
|
89
|
-
:native_test_ml_kem_keypair_from_seed,
|
|
90
|
-
:native_test_ml_kem_encapsulate_from_seed,
|
|
91
|
-
:native_test_sign_keypair_from_seed,
|
|
92
|
-
:native_test_sign_from_seed,
|
|
93
|
-
:ml_kem_keypair,
|
|
94
|
-
:ml_kem_encapsulate,
|
|
95
|
-
:ml_kem_decapsulate,
|
|
96
|
-
:hybrid_kem_keypair,
|
|
97
|
-
:hybrid_kem_encapsulate,
|
|
98
|
-
:hybrid_kem_decapsulate,
|
|
99
|
-
:sign_keypair,
|
|
100
|
-
:sign,
|
|
101
|
-
:verify,
|
|
102
|
-
:public_key_to_pqc_container_der,
|
|
103
|
-
:public_key_to_pqc_container_pem,
|
|
104
|
-
:secret_key_to_pqc_container_der,
|
|
105
|
-
:secret_key_to_pqc_container_pem,
|
|
106
|
-
:public_key_from_pqc_container_der,
|
|
107
|
-
:public_key_from_pqc_container_pem,
|
|
108
|
-
:secret_key_from_pqc_container_der,
|
|
109
|
-
:secret_key_from_pqc_container_pem,
|
|
110
|
-
:__test_ml_kem_keypair_from_seed,
|
|
111
|
-
:__test_ml_kem_encapsulate_from_seed,
|
|
112
|
-
:__test_sign_keypair_from_seed,
|
|
113
|
-
:__test_sign_from_seed
|
|
42
|
+
NATIVE_EXTENSION_LOADED = true
|
|
43
|
+
|
|
44
|
+
module NativeBindings
|
|
45
|
+
NATIVE_METHODS = %i[
|
|
46
|
+
ml_kem_keypair
|
|
47
|
+
ml_kem_encapsulate
|
|
48
|
+
ml_kem_decapsulate
|
|
49
|
+
hybrid_kem_keypair
|
|
50
|
+
hybrid_kem_encapsulate
|
|
51
|
+
hybrid_kem_decapsulate
|
|
52
|
+
sign_keypair
|
|
53
|
+
sign
|
|
54
|
+
verify
|
|
55
|
+
ct_equals
|
|
56
|
+
secure_wipe
|
|
57
|
+
version
|
|
58
|
+
public_key_to_pqc_container_der
|
|
59
|
+
public_key_to_pqc_container_pem
|
|
60
|
+
secret_key_to_pqc_container_der
|
|
61
|
+
secret_key_to_pqc_container_pem
|
|
62
|
+
public_key_from_pqc_container_der
|
|
63
|
+
public_key_from_pqc_container_pem
|
|
64
|
+
secret_key_from_pqc_container_der
|
|
65
|
+
secret_key_from_pqc_container_pem
|
|
66
|
+
__test_ml_kem_keypair_from_seed
|
|
67
|
+
__test_ml_kem_encapsulate_from_seed
|
|
68
|
+
__test_sign_keypair_from_seed
|
|
69
|
+
__test_sign_from_seed
|
|
70
|
+
].freeze
|
|
71
|
+
|
|
72
|
+
class << PQCrypto
|
|
73
|
+
NativeBindings::NATIVE_METHODS.each do |name|
|
|
74
|
+
alias_name = :"native_#{name.to_s.sub(/\A__/, '')}"
|
|
75
|
+
next if private_method_defined?(alias_name)
|
|
76
|
+
alias_method alias_name, name
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
private(*NativeBindings::NATIVE_METHODS)
|
|
80
|
+
private(*NativeBindings::NATIVE_METHODS.map { |n| :"native_#{n.to_s.sub(/\A__/, '')}" })
|
|
114
81
|
end
|
|
82
|
+
end
|
|
115
83
|
|
|
84
|
+
class << self
|
|
116
85
|
def version
|
|
117
86
|
native_version
|
|
118
87
|
end
|
data/script/vendor_libs.rb
CHANGED
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pq_crypto
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Roman Haydarov
|
|
8
8
|
bindir: exe
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: rake
|
|
@@ -69,6 +69,7 @@ files:
|
|
|
69
69
|
- ext/pqcrypto/extconf.rb
|
|
70
70
|
- ext/pqcrypto/mldsa_api.h
|
|
71
71
|
- ext/pqcrypto/mlkem_api.h
|
|
72
|
+
- ext/pqcrypto/pq_randombytes.c
|
|
72
73
|
- ext/pqcrypto/pqcrypto_ruby_secure.c
|
|
73
74
|
- ext/pqcrypto/pqcrypto_secure.c
|
|
74
75
|
- ext/pqcrypto/pqcrypto_secure.h
|
|
@@ -85,7 +86,6 @@ files:
|
|
|
85
86
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SIMD256.c
|
|
86
87
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SnP.h
|
|
87
88
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-unrolling.macros
|
|
88
|
-
- ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile
|
|
89
89
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile.Microsoft_nmake
|
|
90
90
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/SIMD256-config.h
|
|
91
91
|
- ext/pqcrypto/vendor/pqclean/common/keccak4x/align.h
|
|
@@ -99,7 +99,6 @@ files:
|
|
|
99
99
|
- ext/pqcrypto/vendor/pqclean/common/sp800-185.c
|
|
100
100
|
- ext/pqcrypto/vendor/pqclean/common/sp800-185.h
|
|
101
101
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/LICENSE
|
|
102
|
-
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile
|
|
103
102
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile.Microsoft_nmake
|
|
104
103
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/api.h
|
|
105
104
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/cbd.c
|
|
@@ -122,7 +121,6 @@ files:
|
|
|
122
121
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.c
|
|
123
122
|
- ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.h
|
|
124
123
|
- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/LICENSE
|
|
125
|
-
- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile
|
|
126
124
|
- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile.Microsoft_nmake
|
|
127
125
|
- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/api.h
|
|
128
126
|
- ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/ntt.c
|
|
@@ -165,14 +163,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
165
163
|
requirements:
|
|
166
164
|
- - ">="
|
|
167
165
|
- !ruby/object:Gem::Version
|
|
168
|
-
version: 3.4.0
|
|
166
|
+
version: 3.4.0
|
|
169
167
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
170
168
|
requirements:
|
|
171
169
|
- - ">="
|
|
172
170
|
- !ruby/object:Gem::Version
|
|
173
171
|
version: '0'
|
|
174
172
|
requirements: []
|
|
175
|
-
rubygems_version: 3.6.
|
|
173
|
+
rubygems_version: 3.6.7
|
|
176
174
|
specification_version: 4
|
|
177
175
|
summary: Primitive-first post-quantum cryptography for Ruby
|
|
178
176
|
test_files: []
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
# This Makefile can be used with GNU Make or BSD Make
|
|
2
|
-
|
|
3
|
-
LIB=libml-kem-768_clean.a
|
|
4
|
-
HEADERS=api.h cbd.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h symmetric.h verify.h
|
|
5
|
-
OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o reduce.o symmetric-shake.o verify.o
|
|
6
|
-
|
|
7
|
-
CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
|
|
8
|
-
|
|
9
|
-
all: $(LIB)
|
|
10
|
-
|
|
11
|
-
%.o: %.c $(HEADERS)
|
|
12
|
-
$(CC) $(CFLAGS) -c -o $@ $<
|
|
13
|
-
|
|
14
|
-
$(LIB): $(OBJECTS)
|
|
15
|
-
$(AR) -r $@ $(OBJECTS)
|
|
16
|
-
|
|
17
|
-
clean:
|
|
18
|
-
$(RM) $(OBJECTS)
|
|
19
|
-
$(RM) $(LIB)
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
# This Makefile can be used with GNU Make or BSD Make
|
|
2
|
-
|
|
3
|
-
LIB=libml-dsa-65_clean.a
|
|
4
|
-
HEADERS=api.h ntt.h packing.h params.h poly.h polyvec.h reduce.h rounding.h sign.h symmetric.h
|
|
5
|
-
OBJECTS=ntt.o packing.o poly.o polyvec.o reduce.o rounding.o sign.o symmetric-shake.o
|
|
6
|
-
|
|
7
|
-
CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
|
|
8
|
-
|
|
9
|
-
all: $(LIB)
|
|
10
|
-
|
|
11
|
-
%.o: %.c $(HEADERS)
|
|
12
|
-
$(CC) $(CFLAGS) -c -o $@ $<
|
|
13
|
-
|
|
14
|
-
$(LIB): $(OBJECTS)
|
|
15
|
-
$(AR) -r $@ $(OBJECTS)
|
|
16
|
-
|
|
17
|
-
clean:
|
|
18
|
-
$(RM) $(OBJECTS)
|
|
19
|
-
$(RM) $(LIB)
|