sha3 2.2.0 → 2.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0352e31c9fba5b6e692cca78be1860cccf6a008717738ecbea414d83d195b588
-  data.tar.gz: 24f543cfcb6b2d477182912a65b54a09cce5209dcfe6c8dbeec22c3992296cec
+  metadata.gz: d5da48a8f70ea2746484300e05125b21ab1fcd5837d0f194d8b12fac46a46602
+  data.tar.gz: 7be8cf46c2e1e4bc38dedb64b25654f70806d6c761427b062c171bf0df359caa
 SHA512:
-  metadata.gz: a947dc104fa08b9199ed307fd43b3bee24143561aaa9665b4c6dd6a0d20ddbf69194b4eb96b845fd0974dc68d2133d024157c754f5e2835ec6161958df343caa
-  data.tar.gz: 4dd184e53262a9ec71eaf56bf80a295e8d3b691b736333834e5ae9e416df65bbea4ca10c20cc4c22e429bb6ffc97debda126b59bd50f23d732b079c3418b2653
+  metadata.gz: 57e70a0c38eb04f0aab1fe81f0c3ee60a6eb2bc7ea6c6f2e57f8712f23084139bd4a494cde70ad99eca7e20fe1534adb7f91b9986a4ad31ac1127ffa4a115d07
+  data.tar.gz: 0b7cdd43dc7167e3e92f4ec2adfb947c00f0b8827aaaeafb9383213bdd1bc09771c0b17efec3d28667b1bb383646f006360496abf3dfd43a2a6cd54f8e1dd4c2

data/ext/sha3/cshake.c

@@ -42,10 +42,9 @@ static ID _cshake_256_id;
 static const rb_data_type_t sha3_cshake_data_type = {
     "SHA3::CSHAKE",
     {
-        NULL,
-        sha3_cshake_free_context,  // Use our free function directly
-        sha3_cshake_context_size,  /* We'll do our own size calculation */
-        NULL,                      /* dcompact field */
+        NULL, sha3_cshake_free_context,  // Use our free function directly
+        sha3_cshake_context_size,        /* We'll do our own size calculation */
+        NULL,                            /* dcompact field */
     },
     NULL,
     NULL,
@@ -179,8 +178,8 @@ static VALUE rb_sha3_cshake_init(int argc, VALUE *argv, VALUE self) {
         rb_intern("customization"),
     };
 
-    VALUE values[3];
-    rb_get_kwargs(keywords, table, 0, 3, values);
+    VALUE values[2];
+    rb_get_kwargs(keywords, table, 0, 2, values);
 
     VALUE name_str = values[0] == Qundef ? rb_str_new2("") : values[0];
     StringValue(name_str);
@@ -196,18 +195,24 @@ static VALUE rb_sha3_cshake_init(int argc, VALUE *argv, VALUE self) {
     context->base.error_class = _sha3_cshake_error_class;
 
     // Find the appropriate function table based on the algorithm
+    sp800_185_algorithm_t alg_type;
     if (algorithm == ID2SYM(_cshake_128_id)) {
-        context->base.functions = &sp800_185_functions[SP800_185_CSHAKE_128];
+        alg_type = SP800_185_CSHAKE_128;
     } else if (algorithm == ID2SYM(_cshake_256_id)) {
-        context->base.functions = &sp800_185_functions[SP800_185_CSHAKE_256];
+        alg_type = SP800_185_CSHAKE_256;
     } else {
         rb_raise(rb_eArgError, "invalid algorithm: %s", rb_id2name(SYM2ID(algorithm)));
     }
 
-    // Initialize the state using the function table
-    int result = context->base.functions->cshake.init(
-        context->base.state, context->base.output_length, (BitSequence *)RSTRING_PTR(name_str),
-        RSTRING_LEN(name_str) * 8, (BitSequence *)RSTRING_PTR(customization), RSTRING_LEN(customization) * 8);
+    context->base.functions = sp800_185_get_algorithm(alg_type);
+    if (!context->base.functions) {
+        rb_raise(_sha3_cshake_error_class, "algorithm not available");
+    }
+
+    // Initialize using the safe accessor function
+    int result = sp800_185_init_cshake(context->base.functions, context->base.state, context->base.output_length,
+                                       (BitSequence *)RSTRING_PTR(name_str), RSTRING_LEN(name_str) * 8,
+                                       (BitSequence *)RSTRING_PTR(customization), RSTRING_LEN(customization) * 8);
 
     if (result != 0) {
         rb_raise(_sha3_cshake_error_class, "failed to initialize %s algorithm", context->base.functions->name);

data/ext/sha3/cshake.h

@@ -1,7 +1,7 @@
 // Copyright (c) 2012 - 2025 Johanns Gregorian <io+sha3@jsg.io>
 
-#ifndef _SHA3_CSHAKE_H
-#define _SHA3_CSHAKE_H
+#ifndef _SHA3_CSHAKE_H_
+#define _SHA3_CSHAKE_H_
 
 #ifdef __cplusplus
 extern "C" {
@@ -14,4 +14,4 @@ void Init_sha3_cshake(void);
 }
 #endif
 
-#endif /* SHA3_CSHAKE_H */
+#endif /* _SHA3_CSHAKE_H_ */

data/ext/sha3/kmac.c

@@ -70,18 +70,15 @@ void Init_sha3_kmac(void) {
     /*
      * Document-class: SHA3::KMAC
      *
-     * It is a subclass of the Digest::Class class, which provides a framework for
-     * creating and manipulating hash digests.
+     * KMAC (Keccak Message Authentication Code) is a MAC algorithm based on the Keccak permutation.
+     * It is defined in NIST SP800-185 and provides both fixed-length and XOF (arbitrary-length) output modes.
      */
     _sha3_kmac_class = rb_define_class_under(_sha3_module, "KMAC", rb_cObject);
 
     /*
-     * Document-class: SHA3::KMAC::KMACError
+     * Document-class: SHA3::KMAC::Error
      *
      * All KMAC methods raise this exception on error.
-     *
-     * It is a subclass of the StandardError class -- see the Ruby documentation
-     * for more information.
      */
     _sha3_kmac_error_class = rb_define_class_under(_sha3_kmac_class, "Error", rb_eStandardError);
 
@@ -190,21 +187,28 @@ static VALUE rb_sha3_kmac_init(int argc, VALUE *argv, VALUE self) {
 
     // Find the appropriate function table based on the algorithm
     ID sym_id = SYM2ID(algorithm);
+    sp800_185_algorithm_t alg_type;
+
     if (sym_id == _kmac_128_id) {
-        context->base.functions = &sp800_185_functions[SP800_185_KMAC_128];
+        alg_type = SP800_185_KMAC_128;
     } else if (sym_id == _kmac_256_id) {
-        context->base.functions = &sp800_185_functions[SP800_185_KMAC_256];
+        alg_type = SP800_185_KMAC_256;
     } else {
         rb_raise(rb_eArgError, "invalid algorithm: %s", rb_id2name(sym_id));
     }
 
-    // Initialize the KMAC instance
+    context->base.functions = sp800_185_get_algorithm(alg_type);
+    if (!context->base.functions) {
+        rb_raise(_sha3_kmac_error_class, "algorithm not available: %s", rb_id2name(sym_id));
+    }
+
+    // Initialize using the safe accessor function
     size_t key_len = RSTRING_LEN(key) * 8;
     size_t customization_len = RSTRING_LEN(customization) * 8;
 
-    int result = context->base.functions->kmac.init(context->base.state, (const BitSequence *)RSTRING_PTR(key), key_len,
-                                                    context->base.output_length,
-                                                    (const BitSequence *)RSTRING_PTR(customization), customization_len);
+    int result = sp800_185_init_kmac(context->base.functions, context->base.state,
+                                     (const BitSequence *)RSTRING_PTR(key), key_len, context->base.output_length,
+                                     (const BitSequence *)RSTRING_PTR(customization), customization_len);
 
     if (result != 0) {
         rb_raise(_sha3_kmac_error_class, "failed to initialize %s", context->base.functions->name);

data/ext/sha3/kmac.h

@@ -1,3 +1,5 @@
+// Copyright (c) 2012 - 2025 Johanns Gregorian <io+sha3@jsg.io>
+
 #ifndef _SHA3_KMAC_H_
 #define _SHA3_KMAC_H_
 
@@ -5,10 +7,11 @@
 extern "C" {
 #endif
 
-extern void Init_sha3_kmac(void);
+/* Function prototypes */
+void Init_sha3_kmac(void);
 
 #ifdef __cplusplus
 }
 #endif
 
-#endif  // _SHA3_KMAC_H_
+#endif /* _SHA3_KMAC_H_ */

data/ext/sha3/sp800_185.c

@@ -1,36 +1,76 @@
 #include "sp800_185.h"
 
-#include "sha3.h"
+/* Wrapper functions for consistent interface */
+static int cshake128_init_wrapper(void *state, void *params) {
+    cshake_init_params_t *p = (cshake_init_params_t *)params;
+    return cSHAKE128_Initialize(state, p->capacity, p->N, p->NLen, p->S, p->SLen);
+}
+
+static int cshake256_init_wrapper(void *state, void *params) {
+    cshake_init_params_t *p = (cshake_init_params_t *)params;
+    return cSHAKE256_Initialize(state, p->capacity, p->N, p->NLen, p->S, p->SLen);
+}
+
+static int kmac128_init_wrapper(void *state, void *params) {
+    kmac_init_params_t *p = (kmac_init_params_t *)params;
+    return KMAC128_Initialize(state, p->key, p->keyBitLen, p->outputBitLen, p->customization, p->customBitLen);
+}
+
+static int kmac256_init_wrapper(void *state, void *params) {
+    kmac_init_params_t *p = (kmac_init_params_t *)params;
+    return KMAC256_Initialize(state, p->key, p->keyBitLen, p->outputBitLen, p->customization, p->customBitLen);
+}
 
 /*** Function table for SP800-185 algorithms ***/
 sp800_185_function_table_t sp800_185_functions[] = {{.algorithm = SP800_185_CSHAKE_128,
                                                      .name = "CSHAKE128",
                                                      .state_size = sizeof(cSHAKE_Instance),
-                                                     .cshake = {.init = (sp800_185_init_fn)cSHAKE128_Initialize,
-                                                                .update = (sp800_185_update_fn)cSHAKE128_Update,
-                                                                .final = (sp800_185_final_fn)cSHAKE128_Final,
-                                                                .squeeze = (sp800_185_squeeze_fn)cSHAKE128_Squeeze}},
+                                                     .is_keyed = false,
+                                                     .init = cshake128_init_wrapper,
+                                                     .update = (sp800_185_update_fn)cSHAKE128_Update,
+                                                     .final = (sp800_185_final_fn)cSHAKE128_Final,
+                                                     .squeeze = (sp800_185_squeeze_fn)cSHAKE128_Squeeze},
                                                     {.algorithm = SP800_185_CSHAKE_256,
                                                      .name = "CSHAKE256",
                                                      .state_size = sizeof(cSHAKE_Instance),
-                                                     .cshake = {.init = (sp800_185_init_fn)cSHAKE256_Initialize,
-                                                                .update = (sp800_185_update_fn)cSHAKE256_Update,
-                                                                .final = (sp800_185_final_fn)cSHAKE256_Final,
-                                                                .squeeze = (sp800_185_squeeze_fn)cSHAKE256_Squeeze}},
+                                                     .is_keyed = false,
+                                                     .init = cshake256_init_wrapper,
+                                                     .update = (sp800_185_update_fn)cSHAKE256_Update,
+                                                     .final = (sp800_185_final_fn)cSHAKE256_Final,
+                                                     .squeeze = (sp800_185_squeeze_fn)cSHAKE256_Squeeze},
                                                     {.algorithm = SP800_185_KMAC_128,
                                                      .name = "KMAC128",
                                                      .state_size = sizeof(KMAC_Instance),
-                                                     .kmac = {.init = (sp800_185_init_key_fn)KMAC128_Initialize,
-                                                              .update = (sp800_185_update_fn)KMAC128_Update,
-                                                              .final = (sp800_185_final_fn)KMAC128_Final,
-                                                              .squeeze = (sp800_185_squeeze_fn)KMAC128_Squeeze}},
+                                                     .is_keyed = true,
+                                                     .init = kmac128_init_wrapper,
+                                                     .update = (sp800_185_update_fn)KMAC128_Update,
+                                                     .final = (sp800_185_final_fn)KMAC128_Final,
+                                                     .squeeze = (sp800_185_squeeze_fn)KMAC128_Squeeze},
                                                     {.algorithm = SP800_185_KMAC_256,
                                                      .name = "KMAC256",
                                                      .state_size = sizeof(KMAC_Instance),
-                                                     .kmac = {.init = (sp800_185_init_key_fn)KMAC256_Initialize,
-                                                              .update = (sp800_185_update_fn)KMAC256_Update,
-                                                              .final = (sp800_185_final_fn)KMAC256_Final,
-                                                              .squeeze = (sp800_185_squeeze_fn)KMAC256_Squeeze}}};
+                                                     .is_keyed = true,
+                                                     .init = kmac256_init_wrapper,
+                                                     .update = (sp800_185_update_fn)KMAC256_Update,
+                                                     .final = (sp800_185_final_fn)KMAC256_Final,
+                                                     .squeeze = (sp800_185_squeeze_fn)KMAC256_Squeeze}};
+
+/* Algorithm lookup functions */
+const sp800_185_function_table_t *sp800_185_get_algorithm(sp800_185_algorithm_t algorithm) {
+    if (algorithm >= SP800_185_CSHAKE_128 && algorithm <= SP800_185_KMAC_256) {
+        return &sp800_185_functions[algorithm];
+    }
+    return NULL;
+}
+
+const sp800_185_function_table_t *sp800_185_get_algorithm_by_name(const char *name) {
+    for (size_t i = 0; i < sizeof(sp800_185_functions) / sizeof(sp800_185_functions[0]); i++) {
+        if (strcmp(sp800_185_functions[i].name, name) == 0) {
+            return &sp800_185_functions[i];
+        }
+    }
+    return NULL;
+}
 
 // Generic context allocation function
 sp800_185_context_t *sp800_185_alloc_context(size_t context_size, size_t state_size) {
@@ -94,21 +134,7 @@ VALUE sp800_185_update(sp800_185_context_t *context, VALUE data) {
     // Use the function table to call the appropriate update function
     int result;
 
-    // KMAC, cSHAKE, and ParallelHash share the same update function signature
-    switch (context->functions->algorithm) {
-        case SP800_185_CSHAKE_128:
-        case SP800_185_CSHAKE_256:
-            result =
-                context->functions->cshake.update(context->state, (const BitSequence *)RSTRING_PTR(data), data_len);
-            break;
-        case SP800_185_KMAC_128:
-        case SP800_185_KMAC_256:
-            result = context->functions->kmac.update(context->state, (const BitSequence *)RSTRING_PTR(data), data_len);
-            break;
-        default:
-            rb_raise(context->error_class, "unknown algorithm");
-            return Qnil;
-    }
+    result = context->functions->update(context->state, (const BitSequence *)RSTRING_PTR(data), data_len);
 
     if (result != 0) {
         rb_raise(context->error_class, "failed to update %s state", context->functions->name);
@@ -129,19 +155,7 @@ VALUE sp800_185_finish(sp800_185_context_t *context, VALUE output) {
     // Use the function table to call the appropriate final function
     int result;
 
-    switch (context->functions->algorithm) {
-        case SP800_185_CSHAKE_128:
-        case SP800_185_CSHAKE_256:
-            result = context->functions->cshake.final(context->state, (BitSequence *)RSTRING_PTR(output));
-            break;
-        case SP800_185_KMAC_128:
-        case SP800_185_KMAC_256:
-            result = context->functions->kmac.final(context->state, (BitSequence *)RSTRING_PTR(output));
-            break;
-        default:
-            rb_raise(context->error_class, "unknown algorithm");
-            return Qnil;
-    }
+    result = context->functions->final(context->state, (BitSequence *)RSTRING_PTR(output));
 
     if (result != 0) {
         rb_raise(context->error_class, "failed to finalize %s state", context->functions->name);
@@ -173,22 +187,7 @@ VALUE sp800_185_digest(sp800_185_context_t *context, VALUE data) {
         size_t data_len = (RSTRING_LEN(data) * 8);
 
         if (data_len > 0) {
-            switch (context->functions->algorithm) {
-                case SP800_185_CSHAKE_128:
-                case SP800_185_CSHAKE_256:
-                    result =
-                        context->functions->cshake.update(state_copy, (const BitSequence *)RSTRING_PTR(data), data_len);
-                    break;
-                case SP800_185_KMAC_128:
-                case SP800_185_KMAC_256:
-                    result =
-                        context->functions->kmac.update(state_copy, (const BitSequence *)RSTRING_PTR(data), data_len);
-                    break;
-                default:
-                    free(state_copy);
-                    rb_raise(context->error_class, "unknown algorithm");
-                    return Qnil;
-            }
+            result = context->functions->update(state_copy, (const BitSequence *)RSTRING_PTR(data), data_len);
 
             if (result != 0) {
                 free(state_copy);
@@ -200,20 +199,7 @@ VALUE sp800_185_digest(sp800_185_context_t *context, VALUE data) {
     // Prepare output and finalize
     VALUE output = rb_str_new(0, context->output_length / 8);
 
-    switch (context->functions->algorithm) {
-        case SP800_185_CSHAKE_128:
-        case SP800_185_CSHAKE_256:
-            result = context->functions->cshake.final(state_copy, (BitSequence *)RSTRING_PTR(output));
-            break;
-        case SP800_185_KMAC_128:
-        case SP800_185_KMAC_256:
-            result = context->functions->kmac.final(state_copy, (BitSequence *)RSTRING_PTR(output));
-            break;
-        default:
-            free(state_copy);
-            rb_raise(context->error_class, "unknown algorithm");
-            return Qnil;
-    }
+    result = context->functions->final(state_copy, (BitSequence *)RSTRING_PTR(output));
 
     free(state_copy);
 
@@ -256,20 +242,7 @@ VALUE sp800_185_squeeze(sp800_185_context_t *context, VALUE length) {
     VALUE dummy_output = rb_str_new(0, 0);
     int result;
 
-    switch (context->functions->algorithm) {
-        case SP800_185_CSHAKE_128:
-        case SP800_185_CSHAKE_256:
-            result = context->functions->cshake.final(state_copy, (BitSequence *)RSTRING_PTR(dummy_output));
-            break;
-        case SP800_185_KMAC_128:
-        case SP800_185_KMAC_256:
-            result = context->functions->kmac.final(state_copy, (BitSequence *)RSTRING_PTR(dummy_output));
-            break;
-        default:
-            free(state_copy);
-            rb_raise(context->error_class, "unknown algorithm");
-            return Qnil;
-    }
+    result = context->functions->final(state_copy, (BitSequence *)RSTRING_PTR(dummy_output));
 
     if (result != 0) {
         free(state_copy);
@@ -280,21 +253,7 @@ VALUE sp800_185_squeeze(sp800_185_context_t *context, VALUE length) {
     str = rb_str_new(0, output_byte_len);
 
     // Use the function table to call the appropriate squeeze function
-    switch (context->functions->algorithm) {
-        case SP800_185_CSHAKE_128:
-        case SP800_185_CSHAKE_256:
-            result =
-                context->functions->cshake.squeeze(state_copy, (BitSequence *)RSTRING_PTR(str), output_byte_len * 8);
-            break;
-        case SP800_185_KMAC_128:
-        case SP800_185_KMAC_256:
-            result = context->functions->kmac.squeeze(state_copy, (BitSequence *)RSTRING_PTR(str), output_byte_len * 8);
-            break;
-        default:
-            free(state_copy);
-            rb_raise(context->error_class, "unknown algorithm");
-            return Qnil;
-    }
+    result = context->functions->squeeze(state_copy, (BitSequence *)RSTRING_PTR(str), output_byte_len * 8);
 
     free(state_copy);
 

data/ext/sha3/sp800_185.h

@@ -3,6 +3,7 @@
 
 #include <ruby.h>
 #include <ruby/thread.h>
+#include <stdbool.h>
 
 #include "KeccakHash.h"
 #include "SP800-185.h"
@@ -11,6 +12,12 @@
 extern "C" {
 #endif
 
+/* Forward declarations for types from Keccak if not already defined */
+#ifndef KECCAK_TYPES_DEFINED
+typedef unsigned char BitSequence;
+typedef size_t BitLength;
+#endif
+
 /* SP800-185 algorithm family */
 typedef enum {
     SP800_185_CSHAKE_128 = 0,
@@ -20,37 +27,49 @@ typedef enum {
 } sp800_185_algorithm_t;
 
 /* Common function pointer typedefs for SP800-185 algorithms */
-typedef int (*sp800_185_init_fn)(void *state, size_t capacity, const BitSequence *N, size_t NLen, const BitSequence *S,
-                                 size_t SLen);
-
-typedef int (*sp800_185_init_key_fn)(void *state, const BitSequence *key, BitLength keyBitLen, BitLength outputBitLen,
-                                     const BitSequence *customization, BitLength customBitLen);
-
 typedef int (*sp800_185_update_fn)(void *state, const BitSequence *data, size_t dataLen);
 typedef int (*sp800_185_final_fn)(void *state, BitSequence *output);
 typedef int (*sp800_185_squeeze_fn)(void *state, BitSequence *output, size_t outputLen);
 
-/* Function table for SP800-185 algorithm operations */
+/* Error codes for SP800-185 operations */
+typedef enum {
+    SP800_185_SUCCESS = 0,
+    SP800_185_ERROR_INVALID_ALGORITHM = -1,
+    SP800_185_ERROR_INVALID_PARAMS = -2,
+    SP800_185_ERROR_INIT_FAILED = -3,
+    SP800_185_ERROR_INVALID_STATE = -4
+} sp800_185_error_t;
+
+/* Parameter structures for different algorithms */
+typedef struct {
+    size_t capacity;
+    const BitSequence *N;
+    size_t NLen;
+    const BitSequence *S;
+    size_t SLen;
+} cshake_init_params_t;
+
+typedef struct {
+    const BitSequence *key;
+    BitLength keyBitLen;
+    BitLength outputBitLen;
+    const BitSequence *customization;
+    BitLength customBitLen;
+} kmac_init_params_t;
+
 typedef struct {
     sp800_185_algorithm_t algorithm;
     const char *name;
     size_t state_size;
+    bool is_keyed; /* true for KMAC, false for CSHAKE */
 
-    union {
-        struct {
-            sp800_185_init_fn init;
-            sp800_185_update_fn update;
-            sp800_185_final_fn final;
-            sp800_185_squeeze_fn squeeze;
-        } cshake;
-
-        struct {
-            sp800_185_init_key_fn init;
-            sp800_185_update_fn update;
-            sp800_185_final_fn final;
-            sp800_185_squeeze_fn squeeze;
-        } kmac;
-    };
+    /* All algorithms use these same signatures */
+    sp800_185_update_fn update;
+    sp800_185_final_fn final;
+    sp800_185_squeeze_fn squeeze;
+
+    /* Generic initialization - let the caller handle parameter differences */
+    int (*init)(void *state, void *params);
 } sp800_185_function_table_t;
 
 /* Base context structure for SP800-185 algorithms */
@@ -64,6 +83,34 @@ typedef struct {
 /* Global variables */
 extern sp800_185_function_table_t sp800_185_functions[];
 
+/* Algorithm lookup functions */
+const sp800_185_function_table_t *sp800_185_get_algorithm(sp800_185_algorithm_t algorithm);
+const sp800_185_function_table_t *sp800_185_get_algorithm_by_name(const char *name);
+
+/* Safe accessor functions for algorithm-specific operations */
+static inline int sp800_185_init_cshake(const sp800_185_function_table_t *table, void *state, size_t capacity,
+                                        const BitSequence *N, size_t NLen, const BitSequence *S, size_t SLen) {
+    if (!table || table->is_keyed) {
+        return SP800_185_ERROR_INVALID_ALGORITHM;
+    }
+    cshake_init_params_t params = {capacity, N, NLen, S, SLen};
+    return table->init(state, &params);
+}
+
+static inline int sp800_185_init_kmac(const sp800_185_function_table_t *table, void *state, const BitSequence *key,
+                                      BitLength keyBitLen, BitLength outputBitLen, const BitSequence *customization,
+                                      BitLength customBitLen) {
+    if (!table || !table->is_keyed) {
+        return SP800_185_ERROR_INVALID_ALGORITHM;
+    }
+    kmac_init_params_t params = {key, keyBitLen, outputBitLen, customization, customBitLen};
+    return table->init(state, &params);
+}
+
+/* Validation and utility functions */
+bool sp800_185_validate_table(const sp800_185_function_table_t *table);
+const char *sp800_185_algorithm_name(sp800_185_algorithm_t algorithm);
+
 extern sp800_185_context_t *sp800_185_alloc_context(size_t, size_t);
 extern size_t sp800_185_context_size(const sp800_185_context_t *, size_t);
 extern void sp800_185_free_context(sp800_185_context_t *);
@@ -77,16 +124,6 @@ VALUE sp800_185_squeeze(sp800_185_context_t *context, VALUE length);
 VALUE sp800_185_hex_squeeze(sp800_185_context_t *context, VALUE length);
 const char *sp800_185_name(sp800_185_context_t *context);
 
-// Macro to define common Ruby methods
-#define DEFINE_SP800_185_METHOD(name) static VALUE rb_sp800_185_##name(int argc, VALUE *argv, VALUE self);
-
-DEFINE_SP800_185_METHOD(update)
-DEFINE_SP800_185_METHOD(finish)
-DEFINE_SP800_185_METHOD(digest)
-DEFINE_SP800_185_METHOD(hexdigest)
-DEFINE_SP800_185_METHOD(squeeze)
-DEFINE_SP800_185_METHOD(hex_squeeze)
-
 #ifdef __cplusplus
 }
 #endif

data/lib/constants.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module SHA3
-  VERSION = '2.2.0'
+  VERSION = '2.2.2'
 end

data/sha3.gemspec

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require_relative 'lib/constants'
+
+Gem::Specification.new do |spec|
+  spec.name = 'sha3'
+  spec.version = SHA3::VERSION
+
+  spec.authors = ['Johanns Gregorian']
+  spec.email = ['io+sha3@jsg.io']
+
+  spec.description = <<~EOF
+    A high-performance native binding to the SHA3 (FIPS 202) cryptographic hashing algorithms, based on the XKCP - eXtended Keccak Code Package.
+    This gem provides support for the standard SHA-3 fixed-length functions (224, 256, 384, and 512 bits),
+    as well as the SHAKE128/SHAKE256 extendable-output functions (XOFs), cSHAKE128/256, and KMAC as specified in NIST SP 800-185.'
+  EOF
+  spec.summary = 'SHA-3 (FIPS 202), SHAKE128/SHAKE256, cSHAKE128/cSHAKE256, and KMAC (NIST SP 800-185), powered by XKCP.'
+
+  spec.homepage = 'https://github.com/johanns/sha3'
+  spec.license = 'MIT'
+  spec.required_ruby_version = '>= 2.7.0'
+
+  spec.metadata['changelog_uri'] = "#{spec.homepage}/CHANGELOG.md"
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['documentation_uri'] = 'https://docs.jsg.io/sha3/index.html'
+
+  spec.post_install_message = <<-EOF
+    [NOTICE] SHA3 version 2.0 introduces breaking changes to the API.
+    Please review the changelog and ensure compatibility with your application.
+    If you need the previous behavior, lock your Gemfile to version '~> 1.0'."
+  EOF
+
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git))})
+    end
+  end
+
+  spec.extensions = ['ext/sha3/extconf.rb']
+  spec.metadata['rubygems_mfa_required'] = 'true'
+
+  spec.cert_chain = ['certs/io+sha3@jsg.io.pem']
+  spec.signing_key = File.expand_path('~/.ssh/gem-private_key.pem') if $PROGRAM_NAME =~ /gem\z/
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sha3
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.2.2
 platform: ruby
 authors:
 - Johanns Gregorian
@@ -34,7 +34,7 @@ cert_chain:
   UjZtrp/rHLfHln46RvB+a1NlMRWxtJ7mQc/CMEbT+cpHlzuYa9qGakA4TmMpK10h
   uYUv/V6CD4iTEMby0dopwHt5NqE=
   -----END CERTIFICATE-----
-date: 2025-03-20 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies: []
 description: |
   A high-performance native binding to the SHA3 (FIPS 202) cryptographic hashing algorithms, based on the XKCP - eXtended Keccak Code Package.
@@ -103,6 +103,7 @@ files:
 - ext/sha3/sp800_185.h
 - lib/constants.rb
 - lib/sha3.rb
+- sha3.gemspec
 homepage: https://github.com/johanns/sha3
 licenses:
 - MIT
@@ -129,7 +130,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 3.6.9
 specification_version: 4
 summary: SHA-3 (FIPS 202), SHAKE128/SHAKE256, cSHAKE128/cSHAKE256, and KMAC (NIST
   SP 800-185), powered by XKCP.