Crate oxicrypto 

oxicrypto – Pure Rust cryptography facade for the OxiCrypto stack.

Feature flags

Flag	Default	Description
pure	on	Enables all pure-Rust sub-crates (hash, aead, mac, sig, kex, kdf, rand).
std	off	Propagates std features to subcrates.
simd	off	Enables explicit runtime CPU-feature detection (AES-NI, SHA-NI, AVX2, NEON). Exposes oxicrypto::simd::cpu_info(). The underlying RustCrypto crates already perform runtime dispatch via cpufeatures internally; this flag makes it visible and testable.
pq-preview	off	Post-quantum preview: ML-KEM (FIPS 203) + ML-DSA (FIPS 204).

With default-features = false on this crate, only the trait surface from oxicrypto-core is available; no algorithm implementations are included.

Runtime feature introspection

Use enabled_features() at runtime to see which features were compiled in. Use available_algorithms() to enumerate all algorithms available in the current build.

Feature flag algorithm matrix

Feature	Algorithms
pure (default)	AES-GCM-128/256, ChaCha20-Poly1305, AES-CCM-128/256, AES-GCM-SIV-128/256, XChaCha20-Poly1305, AES Key Wrap 128/256; HMAC-SHA2-256/384/512, HMAC-SHA3-256/512, CMAC-AES128/256, KMAC128/256, Poly1305; SHA-256/384/512, SHA3-256/384/512, BLAKE3; Ed25519, Ed448, ECDSA P-256/384/521, RSA PKCS1v15/PSS (SHA-256/384/512); X25519, ECDH P-256/384/521; HKDF-SHA256/384/512, Argon2id, PBKDF2-SHA256/512, scrypt
pq-preview	ML-KEM-512/768/1024 (FIPS 203), ML-DSA-44/65/87 (FIPS 204), SLH-DSA (all 10 param sets — SHA2/SHAKE × 128s/128f/192s/192f/256s/256f, FIPS 205), X-Wing hybrid KEM
simd	Explicit runtime SIMD dispatch via simd::cpu_info() (AES-NI, SHA-NI, AVX2, NEON)
std	Propagates std feature to all sub-crates (thread-local RNG, etc.)

Re-exports

pub use version::available_algorithms;

pub use version::enabled_features;

pub use version::version;

pub use version::Suite;

pub use version::VersionInfo;

pub use algo::*;

Modules

algo

Algorithm selector enums and factory functions.

cipher

Raw single-block / stream cipher primitives (AES-ECB block, ChaCha20 keystream) used by QUIC header protection (RFC 9001 §5.4). These are low-level building blocks, distinct from the authenticated AEAD ciphers.

hpke

Hybrid Public Key Encryption (HPKE) — RFC 9180.

prelude

Convenient re-exports of the most commonly used traits and enums.

version

Version information and algorithm enumeration for the oxicrypto facade.

Structs

AesGcmSiv128

AES-128-GCM-SIV authenticated encryption (misuse-resistant).

AesGcmSiv256

AES-256-GCM-SIV authenticated encryption (misuse-resistant).

Argon2Params

Parameters for Argon2id key derivation.

Argon2idStretchParams

Parameters for the Argon2id stretching backend.

BalloonHasher

A Balloon password hasher bundling its variant and cost parameters.

BalloonParams

Cost parameters for Balloon hashing.

BalloonStretchParams

Parameters for the Balloon-SHA-256 stretching backend.

Deoxys2_128

Deoxys-II-128-128 authenticated encryption (nonce-misuse resistant).

EcdhP256

ECDH key agreement over NIST P-256 (secp256r1).

EcdhP384

ECDH key agreement over NIST P-384 (secp384r1).

EcdsaP256Signer

ECDSA P-256 signing key.

EcdsaP256Verifier

ECDSA P-256 verifying key.

EcdsaP384Signer

ECDSA P-384 signing key.

EcdsaP384Verifier

ECDSA P-384 verifying key.

EcdsaP521Signer

ECDSA P-521 signing key.

EcdsaP521Verifier

ECDSA P-521 verifying key.

Ed448SigningKey

Ed448 signing key.

Ed448VerifyingKey

Ed448 verifying key.

HashBuilder

Fluent builder producing a boxed one-shot Hash instance.

HkdfSha384

HKDF-SHA-384 key derivation function.

HmacSha384

HMAC-SHA-384 message authentication code (48-byte tag).

KeyPair

A generic key pair bundling a secret key and its corresponding public key.

ParallelHash128

ParallelHash128 configured with a block size and customization string.

ParallelHash256

ParallelHash256 configured with a block size and customization string.

Pbkdf2StretchParams

Parameters for the PBKDF2-HMAC-SHA-256 stretching backend.

RsaPkcs1v15Sha256Signer

RSA PKCS#1 v1.5 signing key parameterised with SHA-256.

RsaPkcs1v15Sha256Verifier

RSA PKCS#1 v1.5 verifying key parameterised with SHA-256.

RsaPkcs1v15Sha384Signer

RSA PKCS#1 v1.5 signing key parameterised with SHA-384.

RsaPkcs1v15Sha384Verifier

RSA PKCS#1 v1.5 verifying key parameterised with SHA-384.

RsaPkcs1v15Sha512Signer

RSA PKCS#1 v1.5 signing key parameterised with SHA-512.

RsaPkcs1v15Sha512Verifier

RSA PKCS#1 v1.5 verifying key parameterised with SHA-512.

RsaPssSha256Signer

RSA-PSS signing key parameterised with SHA-256.

RsaPssSha256Verifier

RSA-PSS verifying key parameterised with SHA-256.

RsaPssSha384Signer

RSA-PSS signing key parameterised with SHA-384.

RsaPssSha384Verifier

RSA-PSS verifying key parameterised with SHA-384.

RsaPssSha512Signer

RSA-PSS signing key parameterised with SHA-512.

RsaPssSha512Verifier

RSA-PSS verifying key parameterised with SHA-512.

SchnorrBip340

BIP-340 Schnorr signatures over secp256k1.

ScryptStretchParams

Parameters for the scrypt stretching backend.

SecretKey

A fixed-size secret key that is automatically zeroed when dropped.

SecretVec

A heap-allocated, variable-length secret that is automatically zeroed when dropped.

Stretcher

The built-in KeyStretcher implementation, parameterized by StretchParams.

XChaCha20Poly1305

XChaCha20-Poly1305 authenticated encryption with a 24-byte nonce.

Enums

AlgorithmCategory

Canonical algorithm category.

AlgorithmId

Canonical algorithm identifier covering all OxiCrypto algorithm families.

BalloonVariant

Underlying hash selector for BalloonHasher.

CryptoError

Unified error type for all OxiCrypto operations.

StretchParams

Algorithm + parameter selection for a Stretcher.

TlsCipherSuite

TLS cipher suite → MAC negotiation.

Traits

Aead

Authenticated Encryption with Associated Data (AEAD).

ConstantTimeEq

An Eq-like trait that produces a Choice instead of a bool.

Hash

Stateless hash function (SHA-2, SHA-3, BLAKE3, …).

Kdf

Key derivation function (HKDF, PBKDF2, …).

KeyAgreement

Diffie-Hellman or similar key-agreement primitive.

KeyStretcher

An object-safe key-stretching interface.

Mac

Message Authentication Code (HMAC, CMAC, KMAC, Poly1305, …).

Rng

Cryptographically-secure random number generator.

Signer

Asymmetric signing operation.

StreamingHash

Incremental (streaming) hash computation.

StreamingMac

Incremental (streaming) MAC computation.

Verifier

Asymmetric signature verification.

Zeroize

Trait for securely erasing values from memory.

ZeroizeOnDrop

Marker trait signifying that this type will Zeroize::zeroize itself on Drop.

Functions

aes128_key_unwrap

Unwrap wrapped with a 128-bit Key Encryption Key (KEK) using AES-128-KW.

aes128_key_wrap

Wrap data with a 128-bit Key Encryption Key (KEK) using AES-128-KW.

aes256_key_unwrap

Unwrap wrapped with a 256-bit Key Encryption Key (KEK) using AES-256-KW.

aes256_key_wrap

Wrap data with a 256-bit Key Encryption Key (KEK) using AES-256-KW.

argon2id_derive

Argon2id key derivation.

balloon_sha256

Balloon password hash over SHA-256, writing 32 bytes into out.

balloon_sha512

Balloon password hash over SHA-512, writing 64 bytes into out.

blake3

Compute BLAKE3 of msg, returning a 32-byte array.

ct_eq

Constant-time byte-slice equality comparison.

ct_is_zero

Constant-time check whether every byte in data is zero.

ct_select

Constant-time conditional select: returns a if choice is 0, or b if choice is 1. Any other choice value is treated as 1.

hkdf_expand_label_sha256

HKDF-Expand-Label with SHA-256 (RFC 8446 §7.1).

hkdf_expand_label_sha384

HKDF-Expand-Label with SHA-384 (RFC 8446 §7.1).

hkdf_sha256_expand

Perform HKDF-Expand with SHA-256 from a pre-extracted PRK.

hkdf_sha256_extract

Perform HKDF-Extract with SHA-256, returning the pseudorandom key (PRK).

hkdf_sha384_expand

Perform HKDF-Expand with SHA-384 from a pre-extracted PRK.

hkdf_sha384_extract

Perform HKDF-Extract with SHA-384, returning the pseudorandom key (PRK).

hkdf_sha512_expand

Perform HKDF-Expand with SHA-512 from a pre-extracted PRK.

hkdf_sha512_extract

Perform HKDF-Extract with SHA-512, returning the pseudorandom key (PRK).

mac_name_for_suite

TLS cipher suite → MAC negotiation.

negotiate_mac

TLS cipher suite → MAC negotiation.

new_rng

Create a new OS-seeded CSPRNG.

open_box

Open a sealed box produced by seal_box.

parallel_hash128

ParallelHash128 with fixed output length (NIST SP 800-185 §6.1).

parallel_hash256

ParallelHash256 with fixed output length (NIST SP 800-185 §6.2).

parallel_hash128_xof

ParallelHash128 in extendable-output (XOF) mode (NIST SP 800-185 §6.3).

parallel_hash256_xof

ParallelHash256 in extendable-output (XOF) mode (NIST SP 800-185 §6.3).

pbkdf2_sha256

PBKDF2-HMAC-SHA-256 key derivation.

pbkdf2_sha512

PBKDF2-HMAC-SHA-512 key derivation.

random_bytes

Allocate and fill a Vec<u8> with len cryptographically secure random bytes.

random_nonce

Generate a random nonce of N bytes for use with AEAD algorithms.

random_range

Generate a random integer in [min, max) using rejection sampling to eliminate modulo bias.

reseed

Perform a manual reseed of the given OxiRng from OS entropy.

schnorr_bip340_sign_with_aux

Convenience: produce a heap-allocated Vec<u8> signature with explicit auxiliary randomness. Mirrors SchnorrBip340::sign_with_aux but returns a Vec for callers that prefer an owned buffer over a fixed array.

scrypt_derive

Scrypt key derivation.

seal_box

Seal plaintext using a freshly-generated random nonce.

seal_with_random_nonce

Encrypt plaintext with a freshly-generated random nonce.

sha256

Compute SHA-256 of msg, returning a 32-byte array.

sha512

Compute SHA-512 of msg, returning a 64-byte array.

Derive Macros

Zeroize

Derive the Zeroize trait.

ZeroizeOnDrop

Derive the ZeroizeOnDrop trait.