Expand description
pq-oid - Type-safe OID constants for post-quantum algorithms
This crate provides OID (Object Identifier) constants and utilities for post-quantum cryptographic algorithms as defined in FIPS 203, 204, and 205.
§Features
- Type-safe enums for ML-KEM, ML-DSA, and SLH-DSA algorithm families
- Ergonomic conversions via
FromStr,TryFrom<&str>, andDisplay - Direct access to algorithm properties (key sizes, security levels, OIDs)
- DER encoding/decoding of OIDs
- JOSE and COSE mappings for ML-DSA
§Quick Start
use pq_oid::{MlKem, MlDsa, SlhDsa, Algorithm};
use std::str::FromStr;
// Parse from string
let kem: MlKem = "ML-KEM-512".parse().unwrap();
assert_eq!(kem.oid(), "2.16.840.1.101.3.4.4.1");
assert_eq!(kem.public_key_size(), 800);
// Or use try_into
let dsa: MlDsa = "ML-DSA-65".try_into().unwrap();
assert_eq!(dsa.jose(), "ML-DSA-65");
assert_eq!(dsa.cose(), -49);
// Convert back to string
let name: &str = kem.as_ref();
assert_eq!(name, "ML-KEM-512");
// Unified algorithm type
let alg: Algorithm = MlKem::Kem512.into();
assert_eq!(alg.family(), pq_oid::AlgorithmFamily::MlKem);§Algorithm Families
§ML-KEM (FIPS 203)
Module-Lattice-Based Key-Encapsulation Mechanism:
MlKem::Kem512- NIST Level 1MlKem::Kem768- NIST Level 3MlKem::Kem1024- NIST Level 5
§ML-DSA (FIPS 204)
Module-Lattice-Based Digital Signature Algorithm:
MlDsa::Dsa44- NIST Level 2MlDsa::Dsa65- NIST Level 3MlDsa::Dsa87- NIST Level 5
§SLH-DSA (FIPS 205)
Stateless Hash-Based Digital Signature Algorithm with SHA2 and SHAKE variants in both “small” (s) and “fast” (f) modes.
Modules§
- oid
- OID constants for all algorithms.
Structs§
- Algorithm
Info - Information about a specific algorithm variant.
Enums§
- Algorithm
- A unified enum representing any supported PQ algorithm.
- Algorithm
Family - The algorithm family.
- Algorithm
Sizes - Type-specific sizes for algorithms.
- Algorithm
Type - The type of cryptographic algorithm.
- Error
- Error type for pq-oid operations.
- Hash
Function - The hash function used by SLH-DSA.
- MlDsa
- ML-DSA (Module-Lattice-Based Digital Signature Algorithm) variants.
- MlKem
- ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism) variants.
- Security
Level - NIST security level.
- SlhDsa
- SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) variants.
- SlhDsa
Mode - The speed/size tradeoff mode for SLH-DSA.
Functions§
- decode_
oid - Decode DER bytes to an OID string.
- encode_
oid - Encode an OID string to DER bytes (without the tag and length).
- encode_
oid_ to - Encode an OID string to DER bytes, writing to the provided buffer.
Type Aliases§
- Result
- Result type for pq-oid operations.