Module crypto 

ML-KEM-1024, ML-DSA-87, Argon2id, AES-256-GCM, and secure zeroing.

All functions are pure — no I/O, no file system, no network. Each function that needs randomness accepts a CSPRNG as a parameter so it can be exercised with a seeded RNG in tests.

Functions

decapsulate_kem

Decapsulate a shared secret using secret_key (the 64-byte seed) and ciphertext.

decrypt_aes_gcm

Decrypt and authenticate ciphertext with AES-256-GCM using key and nonce.

decrypt_payload

Decrypt a payload using the full hybrid cryptosystem pipeline.

derive_key

Derive a key from password and salt using Argon2id.

encapsulate_kem

Encapsulate a shared secret for the holder of public_key.

encrypt_aes_gcm

Encrypt plaintext with AES-256-GCM using key and nonce.

encrypt_payload

Encrypt a payload using the full hybrid cryptosystem pipeline.

generate_dsa_keypair

Generate an ML-DSA-87 key pair using the provided CSPRNG.

generate_kem_keypair

Generate an ML-KEM-1024 key pair using the provided CSPRNG.

sign_dsa

Sign message with the ML-DSA-87 secret key (32-byte seed).

verify_dsa

Verify that sig is a valid ML-DSA-87 signature over message by public_key.