hash — SHA-2 family
SHA-256, SHA-384, SHA-512 — FIPS 180-4 streaming digests.
mac — HMAC + Poly1305
Keyed message-authentication codes — HMAC-SHA-2 family and Poly1305 one-time authenticator.
kdf — HKDF key-derivation
HKDF (RFC 5869) over SHA-256 / SHA-384 / SHA-512 — the standard key-derivation function for TLS 1.3, QUIC, and modern protocols.
cipher — AES + ChaCha20
Block cipher (AES) and stream cipher (ChaCha20) primitives. Used internally by the AEAD constructions; rarely used directly.
aead — AEAD ciphers (AES-GCM, ChaCha20-Poly1305)
Authenticated encryption with associated data. AES-128/256-GCM and ChaCha20-Poly1305. The AEAD layer used by TLS 1.3 and QUIC.
ecc — Curve25519 / X25519 ECDH
Elliptic-curve Diffie–Hellman over Curve25519. The classical half of every modern TLS 1.3 / QUIC key exchange and the PQ-hybrid `X25519MLKEM768`.
pq — post-quantum (ML-KEM, ML-DSA)
NIST FIPS 203 (ML-KEM / Kyber) and FIPS 204 (ML-DSA / Dilithium) — post-quantum key encapsulation and signatures.
util — constant-time ops, zeroise, RNG
Timing-safe comparisons, secret-wipe, and the platform CSPRNG. Small utilities that matter enormously.
Auth primitives
JWT, COSE, TOTP/HOTP, password hashing, token generation, Merkle trees