From 0e435115ca1918c9dadfcea4a877e0ee53177726 Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Sun, 12 Apr 2026 14:29:55 +0200
Subject: [PATCH] crypto: add JWK support for ML-KEM and SLH-DSA key types

Signed-off-by: Filip Skokan <panva.ip@gmail.com>
---
 benchmark/crypto/kem.js                       |   3 -
 doc/api/crypto.md                             |  42 ++--
 doc/api/webcrypto.md                          |  18 +-
 lib/internal/crypto/ml_kem.js                 |  14 ++
 lib/internal/crypto/webcrypto.js              |   6 +
 node.gyp                                      |   4 +-
 src/crypto/crypto_keys.cc                     |  36 ++-
 src/crypto/crypto_ml_dsa.cc                   | 165 -------------
 src/crypto/crypto_ml_dsa.h                    |  23 --
 src/crypto/crypto_pqc.cc                      | 180 ++++++++++++++
 src/crypto/crypto_pqc.h                       |  23 ++
 src/node_crypto.h                             |   2 +-
 test/fixtures/keys/Makefile                   |  51 ++++
 test/fixtures/keys/ml-dsa-44.json             |   6 +
 test/fixtures/keys/ml-dsa-65.json             |   6 +
 test/fixtures/keys/ml-dsa-87.json             |   6 +
 test/fixtures/keys/ml-kem-1024.json           |   6 +
 test/fixtures/keys/ml-kem-512.json            |   6 +
 test/fixtures/keys/ml-kem-768.json            |   6 +
 test/fixtures/keys/slh-dsa-sha2-128f.json     |   6 +
 test/fixtures/keys/slh-dsa-sha2-128s.json     |   6 +
 test/fixtures/keys/slh-dsa-sha2-192f.json     |   6 +
 test/fixtures/keys/slh-dsa-sha2-192s.json     |   6 +
 test/fixtures/keys/slh-dsa-sha2-256f.json     |   6 +
 test/fixtures/keys/slh-dsa-sha2-256s.json     |   6 +
 test/fixtures/keys/slh-dsa-shake-128f.json    |   6 +
 test/fixtures/keys/slh-dsa-shake-128s.json    |   6 +
 test/fixtures/keys/slh-dsa-shake-192f.json    |   6 +
 test/fixtures/keys/slh-dsa-shake-192s.json    |   6 +
 test/fixtures/keys/slh-dsa-shake-256f.json    |   6 +
 test/fixtures/keys/slh-dsa-shake-256s.json    |   6 +
 test/parallel/test-crypto-encap-decap.js      |  10 +-
 .../test-crypto-pqc-key-objects-ml-dsa.js     |  68 +-----
 .../test-crypto-pqc-key-objects-ml-kem.js     |  69 +++++-
 .../test-crypto-pqc-key-objects-slh-dsa.js    |  62 ++++-
 .../parallel/test-crypto-pqc-keygen-ml-kem.js |  19 ++
 .../test-crypto-pqc-keygen-slh-dsa.js         |  22 ++
 .../test-webcrypto-export-import-ml-dsa.js    |  52 +---
 .../test-webcrypto-export-import-ml-kem.js    | 222 ++++++++++++++++--
 39 files changed, 842 insertions(+), 357 deletions(-)
 delete mode 100644 src/crypto/crypto_ml_dsa.cc
 delete mode 100644 src/crypto/crypto_ml_dsa.h
 create mode 100644 src/crypto/crypto_pqc.cc
 create mode 100644 src/crypto/crypto_pqc.h
 create mode 100644 test/fixtures/keys/ml-dsa-44.json
 create mode 100644 test/fixtures/keys/ml-dsa-65.json
 create mode 100644 test/fixtures/keys/ml-dsa-87.json
 create mode 100644 test/fixtures/keys/ml-kem-1024.json
 create mode 100644 test/fixtures/keys/ml-kem-512.json
 create mode 100644 test/fixtures/keys/ml-kem-768.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-128f.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-128s.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-192f.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-192s.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-256f.json
 create mode 100644 test/fixtures/keys/slh-dsa-sha2-256s.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-128f.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-128s.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-192f.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-192s.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-256f.json
 create mode 100644 test/fixtures/keys/slh-dsa-shake-256s.json

diff --git a/benchmark/crypto/kem.js b/benchmark/crypto/kem.js
index e03ae65f1926ca..ffdcac6d7fcb0d 100644
--- a/benchmark/crypto/kem.js
+++ b/benchmark/crypto/kem.js
@@ -54,9 +54,6 @@ const bench = common.createBenchmark(main, {
     // assess whether mutexes over the key material impact the operation
     if (p.keyFormat === 'keyObject.unique')
       return p.mode === 'async-parallel';
-    // JWK is not supported for ml-kem for now
-    if (p.keyFormat === 'jwk')
-      return !p.keyType.startsWith('ml-');
     // raw-public is only supported for encapsulate, not rsa
     if (p.keyFormat === 'raw-public')
       return p.keyType !== 'rsa' && p.op === 'encapsulate';
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 84e5520186dbb6..b421d12fc7ab38 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -88,23 +88,23 @@ The following table lists the asymmetric key types recognized by the
 | `'ml-dsa-44'`[^openssl35]          | ML-DSA-44          | 2.16.840.1.101.3.4.3.17 | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
 | `'ml-dsa-65'`[^openssl35]          | ML-DSA-65          | 2.16.840.1.101.3.4.3.18 | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
 | `'ml-dsa-87'`[^openssl35]          | ML-DSA-87          | 2.16.840.1.101.3.4.3.19 | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
-| `'ml-kem-512'`[^openssl35]         | ML-KEM-512         | 2.16.840.1.101.3.4.4.1  | ✔       | ✔       |         | ✔              |                 | ✔            |
-| `'ml-kem-768'`[^openssl35]         | ML-KEM-768         | 2.16.840.1.101.3.4.4.2  | ✔       | ✔       |         | ✔              |                 | ✔            |
-| `'ml-kem-1024'`[^openssl35]        | ML-KEM-1024        | 2.16.840.1.101.3.4.4.3  | ✔       | ✔       |         | ✔              |                 | ✔            |
+| `'ml-kem-512'`[^openssl35]         | ML-KEM-512         | 2.16.840.1.101.3.4.4.1  | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
+| `'ml-kem-768'`[^openssl35]         | ML-KEM-768         | 2.16.840.1.101.3.4.4.2  | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
+| `'ml-kem-1024'`[^openssl35]        | ML-KEM-1024        | 2.16.840.1.101.3.4.4.3  | ✔       | ✔       | ✔       | ✔              |                 | ✔            |
 | `'rsa-pss'`                        | RSA PSS            | 1.2.840.113549.1.1.10   | ✔       | ✔       |         |                |                 |              |
 | `'rsa'`                            | RSA                | 1.2.840.113549.1.1.1    | ✔       | ✔       | ✔       |                |                 |              |
-| `'slh-dsa-sha2-128f'`[^openssl35]  | SLH-DSA-SHA2-128f  | 2.16.840.1.101.3.4.3.21 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-sha2-128s'`[^openssl35]  | SLH-DSA-SHA2-128s  | 2.16.840.1.101.3.4.3.20 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-sha2-192f'`[^openssl35]  | SLH-DSA-SHA2-192f  | 2.16.840.1.101.3.4.3.23 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-sha2-192s'`[^openssl35]  | SLH-DSA-SHA2-192s  | 2.16.840.1.101.3.4.3.22 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-sha2-256f'`[^openssl35]  | SLH-DSA-SHA2-256f  | 2.16.840.1.101.3.4.3.25 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-sha2-256s'`[^openssl35]  | SLH-DSA-SHA2-256s  | 2.16.840.1.101.3.4.3.24 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-128f'`[^openssl35] | SLH-DSA-SHAKE-128f | 2.16.840.1.101.3.4.3.27 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-128s'`[^openssl35] | SLH-DSA-SHAKE-128s | 2.16.840.1.101.3.4.3.26 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-192f'`[^openssl35] | SLH-DSA-SHAKE-192f | 2.16.840.1.101.3.4.3.29 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-192s'`[^openssl35] | SLH-DSA-SHAKE-192s | 2.16.840.1.101.3.4.3.28 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-256f'`[^openssl35] | SLH-DSA-SHAKE-256f | 2.16.840.1.101.3.4.3.31 | ✔       | ✔       |         | ✔              | ✔               |              |
-| `'slh-dsa-shake-256s'`[^openssl35] | SLH-DSA-SHAKE-256s | 2.16.840.1.101.3.4.3.30 | ✔       | ✔       |         | ✔              | ✔               |              |
+| `'slh-dsa-sha2-128f'`[^openssl35]  | SLH-DSA-SHA2-128f  | 2.16.840.1.101.3.4.3.21 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-sha2-128s'`[^openssl35]  | SLH-DSA-SHA2-128s  | 2.16.840.1.101.3.4.3.20 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-sha2-192f'`[^openssl35]  | SLH-DSA-SHA2-192f  | 2.16.840.1.101.3.4.3.23 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-sha2-192s'`[^openssl35]  | SLH-DSA-SHA2-192s  | 2.16.840.1.101.3.4.3.22 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-sha2-256f'`[^openssl35]  | SLH-DSA-SHA2-256f  | 2.16.840.1.101.3.4.3.25 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-sha2-256s'`[^openssl35]  | SLH-DSA-SHA2-256s  | 2.16.840.1.101.3.4.3.24 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-128f'`[^openssl35] | SLH-DSA-SHAKE-128f | 2.16.840.1.101.3.4.3.27 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-128s'`[^openssl35] | SLH-DSA-SHAKE-128s | 2.16.840.1.101.3.4.3.26 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-192f'`[^openssl35] | SLH-DSA-SHAKE-192f | 2.16.840.1.101.3.4.3.29 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-192s'`[^openssl35] | SLH-DSA-SHAKE-192s | 2.16.840.1.101.3.4.3.28 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-256f'`[^openssl35] | SLH-DSA-SHAKE-256f | 2.16.840.1.101.3.4.3.31 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
+| `'slh-dsa-shake-256s'`[^openssl35] | SLH-DSA-SHAKE-256s | 2.16.840.1.101.3.4.3.30 | ✔       | ✔       | ✔       | ✔              | ✔               |              |
 | `'x25519'`                         | X25519             | 1.3.101.110             | ✔       | ✔       | ✔       | ✔              | ✔               |              |
 | `'x448'`                           | X448               | 1.3.101.111             | ✔       | ✔       | ✔       | ✔              | ✔               |              |
 
@@ -2397,6 +2397,10 @@ type, value, and parameters. This method is not
 <!-- YAML
 added: v11.6.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/62706
+    description: Added JWK format support for ML-KEM and SLH-DSA
+                 key types.
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/62240
     description: Added support for `'raw-public'`, `'raw-private'`,
@@ -3926,6 +3930,10 @@ input.on('readable', () => {
 <!-- YAML
 added: v11.6.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/62706
+    description: Added JWK format support for ML-KEM and SLH-DSA
+                 key types.
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/62453
     description: Passing a CryptoKey as `key` is deprecated.
@@ -3977,6 +3985,10 @@ of the passphrase is limited to 1024 bytes.
 <!-- YAML
 added: v11.6.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/62706
+    description: Added JWK format support for ML-KEM and SLH-DSA
+                 key types.
   - version: REPLACEME
     pr-url: https://github.com/nodejs/node/pull/62453
     description: Passing a CryptoKey as `key` is deprecated.
diff --git a/doc/api/webcrypto.md b/doc/api/webcrypto.md
index ece03f4a1208a7..1e3650200534ad 100644
--- a/doc/api/webcrypto.md
+++ b/doc/api/webcrypto.md
@@ -1132,6 +1132,9 @@ The algorithms currently supported include:
 <!-- YAML
 added: v15.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/62706
+    description: Added JWK format support for ML-KEM key types.
   - version: v24.8.0
     pr-url: https://github.com/nodejs/node/pull/59647
     description: KMAC algorithms are now supported.
@@ -1190,9 +1193,9 @@ specification.
 | `'ML-DSA-44'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'ML-DSA-65'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'ML-DSA-87'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
-| `'ML-KEM-512'`[^modern-algos]        | ✔        | ✔         |         |         |                | ✔              | ✔            |
-| `'ML-KEM-768'`[^modern-algos]        | ✔        | ✔         |         |         |                | ✔              | ✔            |
-| `'ML-KEM-1024'`[^modern-algos]       | ✔        | ✔         |         |         |                | ✔              | ✔            |
+| `'ML-KEM-512'`[^modern-algos]        | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
+| `'ML-KEM-768'`[^modern-algos]        | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
+| `'ML-KEM-1024'`[^modern-algos]       | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'RSA-OAEP'`                         | ✔        | ✔         | ✔       |         |                |                |              |
 | `'RSA-PSS'`                          | ✔        | ✔         | ✔       |         |                |                |              |
 | `'RSASSA-PKCS1-v1_5'`                | ✔        | ✔         | ✔       |         |                |                |              |
@@ -1280,6 +1283,9 @@ The {CryptoKey} (secret key) generating algorithms supported include:
 <!-- YAML
 added: v15.0.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/62706
+    description: Added JWK format support for ML-KEM key types.
   - version: v25.9.0
     pr-url: https://github.com/nodejs/node/pull/62218
     description: Importing ML-DSA and ML-KEM PKCS#8 keys
@@ -1353,9 +1359,9 @@ The algorithms currently supported include:
 | `'ML-DSA-44'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'ML-DSA-65'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'ML-DSA-87'`[^modern-algos]         | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
-| `'ML-KEM-512'`[^modern-algos]        | ✔        | ✔         |         |         |                | ✔              | ✔            |
-| `'ML-KEM-768'`[^modern-algos]        | ✔        | ✔         |         |         |                | ✔              | ✔            |
-| `'ML-KEM-1024'`[^modern-algos]       | ✔        | ✔         |         |         |                | ✔              | ✔            |
+| `'ML-KEM-512'`[^modern-algos]        | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
+| `'ML-KEM-768'`[^modern-algos]        | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
+| `'ML-KEM-1024'`[^modern-algos]       | ✔        | ✔         | ✔       |         |                | ✔              | ✔            |
 | `'PBKDF2'`                           |          |           |         | ✔       | ✔              |                |              |
 | `'RSA-OAEP'`                         | ✔        | ✔         | ✔       |         |                |                |              |
 | `'RSA-PSS'`                          | ✔        | ✔         | ✔       |         |                |                |              |
diff --git a/lib/internal/crypto/ml_kem.js b/lib/internal/crypto/ml_kem.js
index f62d596ccdfc1b..6c665c20c0c583 100644
--- a/lib/internal/crypto/ml_kem.js
+++ b/lib/internal/crypto/ml_kem.js
@@ -43,7 +43,9 @@ const {
 
 const {
   importDerKey,
+  importJwkKey,
   importRawKey,
+  validateJwk,
 } = require('internal/crypto/webcrypto_util');
 
 const generateKeyPair = promisify(_generateKeyPair);
@@ -177,6 +179,18 @@ function mlKemImportKey(
       keyObject = importRawKey(isPublic, keyData, isPublic ? kKeyFormatRawPublic : kKeyFormatRawPrivate, name);
       break;
     }
+    case 'jwk': {
+      validateJwk(keyData, 'AKP', extractable, usagesSet, 'enc');
+
+      if (keyData.alg !== name)
+        throw lazyDOMException(
+          'JWK "alg" Parameter and algorithm name mismatch', 'DataError');
+
+      const isPublic = keyData.priv === undefined;
+      verifyAcceptableMlKemKeyUse(name, isPublic, usagesSet);
+      keyObject = importJwkKey(isPublic, keyData);
+      break;
+    }
     default:
       return undefined;
   }
diff --git a/lib/internal/crypto/webcrypto.js b/lib/internal/crypto/webcrypto.js
index dc7f635a480a49..9e539ff0ad671a 100644
--- a/lib/internal/crypto/webcrypto.js
+++ b/lib/internal/crypto/webcrypto.js
@@ -603,6 +603,12 @@ async function exportKeyJWK(key) {
     case 'ML-DSA-65':
       // Fall through
     case 'ML-DSA-87':
+      // Fall through
+    case 'ML-KEM-512':
+      // Fall through
+    case 'ML-KEM-768':
+      // Fall through
+    case 'ML-KEM-1024':
       break;
     case 'Ed25519':
       // Fall through
diff --git a/node.gyp b/node.gyp
index ed699e0d4c03f1..ed3f4f3195f894 100644
--- a/node.gyp
+++ b/node.gyp
@@ -388,7 +388,7 @@
       'src/crypto/crypto_cipher.cc',
       'src/crypto/crypto_context.cc',
       'src/crypto/crypto_ec.cc',
-      'src/crypto/crypto_ml_dsa.cc',
+      'src/crypto/crypto_pqc.cc',
       'src/crypto/crypto_kem.cc',
       'src/crypto/crypto_hmac.cc',
       'src/crypto/crypto_kmac.cc',
@@ -426,7 +426,7 @@
       'src/crypto/crypto_clienthello.h',
       'src/crypto/crypto_context.h',
       'src/crypto/crypto_ec.h',
-      'src/crypto/crypto_ml_dsa.h',
+      'src/crypto/crypto_pqc.h',
       'src/crypto/crypto_hkdf.h',
       'src/crypto/crypto_pbkdf2.h',
       'src/crypto/crypto_sig.h',
diff --git a/src/crypto/crypto_keys.cc b/src/crypto/crypto_keys.cc
index d1a46a15d898ab..29a8b4513d64dc 100644
--- a/src/crypto/crypto_keys.cc
+++ b/src/crypto/crypto_keys.cc
@@ -5,7 +5,7 @@
 #include "crypto/crypto_dh.h"
 #include "crypto/crypto_dsa.h"
 #include "crypto/crypto_ec.h"
-#include "crypto/crypto_ml_dsa.h"
+#include "crypto/crypto_pqc.h"
 #include "crypto/crypto_rsa.h"
 #include "crypto/crypto_util.h"
 #include "env-inl.h"
@@ -200,7 +200,37 @@ bool ExportJWKAsymmetricKey(Environment* env,
     case EVP_PKEY_ML_DSA_65:
       // Fall through
     case EVP_PKEY_ML_DSA_87:
-      return ExportJwkMlDsaKey(env, key, target);
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_128F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_128S:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_192F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_192S:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_256F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHA2_256S:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_128F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_128S:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_192F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_192S:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_256F:
+      // Fall through
+    case EVP_PKEY_SLH_DSA_SHAKE_256S:
+      // Fall through
+    case EVP_PKEY_ML_KEM_512:
+      // Fall through
+    case EVP_PKEY_ML_KEM_768:
+      // Fall through
+    case EVP_PKEY_ML_KEM_1024:
+      return ExportJwkPqcKey(env, key, target);
 #endif
   }
   THROW_ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE(env);
@@ -723,7 +753,7 @@ static KeyObjectData ImportJWKFromArgs(Environment* env, Local<Object> jwk) {
     return ImportJWKEdKey(env, jwk);
   } else if (*kty_string == std::string_view("AKP")) {
 #if OPENSSL_WITH_PQC
-    return ImportJWKAkpKey(env, jwk);
+    return ImportJWKPqcKey(env, jwk);
 #else
     THROW_ERR_INVALID_ARG_VALUE(env, "Unsupported key type");
     return {};
diff --git a/src/crypto/crypto_ml_dsa.cc b/src/crypto/crypto_ml_dsa.cc
deleted file mode 100644
index 75cb17ab038091..00000000000000
--- a/src/crypto/crypto_ml_dsa.cc
+++ /dev/null
@@ -1,165 +0,0 @@
-#include "crypto/crypto_ml_dsa.h"
-#include "crypto/crypto_util.h"
-#include "env-inl.h"
-#include "string_bytes.h"
-#include "v8.h"
-
-namespace node {
-
-using ncrypto::DataPointer;
-using ncrypto::EVPKeyPointer;
-using v8::Local;
-using v8::Object;
-using v8::String;
-using v8::Value;
-
-namespace crypto {
-
-#if OPENSSL_WITH_PQC
-constexpr const char* GetMlDsaAlgorithmName(int id) {
-  switch (id) {
-    case EVP_PKEY_ML_DSA_44:
-      return "ML-DSA-44";
-    case EVP_PKEY_ML_DSA_65:
-      return "ML-DSA-65";
-    case EVP_PKEY_ML_DSA_87:
-      return "ML-DSA-87";
-    default:
-      return nullptr;
-  }
-}
-
-/**
- * Exports an ML-DSA key to JWK format.
- *
- * The resulting JWK object contains:
- * - "kty": "AKP" (Asymmetric Key Pair - required)
- * - "alg": "ML-DSA-XX" (Algorithm identifier - required for "AKP")
- * - "pub": "<Base64URL-encoded raw public key>" (required)
- * - "priv": <"Base64URL-encoded raw seed>" (required for private keys only)
- */
-bool ExportJwkMlDsaKey(Environment* env,
-                       const KeyObjectData& key,
-                       Local<Object> target) {
-  Mutex::ScopedLock lock(key.mutex());
-  const auto& pkey = key.GetAsymmetricKey();
-
-  const char* alg = GetMlDsaAlgorithmName(pkey.id());
-  CHECK(alg);
-
-  static constexpr auto trySetKey = [](Environment* env,
-                                       DataPointer data,
-                                       Local<Object> target,
-                                       Local<String> key) {
-    Local<Value> encoded;
-    if (!data) return false;
-    const ncrypto::Buffer<const char> out = data;
-    return StringBytes::Encode(env->isolate(), out.data, out.len, BASE64URL)
-               .ToLocal(&encoded) &&
-           target->Set(env->context(), key, encoded).IsJust();
-  };
-
-  if (key.GetKeyType() == kKeyTypePrivate) {
-    auto seed = pkey.rawSeed();
-    if (!seed) {
-      THROW_ERR_CRYPTO_OPERATION_FAILED(env,
-                                        "key does not have an available seed");
-      return false;
-    }
-    if (!trySetKey(env, pkey.rawSeed(), target, env->jwk_priv_string())) {
-      return false;
-    }
-  }
-
-  return !(
-      target->Set(env->context(), env->jwk_kty_string(), env->jwk_akp_string())
-          .IsNothing() ||
-      target
-          ->Set(env->context(),
-                env->jwk_alg_string(),
-                OneByteString(env->isolate(), alg))
-          .IsNothing() ||
-      !trySetKey(env, pkey.rawPublicKey(), target, env->jwk_pub_string()));
-}
-
-KeyObjectData ImportJWKAkpKey(Environment* env, Local<Object> jwk) {
-  Local<Value> alg_value;
-  Local<Value> pub_value;
-  Local<Value> priv_value;
-
-  if (!jwk->Get(env->context(), env->jwk_alg_string()).ToLocal(&alg_value) ||
-      !jwk->Get(env->context(), env->jwk_pub_string()).ToLocal(&pub_value) ||
-      !jwk->Get(env->context(), env->jwk_priv_string()).ToLocal(&priv_value)) {
-    return {};
-  }
-
-  static constexpr int kMlDsaIds[] = {
-      EVP_PKEY_ML_DSA_44, EVP_PKEY_ML_DSA_65, EVP_PKEY_ML_DSA_87};
-
-  Utf8Value alg(env->isolate(),
-                alg_value->IsString() ? alg_value.As<String>()
-                                      : String::Empty(env->isolate()));
-
-  int id = NID_undef;
-  for (int candidate : kMlDsaIds) {
-    if (strcmp(*alg, GetMlDsaAlgorithmName(candidate)) == 0) {
-      id = candidate;
-      break;
-    }
-  }
-
-  if (id == NID_undef) {
-    THROW_ERR_CRYPTO_INVALID_JWK(env, "Unsupported JWK AKP \"alg\"");
-    return {};
-  }
-
-  if (!pub_value->IsString() ||
-      (!priv_value->IsUndefined() && !priv_value->IsString())) {
-    THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
-    return {};
-  }
-
-  KeyType type = priv_value->IsString() ? kKeyTypePrivate : kKeyTypePublic;
-
-  EVPKeyPointer pkey;
-  if (type == kKeyTypePrivate) {
-    ByteSource seed =
-        ByteSource::FromEncodedString(env, priv_value.As<String>());
-    pkey =
-        EVPKeyPointer::NewRawSeed(id,
-                                  ncrypto::Buffer<const unsigned char>{
-                                      .data = seed.data<const unsigned char>(),
-                                      .len = seed.size(),
-                                  });
-  } else {
-    ByteSource pub = ByteSource::FromEncodedString(env, pub_value.As<String>());
-    pkey =
-        EVPKeyPointer::NewRawPublic(id,
-                                    ncrypto::Buffer<const unsigned char>{
-                                        .data = pub.data<const unsigned char>(),
-                                        .len = pub.size(),
-                                    });
-  }
-
-  if (!pkey) {
-    THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
-    return {};
-  }
-
-  // When importing a private key, verify that the JWK's pub field matches
-  // the public key derived from the seed.
-  if (type == kKeyTypePrivate && pub_value->IsString()) {
-    ByteSource pub = ByteSource::FromEncodedString(env, pub_value.As<String>());
-    auto derived_pub = pkey.rawPublicKey();
-    if (!derived_pub || derived_pub.size() != pub.size() ||
-        CRYPTO_memcmp(derived_pub.get(), pub.data(), pub.size()) != 0) {
-      THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
-      return {};
-    }
-  }
-
-  return KeyObjectData::CreateAsymmetric(type, std::move(pkey));
-}
-#endif
-}  // namespace crypto
-}  // namespace node
diff --git a/src/crypto/crypto_ml_dsa.h b/src/crypto/crypto_ml_dsa.h
deleted file mode 100644
index 8f8a395c5e94f5..00000000000000
--- a/src/crypto/crypto_ml_dsa.h
+++ /dev/null
@@ -1,23 +0,0 @@
-#ifndef SRC_CRYPTO_CRYPTO_ML_DSA_H_
-#define SRC_CRYPTO_CRYPTO_ML_DSA_H_
-
-#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
-
-#include "crypto/crypto_keys.h"
-#include "env.h"
-#include "v8.h"
-
-namespace node {
-namespace crypto {
-#if OPENSSL_WITH_PQC
-bool ExportJwkMlDsaKey(Environment* env,
-                       const KeyObjectData& key,
-                       v8::Local<v8::Object> target);
-
-KeyObjectData ImportJWKAkpKey(Environment* env, v8::Local<v8::Object> jwk);
-#endif
-}  // namespace crypto
-}  // namespace node
-
-#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
-#endif  // SRC_CRYPTO_CRYPTO_ML_DSA_H_
diff --git a/src/crypto/crypto_pqc.cc b/src/crypto/crypto_pqc.cc
new file mode 100644
index 00000000000000..cd2024cbe2f05d
--- /dev/null
+++ b/src/crypto/crypto_pqc.cc
@@ -0,0 +1,180 @@
+#include "crypto/crypto_pqc.h"
+#include "crypto/crypto_util.h"
+#include "env-inl.h"
+#include "string_bytes.h"
+#include "v8.h"
+
+namespace node {
+
+using ncrypto::DataPointer;
+using ncrypto::EVPKeyPointer;
+using v8::Local;
+using v8::Object;
+using v8::String;
+using v8::Value;
+
+namespace crypto {
+
+#if OPENSSL_WITH_PQC
+namespace {
+struct PqcAlgorithm {
+  int id;
+  const char* name;
+  bool
+      use_seed;  // true: rawSeed/NewRawSeed, false: rawPrivateKey/NewRawPrivate
+};
+
+constexpr PqcAlgorithm kPqcAlgorithms[] = {
+    {EVP_PKEY_ML_DSA_44, "ML-DSA-44", true},
+    {EVP_PKEY_ML_DSA_65, "ML-DSA-65", true},
+    {EVP_PKEY_ML_DSA_87, "ML-DSA-87", true},
+    {EVP_PKEY_ML_KEM_512, "ML-KEM-512", true},
+    {EVP_PKEY_ML_KEM_768, "ML-KEM-768", true},
+    {EVP_PKEY_ML_KEM_1024, "ML-KEM-1024", true},
+    {EVP_PKEY_SLH_DSA_SHA2_128F, "SLH-DSA-SHA2-128f", false},
+    {EVP_PKEY_SLH_DSA_SHA2_128S, "SLH-DSA-SHA2-128s", false},
+    {EVP_PKEY_SLH_DSA_SHA2_192F, "SLH-DSA-SHA2-192f", false},
+    {EVP_PKEY_SLH_DSA_SHA2_192S, "SLH-DSA-SHA2-192s", false},
+    {EVP_PKEY_SLH_DSA_SHA2_256F, "SLH-DSA-SHA2-256f", false},
+    {EVP_PKEY_SLH_DSA_SHA2_256S, "SLH-DSA-SHA2-256s", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_128F, "SLH-DSA-SHAKE-128f", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_128S, "SLH-DSA-SHAKE-128s", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_192F, "SLH-DSA-SHAKE-192f", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_192S, "SLH-DSA-SHAKE-192s", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_256F, "SLH-DSA-SHAKE-256f", false},
+    {EVP_PKEY_SLH_DSA_SHAKE_256S, "SLH-DSA-SHAKE-256s", false},
+};
+
+const PqcAlgorithm* FindPqcAlgorithmById(int id) {
+  for (const auto& alg : kPqcAlgorithms) {
+    if (alg.id == id) return &alg;
+  }
+  return nullptr;
+}
+
+const PqcAlgorithm* FindPqcAlgorithmByName(const char* name) {
+  for (const auto& alg : kPqcAlgorithms) {
+    if (strcmp(name, alg.name) == 0) return &alg;
+  }
+  return nullptr;
+}
+
+bool TrySetEncodedKey(Environment* env,
+                      DataPointer data,
+                      Local<Object> target,
+                      Local<String> key) {
+  Local<Value> encoded;
+  if (!data) return false;
+  const ncrypto::Buffer<const char> out = data;
+  return StringBytes::Encode(env->isolate(), out.data, out.len, BASE64URL)
+             .ToLocal(&encoded) &&
+         target->Set(env->context(), key, encoded).IsJust();
+}
+}  // namespace
+
+bool ExportJwkPqcKey(Environment* env,
+                     const KeyObjectData& key,
+                     Local<Object> target) {
+  Mutex::ScopedLock lock(key.mutex());
+  const auto& pkey = key.GetAsymmetricKey();
+
+  const PqcAlgorithm* alg = FindPqcAlgorithmById(pkey.id());
+  CHECK(alg);
+
+  if (key.GetKeyType() == kKeyTypePrivate) {
+    DataPointer priv_data =
+        alg->use_seed ? pkey.rawSeed() : pkey.rawPrivateKey();
+    if (alg->use_seed && !priv_data) {
+      THROW_ERR_CRYPTO_OPERATION_FAILED(env,
+                                        "key does not have an available seed");
+      return false;
+    }
+    if (!TrySetEncodedKey(
+            env, std::move(priv_data), target, env->jwk_priv_string())) {
+      return false;
+    }
+  }
+
+  return !(
+      target->Set(env->context(), env->jwk_kty_string(), env->jwk_akp_string())
+          .IsNothing() ||
+      target
+          ->Set(env->context(),
+                env->jwk_alg_string(),
+                OneByteString(env->isolate(), alg->name))
+          .IsNothing() ||
+      !TrySetEncodedKey(
+          env, pkey.rawPublicKey(), target, env->jwk_pub_string()));
+}
+
+KeyObjectData ImportJWKPqcKey(Environment* env, Local<Object> jwk) {
+  Local<Value> alg_value;
+  Local<Value> pub_value;
+  Local<Value> priv_value;
+
+  if (!jwk->Get(env->context(), env->jwk_alg_string()).ToLocal(&alg_value) ||
+      !jwk->Get(env->context(), env->jwk_pub_string()).ToLocal(&pub_value) ||
+      !jwk->Get(env->context(), env->jwk_priv_string()).ToLocal(&priv_value)) {
+    return {};
+  }
+
+  Utf8Value alg_str(env->isolate(),
+                    alg_value->IsString() ? alg_value.As<String>()
+                                          : String::Empty(env->isolate()));
+
+  const PqcAlgorithm* alg = FindPqcAlgorithmByName(*alg_str);
+  if (!alg) {
+    THROW_ERR_CRYPTO_INVALID_JWK(env, "Unsupported JWK AKP \"alg\"");
+    return {};
+  }
+
+  if (!pub_value->IsString() ||
+      (!priv_value->IsUndefined() && !priv_value->IsString())) {
+    THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
+    return {};
+  }
+
+  KeyType type = priv_value->IsString() ? kKeyTypePrivate : kKeyTypePublic;
+
+  EVPKeyPointer pkey;
+  if (type == kKeyTypePrivate) {
+    ByteSource priv =
+        ByteSource::FromEncodedString(env, priv_value.As<String>());
+    ncrypto::Buffer<const unsigned char> buf{
+        .data = priv.data<const unsigned char>(),
+        .len = priv.size(),
+    };
+    pkey = alg->use_seed ? EVPKeyPointer::NewRawSeed(alg->id, buf)
+                         : EVPKeyPointer::NewRawPrivate(alg->id, buf);
+  } else {
+    ByteSource pub = ByteSource::FromEncodedString(env, pub_value.As<String>());
+    pkey =
+        EVPKeyPointer::NewRawPublic(alg->id,
+                                    ncrypto::Buffer<const unsigned char>{
+                                        .data = pub.data<const unsigned char>(),
+                                        .len = pub.size(),
+                                    });
+  }
+
+  if (!pkey) {
+    THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
+    return {};
+  }
+
+  // When importing a private key, verify that the pub field matches
+  // the public key derived from the private key material.
+  if (type == kKeyTypePrivate && pub_value->IsString()) {
+    ByteSource pub = ByteSource::FromEncodedString(env, pub_value.As<String>());
+    auto derived_pub = pkey.rawPublicKey();
+    if (!derived_pub || derived_pub.size() != pub.size() ||
+        CRYPTO_memcmp(derived_pub.get(), pub.data(), pub.size()) != 0) {
+      THROW_ERR_CRYPTO_INVALID_JWK(env, "Invalid JWK AKP key");
+      return {};
+    }
+  }
+
+  return KeyObjectData::CreateAsymmetric(type, std::move(pkey));
+}
+#endif
+}  // namespace crypto
+}  // namespace node
diff --git a/src/crypto/crypto_pqc.h b/src/crypto/crypto_pqc.h
new file mode 100644
index 00000000000000..7a805c0e36c6a3
--- /dev/null
+++ b/src/crypto/crypto_pqc.h
@@ -0,0 +1,23 @@
+#ifndef SRC_CRYPTO_CRYPTO_PQC_H_
+#define SRC_CRYPTO_CRYPTO_PQC_H_
+
+#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#include "crypto/crypto_keys.h"
+#include "env.h"
+#include "v8.h"
+
+namespace node {
+namespace crypto {
+#if OPENSSL_WITH_PQC
+bool ExportJwkPqcKey(Environment* env,
+                     const KeyObjectData& key,
+                     v8::Local<v8::Object> target);
+
+KeyObjectData ImportJWKPqcKey(Environment* env, v8::Local<v8::Object> jwk);
+#endif
+}  // namespace crypto
+}  // namespace node
+
+#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+#endif  // SRC_CRYPTO_CRYPTO_PQC_H_
diff --git a/src/node_crypto.h b/src/node_crypto.h
index cc8fc689f48438..80657431a791db 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -46,8 +46,8 @@
 #endif
 #include "crypto/crypto_keygen.h"
 #include "crypto/crypto_keys.h"
-#include "crypto/crypto_ml_dsa.h"
 #include "crypto/crypto_pbkdf2.h"
+#include "crypto/crypto_pqc.h"
 #include "crypto/crypto_random.h"
 #include "crypto/crypto_rsa.h"
 #include "crypto/crypto_scrypt.h"
diff --git a/test/fixtures/keys/Makefile b/test/fixtures/keys/Makefile
index b78bea659628c5..d255b5eea80e6a 100644
--- a/test/fixtures/keys/Makefile
+++ b/test/fixtures/keys/Makefile
@@ -110,6 +110,12 @@ all: \
   ml_dsa_87_private_seed_only.pem \
   ml_dsa_87_private_priv_only.pem \
   ml_dsa_87_public.pem \
+  ml-dsa-44.json \
+  ml-dsa-65.json \
+  ml-dsa-87.json \
+  ml-kem-512.json \
+  ml-kem-768.json \
+  ml-kem-1024.json \
   ml_kem_512_private.pem \
   ml_kem_512_private_seed_only.pem \
   ml_kem_512_private_priv_only.pem \
@@ -146,6 +152,18 @@ all: \
   slh_dsa_shake_256s_public.pem \
   slh_dsa_shake_256f_private.pem \
   slh_dsa_shake_256f_public.pem \
+  slh-dsa-sha2-128s.json \
+  slh-dsa-sha2-128f.json \
+  slh-dsa-sha2-192s.json \
+  slh-dsa-sha2-192f.json \
+  slh-dsa-sha2-256s.json \
+  slh-dsa-sha2-256f.json \
+  slh-dsa-shake-128s.json \
+  slh-dsa-shake-128f.json \
+  slh-dsa-shake-192s.json \
+  slh-dsa-shake-192f.json \
+  slh-dsa-shake-256s.json \
+  slh-dsa-shake-256f.json \
 
 #
 # Create Certificate Authority: ca1
@@ -1047,6 +1065,39 @@ ml_kem_1024_private_priv_only.pem: ml_kem_1024_private.pem
 ml_kem_1024_public.pem: ml_kem_1024_private.pem
 	openssl pkey -in ml_kem_1024_private.pem -pubout -out ml_kem_1024_public.pem
 
+define GEN_PQC_JWK
+$(1): $(subst -,_,$(basename $(1)))_private.pem
+	../../../node -e '\
+		const { readFileSync, writeFileSync } = require("fs"); \
+		const { createPrivateKey } = require("crypto"); \
+		const pem = "$(subst -,_,$(basename $(1)))_private.pem"; \
+		const key = createPrivateKey(readFileSync(pem)); \
+		const jwk = JSON.stringify(key.export({ format: "jwk" }), null, 2); \
+		writeFileSync("$(1)", jwk + "\n")'
+endef
+
+PQC_JWK_FIXTURES = \
+  ml-dsa-44.json \
+  ml-dsa-65.json \
+  ml-dsa-87.json \
+  ml-kem-512.json \
+  ml-kem-768.json \
+  ml-kem-1024.json \
+  slh-dsa-sha2-128s.json \
+  slh-dsa-sha2-128f.json \
+  slh-dsa-sha2-192s.json \
+  slh-dsa-sha2-192f.json \
+  slh-dsa-sha2-256s.json \
+  slh-dsa-sha2-256f.json \
+  slh-dsa-shake-128s.json \
+  slh-dsa-shake-128f.json \
+  slh-dsa-shake-192s.json \
+  slh-dsa-shake-192f.json \
+  slh-dsa-shake-256s.json \
+  slh-dsa-shake-256f.json \
+
+$(foreach v,$(PQC_JWK_FIXTURES),$(eval $(call GEN_PQC_JWK,$(v))))
+
 x448_private.pem:
 	openssl genpkey -algorithm x448 -out x448_private.pem
 
diff --git a/test/fixtures/keys/ml-dsa-44.json b/test/fixtures/keys/ml-dsa-44.json
new file mode 100644
index 00000000000000..9c5005576ac51a
--- /dev/null
+++ b/test/fixtures/keys/ml-dsa-44.json
@@ -0,0 +1,6 @@
+{
+  "priv": "273AhMPiZWLlSQCY41yi1fMj6xavGH0btB23zMhI1uY",
+  "kty": "AKP",
+  "alg": "ML-DSA-44",
+  "pub": "fYmD1Rx_jkoW9KG7Bs_5zyYEiWEZs15tYBxNdKq9NircZnvZBwwwaGbj0UsxJNc4Dyfp2IFAZZPO3rFCSUdpXHPrGRHwIVMzwiwfu2V7V02xoheW4mrkPThA3JRJSmNdsx6YGu37MaeJkIk6AlUexo46JfGrkRXZp_IyZxiL_L2dPrfwx-32j7WFI5sBadp7cDWfNkJjdQwW4puTe5Rw7h16GHb-DMOAKpfeMHujh7IYHuLCU6lVi90j1m8Ru0dxdmeQ1eY1vDnO7fNQKfzOLhpUNnj7BBZ24GTqFc-SN5HDCSCsSGKScTYYBwiSVTdSGG1GNqIiN2FgE4z1Jj6JFVB_OIUnl4sKbb3m8kB0BwtUPbkC0FVokGRUEGt6ba1Pc_IMpB5Gs3g9PFREI_C9o1yVW3NS2PzH_Vk4Tpf0N1K1kzIK_3IqekLfyqXmVDNsOovsS7Sw9TdmdWUNGRmhXFKRkex5VjpMIx7OwBGsYJCc4FhauWdrVtbkvHGggSpsla73ZcA4Vzh7aq47LMv0KS2YLp-DMn7SEohPHGg74118eLLn88yptxwtwt1dBFj8BKUfPrytuN1EIRQy34hwbkBLN9wDqhgn3Z3fvksRvmgN_4ZQ8YjeD-H3OFh5WJ_Rd66wHSl-YFat-_JF4UPcdlkNUbxPvDi5VL909Pe3VlwEZhT5otdtXQX4U3dUfqWKEh2kN0Q2lo8wbf3OMmBOFTfyX0eYa_5088ZnJvvliefn-TCDyc6WlcZrNqwBOF8N8-IN3b_8RPq-RuV8-mK-M83Hi4ElQB7Z44eZMmfUwFrozEG4Wq2K6MwQ_edG4dWeUVMCloTpGDFOtlLQlDoAN4m_sS2Lbwm_3ra29noUcK8_j10yy-hENE2Yluh1pIL-GoWZj3uYO-rEKVbszaagdE0DJ_uQcHUdNnBHKn64-cQ6xihXzxaeHx9OxkWWMKbzLtKpuYDK_X7EVvm8YTjl_oTsr2SWT2usjNJko32DhRV-OXLKKHo5FJpCy2bGFLXGG26CglUvgZQ2dyXiWeGVNKffOv1cQ5R_RlU2MpLiZ1bigy9hh4lu_XAHLfjQfhf71jeMuF4nEBWV-YOAjDTaDB2hcGqv_XcGXcmLWHqOWgc5Mb6lkb2zYs_oyOskmyFx6C0P7UrV8kCiN4zbuTqZNdNjlWL_QJUmU3vk6CpNa0XN1M3sLjZpOEsaqgRVPLcIDH-juVhyWiymuxe-8yNCOFSKxhscew08EQ9DEckP_iIA8qU2gcreHtvAS5VA5Emz1K2ypYe6oS3ogP-CX4nOAEfvjsb1HHJoclgiwjL1BtCLFgOE-0vn1M-nVOE6WbHGHoNKMJMHP2a3HQC7DmDfSOw5P6Cj5X7QVqhCY6tAGZWEPu3hUssp7K5UJePEdBn_LrErt4ucyXW6y1PAA2Fn8EuHaRyf2ggibDGnzq8E15m_R4LMvZAuGR0bN9jBTlm_x4ZQMqFwKkIdllkN1QTErazOyNsgU6fhA_20h5EIYT6-LqXr_Otj3Kp8MkJB9c3XNGoo5sbHTQCt0VNOHoxCFP_swiAJLtm743eOsI1M6naWLIqPagSCioosAvJYowypJQGvM-N3hBu8KUr0f911KRN7WqTAXTOHZ_vvTqcWKet0dFdh1EHuP3TrU8hSMciaphGvuK93T3gaWuJ6lcCkQndWvEo9S6FQB7eLU_ALKOQ3ROybUUkXgfyTkWDPxbHdeJCgMRv6Ig1PShPyxYb4ig"
+}
diff --git a/test/fixtures/keys/ml-dsa-65.json b/test/fixtures/keys/ml-dsa-65.json
new file mode 100644
index 00000000000000..0f11b2935daffc
--- /dev/null
+++ b/test/fixtures/keys/ml-dsa-65.json
@@ -0,0 +1,6 @@
+{
+  "priv": "1X9VEr_iXMRwBvnSytEmHrtA-DpD6FWAUqMrDNlJVBg",
+  "kty": "AKP",
+  "alg": "ML-DSA-65",
+  "pub": "hxPP5LvG83t2fJyfA1TUssJK_ydrzryrCHGZuKFxmnl5Y3sxHRCPW_JpHEoiIgR6kgELnwibZnueax1zFerTOTA7o0NwXHFiaEB-8AmqJI93DkvtbUOSTCixa3admQBKW_PtgMCVtaEVuuvCuOEFhOyuZkyfvnpBwUKOkz3t-O1wpgrSmf-rdPXOEv8YcsSn-xfLYPSLzPCnt7gnIX_fwtkgnXjref-QqjFKlKZE2e7MkmHeViJ4iGy78r3UzVhBHsmFGC0ZNc8-iT3muH5Sn0SXmNq-F2EoerWLIAsPxL2KE6UrqPAwTbHn1B5sAGWvhsVVLlFPI1s1JLVLBNRJ5vhif525xNIpMAMuAZrteD827pve3zQo9_GHjWgykj9VzM9PEcVmVqxZ5u41kUXsM4PWZF29Oh2sYsmJ2LdiJ9RcA91vRLG2DqEYm-V5JwIz8uxL17DUsEC7zYthvtqGASq05CbfPTBev33rQUv4H0Etz99U89WooTk0FisHDz1uEUilU_VY1tN5byIDitXNf0jnz3SIHDUUZARn7ll0YwO0jtksT68sQW3Liy6Exhlp1td0so2qZUrbVZasjyCOVuibwbwvrdpP3QRsoG5UqkAqk8Rm2iCpdQSg87pswOscgA8AC8TczGHNfXc9PqzAmbsEPKvmZuE60HLGzqpRqFULf3nyYUQUqbdmKJsKQ29LXeDVbyy3-fkTUDuYqNC2tBY7PkzHJSA9Z4hDC_BHEFxcelibScSNyf7y4lDVWnuJMXpQ0WRh3UkUPa007IerhixwxvBvFXQR-ytYinixvjirlcEF1wQI1DzE8KjOXYYuFPS4Yl8HeZHQ-64Q0RuxlKIRP3YvjZWh4IDVvEVs5ZLzZPbE3Twe0N5a7iCu0BzZWTeHNbcMoViFyJTpec2w3vVHeI4PJB-5HeI8xuh-9y8ytTau8QtMe4thoROoajizDQLrkw3e6ryJJ3R84i0oni4vmZWyLDilwcLqPOkQJCIDMjq7exdmVX5t3DtAW4F6Coz0z3sf7tGlSMVxA7izCoVbG0y2_l1P2h7fWBuEPT7PWlMdPqu9Pj5jqXY6jJ0nkaR_pp7dDhO1HKae5edcBYunHZqVQQjRZ_DvKzbPrDk5t6Xq9fdSkiAeP3B4qn5uU-nx7OaX7DRoVEnbbiEDynIRPSEY-Ts3alPJtBv8zuzaGNyX05Z9MyZ0w-VlC-WxOBdVEsIAp_4uJ3kQ3UsfE9DLJH8WPuDI4t4i2VnNNyFlI0XSUocc_0rWgqp2I1UzSzkVbklwkuFywPI645u4G2XAlfdd_wpjFGC-IUPXgpeSfspPwW15sBP-ITS-gwtvfzQVLpRS0euzN97xo_GMhNPZ4bW-YyZt8z_R8bsQ8ktfoP-5RUV-yzYDt0tA01QJsZdBLf5J_H7qP8l4c8V4hPe_CFL032obbxmAnVPAP69u2SaMBlL8azjk4wGVFQpQp1JqMJCao2W8ZImCVegkPZxhGbx0nkgVfyFx4ihMeDNM288JbGC4CGON8C02Q84rQzhwzZE83Y9rSe1Bb0fUMHMu6ihD5jLdeltuBL4ZdJlKgL24KZK5o5pq4_l9SyzGAjB1KAQnClNOB1SxV89CtILu-65wb17s0z3qw2-NF0B6UVlGQFebjbSyLQv2ARaETh_8cBiPugVMgBIV3K1KBwNyWejyI1ZDCssvIZHJCF2SRW3HmJerTiB23eGHFYKSLdxW7LEzoHIc2xZEc3pwR43gavjeoL0pNc-HNFV_c19wiH7Tnw3IHld_FfTqAIPnqKMNIY7D_D0DmFNTOdnzcipqKxUB0Avc-wr8Fz0gjeRpLH2iDSCJWtvWjoeYvHTktGsblDAM5j9xznwEvZfQvj8fTUnFxl3clkD6e9V1jrDQDkXfOtl-bDIv9PtMwamfJFu-z2ubF-gKytUewPNo10uhwr2TDNdUayCZDR2T3HoRLN8goIw2bFoPJ98LoPcSukEvKABjH0DiHNeqFELNZPx_uCx5N-YFkUZxHWA1QUoGhqQ3REtcT3c-SZf_TDFOPvws6bmwt4lcWpLmubOAJLFt6J8m8HCkVUshRdFzvHQm_0JEvA3JtyXZzvsPUv5njdk0nxTZktvsnqX054RQk5x8U-lBY-bK3uMOoFnHju45LMoHCUgGJi22eUm7nLGZEh84ZAbNlPLXpfavXvPJh21OW5EOAeuQ-yWNHY2xbmAiHNnb-J2VpZc1Vy82sxn8umFtKduuQuIQMOsf4qHqj5MzDY_1NjrM4Wm7XAiLC4MpQ22w9PWNQXSZWvo2fj8WUnfEibpgyRkoD2P25GRQqsRJ3-Ykl5bm_2Vfe6i3oXHOwQwZwKGXfAqXyo4iU1UI7e-qC4sj5U64oB_A_NSBaJJrZoQ2fVeGTnFxA4QMMoWCT0VlwBXK0B3jht8Xal3WcI-i9ctQB1-GrmwwgG2ttePHt1IKy69bSZE3FLkFicaHg6VxypG6ef8rVsmMrfpTATOnF5_iEaLNY9428HHGW0iz4vXwaE-MkYy7NK2KMPFiCB0ec9OjIROwayK4LREv4qknWHnVQRSm25Rr9DcVFXKj16Au7X1hv7TuVH7h25U"
+}
diff --git a/test/fixtures/keys/ml-dsa-87.json b/test/fixtures/keys/ml-dsa-87.json
new file mode 100644
index 00000000000000..401b21fc8702bf
--- /dev/null
+++ b/test/fixtures/keys/ml-dsa-87.json
@@ -0,0 +1,6 @@
+{
+  "priv": "LZSOlEPbU9S5_mSsMULffTyxZu6qKEOQ1nfEi2NCscg",
+  "kty": "AKP",
+  "alg": "ML-DSA-87",
+  "pub": "DZXqaBATRN0GRtigxzkLxp7C9fFYxI7Gl-tdfXqJHbzVCTTvRfRwZcu3YmpsUYXBdX2pVsQ51QlqxMslKBRmfNCanBLcfd57qoEIb0K6GIKZGHxlsr9aXNjEGcKMo0ICon0LYTvTWrl72Oz-2yEA_abPK3_dBUFGAYQ6kOQhAHcT1CMmTTck23PnEd5WUpYfZOA9giFX9dNVrrdFWczj_vDOty81ObNKsxfVWT1nG7c60UCJxb2c2tMrBx3rp7Hfc_aOg54W5KHocJi0Eai0ok4buySTe0UCSCUTkeoCcdiABgOFBiXRYzpm3Lz4uot6hSgFpuh67fE9Zpgtn64vfI-O1mgcPrPPpd3yA92Jrq-dvXuM55w1RmA_hha3U5Sh2vm0tD1U57q945UppFReIv_8NAKBkxQ_vHil7ySm-m7IAM-sTUY86_IqMZqisxoz7Ff7ZR2vIiUm3-L0ow4B8uPsCv2ZlUoVXvMF6XQiOHsgqgP1rfH8DmfmPFudwiXrAW6wEmi10skPmkN92aC3TPG6nmaNryQ7f8J82yVmGxW9U7zMbg21qNkRGBi_1YwEt6D8V2pUWv5U1a4p4-Ma0f4uQG4g0odM-WGomlh7pZWZf3sffiPXk9wBrGisxtCJuaB5vtkheWxpEfWqnhc3QdOWfrsRg6P1h7M95SNVW0U8A38wwrqPOpzEnckCVdCrZz2b2KVln6a4twfINg1-3lEZR4rkEmTaTYlLFlXzbRFWBBPGATxeRxhQ_9N5VhHi7STWPFD5HIJyVqz436bbVvM6Py_oldT_xt_tWlPc0w4Pesy2CgaCPlJCnx6cjEg_sRBUcRkBoHqa7aZj4JFFm9bzEaiJ2MKfkHVT4xdbEimMHsD0HkIQpg5-zoB2Jsqgc6Qi3L57hZi-Q1V0G2lmdZ5WZkQ2m5hxle4hHtAmghgynK2p0qzDWHScxHcdd2sInYqQgMYbnvs04YYKWpIfndCUBs9q_EONN5tn8gfSwHEKlQ-KpplEL5kc-99h2uaZsxRlJOF6_z8EZ-aKaKY8jvoAV0g4kZJH5UKy_MkBiva6r-zXUmo88qJjXQatOOSdfvJUTiZiSfcpBQqF9SSDD9WWsgInaOCKO_fAFf9fuacXDMEj0esUx1YrVEe_77S5uObg-UrK405U1JhKJJvd7o8xQKxenv5BJdsbbyYQDbSSe9BrCqeHEgmfRHTXdSvl_3QOP0Ej-dT8YJJHZ1lrujU7Zg5f5Kg99tU5GdLMbHX2kt4F2a0NX09HikEemvUg4NLPhjOihfVkChr-zdF69nfsnTiaQrMgpIcl9jttN99_8Gju-LU8OWbb92m9RLxAUFP115v22f77YPoILm92IjMZMkxEhGneoclWhnudkyR7YoTBjCnT5b7AC9_05uls637FmVf7Ck8-MF4gLil3dstXi4g24bitYhxxqWwiqF4vsDouSGUnuKCMwx3TLsII_xk77TjpQP4vpLdYM3tn94AVlTMMhnI-OZkVJk-_mIbywCwRHlQb5nzVCc0BWlM1kb9PJys2IfciS8LWEoxeq9moDX5w72yJKoLN3CWpD3VdJAiW79zUaySw-IeW0XaHnlze5fYnOozG8lIeyQ9sMZasMiFovGnR3b7jyMtA38U33v16fouWuBILOu0m_QOpRDI9i3rjRM6hdC48zCtNSzc1_1VPYkWDSFK1oVAjdd8-2rjyqdPeUwnqD26VA9_d3R7x8ThrazdbRC8U1hr9jpqNHuZ4LGYu3Ui8wB-lSt9QMaHz517MY_zBEoNGyvbQWtlM7mvLu12KoMM7nvGrPJnvD-HmxTqsVQolD8_lIV5ao72yiKDpArVr6RuV4PpI0j_Wy4-yDCuwBW0gjnB9GvCwOTeByYXJT6Ul7dgHck4BbF3IyFgvmY--ceWr5mBrbAC9LJP_4Wf5O6ul3hFrhiG6zSV4zzBYLnEwfW6LNLEZjZKgmBYiC5s1xlxYWDdcQ5FGmLQ9uEDkr4VItXQWvIIdeBQPyujxmd965Mig9-Sa7SCyV_3wH8fQnGlvU-jJMGL0zvzB2gcu7hMLMagUBj1AKXj-UxpbX1i95f2TOiZDwMeCCszgvCjQ21XKg07TBXrrOiFcgcADgdo-HJr7O1T3ozOIulq1PDM7QZH6i3wDD0j3b0NCdqKCWqhfLXz2-FszyUHmA_GCzOLVzrLT2DcGWIcQbkvF0yZPgTyqKArKa8qytOerdH6oCJ0bRl96855sMVjuUdyVLX7XW_rVTwsOwV0gVAx8SrzovtDFeHRNl7BQKMsyQ1BjWu25jqKJ598vAi3LCZv0kMdiC24qPdgZU4e2aUkco11EnD6nJgdqsVFxufCl4BD_D9g5Wy42fJt4ZgNPAcbUf341KERyReeBEQj-qlPB3IUTIXcJw68GScebhxb0W_tGKMBC6-ip4QfNW7UTxUxVxmCV7h0yRnBBlkuUR1eYQwWRmEPjKd3dLHvgHtr266NQmE1tnKtJlsdPKb0ztrI9vogsENsgGNFQ2tHoeX8vqxcagGznlPVPfc3DlqjBSeTFQaPWvmCQHVKgxkbvffKzFQyFvXEqt6bGGtkwBoRJ_IIwtSeWQ2nFPBe3rlyKrtSnQFIMibJbbYvPVE03Cld9R61r-GGDSQz4aXekLzePEVwnxpe4mWJGco7ctQyE73PekL1uo2g0bRK-KgaE878OiLRBo5T7c633xEf2hMy9532M2GVdTZuoE0LL-wpAh9GmNdvJZc7g2sINvwZi778v2WHcYEKqXvdmrX-Shyh3QkzgIGZrDzM4UlxxUWaXfZ0Z6PNguk7Jafqf3xuUe9Z8zfAJl5c_VA3k8dn7IRg99hRsh-TGBCzqzgjJq4p4XMWP2QuxFTGSgHRe2GSCFzd5-lPjrj76ZyT3MPUxQe_bV2VE-Oys3MT-VkCCM8jFCANXdrfltG6jSiUZ2uJUWNqdNnxPglmmyrgff_m-5CyIRWYXQsIdZGspqdjzb4F6RbBKfL2PQlM6zUfo9JNmE8YQq815Nxkex8vDOrImnew312fZA6rRjr9_uE4lEbw3U7PFlCKBUPvPnsdgedjKYhiS0xU6iS1NDKOvYhcrkCkiU67EmFD4U0-OCv9Kpbb5bIxTJuv405NxJBElAMVI-ya0ns7D4-xUPn05E7PhtGZT0eHwItjT6omThTsTHwB_bQqYfNrjrObO1l1go2hQ-cUadZYsG5l47CB5RlFhANtaC8tiq4KJi48TmEEApB_0VwOI4EmI7SR0oaqx3HRXZfeGevCx2yC9aCYM4HqcyqP2g_1HwsOYzwq4XDEbK5Yl1dtYABxPoo7t8FBq2sSmfrBJWFv_nvreb_DPwbfoSeCy9knqvOktSQRrPMmo-nNGpandBvjmrjSk3EdeziAP7XNre5I-bn_2voDxkzGFtUM-wzlL379ASRGej8FkNWaOyqGP6Anq5PSJ"
+}
diff --git a/test/fixtures/keys/ml-kem-1024.json b/test/fixtures/keys/ml-kem-1024.json
new file mode 100644
index 00000000000000..f7550808ad1833
--- /dev/null
+++ b/test/fixtures/keys/ml-kem-1024.json
@@ -0,0 +1,6 @@
+{
+  "priv": "XwegslUGcMnzu1c1NccsyRmBaObWSESIGO-ftccj5MvAwjLDAJV_u5KhD_rnJLoLOu0eNGt4p3Oh6Mg5ttxICw",
+  "kty": "AKP",
+  "alg": "ML-KEM-1024",
+  "pub": "DdeBJ4eqvZcmMWheoVWLNhEF81a4GZCrE3Zc2aNgyvY0adJyciCEsFsEvfy3WSXAuRkChxyZtale1ZC0RcVXouFbHEt6mAimzfgaXAojEkVylpOIOppPUZkV8IRiZ4IutPurDNqRXdY3fQmYWwExVSFfoSFDgTgnCUvKvTk79yQoNQucORZ9HFwPj_K7-TpyGbgC7GElMtui4rBHSny0BCJMZeafG8wqK9BcXRN06SmxqRNqsRx9HLJNwphr7IFcMlZTCIxrxoMckfkMe0BiVSAjVNaIB5RvciJbcmR2xqZPEYNTVVKAuIyaJvmLHQEv-ObKfwUnz6WN0NGZjhp7_KYAxYowXjpuThMGGuuSbVyGh8JYzCMx2ng_T0ZxeDG_lAcmHKRTpcdzNThXnsuh9YVzD6aQpyCcaYqxeGVQoex-euQEyPc6PqcsyfHLWxlgPuoCx4p_BAunJCASz_tjClUheiQcCaYAmMmSylOElQwsovdX9uy_NOJ9BmY9cDSMPnaJhFhvIxFR1jNg09ZCuXRYJDiIyWBK2czA3vt9ZVo9o1QnM1SZjvYyCoBO23LHGSZKuHw_ISOeTcMv76qE_4kNlpXLktBxxXmPNBJ7rZC_xaemvkGS8zjGX2Bqf7cGDzKQbEhWk3ovptV1FmN2XykR7DkEa7pOn6iKpCB5yCOr4AHM0ViKqoa7Z3MysSinTianEKVsVLBH0TwKt4c8g0ihCQaITTOtF2QtjYMSIGzHnqVNacJ8yNxDRVLBOqY7G2qXLTp8YUuZ2fCXevBcCQYQNeYQlWURtPMvtiIvpIiIZgc732fFGThZ38bH4xG5KRxD1xq1gLWQZwkYFvhoFSNsVSpfjIJJSaPD76nLk_KfAlQMpQY0SXCzjKGVeoehT7eHrwpQy-oZoThCmYZTI8E5khTCk6h8fis8WAwKnTKLVVuHL2BVDZVG34lp3uR_bUGNDtgNQjJW1LctC6awz0nAtsZUVukbs4VM_Mt-kzZBPtoDPdTDZKGGGiQ3UJAuzisNgdomiloOFlWDWAmSvcYE_qAVnVw66LchMtkGZmEGSCWtIWpxQlNDNvY0nqwGUhzH8ruqlsti30jKu8yE8_J2RdkPKoQre3JcQlZnWaLOvoJ9nhplc7UgG_e229x1XgiTSSy_vLTFPWg_opM6ZhGDwMZwFMORgcExj2HEnlkyVImZeKAtU-GRCgCBKFPLJiNeLSCfNFSGu1NFoBYPxkOBCrUCX5lZt5Um1rYpeemR5otK7Kh_tGJIQUlogeMJTIGS7dZLz0EimmGaaeXAwhN5JPBXkiKPhVhXX4tYb3uaSYsQbtRiw0RdEhysp6EyUrolf-OqOEwbiLJoJiN3hgcP-tuX8ZXIdhNmmyMzD4lIdpZmkkAxD9M64CkK6YFDthCAkHt2E6qgB2liwiwbXNdqU7gH99V2wlycYrKMaKJU5xyzyaQMMUMscapGB8GGRKNhVJwzzka2AxG2tKo-mhllI8ZrcQuHOMQo21jJYkob6xgOhFulAlZ-_icTQGdZ4-g6pzk40ih9rDWfxUYyJNN67-g50jvLIOJrJQEYjcg4TXDBuFahMtTNqOpvAazHFDeqV1iQz0mHBpMMPvGi-Gs5GvBG4kK8m9dMXFtUHvRbToemW2jAzXFjzmW0BEkWs-WMvbwBL3p8mElHZzuNZCsp5EpEzIqDsgktvLHCa5IVN5CrPUzJC9VnMYYrDXIBF4yOLmtFxQmxQdF8RUJc0Oy1aKCA0bchkiuLIiW35tNMd6wDFJctpLoMGxIlNthoWTYYYeFNAEepvZdO_iM4NBd5lACS9pqyuvVx5GmGpFSsPHlyuMWMHQuyH5tf5tCMbgTCkFsvAxo0attaSVkYK6atSBlS8XB0pLQqd_cj4agOy5YSLbACpsI2KfJ1epKFgyB27_yVf7aa4xQt8ksu-ymrgBufVjg92pNzG2dSC0WZR4smS_RmTxZJjvBTVBbNwrilplZROHtWjjkIBNyzNbNu7Ds1c-Jo7WA39WE0awyYc4EVITG1khNS5oULg-AXvXTtwXmUn7GtGxXtlfBpE37RJhm21PYl7WQppG3c0Pk"
+}
diff --git a/test/fixtures/keys/ml-kem-512.json b/test/fixtures/keys/ml-kem-512.json
new file mode 100644
index 00000000000000..0de58f1f5dc47e
--- /dev/null
+++ b/test/fixtures/keys/ml-kem-512.json
@@ -0,0 +1,6 @@
+{
+  "priv": "sjVhZaMDzdhH7rMaw7Z9HH-7LfipY2weXpCqr0I3CMzOt_jB1xtlVqz7oLTcOAx1JNA-E7yXLnGPgZdplLmOaA",
+  "kty": "AKP",
+  "alg": "ML-KEM-512",
+  "pub": "2yWZ7mEhbKJopHmZYXjGERQrHBHCQqBThjwVU5gvTPWqPuqAo6cHWrOrHCBt9aGSyPO2BrM0w7O1UZJsadMmhRJaOvN42AvD6OuebvYke_ITOyi2rbE_zww648ox1JF8ZMsTR8ppj_qX_qiAYaFCzpqGG5x_swuYBshuwnSZ2pilOTQ577dcOHNUDUZ5tjdPecuxkpQ_QOhhGJHKzoVY1Yiw4zpPD9kKLxO7BzUbTLcNZSs5VBJ5Ukawy4sfjQa4QNRooMIVCgG7IbVYT-yvgXljdEGxfBYpsewdHXWCF7EHtEmlYsIp3xlPjSbE6FFLQLdqQsiI5qotm4JGPCGvlQsi1AHDyaPC1ZImL4hDG8IXsPxPfwfMS7On5Atn98wxMQo9VSizpps7LFfOMYRH6FmYljbP9BlWesYxGXkZ1DRza0tKrPaZMjAkoRSrGbsHahwdyNtMVnirVyS3OwWmHHSHOyNfwKo2WWVLK2u8pxiVi0d7BCEx7mW4otGhL_iPn8sjieYWGRvJ7Ly0U8areAsFe3KbuHudnAMFw6A38HsIWbbFUjkFb7IJv4WONuUoCqpDknOYjBKUW2U-qtafz-OrLDbPOtBC0iDGTjx90sLHG7WgCbuwfOS1GVcjwNIctqxjXLB-VsEGXOmdzXvJ69MllEB9asBc1AtA86JH8fVMyAYW1xsEbDO6KspBcEtcusJevSKSFGgg0TxrJWWZXtyZ83XBLqVn2AG6WcqE46Zx5tNhrRY7bSIVLPALa6fLPHxmO0CG0lCTlDi-ZwB_GUB7xYBsTcigoIBtNdg_BlqAEVG67jm0zlg3KDMNbyfCBVEpWjAxq4mm5DjMcFaYaXiUv0RnamoSMmG5TXU6HbIC3ZcXs8FX-5N-susyj0wrKkyJI6vCvIOmAnGIvEQj5rc-0qRZZUXIiOdj2rBYk-nAYvqw6pt9h9FVS2g4siaHIZRsjzo5R0h0atWP0ckqTOe13XGM07kvS4wjjYMgawcAfNCUPnR-uMdsy5wuGDx-FWb6gRnhWsPg1S7W-B2grxSPIwotTjc1sKB3eUq0pa4"
+}
diff --git a/test/fixtures/keys/ml-kem-768.json b/test/fixtures/keys/ml-kem-768.json
new file mode 100644
index 00000000000000..858a638b79a661
--- /dev/null
+++ b/test/fixtures/keys/ml-kem-768.json
@@ -0,0 +1,6 @@
+{
+  "priv": "kTfye65c20Ez4T1rDv5YsC_kLexfNxNQHRZohALP3OhhjjiwFoBsHg0-HRLIWO3Nx5OwGhsUToPjfW0OWIU34A",
+  "kty": "AKP",
+  "alg": "ML-KEM-768",
+  "pub": "z9U_gZgaizCOmrqIThIwjRqvJlO8UoFKVrJ3hOQ-Unq9jMKHMJwxsGzDLOAyu-aVbQtJ4slhn8KtXUfF16ln2dxF2cvJDlUHQrrLKLipMKAx5KJh8YMwMhJzUwoRySHGitCikgRDMQozJ-SLmiZd4UY6WfaRL2RHYNkRWxS9I7iIegW3LFc_r-UqP3uew6dcXQXKYOjMg1u9NYg_DLO6f6vB80QnxJI9iMezKmiQHaSokWFuTsYzzHQcbsIg6YoCGvSQQnShzhRJJdhUFxoTZmxZABaGJ1yW0El7N_BWqLBlAVPGbJyGKvOQ4Pos0jGM79Gs_UObJfRykTFK6Ti9fGATnVS98lJu9fkbCYGZTsebqvFED6Ge-QcMu5NTtGiGsDyDY6iqNsS1rqfA-kJ-SaoWDuocAUFqkRHG1nVmEZG4xFZnAjlsO2duiDvD7CrE6CNfVRaapyZh8QbPXmVe5EQH0jEZONc6I7bOeLaznSrCcty1xoF2tCigxOQMbrxlnSanrZgisBpsrxVWpiQD3OXDw4e9njWgiEJhhPcFJpWYS1W0SuUoVJkUT6yR-puk_ENq92Ce6XWFirVwHyWmGCai-acl1_KShFJC_AcuHVQLWACJGxyIVSwQEpMTh1B8sjR6wVafCJKk0eTNuqQwCgd9m7UKK-y61UxpN9RrxffBnKlchpMJkaoimIxUhEEpT1OLh2Zo0QIeYwWn52JxDOh7FlGPZ4N8axsEbzVKAxMuiHWxH-ZJTaWZUzjK-VmW-WmMdJCfCaF63DwGLTYdWiBh3IYqKREx61sJT8F3CsknL_mMLLlHn2Z7L1lztfVtOXckoYR5mwN1ybwnkrxJ_pOqv8GgblEU1GQnBjHGBdaE8sGsqFmDn_rPSmqL2Lpmv_e41LQj7Gxb8XNMtAqDoOM0CBF4KUcPmjm-XjZSDJOFVxoc7NcYWkWiybmW9RSTgVAdzYkep7CAihqMD_R0eiGqehWC1ZTB5_mkJhstbWyjJ7Qs6bdlzqy_hWdeZeQy9sGxnNyF_lik2qfGAKTLwSVhJzBnj2pngBKiYUmq8Mxl2Pg3xjVX73ys51gXX3fES1LCWuXGVtx9dblnYSA2LOCZqqZwZXWPNWCkEvSYQywHM-RwN2dan4F7v1O53bcD2iLGOxXO9-m7bMB7txwpBRdS5aLD9VJjYCmnymcXGOQX9tSdstddX7o5UfB6xrZeXKg-FMyYtnAzM8eJ2vZn1-IYyWoilrzPxftCf2uVU9w2BLZmLCdHvPRPtInFJ8S802KDBvJhJrUAmHgoI9uorjSwOboDpjrIANpoi_t7IpoiS1RAkofDwTxy_wcXt2kBQ1aHSoBhukaIjZZCBwhlE3E-rcaLptUfwGkg3XULcLuxg3F-GSNYWVAffuQS-oUnIrZOmCrCT3xk4tIzy4QX2PlDpuoYjmCsJQQ6o6gfmTYNZzfIZ-hEoxwfFeGyDNZZj-pygbpaOiY2t1dyE0I6PMp3mUKsHMkaXplYoYG7sLy1RvjAISFkmXyC6zmCh5k3QhB7YfygA-qz0Z3cUbIfezcJdafgaqMyR8tSsGyKJO0"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-128f.json b/test/fixtures/keys/slh-dsa-sha2-128f.json
new file mode 100644
index 00000000000000..73caa631dcb7ef
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-128f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "kswcPRhjgmqQPbkg5lsMyuQcu-ZOHSWbfRhL-2li-AGkwI9XbgFD6X81JbH9HfJuJXx8vY1hRVUZv5c1qE91yg",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-128f",
+  "pub": "pMCPV24BQ-l_NSWx_R3ybiV8fL2NYUVVGb-XNahPdco"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-128s.json b/test/fixtures/keys/slh-dsa-sha2-128s.json
new file mode 100644
index 00000000000000..05281a8be1bd1b
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-128s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "VtJ3cgPNS9M7Ykbjo-6joece9TLBphj2bqtaDy4UfvaVMuZCtJp6hEw85ccPOCJ42tAUOYWiwgeXVXoLhEX-LQ",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-128s",
+  "pub": "lTLmQrSaeoRMPOXHDzgieNrQFDmFosIHl1V6C4RF_i0"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-192f.json b/test/fixtures/keys/slh-dsa-sha2-192f.json
new file mode 100644
index 00000000000000..c32fb59e99489a
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-192f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "mummcFLYg95SHML57yJ4C3w7Mm6xpFXk0Bfk2n4HnieqqaWkMl0idgROda8QK4sNyAWdOpq8UjRAT8Qj8s1L5jTlU5zTqsU1MKGCQ8SqUs9vGFVQZTAflWYmLhsEBAvo",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-192f",
+  "pub": "yAWdOpq8UjRAT8Qj8s1L5jTlU5zTqsU1MKGCQ8SqUs9vGFVQZTAflWYmLhsEBAvo"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-192s.json b/test/fixtures/keys/slh-dsa-sha2-192s.json
new file mode 100644
index 00000000000000..01fad7c03ec028
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-192s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "ERjvGyNtYoNScJgtsYHj6GMTEFCATN0iX07PWWSeNSTUheWbFjODji3KxigcdUDnn1nyqNTmhhKgvYKs0TyIPqYh-37_SIf0IHAYIle23Vdm498Z4LL1AVaTPCAO7VEc",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-192s",
+  "pub": "n1nyqNTmhhKgvYKs0TyIPqYh-37_SIf0IHAYIle23Vdm498Z4LL1AVaTPCAO7VEc"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-256f.json b/test/fixtures/keys/slh-dsa-sha2-256f.json
new file mode 100644
index 00000000000000..a7b14928eeef4f
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-256f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "EIV0GlJ4vcRh5fyncXQaJfPVkNJ35wRlPy5d6UymrEEm9ZzFfK9uVcFDVckvWsuhktzzFbFV_myAZn4Vig6UOMFGET9bxBUOYl2QWI1giMXFNbCADWAm0FFU-gcKeok9y0lM-EjBY75MjDWwKydwvIoHcFRCmnXYqSLZRoT5Mno",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-256f",
+  "pub": "wUYRP1vEFQ5iXZBYjWCIxcU1sIANYCbQUVT6Bwp6iT3LSUz4SMFjvkyMNbArJ3C8igdwVEKaddipItlGhPkyeg"
+}
diff --git a/test/fixtures/keys/slh-dsa-sha2-256s.json b/test/fixtures/keys/slh-dsa-sha2-256s.json
new file mode 100644
index 00000000000000..333e7cb2fde1bc
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-sha2-256s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "VJxKoGT7hOJhHGCTsaLB3X4wd0MfrXVsaxdLI9Z8MnZZs6DoMTLXduHu0nteVaZmWxgRyWa_mLls3C3T2tfWIhq-QlTkd6f8P4bJ9pWMV4ikXKRnj-ZigYcX7YsGePoroiIZigkam4Oec8vkMBeGUrb_uq0MYzhzsLT2DzoMOwM",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHA2-256s",
+  "pub": "Gr5CVOR3p_w_hsn2lYxXiKRcpGeP5mKBhxftiwZ4-iuiIhmKCRqbg55zy-QwF4ZStv-6rQxjOHOwtPYPOgw7Aw"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-128f.json b/test/fixtures/keys/slh-dsa-shake-128f.json
new file mode 100644
index 00000000000000..857e4d433d23e3
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-128f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "Z27RiyJvdyCTB2Y5yUY00MPt1YwBseifWehhFgq_qbTUC780VD0Srqs8LsBcwxU6Kb6fH0G0P6H0xO-Hm0GjVw",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-128f",
+  "pub": "1Au_NFQ9Eq6rPC7AXMMVOim-nx9BtD-h9MTvh5tBo1c"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-128s.json b/test/fixtures/keys/slh-dsa-shake-128s.json
new file mode 100644
index 00000000000000..97ffc319c4d69e
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-128s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "g65qYjsKQRA-ms1jkEUhDm6jqivybCJqQce42sa6XHGvpnS_gRLNAKGjZ1fOIh3zW43jtUoRaOnMmYS5BQHbTQ",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-128s",
+  "pub": "r6Z0v4ESzQCho2dXziId81uN47VKEWjpzJmEuQUB200"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-192f.json b/test/fixtures/keys/slh-dsa-shake-192f.json
new file mode 100644
index 00000000000000..1007cb4715a126
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-192f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "bsd6sYWxjZneB_sh6DQPRtHoaXy4Tk9CM8m_rG1-j9SFEMfhi5R2mI1D0k5aZNH357yJCvE_OYb_ZgESlN_YybjYWF8h8IYv86cfMwDUURrMUJ59UpYvgrIdCVUoiW0g",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-192f",
+  "pub": "57yJCvE_OYb_ZgESlN_YybjYWF8h8IYv86cfMwDUURrMUJ59UpYvgrIdCVUoiW0g"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-192s.json b/test/fixtures/keys/slh-dsa-shake-192s.json
new file mode 100644
index 00000000000000..8080b872dffcac
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-192s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "L3tARiPkHgPWqs0-4NdjUqbiIiyFMSsdIeWLmA9JmiNve4tBXv7O2_k9dHy3l6QZ81CbXK7aoO5xG2E1QimrNax0lwPwM1jMFizaa4YPd6DWCIhzPopoGmBgnS_ZJucR",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-192s",
+  "pub": "81CbXK7aoO5xG2E1QimrNax0lwPwM1jMFizaa4YPd6DWCIhzPopoGmBgnS_ZJucR"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-256f.json b/test/fixtures/keys/slh-dsa-shake-256f.json
new file mode 100644
index 00000000000000..9923b9cc4ff9ec
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-256f.json
@@ -0,0 +1,6 @@
+{
+  "priv": "q7D_kC1JX8USxQPeXS7IlD_E8o0-hR0y2xHANMYvYiX_wKo1AdVNow6qA0mfH-B5teztOAwSh64y3OEfD5r-yLwga0WQtHoIWtDBZ-n5NTkxYf7y3D7PeMvF_Fj0YWB0kCA6-OhCgR9Yo_7yIK9g_0Civ7qRa9h6l_EUZcv68tw",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-256f",
+  "pub": "vCBrRZC0egha0MFn6fk1OTFh_vLcPs94y8X8WPRhYHSQIDr46EKBH1ij_vIgr2D_QKK_upFr2HqX8RRly_ry3A"
+}
diff --git a/test/fixtures/keys/slh-dsa-shake-256s.json b/test/fixtures/keys/slh-dsa-shake-256s.json
new file mode 100644
index 00000000000000..19f5b448495398
--- /dev/null
+++ b/test/fixtures/keys/slh-dsa-shake-256s.json
@@ -0,0 +1,6 @@
+{
+  "priv": "VPJKCkonGISeCNtpeP8TPBh_zMKyTsEsbvyDuQrAamdFDyyZC9cpQAmzgJZsEhjSpEtXeB8Cf6kSzGkexQVfrSOAVALUzBRSUqj_9ASM0y5BcguvswgdMnhRHX6WagimaY5zg4Urw_wA_E_i1nBn4OEQ8eX3haM3-ZeQAdKu758",
+  "kty": "AKP",
+  "alg": "SLH-DSA-SHAKE-256s",
+  "pub": "I4BUAtTMFFJSqP_0BIzTLkFyC6-zCB0yeFEdfpZqCKZpjnODhSvD_AD8T-LWcGfg4RDx5feFozf5l5AB0q7vnw"
+}
diff --git a/test/parallel/test-crypto-encap-decap.js b/test/parallel/test-crypto-encap-decap.js
index c361fcc12e7b8b..38e24a7341713a 100644
--- a/test/parallel/test-crypto-encap-decap.js
+++ b/test/parallel/test-crypto-encap-decap.js
@@ -137,15 +137,11 @@ for (const [name, {
       publicKey: formatKeyAs(keyObjects.publicKey, { format: 'der', type: 'spki' }),
       privateKey: formatKeyAs(keyObjects.privateKey, { format: 'der', type: 'pkcs8' })
     },
-  ];
-
-  // TODO(@panva): ML-KEM does not have a JWK format defined yet, add once standardized
-  if (!keyObjects.privateKey.asymmetricKeyType.startsWith('ml')) {
-    keyPairs.push({
+    {
       publicKey: formatKeyAs(keyObjects.publicKey, { format: 'jwk' }),
       privateKey: formatKeyAs(keyObjects.privateKey, { format: 'jwk' })
-    });
-  }
+    },
+  ];
 
   if (raw) {
     const { asymmetricKeyType } = keyObjects.privateKey;
diff --git a/test/parallel/test-crypto-pqc-key-objects-ml-dsa.js b/test/parallel/test-crypto-pqc-key-objects-ml-dsa.js
index ddce614a56ea9b..413adf48686ede 100644
--- a/test/parallel/test-crypto-pqc-key-objects-ml-dsa.js
+++ b/test/parallel/test-crypto-pqc-key-objects-ml-dsa.js
@@ -26,6 +26,7 @@ for (const [asymmetricKeyType, pubLen] of [
     private: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private'), 'ascii'),
     private_seed_only: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private_seed_only'), 'ascii'),
     private_priv_only: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private_priv_only'), 'ascii'),
+    jwk: JSON.parse(fixtures.readKey(`${asymmetricKeyType}.json`)),
   };
 
   function assertJwk(jwk) {
@@ -79,10 +80,6 @@ for (const [asymmetricKeyType, pubLen] of [
     key.export({ format: 'der', type: 'pkcs8' });
     if (hasSeed) {
       assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private_seed_only);
-    } else {
-      assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private_priv_only);
-    }
-    if (hasSeed) {
       const jwk = key.export({ format: 'jwk' });
       assertPrivateJwk(jwk);
       assert.strictEqual(key.equals(createPrivateKey({ format: 'jwk', key: jwk })), true);
@@ -97,6 +94,7 @@ for (const [asymmetricKeyType, pubLen] of [
       });
       assert.strictEqual(importedPriv.equals(key), true);
     } else {
+      assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private_priv_only);
       assert.throws(() => key.export({ format: 'jwk' }),
                     { code: 'ERR_CRYPTO_OPERATION_FAILED', message: 'key does not have an available seed' });
     }
@@ -128,21 +126,12 @@ for (const [asymmetricKeyType, pubLen] of [
         assert.strictEqual(pubFromPriv.equals(publicKey), true);
       }
     }
-  }
-}
 
-{
-  const format = 'jwk';
-  const jwk = {
-    kty: 'AKP',
-    alg: 'ML-DSA-44',
-    priv: '9_uqvxH0WKJFgfLyse1a1des2bwPgsHctl_jCt5AfEo',
-    // eslint-disable-next-line @stylistic/js/max-len
-    pub: 'SXghXj9P-DJ5eznNa_zLJxRxpa0mt86WlIid0EVEv1qraLBkC1UKevSZrjtgo1QUEN0oa3tP-HyYj8Onnc1zEnxsSoeC5A-PgywKgYuZP581wGPS-cbA2-5acsg-YUi_9fDkLR5YOTQQ3Iu952K1m8w0QDIBxZjecm32HgkD56CCC6ZyBOwfx9qcNUeO0aImya1igzL2_LRsqomogl9OuduWhtussAavGlAK7ZR4_4lmyjWcdeIc-z--iy42biV5d_tnopfNTJFlycBKinZu3h0lr4-ldl6apGDIyvSdZulhgj_j6jgEX-AgQZgS93ctx680GvROkBL7YI_3iXW3REWzVgS9HLasagEi2h6-RYQ9RzgUTODbei5fNRj3bNSqr8IKTZ08DCsRasN61TGwE3F7meoauw2NYkV51mhTxIafwhLWJrRA4C09Y-afrOtqk6a7Fiy21ObP95TGujXwThuwQSjKcUzTdCbD94ERhleZLqnPYEpb6_Jcc1OBY3kUJvCjoUhXwbW6PhWr533JDEFHoNCkPfhHS7vVCUFx4mQASkPLBud5arFSZU1uDStuiftJXfnQTWaMoJeA1N6rywB3xwLH__lHZQwEh4KnuYVuCeOMU1t8inuHI4EpZ4iTi2LrL0Cl6HadpHv-GENYwuPDVq9qg2Mo75o1X6wpPSN1J5KUDAATyR_0hurg4A1DlVpVWtykP5YWEmx_g5w4MZfEVwH-JJjEhJRxLKajxrjfG4XlnwwxPTznr1k1Mb7getKbLSbiMA3fvAgl1IjBIB8eFaISauFPpLPSpKHCVZrQYPIKSxMVdlXHgwm3CRrkR29GevCM5iSwRHQK6_HWfIQIlJ8H7uVQqXkNMvNmFldnfi3dj-oY6wMhs1ffP4RAsb5UTljvhJc6GoygBL_b0rv4aKcywDF8wa2P6B8gGFl6cVvWBQmWLJ-HL5RR68J_OmvJUm3PD-wwX3YigStd6thdTNlHOZhl4ysn8ulkFY3Rz2jEBV_nO6EXBLdOmxn_yX77qQ9yPcE64uC8iDTFWpQU1gmOF38od96oYD-T-whVl1NLD2bOvFVdd4UmWpb3Ui8AYzKzFBHNczAogQfplFmr8VABsgtWk8hW8csam70NADWK54SZOPQHeiOt1Mb488OZiDpX0FifEnCac78C_5uEiOPa8FAHpgUJ_XeXg83doDsAvrE1ZkrgFDwzT5pUTLyqh9eI1PAQKCoKmAbofcZM65o_qGvmnpN8fGVudOoHb0_Dqu_E2RBbaLcxsIe5jWmGmth4sb_4ANLFCmtt8T8sDmOdcYtQmhpUzg6rjDqeU76yq6fC15bGjT6Qc-EAgrUftFVwLw2UIGAbHmeAyFbSuJiMaUDJeYoZ3zxoID_DRCP9kN3ty-EQMHM9BZgXlH9dJ8ZUCAeH59h4PinM5LQuiS_kvP1iyT1Be6sYglV2dB7W_AziOcrrBiLfjazbUUpwqLm4_Yt_QwYJrAWfYyFOxkKxkT5qi2c1RNGBtiYjv8X_TRJDg0uxX_Hbq0Pc7yYezFQdFYIlRAvJcnc8PiOfhWtQZpCIYKTskg_Y2UfVvjydXYcGuIA2700PzR9ga-1VR7mv9UOLHe2x4ALiOO7Iz6KgOfVYMJ9dIC7f4HY9nrnLdhfKw5dcIf7RDhDqrkPyz8LLTuAuO-hGSwoP35XFkf0FQ8f1Cg5J_k-S3S2dCj8DXIRLcEJ9Qb5zvDofIPSmNKlvwJkqplDLBWlAow'
-  };
+    // JWK import error tests
+    const format = 'jwk';
+    const jwk = keys.jwk;
 
-  if (hasOpenSSL(3, 5)) {
-    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: 'ml-dsa-44' } }),
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: asymmetricKeyType } }),
                   { code: 'ERR_CRYPTO_INVALID_JWK' });
     assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: undefined } }),
                   { code: 'ERR_CRYPTO_INVALID_JWK' });
@@ -153,10 +142,10 @@ for (const [asymmetricKeyType, pubLen] of [
     assert.throws(() => createPrivateKey({ format, key: { ...jwk, priv: Buffer.alloc(33).toString('base64url') } }),
                   { code: 'ERR_CRYPTO_INVALID_JWK' });
     // eslint-disable-next-line @stylistic/js/max-len
-    assert.throws(() => createPublicKey({ format, key: { kty: jwk.kty, alg: jwk.alg, pub: Buffer.alloc(1313).toString('base64url') } }),
+    assert.throws(() => createPublicKey({ format, key: { kty: jwk.kty, alg: jwk.alg, pub: Buffer.alloc(pubLen + 1).toString('base64url') } }),
                   { code: 'ERR_CRYPTO_INVALID_JWK' });
 
-    // Importing an ML-DSA private JWK where pub does not match priv should fail.
+    // Importing a private JWK where pub does not match priv should fail.
     assert.throws(
       () => createPrivateKey({
         format,
@@ -165,43 +154,8 @@ for (const [asymmetricKeyType, pubLen] of [
       { code: 'ERR_CRYPTO_INVALID_JWK' }
     );
 
-    assert.ok(createPrivateKey({ format, key: jwk }));
-    assert.ok(createPublicKey({ format, key: jwk }));
-
-    // Test vectors from ietf-cose-dilithium
-    {
-      for (const jwk of [
-        {
-          kty: 'AKP',
-          alg: 'ML-DSA-44',
-          // eslint-disable-next-line @stylistic/js/max-len
-          pub: 'unH59k4RuutY-pxvu24U5h8YZD2rSVtHU5qRZsoBmBMcRPgmu9VuNOVdteXi1zNIXjnqJg_GAAxepLqA00Vc3lO0bzRIKu39VFD8Lhuk8l0V-cFEJC-zm7UihxiQMMUEmOFxe3x1ixkKZ0jqmqP3rKryx8tSbtcXyfea64QhT6XNje2SoMP6FViBDxLHBQo2dwjRls0k5a-XSQSu2OTOiHLoaWsLe8pQ5FLNfTDqmkrawDEdZyxr3oSWJAsHQxRjcIiVzZuvwxYy1zl2STiP2vy_fTBaPemkleynQzqPg7oPCyXEE8bjnJbrfWkbNNN8438e6tHPIX4l7zTuzz98YPhLjt_d6EBdT4MldsYe-Y4KLyjaGHcAlTkk9oa5RhRwW89T0z_t1DSO3dvfKLUGXh8gd1BD6Fz5MfgpF5NjoafnQEqDjsAAhrCXY4b-Y3yYJEdX4_dp3dRGdHG_rWcPmgX4JG7lCnser4f8QGnDriqiAzJYEXeS8LzUngg_0bx0lqv_KcyU5IaLISFO0xZSU5mmEPvdSoDnyAcV8pV44qhLtAvd29n0ehG259oRihtljTWeiu9V60a1N2tbZVl5mEqSK-6_xZvNYA1TCdzNctvweH24unV7U3wer9XA9Q6kvJWDVJ4oKaQsKMrCSMlteBJMRxWbGK7ddUq6F7GdQw-3j2M-qdJvVKm9UPjY9rc1lPgol25-oJxTu7nxGlbJUH-4m5pevAN6NyZ6lfhbjWTKlxkrEKZvQXs_Yf6cpXEwpI_ZJeriq1UC1XHIpRkDwdOY9MH3an4RdDl2r9vGl_IwlKPNdh_5aF3jLgn7PCit1FNJAwC8fIncAXgAlgcXIpRXdfJk4bBiO89GGccSyDh2EgXYdpG3XvNgGWy7npuSoNTE7WIyblAk13UQuO4sdCbMIuriCdyfE73mvwj15xgb07RZRQtFGlFTmnFcIdZ90zDrWXDbANntv7KCKwNvoTuv64bY3HiGbj-NQ-U9eMylWVpvr4hrXcES8c9K3PqHWADZC0iIOvlzFv4VBoc_wVflcOrL_SIoaNFCNBAZZq-2v5lAgpJTqVOtqJ_HVraoSfcKy5g45p-qULunXj6Jwq21fobQiKubBKKOZwcJFyJD7F4ACKXOrz-HIvSHMCWW_9dVrRuCpJw0s0aVFbRqopDNhu446nqb4_EDYQM1tTHMozPd_jKxRRD0sH75X8ZoToxFSpLBDbtdWcenxj-zBf6IGWfZnmaetjKEBYJWC7QDQx1A91pJVJCEgieCkoIfTqkeQuePpIyu48g2FG3P1zjRF-kumhUTfSjo5qS0YiZQy0E1BMs6M11EvuxXRsHClLHoy5nLYI2Sj4zjVjYyxSHyPRPGGo9hwB34yWxzYNtPPGiqXS_dNCpi_zRZwRY4lCGrQ-hYTEWIK1Dm5OlttvC4_eiQ1dv63NiGkLRJ5kJA3bICN0fzCDY-MBqnd1cWn8YVBijVkgtaoascjL9EywDgJdeHnXK0eeOvUxHHhXJVkNqcibn8O4RQdpVU60TSA-uiu675ytIjcBHC6kTv8A8pmkj_4oypPd-F92YIJC741swkYQoeIHj8rE-ThcMUkF7KqC5VORbZTRp8HsZSqgiJcIPaouuxd1-8Rxrid3fXkE6p8bkrysPYoxWEJgh7ZFsRCPDWX-yTeJwFN0PKFP1j0F6YtlLfK5wv-c4F8ZQHA_-yc_gODicy7KmWDZgbTP07e7gEWzw4MFRrndjbDQ',
-          priv: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
-        },
-        {
-          kty: 'AKP',
-          alg: 'ML-DSA-65',
-          // eslint-disable-next-line @stylistic/js/max-len
-          pub: 'QksvJn5Y1bO0TXGs_Gpla7JpUNV8YdsciAvPof6rRD8JQquL2619cIq7w1YHj22ZolInH-YsdAkeuUr7m5JkxQqIjg3-2AzV-yy9NmfmDVOevkSTAhnNT67RXbs0VaJkgCufSbzkLudVD-_91GQqVa3mk4aKRgy-wD9PyZpOMLzP-opHXlOVOWZ067galJN1h4gPbb0nvxxPWp7kPN2LDlOzt_tJxzrfvC1PjFQwNSDCm_l-Ju5X2zQtlXyJOTZSLQlCtB2C7jdyoAVwrftUXBFDkisElvgmoKlwBks23fU0tfjhwc0LVWXqhGtFQx8GGBQ-zol3e7P2EXmtIClf4KbgYq5u7Lwu848qwaItyTt7EmM2IjxVth64wHlVQruy3GXnIurcaGb_qWg764qZmteoPl5uAWwuTDX292Sa071S7GfsHFxue5lydxIYvpVUu6dyfwuExEubCovYMfz_LJd5zNTKMMatdbBJg-Qd6JPuXznqc1UYC3CccEXCLTOgg_auB6EUdG0b_cy-5bkEOHm7Wi4SDipGNig_ShzUkkot5qSqPZnd2I9IqqToi_0ep2nYLBB3ny3teW21Qpccoom3aGPt5Zl7fpzhg7Q8zsJ4sQ2SuHRCzgQ1uxYlFx21VUtHAjnFDSoMOkGyo4gH2wcLR7-z59EPPNl51pljyNefgCnMSkjrBPyz1wiET-uqi23f8Bq2TVk1jmUFxOwdfLsU7SIS30WOzvwD_gMDexUFpMlEQyL1-Y36kaTLjEWGCi2tx1FTULttQx5JpryPW6lW5oKw5RMyGpfRliYCiRyQePYqipZGoxOHpvCWhCZIN4meDY7H0RxWWQEpiyCzRQgWkOtMViwao6Jb7wZWbLNMebwLJeQJXWunk-gTEeQaMykVJobwDUiX-E_E7fSybVRTZXherY1jrvZKh8C5Gi5VADg5Vs319uN8-dVILRyOOlvjjxclmsRcn6HEvTvxd9MS7lKm2gI8BXIqhzgnTdqNGwTpmDHPV8hygqJWxWXCltBSSgY6OkGkioMAmXjZjYq_Ya9o6AE7WU_hUdm-wZmQLExwtJWEIBdDxrUxA9L9JL3weNyQtaGItPjXcheZiNBBbJTUxXwIYLnXtT1M0mHzMqGFFWXVKsN_AIdHyv4yDzY9m-tuQRfbQ_2K7r5eDOL1Tj8DZ-s8yXG74MMBqOUvlglJNgNcbuPKLRPbSDoN0E3BYkfeDgiUrXy34a5-vU-PkAWCsgAh539wJUUBxqw90V1Du7eTHFKDJEMSFYwusbPhEX4ZTwoeTHg--8Ysn4HCFWLQ00pfBCteqvMvMflcWwVfTnogcPsJb1bEFVSc3nTzhk6Ln8J-MplyS0Y5mGBEtVko_WlyeFsoDCWj4hqrgU7L-ww8vsCRSQfskH8lodiLzj0xmugiKjWUXbYq98x1zSnB9dmPy5P3UNwwMQdpebtR38N9I-jup4Bzok0-JsaOe7EORZ8ld7kAgDWa4K7BAxjc2eD540Apwxs-VLGFVkXbQgYYeDNG2tW1Xt20-XezJqZVUl6-IZXsqc7DijwNInO3fT5o8ZAcLKUUlzSlEXe8sIlHaxjLoJ-oubRtlKKUbzWOHeyxmYZSxYqQhSQj4sheedGXJEYWJ-Y5DRqB-xpy-cftxL10fdXIUhe1hWFBAoQU3b5xRY8KCytYnfLhsFF4O49xhnax3vuumLpJbCqTXpLureoKg5PvWfnpFPB0P-ZWQN35mBzqbb3ZV6U0rU55DvyXTuiZOK2Z1TxbaAd1OZMmg0cpuzewgueV-Nh_UubIqNto5RXCd7vqgqdXDUKAiWyYegYIkD4wbGMqIjxV8Oo2ggOcSj9UQPS1rD5u0rLckAzsxyty9Q5JsmKa0w8Eh7Jwe4Yob4xPVWWbJfm916avRgzDxXo5gmY7txdGFYHhlolJKdhBU9h6f0gtKEtbiUzhp4IWsqAR8riHQs7lLVEz6P537a4kL1r5FjfDf_yjJDBQmy_kdWMDqaNln-MlKK8eENjUO-qZGy0Ql4bMZtNbHXjfJUuSzapA-RqYfkqSLKgQUOW8NTDKhUk73yqCU3TQqDEKaGAoTsPscyMm7u_8QrvUK8kbc-XnxrWZ0BZJBjdinzh2w-QvjbWQ5mqFp4OMgY94__tIU8vvCUNJiYA1RdyodlfPfH5-avpxOCvBD6C7ZIDyQ-6huGEQEAb6DP8ydWIZQ8xY603DoEKKXkJWcP6CJo3nHFEdj_vcEbDQ-WESDpcQFa1fRIiGuALj-sEWcjGdSHyE8QATOcuWl4TLVzRPKAf4tCXx1zyvhJbXQu0jf0yfzVpOhPun4n-xqK4SxPBCeuJOkQ2VG9jDXWH4pnjbAcrqjveJqVti7huMXTLGuqU2uoihBw6mGqu_WSlOP2-XTEyRyvxbv2t-z9V6GPt1V9ceBukA0oGwtJqgD-q7NXFK8zhw7desI5PZMXf3nuVgbJ3xdvAlzkmm5f9RoqQS6_hqwPQEcclq1MEZ3yML5hc99TDtZWy9gGkhR0Hs3QJxxgP7bEqGFP-HjTPnJsrGaT6TjKP7qCxJlcFKLUr5AU_kxMULeUysWWtSGJ9mpxBvsyW1Juo',
-          priv: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
-        },
-        {
-          kty: 'AKP',
-          alg: 'ML-DSA-87',
-          // eslint-disable-next-line @stylistic/js/max-len
-          pub: '5F_8jMc9uIXcZi5ioYzY44AylxF_pWWIFKmFtf8dt7Roz8gruSnx2Gt37RT1rhamU2h3LOUZEkEBBeBFaXWukf22Q7US8STV5gvWi4x-Mf4Bx7DcZa5HBQHMVlpuHfz8_RJWVDPEr-3VEYIeLpYQxFJ14oNt7jXO1p1--mcv0eQxi-9etuiX6LRRqiAt7QQrKq73envj9pkUbaIpqL2z_6SWRFln51IXv7yQSPmVZEPYcx-DPrMN4Q2slv_-fPZeoERcPjHoYB4TO-ahAHZP4xluJncmRB8xdR-_mm9YgGRPTnJ15X3isPEF5NsFXVDdHJyTT931NbjeKLDHTARJ8iLNLtC7j7x3XM7oyUBmW0D3EvT34AdQ6eHkzZz_JdGUXD6bylPM1PEu7nWBhW69aPJoRZVuPnvrdh8P51vdMb_i-gGBEzl7OHvVnWKmi4r3-iRauTLmn3eOLO79ITBPu4CZ6hPY6lfBgTGXovda4lEHW1Ha04-FNmnp1fmKNlUJiUGZOhWUhg-6cf5TDuXCn1jyl4r2iMy3Wlg4o1nBEumOJahYOsjawfhh_Vjir7pd5aUuAgkE9bQrwIdONb788-YRloR2jzbgCPBHEhd86-YnYHOB5W6q7hYcFym43lHb3kdNSMxoJJ6icWK4eZPmDITtbMZCPLNnbZ61CyyrWjoEnvExOB1iP6b7y8nbHnzAJeoEGLna0sxszU6V-izsJP7spwMYp1Fxa3IT9j7b9lpjM4NX-Dj5TsBxgiwkhRJIiFEHs9HE6SRnjHYU6hrwOBBGGfKuNylAvs-mninLtf9sPiCke-Sk90usNMEzwApqcGrMxv_T2OT71pqZcE4Sg8hQ2MWNHldTzZWHuDxMNGy5pYE3IT7BCDTGat_iu1xQGo7y7K3Rtnej3xpt64br8HIsT1Aw4g-QGN1bb8U-6iT9kre1tAJf6umW0-SP1MZQ2C261-r5NmOWmFEvJiU9LvaEfIUY6FZcyaVJXG__V83nMjiCxUp9tHCrLa-P_Sv3lPp8aS2ef71TLuzB14gOLKCzIWEovii0qfHRUfrJeAiwvZi3tDphKprIZYEr_qxvR0YCd4QLUqOwh_kWynztwPdo6ivRnqIRVfhLSgTEAArSrgWHFU1WC8Ckd6T5MpqJhN0x6x8qBePZGHAdYwz8qa9h7wiNLFWBrLRj5DmQLl1CVxnpVrjW33MFso4P8n060N4ghdKSSZsZozkNQ5b7O6yajYy-rSp6QpD8msb8oEX5imFKRaOcviQ2D4TRT45HJxKs63Tb9FtT1JoORzfkdv_E1bL3zSR6oYbTt2Stnpz-7kVqc8KR2N45EkFKxDkRw3IXOte0cq81xoU87S_ntf4KiVZaszuqb2XN2SgxnXBl4EDnpehPmqkD92SAlLrQcTaxaSe47G28K-8MwoVt4eeVkj4UEsSfJN7rbCH2yKl2XJx5huDaS0xn2ODQyNRmgk-5I9hXMUiZDNLvEzx4zuyrcu2d0oXFo3ZoUtVFNCB__TQCf2x27ej9GjLXLDAEi7qnl9Xfb94n0IfeVyGte3-j6NP3DWv8OrLiUjNTaLv6Fay1yzfUaU6LI86-Jd6ckloiGhg7kE0_hd-ZKakZxU1vh0Vzc6DW7MFAPky75iCZlDXoBpZjTNGo5HR-mCW_ozblu60U9zZA8bn-voANuu_hYwxh-uY1sHTFZOqp2xicnnMChz_GTm1Je8XCkICYegeiHUryEHA6T6B_L9gW8S_R4ptMD0Sv6b1KHqqKeubwKltCWPUsr2En9iYypnz06DEL5Wp8KMhrLid2AMPpLI0j1CWGJExXHpBWjfIC8vbYH4YKVl-euRo8eDcuKosb5hxUGM9Jvy1siVXUpIKpkZt2YLP5pEBP_EVOoHPh5LJomrLMpORr1wBKbEkfom7npX1g817bK4IeYmZELI8zXUUtUkx3LgNTckwjx90Vt6oVXpFEICIUDF_LAVMUftzz6JUvbwOZo8iAZqcnVslAmRXeY_ZPp5eEHFfHlsb8VQ73Rd_p8XlFf5R1WuWiUGp2TzJ-VQvj3BTdQfOwSxR9RUk4xjqNabLqTFcQ7As246bHJXH6XVnd4DbEIDPfNa8FaWb_DNEgQAiXGqa6n7l7aFq5_6Kp0XeBBM0sOzJt4fy8JC6U0DEcMnWxKFDtMM7q06LubQYFCEEdQ5b1Qh2LbQZ898tegmeF--EZ4F4hvYebZPV8sM0ZcsKBXyCr585qs00PRxr0S6rReekGRBIvXzMojmid3dxc6DPpdV3x5zxlxaIBxO3i_6axknSSdxnS04_bemWqQ3CLf6mpSqfTIQJT1407GB4QINAAC9Ch3AXUR_n1jr64TGWzbIr8uDcnoVCJlOgmlXpmOwubigAzJattbWRi7k4QYBnA3_4QMjt73n2Co4-F_Qh4boYLpmwWG2SwcIw2PeXGr2LY2zwkPR4bcSyx1Z6UK5trQpWlpQCxgsvV_RvGzpN22RtHoihPH74K0cBIzCz7tK-jqeuWl1A7af7KmQ66fpRBr5ykTLOsa17WblkcIB_jDvqKfEcdxhPWJUwmOo4TIQS-xH8arLOy_NQFG2m14_yxwUemXC-QxLUYi6_FIcqwPBKjCdpQtadRdyftQSKO0SP-GxUvamMZzWI780rXuOBkq5kyYLy9QF9bf_-bL6QLpe1WMCQlOeXZaCPoncgYoT0WZ17jB52Xb2lPWsyXYK54npszkbKJ4OIqfvF8xqRXcVe22VwJuqT9Uy4-4KKQgQ7TXla7Gdm2H7mKl8YXQlsGCT2Ypc8O4t0Sfw7qYAuaDGf752Hbm3fl1bupcB2huIPlIaDP6IRR9XvTYIW2flbwYfhKLmoVKnG85uUi2qtqCjPOIuU3-peT0othfmwKQXaoOqO-V4r6wPL1VHxVFtIYmEdVt0RccUOvpOVR_OAHG9uHOzTmueK5557Qxp0ojtZCHyN-hgoMZJLrvdKkTCxPNo2-mZQbHoVh2FnThZ9JbO49dB8lKXP4_MU5xAnjXMgKXtbfI8w6ZWATE_XWgf2VQMUpGp4wpy44yWQTxHxh_4T9540BGwG0FU0bkgrwA_erseGZnepqdmz5_ScCs84O5Xr5MbYhJLCGGxY6O5GqS-ooB2w0Mt87KbbE4bpYje9CAHH8FX3pDrJyLsyasA3zxmk4OmGpG7Z70ofONJtHRe56R5287vFmuazEEutXn81kNzB-3aJT1ga3vnWZw4CSvFKoWYSA7auLgrHSHFZdITfOrgtmQmGbFhM9kSBdY1UCnpzf65oos3PZWRa2twfUxxLAnPNtrxpRGyvtsapw7ljUagZmuyh3hLCjhAxYmnoE1dbyIWvpCqSlEtVjL1yb_nuLEzgvmZuV02fHxGuWgHTOMVGXpf81Rce3eoBK3lapW1wkzezlk3tcA2bZOtA9qbxdsbVR37kemzQ9K1e3Y0OWhtSj',
-          priv: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
-        },
-      ]) {
-        assert.partialDeepStrictEqual(jwk, createPublicKey({ format, key: jwk }).export({ format: 'jwk' }));
-        assert.deepStrictEqual(createPrivateKey({ format, key: jwk }).export({ format: 'jwk' }), jwk);
-      }
-
-    }
-  } else {
-    assert.throws(() => createPrivateKey({ format, key: jwk }),
-                  { code: 'ERR_INVALID_ARG_VALUE', message: /Unsupported key type/ });
-    assert.throws(() => createPublicKey({ format, key: jwk }),
-                  { code: 'ERR_INVALID_ARG_VALUE', message: /Unsupported key type/ });
+    // JWK round-trip
+    assert.partialDeepStrictEqual(jwk, createPublicKey({ format, key: jwk }).export({ format }));
+    assert.deepStrictEqual(createPrivateKey({ format, key: jwk }).export({ format }), jwk);
   }
 }
diff --git a/test/parallel/test-crypto-pqc-key-objects-ml-kem.js b/test/parallel/test-crypto-pqc-key-objects-ml-kem.js
index 0f4b226604c965..0c344ed100c2da 100644
--- a/test/parallel/test-crypto-pqc-key-objects-ml-kem.js
+++ b/test/parallel/test-crypto-pqc-key-objects-ml-kem.js
@@ -18,14 +18,35 @@ function getKeyFileName(type, suffix) {
   return `${type.replaceAll('-', '_')}_${suffix}.pem`;
 }
 
-for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
+for (const [asymmetricKeyType, pubLen] of [
+  ['ml-kem-512', 800], ['ml-kem-768', 1184], ['ml-kem-1024', 1568],
+]) {
   const keys = {
     public: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'public'), 'ascii'),
     private: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private'), 'ascii'),
     private_seed_only: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private_seed_only'), 'ascii'),
     private_priv_only: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private_priv_only'), 'ascii'),
+    jwk: JSON.parse(fixtures.readKey(`${asymmetricKeyType}.json`)),
   };
 
+  function assertJwk(jwk) {
+    assert.strictEqual(jwk.kty, 'AKP');
+    assert.strictEqual(jwk.alg, asymmetricKeyType.toUpperCase());
+    assert.ok(jwk.pub);
+    assert.strictEqual(Buffer.from(jwk.pub, 'base64url').byteLength, pubLen);
+  }
+
+  function assertPublicJwk(jwk) {
+    assertJwk(jwk);
+    assert.ok(!jwk.priv);
+  }
+
+  function assertPrivateJwk(jwk) {
+    assertJwk(jwk);
+    assert.ok(jwk.priv);
+    assert.strictEqual(Buffer.from(jwk.priv, 'base64url').byteLength, 64);
+  }
+
   function assertKey(key) {
     assert.deepStrictEqual(key.asymmetricKeyDetails, {});
     assert.strictEqual(key.asymmetricKeyType, asymmetricKeyType);
@@ -38,12 +59,14 @@ for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
     assert.strictEqual(key.type, 'public');
     assert.strictEqual(key.export({ format: 'pem', type: 'spki' }), keys.public);
     key.export({ format: 'der', type: 'spki' });
-    assert.throws(() => key.export({ format: 'jwk' }),
-                  { code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE', message: 'Unsupported JWK Key Type.' });
+    const jwk = key.export({ format: 'jwk' });
+    assertPublicJwk(jwk);
+    assert.strictEqual(key.equals(createPublicKey({ format: 'jwk', key: jwk })), true);
 
     // Raw format round-trip
     const rawPub = key.export({ format: 'raw-public' });
     assert(Buffer.isBuffer(rawPub));
+    assert.strictEqual(rawPub.byteLength, pubLen);
     const importedPub = createPublicKey({
       key: rawPub, format: 'raw-public', asymmetricKeyType,
     });
@@ -57,19 +80,24 @@ for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
     key.export({ format: 'der', type: 'pkcs8' });
     if (hasSeed) {
       assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private_seed_only);
+      const jwk = key.export({ format: 'jwk' });
+      assertPrivateJwk(jwk);
+      assert.strictEqual(key.equals(createPrivateKey({ format: 'jwk', key: jwk })), true);
+      assert.ok(createPublicKey({ format: 'jwk', key: jwk }));
 
       // Raw seed round-trip
       const rawSeed = key.export({ format: 'raw-seed' });
       assert(Buffer.isBuffer(rawSeed));
+      assert.strictEqual(rawSeed.byteLength, 64);
       const importedPriv = createPrivateKey({
         key: rawSeed, format: 'raw-seed', asymmetricKeyType,
       });
       assert.strictEqual(importedPriv.equals(key), true);
     } else {
       assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private_priv_only);
+      assert.throws(() => key.export({ format: 'jwk' }),
+                    { code: 'ERR_CRYPTO_OPERATION_FAILED', message: 'key does not have an available seed' });
     }
-    assert.throws(() => key.export({ format: 'jwk' }),
-                  { code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE', message: 'Unsupported JWK Key Type.' });
   }
 
   if (!hasOpenSSL(3, 5)) {
@@ -98,5 +126,36 @@ for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
         assert.strictEqual(pubFromPriv.equals(publicKey), true);
       }
     }
+
+    // JWK import error tests
+    const format = 'jwk';
+    const jwk = keys.jwk;
+
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: asymmetricKeyType } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, pub: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, priv: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK', message: /JWK does not contain private key material/ });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, priv: Buffer.alloc(65).toString('base64url') } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    // eslint-disable-next-line @stylistic/js/max-len
+    assert.throws(() => createPublicKey({ format, key: { kty: jwk.kty, alg: jwk.alg, pub: Buffer.alloc(pubLen + 1).toString('base64url') } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+
+    // Importing a private JWK where pub does not match priv should fail.
+    assert.throws(
+      () => createPrivateKey({
+        format,
+        key: { ...jwk, pub: `${jwk.pub[0] === 'A' ? 'B' : 'A'}${jwk.pub.slice(1)}` },
+      }),
+      { code: 'ERR_CRYPTO_INVALID_JWK' }
+    );
+
+    // JWK round-trip
+    assert.partialDeepStrictEqual(jwk, createPublicKey({ format, key: jwk }).export({ format }));
+    assert.deepStrictEqual(createPrivateKey({ format, key: jwk }).export({ format }), jwk);
   }
 }
diff --git a/test/parallel/test-crypto-pqc-key-objects-slh-dsa.js b/test/parallel/test-crypto-pqc-key-objects-slh-dsa.js
index fdae27f2da797f..98af15dc795f8b 100644
--- a/test/parallel/test-crypto-pqc-key-objects-slh-dsa.js
+++ b/test/parallel/test-crypto-pqc-key-objects-slh-dsa.js
@@ -26,8 +26,28 @@ for (const asymmetricKeyType of [
   const keys = {
     public: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'public'), 'ascii'),
     private: fixtures.readKey(getKeyFileName(asymmetricKeyType, 'private'), 'ascii'),
+    jwk: JSON.parse(fixtures.readKey(`${asymmetricKeyType}.json`)),
   };
 
+  function assertJwk(jwk) {
+    assert.strictEqual(jwk.kty, 'AKP');
+    // SLH-DSA algorithm names keep the last character (f/s) lowercase.
+    const expectedAlg = asymmetricKeyType.slice(0, -1).toUpperCase() +
+                        asymmetricKeyType.slice(-1);
+    assert.strictEqual(jwk.alg, expectedAlg);
+    assert.ok(jwk.pub);
+  }
+
+  function assertPublicJwk(jwk) {
+    assertJwk(jwk);
+    assert.ok(!jwk.priv);
+  }
+
+  function assertPrivateJwk(jwk) {
+    assertJwk(jwk);
+    assert.ok(jwk.priv);
+  }
+
   function assertKey(key) {
     assert.deepStrictEqual(key.asymmetricKeyDetails, {});
     assert.strictEqual(key.asymmetricKeyType, asymmetricKeyType);
@@ -40,8 +60,9 @@ for (const asymmetricKeyType of [
     assert.strictEqual(key.type, 'public');
     assert.strictEqual(key.export({ format: 'pem', type: 'spki' }), keys.public);
     key.export({ format: 'der', type: 'spki' });
-    assert.throws(() => key.export({ format: 'jwk' }),
-                  { code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE', message: 'Unsupported JWK Key Type.' });
+    const jwk = key.export({ format: 'jwk' });
+    assertPublicJwk(jwk);
+    assert.strictEqual(key.equals(createPublicKey({ format: 'jwk', key: jwk })), true);
 
     // Raw format round-trip
     const rawPub = key.export({ format: 'raw-public' });
@@ -58,8 +79,10 @@ for (const asymmetricKeyType of [
     assertPublicKey(createPublicKey(key));
     key.export({ format: 'der', type: 'pkcs8' });
     assert.strictEqual(key.export({ format: 'pem', type: 'pkcs8' }), keys.private);
-    assert.throws(() => key.export({ format: 'jwk' }),
-                  { code: 'ERR_CRYPTO_JWK_UNSUPPORTED_KEY_TYPE', message: 'Unsupported JWK Key Type.' });
+    const jwk = key.export({ format: 'jwk' });
+    assertPrivateJwk(jwk);
+    assert.strictEqual(key.equals(createPrivateKey({ format: 'jwk', key: jwk })), true);
+    assert.ok(createPublicKey({ format: 'jwk', key: jwk }));
 
     // Raw format round-trip
     const rawPriv = key.export({ format: 'raw-private' });
@@ -86,5 +109,36 @@ for (const asymmetricKeyType of [
     assertPublicKey(pubFromPriv);
     assertPrivateKey(createPrivateKey(keys.private));
     assert.strictEqual(pubFromPriv.equals(publicKey), true);
+
+    // JWK import error tests
+    const format = 'jwk';
+    const jwk = keys.jwk;
+
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: asymmetricKeyType } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, alg: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, pub: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, priv: undefined } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK', message: /JWK does not contain private key material/ });
+    assert.throws(() => createPrivateKey({ format, key: { ...jwk, priv: Buffer.alloc(1).toString('base64url') } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+    // eslint-disable-next-line @stylistic/js/max-len
+    assert.throws(() => createPublicKey({ format, key: { kty: jwk.kty, alg: jwk.alg, pub: Buffer.alloc(1).toString('base64url') } }),
+                  { code: 'ERR_CRYPTO_INVALID_JWK' });
+
+    // Importing a private JWK where pub does not match priv should fail.
+    assert.throws(
+      () => createPrivateKey({
+        format,
+        key: { ...jwk, pub: `${jwk.pub[0] === 'A' ? 'B' : 'A'}${jwk.pub.slice(1)}` },
+      }),
+      { code: 'ERR_CRYPTO_INVALID_JWK' }
+    );
+
+    // JWK round-trip
+    assert.partialDeepStrictEqual(jwk, createPublicKey({ format, key: jwk }).export({ format }));
+    assert.deepStrictEqual(createPrivateKey({ format, key: jwk }).export({ format }), jwk);
   }
 }
diff --git a/test/parallel/test-crypto-pqc-keygen-ml-kem.js b/test/parallel/test-crypto-pqc-keygen-ml-kem.js
index adb5fcb56ce6ef..ea3ac9f4dde137 100644
--- a/test/parallel/test-crypto-pqc-keygen-ml-kem.js
+++ b/test/parallel/test-crypto-pqc-keygen-ml-kem.js
@@ -20,6 +20,23 @@ if (!hasOpenSSL(3, 5)) {
   }
 } else {
   for (const asymmetricKeyType of ['ml-kem-512', 'ml-kem-768', 'ml-kem-1024']) {
+
+    function assertJwk(jwk) {
+      assert.strictEqual(jwk.kty, 'AKP');
+      assert.strictEqual(jwk.alg, asymmetricKeyType.toUpperCase());
+      assert.ok(jwk.pub);
+    }
+
+    function assertPublicJwk(jwk) {
+      assertJwk(jwk);
+      assert.ok(!jwk.priv);
+    }
+
+    function assertPrivateJwk(jwk) {
+      assertJwk(jwk);
+      assert.ok(jwk.priv);
+    }
+
     for (const [publicKeyEncoding, validate] of [
       /* eslint-disable node-core/must-call-assert */
       [undefined, (publicKey) => {
@@ -27,6 +44,7 @@ if (!hasOpenSSL(3, 5)) {
         assert.strictEqual(publicKey.asymmetricKeyType, asymmetricKeyType);
         assert.deepStrictEqual(publicKey.asymmetricKeyDetails, {});
       }],
+      [{ format: 'jwk' }, (publicKey) => assertPublicJwk(publicKey)],
       [{ format: 'pem', type: 'spki' }, (publicKey) => assert.strictEqual(typeof publicKey, 'string')],
       [{ format: 'der', type: 'spki' }, (publicKey) => assert.strictEqual(Buffer.isBuffer(publicKey), true)],
       /* eslint-enable node-core/must-call-assert */
@@ -40,6 +58,7 @@ if (!hasOpenSSL(3, 5)) {
         assert.strictEqual(privateKey.asymmetricKeyType, asymmetricKeyType);
         assert.deepStrictEqual(privateKey.asymmetricKeyDetails, {});
       }],
+      [{ format: 'jwk' }, (_, privateKey) => assertPrivateJwk(privateKey)],
       [{ format: 'pem', type: 'pkcs8' }, (_, privateKey) => assert.strictEqual(typeof privateKey, 'string')],
       [{ format: 'der', type: 'pkcs8' }, (_, privateKey) => assert.strictEqual(Buffer.isBuffer(privateKey), true)],
       /* eslint-enable node-core/must-call-assert */
diff --git a/test/parallel/test-crypto-pqc-keygen-slh-dsa.js b/test/parallel/test-crypto-pqc-keygen-slh-dsa.js
index 6b741e37f0cc11..a8e480818cd134 100644
--- a/test/parallel/test-crypto-pqc-keygen-slh-dsa.js
+++ b/test/parallel/test-crypto-pqc-keygen-slh-dsa.js
@@ -28,6 +28,26 @@ if (!hasOpenSSL(3, 5)) {
     'slh-dsa-sha2-256f', 'slh-dsa-sha2-256s', 'slh-dsa-shake-128f', 'slh-dsa-shake-128s',
     'slh-dsa-shake-192f', 'slh-dsa-shake-192s', 'slh-dsa-shake-256f', 'slh-dsa-shake-256s',
   ]) {
+
+    function assertJwk(jwk) {
+      assert.strictEqual(jwk.kty, 'AKP');
+      // SLH-DSA algorithm names keep the last character (f/s) lowercase.
+      const expectedAlg = asymmetricKeyType.slice(0, -1).toUpperCase() +
+                          asymmetricKeyType.slice(-1);
+      assert.strictEqual(jwk.alg, expectedAlg);
+      assert.ok(jwk.pub);
+    }
+
+    function assertPublicJwk(jwk) {
+      assertJwk(jwk);
+      assert.ok(!jwk.priv);
+    }
+
+    function assertPrivateJwk(jwk) {
+      assertJwk(jwk);
+      assert.ok(jwk.priv);
+    }
+
     for (const [publicKeyEncoding, validate] of [
       /* eslint-disable node-core/must-call-assert */
       [undefined, (publicKey) => {
@@ -35,6 +55,7 @@ if (!hasOpenSSL(3, 5)) {
         assert.strictEqual(publicKey.asymmetricKeyType, asymmetricKeyType);
         assert.deepStrictEqual(publicKey.asymmetricKeyDetails, {});
       }],
+      [{ format: 'jwk' }, (publicKey) => assertPublicJwk(publicKey)],
       [{ format: 'pem', type: 'spki' }, (publicKey) => assert.strictEqual(typeof publicKey, 'string')],
       [{ format: 'der', type: 'spki' }, (publicKey) => assert.strictEqual(Buffer.isBuffer(publicKey), true)],
     ]) {
@@ -46,6 +67,7 @@ if (!hasOpenSSL(3, 5)) {
         assert.strictEqual(privateKey.asymmetricKeyType, asymmetricKeyType);
         assert.deepStrictEqual(privateKey.asymmetricKeyDetails, {});
       }],
+      [{ format: 'jwk' }, (_, privateKey) => assertPrivateJwk(privateKey)],
       [{ format: 'pem', type: 'pkcs8' }, (_, privateKey) => assert.strictEqual(typeof privateKey, 'string')],
       [{ format: 'der', type: 'pkcs8' }, (_, privateKey) => assert.strictEqual(Buffer.isBuffer(privateKey), true)],
       /* eslint-enable node-core/must-call-assert */
diff --git a/test/parallel/test-webcrypto-export-import-ml-dsa.js b/test/parallel/test-webcrypto-export-import-ml-dsa.js
index f522b2cd5066e7..7030c452003c63 100644
--- a/test/parallel/test-webcrypto-export-import-ml-dsa.js
+++ b/test/parallel/test-webcrypto-export-import-ml-dsa.js
@@ -25,46 +25,18 @@ function toDer(pem) {
   return Buffer.alloc(Buffer.byteLength(der, 'base64'), der, 'base64');
 }
 
-/* eslint-disable @stylistic/js/max-len */
-const keyData = {
-  'ML-DSA-44': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-44', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-dsa-44', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-44', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-dsa-44', 'public'), 'ascii')),
-    jwk: {
-      kty: 'AKP',
-      alg: 'ML-DSA-44',
-      pub: 'fYmD1Rx_jkoW9KG7Bs_5zyYEiWEZs15tYBxNdKq9NircZnvZBwwwaGbj0UsxJNc4Dyfp2IFAZZPO3rFCSUdpXHPrGRHwIVMzwiwfu2V7V02xoheW4mrkPThA3JRJSmNdsx6YGu37MaeJkIk6AlUexo46JfGrkRXZp_IyZxiL_L2dPrfwx-32j7WFI5sBadp7cDWfNkJjdQwW4puTe5Rw7h16GHb-DMOAKpfeMHujh7IYHuLCU6lVi90j1m8Ru0dxdmeQ1eY1vDnO7fNQKfzOLhpUNnj7BBZ24GTqFc-SN5HDCSCsSGKScTYYBwiSVTdSGG1GNqIiN2FgE4z1Jj6JFVB_OIUnl4sKbb3m8kB0BwtUPbkC0FVokGRUEGt6ba1Pc_IMpB5Gs3g9PFREI_C9o1yVW3NS2PzH_Vk4Tpf0N1K1kzIK_3IqekLfyqXmVDNsOovsS7Sw9TdmdWUNGRmhXFKRkex5VjpMIx7OwBGsYJCc4FhauWdrVtbkvHGggSpsla73ZcA4Vzh7aq47LMv0KS2YLp-DMn7SEohPHGg74118eLLn88yptxwtwt1dBFj8BKUfPrytuN1EIRQy34hwbkBLN9wDqhgn3Z3fvksRvmgN_4ZQ8YjeD-H3OFh5WJ_Rd66wHSl-YFat-_JF4UPcdlkNUbxPvDi5VL909Pe3VlwEZhT5otdtXQX4U3dUfqWKEh2kN0Q2lo8wbf3OMmBOFTfyX0eYa_5088ZnJvvliefn-TCDyc6WlcZrNqwBOF8N8-IN3b_8RPq-RuV8-mK-M83Hi4ElQB7Z44eZMmfUwFrozEG4Wq2K6MwQ_edG4dWeUVMCloTpGDFOtlLQlDoAN4m_sS2Lbwm_3ra29noUcK8_j10yy-hENE2Yluh1pIL-GoWZj3uYO-rEKVbszaagdE0DJ_uQcHUdNnBHKn64-cQ6xihXzxaeHx9OxkWWMKbzLtKpuYDK_X7EVvm8YTjl_oTsr2SWT2usjNJko32DhRV-OXLKKHo5FJpCy2bGFLXGG26CglUvgZQ2dyXiWeGVNKffOv1cQ5R_RlU2MpLiZ1bigy9hh4lu_XAHLfjQfhf71jeMuF4nEBWV-YOAjDTaDB2hcGqv_XcGXcmLWHqOWgc5Mb6lkb2zYs_oyOskmyFx6C0P7UrV8kCiN4zbuTqZNdNjlWL_QJUmU3vk6CpNa0XN1M3sLjZpOEsaqgRVPLcIDH-juVhyWiymuxe-8yNCOFSKxhscew08EQ9DEckP_iIA8qU2gcreHtvAS5VA5Emz1K2ypYe6oS3ogP-CX4nOAEfvjsb1HHJoclgiwjL1BtCLFgOE-0vn1M-nVOE6WbHGHoNKMJMHP2a3HQC7DmDfSOw5P6Cj5X7QVqhCY6tAGZWEPu3hUssp7K5UJePEdBn_LrErt4ucyXW6y1PAA2Fn8EuHaRyf2ggibDGnzq8E15m_R4LMvZAuGR0bN9jBTlm_x4ZQMqFwKkIdllkN1QTErazOyNsgU6fhA_20h5EIYT6-LqXr_Otj3Kp8MkJB9c3XNGoo5sbHTQCt0VNOHoxCFP_swiAJLtm743eOsI1M6naWLIqPagSCioosAvJYowypJQGvM-N3hBu8KUr0f911KRN7WqTAXTOHZ_vvTqcWKet0dFdh1EHuP3TrU8hSMciaphGvuK93T3gaWuJ6lcCkQndWvEo9S6FQB7eLU_ALKOQ3ROybUUkXgfyTkWDPxbHdeJCgMRv6Ig1PShPyxYb4ig',
-      priv: '273AhMPiZWLlSQCY41yi1fMj6xavGH0btB23zMhI1uY',
-    },
-  },
-  'ML-DSA-65': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-65', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-dsa-65', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-65', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-dsa-65', 'public'), 'ascii')),
-    jwk: {
-      kty: 'AKP',
-      alg: 'ML-DSA-65',
-      pub: 'hxPP5LvG83t2fJyfA1TUssJK_ydrzryrCHGZuKFxmnl5Y3sxHRCPW_JpHEoiIgR6kgELnwibZnueax1zFerTOTA7o0NwXHFiaEB-8AmqJI93DkvtbUOSTCixa3admQBKW_PtgMCVtaEVuuvCuOEFhOyuZkyfvnpBwUKOkz3t-O1wpgrSmf-rdPXOEv8YcsSn-xfLYPSLzPCnt7gnIX_fwtkgnXjref-QqjFKlKZE2e7MkmHeViJ4iGy78r3UzVhBHsmFGC0ZNc8-iT3muH5Sn0SXmNq-F2EoerWLIAsPxL2KE6UrqPAwTbHn1B5sAGWvhsVVLlFPI1s1JLVLBNRJ5vhif525xNIpMAMuAZrteD827pve3zQo9_GHjWgykj9VzM9PEcVmVqxZ5u41kUXsM4PWZF29Oh2sYsmJ2LdiJ9RcA91vRLG2DqEYm-V5JwIz8uxL17DUsEC7zYthvtqGASq05CbfPTBev33rQUv4H0Etz99U89WooTk0FisHDz1uEUilU_VY1tN5byIDitXNf0jnz3SIHDUUZARn7ll0YwO0jtksT68sQW3Liy6Exhlp1td0so2qZUrbVZasjyCOVuibwbwvrdpP3QRsoG5UqkAqk8Rm2iCpdQSg87pswOscgA8AC8TczGHNfXc9PqzAmbsEPKvmZuE60HLGzqpRqFULf3nyYUQUqbdmKJsKQ29LXeDVbyy3-fkTUDuYqNC2tBY7PkzHJSA9Z4hDC_BHEFxcelibScSNyf7y4lDVWnuJMXpQ0WRh3UkUPa007IerhixwxvBvFXQR-ytYinixvjirlcEF1wQI1DzE8KjOXYYuFPS4Yl8HeZHQ-64Q0RuxlKIRP3YvjZWh4IDVvEVs5ZLzZPbE3Twe0N5a7iCu0BzZWTeHNbcMoViFyJTpec2w3vVHeI4PJB-5HeI8xuh-9y8ytTau8QtMe4thoROoajizDQLrkw3e6ryJJ3R84i0oni4vmZWyLDilwcLqPOkQJCIDMjq7exdmVX5t3DtAW4F6Coz0z3sf7tGlSMVxA7izCoVbG0y2_l1P2h7fWBuEPT7PWlMdPqu9Pj5jqXY6jJ0nkaR_pp7dDhO1HKae5edcBYunHZqVQQjRZ_DvKzbPrDk5t6Xq9fdSkiAeP3B4qn5uU-nx7OaX7DRoVEnbbiEDynIRPSEY-Ts3alPJtBv8zuzaGNyX05Z9MyZ0w-VlC-WxOBdVEsIAp_4uJ3kQ3UsfE9DLJH8WPuDI4t4i2VnNNyFlI0XSUocc_0rWgqp2I1UzSzkVbklwkuFywPI645u4G2XAlfdd_wpjFGC-IUPXgpeSfspPwW15sBP-ITS-gwtvfzQVLpRS0euzN97xo_GMhNPZ4bW-YyZt8z_R8bsQ8ktfoP-5RUV-yzYDt0tA01QJsZdBLf5J_H7qP8l4c8V4hPe_CFL032obbxmAnVPAP69u2SaMBlL8azjk4wGVFQpQp1JqMJCao2W8ZImCVegkPZxhGbx0nkgVfyFx4ihMeDNM288JbGC4CGON8C02Q84rQzhwzZE83Y9rSe1Bb0fUMHMu6ihD5jLdeltuBL4ZdJlKgL24KZK5o5pq4_l9SyzGAjB1KAQnClNOB1SxV89CtILu-65wb17s0z3qw2-NF0B6UVlGQFebjbSyLQv2ARaETh_8cBiPugVMgBIV3K1KBwNyWejyI1ZDCssvIZHJCF2SRW3HmJerTiB23eGHFYKSLdxW7LEzoHIc2xZEc3pwR43gavjeoL0pNc-HNFV_c19wiH7Tnw3IHld_FfTqAIPnqKMNIY7D_D0DmFNTOdnzcipqKxUB0Avc-wr8Fz0gjeRpLH2iDSCJWtvWjoeYvHTktGsblDAM5j9xznwEvZfQvj8fTUnFxl3clkD6e9V1jrDQDkXfOtl-bDIv9PtMwamfJFu-z2ubF-gKytUewPNo10uhwr2TDNdUayCZDR2T3HoRLN8goIw2bFoPJ98LoPcSukEvKABjH0DiHNeqFELNZPx_uCx5N-YFkUZxHWA1QUoGhqQ3REtcT3c-SZf_TDFOPvws6bmwt4lcWpLmubOAJLFt6J8m8HCkVUshRdFzvHQm_0JEvA3JtyXZzvsPUv5njdk0nxTZktvsnqX054RQk5x8U-lBY-bK3uMOoFnHju45LMoHCUgGJi22eUm7nLGZEh84ZAbNlPLXpfavXvPJh21OW5EOAeuQ-yWNHY2xbmAiHNnb-J2VpZc1Vy82sxn8umFtKduuQuIQMOsf4qHqj5MzDY_1NjrM4Wm7XAiLC4MpQ22w9PWNQXSZWvo2fj8WUnfEibpgyRkoD2P25GRQqsRJ3-Ykl5bm_2Vfe6i3oXHOwQwZwKGXfAqXyo4iU1UI7e-qC4sj5U64oB_A_NSBaJJrZoQ2fVeGTnFxA4QMMoWCT0VlwBXK0B3jht8Xal3WcI-i9ctQB1-GrmwwgG2ttePHt1IKy69bSZE3FLkFicaHg6VxypG6ef8rVsmMrfpTATOnF5_iEaLNY9428HHGW0iz4vXwaE-MkYy7NK2KMPFiCB0ec9OjIROwayK4LREv4qknWHnVQRSm25Rr9DcVFXKj16Au7X1hv7TuVH7h25U',
-      priv: '1X9VEr_iXMRwBvnSytEmHrtA-DpD6FWAUqMrDNlJVBg',
-    },
-  },
-  'ML-DSA-87': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-87', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-dsa-87', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-dsa-87', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-dsa-87', 'public'), 'ascii')),
-    jwk: {
-      kty: 'AKP',
-      alg: 'ML-DSA-87',
-      pub: 'DZXqaBATRN0GRtigxzkLxp7C9fFYxI7Gl-tdfXqJHbzVCTTvRfRwZcu3YmpsUYXBdX2pVsQ51QlqxMslKBRmfNCanBLcfd57qoEIb0K6GIKZGHxlsr9aXNjEGcKMo0ICon0LYTvTWrl72Oz-2yEA_abPK3_dBUFGAYQ6kOQhAHcT1CMmTTck23PnEd5WUpYfZOA9giFX9dNVrrdFWczj_vDOty81ObNKsxfVWT1nG7c60UCJxb2c2tMrBx3rp7Hfc_aOg54W5KHocJi0Eai0ok4buySTe0UCSCUTkeoCcdiABgOFBiXRYzpm3Lz4uot6hSgFpuh67fE9Zpgtn64vfI-O1mgcPrPPpd3yA92Jrq-dvXuM55w1RmA_hha3U5Sh2vm0tD1U57q945UppFReIv_8NAKBkxQ_vHil7ySm-m7IAM-sTUY86_IqMZqisxoz7Ff7ZR2vIiUm3-L0ow4B8uPsCv2ZlUoVXvMF6XQiOHsgqgP1rfH8DmfmPFudwiXrAW6wEmi10skPmkN92aC3TPG6nmaNryQ7f8J82yVmGxW9U7zMbg21qNkRGBi_1YwEt6D8V2pUWv5U1a4p4-Ma0f4uQG4g0odM-WGomlh7pZWZf3sffiPXk9wBrGisxtCJuaB5vtkheWxpEfWqnhc3QdOWfrsRg6P1h7M95SNVW0U8A38wwrqPOpzEnckCVdCrZz2b2KVln6a4twfINg1-3lEZR4rkEmTaTYlLFlXzbRFWBBPGATxeRxhQ_9N5VhHi7STWPFD5HIJyVqz436bbVvM6Py_oldT_xt_tWlPc0w4Pesy2CgaCPlJCnx6cjEg_sRBUcRkBoHqa7aZj4JFFm9bzEaiJ2MKfkHVT4xdbEimMHsD0HkIQpg5-zoB2Jsqgc6Qi3L57hZi-Q1V0G2lmdZ5WZkQ2m5hxle4hHtAmghgynK2p0qzDWHScxHcdd2sInYqQgMYbnvs04YYKWpIfndCUBs9q_EONN5tn8gfSwHEKlQ-KpplEL5kc-99h2uaZsxRlJOF6_z8EZ-aKaKY8jvoAV0g4kZJH5UKy_MkBiva6r-zXUmo88qJjXQatOOSdfvJUTiZiSfcpBQqF9SSDD9WWsgInaOCKO_fAFf9fuacXDMEj0esUx1YrVEe_77S5uObg-UrK405U1JhKJJvd7o8xQKxenv5BJdsbbyYQDbSSe9BrCqeHEgmfRHTXdSvl_3QOP0Ej-dT8YJJHZ1lrujU7Zg5f5Kg99tU5GdLMbHX2kt4F2a0NX09HikEemvUg4NLPhjOihfVkChr-zdF69nfsnTiaQrMgpIcl9jttN99_8Gju-LU8OWbb92m9RLxAUFP115v22f77YPoILm92IjMZMkxEhGneoclWhnudkyR7YoTBjCnT5b7AC9_05uls637FmVf7Ck8-MF4gLil3dstXi4g24bitYhxxqWwiqF4vsDouSGUnuKCMwx3TLsII_xk77TjpQP4vpLdYM3tn94AVlTMMhnI-OZkVJk-_mIbywCwRHlQb5nzVCc0BWlM1kb9PJys2IfciS8LWEoxeq9moDX5w72yJKoLN3CWpD3VdJAiW79zUaySw-IeW0XaHnlze5fYnOozG8lIeyQ9sMZasMiFovGnR3b7jyMtA38U33v16fouWuBILOu0m_QOpRDI9i3rjRM6hdC48zCtNSzc1_1VPYkWDSFK1oVAjdd8-2rjyqdPeUwnqD26VA9_d3R7x8ThrazdbRC8U1hr9jpqNHuZ4LGYu3Ui8wB-lSt9QMaHz517MY_zBEoNGyvbQWtlM7mvLu12KoMM7nvGrPJnvD-HmxTqsVQolD8_lIV5ao72yiKDpArVr6RuV4PpI0j_Wy4-yDCuwBW0gjnB9GvCwOTeByYXJT6Ul7dgHck4BbF3IyFgvmY--ceWr5mBrbAC9LJP_4Wf5O6ul3hFrhiG6zSV4zzBYLnEwfW6LNLEZjZKgmBYiC5s1xlxYWDdcQ5FGmLQ9uEDkr4VItXQWvIIdeBQPyujxmd965Mig9-Sa7SCyV_3wH8fQnGlvU-jJMGL0zvzB2gcu7hMLMagUBj1AKXj-UxpbX1i95f2TOiZDwMeCCszgvCjQ21XKg07TBXrrOiFcgcADgdo-HJr7O1T3ozOIulq1PDM7QZH6i3wDD0j3b0NCdqKCWqhfLXz2-FszyUHmA_GCzOLVzrLT2DcGWIcQbkvF0yZPgTyqKArKa8qytOerdH6oCJ0bRl96855sMVjuUdyVLX7XW_rVTwsOwV0gVAx8SrzovtDFeHRNl7BQKMsyQ1BjWu25jqKJ598vAi3LCZv0kMdiC24qPdgZU4e2aUkco11EnD6nJgdqsVFxufCl4BD_D9g5Wy42fJt4ZgNPAcbUf341KERyReeBEQj-qlPB3IUTIXcJw68GScebhxb0W_tGKMBC6-ip4QfNW7UTxUxVxmCV7h0yRnBBlkuUR1eYQwWRmEPjKd3dLHvgHtr266NQmE1tnKtJlsdPKb0ztrI9vogsENsgGNFQ2tHoeX8vqxcagGznlPVPfc3DlqjBSeTFQaPWvmCQHVKgxkbvffKzFQyFvXEqt6bGGtkwBoRJ_IIwtSeWQ2nFPBe3rlyKrtSnQFIMibJbbYvPVE03Cld9R61r-GGDSQz4aXekLzePEVwnxpe4mWJGco7ctQyE73PekL1uo2g0bRK-KgaE878OiLRBo5T7c633xEf2hMy9532M2GVdTZuoE0LL-wpAh9GmNdvJZc7g2sINvwZi778v2WHcYEKqXvdmrX-Shyh3QkzgIGZrDzM4UlxxUWaXfZ0Z6PNguk7Jafqf3xuUe9Z8zfAJl5c_VA3k8dn7IRg99hRsh-TGBCzqzgjJq4p4XMWP2QuxFTGSgHRe2GSCFzd5-lPjrj76ZyT3MPUxQe_bV2VE-Oys3MT-VkCCM8jFCANXdrfltG6jSiUZ2uJUWNqdNnxPglmmyrgff_m-5CyIRWYXQsIdZGspqdjzb4F6RbBKfL2PQlM6zUfo9JNmE8YQq815Nxkex8vDOrImnew312fZA6rRjr9_uE4lEbw3U7PFlCKBUPvPnsdgedjKYhiS0xU6iS1NDKOvYhcrkCkiU67EmFD4U0-OCv9Kpbb5bIxTJuv405NxJBElAMVI-ya0ns7D4-xUPn05E7PhtGZT0eHwItjT6omThTsTHwB_bQqYfNrjrObO1l1go2hQ-cUadZYsG5l47CB5RlFhANtaC8tiq4KJi48TmEEApB_0VwOI4EmI7SR0oaqx3HRXZfeGevCx2yC9aCYM4HqcyqP2g_1HwsOYzwq4XDEbK5Yl1dtYABxPoo7t8FBq2sSmfrBJWFv_nvreb_DPwbfoSeCy9knqvOktSQRrPMmo-nNGpandBvjmrjSk3EdeziAP7XNre5I-bn_2voDxkzGFtUM-wzlL379ASRGej8FkNWaOyqGP6Anq5PSJ',
-      priv: 'LZSOlEPbU9S5_mSsMULffTyxZu6qKEOQ1nfEi2NCscg',
-    }
-  },
-};
-/* eslint-enable @stylistic/js/max-len */
+const keyData = {};
+
+for (const name of ['ML-DSA-44', 'ML-DSA-65', 'ML-DSA-87']) {
+  const lcName = name.toLowerCase();
+  keyData[name] = {
+    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName(lcName, 'private_seed_only'), 'ascii')),
+    pkcs8: toDer(fixtures.readKey(getKeyFileName(lcName, 'private'), 'ascii')),
+    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName(lcName, 'private_priv_only'), 'ascii')),
+    spki: toDer(fixtures.readKey(getKeyFileName(lcName, 'public'), 'ascii')),
+    jwk: JSON.parse(fixtures.readKey(`${lcName}.json`)),
+  };
+}
 
 const testVectors = [
   {
diff --git a/test/parallel/test-webcrypto-export-import-ml-kem.js b/test/parallel/test-webcrypto-export-import-ml-kem.js
index 50f3444ce87899..9b75dee64511d9 100644
--- a/test/parallel/test-webcrypto-export-import-ml-kem.js
+++ b/test/parallel/test-webcrypto-export-import-ml-kem.js
@@ -25,29 +25,18 @@ function toDer(pem) {
   return Buffer.alloc(Buffer.byteLength(der, 'base64'), der, 'base64');
 }
 
-const keyData = {
-  'ML-KEM-512': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-512', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-kem-512', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-512', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-kem-512', 'public'), 'ascii')),
-    pub_len: 800,
-  },
-  'ML-KEM-768': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-768', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-kem-768', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-768', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-kem-768', 'public'), 'ascii')),
-    pub_len: 1184,
-  },
-  'ML-KEM-1024': {
-    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-1024', 'private_seed_only'), 'ascii')),
-    pkcs8: toDer(fixtures.readKey(getKeyFileName('ml-kem-1024', 'private'), 'ascii')),
-    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName('ml-kem-1024', 'private_priv_only'), 'ascii')),
-    spki: toDer(fixtures.readKey(getKeyFileName('ml-kem-1024', 'public'), 'ascii')),
-    pub_len: 1568,
-  },
-};
+const keyData = {};
+
+for (const name of ['ML-KEM-512', 'ML-KEM-768', 'ML-KEM-1024']) {
+  const lcName = name.toLowerCase();
+  keyData[name] = {
+    pkcs8_seed_only: toDer(fixtures.readKey(getKeyFileName(lcName, 'private_seed_only'), 'ascii')),
+    pkcs8: toDer(fixtures.readKey(getKeyFileName(lcName, 'private'), 'ascii')),
+    pkcs8_priv_only: toDer(fixtures.readKey(getKeyFileName(lcName, 'private_priv_only'), 'ascii')),
+    spki: toDer(fixtures.readKey(getKeyFileName(lcName, 'public'), 'ascii')),
+    jwk: JSON.parse(fixtures.readKey(`${lcName}.json`)),
+  };
+}
 
 const testVectors = [
   {
@@ -212,7 +201,8 @@ async function testImportPkcs8MismatchedSeed({ name, privateUsages }, extractabl
 }
 
 async function testImportRawPublic({ name, publicUsages }, extractable) {
-  const pub = keyData[name].spki.subarray(-keyData[name].pub_len);
+  const jwk = keyData[name].jwk;
+  const pub = Buffer.from(jwk.pub, 'base64url');
 
   const publicKey = await subtle.importKey(
     'raw-public',
@@ -255,7 +245,8 @@ async function testImportRawPublic({ name, publicUsages }, extractable) {
 }
 
 async function testImportRawSeed({ name, privateUsages }, extractable) {
-  const seed = keyData[name].pkcs8_seed_only.subarray(-64);
+  const jwk = keyData[name].jwk;
+  const seed = Buffer.from(jwk.priv, 'base64url');
 
   const privateKey = await subtle.importKey(
     'raw-seed',
@@ -285,6 +276,184 @@ async function testImportRawSeed({ name, privateUsages }, extractable) {
     { message: 'Invalid keyData' });
 }
 
+async function testImportJwk({ name, publicUsages, privateUsages }, extractable) {
+
+  const jwk = keyData[name].jwk;
+
+  const tests = [
+    subtle.importKey(
+      'jwk',
+      {
+        kty: jwk.kty,
+        alg: jwk.alg,
+        pub: jwk.pub,
+      },
+      { name },
+      extractable, publicUsages),
+    subtle.importKey(
+      'jwk',
+      jwk,
+      { name },
+      extractable,
+      privateUsages),
+  ];
+
+  const [
+    publicKey,
+    privateKey,
+  ] = await Promise.all(tests);
+
+  assert.strictEqual(publicKey.type, 'public');
+  assert.strictEqual(privateKey.type, 'private');
+  assert.strictEqual(publicKey.extractable, extractable);
+  assert.strictEqual(privateKey.extractable, extractable);
+  assert.deepStrictEqual(publicKey.usages, publicUsages);
+  assert.deepStrictEqual(privateKey.usages, privateUsages);
+  assert.strictEqual(publicKey.algorithm.name, name);
+  assert.strictEqual(privateKey.algorithm.name, name);
+  assert.strictEqual(privateKey.algorithm, privateKey.algorithm);
+  assert.strictEqual(privateKey.usages, privateKey.usages);
+  assert.strictEqual(publicKey.algorithm, publicKey.algorithm);
+  assert.strictEqual(publicKey.usages, publicKey.usages);
+
+  if (extractable) {
+    // Test the round trip
+    const [
+      pubJwk,
+      pvtJwk,
+    ] = await Promise.all([
+      subtle.exportKey('jwk', publicKey),
+      subtle.exportKey('jwk', privateKey),
+    ]);
+
+    assert.deepStrictEqual(pubJwk.key_ops, publicUsages);
+    assert.strictEqual(pubJwk.ext, true);
+    assert.strictEqual(pubJwk.kty, 'AKP');
+    assert.strictEqual(pubJwk.pub, jwk.pub);
+
+    assert.deepStrictEqual(pvtJwk.key_ops, privateUsages);
+    assert.strictEqual(pvtJwk.ext, true);
+    assert.strictEqual(pvtJwk.kty, 'AKP');
+    assert.strictEqual(pvtJwk.pub, jwk.pub);
+    assert.strictEqual(pvtJwk.priv, jwk.priv);
+
+    assert.strictEqual(pubJwk.alg, jwk.alg);
+    assert.strictEqual(pvtJwk.alg, jwk.alg);
+  } else {
+    await assert.rejects(
+      subtle.exportKey('jwk', publicKey), {
+        message: /key is not extractable/,
+        name: 'InvalidAccessError',
+      });
+    await assert.rejects(
+      subtle.exportKey('jwk', privateKey), {
+        message: /key is not extractable/,
+        name: 'InvalidAccessError',
+      });
+  }
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, use: 'sig' },
+      { name },
+      extractable,
+      privateUsages),
+    { message: 'Invalid JWK "use" Parameter' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, pub: undefined },
+      { name },
+      extractable,
+      privateUsages),
+    { message: 'Invalid keyData' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, priv: 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' }, // Public vs private mismatch
+      { name },
+      extractable,
+      privateUsages),
+    { message: 'Invalid keyData' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, kty: 'OKP' },
+      { name },
+      extractable,
+      privateUsages),
+    { message: 'Invalid JWK "kty" Parameter' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk },
+      { name },
+      extractable,
+      publicUsages), // Invalid for a private key
+    { message: /Unsupported key usage/ });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, ext: false },
+      { name },
+      true,
+      privateUsages),
+    { message: 'JWK "ext" Parameter and extractable mismatch' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk, priv: undefined },
+      { name },
+      extractable,
+      privateUsages), // Invalid for a public key
+    { message: /Unsupported key usage/ });
+
+  for (const alg of [undefined, name === 'ML-KEM-512' ? 'ML-KEM-1024' : 'ML-KEM-512']) {
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { kty: jwk.kty, pub: jwk.pub, alg },
+        { name },
+        extractable,
+        publicUsages),
+      { message: 'JWK "alg" Parameter and algorithm name mismatch' });
+
+    await assert.rejects(
+      subtle.importKey(
+        'jwk',
+        { ...jwk, alg },
+        { name },
+        extractable,
+        privateUsages),
+      { message: 'JWK "alg" Parameter and algorithm name mismatch' });
+  }
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { ...jwk },
+      { name },
+      extractable,
+      [/* empty usages */]),
+    { name: 'SyntaxError', message: 'Usages cannot be empty when importing a private key.' });
+
+  await assert.rejects(
+    subtle.importKey(
+      'jwk',
+      { kty: jwk.kty, /* missing pub */ alg: jwk.alg },
+      { name },
+      extractable,
+      publicUsages),
+    { name: 'DataError', message: 'Invalid keyData' });
+}
+
 (async function() {
   const tests = [];
   for (const vector of testVectors) {
@@ -294,6 +463,7 @@ async function testImportRawSeed({ name, privateUsages }, extractable) {
       tests.push(testImportPkcs8SeedOnly(vector, extractable));
       tests.push(testImportPkcs8PrivOnly(vector, extractable));
       tests.push(testImportPkcs8MismatchedSeed(vector, extractable));
+      tests.push(testImportJwk(vector, extractable));
       tests.push(testImportRawSeed(vector, extractable));
       tests.push(testImportRawPublic(vector, extractable));
     }
@@ -303,7 +473,7 @@ async function testImportRawSeed({ name, privateUsages }, extractable) {
 
 (async function() {
   const alg = 'ML-KEM-512';
-  const pub = keyData[alg].spki.subarray(-keyData[alg].pub_len);
+  const pub = Buffer.from(keyData[alg].jwk.pub, 'base64url');
   await assert.rejects(subtle.importKey('raw', pub, alg, false, []), {
     name: 'NotSupportedError',
     message: 'Unable to import ML-KEM-512 using raw format',