v0.0.4

Added

• (cli,pq) PKCS#8 + CLI for ML-DSA, ML-KEM-768, and SLH-DSA
• (rsa) runtime key generation for arbitrary modulus sizes
• (slhdsa) add SLH-DSA (FIPS 205) hash-based signatures — all 12 sets
• (mldsa) add ML-DSA (FIPS 204) signatures — 44/65/87
• (tls,mlkem) add hybrid X25519MLKEM768 key exchange + ML-KEM SPKI
• (mlkem) add ML-KEM-768 (FIPS 203), no_std and no-alloc
• (ec) add Ed25519 (EdDSA, RFC 8032) across the full stack
• (cipher) add ChaCha20-Poly1305 AEAD + TLS 1.3 suite
• (rng) add Windows OsRng via ProcessPrng (fixes Windows release builds)

Fixed

• (rng) link bcryptprimitives via raw-dylib for Windows OsRng

Other

• honest status table — flip completed rows to ✅, name the gaps
• comprehensive README — current state and CLI usage
• document ML-DSA and SLH-DSA
• document ChaCha20-Poly1305, Ed25519, ML-KEM-768 and hybrid TLS
• run tests and clippy on Windows and macOS

Added

• (rsa) runtime RSA key generation (BoxedRsaPrivateKey::generate) for arbitrary moduli; genpkey now accepts any even size up to 65536 bits (e.g. 8192), falling back from the const-generic path
• (slhdsa) SLH-DSA (FIPS 205), all 12 parameter sets; ACVP + OpenSSL-interop validated
• (mldsa) ML-DSA-44/65/87 (FIPS 204); ACVP + OpenSSL-interop validated
• (tls,mlkem) hybrid X25519MLKEM768 (0x11ec) TLS 1.3 key exchange; ML-KEM-768 PKIX SPKI
• (mlkem) ML-KEM-768 (FIPS 203), no_std/no-alloc; OpenSSL 3.5 interop-validated
• (ec) Ed25519 (EdDSA, RFC 8032) — library, X.509, TLS 1.3, CLI, and C FFI
• (cipher) ChaCha20-Poly1305 AEAD (RFC 8439) + TLS_CHACHA20_POLY1305_SHA256