OxiTLS — Pure-Rust TLS facade (rustls + RustCrypto, zero FFI by default)
Core traits and types for OxiTLS
OxiTLS adapter: rustls + RustCrypto CryptoProvider (pure Rust TLS)
OxiTLS adapter: aws-lc-rs backed rustls CryptoProvider
Pure-Rust certificate generation for OxiTLS — rcgen bridge backed by OxiCrypto signing keys (Ed25519, ECDSA-P256), zero ring/aws-lc-rs
OxiTLS adapter: PKCS#11 HSM/TPM backed rustls SigningKey via cryptoki
OxiTLS HTTP/2 binding — h2 over tokio-rustls TLS streams
OxiTLS webpki trust anchors — Mozilla CA bundle, pure Rust
OxiQUIC crypto bridge: Pure-Rust rustls CryptoProvider over OxiCrypto with QUIC packet/header protection (RFC 9001), zero ring/aws-lc-rs
FIPS/CNSA 2.0 rustls CryptoProvider backed by oxicrypt — reserved namespace
ML-DSA-87 signature verification adapter for rustls-webpki — under active development
Pure-Rust PostgreSQL backend for OxiSQL via tokio-postgres + OxiTLS (no libpq, no OpenSSL)