2020/12/27
- Addressed issues from Cure53's audit:
- MON-01-001: Clarified which CSPRNG to use on Darwin.
- MON-01-002: Won't fix (nonce handling is a core design decision).
- MON-01-004: Compared with Kleshni's implementation.
- MON-01-005: Split a dedicated "advanced" folder in the manual.
- Quality assurance for 2^255-19 arithmetic (elliptic curves):
- Documented carry propagation.
- Enforced slightly safer invariants.
- Improved the speed of EdDSA signature generation.
- Made the vectors.h header more compact and easier to modify.
- TIS-CI integration.
- Added speed benchmark for ed25519-donna.
- Documented lengths limits of
crypto_ietf_chacha20()