Monocypher 2.0.2

Changes since 2.0.1:

• Corrected a couple failures to wipe secret buffers.
• Corrected a bug that prevented compilation in Ed25519 mode.
• Adjusted the number of test vectors in the test suite.
• Improved tests for incremental interfaces.
• Replaced the GNU all permissive licence by a public domain dedication (Creative Commons CC-0). The BSD licence remains as a fallback.

Monocypher 2.0.1

Changes since 2.0.0:

• Followed a systematic pattern for the loading code of symmetric crypto. It is now easier to review.
• Tweaked Poly1305 code to make it easier to prove correct.

Monocypher 2.0.0

Changes since 1.1.0:

• Changed the authenticated encryption format. It now conforms to
  RFC 7539, with one exception: it uses XChacha20 initialisation instead
  of the IETF version of Chacha20. This new format conforms to
  Libsodium's crypto_aead_xchacha20poly1305_ietf_encrypt.
• Removed crypto_lock_encrypt() and crypto_lock_auth().
• Renamed crypto_lock_aead_auth() to crypto_lock_auth_ad().
• Renamed crypto_unlock_aead_auth() to crypto_unlock_auth_ad().
• Added crypto_lock_auth_message() and crypto_unlock_auth_message()
• Renamed crypto_aead_lock to crypto_lock_aead;
• Renamed crypto_aead_unlock to crypto_unlock_aead;

The format change facilitates optimisation by aligning data to block
boundaries. The API changes increase consistency.

Monocypher 1.1.0

Changes since 1.0.1:

• Rewrote the manual into proper man pages.
• Added incremental interfaces for authenticated encryption and signatures.
• A couple breaking API changes, easily fixed by renaming the affected functions.