+catacomb (2.6.1) experimental; urgency=medium
+
+ * catacomb: Fix segfault from `rand_quick' on i386.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Mon, 25 May 2020 17:45:02 +0100
+
+catacomb (2.6.0) experimental; urgency=medium
+
+ * catacomb: Introduce Mike Hamburg's `STROBE' syymetric encryption
+ framework, based on Keccak.
+ * catacomb: Fix KCDSA prime generation so that it makes primes of
+ exactly the right length. I think this is the last of the prime-
+ generation algorthms that needs fixing.
+ * catacomb: Inttroduce low-level key-file functions to accommodate
+ Python 3 bindings.
+ * catacomb: Support `tag:', `id:' and `type:' prefixes in `bytag' key
+ queries.
+ * catacomb-bin: Be consistent about metasyntax used to denote hash
+ function names.
+ * catacomb: Introduce fast SIMD multiplication for ARM32 and ARM64
+ platforms. I think this finally means that X86 and ARM have similar
+ levels of optimization.
+ * catacomb: Check SIMD feature bit on ARM64 before using the optimized
+ code. I don't know of any ARM64 implementations which lack SIMD
+ instructions, but the bit must be there for a reason, so I might as
+ well use it.
+ * catacomb-dev: Allow reading the current number of passes from a
+ `dsarand' object.
+ * catacomb: Prefer X84 `rdseed' instruction for quick entropy over
+ `rdrand' if it's available.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 17:38:45 +0100
+
+catacomb (2.5.2) experimental; urgency=medium
+
+ * Merge changes from 2.4.5.
+ * catacomb-dev: Fix ARM32 FP/SIMD register dumping.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 20:50:57 +0100
+
+catacomb (2.5.1) experimental; urgency=medium
+
+ * Merge changes from 2.4.4.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sun, 29 Sep 2019 17:50:59 +0100
+
+catacomb (2.5.0) experimental; urgency=medium
+
+ * catacomb: MACs based on blockciphers: PMAC1 and CMAC (also known as
+ OMAC).
+ * catacomb: Authenticated Encryption with Additional Data (AEAD)
+ schemes. Some based on blockciphers: CCM, EAX, GCM (with CPU-specific
+ acceleration), OCB1 and OCB3 (OCB2 is broken). Also Salsa20 and
+ ChaCha20 with Poly1305: the RFC7539 scheme, and the NaCl `secret_box'
+ transform.
+ * catacomb: Implement Grantham's Frobenius test. Combine it with
+ Rabin--Miller, as Baillie--PSW, for testing given primes.
+ * catacomb-bin (catcrypt): Support AEAD schemes for bulk crypto.
+ * catacomb-bin (perftest): Options for batching; report cycle counts
+ where available.
+ * Many internal improvements: better documentation, debugging, testing,
+ etc.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 21:26:44 +0100
+
+catacomb (2.4.5) experimental; urgency=medium
+
+ * catacomb: Fix memory leak in key-file error handling.
+ * catacomb: Don't leak internal `exptime' symbol into the global
+ namespace.
+ * catacomb: Check that the X86 `rdrand' instruction actually works
+ before leaning on it. This is in response to the well-publicized AMD
+ bug which always returns all-bits-set with the carry /set/ (indicating
+ success).
+ * catacomb: Mix in the random pool key during `rand_gate' and
+ `rand_stretch' operations.
+ * catacomb: Fix by-tag key lookups: if the query string looks like a hex
+ number, it's treated as a search by id; but if no such id is found,
+ the search wouldn't continue to look for a key by type or tag.
+ * catacomb: Fix reference leak in `key_split'.
+ * catacomb: Fix bug which completely broke `key_copydata'.
+ * catacomb: Fix segfault from `pgen', if it fails before setting up the
+ prime tester.
+ * catacomb: Propagate failure from `pgen' during Lim--Lee prime
+ generation, rather than immediately retrying.
+ * catacomb: Fix memory leak of factor vector from failed Lim--Lee prime
+ generation.
+ * catacomb: Fix segfault when multiplying the identity elliptic-curve
+ point.
+ * catacomb: Fix the `lcrand' descriptor, so that it's not advertised as
+ being cryptographically strong, and to fix a bias in its output.
+ * catacomb: Fix a memory leak in the error case of KCDSA prime
+ generation.
+ * catacomb-bin: Fix segfault from `pixie', if given an empty passphrase
+ to remember.
+ * catacomb: Check SIMD feature bit on ARM64 before using the optimized
+ code. I don't know of any ARM64 implementations which lack SIMD
+ instructions, but the bit must be there for a reason, so I might as
+ well use it.
+ * catacomb: Support parsing binary-group descriptions. This is a long-
+ standing lacuna that I've only recently noticed.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 09 May 2020 17:46:24 +0100
+
+catacomb (2.4.4) experimental; urgency=medium
+
+ * debian: Bump to Debhelper 10.
+ * debian: Ship a shared-library `symbols' file for more precise
+ dependencies.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sun, 29 Sep 2019 15:58:26 +0100
+
+catacomb (2.4.3) experimental; urgency=medium
+
+ * catacomb (idea): Fix key-length descriptor.
+ * catacomb (xchachaNN): Fix nonce-size descriptor.
+ * catacomb (key-management): Fix incorrect handling of keyring
+ modifiability.
+ * catacomb-dev: Configure `pkg-config' correctly for static linking.
+ * catacomb, catacomb-bin (cookie, dsig): Fix hash-function length
+ padding on very long messages, and handling of large datestamps.
+ * catacomb-bin (catsign): Don't open temporary files unnecessarily.
+ * catacomb-bin (catcrypt): Fix key-attribute parsing.
+ * catacomb-bin (perftest): Add missing help-string text for `-n' used
+ with `enc' and `hash'
+
+ -- Mark Wooding <mdw@distorted.org.uk> Sat, 21 Sep 2019 17:43:59 +0100
+
+catacomb (2.4.2) experimental; urgency=medium
+
+ * catacomb2: Support multi-arch at last.
+ * catacomb2: Fix mangled key-size data for HMAC.
+ * rspit: Support generating large files.
+ * pixie: Improve error-handling around dropping privilege.
+ * ed25519, ed448: Very minor performance improvement.
+ * salsa20, chacha: Fix crash if nonce is none, as it is when invoked by
+ `rspit'.
+ * salsa20, chacha: Fix declaration of cipher classes to prevent them
+ ending up as (useless) common symbols in client code.
+ * limlee: Improve the prime size heuristics.
+ * sha, sha256, sha512: Restructure compression function to improve
+ performance and use less memory.
+ * rijndael: Include enough round constants to make very tiny keys work
+ correctly.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Tue, 12 Jun 2018 01:15:59 +0100
+
+catacomb (2.4.1) experimental; urgency=low
+
+ * catacomb2: Two's-complement fix from 2.3.x release branch.
+
+ -- Mark Wooding <mdw@distorted.org.uk> Thu, 22 Jun 2017 09:37:40 +0100
+