Sept 24th, 2002
v0.66  -- Updated the /demos/test.c program to time the hashes correctly.  Also it uses the yarrow PRNG for all of the 
          tests meaning its possible to run on RNG less platforms 
       -- Updated the /demos/hashsum.c program to hash from the standard input
       -- Updated the RSA code to make keys a bit quicker [update by Wayne Scott] by not making both primes at the same
          time.
       -- Dan Kaminsky suggested some cleanups for the code and the MPI config
          Code ships in unix LF format by default now too... will still build in MSVC and all... but if you want
          to read the stuff you'll have to convert it 
       -- Changes to the manual to reflect new API [e.g. hash_memory/file have v0.65 prototypes]and some typos fixed

Sept 20th, 2002
v0.65  -- Wayne Scott (wscott@bitmover.com) made a few of suggestions to improve the library.  Most 
          importantly he pointed out the math lib is not really required.  He's also tested the lib on 18 
          different platforms.  According to him with only a few troubles [lack of /dev/random, etc] the 
          library worked as it was supposed to.  You can find the list at 
          http://www.bitkeeper.com/Products.BitKeeper.Platforms.html
       -- Updated the hash_file and hash_memory functions to keep track of the size of the output
       -- Wayne Scott updated the demos/test.c file to use the SPRNG less and Yarrow more
       -- Modified the mycrypt_cfg.h to autodetect x86-32 machines

Sept 19th, 2002
v0.64  -- wrote makefile for the GBA device [and hacked the demos/test.c file to support it conditionally]
       -- Fixed error in PK (e.g. ECC, RSA, DH) import functions where I was clobbering the packet error messages
       -- fixed more typos in the manual
       -- removed all unused variables from the core library (ignore the ID_TAG stuff)
       -- added "const char *crypt_build_settings" string which is a build time constant that gives a listing
          of all the build time options.  Useful for debugging since you can send that to me and I will know what 
          exactly you had set for the mycrypt_cfg.h file.
       -- Added control over endianess.  Out of the box it defaults to endianess neutral but you can trivially 
          configure the library for your platform.  Using this I boosted RC5 from 660Mbit/sec to 785Mbit/sec on my 
          Athlon box.  See "mycrypt_cfg.h" for more information.

Sept 11th, 2002
v0.63  -- Made hashsum demo output like the original md5sum program 
       -- Made additions to the examples in the manual (fixed them up a bunch)
       -- Merged in the base64 code from Wayne Scott (wscott@bitmover.com)

Aug 29th, 2002
v0.62  -- Added the CLEAN_STACK functionality to several of the hashes I forgot to update.

Aug 9th, 2002
v0.61  -- Fixed a bug in the DES code [oops I read something wrong].

Aug 8th, 2002
v0.60  -- Merged in DES code [and wrote 3DES-EDE code based on it] from Dobes V.

Aug 7th, 2002
v0.59  -- Fixed a "unsigned long long" bug that caused v0.58 not to build in MSVC.
       -- Cleaned up a little in the makefile
       -- added code that times the hash functions too in the test program

Aug 3rd, 2002
v0.58  -- Added more stack cleaning conditionals throughout the code.  
       -- corrected some CLEAR_STACK conditionals... should have been CLEAN_STACK
       -- Simplified the RSA, DH and ECC encrypt() routines where they use CTR to encode the message
          now they only make one call to ctr_encrypt()/ctr_decrypt().

Aug 2nd, 2002
v0.57  -- Fixed a few errors messages in the SAFER code to actually report the correct cipher name.
       -- rsa_encrypt() uses the "keysize()" method of the cipher being used to more accurately pick a
          key size.  By default rsa_encrypt() will choose to use a 256-bit key but the cipher can turn that 
          down if required.
       -- The rsa_exptmod() function will now more reliably detect invalid inputs (e.g. greater than the modulus).
       -- The padding method for RSA is more clearly documented.  Namely if you want to encrypt/sign something of length
          N then your modulus must be of length 1+3N.  So to sign a message with say SHA-384 [48 bytes] you need a 
          145 byte (1160 bits) modulus.  This is all in the manual now.
       -- Added build option CLEAN_STACK which will allow you to choose whether you want to clean the stack or not after every
          cipher/hash call
       -- Sped up the hash "process()" functions by not copying one byte at a time.
       ++ (added just after I uploaded...)
          MD4 process() now handles input buffers > 64 bytes

Aug 1st, 2002
v0.56  -- Cleaned up the comments in the Blowfish code.
       -- Oh yeah, in v0.55 I made all of the descriptor elements constant.  I just forgot to mention it.
       -- fixed a couple of places where descriptor indexes were tested wrong.  Not a huge bug but now its harder
          to mess up.
       -- Added the SAFER [64-bit block] ciphers K64, SK64, K128 and SK128 to the library.
       -- Added the RC2 block cipher to the library.
       -- Changed the SAFER define for the SAFER+ cipher to SAFERP so that the new SAFER [64-bit] ciphers
          can use them with less confusion.

July 29th, 2002
v0.55  -- My god stupid Blowfish has yet again been fixed.  I swear I hate that cipher.  Next bug in it and boom its out of the
          library.  Use AES or something else cuz I really hate Blowfish at this stage....
       -- Partial PKCS support [hint DONT USE IT YET CUZ ITS UNTESTED!]

July 19th, 2002
v0.54  -- Blowfish now conforms to known test vectors.  Silly bad coding tom!
       -- RC5/RC6/Serpent all have more test vectors now [and they seemed to have been working before]

July 18th, 2002
v0.53  -- Added more test vectors to the blowfish code just for kicks [and they are const now too :-)]
       -- added prng/hash/cipher is_valid functions and used them in all of the PK code so you can't enter the code
          with an invalid index ever now.
       -- Simplified the Yarrow code once again :-)

July 12th, 2002
v0.52  -- Fixed a bug in MD4 where the hash descriptor ID was the same as SHA-512.  Now MD4 will work with
          all the routines...
       -- Fixed the comments in SHA-512 to be a bit more meaningful
       -- In md4 I made the PADDING array const [again to store it in ROM]
       -- in hash_file I switched the constant "512" to "sizeof(buf)" to be a bit safer
       -- in SHA-1's test routine I fixed the string literal to say SHA-1 not sha1
       -- Fixed a logical error in the CTR code which would make it skip the first IV value.  This means
          the CTR code from v0.52 will be incompatible [binary wise] with previous releases but it makes more
          sense this way.
       -- Added {} braces for as many if/for/blocks of code I could find.  My rule is that every for/if/while/do block
          must have {} braces around it.
       -- made the rounds table in saferp_setup const [again for the ROM think about the ROM!]
       -- fixed RC5 since it no longer requires rc5 to be registered in the lib.  It used to since the descriptors used to 
          be part of the table...
       -- the packet.c code now makes crypt_error literal string errors when an error occurs
       -- cleaned up the SAFER+ key schedule to be a bit easier to read.
       -- fixed a huge bug in Twofish with the TWOFISH_SMALL define.  Because I clean the stack now I had
          changed the "g_func()" to be called indirectly.  I forgot to actually return the return of the Twofish
          g_func() function which caused it not to work... [does now :-)]

July 11th, 2002
v0.51  -- Fixed a bug in SHA512/384 code for multi-block messages.
       -- Added more test vectors to the SHA384/512 and TIGER hash functions
       -- cleaned up the hash done routines to make more sense
 
July 10th, 2002
v0.50  -- Fixed yarrow.c so that the cipher/hash used would be registered.  Also fixed
          a bug where the SAFER+ name was "safer" but should have been "safer+".
       -- Added an element to the hash descriptors that gives the size of a block [sent into the compressor]
       -- Cleaned up the support for HMAC's
       -- Cleaned up the test vector routines to make the test vector data const.  This means on some platforms it will be
          placed in ROM not RAM now.
       -- Added MD4 code submited by Dobes Vandermeer (dobes@smartt.com)
       -- Added "burn_stack" function [idea taken from another source of crypto code].  The idea is if a function has
          alot of variables it will clean up better.  Functions like the ecb serpent and twofish code will now have their
          stacks cleaned and the rest of the code is getting much more straightforward.
       -- Added a hashing demo by Daniel Richards (kyhwana@world-net.co.nz)
       -- I (Tom) modified some of the test vector routines to use more vectors ala Dobes style.
          For example, the MD5/SHA1 code now uses all of the test vectors from the RFC/FIPS spec.
       -- Fixed the register/unregister functions to properly report errors in crypt_error
       -- Correctly updated yarrow code to remove a few unused variables.
       -- Updated manual to fix a few erroneous examples.
       -- Added section on Hash based Message Authentication Codes (HMAC) to the manual

June 19th, 2002
v0.46  -- Added in HMAC code from Dobes Vandermeer (dobes@smartt.com)

June 8th, 2002
v0.45  -- Fixed bug in rc5.c where if you called rc5_setup() before registering RC5 it would cause
          undefined behaviour.
       -- Fixed mycrypt_cfg.h to eliminate the 224 bit ECC key.
       -- made the "default" makefile target have depends on mycrypt.h and mycrypt_cfg.h

Apr 4th, 2002
v0.44  -- Fixed bug in ecc.c::new_point() where if the initial malloc fails it would not catch it.

Mar 22nd, 2002
v0.43  -- Changed the ZLIB code over to the 1.1.4 code base to avoid the "double free" bug.  
       -- Updated the GCC makefile not to use -O3 or -funroll-loops
       -- Version tag in mycrypt.h has been updated :-)

Mar 10th, 2002
v0.42  -- The RNG code can now use /dev/urandom before trying /dev/random (J. Klapste)

Mar 3rd, 2002
v0.41  -- Added support to link and use ciphers at compile time.  This can greatly reduce the code size!
       -- Added a demo to show off how small an application can get... 46kb!
       -- Disastry pointed out that Blowfish is supposed to be high endian.
       -- Made registry code for the PRNGs as well [now the smallest useable link is 43kb]

Feb 11th, 2002
v0.40  -- RSA signatures use [and check for] fixed padding scheme.
       -- I'm developing in Linux now :-)
       -- No more warnings from GCC 2.96

Feb 5th, 2002
v0.39  -- Updated the XTEA code to work in accordance with the XTEA design

January 24th, 2002
v0.38  -- CFB and OFB modes can now handle blocks of variable size like the CTR code
       -- Wrote a wrapper around the memory compress functions in Zlib that act like the functions
          in the rest of my crypto lib

January 23rd, 2002
v0.37  -- Added support code so that if a hash size and key size for a cipher don't match up they will
          use the next lower key supported.  (mainly for the PK code).  So you can now use SHA-1 with
          Twofish, etc...
       -- Added more options for Twofish.  You can now tell it to use precomputed sboxes and MDS multiplications
          This will speed up the TWOFISH_SMALL implementation by increasing the code size by 1024 bytes.
       -- Fixed a bug in prime.c that would not use the correct table if you undefined SMALL_PRIME_TAB
       -- Fixed all of the PK packet code to use the same header format [see packet.c].  This makes the PK code
          binary wise incompatible with previous releases while the API has not changed at all.

January 22nd, 2002
v0.36  -- Corrections to the manual
       -- Made a modification to Twofish which lets you build a "small ram" variant.  It requires
          about 190 bytes of ram for the key storage compared to the 4,200 bytes the normal 
          variant requires.
       -- Reduced the stack space used in all of the PK routines.

January 19th, 2002
v0.35  -- If you removed the first hash or cipher from the library it wouldn't return an error if 
          you used an ID=0 [i.e blowfish or sha256] in any routine.  Now it checks for that and will
          return an error like it should
       -- Merged in new routines from Clay Culver.  These routines are for the PK code so you can easily 
          encode a symmetric key for multiple recipients.
       -- Made the ecc and DH make_key() routines make secret keys of the same size as the keysize listed.
          Originally I wanted to ensure that the keys were smaller than the order of the field used
          However, the bias is so insignifcant using full sizes.  For example, with a ECC-192 key the order
          is about 2^191.99, so instead I rounded down and used a 184-bit secret key.  Now I simply use a full 192-bit
          key the code will work just the same except that some 192-bit keys will be duplicates which is not a big
          deal since 1/2^192 is a very small bias!
       -- Made the configuration a bit simpler and more exacting.  You can for example now select which DH or ECC
          key settings you wish to support without including the data for all other key settings.  I put the #defines
          in a new file called "mycrypt_cfg.h"
       -- Configured "mpi-config.h" so its a bit more conservative with the memory required and code space used
       -- Jason Klapste submitted bug fixes to the yarrow, hash and various other issues.  The yarrow code will now
          use what ever remaining hash/cipher combo is left [after you #undef them] at build time.   He also suggested
          a fix to remove unused structures from the symmetric_key and hash_state unions.
       -- Made the CTR code handle variable length blocks better. It will buffer the encryption pad so you can
          encrypt messages any size block at a time.
       -- Simplified the yarrow code to take advantage of the new CTR code.
       -- Added a 4096-bit DH key setting.  That took me about 36 hours to find!
       -- Changed the base64 routines to use a real base64 encoding scheme.
       -- Added in DH and ECC "encrypt_key()" functions.  They are still rather "beta"ish.
       -- Added **Twofish** to the list of ciphers!

January 18th, 2002
v0.34  -- Added "sha512" to the list of hashes.  Produces a 512-bit message digest.  Note that with the current
          padding with the rsa_sign() function you cannot use sha512 with a key less than 1536 bits for signatures.
       -- Cleaned up the other hash functions to use the LOAD and STORE macros...

January 17th, 2002
v0.33  -- Made the lower limit on keysizes for RSA 1024 bits again because I realized that 768 bit keys wouldn't
          work with the padding scheme and large symmetric keys.
       -- Added information concerning the Zlib license to the manual
       -- Added a 3072-bit key setting for the DH code.
       -- Made the "find_xyz()" routines take "const char *" as per Clay Culver's suggestion.
       -- Fixed an embarassing typo in the manual concerning the hashes.  Thank's Clay for finding it!
       -- Fixed rand_prime() so that it makes primes bigger than the setting you give.  For example,
          if you want a 1024-bit prime it would make a 1023-bit one.  Now it ensures that the prime
          it makes is always greater than 2^(8n) (n == bytes in prime).  This doesn't have a huge
          impact on security but I corrected it just the same.
       -- Fixed the CTR routine to work on platforms where char != 8-bits 
       -- Fixed sha1/sha256/md5/blowfish to not assume "unsigned long == 32-bits", Basically any operation with carries
          I "AND" with 0xFFFFFFFF.  That forces only the lower 32-bits to have information in it.  On x86 platforms
          most compilers optimize out the AND operation since its a nop.

January 16th, 2002
v0.32  -- Made Rijndael's setup function fully static so it is thread safe
       -- Svante Seleborg suggested a cosmetic style fixup for aes.c, 
          basically to remove some of the #defines to clean it up
       -- Made the PK routines not export the ASCII version of the names of ciphers/hashes which makes
          the PK message formats *incompatible* with previous releases.
       -- Merge in Zlib :-)
 
  
January 15th, 2002
v0.31  -- The RSA routines can now use CRT to speed up decryption/signatures.  The routines are backwards 
          compatible with previous releases.
       -- Fixed another bug that Svante Seleborg found.  Basically you could buffer-overrun the 
          rsa_exptmod() function itself if you're not careful.  That's fixed now.  Fixed another bug in
          rsa_exptmod() where if it knows the buffer you passed is too small it wouldn't free all used 
          memory.       
       -- improved the readability of the PK import/export functions
       -- Added a fix to RSA.C by Clay Culver
       -- Changed the CONST64 macro for MSVC to use the "unsigned __int64" type, e.g. "ui64" instead of "i64".

January 14th, 2002
v0.30  -- Major change to the Yarrow PRNG code, fixed a bug that Eugene Starokoltsev found.
          Basically if you added entropy to the pool in small increments it could in fact
          cancel out.  Now I hash the pool with the new data which is way smarter.

January 12th, 2002
v0.29  -- Added MPI code written by Svante Seleborg to the library.  This will make the PK code much
          easier to follow and debug.  Actually I've already fixed a memory leak in dh_shared_secret().
       -- Memory leaks found and correct in all three PK routines.  The leaks would occur when a bignum
          operation fails so it wouldn't normally turn up in the course of a program
       -- Fixed bugs in dh_key_size and ecc_key_size which would return garbage for invalid key idx'es

January 11th, 2002
v0.28  -- Cleaned up some code so that it doesn't assume "char == 8bits".  Mainly SAFER+ has been 
          changed.
       -- ***HUGE*** changes in the PK code.  I check all return values in the bignum code so if there
          are errors [insufficient memory, etc..] it will be reported.  This makes the code fairly more
          robust and likely to catch any errors.
       -- Updated the is_prime() function to use a new prototype [it can return errors now] and it also
          does trial divisions against more primes before the Rabin Miller steps
       -- Added OFB, CFB and ECB generic wrappers for the symmetric ciphers to round out the implementations.
       -- Added Xtea to the list of ciphers, to the best of my ability I have verified this implementation.
          I should note that there is not alot of concrete information about the cipher.  "Ansi C" versions
          I found did not address endianess and were not even portable!.  This code is portable and to the
          best of my knowledge implements the Xtea algorithm as per the [short] X-Tea paper.
       -- Reformated the manual to include the **FULL** source code optimized to be pritable.

January 9th, 2002
v0.27  -- Changed the char constants to numerical values.  It is backwards compatible and should work on
          platforms where 'd' != 100 [for example].
       -- Made a change to rand_prime() which takes the input length as a signed type so you can pass
          a negative len to get a "3 mod 4" style prime... oops
       -- changed the MSVC makefile to build with a warning level of three, no warnings!

January 8th, 2002
v0.26  -- updated SHA-256 to use ROR() for a rotate so 64-bit machines won't corrupt
          the output
       -- Changed #include <> to #include "" for local .h files as per Richard Heathfields' suggestions.
       -- Fixed bug in MPI [well bug in MSVC] that compiled code incorrectly in mp_set_int()
          I added a work around that catches the error and continues normally.

January 8th, 2002
v0.25  -- Added a stupid define so MSVC 6.00 can build the library.
       -- Big thanks to sci.crypt and "Ajay K. Agrawal" for helping me port this to MSVC

January 7th, 2002
v0.24  -- Sped up Blowfish by unrolling and removing the swaps.
       -- Made the code comply with more traditional ANSI C standards
          Should compile with MSVC with less errors
       -- moved the demos and documentation into their own directories
          so you can easily build the library with other tool chains
          by compiling the files in the root
       -- converted functions with length of outputs to use 
          "unsigned long" so 16-bit platforms will like this library more.

January 5th, 2002
v0.23  -- Fixed a small error in the MPI config it should build fine anywhere.

January 4th, 2002
v0.22  -- faster gf_mul() code
       -- gf_shl() and gf_shr() are safe on 64-bit platforms now
       -- Fixed an error in the hashes that Brian Gladman found.  
          Basically if the message has exactly 56 bytes left to be 
          compressed I handled them incorrectly.

January 4th, 2002
v0.21  -- sped up the ECC code by removing redundant divisions in the 
          point add and double routines.  I also extract the bits more
          efficiently in "ecc_mulmod()" now.
       -- sped up [and documented] the rand_prime() function.  Now it just
          makes a random integer and increments by two until a prime is found
          This is faster since it doesn't require alot of calls to the PRNG and
          it doesn't require loading huge integers over and over.  rand_prime()
          can also make primes congruent to 3 mod 4 [i.e for a blum integer]
       -- added a gf_sqrt() function that finds square roots in a GF(2^w) field
       -- fixed a bug in gf_div() that would return the wrong results if the divisor had a greator
          divisor than the dividend.

January 4th, 2002
v0.20  -- Added the fixed MPI back in so RSA and DH are much faster again

v0.19  -- Updated the manual to reflect the fact that Brian Gladman wrote the AES and Serpent code.
       -- DH, ECC and RSA signature/decryption functions check if the key is private
       -- new DH signature/verification code works just like the RSA/ECC versions

January 3rd, 2002
v0.18  -- Added way more comments to each .C file 
       -- fixed a bug in cbc_decrypt(pt, ct, key) where pt == ct [i.e same buffer]
       -- fixed RC5 so it reads the default rounds out of the cipher_descriptor table
       -- cleaned up ecc_export()
       -- Cleaned up dh_import() and ecc_import() which also perform more 
          error checking now
       -- Fixed a serious flaw in rsa_import() with private keys.

January 2nd, 2002
v0.17  -- Fixed a bug in the random prime generator that fixes the wrong bits to one
       -- ECC and DH code verify that the moduli and orders are in fact prime.  That 
          slows down the test routines alot but what are you gonna do? 
       -- Fixed a huge bug in the mp_exptmod() function which incorrectly calculates g^x mod p for some
          values of p.  I replaced it with a slow function.  Once the author of MPI fixes his faster routine
          I will switch back.
  
January 1st, 2002 [whoa new year!]
v0.16  -- Improved GF division code that is faster.
       -- documented the GF code

December 31st, 2001
v0.15  -- A 1792-bit and 2048-bit DH setting was added.  Took me all night to 
          find a 1792 and 2048-bit strong prime but what the heck
       -- Library now has polynomial-basis GF(2^w) routines I wrote myself.  Can be used to perform
          ECC over GF(2^w) later on....
       -- Fixed a bug with the defines that allows it to build in windows
       
December 30th, 2001
v0.14  -- Fixed the xxx_encrypt() packet routines to make an IV of appropriate size 
          for the cipher used.  It was defaulting to making a 256-bit IV...
       -- base64_encode() now appends a NULL byte, um "duh" stupid mistake now fixed...
       -- spell checked the manual again... :-)

December 30th, 2001
v0.13  -- Switching back to older copy of MPI since it works! arrg..
       -- Added sign/verify functions for ECC
       -- all signature verification routines default to invalid signatures.
       -- Changed all calls to memset to zeromem.  Fixed up some buffer problems 
          in other routines.  All calls to zeromem let the compiler determine the size
          of the data to wipe.

December 29th, 2001
v0.12  -- Imported a new version of MPI [the bignum library] that should
          be a bit more stable [if you want to write your own bignum
          routines with the library that is...]
       -- Manual has way more info
       -- hash_file() clears stack now [like it should]
       -- The artificial cap on the hash input size of 2^32 bits has been
          removed.  Basically I was too lazy todo 64-bit math before
          [don't ask why... I can't remember].  Anyways the hashes
          support the size of 2^64 bits [if you ever use that many bits in a message
          that's just wierd...]
       -- The hashes now wipe the "hash_state" after the digest is computed.  This helps
          prevent the internal state of the hash being leaked accidently [i.e stack problems]

December 29th, 2001
v0.11  -- Made #define's so you can trim the library down by removing
          ciphers, hashs, modes of operation, prngs, and even PK algorithms
          For example, the library with rijndael+ctr+sha1+ECC is 91KB compared
          to the 246kb the full library takes.
       -- Added ECC packet routines for encrypt/decrypt/sign/verify much akin to
          the RSA packet routines.
       -- ECC now compresses the public key, a ECC-192 public key takes 33 bytes 
          for example....

December 28th, 2001
v0.10  -- going to restart the manual from scratch to make it more 
          clear and professional
       -- Added ECC over Z/pZ.  Basically provides as much as DH
          except its faster since the numbers are smaller.  For example,
          A comparable 256-bit ECC key provides as much security as expected
          from a DH key over 1024-bits.
       -- Cleaned up the DH code to not export the symbol "sets[]"
       -- Fixed a bug in the DH code that would not make the correct size 
          random string if you made the key short.  For instance if you wanted 
          a 512-bit DH key it would make a 768-bit one but only make up 512-bits 
          for the exponent... now it makes the full 768 bits [or whatever the case 
          is]
       -- Fixed another ***SERIOUS*** bug in the DH code that would default to 768-bit
          keys by mistake.

December 25th, 2001
v0.09  -- Includes a demo program called file_crypt which shows off
          how to use the library to make a command line tool which
          allows the user to encode/decode a file with any
          hash (on the passphrase) and cipher in CTR mode.
       -- Switched everything to use typedef's now to clear up the code.
       -- Added AES (128/192 and 256 bit key modes)

December 24th, 2001
v0.08  -- fixed a typo in the manual. MPI stores its bignums in
          BIG endian not little.
       -- Started adding a RNG to the library.  Right now it tries
          to open /dev/random and if that fails it uses either the 
          MS CSP or the clock drift RNG.  It also allows callbacks 
          since the drift RNG is slow (about 3.5 bytes/sec)
       -- the RNG can also automatically setup a PRNG as well now

v0.07  -- Added basic DH routines sufficient to 
          negotiate shared secrets 
          [see the manual for a complete example!]
       -- Fixed rsa_import to detect when the input
          could be corrupt.  
       -- added more to the manual.

December 22nd, 2001
v0.06  -- Fixed some formatting errors in 
          the hash functions [just source code cleaning]
       -- Fixed a typo in the error message for sha256 :-)
       -- Fixed an error in base64_encode() that 
          would fail to catch all buffer overruns
       -- Test program times the RSA and symmetric cipher 
          routines for kicks...
       -- Added the "const" modifier to alot of routines to 
          clear up the purpose of each function.
       -- Changed the name of the library to "TomCrypt" 
          following a suggestion from a sci.crypt reader....

v0.05  -- Fixed the ROL/ROR macro to be safe on platforms 
          where unsigned long is not 32-bits
       -- I have added a bit more to the documentation 
          manual "crypt.pdf" provided.
       -- I have added a makefile for LCC-Win32.  It should be 
          easy to port to other LCC platforms by changing a few lines.
       -- Ran a spell checker over the manual.
       -- Changed the header and library from "crypt" to "mycrypt" to not
          clash with the *nix package "crypt".

v0.04  -- Fixed a bug in the RC5,RC6,Blowfish key schedules
          where if the key was not a multiple of 4 bytes it would
          not get loaded correctly.

December 21st, 2001

v0.03  -- Added Serpent to the list of ciphers.

v0.02  -- Changed RC5 to only allow 12 to 24 rounds
       -- Added more to the manual.

v0.01  -- We will call this the first version.
