Add HISTORY sections

diff --git a/doc/man/man3/crypto_argon2i.3monocypher b/doc/man/man3/crypto_argon2i.3monocypher
index 80cbdd72fb8394a893ecdf2c2c412c8fc0c93cc7..7e38448949c9e6324501c4e6b882de3ec3918acb 100644 (file)
--- a/doc/man/man3/crypto_argon2i.3monocypher
+++ b/doc/man/man3/crypto_argon2i.3monocypher
@@ -212,6 +212,15 @@ free(work_area);
 .Sh STANDARDS
 These functions implement Argon2i.
 An RFC draft is being maintained.
+.Sh HISTORY
+The
+.Fn crypto_argon2i_general
+function first appeared in Monocypher 0.1 but was called
+.Fn crypto_argon2i ;
+it was renamed to its current name in Monocypher 1.1.0.
+The current
+.Fn crypto_argon2i
+first appeared in Monocypher 1.1.0.
 .Sh CAVEATS
 Any deviation from the specified input and output length ranges results
 in

diff --git a/doc/man/man3/crypto_blake2b.3monocypher b/doc/man/man3/crypto_blake2b.3monocypher
index 7c0f4c92e19ff8215e0e3440e72e6ad73b841580..38cb3edee33080f9914bfd6d2455512e72add35d 100644 (file)
--- a/doc/man/man3/crypto_blake2b.3monocypher
+++ b/doc/man/man3/crypto_blake2b.3monocypher
@@ -208,6 +208,16 @@ crypto_blake2b_final(&ctx, hash);
 .Xr intro 3monocypher
 .Sh STANDARDS
 These functions implement BLAKE2b.
+.Sh HISTORY
+The
+.Fn crypto_blake2b ,
+.Fn crypto_blake2b_general ,
+.Fn crypto_blake2b_general_init ,
+.Fn crypto_blake2b_init ,
+.Fn crypto_blake2b_update ,
+and
+.Fn crypto_blake2b_final
+functions first appeared in Monocypher 0.1.
 .Sh CAVEATS
 Monocypher does not perform any input validation.
 Any deviation from the specified input and output length ranges results

diff --git a/doc/man/man3/crypto_chacha20_H.3monocypher b/doc/man/man3/crypto_chacha20_H.3monocypher
index b46026119f8ca73e7494100cddae77576f60a9f5..5afe75c3fab0b3048a4c3e9f01bb633d789f64ad 100644 (file)
--- a/doc/man/man3/crypto_chacha20_H.3monocypher
+++ b/doc/man/man3/crypto_chacha20_H.3monocypher
@@ -58,5 +58,9 @@ crypto_wipe(in , 16);
 This function implements HChacha20.
 HChacha20 derives from Chacha20 the same way HSalsa20 derives from
 Salsa20.
+.Sh HISTORY
+The
+.Fn crypto_chacha20_H
+function first appeared in Monocypher 0.1.
 .Sh CAVEATS
 .Sy This is not a general-purpose cryptographic hash function .

diff --git a/doc/man/man3/crypto_chacha20_encrypt.3monocypher b/doc/man/man3/crypto_chacha20_encrypt.3monocypher
index 18db6625d01f7e9f946d29a9967e041c014469dc..83c5cd7018af0ccc34f0ab7a155826af289f73ef 100644 (file)
--- a/doc/man/man3/crypto_chacha20_encrypt.3monocypher
+++ b/doc/man/man3/crypto_chacha20_encrypt.3monocypher
@@ -282,6 +282,17 @@ Chacha20 is described in RFC 8439.
 XChacha20 derives from Chacha20 the same way XSalsa20 derives from
 Salsa20, and benefits from the same security reduction (proven secure
 as long as Chacha20 itself is secure).
+.Sh HISTORY
+The
+.Fn crypto_chacha20_encrypt ,
+.Fn crypto_chacha20_init ,
+functions first appeared in Monocypher 0.1.
+.Fn crypto_chacha20_stream
+was added in Monocypher 0.2.
+.Fn crypto_chacha20_x_init
+and
+.Fn crypto_chacha20_set_ctr
+were added in Monocypher 1.0.
 .Sh SECURITY CONSIDERATIONS
 .Ss Encrypted does not mean secure
 Chacha20 only protects against eavesdropping, not forgeries.

diff --git a/doc/man/man3/crypto_kex_x_init_client.3monocypher b/doc/man/man3/crypto_kex_x_init_client.3monocypher
index 8bf0d3eb1930d8332aec0b1334c0ae99cd2200d8..175f3aac4970b787c0254905ea208afcb190f1c1 100644 (file)
--- a/doc/man/man3/crypto_kex_x_init_client.3monocypher
+++ b/doc/man/man3/crypto_kex_x_init_client.3monocypher
@@ -240,6 +240,14 @@ crypto_kex_1_2(&server_ctx, session_key, client_pk, buf);
 .Sh STANDARDS
 These functions are equivalent to an implementation of the X pattern
 of the Noise protocol framework.
+.Sh HISTORY
+The
+.Fn crypto_kex_x_init_client ,
+.Fn crypto_kex_x_init_server ,
+.Fn crypto_kex_x_1 ,
+and
+.Fn crypto_kex_x_2
+functions first appeared in Monocypher 2.1.0.
 .Sh SECURITY CONSIDERATIONS
 Unlike the
 .Xr crypto_kex_xk1_init_client 3monocypher

diff --git a/doc/man/man3/crypto_kex_xk1_init_client.3monocypher b/doc/man/man3/crypto_kex_xk1_init_client.3monocypher
index a9478e4e115f5a02a65fea170037e60b7582764b..ee184377da7dc884b7b683710e4e8785f13e7d22 100644 (file)
--- a/doc/man/man3/crypto_kex_xk1_init_client.3monocypher
+++ b/doc/man/man3/crypto_kex_xk1_init_client.3monocypher
@@ -301,3 +301,13 @@ if (crypto_kex_xk1_4(&server_ctx, session_key, client_pk, buf) != 0)
 .Sh STANDARDS
 These functions are equivalent to an implementation of the XK1 pattern
 of the Noise protocol framework.
+.Sh HISTORY
+The
+.Fn crypto_kex_xk1_init_client ,
+.Fn crypto_kex_xk1_init_server ,
+.Fn crypto_kex_xk1_1 ,
+.Fn crypto_kex_xk1_2 ,
+.Fn crypto_kex_xk1_3 ,
+and
+.Fn crypto_kex_xk1_4
+functions first appeared in Monocypher 2.1.0.

diff --git a/doc/man/man3/crypto_key_exchange.3monocypher b/doc/man/man3/crypto_key_exchange.3monocypher
index 7285628b98bd40508eebcf12a97d4e75f9f039f3..63d41b6717526a8b11f23a82f7246a5b2f5ade2f 100644 (file)
--- a/doc/man/man3/crypto_key_exchange.3monocypher
+++ b/doc/man/man3/crypto_key_exchange.3monocypher
@@ -105,6 +105,13 @@ crypto_wipe(your_sk, 32);
 These functions implement X25519, described in RFC 7748.
 .Fn crypto_key_exchange
 uses HChacha20 as well.
+.Sh HISTORY
+The
+.Fn crypto_key_exchange
+function first appeared in Monocypher 0.2.
+The
+.Fn crypto_key_exchange_public_key
+macro alias first appeared in Monocypher 1.1.0.
 .Sh SECURITY CONSIDERATIONS
 If either of the long term secret keys leaks, it may compromise
 .Em all past messages .

diff --git a/doc/man/man3/crypto_lock.3monocypher b/doc/man/man3/crypto_lock.3monocypher
index 858218e768a3a5fa8473d994372d7971306041ca..54fda1c756afeeccef3d3fc3491dda3c25f2fa7d 100644 (file)
--- a/doc/man/man3/crypto_lock.3monocypher
+++ b/doc/man/man3/crypto_lock.3monocypher
@@ -249,3 +249,13 @@ These functions implement RFC 8439, with XChacha20 instead of Chacha20.
 XChacha20 derives from Chacha20 the same way XSalsa20 derives from
 Salsa20, and benefits from the same security reduction (proven secure
 as long as Chacha20 itself is secure).
+.Sh HISTORY
+The
+.Fn crypto_lock
+and
+.Fn crypto_unlock
+functions first appeared in Monocypher 0.1.
+.Fn crypto_lock_aead
+and
+.Fn crypto_unlock_aead
+were introduced in Monocypher 1.1.0.

diff --git a/doc/man/man3/crypto_lock_init.3monocypher b/doc/man/man3/crypto_lock_init.3monocypher
index d8c6802031dc690c5239673e287373f3fba2c8fd..68d52d37d7888b9ff9a94514f16ee5b870823f3d 100644 (file)
--- a/doc/man/man3/crypto_lock_init.3monocypher
+++ b/doc/man/man3/crypto_lock_init.3monocypher
@@ -273,6 +273,20 @@ These functions implement RFC 8439, with XChacha20 instead of Chacha20.
 XChacha20 derives from Chacha20 the same way XSalsa20 derives from
 Salsa20, and benefits from the same security reduction (proven secure
 as long as Chacha20 itself is secure).
+.Sh HISTORY
+The
+.Fn crypto_lock_init ,
+.Fn crypto_lock_auth_ad ,
+.Fn crypto_lock_auth_message ,
+.Fn crypto_lock_update ,
+.Fn crypto_lock_final ,
+.Fn crypto_unlock_init ,
+.Fn crypto_unlock_auth_ad ,
+.Fn crypto_unlock_auth_message ,
+.Fn crypto_unlock_update ,
+and
+.Fn crypto_unlock_final
+functions first appeared in Monocypher 1.1.0.
 .Sh SECURITY CONSIDERATIONS
 Messages are not verified until the call to
 .Fn crypto_unlock_final .

diff --git a/doc/man/man3/crypto_memcmp.3monocypher b/doc/man/man3/crypto_memcmp.3monocypher
index 1d92e263559f11945fef95187d076e5667837519..74362a61044463237e2c907211cb3876d390d27e 100644 (file)
--- a/doc/man/man3/crypto_memcmp.3monocypher
+++ b/doc/man/man3/crypto_memcmp.3monocypher
@@ -36,3 +36,10 @@ instead.
 .Sh SEE ALSO
 .Xr crypto_verify16 3monocypher ,
 .Xr intro 3monocypher
+.Sh HISTORY
+The
+.Fn crypto_memcmp
+function first appeared in Monocypher 0.1.
+.Fn crypto_zerocmp
+was introduced in Monocypher 0.6.
+These functions were removed in Monocypher 1.1.0.

diff --git a/doc/man/man3/crypto_poly1305.3monocypher b/doc/man/man3/crypto_poly1305.3monocypher
index bf8dd761d1068c0f34362e7eaed805bc5dc231be..72358c68c501affdd8067023d7f68d5e150c9f1a 100644 (file)
--- a/doc/man/man3/crypto_poly1305.3monocypher
+++ b/doc/man/man3/crypto_poly1305.3monocypher
@@ -135,6 +135,15 @@ crypto_poly1305_final(&ctx, mac);
 .Xr intro 3monocypher
 .Sh STANDARDS
 These functions implement Poly1305, described in RFC 8439.
+.Sh HISTORY
+The
+.Fn crypto_poly1305_init ,
+.Fn crypto_poly1305_update ,
+and
+.Fn crypto_poly1305_final
+functions first appeared in Monocypher 0.1.
+.Fn crypto_poly1305
+first appeared in Monocypher 1.1.0.
 .Sh SECURITY CONSIDERATIONS
 Poly1305 is difficult to use correctly.
 Do not use it unless you are absolutely sure what you are doing.

diff --git a/doc/man/man3/crypto_sign.3monocypher b/doc/man/man3/crypto_sign.3monocypher
index 0d28caf2b40e0a1525e223770376f643ac319580..aa11ff133e8939c8894a820922d02c5c48b19380 100644 (file)
--- a/doc/man/man3/crypto_sign.3monocypher
+++ b/doc/man/man3/crypto_sign.3monocypher
@@ -138,6 +138,13 @@ if (crypto_check(signature, pk, message, 500)) {
 These functions implement PureEdDSA with Curve25519 and Blake2b, as
 described in RFC 8032.
 This is the same as Ed25519, with Blake2b instead of SHA-512.
+.Sh HISTORY
+The
+.Fn crypto_sign ,
+.Fn crypto_check ,
+and
+.Fn crypto_sign_public_key
+functions appeared in Monocypher 0.2.
 .Sh SECURITY CONSIDERATIONS
 .Ss Signature malleability
 EdDSA signatures are not unique like cryptographic hashes.

diff --git a/doc/man/man3/crypto_sign_init_first_pass.3monocypher b/doc/man/man3/crypto_sign_init_first_pass.3monocypher
index 59bc2b88792a72c2d96711790cb7e290efca5a84..ec5eb99ca61895e5304f64e5ce3b6331b1ded64d 100644 (file)
--- a/doc/man/man3/crypto_sign_init_first_pass.3monocypher
+++ b/doc/man/man3/crypto_sign_init_first_pass.3monocypher
@@ -164,6 +164,17 @@ if (crypto_check_final(&ctx)) {
 These functions implement PureEdDSA with Curve25519 and Blake2b, as
 described in RFC 8032.
 This is the same as Ed25519, with Blake2b instead of SHA-512.
+.Sh HISTORY
+The
+.Fn crypto_sign_init_first_pass ,
+.Fn crypto_sign_update ,
+.Fn crypto_sign_final ,
+.Fn crypto_sign_init_second_pass ,
+.Fn crypto_check_init ,
+.Fn crypto_check_update ,
+and
+.Fn crypto_check_final
+functions first appeared in Monocypher 1.1.0.
 .Sh SECURITY CONSIDERATIONS
 Messages are not verified until the call to
 .Fn crypto_check_final .

diff --git a/doc/man/man3/crypto_verify16.3monocypher b/doc/man/man3/crypto_verify16.3monocypher
index 36f6428220e5693c427b431587ac5deb210bc54b..6bfe691547450a939f6635640843eb08c8f4c8af 100644 (file)
--- a/doc/man/man3/crypto_verify16.3monocypher
+++ b/doc/man/man3/crypto_verify16.3monocypher
@@ -61,3 +61,14 @@ These functions return 0 if the two memory chunks are the same, -1
 otherwise.
 .Sh SEE ALSO
 .Xr intro 3monocypher
+.Sh HISTORY
+The
+.Fn crypto_verify16 ,
+.Fn crypto_verify32 ,
+.Fn crypto_verify64
+functions first appeared in Monocypher 1.1.0.
+They replaced the
+.Fn crypto_memcmp
+and
+.Fn crypto_zerocmp
+functions that were present until Monocypher 1.0.1.

diff --git a/doc/man/man3/crypto_wipe.3monocypher b/doc/man/man3/crypto_wipe.3monocypher
index 6f215dab61cbde1f419826af62245ea7783e5484..a45ce1271ce9ae8896fc64a8f510634bb367d4f8 100644 (file)
--- a/doc/man/man3/crypto_wipe.3monocypher
+++ b/doc/man/man3/crypto_wipe.3monocypher
@@ -52,3 +52,7 @@ for instructions on how to lock down memory on common operating systems.
 This function returns nothing.
 .Sh SEE ALSO
 .Xr intro 3monocypher
+.Sh HISTORY
+The
+.Fn crypto_wipe
+function first appeared in Monocypher 1.1.0.

diff --git a/doc/man/man3/crypto_x25519.3monocypher b/doc/man/man3/crypto_x25519.3monocypher
index 07053e33805d3ec47c6109ec5b533dd5ae250983..34ef89aca1f870fc52036dcf3208112ec3f4a544 100644 (file)
--- a/doc/man/man3/crypto_x25519.3monocypher
+++ b/doc/man/man3/crypto_x25519.3monocypher
@@ -101,6 +101,12 @@ crypto_wipe(shared_secret, 32);
 .Xr intro 3monocypher
 .Sh STANDARDS
 This function implements X25519, described in RFC 7748.
+.Sh HISTORY
+The
+.Fn crypto_x25519 ,
+and
+.Fn crypto_x25519_public_key
+functions first appeared in Monocypher 0.1.
 .Sh SECURITY CONSIDERATIONS
 If either of the long term secret keys leaks, it may compromise
 .Em all past messages .