EdDSA: Backport versions 0.2/0.3 from github:

- Change key encoding to match curdle draft
- Support key decoding based on curdle draft
- Implement true constant-time cmov()
- Add handling of X509Key-wrapped EdDSA keys (GitHub PR #47)
- Clarify that KeyPairGenerator takes a key size, not strength
- Javadocs
GitHub PR #58:
- Make GroupElement immutable by moving the pre-computed logic to the constructors,
  allowing the synchronized checking of whether the pre-computed logic had executed or not
  to be removed since it always has when it is used because those code paths
  are modified to request it at construction time.
- This allows getNegativeA() to be lazy, and doesn't need volatile due to the immutability
  (and final fields - this is important part of the contract with the JVM memory model).
- Remove synchronized contention from the named curve table get method.
- Generally remove use of the named curve table get method with a constant curve name
  in hot code paths in favour of using a new static constant for the curve spec.
Overall performance changes:
- Keygen 46% faster
- Signing 39% slower (due to cmov)
- Verify 2% faster

router/java/src/net/i2p/router/RouterVersion.java

@@ -18,7 +18,7 @@ public class RouterVersion {
     /** deprecated */
     public final static String ID = "Monotone";
     public final static String VERSION = CoreVersion.VERSION;
-    public final static long BUILD = 2;
+    public final static long BUILD = 3;
 
     /** for example "-test" */
     public final static String EXTRA = "";