Continuing demagication and factoring of field code.

Removing high-level ops from p448.h and putting them in field.h.  That way they
won't need rewriting for new fields and architectures.

Create constant_time.h which contains constant-time lookups, condswaps, etc.
That way the code is the same on all architectures, instead of varying depending
on whether the field size is a multiple of the vector register size.  I should
still add a constant_time_select to factor out field_cond_negate.

TODO: I need to test this for correctness and performance on various platforms.
It works on my Mac, but since Yosemite the timing is totally unpredictable
(background tasks?  variable boost?).

Create new src/arithmetic.c for field-independent arithmetic (eg batch invert, is_square).

Replace p448_ with field_ where possible.

Create constant EDWARDS_D = -39081.

Create inline function field_mulw_scc for multiplying by compile-time signed curve constants.

Rework the directory structure into something saner, with src/ test/ include/ and build/

Beginning some tests.  Also, now support scan-build.

Now support 32-bit including vectorless ARM.  NEON is not yet supported, because I don't
have a test machine.

Many internal changes, improvements, and bug fixes.

Changed the formats of private keys and shared secrets.

Added SHA512 support.  It's slow and probably has endian bugs.

Signatures are now supported.

Renamed a bunch of internal functions to be more readable and
consistent.

Began documenting functions with Doxygen.

See HISTORY.txt for more details.