Stop signed left shift overflows in ed25519

The new ed25519 code contains some signed left shifts of negative numbers, which clang identifies as runtime errors.

Under -ftrapv, this causes a trap/crash.

Without -ftrapv, this causes about 100 warnings during the tests like: crypto/ed25519_simple: src/ext/ed25519/ref10/ge_scalarmult_base.c:42:48: runtime error: left shift of negative value -2 (log attached)

A patch is attached that performs potentially overflowing left shifts in unsigned arithmetic. Macros SHL64 and SHL32 are defined for convenience.

This is my first patch using git format-patch with a changes entry - let me know if it needs revising.

Version: tor 2.6.?-alpha git: 5190ec0bc4c22d7bab756e21db6e357ba07379c4