Add Kalyna block cipher (Issue 411)

Thanks to Roman Oliynykov and Oleksandr Kazymyrov for their assistance. Thanks to Keru Kuro for the reference implementation.
2024-11-23 09:59:42 +00:00 · 2017-05-06 00:24:35 -04:00 · 2017-05-06 00:24:35 -04:00 · a5c67cfdd6
commit a5c67cfdd6
parent 06092259c2
15 changed files with 2717 additions and 13 deletions
--- a/Filelist.txt
+++ b/Filelist.txt
@ -146,6 +146,9 @@ integer.cpp
 integer.h
 iterhash.cpp
 iterhash.h
+kalynatab.cpp
+kalyna.cpp
+kalyna.h
 keccak.cpp
 keccak.h
 lubyrack.h
@ -404,6 +407,7 @@ TestVectors/esign.txt
 TestVectors/gcm.txt
 TestVectors/hkdf.txt
 TestVectors/hmac.txt
+TestVectors/kalyna.txt
 TestVectors/keccak.txt
 TestVectors/mars.txt
 TestVectors/nr.txt
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@ -26,6 +26,7 @@ Test: TestVectors/sha2_fips_180.txt
 Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/aes.txt
+Test: TestVectors/kalyna.txt
 Test: TestVectors/salsa.txt
 Test: TestVectors/chacha.txt
 #Test: TestVectors/tls_chacha.txt
--- a/TestVectors/kalyna.txt
+++ b/TestVectors/kalyna.txt
@ -0,0 +1,41 @@
+AlgorithmType: SymmetricCipher
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 128-bit key, 128-bit block
+Key: 000102030405060708090A0B0C0D0E0F
+BlockSize: 16
+Plaintext: 101112131415161718191A1B1C1D1E1F
+Ciphertext: 81BF1C7D779BAC20E1C9EA39B4D2AD06
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 256-bit key, 128-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+BlockSize: 16
+Plaintext: 202122232425262728292A2B2C2D2E2F
+Ciphertext: 58EC3E091000158A1148F7166F334F14
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 256-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+BlockSize: 32
+Plaintext: 202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Ciphertext: F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 512-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+BlockSize: 32
+Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Ciphertext: 606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 512-bit key, 512-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+BlockSize: 64
+Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Ciphertext: 4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9
+Test: EncryptBlockSize
--- a/bench1.cpp
+++ b/bench1.cpp
@ -559,11 +559,11 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("CAST-128/CTR");
 		BenchMarkByName<SymmetricCipher>("SKIPJACK/CTR");
 		BenchMarkByName<SymmetricCipher>("SEED/CTR", 0, "SEED/CTR (1/2 K table)");
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128)", MakeParameters(Name::BlockSize(), 16));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(128)", MakeParameters(Name::BlockSize(), 16));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256)", MakeParameters(Name::BlockSize(), 32));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(256)", MakeParameters(Name::BlockSize(), 32));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512)", MakeParameters(Name::BlockSize(), 64));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128) (128-bit key)", MakeParameters(Name::BlockSize(), 16));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-128(256) (256-bit key)", MakeParameters(Name::BlockSize(), 16));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256) (256-bit key)", MakeParameters(Name::BlockSize(), 32));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-256(512) (512-bit key)", MakeParameters(Name::BlockSize(), 32));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512) (512-bit key)", MakeParameters(Name::BlockSize(), 64));
 	}

 	std::cout << "\n<TBODY style=\"background: yellow;\">";
--- a/cryptest.nmake
+++ b/cryptest.nmake
@ -48,9 +48,9 @@
 # If you use 'make sources' from Linux makefile, then add 'winpipes.cpp'. Platform specific
 #  classes, like 'rdrand.cpp', should not be included. Add them under the X86 and X64 rules.

-LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
+LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp kalyna.cpp kalynatab.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp

-LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
+LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj kalyna.obj kalynatab.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj

 TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp

--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@ -195,7 +195,7 @@
  <!-- The rule copies cryptest.exe to the project   -->
  <!-- root directory so it can be executed in place -->
  <Target Name="CopyCryptestToRoot">
-    <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe ."/>
+    <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe $(SolutionDir)" />
  </Target>

  <!-- Source Files -->
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@ -75,6 +75,9 @@
    <None Include="TestVectors\hmac.txt">
      <Filter>TestVectors</Filter>
    </None>
+    <None Include="TestVectors\kalyna.txt">
+      <Filter>TestVectors</Filter>
+    </None>
    <None Include="TestVectors\mars.txt">
      <Filter>TestVectors</Filter>
    </None>
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@ -229,6 +229,8 @@
    <ClCompile Include="iterhash.cpp">
      <PrecompiledHeader />
    </ClCompile>
+    <ClCompile Include="kalyna.cpp" />
+    <ClCompile Include="kalynatab.cpp" />
    <ClCompile Include="keccak.cpp" />
    <ClCompile Include="luc.cpp" />
    <ClCompile Include="mars.cpp" />
@ -401,6 +403,7 @@
    <ClInclude Include="idea.h" />
    <ClInclude Include="integer.h" />
    <ClInclude Include="iterhash.h" />
+    <ClInclude Include="kalyna.h" />
    <ClInclude Include="keccak.h" />
    <ClInclude Include="lubyrack.h" />
    <ClInclude Include="luc.h" />
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@ -191,6 +191,12 @@
    <ClCompile Include="iterhash.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
+    <ClCompile Include="kalyna.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="kalynatab.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
    <ClCompile Include="keccak.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
@ -603,6 +609,9 @@
    <ClInclude Include="iterhash.h">
      <Filter>Header Files</Filter>
    </ClInclude>
+    <ClInclude Include="kalyna.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
    <ClInclude Include="keccak.h">
      <Filter>Header Files</Filter>
    </ClInclude>
--- a/datatest.cpp
+++ b/datatest.cpp
@ -380,7 +380,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			SignalTestFailure();

 		ConstByteArrayParameter iv;
-		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && iv.size() != blockSize)
+		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && (int)iv.size() != blockSize)
 			SignalTestFailure();

 		if (test == "Resync")
--- a/kalyna.cpp
+++ b/kalyna.cpp
--- a/kalyna.h
+++ b/kalyna.h
@ -0,0 +1,149 @@
+// kalyna.h - written and placed in the public domain by Jeffrey Walton
+
+//! \file kalyna.h
+//! \brief Classes for the Kalyna block cipher
+//! \details The Crypto++ implementation relied upon three sources. First was Oliynykov, Gorbenko, Kazymyrov,
+//!   Ruzhentsev, Kuznetsov, Gorbenko, Dyrda, Dolgov, Pushkaryov, Mordvinov and Kaidalov's "A New Encryption
+//!   Standard of Ukraine: The Kalyna Block Cipher" (http://eprint.iacr.org/2015/650.pdf). Second was Roman
+//!   Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
+//!  (http://github.com/Roman-Oliynykov/Kalyna-reference). The third resource was Keru Kuro's implementation
+//!   of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding
+//!   implementation that performed better than the reference implementation and out intial attempts.
+
+#ifndef CRYPTOPP_KALYNA_H
+#define CRYPTOPP_KALYNA_H
+
+#include "config.h"
+#include "seckey.h"
+#include "secblock.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+//! \class Kalyna_Info
+//! \brief Kalyna block cipher information
+//! \details Kalyna key sizes and block sizes do not fit well into the library. Rather
+//!   than using VariableKeyLength (which is wrong) or using a GeometricKeyLength
+//!   (a new class), we just unroll it here. Note that the step size, Q, is still
+//!   wrong for this implementation.
+//! \since Crypto++ 6.0
+struct Kalyna_Info : public VariableBlockSize<16, 16, 64>
+{
+    CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "Kalyna";}
+
+    //! \brief The minimum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MIN_KEYLENGTH=16)
+    //! \brief The maximum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MAX_KEYLENGTH=64)
+    //! \brief The default key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(DEFAULT_KEYLENGTH=16)
+    //! \brief The default IV requirements for the algorithm provided as a constant
+    //! \details The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement
+    //!  in cryptlib.h for allowed values.
+    CRYPTOPP_CONSTANT(IV_REQUIREMENT=SimpleKeyingInterface::UNIQUE_IV)
+    //! \brief The default initialization vector length for the algorithm provided as a constant
+    //! \details IV_LENGTH is provided in bytes, not bits. Kalyna has two different block sizes for
+    //!   each key length. This function returns the default block size for the defult key length.
+    CRYPTOPP_CONSTANT(IV_LENGTH=16)
+    //! \brief Provides a valid key length for the algorithm provided by a static function.
+    //! \param keylength the size of the key, in bytes
+    //! \details The key length depends on the block size. For each block size, 128, 256 and 512,
+    //!   the key length can be either the block size or twice the block size. That means the
+    //!   valid key lengths are 126, 256, 512 and 1024. Additionally, it means a key length of,
+    //!   say, 32 could be used with either 128-block size or 256-block size.
+    CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidKeyLength(size_t keylength)
+    {
+        return (keylength >= 64) ? 64 :
+            (keylength >= 32) ? 32 : 16;
+    }
+
+    //! \brief Validates the blocksize for Kalyna.
+    //! \param keylength the key length of the cipher
+    //! \param blocksize the candidate blocksize
+    //! \param alg an Algorithm object used if the blocksize is invalid
+    //! \throws InvalidBlockSize if the blocksize is invalid
+    //! \details ThrowIfInvalidBlockSize() validates the blocksize and throws if invalid.
+    inline void ThrowIfInvalidBlockSize(int blocksize, const Algorithm *alg)
+    {
+        if ( blocksize != 16 &&  blocksize != 32 && blocksize != 64)
+            throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+    }
+
+    //! \brief Validates the blocksize for Kalyna.
+    //! \param keylength the key length of the cipher
+    //! \param blocksize the candidate blocksize
+    //! \param alg an Algorithm object used if the blocksize is invalid
+    //! \throws InvalidBlockSize if the blocksize is invalid
+    //! \details ThrowIfInvalidBlockSize() validates the blocksize under a key and throws if invalid.
+    inline void ThrowIfInvalidBlockSize(int keylength, int blocksize, const Algorithm *alg)
+    {
+        if ( ((keylength == 16) && (blocksize != 16)) ||
+                ((keylength == 32) && (blocksize != 32 && blocksize != 64)) ||
+                ((keylength == 64) && (blocksize != 32 && blocksize != 64)) )
+        {
+            throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+        }
+    }
+};
+
+//! \class Kalyna
+//! \brief Kalyna block cipher
+//! \since Crypto++ 6.0
+class Kalyna : public Kalyna_Info, public BlockCipherDocumentation
+{
+public:
+    class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Kalyna_Info>
+    {
+    public:
+        // Naming follows DSTU 7624:2014, where blocksize is specified first and then key length.
+        // DSTU is a little more complex with more parameters, dashes, underscores. (Thanks RO).
+        std::string AlgorithmName() const {return !BlockSize() ? StaticAlgorithmName() :
+            "Kalyna-" + IntToString(BlockSize())+"("+IntToString(m_kl*8)+")";}
+
+        unsigned int OptimalDataAlignment() const {
+            return GetAlignmentOf<word64>();
+        }
+
+    protected:
+        void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
+        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+    protected:
+        // Visual Studio and C2910: 'Kalyna::Base::SetKey_Template': cannot be explicitly specialized
+        //template <unsigned int NB, unsigned int NK>
+        //  void SetKey_Template(const word64 key[NK]);
+        void SetKey_22(const word64 key[2]);
+        void SetKey_24(const word64 key[4]);
+        void SetKey_44(const word64 key[4]);
+        void SetKey_48(const word64 key[8]);
+        void SetKey_88(const word64 key[8]);
+
+        // Visual Studio and C2910: 'Kalyna::Base::ProcessBlock_Template': cannot be explicitly specialized
+        //template <unsigned int NB, unsigned int NK>
+        //  void ProcessBlock_Template(const word64 inBlock[NB], const word64 outBlock[NB]) const;
+        void ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const;
+
+    private:
+        typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
+        mutable AlignedSecBlock64 m_wspace;  // work space
+        AlignedSecBlock64         m_mkey;    // master key
+        AlignedSecBlock64         m_rkeys;   // round keys
+        unsigned int     m_kl, m_nb, m_nk;   // key length, number 64-bit blocks and keys
+    };
+
+    typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
+    typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+};
+
+typedef Kalyna::Encryption KalynaEncryption;
+typedef Kalyna::Decryption KalynaDecryption;
+
+NAMESPACE_END
+
+#endif  // CRYPTOPP_KALYNA_H
--- a/kalynatab.cpp
+++ b/kalynatab.cpp
--- a/regtest2.cpp
+++ b/regtest2.cpp
@ -30,6 +30,7 @@
 #include "cast.h"
 #include "rc6.h"
 #include "mars.h"
+#include "kalyna.h"
 #include "des.h"
 #include "idea.h"
 #include "rc5.h"
@ -40,7 +41,6 @@
 #include "blowfish.h"
 #include "seed.h"
 #include "wake.h"
-#include "seal.h"
 #include "hkdf.h"

 // For HMAC's
@ -134,8 +134,8 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Blowfish> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
-//	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
-//	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
+	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks

 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
--- a/test.cpp
+++ b/test.cpp
@ -989,7 +989,7 @@ bool Validate(int alg, bool thorough, const char *seedInput)
 	case 78: result = Test::ValidateHashDRBG(); break;
 	case 79: result = Test::ValidateHmacDRBG(); break;

-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	// http://github.com/weidai11/cryptopp/issues/92
 	case 9999: result = Test::TestSecBlock(); break;
 	// http://github.com/weidai11/cryptopp/issues/64