So it looks like sed added a '\r' between the closing paren and the semi. Grepping for '^;' failed because the '\r' was considered part of the previous line, so it showed no hits. I finally had to write a C program to properly identify and fix those damn stray semicolons.
VariableBlockSize and VariableBlockCipherImpl were added at Commit bd8edfa87b. Reflecting on FixedKeyLength and VariableKeyLength, the const KEYLENGTH is only provided by FixedKeyLength. VariableKeyLength provides DEFAULT_KEYLENGTH. This check-in makes VariableBlockSize follow VariableKeyLength.
This check-in also splits block size and iv length. Its conceivable we will encounter a cipher with a block size of 128-bits with an iv of 256-bits. The bd8edfa87b check-in could not handle the difference, so we fix it now.
This should lead the way for more modern block ciphers like Threefish and Kalyna. It tested well with both regular cipher modes (the mode has an instance of the cipher) and external cipher modes (the cipher and mode are distinct objects, and the mode holds a reference to the cipher).
We still have to work out the details of naming a cipher. For example, Kalyna with a 128-bit key can use a 128-bit or 256-bit block size. Kalyna-128 is not enough to describe the algorithm and locate it in the object registry. Kalyna-128-128 looks kind of weird; maybe Kalyna-128(128) or Kalyna-128(256) would be better.
Here are the initial test cases to verify functionality:
byte key[64] = {}, iv[32] = {};
ECB_Mode<Kalyna>::Encryption enc1;
enc1.SetKey(key, 16);
CBC_Mode<Kalyna>::Encryption enc2;
enc2.SetKeyWithIV(key, 16, iv);
AlgorithmParameters params = MakeParameters
(Name::BlockSize(), 32)
(Name::IV(), ConstByteArrayParameter(iv, 32));
CTR_Mode<Kalyna>::Encryption enc3;
enc3.SetKey(key, 16, params);
CBC_Mode<Kalyna>::Encryption enc4;
enc4.SetKey(key, 32, params);
Kalyna::Encryption enc5;
ECB_Mode_ExternalCipher::Encryption ecb(enc5);
ecb.SetKey(key, 16, params);
Kalyna::Encryption enc6;
ECB_Mode_ExternalCipher::Encryption cbc(enc6);
cbc.SetKey(key, 32, params);
Coarse grained benchmarking with GCC 4.8 at -O2 using 'time' and 'cryptest.exe' shows we shaved about 100ms to 150ms off the running time. We are ready to break the 1-second mark for the running time (its elluded me for some time now)
- added AuthenticatedSymmetricCipher interface class and Filter wrappers
- added CCM, GCM (with SSE2 assembly), CMAC, and SEED
- improved AES speed on x86 and x64
- removed WORD64_AVAILABLE; compiler 64-bit int support is now required