- add EAX mode, XSalsa20

- speed up GCM key setup
- wipe stack in AES assembly code
- speed up CFB mode

1 files changed, 24 insertions, 2 deletions

diff --git a/salsa.h b/salsa.h
index 69dbd2c5..49af8854 100755
--- a/salsa.h
+++ b/salsa.h
@@ -13,7 +13,7 @@ struct Salsa20_Info : public VariableKeyLength<32, 16, 32, 16, SimpleKeyingInter
 	static const char *StaticAlgorithmName() {return "Salsa20";}
 };
 
-class CRYPTOPP_NO_VTABLE Salsa20_Policy : public AdditiveCipherConcretePolicy<word32, 16>, public Salsa20_Info
+class CRYPTOPP_NO_VTABLE Salsa20_Policy : public AdditiveCipherConcretePolicy<word32, 16>
 {
 protected:
 	void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
@@ -26,7 +26,6 @@ protected:
 	unsigned int GetOptimalBlockSize() const;
 #endif
 
-private:
 	FixedSizeAlignedSecBlock<word32, 16> m_state;
 	int m_rounds;
 };
@@ -38,6 +37,29 @@ struct Salsa20 : public Salsa20_Info, public SymmetricCipherDocumentation
 	typedef Encryption Decryption;
 };
 
+//! _
+struct XSalsa20_Info : public FixedKeyLength<32, SimpleKeyingInterface::UNIQUE_IV, 24>
+{
+	static const char *StaticAlgorithmName() {return "XSalsa20";}
+};
+
+class CRYPTOPP_NO_VTABLE XSalsa20_Policy : public Salsa20_Policy
+{
+public:
+	void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
+	void CipherResynchronize(byte *keystreamBuffer, const byte *IV, size_t length);
+
+protected:
+	FixedSizeSecBlock<word32, 8> m_key;
+};
+
+/// <a href="http://www.cryptolounge.org/wiki/XSalsa20">XSalsa20</a>, variable rounds: 8, 12 or 20 (default 20)
+struct XSalsa20 : public XSalsa20_Info, public SymmetricCipherDocumentation
+{
+	typedef SymmetricCipherFinal<ConcretePolicyHolder<XSalsa20_Policy, AdditiveCipherTemplate<> >, XSalsa20_Info> Encryption;
+	typedef Encryption Decryption;
+};
+
 NAMESPACE_END
 
 #endif