summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2021-05-24 19:47:33 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2021-05-24 19:47:33 +0700
commit7519bacebd39868c9970799ad41ede7892a4a68d (patch)
treef87b7e973b1475baaa49e7e809a7fbf2a11c03bd
parentAdd support for ARIA (diff)
downloadBouncyCastle.NET-ed25519-7519bacebd39868c9970799ad41ede7892a4a68d.tar.xz
Fix project files plus portability fixes
-rw-r--r--crypto/BouncyCastle.Android.csproj11
-rw-r--r--crypto/BouncyCastle.csproj11
-rw-r--r--crypto/BouncyCastle.iOS.csproj11
-rw-r--r--crypto/crypto.csproj80
-rw-r--r--crypto/src/crypto/digests/ParallelHash.cs390
-rw-r--r--crypto/src/crypto/digests/TupleHash.cs234
-rw-r--r--crypto/src/crypto/fpe/FpeEngine.cs146
-rw-r--r--crypto/src/crypto/fpe/FpeFf1Engine.cs103
-rw-r--r--crypto/src/crypto/fpe/FpeFf3_1Engine.cs105
-rw-r--r--crypto/src/crypto/fpe/SP80038G.cs20
-rw-r--r--crypto/src/crypto/modes/GcmSivBlockCipher.cs1861
-rw-r--r--crypto/src/crypto/util/BasicAlphabetMapper.cs150
-rw-r--r--crypto/src/crypto/util/Pack.cs98
-rw-r--r--crypto/src/security/SecureRandom.cs4
-rw-r--r--crypto/src/util/Arrays.cs1
-rw-r--r--crypto/src/util/Bytes.cs4
-rw-r--r--crypto/src/util/Integers.cs4
-rw-r--r--crypto/src/util/Longs.cs4
-rw-r--r--crypto/src/util/io/Streams.cs8
-rw-r--r--crypto/test/UnitTests.csproj7
-rw-r--r--crypto/test/src/crypto/test/GcmSivTest.cs791
-rw-r--r--crypto/test/src/crypto/test/ParallelHashTest.cs163
-rw-r--r--crypto/test/src/crypto/test/RegressionTest.cs6
-rw-r--r--crypto/test/src/crypto/test/SP80038GTest.cs793
-rw-r--r--crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfxbin2778 -> 0 bytes
-rw-r--r--crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfxbin2693 -> 0 bytes
-rw-r--r--crypto/test/src/crypto/test/TupleHashTest.cs136
-rw-r--r--crypto/test/src/openpgp/test/PGPArmoredTest.cs5
-rw-r--r--crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs5
-rw-r--r--crypto/test/src/openpgp/test/PGPCompressionTest.cs7
-rw-r--r--crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PGPDSATest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs4
-rw-r--r--crypto/test/src/openpgp/test/PGPPBETest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PGPPacketTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PGPRSATest.cs4
-rw-r--r--crypto/test/src/openpgp/test/PGPSignatureTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PgpECDHTest.cs5
-rw-r--r--crypto/test/src/openpgp/test/PgpECDsaTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PgpECMessageTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PgpFeaturesTest.cs30
-rw-r--r--crypto/test/src/openpgp/test/PgpKeyRingTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PgpMarkerTest.cs4
-rw-r--r--crypto/test/src/openpgp/test/PgpParsingTest.cs3
-rw-r--r--crypto/test/src/openpgp/test/PgpUnicodeTest.cs23
-rw-r--r--crypto/test/src/openpgp/test/RegressionTest.cs7
46 files changed, 2691 insertions, 2571 deletions
diff --git a/crypto/BouncyCastle.Android.csproj b/crypto/BouncyCastle.Android.csproj
index af8757ff7..0f15e30ab 100644
--- a/crypto/BouncyCastle.Android.csproj
+++ b/crypto/BouncyCastle.Android.csproj
@@ -671,6 +671,7 @@
     <Compile Include="src\crypto\CipherKeyGenerator.cs" />
     <Compile Include="src\crypto\CryptoException.cs" />
     <Compile Include="src\crypto\DataLengthException.cs" />
+    <Compile Include="src\crypto\IAlphabetMapper.cs" />
     <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" />
     <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" />
     <Compile Include="src\crypto\IBasicAgreement.cs" />
@@ -759,6 +760,7 @@
     <Compile Include="src\crypto\digests\MD5Digest.cs" />
     <Compile Include="src\crypto\digests\NonMemoableDigest.cs" />
     <Compile Include="src\crypto\digests\NullDigest.cs" />
+    <Compile Include="src\crypto\digests\ParallelHash.cs" />
     <Compile Include="src\crypto\digests\RipeMD128Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD160Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD256Digest.cs" />
@@ -776,6 +778,7 @@
     <Compile Include="src\crypto\digests\SkeinDigest.cs" />
     <Compile Include="src\crypto\digests\SkeinEngine.cs" />
     <Compile Include="src\crypto\digests\TigerDigest.cs" />
+    <Compile Include="src\crypto\digests\TupleHash.cs" />
     <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" />
     <Compile Include="src\crypto\digests\XofUtils.cs" />
     <Compile Include="src\crypto\ec\CustomNamedCurves.cs" />
@@ -839,6 +842,10 @@
     <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" />
     <Compile Include="src\crypto\engines\XSalsa20Engine.cs" />
     <Compile Include="src\crypto\engines\XTEAEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" />
+    <Compile Include="src\crypto\fpe\SP80038G.cs" />
     <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" />
     <Compile Include="src\crypto\generators\BCrypt.cs" />
     <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" />
@@ -904,6 +911,7 @@
     <Compile Include="src\crypto\modes\CtsBlockCipher.cs" />
     <Compile Include="src\crypto\modes\EAXBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GCMBlockCipher.cs" />
+    <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadCipher.cs" />
@@ -976,6 +984,7 @@
     <Compile Include="src\crypto\parameters\ElGamalParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" />
+    <Compile Include="src\crypto\parameters\FpeParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" />
@@ -1229,6 +1238,7 @@
     <Compile Include="src\crypto\tls\UseSrtpData.cs" />
     <Compile Include="src\crypto\tls\UserMappingType.cs" />
     <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" />
+    <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" />
     <Compile Include="src\crypto\util\CipherFactory.cs" />
     <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" />
     <Compile Include="src\crypto\util\Pack.cs" />
@@ -1563,6 +1573,7 @@
     <Compile Include="src\tsp\TimeStampTokenInfo.cs" />
     <Compile Include="src\util\Arrays.cs" />
     <Compile Include="src\util\BigIntegers.cs" />
+    <Compile Include="src\util\Bytes.cs" />
     <Compile Include="src\util\Enums.cs" />
     <Compile Include="src\util\IMemoable.cs" />
     <Compile Include="src\util\Integers.cs" />
diff --git a/crypto/BouncyCastle.csproj b/crypto/BouncyCastle.csproj
index ab6f3fee5..f7a15d49f 100644
--- a/crypto/BouncyCastle.csproj
+++ b/crypto/BouncyCastle.csproj
@@ -665,6 +665,7 @@
     <Compile Include="src\crypto\CipherKeyGenerator.cs" />
     <Compile Include="src\crypto\CryptoException.cs" />
     <Compile Include="src\crypto\DataLengthException.cs" />
+    <Compile Include="src\crypto\IAlphabetMapper.cs" />
     <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" />
     <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" />
     <Compile Include="src\crypto\IBasicAgreement.cs" />
@@ -753,6 +754,7 @@
     <Compile Include="src\crypto\digests\MD5Digest.cs" />
     <Compile Include="src\crypto\digests\NonMemoableDigest.cs" />
     <Compile Include="src\crypto\digests\NullDigest.cs" />
+    <Compile Include="src\crypto\digests\ParallelHash.cs" />
     <Compile Include="src\crypto\digests\RipeMD128Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD160Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD256Digest.cs" />
@@ -770,6 +772,7 @@
     <Compile Include="src\crypto\digests\SkeinDigest.cs" />
     <Compile Include="src\crypto\digests\SkeinEngine.cs" />
     <Compile Include="src\crypto\digests\TigerDigest.cs" />
+    <Compile Include="src\crypto\digests\TupleHash.cs" />
     <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" />
     <Compile Include="src\crypto\digests\XofUtils.cs" />
     <Compile Include="src\crypto\ec\CustomNamedCurves.cs" />
@@ -833,6 +836,10 @@
     <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" />
     <Compile Include="src\crypto\engines\XSalsa20Engine.cs" />
     <Compile Include="src\crypto\engines\XTEAEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" />
+    <Compile Include="src\crypto\fpe\SP80038G.cs" />
     <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" />
     <Compile Include="src\crypto\generators\BCrypt.cs" />
     <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" />
@@ -898,6 +905,7 @@
     <Compile Include="src\crypto\modes\CtsBlockCipher.cs" />
     <Compile Include="src\crypto\modes\EAXBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GCMBlockCipher.cs" />
+    <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadCipher.cs" />
@@ -970,6 +978,7 @@
     <Compile Include="src\crypto\parameters\ElGamalParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" />
+    <Compile Include="src\crypto\parameters\FpeParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" />
@@ -1223,6 +1232,7 @@
     <Compile Include="src\crypto\tls\UseSrtpData.cs" />
     <Compile Include="src\crypto\tls\UserMappingType.cs" />
     <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" />
+    <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" />
     <Compile Include="src\crypto\util\CipherFactory.cs" />
     <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" />
     <Compile Include="src\crypto\util\Pack.cs" />
@@ -1557,6 +1567,7 @@
     <Compile Include="src\tsp\TimeStampTokenInfo.cs" />
     <Compile Include="src\util\Arrays.cs" />
     <Compile Include="src\util\BigIntegers.cs" />
+    <Compile Include="src\util\Bytes.cs" />
     <Compile Include="src\util\Enums.cs" />
     <Compile Include="src\util\IMemoable.cs" />
     <Compile Include="src\util\Integers.cs" />
diff --git a/crypto/BouncyCastle.iOS.csproj b/crypto/BouncyCastle.iOS.csproj
index 3f776b98e..64bb4fdf9 100644
--- a/crypto/BouncyCastle.iOS.csproj
+++ b/crypto/BouncyCastle.iOS.csproj
@@ -666,6 +666,7 @@
     <Compile Include="src\crypto\CipherKeyGenerator.cs" />
     <Compile Include="src\crypto\CryptoException.cs" />
     <Compile Include="src\crypto\DataLengthException.cs" />
+    <Compile Include="src\crypto\IAlphabetMapper.cs" />
     <Compile Include="src\crypto\IAsymmetricBlockCipher.cs" />
     <Compile Include="src\crypto\IAsymmetricCipherKeyPairGenerator.cs" />
     <Compile Include="src\crypto\IBasicAgreement.cs" />
@@ -754,6 +755,7 @@
     <Compile Include="src\crypto\digests\MD5Digest.cs" />
     <Compile Include="src\crypto\digests\NonMemoableDigest.cs" />
     <Compile Include="src\crypto\digests\NullDigest.cs" />
+    <Compile Include="src\crypto\digests\ParallelHash.cs" />
     <Compile Include="src\crypto\digests\RipeMD128Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD160Digest.cs" />
     <Compile Include="src\crypto\digests\RipeMD256Digest.cs" />
@@ -771,6 +773,7 @@
     <Compile Include="src\crypto\digests\SkeinDigest.cs" />
     <Compile Include="src\crypto\digests\SkeinEngine.cs" />
     <Compile Include="src\crypto\digests\TigerDigest.cs" />
+    <Compile Include="src\crypto\digests\TupleHash.cs" />
     <Compile Include="src\crypto\digests\WhirlpoolDigest.cs" />
     <Compile Include="src\crypto\digests\XofUtils.cs" />
     <Compile Include="src\crypto\ec\CustomNamedCurves.cs" />
@@ -834,6 +837,10 @@
     <Compile Include="src\crypto\engines\VMPCKSA3Engine.cs" />
     <Compile Include="src\crypto\engines\XSalsa20Engine.cs" />
     <Compile Include="src\crypto\engines\XTEAEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeEngine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf1Engine.cs" />
+    <Compile Include="src\crypto\fpe\FpeFf3_1Engine.cs" />
+    <Compile Include="src\crypto\fpe\SP80038G.cs" />
     <Compile Include="src\crypto\generators\BaseKdfBytesGenerator.cs" />
     <Compile Include="src\crypto\generators\BCrypt.cs" />
     <Compile Include="src\crypto\generators\DHBasicKeyPairGenerator.cs" />
@@ -899,6 +906,7 @@
     <Compile Include="src\crypto\modes\CtsBlockCipher.cs" />
     <Compile Include="src\crypto\modes\EAXBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GCMBlockCipher.cs" />
+    <Compile Include="src\crypto\modes\GcmSivBlockCipher.cs" />
     <Compile Include="src\crypto\modes\GOFBBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadBlockCipher.cs" />
     <Compile Include="src\crypto\modes\IAeadCipher.cs" />
@@ -971,6 +979,7 @@
     <Compile Include="src\crypto\parameters\ElGamalParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPrivateKeyParameters.cs" />
     <Compile Include="src\crypto\parameters\ElGamalPublicKeyParameters.cs" />
+    <Compile Include="src\crypto\parameters\FpeParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyGenerationParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410KeyParameters.cs" />
     <Compile Include="src\crypto\parameters\GOST3410Parameters.cs" />
@@ -1224,6 +1233,7 @@
     <Compile Include="src\crypto\tls\UseSrtpData.cs" />
     <Compile Include="src\crypto\tls\UserMappingType.cs" />
     <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" />
+    <Compile Include="src\crypto\util\BasicAlphabetMapper.cs" />
     <Compile Include="src\crypto\util\CipherFactory.cs" />
     <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" />
     <Compile Include="src\crypto\util\Pack.cs" />
@@ -1558,6 +1568,7 @@
     <Compile Include="src\tsp\TimeStampTokenInfo.cs" />
     <Compile Include="src\util\Arrays.cs" />
     <Compile Include="src\util\BigIntegers.cs" />
+    <Compile Include="src\util\Bytes.cs" />
     <Compile Include="src\util\Enums.cs" />
     <Compile Include="src\util\IMemoable.cs" />
     <Compile Include="src\util\Integers.cs" />
diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj
index e39070c66..a4b45afc3 100644
--- a/crypto/crypto.csproj
+++ b/crypto/crypto.csproj
@@ -3214,6 +3214,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\IAlphabetMapper.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\IAsymmetricBlockCipher.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -3649,6 +3654,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\digests\ParallelHash.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\digests\RIPEMD128Digest.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -3734,6 +3744,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\digests\TupleHash.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\digests\WhirlpoolDigest.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -4049,6 +4064,26 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\fpe\FpeEngine.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
+                    RelPath = "src\crypto\fpe\FpeFf1Engine.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
+                    RelPath = "src\crypto\fpe\FpeFf3_1Engine.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
+                    RelPath = "src\crypto\fpe\SP80038G.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\generators\BaseKDFBytesGenerator.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -4374,6 +4409,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\modes\GcmSivBlockCipher.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\modes\GOFBBlockCipher.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -4734,6 +4774,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\parameters\FpeParameters.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\parameters\GOST3410KeyGenerationParameters.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -6004,6 +6049,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\crypto\util\BasicAlphabetMapper.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\crypto\util\CipherFactory.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -7674,6 +7724,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "src\util\Bytes.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "src\util\Enums.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -12387,6 +12442,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "test\src\crypto\test\GcmSivTest.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "test\src\crypto\test\GCMTest.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -12562,6 +12622,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "test\src\crypto\test\ParallelHashTest.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "test\src\crypto\test\Pkcs12Test.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -12807,6 +12872,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "test\src\crypto\test\SP80038GTest.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "test\src\crypto\test\SRP6Test.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -12852,6 +12922,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "test\src\crypto\test\TupleHashTest.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "test\src\crypto\test\TwofishTest.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
@@ -13307,6 +13382,11 @@
                     BuildAction = "Compile"
                 />
                 <File
+                    RelPath = "test\src\openpgp\test\PgpFeaturesTest.cs"
+                    SubType = "Code"
+                    BuildAction = "Compile"
+                />
+                <File
                     RelPath = "test\src\openpgp\test\PgpKeyRingTest.cs"
                     SubType = "Code"
                     BuildAction = "Compile"
diff --git a/crypto/src/crypto/digests/ParallelHash.cs b/crypto/src/crypto/digests/ParallelHash.cs
index 1e42d86ab..7d9be7618 100644
--- a/crypto/src/crypto/digests/ParallelHash.cs
+++ b/crypto/src/crypto/digests/ParallelHash.cs
@@ -1,210 +1,210 @@
 using System;
-using System.Diagnostics;
 
 using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Digests
 {
-	/// <summary>
+    /// <summary>
     /// ParallelHash - a hash designed  to  support the efficient hashing of very long strings, by taking advantage,
-	/// of the parallelism available in modern processors with an optional XOF mode.
-	/// <para>
-	/// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash
-	/// </para>
+    /// of the parallelism available in modern processors with an optional XOF mode.
+    /// <para>
+    /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash
+    /// </para>
     /// </summary>
-	public class ParallelHash
-	    : IXof, IDigest
-	{
-	    private static readonly byte[] N_PARALLEL_HASH = Strings.ToByteArray("ParallelHash");
-
-	    private readonly CShakeDigest cshake;
-	    private readonly CShakeDigest compressor;
-	    private readonly int bitLength;
-	    private readonly int outputLength;
-	    private readonly int B;
-	    private readonly byte[] buffer;
-	    private readonly byte[] compressorBuffer;
-
-	    private bool firstOutput;
-	    private int nCount;
-	    private int bufOff;
-
-	    /**
+    public class ParallelHash
+        : IXof, IDigest
+    {
+        private static readonly byte[] N_PARALLEL_HASH = Strings.ToByteArray("ParallelHash");
+
+        private readonly CShakeDigest cshake;
+        private readonly CShakeDigest compressor;
+        private readonly int bitLength;
+        private readonly int outputLength;
+        private readonly int B;
+        private readonly byte[] buffer;
+        private readonly byte[] compressorBuffer;
+
+        private bool firstOutput;
+        private int nCount;
+        private int bufOff;
+
+        /**
 	     * Base constructor.
 	     *
 	     * @param bitLength bit length of the underlying SHAKE function, 128 or 256.
 	     * @param S the customization string - available for local use.
 	     * @param B the blocksize (in bytes) for hashing.
 	     */
-	    public ParallelHash(int bitLength, byte[] S, int B): this(bitLength, S, B, bitLength * 2)
-		{
-
-		}
-
-	    public ParallelHash(int bitLength, byte[] S, int B, int outputSize)
-	    {
-		this.cshake = new CShakeDigest(bitLength, N_PARALLEL_HASH, S);
-		this.compressor = new CShakeDigest(bitLength, new byte[0], new byte[0]);
-		this.bitLength = bitLength;
-		this.B = B;
-		this.outputLength = (outputSize + 7) / 8;
-		this.buffer = new byte[B];
-		this.compressorBuffer = new byte[bitLength * 2 / 8];
-
-		Reset();
-	    }
-
-	    public ParallelHash(ParallelHash source)
-	    {
-		this.cshake = new CShakeDigest(source.cshake);
-		this.compressor = new CShakeDigest(source.compressor);
-		this.bitLength = source.bitLength;
-		this.B = source.B;
-		this.outputLength = source.outputLength;
-		this.buffer = Arrays.Clone(source.buffer);
-		this.compressorBuffer = Arrays.Clone(source.compressorBuffer);
-	    }
-
-	    public string AlgorithmName
-	    {
-		    get { return "ParallelHash" + cshake.AlgorithmName.Substring(6); }
-	    }
-
-	    public int GetByteLength()
-	    {
-		return cshake.GetByteLength();
-	    }
-
-	    public int GetDigestSize()
-	    {
-		return outputLength;
-	    }
-
-	    public void Update(byte b)
-	    {
-		buffer[bufOff++] = b;
-		if (bufOff == buffer.Length)
-		{
-		    compress();
-		}
-	    }
-
-	    public void BlockUpdate(byte[] inBuf, int inOff, int len)
-	    {
-		len = System.Math.Max(0,  len);
-
-		//
-		// fill the current word
-		//
-		int i = 0;
-		if (bufOff != 0)
-		{
-		    while (i < len && bufOff != buffer.Length)
-		    {
-			buffer[bufOff++] = inBuf[inOff + i++];
-		    }
-
-		    if (bufOff == buffer.Length)
-		    {
-			compress();
-		    }
-		}
-
-		if (i < len)
-		{
-		    while (len - i > B)
-		    {
-			compress(inBuf, inOff + i, B);
-			i += B;
-		    }
-		}
-
-		while (i < len)
-		{
-		    Update(inBuf[inOff + i++]);
-		}
-	    }
-
-	    private void compress()
-	    {
-		compress(buffer, 0, bufOff);
-		bufOff = 0;
-	    }
-
-	    private void compress(byte[] buf, int offSet, int len)
-	    {
-		compressor.BlockUpdate(buf, offSet, len);
-		compressor.DoFinal(compressorBuffer, 0, compressorBuffer.Length);
-
-		cshake.BlockUpdate(compressorBuffer, 0, compressorBuffer.Length);
-
-		nCount++;
-	    }
-
-	    private void wrapUp(int outputSize)
-	    {
-		if (bufOff != 0)
-		{
-		    compress();
-		}
-		byte[] nOut = XofUtilities.RightEncode(nCount);
-		byte[] encOut = XofUtilities.RightEncode(outputSize * 8);
-
-		cshake.BlockUpdate(nOut, 0, nOut.Length);
-		cshake.BlockUpdate(encOut, 0, encOut.Length);
-
-		firstOutput = false;
-	    }
-
-	    public int DoFinal(byte[] outBuf, int outOff)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(outputLength);
-		}
-
-		int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize());
-
-		Reset();
-
-		return rv;
-	    }
-
-	    public int DoFinal(byte[] outBuf, int outOff, int outLen)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(outputLength);
-		}
-		
-		int rv = cshake.DoFinal(outBuf, outOff, outLen);
-
-		Reset();
-
-		return rv;
-	    }
-
-	    public int DoOutput(byte[] outBuf, int outOff, int outLen)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(0);
-		}
-
-		return cshake.DoOutput(outBuf, outOff, outLen);
-	    }
-
-	    public void Reset()
-	    {
-		cshake.Reset();
-		Arrays.Clear(buffer);
-
-		byte[] hdr = XofUtilities.LeftEncode(B);
-		cshake.BlockUpdate(hdr, 0, hdr.Length);
-
-		nCount = 0;
-		bufOff = 0;
-		firstOutput = true;
-	    }
-	}
+        public ParallelHash(int bitLength, byte[] S, int B)
+            : this(bitLength, S, B, bitLength * 2)
+        {
+
+        }
+
+        public ParallelHash(int bitLength, byte[] S, int B, int outputSize)
+        {
+            this.cshake = new CShakeDigest(bitLength, N_PARALLEL_HASH, S);
+            this.compressor = new CShakeDigest(bitLength, new byte[0], new byte[0]);
+            this.bitLength = bitLength;
+            this.B = B;
+            this.outputLength = (outputSize + 7) / 8;
+            this.buffer = new byte[B];
+            this.compressorBuffer = new byte[bitLength * 2 / 8];
+
+            Reset();
+        }
+
+        public ParallelHash(ParallelHash source)
+        {
+            this.cshake = new CShakeDigest(source.cshake);
+            this.compressor = new CShakeDigest(source.compressor);
+            this.bitLength = source.bitLength;
+            this.B = source.B;
+            this.outputLength = source.outputLength;
+            this.buffer = Arrays.Clone(source.buffer);
+            this.compressorBuffer = Arrays.Clone(source.compressorBuffer);
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "ParallelHash" + cshake.AlgorithmName.Substring(6); }
+        }
+
+        public virtual int GetByteLength()
+        {
+            return cshake.GetByteLength();
+        }
+
+        public virtual int GetDigestSize()
+        {
+            return outputLength;
+        }
+
+        public virtual void Update(byte b)
+        {
+            buffer[bufOff++] = b;
+            if (bufOff == buffer.Length)
+            {
+                compress();
+            }
+        }
+
+        public virtual void BlockUpdate(byte[] inBuf, int inOff, int len)
+        {
+            len = System.Math.Max(0, len);
+
+            //
+            // fill the current word
+            //
+            int i = 0;
+            if (bufOff != 0)
+            {
+                while (i < len && bufOff != buffer.Length)
+                {
+                    buffer[bufOff++] = inBuf[inOff + i++];
+                }
+
+                if (bufOff == buffer.Length)
+                {
+                    compress();
+                }
+            }
+
+            if (i < len)
+            {
+                while (len - i > B)
+                {
+                    compress(inBuf, inOff + i, B);
+                    i += B;
+                }
+            }
+
+            while (i < len)
+            {
+                Update(inBuf[inOff + i++]);
+            }
+        }
+
+        private void compress()
+        {
+            compress(buffer, 0, bufOff);
+            bufOff = 0;
+        }
+
+        private void compress(byte[] buf, int offSet, int len)
+        {
+            compressor.BlockUpdate(buf, offSet, len);
+            compressor.DoFinal(compressorBuffer, 0, compressorBuffer.Length);
+
+            cshake.BlockUpdate(compressorBuffer, 0, compressorBuffer.Length);
+
+            nCount++;
+        }
+
+        private void wrapUp(int outputSize)
+        {
+            if (bufOff != 0)
+            {
+                compress();
+            }
+            byte[] nOut = XofUtilities.RightEncode(nCount);
+            byte[] encOut = XofUtilities.RightEncode(outputSize * 8);
+
+            cshake.BlockUpdate(nOut, 0, nOut.Length);
+            cshake.BlockUpdate(encOut, 0, encOut.Length);
+
+            firstOutput = false;
+        }
+
+        public virtual int DoFinal(byte[] outBuf, int outOff)
+        {
+            if (firstOutput)
+            {
+                wrapUp(outputLength);
+            }
+
+            int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize());
+
+            Reset();
+
+            return rv;
+        }
+
+        public virtual int DoFinal(byte[] outBuf, int outOff, int outLen)
+        {
+            if (firstOutput)
+            {
+                wrapUp(outputLength);
+            }
+
+            int rv = cshake.DoFinal(outBuf, outOff, outLen);
+
+            Reset();
+
+            return rv;
+        }
+
+        public virtual int DoOutput(byte[] outBuf, int outOff, int outLen)
+        {
+            if (firstOutput)
+            {
+                wrapUp(0);
+            }
+
+            return cshake.DoOutput(outBuf, outOff, outLen);
+        }
+
+        public virtual void Reset()
+        {
+            cshake.Reset();
+            Arrays.Clear(buffer);
+
+            byte[] hdr = XofUtilities.LeftEncode(B);
+            cshake.BlockUpdate(hdr, 0, hdr.Length);
+
+            nCount = 0;
+            bufOff = 0;
+            firstOutput = true;
+        }
+    }
 }
diff --git a/crypto/src/crypto/digests/TupleHash.cs b/crypto/src/crypto/digests/TupleHash.cs
index 76bba3f94..98c2d2acf 100644
--- a/crypto/src/crypto/digests/TupleHash.cs
+++ b/crypto/src/crypto/digests/TupleHash.cs
@@ -1,134 +1,134 @@
 using System;
-using System.Diagnostics;
 
 using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Digests
 {
-	/// <summary>
+    /// <summary>
     /// TupleHash - a hash designed  to  simply  hash  a  tuple  of  input  strings,  any  or  all  of  which  may  be  empty  strings,
-	/// in  an  unambiguous way with an optional XOF mode.
-	/// <para>
-	/// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash
-	/// </para>
+    /// in  an  unambiguous way with an optional XOF mode.
+    /// <para>
+    /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash
+    /// </para>
     /// </summary>
-	public class TupleHash
-	    : IXof, IDigest
-	{
-	    private static readonly byte[] N_TUPLE_HASH = Strings.ToByteArray("TupleHash");
+    public class TupleHash
+        : IXof, IDigest
+    {
+        private static readonly byte[] N_TUPLE_HASH = Strings.ToByteArray("TupleHash");
 
-	    private readonly CShakeDigest cshake;
-	    private readonly int bitLength;
-	    private readonly int outputLength;
+        private readonly CShakeDigest cshake;
+        private readonly int bitLength;
+        private readonly int outputLength;
 
-	    private bool firstOutput;
+        private bool firstOutput;
 
-	    /**
+        /**
 	     * Base constructor.
 	     *
 	     * @param bitLength bit length of the underlying SHAKE function, 128 or 256.
 	     * @param S         the customization string - available for local use.
 	     */
-	    public TupleHash(int bitLength, byte[] S): this(bitLength, S, bitLength * 2)
-		{
-
-		}
-
-	    public TupleHash(int bitLength, byte[] S, int outputSize)
-	    {
-		this.cshake = new CShakeDigest(bitLength, N_TUPLE_HASH, S);
-		this.bitLength = bitLength;
-		this.outputLength = (outputSize + 7) / 8;
-
-		Reset();
-	    }
-
-	    public TupleHash(TupleHash original)
-	    {
-		this.cshake = new CShakeDigest(original.cshake);
-		this.bitLength = cshake.fixedOutputLength;
-		this.outputLength = bitLength * 2 / 8;
-		this.firstOutput = original.firstOutput;
-	    }
-
-	    public string AlgorithmName
-	    {
-		   get { return "TupleHash" + cshake.AlgorithmName.Substring(6); }
-	    }
-
-	    public int GetByteLength()
-	    {
-		return cshake.GetByteLength();
-	    }
-
-	    public int GetDigestSize()
-	    {
-		return outputLength;
-	    }
-
-	    public void Update(byte b)
-	    {
-		byte[] bytes = XofUtilities.Encode(b);
-		cshake.BlockUpdate(bytes, 0, bytes.Length);
-	    }
-
-	    public void BlockUpdate(byte[] inBuf, int inOff, int len)
-	    {
-		byte[] bytes = XofUtilities.Encode(inBuf, inOff, len);
-		cshake.BlockUpdate(bytes, 0, bytes.Length);
-	    }
-
-	    private void wrapUp(int outputSize)
-	    {
-		byte[] encOut = XofUtilities.RightEncode(outputSize * 8);
-
-		cshake.BlockUpdate(encOut, 0, encOut.Length);
-
-		firstOutput = false;
-	    }
-
-	    public int DoFinal(byte[] outBuf, int outOff)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(GetDigestSize());
-		}
-		
-		int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize());
-
-		Reset();
-
-		return rv;
-	    }
-
-	    public int DoFinal(byte[] outBuf, int outOff, int outLen)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(GetDigestSize());
-		}
-		
-		int rv = cshake.DoFinal(outBuf, outOff, outLen);
-
-		Reset();
-
-		return rv;
-	    }
-
-	    public int DoOutput(byte[] outBuf, int outOff, int outLen)
-	    {
-		if (firstOutput)
-		{
-		    wrapUp(0);
-		}
-
-		return cshake.DoOutput(outBuf, outOff, outLen);
-	    }
-
-	    public void Reset()
-	    {
-		cshake.Reset();
-		firstOutput = true;
-	    }
-	}
+        public TupleHash(int bitLength, byte[] S)
+            : this(bitLength, S, bitLength * 2)
+        {
+
+        }
+
+        public TupleHash(int bitLength, byte[] S, int outputSize)
+        {
+            this.cshake = new CShakeDigest(bitLength, N_TUPLE_HASH, S);
+            this.bitLength = bitLength;
+            this.outputLength = (outputSize + 7) / 8;
+
+            Reset();
+        }
+
+        public TupleHash(TupleHash original)
+        {
+            this.cshake = new CShakeDigest(original.cshake);
+            this.bitLength = cshake.fixedOutputLength;
+            this.outputLength = bitLength * 2 / 8;
+            this.firstOutput = original.firstOutput;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "TupleHash" + cshake.AlgorithmName.Substring(6); }
+        }
+
+        public virtual int GetByteLength()
+        {
+            return cshake.GetByteLength();
+        }
+
+        public virtual int GetDigestSize()
+        {
+            return outputLength;
+        }
+
+        public virtual void Update(byte b)
+        {
+            byte[] bytes = XofUtilities.Encode(b);
+            cshake.BlockUpdate(bytes, 0, bytes.Length);
+        }
+
+        public virtual void BlockUpdate(byte[] inBuf, int inOff, int len)
+        {
+            byte[] bytes = XofUtilities.Encode(inBuf, inOff, len);
+            cshake.BlockUpdate(bytes, 0, bytes.Length);
+        }
+
+        private void wrapUp(int outputSize)
+        {
+            byte[] encOut = XofUtilities.RightEncode(outputSize * 8);
+
+            cshake.BlockUpdate(encOut, 0, encOut.Length);
+
+            firstOutput = false;
+        }
+
+        public virtual int DoFinal(byte[] outBuf, int outOff)
+        {
+            if (firstOutput)
+            {
+                wrapUp(GetDigestSize());
+            }
+
+            int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize());
+
+            Reset();
+
+            return rv;
+        }
+
+        public virtual int DoFinal(byte[] outBuf, int outOff, int outLen)
+        {
+            if (firstOutput)
+            {
+                wrapUp(GetDigestSize());
+            }
+
+            int rv = cshake.DoFinal(outBuf, outOff, outLen);
+
+            Reset();
+
+            return rv;
+        }
+
+        public virtual int DoOutput(byte[] outBuf, int outOff, int outLen)
+        {
+            if (firstOutput)
+            {
+                wrapUp(0);
+            }
+
+            return cshake.DoOutput(outBuf, outOff, outLen);
+        }
+
+        public virtual void Reset()
+        {
+            cshake.Reset();
+            firstOutput = true;
+        }
+    }
 }
diff --git a/crypto/src/crypto/fpe/FpeEngine.cs b/crypto/src/crypto/fpe/FpeEngine.cs
index 6757bad3a..5545b7dca 100644
--- a/crypto/src/crypto/fpe/FpeEngine.cs
+++ b/crypto/src/crypto/fpe/FpeEngine.cs
@@ -1,121 +1,73 @@
 using System;
-using System.Diagnostics;
 
-using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto.Utilities;
-using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Fpe
 {
-/**
- * Base class for format-preserving encryption.
- */
-public abstract class FpeEngine
-{
-    protected IBlockCipher baseCipher;
-
-    protected bool forEncryption;
-    protected FpeParameters fpeParameters;
-
-    protected FpeEngine(IBlockCipher baseCipher)
+    /// <summary>Base class for format-preserving encryption.</summary>
+    public abstract class FpeEngine
     {
-        this.baseCipher = baseCipher;
-    }
-
-    /// <summary>
-    /// Process length bytes from inBuf, writing the output to outBuf.
-    /// </summary>
-    /// <returns>number of bytes output.</returns>
-    /// <param name="inBuf">input data.</param>  
-    /// <param name="inOff">offset in input data to start at.</param>  
-    /// <param name="length">number of bytes to process.</param>  
-    /// <param name="outBuf">destination buffer.</param>  
-    /// <param name="outOff">offset to start writing at in destination buffer.</param>  
-    public int ProcessBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
-    {
-        if (fpeParameters == null)
-        {
-            throw new InvalidOperationException("FPE engine not initialized");
-        }
-
-        if (length < 0)
-        {
-            throw new ArgumentException("input length cannot be negative");
-        }
+        protected readonly IBlockCipher baseCipher;
 
-        if (inBuf == null || outBuf == null)
-        {
-            throw new NullReferenceException("buffer value is null");
-        }
+        protected bool forEncryption;
+        protected FpeParameters fpeParameters;
 
-        if (inBuf.Length < inOff + length)
+        protected FpeEngine(IBlockCipher baseCipher)
         {
-            throw new DataLengthException("input buffer too short");
+            this.baseCipher = baseCipher;
         }
 
-        if (outBuf.Length < outOff + length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (forEncryption)
-        {
-            return encryptBlock(inBuf, inOff, length, outBuf, outOff);
-        }
-        else
+        /// <summary>
+        /// Process length bytes from inBuf, writing the output to outBuf.
+        /// </summary>
+        /// <returns>number of bytes output.</returns>
+        /// <param name="inBuf">input data.</param>  
+        /// <param name="inOff">offset in input data to start at.</param>  
+        /// <param name="length">number of bytes to process.</param>  
+        /// <param name="outBuf">destination buffer.</param>  
+        /// <param name="outOff">offset to start writing at in destination buffer.</param>  
+        public virtual int ProcessBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
         {
-            return decryptBlock(inBuf, inOff, length, outBuf, outOff);
+            if (fpeParameters == null)
+                throw new InvalidOperationException("FPE engine not initialized");
+            if (length < 0)
+                throw new ArgumentException("cannot be negative", "length");
+            if (inBuf == null)
+                throw new ArgumentNullException("inBuf");
+            if (outBuf == null)
+                throw new ArgumentNullException("outBuf");
+
+            Check.DataLength(inBuf, inOff, length, "input buffer too short");
+            Check.OutputLength(outBuf, outOff, length, "output buffer too short");
+
+            if (forEncryption)
+            {
+                return EncryptBlock(inBuf, inOff, length, outBuf, outOff);
+            }
+            else
+            {
+                return DecryptBlock(inBuf, inOff, length, outBuf, outOff);
+            }
         }
-    }
 
-    protected static ushort[] toShortArray(byte[] buf)
-    {
-        if ((buf.Length & 1) != 0)
+        protected static bool IsOverrideSet(string propName)
         {
-            throw new ArgumentException("data must be an even number of bytes for a wide radix");
-        }
+            string propValue = Platform.GetEnvironmentVariable(propName);
 
-        ushort[] rv = new ushort[buf.Length / 2];
-
-        for (int i = 0; i != rv.Length; i++)
-        {
-            rv[i] = Pack.BE_To_UInt16(buf, i * 2);
+            return propValue != null && Platform.EqualsIgnoreCase("true", propValue);
         }
 
-        return rv;
-    }
-
-    protected static bool IsOverrideSet(string propName)
-    {
-        string propValue = Platform.GetEnvironmentVariable(propName);
-
-        return propValue == null || Platform.EqualsIgnoreCase("true", propValue);
-    }
-
-    protected static byte[] toByteArray(ushort[] buf)
-    {
-        byte[] rv = new byte[buf.Length * 2];
+        /// <summary>
+        /// Initialize the FPE engine for encryption/decryption.
+        /// </summary>
+        /// <returns>number of bytes output.</returns>
+        /// <param name="forEncryption">true if initialising for encryption, false otherwise.</param>  
+        /// <param name="parameters ">the key and other parameters to use to set the engine up.</param>  
+        public abstract void Init(bool forEncryption, ICipherParameters parameters);
 
-        for (int i = 0; i != buf.Length; i++)
-        {
-            Pack.UInt16_To_BE(buf[i], rv, i * 2);
-        }
+        protected abstract int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff);
 
-        return rv;
+        protected abstract int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff);
     }
-
-    /// <summary>
-    /// Initialize the FPE engine for encryption/decryption.
-    /// </summary>
-    /// <returns>number of bytes output.</returns>
-    /// <param name="forEncryption">true if initialising for encryption, false otherwise.</param>  
-    /// <param name="parameters ">the key and other parameters to use to set the engine up.</param>  
-    public abstract void Init(bool forEncryption, ICipherParameters parameters);
-
-    protected abstract int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff);
-
-    protected abstract int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff);
-}
 }
diff --git a/crypto/src/crypto/fpe/FpeFf1Engine.cs b/crypto/src/crypto/fpe/FpeFf1Engine.cs
index 8f34ef888..acd31b6f4 100644
--- a/crypto/src/crypto/fpe/FpeFf1Engine.cs
+++ b/crypto/src/crypto/fpe/FpeFf1Engine.cs
@@ -1,70 +1,83 @@
 using System;
-using System.Diagnostics;
 
 using Org.BouncyCastle.Crypto.Engines;
 using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Fpe
 {
-public class FpeFf1Engine
-    : FpeEngine
-{
-    public FpeFf1Engine(): this(new AesEngine())
-    {
-    }
-
-    public FpeFf1Engine(IBlockCipher baseCipher): base(baseCipher)
+    public class FpeFf1Engine
+        : FpeEngine
     {
-        if (IsOverrideSet(SP80038G.FPE_DISABLED)
-            || IsOverrideSet(SP80038G.FF1_DISABLED))
+        public FpeFf1Engine()
+            : this(new AesEngine())
         {
-            throw new InvalidOperationException("FF1 encryption disabled");
         }
-    }
-
-    public override void Init(bool forEncryption, ICipherParameters parameters)
-    {
-        this.forEncryption = forEncryption;
 
-        this.fpeParameters = (FpeParameters)parameters;
-
-        baseCipher.Init(!fpeParameters.UseInverseFunction, fpeParameters.Key);
-    }
-
-    protected override int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
-    {
-        byte[] enc;
-
-        if (fpeParameters.Radix > 256)
+        public FpeFf1Engine(IBlockCipher baseCipher)
+            : base(baseCipher)
         {
-            enc = toByteArray(SP80038G.EncryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2));
+            if (IsOverrideSet(SP80038G.FPE_DISABLED) ||
+                IsOverrideSet(SP80038G.FF1_DISABLED))
+            {
+                throw new InvalidOperationException("FF1 encryption disabled");
+            }
         }
-        else
+
+        public override void Init(bool forEncryption, ICipherParameters parameters)
         {
-            enc = SP80038G.EncryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
+            this.forEncryption = forEncryption;
+            this.fpeParameters = (FpeParameters)parameters;
+
+            baseCipher.Init(!fpeParameters.UseInverseFunction, fpeParameters.Key);
         }
 
-        Array.Copy(enc, 0, outBuf, outOff, length);
+        protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
+        {
+            byte[] enc;
 
-        return length;
-    }
+            if (fpeParameters.Radix > 256)
+            {
+                if ((length & 1) != 0)
+                    throw new ArgumentException("input must be an even number of bytes for a wide radix");
 
-    protected override int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
-    {
-        byte[] dec;
+                ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length);
+                ushort[] u16Out = SP80038G.EncryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(),
+                    u16In, 0, u16In.Length);
+                enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length);
+            }
+            else
+            {
+                enc = SP80038G.EncryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
+            }
 
-        if (fpeParameters.Radix > 256)
-        {
-            dec = toByteArray(SP80038G.DecryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2));
+            Array.Copy(enc, 0, outBuf, outOff, length);
+
+            return length;
         }
-        else
+
+        protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
         {
-            dec = SP80038G.DecryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
-        }
+            byte[] dec;
+
+            if (fpeParameters.Radix > 256)
+            {
+                if ((length & 1) != 0)
+                    throw new ArgumentException("input must be an even number of bytes for a wide radix");
 
-        Array.Copy(dec, 0, outBuf, outOff, length);
+                ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length);
+                ushort[] u16Out = SP80038G.DecryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(),
+                    u16In, 0, u16In.Length);
+                dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length);
+            }
+            else
+            {
+                dec = SP80038G.DecryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
+            }
 
-        return length;
+            Array.Copy(dec, 0, outBuf, outOff, length);
+
+            return length;
+        }
     }
 }
-}
diff --git a/crypto/src/crypto/fpe/FpeFf3_1Engine.cs b/crypto/src/crypto/fpe/FpeFf3_1Engine.cs
index 480560bb2..aa238e46a 100644
--- a/crypto/src/crypto/fpe/FpeFf3_1Engine.cs
+++ b/crypto/src/crypto/fpe/FpeFf3_1Engine.cs
@@ -1,75 +1,86 @@
 using System;
-using System.Diagnostics;
 
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Utilities;
 using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Crypto.Fpe
 {
-public class FpeFf3_1Engine
-    : FpeEngine
-{
-    public FpeFf3_1Engine(): this(new AesEngine())
-    {
-    }
-
-    public FpeFf3_1Engine(IBlockCipher baseCipher): base(baseCipher)
+    public class FpeFf3_1Engine
+        : FpeEngine
     {
-        if (IsOverrideSet(SP80038G.FPE_DISABLED))
+        public FpeFf3_1Engine()
+            : this(new AesEngine())
         {
-            throw new InvalidOperationException("FPE disabled");
         }
-    }
-
-    public override void Init(bool forEncryption, ICipherParameters parameters)
-    {
-        this.forEncryption = forEncryption;
 
-        this.fpeParameters = (FpeParameters)parameters;
-
-        baseCipher.Init(!fpeParameters.UseInverseFunction, new KeyParameter(Arrays.Reverse(fpeParameters.Key.GetKey())));
-
-        if (fpeParameters.GetTweak().Length != 7)
+        public FpeFf3_1Engine(IBlockCipher baseCipher)
+            : base(baseCipher)
         {
-            throw new ArgumentException("tweak should be 56 bits");
+            if (IsOverrideSet(SP80038G.FPE_DISABLED))
+            {
+                throw new InvalidOperationException("FPE disabled");
+            }
         }
-    }
 
-    protected override int encryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
-    {
-        byte[] enc;
-
-        if (fpeParameters.Radix > 256)
+        public override void Init(bool forEncryption, ICipherParameters parameters)
         {
-            enc = toByteArray(SP80038G.EncryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2));
+            this.forEncryption = forEncryption;
+            this.fpeParameters = (FpeParameters)parameters;
+
+            baseCipher.Init(!fpeParameters.UseInverseFunction, new KeyParameter(Arrays.Reverse(fpeParameters.Key.GetKey())));
+
+            if (fpeParameters.GetTweak().Length != 7)
+                throw new ArgumentException("tweak should be 56 bits");
         }
-        else
+
+        protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
         {
-            enc = SP80038G.EncryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
-        }
+            byte[] enc;
 
-        Array.Copy(enc, 0, outBuf, outOff, length);
+            if (fpeParameters.Radix > 256)
+            {
+                if ((length & 1) != 0)
+                    throw new ArgumentException("input must be an even number of bytes for a wide radix");
 
-        return length;
-    }
+                ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length);
+                ushort[] u16Out = SP80038G.EncryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(),
+                    u16In, 0, u16In.Length);
+                enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length);
+            }
+            else
+            {
+                enc = SP80038G.EncryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
+            }
 
-    protected override int decryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
-    {
-        byte[] dec;
+            Array.Copy(enc, 0, outBuf, outOff, length);
 
-        if (fpeParameters.Radix > 256)
-        {
-            dec = toByteArray(SP80038G.DecryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), toShortArray(inBuf), inOff, length / 2));
+            return length;
         }
-        else
+
+        protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff)
         {
-            dec = SP80038G.DecryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
-        }
+            byte[] dec;
+
+            if (fpeParameters.Radix > 256)
+            {
+                if ((length & 1) != 0)
+                    throw new ArgumentException("input must be an even number of bytes for a wide radix");
 
-        Array.Copy(dec, 0, outBuf, outOff, length);
+                ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length);
+                ushort[] u16Out = SP80038G.DecryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(),
+                    u16In, 0, u16In.Length);
+                dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length);
+            }
+            else
+            {
+                dec = SP80038G.DecryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length);
+            }
 
-        return length;
+            Array.Copy(dec, 0, outBuf, outOff, length);
+
+            return length;
+        }
     }
 }
-}
diff --git a/crypto/src/crypto/fpe/SP80038G.cs b/crypto/src/crypto/fpe/SP80038G.cs
index 4ce89c9b2..53efc1499 100644
--- a/crypto/src/crypto/fpe/SP80038G.cs
+++ b/crypto/src/crypto/fpe/SP80038G.cs
@@ -1,8 +1,5 @@
 using System;
-using System.Diagnostics;
 
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Utilities;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Utilities;
@@ -685,14 +682,13 @@ namespace Org.BouncyCastle.Crypto.Fpe
             return s;
         }
 
-	private static int Ceil(double v)
-	{
-		int rv = (int)v;
-		if ((double)rv < v)
-                {
-			return rv + 1;
-                }
-                return rv;
-	}
+	    private static int Ceil(double v)
+	    {
+		    int rv = (int)v;
+		    if ((double)rv < v)
+			    return rv + 1;
+
+            return rv;
+	    }
     }
 }
diff --git a/crypto/src/crypto/modes/GcmSivBlockCipher.cs b/crypto/src/crypto/modes/GcmSivBlockCipher.cs
index e54f1c201..10e7e774b 100644
--- a/crypto/src/crypto/modes/GcmSivBlockCipher.cs
+++ b/crypto/src/crypto/modes/GcmSivBlockCipher.cs
@@ -1,964 +1,931 @@
 using System;
-using System.Diagnostics;
+using System.IO;
 
-using Org.BouncyCastle.Utilities.IO;
-using Org.BouncyCastle.Crypto.Macs;
 using Org.BouncyCastle.Crypto.Engines;
-using Org.BouncyCastle.Crypto.Modes;
 using Org.BouncyCastle.Crypto.Modes.Gcm;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Utilities;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
 
 namespace Org.BouncyCastle.Crypto.Modes
 {
-	/**
-	 * GCM-SIV Mode.
-	 * <p>It should be noted that the specified limit of 2<sup>36</sup> bytes is not supported. This is because all bytes are
-	 * cached in a <b>ByteArrayOutputStream</b> object (which has a limit of a little less than 2<sup>31</sup> bytes),
-	 * and are output on the <b>DoFinal</b>() call (which can only process a maximum of 2<sup>31</sup> bytes).</p>
-	 * <p>The practical limit of 2<sup>31</sup> - 24 bytes is policed, and attempts to breach the limit will be rejected</p>
-	 * <p>In order to properly support the higher limit, an extended form of <b>ByteArrayOutputStream</b> would be needed
-	 * which would use multiple arrays to store the data. In addition, a new <b>doOutput</b> method would be required (similar
-	 * to that in <b>XOF</b> digests), which would allow the data to be output over multiple calls. Alternatively an extended
-	 * form of <b>ByteArrayInputStream</b> could be used to deliver the data.</p>
-	 */
-	public class GcmSivBlockCipher
-		 : IAeadBlockCipher 
-	{
-	     /**
-	      * The buffer length.
-	      */
-	     private static readonly int BUFLEN = 16;
-
-	     /**
-	      * The halfBuffer length.
-	      */
-	     private static readonly int HALFBUFLEN = BUFLEN >> 1;
-
-	     /**
-	      * The nonce length.
-	      */
-	     private static readonly int NONCELEN = 12;
-
-	     /**
-	      * The maximum data length (AEAD/PlainText). Due to implementation constraints this is restricted to the maximum
-	      * array length (https://programming.guide/java/array-maximum-length.html) minus the BUFLEN to allow for the MAC
-	      */
-	     private static readonly int MAX_DATALEN = Int32.MaxValue - 8 - BUFLEN;
-
-	     /**
-	      * The top bit mask.
-	      */
-	     private static readonly byte MASK = (byte) 0x80;
-
-	     /**
-	      * The addition constant.
-	      */
-	     private static readonly byte ADD = (byte) 0xE1;
-
-	     /**
-	      * The initialisation flag.
-	      */
-	     private static readonly int INIT = 1;
-
-	     /**
-	      * The aeadComplete flag.
-	      */
-	     private static readonly int AEAD_COMPLETE = 2;
-
-	     /**
-	      * The cipher.
-	      */
-	     private readonly IBlockCipher theCipher;
-
-	     /**
-	      * The multiplier.
-	      */
-	     private readonly IGcmMultiplier theMultiplier;
-
-	     /**
-	      * The gHash buffer.
-	      */
-	     internal readonly byte[] theGHash = new byte[BUFLEN];
-
-	     /**
-	      * The reverse buffer.
-	      */
-	     internal readonly byte[] theReverse = new byte[BUFLEN];
-
-	     /**
-	      * The aeadHasher.
-	      */
-	     private readonly GCMSIVHasher theAEADHasher;
-
-	     /**
-	      * The dataHasher.
-	      */
-	     private readonly GCMSIVHasher theDataHasher;
-
-	     /**
-	      * The plainDataStream.
-	      */
-	     private GCMSIVCache thePlain;
-
-	     /**
-	      * The encryptedDataStream (decryption only).
-	      */
-	     private GCMSIVCache theEncData;
-
-	     /**
-	      * Are we encrypting?
-	      */
-	     private bool forEncryption;
-
-	     /**
-	      * The initialAEAD.
-	      */
-	     private byte[] theInitialAEAD;
-
-	     /**
-	      * The nonce.
-	      */
-	     private byte[] theNonce;
-
-	     /**
-	      * The flags.
-	      */
-	     private int theFlags;
-
-	     /**
-	      * Constructor.
-	      */
-	     public GcmSivBlockCipher(): this(new AesEngine())
-	     {
-		 
-	     }
-
-	     /**
-	      * Constructor.
-	      * @param pCipher the underlying cipher
-	      */
-	     public GcmSivBlockCipher(IBlockCipher pCipher): this(pCipher, new Tables4kGcmMultiplier())
-	     {
-		 
-	     }
-
-	     /**
-	      * Constructor.
-	      * @param pCipher the underlying cipher
-	      * @param pMultiplier the multiplier
-	      */
-	     public GcmSivBlockCipher(IBlockCipher pCipher,
-				      IGcmMultiplier pMultiplier)
-	     {
-		 /* Ensure that the cipher is the correct size */
-		 if (pCipher.GetBlockSize() != BUFLEN)
-		 {
-		     throw new ArgumentException("Cipher required with a block size of " + BUFLEN + ".");
-		 }
-
-		 /* Store parameters */
-		 theCipher = pCipher;
-		 theMultiplier = pMultiplier;
-
-		 /* Create the hashers */
-		 theAEADHasher = new GCMSIVHasher(this);
-		 theDataHasher = new GCMSIVHasher(this);
-	     }
-
-	     public IBlockCipher GetUnderlyingCipher()
-	     {
-		 return theCipher;
-	     }
+    /**
+     * GCM-SIV Mode.
+     * <p>It should be noted that the specified limit of 2<sup>36</sup> bytes is not supported. This is because all bytes are
+     * cached in a <b>ByteArrayOutputStream</b> object (which has a limit of a little less than 2<sup>31</sup> bytes),
+     * and are output on the <b>DoFinal</b>() call (which can only process a maximum of 2<sup>31</sup> bytes).</p>
+     * <p>The practical limit of 2<sup>31</sup> - 24 bytes is policed, and attempts to breach the limit will be rejected</p>
+     * <p>In order to properly support the higher limit, an extended form of <b>ByteArrayOutputStream</b> would be needed
+     * which would use multiple arrays to store the data. In addition, a new <b>doOutput</b> method would be required (similar
+     * to that in <b>XOF</b> digests), which would allow the data to be output over multiple calls. Alternatively an extended
+     * form of <b>ByteArrayInputStream</b> could be used to deliver the data.</p>
+     */
+    public class GcmSivBlockCipher
+        : IAeadBlockCipher
+    {
+        /// <summary>The buffer length.</summary>
+        private static readonly int BUFLEN = 16;
+
+        /// <summary>The halfBuffer length.</summary>
+        private static readonly int HALFBUFLEN = BUFLEN >> 1;
+
+        /// <summary>The nonce length.</summary>
+        private static readonly int NONCELEN = 12;
+
+        /**
+        * The maximum data length (AEAD/PlainText). Due to implementation constraints this is restricted to the maximum
+        * array length (https://programming.guide/java/array-maximum-length.html) minus the BUFLEN to allow for the MAC
+        */
+        private static readonly int MAX_DATALEN = Int32.MaxValue - 8 - BUFLEN;
+
+        /**
+        * The top bit mask.
+        */
+        private static readonly byte MASK = (byte)0x80;
+
+        /**
+        * The addition constant.
+        */
+        private static readonly byte ADD = (byte)0xE1;
+
+        /**
+        * The initialisation flag.
+        */
+        private static readonly int INIT = 1;
+
+        /**
+        * The aeadComplete flag.
+        */
+        private static readonly int AEAD_COMPLETE = 2;
+
+        /**
+        * The cipher.
+        */
+        private readonly IBlockCipher theCipher;
+
+        /**
+        * The multiplier.
+        */
+        private readonly IGcmMultiplier theMultiplier;
+
+        /**
+        * The gHash buffer.
+        */
+        internal readonly byte[] theGHash = new byte[BUFLEN];
+
+        /**
+        * The reverse buffer.
+        */
+        internal readonly byte[] theReverse = new byte[BUFLEN];
+
+        /**
+        * The aeadHasher.
+        */
+        private readonly GcmSivHasher theAEADHasher;
+
+        /**
+        * The dataHasher.
+        */
+        private readonly GcmSivHasher theDataHasher;
+
+        /**
+        * The plainDataStream.
+        */
+        private GcmSivCache thePlain;
+
+        /**
+        * The encryptedDataStream (decryption only).
+        */
+        private GcmSivCache theEncData;
+
+        /**
+        * Are we encrypting?
+        */
+        private bool forEncryption;
+
+        /**
+        * The initialAEAD.
+        */
+        private byte[] theInitialAEAD;
+
+        /**
+        * The nonce.
+        */
+        private byte[] theNonce;
+
+        /**
+        * The flags.
+        */
+        private int theFlags;
+
+        /**
+        * Constructor.
+        */
+        public GcmSivBlockCipher()
+            : this(new AesEngine())
+        {
+        }
+
+        /**
+        * Constructor.
+        * @param pCipher the underlying cipher
+        */
+        public GcmSivBlockCipher(IBlockCipher pCipher)
+            : this(pCipher, new Tables4kGcmMultiplier())
+        {
+        }
+
+        /**
+        * Constructor.
+        * @param pCipher the underlying cipher
+        * @param pMultiplier the multiplier
+        */
+        public GcmSivBlockCipher(IBlockCipher pCipher, IGcmMultiplier pMultiplier)
+        {
+            /* Ensure that the cipher is the correct size */
+            if (pCipher.GetBlockSize() != BUFLEN)
+                throw new ArgumentException("Cipher required with a block size of " + BUFLEN + ".");
+
+            /* Store parameters */
+            theCipher = pCipher;
+            theMultiplier = pMultiplier;
+
+            /* Create the hashers */
+            theAEADHasher = new GcmSivHasher(this);
+            theDataHasher = new GcmSivHasher(this);
+        }
+
+        public virtual IBlockCipher GetUnderlyingCipher()
+        {
+            return theCipher;
+        }
 
         public virtual int GetBlockSize()
         {
             return theCipher.GetBlockSize();
         }
 
-	     public void Init(bool pEncrypt,
-			      ICipherParameters cipherParameters)
-	     {
-		 /* Set defaults */
-		 byte[] myInitialAEAD = null;
-		 byte[] myNonce = null;
-		 KeyParameter myKey = null;
-
-		 /* Access parameters */
-		 if (cipherParameters is AeadParameters)
-		 {
-		     AeadParameters myAEAD = (AeadParameters) cipherParameters;
-		     myInitialAEAD = myAEAD.GetAssociatedText();
-		     myNonce = myAEAD.GetNonce();
-		     myKey = myAEAD.Key;
-		 }
-		 else if (cipherParameters is ParametersWithIV)
-		 {
-		     ParametersWithIV myParms = (ParametersWithIV) cipherParameters;
-		     myNonce = myParms.GetIV();
-		     myKey = (KeyParameter) myParms.Parameters;
-		 }
-		 else
-		 {
-		     throw new ArgumentException("invalid parameters passed to GCM_SIV");
-		 }
-
-		 /* Check nonceSize */
-		 if (myNonce == null || myNonce.Length != NONCELEN)
-		 {
-		     throw new ArgumentException("Invalid nonce");
-		 }
-
-		 /* Check keysize */
-		 if (myKey == null)
-		 {
-		     throw new ArgumentException("Invalid key");
-		 }
-		 
-		 byte[] k = myKey.GetKey();
-
-		 if (k.Length != BUFLEN
-			 && k.Length != (BUFLEN << 1))
-		 {
-		     throw new ArgumentException("Invalid key");
-		 }
-
-		 /* Reset details */
-		 forEncryption = pEncrypt;
-		 theInitialAEAD = myInitialAEAD;
-		 theNonce = myNonce;
-
-		 /* Initialise the keys */
-		 deriveKeys(myKey);
-		 resetStreams();
-	     }
-
-	     public string AlgorithmName
-	     {
-		 	get { return theCipher.AlgorithmName + "-GCM-SIV"; }
-	     }
-
-	     /**
-	      * check AEAD status.
-	      * @param pLen the aeadLength
-	      */
-	     private void checkAEADStatus(int pLen)
-	     {
-		 /* Check we are initialised */
-		 if ((theFlags & INIT) == 0)
-		 {
-		     throw new InvalidOperationException("Cipher is not initialised");
-		 }
-
-		 /* Check AAD is allowed */
-		 if ((theFlags & AEAD_COMPLETE) != 0)
-		 {
-		     throw new InvalidOperationException("AEAD data cannot be processed after ordinary data");
-		 }
-
-		 /* Make sure that we haven't breached AEAD data limit */
-		 if ((long)theAEADHasher.getBytesProcessed() + Int64.MinValue
-		      > (MAX_DATALEN - pLen) + Int64.MinValue)
-		 {
-		     throw new InvalidOperationException("AEAD byte count exceeded");
-		 }
-	     }
-
-	     /**
-	      * check status.
-	      * @param pLen the dataLength
-	      */
-	     private void checkStatus(int pLen)
-	     {
-		 /* Check we are initialised */
-		 if ((theFlags & INIT) == 0)
-		 {
-		     throw new InvalidOperationException("Cipher is not initialised");
-		 }
-
-		 /* Complete the AEAD section if this is the first data */
-		 if ((theFlags & AEAD_COMPLETE) == 0)
-		 {
-		     theAEADHasher.completeHash();
-		     theFlags |= AEAD_COMPLETE;
-		 }
-
-		 /* Make sure that we haven't breached data limit */
-		 long dataLimit = MAX_DATALEN;
-		 long currBytes = thePlain.Length;
-		 if (!forEncryption)
-		 {
-		     dataLimit += BUFLEN;
-		     currBytes = theEncData.Length;
-		 }
-		 if (currBytes + System.Int64.MinValue
-		       > (dataLimit - pLen) + System.Int64.MinValue)
-		 {
-		     throw new InvalidOperationException("byte count exceeded");
-		 }
-	     }
-
-	     public void ProcessAadByte(byte pByte)
-	     {
-		 /* Check that we can supply AEAD */
-		 checkAEADStatus(1);
-
-		 /* Process the aead */
-		 theAEADHasher.updateHash(pByte);
-	     }
-
-	     public void ProcessAadBytes(byte[] pData,
-					 int pOffset,
-					 int pLen)
-	     {
-		 /* Check that we can supply AEAD */
-		 checkAEADStatus(pLen);
-
-		 /* Check input buffer */
-		 checkBuffer(pData, pOffset, pLen, false);
-
-		 /* Process the aead */
-		 theAEADHasher.updateHash(pData, pOffset, pLen);
-	     }
-
-	     public int ProcessByte(byte pByte,
-				    byte[] pOutput,
-				    int pOutOffset)
-	     {
-		 /* Check that we have initialised */
-		 checkStatus(1);
-
-		 /* Store the data */
-		 if (forEncryption)
-		 {
-		     thePlain.WriteByte(pByte);
-		     theDataHasher.updateHash(pByte);
-		 }
-		 else
-		 {
-		     theEncData.WriteByte(pByte);
-		 }
-
-		 /* No data returned */
-		 return 0;
-	     }
-
-	     public int ProcessBytes(byte[] pData,
-				     int pOffset,
-				     int pLen,
-				     byte[] pOutput,
-				     int pOutOffset)
-	     {
-		 /* Check that we have initialised */
-		 checkStatus(pLen);
-
-		 /* Check input buffer */
-		 checkBuffer(pData, pOffset, pLen, false);
-
-		 /* Store the data */
-		 if (forEncryption)
-		 {
-		     thePlain.Write(pData, pOffset, pLen);
-		     theDataHasher.updateHash(pData, pOffset, pLen);
-		 }
-		 else
-		 {
-		     theEncData.Write(pData, pOffset, pLen);
-		 }
-
-		 /* No data returned */
-		 return 0;
-	     }
-
-	     public int DoFinal(byte[] pOutput,
-				int pOffset)
-	     {
-		 /* Check that we have initialised */
-		 checkStatus(0);
-
-		 /* Check output buffer */
-		 checkBuffer(pOutput, pOffset, GetOutputSize(0), true);
-
-		 /* If we are encrypting */
-		 if (forEncryption)
-		 {
-		     /* Derive the tag */
-		     byte[] myTag = calculateTag();
-
-		     /* encrypt the plain text */
-		     int myDataLen = BUFLEN + encryptPlain(myTag, pOutput, pOffset);
-
-		     /* Add the tag to the output */
-		     Array.Copy(myTag, 0, pOutput, pOffset + thePlain.Length, BUFLEN);
-
-		     /* Reset the streams */
-		     resetStreams();
-		     return myDataLen;
-
-		     /* else we are decrypting */
-		 }
-		 else
-		 {
-		     /* decrypt to plain text */
-		     decryptPlain();
-
-		     /* Release plain text */
-		     int myDataLen = (int)thePlain.Length;
-		     byte[] mySrc = thePlain.GetBuffer();
-		     Array.Copy(mySrc, 0, pOutput, pOffset, myDataLen);
-
-		     /* Reset the streams */
-		     resetStreams();
-		     return myDataLen;
-		 }
-	     }
-
-	     public byte[] GetMac()
-	     {
-		 throw new InvalidOperationException();
-	     }
-
-	     public int GetUpdateOutputSize(int pLen)
-	     {
-		 return 0;
-	     }
-
-	     public int GetOutputSize(int pLen)
-	     {
-		 if (forEncryption) {
-		     return (int)(pLen + thePlain.Length + BUFLEN);
-		 }
-		 int myCurr = (int)(pLen + theEncData.Length);
-		 return myCurr > BUFLEN ? myCurr - BUFLEN : 0;
-	     }
-
-	     public void Reset()
-	     {
-		 resetStreams();
-	     }
-
-	     /**
-	      * Reset Streams.
-	      */
-	     private void resetStreams()
-	     {
-		 /* Clear the plainText buffer */
-		 if (thePlain != null)
-		 {
-			 thePlain.Dispose();
-			 thePlain = new GCMSIVCache();  
-		 }
-
-		 /* Reset hashers */
-		 theAEADHasher.reset();
-		 theDataHasher.reset();
-
-		 /* Recreate streams (to release memory) */
-		 thePlain = new GCMSIVCache();
-		 theEncData = forEncryption ? null : new GCMSIVCache();
-
-		 /* Initialise AEAD if required */
-		 theFlags &= ~AEAD_COMPLETE;
-		 Arrays.Fill(theGHash, (byte) 0);
-		 if (theInitialAEAD != null)
-		 {
-		     theAEADHasher.updateHash(theInitialAEAD, 0, theInitialAEAD.Length);
-		 }
-	      }
-
-	     /**
-	      * Obtain buffer length (allowing for null).
-	      * @param pBuffer the buffere
-	      * @return the length
-	      */
-	     private static int bufLength(byte[] pBuffer)
-	     {
-		 return pBuffer == null ? 0 : pBuffer.Length;
-	     }
-
-	     /**
-	      * Check buffer.
-	      * @param pBuffer the buffer
-	      * @param pOffset the offset
-	      * @param pLen the length
-	      * @param pOutput is this an output buffer?
-	      */
-	     private static void checkBuffer(byte[] pBuffer,
-					     int pOffset,
-					     int pLen,
-					     bool pOutput)
-	     {
-		 /* Access lengths */
-		 int myBufLen = bufLength(pBuffer);
-		 int myLast = pOffset + pLen;
-
-		 /* Check for negative values and buffer overflow */
-		 bool badLen = pLen < 0 || pOffset < 0 || myLast < 0;
-		 if (badLen || myLast > myBufLen)
-		 {
-		     throw pOutput
-			     ? new OutputLengthException("Output buffer too short.")
-			     : new DataLengthException("Input buffer too short.");
-		 }
-	     }
-
-	     /**
-	      * encrypt data stream.
-	      * @param pCounter the counter
-	      * @param pTarget the target buffer
-	      * @param pOffset the target offset
-	      * @return the length of data encrypted
-	      */
-	     private int encryptPlain(byte[] pCounter,
-				      byte[] pTarget,
-				      int pOffset)
-	     {
-		 /* Access buffer and length */
-		 byte[] mySrc = thePlain.GetBuffer();
-		 byte[] myCounter = Arrays.Clone(pCounter);
-		 myCounter[BUFLEN - 1] |= MASK;
-		 byte[] myMask = new byte[BUFLEN];
-		 long myRemaining = thePlain.Length;
-		 int myOff = 0;
-
-		 /* While we have data to process */
-		 while (myRemaining > 0)
-		 {
-		     /* Generate the next mask */
-		     theCipher.ProcessBlock(myCounter, 0, myMask, 0);
-
-		     /* Xor data into mask */
-		     int myLen = (int)System.Math.Min(BUFLEN, myRemaining);
-		     xorBlock(myMask, mySrc, myOff, myLen);
-
-		     /* Copy encrypted data to output */
-		     Array.Copy(myMask, 0, pTarget, pOffset + myOff, myLen);
-
-		     /* Adjust counters */
-		     myRemaining -= myLen;
-		     myOff += myLen;
-		     incrementCounter(myCounter);
-		 }
-
-		 /* Return the amount of data processed */
-		 return (int)thePlain.Length;
-	     }
-
-	     /**
-	      * decrypt data stream.
-	      * @throws InvalidCipherTextException on data too short or mac check failed
-	      */
-	     private void decryptPlain()
-	     {
-		 /* Access buffer and length */
-		 byte[] mySrc = theEncData.GetBuffer();
-		 int myRemaining = (int)theEncData.Length - BUFLEN;
-
-		 /* Check for insufficient data */
-		 if (myRemaining < 0)
-		 {
-		     throw new InvalidCipherTextException("Data too short");
-		 }
-
-		 /* Access counter */
-		 byte[] myExpected = Arrays.CopyOfRange(mySrc, myRemaining, myRemaining + BUFLEN);
-		 byte[] myCounter = Arrays.Clone(myExpected);
-		 myCounter[BUFLEN - 1] |= MASK;
-		 byte[] myMask = new byte[BUFLEN];
-		 int myOff = 0;
-
-		 /* While we have data to process */
-		 while (myRemaining > 0)
-		 {
-		     /* Generate the next mask */
-		     theCipher.ProcessBlock(myCounter, 0, myMask, 0);
-
-		     /* Xor data into mask */
-		     int myLen = System.Math.Min(BUFLEN, myRemaining);
-		     xorBlock(myMask, mySrc, myOff, myLen);
-
-		     /* Write data to plain dataStream */
-		     thePlain.Write(myMask, 0, myLen);
-		     theDataHasher.updateHash(myMask, 0, myLen);
-
-		     /* Adjust counters */
-		     myRemaining -= myLen;
-		     myOff += myLen;
-		     incrementCounter(myCounter);
-		 }
-
-		 /* Derive and check the tag */
-		 byte[] myTag = calculateTag();
-		 if (!Arrays.ConstantTimeAreEqual(myTag, myExpected))
-		 {
-		     Reset();
-		     throw new InvalidCipherTextException("mac check failed");
-		 }
-	     }
-
-	     /**
-	      * calculate tag.
-	      * @return the calculated tag
-	      */
-	     private byte[] calculateTag()
-	     {
-		 /* Complete the hash */
-		 theDataHasher.completeHash();
-		 byte[] myPolyVal = completePolyVal();
-
-		 /* calculate polyVal */
-		 byte[] myResult = new byte[BUFLEN];
-
-		 /* Fold in the nonce */
-		 for (int i = 0; i < NONCELEN; i++)
-		 {
-		     myPolyVal[i] ^= theNonce[i];
-		 }
-
-		 /* Clear top bit */
-		 myPolyVal[BUFLEN - 1] &= (byte)(MASK - 1);
-
-		 /* Calculate tag and return it */
-		 theCipher.ProcessBlock(myPolyVal, 0, myResult, 0);
-		 return myResult;
-	     }
-
-	     /**
-	      * complete polyVAL.
-	      * @return the calculated value
-	      */
-	     private byte[] completePolyVal()
-	     {
-		 /* Build the polyVal result */
-		 byte[] myResult = new byte[BUFLEN];
-		 gHashLengths();
-		 fillReverse(theGHash, 0, BUFLEN, myResult);
-		 return myResult;
-	     }
-
-	     /**
-	      * process lengths.
-	      */
-	     private void gHashLengths()
-	     {
-		 /* Create reversed bigEndian buffer to keep it simple */
-		 byte[] myIn = new byte[BUFLEN];
-		 Pack.UInt64_To_BE((ulong)Bytes.SIZE * theDataHasher.getBytesProcessed(), myIn, 0);
-		 Pack.UInt64_To_BE((ulong)Bytes.SIZE * theAEADHasher.getBytesProcessed(), myIn, (int)Longs.BYTES);
-
-		 /* hash value */
-		 gHASH(myIn);
-	     }
-
-	     /**
-	      * perform the next GHASH step.
-	      * @param pNext the next value
-	      */
-	     private void gHASH(byte[] pNext)
-	     {
-		 	xorBlock(theGHash, pNext);
-		 	theMultiplier.MultiplyH(theGHash);
-	     }
-
-	     /**
-	      * Byte reverse a buffer.
-	      * @param pInput the input buffer
-	      * @param pOffset the offset
-	      * @param pLength the length of data (<= BUFLEN)
-	      * @param pOutput the output buffer
-	      */
-	     private static void fillReverse(byte[] pInput,
-					     int pOffset,
-					     int pLength,
-					     byte[] pOutput)
-	     {
-		 /* Loop through the buffer */
-		 for (int i = 0, j = BUFLEN - 1; i < pLength; i++, j--)
-		 {
-		     /* Copy byte */
-		     pOutput[j] = pInput[pOffset + i];
-		 }
-	     }
-
-	     /**
-	      * xor a full block buffer.
-	      * @param pLeft the left operand and result
-	      * @param pRight the right operand
-	      */
-	     private static void xorBlock(byte[] pLeft,
-					  byte[] pRight)
-	     {
-		 /* Loop through the bytes */
-		 for (int i = 0; i < BUFLEN; i++)
-		 {
-		     pLeft[i] ^= pRight[i];
-		 }
-	     }
-
-	     /**
-	      * xor a partial block buffer.
-	      * @param pLeft the left operand and result
-	      * @param pRight the right operand
-	      * @param pOffset the offset in the right operand
-	      * @param pLength the length of data in the right operand
-	      */
-	     private static void xorBlock(byte[] pLeft,
-					  byte[] pRight,
-					  int pOffset,
-					  int pLength)
-					  {
-		 /* Loop through the bytes */
-		 for (int i = 0; i < pLength; i++)
-		 {
-		     pLeft[i] ^= pRight[i + pOffset];
-		 }
-	     }
-
-	     /**
-	      * increment the counter.
-	      * @param pCounter the counter to increment
-	      */
-	     private static void incrementCounter(byte[] pCounter)
-	     {
-		 /* Loop through the bytes incrementing counter */
-		 for (int i = 0; i < Integers.BYTES; i++)
-		 {
-		     if (++pCounter[i] != 0)
-		     {
-			 break;
-		     }
-		 }
-	     }
-
-	     /**
-	      * multiply by X.
-	      * @param pValue the value to adjust
-	      */
-	     private static void mulX(byte[] pValue)
-	     {
-		 /* Loop through the bytes */
-		 byte myMask = (byte) 0;
-		 for (int i = 0; i < BUFLEN; i++)
-		 {
-		     byte myValue = pValue[i];
-		     pValue[i] = (byte) (((myValue >> 1) & ~MASK) | myMask);
-		     myMask = (byte)((myValue & 1) == 0 ? 0 : MASK);
-		 }
-
-		 /* Xor in addition if last bit was set */
-		 if (myMask != 0)
-		 {
-		     pValue[0] ^= ADD;
-		 }
-	     }
-
-	     /**
-	      * Derive Keys.
-	      * @param pKey the keyGeneration key
-	      */
-	     private void deriveKeys(KeyParameter pKey)
-	     {
-		 /* Create the buffers */
-		 byte[] myIn = new byte[BUFLEN];
-		 byte[] myOut = new byte[BUFLEN];
-		 byte[] myResult = new byte[BUFLEN];
-		 byte[] myEncKey = new byte[pKey.GetKey().Length];
-
-		 /* Prepare for encryption */
-		 Array.Copy(theNonce, 0, myIn, BUFLEN - NONCELEN, NONCELEN);
-		 theCipher.Init(true, pKey);
-
-		 /* Derive authentication key */
-		 int myOff = 0;
-		 theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		 Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN);
-		 myIn[0]++;
-		 myOff += HALFBUFLEN;
-		 theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		 Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN);
-
-		 /* Derive encryption key */
-		 myIn[0]++;
-		 myOff = 0;
-		 theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		 Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
-		 myIn[0]++;
-		 myOff += HALFBUFLEN;
-		 theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		 Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
-
-		 /* If we have a 32byte key */
-		 if (myEncKey.Length == BUFLEN << 1)
-		 {
-		     /* Derive remainder of encryption key */
-		     myIn[0]++;
-		     myOff += HALFBUFLEN;
-		     theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		     Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
-		     myIn[0]++;
-		     myOff += HALFBUFLEN;
-		     theCipher.ProcessBlock(myIn, 0, myOut, 0);
-		     Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
-		 }
-
-		 /* Initialise the Cipher */
-		 theCipher.Init(true, new KeyParameter(myEncKey));
-
-		 /* Initialise the multiplier */
-		 fillReverse(myResult, 0, BUFLEN, myOut);
-		 mulX(myOut);
-		 theMultiplier.Init(myOut);
-		 theFlags |= INIT;
-	     }
-
-	     /**
-	      * GCMSIVCache.
-	      */
-	     class GCMSIVCache
-		     : MemoryOutputStream
-	     {
-		 /**
-		  * number of bytes hashed.
-		  */
-		 private int numHashed;
-
-		 /**
-		  * Constructor.
-		  */
-		 internal GCMSIVCache()
-		 {
-		 }
-	     }
-
-	     /**
-	      * Hash Control.
-	      */
-	     class GCMSIVHasher
-	     {
-		 /**
-		  * Cache.
-		  */
-		 private readonly byte[] theBuffer = new byte[BUFLEN];
-
-		 /**
-		  * Single byte cache.
-		  */
-		 private readonly byte[] theByte = new byte[1];
-
-		 /**
-		  * Count of active bytes in cache.
-		  */
-		 private int numActive;
-
-		 /**
-		  * Count of hashed bytes.
-		  */
-		 private ulong numHashed;
-
-		private readonly GcmSivBlockCipher parent;
-
-		internal GCMSIVHasher(GcmSivBlockCipher parent)
-		{
-			this.parent = parent;
-		}
-
-		 /**
-		  * Obtain the count of bytes hashed.
-		  * @return the count
-		  */
-		 internal ulong getBytesProcessed()
-		 {
-		     return numHashed;
-		 }
-
-		 /**
-		  * Reset the hasher.
-		  */
-		 internal void reset()
-		 {
-		     numActive = 0;
-		     numHashed = 0;
-		 }
-
-		 /**
-		  * update hash.
-		  * @param pByte the byte
-		  */
-		 internal void updateHash(byte pByte)
-		 {
-		     theByte[0] = pByte;
-		     updateHash(theByte, 0, 1);
-		 }
-
-		 /**
-		  * update hash.
-		  * @param pBuffer the buffer
-		  * @param pOffset the offset within the buffer
-		  * @param pLen the length of data
-		  */
-		 internal void updateHash(byte[] pBuffer,
-				 int pOffset,
-				 int pLen)
-		 {
-		     /* If we should process the cache */
-		     int mySpace = BUFLEN - numActive;
-		     int numProcessed = 0;
-		     int myRemaining = pLen;
-		     if (numActive > 0
-			     && pLen >= mySpace)
-		     {
-			 /* Copy data into the cache and hash it */
-			 Array.Copy(pBuffer, pOffset, theBuffer, numActive, mySpace);
-			 fillReverse(theBuffer, 0, BUFLEN, parent.theReverse);
-			 parent.gHASH(parent.theReverse);
-
-			 /* Adjust counters */
-			 numProcessed += mySpace;
-			 myRemaining -= mySpace;
-			 numActive = 0;
-		     }
-
-		     /* While we have full blocks */
-		     while (myRemaining >= BUFLEN)
-		     {
-			 /* Access the next data */
-			 fillReverse(pBuffer, pOffset + numProcessed, BUFLEN, parent.theReverse);
-			 parent.gHASH(parent.theReverse);
-
-			 /* Adjust counters */
-			 numProcessed += mySpace;
-			 myRemaining -= mySpace;
-		     }
-
-		     /* If we have remaining data */
-		     if (myRemaining > 0)
-		     {
-			 /* Copy data into the cache */
-			 Array.Copy(pBuffer, pOffset + numProcessed, theBuffer, numActive, myRemaining);
-			 numActive += myRemaining;
-		     }
-
-		     /* Adjust the number of bytes processed */
-		     numHashed += (ulong)pLen;
-		 }
-
-		 /**
-		  * complete hash.
-		  */
-		 internal void completeHash()
-		 {
-		     /* If we have remaining data */
-		     if (numActive > 0)
-		     {
-			 /* Access the next data */
-			 Arrays.Fill(parent.theReverse, (byte) 0);
-			 fillReverse(theBuffer, 0, numActive, parent.theReverse);
-
-			 /* hash value */
-			 parent.gHASH(parent.theReverse);
-		     }
-		 }
-	     }
-	 }
+        public virtual void Init(bool pEncrypt, ICipherParameters cipherParameters)
+        {
+            /* Set defaults */
+            byte[] myInitialAEAD = null;
+            byte[] myNonce = null;
+            KeyParameter myKey = null;
+
+            /* Access parameters */
+            if (cipherParameters is AeadParameters)
+            {
+                AeadParameters myAEAD = (AeadParameters)cipherParameters;
+                myInitialAEAD = myAEAD.GetAssociatedText();
+                myNonce = myAEAD.GetNonce();
+                myKey = myAEAD.Key;
+            }
+            else if (cipherParameters is ParametersWithIV)
+            {
+                ParametersWithIV myParms = (ParametersWithIV)cipherParameters;
+                myNonce = myParms.GetIV();
+                myKey = (KeyParameter)myParms.Parameters;
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameters passed to GCM_SIV");
+            }
+
+            /* Check nonceSize */
+            if (myNonce == null || myNonce.Length != NONCELEN)
+            {
+                throw new ArgumentException("Invalid nonce");
+            }
+
+            /* Check keysize */
+            if (myKey == null)
+            {
+                throw new ArgumentException("Invalid key");
+            }
+
+            byte[] k = myKey.GetKey();
+
+            if (k.Length != BUFLEN
+            && k.Length != (BUFLEN << 1))
+            {
+                throw new ArgumentException("Invalid key");
+            }
+
+            /* Reset details */
+            forEncryption = pEncrypt;
+            theInitialAEAD = myInitialAEAD;
+            theNonce = myNonce;
+
+            /* Initialise the keys */
+            deriveKeys(myKey);
+            ResetStreams();
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return theCipher.AlgorithmName + "-GCM-SIV"; }
+        }
+
+        /**
+        * check AEAD status.
+        * @param pLen the aeadLength
+        */
+        private void CheckAeadStatus(int pLen)
+        {
+            /* Check we are initialised */
+            if ((theFlags & INIT) == 0)
+            {
+                throw new InvalidOperationException("Cipher is not initialised");
+            }
+
+            /* Check AAD is allowed */
+            if ((theFlags & AEAD_COMPLETE) != 0)
+            {
+                throw new InvalidOperationException("AEAD data cannot be processed after ordinary data");
+            }
+
+            /* Make sure that we haven't breached AEAD data limit */
+            if ((long)theAEADHasher.getBytesProcessed() + Int64.MinValue > (MAX_DATALEN - pLen) + Int64.MinValue)
+            {
+                throw new InvalidOperationException("AEAD byte count exceeded");
+            }
+        }
+
+        /**
+        * check status.
+        * @param pLen the dataLength
+        */
+        private void CheckStatus(int pLen)
+        {
+            /* Check we are initialised */
+            if ((theFlags & INIT) == 0)
+            {
+                throw new InvalidOperationException("Cipher is not initialised");
+            }
+
+            /* Complete the AEAD section if this is the first data */
+            if ((theFlags & AEAD_COMPLETE) == 0)
+            {
+                theAEADHasher.completeHash();
+                theFlags |= AEAD_COMPLETE;
+            }
+
+            /* Make sure that we haven't breached data limit */
+            long dataLimit = MAX_DATALEN;
+            long currBytes = thePlain.Length;
+            if (!forEncryption)
+            {
+                dataLimit += BUFLEN;
+                currBytes = theEncData.Length;
+            }
+            if (currBytes + System.Int64.MinValue
+            > (dataLimit - pLen) + System.Int64.MinValue)
+            {
+                throw new InvalidOperationException("byte count exceeded");
+            }
+        }
+
+        public virtual void ProcessAadByte(byte pByte)
+        {
+            /* Check that we can supply AEAD */
+            CheckAeadStatus(1);
+
+            /* Process the aead */
+            theAEADHasher.updateHash(pByte);
+        }
+
+        public virtual void ProcessAadBytes(byte[] pData, int pOffset, int pLen)
+        {
+            /* Check that we can supply AEAD */
+            CheckAeadStatus(pLen);
+
+            /* Check input buffer */
+            CheckBuffer(pData, pOffset, pLen, false);
+
+            /* Process the aead */
+            theAEADHasher.updateHash(pData, pOffset, pLen);
+        }
+
+        public virtual int ProcessByte(byte pByte, byte[] pOutput, int pOutOffset)
+        {
+            /* Check that we have initialised */
+            CheckStatus(1);
+
+            /* Store the data */
+            if (forEncryption)
+            {
+                thePlain.WriteByte(pByte);
+                theDataHasher.updateHash(pByte);
+            }
+            else
+            {
+                theEncData.WriteByte(pByte);
+            }
+
+            /* No data returned */
+            return 0;
+        }
+
+        public virtual int ProcessBytes(byte[] pData, int pOffset, int pLen, byte[] pOutput, int pOutOffset)
+        {
+            /* Check that we have initialised */
+            CheckStatus(pLen);
+
+            /* Check input buffer */
+            CheckBuffer(pData, pOffset, pLen, false);
+
+            /* Store the data */
+            if (forEncryption)
+            {
+                thePlain.Write(pData, pOffset, pLen);
+                theDataHasher.updateHash(pData, pOffset, pLen);
+            }
+            else
+            {
+                theEncData.Write(pData, pOffset, pLen);
+            }
+
+            /* No data returned */
+            return 0;
+        }
+
+        public virtual int DoFinal(byte[] pOutput, int pOffset)
+        {
+            /* Check that we have initialised */
+            CheckStatus(0);
+
+            /* Check output buffer */
+            CheckBuffer(pOutput, pOffset, GetOutputSize(0), true);
+
+            /* If we are encrypting */
+            if (forEncryption)
+            {
+                /* Derive the tag */
+                byte[] myTag = calculateTag();
+
+                /* encrypt the plain text */
+                int myDataLen = BUFLEN + encryptPlain(myTag, pOutput, pOffset);
+
+                /* Add the tag to the output */
+                Array.Copy(myTag, 0, pOutput, pOffset + thePlain.Length, BUFLEN);
+
+                /* Reset the streams */
+                ResetStreams();
+                return myDataLen;
+
+                /* else we are decrypting */
+            }
+            else
+            {
+                /* decrypt to plain text */
+                decryptPlain();
+
+                /* Release plain text */
+                int myDataLen = Streams.WriteBufTo(thePlain, pOutput, pOffset);
+
+                /* Reset the streams */
+                ResetStreams();
+                return myDataLen;
+            }
+        }
+
+        public virtual byte[] GetMac()
+        {
+            throw new InvalidOperationException();
+        }
+
+        public virtual int GetUpdateOutputSize(int pLen)
+        {
+            return 0;
+        }
+
+        public virtual int GetOutputSize(int pLen)
+        {
+            if (forEncryption)
+            {
+                return (int)(pLen + thePlain.Length + BUFLEN);
+            }
+            int myCurr = (int)(pLen + theEncData.Length);
+            return myCurr > BUFLEN ? myCurr - BUFLEN : 0;
+        }
+
+        public virtual void Reset()
+        {
+            ResetStreams();
+        }
+
+        /**
+        * Reset Streams.
+        */
+        private void ResetStreams()
+        {
+            /* Clear the plainText buffer */
+            if (thePlain != null)
+            {
+                thePlain.Position = 0L;
+                Streams.WriteZeroes(thePlain, thePlain.Capacity);
+            }
+
+            /* Reset hashers */
+            theAEADHasher.Reset();
+            theDataHasher.Reset();
+
+            /* Recreate streams (to release memory) */
+            thePlain = new GcmSivCache();
+            theEncData = forEncryption ? null : new GcmSivCache();
+
+            /* Initialise AEAD if required */
+            theFlags &= ~AEAD_COMPLETE;
+            Arrays.Fill(theGHash, (byte)0);
+            if (theInitialAEAD != null)
+            {
+                theAEADHasher.updateHash(theInitialAEAD, 0, theInitialAEAD.Length);
+            }
+        }
+
+        /**
+        * Obtain buffer length (allowing for null).
+        * @param pBuffer the buffere
+        * @return the length
+        */
+        private static int bufLength(byte[] pBuffer)
+        {
+            return pBuffer == null ? 0 : pBuffer.Length;
+        }
+
+        /**
+        * Check buffer.
+        * @param pBuffer the buffer
+        * @param pOffset the offset
+        * @param pLen the length
+        * @param pOutput is this an output buffer?
+        */
+        private static void CheckBuffer(byte[] pBuffer, int pOffset, int pLen, bool pOutput)
+        {
+            /* Access lengths */
+            int myBufLen = bufLength(pBuffer);
+            int myLast = pOffset + pLen;
+
+            /* Check for negative values and buffer overflow */
+            bool badLen = pLen < 0 || pOffset < 0 || myLast < 0;
+            if (badLen || myLast > myBufLen)
+            {
+                throw pOutput
+                ? new OutputLengthException("Output buffer too short.")
+                : new DataLengthException("Input buffer too short.");
+            }
+        }
+
+        /**
+        * encrypt data stream.
+        * @param pCounter the counter
+        * @param pTarget the target buffer
+        * @param pOffset the target offset
+        * @return the length of data encrypted
+        */
+        private int encryptPlain(byte[] pCounter, byte[] pTarget, int pOffset)
+        {
+            /* Access buffer and length */
+#if PORTABLE
+            byte[] thePlainBuf = thePlain.ToArray();
+            int thePlainLen = thePlainBuf.Length;
+#else
+            byte[] thePlainBuf = thePlain.GetBuffer();
+            int thePlainLen = (int)thePlain.Length;
+#endif
+
+            byte[] mySrc = thePlainBuf;
+            byte[] myCounter = Arrays.Clone(pCounter);
+            myCounter[BUFLEN - 1] |= MASK;
+            byte[] myMask = new byte[BUFLEN];
+            long myRemaining = thePlainLen;
+            int myOff = 0;
+
+            /* While we have data to process */
+            while (myRemaining > 0)
+            {
+                /* Generate the next mask */
+                theCipher.ProcessBlock(myCounter, 0, myMask, 0);
+
+                /* Xor data into mask */
+                int myLen = (int)System.Math.Min(BUFLEN, myRemaining);
+                xorBlock(myMask, mySrc, myOff, myLen);
+
+                /* Copy encrypted data to output */
+                Array.Copy(myMask, 0, pTarget, pOffset + myOff, myLen);
+
+                /* Adjust counters */
+                myRemaining -= myLen;
+                myOff += myLen;
+                incrementCounter(myCounter);
+            }
+
+            /* Return the amount of data processed */
+            return thePlainLen;
+        }
+
+        /**
+        * decrypt data stream.
+        * @throws InvalidCipherTextException on data too short or mac check failed
+        */
+        private void decryptPlain()
+        {
+            /* Access buffer and length */
+#if PORTABLE
+            byte[] theEncDataBuf = theEncData.ToArray();
+            int theEncDataLen = theEncDataBuf.Length;
+#else
+            byte[] theEncDataBuf = theEncData.GetBuffer();
+            int theEncDataLen = (int)theEncData.Length;
+#endif
+
+            byte[] mySrc = theEncDataBuf;
+            int myRemaining = theEncDataLen - BUFLEN;
+
+            /* Check for insufficient data */
+            if (myRemaining < 0)
+            {
+                throw new InvalidCipherTextException("Data too short");
+            }
+
+            /* Access counter */
+            byte[] myExpected = Arrays.CopyOfRange(mySrc, myRemaining, myRemaining + BUFLEN);
+            byte[] myCounter = Arrays.Clone(myExpected);
+            myCounter[BUFLEN - 1] |= MASK;
+            byte[] myMask = new byte[BUFLEN];
+            int myOff = 0;
+
+            /* While we have data to process */
+            while (myRemaining > 0)
+            {
+                /* Generate the next mask */
+                theCipher.ProcessBlock(myCounter, 0, myMask, 0);
+
+                /* Xor data into mask */
+                int myLen = System.Math.Min(BUFLEN, myRemaining);
+                xorBlock(myMask, mySrc, myOff, myLen);
+
+                /* Write data to plain dataStream */
+                thePlain.Write(myMask, 0, myLen);
+                theDataHasher.updateHash(myMask, 0, myLen);
+
+                /* Adjust counters */
+                myRemaining -= myLen;
+                myOff += myLen;
+                incrementCounter(myCounter);
+            }
+
+            /* Derive and check the tag */
+            byte[] myTag = calculateTag();
+            if (!Arrays.ConstantTimeAreEqual(myTag, myExpected))
+            {
+                Reset();
+                throw new InvalidCipherTextException("mac check failed");
+            }
+        }
+
+        /**
+        * calculate tag.
+        * @return the calculated tag
+        */
+        private byte[] calculateTag()
+        {
+            /* Complete the hash */
+            theDataHasher.completeHash();
+            byte[] myPolyVal = completePolyVal();
+
+            /* calculate polyVal */
+            byte[] myResult = new byte[BUFLEN];
+
+            /* Fold in the nonce */
+            for (int i = 0; i < NONCELEN; i++)
+            {
+                myPolyVal[i] ^= theNonce[i];
+            }
+
+            /* Clear top bit */
+            myPolyVal[BUFLEN - 1] &= (byte)(MASK - 1);
+
+            /* Calculate tag and return it */
+            theCipher.ProcessBlock(myPolyVal, 0, myResult, 0);
+            return myResult;
+        }
+
+        /**
+        * complete polyVAL.
+        * @return the calculated value
+        */
+        private byte[] completePolyVal()
+        {
+            /* Build the polyVal result */
+            byte[] myResult = new byte[BUFLEN];
+            gHashLengths();
+            fillReverse(theGHash, 0, BUFLEN, myResult);
+            return myResult;
+        }
+
+        /**
+        * process lengths.
+        */
+        private void gHashLengths()
+        {
+            /* Create reversed bigEndian buffer to keep it simple */
+            byte[] myIn = new byte[BUFLEN];
+            Pack.UInt64_To_BE((ulong)Bytes.NumBits * theDataHasher.getBytesProcessed(), myIn, 0);
+            Pack.UInt64_To_BE((ulong)Bytes.NumBits * theAEADHasher.getBytesProcessed(), myIn, Longs.NumBytes);
+
+            /* hash value */
+            gHASH(myIn);
+        }
+
+        /**
+        * perform the next GHASH step.
+        * @param pNext the next value
+        */
+        private void gHASH(byte[] pNext)
+        {
+            xorBlock(theGHash, pNext);
+            theMultiplier.MultiplyH(theGHash);
+        }
+
+        /**
+        * Byte reverse a buffer.
+        * @param pInput the input buffer
+        * @param pOffset the offset
+        * @param pLength the length of data (<= BUFLEN)
+        * @param pOutput the output buffer
+        */
+        private static void fillReverse(byte[] pInput, int pOffset, int pLength, byte[] pOutput)
+        {
+            /* Loop through the buffer */
+            for (int i = 0, j = BUFLEN - 1; i < pLength; i++, j--)
+            {
+                /* Copy byte */
+                pOutput[j] = pInput[pOffset + i];
+            }
+        }
+
+        /**
+        * xor a full block buffer.
+        * @param pLeft the left operand and result
+        * @param pRight the right operand
+        */
+        private static void xorBlock(byte[] pLeft, byte[] pRight)
+        {
+            /* Loop through the bytes */
+            for (int i = 0; i < BUFLEN; i++)
+            {
+                pLeft[i] ^= pRight[i];
+            }
+        }
+
+        /**
+        * xor a partial block buffer.
+        * @param pLeft the left operand and result
+        * @param pRight the right operand
+        * @param pOffset the offset in the right operand
+        * @param pLength the length of data in the right operand
+        */
+        private static void xorBlock(byte[] pLeft, byte[] pRight, int pOffset, int pLength)
+        {
+            /* Loop through the bytes */
+            for (int i = 0; i < pLength; i++)
+            {
+                pLeft[i] ^= pRight[i + pOffset];
+            }
+        }
+
+        /**
+        * increment the counter.
+        * @param pCounter the counter to increment
+        */
+        private static void incrementCounter(byte[] pCounter)
+        {
+            /* Loop through the bytes incrementing counter */
+            for (int i = 0; i < Integers.NumBytes; i++)
+            {
+                if (++pCounter[i] != 0)
+                {
+                    break;
+                }
+            }
+        }
+
+        /**
+        * multiply by X.
+        * @param pValue the value to adjust
+        */
+        private static void mulX(byte[] pValue)
+        {
+            /* Loop through the bytes */
+            byte myMask = (byte)0;
+            for (int i = 0; i < BUFLEN; i++)
+            {
+                byte myValue = pValue[i];
+                pValue[i] = (byte)(((myValue >> 1) & ~MASK) | myMask);
+                myMask = (byte)((myValue & 1) == 0 ? 0 : MASK);
+            }
+
+            /* Xor in addition if last bit was set */
+            if (myMask != 0)
+            {
+                pValue[0] ^= ADD;
+            }
+        }
+
+        /**
+        * Derive Keys.
+        * @param pKey the keyGeneration key
+        */
+        private void deriveKeys(KeyParameter pKey)
+        {
+            /* Create the buffers */
+            byte[] myIn = new byte[BUFLEN];
+            byte[] myOut = new byte[BUFLEN];
+            byte[] myResult = new byte[BUFLEN];
+            byte[] myEncKey = new byte[pKey.GetKey().Length];
+
+            /* Prepare for encryption */
+            Array.Copy(theNonce, 0, myIn, BUFLEN - NONCELEN, NONCELEN);
+            theCipher.Init(true, pKey);
+
+            /* Derive authentication key */
+            int myOff = 0;
+            theCipher.ProcessBlock(myIn, 0, myOut, 0);
+            Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN);
+            myIn[0]++;
+            myOff += HALFBUFLEN;
+            theCipher.ProcessBlock(myIn, 0, myOut, 0);
+            Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN);
+
+            /* Derive encryption key */
+            myIn[0]++;
+            myOff = 0;
+            theCipher.ProcessBlock(myIn, 0, myOut, 0);
+            Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
+            myIn[0]++;
+            myOff += HALFBUFLEN;
+            theCipher.ProcessBlock(myIn, 0, myOut, 0);
+            Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
+
+            /* If we have a 32byte key */
+            if (myEncKey.Length == BUFLEN << 1)
+            {
+                /* Derive remainder of encryption key */
+                myIn[0]++;
+                myOff += HALFBUFLEN;
+                theCipher.ProcessBlock(myIn, 0, myOut, 0);
+                Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
+                myIn[0]++;
+                myOff += HALFBUFLEN;
+                theCipher.ProcessBlock(myIn, 0, myOut, 0);
+                Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN);
+            }
+
+            /* Initialise the Cipher */
+            theCipher.Init(true, new KeyParameter(myEncKey));
+
+            /* Initialise the multiplier */
+            fillReverse(myResult, 0, BUFLEN, myOut);
+            mulX(myOut);
+            theMultiplier.Init(myOut);
+            theFlags |= INIT;
+        }
+
+        private class GcmSivCache
+            : MemoryStream
+        {
+            internal GcmSivCache()
+            {
+            }
+        }
+
+        /**
+        * Hash Control.
+        */
+        private class GcmSivHasher
+        {
+            /**
+            * Cache.
+            */
+            private readonly byte[] theBuffer = new byte[BUFLEN];
+
+            /**
+            * Single byte cache.
+            */
+            private readonly byte[] theByte = new byte[1];
+
+            /**
+            * Count of active bytes in cache.
+            */
+            private int numActive;
+
+            /**
+            * Count of hashed bytes.
+            */
+            private ulong numHashed;
+
+            private readonly GcmSivBlockCipher parent;
+
+            internal GcmSivHasher(GcmSivBlockCipher parent)
+            {
+                this.parent = parent;
+            }
+
+            /**
+            * Obtain the count of bytes hashed.
+            * @return the count
+            */
+            internal ulong getBytesProcessed()
+            {
+                return numHashed;
+            }
+
+            /**
+            * Reset the hasher.
+            */
+            internal void Reset()
+            {
+                numActive = 0;
+                numHashed = 0;
+            }
+
+            /**
+            * update hash.
+            * @param pByte the byte
+            */
+            internal void updateHash(byte pByte)
+            {
+                theByte[0] = pByte;
+                updateHash(theByte, 0, 1);
+            }
+
+            /**
+            * update hash.
+            * @param pBuffer the buffer
+            * @param pOffset the offset within the buffer
+            * @param pLen the length of data
+            */
+            internal void updateHash(byte[] pBuffer, int pOffset, int pLen)
+            {
+                /* If we should process the cache */
+                int mySpace = BUFLEN - numActive;
+                int numProcessed = 0;
+                int myRemaining = pLen;
+                if (numActive > 0 && pLen >= mySpace)
+                {
+                    /* Copy data into the cache and hash it */
+                    Array.Copy(pBuffer, pOffset, theBuffer, numActive, mySpace);
+                    fillReverse(theBuffer, 0, BUFLEN, parent.theReverse);
+                    parent.gHASH(parent.theReverse);
+
+                    /* Adjust counters */
+                    numProcessed += mySpace;
+                    myRemaining -= mySpace;
+                    numActive = 0;
+                }
+
+                /* While we have full blocks */
+                while (myRemaining >= BUFLEN)
+                {
+                    /* Access the next data */
+                    fillReverse(pBuffer, pOffset + numProcessed, BUFLEN, parent.theReverse);
+                    parent.gHASH(parent.theReverse);
+
+                    /* Adjust counters */
+                    numProcessed += mySpace;
+                    myRemaining -= mySpace;
+                }
+
+                /* If we have remaining data */
+                if (myRemaining > 0)
+                {
+                    /* Copy data into the cache */
+                    Array.Copy(pBuffer, pOffset + numProcessed, theBuffer, numActive, myRemaining);
+                    numActive += myRemaining;
+                }
+
+                /* Adjust the number of bytes processed */
+                numHashed += (ulong)pLen;
+            }
+
+            /**
+            * complete hash.
+            */
+            internal void completeHash()
+            {
+                /* If we have remaining data */
+                if (numActive > 0)
+                {
+                    /* Access the next data */
+                    Arrays.Fill(parent.theReverse, (byte)0);
+                    fillReverse(theBuffer, 0, numActive, parent.theReverse);
+
+                    /* hash value */
+                    parent.gHASH(parent.theReverse);
+                }
+            }
+        }
+    }
 }
diff --git a/crypto/src/crypto/util/BasicAlphabetMapper.cs b/crypto/src/crypto/util/BasicAlphabetMapper.cs
index ac4011a94..b60733fc0 100644
--- a/crypto/src/crypto/util/BasicAlphabetMapper.cs
+++ b/crypto/src/crypto/util/BasicAlphabetMapper.cs
@@ -1,104 +1,106 @@
 using System;
 using System.Collections;
 
+using Org.BouncyCastle.Utilities;
+
 namespace Org.BouncyCastle.Crypto.Utilities
 {
-/**
- * A basic alphabet mapper that just creates a mapper based on the
- * passed in array of characters.
- */
- public class BasicAlphabetMapper
-    : IAlphabetMapper
-{
-    private Hashtable indexMap = new Hashtable();
-    private Hashtable charMap = new Hashtable();
-
     /**
-     * Base constructor.
-     *
-     * @param alphabet a string of characters making up the alphabet.
-     */    
-    public BasicAlphabetMapper(string alphabet) :
-        this(alphabet.ToCharArray())
-    {
-    }
-
-    /**
-     * Base constructor.
-     *
-     * @param alphabet an array of characters making up the alphabet.
+     * A basic alphabet mapper that just creates a mapper based on the
+     * passed in array of characters.
      */
-    public BasicAlphabetMapper(char[] alphabet)
+    public class BasicAlphabetMapper
+       : IAlphabetMapper
     {
-        for (int i = 0; i != alphabet.Length; i++)
+        private readonly IDictionary indexMap = Platform.CreateHashtable();
+        private readonly IDictionary charMap = Platform.CreateHashtable();
+
+        /**
+         * Base constructor.
+         *
+         * @param alphabet a string of characters making up the alphabet.
+         */
+        public BasicAlphabetMapper(string alphabet) :
+            this(alphabet.ToCharArray())
         {
-            if (indexMap.ContainsKey(alphabet[i]))
-            {
-                throw new ArgumentException("duplicate key detected in alphabet: " + alphabet[i]);
-            }
-            indexMap.Add(alphabet[i], i);
-            charMap.Add(i, alphabet[i]);
         }
-    }
-
-    public int Radix
-    {
-        get { return indexMap.Count; }
-    }
-
-    public byte[] ConvertToIndexes(char[] input)
-    {
-        byte[] outBuf;
 
-        if (indexMap.Count <= 256)
+        /**
+         * Base constructor.
+         *
+         * @param alphabet an array of characters making up the alphabet.
+         */
+        public BasicAlphabetMapper(char[] alphabet)
         {
-            outBuf = new byte[input.Length];
-            for (int i = 0; i != input.Length; i++)
+            for (int i = 0; i != alphabet.Length; i++)
             {
-                outBuf[i] = (byte)(int)indexMap[input[i]];
+                if (indexMap.Contains(alphabet[i]))
+                {
+                    throw new ArgumentException("duplicate key detected in alphabet: " + alphabet[i]);
+                }
+                indexMap.Add(alphabet[i], i);
+                charMap.Add(i, alphabet[i]);
             }
         }
-        else
+
+        public int Radix
         {
-            outBuf = new byte[input.Length * 2];
-            for (int i = 0; i != input.Length; i++)
-            {
-                int idx = (int)indexMap[input[i]];
-                outBuf[i * 2] = (byte)((idx >> 8) & 0xff);
-                outBuf[i * 2  + 1] = (byte)(idx & 0xff);
-            }
+            get { return indexMap.Count; }
         }
 
-        return outBuf;
-    }
-
-    public char[] ConvertToChars(byte[] input)
-    {
-        char[] outBuf;
-
-        if (charMap.Count <= 256)
+        public byte[] ConvertToIndexes(char[] input)
         {
-            outBuf = new char[input.Length];
-            for (int i = 0; i != input.Length; i++)
+            byte[] outBuf;
+
+            if (indexMap.Count <= 256)
+            {
+                outBuf = new byte[input.Length];
+                for (int i = 0; i != input.Length; i++)
+                {
+                    outBuf[i] = (byte)(int)indexMap[input[i]];
+                }
+            }
+            else
             {
-                outBuf[i] = (char)charMap[input[i] & 0xff];
+                outBuf = new byte[input.Length * 2];
+                for (int i = 0; i != input.Length; i++)
+                {
+                    int idx = (int)indexMap[input[i]];
+                    outBuf[i * 2] = (byte)((idx >> 8) & 0xff);
+                    outBuf[i * 2 + 1] = (byte)(idx & 0xff);
+                }
             }
+
+            return outBuf;
         }
-        else
+
+        public char[] ConvertToChars(byte[] input)
         {
-            if ((input.Length & 0x1) != 0)
+            char[] outBuf;
+
+            if (charMap.Count <= 256)
             {
-                throw new ArgumentException("two byte radix and input string odd.Length");
+                outBuf = new char[input.Length];
+                for (int i = 0; i != input.Length; i++)
+                {
+                    outBuf[i] = (char)charMap[input[i] & 0xff];
+                }
             }
-            
-            outBuf = new char[input.Length / 2];
-            for (int i = 0; i != input.Length; i += 2)
+            else
             {
-                outBuf[i / 2] = (char)charMap[((input[i] << 8) & 0xff00) | (input[i + 1] & 0xff)];
+                if ((input.Length & 0x1) != 0)
+                {
+                    throw new ArgumentException("two byte radix and input string odd.Length");
+                }
+
+                outBuf = new char[input.Length / 2];
+                for (int i = 0; i != input.Length; i += 2)
+                {
+                    outBuf[i / 2] = (char)charMap[((input[i] << 8) & 0xff00) | (input[i + 1] & 0xff)];
+                }
             }
-        }
 
-        return outBuf;
+            return outBuf;
+        }
     }
 }
-}
diff --git a/crypto/src/crypto/util/Pack.cs b/crypto/src/crypto/util/Pack.cs
index 30b4ec8ae..8ba738d4f 100644
--- a/crypto/src/crypto/util/Pack.cs
+++ b/crypto/src/crypto/util/Pack.cs
@@ -20,11 +20,41 @@ namespace Org.BouncyCastle.Crypto.Utilities
             bs[off + 1] = (byte)(n);
         }
 
-        internal static ushort BE_To_UInt16(byte[] bs)
+        internal static void UInt16_To_BE(ushort[] ns, byte[] bs, int off)
         {
-            uint n = (uint)bs[0] << 8
-                | (uint)bs[1];
-            return (ushort)n;
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                UInt16_To_BE(ns[i], bs, off);
+                off += 2;
+            }
+        }
+
+        internal static void UInt16_To_BE(ushort[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
+        {
+            for (int i = 0; i < nsLen; ++i)
+            {
+                UInt16_To_BE(ns[nsOff + i], bs, bsOff);
+                bsOff += 2;
+            }
+        }
+
+        internal static byte[] UInt16_To_BE(ushort n)
+        {
+            byte[] bs = new byte[2];
+            UInt16_To_BE(n, bs, 0);
+            return bs;
+        }
+
+        internal static byte[] UInt16_To_BE(ushort[] ns)
+        {
+            return UInt16_To_BE(ns, 0, ns.Length);
+        }
+
+        internal static byte[] UInt16_To_BE(ushort[] ns, int nsOff, int nsLen)
+        {
+            byte[] bs = new byte[2 * nsLen];
+            UInt16_To_BE(ns, nsOff, nsLen, bs, 0);
+            return bs;
         }
 
         internal static ushort BE_To_UInt16(byte[] bs, int off)
@@ -34,11 +64,27 @@ namespace Org.BouncyCastle.Crypto.Utilities
             return (ushort)n;
         }
 
-        internal static byte[] UInt32_To_BE(uint n)
+        internal static void BE_To_UInt16(byte[] bs, int bsOff, ushort[] ns, int nsOff)
         {
-            byte[] bs = new byte[4];
-            UInt32_To_BE(n, bs, 0);
-            return bs;
+            ns[nsOff] = BE_To_UInt16(bs, bsOff);
+        }
+
+        internal static ushort[] BE_To_UInt16(byte[] bs)
+        {
+            return BE_To_UInt16(bs, 0, bs.Length);
+        }
+
+        internal static ushort[] BE_To_UInt16(byte[] bs, int off, int len)
+        {
+            if ((len & 1) != 0)
+                throw new ArgumentException("must be a multiple of 2", "len");
+
+            ushort[] ns = new ushort[len / 2];
+            for (int i = 0; i < len; i += 2)
+            {
+                BE_To_UInt16(bs, off + i, ns, i >> 1);
+            }
+            return ns;
         }
 
         internal static void UInt32_To_BE(uint n, byte[] bs)
@@ -57,13 +103,6 @@ namespace Org.BouncyCastle.Crypto.Utilities
             bs[off + 3] = (byte)(n);
         }
 
-        internal static byte[] UInt32_To_BE(uint[] ns)
-        {
-            byte[] bs = new byte[4 * ns.Length];
-            UInt32_To_BE(ns, bs, 0);
-            return bs;
-        }
-
         internal static void UInt32_To_BE(uint[] ns, byte[] bs, int off)
         {
             for (int i = 0; i < ns.Length; ++i)
@@ -73,7 +112,7 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
-        public static void UInt32_To_BE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
+        internal static void UInt32_To_BE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
         {
             for (int i = 0; i < nsLen; ++i)
             {
@@ -82,6 +121,20 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
+        internal static byte[] UInt32_To_BE(uint n)
+        {
+            byte[] bs = new byte[4];
+            UInt32_To_BE(n, bs, 0);
+            return bs;
+        }
+
+        internal static byte[] UInt32_To_BE(uint[] ns)
+        {
+            byte[] bs = new byte[4 * ns.Length];
+            UInt32_To_BE(ns, bs, 0);
+            return bs;
+        }
+
         internal static uint BE_To_UInt32(byte[] bs)
         {
             return (uint)bs[0] << 24
@@ -107,7 +160,7 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
-        public static void BE_To_UInt32(byte[] bs, int bsOff, uint[] ns, int nsOff, int nsLen)
+        internal static void BE_To_UInt32(byte[] bs, int bsOff, uint[] ns, int nsOff, int nsLen)
         {
             for (int i = 0; i < nsLen; ++i)
             {
@@ -151,7 +204,7 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
-        public static void UInt64_To_BE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
+        internal static void UInt64_To_BE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
         {
             for (int i = 0; i < nsLen; ++i)
             {
@@ -160,13 +213,6 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
-        internal static ulong BE_To_UInt64(byte[] bs)
-        {
-            uint hi = BE_To_UInt32(bs);
-            uint lo = BE_To_UInt32(bs, 4);
-            return ((ulong)hi << 32) | (ulong)lo;
-        }
-
         internal static ulong BE_To_UInt64(byte[] bs, int off)
         {
             uint hi = BE_To_UInt32(bs, off);
@@ -183,7 +229,7 @@ namespace Org.BouncyCastle.Crypto.Utilities
             }
         }
 
-        public static void BE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen)
+        internal static void BE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen)
         {
             for (int i = 0; i < nsLen; ++i)
             {
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs
index 8c6b74d5b..982fbf3a0 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -246,14 +246,14 @@ namespace Org.BouncyCastle.Security
         {
             byte[] bytes = new byte[4];
             NextBytes(bytes);
-            return (int)Pack.BE_To_UInt32(bytes);
+            return (int)Pack.BE_To_UInt32(bytes, 0);
         }
 
         public virtual long NextLong()
         {
             byte[] bytes = new byte[8];
             NextBytes(bytes);
-            return (long)Pack.BE_To_UInt64(bytes);
+            return (long)Pack.BE_To_UInt64(bytes, 0);
         }
     }
 }
diff --git a/crypto/src/util/Arrays.cs b/crypto/src/util/Arrays.cs
index 78c4e8ffc..fdf08a90c 100644
--- a/crypto/src/util/Arrays.cs
+++ b/crypto/src/util/Arrays.cs
@@ -705,6 +705,7 @@ namespace Org.BouncyCastle.Utilities
             return rv;
         }
 
+        [CLSCompliantAttribute(false)]
         public static ushort[] Concatenate(ushort[] a, ushort[] b)
         {
             if (a == null)
diff --git a/crypto/src/util/Bytes.cs b/crypto/src/util/Bytes.cs
index 0d73d67ae..ecde85dde 100644
--- a/crypto/src/util/Bytes.cs
+++ b/crypto/src/util/Bytes.cs
@@ -4,7 +4,7 @@ namespace Org.BouncyCastle.Utilities
 {
     public abstract class Bytes
     {
-        public static readonly uint BYTES = 1;
-        public static readonly uint SIZE = 8;
+        public const int NumBits = 8;
+        public const int NumBytes = 1;
     }
 }
diff --git a/crypto/src/util/Integers.cs b/crypto/src/util/Integers.cs
index b7bd25ce6..11045d9e3 100644
--- a/crypto/src/util/Integers.cs
+++ b/crypto/src/util/Integers.cs
@@ -6,8 +6,8 @@ namespace Org.BouncyCastle.Utilities
 {
     public abstract class Integers
     {
-        public static readonly uint BYTES = 4;
-        public static readonly uint SIZE = 32;
+        public const int NumBits = 32;
+        public const int NumBytes = 4;
 
         private static readonly byte[] DeBruijnTZ = {
             0x00, 0x01, 0x02, 0x18, 0x03, 0x13, 0x06, 0x19, 0x16, 0x04, 0x14, 0x0A,
diff --git a/crypto/src/util/Longs.cs b/crypto/src/util/Longs.cs
index 892e57137..91dee2b50 100644
--- a/crypto/src/util/Longs.cs
+++ b/crypto/src/util/Longs.cs
@@ -6,8 +6,8 @@ namespace Org.BouncyCastle.Utilities
 {
     public abstract class Longs
     {
-        public static readonly uint BYTES = 8;
-        public static readonly uint SIZE = 64;
+        public const int NumBits = 64;
+        public const int NumBytes = 8;
 
         public static long Reverse(long i)
         {
diff --git a/crypto/src/util/io/Streams.cs b/crypto/src/util/io/Streams.cs
index 503a1b4f1..506b2489f 100644
--- a/crypto/src/util/io/Streams.cs
+++ b/crypto/src/util/io/Streams.cs
@@ -100,15 +100,9 @@ namespace Org.BouncyCastle.Utilities.IO
         /// <exception cref="IOException"></exception>
         public static int WriteBufTo(MemoryStream buf, byte[] output, int offset)
         {
-#if PORTABLE
-            byte[] bytes = buf.ToArray();
-            bytes.CopyTo(output, offset);
-            return bytes.Length;
-#else
             int size = (int)buf.Length;
-            buf.WriteTo(new MemoryStream(output, offset, size, true));
+            WriteBufTo(buf, new MemoryStream(output, offset, size));
             return size;
-#endif
         }
 
         public static void WriteZeroes(Stream outStr, long count)
diff --git a/crypto/test/UnitTests.csproj b/crypto/test/UnitTests.csproj
index b70d94a6b..2164d2949 100644
--- a/crypto/test/UnitTests.csproj
+++ b/crypto/test/UnitTests.csproj
@@ -201,6 +201,8 @@
     <Compile Include="src\crypto\test\Ed448Test.cs" />
     <Compile Include="src\crypto\test\ElGamalTest.cs" />
     <Compile Include="src\crypto\test\EqualsHashCodeTest.cs" />
+    <Compile Include="src\crypto\test\GcmReorderTest.cs" />
+    <Compile Include="src\crypto\test\GcmSivTest.cs" />
     <Compile Include="src\crypto\test\GCMTest.cs" />
     <Compile Include="src\crypto\test\GMacTest.cs" />
     <Compile Include="src\crypto\test\GOST28147MacTest.cs" />
@@ -209,7 +211,6 @@
     <Compile Include="src\crypto\test\GOST3411DigestTest.cs" />
     <Compile Include="src\crypto\test\GOST3411_2012_256DigestTest.cs" />
     <Compile Include="src\crypto\test\GOST3411_2012_512DigestTest.cs" />
-    <Compile Include="src\crypto\test\GcmReorderTest.cs" />
     <Compile Include="src\crypto\test\HCFamilyTest.cs" />
     <Compile Include="src\crypto\test\HCFamilyVecTest.cs" />
     <Compile Include="src\crypto\test\HKDFGeneratorTest.cs" />
@@ -236,6 +237,7 @@
     <Compile Include="src\crypto\test\OAEPTest.cs" />
     <Compile Include="src\crypto\test\OCBTest.cs" />
     <Compile Include="src\crypto\test\OpenBsdBCryptTest.cs" />
+    <Compile Include="src\crypto\test\ParallelHashTest.cs" />
     <Compile Include="src\crypto\test\PSSBlindTest.cs" />
     <Compile Include="src\crypto\test\PSSTest.cs" />
     <Compile Include="src\crypto\test\PaddingTest.cs" />
@@ -280,6 +282,7 @@
     <Compile Include="src\crypto\test\SM4Test.cs" />
     <Compile Include="src\crypto\test\SkeinDigestTest.cs" />
     <Compile Include="src\crypto\test\SkeinMacTest.cs" />
+    <Compile Include="src\crypto\test\SP80038GTest.cs" />
     <Compile Include="src\crypto\test\StreamCipherResetTest.cs" />
     <Compile Include="src\crypto\test\Threefish1024Test.cs" />
     <Compile Include="src\crypto\test\Threefish256Test.cs" />
@@ -295,6 +298,7 @@
     <Compile Include="src\crypto\test\TEATest.cs" />
     <Compile Include="src\crypto\test\TigerDigestTest.cs" />
     <Compile Include="src\crypto\test\TnepresTest.cs" />
+    <Compile Include="src\crypto\test\TupleHashTest.cs" />
     <Compile Include="src\crypto\test\TwofishTest.cs" />
     <Compile Include="src\crypto\test\VMPCKSA3Test.cs" />
     <Compile Include="src\crypto\test\VMPCMacTest.cs" />
@@ -383,6 +387,7 @@
     <Compile Include="src\openpgp\test\PGPCompressionTest.cs" />
     <Compile Include="src\openpgp\test\PGPDSAElGamalTest.cs" />
     <Compile Include="src\openpgp\test\PGPDSATest.cs" />
+    <Compile Include="src\openpgp\test\PgpFeaturesTest.cs" />
     <Compile Include="src\openpgp\test\PGPNoPrivateKeyTest.cs" />
     <Compile Include="src\openpgp\test\PGPPBETest.cs" />
     <Compile Include="src\openpgp\test\PGPPacketTest.cs" />
diff --git a/crypto/test/src/crypto/test/GcmSivTest.cs b/crypto/test/src/crypto/test/GcmSivTest.cs
index 8446911bb..0921912cd 100644
--- a/crypto/test/src/crypto/test/GcmSivTest.cs
+++ b/crypto/test/src/crypto/test/GcmSivTest.cs
@@ -1,10 +1,7 @@
+using System;
 
 using NUnit.Framework;
 
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Digests;
-using Org.BouncyCastle.Crypto.Engines;
-using Org.BouncyCastle.Crypto.Encodings;
 using Org.BouncyCastle.Crypto.Modes;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Utilities;
@@ -13,447 +10,449 @@ using Org.BouncyCastle.Utilities.Test;
 
 namespace Org.BouncyCastle.Crypto.Tests
 {
-
-        /**
-         * ISO vector test for Whirlpool
-         *
-         */
-        [TestFixture]
-public class GcmSivTest
+    [TestFixture]
+    public class GcmSivTest
         : SimpleTest
-{
-    public override string Name
     {
-        get { return "GCM-SIV"; }
-    }
+        public override string Name
+        {
+            get { return "GCM-SIV"; }
+        }
 
-        [Test]
         public override void PerformTest()
-    {
-        new AESGcmSiv128Test1().testTheCipher(this);
-        new AESGcmSiv128Test2().testTheCipher(this);
-        new AESGcmSiv128Test3().testTheCipher(this);
-        new AESGcmSiv256Test1().testTheCipher(this);
-        new AESGcmSiv256Test2().testTheCipher(this);
-        new AESGcmSiv256Test3().testTheCipher(this);
-        new AESGcmSiv256Test4().testTheCipher(this);
-    }
+        {
+            new AesGcmSiv128Test1().TestTheCipher(this);
+            new AesGcmSiv128Test2().TestTheCipher(this);
+            new AesGcmSiv128Test3().TestTheCipher(this);
+            new AesGcmSiv256Test1().TestTheCipher(this);
+            new AesGcmSiv256Test2().TestTheCipher(this);
+            new AesGcmSiv256Test3().TestTheCipher(this);
+            new AesGcmSiv256Test4().TestTheCipher(this);
+        }
 
-    /**
-     * Test the GcmSivCipher against the results.
-     * @param pCipher the cipher to test.
-     * @param pKey the key to test
-     * @param pNonce the nonce
-     * @param pAEAD the AEAD
-     * @param pData the data to test
-     * @param pExpected the expected results
-     */
-    void testSIVCipher(GcmSivBlockCipher pCipher,
-                       string pKey,
-                       string pNonce,
-                       string pAEAD,
-                       string pData,
-                       string pExpected)
-    {
-        /* protect against exceptions */
-        try
+        /**
+         * Test the GcmSivCipher against the results.
+         * @param pCipher the cipher to test.
+         * @param pKey the key to test
+         * @param pNonce the nonce
+         * @param pAEAD the AEAD
+         * @param pData the data to test
+         * @param pExpected the expected results
+         */
+        private void TestSivCipher(GcmSivBlockCipher pCipher, string pKey, string pNonce, string pAEAD, string pData,
+            string pExpected)
         {
-            /* Access the key and the data */
-            KeyParameter myKey = new KeyParameter(Hex.Decode(pKey));
-            byte[] myNonce = Hex.Decode(pNonce);
-            byte[] myAEAD = Hex.Decode(pAEAD);
-            byte[] myData = Hex.Decode(pData);
+            try
+            {
+                /* Access the key and the data */
+                KeyParameter myKey = new KeyParameter(Hex.Decode(pKey));
+                byte[] myNonce = Hex.Decode(pNonce);
+                byte[] myAEAD = Hex.Decode(pAEAD);
+                byte[] myData = Hex.Decode(pData);
 
-            /* Initialise the cipher */
-            AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD);
-            pCipher.Init(true, myParams);
+                /* Initialise the cipher */
+                AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD);
+                pCipher.Init(true, myParams);
 
-            /* Create the output buffers */
-            byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)];
-            byte[] myFinal = new byte[myData.Length];
+                /* Create the output buffers */
+                byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)];
+                byte[] myFinal = new byte[myData.Length];
 
-            /* Process the data */
-            pCipher.ProcessBytes(myData, 0, myData.Length, null, 0);
-            pCipher.DoFinal(myOutput, 0);
+                /* Process the data */
+                pCipher.ProcessBytes(myData, 0, myData.Length, null, 0);
+                pCipher.DoFinal(myOutput, 0);
 
-            /* Check the encryption */
-            byte[] myExpected = Hex.Decode(pExpected);
-            IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
+                /* Check the encryption */
+                byte[] myExpected = Hex.Decode(pExpected);
+                IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
 
-            /* Repeat processing byte at a time */
-            for (int i = 0; i != myData.Length; i++)
+                /* Repeat processing byte at a time */
+                for (int i = 0; i != myData.Length; i++)
+                {
+                    pCipher.ProcessByte(myData[i], null, 0);
+                }
+                pCipher.DoFinal(myOutput, 0);
+                IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
+
+                /* Re-initialise the cipher */
+                pCipher.Init(false, myParams);
+                pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0);
+                pCipher.DoFinal(myFinal, 0);
+                IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal));
+            }
+            catch (InvalidCipherTextException e)
             {
-                pCipher.ProcessByte(myData[i], null, 0);
+                Fail("Bad Text", e);
             }
-            pCipher.DoFinal(myOutput, 0);
-            IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput));
-
-            /* Re-initialise the cipher */
-            pCipher.Init(false, myParams);
-            pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0);
-            pCipher.DoFinal(myFinal, 0);
-            IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal));
         }
-        catch (InvalidCipherTextException e)
+
+        /**
+         * AES-GCM-SIV-128 Set 1.
+         */
+        private class AesGcmSiv128Test1
         {
-            Fail("Bad Text", e);
-        }
-    }
+            private readonly string EMPTY = "";
+            private readonly string KEY_1 = "01000000000000000000000000000000";
+            private readonly string NONCE_1 = "030000000000000000000000";
+            private readonly string DATA_8 = "0100000000000000";
+            private readonly string DATA_12 = "010000000000000000000000";
+            private readonly string DATA_16 = "01000000000000000000000000000000";
+            private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000";
+            private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000"
+                    + "03000000000000000000000000000000";
+            private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000"
+                    + "03000000000000000000000000000000" + "04000000000000000000000000000000";
+            private readonly string EXPECTED_1 = "dc20e2d83f25705bb49e439eca56de25";
+            private readonly string EXPECTED_2 = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c";
+            private readonly string EXPECTED_3 = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639";
+            private readonly string EXPECTED_4 = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4";
+            private readonly string EXPECTED_5 = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445"
+                    + "1a8e45dcd4578c667cd86847bf6155ff";
+            private readonly string EXPECTED_6 = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d"
+                    + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8";
+            private readonly string EXPECTED_7 = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0"
+                    + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f"
+                    + "8a263dd317aa88d56bdf3936dba75bb8";
 
-    /**
-     * AES-GCM-SIV-128 Set 1.
-     */
-    class AESGcmSiv128Test1
-    {
-        private readonly string EMPTY       = "";
-        private readonly string KEY_1       = "01000000000000000000000000000000";
-        private readonly string NONCE_1     = "030000000000000000000000";
-        private readonly string DATA_8      = "0100000000000000";
-        private readonly string DATA_12     = "010000000000000000000000";
-        private readonly string DATA_16     = "01000000000000000000000000000000";
-        private readonly string DATA_32     = "01000000000000000000000000000000" + "02000000000000000000000000000000";
-        private readonly string DATA_48     = "01000000000000000000000000000000" + "02000000000000000000000000000000"
-                + "03000000000000000000000000000000";
-        private readonly string DATA_64     = "01000000000000000000000000000000" + "02000000000000000000000000000000"
-                + "03000000000000000000000000000000" + "04000000000000000000000000000000";
-        private readonly string EXPECTED_1  = "dc20e2d83f25705bb49e439eca56de25";
-        private readonly string EXPECTED_2  = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c";
-        private readonly string EXPECTED_3  = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639";
-        private readonly string EXPECTED_4  = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4";
-        private readonly string EXPECTED_5  = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445"
-                + "1a8e45dcd4578c667cd86847bf6155ff";
-        private readonly string EXPECTED_6  = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d"
-                + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8";
-        private readonly string EXPECTED_7  = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0"
-                + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f"
-                + "8a263dd317aa88d56bdf3936dba75bb8";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-128 Set 2.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv128Test2
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7);
-        }
-    }
+            private readonly string KEY_1 = "01000000000000000000000000000000";
+            private readonly string NONCE_1 = "030000000000000000000000";
+            private readonly string AEAD_1 = "01";
+            private readonly string AEAD_12 = "010000000000000000000000";
+            private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200";
+            private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000";
+            private readonly string DATA_4 = "02000000";
+            private readonly string DATA_8 = "0200000000000000";
+            private readonly string DATA_12 = "020000000000000000000000";
+            private readonly string DATA_16 = "02000000000000000000000000000000";
+            private readonly string DATA_18 = "03000000000000000000000000000000" + "0400";
+            private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000";
+            private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000";
+            private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000"
+                    + "04000000000000000000000000000000";
+            private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000"
+                    + "04000000000000000000000000000000" + "05000000000000000000000000000000";
+            private readonly string EXPECTED_1 = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508";
+            private readonly string EXPECTED_2 = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a";
+            private readonly string EXPECTED_3 = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f";
+            private readonly string EXPECTED_4 = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71"
+                    + "e6af6a7f87287da059a71684ed3498e1";
+            private readonly string EXPECTED_5 = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005"
+                    + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2";
+            private readonly string EXPECTED_6 = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe"
+                    + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80"
+                    + "cdc46ae475563de037001ef84ae21744";
+            private readonly string EXPECTED_7 = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14";
+            private readonly string EXPECTED_8 = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6"
+                    + "fe106514";
+            private readonly string EXPECTED_9 = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13"
+                    + "b9fd";
 
-    /**
-     * AES-GCM-SIV-128 Set 2.
-     */
-    class AESGcmSiv128Test2
-    {
-        private  readonly string KEY_1       = "01000000000000000000000000000000";
-        private  readonly string NONCE_1     = "030000000000000000000000";
-        private  readonly string AEAD_1      = "01";
-        private  readonly string AEAD_12     = "010000000000000000000000";
-        private  readonly string AEAD_18     = "01000000000000000000000000000000" + "0200";
-        private  readonly string AEAD_20     = "01000000000000000000000000000000" + "02000000";
-        private  readonly string DATA_4      = "02000000";
-        private  readonly string DATA_8      = "0200000000000000";
-        private  readonly string DATA_12     = "020000000000000000000000";
-        private  readonly string DATA_16     = "02000000000000000000000000000000";
-        private  readonly string DATA_18     = "03000000000000000000000000000000" + "0400";
-        private  readonly string DATA_20     = "03000000000000000000000000000000" + "04000000";
-        private  readonly string DATA_32     = "02000000000000000000000000000000" + "03000000000000000000000000000000";
-        private  readonly string DATA_48     = "02000000000000000000000000000000" + "03000000000000000000000000000000"
-                + "04000000000000000000000000000000";
-        private  readonly string DATA_64     = "02000000000000000000000000000000" + "03000000000000000000000000000000"
-                + "04000000000000000000000000000000" + "05000000000000000000000000000000";
-        private  readonly string EXPECTED_1  = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508";
-        private  readonly string EXPECTED_2  = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a";
-        private  readonly string EXPECTED_3  = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f";
-        private  readonly string EXPECTED_4  = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71"
-                + "e6af6a7f87287da059a71684ed3498e1";
-        private  readonly string EXPECTED_5  = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005"
-                + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2";
-        private  readonly string EXPECTED_6  = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe"
-                + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80"
-                + "cdc46ae475563de037001ef84ae21744";
-        private  readonly string EXPECTED_7  = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14";
-        private  readonly string EXPECTED_8  = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6"
-                + "fe106514";
-        private  readonly string EXPECTED_9  = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13"
-                + "b9fd";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-128 Set 3.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv128Test3
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9);
-        }
-    }
+            private readonly string EMPTY = "";
+            private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4";
+            private readonly string KEY_2 = "36864200e0eaf5284d884a0e77d31646";
+            private readonly string KEY_3 = "aedb64a6c590bc84d1a5e269e4b47801";
+            private readonly string KEY_4 = "d5cc1fd161320b6920ce07787f86743b";
+            private readonly string KEY_5 = "b3fed1473c528b8426a582995929a149";
+            private readonly string KEY_6 = "2d4ed87da44102952ef94b02b805249b";
+            private readonly string KEY_7 = "bde3b2f204d1e9f8b06bc47f9745b3d1";
+            private readonly string KEY_8 = "f901cfe8a69615a93fdf7a98cad48179";
+            private readonly string NONCE_1 = "f46e44bb3da0015c94f70887";
+            private readonly string NONCE_2 = "bae8e37fc83441b16034566b";
+            private readonly string NONCE_3 = "afc0577e34699b9e671fdd4f";
+            private readonly string NONCE_4 = "275d1ab32f6d1f0434d8848c";
+            private readonly string NONCE_5 = "9e9ad8780c8d63d0ab4149c0";
+            private readonly string NONCE_6 = "ac80e6f61455bfac8308a2d4";
+            private readonly string NONCE_7 = "ae06556fb6aa7890bebc18fe";
+            private readonly string NONCE_8 = "6245709fb18853f68d833640";
+            private readonly string AEAD_2 = "46bb91c3c5";
+            private readonly string AEAD_3 = "fc880c94a95198874296";
+            private readonly string AEAD_4 = "046787f3ea22c127aaf195d1894728";
+            private readonly string AEAD_5 = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93";
+            private readonly string AEAD_6 = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a";
+            private readonly string AEAD_7 = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f";
+            private readonly string AEAD_8 = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa"
+                    + "859c21";
+            private readonly string DATA_2 = "7a806c";
+            private readonly string DATA_3 = "bdc66f146545";
+            private readonly string DATA_4 = "1177441f195495860f";
+            private readonly string DATA_5 = "9f572c614b4745914474e7c7";
+            private readonly string DATA_6 = "0d8c8451178082355c9e940fea2f58";
+            private readonly string DATA_7 = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7";
+            private readonly string DATA_8 = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d";
+            private readonly string EXPECTED_1 = "a4194b79071b01a87d65f706e3949578";
+            private readonly string EXPECTED_2 = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8";
+            private readonly string EXPECTED_3 = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966";
+            private readonly string EXPECTED_4 = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b";
+            private readonly string EXPECTED_5 = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0";
+            private readonly string EXPECTED_6 = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b";
+            private readonly string EXPECTED_7 = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4"
+                    + "db84";
+            private readonly string EXPECTED_8 = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9"
+                    + "d24a2a6e70";
 
-    /**
-     * AES-GCM-SIV-128 Set 3.
-     */
-    class AESGcmSiv128Test3
-    {
-        private readonly string EMPTY       = "";
-        private readonly string KEY_1       = "e66021d5eb8e4f4066d4adb9c33560e4";
-        private readonly string KEY_2       = "36864200e0eaf5284d884a0e77d31646";
-        private readonly string KEY_3       = "aedb64a6c590bc84d1a5e269e4b47801";
-        private readonly string KEY_4       = "d5cc1fd161320b6920ce07787f86743b";
-        private readonly string KEY_5       = "b3fed1473c528b8426a582995929a149";
-        private readonly string KEY_6       = "2d4ed87da44102952ef94b02b805249b";
-        private readonly string KEY_7       = "bde3b2f204d1e9f8b06bc47f9745b3d1";
-        private readonly string KEY_8       = "f901cfe8a69615a93fdf7a98cad48179";
-        private readonly string NONCE_1     = "f46e44bb3da0015c94f70887";
-        private readonly string NONCE_2     = "bae8e37fc83441b16034566b";
-        private readonly string NONCE_3     = "afc0577e34699b9e671fdd4f";
-        private readonly string NONCE_4     = "275d1ab32f6d1f0434d8848c";
-        private readonly string NONCE_5     = "9e9ad8780c8d63d0ab4149c0";
-        private readonly string NONCE_6     = "ac80e6f61455bfac8308a2d4";
-        private readonly string NONCE_7     = "ae06556fb6aa7890bebc18fe";
-        private readonly string NONCE_8     = "6245709fb18853f68d833640";
-        private readonly string AEAD_2      = "46bb91c3c5";
-        private readonly string AEAD_3      = "fc880c94a95198874296";
-        private readonly string AEAD_4      = "046787f3ea22c127aaf195d1894728";
-        private readonly string AEAD_5      = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93";
-        private readonly string AEAD_6      = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a";
-        private readonly string AEAD_7      = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f";
-        private readonly string AEAD_8      = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa"
-                + "859c21";
-        private readonly string DATA_2      = "7a806c";
-        private readonly string DATA_3      = "bdc66f146545";
-        private readonly string DATA_4      = "1177441f195495860f";
-        private readonly string DATA_5      = "9f572c614b4745914474e7c7";
-        private readonly string DATA_6      = "0d8c8451178082355c9e940fea2f58";
-        private readonly string DATA_7      = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7";
-        private readonly string DATA_8      = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d";
-        private readonly string EXPECTED_1  = "a4194b79071b01a87d65f706e3949578";
-        private readonly string EXPECTED_2  = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8";
-        private readonly string EXPECTED_3  = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966";
-        private readonly string EXPECTED_4  = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b";
-        private readonly string EXPECTED_5  = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0";
-        private readonly string EXPECTED_6  = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b";
-        private readonly string EXPECTED_7  = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4"
-                + "db84";
-        private readonly string EXPECTED_8  = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9"
-                + "d24a2a6e70";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-256 Set 1.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv256Test1
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8);
-        }
-    }
+            private readonly string EMPTY = "";
+            private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000";
+            private readonly string NONCE_1 = "030000000000000000000000";
+            private readonly string DATA_8 = "0100000000000000";
+            private readonly string DATA_12 = "010000000000000000000000";
+            private readonly string DATA_16 = "01000000000000000000000000000000";
+            private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000";
+            private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000"
+                    + "03000000000000000000000000000000";
+            private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000"
+                    + "03000000000000000000000000000000" + "04000000000000000000000000000000";
+            private readonly string EXPECTED_1 = "07f5f4169bbf55a8400cd47ea6fd400f";
+            private readonly string EXPECTED_2 = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28";
+            private readonly string EXPECTED_3 = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e";
+            private readonly string EXPECTED_4 = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366";
+            private readonly string EXPECTED_5 = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f"
+                    + "e819e63abcd020b006a976397632eb5d";
+            private readonly string EXPECTED_6 = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3"
+                    + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4";
+            private readonly string EXPECTED_7 = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7"
+                    + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce"
+                    + "112864c269fc0d9d88c61fa47e39aa08";
 
-    /**
-     * AES-GCM-SIV-256 Set 1.
-     */
-    class AESGcmSiv256Test1
-    {
-        private readonly string EMPTY       = "";
-        private readonly string KEY_1       = "01000000000000000000000000000000" + "00000000000000000000000000000000";
-        private readonly string NONCE_1     = "030000000000000000000000";
-        private readonly string DATA_8      = "0100000000000000";
-        private readonly string DATA_12     = "010000000000000000000000";
-        private readonly string DATA_16     = "01000000000000000000000000000000";
-        private readonly string DATA_32     = "01000000000000000000000000000000" + "02000000000000000000000000000000";
-        private readonly string DATA_48     = "01000000000000000000000000000000" + "02000000000000000000000000000000"
-                + "03000000000000000000000000000000";
-        private readonly string DATA_64     = "01000000000000000000000000000000" + "02000000000000000000000000000000"
-                + "03000000000000000000000000000000" + "04000000000000000000000000000000";
-        private readonly string EXPECTED_1  = "07f5f4169bbf55a8400cd47ea6fd400f";
-        private readonly string EXPECTED_2  = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28";
-        private readonly string EXPECTED_3  = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e";
-        private readonly string EXPECTED_4  = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366";
-        private readonly string EXPECTED_5  = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f"
-                + "e819e63abcd020b006a976397632eb5d";
-        private readonly string EXPECTED_6  = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3"
-                + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4";
-        private readonly string EXPECTED_7  = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7"
-                + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce"
-                + "112864c269fc0d9d88c61fa47e39aa08";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-256 Set 2.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv256Test2
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7);
-        }
-    }
+            private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000";
+            private readonly string NONCE_1 = "030000000000000000000000";
+            private readonly string AEAD_1 = "01";
+            private readonly string AEAD_12 = "010000000000000000000000";
+            private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200";
+            private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000";
+            private readonly string DATA_4 = "02000000";
+            private readonly string DATA_8 = "0200000000000000";
+            private readonly string DATA_12 = "020000000000000000000000";
+            private readonly string DATA_16 = "02000000000000000000000000000000";
+            private readonly string DATA_18 = "03000000000000000000000000000000" + "0400";
+            private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000";
+            private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000";
+            private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000"
+                    + "04000000000000000000000000000000";
+            private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000"
+                    + "04000000000000000000000000000000" + "05000000000000000000000000000000";
+            private readonly string EXPECTED_1 = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854";
+            private readonly string EXPECTED_2 = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f";
+            private readonly string EXPECTED_3 = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7";
+            private readonly string EXPECTED_4 = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365"
+                    + "aea1bad12702e1965604374aab96dbbc";
+            private readonly string EXPECTED_5 = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47"
+                    + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb";
+            private readonly string EXPECTED_6 = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9"
+                    + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89"
+                    + "5bde0285037c5de81e5b570a049b62a0";
+            private readonly string EXPECTED_7 = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf";
+            private readonly string EXPECTED_8 = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59"
+                    + "cabfe307";
+            private readonly string EXPECTED_9 = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205"
+                    + "6543";
 
-    /**
-     * AES-GCM-SIV-256 Set 2.
-     */
-    class AESGcmSiv256Test2
-    {
-        private readonly string KEY_1       = "01000000000000000000000000000000" + "00000000000000000000000000000000";
-        private readonly string NONCE_1     = "030000000000000000000000";
-        private readonly string AEAD_1      = "01";
-        private readonly string AEAD_12     = "010000000000000000000000";
-        private readonly string AEAD_18     = "01000000000000000000000000000000" + "0200";
-        private readonly string AEAD_20     = "01000000000000000000000000000000" + "02000000";
-        private readonly string DATA_4      = "02000000";
-        private readonly string DATA_8      = "0200000000000000";
-        private readonly string DATA_12     = "020000000000000000000000";
-        private readonly string DATA_16     = "02000000000000000000000000000000";
-        private readonly string DATA_18     = "03000000000000000000000000000000" + "0400";
-        private readonly string DATA_20     = "03000000000000000000000000000000" + "04000000";
-        private readonly string DATA_32     = "02000000000000000000000000000000" + "03000000000000000000000000000000";
-        private readonly string DATA_48     = "02000000000000000000000000000000" + "03000000000000000000000000000000"
-                + "04000000000000000000000000000000";
-        private readonly string DATA_64     = "02000000000000000000000000000000" + "03000000000000000000000000000000"
-                + "04000000000000000000000000000000" + "05000000000000000000000000000000";
-        private readonly string EXPECTED_1  = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854";
-        private readonly string EXPECTED_2  = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f";
-        private readonly string EXPECTED_3  = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7";
-        private readonly string EXPECTED_4  = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365"
-                + "aea1bad12702e1965604374aab96dbbc";
-        private readonly string EXPECTED_5  = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47"
-                + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb";
-        private readonly string EXPECTED_6  = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9"
-                + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89"
-                + "5bde0285037c5de81e5b570a049b62a0";
-        private readonly string EXPECTED_7  = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf";
-        private readonly string EXPECTED_8  = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59"
-                + "cabfe307";
-        private readonly string EXPECTED_9  = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205"
-                + "6543";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-256 Set 3.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv256Test3
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9);
-        }
-    }
+            private readonly string EMPTY = "";
+            private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200";
+            private readonly string KEY_2 = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269";
+            private readonly string KEY_3 = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3";
+            private readonly string KEY_4 = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0";
+            private readonly string KEY_5 = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235";
+            private readonly string KEY_6 = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb";
+            private readonly string KEY_7 = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7";
+            private readonly string KEY_8 = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23";
+            private readonly string NONCE_1 = "e0eaf5284d884a0e77d31646";
+            private readonly string NONCE_2 = "e4b47801afc0577e34699b9e";
+            private readonly string NONCE_3 = "2f6d1f0434d8848c1177441f";
+            private readonly string NONCE_4 = "9f572c614b4745914474e7c7";
+            private readonly string NONCE_5 = "5c9e940fea2f582950a70d5a";
+            private readonly string NONCE_6 = "6de71860f762ebfbd08284e4";
+            private readonly string NONCE_7 = "028ec6eb5ea7e298342a94d4";
+            private readonly string NONCE_8 = "688089e55540db1872504e1c";
+            private readonly string AEAD_2 = "4fbdc66f14";
+            private readonly string AEAD_3 = "6787f3ea22c127aaf195";
+            private readonly string AEAD_4 = "489c8fde2be2cf97e74e932d4ed87d";
+            private readonly string AEAD_5 = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f";
+            private readonly string AEAD_6 = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f";
+            private readonly string AEAD_7 = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7";
+            private readonly string AEAD_8 = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f"
+                    + "167541";
+            private readonly string DATA_2 = "671fdd";
+            private readonly string DATA_3 = "195495860f04";
+            private readonly string DATA_4 = "c9882e5386fd9f92ec";
+            private readonly string DATA_5 = "1db2316fd568378da107b52b";
+            private readonly string DATA_6 = "21702de0de18baa9c9596291b08466";
+            private readonly string DATA_7 = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85";
+            private readonly string DATA_8 = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec";
+            private readonly string EXPECTED_1 = "169fbb2fbf389a995f6390af22228a62";
+            private readonly string EXPECTED_2 = "0eaccb93da9bb81333aee0c785b240d3" + "19719d";
+            private readonly string EXPECTED_3 = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c";
+            private readonly string EXPECTED_4 = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2";
+            private readonly string EXPECTED_5 = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5";
+            private readonly string EXPECTED_6 = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd";
+            private readonly string EXPECTED_7 = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d"
+                    + "0a49";
+            private readonly string EXPECTED_8 = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d"
+                    + "ed1a286594";
 
-    /**
-     * AES-GCM-SIV-256 Set 3.
-     */
-    class AESGcmSiv256Test3
-    {
-        private readonly string EMPTY       = "";
-        private readonly string KEY_1       = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200";
-        private readonly string KEY_2       = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269";
-        private readonly string KEY_3       = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3";
-        private readonly string KEY_4       = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0";
-        private readonly string KEY_5       = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235";
-        private readonly string KEY_6       = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb";
-        private readonly string KEY_7       = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7";
-        private readonly string KEY_8       = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23";
-        private readonly string NONCE_1     = "e0eaf5284d884a0e77d31646";
-        private readonly string NONCE_2     = "e4b47801afc0577e34699b9e";
-        private readonly string NONCE_3     = "2f6d1f0434d8848c1177441f";
-        private readonly string NONCE_4     = "9f572c614b4745914474e7c7";
-        private readonly string NONCE_5     = "5c9e940fea2f582950a70d5a";
-        private readonly string NONCE_6     = "6de71860f762ebfbd08284e4";
-        private readonly string NONCE_7     = "028ec6eb5ea7e298342a94d4";
-        private readonly string NONCE_8     = "688089e55540db1872504e1c";
-        private readonly string AEAD_2      = "4fbdc66f14";
-        private readonly string AEAD_3      = "6787f3ea22c127aaf195";
-        private readonly string AEAD_4      = "489c8fde2be2cf97e74e932d4ed87d";
-        private readonly string AEAD_5      = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f";
-        private readonly string AEAD_6      = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f";
-        private readonly string AEAD_7      = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7";
-        private readonly string AEAD_8      = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f"
-                + "167541";
-        private readonly string DATA_2      = "671fdd";
-        private readonly string DATA_3      = "195495860f04";
-        private readonly string DATA_4      = "c9882e5386fd9f92ec";
-        private readonly string DATA_5      = "1db2316fd568378da107b52b";
-        private readonly string DATA_6      = "21702de0de18baa9c9596291b08466";
-        private readonly string DATA_7      = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85";
-        private readonly string DATA_8      = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec";
-        private readonly string EXPECTED_1  = "169fbb2fbf389a995f6390af22228a62";
-        private readonly string EXPECTED_2  = "0eaccb93da9bb81333aee0c785b240d3" + "19719d";
-        private readonly string EXPECTED_3  = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c";
-        private readonly string EXPECTED_4  = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2";
-        private readonly string EXPECTED_5  = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5";
-        private readonly string EXPECTED_6  = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd";
-        private readonly string EXPECTED_7  = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d"
-                + "0a49";
-        private readonly string EXPECTED_8  = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d"
-                + "ed1a286594";
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8);
+            }
+        }
 
         /**
-         * Test cipher.
-         * @param pTest the test engine
+         * AES-GCM-SIV-256 Set 4.
          */
-        internal void testTheCipher(GcmSivTest pTest)
+        private class AesGcmSiv256Test4
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8);
+            private readonly string EMPTY = "";
+            private readonly string KEY_1 = "00000000000000000000000000000000" + "00000000000000000000000000000000";
+            private readonly string NONCE_1 = "000000000000000000000000";
+            private readonly string DATA_1 = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108";
+            private readonly string DATA_2 = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000";
+            private readonly string EXPECTED_1 = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea"
+                    + "ffffffff000000000000000000000000";
+            private readonly string EXPECTED_2 = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000"
+                    + "0000000000000000";
+
+            /**
+             * Test cipher.
+             * @param pTest the test engine
+             */
+            internal void TestTheCipher(GcmSivTest pTest)
+            {
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1);
+                pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2);
+            }
         }
-    }
 
-    /**
-     * AES-GCM-SIV-256 Set 4.
-     */
-    class AESGcmSiv256Test4
-    {
-        private readonly string EMPTY       = "";
-        private readonly string KEY_1       = "00000000000000000000000000000000" + "00000000000000000000000000000000";
-        private readonly string NONCE_1     = "000000000000000000000000";
-        private readonly string DATA_1      = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108";
-        private readonly string DATA_2      = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000";
-        private readonly string EXPECTED_1  = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea"
-                + "ffffffff000000000000000000000000";
-        private readonly string EXPECTED_2  = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000"
-                + "0000000000000000";
+        public static void Main(string[] args)
+        {
+            RunTest(new GcmSivTest());
+        }
 
-        /**
-         * Test cipher.
-         * @param pTest the test engine
-         */
-        internal void testTheCipher(GcmSivTest pTest)
+        [Test]
+        public void TestFunction()
         {
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1);
-            pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2);
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
         }
     }
 }
-}
diff --git a/crypto/test/src/crypto/test/ParallelHashTest.cs b/crypto/test/src/crypto/test/ParallelHashTest.cs
index 2c3bb5613..3e80b4d5e 100644
--- a/crypto/test/src/crypto/test/ParallelHashTest.cs
+++ b/crypto/test/src/crypto/test/ParallelHashTest.cs
@@ -2,7 +2,6 @@ using System;
 
 using NUnit.Framework;
 
-using Org.BouncyCastle.Crypto.Engines;
 using Org.BouncyCastle.Crypto.Digests;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
@@ -10,132 +9,144 @@ using Org.BouncyCastle.Utilities.Test;
 
 namespace Org.BouncyCastle.Crypto.Tests
 {
+    /**
+     * ParallelHash test vectors from:
+     * <p>
+     * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf
+     */
     [TestFixture]
-
-/**
- * ParallelHash test vectors from:
- * <p>
- * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf
- */
-public class ParallelHashTest
-    : SimpleTest
-{
-    public override string Name
+    public class ParallelHashTest
+        : SimpleTest
     {
-        get { return "ParallelHash"; }
-    }
-        [Test]
+        public override string Name
+        {
+            get { return "ParallelHash"; }
+        }
+
         public override void PerformTest()
-    {
-        ParallelHash  pHash = new ParallelHash(128, new byte[0], 8);
+        {
+            ParallelHash  pHash = new ParallelHash(128, new byte[0], 8);
 
-        byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
-        pHash.BlockUpdate(data, 0, data.Length);
+            byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        byte[] res = new byte[pHash.GetDigestSize()];
+            byte[] res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res));
 
-        pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8);
+            pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8);
 
-        pHash.BlockUpdate(data, 0, data.Length);
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[pHash.GetDigestSize()];
+            res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res));
 
-        pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12);
+            pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
+            data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
 
-        pHash.BlockUpdate(data, 0, data.Length);
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[pHash.GetDigestSize()];
+            res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res));
 
-        pHash = new ParallelHash(256, new byte[0], 8);
+            pHash = new ParallelHash(256, new byte[0], 8);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
+            data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
 
-        pHash.BlockUpdate(data, 0, data.Length);
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[pHash.GetDigestSize()];
+            res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res));
 
-        pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8);
+            pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
+            data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27");
 
-        pHash.BlockUpdate(data, 0, data.Length);
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[pHash.GetDigestSize()];
+            res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res));
 
-        pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12);
+            pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
+            data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
 
-        pHash.BlockUpdate(data, 0, data.Length);
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[pHash.GetDigestSize()];
+            res = new byte[pHash.GetDigestSize()];
 
-        pHash.DoFinal(res, 0);
+            pHash.DoFinal(res, 0);
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res));
 
-        pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12);
+            pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
-        pHash.BlockUpdate(data, 0, data.Length);
+            data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[32];
+            res = new byte[32];
 
-        pHash.DoOutput(res, 0, res.Length);
+            pHash.DoOutput(res, 0, res.Length);
 
-        IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res));
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res));
+            IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res));
 
-        pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12);
+            pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12);
 
-        data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
-        pHash.BlockUpdate(data, 0, data.Length);
+            data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B");
+            pHash.BlockUpdate(data, 0, data.Length);
 
-        res = new byte[64];
+            res = new byte[64];
 
-        pHash.DoOutput(res, 0, res.Length);
+            pHash.DoOutput(res, 0, res.Length);
 
-        IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res));
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res));
+            IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res));
 
-        testEmpty();
-    }
+            testEmpty();
+        }
 
-    private void testEmpty()
-    {
-        //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16},
-        //{"tcId":90,"md":"13C4","outLen":16}
-        ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62);
+        private void testEmpty()
+        {
+            //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16},
+            //{"tcId":90,"md":"13C4","outLen":16}
+            ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62);
+
+            pHash.BlockUpdate(new byte[0], 0, 0);
+
+            byte[] res = new byte[16 / 8];
 
-        pHash.BlockUpdate(new byte[0], 0, 0);
+            pHash.DoOutput(res, 0, res.Length);
 
-        byte[] res = new byte[16 / 8];
+            IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res));
+        }
 
-        pHash.DoOutput(res, 0, res.Length);
+        public static void Main(string[] args)
+        {
+            RunTest(new ParallelHashTest());
+        }
 
-        IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res));
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
     }
 }
-}
diff --git a/crypto/test/src/crypto/test/RegressionTest.cs b/crypto/test/src/crypto/test/RegressionTest.cs
index 2b863d8bb..edb50da40 100644
--- a/crypto/test/src/crypto/test/RegressionTest.cs
+++ b/crypto/test/src/crypto/test/RegressionTest.cs
@@ -146,7 +146,11 @@ namespace Org.BouncyCastle.Crypto.Tests
             new KdfDoublePipelineTests(), 
             new KdfFeedbackCounterTests(),
             new CShakeTest(),
-            new KMacTest()
+            new KMacTest(),
+            new GcmSivTest(),
+            new ParallelHashTest(),
+            new SP80038GTest(),
+            new TupleHashTest(),
         };
 
         public static void Main(string[] args)
diff --git a/crypto/test/src/crypto/test/SP80038GTest.cs b/crypto/test/src/crypto/test/SP80038GTest.cs
index d9a16fd9a..2c8d5615f 100644
--- a/crypto/test/src/crypto/test/SP80038GTest.cs
+++ b/crypto/test/src/crypto/test/SP80038GTest.cs
@@ -17,95 +17,95 @@ namespace Org.BouncyCastle.Crypto.Tests
     [TestFixture]
 	public class SP80038GTest
 	    : SimpleTest
-{
-    private class FFSample
     {
-        private readonly int radix;
-        private readonly byte[] key;
-        private readonly byte[] plaintext;
-        private readonly byte[] ciphertext;
-        private readonly byte[] tweak;
-
-        public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak)
+        private class FFSample
         {
-            return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak));
-        }
+            private readonly int radix;
+            private readonly byte[] key;
+            private readonly byte[] plaintext;
+            private readonly byte[] ciphertext;
+            private readonly byte[] tweak;
 
-        private static byte fromAlphaNumeric(char c)
-        {
-            if (c >= '0' && c <= '9')
-            {
-                return (byte)(c - '0');
-            }
-            else if (c >= 'a' && c <= 'z')
-            {
-                return (byte)(10 + (c - 'a'));
-            }
-            else if (c >= 'A' && c <= 'Z')
+            public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak)
             {
-                return (byte)(36 + (c - 'A'));
+                return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak));
             }
-            else
+
+            private static byte fromAlphaNumeric(char c)
             {
-                throw new ArgumentException();
+                if (c >= '0' && c <= '9')
+                {
+                    return (byte)(c - '0');
+                }
+                else if (c >= 'a' && c <= 'z')
+                {
+                    return (byte)(10 + (c - 'a'));
+                }
+                else if (c >= 'A' && c <= 'Z')
+                {
+                    return (byte)(36 + (c - 'A'));
+                }
+                else
+                {
+                    throw new ArgumentException();
+                }
             }
-        }
 
-        private static byte[] fromAscii(int radix, string ascii)
-        {
-            byte[] result = new byte[ascii.Length];
-            for (int i = 0; i < result.Length; ++i)
+            private static byte[] fromAscii(int radix, string ascii)
             {
-                result[i] = fromAlphaNumeric(ascii[i]);
-                if (result[i] < 0 || result[i] >= radix)
+                byte[] result = new byte[ascii.Length];
+                for (int i = 0; i < result.Length; ++i)
                 {
-                    throw new ArgumentException();
+                    result[i] = fromAlphaNumeric(ascii[i]);
+                    if (result[i] < 0 || result[i] >= radix)
+                    {
+                        throw new ArgumentException();
+                    }
                 }
+                return result;
             }
-            return result;
-        }
 
-        private static byte[] fromHex(string hex)
-        {
-            return Hex.Decode(hex);
-        }
+            private static byte[] fromHex(string hex)
+            {
+                return Hex.Decode(hex);
+            }
 
-        private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak)
-        {
-            this.radix = radix;
-            this.key = key;
-            this.plaintext = plaintext;
-            this.ciphertext = ciphertext;
-            this.tweak = tweak;
-        }
+            private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak)
+            {
+                this.radix = radix;
+                this.key = key;
+                this.plaintext = plaintext;
+                this.ciphertext = ciphertext;
+                this.tweak = tweak;
+            }
 
-        public byte[] getCiphertext()
-        {
-            return ciphertext;
-        }
+            public byte[] getCiphertext()
+            {
+                return ciphertext;
+            }
 
-        public byte[] getKey()
-        {
-            return key;
-        }
+            public byte[] getKey()
+            {
+                return key;
+            }
 
-        public byte[] getPlaintext()
-        {
-            return plaintext;
-        }
+            public byte[] getPlaintext()
+            {
+                return plaintext;
+            }
 
-        public int getRadix()
-        {
-            return radix;
-        }
+            public int getRadix()
+            {
+                return radix;
+            }
 
-        public byte[] getTweak()
-        {
-            return tweak;
+            public byte[] getTweak()
+            {
+                return tweak;
+            }
         }
-    }
 
-    private static FFSample[] ff1Samples = new FFSample[]
+        private static FFSample[] ff1Samples = new FFSample[]
         {
             // FF1-AES128
             FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "2433477484", ""),
@@ -123,460 +123,473 @@ namespace Org.BouncyCastle.Crypto.Tests
             FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789abcdefghi", "xs8a0azh2avyalyzuwd", "3737373770717273373737"),
         };
 
-    private static FFSample[] ff3_1Samples = new FFSample[]
+        private static FFSample[] ff3_1Samples = new FFSample[]
         {
             // FF3-AES128
             FFSample.from(62, "7793833CE891B496381BD5B882F77EA1", "YbpT3hDo0J9xwCQ5qUWt93iv", "dDEYxViK56lGbV1WdZTPTe4w", "C58797C2580174"),
         };
 
-    private void testFF1()
-    {
-        for (int i = 0; i < ff1Samples.Length; ++i)
+        private void testFF1()
         {
-            testFF1Sample(ff1Samples[i]);
-        }
+            for (int i = 0; i < ff1Samples.Length; ++i)
+            {
+                testFF1Sample(ff1Samples[i]);
+            }
 
-        byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
-        byte[] plainText = Hex.Decode("0327035100210215");
-        byte[] tweak = Hex.Decode("39383736353433323130");
+            byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
+            byte[] plainText = Hex.Decode("0327035100210215");
+            byte[] tweak = Hex.Decode("39383736353433323130");
 
-        FpeEngine fpeEngine = new FpeFf1Engine();
+            FpeEngine fpeEngine = new FpeFf1Engine();
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak));
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak));
 
-        try
-        {
-            fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0);
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input data outside of radix", e.Message);
-        }
+            try
+            {
+                fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input data outside of radix", e.Message);
+            }
 
-        try
-        {
-            fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0);
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input too short", e.Message);
+            try
+            {
+                fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input too short", e.Message);
+            }
         }
-    }
 
-    public void testFF1w()
-    {
-        byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
-        byte[] plainText = Hex.Decode("0327035100210215");
-        byte[] cipherText = Hex.Decode("022701f80217020a");
-        byte[] tweak = Hex.Decode("39383736353433323130");
+        public void testFF1w()
+        {
+            byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
+            byte[] plainText = Hex.Decode("0327035100210215");
+            byte[] cipherText = Hex.Decode("022701f80217020a");
+            byte[] tweak = Hex.Decode("39383736353433323130");
 
-        FpeEngine fpeEngine = new FpeFf1Engine();
+            FpeEngine fpeEngine = new FpeFf1Engine();
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak));
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak));
 
-        byte[] enc = new byte[plainText.Length];
+            byte[] enc = new byte[plainText.Length];
 
-        fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0);
+            fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0);
 
-        AreEqual(cipherText, enc);
+            AreEqual(cipherText, enc);
 
-        fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak));
+            fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak));
 
-        fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0);
+            fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0);
 
-        AreEqual(plainText, enc);
+            AreEqual(plainText, enc);
 
-        byte[] outPt = Hex.Decode("03270F5100210215");
+            byte[] outPt = Hex.Decode("03270F5100210215");
 
-        try
-        {
-            fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0);
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input data outside of radix", e.Message);
+            try
+            {
+                fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0);
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input data outside of radix", e.Message);
+            }
         }
-    }
 
-    public void testFF3_1()
-    {
-        for (int i = 0; i < ff3_1Samples.Length; ++i)
+        public void testFF3_1()
         {
-            testFF3_1Sample(ff3_1Samples[i]);
-        }
+            for (int i = 0; i < ff3_1Samples.Length; ++i)
+            {
+                testFF3_1Sample(ff3_1Samples[i]);
+            }
 
-        byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
-        byte[] plainText = Hex.Decode("0327035100210215");
-        byte[] tweak = Hex.Decode("39383736353433");
+            byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
+            byte[] plainText = Hex.Decode("0327035100210215");
+            byte[] tweak = Hex.Decode("39383736353433");
 
-        FpeEngine fpeEngine = new FpeFf3_1Engine();
+            FpeEngine fpeEngine = new FpeFf3_1Engine();
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak));
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak));
 
-        try
-        {
-            fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0);
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input data outside of radix", e.Message);
-        }
+            try
+            {
+                fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input data outside of radix", e.Message);
+            }
 
-        try
-        {
-            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef")));
+            try
+            {
+                fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef")));
 
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("tweak should be 56 bits", e.Message);
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("tweak should be 56 bits", e.Message);
+            }
         }
-    }
 
-    private void testFF3_1w()
-    {
-        byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
-        byte[] plainText = Hex.Decode("0327035100210215");
-        byte[] cipherText = Hex.Decode("02fb024900310220");
-        byte[] tweak = Hex.Decode("39383736353433");
+        private void testFF3_1w()
+        {
+            byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6");
+            byte[] plainText = Hex.Decode("0327035100210215");
+            byte[] cipherText = Hex.Decode("02fb024900310220");
+            byte[] tweak = Hex.Decode("39383736353433");
 
-        FpeEngine fpeEngine = new FpeFf3_1Engine();
+            FpeEngine fpeEngine = new FpeFf3_1Engine();
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak));
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak));
 
-        byte[] enc = new byte[plainText.Length];
+            byte[] enc = new byte[plainText.Length];
 
-        fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0);
+            fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0);
 
-        IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc));
+            IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc));
 
-        fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak));
+            fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak));
 
-        fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0);
+            fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0);
 
-        IsTrue(AreEqual(plainText, enc));
+            IsTrue(AreEqual(plainText, enc));
 
-        byte[] outPt = Hex.Decode("03270F5100210215");
+            byte[] outPt = Hex.Decode("03270F5100210215");
 
-        try
-        {
-            fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0);
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input data outside of radix", e.Message);
+            try
+            {
+                fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0);
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input data outside of radix", e.Message);
+            }
         }
-    }
 
-    private void testDisable()
-    {
-        Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true");
-        try
-        {
-            testFF1();
-            Fail("no exception");
-        }
-        catch (InvalidOperationException e)
+        private void testDisable()
         {
-            IsEquals("FF1 encryption disabled", e.Message);
-        }
+            Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true");
+            try
+            {
+                testFF1();
+                Fail("no exception");
+            }
+            catch (InvalidOperationException e)
+            {
+                IsEquals("FF1 encryption disabled", e.Message);
+            }
+
+            try
+            {
+                testFF3_1();
+                Fail("no exception");
+            }
+            catch (InvalidOperationException e)
+            {
+                IsEquals("FPE disabled", e.Message);
+            }
+            Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false");
+
+            Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true");
+            try
+            {
+                testFF1();
+                Fail("no exception");
+            }
+            catch (InvalidOperationException e)
+            {
+                IsEquals("FF1 encryption disabled", e.Message);
+            }
 
-        try
-        {
             testFF3_1();
-            Fail("no exception");
-        }
-        catch (InvalidOperationException e)
-        {
-            IsEquals("FPE disabled", e.Message);
+            Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false");
         }
-        Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false");
 
-        Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true");
-        try
-        {
-            testFF1();
-            Fail("no exception");
-        }
-        catch (InvalidOperationException e)
+        private void testFF3_1_255()
         {
-            IsEquals("FF1 encryption disabled", e.Message);
-        }
+            byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8");
+            byte[] tweak = Hex.Decode("3F096DE35BFA31");
+            int radix = 256;
 
-        testFF3_1();
-        Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false");
-    }
+            FpeEngine fpeEngine = new FpeFf3_1Engine();
 
-    private void testFF3_1_255()
-    {
-        byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8");
-        byte[] tweak = Hex.Decode("3F096DE35BFA31");
-        int radix = 256;
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak));
 
-        FpeEngine fpeEngine = new FpeFf3_1Engine();
+            ulong valueToEncrypt = 0x31009155FFL;
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak));
+            byte[] bytes = Hex.Decode("00000031009155FF");
+            byte[] enc = new byte[bytes.Length];
+            //Encrypt
 
-        ulong valueToEncrypt = 0x31009155FFL;
+            fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0);
 
-        byte[] bytes = Hex.Decode("00000031009155FF");
-        byte[] enc = new byte[bytes.Length];
-        //Encrypt
+            IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc));
 
-        fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0);
+            //Decrypt
+            fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak));
 
-        IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc));
+            fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0);
 
-        //Decrypt
-        fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak));
+            IsTrue(Arrays.AreEqual(bytes, enc));
+        }
 
-        fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0);
+        private void testFF1Sample(FFSample ff1)
+        {
+            FpeEngine fpeEngine = new FpeFf1Engine();
 
-        IsTrue(Arrays.AreEqual(bytes, enc));
-    }
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak()));
 
-    private void testFF1Sample(FFSample ff1)
-    {
-        FpeEngine fpeEngine = new FpeFf1Engine();
+            byte[] plain = ff1.getPlaintext();
+            byte[] enc = new byte[plain.Length];
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak()));
+            fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0);
 
-        byte[] plain = ff1.getPlaintext();
-        byte[] enc = new byte[plain.Length];
+            IsTrue(AreEqual(ff1.getCiphertext(), enc));
 
-        fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0);
+            fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak()));
 
-        IsTrue(AreEqual(ff1.getCiphertext(), enc));
+            fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0);
 
-        fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak()));
+            IsTrue(AreEqual(ff1.getPlaintext(), enc));
+        }
 
-        fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0);
+        private void testFF3_1Sample(FFSample ff3_1)
+        {
+            FpeEngine fpeEngine = new FpeFf3_1Engine();
 
-        IsTrue(AreEqual(ff1.getPlaintext(), enc));
-    }
+            fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak()));
 
-    private void testFF3_1Sample(FFSample ff3_1)
-    {
-        FpeEngine fpeEngine = new FpeFf3_1Engine();
+            byte[] plain = ff3_1.getPlaintext();
+            byte[] enc = new byte[plain.Length];
 
-        fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak()));
+            fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0);
 
-        byte[] plain = ff3_1.getPlaintext();
-        byte[] enc = new byte[plain.Length];
+            IsTrue(AreEqual(ff3_1.getCiphertext(), enc));
 
-        fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0);
+            fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak()));
 
-        IsTrue(AreEqual(ff3_1.getCiphertext(), enc));
+            fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0);
 
-        fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak()));
+            IsTrue(AreEqual(ff3_1.getPlaintext(), enc));
+        }
 
-        fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0);
+        public void testFF1Bounds()
+        {
+            byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8");
+            byte[] tweak = Hex.Decode("3F096DE35BFA31");
 
-        IsTrue(AreEqual(ff3_1.getPlaintext(), enc));
-    }
+            FpeEngine fpeEngine = new FpeFf1Engine();
 
-    public void testFF1Bounds()
-    {
-        byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8");
-        byte[] tweak = Hex.Decode("3F096DE35BFA31");
+            try
+            {
+                IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI");
 
-        FpeEngine fpeEngine = new FpeFf1Engine();
+                fpeEngine.Init(true, new FpeParameters(new KeyParameter(key),
+                            alphabetMapper.Radix, tweak));
 
-        try
-        {
-            IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI");
+                process(fpeEngine, new byte[] { 1, 2, 3 });
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+               IsEquals("input too short", e.Message);
+            }
+
+            try
+            {
+                IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD");
 
-            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key),
-                        alphabetMapper.Radix, tweak));
+                fpeEngine.Init(true, new FpeParameters(new KeyParameter(key),
+                            alphabetMapper.Radix, tweak));
 
-            process(fpeEngine, new byte[] { 1, 2, 3 });
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-           IsEquals("input too short", e.Message);
+                process(fpeEngine, new byte[] { 1, 2, 3 });
+                Fail("no exception");
+            }
+            catch (ArgumentException e)
+            {
+                IsEquals("input too short", e.Message);
+            }
         }
 
-        try
+        private void testFF3_1Bounds()
         {
-            IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD");
+            String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
 
-            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key),
-                        alphabetMapper.Radix, tweak));
+            IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha);
 
-            process(fpeEngine, new byte[] { 1, 2, 3 });
-            Fail("no exception");
-        }
-        catch (ArgumentException e)
-        {
-            IsEquals("input too short", e.Message);
-        }
-    }
+            ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u");
+            ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z");
+            ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD");
+            try
+            {
+                ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk");
+                Fail("no exception 1");
+            }
+            catch (ArgumentException e)
+            {
+               IsEquals("maximum input length is 32", e.Message);
+            }
 
-    private void testFF3_1Bounds()
-    {
-        String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
+            try
+            {
+                ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L");
+                Fail("no exception 2");
+            }
+            catch (ArgumentException e)
+            {
+               IsEquals("input too short", e.Message);
+            }
 
-        IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha);
+            try
+            {
+                alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI");
 
-        ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u");
-        ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z");
-        ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD");
-        try
-        {
-            ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk");
-            Fail("no exception 1");
-        }
-        catch (ArgumentException e)
-        {
-           IsEquals("maximum input length is 32", e.Message);
+                ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ");
+                Fail("no exception 3");
+            }
+            catch (ArgumentException e)
+            {
+               IsEquals("input too short", e.Message);
+            }
         }
 
-        try
+        private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output)
         {
-            ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L");
-            Fail("no exception 2");
-        }
-        catch (ArgumentException e)
-        {
-           IsEquals("input too short", e.Message);
-        }
+            FpeEngine fpeEncEngine = new FpeFf3_1Engine();
+            FpeEngine fpeDecEngine = new FpeFf3_1Engine();
 
-        try
-        {
-            alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI");
+            byte[] key = Hex.Decode(skey);
+            byte[] tweak = Hex.Decode(stweak);
+            int radix = alphabetMapper.Radix;
 
-            ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ");
-            Fail("no exception 3");
-        }
-        catch (ArgumentException e)
-        {
-           IsEquals("input too short", e.Message);
-        }
-    }
+            fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak));
+            fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak));
 
-    private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output)
-    {
-        FpeEngine fpeEncEngine = new FpeFf3_1Engine();
-        FpeEngine fpeDecEngine = new FpeFf3_1Engine();
+            byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray());
 
-        byte[] key = Hex.Decode(skey);
-        byte[] tweak = Hex.Decode(stweak);
-        int radix = alphabetMapper.Radix;
+            byte[] encryptedBytes = process(fpeEncEngine, bytes);
+            IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes)));
 
-        fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak));
-        fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak));
+            byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes);
+            IsTrue(Arrays.AreEqual(bytes, decryptedBytes));
+            char[] chars = alphabetMapper.ConvertToChars(decryptedBytes);
+            IsEquals(input, new String(chars));
+        }
 
-        byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray());
+        private byte[] process(FpeEngine fpeEngine, byte[] bytes)
+        {
+            byte[] rv = new byte[bytes.Length];
 
-        byte[] encryptedBytes = process(fpeEncEngine, bytes);
-        IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes)));
+            fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0);
 
-        byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes);
-        IsTrue(Arrays.AreEqual(bytes, decryptedBytes));
-        char[] chars = alphabetMapper.ConvertToChars(decryptedBytes);
-        IsEquals(input, new String(chars));
-    }
+            return rv;
+        }
 
-    private byte[] process(FpeEngine fpeEngine, byte[] bytes)
-    {
-        byte[] rv = new byte[bytes.Length];
+        public void testUtility()
+        {
+            FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray());
 
-        fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0);
+            char[] input = "01234567890123456".ToCharArray();
+            char[] encrypted = fpeEnc.Process(input);
 
-        return rv;
-    }
+            FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray());
+            char[] decrypted = fpeDec.Process(encrypted);
 
-    public void testUtility()
-    {
-        FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray());
+            IsTrue("no match", Arrays.AreEqual(input, decrypted));
+        }
 
-        char[] input = "01234567890123456".ToCharArray();
-        char[] encrypted = fpeEnc.Process(input);
+        public override void PerformTest()
+        {
+            testFF1();
+            testFF1w();
+            testFF1Bounds();
+            testFF3_1();
+            testFF3_1w();
+            testFF3_1_255();
+            testFF3_1Bounds();
+            testDisable();
+            testUtility();
+        }
 
-        FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray());
-        char[] decrypted = fpeDec.Process(encrypted);
+        public override string Name
+        {
+            get { return "SP80038GTest"; }
+        }
 
-        IsTrue("no match", Arrays.AreEqual(input, decrypted));
-    }
+        public static void Main(string[] args)
+        {
+            RunTest(new SP80038GTest());
+        }
 
-    public override string Name
-    {
-        get { return "SP80038GTest"; }
-    }
         [Test]
-        public override void PerformTest()
-    {
-        testFF1();
-        testFF1w();
-        testFF1Bounds();
-        testFF3_1();
-        testFF3_1w();
-        testFF3_1_255();
-        testFF3_1Bounds();
-        testDisable();
-        testUtility();
-    }
-
-    public class FpeCharEncryptor
-    {
-        private readonly FpeEngine fpeEngine;
-        private IAlphabetMapper alphabetMapper;
-
-        public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet)
+        public void TestFunction()
         {
+            string resultText = Perform().ToString();
 
+            Assert.AreEqual(Name + ": Okay", resultText);
         }
 
-        public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet)
+        public class FpeCharEncryptor
         {
-            this.fpeEngine = fpeEngine;
+            private readonly FpeEngine fpeEngine;
+            private IAlphabetMapper alphabetMapper;
 
-            alphabetMapper = new BasicAlphabetMapper(alphabet);
+            public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet)
+            {
 
-            fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak));
-        }
+            }
 
-        public char[] Process(char[] input)
-        {
-            byte[] bytes = alphabetMapper.ConvertToIndexes(input);
+            public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet)
+            {
+                this.fpeEngine = fpeEngine;
 
-            fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0);
+                alphabetMapper = new BasicAlphabetMapper(alphabet);
 
-            return alphabetMapper.ConvertToChars(bytes);
-        }
-    }
+                fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak));
+            }
 
-    public class FpeCharDecryptor
-    {
-        private readonly FpeEngine fpeEngine;
-        private IAlphabetMapper alphabetMapper;
+            public char[] Process(char[] input)
+            {
+                byte[] bytes = alphabetMapper.ConvertToIndexes(input);
 
-        public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet)
-        {
+                fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0);
+
+                return alphabetMapper.ConvertToChars(bytes);
+            }
         }
 
-        public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet)
+        public class FpeCharDecryptor
         {
-            this.fpeEngine = fpeEngine;
+            private readonly FpeEngine fpeEngine;
+            private IAlphabetMapper alphabetMapper;
 
-            alphabetMapper = new BasicAlphabetMapper(alphabet);
+            public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet)
+            {
+            }
 
-            fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak));
-        }
+            public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet)
+            {
+                this.fpeEngine = fpeEngine;
 
-        public char[] Process(char[] input)
-        {
-            byte[] bytes = alphabetMapper.ConvertToIndexes(input);
+                alphabetMapper = new BasicAlphabetMapper(alphabet);
+
+                fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak));
+            }
 
-            fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0);
+            public char[] Process(char[] input)
+            {
+                byte[] bytes = alphabetMapper.ConvertToIndexes(input);
 
-            return alphabetMapper.ConvertToChars(bytes);
+                fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0);
+
+                return alphabetMapper.ConvertToChars(bytes);
+            }
         }
     }
 }
-}
diff --git a/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx b/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx
deleted file mode 100644
index 770956d0b..000000000
--- a/crypto/test/src/crypto/test/SentrixSigningSha256Hard.pfx
+++ /dev/null
Binary files differdiff --git a/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx b/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx
deleted file mode 100644
index d8c3cd534..000000000
--- a/crypto/test/src/crypto/test/SentrixSigningSha256Soft.pfx
+++ /dev/null
Binary files differdiff --git a/crypto/test/src/crypto/test/TupleHashTest.cs b/crypto/test/src/crypto/test/TupleHashTest.cs
index dc2062577..2195bb27f 100644
--- a/crypto/test/src/crypto/test/TupleHashTest.cs
+++ b/crypto/test/src/crypto/test/TupleHashTest.cs
@@ -9,101 +9,113 @@ using Org.BouncyCastle.Utilities.Test;
 
 namespace Org.BouncyCastle.Crypto.Tests
 {
+    /**
+     * TupleHash test vectors from:
+     * <p>
+     * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf
+     */
     [TestFixture]
-/**
- * TupleHash test vectors from:
- * <p>
- * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf
- */
-public class TupleHashTest
-    : SimpleTest
-{
-    public override string Name
+    public class TupleHashTest
+        : SimpleTest
     {
-        get { return "TupleHash"; }
-    }
+        public override string Name
+        {
+            get { return "TupleHash"; }
+        }
 
-        [Test]
         public override void PerformTest()
-    {
-        TupleHash tHash = new TupleHash(128, new byte[0]);
+        {
+            TupleHash tHash = new TupleHash(128, new byte[0]);
+
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            byte[] res = new byte[tHash.GetDigestSize()];
 
-        byte[] res = new byte[tHash.GetDigestSize()];
+            tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res));
 
-        tHash.DoFinal(res, 0);
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res));
+            tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App"));
 
-        tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App"));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.DoFinal(res, 0);
 
-        tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res));
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
-        tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
+            tHash.DoFinal(res, 0);
 
-        tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res));
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res));
+            tHash = new TupleHash(256, new byte[0]);
 
-        tHash = new TupleHash(256, new byte[0]);
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            res = new byte[tHash.GetDigestSize()];
 
-        res = new byte[tHash.GetDigestSize()];
+            tHash.DoFinal(res, 0);
 
-        tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res));
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res));
+            tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App"));
 
-        tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App"));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.DoFinal(res, 0);
 
-        tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res));
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
-        tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
+            tHash.DoFinal(res, 0);
 
-        tHash.DoFinal(res, 0);
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res));
 
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res));
+            tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App"));
 
-        tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App"));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
-        tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
+            res = new byte[32];
+            tHash.DoOutput(res, 0, res.Length);
 
-        res = new byte[32];
-        tHash.DoOutput(res, 0, res.Length);
+            IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res));
 
-        IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res));
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res));
+            tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App"));
 
-        tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App"));
+            tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
+            tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
+            tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
 
-        tHash.BlockUpdate(Hex.Decode("000102"), 0, 3);
-        tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6);
-        tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9);
+            res = new byte[64];
+            tHash.DoOutput(res, 0, res.Length);
 
-        res = new byte[64];
-        tHash.DoOutput(res, 0, res.Length);
+            IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res));
+            IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res));
+        }
 
-        IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res));
-        IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res));
+        public static void Main(string[] args)
+        {
+            RunTest(new TupleHashTest());
+        }
+
+        [Test]
+        public void TestFunction()
+        {
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
+        }
     }
 }
-}
diff --git a/crypto/test/src/openpgp/test/PGPArmoredTest.cs b/crypto/test/src/openpgp/test/PGPArmoredTest.cs
index f78165d5a..1f1cbf3c3 100644
--- a/crypto/test/src/openpgp/test/PGPArmoredTest.cs
+++ b/crypto/test/src/openpgp/test/PGPArmoredTest.cs
@@ -292,11 +292,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
 		public override string Name
 		{
-			get { return "PGPArmoredTest"; }
+			get { return "PgpArmoredTest"; }
 		}
 
-		public static void Main(
-			string[] args)
+		public static void Main(string[] args)
 		{
 			RunTest(new PgpArmoredTest());
 		}
diff --git a/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs
index 668f8cce2..6ed632a00 100644
--- a/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs
+++ b/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs
@@ -160,7 +160,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
 		public override string Name
 		{
-			get { return "PGPClearSignedSignature"; }
+			get { return "PgpClearSignedSignatureTest"; }
 		}
 
 		private void messageTest(
@@ -428,8 +428,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			generateTest(crNlMessage, "\\r\\n");
 		}
 
-		public static void Main(
-			string[] args)
+		public static void Main(string[] args)
 		{
 			RunTest(new PgpClearSignedSignatureTest());
 		}
diff --git a/crypto/test/src/openpgp/test/PGPCompressionTest.cs b/crypto/test/src/openpgp/test/PGPCompressionTest.cs
index fdcf7222c..c8bca7470 100644
--- a/crypto/test/src/openpgp/test/PGPCompressionTest.cs
+++ b/crypto/test/src/openpgp/test/PGPCompressionTest.cs
@@ -4,8 +4,6 @@ using System.Text;
 
 using NUnit.Framework;
 
-using Org.BouncyCastle.Asn1.Utilities;
-using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.IO;
 using Org.BouncyCastle.Utilities.Test;
 
@@ -105,11 +103,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
 		public override string Name
 		{
-			get { return "PGPCompressionTest"; }
+			get { return "PgpCompressionTest"; }
 		}
 
-		public static void Main(
-			string[] args)
+		public static void Main(string[] args)
 		{
 			RunTest(new PgpCompressionTest());
 		}
diff --git a/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs
index b86324954..cd10a3ffe 100644
--- a/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs
+++ b/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs
@@ -1,5 +1,4 @@
 using System;
-using System.Collections;
 using System.IO;
 using System.Text;
 
@@ -472,7 +471,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 
 		public override string Name
 		{
-			get { return "PGPDSAElGamalTest"; }
+			get { return "PgpDsaElGamalTest"; }
 		}
 
 		public static void Main(
diff --git a/crypto/test/src/openpgp/test/PGPDSATest.cs b/crypto/test/src/openpgp/test/PGPDSATest.cs
index e1dc384db..b99fe2354 100644
--- a/crypto/test/src/openpgp/test/PGPDSATest.cs
+++ b/crypto/test/src/openpgp/test/PGPDSATest.cs
@@ -580,8 +580,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			get { return "PgpDsaTest"; }
         }
 
-		public static void Main(
-			string[] args)
+		public static void Main(string[] args)
         {
 			RunTest(new PgpDsaTest());
         }
diff --git a/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs b/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs
index 222b50a4b..3006aeb3e 100644
--- a/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs
+++ b/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs
@@ -1,5 +1,4 @@
 using System;
-using System.IO;
 
 using NUnit.Framework;
 
@@ -152,8 +151,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpNoPrivateKeyTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpNoPrivateKeyTest());
         }
diff --git a/crypto/test/src/openpgp/test/PGPPBETest.cs b/crypto/test/src/openpgp/test/PGPPBETest.cs
index eee3aaa63..43016465e 100644
--- a/crypto/test/src/openpgp/test/PGPPBETest.cs
+++ b/crypto/test/src/openpgp/test/PGPPBETest.cs
@@ -367,8 +367,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			get { return "PgpPbeTest"; }
         }
 
-		public static void Main(
-			string[] args)
+		public static void Main(string[] args)
         {
 			RunTest(new PgpPbeTest());
         }
diff --git a/crypto/test/src/openpgp/test/PGPPacketTest.cs b/crypto/test/src/openpgp/test/PGPPacketTest.cs
index b3dbbc2ed..9c5e8239f 100644
--- a/crypto/test/src/openpgp/test/PGPPacketTest.cs
+++ b/crypto/test/src/openpgp/test/PGPPacketTest.cs
@@ -63,8 +63,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			get { return "PgpPacketTest"; }
         }
 
-		public static void Main(
-            string[] args)
+		public static void Main(string[] args)
         {
 			RunTest(new PgpPacketTest());
         }
diff --git a/crypto/test/src/openpgp/test/PGPRSATest.cs b/crypto/test/src/openpgp/test/PGPRSATest.cs
index be111c958..250fe6143 100644
--- a/crypto/test/src/openpgp/test/PGPRSATest.cs
+++ b/crypto/test/src/openpgp/test/PGPRSATest.cs
@@ -7,7 +7,6 @@ using NUnit.Framework;
 
 using Org.BouncyCastle.Bcpg.Attr;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Generators;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Security;
@@ -1216,8 +1215,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpRsaTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpRsaTest());
         }
diff --git a/crypto/test/src/openpgp/test/PGPSignatureTest.cs b/crypto/test/src/openpgp/test/PGPSignatureTest.cs
index d2f4a8a31..b836fe236 100644
--- a/crypto/test/src/openpgp/test/PGPSignatureTest.cs
+++ b/crypto/test/src/openpgp/test/PGPSignatureTest.cs
@@ -1069,8 +1069,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpSignatureTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpSignatureTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpECDHTest.cs b/crypto/test/src/openpgp/test/PgpECDHTest.cs
index b7c500bd0..94ab2a755 100644
--- a/crypto/test/src/openpgp/test/PgpECDHTest.cs
+++ b/crypto/test/src/openpgp/test/PgpECDHTest.cs
@@ -6,9 +6,7 @@ using System.Text;
 using NUnit.Framework;
 
 using Org.BouncyCastle.Asn1.Sec;
-using Org.BouncyCastle.Asn1.X9;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Generators;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
@@ -263,8 +261,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpECDHTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpECDHTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpECDsaTest.cs b/crypto/test/src/openpgp/test/PgpECDsaTest.cs
index 6259ef627..c06532080 100644
--- a/crypto/test/src/openpgp/test/PgpECDsaTest.cs
+++ b/crypto/test/src/openpgp/test/PgpECDsaTest.cs
@@ -188,8 +188,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpECDsaTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpECDsaTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpECMessageTest.cs b/crypto/test/src/openpgp/test/PgpECMessageTest.cs
index ac8283721..8f6111c9b 100644
--- a/crypto/test/src/openpgp/test/PgpECMessageTest.cs
+++ b/crypto/test/src/openpgp/test/PgpECMessageTest.cs
@@ -179,8 +179,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpECMessageTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpECMessageTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpFeaturesTest.cs b/crypto/test/src/openpgp/test/PgpFeaturesTest.cs
index 2969d8982..162c3f093 100644
--- a/crypto/test/src/openpgp/test/PgpFeaturesTest.cs
+++ b/crypto/test/src/openpgp/test/PgpFeaturesTest.cs
@@ -1,15 +1,17 @@
-
-using NUnit.Core;
+using System;
+
 using NUnit.Framework;
+
 using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities.Test;
 
 namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 {
     [TestFixture]
     public class PgpFeaturesTest
+        : SimpleTest
     {
-        [Test]
-        public void PerformTest()
+        public override void PerformTest()
         {
             Features f = new Features(true, Features.FEATURE_MODIFICATION_DETECTION);
             Assert.IsTrue(f.SupportsFeature(Features.FEATURE_MODIFICATION_DETECTION));
@@ -36,20 +38,22 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             Assert.IsTrue(f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY));
         }
 
+        public override string Name
+        {
+            get { return "PgpFeaturesTest"; }
+        }
+
         public static void Main(string[] args)
         {
-            Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty);
+            RunTest(new PgpFeaturesTest());
         }
 
-        [Suite]
-        public static TestSuite Suite
+        [Test]
+        public void TestFunction()
         {
-            get
-            {
-                TestSuite suite = new TestSuite("PGP Features Tests");
-                suite.Add(new PgpFeaturesTest());
-                return suite;
-            }
+            string resultText = Perform().ToString();
+
+            Assert.AreEqual(Name + ": Okay", resultText);
         }
     }
 }
diff --git a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
index aed750318..f8eaa648d 100644
--- a/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
+++ b/crypto/test/src/openpgp/test/PgpKeyRingTest.cs
@@ -2654,8 +2654,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             get { return "PgpKeyRingTest"; }
         }
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             RunTest(new PgpKeyRingTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpMarkerTest.cs b/crypto/test/src/openpgp/test/PgpMarkerTest.cs
index 89be7cd52..929be6d73 100644
--- a/crypto/test/src/openpgp/test/PgpMarkerTest.cs
+++ b/crypto/test/src/openpgp/test/PgpMarkerTest.cs
@@ -1,5 +1,4 @@
 using System;
-using System.IO;
 
 using NUnit.Framework;
 
@@ -85,8 +84,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			get { return "PgpMarkerTest"; }
         }
 
-		public static void Main(
-            string[] args)
+		public static void Main(string[] args)
         {
             RunTest(new PgpMarkerTest());
         }
diff --git a/crypto/test/src/openpgp/test/PgpParsingTest.cs b/crypto/test/src/openpgp/test/PgpParsingTest.cs
index 78fca7570..6a5688484 100644
--- a/crypto/test/src/openpgp/test/PgpParsingTest.cs
+++ b/crypto/test/src/openpgp/test/PgpParsingTest.cs
@@ -23,8 +23,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 			get { return "PgpParsingTest"; }
 		}
 
-        public static void Main(
-			string[] args)
+        public static void Main(string[] args)
 		{
 			RunTest(new PgpParsingTest());
 		}
diff --git a/crypto/test/src/openpgp/test/PgpUnicodeTest.cs b/crypto/test/src/openpgp/test/PgpUnicodeTest.cs
index 534e8a471..d73e3d7a6 100644
--- a/crypto/test/src/openpgp/test/PgpUnicodeTest.cs
+++ b/crypto/test/src/openpgp/test/PgpUnicodeTest.cs
@@ -2,7 +2,6 @@
 using System.IO;
 using System.Text;
 
-using NUnit.Core;
 using NUnit.Framework;
 
 using Org.BouncyCastle.Math;
@@ -12,6 +11,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
 {
     [TestFixture]
     public class PgpUnicodeTest
+        : SimpleTest
     {
         private void DoTestKey(BigInteger keyId, string passphrase, bool utf8)
         {
@@ -123,20 +123,21 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             return new PgpSecretKeyRingBundle(SimpleTest.GetTestDataAsStream("openpgp.unicode." + keyName));
         }
 
-        public static void Main(string[] args)
+        public override string Name
         {
-            Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty);
+            get { return "PgpUnicodeTest"; }
         }
 
-        [Suite]
-        public static TestSuite Suite
+        public override void PerformTest()
         {
-            get
-            {
-                TestSuite suite = new TestSuite("Unicode Password Tests");
-                suite.Add(new PgpUnicodeTest());
-                return suite;
-            }
+            TestAsciiPassphrase();
+            TestCyrillicPassphrase();
+            TestUmlautPassphrase();
+        }
+
+        public static void Main(string[] args)
+        {
+            RunTest(new PgpUnicodeTest());
         }
     }
 }
diff --git a/crypto/test/src/openpgp/test/RegressionTest.cs b/crypto/test/src/openpgp/test/RegressionTest.cs
index 329960bd8..5e978f0ea 100644
--- a/crypto/test/src/openpgp/test/RegressionTest.cs
+++ b/crypto/test/src/openpgp/test/RegressionTest.cs
@@ -24,15 +24,14 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests
             new PgpECDsaTest(),
             new PgpECMessageTest(),
             new PgpParsingTest(),
+            new PgpFeaturesTest(),
         };
 
-        public static void Main(
-            string[] args)
+        public static void Main(string[] args)
         {
             foreach (ITest test in tests)
             {
-                ITestResult result = test.Perform();
-                Console.WriteLine(result);
+                SimpleTest.RunTest(test);
             }
         }
     }