Zitat:
See stream functionality does need signal to end as it can and most likely used as chunk or repeated calls, "Done" will signal the sealing of the GCM tag calculation by multiply the last chained result with the first block (the one with counter=0), but enforcing requirement will break the one hit EncodeBytes/DecodeBytes, i saw these being used in many places in one line of code, enforcing "Done" with them is wrong, yet i support the functionality itself, but it must be different, may be different pair of functions, like EncodeChunk that accept TBytes or ...
By housekeeping I mean that the GCM class would count the bytes and updates the state. When done is called of course everything is finalzed and cannot
be updated further (this ends the stream...). There would also be some housekeeping involved regarding the cipher! If it does not fit the
e.g. AES blocksize one would keep the residual in memory. When Done is called the final block is encrypted + the Tag is calculated.
Zitat:
But in general moving GCM into own class is not bad idea, just costly in implementation, and will make the code cleaner as one line operation like EncodeBytes can use that GCM and call done internally, yet it might be not small refactor.
I think so too... I don't even know how the current implementation would
handle a non AES 128 cipher if gcm is selected as mode.