port to MSVC .NET 2005 beta 2

2005-07-12 04:23:32 +00:00 · 2005-07-12 04:23:32 +00:00 · 1db8ea5084
parent 31068bd685
commit 1db8ea5084
131 changed files with 1626 additions and 1519 deletions
--- a/Readme.txt
+++ b/Readme.txt
@ -1,5 +1,5 @@
 Crypto++: a C++ Class Library of Cryptographic Schemes
-Version 5.2.3 (in development)
+Version 5.3 (in development)
 This library includes:
@ -350,4 +350,6 @@ the mailing list.
 5.2.3 - fixed issues with FIPS algorithm test vectors
      - put RSASSA-ISO into DLL
 5.3 - Ported to MSVC .NET 2005 beta 2
 Written by Wei Dai
--- a/adler32.cpp
+++ b/adler32.cpp
@ -5,7 +5,7 @@
 NAMESPACE_BEGIN(CryptoPP)
-void Adler32::Update(const byte *input, unsigned int length)
+void Adler32::Update(const byte *input, size_t length)
 {
 	const unsigned long BASE = 65521;
@ -53,7 +53,7 @@ void Adler32::Update(const byte *input, unsigned int length)
 	m_s2 = (word16)s2;
 }
-void Adler32::TruncatedFinal(byte *hash, unsigned int size)
+void Adler32::TruncatedFinal(byte *hash, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/adler32.h
+++ b/adler32.h
@ -11,8 +11,8 @@ class Adler32 : public HashTransformation
 public:
 	enum {DIGESTSIZE = 4};
 	Adler32() {Reset();}
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *hash, unsigned int size);
+	void TruncatedFinal(byte *hash, size_t size);
 	unsigned int DigestSize() const {return DIGESTSIZE;}
 private:
--- a/algebra.cpp
+++ b/algebra.cpp
@ -303,7 +303,7 @@ void AbstractGroup<T>::SimultaneousMultiply(T *results, const T &base, const Int
 		r = buckets[i][buckets[i].size()-1];
 		if (buckets[i].size() > 1)
 		{
-			for (int j = buckets[i].size()-2; j >= 1; j--)
+			for (int j = (int)buckets[i].size()-2; j >= 1; j--)
 			{
 				Accumulate(buckets[i][j], buckets[i][j+1]);
 				Accumulate(r, buckets[i][j]);
--- a/algparam.h
+++ b/algparam.h
@ -17,7 +17,7 @@ public:
 	{
 		Assign((const byte *)data, data ? strlen(data) : 0, deepCopy);
 	}
-	ConstByteArrayParameter(const byte *data, unsigned int size, bool deepCopy = false)
+	ConstByteArrayParameter(const byte *data, size_t size, bool deepCopy = false)
 	{
 		Assign(data, size, deepCopy);
 	}
@ -27,7 +27,7 @@ public:
 		Assign((const byte *)string.data(), string.size(), deepCopy);
 	}
-	void Assign(const byte *data, unsigned int size, bool deepCopy)
+	void Assign(const byte *data, size_t size, bool deepCopy)
 	{
 		if (deepCopy)
 			m_block.Assign(data, size);
@ -41,12 +41,12 @@ public:
 	const byte *begin() const {return m_deepCopy ? m_block.begin() : m_data;}
 	const byte *end() const {return m_deepCopy ? m_block.end() : m_data + m_size;}
-	unsigned int size() const {return m_deepCopy ? m_block.size() : m_size;}
+	size_t size() const {return m_deepCopy ? m_block.size() : m_size;}
 private:
 	bool m_deepCopy;
 	const byte *m_data;
-	unsigned int m_size;
+	size_t m_size;
 	SecByteBlock m_block;
 };
@ -60,11 +60,11 @@ public:
 	byte *begin() const {return m_data;}
 	byte *end() const {return m_data + m_size;}
-	unsigned int size() const {return m_size;}
+	size_t size() const {return m_size;}
 private:
 	byte *m_data;
-	unsigned int m_size;
+	size_t m_size;
 };
 class CRYPTOPP_DLL CombinedNameValuePairs : public NameValuePairs
--- a/arc4.cpp
+++ b/arc4.cpp
@ -65,7 +65,7 @@ byte ARC4_Base::GenerateByte()
 	return MakeByte(m_x, m_y, m_state);
 }
-void ARC4_Base::ProcessData(byte *outString, const byte *inString, unsigned int length)
+void ARC4_Base::ProcessData(byte *outString, const byte *inString, size_t length)
 {
 	if (length == 0)
 		return;
@ -94,7 +94,7 @@ void ARC4_Base::ProcessData(byte *outString, const byte *inString, unsigned int
 	m_y = y;
 }
-void ARC4_Base::DiscardBytes(unsigned int length)
+void ARC4_Base::DiscardBytes(size_t length)
 {
 	if (length == 0)
 		return;
--- a/arc4.h
+++ b/arc4.h
@ -14,9 +14,9 @@ public:
 	static const char *StaticAlgorithmName() {return "ARC4";}
    byte GenerateByte();
-	void DiscardBytes(unsigned int n);
+	void DiscardBytes(size_t n);
-    void ProcessData(byte *outString, const byte *inString, unsigned int length);
+    void ProcessData(byte *outString, const byte *inString, size_t length);
 	bool IsRandomAccess() const {return false;}
 	bool IsSelfInverting() const {return true;}
--- a/asn.cpp
+++ b/asn.cpp
@ -13,9 +13,9 @@ NAMESPACE_BEGIN(CryptoPP)
 USING_NAMESPACE(std)
 /// DER Length
-unsigned int DERLengthEncode(BufferedTransformation &bt, unsigned int length)
+size_t DERLengthEncode(BufferedTransformation &bt, lword length)
 {
-	unsigned int i=0;
+	size_t i=0;
 	if (length <= 0x7f)
 	{
 		bt.Put(byte(length));
@ -34,7 +34,7 @@ unsigned int DERLengthEncode(BufferedTransformation &bt, unsigned int length)
 	return i;
 }
-bool BERLengthDecode(BufferedTransformation &bt, unsigned int &length, bool &definiteLength)
+bool BERLengthDecode(BufferedTransformation &bt, lword &length, bool &definiteLength)
 {
 	byte b;
@ -72,10 +72,13 @@ bool BERLengthDecode(BufferedTransformation &bt, unsigned int &length, bool &def
 	return true;
 }
-bool BERLengthDecode(BufferedTransformation &bt, unsigned int &length)
+bool BERLengthDecode(BufferedTransformation &bt, size_t &length)
 {
 	lword lw;
 	bool definiteLength;
-	if (!BERLengthDecode(bt, length, definiteLength))
+	if (!BERLengthDecode(bt, lw, definiteLength))
 		BERDecodeError();
 	if (!SafeConvert(lw, length))
 		BERDecodeError();
 	return definiteLength;
 }
@ -91,32 +94,32 @@ void BERDecodeNull(BufferedTransformation &in)
 	byte b;
 	if (!in.Get(b) || b != TAG_NULL)
 		BERDecodeError();
-	unsigned int length;
+	size_t length;
 	if (!BERLengthDecode(in, length) || length != 0)
 		BERDecodeError();
 }
 /// ASN Strings
-unsigned int DEREncodeOctetString(BufferedTransformation &bt, const byte *str, unsigned int strLen)
+size_t DEREncodeOctetString(BufferedTransformation &bt, const byte *str, size_t strLen)
 {
 	bt.Put(OCTET_STRING);
-	unsigned int lengthBytes = DERLengthEncode(bt, strLen);
+	size_t lengthBytes = DERLengthEncode(bt, strLen);
 	bt.Put(str, strLen);
 	return 1+lengthBytes+strLen;
 }
-unsigned int DEREncodeOctetString(BufferedTransformation &bt, const SecByteBlock &str)
+size_t DEREncodeOctetString(BufferedTransformation &bt, const SecByteBlock &str)
 {
 	return DEREncodeOctetString(bt, str.begin(), str.size());
 }
-unsigned int BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
+size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
 {
 	byte b;
 	if (!bt.Get(b) || b != OCTET_STRING)
 		BERDecodeError();
-	unsigned int bc;
+	size_t bc;
 	if (!BERLengthDecode(bt, bc))
 		BERDecodeError();
@ -126,13 +129,13 @@ unsigned int BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str)
 	return bc;
 }
-unsigned int BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation &str)
+size_t BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation &str)
 {
 	byte b;
 	if (!bt.Get(b) || b != OCTET_STRING)
 		BERDecodeError();
-	unsigned int bc;
+	size_t bc;
 	if (!BERLengthDecode(bt, bc))
 		BERDecodeError();
@ -140,21 +143,21 @@ unsigned int BERDecodeOctetString(BufferedTransformation &bt, BufferedTransforma
 	return bc;
 }
-unsigned int DEREncodeTextString(BufferedTransformation &bt, const std::string &str, byte asnTag)
+size_t DEREncodeTextString(BufferedTransformation &bt, const std::string &str, byte asnTag)
 {
 	bt.Put(asnTag);
-	unsigned int lengthBytes = DERLengthEncode(bt, str.size());
+	size_t lengthBytes = DERLengthEncode(bt, str.size());
 	bt.Put((const byte *)str.data(), str.size());
 	return 1+lengthBytes+str.size();
 }
-unsigned int BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte asnTag)
+size_t BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte asnTag)
 {
 	byte b;
 	if (!bt.Get(b) || b != asnTag)
 		BERDecodeError();
-	unsigned int bc;
+	size_t bc;
 	if (!BERLengthDecode(bt, bc))
 		BERDecodeError();
@ -166,22 +169,22 @@ unsigned int BERDecodeTextString(BufferedTransformation &bt, std::string &str, b
 }
 /// ASN BitString
-unsigned int DEREncodeBitString(BufferedTransformation &bt, const byte *str, unsigned int strLen, unsigned int unusedBits)
+size_t DEREncodeBitString(BufferedTransformation &bt, const byte *str, size_t strLen, unsigned int unusedBits)
 {
 	bt.Put(BIT_STRING);
-	unsigned int lengthBytes = DERLengthEncode(bt, strLen+1);
+	size_t lengthBytes = DERLengthEncode(bt, strLen+1);
 	bt.Put((byte)unusedBits);
 	bt.Put(str, strLen);
 	return 2+lengthBytes+strLen;
 }
-unsigned int BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
+size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigned int &unusedBits)
 {
 	byte b;
 	if (!bt.Get(b) || b != BIT_STRING)
 		BERDecodeError();
-	unsigned int bc;
+	size_t bc;
 	if (!BERLengthDecode(bt, bc))
 		BERDecodeError();
@ -212,17 +215,17 @@ void DERReencode(BufferedTransformation &source, BufferedTransformation &dest)
 	encoder.MessageEnd();
 }
-void OID::EncodeValue(BufferedTransformation &bt, unsigned long v)
+void OID::EncodeValue(BufferedTransformation &bt, word32 v)
 {
 	for (unsigned int i=RoundUpToMultipleOf(STDMAX(7U,BitPrecision(v)), 7U)-7; i != 0; i-=7)
 		bt.Put((byte)(0x80 | ((v >> i) & 0x7f)));
 	bt.Put((byte)(v & 0x7f));
 }
-unsigned int OID::DecodeValue(BufferedTransformation &bt, unsigned long &v)
+size_t OID::DecodeValue(BufferedTransformation &bt, word32 &v)
 {
 	byte b;
-	unsigned int i=0;
+	size_t i=0;
 	v = 0;
 	while (true)
 	{
@ -241,7 +244,7 @@ void OID::DEREncode(BufferedTransformation &bt) const
 	assert(m_values.size() >= 2);
 	ByteQueue temp;
 	temp.Put(byte(m_values[0] * 40 + m_values[1]));
-	for (unsigned int i=2; i<m_values.size(); i++)
+	for (size_t i=2; i<m_values.size(); i++)
 		EncodeValue(temp, m_values[i]);
 	bt.Put(OBJECT_IDENTIFIER);
 	DERLengthEncode(bt, temp.CurrentSize());
@ -254,7 +257,7 @@ void OID::BERDecode(BufferedTransformation &bt)
 	if (!bt.Get(b) || b != OBJECT_IDENTIFIER)
 		BERDecodeError();
-	unsigned int length;
+	size_t length;
 	if (!BERLengthDecode(bt, length) || length < 1)
 		BERDecodeError();
@ -268,8 +271,8 @@ void OID::BERDecode(BufferedTransformation &bt)
 	while (length > 0)
 	{
-		unsigned long v;
+		word32 v;
-		unsigned int valueLen = DecodeValue(bt, v);
+		size_t valueLen = DecodeValue(bt, v);
 		if (valueLen > length)
 			BERDecodeError();
 		m_values.push_back(v);
@ -292,7 +295,7 @@ inline BufferedTransformation & EncodedObjectFilter::CurrentTarget()
 		return TheBitBucket();
 }
-void EncodedObjectFilter::Put(const byte *inString, unsigned int length)
+void EncodedObjectFilter::Put(const byte *inString, size_t length)
 {
 	if (m_nCurrentObject == m_nObjects)
 	{
@ -386,7 +389,9 @@ void BERGeneralDecoder::Init(byte asnTag)
 	if (!m_inQueue.Get(b) || b != asnTag)
 		BERDecodeError();
-	m_definiteLength = BERLengthDecode(m_inQueue, m_length);
+	if (!BERLengthDecode(m_inQueue, m_length, m_definiteLength))
 		BERDecodeError();
 	if (!m_definiteLength && !(asnTag & CONSTRUCTED))
 		BERDecodeError();	// cannot be primitive and have indefinite length
 }
@ -445,23 +450,23 @@ void BERGeneralDecoder::MessageEnd()
 	}
 }
-unsigned int BERGeneralDecoder::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t BERGeneralDecoder::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	if (m_definiteLength && transferBytes > m_length)
 		transferBytes = m_length;
-	unsigned int blockedBytes = m_inQueue.TransferTo2(target, transferBytes, channel, blocking);
+	size_t blockedBytes = m_inQueue.TransferTo2(target, transferBytes, channel, blocking);
 	ReduceLength(transferBytes);
 	return blockedBytes;
 }
-unsigned int BERGeneralDecoder::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t BERGeneralDecoder::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	if (m_definiteLength)
-		end = STDMIN((unsigned long)m_length, end);
+		end = STDMIN(m_length, end);
 	return m_inQueue.CopyRangeTo2(target, begin, end, channel, blocking);
 }
-unsigned int BERGeneralDecoder::ReduceLength(unsigned int delta)
+lword BERGeneralDecoder::ReduceLength(lword delta)
 {
 	if (m_definiteLength)
 	{
@ -497,7 +502,7 @@ DERGeneralEncoder::~DERGeneralEncoder()
 void DERGeneralEncoder::MessageEnd()
 {
 	m_finished = true;
-	unsigned int length = (unsigned int)CurrentSize();
+	lword length = CurrentSize();
 	m_outQueue.Put(m_asnTag);
 	DERLengthEncode(m_outQueue, length);
 	TransferTo(m_outQueue);
@ -515,7 +520,7 @@ void X509PublicKey::BERDecode(BufferedTransformation &bt)
 		BERGeneralDecoder subjectPublicKey(subjectPublicKeyInfo, BIT_STRING);
 			subjectPublicKey.CheckByte(0);	// unused bits
-			BERDecodeKey2(subjectPublicKey, parametersPresent, subjectPublicKey.RemainingLength());
+			BERDecodeKey2(subjectPublicKey, parametersPresent, (size_t)subjectPublicKey.RemainingLength());
 		subjectPublicKey.MessageEnd();
 	subjectPublicKeyInfo.MessageEnd();
 }
@ -549,7 +554,7 @@ void PKCS8PrivateKey::BERDecode(BufferedTransformation &bt)
 		algorithm.MessageEnd();
 		BERGeneralDecoder octetString(privateKeyInfo, OCTET_STRING);
-			BERDecodeKey2(octetString, parametersPresent, privateKeyInfo.RemainingLength());
+			BERDecodeKey2(octetString, parametersPresent, (size_t)privateKeyInfo.RemainingLength());
 		octetString.MessageEnd();
 		if (!privateKeyInfo.EndReached())
--- a/asn.h
+++ b/asn.h
@ -56,24 +56,24 @@ public:
 };
 // unsigned int DERLengthEncode(unsigned int length, byte *output=0);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API DERLengthEncode(BufferedTransformation &out, unsigned int length);
+CRYPTOPP_DLL size_t CRYPTOPP_API DERLengthEncode(BufferedTransformation &out, lword length);
 // returns false if indefinite length
-CRYPTOPP_DLL bool CRYPTOPP_API BERLengthDecode(BufferedTransformation &in, unsigned int &length);
+CRYPTOPP_DLL bool CRYPTOPP_API BERLengthDecode(BufferedTransformation &in, size_t &length);
 CRYPTOPP_DLL void CRYPTOPP_API DEREncodeNull(BufferedTransformation &out);
 CRYPTOPP_DLL void CRYPTOPP_API BERDecodeNull(BufferedTransformation &in);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API DEREncodeOctetString(BufferedTransformation &out, const byte *str, unsigned int strLen);
+CRYPTOPP_DLL size_t CRYPTOPP_API DEREncodeOctetString(BufferedTransformation &out, const byte *str, size_t strLen);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API DEREncodeOctetString(BufferedTransformation &out, const SecByteBlock &str);
+CRYPTOPP_DLL size_t CRYPTOPP_API DEREncodeOctetString(BufferedTransformation &out, const SecByteBlock &str);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BERDecodeOctetString(BufferedTransformation &in, SecByteBlock &str);
+CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeOctetString(BufferedTransformation &in, SecByteBlock &str);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BERDecodeOctetString(BufferedTransformation &in, BufferedTransformation &str);
+CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeOctetString(BufferedTransformation &in, BufferedTransformation &str);
 // for UTF8_STRING, PRINTABLE_STRING, and IA5_STRING
-CRYPTOPP_DLL unsigned int CRYPTOPP_API DEREncodeTextString(BufferedTransformation &out, const std::string &str, byte asnTag);
+CRYPTOPP_DLL size_t CRYPTOPP_API DEREncodeTextString(BufferedTransformation &out, const std::string &str, byte asnTag);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BERDecodeTextString(BufferedTransformation &in, std::string &str, byte asnTag);
+CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeTextString(BufferedTransformation &in, std::string &str, byte asnTag);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API DEREncodeBitString(BufferedTransformation &out, const byte *str, unsigned int strLen, unsigned int unusedBits=0);
+CRYPTOPP_DLL size_t CRYPTOPP_API DEREncodeBitString(BufferedTransformation &out, const byte *str, size_t strLen, unsigned int unusedBits=0);
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BERDecodeBitString(BufferedTransformation &in, SecByteBlock &str, unsigned int &unusedBits);
+CRYPTOPP_DLL size_t CRYPTOPP_API BERDecodeBitString(BufferedTransformation &in, SecByteBlock &str, unsigned int &unusedBits);
 // BER decode from source and DER reencode into dest
 CRYPTOPP_DLL void CRYPTOPP_API DERReencode(BufferedTransformation &source, BufferedTransformation &dest);
@ -83,10 +83,10 @@ class CRYPTOPP_DLL OID
 {
 public:
 	OID() {}
-	OID(unsigned long v) : m_values(1, v) {}
+	OID(word32 v) : m_values(1, v) {}
 	OID(BufferedTransformation &bt) {BERDecode(bt);}
-	inline OID & operator+=(unsigned long rhs) {m_values.push_back(rhs); return *this;}
+	inline OID & operator+=(word32 rhs) {m_values.push_back(rhs); return *this;}
 	void DEREncode(BufferedTransformation &bt) const;
 	void BERDecode(BufferedTransformation &bt);
@ -94,11 +94,11 @@ public:
 	// throw BERDecodeErr() if decoded value doesn't equal this OID
 	void BERDecodeAndCheck(BufferedTransformation &bt) const;
-	std::vector<unsigned long> m_values;
+	std::vector<word32> m_values;
 private:
-	static void EncodeValue(BufferedTransformation &bt, unsigned long v);
+	static void EncodeValue(BufferedTransformation &bt, word32 v);
-	static unsigned int DecodeValue(BufferedTransformation &bt, unsigned long &v);
+	static size_t DecodeValue(BufferedTransformation &bt, word32 &v);
 };
 class EncodedObjectFilter : public Filter
@ -107,7 +107,7 @@ public:
 	enum Flag {PUT_OBJECTS=1, PUT_MESSANGE_END_AFTER_EACH_OBJECT=2, PUT_MESSANGE_END_AFTER_ALL_OBJECTS=4, PUT_MESSANGE_SERIES_END_AFTER_ALL_OBJECTS=8};
 	EncodedObjectFilter(BufferedTransformation *attachment = NULL, unsigned int nObjects = 1, word32 flags = 0);
-	void Put(const byte *inString, unsigned int length);
+	void Put(const byte *inString, size_t length);
 	unsigned int GetNumberOfCompletedObjects() const {return m_nCurrentObject;}
 	unsigned long GetPositionOfObject(unsigned int i) const {return m_positions[i];}
@ -121,7 +121,7 @@ private:
 	ByteQueue m_queue;
 	enum State {IDENTIFIER, LENGTH, BODY, TAIL, ALL_DONE} m_state;
 	byte m_id;
-	unsigned int m_lengthRemaining;
+	lword m_lengthRemaining;
 };
 //! BER General Decoder
@ -133,13 +133,13 @@ public:
 	~BERGeneralDecoder();
 	bool IsDefiniteLength() const {return m_definiteLength;}
-	unsigned int RemainingLength() const {assert(m_definiteLength); return m_length;}
+	lword RemainingLength() const {assert(m_definiteLength); return m_length;}
 	bool EndReached() const;
 	byte PeekByte() const;
 	void CheckByte(byte b);
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 	// call this to denote end of sequence
 	void MessageEnd();
@ -147,12 +147,12 @@ public:
 protected:
 	BufferedTransformation &m_inQueue;
 	bool m_finished, m_definiteLength;
-	unsigned int m_length;
+	lword m_length;
 private:
 	void Init(byte asnTag);
 	void StoreInitialize(const NameValuePairs &parameters) {assert(false);}
-	unsigned int ReduceLength(unsigned int delta);
+	lword ReduceLength(lword delta);
 };
 //! DER General Encoder
@ -242,7 +242,7 @@ public:
 		{DEREncodeNull(bt); return false;}	// see RFC 2459, section 7.3.1
 	//! decode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
 	virtual void BERDecodeKey(BufferedTransformation &bt) {assert(false);}
-	virtual void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, unsigned int size)
+	virtual void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size)
 		{BERDecodeKey(bt);}
 	//! encode subjectPublicKey part of subjectPublicKeyInfo, or privateKey part of privateKeyInfo, without the BIT STRING or OCTET STRING header
 	virtual void DEREncodeKey(BufferedTransformation &bt) const =0;
@ -278,7 +278,7 @@ private:
 //! DER Encode Unsigned
 /*! for INTEGER, BOOLEAN, and ENUM */
 template <class T>
-unsigned int DEREncodeUnsigned(BufferedTransformation &out, T w, byte asnTag = INTEGER)
+size_t DEREncodeUnsigned(BufferedTransformation &out, T w, byte asnTag = INTEGER)
 {
 	byte buf[sizeof(w)+1];
 	unsigned int bc;
@ -299,7 +299,7 @@ unsigned int DEREncodeUnsigned(BufferedTransformation &out, T w, byte asnTag = I
 			++bc;
 	}
 	out.Put(asnTag);
-	unsigned int lengthBytes = DERLengthEncode(out, bc);
+	size_t lengthBytes = DERLengthEncode(out, bc);
 	out.Put(buf+sizeof(w)+1-bc, bc);
 	return 1+lengthBytes+bc;
 }
@ -315,7 +315,7 @@ void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag = INTEGER,
 	if (!in.Get(b) || b != asnTag)
 		BERDecodeError();
-	unsigned int bc;
+	size_t bc;
 	BERLengthDecode(in, bc);
 	SecByteBlock buf(bc);
--- a/basecode.cpp
+++ b/basecode.cpp
@ -36,7 +36,7 @@ void BaseN_Encoder::IsolatedInitialize(const NameValuePairs &parameters)
 	m_outBuf.New(m_outputBlockSize);
 }
-unsigned int BaseN_Encoder::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t BaseN_Encoder::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	FILTER_BEGIN;
 	while (m_inputPosition < length)
@ -121,7 +121,7 @@ void BaseN_Decoder::IsolatedInitialize(const NameValuePairs &parameters)
 	m_outBuf.New(m_outputBlockSize);
 }
-unsigned int BaseN_Decoder::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t BaseN_Decoder::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	FILTER_BEGIN;
 	while (m_inputPosition < length)
@ -202,7 +202,7 @@ void Grouper::IsolatedInitialize(const NameValuePairs &parameters)
 	m_counter = 0;
 }
-unsigned int Grouper::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t Grouper::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	FILTER_BEGIN;
 	if (m_groupSize)
@ -215,7 +215,7 @@ unsigned int Grouper::Put2(const byte *begin, unsigned int length, int messageEn
 				m_counter = 0;
 			}
-			unsigned int len;
+			size_t len;
 			FILTER_OUTPUT2(2, len = STDMIN(length-m_inputPosition, m_groupSize-m_counter),
 				begin+m_inputPosition, len, 0);
 			m_inputPosition += len;
--- a/basecode.h
+++ b/basecode.h
@ -24,7 +24,7 @@ public:
 	}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 private:
 	const byte *m_alphabet;
@ -47,7 +47,7 @@ public:
 	}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 	static void InitializeDecodingLookupArray(int *lookup, const byte *alphabet, unsigned int base, bool caseInsensitive);
@ -74,11 +74,11 @@ public:
 	}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 private:
 	SecByteBlock m_separator, m_terminator;
-	unsigned int m_groupSize, m_counter;
+	size_t m_groupSize, m_counter;
 };
 NAMESPACE_END
--- a/bench.cpp
+++ b/bench.cpp
@ -140,7 +140,7 @@ void BenchMark(const char *name, HashTransformation &ht, double timeTotal)
 {
 	const int BUF_SIZE=1024;
 	SecByteBlock buf(BUF_SIZE);
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	rng.GenerateBlock(buf, BUF_SIZE);
 	clock_t start = clock();
@ -162,7 +162,7 @@ void BenchMark(const char *name, BufferedTransformation &bt, double timeTotal)
 {
 	const int BUF_SIZE=1024;
 	SecByteBlock buf(BUF_SIZE);
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	rng.GenerateBlock(buf, BUF_SIZE);
 	clock_t start = clock();
--- a/bench2.cpp
+++ b/bench2.cpp
@ -33,7 +33,7 @@ void OutputResultOperations(const char *name, const char *operation, bool pc, un
 void BenchMarkEncryption(const char *name, PK_Encryptor &key, double timeTotal, bool pc=false)
 {
 	unsigned int len = 16;
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock plaintext(len), ciphertext(key.CiphertextLength(len));
 	rng.GenerateBlock(plaintext, len);
@ -55,7 +55,7 @@ void BenchMarkEncryption(const char *name, PK_Encryptor &key, double timeTotal,
 void BenchMarkDecryption(const char *name, PK_Decryptor &priv, PK_Encryptor &pub, double timeTotal)
 {
 	unsigned int len = 16;
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock ciphertext(pub.CiphertextLength(len));
 	SecByteBlock plaintext(pub.MaxPlaintextLength(ciphertext.size()));
 	rng.GenerateBlock(plaintext, len);
@ -73,7 +73,7 @@ void BenchMarkDecryption(const char *name, PK_Decryptor &priv, PK_Encryptor &pub
 void BenchMarkSigning(const char *name, PK_Signer &key, double timeTotal, bool pc=false)
 {
 	unsigned int len = 16;
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock message(len), signature(key.SignatureLength());
 	rng.GenerateBlock(message, len);
@ -95,7 +95,7 @@ void BenchMarkSigning(const char *name, PK_Signer &key, double timeTotal, bool p
 void BenchMarkVerification(const char *name, const PK_Signer &priv, PK_Verifier &pub, double timeTotal, bool pc=false)
 {
 	unsigned int len = 16;
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock message(len), signature(pub.SignatureLength());
 	rng.GenerateBlock(message, len);
 	priv.SignMessage(rng, message, len, signature);
@ -117,7 +117,7 @@ void BenchMarkVerification(const char *name, const PK_Signer &priv, PK_Verifier
 void BenchMarkKeyGen(const char *name, SimpleKeyAgreementDomain &d, double timeTotal, bool pc=false)
 {
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock priv(d.PrivateKeyLength()), pub(d.PublicKeyLength());
 	clock_t start = clock();
@ -137,7 +137,7 @@ void BenchMarkKeyGen(const char *name, SimpleKeyAgreementDomain &d, double timeT
 void BenchMarkKeyGen(const char *name, AuthenticatedKeyAgreementDomain &d, double timeTotal, bool pc=false)
 {
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock priv(d.EphemeralPrivateKeyLength()), pub(d.EphemeralPublicKeyLength());
 	clock_t start = clock();
@ -157,7 +157,7 @@ void BenchMarkKeyGen(const char *name, AuthenticatedKeyAgreementDomain &d, doubl
 void BenchMarkAgreement(const char *name, SimpleKeyAgreementDomain &d, double timeTotal, bool pc=false)
 {
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock priv1(d.PrivateKeyLength()), priv2(d.PrivateKeyLength());
 	SecByteBlock pub1(d.PublicKeyLength()), pub2(d.PublicKeyLength());
 	d.GenerateKeyPair(rng, priv1, pub1);
@ -178,7 +178,7 @@ void BenchMarkAgreement(const char *name, SimpleKeyAgreementDomain &d, double ti
 void BenchMarkAgreement(const char *name, AuthenticatedKeyAgreementDomain &d, double timeTotal, bool pc=false)
 {
-	LC_RNG rng(time(NULL));
+	LC_RNG rng((word32)time(NULL));
 	SecByteBlock spriv1(d.StaticPrivateKeyLength()), spriv2(d.StaticPrivateKeyLength());
 	SecByteBlock epriv1(d.EphemeralPrivateKeyLength()), epriv2(d.EphemeralPrivateKeyLength());
 	SecByteBlock spub1(d.StaticPublicKeyLength()), spub2(d.StaticPublicKeyLength());
--- a/blumshub.h
+++ b/blumshub.h
@ -18,7 +18,7 @@ public:
 	unsigned int GenerateBit();
 	byte GenerateByte();
-	void ProcessData(byte *outString, const byte *inString, unsigned int length)
+	void ProcessData(byte *outString, const byte *inString, size_t length)
 	{
 		while (length--)
 			*outString++ = *inString ^ GenerateByte();
--- a/cbcmac.cpp
+++ b/cbcmac.cpp
@ -6,14 +6,14 @@
 NAMESPACE_BEGIN(CryptoPP)
-void CBC_MAC_Base::CheckedSetKey(void *, Empty empty, const byte *key, unsigned int length, const NameValuePairs &params)
+void CBC_MAC_Base::CheckedSetKey(void *, Empty empty, const byte *key, size_t length, const NameValuePairs &params)
 {
 	AccessCipher().SetKey(key, length, params);
 	m_reg.CleanNew(AccessCipher().BlockSize());
 	m_counter = 0;
 }
-void CBC_MAC_Base::Update(const byte *input, unsigned int length)
+void CBC_MAC_Base::Update(const byte *input, size_t length)
 {
 	unsigned int blockSize = AccessCipher().BlockSize();
@ -41,7 +41,7 @@ void CBC_MAC_Base::Update(const byte *input, unsigned int length)
 	}
 }
-void CBC_MAC_Base::TruncatedFinal(byte *mac, unsigned int size)
+void CBC_MAC_Base::TruncatedFinal(byte *mac, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/cbcmac.h
+++ b/cbcmac.h
@ -12,9 +12,9 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_MAC_Base : public MessageAuthenticatio
 public:
 	CBC_MAC_Base() {}
-	void CheckedSetKey(void *, Empty empty, const byte *key, unsigned int length, const NameValuePairs &params);
+	void CheckedSetKey(void *, Empty empty, const byte *key, size_t length, const NameValuePairs &params);
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *mac, unsigned int size);
+	void TruncatedFinal(byte *mac, size_t size);
 	unsigned int DigestSize() const {return const_cast<CBC_MAC_Base*>(this)->AccessCipher().BlockSize();}
 protected:
@ -36,7 +36,7 @@ class CBC_MAC : public MessageAuthenticationCodeImpl<CBC_MAC_Base, CBC_MAC<T> >,
 {
 public:
 	CBC_MAC() {}
-	CBC_MAC(const byte *key, unsigned int length=SameKeyLengthAs<T>::DEFAULT_KEYLENGTH)
+	CBC_MAC(const byte *key, size_t length=SameKeyLengthAs<T>::DEFAULT_KEYLENGTH)
 		{this->SetKey(key, length);}
 	static std::string StaticAlgorithmName() {return std::string("CBC-MAC(") + T::StaticAlgorithmName() + ")";}
--- a/channels.cpp
+++ b/channels.cpp
@ -142,7 +142,7 @@ const std::string & ChannelRouteIterator::Channel()
 // ChannelSwitch
 ///////////////////
-unsigned int ChannelSwitch::ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t ChannelSwitch::ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (m_blocked)
 	{
@ -224,7 +224,7 @@ bool ChannelSwitch::ChannelMessageSeriesEnd(const std::string &channel, int prop
 	return false;
 }
-byte * ChannelSwitch::ChannelCreatePutSpace(const std::string &channel, unsigned int &size)
+byte * ChannelSwitch::ChannelCreatePutSpace(const std::string &channel, size_t &size)
 {
 	m_it.Reset(channel);
 	if (!m_it.End())
@ -239,7 +239,7 @@ byte * ChannelSwitch::ChannelCreatePutSpace(const std::string &channel, unsigned
 	return NULL;
 }
-unsigned int ChannelSwitch::ChannelPutModifiable2(const std::string &channel, byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t ChannelSwitch::ChannelPutModifiable2(const std::string &channel, byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	ChannelRouteIterator it(*this);
 	it.Reset(channel);
--- a/channels.h
+++ b/channels.h
@ -92,13 +92,13 @@ public:
 	void IsolatedInitialize(const NameValuePairs &parameters=g_nullNameValuePairs);
-	unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking);
-	unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking);
 	bool ChannelFlush(const std::string &channel, bool completeFlush, int propagation=-1, bool blocking=true);
 	bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true);
-	byte * ChannelCreatePutSpace(const std::string &channel, unsigned int &size);
+	byte * ChannelCreatePutSpace(const std::string &channel, size_t &size);
 	void AddDefaultRoute(BufferedTransformation &destination);
 	void RemoveDefaultRoute(BufferedTransformation &destination);
--- a/config.h
+++ b/config.h
@ -114,11 +114,13 @@ typedef unsigned int word32;
 // define largest word type
 #ifdef WORD64_AVAILABLE
 	typedef word64 lword;
 	const lword LWORD_MAX = W64LIT(0)-1;
 #else
 	typedef word32 lword;
 	const lword LWORD_MAX = lword(0)-1;
 #endif
-#if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64)
+#if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64) || defined(_M_X64)
 	// These platforms have 64-bit CPU registers. Unfortunately most C++ compilers doesn't
 	// allow any way to access the 64-bit by 64-bit multiply instruction without using
 	// assembly, so in order to use word64 as word, the assembly instruction must be defined
--- a/crc.cpp
+++ b/crc.cpp
@ -122,7 +122,7 @@ CRC32::CRC32()
 	Reset();
 }
-void CRC32::Update(const byte *s, unsigned int n)
+void CRC32::Update(const byte *s, size_t n)
 {
 	word32 crc = m_crc;
@ -146,12 +146,12 @@ void CRC32::Update(const byte *s, unsigned int n)
 	m_crc = crc;
 }
-void CRC32::TruncatedFinal(byte *hash, unsigned int size)
+void CRC32::TruncatedFinal(byte *hash, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
 	m_crc ^= CRC32_NEGL;
-	for (unsigned int i=0; i<size; i++)
+	for (size_t i=0; i<size; i++)
 		hash[i] = GetCrcByte(i);
 	Reset();
--- a/crc.h
+++ b/crc.h
@ -21,12 +21,12 @@ class CRC32 : public HashTransformation
 public:
 	enum {DIGESTSIZE = 4};
 	CRC32();
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *hash, unsigned int size);
+	void TruncatedFinal(byte *hash, size_t size);
 	unsigned int DigestSize() const {return DIGESTSIZE;}
 	void UpdateByte(byte b) {m_crc = m_tab[CRC32_INDEX(m_crc) ^ b] ^ CRC32_SHIFTED(m_crc);}
-	byte GetCrcByte(unsigned int i) const {return ((byte *)&(m_crc))[i];}
+	byte GetCrcByte(size_t i) const {return ((byte *)&(m_crc))[i];}
 private:
 	void Reset() {m_crc = CRC32_NEGL;}
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@ -47,17 +47,17 @@ Algorithm::Algorithm(bool checkSelfTestStatus)
 	}
 }
-void SimpleKeyingInterface::SetKeyWithRounds(const byte *key, unsigned int length, int rounds)
+void SimpleKeyingInterface::SetKeyWithRounds(const byte *key, size_t length, int rounds)
 {
 	SetKey(key, length, MakeParameters(Name::Rounds(), rounds));
 }
-void SimpleKeyingInterface::SetKeyWithIV(const byte *key, unsigned int length, const byte *iv)
+void SimpleKeyingInterface::SetKeyWithIV(const byte *key, size_t length, const byte *iv)
 {
 	SetKey(key, length, MakeParameters(Name::IV(), iv));
 }
-void SimpleKeyingInterface::ThrowIfInvalidKeyLength(const Algorithm &algorithm, unsigned int length)
+void SimpleKeyingInterface::ThrowIfInvalidKeyLength(const Algorithm &algorithm, size_t length)
 {
 	if (!IsValidKeyLength(length))
 		throw InvalidKeyLength(algorithm.AlgorithmName(), length);
@ -85,7 +85,7 @@ const byte * SimpleKeyingInterface::GetIVAndThrowIfInvalid(const NameValuePairs
 	return iv;
 }
-void BlockTransformation::ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, unsigned int numberOfBlocks) const
+void BlockTransformation::ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t numberOfBlocks) const
 {
 	unsigned int blockSize = BlockSize();
 	while (numberOfBlocks--)
@ -98,7 +98,7 @@ void BlockTransformation::ProcessAndXorMultipleBlocks(const byte *inBlocks, cons
 	}
 }
-void StreamTransformation::ProcessLastBlock(byte *outString, const byte *inString, unsigned int length)
+void StreamTransformation::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
 {
 	assert(MinLastBlockSize() == 0);	// this function should be overriden otherwise
@ -113,7 +113,7 @@ unsigned int RandomNumberGenerator::GenerateBit()
 	return Parity(GenerateByte());
 }
-void RandomNumberGenerator::GenerateBlock(byte *output, unsigned int size)
+void RandomNumberGenerator::GenerateBlock(byte *output, size_t size)
 {
 	while (size--)
 		*output++ = GenerateByte();
@ -139,7 +139,7 @@ word32 RandomNumberGenerator::GenerateWord32(word32 min, word32 max)
 	return value+min;
 }
-void RandomNumberGenerator::DiscardBytes(unsigned int n)
+void RandomNumberGenerator::DiscardBytes(size_t n)
 {
 	while (n--)
 		GenerateByte();
@ -159,7 +159,7 @@ RandomNumberGenerator & NullRNG()
 	return s_nullRNG;
 }
-bool HashTransformation::TruncatedVerify(const byte *digestIn, unsigned int digestLength)
+bool HashTransformation::TruncatedVerify(const byte *digestIn, size_t digestLength)
 {
 	ThrowIfInvalidTruncatedSize(digestLength);
 	SecByteBlock digest(digestLength);
@ -167,7 +167,7 @@ bool HashTransformation::TruncatedVerify(const byte *digestIn, unsigned int dige
 	return memcmp(digest, digestIn, digestLength) == 0;
 }
-void HashTransformation::ThrowIfInvalidTruncatedSize(unsigned int size) const
+void HashTransformation::ThrowIfInvalidTruncatedSize(size_t size) const
 {
 	if (size > DigestSize())
 		throw InvalidArgument("HashTransformation: can't truncate a " + IntToString(DigestSize()) + " byte digest to " + IntToString(size) + " bytes");
@ -204,7 +204,7 @@ bool BufferedTransformation::MessageSeriesEnd(int propagation, bool blocking)
 	return IsolatedMessageSeriesEnd(blocking);
 }
-byte * BufferedTransformation::ChannelCreatePutSpace(const std::string &channel, unsigned int &size)
+byte * BufferedTransformation::ChannelCreatePutSpace(const std::string &channel, size_t &size)
 {
 	if (channel.empty())
 		return CreatePutSpace(size);
@ -212,7 +212,7 @@ byte * BufferedTransformation::ChannelCreatePutSpace(const std::string &channel,
 		throw NoChannelSupport();
 }
-unsigned int BufferedTransformation::ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t BufferedTransformation::ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (channel.empty())
 		return Put2(begin, length, messageEnd, blocking);
@ -220,7 +220,7 @@ unsigned int BufferedTransformation::ChannelPut2(const std::string &channel, con
 		throw NoChannelSupport();
 }
-unsigned int BufferedTransformation::ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t BufferedTransformation::ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (channel.empty())
 		return PutModifiable2(begin, length, messageEnd, blocking);
@ -244,7 +244,7 @@ bool BufferedTransformation::ChannelMessageSeriesEnd(const std::string &channel,
 		throw NoChannelSupport();
 }
-unsigned long BufferedTransformation::MaxRetrievable() const
+lword BufferedTransformation::MaxRetrievable() const
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->MaxRetrievable();
@ -263,7 +263,7 @@ bool BufferedTransformation::AnyRetrievable() const
 	}
 }
-unsigned int BufferedTransformation::Get(byte &outByte)
+size_t BufferedTransformation::Get(byte &outByte)
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->Get(outByte);
@ -271,18 +271,18 @@ unsigned int BufferedTransformation::Get(byte &outByte)
 		return Get(&outByte, 1);
 }
-unsigned int BufferedTransformation::Get(byte *outString, unsigned int getMax)
+size_t BufferedTransformation::Get(byte *outString, size_t getMax)
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->Get(outString, getMax);
 	else
 	{
 		ArraySink arraySink(outString, getMax);
-		return TransferTo(arraySink, getMax);
+		return (size_t)TransferTo(arraySink, getMax);
 	}
 }
-unsigned int BufferedTransformation::Peek(byte &outByte) const
+size_t BufferedTransformation::Peek(byte &outByte) const
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->Peek(outByte);
@ -290,18 +290,18 @@ unsigned int BufferedTransformation::Peek(byte &outByte) const
 		return Peek(&outByte, 1);
 }
-unsigned int BufferedTransformation::Peek(byte *outString, unsigned int peekMax) const
+size_t BufferedTransformation::Peek(byte *outString, size_t peekMax) const
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->Peek(outString, peekMax);
 	else
 	{
 		ArraySink arraySink(outString, peekMax);
-		return CopyTo(arraySink, peekMax);
+		return (size_t)CopyTo(arraySink, peekMax);
 	}
 }
-unsigned long BufferedTransformation::Skip(unsigned long skipMax)
+lword BufferedTransformation::Skip(lword skipMax)
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->Skip(skipMax);
@ -309,7 +309,7 @@ unsigned long BufferedTransformation::Skip(unsigned long skipMax)
 		return TransferTo(TheBitBucket(), skipMax);
 }
-unsigned long BufferedTransformation::TotalBytesRetrievable() const
+lword BufferedTransformation::TotalBytesRetrievable() const
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->TotalBytesRetrievable();
@ -352,7 +352,7 @@ unsigned int BufferedTransformation::SkipMessages(unsigned int count)
 		return TransferMessagesTo(TheBitBucket(), count);
 }
-unsigned int BufferedTransformation::TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel, bool blocking)
+size_t BufferedTransformation::TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel, bool blocking)
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->TransferMessagesTo2(target, messageCount, channel, blocking);
@ -361,12 +361,12 @@ unsigned int BufferedTransformation::TransferMessagesTo2(BufferedTransformation
 		unsigned int maxMessages = messageCount;
 		for (messageCount=0; messageCount < maxMessages && AnyMessages(); messageCount++)
 		{
-			unsigned int blockedBytes;
+			size_t blockedBytes;
-			unsigned long transferredBytes;
+			lword transferredBytes;
 			while (AnyRetrievable())
 			{
-				transferredBytes = ULONG_MAX;
+				transferredBytes = LWORD_MAX;
 				blockedBytes = TransferTo2(target, transferredBytes, channel, blocking);
 				if (blockedBytes > 0)
 					return blockedBytes;
@ -401,7 +401,7 @@ void BufferedTransformation::SkipAll()
 	}
 }
-unsigned int BufferedTransformation::TransferAllTo2(BufferedTransformation &target, const std::string &channel, bool blocking)
+size_t BufferedTransformation::TransferAllTo2(BufferedTransformation &target, const std::string &channel, bool blocking)
 {
 	if (AttachedTransformation())
 		return AttachedTransformation()->TransferAllTo2(target, channel, blocking);
@ -413,17 +413,17 @@ unsigned int BufferedTransformation::TransferAllTo2(BufferedTransformation &targ
 		do
 		{
 			messageCount = UINT_MAX;
-			unsigned int blockedBytes = TransferMessagesTo2(target, messageCount, channel, blocking);
+			size_t blockedBytes = TransferMessagesTo2(target, messageCount, channel, blocking);
 			if (blockedBytes)
 				return blockedBytes;
 		}
 		while (messageCount != 0);
-		unsigned long byteCount;
+		lword byteCount;
 		do
 		{
 			byteCount = ULONG_MAX;
-			unsigned int blockedBytes = TransferTo2(target, byteCount, channel, blocking);
+			size_t blockedBytes = TransferTo2(target, byteCount, channel, blocking);
 			if (blockedBytes)
 				return blockedBytes;
 		}
@ -450,34 +450,32 @@ void BufferedTransformation::SetRetrievalChannel(const std::string &channel)
 		AttachedTransformation()->SetRetrievalChannel(channel);
 }
-unsigned int BufferedTransformation::ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order, bool blocking)
+size_t BufferedTransformation::ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order, bool blocking)
 {
-	FixedSizeSecBlock<byte, 2> buf;
+	PutWord(false, order, m_buf, value);
-	PutWord(false, order, buf, value);
+	return ChannelPut(channel, m_buf, 2, blocking);
 	return ChannelPut(channel, buf, 2, blocking);
 }
-unsigned int BufferedTransformation::ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order, bool blocking)
+size_t BufferedTransformation::ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order, bool blocking)
 {
-	FixedSizeSecBlock<byte, 4> buf;
+	PutWord(false, order, m_buf, value);
-	PutWord(false, order, buf, value);
+	return ChannelPut(channel, m_buf, 4, blocking);
 	return ChannelPut(channel, buf, 4, blocking);
 }
-unsigned int BufferedTransformation::PutWord16(word16 value, ByteOrder order, bool blocking)
+size_t BufferedTransformation::PutWord16(word16 value, ByteOrder order, bool blocking)
 {
 	return ChannelPutWord16(NULL_CHANNEL, value, order, blocking);
 }
-unsigned int BufferedTransformation::PutWord32(word32 value, ByteOrder order, bool blocking)
+size_t BufferedTransformation::PutWord32(word32 value, ByteOrder order, bool blocking)
 {
 	return ChannelPutWord32(NULL_CHANNEL, value, order, blocking);
 }
-unsigned int BufferedTransformation::PeekWord16(word16 &value, ByteOrder order) const
+size_t BufferedTransformation::PeekWord16(word16 &value, ByteOrder order) const
 {
 	byte buf[2] = {0, 0};
-	unsigned int len = Peek(buf, 2);
+	size_t len = Peek(buf, 2);
 	if (order)
 		value = (buf[0] << 8) | buf[1];
@ -487,10 +485,10 @@ unsigned int BufferedTransformation::PeekWord16(word16 &value, ByteOrder order)
 	return len;
 }
-unsigned int BufferedTransformation::PeekWord32(word32 &value, ByteOrder order) const
+size_t BufferedTransformation::PeekWord32(word32 &value, ByteOrder order) const
 {
 	byte buf[4] = {0, 0, 0, 0};
-	unsigned int len = Peek(buf, 4);
+	size_t len = Peek(buf, 4);
 	if (order)
 		value = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf [3];
@ -500,14 +498,14 @@ unsigned int BufferedTransformation::PeekWord32(word32 &value, ByteOrder order)
 	return len;
 }
-unsigned int BufferedTransformation::GetWord16(word16 &value, ByteOrder order)
+size_t BufferedTransformation::GetWord16(word16 &value, ByteOrder order)
 {
-	return Skip(PeekWord16(value, order));
+	return (size_t)Skip(PeekWord16(value, order));
 }
-unsigned int BufferedTransformation::GetWord32(word32 &value, ByteOrder order)
+size_t BufferedTransformation::GetWord32(word32 &value, ByteOrder order)
 {
-	return Skip(PeekWord32(value, order));
+	return (size_t)Skip(PeekWord32(value, order));
 }
 void BufferedTransformation::Attach(BufferedTransformation *newOut)
@ -532,7 +530,7 @@ public:
 		Detach(attachment);
 	}
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 	{
 		FILTER_BEGIN;
 		m_plaintextQueue.Put(inString, length);
@ -540,8 +538,10 @@ public:
 		if (messageEnd)
 		{
 			{
-			unsigned int plaintextLength = m_plaintextQueue.CurrentSize();
+			size_t plaintextLength;
-			unsigned int ciphertextLength = m_encryptor.CiphertextLength(plaintextLength);
+			if (!SafeConvert(m_plaintextQueue.CurrentSize(), plaintextLength))
 				throw InvalidArgument("PK_DefaultEncryptionFilter: plaintext too long");
 			size_t ciphertextLength = m_encryptor.CiphertextLength(plaintextLength);
 			SecByteBlock plaintext(plaintextLength);
 			m_plaintextQueue.Get(plaintext, plaintextLength);
@ -575,7 +575,7 @@ public:
 		Detach(attachment);
 	}
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 	{
 		FILTER_BEGIN;
 		m_ciphertextQueue.Put(inString, length);
@ -583,8 +583,10 @@ public:
 		if (messageEnd)
 		{
 			{
-			unsigned int ciphertextLength = m_ciphertextQueue.CurrentSize();
+			size_t ciphertextLength;
-			unsigned int maxPlaintextLength = m_decryptor.MaxPlaintextLength(ciphertextLength);
+			if (!SafeConvert(m_ciphertextQueue.CurrentSize(), ciphertextLength))
 				throw InvalidArgument("PK_DefaultDecryptionFilter: ciphertext too long");
 			size_t maxPlaintextLength = m_decryptor.MaxPlaintextLength(ciphertextLength);
 			SecByteBlock ciphertext(ciphertextLength);
 			m_ciphertextQueue.Get(ciphertext, ciphertextLength);
@ -612,21 +614,21 @@ BufferedTransformation * PK_Decryptor::CreateDecryptionFilter(RandomNumberGenera
 	return new PK_DefaultDecryptionFilter(rng, *this, attachment, parameters);
 }
-unsigned int PK_Signer::Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const
+size_t PK_Signer::Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const
 {
 	std::auto_ptr<PK_MessageAccumulator> m(messageAccumulator);
 	return SignAndRestart(rng, *m, signature, false);
 }
-unsigned int PK_Signer::SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const
+size_t PK_Signer::SignMessage(RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const
 {
 	std::auto_ptr<PK_MessageAccumulator> m(NewSignatureAccumulator(rng));
 	m->Update(message, messageLen);
 	return SignAndRestart(rng, *m, signature, false);
 }
-unsigned int PK_Signer::SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, unsigned int recoverableMessageLength, 
+size_t PK_Signer::SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, 
-	const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, byte *signature) const
+	const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, byte *signature) const
 {
 	std::auto_ptr<PK_MessageAccumulator> m(NewSignatureAccumulator(rng));
 	InputRecoverableMessage(*m, recoverableMessage, recoverableMessageLength);
@ -640,7 +642,7 @@ bool PK_Verifier::Verify(PK_MessageAccumulator *messageAccumulator) const
 	return VerifyAndRestart(*m);
 }
-bool PK_Verifier::VerifyMessage(const byte *message, unsigned int messageLen, const byte *signature, unsigned int signatureLength) const
+bool PK_Verifier::VerifyMessage(const byte *message, size_t messageLen, const byte *signature, size_t signatureLength) const
 {
 	std::auto_ptr<PK_MessageAccumulator> m(NewVerificationAccumulator());
 	InputSignature(*m, signature, signatureLength);
@ -655,8 +657,8 @@ DecodingResult PK_Verifier::Recover(byte *recoveredMessage, PK_MessageAccumulato
 }
 DecodingResult PK_Verifier::RecoverMessage(byte *recoveredMessage, 
-	const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, 
+	const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, 
-	const byte *signature, unsigned int signatureLength) const
+	const byte *signature, size_t signatureLength) const
 {
 	std::auto_ptr<PK_MessageAccumulator> m(NewVerificationAccumulator());
 	InputSignature(*m, signature, signatureLength);
--- a/cryptlib.h
+++ b/cryptlib.h
@ -194,16 +194,16 @@ protected:
 struct CRYPTOPP_DLL DecodingResult
 {
 	explicit DecodingResult() : isValidCoding(false), messageLength(0) {}
-	explicit DecodingResult(unsigned int len) : isValidCoding(true), messageLength(len) {}
+	explicit DecodingResult(size_t len) : isValidCoding(true), messageLength(len) {}
 	bool operator==(const DecodingResult &rhs) const {return isValidCoding == rhs.isValidCoding && messageLength == rhs.messageLength;}
 	bool operator!=(const DecodingResult &rhs) const {return !operator==(rhs);}
 	bool isValidCoding;
-	unsigned int messageLength;
+	size_t messageLength;
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
-	operator unsigned int() const {return isValidCoding ? messageLength : 0;}
+	operator size_t() const {return isValidCoding ? messageLength : 0;}
 #endif
 };
@ -352,28 +352,28 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyingInterface
 {
 public:
 	//! returns smallest valid key length in bytes */
-	virtual unsigned int MinKeyLength() const =0;
+	virtual size_t MinKeyLength() const =0;
 	//! returns largest valid key length in bytes */
-	virtual unsigned int MaxKeyLength() const =0;
+	virtual size_t MaxKeyLength() const =0;
 	//! returns default (recommended) key length in bytes */
-	virtual unsigned int DefaultKeyLength() const =0;
+	virtual size_t DefaultKeyLength() const =0;
 	//! returns the smallest valid key length in bytes that is >= min(n, GetMaxKeyLength())
-	virtual unsigned int GetValidKeyLength(unsigned int n) const =0;
+	virtual size_t GetValidKeyLength(size_t n) const =0;
 	//! returns whether n is a valid key length
-	virtual bool IsValidKeyLength(unsigned int n) const
+	virtual bool IsValidKeyLength(size_t n) const
 		{return n == GetValidKeyLength(n);}
 	//! set or reset the key of this object
 	/*! \param params is used to specify Rounds, BlockSize, etc */
-	virtual void SetKey(const byte *key, unsigned int length, const NameValuePairs &params = g_nullNameValuePairs) =0;
+	virtual void SetKey(const byte *key, size_t length, const NameValuePairs &params = g_nullNameValuePairs) =0;
 	//! calls SetKey() with an NameValuePairs object that just specifies "Rounds"
-	void SetKeyWithRounds(const byte *key, unsigned int length, int rounds);
+	void SetKeyWithRounds(const byte *key, size_t length, int rounds);
 	//! calls SetKey() with an NameValuePairs object that just specifies "IV"
-	void SetKeyWithIV(const byte *key, unsigned int length, const byte *iv);
+	void SetKeyWithIV(const byte *key, size_t length, const byte *iv);
 	enum IV_Requirement {STRUCTURED_IV = 0, RANDOM_IV, UNPREDICTABLE_RANDOM_IV, INTERNALLY_GENERATED_IV, NOT_RESYNCHRONIZABLE};
 	//! returns the minimal requirement for secure IVs
@ -400,12 +400,12 @@ public:
 	virtual void GetNextIV(byte *IV) {throw NotImplemented("SimpleKeyingInterface: this object doesn't support GetNextIV()");}
 protected:
-	void ThrowIfInvalidKeyLength(const Algorithm &algorithm, unsigned int length);
+	void ThrowIfInvalidKeyLength(const Algorithm &algorithm, size_t length);
 	void ThrowIfResynchronizable();			// to be called when no IV is passed
 	void ThrowIfInvalidIV(const byte *iv);	// check for NULL IV if it can't be used
 	const byte * GetIVAndThrowIfInvalid(const NameValuePairs &params);
-	inline void AssertValidKeyLength(unsigned int length) const
+	inline void AssertValidKeyLength(size_t length) const
 	{
 		assert(IsValidKeyLength(length));
 	}
@ -450,7 +450,7 @@ public:
 	virtual unsigned int OptimalNumberOfParallelBlocks() const {return 1;}
 	//! encrypt or decrypt multiple blocks, for bit-slicing implementations
-	virtual void ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, unsigned int numberOfBlocks) const;
+	virtual void ProcessAndXorMultipleBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t numberOfBlocks) const;
 };
 //! interface for the data processing part of stream ciphers
@ -477,19 +477,19 @@ public:
 	//! encrypt or decrypt an array of bytes of specified length
 	/*! \note either inString == outString, or they don't overlap */
-	virtual void ProcessData(byte *outString, const byte *inString, unsigned int length) =0;
+	virtual void ProcessData(byte *outString, const byte *inString, size_t length) =0;
 	//! for ciphers where the last block of data is special, encrypt or decrypt the last block of data
 	/*! For now the only use of this function is for CBC-CTS mode. */
-	virtual void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length);
+	virtual void ProcessLastBlock(byte *outString, const byte *inString, size_t length);
 	//! returns the minimum size of the last block, 0 indicating the last block is not special
 	virtual unsigned int MinLastBlockSize() const {return 0;}
 	//! same as ProcessData(inoutString, inoutString, length)
-	inline void ProcessString(byte *inoutString, unsigned int length)
+	inline void ProcessString(byte *inoutString, size_t length)
 		{ProcessData(inoutString, inoutString, length);}
 	//! same as ProcessData(outString, inString, length)
-	inline void ProcessString(byte *outString, const byte *inString, unsigned int length)
+	inline void ProcessString(byte *outString, const byte *inString, size_t length)
 		{ProcessData(outString, inString, length);}
 	//! implemented as {ProcessData(&input, &input, 1); return input;}
 	inline byte ProcessByte(byte input)
@ -522,10 +522,10 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE HashTransformation : public Algorithm
 {
 public:
 	//! process more input
-	virtual void Update(const byte *input, unsigned int length) =0;
+	virtual void Update(const byte *input, size_t length) =0;
 	//! request space to write input into
-	virtual byte * CreateUpdateSpace(unsigned int &size) {size=0; return NULL;}
+	virtual byte * CreateUpdateSpace(size_t &size) {size=0; return NULL;}
 	//! compute hash for current message, then restart for a new message
 	/*!	\pre size of digest == DigestSize(). */
@ -549,7 +549,7 @@ public:
 	virtual unsigned int OptimalDataAlignment() const {return 1;}
 	//! use this if your input is in one piece and you don't want to call Update() and Final() separately
-	virtual void CalculateDigest(byte *digest, const byte *input, unsigned int length)
+	virtual void CalculateDigest(byte *digest, const byte *input, size_t length)
 		{Update(input, length); Final(digest);}
 	//! verify that digest is a valid digest for the current message, then reinitialize the object
@ -559,25 +559,25 @@ public:
 		{return TruncatedVerify(digest, DigestSize());}
 	//! use this if your input is in one piece and you don't want to call Update() and Verify() separately
-	virtual bool VerifyDigest(const byte *digest, const byte *input, unsigned int length)
+	virtual bool VerifyDigest(const byte *digest, const byte *input, size_t length)
 		{Update(input, length); return Verify(digest);}
 	//! truncated version of Final()
-	virtual void TruncatedFinal(byte *digest, unsigned int digestSize) =0;
+	virtual void TruncatedFinal(byte *digest, size_t digestSize) =0;
 	//! truncated version of CalculateDigest()
-	virtual void CalculateTruncatedDigest(byte *digest, unsigned int digestSize, const byte *input, unsigned int length)
+	virtual void CalculateTruncatedDigest(byte *digest, size_t digestSize, const byte *input, size_t length)
 		{Update(input, length); TruncatedFinal(digest, digestSize);}
 	//! truncated version of Verify()
-	virtual bool TruncatedVerify(const byte *digest, unsigned int digestLength);
+	virtual bool TruncatedVerify(const byte *digest, size_t digestLength);
 	//! truncated version of VerifyDigest()
-	virtual bool VerifyTruncatedDigest(const byte *digest, unsigned int digestLength, const byte *input, unsigned int length)
+	virtual bool VerifyTruncatedDigest(const byte *digest, size_t digestLength, const byte *input, size_t length)
 		{Update(input, length); return TruncatedVerify(digest, digestLength);}
 protected:
-	void ThrowIfInvalidTruncatedSize(unsigned int size) const;
+	void ThrowIfInvalidTruncatedSize(size_t size) const;
 };
 typedef HashTransformation HashFunction;
@ -586,7 +586,7 @@ template <class T>
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE SimpleKeyedTransformation : public T, public SimpleKeyingInterface
 {
 public:
-	void ThrowIfInvalidKeyLength(unsigned int length)
+	void ThrowIfInvalidKeyLength(size_t length)
 		{SimpleKeyingInterface::ThrowIfInvalidKeyLength(*this, length);}
 };
@ -630,11 +630,11 @@ public:
 	//! generate random array of bytes
 	/*! Default implementation is to call GenerateByte() size times. */
-	virtual void GenerateBlock(byte *output, unsigned int size);
+	virtual void GenerateBlock(byte *output, size_t size);
 	//! generate and discard n bytes
 	/*! Default implementation is to call GenerateByte() n times. */
-	virtual void DiscardBytes(unsigned int n);
+	virtual void DiscardBytes(size_t n);
 	//! randomly shuffle the specified array, resulting permutation is uniformly distributed
 	template <class IT> void Shuffle(IT begin, IT end)
@ -648,7 +648,7 @@ public:
 	unsigned int GetBit() {return GenerateBit();}
 	word32 GetLong(word32 a=0, word32 b=0xffffffffL) {return GenerateWord32(a, b);}
 	word16 GetShort(word16 a=0, word16 b=0xffff) {return (word16)GenerateWord32(a, b);}
-	void GetBlock(byte *output, unsigned int size) {GenerateBlock(output, size);}
+	void GetBlock(byte *output, size_t size) {GenerateBlock(output, size);}
 #endif
 };
@ -713,39 +713,39 @@ public:
 	//!	\name INPUT
 	//@{
 		//! input a byte for processing
-		unsigned int Put(byte inByte, bool blocking=true)
+		size_t Put(byte inByte, bool blocking=true)
 			{return Put(&inByte, 1, blocking);}
 		//! input multiple bytes
-		unsigned int Put(const byte *inString, unsigned int length, bool blocking=true)
+		size_t Put(const byte *inString, size_t length, bool blocking=true)
 			{return Put2(inString, length, 0, blocking);}
 		//! input a 16-bit word
-		unsigned int PutWord16(word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
+		size_t PutWord16(word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
 		//! input a 32-bit word
-		unsigned int PutWord32(word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
+		size_t PutWord32(word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
 		//! request space which can be written into by the caller, and then used as input to Put()
 		/*! \param size is requested size (as a hint) for input, and size of the returned space for output */
 		/*! \note The purpose of this method is to help avoid doing extra memory allocations. */
-		virtual byte * CreatePutSpace(unsigned int &size) {size=0; return NULL;}
+		virtual byte * CreatePutSpace(size_t &size) {size=0; return NULL;}
 		virtual bool CanModifyInput() const {return false;}
 		//! input multiple bytes that may be modified by callee
-		unsigned int PutModifiable(byte *inString, unsigned int length, bool blocking=true)
+		size_t PutModifiable(byte *inString, size_t length, bool blocking=true)
 			{return PutModifiable2(inString, length, 0, blocking);}
 		bool MessageEnd(int propagation=-1, bool blocking=true)
 			{return !!Put2(NULL, 0, propagation < 0 ? -1 : propagation+1, blocking);}
-		unsigned int PutMessageEnd(const byte *inString, unsigned int length, int propagation=-1, bool blocking=true)
+		size_t PutMessageEnd(const byte *inString, size_t length, int propagation=-1, bool blocking=true)
 			{return Put2(inString, length, propagation < 0 ? -1 : propagation+1, blocking);}
 		//! input multiple bytes for blocking or non-blocking processing
 		/*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
-		virtual unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking) =0;
+		virtual size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking) =0;
 		//! input multiple bytes that may be modified by callee for blocking or non-blocking processing
 		/*! \param messageEnd means how many filters to signal MessageEnd to, including this one */
-		virtual unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking)
+		virtual size_t PutModifiable2(byte *inString, size_t length, int messageEnd, bool blocking)
 			{return Put2(inString, length, messageEnd, blocking);}
 		//! thrown by objects that have not implemented nonblocking input processing
@ -802,45 +802,45 @@ public:
 		/*! All retrieval functions return the actual number of bytes
 			retrieved, which is the lesser of the request number and
 			MaxRetrievable(). */
-		virtual unsigned long MaxRetrievable() const;
+		virtual lword MaxRetrievable() const;
 		//! returns whether any bytes are currently ready for retrieval
 		virtual bool AnyRetrievable() const;
 		//! try to retrieve a single byte
-		virtual unsigned int Get(byte &outByte);
+		virtual size_t Get(byte &outByte);
 		//! try to retrieve multiple bytes
-		virtual unsigned int Get(byte *outString, unsigned int getMax);
+		virtual size_t Get(byte *outString, size_t getMax);
 		//! peek at the next byte without removing it from the output buffer
-		virtual unsigned int Peek(byte &outByte) const;
+		virtual size_t Peek(byte &outByte) const;
 		//! peek at multiple bytes without removing them from the output buffer
-		virtual unsigned int Peek(byte *outString, unsigned int peekMax) const;
+		virtual size_t Peek(byte *outString, size_t peekMax) const;
 		//! try to retrieve a 16-bit word
-		unsigned int GetWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER);
+		size_t GetWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER);
 		//! try to retrieve a 32-bit word
-		unsigned int GetWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER);
+		size_t GetWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER);
 		//! try to peek at a 16-bit word
-		unsigned int PeekWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
+		size_t PeekWord16(word16 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
 		//! try to peek at a 32-bit word
-		unsigned int PeekWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
+		size_t PeekWord32(word32 &value, ByteOrder order=BIG_ENDIAN_ORDER) const;
 		//! move transferMax bytes of the buffered output to target as input
-		unsigned long TransferTo(BufferedTransformation &target, unsigned long transferMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL)
+		lword TransferTo(BufferedTransformation &target, lword transferMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL)
 			{TransferTo2(target, transferMax, channel); return transferMax;}
 		//! discard skipMax bytes from the output buffer
-		virtual unsigned long Skip(unsigned long skipMax=ULONG_MAX);
+		virtual lword Skip(lword skipMax=LWORD_MAX);
 		//! copy copyMax bytes of the buffered output to target as input
-		unsigned long CopyTo(BufferedTransformation &target, unsigned long copyMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL) const
+		lword CopyTo(BufferedTransformation &target, lword copyMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL) const
 			{return CopyRangeTo(target, 0, copyMax, channel);}
 		//! copy copyMax bytes of the buffered output, starting at position (relative to current position), to target as input
-		unsigned long CopyRangeTo(BufferedTransformation &target, unsigned long position, unsigned long copyMax=ULONG_MAX, const std::string &channel=NULL_CHANNEL) const
+		lword CopyRangeTo(BufferedTransformation &target, lword position, lword copyMax=LWORD_MAX, const std::string &channel=NULL_CHANNEL) const
-			{unsigned long i = position; CopyRangeTo2(target, i, i+copyMax, channel); return i-position;}
+			{lword i = position; CopyRangeTo2(target, i, i+copyMax, channel); return i-position;}
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
 		unsigned long MaxRetrieveable() const {return MaxRetrievable();}
@ -850,7 +850,7 @@ public:
 	//!	\name RETRIEVAL OF MULTIPLE MESSAGES
 	//@{
 		//!
-		virtual unsigned long TotalBytesRetrievable() const;
+		virtual lword TotalBytesRetrievable() const;
 		//! number of times MessageEnd() has been received minus messages retrieved or skipped
 		virtual unsigned int NumberOfMessages() const;
 		//! returns true if NumberOfMessages() > 0
@ -884,10 +884,14 @@ public:
 	//!	\name NON-BLOCKING TRANSFER OF OUTPUT
 	//@{
-		virtual unsigned int TransferTo2(BufferedTransformation &target, unsigned long &byteCount, const std::string &channel=NULL_CHANNEL, bool blocking=true) =0;
+		//! upon return, byteCount contains number of bytes that have finished being transfered, and returns the number of bytes left in the current transfer block
-		virtual unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const =0;
+		virtual size_t TransferTo2(BufferedTransformation &target, lword &byteCount, const std::string &channel=NULL_CHANNEL, bool blocking=true) =0;
-		unsigned int TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+		//! upon return, begin contains the start position of data yet to be finished copying, and returns the number of bytes left in the current transfer block
-		unsigned int TransferAllTo2(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+		virtual size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const =0;
 		//! upon return, messageCount contains number of messages that have finished being transfered, and returns the number of bytes left in the current transfer block
 		size_t TransferMessagesTo2(BufferedTransformation &target, unsigned int &messageCount, const std::string &channel=NULL_CHANNEL, bool blocking=true);
 		//! returns the number of bytes left in the current transfer block
 		size_t TransferAllTo2(BufferedTransformation &target, const std::string &channel=NULL_CHANNEL, bool blocking=true);
 	//@}
 	//!	\name CHANNELS
@ -895,26 +899,26 @@ public:
 		struct NoChannelSupport : public NotImplemented
 			{NoChannelSupport() : NotImplemented("BufferedTransformation: this object doesn't support multiple channels") {}};
-		unsigned int ChannelPut(const std::string &channel, byte inByte, bool blocking=true)
+		size_t ChannelPut(const std::string &channel, byte inByte, bool blocking=true)
 			{return ChannelPut(channel, &inByte, 1, blocking);}
-		unsigned int ChannelPut(const std::string &channel, const byte *inString, unsigned int length, bool blocking=true)
+		size_t ChannelPut(const std::string &channel, const byte *inString, size_t length, bool blocking=true)
 			{return ChannelPut2(channel, inString, length, 0, blocking);}
-		unsigned int ChannelPutModifiable(const std::string &channel, byte *inString, unsigned int length, bool blocking=true)
+		size_t ChannelPutModifiable(const std::string &channel, byte *inString, size_t length, bool blocking=true)
 			{return ChannelPutModifiable2(channel, inString, length, 0, blocking);}
-		unsigned int ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
+		size_t ChannelPutWord16(const std::string &channel, word16 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
-		unsigned int ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
+		size_t ChannelPutWord32(const std::string &channel, word32 value, ByteOrder order=BIG_ENDIAN_ORDER, bool blocking=true);
 		bool ChannelMessageEnd(const std::string &channel, int propagation=-1, bool blocking=true)
 			{return !!ChannelPut2(channel, NULL, 0, propagation < 0 ? -1 : propagation+1, blocking);}
-		unsigned int ChannelPutMessageEnd(const std::string &channel, const byte *inString, unsigned int length, int propagation=-1, bool blocking=true)
+		size_t ChannelPutMessageEnd(const std::string &channel, const byte *inString, size_t length, int propagation=-1, bool blocking=true)
 			{return ChannelPut2(channel, inString, length, propagation < 0 ? -1 : propagation+1, blocking);}
-		virtual byte * ChannelCreatePutSpace(const std::string &channel, unsigned int &size);
+		virtual byte * ChannelCreatePutSpace(const std::string &channel, size_t &size);
-		virtual unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking);
+		virtual size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking);
-		virtual unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking);
+		virtual size_t ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking);
 		virtual bool ChannelFlush(const std::string &channel, bool hardFlush, int propagation=-1, bool blocking=true);
 		virtual bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true);
@ -947,6 +951,9 @@ public:
 protected:
 	static int DecrementPropagation(int propagation)
 		{return propagation != 0 ? propagation - 1 : 0;}
 private:
 	byte m_buf[4];	// for ChannelPutWord16 and ChannelPutWord32, to ensure buffer isn't deallocated before non-blocking operation completes
 };
 //! returns a reference to a BufferedTransformation object that discards all input
@ -1113,11 +1120,11 @@ public:
 	//! maximum length of plaintext for a given ciphertext length
 	/*! \note This function returns 0 if ciphertextLength is not valid (too long or too short). */
-	virtual unsigned int MaxPlaintextLength(unsigned int ciphertextLength) const =0;
+	virtual size_t MaxPlaintextLength(size_t ciphertextLength) const =0;
 	//! calculate length of ciphertext given length of plaintext
 	/*! \note This function returns 0 if plaintextLength is not valid (too long). */
-	virtual unsigned int CiphertextLength(unsigned int plaintextLength) const =0;
+	virtual size_t CiphertextLength(size_t plaintextLength) const =0;
 	//! this object supports the use of the parameter with the given name
 	/*! some possible parameter names: EncodingParameters, KeyDerivationParameters */
@ -1126,14 +1133,14 @@ public:
 	//! return fixed ciphertext length, if one exists, otherwise return 0
 	/*! \note "Fixed" here means length of ciphertext does not depend on length of plaintext.
 		It usually does depend on the key length. */
-	virtual unsigned int FixedCiphertextLength() const {return 0;}
+	virtual size_t FixedCiphertextLength() const {return 0;}
 	//! return maximum plaintext length given the fixed ciphertext length, if one exists, otherwise return 0
-	virtual unsigned int FixedMaxPlaintextLength() const {return 0;}
+	virtual size_t FixedMaxPlaintextLength() const {return 0;}
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
-	unsigned int MaxPlainTextLength(unsigned int cipherTextLength) const {return MaxPlaintextLength(cipherTextLength);}
+	size_t MaxPlainTextLength(size_t cipherTextLength) const {return MaxPlaintextLength(cipherTextLength);}
-	unsigned int CipherTextLength(unsigned int plainTextLength) const {return CiphertextLength(plainTextLength);}
+	size_t CipherTextLength(size_t plainTextLength) const {return CiphertextLength(plainTextLength);}
 #endif
 };
@ -1153,7 +1160,7 @@ public:
 		\pre size of ciphertext == CiphertextLength(plaintextLength)
 	*/
 	virtual void Encrypt(RandomNumberGenerator &rng, 
-		const byte *plaintext, unsigned int plaintextLength, 
+		const byte *plaintext, size_t plaintextLength, 
 		byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
 	//! create a new encryption filter
@ -1174,7 +1181,7 @@ public:
 		\return the actual length of the plaintext, indication that decryption failed.
 	*/
 	virtual DecodingResult Decrypt(RandomNumberGenerator &rng, 
-		const byte *ciphertext, unsigned int ciphertextLength, 
+		const byte *ciphertext, size_t ciphertextLength, 
 		byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
 	//! create a new decryption filter
@ -1219,16 +1226,16 @@ public:
 	virtual ~PK_SignatureScheme() {}
 	//! signature length if it only depends on the key, otherwise 0
-	virtual unsigned int SignatureLength() const =0;
+	virtual size_t SignatureLength() const =0;
 	//! maximum signature length produced for a given length of recoverable message part
-	virtual unsigned int MaxSignatureLength(unsigned int recoverablePartLength = 0) const {return SignatureLength();}
+	virtual size_t MaxSignatureLength(size_t recoverablePartLength = 0) const {return SignatureLength();}
 	//! length of longest message that can be recovered, or 0 if this signature scheme does not support message recovery
-	virtual unsigned int MaxRecoverableLength() const =0;
+	virtual size_t MaxRecoverableLength() const =0;
 	//! length of longest message that can be recovered from a signature of given length, or 0 if this signature scheme does not support message recovery
-	virtual unsigned int MaxRecoverableLengthFromSignatureLength(unsigned int signatureLength) const =0;
+	virtual size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const =0;
 	//! requires a random number generator to sign
 	/*! if this returns false, NullRNG() can be passed to functions that take RandomNumberGenerator & */
@ -1255,7 +1262,7 @@ public:
 	unsigned int DigestSize() const
 		{throw NotImplemented("PK_MessageAccumulator: DigestSize() should not be called");}
 	//! should not be called on PK_MessageAccumulator
-	void TruncatedFinal(byte *digest, unsigned int digestSize) 
+	void TruncatedFinal(byte *digest, size_t digestSize) 
 		{throw NotImplemented("PK_MessageAccumulator: TruncatedFinal() should not be called");}
 };
@ -1267,32 +1274,32 @@ public:
 	//! create a new HashTransformation to accumulate the message to be signed
 	virtual PK_MessageAccumulator * NewSignatureAccumulator(RandomNumberGenerator &rng) const =0;
-	virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const =0;
+	virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const =0;
 	//! sign and delete messageAccumulator (even in case of exception thrown)
 	/*! \pre size of signature == MaxSignatureLength()
 		\return actual signature length
 	*/
-	virtual unsigned int Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
+	virtual size_t Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
 	//! sign and restart messageAccumulator
 	/*! \pre size of signature == MaxSignatureLength()
 		\return actual signature length
 	*/
-	virtual unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
+	virtual size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
 	//! sign a message
 	/*! \pre size of signature == MaxSignatureLength()
 		\return actual signature length
 	*/
-	virtual unsigned int SignMessage(RandomNumberGenerator &rng, const byte *message, unsigned int messageLen, byte *signature) const;
+	virtual size_t SignMessage(RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const;
 	//! sign a recoverable message
 	/*! \pre size of signature == MaxSignatureLength(recoverableMessageLength)
 		\return actual signature length
 	*/
-	virtual unsigned int SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, unsigned int recoverableMessageLength, 
+	virtual size_t SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, 
-		const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, byte *signature) const;
+		const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, byte *signature) const;
 };
 //! interface for public-key signature verifiers
@ -1309,7 +1316,7 @@ public:
 	virtual PK_MessageAccumulator * NewVerificationAccumulator() const =0;
 	//! input signature into a message accumulator
-	virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const =0;
+	virtual void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const =0;
 	//! check whether messageAccumulator contains a valid signature and message, and delete messageAccumulator (even in case of exception thrown)
 	virtual bool Verify(PK_MessageAccumulator *messageAccumulator) const;
@ -1318,8 +1325,8 @@ public:
 	virtual bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const =0;
 	//! check whether input signature is a valid signature for input message
-	virtual bool VerifyMessage(const byte *message, unsigned int messageLen, 
+	virtual bool VerifyMessage(const byte *message, size_t messageLen, 
-		const byte *signature, unsigned int signatureLength) const;
+		const byte *signature, size_t signatureLength) const;
 	//! recover a message from its signature
 	/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
@ -1335,8 +1342,8 @@ public:
 	/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
 	*/
 	virtual DecodingResult RecoverMessage(byte *recoveredMessage, 
-		const byte *nonrecoverableMessage, unsigned int nonrecoverableMessageLength, 
+		const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, 
-		const byte *signature, unsigned int signatureLength) const;
+		const byte *signature, size_t signatureLength) const;
 };
 //! interface for domains of simple key agreement protocols
--- a/default.cpp
+++ b/default.cpp
@ -19,12 +19,12 @@ static const unsigned int KEYLENGTH = Default_BlockCipher::Encryption::DEFAULT_K
 // deducible from it, and (3) it contains as much entropy as it can hold, or
 // the amount of entropy in the input string, whichever is smaller.
-static void Mash(const byte *in, word16 inLen, byte *out, word16 outLen, int iterations)
+static void Mash(const byte *in, size_t inLen, byte *out, size_t outLen, int iterations)
 {
-	unsigned int bufSize = (outLen-1+DefaultHashModule::DIGESTSIZE-((outLen-1)%DefaultHashModule::DIGESTSIZE));
+	if (BytePrecision(outLen) > 2)
-
+		throw InvalidArgument("Mash: output legnth too large");
 	// ASSERT: bufSize == (the smallest multiple of DIGESTSIZE that is >= outLen)
 	size_t bufSize = RoundUpToMultipleOf(outLen, (size_t)DefaultHashModule::DIGESTSIZE);
 	byte b[2];
 	SecByteBlock buf(bufSize);
 	SecByteBlock outBuf(bufSize);
@ -56,7 +56,7 @@ static void Mash(const byte *in, word16 inLen, byte *out, word16 outLen, int ite
 	memcpy(out, outBuf, outLen);
 }
-static void GenerateKeyIV(const byte *passphrase, unsigned int passphraseLength, const byte *salt, unsigned int saltLength, byte *key, byte *IV)
+static void GenerateKeyIV(const byte *passphrase, size_t passphraseLength, const byte *salt, size_t saltLength, byte *key, byte *IV)
 {
 	SecByteBlock temp(passphraseLength+saltLength);
 	memcpy(temp, passphrase, passphraseLength);
@ -74,7 +74,7 @@ DefaultEncryptor::DefaultEncryptor(const char *passphrase, BufferedTransformatio
 {
 }
-DefaultEncryptor::DefaultEncryptor(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment)
+DefaultEncryptor::DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment)
 	: ProxyFilter(NULL, 0, 0, attachment), m_passphrase(passphrase, passphraseLength)
 {
 }
@ -115,7 +115,7 @@ void DefaultEncryptor::FirstPut(const byte *)
 	m_filter->Put(keyCheck, BLOCKSIZE);
 }
-void DefaultEncryptor::LastPut(const byte *inString, unsigned int length)
+void DefaultEncryptor::LastPut(const byte *inString, size_t length)
 {
 	m_filter->MessageEnd();
 }
@ -130,7 +130,7 @@ DefaultDecryptor::DefaultDecryptor(const char *p, BufferedTransformation *attach
 {
 }
-DefaultDecryptor::DefaultDecryptor(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment, bool throwException)
+DefaultDecryptor::DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment, bool throwException)
 	: ProxyFilter(NULL, SALTLENGTH+BLOCKSIZE, 0, attachment)
 	, m_state(WAITING_FOR_KEYCHECK)
 	, m_passphrase(passphrase, passphraseLength)
@ -143,7 +143,7 @@ void DefaultDecryptor::FirstPut(const byte *inString)
 	CheckKey(inString, inString+SALTLENGTH);
 }
-void DefaultDecryptor::LastPut(const byte *inString, unsigned int length)
+void DefaultDecryptor::LastPut(const byte *inString, size_t length)
 {
 	if (m_filter.get() == NULL)
 	{
@ -192,9 +192,9 @@ void DefaultDecryptor::CheckKey(const byte *salt, const byte *keyCheck)
 // ********************************************************
-static DefaultMAC * NewDefaultEncryptorMAC(const byte *passphrase, unsigned int passphraseLength)
+static DefaultMAC * NewDefaultEncryptorMAC(const byte *passphrase, size_t passphraseLength)
 {
-	unsigned int macKeyLength = DefaultMAC::StaticGetValidKeyLength(16);
+	size_t macKeyLength = DefaultMAC::StaticGetValidKeyLength(16);
 	SecByteBlock macKey(macKeyLength);
 	// since the MAC is encrypted there is no reason to mash the passphrase for many iterations
 	Mash(passphrase, passphraseLength, macKey, macKeyLength, 1);
@ -208,14 +208,14 @@ DefaultEncryptorWithMAC::DefaultEncryptorWithMAC(const char *passphrase, Buffere
 	SetFilter(new HashFilter(*m_mac, new DefaultEncryptor(passphrase), true));
 }
-DefaultEncryptorWithMAC::DefaultEncryptorWithMAC(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment)
+DefaultEncryptorWithMAC::DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment)
 	: ProxyFilter(NULL, 0, 0, attachment)
 	, m_mac(NewDefaultEncryptorMAC(passphrase, passphraseLength))
 {
 	SetFilter(new HashFilter(*m_mac, new DefaultEncryptor(passphrase, passphraseLength), true));
 }
-void DefaultEncryptorWithMAC::LastPut(const byte *inString, unsigned int length)
+void DefaultEncryptorWithMAC::LastPut(const byte *inString, size_t length)
 {
 	m_filter->MessageEnd();
 }
@ -230,7 +230,7 @@ DefaultDecryptorWithMAC::DefaultDecryptorWithMAC(const char *passphrase, Buffere
 	SetFilter(new DefaultDecryptor(passphrase, m_hashVerifier=new HashVerifier(*m_mac, NULL, HashVerifier::PUT_MESSAGE), throwException));
 }
-DefaultDecryptorWithMAC::DefaultDecryptorWithMAC(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment, bool throwException)
+DefaultDecryptorWithMAC::DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment, bool throwException)
 	: ProxyFilter(NULL, 0, 0, attachment)
 	, m_mac(NewDefaultEncryptorMAC(passphrase, passphraseLength))
 	, m_throwException(throwException)
@ -248,7 +248,7 @@ bool DefaultDecryptorWithMAC::CheckLastMAC() const
 	return m_hashVerifier->GetLastResult();
 }
-void DefaultDecryptorWithMAC::LastPut(const byte *inString, unsigned int length)
+void DefaultDecryptorWithMAC::LastPut(const byte *inString, size_t length)
 {
 	m_filter->MessageEnd();
 	if (m_throwException && !CheckLastMAC())
--- a/default.h
+++ b/default.h
@ -18,11 +18,11 @@ class DefaultEncryptor : public ProxyFilter
 {
 public:
 	DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);
-	DefaultEncryptor(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment = NULL);
+	DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 protected:
 	void FirstPut(const byte *);
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 private:
 	SecByteBlock m_passphrase;
@ -34,7 +34,7 @@ class DefaultDecryptor : public ProxyFilter
 {
 public:
 	DefaultDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
-	DefaultDecryptor(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
+	DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 	class Err : public Exception
 	{
@ -49,7 +49,7 @@ public:
 protected:
 	void FirstPut(const byte *inString);
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 	State m_state;
@ -67,11 +67,11 @@ class DefaultEncryptorWithMAC : public ProxyFilter
 {
 public:
 	DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);
-	DefaultEncryptorWithMAC(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment = NULL);
+	DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 protected:
 	void FirstPut(const byte *inString) {}
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 private:
 	member_ptr<DefaultMAC> m_mac;
@ -84,14 +84,14 @@ public:
 	class MACBadErr : public DefaultDecryptor::Err {public: MACBadErr() : DefaultDecryptor::Err("DefaultDecryptorWithMAC: MAC check failed") {}};
 	DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
-	DefaultDecryptorWithMAC(const byte *passphrase, unsigned int passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
+	DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 	DefaultDecryptor::State CurrentState() const;
 	bool CheckLastMAC() const;
 protected:
 	void FirstPut(const byte *inString) {}
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 private:
 	member_ptr<DefaultMAC> m_mac;
--- a/dlltest.cpp
+++ b/dlltest.cpp
@ -193,6 +193,14 @@ void __cdecl operator delete (void * p)
 	s_pDelete(p);
 }
 #else
 extern "C" __declspec(dllexport) void __cdecl GetNewAndDeleteForCryptoPP(PNew &pNew, PDelete &pDelete)
 {
 	pNew = &operator new;
 	pDelete = &operator delete;
 }
 #endif
 #ifdef CRYPTOPP_DLL_ONLY
--- a/dmac.h
+++ b/dmac.h
@ -16,15 +16,15 @@ public:
 	DMAC_Base() {}
-	void CheckedSetKey(void *, Empty empty, const byte *key, unsigned int length, const NameValuePairs &params);
+	void CheckedSetKey(void *, Empty empty, const byte *key, size_t length, const NameValuePairs &params);
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *mac, unsigned int size);
+	void TruncatedFinal(byte *mac, size_t size);
 	unsigned int DigestSize() const {return DIGESTSIZE;}
 private:
-	byte *GenerateSubKeys(const byte *key, unsigned int keylength);
+	byte *GenerateSubKeys(const byte *key, size_t keylength);
-	unsigned int m_subkeylength;
+	size_t m_subkeylength;
 	SecByteBlock m_subkeys;
 	CBC_MAC<T> m_mac1;
 	typename T::Encryption m_f2;
@ -40,15 +40,15 @@ class DMAC : public MessageAuthenticationCodeFinal<DMAC_Base<T> >
 {
 public:
 	DMAC() {}
-	DMAC(const byte *key, unsigned int length=DMAC_Base<T>::DEFAULT_KEYLENGTH)
+	DMAC(const byte *key, size_t length=DMAC_Base<T>::DEFAULT_KEYLENGTH)
 		{this->SetKey(key, length);}
 };
 template <class T>
-void DMAC_Base<T>::CheckedSetKey(void *, Empty empty, const byte *key, unsigned int length, const NameValuePairs &params)
+void DMAC_Base<T>::CheckedSetKey(void *, Empty empty, const byte *key, size_t length, const NameValuePairs &params)
 {
 	m_subkeylength = T::StaticGetValidKeyLength(T::BLOCKSIZE);
-	m_subkeys.resize(2*STDMAX((unsigned int)T::BLOCKSIZE, m_subkeylength));
+	m_subkeys.resize(2*UnsignedMin((unsigned int)T::BLOCKSIZE, m_subkeylength));
 	m_mac1.SetKey(GenerateSubKeys(key, length), m_subkeylength, params);
 	m_f2.SetKey(m_subkeys+m_subkeys.size()/2, m_subkeylength, params);
 	m_counter = 0;
@ -56,14 +56,14 @@ void DMAC_Base<T>::CheckedSetKey(void *, Empty empty, const byte *key, unsigned
 }
 template <class T>
-void DMAC_Base<T>::Update(const byte *input, unsigned int length)
+void DMAC_Base<T>::Update(const byte *input, size_t length)
 {
 	m_mac1.Update(input, length);
-	m_counter = (m_counter + length) % T::BLOCKSIZE;
+	m_counter = (unsigned int)((m_counter + length) % T::BLOCKSIZE);
 }
 template <class T>
-void DMAC_Base<T>::TruncatedFinal(byte *mac, unsigned int size)
+void DMAC_Base<T>::TruncatedFinal(byte *mac, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
@ -76,7 +76,7 @@ void DMAC_Base<T>::TruncatedFinal(byte *mac, unsigned int size)
 }
 template <class T>
-byte *DMAC_Base<T>::GenerateSubKeys(const byte *key, unsigned int keylength)
+byte *DMAC_Base<T>::GenerateSubKeys(const byte *key, size_t keylength)
 {
 	typename T::Encryption cipher(key, keylength);
 	memset(m_subkeys, 0, m_subkeys.size());
--- a/dsa.cpp
+++ b/dsa.cpp
@ -9,7 +9,7 @@
 NAMESPACE_BEGIN(CryptoPP)
-unsigned int DSAConvertSignatureFormat(byte *buffer, unsigned int bufferSize, DSASignatureFormat toFormat, const byte *signature, unsigned int signatureLen, DSASignatureFormat fromFormat)
+size_t DSAConvertSignatureFormat(byte *buffer, size_t bufferSize, DSASignatureFormat toFormat, const byte *signature, size_t signatureLen, DSASignatureFormat fromFormat)
 {
 	Integer r, s;
 	StringStore store(signature, signatureLen);
@ -55,7 +55,7 @@ unsigned int DSAConvertSignatureFormat(byte *buffer, unsigned int bufferSize, DS
 		break;
 	}
-	return sink.TotalPutLength();
+	return (size_t)sink.TotalPutLength();
 }
 bool DSA::GeneratePrimes(const byte *seedIn, unsigned int g, int &counter,
--- a/dsa.h
+++ b/dsa.h
@ -13,8 +13,8 @@ NAMESPACE_BEGIN(CryptoPP)
 enum DSASignatureFormat {DSA_P1363, DSA_DER, DSA_OPENPGP};
 /** This function converts between these formats, and returns length of signature in the target format.
 	If toFormat == DSA_P1363, bufferSize must equal publicKey.SignatureLength() */
-unsigned int DSAConvertSignatureFormat(byte *buffer, unsigned int bufferSize, DSASignatureFormat toFormat, 
+size_t DSAConvertSignatureFormat(byte *buffer, size_t bufferSize, DSASignatureFormat toFormat, 
-	const byte *signature, unsigned int signatureLen, DSASignatureFormat fromFormat);
+	const byte *signature, size_t signatureLen, DSASignatureFormat fromFormat);
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
@ -25,7 +25,7 @@ const int MIN_DSA_PRIME_LENGTH = DSA::MIN_PRIME_LENGTH;
 const int MAX_DSA_PRIME_LENGTH = DSA::MAX_PRIME_LENGTH;
 const int DSA_PRIME_LENGTH_MULTIPLE = DSA::PRIME_LENGTH_MULTIPLE;
-inline bool GenerateDSAPrimes(const byte *seed, unsigned int seedLength, int &counter, Integer &p, unsigned int primeLength, Integer &q)
+inline bool GenerateDSAPrimes(const byte *seed, size_t seedLength, int &counter, Integer &p, unsigned int primeLength, Integer &q)
 	{return DSA::GeneratePrimes(seed, seedLength, counter, p, primeLength, q);}
 #endif
--- a/ec2n.cpp
+++ b/ec2n.cpp
@ -33,13 +33,13 @@ void EC2N::DEREncode(BufferedTransformation &bt) const
 	seq.MessageEnd();
 }
-bool EC2N::DecodePoint(EC2N::Point &P, const byte *encodedPoint, unsigned int encodedPointLen) const
+bool EC2N::DecodePoint(EC2N::Point &P, const byte *encodedPoint, size_t encodedPointLen) const
 {
 	StringStore store(encodedPoint, encodedPointLen);
 	return DecodePoint(P, store, encodedPointLen);
 }
-bool EC2N::DecodePoint(EC2N::Point &P, BufferedTransformation &bt, unsigned int encodedPointLen) const
+bool EC2N::DecodePoint(EC2N::Point &P, BufferedTransformation &bt, size_t encodedPointLen) const
 {
 	byte type;
 	if (encodedPointLen < 1 || !bt.Get(type))
--- a/ec2n.h
+++ b/ec2n.h
@ -62,8 +62,8 @@ public:
 	unsigned int EncodedPointSize(bool compressed = false) const
 		{return 1 + (compressed?1:2)*m_field->MaxElementByteLength();}
 	// returns false if point is compressed and not valid (doesn't check if uncompressed)
-	bool DecodePoint(Point &P, BufferedTransformation &bt, unsigned int len) const;
+	bool DecodePoint(Point &P, BufferedTransformation &bt, size_t len) const;
-	bool DecodePoint(Point &P, const byte *encodedPoint, unsigned int len) const;
+	bool DecodePoint(Point &P, const byte *encodedPoint, size_t len) const;
 	void EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const;
 	void EncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const;
--- a/eccrypto.cpp
+++ b/eccrypto.cpp
@ -70,9 +70,9 @@ template<> struct EcRecommendedParameters<EC2N>
 		StringSource ssA(a, true, new HexDecoder);
 		StringSource ssB(b, true, new HexDecoder);
 		if (t0 == 0)
-			return new EC2N(GF2NT(t2, t3, t4), EC2N::FieldElement(ssA, ssA.MaxRetrievable()), EC2N::FieldElement(ssB, ssB.MaxRetrievable()));
+			return new EC2N(GF2NT(t2, t3, t4), EC2N::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), EC2N::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
 		else
-			return new EC2N(GF2NPP(t0, t1, t2, t3, t4), EC2N::FieldElement(ssA, ssA.MaxRetrievable()), EC2N::FieldElement(ssB, ssB.MaxRetrievable()));
+			return new EC2N(GF2NPP(t0, t1, t2, t3, t4), EC2N::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), EC2N::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
 	};
 	OID oid;
@ -90,7 +90,7 @@ template<> struct EcRecommendedParameters<ECP>
 		StringSource ssP(p, true, new HexDecoder);
 		StringSource ssA(a, true, new HexDecoder);
 		StringSource ssB(b, true, new HexDecoder);
-		return new ECP(Integer(ssP, ssP.MaxRetrievable()), ECP::FieldElement(ssA, ssA.MaxRetrievable()), ECP::FieldElement(ssB, ssB.MaxRetrievable()));
+		return new ECP(Integer(ssP, (size_t)ssP.MaxRetrievable()), ECP::FieldElement(ssA, (size_t)ssA.MaxRetrievable()), ECP::FieldElement(ssB, (size_t)ssB.MaxRetrievable()));
 	};
 	OID oid;
@ -379,12 +379,12 @@ template <class EC> void DL_GroupParameters_EC<EC>::Initialize(const OID &oid)
 	StringSource ssG(param.g, true, new HexDecoder);
 	Element G;
-	bool result = GetCurve().DecodePoint(G, ssG, ssG.MaxRetrievable());
+	bool result = GetCurve().DecodePoint(G, ssG, (size_t)ssG.MaxRetrievable());
 	SetSubgroupGenerator(G);
 	assert(result);
 	StringSource ssN(param.n, true, new HexDecoder);
-	m_n.Decode(ssN, ssN.MaxRetrievable());
+	m_n.Decode(ssN, (size_t)ssN.MaxRetrievable());
 	m_k = param.h;
 }
@ -568,7 +568,7 @@ OID DL_GroupParameters_EC<EC>::GetAlgorithmID() const
 // ******************************************************************
 template <class EC>
-void DL_PublicKey_EC<EC>::BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, unsigned int size)
+void DL_PublicKey_EC<EC>::BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size)
 {
 	typename EC::Point P;
 	if (!this->GetGroupParameters().GetCurve().DecodePoint(P, bt, size))
@ -585,7 +585,7 @@ void DL_PublicKey_EC<EC>::DEREncodeKey(BufferedTransformation &bt) const
 // ******************************************************************
 template <class EC>
-void DL_PrivateKey_EC<EC>::BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, unsigned int size)
+void DL_PrivateKey_EC<EC>::BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size)
 {
 	BERSequenceDecoder seq(bt);
 		word32 version;
@ -595,7 +595,7 @@ void DL_PrivateKey_EC<EC>::BERDecodeKey2(BufferedTransformation &bt, bool parame
 		if (!dec.IsDefiniteLength())
 			BERDecodeError();
 		Integer x;
-		x.Decode(dec, dec.RemainingLength());
+		x.Decode(dec, (size_t)dec.RemainingLength());
 		dec.MessageEnd();
 		if (!parametersPresent && seq.PeekByte() != (CONTEXT_SPECIFIC | CONSTRUCTED | 0))
 			BERDecodeError();
--- a/eccrypto.h
+++ b/eccrypto.h
@ -155,7 +155,7 @@ public:
 		{this->AccessGroupParameters().Initialize(ec, G, n); SetPublicElement(Q);}
 	// X509PublicKey
-	void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, unsigned int size);
+	void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size);
 	void DEREncodeKey(BufferedTransformation &bt) const;
 };
@ -181,7 +181,7 @@ public:
 		{GenerateRandom(rng, DL_GroupParameters_EC<EC>(ec, G, n));}
 	// PKCS8PrivateKey
-	void BERDecodeKey2(BufferedTransformation &bt,  bool parametersPresent, unsigned int size);
+	void BERDecodeKey2(BufferedTransformation &bt, bool parametersPresent, size_t size);
 	void DEREncodeKey(BufferedTransformation &bt) const;
 };
--- a/ecp.cpp
+++ b/ecp.cpp
@ -57,13 +57,13 @@ void ECP::DEREncode(BufferedTransformation &bt) const
 	seq.MessageEnd();
 }
-bool ECP::DecodePoint(ECP::Point &P, const byte *encodedPoint, unsigned int encodedPointLen) const
+bool ECP::DecodePoint(ECP::Point &P, const byte *encodedPoint, size_t encodedPointLen) const
 {
 	StringStore store(encodedPoint, encodedPointLen);
 	return DecodePoint(P, store, encodedPointLen);
 }
-bool ECP::DecodePoint(ECP::Point &P, BufferedTransformation &bt, unsigned int encodedPointLen) const
+bool ECP::DecodePoint(ECP::Point &P, BufferedTransformation &bt, size_t encodedPointLen) const
 {
 	byte type;
 	if (encodedPointLen < 1 || !bt.Get(type))
@ -245,7 +245,7 @@ const ECP::Point& ECP::Double(const Point &P) const
 template <class T, class Iterator> void ParallelInvert(const AbstractRing<T> &ring, Iterator begin, Iterator end)
 {
-	unsigned int n = end-begin;
+	size_t n = end-begin;
 	if (n == 1)
 		*begin = ring.MultiplicativeInverse(*begin);
 	else if (n > 1)
@ -338,7 +338,7 @@ struct ZIterator
 	ZIterator() {}
 	ZIterator(std::vector<ProjectivePoint>::iterator it) : it(it) {}
 	Integer& operator*() {return it->z;}
-	int operator-(ZIterator it2) {return it-it2.it;}
+	int operator-(ZIterator it2) {return int(it-it2.it);}
 	ZIterator operator+(int i) {return ZIterator(it+i);}
 	ZIterator& operator+=(int i) {it+=i; return *this;}
 	std::vector<ProjectivePoint>::iterator it;
@ -400,7 +400,7 @@ void ECP::SimultaneousMultiply(ECP::Point *results, const ECP::Point &P, const I
 				}
 				exponentWindows[i].push_back(exponents[i].expWindow);
-				baseIndices[i].push_back(bases.size()-1);
+				baseIndices[i].push_back((word32)bases.size()-1);
 				negateBase[i].push_back(exponents[i].negateNext);
 				exponents[i].FindNextWindow();
--- a/ecp.h
+++ b/ecp.h
@ -66,8 +66,8 @@ public:
 	unsigned int EncodedPointSize(bool compressed = false) const
 		{return 1 + (compressed?1:2)*GetField().MaxElementByteLength();}
 	// returns false if point is compressed and not valid (doesn't check if uncompressed)
-	bool DecodePoint(Point &P, BufferedTransformation &bt, unsigned int len) const;
+	bool DecodePoint(Point &P, BufferedTransformation &bt, size_t len) const;
-	bool DecodePoint(Point &P, const byte *encodedPoint, unsigned int len) const;
+	bool DecodePoint(Point &P, const byte *encodedPoint, size_t len) const;
 	void EncodePoint(byte *encodedPoint, const Point &P, bool compressed) const;
 	void EncodePoint(BufferedTransformation &bt, const Point &P, bool compressed) const;
--- a/elgamal.h
+++ b/elgamal.h
@ -11,17 +11,17 @@ class CRYPTOPP_NO_VTABLE ElGamalBase : public DL_KeyAgreementAlgorithm_DH<Intege
 					public DL_SymmetricEncryptionAlgorithm
 {
 public:
-	void Derive(const DL_GroupParameters<Integer> &groupParams, byte *derivedKey, unsigned int derivedLength, const Integer &agreedElement, const Integer &ephemeralPublicKey, const NameValuePairs &derivationParams) const
+	void Derive(const DL_GroupParameters<Integer> &groupParams, byte *derivedKey, size_t derivedLength, const Integer &agreedElement, const Integer &ephemeralPublicKey, const NameValuePairs &derivationParams) const
 	{
 		agreedElement.Encode(derivedKey, derivedLength);
 	}
-	unsigned int GetSymmetricKeyLength(unsigned int plainTextLength) const
+	size_t GetSymmetricKeyLength(size_t plainTextLength) const
 	{
 		return GetGroupParameters().GetModulus().ByteCount();
 	}
-	unsigned int GetSymmetricCiphertextLength(unsigned int plainTextLength) const
+	size_t GetSymmetricCiphertextLength(size_t plainTextLength) const
 	{
 		unsigned int len = GetGroupParameters().GetModulus().ByteCount();
 		if (plainTextLength <= GetMaxSymmetricPlaintextLength(len))
@ -30,7 +30,7 @@ public:
 			return 0;
 	}
-	unsigned int GetMaxSymmetricPlaintextLength(unsigned int cipherTextLength) const
+	size_t GetMaxSymmetricPlaintextLength(size_t cipherTextLength) const
 	{
 		unsigned int len = GetGroupParameters().GetModulus().ByteCount();
 		if (cipherTextLength == len)
@ -39,7 +39,7 @@ public:
 			return 0;
 	}
-	void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plainText, unsigned int plainTextLength, byte *cipherText, const NameValuePairs &parameters) const
+	void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plainText, size_t plainTextLength, byte *cipherText, const NameValuePairs &parameters) const
 	{
 		const Integer &p = GetGroupParameters().GetModulus();
 		unsigned int modulusLen = p.ByteCount();
@ -47,12 +47,12 @@ public:
 		SecByteBlock block(modulusLen-1);
 		rng.GenerateBlock(block, modulusLen-2-plainTextLength);
 		memcpy(block+modulusLen-2-plainTextLength, plainText, plainTextLength);
-		block[modulusLen-2] = plainTextLength;
+		block[modulusLen-2] = (byte)plainTextLength;
 		a_times_b_mod_c(Integer(key, modulusLen), Integer(block, modulusLen-1), p).Encode(cipherText, modulusLen);
 	}
-	DecodingResult SymmetricDecrypt(const byte *key, const byte *cipherText, unsigned int cipherTextLength, byte *plainText, const NameValuePairs &parameters) const
+	DecodingResult SymmetricDecrypt(const byte *key, const byte *cipherText, size_t cipherTextLength, byte *plainText, const NameValuePairs &parameters) const
 	{
 		const Integer &p = GetGroupParameters().GetModulus();
 		unsigned int modulusLen = p.ByteCount();
@ -78,8 +78,8 @@ template <class BASE, class SCHEME_OPTIONS, class KEY>
 class ElGamalObjectImpl : public DL_ObjectImplBase<BASE, SCHEME_OPTIONS, KEY>, public ElGamalBase
 {
 public:
-	unsigned int FixedMaxPlaintextLength() const {return MaxPlaintextLength(FixedCiphertextLength());}
+	size_t FixedMaxPlaintextLength() const {return MaxPlaintextLength(FixedCiphertextLength());}
-	unsigned int FixedCiphertextLength() const {return this->CiphertextLength(0);}
+	size_t FixedCiphertextLength() const {return this->CiphertextLength(0);}
 	const DL_GroupParameters_GFP & GetGroupParameters() const {return this->GetKey().GetGroupParameters();}
--- a/emsa2.cpp
+++ b/emsa2.cpp
@ -8,17 +8,17 @@
 NAMESPACE_BEGIN(CryptoPP)
 void EMSA2Pad::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-	const byte *recoverableMessage, unsigned int recoverableMessageLength,
+	const byte *recoverableMessage, size_t recoverableMessageLength,
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
 	if (representativeBitLength % 8 != 7)
 		throw PK_SignatureScheme::InvalidKeyLength("EMSA2: EMSA2 requires a key length that is a multiple of 8");
-	unsigned int digestSize = hash.DigestSize();
+	size_t digestSize = hash.DigestSize();
-	unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+	size_t representativeByteLength = BitsToBytes(representativeBitLength);
 	representative[0] = messageEmpty ? 0x4b : 0x6b;
 	memset(representative+1, 0xbb, representativeByteLength-digestSize-4);	// pad with 0xbb
--- a/emsa2.h
+++ b/emsa2.h
@ -61,13 +61,13 @@ class CRYPTOPP_DLL EMSA2Pad : public EMSA2HashIdLookup<PK_DeterministicSignature
 public:
 	static const char * CRYPTOPP_API StaticAlgorithmName() {return "EMSA2";}
-	unsigned int MinRepresentativeBitLength(unsigned int hashIdentifierLength, unsigned int digestLength) const
+	size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const
 		{return 8*digestLength + 31;}
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 };
 //! EMSA2, for use with RWSS and RSA_ISO
--- a/esign.h
+++ b/esign.h
@ -89,13 +89,13 @@ public:
 	static const char *StaticAlgorithmName() {return "EMSA5";}
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const
+		byte *representative, size_t representativeBitLength) const
 	{
 		SecByteBlock digest(hash.DigestSize());
 		hash.Final(digest);
-		unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+		size_t representativeByteLength = BitsToBytes(representativeBitLength);
 		T mgf;
 		mgf.GenerateAndMask(hash, representative, representativeByteLength, digest, digest.size(), false);
 		if (representativeBitLength % 8 != 0)
--- a/files.cpp
+++ b/files.cpp
@ -6,6 +6,8 @@
 #include "files.h"
 #include <limits>
 NAMESPACE_BEGIN(CryptoPP)
 using namespace std;
@ -37,7 +39,7 @@ void FileStore::StoreInitialize(const NameValuePairs &parameters)
 	m_waiting = false;
 }
-unsigned long FileStore::MaxRetrievable() const
+lword FileStore::MaxRetrievable() const
 {
 	if (!m_stream)
 		return 0;
@ -48,7 +50,7 @@ unsigned long FileStore::MaxRetrievable() const
 	return end-current;
 }
-unsigned int FileStore::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t FileStore::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	if (!m_stream)
 	{
@ -56,7 +58,7 @@ unsigned int FileStore::TransferTo2(BufferedTransformation &target, unsigned lon
 		return 0;
 	}
-	unsigned long size=transferBytes;
+	lword size=transferBytes;
 	transferBytes = 0;
 	if (m_waiting)
@ -65,13 +67,13 @@ unsigned int FileStore::TransferTo2(BufferedTransformation &target, unsigned lon
 	while (size && m_stream->good())
 	{
 		{
-		unsigned int spaceSize = 1024;
+		size_t spaceSize = 1024;
-		m_space = HelpCreatePutSpace(target, channel, 1, (unsigned int)STDMIN(size, (unsigned long)UINT_MAX), spaceSize);
+		m_space = HelpCreatePutSpace(target, channel, 1, UnsignedMin(size_t(0)-1, size), spaceSize);
-		m_stream->read((char *)m_space, STDMIN(size, (unsigned long)spaceSize));
+		m_stream->read((char *)m_space, (unsigned int)STDMIN(size, (lword)spaceSize));
 		}
 		m_len = m_stream->gcount();
-		unsigned int blockedBytes;
+		size_t blockedBytes;
 output:
 		blockedBytes = target.ChannelPutModifiable2(channel, m_space, m_len, 0, blocking);
 		m_waiting = blockedBytes > 0;
@ -87,7 +89,7 @@ output:
 	return 0;
 }
-unsigned int FileStore::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t FileStore::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	if (!m_stream)
 		return 0;
@ -99,7 +101,7 @@ unsigned int FileStore::CopyRangeTo2(BufferedTransformation &target, unsigned lo
 			return 0;
 		else
 		{
-			unsigned int blockedBytes = target.ChannelPut(channel, byte(result), blocking);
+			size_t blockedBytes = target.ChannelPut(channel, byte(result), blocking);
 			begin += 1-blockedBytes;
 			return blockedBytes;
 		}
@ -116,12 +118,12 @@ unsigned int FileStore::CopyRangeTo2(BufferedTransformation &target, unsigned lo
 		return 0;	// don't try to seek beyond the end of file
 	}
 	m_stream->seekg(newPosition);
-	unsigned long total = 0;
+	lword total = 0;
 	try
 	{
 		assert(!m_waiting);
-		unsigned long copyMax = end-begin;
+		lword copyMax = end-begin;
-		unsigned int blockedBytes = const_cast<FileStore *>(this)->TransferTo2(target, copyMax, channel, blocking);
+		size_t blockedBytes = const_cast<FileStore *>(this)->TransferTo2(target, copyMax, channel, blocking);
 		begin += copyMax;
 		if (blockedBytes)
 		{
@ -141,11 +143,14 @@ unsigned int FileStore::CopyRangeTo2(BufferedTransformation &target, unsigned lo
 	return 0;
 }
-unsigned long FileStore::Skip(unsigned long skipMax)
+lword FileStore::Skip(lword skipMax)
 {
-	unsigned long oldPos = m_stream->tellg();
+	lword oldPos = m_stream->tellg();
-	m_stream->seekg(skipMax, ios::cur);
+	std::istream::off_type offset;
-	return (unsigned long)m_stream->tellg() - oldPos;
+	if (!SafeConvert(skipMax, offset))
 		throw InvalidArgument("FileStore: maximum seek offset exceeded");
 	m_stream->seekg(offset, ios::cur);
 	return (lword)m_stream->tellg() - oldPos;
 }
 void FileSink::IsolatedInitialize(const NameValuePairs &parameters)
@ -179,12 +184,20 @@ bool FileSink::IsolatedFlush(bool hardFlush, bool blocking)
 	return false;
 }
-unsigned int FileSink::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t FileSink::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	if (!m_stream)
 		throw Err("FileSink: output stream not opened");
-	m_stream->write((const char *)inString, length);
+	while (length > 0)
 	{
 		std::streamsize size;
 		if (!SafeConvert(length, size))
 			size = numeric_limits<std::streamsize>::max();
 		m_stream->write((const char *)inString, size);
 		inString += size;
 		length -= size;
 	}
 	if (messageEnd)
 		m_stream->flush();
--- a/files.h
+++ b/files.h
@ -30,10 +30,10 @@ public:
 	std::istream* GetStream() {return m_stream;}
-	unsigned long MaxRetrievable() const;
+	lword MaxRetrievable() const;
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
-	unsigned long Skip(unsigned long skipMax=ULONG_MAX);
+	lword Skip(lword skipMax=ULONG_MAX);
 private:
 	void StoreInitialize(const NameValuePairs &parameters);
@ -41,7 +41,7 @@ private:
 	member_ptr<std::ifstream> m_file;
 	std::istream *m_stream;
 	byte *m_space;
-	unsigned int m_len;
+	size_t m_len;
 	bool m_waiting;
 };
@ -84,7 +84,7 @@ public:
 	std::ostream* GetStream() {return m_stream;}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking);
 	bool IsolatedFlush(bool hardFlush, bool blocking);
 private:
--- a/filters.cpp
+++ b/filters.cpp
@ -48,12 +48,12 @@ void Filter::Insert(Filter *filter)
 	m_attachment.reset(filter);
 }
-unsigned int Filter::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t Filter::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	return AttachedTransformation()->CopyRangeTo2(target, begin, end, channel, blocking);
 }
-unsigned int Filter::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t Filter::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	return AttachedTransformation()->TransferTo2(target, transferBytes, channel, blocking);
 }
@ -99,20 +99,20 @@ void Filter::PropagateInitialize(const NameValuePairs &parameters, int propagati
 		AttachedTransformation()->Initialize(parameters, propagation-1);
 }
-unsigned int Filter::OutputModifiable(int outputSite, byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel)
+size_t Filter::OutputModifiable(int outputSite, byte *inString, size_t length, int messageEnd, bool blocking, const std::string &channel)
 {
 	if (messageEnd)
 		messageEnd--;
-	unsigned int result = AttachedTransformation()->PutModifiable2(inString, length, messageEnd, blocking);
+	size_t result = AttachedTransformation()->PutModifiable2(inString, length, messageEnd, blocking);
 	m_continueAt = result ? outputSite : 0;
 	return result;
 }
-unsigned int Filter::Output(int outputSite, const byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel)
+size_t Filter::Output(int outputSite, const byte *inString, size_t length, int messageEnd, bool blocking, const std::string &channel)
 {
 	if (messageEnd)
 		messageEnd--;
-	unsigned int result = AttachedTransformation()->Put2(inString, length, messageEnd, blocking);
+	size_t result = AttachedTransformation()->Put2(inString, length, messageEnd, blocking);
 	m_continueAt = result ? outputSite : 0;
 	return result;
 }
@ -141,7 +141,7 @@ bool Filter::OutputMessageSeriesEnd(int outputSite, int propagation, bool blocki
 // *************************************************************
-unsigned int MeterFilter::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t MeterFilter::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (m_transparent)
 	{
@ -162,7 +162,7 @@ unsigned int MeterFilter::Put2(const byte *begin, unsigned int length, int messa
 	return 0;
 }
-unsigned int MeterFilter::PutModifiable2(byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t MeterFilter::PutModifiable2(byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (m_transparent)
 	{
@ -193,7 +193,7 @@ bool MeterFilter::IsolatedMessageSeriesEnd(bool blocking)
 // *************************************************************
-void FilterWithBufferedInput::BlockQueue::ResetQueue(unsigned int blockSize, unsigned int maxBlocks)
+void FilterWithBufferedInput::BlockQueue::ResetQueue(size_t blockSize, size_t maxBlocks)
 {
 	m_buffer.New(blockSize * maxBlocks);
 	m_blockSize = blockSize;
@ -216,9 +216,9 @@ byte *FilterWithBufferedInput::BlockQueue::GetBlock()
 		return NULL;
 }
-byte *FilterWithBufferedInput::BlockQueue::GetContigousBlocks(unsigned int &numberOfBytes)
+byte *FilterWithBufferedInput::BlockQueue::GetContigousBlocks(size_t &numberOfBytes)
 {
-	numberOfBytes = STDMIN(numberOfBytes, STDMIN((unsigned int)(m_buffer.end()-m_begin), m_size));
+	numberOfBytes = STDMIN(numberOfBytes, STDMIN(size_t(m_buffer.end()-m_begin), m_size));
 	byte *ptr = m_begin;
 	m_begin += numberOfBytes;
 	m_size -= numberOfBytes;
@ -227,10 +227,10 @@ byte *FilterWithBufferedInput::BlockQueue::GetContigousBlocks(unsigned int &numb
 	return ptr;
 }
-unsigned int FilterWithBufferedInput::BlockQueue::GetAll(byte *outString)
+size_t FilterWithBufferedInput::BlockQueue::GetAll(byte *outString)
 {
-	unsigned int size = m_size;
+	size_t size = m_size;
-	unsigned int numberOfBytes = m_maxBlocks*m_blockSize;
+	size_t numberOfBytes = m_maxBlocks*m_blockSize;
 	const byte *ptr = GetContigousBlocks(numberOfBytes);
 	memcpy(outString, ptr, numberOfBytes);
 	memcpy(outString+numberOfBytes, m_begin, m_size);
@ -238,11 +238,11 @@ unsigned int FilterWithBufferedInput::BlockQueue::GetAll(byte *outString)
 	return size;
 }
-void FilterWithBufferedInput::BlockQueue::Put(const byte *inString, unsigned int length)
+void FilterWithBufferedInput::BlockQueue::Put(const byte *inString, size_t length)
 {
 	assert(m_size + length <= m_buffer.size());
-	byte *end = (m_size < (unsigned int)(m_buffer.end()-m_begin)) ? m_begin + m_size : m_begin + m_size - m_buffer.size();
+	byte *end = (m_size < size_t(m_buffer.end()-m_begin)) ? m_begin + m_size : m_begin + m_size - m_buffer.size();
-	unsigned int len = STDMIN(length, (unsigned int)(m_buffer.end()-end));
+	size_t len = STDMIN(length, size_t(m_buffer.end()-end));
 	memcpy(end, inString, len);
 	if (len < length)
 		memcpy(m_buffer, inString+len, length-len);
@ -254,7 +254,7 @@ FilterWithBufferedInput::FilterWithBufferedInput(BufferedTransformation *attachm
 {
 }
-FilterWithBufferedInput::FilterWithBufferedInput(unsigned int firstSize, unsigned int blockSize, unsigned int lastSize, BufferedTransformation *attachment)
+FilterWithBufferedInput::FilterWithBufferedInput(size_t firstSize, size_t blockSize, size_t lastSize, BufferedTransformation *attachment)
 	: Filter(attachment), m_firstSize(firstSize), m_blockSize(blockSize), m_lastSize(lastSize)
 	, m_firstInputDone(false)
 {
@ -285,18 +285,18 @@ bool FilterWithBufferedInput::IsolatedFlush(bool hardFlush, bool blocking)
 	return false;
 }
-unsigned int FilterWithBufferedInput::PutMaybeModifiable(byte *inString, unsigned int length, int messageEnd, bool blocking, bool modifiable)
+size_t FilterWithBufferedInput::PutMaybeModifiable(byte *inString, size_t length, int messageEnd, bool blocking, bool modifiable)
 {
 	if (!blocking)
 		throw BlockingInputOnly("FilterWithBufferedInput");
 	if (length != 0)
 	{
-		unsigned int newLength = m_queue.CurrentSize() + length;
+		size_t newLength = m_queue.CurrentSize() + length;
 		if (!m_firstInputDone && newLength >= m_firstSize)
 		{
-			unsigned int len = m_firstSize - m_queue.CurrentSize();
+			size_t len = m_firstSize - m_queue.CurrentSize();
 			m_queue.Put(inString, len);
 			FirstPut(m_queue.GetContigousBlocks(m_firstSize));
 			assert(m_queue.CurrentSize() == 0);
@ -313,7 +313,7 @@ unsigned int FilterWithBufferedInput::PutMaybeModifiable(byte *inString, unsigne
 			{
 				while (newLength > m_lastSize && m_queue.CurrentSize() > 0)
 				{
-					unsigned int len = newLength - m_lastSize;
+					size_t len = newLength - m_lastSize;
 					byte *ptr = m_queue.GetContigousBlocks(len);
 					NextPutModifiable(ptr, len);
 					newLength -= len;
@ -321,7 +321,7 @@ unsigned int FilterWithBufferedInput::PutMaybeModifiable(byte *inString, unsigne
 				if (newLength > m_lastSize)
 				{
-					unsigned int len = newLength - m_lastSize;
+					size_t len = newLength - m_lastSize;
 					NextPutMaybeModifiable(inString, len, modifiable);
 					inString += len;
 					newLength -= len;
@ -338,7 +338,7 @@ unsigned int FilterWithBufferedInput::PutMaybeModifiable(byte *inString, unsigne
 				if (newLength >= m_blockSize + m_lastSize && m_queue.CurrentSize() > 0)
 				{
 					assert(m_queue.CurrentSize() < m_blockSize);
-					unsigned int len = m_blockSize - m_queue.CurrentSize();
+					size_t len = m_blockSize - m_queue.CurrentSize();
 					m_queue.Put(inString, len);
 					inString += len;
 					NextPutModifiable(m_queue.GetBlock(), m_blockSize);
@ -347,7 +347,7 @@ unsigned int FilterWithBufferedInput::PutMaybeModifiable(byte *inString, unsigne
 				if (newLength >= m_blockSize + m_lastSize)
 				{
-					unsigned int len = RoundDownToMultipleOf(newLength - m_lastSize, m_blockSize);
+					size_t len = RoundDownToMultipleOf(newLength - m_lastSize, m_blockSize);
 					NextPutMaybeModifiable(inString, len, modifiable);
 					inString += len;
 					newLength -= len;
@ -387,13 +387,13 @@ void FilterWithBufferedInput::ForceNextPut()
 	}
 	else
 	{
-		unsigned int len;
+		size_t len;
 		while ((len = m_queue.CurrentSize()) > 0)
 			NextPutModifiable(m_queue.GetContigousBlocks(len), len);
 	}
 }
-void FilterWithBufferedInput::NextPutMultiple(const byte *inString, unsigned int length)
+void FilterWithBufferedInput::NextPutMultiple(const byte *inString, size_t length)
 {
 	assert(m_blockSize > 1);	// m_blockSize = 1 should always override this function
 	while (length > 0)
@ -418,7 +418,7 @@ void Redirector::Initialize(const NameValuePairs &parameters, int propagation)
 // *************************************************************
-ProxyFilter::ProxyFilter(BufferedTransformation *filter, unsigned int firstSize, unsigned int lastSize, BufferedTransformation *attachment)
+ProxyFilter::ProxyFilter(BufferedTransformation *filter, size_t firstSize, size_t lastSize, BufferedTransformation *attachment)
 	: FilterWithBufferedInput(firstSize, 1, lastSize, attachment), m_filter(filter)
 {
 	if (m_filter.get())
@ -442,13 +442,13 @@ void ProxyFilter::SetFilter(Filter *filter)
 	}
 }
-void ProxyFilter::NextPutMultiple(const byte *s, unsigned int len)
+void ProxyFilter::NextPutMultiple(const byte *s, size_t len)
 {
 	if (m_filter.get())
 		m_filter->Put(s, len);
 }
-void ProxyFilter::NextPutModifiable(byte *s, unsigned int len)
+void ProxyFilter::NextPutModifiable(byte *s, size_t len)
 {
 	if (m_filter.get())
 		m_filter->PutModifiable(s, len);
@ -456,16 +456,16 @@ void ProxyFilter::NextPutModifiable(byte *s, unsigned int len)
 // *************************************************************
-unsigned int ArraySink::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t ArraySink::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	memcpy(m_buf+m_total, begin, STDMIN(length, SaturatingSubtract(m_size, m_total)));
 	m_total += length;
 	return 0;
 }
-byte * ArraySink::CreatePutSpace(unsigned int &size)
+byte * ArraySink::CreatePutSpace(size_t &size)
 {
-	size = m_size - m_total;
+	size = SaturatingSubtract(m_size, m_total);
 	return m_buf + m_total;
 }
@ -479,7 +479,7 @@ void ArraySink::IsolatedInitialize(const NameValuePairs &parameters)
 	m_total = 0;
 }
-unsigned int ArrayXorSink::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t ArrayXorSink::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	xorbuf(m_buf+m_total, begin, STDMIN(length, SaturatingSubtract(m_size, m_total)));
 	m_total += length;
@ -488,7 +488,7 @@ unsigned int ArrayXorSink::Put2(const byte *begin, unsigned int length, int mess
 // *************************************************************
-unsigned int StreamTransformationFilter::LastBlockSize(StreamTransformation &c, BlockPaddingScheme padding)
+size_t StreamTransformationFilter::LastBlockSize(StreamTransformation &c, BlockPaddingScheme padding)
 {
 	if (c.MinLastBlockSize() > 0)
 		return c.MinLastBlockSize();
@ -523,19 +523,19 @@ StreamTransformationFilter::StreamTransformationFilter(StreamTransformation &c,
 void StreamTransformationFilter::FirstPut(const byte *inString)
 {
 	m_optimalBufferSize = m_cipher.OptimalBlockSize();
-	m_optimalBufferSize = STDMAX(m_optimalBufferSize, RoundDownToMultipleOf(4096U, m_optimalBufferSize));
+	m_optimalBufferSize = (unsigned int)STDMAX(m_optimalBufferSize, RoundDownToMultipleOf(4096U, m_optimalBufferSize));
 }
-void StreamTransformationFilter::NextPutMultiple(const byte *inString, unsigned int length)
+void StreamTransformationFilter::NextPutMultiple(const byte *inString, size_t length)
 {
 	if (!length)
 		return;
-	unsigned int s = m_cipher.MandatoryBlockSize();
+	size_t s = m_cipher.MandatoryBlockSize();
 	do
 	{
-		unsigned int len = m_optimalBufferSize;
+		size_t len = m_optimalBufferSize;
 		byte *space = HelpCreatePutSpace(*AttachedTransformation(), NULL_CHANNEL, s, length, len);
 		if (len < length)
 		{
@ -553,13 +553,13 @@ void StreamTransformationFilter::NextPutMultiple(const byte *inString, unsigned
 	while (length > 0);
 }
-void StreamTransformationFilter::NextPutModifiable(byte *inString, unsigned int length)
+void StreamTransformationFilter::NextPutModifiable(byte *inString, size_t length)
 {
 	m_cipher.ProcessString(inString, length);
 	AttachedTransformation()->PutModifiable(inString, length);
 }
-void StreamTransformationFilter::LastPut(const byte *inString, unsigned int length)
+void StreamTransformationFilter::LastPut(const byte *inString, size_t length)
 {
 	byte *space = NULL;
@ -569,13 +569,13 @@ void StreamTransformationFilter::LastPut(const byte *inString, unsigned int leng
 	case ZEROS_PADDING:
 		if (length > 0)
 		{
-			unsigned int minLastBlockSize = m_cipher.MinLastBlockSize();
+			size_t minLastBlockSize = m_cipher.MinLastBlockSize();
 			bool isForwardTransformation = m_cipher.IsForwardTransformation();
 			if (isForwardTransformation && m_padding == ZEROS_PADDING && (minLastBlockSize == 0 || length < minLastBlockSize))
 			{
 				// do padding
-				unsigned int blockSize = STDMAX(minLastBlockSize, m_cipher.MandatoryBlockSize());
+				size_t blockSize = STDMAX(minLastBlockSize, (size_t)m_cipher.MandatoryBlockSize());
 				space = HelpCreatePutSpace(*AttachedTransformation(), NULL_CHANNEL, blockSize);
 				memcpy(space, inString, length);
 				memset(space + length, 0, blockSize - length);
@ -612,7 +612,7 @@ void StreamTransformationFilter::LastPut(const byte *inString, unsigned int leng
 			if (m_padding == PKCS_PADDING)
 			{
 				assert(s < 256);
-				byte pad = s-length;
+				byte pad = byte(s-length);
 				memset(space+length, pad, s-length);
 			}
 			else
@ -660,7 +660,7 @@ void HashFilter::IsolatedInitialize(const NameValuePairs &parameters)
 	m_hashModule.Restart();
 }
-unsigned int HashFilter::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t HashFilter::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	FILTER_BEGIN;
 	m_hashModule.Update(inString, length);
@ -669,7 +669,7 @@ unsigned int HashFilter::Put2(const byte *inString, unsigned int length, int mes
 	if (messageEnd)
 	{
 		{
-			unsigned int size;
+			size_t size;
 			m_digestSize = m_hashModule.DigestSize();
 			if (m_truncatedDigestSize >= 0 && (unsigned int)m_truncatedDigestSize < m_digestSize)
 				m_digestSize = m_truncatedDigestSize;
@ -690,11 +690,11 @@ HashVerificationFilter::HashVerificationFilter(HashTransformation &hm, BufferedT
 	IsolatedInitialize(MakeParameters(Name::HashVerificationFilterFlags(), flags));
 }
-void HashVerificationFilter::InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, unsigned int &firstSize, unsigned int &blockSize, unsigned int &lastSize)
+void HashVerificationFilter::InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, size_t &firstSize, size_t &blockSize, size_t &lastSize)
 {
 	m_flags = parameters.GetValueWithDefault(Name::HashVerificationFilterFlags(), (word32)DEFAULT_FLAGS);
 	m_hashModule.Restart();
-	unsigned int size = m_hashModule.DigestSize();
+	size_t size = m_hashModule.DigestSize();
 	m_verified = false;
 	firstSize = m_flags & HASH_AT_BEGIN ? size : 0;
 	blockSize = 1;
@ -712,14 +712,14 @@ void HashVerificationFilter::FirstPut(const byte *inString)
 	}
 }
-void HashVerificationFilter::NextPutMultiple(const byte *inString, unsigned int length)
+void HashVerificationFilter::NextPutMultiple(const byte *inString, size_t length)
 {
 	m_hashModule.Update(inString, length);
 	if (m_flags & PUT_MESSAGE)
 		AttachedTransformation()->Put(inString, length);
 }
-void HashVerificationFilter::LastPut(const byte *inString, unsigned int length)
+void HashVerificationFilter::LastPut(const byte *inString, size_t length)
 {
 	if (m_flags & HASH_AT_BEGIN)
 	{
@ -748,7 +748,7 @@ void SignerFilter::IsolatedInitialize(const NameValuePairs &parameters)
 	m_messageAccumulator.reset(m_signer.NewSignatureAccumulator(m_rng));
 }
-unsigned int SignerFilter::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t SignerFilter::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	FILTER_BEGIN;
 	m_messageAccumulator->Update(inString, length);
@ -771,11 +771,11 @@ SignatureVerificationFilter::SignatureVerificationFilter(const PK_Verifier &veri
 	IsolatedInitialize(MakeParameters(Name::SignatureVerificationFilterFlags(), flags));
 }
-void SignatureVerificationFilter::InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, unsigned int &firstSize, unsigned int &blockSize, unsigned int &lastSize)
+void SignatureVerificationFilter::InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, size_t &firstSize, size_t &blockSize, size_t &lastSize)
 {
 	m_flags = parameters.GetValueWithDefault(Name::SignatureVerificationFilterFlags(), (word32)DEFAULT_FLAGS);
 	m_messageAccumulator.reset(m_verifier.NewVerificationAccumulator());
-	unsigned int size = m_verifier.SignatureLength();
+	size_t size = m_verifier.SignatureLength();
 	assert(size != 0);	// TODO: handle recoverable signature scheme
 	m_verified = false;
 	firstSize = m_flags & SIGNATURE_AT_BEGIN ? size : 0;
@ -804,14 +804,14 @@ void SignatureVerificationFilter::FirstPut(const byte *inString)
 	}
 }
-void SignatureVerificationFilter::NextPutMultiple(const byte *inString, unsigned int length)
+void SignatureVerificationFilter::NextPutMultiple(const byte *inString, size_t length)
 {
 	m_messageAccumulator->Update(inString, length);
 	if (m_flags & PUT_MESSAGE)
 		AttachedTransformation()->Put(inString, length);
 }
-void SignatureVerificationFilter::LastPut(const byte *inString, unsigned int length)
+void SignatureVerificationFilter::LastPut(const byte *inString, size_t length)
 {
 	if (m_flags & SIGNATURE_AT_BEGIN)
 	{
@ -836,13 +836,14 @@ void SignatureVerificationFilter::LastPut(const byte *inString, unsigned int len
 // *************************************************************
-unsigned int Source::PumpAll2(bool blocking)
+size_t Source::PumpAll2(bool blocking)
 {
-	// TODO: switch length type
+	unsigned int messageCount = UINT_MAX;
-	unsigned long i = UINT_MAX;
+	do {
-	RETURN_IF_NONZERO(Pump2(i, blocking));
+		RETURN_IF_NONZERO(PumpMessages2(messageCount, blocking));
-	unsigned int j = UINT_MAX;
+	} while(messageCount == UINT_MAX);
-	return PumpMessages2(j, blocking);
+
 	return 0;
 }
 bool Store::GetNextMessage()
@ -879,20 +880,20 @@ void StringStore::StoreInitialize(const NameValuePairs &parameters)
 	m_count = 0;
 }
-unsigned int StringStore::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t StringStore::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
-	unsigned long position = 0;
+	lword position = 0;
-	unsigned int blockedBytes = CopyRangeTo2(target, position, transferBytes, channel, blocking);
+	size_t blockedBytes = CopyRangeTo2(target, position, transferBytes, channel, blocking);
-	m_count += position;
+	m_count += (size_t)position;
 	transferBytes = position;
 	return blockedBytes;
 }
-unsigned int StringStore::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t StringStore::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
-	unsigned int i = (unsigned int)STDMIN((unsigned long)m_count+begin, (unsigned long)m_length);
+	size_t i = UnsignedMin(m_length, m_count+begin);
-	unsigned int len = (unsigned int)STDMIN((unsigned long)m_length-i, end-begin);
+	size_t len = UnsignedMin(m_length-i, end-begin);
-	unsigned int blockedBytes = target.ChannelPut2(channel, m_store+i, len, 0, blocking);
+	size_t blockedBytes = target.ChannelPut2(channel, m_store+i, len, 0, blocking);
 	if (!blockedBytes)
 		begin += len;
 	return blockedBytes;
@ -901,27 +902,29 @@ unsigned int StringStore::CopyRangeTo2(BufferedTransformation &target, unsigned
 void RandomNumberStore::StoreInitialize(const NameValuePairs &parameters)
 {
 	parameters.GetRequiredParameter("RandomNumberStore", "RandomNumberGeneratorPointer", m_rng);
-	parameters.GetRequiredIntParameter("RandomNumberStore", "RandomNumberStoreSize", m_length);
+	int length;
 	parameters.GetRequiredIntParameter("RandomNumberStore", "RandomNumberStoreSize", length);
 	m_length = length;
 }
-unsigned int RandomNumberStore::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t RandomNumberStore::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	if (!blocking)
 		throw NotImplemented("RandomNumberStore: nonblocking transfer is not implemented by this object");
-	unsigned long transferMax = transferBytes;
+	lword transferMax = transferBytes;
-	for (transferBytes = 0; transferBytes<transferMax && m_count < (unsigned long)m_length; ++transferBytes, ++m_count)
+	for (transferBytes = 0; transferBytes<transferMax && m_count < (unsigned int)m_length; ++transferBytes, ++m_count)
 		target.ChannelPut(channel, m_rng->GenerateByte());
 	return 0;
 }
-unsigned int NullStore::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t NullStore::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	static const byte nullBytes[128] = {0};
 	while (begin < end)
 	{
-		unsigned int len = STDMIN(end-begin, 128UL);
+		size_t len = (size_t)STDMIN(end-begin, lword(128));
-		unsigned int blockedBytes = target.ChannelPut2(channel, nullBytes, len, 0, blocking);
+		size_t blockedBytes = target.ChannelPut2(channel, nullBytes, len, 0, blocking);
 		if (blockedBytes)
 			return blockedBytes;
 		begin += len;
@ -929,10 +932,10 @@ unsigned int NullStore::CopyRangeTo2(BufferedTransformation &target, unsigned lo
 	return 0;
 }
-unsigned int NullStore::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t NullStore::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
-	unsigned long begin = 0;
+	lword begin = 0;
-	unsigned int blockedBytes = NullStore::CopyRangeTo2(target, begin, transferBytes, channel, blocking);
+	size_t blockedBytes = NullStore::CopyRangeTo2(target, begin, transferBytes, channel, blocking);
 	transferBytes = begin;
 	m_size -= begin;
 	return blockedBytes;
--- a/filters.h
+++ b/filters.h
@ -21,8 +21,8 @@ public:
 	const BufferedTransformation *AttachedTransformation() const;
 	void Detach(BufferedTransformation *newAttachment = NULL);
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 	void Initialize(const NameValuePairs &parameters=g_nullNameValuePairs, int propagation=-1);
 	bool Flush(bool hardFlush, int propagation=-1, bool blocking=true);
@ -37,8 +37,8 @@ protected:
 	void PropagateInitialize(const NameValuePairs &parameters, int propagation);
-	unsigned int Output(int outputSite, const byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
+	size_t Output(int outputSite, const byte *inString, size_t length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
-	unsigned int OutputModifiable(int outputSite, byte *inString, unsigned int length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
+	size_t OutputModifiable(int outputSite, byte *inString, size_t length, int messageEnd, bool blocking, const std::string &channel=NULL_CHANNEL);
 	bool OutputMessageEnd(int outputSite, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
 	bool OutputFlush(int outputSite, bool hardFlush, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
 	bool OutputMessageSeriesEnd(int outputSite, int propagation, bool blocking, const std::string &channel=NULL_CHANNEL);
@ -47,14 +47,14 @@ private:
 	member_ptr<BufferedTransformation> m_attachment;
 protected:
-	unsigned int m_inputPosition;
+	size_t m_inputPosition;
 	int m_continueAt;
 };
 struct CRYPTOPP_DLL FilterPutSpaceHelper
 {
 	// desiredSize is how much to ask target, bufferSize is how much to allocate in m_tempSpace
-	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize, unsigned int desiredSize, unsigned int &bufferSize)
+	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, size_t minSize, size_t desiredSize, size_t &bufferSize)
 	{
 		assert(desiredSize >= minSize && bufferSize >= minSize);
 		if (m_tempSpace.size() < minSize)
@ -71,9 +71,9 @@ struct CRYPTOPP_DLL FilterPutSpaceHelper
 		bufferSize = m_tempSpace.size();
 		return m_tempSpace.begin();
 	}
-	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize)
+	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, size_t minSize)
 		{return HelpCreatePutSpace(target, channel, minSize, minSize, minSize);}
-	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, unsigned int minSize, unsigned int bufferSize)
+	byte *HelpCreatePutSpace(BufferedTransformation &target, const std::string &channel, size_t minSize, size_t bufferSize)
 		{return HelpCreatePutSpace(target, channel, minSize, minSize, bufferSize);}
 	SecByteBlock m_tempSpace;
 };
@ -88,16 +88,16 @@ public:
 	void SetTransparent(bool transparent) {m_transparent = transparent;}
 	void ResetMeter() {m_currentMessageBytes = m_totalBytes = m_currentSeriesMessages = m_totalMessages = m_totalMessageSeries = 0;}
-	unsigned long GetCurrentMessageBytes() const {return m_currentMessageBytes;}
+	lword GetCurrentMessageBytes() const {return m_currentMessageBytes;}
-	unsigned long GetTotalBytes() {return m_totalBytes;}
+	lword GetTotalBytes() {return m_totalBytes;}
 	unsigned int GetCurrentSeriesMessages() {return m_currentSeriesMessages;}
 	unsigned int GetTotalMessages() {return m_totalMessages;}
 	unsigned int GetTotalMessageSeries() {return m_totalMessageSeries;}
-	byte * CreatePutSpace(unsigned int &size)
+	byte * CreatePutSpace(size_t &size)
 		{return AttachedTransformation()->CreatePutSpace(size);}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
-	unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking);
+	size_t PutModifiable2(byte *inString, size_t length, int messageEnd, bool blocking);
 	bool IsolatedMessageSeriesEnd(bool blocking);
 private:
@ -105,7 +105,7 @@ private:
 	bool ShouldPropagateMessageSeriesEnd() const {return m_transparent;}
 	bool m_transparent;
-	unsigned long m_currentMessageBytes, m_totalBytes;
+	lword m_currentMessageBytes, m_totalBytes;
 	unsigned int m_currentSeriesMessages, m_totalMessages, m_totalMessageSeries;
 };
@ -133,14 +133,14 @@ class CRYPTOPP_DLL FilterWithBufferedInput : public Filter
 public:
 	FilterWithBufferedInput(BufferedTransformation *attachment);
 	//! firstSize and lastSize may be 0, blockSize must be at least 1
-	FilterWithBufferedInput(unsigned int firstSize, unsigned int blockSize, unsigned int lastSize, BufferedTransformation *attachment);
+	FilterWithBufferedInput(size_t firstSize, size_t blockSize, size_t lastSize, BufferedTransformation *attachment);
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 	{
 		return PutMaybeModifiable(const_cast<byte *>(inString), length, messageEnd, blocking, false);
 	}
-	unsigned int PutModifiable2(byte *inString, unsigned int length, int messageEnd, bool blocking)
+	size_t PutModifiable2(byte *inString, size_t length, int messageEnd, bool blocking)
 	{
 		return PutMaybeModifiable(inString, length, messageEnd, blocking, true);
 	}
@ -155,7 +155,7 @@ public:
 protected:
 	bool DidFirstPut() {return m_firstInputDone;}
-	virtual void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, unsigned int &firstSize, unsigned int &blockSize, unsigned int &lastSize)
+	virtual void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, size_t &firstSize, size_t &blockSize, size_t &lastSize)
 		{InitializeDerived(parameters);}
 	virtual void InitializeDerived(const NameValuePairs &parameters) {}
 	// FirstPut() is called if (firstSize != 0 and totalLength >= firstSize)
@ -165,20 +165,20 @@ protected:
 	virtual void NextPutSingle(const byte *inString) {assert(false);}
 	// Same as NextPut() except length can be a multiple of blockSize
 	// Either NextPut() or NextPutMultiple() must be overriden
-	virtual void NextPutMultiple(const byte *inString, unsigned int length);
+	virtual void NextPutMultiple(const byte *inString, size_t length);
 	// Same as NextPutMultiple(), but inString can be modified
-	virtual void NextPutModifiable(byte *inString, unsigned int length)
+	virtual void NextPutModifiable(byte *inString, size_t length)
 		{NextPutMultiple(inString, length);}
 	// LastPut() is always called
 	// if totalLength < firstSize then length == totalLength
 	// else if totalLength <= firstSize+lastSize then length == totalLength-firstSize
 	// else lastSize <= length < lastSize+blockSize
-	virtual void LastPut(const byte *inString, unsigned int length) =0;
+	virtual void LastPut(const byte *inString, size_t length) =0;
 	virtual void FlushDerived() {}
 private:
-	unsigned int PutMaybeModifiable(byte *begin, unsigned int length, int messageEnd, bool blocking, bool modifiable);
+	size_t PutMaybeModifiable(byte *begin, size_t length, int messageEnd, bool blocking, bool modifiable);
-	void NextPutMaybeModifiable(byte *inString, unsigned int length, bool modifiable)
+	void NextPutMaybeModifiable(byte *inString, size_t length, bool modifiable)
 	{
 		if (modifiable) NextPutModifiable(inString, length);
 		else NextPutMultiple(inString, length);
@ -186,26 +186,26 @@ private:
 	// This function should no longer be used, put this here to cause a compiler error
 	// if someone tries to override NextPut().
-	virtual int NextPut(const byte *inString, unsigned int length) {assert(false); return 0;}
+	virtual int NextPut(const byte *inString, size_t length) {assert(false); return 0;}
 	class BlockQueue
 	{
 	public:
-		void ResetQueue(unsigned int blockSize, unsigned int maxBlocks);
+		void ResetQueue(size_t blockSize, size_t maxBlocks);
 		byte *GetBlock();
-		byte *GetContigousBlocks(unsigned int &numberOfBytes);
+		byte *GetContigousBlocks(size_t &numberOfBytes);
-		unsigned int GetAll(byte *outString);
+		size_t GetAll(byte *outString);
-		void Put(const byte *inString, unsigned int length);
+		void Put(const byte *inString, size_t length);
-		unsigned int CurrentSize() const {return m_size;}
+		size_t CurrentSize() const {return m_size;}
-		unsigned int MaxSize() const {return m_buffer.size();}
+		size_t MaxSize() const {return m_buffer.size();}
 	private:
 		SecByteBlock m_buffer;
-		unsigned int m_blockSize, m_maxBlocks, m_size;
+		size_t m_blockSize, m_maxBlocks, m_size;
 		byte *m_begin;
 	};
-	unsigned int m_firstSize, m_blockSize, m_lastSize;
+	size_t m_firstSize, m_blockSize, m_lastSize;
 	bool m_firstInputDone;
 	BlockQueue m_queue;
 };
@ -216,7 +216,7 @@ class CRYPTOPP_DLL FilterWithInputQueue : public Filter
 public:
 	FilterWithInputQueue(BufferedTransformation *attachment=NULL) : Filter(attachment) {}
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 	{
 		if (!blocking)
 			throw BlockingInputOnly("FilterWithInputQueue");
@ -247,13 +247,13 @@ public:
 	StreamTransformationFilter(StreamTransformation &c, BufferedTransformation *attachment = NULL, BlockPaddingScheme padding = DEFAULT_PADDING);
 	void FirstPut(const byte *inString);
-	void NextPutMultiple(const byte *inString, unsigned int length);
+	void NextPutMultiple(const byte *inString, size_t length);
-	void NextPutModifiable(byte *inString, unsigned int length);
+	void NextPutModifiable(byte *inString, size_t length);
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
-//	byte * CreatePutSpace(unsigned int &size);
+//	byte * CreatePutSpace(size_t &size);
 protected:
-	static unsigned int LastBlockSize(StreamTransformation &c, BlockPaddingScheme padding);
+	static size_t LastBlockSize(StreamTransformation &c, BlockPaddingScheme padding);
 	StreamTransformation &m_cipher;
 	BlockPaddingScheme m_padding;
@ -272,9 +272,9 @@ public:
 		: m_hashModule(hm), m_putMessage(putMessage), m_truncatedDigestSize(truncatedDigestSize) {Detach(attachment);}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
-	byte * CreatePutSpace(unsigned int &size) {return m_hashModule.CreateUpdateSpace(size);}
+	byte * CreatePutSpace(size_t &size) {return m_hashModule.CreateUpdateSpace(size);}
 private:
 	HashTransformation &m_hashModule;
@ -301,10 +301,10 @@ public:
 	bool GetLastResult() const {return m_verified;}
 protected:
-	void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, unsigned int &firstSize, unsigned int &blockSize, unsigned int &lastSize);
+	void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, size_t &firstSize, size_t &blockSize, size_t &lastSize);
 	void FirstPut(const byte *inString);
-	void NextPutMultiple(const byte *inString, unsigned int length);
+	void NextPutMultiple(const byte *inString, size_t length);
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 private:
 	static inline unsigned int FirstSize(word32 flags, HashTransformation &hm) {return flags & HASH_AT_BEGIN ? hm.DigestSize() : 0;}
@ -326,7 +326,7 @@ public:
 		: m_rng(rng), m_signer(signer), m_messageAccumulator(signer.NewSignatureAccumulator(rng)), m_putMessage(putMessage) {Detach(attachment);}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 private:
 	RandomNumberGenerator &m_rng;
@ -353,10 +353,10 @@ public:
 	bool GetLastResult() const {return m_verified;}
 protected:
-	void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, unsigned int &firstSize, unsigned int &blockSize, unsigned int &lastSize);
+	void InitializeDerivedAndReturnNewSizes(const NameValuePairs &parameters, size_t &firstSize, size_t &blockSize, size_t &lastSize);
 	void FirstPut(const byte *inString);
-	void NextPutMultiple(const byte *inString, unsigned int length);
+	void NextPutMultiple(const byte *inString, size_t length);
-	void LastPut(const byte *inString, unsigned int length);
+	void LastPut(const byte *inString, size_t length);
 private:
 	const PK_Verifier &m_verifier;
@ -398,20 +398,20 @@ public:
 		{return m_target ? m_target->CanModifyInput() : false;}
 	void Initialize(const NameValuePairs &parameters, int propagation);
-	byte * CreatePutSpace(unsigned int &size)
+	byte * CreatePutSpace(size_t &size)
 		{return m_target ? m_target->CreatePutSpace(size) : (byte *)(size=0, NULL);}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_target ? m_target->Put2(begin, length, GetPassSignals() ? messageEnd : 0, blocking) : 0;}
 	bool Flush(bool hardFlush, int propagation=-1, bool blocking=true)
 		{return m_target && GetPassSignals() ? m_target->Flush(hardFlush, propagation, blocking) : false;}
 	bool MessageSeriesEnd(int propagation=-1, bool blocking=true)
 		{return m_target && GetPassSignals() ? m_target->MessageSeriesEnd(propagation, blocking) : false;}
-	byte * ChannelCreatePutSpace(const std::string &channel, unsigned int &size)
+	byte * ChannelCreatePutSpace(const std::string &channel, size_t &size)
 		{return m_target ? m_target->ChannelCreatePutSpace(channel, size) : (byte *)(size=0, NULL);}
-	unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_target ? m_target->ChannelPut2(channel, begin, length, GetPassSignals() ? messageEnd : 0, blocking) : 0;}
-	unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_target ? m_target->ChannelPutModifiable2(channel, begin, length, GetPassSignals() ? messageEnd : 0, blocking) : 0;}
 	bool ChannelFlush(const std::string &channel, bool completeFlush, int propagation=-1, bool blocking=true)
 		{return m_target && GetPassSignals() ? m_target->ChannelFlush(channel, completeFlush, propagation, blocking) : false;}
@ -437,11 +437,11 @@ public:
 	bool GetPassSignal() const {return m_passSignal;}
 	void SetPassSignal(bool passSignal) {m_passSignal = passSignal;}
-	byte * CreatePutSpace(unsigned int &size)
+	byte * CreatePutSpace(size_t &size)
 		{return m_owner.AttachedTransformation()->CreatePutSpace(size);}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_owner.AttachedTransformation()->Put2(begin, length, m_passSignal ? messageEnd : 0, blocking);}
-	unsigned int PutModifiable2(byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t PutModifiable2(byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_owner.AttachedTransformation()->PutModifiable2(begin, length, m_passSignal ? messageEnd : 0, blocking);}
 	void Initialize(const NameValuePairs &parameters=g_nullNameValuePairs, int propagation=-1)
 		{if (m_passSignal) m_owner.AttachedTransformation()->Initialize(parameters, propagation);}
@ -450,9 +450,9 @@ public:
 	bool MessageSeriesEnd(int propagation=-1, bool blocking=true)
 		{return m_passSignal ? m_owner.AttachedTransformation()->MessageSeriesEnd(propagation, blocking) : false;}
-	unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_owner.AttachedTransformation()->ChannelPut2(channel, begin, length, m_passSignal ? messageEnd : 0, blocking);}
-	unsigned int ChannelPutModifiable2(const std::string &channel, byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t ChannelPutModifiable2(const std::string &channel, byte *begin, size_t length, int messageEnd, bool blocking)
 		{return m_owner.AttachedTransformation()->ChannelPutModifiable2(channel, begin, length, m_passSignal ? messageEnd : 0, blocking);}
 	bool ChannelFlush(const std::string &channel, bool completeFlush, int propagation=-1, bool blocking=true)
 		{return m_passSignal ? m_owner.AttachedTransformation()->ChannelFlush(channel, completeFlush, propagation, blocking) : false;}
@ -468,13 +468,13 @@ private:
 class CRYPTOPP_DLL ProxyFilter : public FilterWithBufferedInput
 {
 public:
-	ProxyFilter(BufferedTransformation *filter, unsigned int firstSize, unsigned int lastSize, BufferedTransformation *attachment);
+	ProxyFilter(BufferedTransformation *filter, size_t firstSize, size_t lastSize, BufferedTransformation *attachment);
 	bool IsolatedFlush(bool hardFlush, bool blocking);
 	void SetFilter(Filter *filter);
-	void NextPutMultiple(const byte *s, unsigned int len);
+	void NextPutMultiple(const byte *s, size_t len);
-	void NextPutModifiable(byte *inString, unsigned int length);
+	void NextPutModifiable(byte *inString, size_t length);
 protected:
 	member_ptr<BufferedTransformation> m_filter;
@ -488,7 +488,7 @@ public:
 		: ProxyFilter(filter, 0, 0, attachment) {}
 	void FirstPut(const byte *) {}
-	void LastPut(const byte *, unsigned int) {m_filter->MessageEnd();}
+	void LastPut(const byte *, size_t) {m_filter->MessageEnd();}
 };
 //! proxy for the filter created by PK_Encryptor::CreateEncryptionFilter
@ -523,7 +523,7 @@ public:
 	void IsolatedInitialize(const NameValuePairs &parameters)
 		{if (!parameters.GetValue("OutputStringPointer", m_output)) throw InvalidArgument("StringSink: OutputStringPointer not specified");}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 	{
 		if (length > 0)
 		{
@ -548,30 +548,30 @@ class CRYPTOPP_DLL ArraySink : public Bufferless<Sink>
 {
 public:
 	ArraySink(const NameValuePairs &parameters = g_nullNameValuePairs) {IsolatedInitialize(parameters);}
-	ArraySink(byte *buf, unsigned int size) : m_buf(buf), m_size(size), m_total(0) {}
+	ArraySink(byte *buf, size_t size) : m_buf(buf), m_size(size), m_total(0) {}
-	unsigned int AvailableSize() {return m_size - STDMIN(m_total, (unsigned long)m_size);}
+	size_t AvailableSize() {return SaturatingSubtract(m_size, m_total);}
-	unsigned long TotalPutLength() {return m_total;}
+	lword TotalPutLength() {return m_total;}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	byte * CreatePutSpace(unsigned int &size);
+	byte * CreatePutSpace(size_t &size);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 protected:
 	byte *m_buf;
-	unsigned int m_size;
+	size_t m_size;
-	unsigned long m_total;
+	lword m_total;
 };
 //! Xor input to a memory buffer
 class CRYPTOPP_DLL ArrayXorSink : public ArraySink
 {
 public:
-	ArrayXorSink(byte *buf, unsigned int size)
+	ArrayXorSink(byte *buf, size_t size)
 		: ArraySink(buf, size) {}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
-	byte * CreatePutSpace(unsigned int &size) {return BufferedTransformation::CreatePutSpace(size);}
+	byte * CreatePutSpace(size_t &size) {return BufferedTransformation::CreatePutSpace(size);}
 };
 //! string-based implementation of Store interface
@ -580,19 +580,19 @@ class StringStore : public Store
 public:
 	StringStore(const char *string = NULL)
 		{StoreInitialize(MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
-	StringStore(const byte *string, unsigned int length)
+	StringStore(const byte *string, size_t length)
 		{StoreInitialize(MakeParameters("InputBuffer", ConstByteArrayParameter(string, length)));}
 	template <class T> StringStore(const T &string)
 		{StoreInitialize(MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
-	CRYPTOPP_DLL unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	CRYPTOPP_DLL size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	CRYPTOPP_DLL unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	CRYPTOPP_DLL size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 private:
 	CRYPTOPP_DLL void StoreInitialize(const NameValuePairs &parameters);
 	const byte *m_store;
-	unsigned int m_length, m_count;
+	size_t m_length, m_count;
 };
 //! RNG-based implementation of Source interface
@ -602,14 +602,14 @@ public:
 	RandomNumberStore()
 		: m_rng(NULL), m_length(0), m_count(0) {}
-	RandomNumberStore(RandomNumberGenerator &rng, unsigned long length)
+	RandomNumberStore(RandomNumberGenerator &rng, lword length)
 		: m_rng(&rng), m_length(length), m_count(0) {}
 	bool AnyRetrievable() const {return MaxRetrievable() != 0;}
-	unsigned long MaxRetrievable() const {return m_length-m_count;}
+	lword MaxRetrievable() const {return m_length-m_count;}
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const
 	{
 		throw NotImplemented("RandomNumberStore: CopyRangeTo2() is not supported by this store");
 	}
@ -618,22 +618,21 @@ private:
 	void StoreInitialize(const NameValuePairs &parameters);
 	RandomNumberGenerator *m_rng;
-	int m_length;
+	lword m_length, m_count;
 	unsigned long m_count;
 };
 //! empty store
 class CRYPTOPP_DLL NullStore : public Store
 {
 public:
-	NullStore(unsigned long size = ULONG_MAX) : m_size(size) {}
+	NullStore(lword size = ULONG_MAX) : m_size(size) {}
 	void StoreInitialize(const NameValuePairs &parameters) {}
-	unsigned long MaxRetrievable() const {return m_size;}
+	lword MaxRetrievable() const {return m_size;}
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 private:
-	unsigned long m_size;
+	lword m_size;
 };
 //! A Filter that pumps data into its attachment as input
@ -643,15 +642,15 @@ public:
 	Source(BufferedTransformation *attachment = NULL)
 		{Source::Detach(attachment);}
-	unsigned long Pump(unsigned long pumpMax=ULONG_MAX)
+	lword Pump(lword pumpMax=size_t(0)-1)
 		{Pump2(pumpMax); return pumpMax;}
 	unsigned int PumpMessages(unsigned int count=UINT_MAX)
 		{PumpMessages2(count); return count;}
 	void PumpAll()
 		{PumpAll2();}
-	virtual unsigned int Pump2(unsigned long &byteCount, bool blocking=true) =0;
+	virtual size_t Pump2(lword &byteCount, bool blocking=true) =0;
-	virtual unsigned int PumpMessages2(unsigned int &messageCount, bool blocking=true) =0;
+	virtual size_t PumpMessages2(unsigned int &messageCount, bool blocking=true) =0;
-	virtual unsigned int PumpAll2(bool blocking=true);
+	virtual size_t PumpAll2(bool blocking=true);
 	virtual bool SourceExhausted() const =0;
 protected:
@ -672,11 +671,11 @@ public:
 		: Source(attachment) {}
 	void IsolatedInitialize(const NameValuePairs &parameters)
 		{m_store.IsolatedInitialize(parameters);}
-	unsigned int Pump2(unsigned long &byteCount, bool blocking=true)
+	size_t Pump2(lword &byteCount, bool blocking=true)
 		{return m_store.TransferTo2(*AttachedTransformation(), byteCount, NULL_CHANNEL, blocking);}
-	unsigned int PumpMessages2(unsigned int &messageCount, bool blocking=true)
+	size_t PumpMessages2(unsigned int &messageCount, bool blocking=true)
 		{return m_store.TransferMessagesTo2(*AttachedTransformation(), messageCount, NULL_CHANNEL, blocking);}
-	unsigned int PumpAll2(bool blocking=true)
+	size_t PumpAll2(bool blocking=true)
 		{return m_store.TransferAllTo2(*AttachedTransformation(), NULL_CHANNEL, blocking);}
 	bool SourceExhausted() const
 		{return !m_store.AnyRetrievable() && !m_store.AnyMessages();}
@ -697,7 +696,7 @@ public:
 		: SourceTemplate<StringStore>(attachment) {}
 	StringSource(const char *string, bool pumpAll, BufferedTransformation *attachment = NULL)
 		: SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
-	StringSource(const byte *string, unsigned int length, bool pumpAll, BufferedTransformation *attachment = NULL)
+	StringSource(const byte *string, size_t length, bool pumpAll, BufferedTransformation *attachment = NULL)
 		: SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string, length)));}
 	StringSource(const std::string &string, bool pumpAll, BufferedTransformation *attachment = NULL)
 		: SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
--- a/fipstest.cpp
+++ b/fipstest.cpp
@ -19,7 +19,7 @@ unsigned long g_macFileLocation = 0;
 const byte * CRYPTOPP_API GetActualMacAndLocation(unsigned int &macSize, unsigned int &fileLocation)
 {
-	macSize = g_actualMac.size();
+	macSize = (unsigned int)g_actualMac.size();
 	fileLocation = g_macFileLocation;
 	return g_actualMac;
 }
@ -261,7 +261,7 @@ bool IntegrityCheckModule(const char *moduleFilename, const byte *expectedModule
 	IMAGE_NT_HEADERS *phnt = (IMAGE_NT_HEADERS *)((byte *)h + ph->e_lfanew);
 	IMAGE_SECTION_HEADER *phs = IMAGE_FIRST_SECTION(phnt);
 	DWORD nSections = phnt->FileHeader.NumberOfSections;
-	DWORD currentFilePos = 0;
+	size_t currentFilePos = 0;
 	while (nSections--)
 	{
@ -274,13 +274,13 @@ bool IntegrityCheckModule(const char *moduleFilename, const byte *expectedModule
 			unsigned int sectionSize = STDMIN(phs->SizeOfRawData, phs->Misc.VirtualSize);
 			const byte *sectionMemStart = memBase + phs->VirtualAddress;
 			unsigned int sectionFileStart = phs->PointerToRawData;
-			unsigned int subSectionStart = 0, nextSubSectionStart;
+			size_t subSectionStart = 0, nextSubSectionStart;
 			do
 			{
 				const byte *subSectionMemStart = sectionMemStart + subSectionStart;
-				unsigned int subSectionFileStart = sectionFileStart + subSectionStart;
+				size_t subSectionFileStart = sectionFileStart + subSectionStart;
-				unsigned int subSectionSize = sectionSize - subSectionStart;
+				size_t subSectionSize = sectionSize - subSectionStart;
 				nextSubSectionStart = 0;
 				unsigned int entriesToReadFromDisk[] = {IMAGE_DIRECTORY_ENTRY_IMPORT, IMAGE_DIRECTORY_ENTRY_IAT};
@ -301,7 +301,7 @@ bool IntegrityCheckModule(const char *moduleFilename, const byte *expectedModule
 					// skip over the MAC
 					verifier.Put(subSectionMemStart, expectedModuleMac - subSectionMemStart);
 					verifier.Put(expectedModuleMac + macSize, subSectionSize - macSize - (expectedModuleMac - subSectionMemStart));
-					macFileLocation = subSectionFileStart + (expectedModuleMac - subSectionMemStart);
+					macFileLocation = (unsigned long)(subSectionFileStart + (expectedModuleMac - subSectionMemStart));
 				}
 				else
 					verifier.Put(subSectionMemStart, subSectionSize);
--- a/fltrimpl.h
+++ b/fltrimpl.h
@ -30,7 +30,7 @@
 	case site:	\
 	statement;	\
 	if (Output(site, output, length, messageEnd, blocking))	\
-		return STDMAX(1U, (unsigned int)length-m_inputPosition);\
+		return STDMAX(size_t(1), length-m_inputPosition);\
 	}
 #define FILTER_OUTPUT(site, output, length, messageEnd)	\
@ -44,7 +44,7 @@
 	case site:	\
 	statement;	\
 	if (OutputModifiable(site, output, length, messageEnd, blocking))	\
-		return STDMAX(1U, (unsigned int)length-m_inputPosition);\
+		return STDMAX(size_t(1), length-m_inputPosition);\
 	}
 #define FILTER_OUTPUT_MODIFIABLE(site, output, length, messageEnd)	\
--- a/gf2n.cpp
+++ b/gf2n.cpp
@ -19,7 +19,7 @@ PolynomialMod2::PolynomialMod2()
 {
 }
-PolynomialMod2::PolynomialMod2(word value, unsigned int bitLength)
+PolynomialMod2::PolynomialMod2(word value, size_t bitLength)
 	: reg(BitsToWords(bitLength))
 {
 	assert(value==0 || reg.size()>0);
@ -37,16 +37,16 @@ PolynomialMod2::PolynomialMod2(const PolynomialMod2& t)
 	CopyWords(reg, t.reg, reg.size());
 }
-void PolynomialMod2::Randomize(RandomNumberGenerator &rng, unsigned int nbits)
+void PolynomialMod2::Randomize(RandomNumberGenerator &rng, size_t nbits)
 {
-	const unsigned int nbytes = nbits/8 + 1;
+	const size_t nbytes = nbits/8 + 1;
 	SecByteBlock buf(nbytes);
 	rng.GenerateBlock(buf, nbytes);
 	buf[0] = (byte)Crop(buf[0], nbits % 8);
 	Decode(buf, nbytes);
 }
-PolynomialMod2 PolynomialMod2::AllOnes(unsigned int bitLength)
+PolynomialMod2 PolynomialMod2::AllOnes(size_t bitLength)
 {
 	PolynomialMod2 result((word)0, bitLength);
 	SetWords(result.reg, ~(word)0, result.reg.size());
@ -55,7 +55,7 @@ PolynomialMod2 PolynomialMod2::AllOnes(unsigned int bitLength)
 	return result;
 }
-void PolynomialMod2::SetBit(unsigned int n, int value)
+void PolynomialMod2::SetBit(size_t n, int value)
 {
 	if (value)
 	{
@ -69,7 +69,7 @@ void PolynomialMod2::SetBit(unsigned int n, int value)
 	}
 }
-byte PolynomialMod2::GetByte(unsigned int n) const
+byte PolynomialMod2::GetByte(size_t n) const
 {
 	if (n/WORD_SIZE >= reg.size())
 		return 0;
@ -77,21 +77,21 @@ byte PolynomialMod2::GetByte(unsigned int n) const
 		return byte(reg[n/WORD_SIZE] >> ((n%WORD_SIZE)*8));
 }
-void PolynomialMod2::SetByte(unsigned int n, byte value)
+void PolynomialMod2::SetByte(size_t n, byte value)
 {
 	reg.CleanGrow(BytesToWords(n+1));
 	reg[n/WORD_SIZE] &= ~(word(0xff) << 8*(n%WORD_SIZE));
 	reg[n/WORD_SIZE] |= (word(value) << 8*(n%WORD_SIZE));
 }
-PolynomialMod2 PolynomialMod2::Monomial(unsigned i) 
+PolynomialMod2 PolynomialMod2::Monomial(size_t i) 
 {
 	PolynomialMod2 r((word)0, i+1); 
 	r.SetBit(i); 
 	return r;
 }
-PolynomialMod2 PolynomialMod2::Trinomial(unsigned t0, unsigned t1, unsigned t2) 
+PolynomialMod2 PolynomialMod2::Trinomial(size_t t0, size_t t1, size_t t2) 
 {
 	PolynomialMod2 r((word)0, t0+1);
 	r.SetBit(t0);
@ -100,7 +100,7 @@ PolynomialMod2 PolynomialMod2::Trinomial(unsigned t0, unsigned t1, unsigned t2)
 	return r;
 }
-PolynomialMod2 PolynomialMod2::Pentanomial(unsigned t0, unsigned t1, unsigned t2, unsigned int t3, unsigned int t4)
+PolynomialMod2 PolynomialMod2::Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4)
 {
 	PolynomialMod2 r((word)0, t0+1);
 	r.SetBit(t0);
@ -130,23 +130,23 @@ const PolynomialMod2 &PolynomialMod2::One()
 	return Singleton<PolynomialMod2, NewPolynomialMod2<1> >().Ref();
 }
-void PolynomialMod2::Decode(const byte *input, unsigned int inputLen)
+void PolynomialMod2::Decode(const byte *input, size_t inputLen)
 {
 	StringStore store(input, inputLen);
 	Decode(store, inputLen);
 }
-unsigned int PolynomialMod2::Encode(byte *output, unsigned int outputLen) const
+void PolynomialMod2::Encode(byte *output, size_t outputLen) const
 {
 	ArraySink sink(output, outputLen);
-	return Encode(sink, outputLen);
+	Encode(sink, outputLen);
 }
-void PolynomialMod2::Decode(BufferedTransformation &bt, unsigned int inputLen)
+void PolynomialMod2::Decode(BufferedTransformation &bt, size_t inputLen)
 {
 	reg.CleanNew(BytesToWords(inputLen));
-	for (unsigned int i=inputLen; i > 0; i--)
+	for (size_t i=inputLen; i > 0; i--)
 	{
 		byte b;
 		bt.Get(b);
@ -154,21 +154,20 @@ void PolynomialMod2::Decode(BufferedTransformation &bt, unsigned int inputLen)
 	}
 }
-unsigned int PolynomialMod2::Encode(BufferedTransformation &bt, unsigned int outputLen) const
+void PolynomialMod2::Encode(BufferedTransformation &bt, size_t outputLen) const
 {
-	for (unsigned int i=outputLen; i > 0; i--)
+	for (size_t i=outputLen; i > 0; i--)
 		bt.Put(GetByte(i-1));
 	return outputLen;
 }
-void PolynomialMod2::DEREncodeAsOctetString(BufferedTransformation &bt, unsigned int length) const
+void PolynomialMod2::DEREncodeAsOctetString(BufferedTransformation &bt, size_t length) const
 {
 	DERGeneralEncoder enc(bt, OCTET_STRING);
 	Encode(enc, length);
 	enc.MessageEnd();
 }
-void PolynomialMod2::BERDecodeAsOctetString(BufferedTransformation &bt, unsigned int length)
+void PolynomialMod2::BERDecodeAsOctetString(BufferedTransformation &bt, size_t length)
 {
 	BERGeneralDecoder dec(bt, OCTET_STRING);
 	if (!dec.IsDefiniteLength() || dec.RemainingLength() != length)
@ -179,7 +178,7 @@ void PolynomialMod2::BERDecodeAsOctetString(BufferedTransformation &bt, unsigned
 unsigned int PolynomialMod2::WordCount() const
 {
-	return CountWords(reg, reg.size());
+	return (unsigned int)CountWords(reg, reg.size());
 }
 unsigned int PolynomialMod2::ByteCount() const
@ -331,7 +330,7 @@ PolynomialMod2& PolynomialMod2::operator<<=(unsigned int n)
 	if (n==1)	// special case code for most frequent case
 	{
-		i = reg.size();
+		i = (int)reg.size();
 		while (i--)
 		{
 			u = *r;
@ -354,7 +353,7 @@ PolynomialMod2& PolynomialMod2::operator<<=(unsigned int n)
 	if (shiftBits)
 	{
-		i = reg.size();
+		i = (int)reg.size();
 		while (i--)
 		{
 			u = *r;
@ -374,7 +373,7 @@ PolynomialMod2& PolynomialMod2::operator<<=(unsigned int n)
 	if (shiftWords)
 	{
-		for (i = reg.size()-1; i>=shiftWords; i--)
+		for (i = (int)reg.size()-1; i>=shiftWords; i--)
 			reg[i] = reg[i-shiftWords];
 		for (; i>=0; i--)
 			reg[i] = 0;
@ -391,7 +390,7 @@ PolynomialMod2& PolynomialMod2::operator>>=(unsigned int n)
 	int shiftWords = n / WORD_BITS;
 	int shiftBits = n % WORD_BITS;
-	unsigned i;
+	size_t i;
 	word u;
 	word carry=0;
 	word *r=reg+reg.size()-1;
@ -440,7 +439,7 @@ bool PolynomialMod2::operator!() const
 bool PolynomialMod2::Equals(const PolynomialMod2 &rhs) const
 {
-	unsigned i, smallerSize = STDMIN(reg.size(), rhs.reg.size());
+	size_t i, smallerSize = STDMIN(reg.size(), rhs.reg.size());
 	for (i=0; i<smallerSize; i++)
 		if (reg[i] != rhs.reg[i]) return false;
@ -599,7 +598,7 @@ const GF2NT::Element& GF2NT::MultiplicativeInverse(const Element &a) const
 	word *c = T+m_modulus.reg.size();
 	word *f = T+2*m_modulus.reg.size();
 	word *g = T+3*m_modulus.reg.size();
-	unsigned int bcLen=1, fgLen=m_modulus.reg.size();
+	size_t bcLen=1, fgLen=m_modulus.reg.size();
 	unsigned int k=0;
 	SetWords(T, 0, 3*m_modulus.reg.size());
@ -720,7 +719,7 @@ const GF2NT::Element& GF2NT::MultiplicativeInverse(const Element &a) const
 const GF2NT::Element& GF2NT::Multiply(const Element &a, const Element &b) const
 {
-	unsigned int aSize = STDMIN(a.reg.size(), result.reg.size());
+	size_t aSize = STDMIN(a.reg.size(), result.reg.size());
 	Element r((word)0, m);
 	for (int i=m-1; i>=0; i--)
@ -751,7 +750,7 @@ const GF2NT::Element& GF2NT::Reduced(const Element &a) const
 	SecWordBlock b(a.reg);
-	unsigned i;
+	size_t i;
 	for (i=b.size()-1; i>=BitsToWords(t0); i--)
 	{
 		word temp = b[i];
--- a/gf2n.h
+++ b/gf2n.h
@ -41,28 +41,28 @@ public:
 			and most significant bit as coefficient to x^(WORD_BITS-1)
 			bitLength denotes how much memory to allocate initially
 		*/
-		PolynomialMod2(word value, unsigned int bitLength=WORD_BITS);
+		PolynomialMod2(word value, size_t bitLength=WORD_BITS);
 		//! convert from big-endian byte array
-		PolynomialMod2(const byte *encodedPoly, unsigned int byteCount)
+		PolynomialMod2(const byte *encodedPoly, size_t byteCount)
 			{Decode(encodedPoly, byteCount);}
 		//! convert from big-endian form stored in a BufferedTransformation
-		PolynomialMod2(BufferedTransformation &encodedPoly, unsigned int byteCount)
+		PolynomialMod2(BufferedTransformation &encodedPoly, size_t byteCount)
 			{Decode(encodedPoly, byteCount);}
 		//! create a random polynomial uniformly distributed over all polynomials with degree less than bitcount
-		PolynomialMod2(RandomNumberGenerator &rng, unsigned int bitcount)
+		PolynomialMod2(RandomNumberGenerator &rng, size_t bitcount)
 			{Randomize(rng, bitcount);}
 		//! return x^i
-		static PolynomialMod2 Monomial(unsigned i);
+		static PolynomialMod2 Monomial(size_t i);
 		//! return x^t0 + x^t1 + x^t2
-		static PolynomialMod2 Trinomial(unsigned t0, unsigned t1, unsigned t2);
+		static PolynomialMod2 Trinomial(size_t t0, size_t t1, size_t t2);
 		//! return x^t0 + x^t1 + x^t2 + x^t3 + x^t4
-		static PolynomialMod2 Pentanomial(unsigned t0, unsigned t1, unsigned t2, unsigned int t3, unsigned int t4);
+		static PolynomialMod2 Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4);
 		//! return x^(n-1) + ... + x + 1
-		static PolynomialMod2 AllOnes(unsigned n);
+		static PolynomialMod2 AllOnes(size_t n);
 		//!
 		static const PolynomialMod2 &Zero();
@ -80,20 +80,20 @@ public:
 		/*! if outputLen < MinEncodedSize, the most significant bytes will be dropped
 			if outputLen > MinEncodedSize, the most significant bytes will be padded
 		*/
-		unsigned int Encode(byte *output, unsigned int outputLen) const;
+		void Encode(byte *output, size_t outputLen) const;
 		//!
-		unsigned int Encode(BufferedTransformation &bt, unsigned int outputLen) const;
+		void Encode(BufferedTransformation &bt, size_t outputLen) const;
 		//!
-		void Decode(const byte *input, unsigned int inputLen);
+		void Decode(const byte *input, size_t inputLen);
 		//! 
 		//* Precondition: bt.MaxRetrievable() >= inputLen
-		void Decode(BufferedTransformation &bt, unsigned int inputLen);
+		void Decode(BufferedTransformation &bt, size_t inputLen);
 		//! encode value as big-endian octet string
-		void DEREncodeAsOctetString(BufferedTransformation &bt, unsigned int length) const;
+		void DEREncodeAsOctetString(BufferedTransformation &bt, size_t length) const;
 		//! decode value as big-endian octet string
-		void BERDecodeAsOctetString(BufferedTransformation &bt, unsigned int length);
+		void BERDecodeAsOctetString(BufferedTransformation &bt, size_t length);
 	//@}
 	//! \name ACCESSORS
@ -106,16 +106,16 @@ public:
 		unsigned int WordCount() const;
 		//! return the n-th bit, n=0 being the least significant bit
-		bool GetBit(unsigned int n) const {return GetCoefficient(n)!=0;}
+		bool GetBit(size_t n) const {return GetCoefficient(n)!=0;}
 		//! return the n-th byte
-		byte GetByte(unsigned int n) const;
+		byte GetByte(size_t n) const;
 		//! the zero polynomial will return a degree of -1
 		signed int Degree() const {return BitCount()-1;}
 		//! degree + 1
 		unsigned int CoefficientCount() const {return BitCount();}
 		//! return coefficient for x^i
-		int GetCoefficient(unsigned int i) const
+		int GetCoefficient(size_t i) const
 			{return (i/WORD_BITS < reg.size()) ? int(reg[i/WORD_BITS] >> (i % WORD_BITS)) & 1 : 0;}
 		//! return coefficient for x^i
 		int operator[](unsigned int i) const {return GetCoefficient(i);}
@ -150,15 +150,15 @@ public:
 		PolynomialMod2&  operator>>=(unsigned int);
 		//!
-		void Randomize(RandomNumberGenerator &rng, unsigned int bitcount);
+		void Randomize(RandomNumberGenerator &rng, size_t bitcount);
 		//!
-		void SetBit(unsigned int i, int value = 1);
+		void SetBit(size_t i, int value = 1);
 		//! set the n-th byte to value
-		void SetByte(unsigned int n, byte value);
+		void SetByte(size_t n, byte value);
 		//!
-		void SetCoefficient(unsigned int i, int value) {SetBit(i, value);}
+		void SetCoefficient(size_t i, int value) {SetBit(i, value);}
 		//!
 		void swap(PolynomialMod2 &a) {reg.swap(a.reg);}
@ -300,7 +300,7 @@ public:
 		{return m;}
 	unsigned int MaxElementByteLength() const
-		{return BitsToBytes(MaxElementBitLength());}
+		{return (unsigned int)BitsToBytes(MaxElementBitLength());}
 	Element SquareRoot(const Element &a) const;
--- a/gfpcrypt.cpp
+++ b/gfpcrypt.cpp
@ -67,15 +67,15 @@ bool DL_GroupParameters_DSA::ValidateGroup(RandomNumberGenerator &rng, unsigned
 }
 void DL_SignatureMessageEncodingMethod_DSA::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-	const byte *recoverableMessage, unsigned int recoverableMessageLength,
+	const byte *recoverableMessage, size_t recoverableMessageLength,
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	assert(recoverableMessageLength == 0);
 	assert(hashIdentifier.second == 0);
-	const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+	const size_t representativeByteLength = BitsToBytes(representativeBitLength);
-	const unsigned int digestSize = hash.DigestSize();
+	const size_t digestSize = hash.DigestSize();
-	const unsigned int paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
+	const size_t paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
 	memset(representative, 0, paddingLength);
 	hash.TruncatedFinal(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
@ -89,15 +89,15 @@ void DL_SignatureMessageEncodingMethod_DSA::ComputeMessageRepresentative(RandomN
 }
 void DL_SignatureMessageEncodingMethod_NR::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-	const byte *recoverableMessage, unsigned int recoverableMessageLength,
+	const byte *recoverableMessage, size_t recoverableMessageLength,
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	assert(recoverableMessageLength == 0);
 	assert(hashIdentifier.second == 0);
-	const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+	const size_t representativeByteLength = BitsToBytes(representativeBitLength);
-	const unsigned int digestSize = hash.DigestSize();
+	const size_t digestSize = hash.DigestSize();
-	const unsigned int paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
+	const size_t paddingLength = SaturatingSubtract(representativeByteLength, digestSize);
 	memset(representative, 0, paddingLength);
 	hash.TruncatedFinal(representative+paddingLength, STDMIN(representativeByteLength, digestSize));
--- a/gfpcrypt.h
+++ b/gfpcrypt.h
@ -421,13 +421,13 @@ class DL_EncryptionAlgorithm_Xor : public DL_SymmetricEncryptionAlgorithm
 {
 public:
 	bool ParameterSupported(const char *name) const {return strcmp(name, Name::EncodingParameters()) == 0;}
-	unsigned int GetSymmetricKeyLength(unsigned int plaintextLength) const
+	size_t GetSymmetricKeyLength(size_t plaintextLength) const
 		{return plaintextLength + MAC::DEFAULT_KEYLENGTH;}
-	unsigned int GetSymmetricCiphertextLength(unsigned int plaintextLength) const
+	size_t GetSymmetricCiphertextLength(size_t plaintextLength) const
 		{return plaintextLength + MAC::DIGESTSIZE;}
-	unsigned int GetMaxSymmetricPlaintextLength(unsigned int ciphertextLength) const
+	size_t GetMaxSymmetricPlaintextLength(size_t ciphertextLength) const
-		{return SaturatingSubtract(ciphertextLength, (unsigned int)MAC::DIGESTSIZE);}
+		{return (unsigned int)SaturatingSubtract(ciphertextLength, (unsigned int)MAC::DIGESTSIZE);}
-	void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plaintext, unsigned int plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const
+	void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const
 	{
 		const byte *cipherKey, *macKey;
 		if (DHAES_MODE)
@ -456,9 +456,9 @@ public:
 		}
 		mac.Final(ciphertext + plaintextLength);
 	}
-	DecodingResult SymmetricDecrypt(const byte *key, const byte *ciphertext, unsigned int ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const
+	DecodingResult SymmetricDecrypt(const byte *key, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const
 	{
-		unsigned int plaintextLength = GetMaxSymmetricPlaintextLength(ciphertextLength);
+		size_t plaintextLength = GetMaxSymmetricPlaintextLength(ciphertextLength);
 		const byte *cipherKey, *macKey;
 		if (DHAES_MODE)
 		{
@ -497,7 +497,7 @@ class DL_KeyDerivationAlgorithm_P1363 : public DL_KeyDerivationAlgorithm<T>
 {
 public:
 	bool ParameterSupported(const char *name) const {return strcmp(name, Name::KeyDerivationParameters()) == 0;}
-	void Derive(const DL_GroupParameters<T> &params, byte *derivedKey, unsigned int derivedLength, const T &agreedElement, const T &ephemeralPublicKey, const NameValuePairs &parameters) const
+	void Derive(const DL_GroupParameters<T> &params, byte *derivedKey, size_t derivedLength, const T &agreedElement, const T &ephemeralPublicKey, const NameValuePairs &parameters) const
 	{
 		SecByteBlock agreedSecret;
 		if (DHAES_MODE)
--- a/gzip.cpp
+++ b/gzip.cpp
@ -20,10 +20,10 @@ void Gzip::WritePrestreamHeader()
 	AttachedTransformation()->Put(GZIP_OS_CODE);
 }
-void Gzip::ProcessUncompressedData(const byte *inString, unsigned int length)
+void Gzip::ProcessUncompressedData(const byte *inString, size_t length)
 {
 	m_crc.Update(inString, length);
-	m_totalLen += length;
+	m_totalLen += (word32)length;
 }
 void Gzip::WritePoststreamTail()
@ -74,11 +74,11 @@ void Gunzip::ProcessPrestreamHeader()
 		while (b);
 }
-void Gunzip::ProcessDecompressedData(const byte *inString, unsigned int length)
+void Gunzip::ProcessDecompressedData(const byte *inString, size_t length)
 {
 	AttachedTransformation()->Put(inString, length);
 	m_crc.Update(inString, length);
-	m_length += length;
+	m_length += (word32)length;
 }
 void Gunzip::ProcessPoststreamTail()
--- a/gzip.h
+++ b/gzip.h
@ -21,10 +21,10 @@ protected:
 		  DEFLATED=8, FAST=4, SLOW=2};
 	void WritePrestreamHeader();
-	void ProcessUncompressedData(const byte *string, unsigned int length);
+	void ProcessUncompressedData(const byte *string, size_t length);
 	void WritePoststreamTail();
-	unsigned long m_totalLen;
+	word32 m_totalLen;
 	CRC32 m_crc;
 };
@ -52,11 +52,11 @@ protected:
 	unsigned int MaxPrestreamHeaderSize() const {return 1024;}
 	void ProcessPrestreamHeader();
-	void ProcessDecompressedData(const byte *string, unsigned int length);
+	void ProcessDecompressedData(const byte *string, size_t length);
 	unsigned int MaxPoststreamTailSize() const {return 8;}
 	void ProcessPoststreamTail();
-	unsigned long m_length;
+	word32 m_length;
 	CRC32 m_crc;
 };
--- a/haval.cpp
+++ b/haval.cpp
@ -42,7 +42,7 @@ void HAVAL::HashEndianCorrectedBlock(const word32 *in)
 		HAVAL5::Transform(m_digest, in);
 }
-void HAVAL::TruncatedFinal(byte *hash, unsigned int size)
+void HAVAL::TruncatedFinal(byte *hash, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/haval.h
+++ b/haval.h
@ -16,7 +16,7 @@ public:
 	/// digestSize can be 16, 20, 24, 28, or 32 (Default=32)<br>
 	/// pass can be 3, 4 or 5 (Default=3)
 	HAVAL(unsigned int digestSize=DIGESTSIZE, unsigned int passes=3);
-	void TruncatedFinal(byte *hash, unsigned int size);
+	void TruncatedFinal(byte *hash, size_t size);
 	unsigned int DigestSize() const {return digestSize;}
 	static const char * StaticAlgorithmName() {return "HAVAL";}
--- a/hmac.cpp
+++ b/hmac.cpp
@ -55,14 +55,14 @@ void HMAC_Base::Restart()
 	}
 }
-void HMAC_Base::Update(const byte *input, unsigned int length)
+void HMAC_Base::Update(const byte *input, size_t length)
 {
 	if (!m_innerHashKeyed)
 		KeyInnerHash();
 	AccessHash().Update(input, length);
 }
-void HMAC_Base::TruncatedFinal(byte *mac, unsigned int size)
+void HMAC_Base::TruncatedFinal(byte *mac, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/hmac.h
+++ b/hmac.h
@ -16,8 +16,8 @@ public:
 	void UncheckedSetKey(const byte *userKey, unsigned int keylength);
 	void Restart();
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *mac, unsigned int size);
+	void TruncatedFinal(byte *mac, size_t size);
 	unsigned int OptimalBlockSize() const {return const_cast<HMAC_Base*>(this)->AccessHash().OptimalBlockSize();}
 	unsigned int DigestSize() const {return const_cast<HMAC_Base*>(this)->AccessHash().DigestSize();}
@ -44,7 +44,7 @@ public:
 	enum {DIGESTSIZE=T::DIGESTSIZE, BLOCKSIZE=T::BLOCKSIZE};
 	HMAC() {}
-	HMAC(const byte *key, unsigned int length=HMAC_Base::DEFAULT_KEYLENGTH)
+	HMAC(const byte *key, size_t length=HMAC_Base::DEFAULT_KEYLENGTH)
 		{this->SetKey(key, length);}
 	static std::string StaticAlgorithmName() {return std::string("HMAC(") + T::StaticAlgorithmName() + ")";}
--- a/ida.cpp
+++ b/ida.cpp
@ -65,7 +65,7 @@ skipFind:
 		if (m_inputChannelIds.size() == m_threshold)
 			return m_threshold;
-		m_lastMapPosition = m_inputChannelMap.insert(pair<const unsigned long, unsigned int>(channelId, m_inputChannelIds.size())).first;
+		m_lastMapPosition = m_inputChannelMap.insert(InputChannelMap::value_type(channelId, (unsigned int)m_inputChannelIds.size())).first;
 		m_inputQueues.push_back(MessageQueue());
 		m_inputChannelIds.push_back(channelId);
@ -84,12 +84,12 @@ unsigned int RawIDA::LookupInputChannel(word32 channelId) const
 		return it->second;
 }
-void RawIDA::ChannelData(word32 channelId, const byte *inString, unsigned int length, bool messageEnd)
+void RawIDA::ChannelData(word32 channelId, const byte *inString, size_t length, bool messageEnd)
 {
 	int i = InsertInputChannel(channelId);
 	if (i < m_threshold)
 	{
-		unsigned long size = m_inputQueues[i].MaxRetrievable();
+		lword size = m_inputQueues[i].MaxRetrievable();
 		m_inputQueues[i].Put(inString, length);
 		if (size < 4 && size + length >= 4)
 		{
@ -116,7 +116,7 @@ void RawIDA::ChannelData(word32 channelId, const byte *inString, unsigned int le
 	}
 }
-unsigned int RawIDA::InputBuffered(word32 channelId) const
+lword RawIDA::InputBuffered(word32 channelId) const
 {
 	int i = LookupInputChannel(channelId);
 	return i < m_threshold ? m_inputQueues[i].MaxRetrievable() : 0;
@ -144,7 +144,7 @@ void RawIDA::AddOutputChannel(word32 channelId)
 	m_outputChannelIdStrings.push_back(WordToString(channelId));
 	m_outputQueues.push_back(ByteQueue());
 	if (m_inputChannelIds.size() == m_threshold)
-		ComputeV(m_outputChannelIds.size() - 1);
+		ComputeV((unsigned int)m_outputChannelIds.size() - 1);
 }
 void RawIDA::PrepareInterpolation()
@ -239,16 +239,16 @@ void SecretSharing::IsolatedInitialize(const NameValuePairs &parameters)
 	m_ida.IsolatedInitialize(parameters);
 }
-unsigned int SecretSharing::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t SecretSharing::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (!blocking)
 		throw BlockingInputOnly("SecretSharing");
-	SecByteBlock buf(STDMIN(length, 256U));
+	SecByteBlock buf(UnsignedMin(256, length));
 	unsigned int threshold = m_ida.GetThreshold();
 	while (length > 0)
 	{
-		unsigned int len = STDMIN(length, (unsigned int)buf.size());
+		size_t len = STDMIN(length, buf.size());
 		m_ida.ChannelData(0xffffffff, begin, len, false);
 		for (unsigned int i=0; i<threshold-1; i++)
 		{
@ -311,7 +311,7 @@ void InformationDispersal::IsolatedInitialize(const NameValuePairs &parameters)
 	m_ida.IsolatedInitialize(parameters);
 }
-unsigned int InformationDispersal::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t InformationDispersal::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (!blocking)
 		throw BlockingInputOnly("InformationDispersal");
@ -369,7 +369,7 @@ void InformationRecovery::OutputMessageEnds()
 		AttachedTransformation()->MessageEnd(GetAutoSignalPropagation()-1);
 }
-unsigned int PaddingRemover::Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+size_t PaddingRemover::Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 {
 	if (!blocking)
 		throw BlockingInputOnly("PaddingRemover");
@ -378,7 +378,7 @@ unsigned int PaddingRemover::Put2(const byte *begin, unsigned int length, int me
 	if (m_possiblePadding)
 	{
-		unsigned int len = find_if(begin, end, bind2nd(not_equal_to<byte>(), 0)) - begin;
+		size_t len = find_if(begin, end, bind2nd(not_equal_to<byte>(), 0)) - begin;
 		m_zeroCount += len;
 		begin += len;
 		if (begin == end)
--- a/ida.h
+++ b/ida.h
@ -18,11 +18,11 @@ public:
 	unsigned int GetThreshold() const {return m_threshold;}
 	void AddOutputChannel(word32 channelId);
-	void ChannelData(word32 channelId, const byte *inString, unsigned int length, bool messageEnd);
+	void ChannelData(word32 channelId, const byte *inString, size_t length, bool messageEnd);
-	unsigned int InputBuffered(word32 channelId) const;
+	lword InputBuffered(word32 channelId) const;
 	void IsolatedInitialize(const NameValuePairs &parameters=g_nullNameValuePairs);
-	unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking)
 	{
 		if (!blocking)
 			throw BlockingInputOnly("RawIDA");
@ -40,8 +40,9 @@ protected:
 	void PrepareInterpolation();
 	void ProcessInputQueues();
-	std::map<word32, unsigned int> m_inputChannelMap;
+	typedef std::map<word32, unsigned int> InputChannelMap;
-	std::map<word32, unsigned int>::iterator m_lastMapPosition;
+	InputChannelMap m_inputChannelMap;
 	InputChannelMap::iterator m_lastMapPosition;
 	std::vector<MessageQueue> m_inputQueues;
 	std::vector<word32> m_inputChannelIds, m_outputChannelIds, m_outputToInput;
 	std::vector<std::string> m_outputChannelIdStrings;
@ -64,7 +65,7 @@ public:
 	}
 	void IsolatedInitialize(const NameValuePairs &parameters=g_nullNameValuePairs);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 	bool Flush(bool hardFlush, int propagation=-1, bool blocking=true) {return m_ida.Flush(hardFlush, propagation, blocking);}
 protected:
@ -102,7 +103,7 @@ public:
 	}
 	void IsolatedInitialize(const NameValuePairs &parameters=g_nullNameValuePairs);
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 	bool Flush(bool hardFlush, int propagation=-1, bool blocking=true) {return m_ida.Flush(hardFlush, propagation, blocking);}
 protected:
@ -136,14 +137,14 @@ public:
 		: m_possiblePadding(false) {Detach(attachment);}
 	void IsolatedInitialize(const NameValuePairs &parameters) {m_possiblePadding = false;}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 	// GetPossiblePadding() == false at the end of a message indicates incorrect padding
 	bool GetPossiblePadding() const {return m_possiblePadding;}
 private:
 	bool m_possiblePadding;
-	unsigned long m_zeroCount;
+	lword m_zeroCount;
 };
 NAMESPACE_END
--- a/integer.cpp
+++ b/integer.cpp
@ -17,6 +17,10 @@
 #include <iostream>
 #ifdef _M_X64
 #include <Intrin.h>
 #endif
 #ifdef SSE2_INTRINSICS_AVAILABLE
 	#ifdef __GNUC__
 		#include <xmmintrin.h>
@ -106,7 +110,7 @@ void AlignedAllocator<T>::deallocate(void *p, size_type n)
 }
 #endif
-static int Compare(const word *A, const word *B, unsigned int N)
+static int Compare(const word *A, const word *B, size_t N)
 {
 	while (N--)
 		if (A[N] > B[N])
@ -117,7 +121,7 @@ static int Compare(const word *A, const word *B, unsigned int N)
 	return 0;
 }
-static word Increment(word *A, unsigned int N, word B=1)
+static word Increment(word *A, size_t N, word B=1)
 {
 	assert(N);
 	word t = A[0];
@ -130,7 +134,7 @@ static word Increment(word *A, unsigned int N, word B=1)
 	return 1;
 }
-static word Decrement(word *A, unsigned int N, word B=1)
+static word Decrement(word *A, size_t N, word B=1)
 {
 	assert(N);
 	word t = A[0];
@ -143,7 +147,7 @@ static word Decrement(word *A, unsigned int N, word B=1)
 	return 1;
 }
-static void TwosComplement(word *A, unsigned int N)
+static void TwosComplement(word *A, size_t N)
 {
 	Decrement(A, N);
 	for (unsigned i=0; i<N; i++)
@ -204,6 +208,8 @@ public:
 			__asm__("mulq %3" : "=d" (r.m_halfs.high), "=a" (r.m_halfs.low) : "a" (a), "rm" (b) : "cc");
 		#elif defined(__mips64)
 			__asm__("dmultu %2,%3" : "=h" (r.m_halfs.high), "=l" (r.m_halfs.low) : "r" (a), "r" (b));
 		#elif defined(_M_X64)
 			r.m_halfs.low = _umul128(a, b, &r.m_halfs.high);
 		#elif defined(_M_IX86)
 			// for testing
 			word64 t = (word64)a * b;
@ -454,8 +460,8 @@ inline word DWord::operator%(word a)
 class Portable
 {
 public:
-	static word Add(word *C, const word *A, const word *B, unsigned int N);
+	static word Add(word *C, const word *A, const word *B, size_t N);
-	static word Subtract(word *C, const word *A, const word *B, unsigned int N);
+	static word Subtract(word *C, const word *A, const word *B, size_t N);
 	static inline void Multiply2(word *C, const word *A, const word *B);
 	static inline word Multiply2Add(word *C, const word *A, const word *B);
@ -474,7 +480,7 @@ public:
 	static inline unsigned int SquareRecursionLimit() {return 4;}
 };
-word Portable::Add(word *C, const word *A, const word *B, unsigned int N)
+word Portable::Add(word *C, const word *A, const word *B, size_t N)
 {
 	assert (N%2 == 0);
@ -489,7 +495,7 @@ word Portable::Add(word *C, const word *A, const word *B, unsigned int N)
 	return u.GetHighHalf();
 }
-word Portable::Subtract(word *C, const word *A, const word *B, unsigned int N)
+word Portable::Subtract(word *C, const word *A, const word *B, size_t N)
 {
 	assert (N%2 == 0);
@ -983,8 +989,8 @@ static bool IsP4()
 class PentiumOptimized : public Portable
 {
 public:
-	static word Add(word *C, const word *A, const word *B, unsigned int N);
+	static word Add(word *C, const word *A, const word *B, size_t N);
-	static word Subtract(word *C, const word *A, const word *B, unsigned int N);
+	static word Subtract(word *C, const word *A, const word *B, size_t N);
 	static void Multiply4(word *C, const word *A, const word *B);
 	static void Multiply8(word *C, const word *A, const word *B);
 	static void Multiply8Bottom(word *C, const word *A, const word *B);
@ -993,8 +999,8 @@ public:
 class P4Optimized
 {
 public:
-	static word Add(word *C, const word *A, const word *B, unsigned int N);
+	static word Add(word *C, const word *A, const word *B, size_t N);
-	static word Subtract(word *C, const word *A, const word *B, unsigned int N);
+	static word Subtract(word *C, const word *A, const word *B, size_t N);
 #ifdef SSE2_INTRINSICS_AVAILABLE
 	static void Multiply4(word *C, const word *A, const word *B);
 	static void Multiply8(word *C, const word *A, const word *B);
@ -1002,7 +1008,7 @@ public:
 #endif
 };
-typedef word (* PAddSub)(word *C, const word *A, const word *B, unsigned int N);
+typedef word (* PAddSub)(word *C, const word *A, const word *B, size_t N);
 typedef void (* PMul)(word *C, const word *A, const word *B);
 static PAddSub s_pAdd, s_pSub;
@ -1050,9 +1056,9 @@ void DisableSSE2()
 class LowLevel : public PentiumOptimized
 {
 public:
-	inline static word Add(word *C, const word *A, const word *B, unsigned int N)
+	inline static word Add(word *C, const word *A, const word *B, size_t N)
 		{return s_pAdd(C, A, B, N);}
-	inline static word Subtract(word *C, const word *A, const word *B, unsigned int N)
+	inline static word Subtract(word *C, const word *A, const word *B, size_t N)
 		{return s_pSub(C, A, B, N);}
 	inline static void Square4(word *R, const word *A)
 		{Multiply4(R, A, A);}
@ -1138,7 +1144,7 @@ public:
 		);
 #endif
-CRYPTOPP_NAKED word PentiumOptimized::Add(word *C, const word *A, const word *B, unsigned int N)
+CRYPTOPP_NAKED word PentiumOptimized::Add(word *C, const word *A, const word *B, size_t N)
 {
 	AddPrologue
@ -1176,7 +1182,7 @@ CRYPTOPP_NAKED word PentiumOptimized::Add(word *C, const word *A, const word *B,
 	AddEpilogue
 }
-CRYPTOPP_NAKED word PentiumOptimized::Subtract(word *C, const word *A, const word *B, unsigned int N)
+CRYPTOPP_NAKED word PentiumOptimized::Subtract(word *C, const word *A, const word *B, size_t N)
 {
 	AddPrologue
@ -1216,7 +1222,7 @@ CRYPTOPP_NAKED word PentiumOptimized::Subtract(word *C, const word *A, const wor
 // On Pentium 4, the adc and sbb instructions are very expensive, so avoid them.
-CRYPTOPP_NAKED word P4Optimized::Add(word *C, const word *A, const word *B, unsigned int N)
+CRYPTOPP_NAKED word P4Optimized::Add(word *C, const word *A, const word *B, size_t N)
 {
 	AddPrologue
@ -1263,7 +1269,7 @@ CRYPTOPP_NAKED word P4Optimized::Add(word *C, const word *A, const word *B, unsi
 	AddEpilogue
 }
-CRYPTOPP_NAKED word P4Optimized::Subtract(word *C, const word *A, const word *B, unsigned int N)
+CRYPTOPP_NAKED word P4Optimized::Subtract(word *C, const word *A, const word *B, size_t N)
 {
 	AddPrologue
@ -1996,7 +2002,7 @@ void P4Optimized::Multiply8Bottom(word *C, const word *A, const word *B)
 // A[N] --- multiplier
 // B[N] --- multiplicant
-void RecursiveMultiply(word *R, word *T, const word *A, const word *B, unsigned int N)
+void RecursiveMultiply(word *R, word *T, const word *A, const word *B, size_t N)
 {
 	assert(N>=2 && N%2==0);
@ -2008,7 +2014,7 @@ void RecursiveMultiply(word *R, word *T, const word *A, const word *B, unsigned
 		LowLevel::Multiply2(R, A, B);
 	else
 	{
-		const unsigned int N2 = N/2;
+		const size_t N2 = N/2;
 		int carry;
 		int aComp = Compare(A0, A1, N2);
@ -2065,7 +2071,7 @@ void RecursiveMultiply(word *R, word *T, const word *A, const word *B, unsigned
 // T[2*N] - temporary work space
 // A[N] --- number to be squared
-void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)
+void RecursiveSquare(word *R, word *T, const word *A, size_t N)
 {
 	assert(N && N%2==0);
 	if (LowLevel::SquareRecursionLimit() >= 8 && N==8)
@ -2076,7 +2082,7 @@ void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)
 		LowLevel::Square2(R, A);
 	else
 	{
-		const unsigned int N2 = N/2;
+		const size_t N2 = N/2;
 		RecursiveSquare(R0, T2, A0, N2);
 		RecursiveSquare(R2, T2, A1, N2);
@ -2093,7 +2099,7 @@ void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)
 // A[N] - multiplier
 // B[N] - multiplicant
-void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, unsigned int N)
+void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, size_t N)
 {
 	assert(N>=2 && N%2==0);
 	if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8)
@ -2104,7 +2110,7 @@ void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, uns
 		LowLevel::Multiply2Bottom(R, A, B);
 	else
 	{
-		const unsigned int N2 = N/2;
+		const size_t N2 = N/2;
 		RecursiveMultiply(R, T, A0, B0, N2);
 		RecursiveMultiplyBottom(T0, T1, A1, B0, N2);
@ -2120,7 +2126,7 @@ void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B, uns
 // A[N] --- multiplier
 // B[N] --- multiplicant
-void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, const word *B, unsigned int N)
+void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, const word *B, size_t N)
 {
 	assert(N>=2 && N%2==0);
@ -2136,7 +2142,7 @@ void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, const
 	}
 	else
 	{
-		const unsigned int N2 = N/2;
+		const size_t N2 = N/2;
 		int carry;
 		int aComp = Compare(A0, A1, N2);
@ -2194,37 +2200,37 @@ void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A, const
 	}
 }
-inline word Add(word *C, const word *A, const word *B, unsigned int N)
+inline word Add(word *C, const word *A, const word *B, size_t N)
 {
 	return LowLevel::Add(C, A, B, N);
 }
-inline word Subtract(word *C, const word *A, const word *B, unsigned int N)
+inline word Subtract(word *C, const word *A, const word *B, size_t N)
 {
 	return LowLevel::Subtract(C, A, B, N);
 }
-inline void Multiply(word *R, word *T, const word *A, const word *B, unsigned int N)
+inline void Multiply(word *R, word *T, const word *A, const word *B, size_t N)
 {
 	RecursiveMultiply(R, T, A, B, N);
 }
-inline void Square(word *R, word *T, const word *A, unsigned int N)
+inline void Square(word *R, word *T, const word *A, size_t N)
 {
 	RecursiveSquare(R, T, A, N);
 }
-inline void MultiplyBottom(word *R, word *T, const word *A, const word *B, unsigned int N)
+inline void MultiplyBottom(word *R, word *T, const word *A, const word *B, size_t N)
 {
 	RecursiveMultiplyBottom(R, T, A, B, N);
 }
-inline void MultiplyTop(word *R, word *T, const word *L, const word *A, const word *B, unsigned int N)
+inline void MultiplyTop(word *R, word *T, const word *L, const word *A, const word *B, size_t N)
 {
 	RecursiveMultiplyTop(R, T, L, A, B, N);
 }
-static word LinearMultiply(word *C, const word *A, word B, unsigned int N)
+static word LinearMultiply(word *C, const word *A, word B, size_t N)
 {
 	word carry=0;
 	for(unsigned i=0; i<N; i++)
@ -2241,7 +2247,7 @@ static word LinearMultiply(word *C, const word *A, word B, unsigned int N)
 // A[NA] ---- multiplier
 // B[NB] ---- multiplicant
-void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA, const word *B, unsigned int NB)
+void AsymmetricMultiply(word *R, word *T, const word *A, size_t NA, const word *B, size_t NB)
 {
 	if (NA == NB)
 	{
@ -2283,7 +2289,7 @@ void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA, const
 	Multiply(R, T, A, B, NA);
 	CopyWords(T+2*NA, R+NA, NA);
-	unsigned i;
+	size_t i;
 	for (i=2*NA; i<NB; i+=2*NA)
 		Multiply(T+NA+i, T, A, B+i, NA);
@ -2298,7 +2304,7 @@ void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA, const
 // T[3*N/2] - temporary work space
 // A[N] ----- an odd number as input
-void RecursiveInverseModPower2(word *R, word *T, const word *A, unsigned int N)
+void RecursiveInverseModPower2(word *R, word *T, const word *A, size_t N)
 {
 	if (N==2)
 	{
@ -2311,7 +2317,7 @@ void RecursiveInverseModPower2(word *R, word *T, const word *A, unsigned int N)
 	}
 	else
 	{
-		const unsigned int N2 = N/2;
+		const size_t N2 = N/2;
 		RecursiveInverseModPower2(R0, T0, A0, N2);
 		T0[0] = 1;
 		SetWords(T0+1, 0, N2-1);
@ -2329,7 +2335,7 @@ void RecursiveInverseModPower2(word *R, word *T, const word *A, unsigned int N)
 // M[N] --- modulus
 // U[N] --- multiplicative inverse of M mod 2**(WORD_BITS*N)
-void MontgomeryReduce(word *R, word *T, const word *X, const word *M, const word *U, unsigned int N)
+void MontgomeryReduce(word *R, word *T, const word *X, const word *M, const word *U, size_t N)
 {
 	MultiplyBottom(R, T, X, U, N);
 	MultiplyTop(T, T+N, X, R, M, N);
@ -2347,7 +2353,7 @@ void MontgomeryReduce(word *R, word *T, const word *X, const word *M, const word
 // U[N/2] - multiplicative inverse of M mod 2**(WORD_BITS*N/2)
 // V[N] --- 2**(WORD_BITS*3*N/2) mod M
-void HalfMontgomeryReduce(word *R, word *T, const word *X, const word *M, const word *U, const word *V, unsigned int N)
+void HalfMontgomeryReduce(word *R, word *T, const word *X, const word *M, const word *U, const word *V, size_t N)
 {
 	assert(N%2==0 && N>=4);
@ -2361,7 +2367,7 @@ void HalfMontgomeryReduce(word *R, word *T, const word *X, const word *M, const
 #define X2		(X+N)
 #define X3		(X+N+N2)
-	const unsigned int N2 = N/2;
+	const size_t N2 = N/2;
 	Multiply(T0, T2, V0, X3, N2);
 	int c2 = Add(T0, T0, X0, N);
 	MultiplyBottom(T3, T2, T0, U, N2);
@ -2495,7 +2501,7 @@ static inline void AtomicDivide(word *Q, const word *A, const word *B)
 }
 // for use by Divide(), corrects the underestimated quotient {Q1,Q0}
-static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, unsigned int N)
+static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, size_t N)
 {
 	assert(N && N%2==0);
@ -2532,7 +2538,7 @@ static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B, un
 // A[NA] -------- dividend
 // B[NB] -------- divisor
-void Divide(word *R, word *Q, word *T, const word *A, unsigned int NA, const word *B, unsigned int NB)
+void Divide(word *R, word *Q, word *T, const word *A, size_t NA, const word *B, size_t NB)
 {
 	assert(NA && NB && NA%2==0 && NB%2==0);
 	assert(B[NB-1] || B[NB-2]);
@ -2576,7 +2582,7 @@ void Divide(word *R, word *Q, word *T, const word *A, unsigned int NA, const wor
 	BT[1] = TB[NB-1] + (BT[0]==0);
 	// start reducing TA mod TB, 2 words at a time
-	for (unsigned i=NA-2; i>=NB; i-=2)
+	for (size_t i=NA-2; i>=NB; i-=2)
 	{
 		AtomicDivide(Q+i-NB, TA+i-2, BT);
 		CorrectQuotientEstimate(TA+i-NB, TP, Q+i-NB, TB, NB);
@ -2587,7 +2593,7 @@ void Divide(word *R, word *Q, word *T, const word *A, unsigned int NA, const wor
 	ShiftWordsRightByBits(R, NB, shiftBits);
 }
-static inline unsigned int EvenWordCount(const word *X, unsigned int N)
+static inline size_t EvenWordCount(const word *X, size_t N)
 {
 	while (N && X[N-2]==0 && X[N-1]==0)
 		N-=2;
@ -2600,7 +2606,7 @@ static inline unsigned int EvenWordCount(const word *X, unsigned int N)
 // A[NA] -- number to take inverse of
 // M[N] --- modulus
-unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA, const word *M, unsigned int N)
+unsigned int AlmostInverse(word *R, word *T, const word *A, size_t NA, const word *M, size_t N)
 {
 	assert(NA<=N && N && N%2==0);
@ -2608,7 +2614,7 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA, con
 	word *c = T+N;
 	word *f = T+2*N;
 	word *g = T+3*N;
-	unsigned int bcLen=2, fgLen=EvenWordCount(M, N);
+	size_t bcLen=2, fgLen=EvenWordCount(M, N);
 	unsigned int k=0, s=0;
 	SetWords(T, 0, 3*N);
@ -2686,7 +2692,7 @@ unsigned int AlmostInverse(word *R, word *T, const word *A, unsigned int NA, con
 // A[N] - input
 // M[N] - modulus
-void DivideByPower2Mod(word *R, const word *A, unsigned int k, const word *M, unsigned int N)
+void DivideByPower2Mod(word *R, const word *A, size_t k, const word *M, size_t N)
 {
 	CopyWords(R, A, N);
@ -2707,7 +2713,7 @@ void DivideByPower2Mod(word *R, const word *A, unsigned int k, const word *M, un
 // A[N] - input
 // M[N] - modulus
-void MultiplyByPower2Mod(word *R, const word *A, unsigned int k, const word *M, unsigned int N)
+void MultiplyByPower2Mod(word *R, const word *A, size_t k, const word *M, size_t N)
 {
 	CopyWords(R, A, N);
@ -2720,7 +2726,7 @@ void MultiplyByPower2Mod(word *R, const word *A, unsigned int k, const word *M,
 static const unsigned int RoundupSizeTable[] = {2, 2, 2, 4, 4, 8, 8, 8, 8};
-static inline unsigned int RoundupSize(unsigned int n)
+static inline size_t RoundupSize(size_t n)
 {
 	if (n<=8)
 		return RoundupSizeTable[n];
@ -2796,12 +2802,12 @@ signed long Integer::ConvertToLong() const
 	return sign==POSITIVE ? value : -(signed long)value;
 }
-Integer::Integer(BufferedTransformation &encodedInteger, unsigned int byteCount, Signedness s)
+Integer::Integer(BufferedTransformation &encodedInteger, size_t byteCount, Signedness s)
 {
 	Decode(encodedInteger, byteCount, s);
 }
-Integer::Integer(const byte *encodedInteger, unsigned int byteCount, Signedness s)
+Integer::Integer(const byte *encodedInteger, size_t byteCount, Signedness s)
 {
 	Decode(encodedInteger, byteCount, s);
 }
@ -2811,7 +2817,7 @@ Integer::Integer(BufferedTransformation &bt)
 	BERDecode(bt);
 }
-Integer::Integer(RandomNumberGenerator &rng, unsigned int bitcount)
+Integer::Integer(RandomNumberGenerator &rng, size_t bitcount)
 {
 	Randomize(rng, bitcount);
 }
@ -2822,7 +2828,7 @@ Integer::Integer(RandomNumberGenerator &rng, const Integer &min, const Integer &
 		throw Integer::RandomNumberNotFound();
 }
-Integer Integer::Power2(unsigned int e)
+Integer Integer::Power2(size_t e)
 {
 	Integer r((word)0, BitsToWords(e+1));
 	r.SetBit(e);
@ -2869,7 +2875,7 @@ Integer& Integer::operator=(const Integer& t)
 	return *this;
 }
-bool Integer::GetBit(unsigned int n) const
+bool Integer::GetBit(size_t n) const
 {
 	if (n/WORD_BITS >= reg.size())
 		return 0;
@ -2877,7 +2883,7 @@ bool Integer::GetBit(unsigned int n) const
 		return bool((reg[n/WORD_BITS] >> (n % WORD_BITS)) & 1);
 }
-void Integer::SetBit(unsigned int n, bool value)
+void Integer::SetBit(size_t n, bool value)
 {
 	if (value)
 	{
@ -2891,7 +2897,7 @@ void Integer::SetBit(unsigned int n, bool value)
 	}
 }
-byte Integer::GetByte(unsigned int n) const
+byte Integer::GetByte(size_t n) const
 {
 	if (n/WORD_SIZE >= reg.size())
 		return 0;
@ -2899,19 +2905,19 @@ byte Integer::GetByte(unsigned int n) const
 		return byte(reg[n/WORD_SIZE] >> ((n%WORD_SIZE)*8));
 }
-void Integer::SetByte(unsigned int n, byte value)
+void Integer::SetByte(size_t n, byte value)
 {
 	reg.CleanGrow(RoundupSize(BytesToWords(n+1)));
 	reg[n/WORD_SIZE] &= ~(word(0xff) << 8*(n%WORD_SIZE));
 	reg[n/WORD_SIZE] |= (word(value) << 8*(n%WORD_SIZE));
 }
-unsigned long Integer::GetBits(unsigned int i, unsigned int n) const
+lword Integer::GetBits(size_t i, size_t n) const
 {
-	assert(n <= sizeof(unsigned long)*8);
+	lword v = 0;
-	unsigned long v = 0;
+	assert(n <= sizeof(v)*8);
 	for (unsigned int j=0; j<n; j++)
-		v |= GetBit(i+j) << j;
+		v |= lword(GetBit(i+j)) << j;
 	return v;
 }
@ -2935,7 +2941,7 @@ void Integer::swap(Integer &a)
 	std::swap(sign, a.sign);
 }
-Integer::Integer(word value, unsigned int length)
+Integer::Integer(word value, size_t length)
 	: reg(RoundupSize(length)), sign(POSITIVE)
 {
 	reg[0] = value;
@ -3017,7 +3023,7 @@ Integer::Integer(const wchar_t *str)
 unsigned int Integer::WordCount() const
 {
-	return CountWords(reg, reg.size());
+	return (unsigned int)CountWords(reg, reg.size());
 }
 unsigned int Integer::ByteCount() const
@ -3038,13 +3044,13 @@ unsigned int Integer::BitCount() const
 		return 0;
 }
-void Integer::Decode(const byte *input, unsigned int inputLen, Signedness s)
+void Integer::Decode(const byte *input, size_t inputLen, Signedness s)
 {
 	StringStore store(input, inputLen);
 	Decode(store, inputLen, s);
 }
-void Integer::Decode(BufferedTransformation &bt, unsigned int inputLen, Signedness s)
+void Integer::Decode(BufferedTransformation &bt, size_t inputLen, Signedness s)
 {
 	assert(bt.MaxRetrievable() >= inputLen);
@ -3061,7 +3067,7 @@ void Integer::Decode(BufferedTransformation &bt, unsigned int inputLen, Signedne
 	reg.CleanNew(RoundupSize(BytesToWords(inputLen)));
-	for (unsigned int i=inputLen; i > 0; i--)
+	for (size_t i=inputLen; i > 0; i--)
 	{
 		bt.Get(b);
 		reg[(i-1)/WORD_SIZE] |= word(b) << ((i-1)%WORD_SIZE)*8;
@ -3069,13 +3075,13 @@ void Integer::Decode(BufferedTransformation &bt, unsigned int inputLen, Signedne
 	if (sign == NEGATIVE)
 	{
-		for (unsigned i=inputLen; i<reg.size()*WORD_SIZE; i++)
+		for (size_t i=inputLen; i<reg.size()*WORD_SIZE; i++)
 			reg[i/WORD_SIZE] |= word(0xff) << (i%WORD_SIZE)*8;
 		TwosComplement(reg, reg.size());
 	}
 }
-unsigned int Integer::MinEncodedSize(Signedness signedness) const
+size_t Integer::MinEncodedSize(Signedness signedness) const
 {
 	unsigned int outputLen = STDMAX(1U, ByteCount());
 	if (signedness == UNSIGNED)
@ -3087,27 +3093,25 @@ unsigned int Integer::MinEncodedSize(Signedness signedness) const
 	return outputLen;
 }
-unsigned int Integer::Encode(byte *output, unsigned int outputLen, Signedness signedness) const
+void Integer::Encode(byte *output, size_t outputLen, Signedness signedness) const
 {
 	ArraySink sink(output, outputLen);
-	return Encode(sink, outputLen, signedness);
+	Encode(sink, outputLen, signedness);
 }
-unsigned int Integer::Encode(BufferedTransformation &bt, unsigned int outputLen, Signedness signedness) const
+void Integer::Encode(BufferedTransformation &bt, size_t outputLen, Signedness signedness) const
 {
 	if (signedness == UNSIGNED || NotNegative())
 	{
-		for (unsigned int i=outputLen; i > 0; i--)
+		for (size_t i=outputLen; i > 0; i--)
 			bt.Put(GetByte(i-1));
 	}
 	else
 	{
 		// take two's complement of *this
-		Integer temp = Integer::Power2(8*STDMAX(ByteCount(), outputLen)) + *this;
+		Integer temp = Integer::Power2(8*UnsignedMin(ByteCount(), outputLen)) + *this;
-		for (unsigned i=0; i<outputLen; i++)
+		temp.Encode(bt, outputLen, UNSIGNED);
 			bt.Put(temp.GetByte(outputLen-i-1));
 	}
 	return outputLen;
 }
 void Integer::DEREncode(BufferedTransformation &bt) const
@ -3117,7 +3121,7 @@ void Integer::DEREncode(BufferedTransformation &bt) const
 	enc.MessageEnd();
 }
-void Integer::BERDecode(const byte *input, unsigned int len)
+void Integer::BERDecode(const byte *input, size_t len)
 {
 	StringStore store(input, len);
 	BERDecode(store);
@ -3128,18 +3132,18 @@ void Integer::BERDecode(BufferedTransformation &bt)
 	BERGeneralDecoder dec(bt, INTEGER);
 	if (!dec.IsDefiniteLength() || dec.MaxRetrievable() < dec.RemainingLength())
 		BERDecodeError();
-	Decode(dec, dec.RemainingLength(), SIGNED);
+	Decode(dec, (size_t)dec.RemainingLength(), SIGNED);
 	dec.MessageEnd();
 }
-void Integer::DEREncodeAsOctetString(BufferedTransformation &bt, unsigned int length) const
+void Integer::DEREncodeAsOctetString(BufferedTransformation &bt, size_t length) const
 {
 	DERGeneralEncoder enc(bt, OCTET_STRING);
 	Encode(enc, length);
 	enc.MessageEnd();
 }
-void Integer::BERDecodeAsOctetString(BufferedTransformation &bt, unsigned int length)
+void Integer::BERDecodeAsOctetString(BufferedTransformation &bt, size_t length)
 {
 	BERGeneralDecoder dec(bt, OCTET_STRING);
 	if (!dec.IsDefiniteLength() || dec.RemainingLength() != length)
@ -3148,20 +3152,22 @@ void Integer::BERDecodeAsOctetString(BufferedTransformation &bt, unsigned int le
 	dec.MessageEnd();
 }
-unsigned int Integer::OpenPGPEncode(byte *output, unsigned int len) const
+size_t Integer::OpenPGPEncode(byte *output, size_t len) const
 {
 	ArraySink sink(output, len);
 	return OpenPGPEncode(sink);
 }
-unsigned int Integer::OpenPGPEncode(BufferedTransformation &bt) const
+size_t Integer::OpenPGPEncode(BufferedTransformation &bt) const
 {
 	word16 bitCount = BitCount();
 	bt.PutWord16(bitCount);
-	return 2 + Encode(bt, BitsToBytes(bitCount));
+	size_t byteCount = BitsToBytes(bitCount);
 	Encode(bt, byteCount);
 	return 2 + byteCount;
 }
-void Integer::OpenPGPDecode(const byte *input, unsigned int len)
+void Integer::OpenPGPDecode(const byte *input, size_t len)
 {
 	StringStore store(input, len);
 	OpenPGPDecode(store);
@ -3175,9 +3181,9 @@ void Integer::OpenPGPDecode(BufferedTransformation &bt)
 	Decode(bt, BitsToBytes(bitCount));
 }
-void Integer::Randomize(RandomNumberGenerator &rng, unsigned int nbits)
+void Integer::Randomize(RandomNumberGenerator &rng, size_t nbits)
 {
-	const unsigned int nbytes = nbits/8 + 1;
+	const size_t nbytes = nbits/8 + 1;
 	SecByteBlock buf(nbytes);
 	rng.GenerateBlock(buf, nbytes);
 	if (nbytes)
@ -3210,7 +3216,7 @@ bool Integer::Randomize(RandomNumberGenerator &rng, const Integer &min, const In
 class KDF2_RNG : public RandomNumberGenerator
 {
 public:
-	KDF2_RNG(const byte *seed, unsigned int seedSize)
+	KDF2_RNG(const byte *seed, size_t seedSize)
 		: m_counter(0), m_counterAndSeed(seedSize + 4)
 	{
 		memcpy(m_counterAndSeed + 4, seed, seedSize);
@ -3272,7 +3278,7 @@ bool Integer::GenerateRandomNoThrow(RandomNumberGenerator &i_rng, const NameValu
 		DEREncodeOctetString(seq, seed.begin(), seed.size());
 		seq.MessageEnd();
-		SecByteBlock finalSeed(bq.MaxRetrievable());
+		SecByteBlock finalSeed((size_t)bq.MaxRetrievable());
 		bq.Get(finalSeed, finalSeed.size());
 		kdf2Rng.reset(new KDF2_RNG(finalSeed.begin(), finalSeed.size()));
 	}
@ -3510,9 +3516,15 @@ void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b)
 	}
 }
 // MSVC .NET 2003 workaround
 template <class T> inline const T& STDMAX2(const T& a, const T& b)
 {
 	return a < b ? b : a;
 }
 Integer Integer::Plus(const Integer& b) const
 {
-	Integer sum((word)0, STDMAX(reg.size(), b.reg.size()));
+	Integer sum((word)0, STDMAX2(reg.size(), b.reg.size()));
 	if (NotNegative())
 	{
 		if (b.NotNegative())
@ -3558,7 +3570,7 @@ Integer& Integer::operator+=(const Integer& t)
 Integer Integer::Minus(const Integer& b) const
 {
-	Integer diff((word)0, STDMAX(reg.size(), b.reg.size()));
+	Integer diff((word)0, STDMAX2(reg.size(), b.reg.size()));
 	if (NotNegative())
 	{
 		if (b.NotNegative())
@ -3602,11 +3614,11 @@ Integer& Integer::operator-=(const Integer& t)
 	return *this;
 }
-Integer& Integer::operator<<=(unsigned int n)
+Integer& Integer::operator<<=(size_t n)
 {
-	const unsigned int wordCount = WordCount();
+	const size_t wordCount = WordCount();
-	const unsigned int shiftWords = n / WORD_BITS;
+	const size_t shiftWords = n / WORD_BITS;
-	const unsigned int shiftBits = n % WORD_BITS;
+	const unsigned int shiftBits = (unsigned int)(n % WORD_BITS);
 	reg.CleanGrow(RoundupSize(wordCount+BitsToWords(n)));
 	ShiftWordsLeftByWords(reg, wordCount + shiftWords, shiftWords);
@ -3614,11 +3626,11 @@ Integer& Integer::operator<<=(unsigned int n)
 	return *this;
 }
-Integer& Integer::operator>>=(unsigned int n)
+Integer& Integer::operator>>=(size_t n)
 {
-	const unsigned int wordCount = WordCount();
+	const size_t wordCount = WordCount();
-	const unsigned int shiftWords = n / WORD_BITS;
+	const size_t shiftWords = n / WORD_BITS;
-	const unsigned int shiftBits = n % WORD_BITS;
+	const unsigned int shiftBits = (unsigned int)(n % WORD_BITS);
 	ShiftWordsRightByWords(reg, wordCount, shiftWords);
 	if (wordCount > shiftWords)
@ -3630,8 +3642,8 @@ Integer& Integer::operator>>=(unsigned int n)
 void PositiveMultiply(Integer &product, const Integer &a, const Integer &b)
 {
-	unsigned aSize = RoundupSize(a.WordCount());
+	size_t aSize = RoundupSize(a.WordCount());
-	unsigned bSize = RoundupSize(b.WordCount());
+	size_t bSize = RoundupSize(b.WordCount());
 	product.reg.CleanNew(RoundupSize(aSize+bSize));
 	product.sign = Integer::POSITIVE;
@ -3729,7 +3741,7 @@ void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a, unsigne
 	q = a;
 	q >>= n;
-	const unsigned int wordCount = BitsToWords(n);
+	const size_t wordCount = BitsToWords(n);
 	if (wordCount <= a.WordCount())
 	{
 		r.reg.resize(RoundupSize(wordCount));
@ -4103,7 +4115,7 @@ const Integer& ModularArithmetic::Inverse(const Integer &a) const
 	CopyWords(m_result.reg.begin(), m_modulus.reg, m_modulus.reg.size());
 	if (CryptoPP::Subtract(m_result.reg.begin(), m_result.reg, a.reg, a.reg.size()))
-		Decrement(m_result.reg.begin()+a.reg.size(), 1, m_modulus.reg.size()-a.reg.size());
+		Decrement(m_result.reg.begin()+a.reg.size(), m_modulus.reg.size()-a.reg.size());
 	return m_result;
 }
@ -4147,7 +4159,7 @@ const Integer& MontgomeryRepresentation::Multiply(const Integer &a, const Intege
 {
 	word *const T = m_workspace.begin();
 	word *const R = m_result.reg.begin();
-	const unsigned int N = m_modulus.reg.size();
+	const size_t N = m_modulus.reg.size();
 	assert(a.reg.size()<=N && b.reg.size()<=N);
 	AsymmetricMultiply(T, T+2*N, a.reg, a.reg.size(), b.reg, b.reg.size());
@ -4160,7 +4172,7 @@ const Integer& MontgomeryRepresentation::Square(const Integer &a) const
 {
 	word *const T = m_workspace.begin();
 	word *const R = m_result.reg.begin();
-	const unsigned int N = m_modulus.reg.size();
+	const size_t N = m_modulus.reg.size();
 	assert(a.reg.size()<=N);
 	CryptoPP::Square(T, T+2*N, a.reg, a.reg.size());
@ -4173,7 +4185,7 @@ Integer MontgomeryRepresentation::ConvertOut(const Integer &a) const
 {
 	word *const T = m_workspace.begin();
 	word *const R = m_result.reg.begin();
-	const unsigned int N = m_modulus.reg.size();
+	const size_t N = m_modulus.reg.size();
 	assert(a.reg.size()<=N);
 	CopyWords(T, a.reg, a.reg.size());
@ -4187,7 +4199,7 @@ const Integer& MontgomeryRepresentation::MultiplicativeInverse(const Integer &a)
 //	  return (EuclideanMultiplicativeInverse(a, modulus)<<(2*WORD_BITS*modulus.reg.size()))%modulus;
 	word *const T = m_workspace.begin();
 	word *const R = m_result.reg.begin();
-	const unsigned int N = m_modulus.reg.size();
+	const size_t N = m_modulus.reg.size();
 	assert(a.reg.size()<=N);
 	CopyWords(T, a.reg, a.reg.size());
--- a/integer.h
+++ b/integer.h
@ -131,17 +131,17 @@ public:
 		explicit Integer(const wchar_t *str);
 		//! convert from big-endian byte array
-		Integer(const byte *encodedInteger, unsigned int byteCount, Signedness s=UNSIGNED);
+		Integer(const byte *encodedInteger, size_t byteCount, Signedness s=UNSIGNED);
 		//! convert from big-endian form stored in a BufferedTransformation
-		Integer(BufferedTransformation &bt, unsigned int byteCount, Signedness s=UNSIGNED);
+		Integer(BufferedTransformation &bt, size_t byteCount, Signedness s=UNSIGNED);
 		//! convert from BER encoded byte array stored in a BufferedTransformation object
 		explicit Integer(BufferedTransformation &bt);
 		//! create a random integer
 		/*! The random integer created is uniformly distributed over [0, 2**bitcount). */
-		Integer(RandomNumberGenerator &rng, unsigned int bitcount);
+		Integer(RandomNumberGenerator &rng, size_t bitcount);
 		//! avoid calling constructors for these frequently used integers
 		static const Integer & CRYPTOPP_API Zero();
@ -164,47 +164,47 @@ public:
 		Integer(RandomNumberGenerator &rng, const Integer &min, const Integer &max, RandomNumberType rnType=ANY, const Integer &equiv=Zero(), const Integer &mod=One());
 		//! return the integer 2**e
-		static Integer CRYPTOPP_API Power2(unsigned int e);
+		static Integer CRYPTOPP_API Power2(size_t e);
 	//@}
 	//! \name ENCODE/DECODE
 	//@{
 		//! minimum number of bytes to encode this integer
 		/*! MinEncodedSize of 0 is 1 */
-		unsigned int MinEncodedSize(Signedness=UNSIGNED) const;
+		size_t MinEncodedSize(Signedness=UNSIGNED) const;
 		//! encode in big-endian format
 		/*! unsigned means encode absolute value, signed means encode two's complement if negative.
 			if outputLen < MinEncodedSize, the most significant bytes will be dropped
 			if outputLen > MinEncodedSize, the most significant bytes will be padded
 		*/
-		unsigned int Encode(byte *output, unsigned int outputLen, Signedness=UNSIGNED) const;
+		void Encode(byte *output, size_t outputLen, Signedness=UNSIGNED) const;
 		//!
-		unsigned int Encode(BufferedTransformation &bt, unsigned int outputLen, Signedness=UNSIGNED) const;
+		void Encode(BufferedTransformation &bt, size_t outputLen, Signedness=UNSIGNED) const;
 		//! encode using Distinguished Encoding Rules, put result into a BufferedTransformation object
 		void DEREncode(BufferedTransformation &bt) const;
 		//! encode absolute value as big-endian octet string
-		void DEREncodeAsOctetString(BufferedTransformation &bt, unsigned int length) const;
+		void DEREncodeAsOctetString(BufferedTransformation &bt, size_t length) const;
 		//! encode absolute value in OpenPGP format, return length of output
-		unsigned int OpenPGPEncode(byte *output, unsigned int bufferSize) const;
+		size_t OpenPGPEncode(byte *output, size_t bufferSize) const;
 		//! encode absolute value in OpenPGP format, put result into a BufferedTransformation object
-		unsigned int OpenPGPEncode(BufferedTransformation &bt) const;
+		size_t OpenPGPEncode(BufferedTransformation &bt) const;
 		//!
-		void Decode(const byte *input, unsigned int inputLen, Signedness=UNSIGNED);
+		void Decode(const byte *input, size_t inputLen, Signedness=UNSIGNED);
 		//! 
 		//* Precondition: bt.MaxRetrievable() >= inputLen
-		void Decode(BufferedTransformation &bt, unsigned int inputLen, Signedness=UNSIGNED);
+		void Decode(BufferedTransformation &bt, size_t inputLen, Signedness=UNSIGNED);
 		//!
-		void BERDecode(const byte *input, unsigned int inputLen);
+		void BERDecode(const byte *input, size_t inputLen);
 		//!
 		void BERDecode(BufferedTransformation &bt);
 		//! decode nonnegative value as big-endian octet string
-		void BERDecodeAsOctetString(BufferedTransformation &bt, unsigned int length);
+		void BERDecodeAsOctetString(BufferedTransformation &bt, size_t length);
 		class OpenPGPDecodeErr : public Exception
 		{
@ -213,7 +213,7 @@ public:
 		};
 		//!
-		void OpenPGPDecode(const byte *input, unsigned int inputLen);
+		void OpenPGPDecode(const byte *input, size_t inputLen);
 		//!
 		void OpenPGPDecode(BufferedTransformation &bt);
 	//@}
@ -233,11 +233,11 @@ public:
 		unsigned int WordCount() const;
 		//! return the i-th bit, i=0 being the least significant bit
-		bool GetBit(unsigned int i) const;
+		bool GetBit(size_t i) const;
 		//! return the i-th byte
-		byte GetByte(unsigned int i) const;
+		byte GetByte(size_t i) const;
 		//! return n lowest bits of *this >> i
-		unsigned long GetBits(unsigned int i, unsigned int n) const;
+		lword GetBits(size_t i, size_t n) const;
 		//!
 		bool IsZero() const {return !*this;}
@ -278,12 +278,12 @@ public:
 		Integer&  operator%=(word t)  {return *this = Modulo(t);}
 		//!
-		Integer&  operator<<=(unsigned int);
+		Integer&  operator<<=(size_t);
 		//!
-		Integer&  operator>>=(unsigned int);
+		Integer&  operator>>=(size_t);
 		//!
-		void Randomize(RandomNumberGenerator &rng, unsigned int bitcount);
+		void Randomize(RandomNumberGenerator &rng, size_t bitcount);
 		//!
 		void Randomize(RandomNumberGenerator &rng, const Integer &min, const Integer &max);
 		//! set this Integer to a random element of {x | min <= x <= max and x is of rnType and x % mod == equiv}
@ -298,9 +298,9 @@ public:
 		}
 		//! set the n-th bit to value
-		void SetBit(unsigned int n, bool value=1);
+		void SetBit(size_t n, bool value=1);
 		//! set the n-th byte to value
-		void SetByte(unsigned int n, byte value);
+		void SetByte(size_t n, byte value);
 		//!
 		void Negate();
@ -356,9 +356,9 @@ public:
 		word Modulo(word b) const;
 		//!
-		Integer operator>>(unsigned int n) const	{return Integer(*this)>>=n;}
+		Integer operator>>(size_t n) const	{return Integer(*this)>>=n;}
 		//!
-		Integer operator<<(unsigned int n) const	{return Integer(*this)<<=n;}
+		Integer operator<<(size_t n) const	{return Integer(*this)<<=n;}
 	//@}
 	//! \name OTHER ARITHMETIC FUNCTIONS
@ -413,7 +413,7 @@ private:
 	friend class MontgomeryRepresentation;
 	friend class HalfMontgomeryRepresentation;
-	Integer(word value, unsigned int length);
+	Integer(word value, size_t length);
 	int PositiveCompare(const Integer &t) const;
 	friend void PositiveAdd(Integer &sum, const Integer &a, const Integer &b);
--- a/iterhash.cpp
+++ b/iterhash.cpp
@ -6,13 +6,13 @@
 NAMESPACE_BEGIN(CryptoPP)
-template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte *input, unsigned int len)
+template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte *input, size_t len)
 {
 	HashWordType oldCountLo = m_countLo, oldCountHi = m_countHi;
-	if ((m_countLo = oldCountLo + len) < oldCountLo)
+	if ((m_countLo = oldCountLo + HashWordType(len)) < oldCountLo)
 		m_countHi++;             // carry from low to high
-	m_countHi += SafeRightShift<8*sizeof(HashWordType)>(len);
+	m_countHi += (HashWordType)SafeRightShift<8*sizeof(HashWordType)>(len);
-	if (m_countHi < oldCountHi)
+	if (m_countHi < oldCountHi || SafeRightShift<2*8*sizeof(HashWordType)>(len) != 0)
 		throw HashInputTooLong(this->AlgorithmName());
 	unsigned int blockSize = BlockSize();
@ -47,7 +47,7 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte
 		}
 		else if (IsAligned<T>(input))
 		{
-			unsigned int leftOver = HashMultipleBlocks((T *)input, len);
+			size_t leftOver = HashMultipleBlocks((T *)input, len);
 			input += (len - leftOver);
 			len = leftOver;
 		}
@ -64,7 +64,7 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Update(const byte
 	memcpy(m_data, input, len);
 }
-template <class T, class BASE> byte * IteratedHashBase<T, BASE>::CreateUpdateSpace(unsigned int &size)
+template <class T, class BASE> byte * IteratedHashBase<T, BASE>::CreateUpdateSpace(size_t &size)
 {
 	unsigned int blockSize = BlockSize();
 	unsigned int num = ModPowerOf2(m_countLo, blockSize);
@ -72,7 +72,7 @@ template <class T, class BASE> byte * IteratedHashBase<T, BASE>::CreateUpdateSpa
 	return (byte *)m_data.begin() + num;
 }
-template <class T, class BASE> unsigned int IteratedHashBase<T, BASE>::HashMultipleBlocks(const T *input, unsigned int length)
+template <class T, class BASE> size_t IteratedHashBase<T, BASE>::HashMultipleBlocks(const T *input, size_t length)
 {
 	unsigned int blockSize = BlockSize();
 	bool noReverse = NativeByteOrderIs(GetByteOrder());
@ -114,7 +114,7 @@ template <class T, class BASE> void IteratedHashBase<T, BASE>::Restart()
 	Init();
 }
-template <class T, class BASE> void IteratedHashBase<T, BASE>::TruncatedFinal(byte *digest, unsigned int size)
+template <class T, class BASE> void IteratedHashBase<T, BASE>::TruncatedFinal(byte *digest, size_t size)
 {
 	this->ThrowIfInvalidTruncatedSize(size);
--- a/iterhash.h
+++ b/iterhash.h
@ -24,13 +24,13 @@ public:
 	typedef T HashWordType;
 	IteratedHashBase() : m_countLo(0), m_countHi(0) {}
-	unsigned int BlockSize() const {return m_data.size() * sizeof(T);}
+	unsigned int BlockSize() const {return (unsigned int)m_data.size() * sizeof(T);}
 	unsigned int OptimalBlockSize() const {return BlockSize();}
 	unsigned int OptimalDataAlignment() const {return sizeof(T);}
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	byte * CreateUpdateSpace(unsigned int &size);
+	byte * CreateUpdateSpace(size_t &size);
 	void Restart();
-	void TruncatedFinal(byte *digest, unsigned int size);
+	void TruncatedFinal(byte *digest, size_t size);
 protected:
 	void SetBlockSize(unsigned int blockSize) {m_data.resize(blockSize / sizeof(HashWordType));}
@ -44,7 +44,7 @@ protected:
 	virtual ByteOrder GetByteOrder() const =0;
 	virtual void HashEndianCorrectedBlock(const HashWordType *data) =0;
-	virtual unsigned int HashMultipleBlocks(const T *input, unsigned int length);
+	virtual size_t HashMultipleBlocks(const T *input, size_t length);
 	void HashBlock(const HashWordType *input) {HashMultipleBlocks(input, BlockSize());}
 	SecBlock<T> m_data;			// Data buffer
@ -75,7 +75,7 @@ public:
 	ByteOrder GetByteOrder() const {return T_Endianness::ToEnum();}
-	inline static void CorrectEndianess(HashWordType *out, const HashWordType *in, unsigned int byteCount)
+	inline static void CorrectEndianess(HashWordType *out, const HashWordType *in, size_t byteCount)
 	{
 		ConditionalByteReverse(T_Endianness::ToEnum(), out, in, byteCount);
 	}
--- a/luc.h
+++ b/luc.h
@ -187,7 +187,7 @@ public:
 	void Sign(const DL_GroupParameters<Integer> &params, const Integer &x, const Integer &k, const Integer &e, Integer &r, Integer &s) const;
 	bool Verify(const DL_GroupParameters<Integer> &params, const DL_PublicKey<Integer> &publicKey, const Integer &e, const Integer &r, const Integer &s) const;
-	unsigned int RLen(const DL_GroupParameters<Integer> &params) const
+	size_t RLen(const DL_GroupParameters<Integer> &params) const
 		{return params.GetGroupOrder().ByteCount();}
 };
--- a/md2.cpp
+++ b/md2.cpp
@ -33,7 +33,7 @@ void MD2::Init()
 	m_count = 0;
 }
-void MD2::Update(const byte *buf, unsigned int len)
+void MD2::Update(const byte *buf, size_t len)
 {
 	static const byte S[256] = {
 		41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
@ -58,7 +58,7 @@ void MD2::Update(const byte *buf, unsigned int len)
 	while (len) 
    {
-		word32 L = (16-m_count) < len ? (16-m_count) : len;
+		unsigned int L = UnsignedMin(16U-m_count, len);
 		memcpy(m_buf+m_count, buf, L);
 		m_count+=L;
 		buf+=L;
@ -97,7 +97,7 @@ void MD2::Update(const byte *buf, unsigned int len)
    }
 }
-void MD2::TruncatedFinal(byte *hash, unsigned int size)
+void MD2::TruncatedFinal(byte *hash, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/md2.h
+++ b/md2.h
@ -12,8 +12,8 @@ class MD2 : public HashTransformation
 {
 public:
 	MD2();
-	void Update(const byte *input, unsigned int length);
+	void Update(const byte *input, size_t length);
-	void TruncatedFinal(byte *hash, unsigned int size);
+	void TruncatedFinal(byte *hash, size_t size);
 	unsigned int DigestSize() const {return DIGESTSIZE;}
 	static const char * StaticAlgorithmName() {return "MD2";}
--- a/md5mac.cpp
+++ b/md5mac.cpp
@ -47,7 +47,7 @@ void MD5MAC_Base::Init()
 	m_digest[3] = m_key[3];
 }
-void MD5MAC_Base::TruncatedFinal(byte *hash, unsigned int size)
+void MD5MAC_Base::TruncatedFinal(byte *hash, size_t size)
 {
 	ThrowIfInvalidTruncatedSize(size);
--- a/md5mac.h
+++ b/md5mac.h
@ -18,7 +18,7 @@ public:
 	MD5MAC_Base() {SetStateSize(DIGESTSIZE);}
 	void UncheckedSetKey(const byte *userKey, unsigned int keylength);
-	void TruncatedFinal(byte *mac, unsigned int size);
+	void TruncatedFinal(byte *mac, size_t size);
 	unsigned int DigestSize() const {return DIGESTSIZE;}
 protected:
--- a/misc.cpp
+++ b/misc.cpp
@ -10,7 +10,7 @@
 NAMESPACE_BEGIN(CryptoPP)
-void xorbuf(byte *buf, const byte *mask, unsigned int count)
+void xorbuf(byte *buf, const byte *mask, size_t count)
 {
 	if (((size_t)buf | (size_t)mask | count) % WORD_SIZE == 0)
 		XorWords((word *)buf, (const word *)mask, count/WORD_SIZE);
@ -21,7 +21,7 @@ void xorbuf(byte *buf, const byte *mask, unsigned int count)
 	}
 }
-void xorbuf(byte *output, const byte *input, const byte *mask, unsigned int count)
+void xorbuf(byte *output, const byte *input, const byte *mask, size_t count)
 {
 	if (((size_t)output | (size_t)input | (size_t)mask | count) % WORD_SIZE == 0)
 		XorWords((word *)output, (const word *)input, (const word *)mask, count/WORD_SIZE);
@ -32,50 +32,6 @@ void xorbuf(byte *output, const byte *input, const byte *mask, unsigned int coun
 	}
 }
 unsigned int Parity(unsigned long value)
 {
 	for (unsigned int i=8*sizeof(value)/2; i>0; i/=2)
 		value ^= value >> i;
 	return (unsigned int)value&1;
 }
 unsigned int BytePrecision(unsigned long value)
 {
 	unsigned int i;
 	for (i=sizeof(value); i; --i)
 		if (value >> (i-1)*8)
 			break;
 	return i;
 }
 unsigned int BitPrecision(unsigned long value)
 {
 	if (!value)
 		return 0;
 	unsigned int l=0, h=8*sizeof(value);
 	while (h-l > 1)
 	{
 		unsigned int t = (l+h)/2;
 		if (value >> t)
 			l = t;
 		else
 			h = t;
 	}
 	return h;
 }
 unsigned long Crop(unsigned long value, unsigned int size)
 {
 	if (size < 8*sizeof(value))
    	return (value & ((1L << size) - 1));
 	else
 		return value;
 }
 #if !(defined(_MSC_VER) && (_MSC_VER < 1300))
 using std::new_handler;
 using std::set_new_handler;
--- a/misc.h
+++ b/misc.h
@ -122,12 +122,24 @@ template <class T> inline const T& STDMIN(const T& a, const T& b)
 	return b < a ? b : a;
 }
 template <class T1, class T2> inline const T1 UnsignedMin(const T1& a, const T2& b)
 {
 	CRYPTOPP_COMPILE_ASSERT((sizeof(T1)<=sizeof(T2) && T2(-1)>0) || (sizeof(T1)>sizeof(T2) && T1(-1)>0));
 	assert(a>=0);
 	assert(b>=0);
 	if (sizeof(T1)<=sizeof(T2))
 		return b < (T2)a ? (T1)b : a;
 	else
 		return (T1)b < a ? (T1)b : a;
 }
 template <class T> inline const T& STDMAX(const T& a, const T& b)
 {
 	return a < b ? b : a;
 }
-#define RETURN_IF_NONZERO(x) unsigned int returnedValue = x; if (returnedValue) return returnedValue
+#define RETURN_IF_NONZERO(x) size_t returnedValue = x; if (returnedValue) return returnedValue
 // this version of the macro is fastest on Pentium 3 and Pentium 4 with MSVC 6 SP5 w/ Processor Pack
 #define GETBYTE(x, y) (unsigned int)byte((x)>>(8*(y)))
@ -135,56 +147,122 @@ template <class T> inline const T& STDMAX(const T& a, const T& b)
 // #define GETBYTE(x, y) (unsigned int)(((x)>>(8*(y)))&255)
 // #define GETBYTE(x, y) (((byte *)&(x))[y])
-CRYPTOPP_DLL unsigned int CRYPTOPP_API Parity(unsigned long);
+template <class T>
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BytePrecision(unsigned long);
+unsigned int Parity(T value)
-CRYPTOPP_DLL unsigned int CRYPTOPP_API BitPrecision(unsigned long);
+{
-CRYPTOPP_DLL unsigned long CRYPTOPP_API Crop(unsigned long, unsigned int size);
+	for (unsigned int i=8*sizeof(value)/2; i>0; i/=2)
 		value ^= value >> i;
 	return (unsigned int)value&1;
 }
-inline unsigned int BitsToBytes(unsigned int bitCount)
+template <class T>
 unsigned int BytePrecision(const T &value)
 {
 	if (!value)
 		return 0;
 	unsigned int l=0, h=8*sizeof(value);
 	while (h-l > 8)
 	{
 		unsigned int t = (l+h)/2;
 		if (value >> t)
 			l = t;
 		else
 			h = t;
 	}
 	return h/8;
 }
 template <class T>
 unsigned int BitPrecision(const T &value)
 {
 	if (!value)
 		return 0;
 	unsigned int l=0, h=8*sizeof(value);
 	while (h-l > 1)
 	{
 		unsigned int t = (l+h)/2;
 		if (value >> t)
 			l = t;
 		else
 			h = t;
 	}
 	return h;
 }
 template <class T>
 inline T Crop(T value, size_t size)
 {
 	if (size < 8*sizeof(value))
    	return T(value & ((T(1) << size) - 1));
 	else
 		return value;
 }
 template <class T1, class T2>
 inline bool SafeConvert(T1 from, T2 &to)
 {
 	to = (T2)from;
 	if (from != to || (from > 0 && to < 0))
 		return false;
 	return true;
 }
 inline size_t BitsToBytes(size_t bitCount)
 {
 	return ((bitCount+7)/(8));
 }
-inline unsigned int BytesToWords(unsigned int byteCount)
+inline size_t BytesToWords(size_t byteCount)
 {
 	return ((byteCount+WORD_SIZE-1)/WORD_SIZE);
 }
-inline unsigned int BitsToWords(unsigned int bitCount)
+inline size_t BitsToWords(size_t bitCount)
 {
 	return ((bitCount+WORD_BITS-1)/(WORD_BITS));
 }
-inline unsigned int BitsToDwords(unsigned int bitCount)
+inline size_t BitsToDwords(size_t bitCount)
 {
 	return ((bitCount+2*WORD_BITS-1)/(2*WORD_BITS));
 }
-CRYPTOPP_DLL void CRYPTOPP_API xorbuf(byte *buf, const byte *mask, unsigned int count);
+CRYPTOPP_DLL void CRYPTOPP_API xorbuf(byte *buf, const byte *mask, size_t count);
-CRYPTOPP_DLL void CRYPTOPP_API xorbuf(byte *output, const byte *input, const byte *mask, unsigned int count);
+CRYPTOPP_DLL void CRYPTOPP_API xorbuf(byte *output, const byte *input, const byte *mask, size_t count);
 template <class T>
-inline bool IsPowerOf2(T n)
+inline bool IsPowerOf2(const T &n)
 {
 	return n > 0 && (n & (n-1)) == 0;
 }
 template <class T1, class T2>
-inline T2 ModPowerOf2(T1 a, T2 b)
+inline T2 ModPowerOf2(const T1 &a, const T2 &b)
 {
 	assert(IsPowerOf2(b));
 	return T2(a) & (b-1);
 }
-template <class T>
+template <class T1, class T2>
-inline T RoundDownToMultipleOf(T n, T m)
+inline T1 RoundDownToMultipleOf(const T1 &n, const T2 &m)
 {
-	return n - (IsPowerOf2(m) ? ModPowerOf2(n, m) : (n%m));
+	if (IsPowerOf2(m))
 		return n - ModPowerOf2(n, m);
 	else
 		return n - n%m;
 }
-template <class T>
+template <class T1, class T2>
-inline T RoundUpToMultipleOf(T n, T m)
+inline T1 RoundUpToMultipleOf(const T1 &n, const T2 &m)
 {
 	if (n+m-1 < n)
 		throw InvalidArgument("RoundUpToMultipleOf: integer overflow");
 	return RoundDownToMultipleOf(n+m-1, m);
 }
@ -251,7 +329,7 @@ std::string IntToString(T a, unsigned int base = 10)
 }
 template <class T1, class T2>
-inline T1 SaturatingSubtract(T1 a, T2 b)
+inline T1 SaturatingSubtract(const T1 &a, const T2 &b)
 {
 	CRYPTOPP_COMPILE_ASSERT_INSTANCE(T1(-1)>0, 0);	// T1 is unsigned type
 	CRYPTOPP_COMPILE_ASSERT_INSTANCE(T2(-1)>0, 1);	// T2 is unsigned type
@ -510,16 +588,16 @@ inline T ConditionalByteReverse(ByteOrder order, T value)
 }
 template <class T>
-void ByteReverse(T *out, const T *in, unsigned int byteCount)
+void ByteReverse(T *out, const T *in, size_t byteCount)
 {
 	assert(byteCount % sizeof(T) == 0);
-	unsigned int count = byteCount/sizeof(T);
+	size_t count = byteCount/sizeof(T);
-	for (unsigned int i=0; i<count; i++)
+	for (size_t i=0; i<count; i++)
 		out[i] = ByteReverse(in[i]);
 }
 template <class T>
-inline void ConditionalByteReverse(ByteOrder order, T *out, const T *in, unsigned int byteCount)
+inline void ConditionalByteReverse(ByteOrder order, T *out, const T *in, size_t byteCount)
 {
 	if (!NativeByteOrderIs(order))
 		ByteReverse(out, in, byteCount);
@ -528,9 +606,9 @@ inline void ConditionalByteReverse(ByteOrder order, T *out, const T *in, unsigne
 }
 template <class T>
-inline void GetUserKey(ByteOrder order, T *out, unsigned int outlen, const byte *in, unsigned int inlen)
+inline void GetUserKey(ByteOrder order, T *out, size_t outlen, const byte *in, size_t inlen)
 {
-	const unsigned int U = sizeof(T);
+	const size_t U = sizeof(T);
 	assert(inlen <= outlen*U);
 	memcpy(out, in, inlen);
 	memset((byte *)out+inlen, 0, outlen*U-inlen);
@ -774,7 +852,7 @@ template <class T>
 T StringToWord(const std::string &str, ByteOrder order = BIG_ENDIAN_ORDER)
 {
 	T value = 0;
-	memcpy(&value, str.data(), STDMIN(sizeof(value), str.size()));
+	memcpy(&value, str.data(), UnsignedMin(str.size(), sizeof(value)));
 	return NativeByteOrderIs(order) ? value : ByteReverse(value);
 }
--- a/modes.cpp
+++ b/modes.cpp
@ -24,9 +24,9 @@ void Modes_TestInstantiations()
 }
 #endif
-void CipherModeBase::SetKey(const byte *key, unsigned int length, const NameValuePairs &params)
+void CipherModeBase::SetKey(const byte *key, size_t length, const NameValuePairs &params)
 {
-	UncheckedSetKey(params, key, length, GetIVAndThrowIfInvalid(params));	// the underlying cipher will check the key length
+	UncheckedSetKey(params, key, (unsigned int)length, GetIVAndThrowIfInvalid(params));	// the underlying cipher will check the key length
 }
 void CipherModeBase::GetNextIV(byte *IV)
@ -55,7 +55,7 @@ void CTR_ModePolicy::GetNextIV(byte *IV)
 	IncrementCounterByOne(IV, m_counterArray, BlockSize());
 }
-inline void CTR_ModePolicy::ProcessMultipleBlocks(byte *output, const byte *input, unsigned int n)
+inline void CTR_ModePolicy::ProcessMultipleBlocks(byte *output, const byte *input, size_t n)
 {
 	unsigned int s = BlockSize(), j = 0;
 	for (unsigned int i=1; i<n; i++, j+=s)
@ -64,7 +64,7 @@ inline void CTR_ModePolicy::ProcessMultipleBlocks(byte *output, const byte *inpu
 	IncrementCounterByOne(m_counterArray, m_counterArray + s*(n-1), s);
 }
-void CTR_ModePolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount)
+void CTR_ModePolicy::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
 {
 	unsigned int maxBlocks = m_cipher->OptimalNumberOfParallelBlocks();
 	if (maxBlocks == 1)
@ -110,7 +110,7 @@ void BlockOrientedCipherModeBase::UncheckedSetKey(const NameValuePairs &params,
 		Resynchronize(iv);
 }
-void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inString, unsigned int length)
+void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inString, size_t length)
 {
 	unsigned int s = BlockSize();
 	assert(length % s == 0);
@ -146,7 +146,7 @@ void BlockOrientedCipherModeBase::ProcessData(byte *outString, const byte *inStr
 	}
 }
-void CBC_Encryption::ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks)
+void CBC_Encryption::ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks)
 {
 	unsigned int blockSize = BlockSize();
 	while (numberOfBlocks--)
@ -159,7 +159,7 @@ void CBC_Encryption::ProcessBlocks(byte *outString, const byte *inString, unsign
 	}
 }
-void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, unsigned int length)
+void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
 {
 	if (length <= BlockSize())
 	{
@ -186,7 +186,7 @@ void CBC_CTS_Encryption::ProcessLastBlock(byte *outString, const byte *inString,
 	memcpy(outString, m_register, BlockSize());
 }
-void CBC_Decryption::ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks)
+void CBC_Decryption::ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks)
 {
 	unsigned int blockSize = BlockSize();
 	while (numberOfBlocks--)
@ -200,7 +200,7 @@ void CBC_Decryption::ProcessBlocks(byte *outString, const byte *inString, unsign
 	}
 }
-void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, unsigned int length)
+void CBC_CTS_Decryption::ProcessLastBlock(byte *outString, const byte *inString, size_t length)
 {
 	const byte *pn, *pn1;
 	bool stealIV = length <= BlockSize();
--- a/modes.h
+++ b/modes.h
@ -31,13 +31,13 @@ struct CipherModeDocumentation : public SymmetricCipherDocumentation
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CipherModeBase : public SymmetricCipher
 {
 public:
-	unsigned int MinKeyLength() const {return m_cipher->MinKeyLength();}
+	size_t MinKeyLength() const {return m_cipher->MinKeyLength();}
-	unsigned int MaxKeyLength() const {return m_cipher->MaxKeyLength();}
+	size_t MaxKeyLength() const {return m_cipher->MaxKeyLength();}
-	unsigned int DefaultKeyLength() const {return m_cipher->DefaultKeyLength();}
+	size_t DefaultKeyLength() const {return m_cipher->DefaultKeyLength();}
-	unsigned int GetValidKeyLength(unsigned int n) const {return m_cipher->GetValidKeyLength(n);}
+	size_t GetValidKeyLength(size_t n) const {return m_cipher->GetValidKeyLength(n);}
-	bool IsValidKeyLength(unsigned int n) const {return m_cipher->IsValidKeyLength(n);}
+	bool IsValidKeyLength(size_t n) const {return m_cipher->IsValidKeyLength(n);}
-	void SetKey(const byte *key, unsigned int length, const NameValuePairs &params = g_nullNameValuePairs);
+	void SetKey(const byte *key, size_t length, const NameValuePairs &params = g_nullNameValuePairs);
 	unsigned int OptimalDataAlignment() const {return BlockSize();}
@ -46,7 +46,7 @@ public:
 	virtual IV_Requirement IVRequirement() const =0;
 protected:
-	inline unsigned int BlockSize() const {assert(m_register.size() > 0); return m_register.size();}
+	inline unsigned int BlockSize() const {assert(m_register.size() > 0); return (unsigned int)m_register.size();}
 	virtual void SetFeedbackSize(unsigned int feedbackSize)
 	{
 		if (!(feedbackSize == 0 || feedbackSize == BlockSize()))
@ -66,11 +66,11 @@ template <class POLICY_INTERFACE>
 class CRYPTOPP_NO_VTABLE ModePolicyCommonTemplate : public CipherModeBase, public POLICY_INTERFACE
 {
 	unsigned int GetAlignment() const {return m_cipher->BlockAlignment();}
-	void CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length);
+	void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
 };
 template <class POLICY_INTERFACE>
-void ModePolicyCommonTemplate<POLICY_INTERFACE>::CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length)
+void ModePolicyCommonTemplate<POLICY_INTERFACE>::CipherSetKey(const NameValuePairs &params, const byte *key, size_t length)
 {
 	m_cipher->SetKey(key, length, params);
 	ResizeBuffers();
@ -132,7 +132,7 @@ public:
 private:
 	unsigned int GetBytesPerIteration() const {return BlockSize();}
 	unsigned int GetIterationsToBuffer() const {return 1;}
-	void WriteKeystream(byte *keystreamBuffer, unsigned int iterationCount)
+	void WriteKeystream(byte *keystreamBuffer, size_t iterationCount)
 	{
 		assert(iterationCount == 1);
 		m_cipher->ProcessBlock(keystreamBuffer);
@ -155,14 +155,14 @@ public:
 private:
 	unsigned int GetBytesPerIteration() const {return BlockSize();}
 	unsigned int GetIterationsToBuffer() const {return m_cipher->OptimalNumberOfParallelBlocks();}
-	void WriteKeystream(byte *buffer, unsigned int iterationCount)
+	void WriteKeystream(byte *buffer, size_t iterationCount)
 		{OperateKeystream(WRITE_KEYSTREAM, buffer, NULL, iterationCount);}
 	bool CanOperateKeystream() const {return true;}
-	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount);
+	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount);
 	void CipherResynchronize(byte *keystreamBuffer, const byte *iv);
 	void SeekToIteration(lword iterationCount);
-	inline void ProcessMultipleBlocks(byte *output, const byte *input, unsigned int n);
+	inline void ProcessMultipleBlocks(byte *output, const byte *input, size_t n);
 	SecByteBlock m_counterArray;
 };
@ -176,11 +176,11 @@ public:
 	bool IsSelfInverting() const {return false;}
 	bool IsForwardTransformation() const {return m_cipher->IsForwardTransformation();}
 	void Resynchronize(const byte *iv) {memcpy(m_register, iv, BlockSize());}
-	void ProcessData(byte *outString, const byte *inString, unsigned int length);
+	void ProcessData(byte *outString, const byte *inString, size_t length);
 protected:
 	bool RequireAlignedInput() const {return true;}
-	virtual void ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks) =0;
+	virtual void ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks) =0;
 	void ResizeBuffers()
 	{
 		CipherModeBase::ResizeBuffers();
@ -195,7 +195,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE ECB_OneWay : public BlockOrientedCipherMod
 public:
 	IV_Requirement IVRequirement() const {return NOT_RESYNCHRONIZABLE;}
 	unsigned int OptimalBlockSize() const {return BlockSize() * m_cipher->OptimalNumberOfParallelBlocks();}
-	void ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks)
+	void ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks)
 		{m_cipher->ProcessAndXorMultipleBlocks(inString, NULL, outString, numberOfBlocks);}
 	static const char * CRYPTOPP_API StaticAlgorithmName() {return "ECB";}
 };
@ -212,7 +212,7 @@ public:
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_Encryption : public CBC_ModeBase
 {
 public:
-	void ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks);
+	void ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks);
 };
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_CTS_Encryption : public CBC_Encryption
@ -220,7 +220,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_CTS_Encryption : public CBC_Encryption
 public:
 	void SetStolenIV(byte *iv) {m_stolenIV = iv;}
 	unsigned int MinLastBlockSize() const {return BlockSize()+1;}
-	void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length);
+	void ProcessLastBlock(byte *outString, const byte *inString, size_t length);
 	static const char * CRYPTOPP_API StaticAlgorithmName() {return "CBC/CTS";}
 protected:
@ -236,7 +236,7 @@ protected:
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_Decryption : public CBC_ModeBase
 {
 public:
-	void ProcessBlocks(byte *outString, const byte *inString, unsigned int numberOfBlocks);
+	void ProcessBlocks(byte *outString, const byte *inString, size_t numberOfBlocks);
 protected:
 	void ResizeBuffers()
@ -251,7 +251,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE CBC_CTS_Decryption : public CBC_Decryption
 {
 public:
 	unsigned int MinLastBlockSize() const {return BlockSize()+1;}
-	void ProcessLastBlock(byte *outString, const byte *inString, unsigned int length);
+	void ProcessLastBlock(byte *outString, const byte *inString, size_t length);
 };
 //! _
@ -264,17 +264,17 @@ public:
 		this->m_cipher = &this->m_object;
 		this->ResizeBuffers();
 	}
-	CipherModeFinalTemplate_CipherHolder(const byte *key, unsigned int length)
+	CipherModeFinalTemplate_CipherHolder(const byte *key, size_t length)
 	{
 		this->m_cipher = &this->m_object;
 		this->SetKey(key, length);
 	}
-	CipherModeFinalTemplate_CipherHolder(const byte *key, unsigned int length, const byte *iv)
+	CipherModeFinalTemplate_CipherHolder(const byte *key, size_t length, const byte *iv)
 	{
 		this->m_cipher = &this->m_object;
 		this->SetKey(key, length, MakeParameters(Name::IV(), iv));
 	}
-	CipherModeFinalTemplate_CipherHolder(const byte *key, unsigned int length, const byte *iv, int feedbackSize)
+	CipherModeFinalTemplate_CipherHolder(const byte *key, size_t length, const byte *iv, int feedbackSize)
 	{
 		this->m_cipher = &this->m_object;
 		this->SetKey(key, length, MakeParameters(Name::IV(), iv)(Name::FeedbackSize(), feedbackSize));
--- a/mqueue.cpp
+++ b/mqueue.cpp
@ -13,7 +13,7 @@ MessageQueue::MessageQueue(unsigned int nodeSize)
 {
 }
-unsigned int MessageQueue::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t MessageQueue::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	if (begin >= MaxRetrievable())
 		return 0;
@ -21,10 +21,10 @@ unsigned int MessageQueue::CopyRangeTo2(BufferedTransformation &target, unsigned
 	return m_queue.CopyRangeTo2(target, begin, STDMIN(MaxRetrievable(), end), channel, blocking);
 }
-unsigned int MessageQueue::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t MessageQueue::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	transferBytes = STDMIN(MaxRetrievable(), transferBytes);
-	unsigned int blockedBytes = m_queue.TransferTo2(target, transferBytes, channel, blocking);
+	size_t blockedBytes = m_queue.TransferTo2(target, transferBytes, channel, blocking);
 	m_lengths.front() -= transferBytes;
 	return blockedBytes;
 }
@ -45,7 +45,7 @@ bool MessageQueue::GetNextMessage()
 unsigned int MessageQueue::CopyMessagesTo(BufferedTransformation &target, unsigned int count, const std::string &channel) const
 {
 	ByteQueue::Walker walker(m_queue);
-	std::deque<unsigned long>::const_iterator it = m_lengths.begin();
+	std::deque<lword>::const_iterator it = m_lengths.begin();
 	unsigned int i;
 	for (i=0; i<count && it != --m_lengths.end(); ++i, ++it)
 	{
@ -62,10 +62,10 @@ void MessageQueue::swap(MessageQueue &rhs)
 	m_lengths.swap(rhs.m_lengths);
 }
-const byte * MessageQueue::Spy(unsigned int &contiguousSize) const
+const byte * MessageQueue::Spy(size_t &contiguousSize) const
 {
 	const byte *result = m_queue.Spy(contiguousSize);
-	contiguousSize = (unsigned int)STDMIN((unsigned long)contiguousSize, MaxRetrievable());
+	contiguousSize = UnsignedMin(contiguousSize, MaxRetrievable());
 	return result;
 }
@ -81,7 +81,7 @@ unsigned int EqualityComparisonFilter::MapChannel(const std::string &channel) co
 		return 2;
 }
-unsigned int EqualityComparisonFilter::ChannelPut2(const std::string &channel, const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t EqualityComparisonFilter::ChannelPut2(const std::string &channel, const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	if (!blocking)
 		throw BlockingInputOnly("EqualityComparisonFilter");
@ -101,7 +101,7 @@ unsigned int EqualityComparisonFilter::ChannelPut2(const std::string &channel, c
 		while (length > 0 && q2.AnyRetrievable())
 		{
-			unsigned int len = length;
+			size_t len = length;
 			const byte *data = q2.Spy(len);
 			len = STDMIN(len, length);
 			if (memcmp(inString, data, len) != 0)
--- a/mqueue.h
+++ b/mqueue.h
@ -15,7 +15,7 @@ public:
 	void IsolatedInitialize(const NameValuePairs &parameters)
 		{m_queue.IsolatedInitialize(parameters); m_lengths.assign(1, 0U); m_messageCounts.assign(1, 0U);}
-	unsigned int Put2(const byte *begin, unsigned int length, int messageEnd, bool blocking)
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking)
 	{
 		m_queue.Put(begin, length);
 		m_lengths.back() += length;
@ -30,34 +30,35 @@ public:
 	bool IsolatedMessageSeriesEnd(bool blocking)
 		{m_messageCounts.push_back(0); return false;}
-	unsigned long MaxRetrievable() const
+	lword MaxRetrievable() const
 		{return m_lengths.front();}
 	bool AnyRetrievable() const
 		{return m_lengths.front() > 0;}
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
-	unsigned long TotalBytesRetrievable() const
+	lword TotalBytesRetrievable() const
 		{return m_queue.MaxRetrievable();}
 	unsigned int NumberOfMessages() const
-		{return m_lengths.size()-1;}
+		{return (unsigned int)m_lengths.size()-1;}
 	bool GetNextMessage();
 	unsigned int NumberOfMessagesInThisSeries() const
 		{return m_messageCounts[0];}
 	unsigned int NumberOfMessageSeries() const
-		{return m_messageCounts.size()-1;}
+		{return (unsigned int)m_messageCounts.size()-1;}
 	unsigned int CopyMessagesTo(BufferedTransformation &target, unsigned int count=UINT_MAX, const std::string &channel=NULL_CHANNEL) const;
-	const byte * Spy(unsigned int &contiguousSize) const;
+	const byte * Spy(size_t &contiguousSize) const;
 	void swap(MessageQueue &rhs);
 private:
 	ByteQueue m_queue;
-	std::deque<unsigned long> m_lengths, m_messageCounts;
+	std::deque<lword> m_lengths;
 	std::deque<unsigned int> m_messageCounts;
 };
@ -73,7 +74,7 @@ public:
 		, m_firstChannel(firstChannel), m_secondChannel(secondChannel)
 		{Detach(attachment);}
-	unsigned int ChannelPut2(const std::string &channel, const byte *begin, unsigned int length, int messageEnd, bool blocking);
+	size_t ChannelPut2(const std::string &channel, const byte *begin, size_t length, int messageEnd, bool blocking);
 	bool ChannelMessageSeriesEnd(const std::string &channel, int propagation=-1, bool blocking=true);
 private:
--- a/nbtheory.cpp
+++ b/nbtheory.cpp
@ -37,7 +37,7 @@ struct NewPrimeTable
 			if (j == testEntriesEnd)
 			{
 				primeTable.push_back(p);
-				testEntriesEnd = STDMIN((size_t)54U, primeTable.size());
+				testEntriesEnd = UnsignedMin(54U, primeTable.size());
 			}
 		}
@ -48,7 +48,7 @@ struct NewPrimeTable
 const word16 * GetPrimeTable(unsigned int &size)
 {
 	const std::vector<word16> &primeTable = Singleton<std::vector<word16>, NewPrimeTable>().Ref();
-	size = primeTable.size();
+	size = (unsigned int)primeTable.size();
 	return &primeTable[0];
 }
@ -303,10 +303,11 @@ PrimeSieve::PrimeSieve(const Integer &first, const Integer &last, const Integer
 bool PrimeSieve::NextCandidate(Integer &c)
 {
-	m_next = std::find(m_sieve.begin()+m_next, m_sieve.end(), false) - m_sieve.begin();
+	bool safe = SafeConvert(std::find(m_sieve.begin()+m_next, m_sieve.end(), false) - m_sieve.begin(), m_next);
 	assert(safe);
 	if (m_next == m_sieve.size())
 	{
-		m_first += m_sieve.size()*m_step;
+		m_first += long(m_sieve.size())*m_step;
 		if (m_first > m_last)
 			return false;
 		else
@ -328,7 +329,7 @@ void PrimeSieve::SieveSingle(std::vector<bool> &sieve, word16 p, const Integer &
 {
 	if (stepInv)
 	{
-		unsigned int sieveSize = sieve.size();
+		size_t sieveSize = sieve.size();
 		word j = word((word32(p-(first%p))*stepInv) % p);
 		// if the first multiple of p is p, skip it
 		if (first.WordCount() <= 1 && first + step*j == p)
@ -549,6 +550,19 @@ Integer CRT(const Integer &xp, const Integer &p, const Integer &xq, const Intege
 {
 	// isn't operator overloading great?
 	return p * (u * (xq-xp) % q) + xp;
 /*
 	Integer t1 = xq-xp;
 	cout << hex << t1 << endl;
 	Integer t2 = u * t1;
 	cout << hex << t2 << endl;
 	Integer t3 = t2 % q;
 	cout << hex << t3 << endl;
 	Integer t4 = p * t3;
 	cout << hex << t4 << endl;
 	Integer t5 = t4 + xp;
 	cout << hex << t5 << endl;
 	return t5;
 */
 }
 Integer CRT(const Integer &xp, const Integer &p, const Integer &xq, const Integer &q)
--- a/network.cpp
+++ b/network.cpp
@ -8,14 +8,19 @@
 NAMESPACE_BEGIN(CryptoPP)
-unsigned int NonblockingSource::PumpMessages2(unsigned int &messageCount, bool blocking)
+size_t NonblockingSource::PumpMessages2(unsigned int &messageCount, bool blocking)
 {
 	if (messageCount == 0)
 		return 0;
 	unsigned long byteCount = ULONG_MAX;
 	messageCount = 0;
 	lword byteCount;
 	do {
 		byteCount = LWORD_MAX;
 		RETURN_IF_NONZERO(Pump2(byteCount, blocking));
 	} while(byteCount == LWORD_MAX);
 	if (!m_messageEndSent && SourceExhausted())
 	{
 		RETURN_IF_NONZERO(AttachedTransformation()->Put2(NULL, 0, GetAutoSignalPropagation(), true));
@ -54,11 +59,11 @@ void NetworkSource::GetWaitObjects(WaitObjectContainer &container)
 	AttachedTransformation()->GetWaitObjects(container);
 }
-unsigned int NetworkSource::GeneralPump2(unsigned long &byteCount, bool blockingOutput, unsigned long maxTime, bool checkDelimiter, byte delimiter)
+size_t NetworkSource::GeneralPump2(lword &byteCount, bool blockingOutput, unsigned long maxTime, bool checkDelimiter, byte delimiter)
 {
 	NetworkReceiver &receiver = AccessReceiver();
-	unsigned long maxSize = byteCount;
+	lword maxSize = byteCount;
 	byteCount = 0;
 	bool forever = maxTime == INFINITE_TIME;
 	Timer timer(Timer::MILLISECONDS, forever);
@ -128,12 +133,12 @@ ReceiveNoWait:
 		}
 		else
 		{
-			m_putSize = STDMIN((unsigned long)m_dataEnd-m_dataBegin, maxSize-byteCount);
+			m_putSize = (size_t)STDMIN((lword)m_dataEnd-m_dataBegin, maxSize-byteCount);
 			if (checkDelimiter)
 				m_putSize = std::find(m_buf+m_dataBegin, m_buf+m_dataBegin+m_putSize, delimiter) - (m_buf+m_dataBegin);
 DoOutput:
-			unsigned int result = t->PutModifiable2(m_buf+m_dataBegin, m_putSize, 0, forever || blockingOutput);
+			size_t result = t->PutModifiable2(m_buf+m_dataBegin, m_putSize, 0, forever || blockingOutput);
 			if (result)
 			{
 				if (t->Wait(SaturatingSubtract(maxTime, timer.ElapsedTime())))
@ -187,7 +192,7 @@ float NetworkSink::ComputeCurrentSpeed()
 	return m_currentSpeed;
 }
-unsigned int NetworkSink::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t NetworkSink::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	if (m_skipBytes)
 	{
@ -200,19 +205,19 @@ unsigned int NetworkSink::Put2(const byte *inString, unsigned int length, int me
 	if (!blocking || m_buffer.CurrentSize() > m_autoFlushBound)
 		TimedFlush(0, 0);
-	unsigned int targetSize = messageEnd ? 0 : m_maxBufferSize;
+	size_t targetSize = messageEnd ? 0 : m_maxBufferSize;
 	if (blocking)
 		TimedFlush(INFINITE_TIME, targetSize);
 	if (m_buffer.CurrentSize() > targetSize)
 	{
 		assert(!blocking);
-		unsigned int blockedBytes = STDMIN(m_buffer.CurrentSize() - targetSize, (unsigned long)length);
+		size_t blockedBytes = (size_t)STDMIN(m_buffer.CurrentSize() - targetSize, (lword)length);
 		m_buffer.UndoLazyPut(blockedBytes);
 		m_buffer.FinalizeLazyPut();
 		m_wasBlocked = true;
 		m_skipBytes += length - blockedBytes;
-		return STDMAX(blockedBytes, 1U);
+		return UnsignedMin(1, blockedBytes);
 	}
 	m_buffer.FinalizeLazyPut();
@ -224,7 +229,7 @@ unsigned int NetworkSink::Put2(const byte *inString, unsigned int length, int me
 	return 0;
 }
-unsigned int NetworkSink::TimedFlush(unsigned long maxTime, unsigned int targetSize)
+lword NetworkSink::TimedFlush(unsigned long maxTime, size_t targetSize)
 {
 	NetworkSender &sender = AccessSender();
@ -258,7 +263,7 @@ unsigned int NetworkSink::TimedFlush(unsigned long maxTime, unsigned int targetS
 		if (sender.MustWaitToSend() && !sender.Wait(timeOut))
 			break;
-		unsigned int contiguousSize = 0;
+		size_t contiguousSize = 0;
 		const byte *block = m_buffer.Spy(contiguousSize);
 #if CRYPTOPP_TRACE_NETWORK
--- a/network.h
+++ b/network.h
@ -18,21 +18,21 @@ public:
 	//! pump up to maxSize bytes using at most maxTime milliseconds
 	/*! If checkDelimiter is true, pump up to delimiter, which itself is not extracted or pumped. */
-	virtual unsigned int GeneralPump2(unsigned long &byteCount, bool blockingOutput=true, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n') =0;
+	virtual size_t GeneralPump2(lword &byteCount, bool blockingOutput=true, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n') =0;
-	unsigned long GeneralPump(unsigned long maxSize=ULONG_MAX, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n')
+	lword GeneralPump(lword maxSize=LWORD_MAX, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n')
 	{
 		GeneralPump2(maxSize, true, maxTime, checkDelimiter, delimiter);
 		return maxSize;
 	}
-	unsigned long TimedPump(unsigned long maxTime)
+	lword TimedPump(unsigned long maxTime)
-		{return GeneralPump(ULONG_MAX, maxTime);}
+		{return GeneralPump(LWORD_MAX, maxTime);}
-	unsigned long PumpLine(byte delimiter='\n', unsigned long maxSize=1024)
+	lword PumpLine(byte delimiter='\n', lword maxSize=1024)
 		{return GeneralPump(maxSize, INFINITE_TIME, true, delimiter);}
-	unsigned int Pump2(unsigned long &byteCount, bool blocking=true)
+	size_t Pump2(lword &byteCount, bool blocking=true)
 		{return GeneralPump2(byteCount, blocking, blocking ? INFINITE_TIME : 0);}
-	unsigned int PumpMessages2(unsigned int &messageCount, bool blocking=true);
+	size_t PumpMessages2(unsigned int &messageCount, bool blocking=true);
 	//@}
 private:
@ -46,7 +46,7 @@ public:
 	virtual bool MustWaitToReceive() {return false;}
 	virtual bool MustWaitForResult() {return false;}
 	//! receive data from network source, returns whether result is immediately available
-	virtual bool Receive(byte* buf, unsigned int bufLen) =0;
+	virtual bool Receive(byte* buf, size_t bufLen) =0;
 	virtual unsigned int GetReceiveResult() =0;
 	virtual bool EofReceived() const =0;
 };
@ -55,8 +55,8 @@ class CRYPTOPP_NO_VTABLE NonblockingSinkInfo
 {
 public:
 	virtual ~NonblockingSinkInfo() {}
-	virtual unsigned int GetMaxBufferSize() const =0;
+	virtual size_t GetMaxBufferSize() const =0;
-	virtual unsigned int GetCurrentBufferSize() const =0;
+	virtual size_t GetCurrentBufferSize() const =0;
 	//! compute the current speed of this sink in bytes per second
 	virtual float ComputeCurrentSpeed() =0;
 	//! get the maximum observed speed of this sink in bytes per second
@ -79,11 +79,11 @@ public:
 		For example: while (sink.TimedFlush(0) > 0) {}
 		\return number of bytes flushed
 	*/
-	virtual unsigned int TimedFlush(unsigned long maxTime, unsigned int targetSize = 0) =0;
+	virtual lword TimedFlush(unsigned long maxTime, size_t targetSize=0) =0;
-	virtual void SetMaxBufferSize(unsigned int maxBufferSize) =0;
+	virtual void SetMaxBufferSize(size_t maxBufferSize) =0;
 	//! set a bound which will cause sink to flush if exceeded by GetCurrentBufferSize()
-	virtual void SetAutoFlushBound(unsigned int bound) =0;
+	virtual void SetAutoFlushBound(size_t bound) =0;
 };
 //! Network Sender
@ -92,7 +92,7 @@ class CRYPTOPP_NO_VTABLE NetworkSender : public Waitable
 public:
 	virtual bool MustWaitToSend() {return false;}
 	virtual bool MustWaitForResult() {return false;}
-	virtual void Send(const byte* buf, unsigned int bufLen) =0;
+	virtual void Send(const byte* buf, size_t bufLen) =0;
 	virtual unsigned int GetSendResult() =0;
 	virtual void SendEof() =0;
 };
@ -109,7 +109,7 @@ public:
 		{return GetReceiver().GetMaxWaitObjectCount() + AttachedTransformation()->GetMaxWaitObjectCount();}
 	void GetWaitObjects(WaitObjectContainer &container);
-	unsigned int GeneralPump2(unsigned long &byteCount, bool blockingOutput=true, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n');
+	size_t GeneralPump2(lword &byteCount, bool blockingOutput=true, unsigned long maxTime=INFINITE_TIME, bool checkDelimiter=false, byte delimiter='\n');
 	bool SourceExhausted() const {return m_dataBegin == m_dataEnd && GetReceiver().EofReceived();}
 protected:
@ -118,7 +118,7 @@ protected:
 private:
 	SecByteBlock m_buf;
-	unsigned int m_putSize, m_dataBegin, m_dataEnd;
+	size_t m_putSize, m_dataBegin, m_dataEnd;
 	bool m_waitingForResult, m_outputBlocked;
 };
@ -133,15 +133,15 @@ public:
 	void GetWaitObjects(WaitObjectContainer &container)
 		{if (m_wasBlocked || !m_buffer.IsEmpty()) AccessSender().GetWaitObjects(container);}
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking);
-	unsigned int TimedFlush(unsigned long maxTime, unsigned int targetSize = 0);
+	lword TimedFlush(unsigned long maxTime, size_t targetSize = 0);
-	void SetMaxBufferSize(unsigned int maxBufferSize) {m_maxBufferSize = maxBufferSize; m_buffer.SetNodeSize(STDMIN(16U*1024U+256, maxBufferSize));}
+	void SetMaxBufferSize(size_t maxBufferSize) {m_maxBufferSize = maxBufferSize; m_buffer.SetNodeSize(UnsignedMin(maxBufferSize, 16U*1024U+256U));}
-	void SetAutoFlushBound(unsigned int bound) {m_autoFlushBound = bound;}
+	void SetAutoFlushBound(size_t bound) {m_autoFlushBound = bound;}
-	unsigned int GetMaxBufferSize() const {return m_maxBufferSize;}
+	size_t GetMaxBufferSize() const {return m_maxBufferSize;}
-	unsigned int GetCurrentBufferSize() const {return m_buffer.CurrentSize();}
+	size_t GetCurrentBufferSize() const {return (size_t)m_buffer.CurrentSize();}
 	void ClearBuffer() {m_buffer.Clear();}
@ -155,10 +155,10 @@ protected:
 	const NetworkSender & GetSender() const {return const_cast<NetworkSink *>(this)->AccessSender();}
 private:
-	unsigned int m_maxBufferSize, m_autoFlushBound;
+	size_t m_maxBufferSize, m_autoFlushBound;
 	bool m_needSendResult, m_wasBlocked;
 	ByteQueue m_buffer;
-	unsigned int m_skipBytes;
+	size_t m_skipBytes;
 	Timer m_speedTimer;
 	float m_byteCountSinceLastTimerReset, m_currentSpeed, m_maxObservedSpeed;
 };
--- a/oaep.cpp
+++ b/oaep.cpp
@ -11,12 +11,12 @@ NAMESPACE_BEGIN(CryptoPP)
 // ********************************************************
-unsigned int OAEP_Base::MaxUnpaddedLength(unsigned int paddedLength) const
+size_t OAEP_Base::MaxUnpaddedLength(size_t paddedLength) const
 {
 	return SaturatingSubtract(paddedLength/8, 1+2*DigestSize());
 }
-void OAEP_Base::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLength, byte *oaepBlock, unsigned int oaepBlockLen, const NameValuePairs &parameters) const
+void OAEP_Base::Pad(RandomNumberGenerator &rng, const byte *input, size_t inputLength, byte *oaepBlock, size_t oaepBlockLen, const NameValuePairs &parameters) const
 {
 	assert (inputLength <= MaxUnpaddedLength(oaepBlockLen));
@ -29,8 +29,8 @@ void OAEP_Base::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int
 	oaepBlockLen /= 8;
 	std::auto_ptr<HashTransformation> pHash(NewHash());
-	const unsigned int hLen = pHash->DigestSize();
+	const size_t hLen = pHash->DigestSize();
-	const unsigned int seedLen = hLen, dbLen = oaepBlockLen-seedLen;
+	const size_t seedLen = hLen, dbLen = oaepBlockLen-seedLen;
 	byte *const maskedSeed = oaepBlock;
 	byte *const maskedDB = oaepBlock+seedLen;
@ -49,7 +49,7 @@ void OAEP_Base::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int
 	pMGF->GenerateAndMask(*pHash, maskedSeed, seedLen, maskedDB, dbLen);
 }
-DecodingResult OAEP_Base::Unpad(const byte *oaepBlock, unsigned int oaepBlockLen, byte *output, const NameValuePairs &parameters) const
+DecodingResult OAEP_Base::Unpad(const byte *oaepBlock, size_t oaepBlockLen, byte *output, const NameValuePairs &parameters) const
 {
 	bool invalid = false;
@ -62,8 +62,8 @@ DecodingResult OAEP_Base::Unpad(const byte *oaepBlock, unsigned int oaepBlockLen
 	oaepBlockLen /= 8;
 	std::auto_ptr<HashTransformation> pHash(NewHash());
-	const unsigned int hLen = pHash->DigestSize();
+	const size_t hLen = pHash->DigestSize();
-	const unsigned int seedLen = hLen, dbLen = oaepBlockLen-seedLen;
+	const size_t seedLen = hLen, dbLen = oaepBlockLen-seedLen;
 	invalid = (oaepBlockLen < 2*hLen+1) || invalid;
--- a/oaep.h
+++ b/oaep.h
@ -11,9 +11,9 @@ class CRYPTOPP_DLL OAEP_Base : public PK_EncryptionMessageEncodingMethod
 {
 public:
 	bool ParameterSupported(const char *name) const {return strcmp(name, Name::EncodingParameters()) == 0;}
-	unsigned int MaxUnpaddedLength(unsigned int paddedLength) const;
+	size_t MaxUnpaddedLength(size_t paddedLength) const;
-	void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength, const NameValuePairs &parameters) const;
+	void Pad(RandomNumberGenerator &rng, const byte *raw, size_t inputLength, byte *padded, size_t paddedLength, const NameValuePairs &parameters) const;
-	DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw, const NameValuePairs &parameters) const;
+	DecodingResult Unpad(const byte *padded, size_t paddedLength, byte *raw, const NameValuePairs &parameters) const;
 protected:
 	virtual unsigned int DigestSize() const =0;
--- a/osrng.cpp
+++ b/osrng.cpp
@ -81,13 +81,13 @@ byte NonblockingRng::GenerateByte()
 	return b;
 }
-void NonblockingRng::GenerateBlock(byte *output, unsigned int size)
+void NonblockingRng::GenerateBlock(byte *output, size_t size)
 {
 #ifdef CRYPTOPP_WIN32_AVAILABLE
 #	ifdef WORKAROUND_MS_BUG_Q258000
 		static MicrosoftCryptoProvider m_Provider;
 #	endif
-	if (!CryptGenRandom(m_Provider.GetProviderHandle(), size, output))
+	if (!CryptGenRandom(m_Provider.GetProviderHandle(), (DWORD)size, output))
 		throw OS_RNG_Err("CryptGenRandom");
 #else
 	if (read(m_fd, output, size) != size)
@ -120,7 +120,7 @@ byte BlockingRng::GenerateByte()
 	return b;
 }
-void BlockingRng::GenerateBlock(byte *output, unsigned int size)
+void BlockingRng::GenerateBlock(byte *output, size_t size)
 {
 	while (size)
 	{
@ -140,7 +140,7 @@ void BlockingRng::GenerateBlock(byte *output, unsigned int size)
 // *************************************************************
-void OS_GenerateRandomBlock(bool blocking, byte *output, unsigned int size)
+void OS_GenerateRandomBlock(bool blocking, byte *output, size_t size)
 {
 #ifdef NONBLOCKING_RNG_AVAILABLE
 	if (blocking)
--- a/osrng.h
+++ b/osrng.h
@ -47,7 +47,7 @@ public:
 	NonblockingRng();
 	~NonblockingRng();
 	byte GenerateByte();
-	void GenerateBlock(byte *output, unsigned int size);
+	void GenerateBlock(byte *output, size_t size);
 protected:
 #ifdef CRYPTOPP_WIN32_AVAILABLE
@ -70,7 +70,7 @@ public:
 	BlockingRng();
 	~BlockingRng();
 	byte GenerateByte();
-	void GenerateBlock(byte *output, unsigned int size);
+	void GenerateBlock(byte *output, size_t size);
 protected:
 	int m_fd;
@ -78,7 +78,7 @@ protected:
 #endif
-CRYPTOPP_DLL void CRYPTOPP_API OS_GenerateRandomBlock(bool blocking, byte *output, unsigned int size);
+CRYPTOPP_DLL void CRYPTOPP_API OS_GenerateRandomBlock(bool blocking, byte *output, size_t size);
 //! Automaticly Seeded Randomness Pool
 /*! This class seeds itself using an operating system provided RNG. */
@ -101,7 +101,7 @@ public:
 		{Reseed(blocking);}
 	void Reseed(bool blocking = false);
 	// exposed for testing
-	void Reseed(const byte *key, unsigned int keylength, const byte *seed, const byte *timeVector);
+	void Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector);
 	byte GenerateByte();
@ -115,7 +115,7 @@ private:
 CRYPTOPP_DLL_TEMPLATE_CLASS AutoSeededX917RNG<DES_EDE3>;
 template <class BLOCK_CIPHER>
-void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(const byte *key, unsigned int keylength, const byte *seed, const byte *timeVector)
+void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector)
 {
 	m_rng.reset(new X917RNG(new typename BLOCK_CIPHER::Encryption(key, keylength), seed, timeVector));
--- a/panama.cpp
+++ b/panama.cpp
@ -14,7 +14,7 @@ void Panama<B>::Reset()
 }
 template <class B>
-void Panama<B>::Iterate(unsigned int count, const word32 *p, word32 *z, const word32 *y)
+void Panama<B>::Iterate(size_t count, const word32 *p, word32 *z, const word32 *y)
 {
 	unsigned int bstart = m_bstart;
 	word32 *const a = m_state;
@ -88,14 +88,14 @@ void Panama<B>::Iterate(unsigned int count, const word32 *p, word32 *z, const wo
 }
 template <class B>
-unsigned int PanamaHash<B>::HashMultipleBlocks(const word32 *input, unsigned int length)
+size_t PanamaHash<B>::HashMultipleBlocks(const word32 *input, size_t length)
 {
 	this->Iterate(length / this->BLOCKSIZE, input);
 	return length % this->BLOCKSIZE;
 }
 template <class B>
-void PanamaHash<B>::TruncatedFinal(byte *hash, unsigned int size)
+void PanamaHash<B>::TruncatedFinal(byte *hash, size_t size)
 {
 	this->ThrowIfInvalidTruncatedSize(size);
@ -112,7 +112,7 @@ void PanamaHash<B>::TruncatedFinal(byte *hash, unsigned int size)
 }
 template <class B>
-void PanamaCipherPolicy<B>::CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length)
+void PanamaCipherPolicy<B>::CipherSetKey(const NameValuePairs &params, const byte *key, size_t length)
 {
 	FixedSizeSecBlock<word32, 8> buf;
@ -129,7 +129,7 @@ void PanamaCipherPolicy<B>::CipherSetKey(const NameValuePairs &params, const byt
 }
 template <class B>
-void PanamaCipherPolicy<B>::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount)
+void PanamaCipherPolicy<B>::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
 {
 	this->Iterate(iterationCount, NULL, (word32 *)output, (const word32 *)input);
 }
--- a/panama.h
+++ b/panama.h
@ -14,7 +14,7 @@ class CRYPTOPP_NO_VTABLE Panama
 {
 public:
 	void Reset();
-	void Iterate(unsigned int count, const word32 *p=NULL, word32 *z=NULL, const word32 *y=NULL);
+	void Iterate(size_t count, const word32 *p=NULL, word32 *z=NULL, const word32 *y=NULL);
 protected:
 	typedef word32 Stage[8];
@ -32,13 +32,13 @@ public:
 	enum {DIGESTSIZE = 32};
 	PanamaHash() {Panama<B>::Reset();}
 	unsigned int DigestSize() const {return DIGESTSIZE;}
-	void TruncatedFinal(byte *hash, unsigned int size);
+	void TruncatedFinal(byte *hash, size_t size);
 	static const char * StaticAlgorithmName() {return B::ToEnum() == BIG_ENDIAN_ORDER ? "Panama-BE" : "Panama-LE";}
 protected:
 	void Init() {Panama<B>::Reset();}
 	void HashEndianCorrectedBlock(const word32 *data) {this->Iterate(1, data);}	// push
-	unsigned int HashMultipleBlocks(const word32 *input, unsigned int length);
+	size_t HashMultipleBlocks(const word32 *input, size_t length);
 };
 //! MAC construction using a hermetic hash function
@ -46,7 +46,7 @@ template <class T_Hash, class T_Info = T_Hash>
 class HermeticHashFunctionMAC : public AlgorithmImpl<SimpleKeyingInterfaceImpl<TwoBases<MessageAuthenticationCode, VariableKeyLength<32, 0, UINT_MAX> > >, T_Info>
 {
 public:
-	void SetKey(const byte *key, unsigned int length, const NameValuePairs &params = g_nullNameValuePairs)
+	void SetKey(const byte *key, size_t length, const NameValuePairs &params = g_nullNameValuePairs)
 	{
 		m_key.Assign(key, length);
 		Restart();
@ -58,14 +58,14 @@ public:
 		m_keyed = false;
 	}
-	void Update(const byte *input, unsigned int length)
+	void Update(const byte *input, size_t length)
 	{
 		if (!m_keyed)
 			KeyHash();
 		m_hash.Update(input, length);
 	}
-	void TruncatedFinal(byte *digest, unsigned int digestSize)
+	void TruncatedFinal(byte *digest, size_t digestSize)
 	{
 		if (!m_keyed)
 			KeyHash();
@ -118,8 +118,8 @@ class PanamaCipherPolicy : public AdditiveCipherConcretePolicy<word32, 8>,
 							protected Panama<B>
 {
 protected:
-	void CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length);
+	void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
-	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount);
+	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount);
 	bool IsRandomAccess() const {return false;}
 };
--- a/pkcspad.cpp
+++ b/pkcspad.cpp
@ -20,12 +20,12 @@ template<> const unsigned int PKCS_DigestDecoration<RIPEMD160>::length = sizeof(
 template<> const byte PKCS_DigestDecoration<Tiger>::decoration[] = {0x30,0x29,0x30,0x0D,0x06,0x09,0x2B,0x06,0x01,0x04,0x01,0xDA,0x47,0x0C,0x02,0x05,0x00,0x04,0x18};
 template<> const unsigned int PKCS_DigestDecoration<Tiger>::length = sizeof(PKCS_DigestDecoration<Tiger>::decoration);
-unsigned int PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(unsigned int paddedLength) const
+size_t PKCS_EncryptionPaddingScheme::MaxUnpaddedLength(size_t paddedLength) const
 {
 	return SaturatingSubtract(paddedLength/8, 10U);
 }
-void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *input, unsigned int inputLen, byte *pkcsBlock, unsigned int pkcsBlockLen, const NameValuePairs &parameters) const
+void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *input, size_t inputLen, byte *pkcsBlock, size_t pkcsBlockLen, const NameValuePairs &parameters) const
 {
 	assert (inputLen <= MaxUnpaddedLength(pkcsBlockLen));	// this should be checked by caller
@ -47,10 +47,10 @@ void PKCS_EncryptionPaddingScheme::Pad(RandomNumberGenerator &rng, const byte *i
 	memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
 }
-DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsigned int pkcsBlockLen, byte *output, const NameValuePairs &parameters) const
+DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, size_t pkcsBlockLen, byte *output, const NameValuePairs &parameters) const
 {
 	bool invalid = false;
-	unsigned int maxOutputLen = MaxUnpaddedLength(pkcsBlockLen);
+	size_t maxOutputLen = MaxUnpaddedLength(pkcsBlockLen);
 	// convert from bit length to byte length
 	if (pkcsBlockLen % 8 != 0)
@ -64,12 +64,12 @@ DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsign
 	invalid = (pkcsBlock[0] != 2) || invalid;
 	// skip past the padding until we find the separator
-	unsigned i=1;
+	size_t i=1;
 	while (i<pkcsBlockLen && pkcsBlock[i++]) { // null body
 		}
 	assert(i==pkcsBlockLen || pkcsBlock[i-1]==0);
-	unsigned int outputLen = pkcsBlockLen - i;
+	size_t outputLen = pkcsBlockLen - i;
 	invalid = (outputLen > maxOutputLen) || invalid;
 	if (invalid)
@ -84,13 +84,13 @@ DecodingResult PKCS_EncryptionPaddingScheme::Unpad(const byte *pkcsBlock, unsign
 #ifndef CRYPTOPP_IMPORTS
 void PKCS1v15_SignatureMessageEncodingMethod::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-	const byte *recoverableMessage, unsigned int recoverableMessageLength,
+	const byte *recoverableMessage, size_t recoverableMessageLength,
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
-	unsigned int pkcsBlockLen = representativeBitLength;
+	size_t pkcsBlockLen = representativeBitLength;
 	// convert from bit length to byte length
 	if (pkcsBlockLen % 8 != 0)
 	{
--- a/pkcspad.h
+++ b/pkcspad.h
@ -16,9 +16,9 @@ class PKCS_EncryptionPaddingScheme : public PK_EncryptionMessageEncodingMethod
 public:
 	static const char * StaticAlgorithmName() {return "EME-PKCS1-v1_5";}
-	unsigned int MaxUnpaddedLength(unsigned int paddedLength) const;
+	size_t MaxUnpaddedLength(size_t paddedLength) const;
-	void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedLength, const NameValuePairs &parameters) const;
+	void Pad(RandomNumberGenerator &rng, const byte *raw, size_t inputLength, byte *padded, size_t paddedLength, const NameValuePairs &parameters) const;
-	DecodingResult Unpad(const byte *padded, unsigned int paddedLength, byte *raw, const NameValuePairs &parameters) const;
+	DecodingResult Unpad(const byte *padded, size_t paddedLength, byte *raw, const NameValuePairs &parameters) const;
 };
 template <class H> class PKCS_DigestDecoration
@ -55,13 +55,13 @@ class CRYPTOPP_DLL PKCS1v15_SignatureMessageEncodingMethod : public PK_Determini
 public:
 	static const char * CRYPTOPP_API StaticAlgorithmName() {return "EMSA-PKCS1-v1_5";}
-	unsigned int MinRepresentativeBitLength(unsigned int hashIdentifierSize, unsigned int digestSize) const
+	size_t MinRepresentativeBitLength(size_t hashIdentifierSize, size_t digestSize) const
 		{return 8 * (digestSize + hashIdentifierSize + 10);}
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 	struct HashIdentifierLookup
 	{
--- a/polynomi.cpp
+++ b/polynomi.cpp
@ -387,12 +387,12 @@ std::ostream& PolynomialOver<T>::Output(std::ostream &out, const Ring &ring) con
 				else
 				{
 					CoefficientType inverse = ring.Inverse(m_coefficients[i]);
-					std::ostrstream pstr, nstr;
+					std::ostringstream pstr, nstr;
 					pstr << m_coefficients[i];
 					nstr << inverse;
-					if (pstr.pcount() <= nstr.pcount())
+					if (pstr.str().size() <= nstr.str().size())
 					{
 						out << " + "; 
 						if (!i || !ring.Equal(m_coefficients[i], ring.MultiplicativeIdentity()))
--- a/pssr.cpp
+++ b/pssr.cpp
@ -12,14 +12,14 @@ template<> const byte EMSA2HashId<Whirlpool>::id = 0x37;
 #ifndef CRYPTOPP_IMPORTS
-unsigned int PSSR_MEM_Base::MinRepresentativeBitLength(unsigned int hashIdentifierLength, unsigned int digestLength) const
+size_t PSSR_MEM_Base::MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const
 {
-	unsigned int saltLen = SaltLen(digestLength);
+	size_t saltLen = SaltLen(digestLength);
-	unsigned int minPadLen = MinPadLen(digestLength);
+	size_t minPadLen = MinPadLen(digestLength);
 	return 9 + 8*(minPadLen + saltLen + digestLength + hashIdentifierLength);
 }
-unsigned int PSSR_MEM_Base::MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const
+size_t PSSR_MEM_Base::MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const
 {
 	if (AllowRecovery())
 		return SaturatingSubtract(representativeBitLength, MinRepresentativeBitLength(hashIdentifierLength, digestLength)) / 8;
@ -42,16 +42,16 @@ bool PSSR_MEM_Base::RecoverablePartFirst() const
 }
 void PSSR_MEM_Base::ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-	const byte *recoverableMessage, unsigned int recoverableMessageLength,
+	const byte *recoverableMessage, size_t recoverableMessageLength,
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
-	const unsigned int u = hashIdentifier.second + 1;
+	const size_t u = hashIdentifier.second + 1;
-	const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+	const size_t representativeByteLength = BitsToBytes(representativeBitLength);
-	const unsigned int digestSize = hash.DigestSize();
+	const size_t digestSize = hash.DigestSize();
-	const unsigned int saltSize = SaltLen(digestSize);
+	const size_t saltSize = SaltLen(digestSize);
 	byte *const h = representative + representativeByteLength - u - digestSize;
 	SecByteBlock digest(digestSize), salt(saltSize);
@ -82,15 +82,15 @@ void PSSR_MEM_Base::ComputeMessageRepresentative(RandomNumberGenerator &rng,
 DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative(
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength,
+	byte *representative, size_t representativeBitLength,
 	byte *recoverableMessage) const
 {
 	assert(representativeBitLength >= MinRepresentativeBitLength(hashIdentifier.second, hash.DigestSize()));
-	const unsigned int u = hashIdentifier.second + 1;
+	const size_t u = hashIdentifier.second + 1;
-	const unsigned int representativeByteLength = BitsToBytes(representativeBitLength);
+	const size_t representativeByteLength = BitsToBytes(representativeBitLength);
-	const unsigned int digestSize = hash.DigestSize();
+	const size_t digestSize = hash.DigestSize();
-	const unsigned int saltSize = SaltLen(digestSize);
+	const size_t saltSize = SaltLen(digestSize);
 	const byte *const h = representative + representativeByteLength - u - digestSize;
 	SecByteBlock digest(digestSize);
@ -98,7 +98,7 @@ DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative(
 	DecodingResult result(0);
 	bool &valid = result.isValidCoding;
-	unsigned int &recoverableMessageLength = result.messageLength;
+	size_t &recoverableMessageLength = result.messageLength;
 	valid = (representative[representativeByteLength - 1] == (hashIdentifier.second ? 0xcc : 0xbc)) && valid;
 	valid = (memcmp(representative + representativeByteLength - u, hashIdentifier.first, hashIdentifier.second) == 0) && valid;
@ -112,7 +112,7 @@ DecodingResult PSSR_MEM_Base::RecoverMessageFromRepresentative(
 	byte *M = std::find_if(representative, salt-1, std::bind2nd(std::not_equal_to<byte>(), 0));
 	recoverableMessageLength = salt-M-1;
 	if (*M == 0x01 
-		&& (unsigned int)(M - representative - (representativeBitLength % 8 != 0)) >= MinPadLen(digestSize)
+		&& (size_t)(M - representative - (representativeBitLength % 8 != 0)) >= MinPadLen(digestSize)
 		&& recoverableMessageLength <= MaxRecoverableLength(representativeBitLength, hashIdentifier.second, digestSize))
 	{
 		memcpy(recoverableMessage, M+1, recoverableMessageLength);
--- a/pssr.h
+++ b/pssr.h
@ -13,23 +13,23 @@ NAMESPACE_BEGIN(CryptoPP)
 class CRYPTOPP_DLL PSSR_MEM_Base : public PK_RecoverableSignatureMessageEncodingMethod
 {
 	virtual bool AllowRecovery() const =0;
-	virtual unsigned int SaltLen(unsigned int hashLen) const =0;
+	virtual size_t SaltLen(size_t hashLen) const =0;
-	virtual unsigned int MinPadLen(unsigned int hashLen) const =0;
+	virtual size_t MinPadLen(size_t hashLen) const =0;
 	virtual const MaskGeneratingFunction & GetMGF() const =0;
 public:
-	unsigned int MinRepresentativeBitLength(unsigned int hashIdentifierLength, unsigned int digestLength) const;
+	size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const;
-	unsigned int MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const;
+	size_t MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const;
 	bool IsProbabilistic() const;
 	bool AllowNonrecoverablePart() const;
 	bool RecoverablePartFirst() const;
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 	DecodingResult RecoverMessageFromRepresentative(
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength,
+		byte *representative, size_t representativeBitLength,
 		byte *recoverableMessage) const;
 };
@ -41,8 +41,8 @@ template <bool ALLOW_RECOVERY, class MGF=P1363_MGF1, int SALT_LEN=-1, int MIN_PA
 class PSSR_MEM : public PSSR_MEM_BaseWithHashId<USE_HASH_ID>
 {
 	virtual bool AllowRecovery() const {return ALLOW_RECOVERY;}
-	virtual unsigned int SaltLen(unsigned int hashLen) const {return SALT_LEN < 0 ? hashLen : SALT_LEN;}
+	virtual size_t SaltLen(size_t hashLen) const {return SALT_LEN < 0 ? hashLen : SALT_LEN;}
-	virtual unsigned int MinPadLen(unsigned int hashLen) const {return MIN_PAD_LEN < 0 ? hashLen : MIN_PAD_LEN;}
+	virtual size_t MinPadLen(size_t hashLen) const {return MIN_PAD_LEN < 0 ? hashLen : MIN_PAD_LEN;}
 	virtual const MaskGeneratingFunction & GetMGF() const {static MGF mgf; return mgf;}
 public:
--- a/pubkey.cpp
+++ b/pubkey.cpp
@ -8,7 +8,7 @@
 NAMESPACE_BEGIN(CryptoPP)
-void P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, const byte *derivationParams, unsigned int derivationParamsLength, bool mask, unsigned int counterStart)
+void P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength, bool mask, unsigned int counterStart)
 {
 	ArraySink *sink;
 	HashFilter filter(hash, sink = mask ? new ArrayXorSink(output, outputLength) : new ArraySink(output, outputLength));
@ -24,7 +24,7 @@ void P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, unsigned int
 bool PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative(
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	SecByteBlock computedRepresentative(BitsToBytes(representativeBitLength));
 	ComputeMessageRepresentative(NullRNG(), NULL, 0, hash, hashIdentifier, messageEmpty, computedRepresentative, representativeBitLength);
@ -33,7 +33,7 @@ bool PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative
 bool PK_RecoverableSignatureMessageEncodingMethod::VerifyMessageRepresentative(
 	HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-	byte *representative, unsigned int representativeBitLength) const
+	byte *representative, size_t representativeBitLength) const
 {
 	SecByteBlock recoveredMessage(MaxRecoverableLength(representativeBitLength, hashIdentifier.second, hash.DigestSize()));
 	DecodingResult result = RecoverMessageFromRepresentative(
@ -41,7 +41,7 @@ bool PK_RecoverableSignatureMessageEncodingMethod::VerifyMessageRepresentative(
 	return result.isValidCoding && result.messageLength == 0;
 }
-void TF_SignerBase::InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const
+void TF_SignerBase::InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
 {
 	PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
 	HashIdentifier id = GetHashIdentifier();
@ -50,7 +50,7 @@ void TF_SignerBase::InputRecoverableMessage(PK_MessageAccumulator &messageAccumu
 	if (MessageRepresentativeBitLength() < encoding.MinRepresentativeBitLength(id.second, ma.AccessHash().DigestSize()))
 		throw PK_SignatureScheme::KeyTooShort();
-	unsigned int maxRecoverableLength = encoding.MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, ma.AccessHash().DigestSize());
+	size_t maxRecoverableLength = encoding.MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, ma.AccessHash().DigestSize());
 	if (maxRecoverableLength == 0)
 		{throw NotImplemented("TF_SignerBase: this algorithm does not support messsage recovery or the key is too short");}
@ -64,7 +64,7 @@ void TF_SignerBase::InputRecoverableMessage(PK_MessageAccumulator &messageAccumu
 		NULL, 0, ma.m_semisignature);
 }
-unsigned int TF_SignerBase::SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
+size_t TF_SignerBase::SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
 {
 	PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
 	HashIdentifier id = GetHashIdentifier();
@ -81,12 +81,12 @@ unsigned int TF_SignerBase::SignAndRestart(RandomNumberGenerator &rng, PK_Messag
 	ma.m_empty = true;
 	Integer r(representative, representative.size());
-	unsigned int signatureLength = SignatureLength();
+	size_t signatureLength = SignatureLength();
 	GetTrapdoorFunctionInterface().CalculateRandomizedInverse(rng, r).Encode(signature, signatureLength);
 	return signatureLength;
 }
-void TF_VerifierBase::InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const
+void TF_VerifierBase::InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
 {
 	PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
 	HashIdentifier id = GetHashIdentifier();
@ -132,7 +132,7 @@ DecodingResult TF_VerifierBase::RecoverAndRestart(byte *recoveredMessage, PK_Mes
 	return result;
 }
-DecodingResult TF_DecryptorBase::Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, unsigned int ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const
+DecodingResult TF_DecryptorBase::Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const
 {
 	SecByteBlock paddedBlock(PaddedBlockByteLength());
 	Integer x = GetTrapdoorFunctionInterface().CalculateInverse(rng, Integer(ciphertext, FixedCiphertextLength()));
@ -142,7 +142,7 @@ DecodingResult TF_DecryptorBase::Decrypt(RandomNumberGenerator &rng, const byte
 	return GetMessageEncodingInterface().Unpad(paddedBlock, PaddedBlockBitLength(), plaintext, parameters);
 }
-void TF_EncryptorBase::Encrypt(RandomNumberGenerator &rng, const byte *plaintext, unsigned int plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const
+void TF_EncryptorBase::Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const
 {
 	if (plaintextLength > FixedMaxPlaintextLength())
 		throw InvalidArgument(AlgorithmName() + ": message too long for this public key");
--- a/pubkey.h
+++ b/pubkey.h
@ -109,11 +109,11 @@ public:
 	virtual bool ParameterSupported(const char *name) const {return false;}
 	//! max size of unpadded message in bytes, given max size of padded message in bits (1 less than size of modulus)
-	virtual unsigned int MaxUnpaddedLength(unsigned int paddedLength) const =0;
+	virtual size_t MaxUnpaddedLength(size_t paddedLength) const =0;
-	virtual void Pad(RandomNumberGenerator &rng, const byte *raw, unsigned int inputLength, byte *padded, unsigned int paddedBitLength, const NameValuePairs &parameters) const =0;
+	virtual void Pad(RandomNumberGenerator &rng, const byte *raw, size_t inputLength, byte *padded, size_t paddedBitLength, const NameValuePairs &parameters) const =0;
-	virtual DecodingResult Unpad(const byte *padded, unsigned int paddedBitLength, byte *raw, const NameValuePairs &parameters) const =0;
+	virtual DecodingResult Unpad(const byte *padded, size_t paddedBitLength, byte *raw, const NameValuePairs &parameters) const =0;
 };
 // ********************************************************
@ -139,13 +139,13 @@ template <class BASE>
 class CRYPTOPP_NO_VTABLE PK_FixedLengthCryptoSystemImpl : public BASE
 {
 public:
-	unsigned int MaxPlaintextLength(unsigned int ciphertextLength) const
+	size_t MaxPlaintextLength(size_t ciphertextLength) const
 		{return ciphertextLength == FixedCiphertextLength() ? FixedMaxPlaintextLength() : 0;}
-	unsigned int CiphertextLength(unsigned int plaintextLength) const
+	size_t CiphertextLength(size_t plaintextLength) const
 		{return plaintextLength <= FixedMaxPlaintextLength() ? FixedCiphertextLength() : 0;}
-	virtual unsigned int FixedMaxPlaintextLength() const =0;
+	virtual size_t FixedMaxPlaintextLength() const =0;
-	virtual unsigned int FixedCiphertextLength() const =0;
+	virtual size_t FixedCiphertextLength() const =0;
 };
 //! _
@ -154,31 +154,31 @@ class CRYPTOPP_NO_VTABLE TF_CryptoSystemBase : public PK_FixedLengthCryptoSystem
 {
 public:
 	bool ParameterSupported(const char *name) const {return this->GetMessageEncodingInterface().ParameterSupported(name);}
-	unsigned int FixedMaxPlaintextLength() const {return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
+	size_t FixedMaxPlaintextLength() const {return this->GetMessageEncodingInterface().MaxUnpaddedLength(PaddedBlockBitLength());}
-	unsigned int FixedCiphertextLength() const {return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
+	size_t FixedCiphertextLength() const {return this->GetTrapdoorFunctionBounds().MaxImage().ByteCount();}
 protected:
-	unsigned int PaddedBlockByteLength() const {return BitsToBytes(PaddedBlockBitLength());}
+	size_t PaddedBlockByteLength() const {return BitsToBytes(PaddedBlockBitLength());}
-	unsigned int PaddedBlockBitLength() const {return this->GetTrapdoorFunctionBounds().PreimageBound().BitCount()-1;}
+	size_t PaddedBlockBitLength() const {return this->GetTrapdoorFunctionBounds().PreimageBound().BitCount()-1;}
 };
 //! _
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_DecryptorBase : public TF_CryptoSystemBase<PK_Decryptor, TF_Base<TrapdoorFunctionInverse, PK_EncryptionMessageEncodingMethod> >
 {
 public:
-	DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, unsigned int ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
+	DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
 };
 //! _
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_EncryptorBase : public TF_CryptoSystemBase<PK_Encryptor, TF_Base<RandomizedTrapdoorFunction, PK_EncryptionMessageEncodingMethod> >
 {
 public:
-	void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, unsigned int plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
+	void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const;
 };
 // ********************************************************
-typedef std::pair<const byte *, unsigned int> HashIdentifier;
+typedef std::pair<const byte *, size_t> HashIdentifier;
 //! interface for message encoding method for public key signature schemes
 class CRYPTOPP_NO_VTABLE PK_SignatureMessageEncodingMethod
@ -186,9 +186,9 @@ class CRYPTOPP_NO_VTABLE PK_SignatureMessageEncodingMethod
 public:
 	virtual ~PK_SignatureMessageEncodingMethod() {}
-	virtual unsigned int MinRepresentativeBitLength(unsigned int hashIdentifierLength, unsigned int digestLength) const
+	virtual size_t MinRepresentativeBitLength(size_t hashIdentifierLength, size_t digestLength) const
 		{return 0;}
-	virtual unsigned int MaxRecoverableLength(unsigned int representativeBitLength, unsigned int hashIdentifierLength, unsigned int digestLength) const
+	virtual size_t MaxRecoverableLength(size_t representativeBitLength, size_t hashIdentifierLength, size_t digestLength) const
 		{return 0;}
 	bool IsProbabilistic() const 
@ -199,12 +199,12 @@ public:
 		{throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
 	// for verification, DL
-	virtual void ProcessSemisignature(HashTransformation &hash, const byte *semisignature, unsigned int semisignatureLength) const {}
+	virtual void ProcessSemisignature(HashTransformation &hash, const byte *semisignature, size_t semisignatureLength) const {}
 	// for signature
 	virtual void ProcessRecoverableMessage(HashTransformation &hash, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength, 
+		const byte *recoverableMessage, size_t recoverableMessageLength, 
-		const byte *presignature, unsigned int presignatureLength,
+		const byte *presignature, size_t presignatureLength,
 		SecByteBlock &semisignature) const
 	{
 		if (RecoverablePartFirst())
@ -212,24 +212,24 @@ public:
 	}
 	virtual void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const =0;
+		byte *representative, size_t representativeBitLength) const =0;
 	virtual bool VerifyMessageRepresentative(
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const =0;
+		byte *representative, size_t representativeBitLength) const =0;
 	virtual DecodingResult RecoverMessageFromRepresentative(	// for TF
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength,
+		byte *representative, size_t representativeBitLength,
 		byte *recoveredMessage) const
 		{throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
 	virtual DecodingResult RecoverMessageFromSemisignature(		// for DL
 		HashTransformation &hash, HashIdentifier hashIdentifier,
-		const byte *presignature, unsigned int presignatureLength,
+		const byte *presignature, size_t presignatureLength,
-		const byte *semisignature, unsigned int semisignatureLength,
+		const byte *semisignature, size_t semisignatureLength,
 		byte *recoveredMessage) const
 		{throw NotImplemented("PK_MessageEncodingMethod: this signature scheme does not support message recovery");}
@ -251,7 +251,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_DeterministicSignatureMessageEncodingMe
 public:
 	bool VerifyMessageRepresentative(
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 };
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_RecoverableSignatureMessageEncodingMethod : public PK_SignatureMessageEncodingMethod
@ -259,25 +259,25 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_RecoverableSignatureMessageEncodingMeth
 public:
 	bool VerifyMessageRepresentative(
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 };
 class CRYPTOPP_DLL DL_SignatureMessageEncodingMethod_DSA : public PK_DeterministicSignatureMessageEncodingMethod
 {
 public:
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 };
 class CRYPTOPP_DLL DL_SignatureMessageEncodingMethod_NR : public PK_DeterministicSignatureMessageEncodingMethod
 {
 public:
 	void ComputeMessageRepresentative(RandomNumberGenerator &rng, 
-		const byte *recoverableMessage, unsigned int recoverableMessageLength,
+		const byte *recoverableMessage, size_t recoverableMessageLength,
 		HashTransformation &hash, HashIdentifier hashIdentifier, bool messageEmpty,
-		byte *representative, unsigned int representativeBitLength) const;
+		byte *representative, size_t representativeBitLength) const;
 };
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_MessageAccumulatorBase : public PK_MessageAccumulator
@ -287,7 +287,7 @@ public:
 	virtual HashTransformation & AccessHash() =0;
-	void Update(const byte *input, unsigned int length)
+	void Update(const byte *input, size_t length)
 	{
 		AccessHash().Update(input, length);
 		m_empty = m_empty && length == 0;
@ -310,11 +310,11 @@ template <class INTERFACE, class BASE>
 class CRYPTOPP_NO_VTABLE TF_SignatureSchemeBase : public INTERFACE, protected BASE
 {
 public:
-	unsigned int SignatureLength() const 
+	size_t SignatureLength() const 
 		{return this->GetTrapdoorFunctionBounds().MaxPreimage().ByteCount();}
-	unsigned int MaxRecoverableLength() const 
+	size_t MaxRecoverableLength() const 
 		{return this->GetMessageEncodingInterface().MaxRecoverableLength(MessageRepresentativeBitLength(), GetHashIdentifier().second, GetDigestSize());}
-	unsigned int MaxRecoverableLengthFromSignatureLength(unsigned int signatureLength) const
+	size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
 		{return this->MaxRecoverableLength();}
 	bool IsProbabilistic() const 
@ -325,25 +325,25 @@ public:
 		{return this->GetMessageEncodingInterface().RecoverablePartFirst();}
 protected:
-	unsigned int MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
+	size_t MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
-	unsigned int MessageRepresentativeBitLength() const {return this->GetTrapdoorFunctionBounds().ImageBound().BitCount()-1;}
+	size_t MessageRepresentativeBitLength() const {return this->GetTrapdoorFunctionBounds().ImageBound().BitCount()-1;}
 	virtual HashIdentifier GetHashIdentifier() const =0;
-	virtual unsigned int GetDigestSize() const =0;
+	virtual size_t GetDigestSize() const =0;
 };
 //! _
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_SignerBase : public TF_SignatureSchemeBase<PK_Signer, TF_Base<RandomizedTrapdoorFunctionInverse, PK_SignatureMessageEncodingMethod> >
 {
 public:
-	void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const;
+	void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const;
-	unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const;
+	size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const;
 };
 //! _
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE TF_VerifierBase : public TF_SignatureSchemeBase<PK_Verifier, TF_Base<TrapdoorFunction, PK_SignatureMessageEncodingMethod> >
 {
 public:
-	void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const;
+	void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const;
 	bool VerifyAndRestart(PK_MessageAccumulator &messageAccumulator) const;
 	DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &recoveryAccumulator) const;
 };
@ -410,7 +410,7 @@ protected:
        typedef CPP_TYPENAME SchemeOptions::MessageEncodingMethod::HashIdentifierLookup::template HashIdentifierLookup2<CPP_TYPENAME SchemeOptions::HashFunction> L;
        return L::Lookup();
 	}
-	unsigned int GetDigestSize() const
+	size_t GetDigestSize() const
 	{
 		typedef CPP_TYPENAME SchemeOptions::HashFunction H;
 		return H::DIGESTSIZE;
@ -477,17 +477,17 @@ class CRYPTOPP_NO_VTABLE MaskGeneratingFunction
 {
 public:
 	virtual ~MaskGeneratingFunction() {}
-	virtual void GenerateAndMask(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, bool mask = true) const =0;
+	virtual void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask = true) const =0;
 };
-CRYPTOPP_DLL void CRYPTOPP_API P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, const byte *derivationParams, unsigned int derivationParamsLength, bool mask, unsigned int counterStart);
+CRYPTOPP_DLL void CRYPTOPP_API P1363_MGF1KDF2_Common(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength, bool mask, unsigned int counterStart);
 //! _
 class P1363_MGF1 : public MaskGeneratingFunction
 {
 public:
 	static const char * CRYPTOPP_API StaticAlgorithmName() {return "MGF1";}
-	void GenerateAndMask(HashTransformation &hash, byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, bool mask = true) const
+	void GenerateAndMask(HashTransformation &hash, byte *output, size_t outputLength, const byte *input, size_t inputLength, bool mask = true) const
 	{
 		P1363_MGF1KDF2_Common(hash, output, outputLength, input, inputLength, NULL, 0, mask, 0);
 	}
@ -500,7 +500,7 @@ template <class H>
 class P1363_KDF2
 {
 public:
-	static void CRYPTOPP_API DeriveKey(byte *output, unsigned int outputLength, const byte *input, unsigned int inputLength, const byte *derivationParams, unsigned int derivationParamsLength)
+	static void CRYPTOPP_API DeriveKey(byte *output, size_t outputLength, const byte *input, size_t inputLength, const byte *derivationParams, size_t derivationParamsLength)
 	{
 		H h;
 		P1363_MGF1KDF2_Common(h, output, outputLength, input, inputLength, derivationParams, derivationParamsLength, false, 1);
@ -904,9 +904,9 @@ public:
 	virtual bool Verify(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0;
 	virtual Integer RecoverPresignature(const DL_GroupParameters<T> &params, const DL_PublicKey<T> &publicKey, const Integer &r, const Integer &s) const
 		{throw NotImplemented("DL_ElgamalLikeSignatureAlgorithm: this signature scheme does not support message recovery");}
-	virtual unsigned int RLen(const DL_GroupParameters<T> &params) const
+	virtual size_t RLen(const DL_GroupParameters<T> &params) const
 		{return params.GetSubgroupOrder().ByteCount();}
-	virtual unsigned int SLen(const DL_GroupParameters<T> &params) const
+	virtual size_t SLen(const DL_GroupParameters<T> &params) const
 		{return params.GetSubgroupOrder().ByteCount();}
 };
@ -927,7 +927,7 @@ class CRYPTOPP_NO_VTABLE DL_KeyDerivationAlgorithm
 {
 public:
 	virtual bool ParameterSupported(const char *name) const {return false;}
-	virtual void Derive(const DL_GroupParameters<T> &groupParams, byte *derivedKey, unsigned int derivedLength, const T &agreedElement, const T &ephemeralPublicKey, const NameValuePairs &derivationParams) const =0;
+	virtual void Derive(const DL_GroupParameters<T> &groupParams, byte *derivedKey, size_t derivedLength, const T &agreedElement, const T &ephemeralPublicKey, const NameValuePairs &derivationParams) const =0;
 };
 //! interface for symmetric encryption algorithms used in DL cryptosystems
@ -935,11 +935,11 @@ class CRYPTOPP_NO_VTABLE DL_SymmetricEncryptionAlgorithm
 {
 public:
 	virtual bool ParameterSupported(const char *name) const {return false;}
-	virtual unsigned int GetSymmetricKeyLength(unsigned int plaintextLength) const =0;
+	virtual size_t GetSymmetricKeyLength(size_t plaintextLength) const =0;
-	virtual unsigned int GetSymmetricCiphertextLength(unsigned int plaintextLength) const =0;
+	virtual size_t GetSymmetricCiphertextLength(size_t plaintextLength) const =0;
-	virtual unsigned int GetMaxSymmetricPlaintextLength(unsigned int ciphertextLength) const =0;
+	virtual size_t GetMaxSymmetricPlaintextLength(size_t ciphertextLength) const =0;
-	virtual void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plaintext, unsigned int plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const =0;
+	virtual void SymmetricEncrypt(RandomNumberGenerator &rng, const byte *key, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters) const =0;
-	virtual DecodingResult SymmetricDecrypt(const byte *key, const byte *ciphertext, unsigned int ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const =0;
+	virtual DecodingResult SymmetricDecrypt(const byte *key, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters) const =0;
 };
 //! _
@ -962,14 +962,14 @@ template <class INTERFACE, class KEY_INTERFACE>
 class CRYPTOPP_NO_VTABLE DL_SignatureSchemeBase : public INTERFACE, public DL_Base<KEY_INTERFACE>
 {
 public:
-	unsigned int SignatureLength() const
+	size_t SignatureLength() const
 	{
 		return GetSignatureAlgorithm().RLen(this->GetAbstractGroupParameters())
 			+ GetSignatureAlgorithm().SLen(this->GetAbstractGroupParameters());
 	}
-	unsigned int MaxRecoverableLength() const 
+	size_t MaxRecoverableLength() const 
 		{return GetMessageEncodingInterface().MaxRecoverableLength(0, GetHashIdentifier().second, GetDigestSize());}
-	unsigned int MaxRecoverableLengthFromSignatureLength(unsigned int signatureLength) const
+	size_t MaxRecoverableLengthFromSignatureLength(size_t signatureLength) const
 		{assert(false); return 0;}	// TODO
 	bool IsProbabilistic() const 
@ -980,13 +980,13 @@ public:
 		{return GetMessageEncodingInterface().RecoverablePartFirst();}
 protected:
-	unsigned int MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
+	size_t MessageRepresentativeLength() const {return BitsToBytes(MessageRepresentativeBitLength());}
-	unsigned int MessageRepresentativeBitLength() const {return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
+	size_t MessageRepresentativeBitLength() const {return this->GetAbstractGroupParameters().GetSubgroupOrder().BitCount();}
 	virtual const DL_ElgamalLikeSignatureAlgorithm<CPP_TYPENAME KEY_INTERFACE::Element> & GetSignatureAlgorithm() const =0;
 	virtual const PK_SignatureMessageEncodingMethod & GetMessageEncodingInterface() const =0;
 	virtual HashIdentifier GetHashIdentifier() const =0;
-	virtual unsigned int GetDigestSize() const =0;
+	virtual size_t GetDigestSize() const =0;
 };
 //! _
@ -1005,7 +1005,7 @@ public:
 		alg.Sign(params, key.GetPrivateExponent(), k, e, r, s);
 	}
-	void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, unsigned int recoverableMessageLength) const
+	void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const
 	{
 		PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
 		ma.m_recoverableMessage.Assign(recoverableMessage, recoverableMessageLength);
@ -1015,7 +1015,7 @@ public:
 			ma.m_semisignature);
 	}
-	unsigned int SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
+	size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart) const
 	{
 		this->GetMaterial().DoQuickSanityCheck();
@ -1041,7 +1041,7 @@ public:
 		Integer s;
 		alg.Sign(params, key.GetPrivateExponent(), ma.m_k, e, r, s);
-		unsigned int rLen = alg.RLen(params);
+		size_t rLen = alg.RLen(params);
 		r.Encode(signature, rLen);
 		s.Encode(signature+rLen, alg.SLen(params));
@ -1067,13 +1067,13 @@ template <class T>
 class CRYPTOPP_NO_VTABLE DL_VerifierBase : public DL_SignatureSchemeBase<PK_Verifier, DL_PublicKey<T> >
 {
 public:
-	void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, unsigned int signatureLength) const
+	void InputSignature(PK_MessageAccumulator &messageAccumulator, const byte *signature, size_t signatureLength) const
 	{
 		PK_MessageAccumulatorBase &ma = static_cast<PK_MessageAccumulatorBase &>(messageAccumulator);
 		const DL_ElgamalLikeSignatureAlgorithm<T> &alg = this->GetSignatureAlgorithm();
 		const DL_GroupParameters<T> &params = this->GetAbstractGroupParameters();
-		unsigned int rLen = alg.RLen(params);
+		size_t rLen = alg.RLen(params);
 		ma.m_semisignature.Assign(signature, rLen);
 		ma.m_s.Decode(signature+rLen, alg.SLen(params));
@ -1137,15 +1137,15 @@ class CRYPTOPP_NO_VTABLE DL_CryptoSystemBase : public PK, public DL_Base<KI>
 public:
 	typedef typename DL_Base<KI>::Element Element;
-	unsigned int MaxPlaintextLength(unsigned int ciphertextLength) const
+	size_t MaxPlaintextLength(size_t ciphertextLength) const
 	{
 		unsigned int minLen = this->GetAbstractGroupParameters().GetEncodedElementSize(true);
 		return ciphertextLength < minLen ? 0 : GetSymmetricEncryptionAlgorithm().GetMaxSymmetricPlaintextLength(ciphertextLength - minLen);
 	}
-	unsigned int CiphertextLength(unsigned int plaintextLength) const
+	size_t CiphertextLength(size_t plaintextLength) const
 	{
-		unsigned int len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
+		size_t len = GetSymmetricEncryptionAlgorithm().GetSymmetricCiphertextLength(plaintextLength);
 		return len == 0 ? 0 : this->GetAbstractGroupParameters().GetEncodedElementSize(true) + len;
 	}
@ -1165,7 +1165,7 @@ class CRYPTOPP_NO_VTABLE DL_DecryptorBase : public DL_CryptoSystemBase<PK_Decryp
 public:
 	typedef T Element;
-	DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, unsigned int ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const
+	DecodingResult Decrypt(RandomNumberGenerator &rng, const byte *ciphertext, size_t ciphertextLength, byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const
 	{
 		try
 		{
@ -1176,7 +1176,7 @@ public:
 			const DL_PrivateKey<T> &key = this->GetKeyInterface();
 			Element q = params.DecodeElement(ciphertext, true);
-			unsigned int elementSize = params.GetEncodedElementSize(true);
+			size_t elementSize = params.GetEncodedElementSize(true);
 			ciphertext += elementSize;
 			ciphertextLength -= elementSize;
@ -1201,7 +1201,7 @@ class CRYPTOPP_NO_VTABLE DL_EncryptorBase : public DL_CryptoSystemBase<PK_Encryp
 public:
 	typedef T Element;
-	void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, unsigned int plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const
+	void Encrypt(RandomNumberGenerator &rng, const byte *plaintext, size_t plaintextLength, byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const
 	{
 		const DL_KeyAgreementAlgorithm<T> &agreeAlg = this->GetKeyAgreementAlgorithm();
 		const DL_KeyDerivationAlgorithm<T> &derivAlg = this->GetKeyDerivationAlgorithm();
@ -1285,7 +1285,7 @@ protected:
 		typedef typename SchemeOptions::MessageEncodingMethod::HashIdentifierLookup HashLookup;
 		return HashLookup::template HashIdentifierLookup2<CPP_TYPENAME SchemeOptions::HashFunction>::Lookup();
 	}
-	unsigned int GetDigestSize() const
+	size_t GetDigestSize() const
 	{
 		typedef CPP_TYPENAME SchemeOptions::HashFunction H;
 		return H::DIGESTSIZE;
--- a/pwdbased.h
+++ b/pwdbased.h
@ -13,12 +13,12 @@ NAMESPACE_BEGIN(CryptoPP)
 class PasswordBasedKeyDerivationFunction
 {
 public:
-	virtual unsigned int MaxDerivedKeyLength() const =0;
+	virtual size_t MaxDerivedKeyLength() const =0;
 	virtual bool UsesPurposeByte() const =0;
 	//! derive key from password
 	/*! If timeInSeconds != 0, will iterate until time elapsed, as measured by ThreadUserTimer
 		Returns actual iteration count, which is equal to iterations if timeInSeconds == 0, and not less than iterations otherwise. */
-	virtual unsigned int DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds=0) const =0;
+	virtual unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const =0;
 };
 //! PBKDF1 from PKCS #5, T should be a HashTransformation class
@ -26,10 +26,10 @@ template <class T>
 class PKCS5_PBKDF1 : public PasswordBasedKeyDerivationFunction
 {
 public:
-	unsigned int MaxDerivedKeyLength() const {return T::DIGESTSIZE;}
+	size_t MaxDerivedKeyLength() const {return T::DIGESTSIZE;}
 	bool UsesPurposeByte() const {return false;}
 	// PKCS #5 says PBKDF1 should only take 8-byte salts. This implementation allows salts of any length.
-	unsigned int DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds=0) const;
+	unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const;
 };
 //! PBKDF2 from PKCS #5, T should be a HashTransformation class
@ -37,9 +37,9 @@ template <class T>
 class PKCS5_PBKDF2_HMAC : public PasswordBasedKeyDerivationFunction
 {
 public:
-	unsigned int MaxDerivedKeyLength() const {return 0xffffffffU;}	// should multiply by T::DIGESTSIZE, but gets overflow that way
+	size_t MaxDerivedKeyLength() const {return 0xffffffffU;}	// should multiply by T::DIGESTSIZE, but gets overflow that way
 	bool UsesPurposeByte() const {return false;}
-	unsigned int DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds=0) const;
+	unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds=0) const;
 };
 /*
@ -53,7 +53,7 @@ public:
 */
 template <class T>
-unsigned int PKCS5_PBKDF1<T>::DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds) const
+unsigned int PKCS5_PBKDF1<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const
 {
 	assert(derivedLen <= MaxDerivedKeyLength());
 	assert(iterations > 0 || timeInSeconds > 0);
@ -82,7 +82,7 @@ unsigned int PKCS5_PBKDF1<T>::DeriveKey(byte *derived, unsigned int derivedLen,
 }
 template <class T>
-unsigned int PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds) const
+unsigned int PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const
 {
 	assert(derivedLen <= MaxDerivedKeyLength());
 	assert(iterations > 0 || timeInSeconds > 0);
@ -106,7 +106,7 @@ unsigned int PKCS5_PBKDF2_HMAC<T>::DeriveKey(byte *derived, unsigned int derived
 		}
 		hmac.Final(buffer);
-		unsigned int segmentLen = STDMIN(derivedLen, (unsigned int)buffer.size());
+		size_t segmentLen = STDMIN(derivedLen, buffer.size());
 		memcpy(derived, buffer, segmentLen);
 		if (timeInSeconds)
@ -140,13 +140,13 @@ template <class T>
 class PKCS12_PBKDF : public PasswordBasedKeyDerivationFunction
 {
 public:
-	unsigned int MaxDerivedKeyLength() const {return UINT_MAX;}
+	size_t MaxDerivedKeyLength() const {return size_t(0)-1;}
 	bool UsesPurposeByte() const {return true;}
-	unsigned int DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds) const;
+	unsigned int DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const;
 };
 template <class T>
-unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived, unsigned int derivedLen, byte purpose, const byte *password, unsigned int passwordLen, const byte *salt, unsigned int saltLen, unsigned int iterations, double timeInSeconds) const
+unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived, size_t derivedLen, byte purpose, const byte *password, size_t passwordLen, const byte *salt, size_t saltLen, unsigned int iterations, double timeInSeconds) const
 {
 	assert(derivedLen <= MaxDerivedKeyLength());
 	assert(iterations > 0 || timeInSeconds > 0);
@ -154,14 +154,14 @@ unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived, unsigned int derivedLen,
 	if (!iterations)
 		iterations = 1;
-	const unsigned int v = T::BLOCKSIZE;	// v is in bytes rather than bits as in PKCS #12
+	const size_t v = T::BLOCKSIZE;	// v is in bytes rather than bits as in PKCS #12
-	const unsigned int DLen = v, SLen = RoundUpToMultipleOf(saltLen, v);
+	const size_t DLen = v, SLen = RoundUpToMultipleOf(saltLen, v);
-	const unsigned int PLen = RoundUpToMultipleOf(passwordLen, v), ILen = SLen + PLen;
+	const size_t PLen = RoundUpToMultipleOf(passwordLen, v), ILen = SLen + PLen;
 	SecByteBlock buffer(DLen + SLen + PLen);
 	byte *D = buffer, *S = buffer+DLen, *P = buffer+DLen+SLen, *I = S;
 	memset(D, purpose, DLen);
-	unsigned int i;
+	size_t i;
 	for (i=0; i<SLen; i++)
 		S[i] = salt[i % saltLen];
 	for (i=0; i<PLen; i++)
@ -187,7 +187,7 @@ unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived, unsigned int derivedLen,
 		if (timeInSeconds)
 		{
-			iterations = i;
+			iterations = (unsigned int)i;
 			timeInSeconds = 0;
 		}
@ -199,7 +199,7 @@ unsigned int PKCS12_PBKDF<T>::DeriveKey(byte *derived, unsigned int derivedLen,
 		for (i=0; i<ILen; i+=v)
 			(Integer(I+i, v) + B1).Encode(I+i, v);
-		unsigned int segmentLen = STDMIN(derivedLen, (unsigned int)Ai.size());
+		size_t segmentLen = STDMIN(derivedLen, Ai.size());
 		memcpy(derived, Ai, segmentLen);
 		derived += segmentLen;
 		derivedLen -= segmentLen;
--- a/queue.cpp
+++ b/queue.cpp
@ -15,16 +15,16 @@ static const unsigned int s_maxAutoNodeSize = 16*1024;
 class ByteQueueNode
 {
 public:
-	ByteQueueNode(unsigned int maxSize)
+	ByteQueueNode(size_t maxSize)
 		: buf(maxSize)
 	{
 		m_head = m_tail = 0;
 		next = 0;
 	}
-	inline unsigned int MaxSize() const {return buf.size();}
+	inline size_t MaxSize() const {return buf.size();}
-	inline unsigned int CurrentSize() const
+	inline size_t CurrentSize() const
 	{
 		return m_tail-m_head;
 	}
@ -39,16 +39,16 @@ public:
 		m_head = m_tail = 0;
 	}
-	inline unsigned int Put(const byte *begin, unsigned int length)
+	inline size_t Put(const byte *begin, size_t length)
 	{
-		unsigned int l = STDMIN(length, MaxSize()-m_tail);
+		size_t l = STDMIN(length, MaxSize()-m_tail);
 		if (buf+m_tail != begin)
 			memcpy(buf+m_tail, begin, l);
 		m_tail += l;
 		return l;
 	}
-	inline unsigned int Peek(byte &outByte) const
+	inline size_t Peek(byte &outByte) const
 	{
 		if (m_tail==m_head)
 			return 0;
@ -57,65 +57,65 @@ public:
 		return 1;
 	}
-	inline unsigned int Peek(byte *target, unsigned int copyMax) const
+	inline size_t Peek(byte *target, size_t copyMax) const
 	{
-		unsigned int len = STDMIN(copyMax, m_tail-m_head);
+		size_t len = STDMIN(copyMax, m_tail-m_head);
 		memcpy(target, buf+m_head, len);
 		return len;
 	}
-	inline unsigned int CopyTo(BufferedTransformation &target, const std::string &channel=BufferedTransformation::NULL_CHANNEL) const
+	inline size_t CopyTo(BufferedTransformation &target, const std::string &channel=BufferedTransformation::NULL_CHANNEL) const
 	{
-		unsigned int len = m_tail-m_head;
+		size_t len = m_tail-m_head;
 		target.ChannelPut(channel, buf+m_head, len);
 		return len;
 	}
-	inline unsigned int CopyTo(BufferedTransformation &target, unsigned int copyMax, const std::string &channel=BufferedTransformation::NULL_CHANNEL) const
+	inline size_t CopyTo(BufferedTransformation &target, size_t copyMax, const std::string &channel=BufferedTransformation::NULL_CHANNEL) const
 	{
-		unsigned int len = STDMIN(copyMax, m_tail-m_head);
+		size_t len = STDMIN(copyMax, m_tail-m_head);
 		target.ChannelPut(channel, buf+m_head, len);
 		return len;
 	}
-	inline unsigned int Get(byte &outByte)
+	inline size_t Get(byte &outByte)
 	{
-		unsigned int len = Peek(outByte);
+		size_t len = Peek(outByte);
 		m_head += len;
 		return len;
 	}
-	inline unsigned int Get(byte *outString, unsigned int getMax)
+	inline size_t Get(byte *outString, size_t getMax)
 	{
-		unsigned int len = Peek(outString, getMax);
+		size_t len = Peek(outString, getMax);
 		m_head += len;
 		return len;
 	}
-	inline unsigned int TransferTo(BufferedTransformation &target, const std::string &channel=BufferedTransformation::NULL_CHANNEL)
+	inline size_t TransferTo(BufferedTransformation &target, const std::string &channel=BufferedTransformation::NULL_CHANNEL)
 	{
-		unsigned int len = m_tail-m_head;
+		size_t len = m_tail-m_head;
 		target.ChannelPutModifiable(channel, buf+m_head, len);
 		m_head = m_tail;
 		return len;
 	}
-	inline unsigned int TransferTo(BufferedTransformation &target, unsigned int transferMax, const std::string &channel=BufferedTransformation::NULL_CHANNEL)
+	inline size_t TransferTo(BufferedTransformation &target, lword transferMax, const std::string &channel=BufferedTransformation::NULL_CHANNEL)
 	{
-		unsigned int len = STDMIN(transferMax, m_tail-m_head);
+		size_t len = UnsignedMin(m_tail-m_head, transferMax);
 		target.ChannelPutModifiable(channel, buf+m_head, len);
 		m_head += len;
 		return len;
 	}
-	inline unsigned int Skip(unsigned int skipMax)
+	inline size_t Skip(size_t skipMax)
 	{
-		unsigned int len = STDMIN(skipMax, m_tail-m_head);
+		size_t len = STDMIN(skipMax, m_tail-m_head);
 		m_head += len;
 		return len;
 	}
-	inline byte operator[](unsigned int i) const
+	inline byte operator[](size_t i) const
 	{
 		return buf[m_head+i];
 	}
@ -123,19 +123,19 @@ public:
 	ByteQueueNode *next;
 	SecByteBlock buf;
-	unsigned int m_head, m_tail;
+	size_t m_head, m_tail;
 };
 // ********************************************************
-ByteQueue::ByteQueue(unsigned int nodeSize)
+ByteQueue::ByteQueue(size_t nodeSize)
 	: m_lazyLength(0)
 {
 	SetNodeSize(nodeSize);
 	m_head = m_tail = new ByteQueueNode(m_nodeSize);
 }
-void ByteQueue::SetNodeSize(unsigned int nodeSize)
+void ByteQueue::SetNodeSize(size_t nodeSize)
 {
 	m_autoNodeSize = !nodeSize;
 	m_nodeSize = m_autoNodeSize ? 256 : nodeSize;
@ -184,9 +184,9 @@ void ByteQueue::IsolatedInitialize(const NameValuePairs &parameters)
 	Clear();
 }
-unsigned long ByteQueue::CurrentSize() const
+lword ByteQueue::CurrentSize() const
 {
-	unsigned long size=0;
+	lword size=0;
 	for (ByteQueueNode *current=m_head; current; current=current->next)
 		size += current->CurrentSize();
@ -213,12 +213,12 @@ void ByteQueue::Clear()
 	m_lazyLength = 0;
 }
-unsigned int ByteQueue::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t ByteQueue::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	if (m_lazyLength > 0)
 		FinalizeLazyPut();
-	unsigned int len;
+	size_t len;
 	while ((len=m_tail->Put(inString, length)) < length)
 	{
 		inString += len;
@ -249,7 +249,7 @@ void ByteQueue::CleanupUsedNodes()
 		m_head->Clear();
 }
-void ByteQueue::LazyPut(const byte *inString, unsigned int size)
+void ByteQueue::LazyPut(const byte *inString, size_t size)
 {
 	if (m_lazyLength > 0)
 		FinalizeLazyPut();
@ -264,7 +264,7 @@ void ByteQueue::LazyPut(const byte *inString, unsigned int size)
 	}
 }
-void ByteQueue::LazyPutModifiable(byte *inString, unsigned int size)
+void ByteQueue::LazyPutModifiable(byte *inString, size_t size)
 {
 	if (m_lazyLength > 0)
 		FinalizeLazyPut();
@ -273,7 +273,7 @@ void ByteQueue::LazyPutModifiable(byte *inString, unsigned int size)
 	m_lazyStringModifiable = true;
 }
-void ByteQueue::UndoLazyPut(unsigned int size)
+void ByteQueue::UndoLazyPut(size_t size)
 {
 	if (m_lazyLength < size)
 		throw InvalidArgument("ByteQueue: size specified for UndoLazyPut is too large");
@ -283,13 +283,13 @@ void ByteQueue::UndoLazyPut(unsigned int size)
 void ByteQueue::FinalizeLazyPut()
 {
-	unsigned int len = m_lazyLength;
+	size_t len = m_lazyLength;
 	m_lazyLength = 0;
 	if (len)
 		Put(m_lazyString, len);
 }
-unsigned int ByteQueue::Get(byte &outByte)
+size_t ByteQueue::Get(byte &outByte)
 {
 	if (m_head->Get(outByte))
 	{
@ -307,13 +307,13 @@ unsigned int ByteQueue::Get(byte &outByte)
 		return 0;
 }
-unsigned int ByteQueue::Get(byte *outString, unsigned int getMax)
+size_t ByteQueue::Get(byte *outString, size_t getMax)
 {
 	ArraySink sink(outString, getMax);
-	return TransferTo(sink, getMax);
+	return (size_t)TransferTo(sink, getMax);
 }
-unsigned int ByteQueue::Peek(byte &outByte) const
+size_t ByteQueue::Peek(byte &outByte) const
 {
 	if (m_head->Peek(outByte))
 		return 1;
@ -326,22 +326,22 @@ unsigned int ByteQueue::Peek(byte &outByte) const
 		return 0;
 }
-unsigned int ByteQueue::Peek(byte *outString, unsigned int peekMax) const
+size_t ByteQueue::Peek(byte *outString, size_t peekMax) const
 {
 	ArraySink sink(outString, peekMax);
-	return CopyTo(sink, peekMax);
+	return (size_t)CopyTo(sink, peekMax);
 }
-unsigned int ByteQueue::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t ByteQueue::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	if (blocking)
 	{
-		unsigned long bytesLeft = transferBytes;
+		lword bytesLeft = transferBytes;
 		for (ByteQueueNode *current=m_head; bytesLeft && current; current=current->next)
 			bytesLeft -= current->TransferTo(target, bytesLeft, channel);
 		CleanupUsedNodes();
-		unsigned int len = (unsigned int)STDMIN(bytesLeft, (unsigned long)m_lazyLength);
+		size_t len = (size_t)STDMIN(bytesLeft, (lword)m_lazyLength);
 		if (len)
 		{
 			if (m_lazyStringModifiable)
@ -358,18 +358,18 @@ unsigned int ByteQueue::TransferTo2(BufferedTransformation &target, unsigned lon
 	else
 	{
 		Walker walker(*this);
-		unsigned int blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
+		size_t blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
 		Skip(transferBytes);
 		return blockedBytes;
 	}
 }
-unsigned int ByteQueue::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t ByteQueue::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	Walker walker(*this);
 	walker.Skip(begin);
-	unsigned long transferBytes = end-begin;
+	lword transferBytes = end-begin;
-	unsigned int blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
+	size_t blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
 	begin += transferBytes;
 	return blockedBytes;
 }
@ -379,9 +379,9 @@ void ByteQueue::Unget(byte inByte)
 	Unget(&inByte, 1);
 }
-void ByteQueue::Unget(const byte *inString, unsigned int length)
+void ByteQueue::Unget(const byte *inString, size_t length)
 {
-	unsigned int len = STDMIN(length, m_head->m_head);
+	size_t len = STDMIN(length, m_head->m_head);
 	length -= len;
 	m_head->m_head -= len;
 	memcpy(m_head->buf + m_head->m_head, inString + length, len);
@ -395,7 +395,7 @@ void ByteQueue::Unget(const byte *inString, unsigned int length)
 	}
 }
-const byte * ByteQueue::Spy(unsigned int &contiguousSize) const
+const byte * ByteQueue::Spy(size_t &contiguousSize) const
 {
 	contiguousSize = m_head->m_tail - m_head->m_head;
 	if (contiguousSize == 0 && m_lazyLength > 0)
@ -407,7 +407,7 @@ const byte * ByteQueue::Spy(unsigned int &contiguousSize) const
 		return m_head->buf + m_head->m_head;
 }
-byte * ByteQueue::CreatePutSpace(unsigned int &size)
+byte * ByteQueue::CreatePutSpace(size_t &size)
 {
 	if (m_lazyLength > 0)
 		FinalizeLazyPut();
@ -431,7 +431,7 @@ ByteQueue & ByteQueue::operator=(const ByteQueue &rhs)
 bool ByteQueue::operator==(const ByteQueue &rhs) const
 {
-	const unsigned long currentSize = CurrentSize();
+	const lword currentSize = CurrentSize();
 	if (currentSize != rhs.CurrentSize())
 		return false;
@ -446,12 +446,12 @@ bool ByteQueue::operator==(const ByteQueue &rhs) const
 	return true;
 }
-byte ByteQueue::operator[](unsigned long i) const
+byte ByteQueue::operator[](lword i) const
 {
 	for (ByteQueueNode *current=m_head; current; current=current->next)
 	{
 		if (i < current->CurrentSize())
-			return (*current)[i];
+			return (*current)[(size_t)i];
 		i -= current->CurrentSize();
 	}
@ -482,38 +482,38 @@ void ByteQueue::Walker::IsolatedInitialize(const NameValuePairs &parameters)
 	m_lazyLength = m_queue.m_lazyLength;
 }
-unsigned int ByteQueue::Walker::Get(byte &outByte)
+size_t ByteQueue::Walker::Get(byte &outByte)
 {
 	ArraySink sink(&outByte, 1);
-	return TransferTo(sink, 1);
+	return (size_t)TransferTo(sink, 1);
 }
-unsigned int ByteQueue::Walker::Get(byte *outString, unsigned int getMax)
+size_t ByteQueue::Walker::Get(byte *outString, size_t getMax)
 {
 	ArraySink sink(outString, getMax);
-	return TransferTo(sink, getMax);
+	return (size_t)TransferTo(sink, getMax);
 }
-unsigned int ByteQueue::Walker::Peek(byte &outByte) const
+size_t ByteQueue::Walker::Peek(byte &outByte) const
 {
 	ArraySink sink(&outByte, 1);
-	return CopyTo(sink, 1);
+	return (size_t)CopyTo(sink, 1);
 }
-unsigned int ByteQueue::Walker::Peek(byte *outString, unsigned int peekMax) const
+size_t ByteQueue::Walker::Peek(byte *outString, size_t peekMax) const
 {
 	ArraySink sink(outString, peekMax);
-	return CopyTo(sink, peekMax);
+	return (size_t)CopyTo(sink, peekMax);
 }
-unsigned int ByteQueue::Walker::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t ByteQueue::Walker::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
-	unsigned long bytesLeft = transferBytes;
+	lword bytesLeft = transferBytes;
-	unsigned int blockedBytes = 0;
+	size_t blockedBytes = 0;
 	while (m_node)
 	{
-		unsigned int len = STDMIN(bytesLeft, (unsigned long)m_node->CurrentSize()-m_offset);
+		size_t len = (size_t)STDMIN(bytesLeft, (lword)m_node->CurrentSize()-m_offset);
 		blockedBytes = target.ChannelPut2(channel, m_node->buf+m_node->m_head+m_offset, len, 0, blocking);
 		if (blockedBytes)
@ -534,8 +534,8 @@ unsigned int ByteQueue::Walker::TransferTo2(BufferedTransformation &target, unsi
 	if (bytesLeft && m_lazyLength)
 	{
-		unsigned int len = (unsigned int)STDMIN(bytesLeft, (unsigned long)m_lazyLength);
+		size_t len = (size_t)STDMIN(bytesLeft, (lword)m_lazyLength);
-		unsigned int blockedBytes = target.ChannelPut2(channel, m_lazyString, len, 0, blocking);
+		blockedBytes = target.ChannelPut2(channel, m_lazyString, len, 0, blocking);
 		if (blockedBytes)
 			goto done;
@ -549,12 +549,12 @@ done:
 	return blockedBytes;
 }
-unsigned int ByteQueue::Walker::CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end, const std::string &channel, bool blocking) const
+size_t ByteQueue::Walker::CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end, const std::string &channel, bool blocking) const
 {
 	Walker walker(*this);
 	walker.Skip(begin);
-	unsigned long transferBytes = end-begin;
+	lword transferBytes = end-begin;
-	unsigned int blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
+	size_t blockedBytes = walker.TransferTo2(target, transferBytes, channel, blocking);
 	begin += transferBytes;
 	return blockedBytes;
 }
--- a/queue.h
+++ b/queue.h
@ -16,49 +16,49 @@ class ByteQueueNode;
 class CRYPTOPP_DLL ByteQueue : public Bufferless<BufferedTransformation>
 {
 public:
-	ByteQueue(unsigned int nodeSize=0);
+	ByteQueue(size_t nodeSize=0);
 	ByteQueue(const ByteQueue &copy);
 	~ByteQueue();
-	unsigned long MaxRetrievable() const
+	lword MaxRetrievable() const
 		{return CurrentSize();}
 	bool AnyRetrievable() const
 		{return !IsEmpty();}
 	void IsolatedInitialize(const NameValuePairs &parameters);
-	byte * CreatePutSpace(unsigned int &size);
+	byte * CreatePutSpace(size_t &size);
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking);
-	unsigned int Get(byte &outByte);
+	size_t Get(byte &outByte);
-	unsigned int Get(byte *outString, unsigned int getMax);
+	size_t Get(byte *outString, size_t getMax);
-	unsigned int Peek(byte &outByte) const;
+	size_t Peek(byte &outByte) const;
-	unsigned int Peek(byte *outString, unsigned int peekMax) const;
+	size_t Peek(byte *outString, size_t peekMax) const;
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 	// these member functions are not inherited
-	void SetNodeSize(unsigned int nodeSize);
+	void SetNodeSize(size_t nodeSize);
-	unsigned long CurrentSize() const;
+	lword CurrentSize() const;
 	bool IsEmpty() const;
 	void Clear();
 	void Unget(byte inByte);
-	void Unget(const byte *inString, unsigned int length);
+	void Unget(const byte *inString, size_t length);
-	const byte * Spy(unsigned int &contiguousSize) const;
+	const byte * Spy(size_t &contiguousSize) const;
-	void LazyPut(const byte *inString, unsigned int size);
+	void LazyPut(const byte *inString, size_t size);
-	void LazyPutModifiable(byte *inString, unsigned int size);
+	void LazyPutModifiable(byte *inString, size_t size);
-	void UndoLazyPut(unsigned int size);
+	void UndoLazyPut(size_t size);
 	void FinalizeLazyPut();
 	ByteQueue & operator=(const ByteQueue &rhs);
 	bool operator==(const ByteQueue &rhs) const;
-	byte operator[](unsigned long i) const;
+	byte operator[](lword i) const;
 	void swap(ByteQueue &rhs);
 	class Walker : public InputRejecting<BufferedTransformation>
@ -67,29 +67,29 @@ public:
 		Walker(const ByteQueue &queue)
 			: m_queue(queue) {Initialize();}
-		unsigned long GetCurrentPosition() {return m_position;}
+		lword GetCurrentPosition() {return m_position;}
-		unsigned long MaxRetrievable() const
+		lword MaxRetrievable() const
 			{return m_queue.CurrentSize() - m_position;}
 		void IsolatedInitialize(const NameValuePairs &parameters);
-		unsigned int Get(byte &outByte);
+		size_t Get(byte &outByte);
-		unsigned int Get(byte *outString, unsigned int getMax);
+		size_t Get(byte *outString, size_t getMax);
-		unsigned int Peek(byte &outByte) const;
+		size_t Peek(byte &outByte) const;
-		unsigned int Peek(byte *outString, unsigned int peekMax) const;
+		size_t Peek(byte *outString, size_t peekMax) const;
-		unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+		size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-		unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
+		size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const;
 	private:
 		const ByteQueue &m_queue;
 		const ByteQueueNode *m_node;
-		unsigned long m_position;
+		lword m_position;
-		unsigned int m_offset;
+		size_t m_offset;
 		const byte *m_lazyString;
-		unsigned int m_lazyLength;
+		size_t m_lazyLength;
 	};
 	friend class Walker;
@ -100,10 +100,10 @@ private:
 	void Destroy();
 	bool m_autoNodeSize;
-	unsigned int m_nodeSize;
+	size_t m_nodeSize;
 	ByteQueueNode *m_head, *m_tail;
 	byte *m_lazyString;
-	unsigned int m_lazyLength;
+	size_t m_lazyLength;
 	bool m_lazyStringModifiable;
 };
@ -111,7 +111,7 @@ private:
 class CRYPTOPP_DLL LazyPutter
 {
 public:
-	LazyPutter(ByteQueue &bq, const byte *inString, unsigned int size)
+	LazyPutter(ByteQueue &bq, const byte *inString, size_t size)
 		: m_bq(bq) {bq.LazyPut(inString, size);}
 	~LazyPutter()
 		{try {m_bq.FinalizeLazyPut();} catch(...) {}}
@ -125,7 +125,7 @@ private:
 class LazyPutterModifiable : public LazyPutter
 {
 public:
-	LazyPutterModifiable(ByteQueue &bq, byte *inString, unsigned int size)
+	LazyPutterModifiable(ByteQueue &bq, byte *inString, size_t size)
 		: LazyPutter(bq) {bq.LazyPutModifiable(inString, size);}
 };
--- a/randpool.cpp
+++ b/randpool.cpp
@ -40,9 +40,9 @@ void RandomPool::Stir()
 	getPos = key.size();
 }
-unsigned int RandomPool::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t RandomPool::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
-	unsigned t;
+	size_t t;
 	while (length > (t = pool.size() - addPos))
 	{
@ -62,25 +62,21 @@ unsigned int RandomPool::Put2(const byte *inString, unsigned int length, int mes
 	return 0;
 }
-unsigned int RandomPool::TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel, bool blocking)
+size_t RandomPool::TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel, bool blocking)
 {
 	if (!blocking)
 		throw NotImplemented("RandomPool: nonblocking transfer is not implemented by this object");
-	unsigned int t;
+	lword size = transferBytes;
 	unsigned long size = transferBytes;
-	while (size > (t = pool.size() - getPos))
+	while (size > 0)
 	{
 		if (getPos == pool.size())
 			Stir();
 		size_t t = UnsignedMin(pool.size() - getPos, size);
 		target.ChannelPut(channel, pool+getPos, t);
 		size -= t;
-		Stir();
+		getPos += t;
 	}
 	if (size)
 	{
 		target.ChannelPut(channel, pool+getPos, size);
 		getPos += size;
 	}
 	return 0;
@ -94,7 +90,7 @@ byte RandomPool::GenerateByte()
 	return pool[getPos++];
 }
-void RandomPool::GenerateBlock(byte *outString, unsigned int size)
+void RandomPool::GenerateBlock(byte *outString, size_t size)
 {
 	ArraySink sink(outString, size);
 	TransferTo(sink, size);
--- a/randpool.h
+++ b/randpool.h
@ -17,19 +17,19 @@ public:
 	//! poolSize must be greater than 16
 	RandomPool(unsigned int poolSize=384);
-	unsigned int Put2(const byte *begin, unsigned int, int messageEnd, bool blocking);
+	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 	bool AnyRetrievable() const {return true;}
-	unsigned long MaxRetrievable() const {return ULONG_MAX;}
+	lword MaxRetrievable() const {return ULONG_MAX;}
-	unsigned int TransferTo2(BufferedTransformation &target, unsigned long &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
+	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=NULL_CHANNEL, bool blocking=true);
-	unsigned int CopyRangeTo2(BufferedTransformation &target, unsigned long &begin, unsigned long end=ULONG_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const
+	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=NULL_CHANNEL, bool blocking=true) const
 	{
 		throw NotImplemented("RandomPool: CopyRangeTo2() is not supported by this store");
 	}
 	byte GenerateByte();
-	void GenerateBlock(byte *output, unsigned int size);
+	void GenerateBlock(byte *output, size_t size);
 	void IsolatedInitialize(const NameValuePairs &parameters) {}
@ -38,7 +38,7 @@ protected:
 private:
 	SecByteBlock pool, key;
-	unsigned int addPos, getPos;
+	size_t addPos, getPos;
 };
 NAMESPACE_END
--- a/rc2.cpp
+++ b/rc2.cpp
@ -46,11 +46,11 @@ void RC2::Base::UncheckedSetKey(CipherDir direction, const byte *key, unsigned i
 		K[i] = L[2*i] + (L[2*i+1] << 8);
 }
-void RC2::Base::SetKeyWithEffectiveKeyLength(const byte *key, unsigned int length, unsigned int effectiveKeyLength)
+void RC2::Base::SetKeyWithEffectiveKeyLength(const byte *key, size_t length, unsigned int effectiveKeyLength)
 {
 	if (effectiveKeyLength > MAX_EFFECTIVE_KEYLENGTH)
 		throw InvalidArgument("RC2: effective key length parameter exceeds maximum");
-	UncheckedSetKey(ENCRYPTION, key, length, effectiveKeyLength);
+	UncheckedSetKey(ENCRYPTION, key, (unsigned int)length, effectiveKeyLength);
 }
 typedef BlockGetAndPut<word16, LittleEndian> Block;
--- a/rc2.h
+++ b/rc2.h
@ -23,11 +23,11 @@ class RC2 : public RC2_Info, public BlockCipherDocumentation
 	{
 	public:
 		void UncheckedSetKey(CipherDir direction, const byte *key, unsigned int length, unsigned int effectiveKeyLength);
-		void SetKeyWithEffectiveKeyLength(const byte *key, unsigned int length, unsigned int effectiveKeyLength);
+		void SetKeyWithEffectiveKeyLength(const byte *key, size_t length, unsigned int effectiveKeyLength);
 	protected:
 		template <class T>
-		static inline void CheckedSetKey(T *obj, CipherDir dir, const byte *key, unsigned int length, const NameValuePairs &param)
+		static inline void CheckedSetKey(T *obj, CipherDir dir, const byte *key, size_t length, const NameValuePairs &param)
 		{
 			obj->ThrowIfInvalidKeyLength(length);
 			int effectiveKeyLength = param.GetIntValueWithDefault("EffectiveKeyLength", DEFAULT_EFFECTIVE_KEYLENGTH);
@ -54,7 +54,7 @@ public:
 	{
 	public:
 		Encryption() {}
-		Encryption(const byte *key, unsigned int keyLen=DEFAULT_KEYLENGTH, unsigned int effectiveLen=1024)
+		Encryption(const byte *key, size_t keyLen=DEFAULT_KEYLENGTH, unsigned int effectiveLen=1024)
 			{SetKeyWithEffectiveKeyLength(key, keyLen, effectiveLen);}
 	};
@ -62,7 +62,7 @@ public:
 	{
 	public:
 		Decryption() {}
-		Decryption(const byte *key, unsigned int keyLen=DEFAULT_KEYLENGTH, unsigned int effectiveLen=1024)
+		Decryption(const byte *key, size_t keyLen=DEFAULT_KEYLENGTH, unsigned int effectiveLen=1024)
 			{SetKeyWithEffectiveKeyLength(key, keyLen, effectiveLen);}
 	};
 };
--- a/rng.cpp
+++ b/rng.cpp
@ -116,7 +116,7 @@ MaurerRandomnessTest::MaurerRandomnessTest()
 		tab[i] = 0;
 }
-unsigned int MaurerRandomnessTest::Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking)
+size_t MaurerRandomnessTest::Put2(const byte *inString, size_t length, int messageEnd, bool blocking)
 {
 	while (length--)
 	{
--- a/rng.h
+++ b/rng.h
@ -56,7 +56,7 @@ class MaurerRandomnessTest : public Bufferless<Sink>
 public:
 	MaurerRandomnessTest();
-	unsigned int Put2(const byte *inString, unsigned int length, int messageEnd, bool blocking);
+	size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking);
 	// BytesNeeded() returns how many more bytes of input is needed by the test
 	// GetTestValue() should not be called before BytesNeeded()==0
--- a/seal.cpp
+++ b/seal.cpp
@ -44,7 +44,7 @@ word32 SEAL_Gamma::Apply(word32 i)
 }
 template <class B>
-void SEAL_Policy<B>::CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length)
+void SEAL_Policy<B>::CipherSetKey(const NameValuePairs &params, const byte *key, size_t length)
 {
 	m_insideCounter = m_outsideCounter = m_startCount = 0;
@ -82,13 +82,13 @@ void SEAL_Policy<B>::SeekToIteration(lword iterationCount)
 }
 template <class B>
-void SEAL_Policy<B>::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount)
+void SEAL_Policy<B>::OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount)
 {
 	KeystreamOutput<B> keystreamOutput(operation, output, input);
 	word32 a, b, c, d, n1, n2, n3, n4;
 	unsigned int p, q;
-	for (unsigned int iteration = 0; iteration < iterationCount; ++iteration)
+	for (size_t iteration = 0; iteration < iterationCount; ++iteration)
 	{
 #define Ttab(x) *(word32 *)((byte *)m_T.begin()+x)
--- a/seal.h
+++ b/seal.h
@ -20,8 +20,8 @@ public:
 	void GetNextIV(byte *IV) const {UnalignedPutWord(BIG_ENDIAN_ORDER, IV, m_outsideCounter+1);}
 protected:
-	void CipherSetKey(const NameValuePairs &params, const byte *key, unsigned int length);
+	void CipherSetKey(const NameValuePairs &params, const byte *key, size_t length);
-	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, unsigned int iterationCount);
+	void OperateKeystream(KeystreamOperation operation, byte *output, const byte *input, size_t iterationCount);
 	void CipherResynchronize(byte *keystreamBuffer, const byte *IV);
 	bool IsRandomAccess() const {return true;}
 	void SeekToIteration(lword iterationCount);
--- a/secblock.h
+++ b/secblock.h
@ -203,11 +203,16 @@ template <class T, class A = AllocatorWithCleanup<T> >
 class SecBlock
 {
 public:
-    explicit SecBlock(unsigned int size=0)
+	typedef typename A::value_type value_type;
 	typedef typename A::pointer iterator;
 	typedef typename A::const_pointer const_iterator;
 	typedef typename A::size_type size_type;
    explicit SecBlock(size_type size=0)
 		: m_size(size) {m_ptr = m_alloc.allocate(size, NULL);}
 	SecBlock(const SecBlock<T, A> &t)
 		: m_size(t.m_size) {m_ptr = m_alloc.allocate(m_size, NULL); memcpy(m_ptr, t.m_ptr, m_size*sizeof(T));}
-	SecBlock(const T *t, unsigned int len)
+	SecBlock(const T *t, size_type len)
 		: m_size(len)
 	{
 		m_ptr = m_alloc.allocate(len, NULL);
@ -238,26 +243,17 @@ public:
 		{return m_ptr;}
 #endif
-	template <typename I>
+//	T *operator +(size_type offset)
-	T *operator +(I offset)
+//		{return m_ptr+offset;}
 		{return m_ptr+offset;}
-	template <typename I>
+//	const T *operator +(size_type offset) const
-	const T *operator +(I offset) const
+//		{return m_ptr+offset;}
 		{return m_ptr+offset;}
-	template <typename I>
+//	T& operator[](size_type index)
-	T& operator[](I index)
+//		{assert(index >= 0 && index < m_size); return m_ptr[index];}
 		{assert(index >= 0 && (unsigned int)index < m_size); return m_ptr[index];}
-	template <typename I>
+//	const T& operator[](size_type index) const
-	const T& operator[](I index) const
+//		{assert(index >= 0 && index < m_size); return m_ptr[index];}
 		{assert(index >= 0 && (unsigned int)index < m_size); return m_ptr[index];}
 	typedef typename A::value_type value_type;
 	typedef typename A::pointer iterator;
 	typedef typename A::const_pointer const_iterator;
 	typedef typename A::size_type size_type;
 	iterator begin()
 		{return m_ptr;}
@ -274,7 +270,7 @@ public:
 	size_type size() const {return m_size;}
 	bool empty() const {return m_size == 0;}
-	void Assign(const T *t, unsigned int len)
+	void Assign(const T *t, size_type len)
 	{
 		New(len);
 		memcpy(m_ptr, t, len*sizeof(T));
@ -294,7 +290,7 @@ public:
 	SecBlock<T, A>& operator+=(const SecBlock<T, A> &t)
 	{
-		unsigned int oldSize = m_size;
+		size_type oldSize = m_size;
 		Grow(m_size+t.m_size);
 		memcpy(m_ptr+oldSize, t.m_ptr, t.m_size*sizeof(T));
 		return *this;
@ -318,19 +314,19 @@ public:
 		return !operator==(t);
 	}
-	void New(unsigned int newSize)
+	void New(size_type newSize)
 	{
 		m_ptr = m_alloc.reallocate(m_ptr, m_size, newSize, false);
 		m_size = newSize;
 	}
-	void CleanNew(unsigned int newSize)
+	void CleanNew(size_type newSize)
 	{
 		New(newSize);
 		memset(m_ptr, 0, m_size*sizeof(T));
 	}
-	void Grow(unsigned int newSize)
+	void Grow(size_type newSize)
 	{
 		if (newSize > m_size)
 		{
@ -339,7 +335,7 @@ public:
 		}
 	}
-	void CleanGrow(unsigned int newSize)
+	void CleanGrow(size_type newSize)
 	{
 		if (newSize > m_size)
 		{
@ -349,7 +345,7 @@ public:
 		}
 	}
-	void resize(unsigned int newSize)
+	void resize(size_type newSize)
 	{
 		m_ptr = m_alloc.reallocate(m_ptr, m_size, newSize, true);
 		m_size = newSize;
@ -364,7 +360,7 @@ public:
 //private:
 	A m_alloc;
-	unsigned int m_size;
+	size_type m_size;
 	T *m_ptr;
 };
@ -382,7 +378,7 @@ template <class T, unsigned int S, class A = FixedSizeAllocatorWithCleanup<T, S,
 class SecBlockWithHint : public SecBlock<T, A>
 {
 public:
-	explicit SecBlockWithHint(unsigned int size) : SecBlock<T, A>(size) {}
+	explicit SecBlockWithHint(size_t size) : SecBlock<T, A>(size) {}
 };
 template<class T, class U>
--- a/Show More
+++ b/Show More