From c45435812225aa68d122c7de246e5f60b509766c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 20 Nov 2015 19:15:33 -0500
Subject: [PATCH] Crypto++ 5.6.3 check-in

---
 3way.h               |   8 +--
 Doxyfile             |   4 +-
 TestVectors/hkdf.txt |  32 ++++++------
 arc4.h               |   6 ++-
 argnames.h           |   4 +-
 base32.h             |  26 +++++++++-
 base64.h             |  57 +++++++++++++++++++--
 basecode.h           |  45 ++++++++++++++--
 blowfish.h           |   4 +-
 camellia.h           |   6 +--
 cast.h               |   5 +-
 config.h             |  31 +++++++++--
 cryptest.sh          |  20 +++++---
 cryptlib.h           | 119 +++++++++++++++++++++++++------------------
 datatest.cpp         |   4 +-
 default.cpp          |   5 +-
 default.h            | 116 ++++++++++++++++++++++++++++++++++++-----
 des.h                |   5 +-
 eccrypto.h           |  10 ++--
 ecp.h                |   6 ++-
 elgamal.h            |   8 ++-
 emsa2.h              |  10 ++--
 eprecomp.h           |   7 ++-
 gost.h               |   8 +--
 idea.h               |   8 +--
 lubyrack.h           |   3 ++
 mars.h               |   4 +-
 mersenne.h           |  14 +++--
 misc.h               |   4 +-
 mqv.h                |  16 ++++--
 nbtheory.h           |  55 +++++++++++++++++---
 osrng.h              |   1 +
 panama.h             |   5 ++
 pubkey.h             |   7 +--
 rc2.h                |   4 +-
 rc5.h                |   8 +--
 rc6.h                |   8 +--
 rdrand.S             |  10 ++--
 rdrand.h             |   6 +--
 safer.h              |   8 +--
 salsa.h              |   6 +--
 seal.h               |   8 +--
 seed.h               |   8 +--
 serpent.h            |   8 +--
 shacal2.h            |   8 +--
 shark.h              |   8 +--
 skipjack.h           |   3 +-
 sosemanuk.h          |   5 ++
 square.h             |   3 +-
 tea.h                |   8 +--
 twofish.h            |   8 +--
 validat1.cpp         |   2 +-
 wake.h               |   5 ++
 53 files changed, 580 insertions(+), 207 deletions(-)

diff --git a/3way.h b/3way.h
index 48b65715..5827e0e6 100644
--- a/3way.h
+++ b/3way.h
@@ -1,8 +1,7 @@
 // 3way.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile 3way.h
-//! \brief Class file for the 3way cipher
+//! \file 3way.h
+//! \brief Classes for the 3-Way block cipher
 
 #ifndef CRYPTOPP_THREEWAY_H
 #define CRYPTOPP_THREEWAY_H
@@ -68,3 +67,6 @@ typedef ThreeWay::Decryption ThreeWayDecryption;
 NAMESPACE_END
 
 #endif
+D
+
+#endif
diff --git a/Doxyfile b/Doxyfile
index da7bbf4c..4b72a90d 100644
--- a/Doxyfile
+++ b/Doxyfile
@@ -765,7 +765,9 @@ WARN_LOGFILE           =
 
 INPUT                  = . \
                          GNUmakefile \
-						 rdrand.asm
+                         rdrand.S \
+                         rdrand.asm \
+                         cryptest.sh
 
 # This tag can be used to specify the character encoding of the source files
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
diff --git a/TestVectors/hkdf.txt b/TestVectors/hkdf.txt
index 8d40911d..f66a9003 100644
--- a/TestVectors/hkdf.txt
+++ b/TestVectors/hkdf.txt
@@ -5,7 +5,7 @@ Comment: Test Case 4
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b
 Salt: 0x000102030405060708090a0b0c
 Info: 0xf0f1f2f3f4f5f6f7f8f9
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896
 Test: Verify
 
@@ -16,7 +16,7 @@ Comment: Test Case 5
 Key: 0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Salt: 0x606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Info: 0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-DerivedLength: 82
+DerivedKeyLength: 82
 DerivedKey: 0x0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4
 Test: Verify
 
@@ -27,7 +27,7 @@ Comment: Test Case 6
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918
 Test: Verify
 
@@ -38,7 +38,7 @@ Comment: Test Case 7
 Key: 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48
 Test: Verify
 
@@ -49,7 +49,7 @@ Comment: Test Case 1
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: 0x000102030405060708090a0b0c
 Info: 0xf0f1f2f3f4f5f6f7f8f9
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865
 Test: Verify
 
@@ -60,7 +60,7 @@ Comment: Test Case 2
 Key: 0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Salt: 0x606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Info: 0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-DerivedLength: 82
+DerivedKeyLength: 82
 DerivedKey: 0xb11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87
 Test: Verify
 
@@ -71,7 +71,7 @@ Comment: Test Case 3
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8
 Test: Verify
 
@@ -82,7 +82,7 @@ Comment: Test Case 8 (Mirror Tests 1 and 4)
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: 0x000102030405060708090a0b0c
 Info: 0xf0f1f2f3f4f5f6f7f8f9
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x832390086CDA71FB47625BB5CEB168E4C8E26A1A16ED34D9FC7FE92C1481579338DA362CB8D9F925D7CB
 Test: Verify
 
@@ -93,7 +93,7 @@ Comment: Test Case 9 (Mirror Tests 2 and 5)
 Key: 0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Salt: 0x606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Info: 0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-DerivedLength: 82
+DerivedKeyLength: 82
 DerivedKey: 0xCE6C97192805B346E6161E821ED165673B84F400A2B514B2FE23D84CD189DDF1B695B48CBD1C8388441137B3CE28F16AA64BA33BA466B24DF6CFCB021ECFF235F6A2056CE3AF1DE44D572097A8505D9E7A93
 Test: Verify
 
@@ -104,7 +104,7 @@ Comment: Test Case 10 (Mirror Test 3 and 6)
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0xF5FA02B18298A72A8C23898A8703472C6EB179DC204C03425C970E3B164BF90FFF22D04836D0E2343BAC
 Test: Verify
 
@@ -115,7 +115,7 @@ Comment: Test Case 11
 Key: 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Salt: ""
 Info:
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x1407D46013D98BC6DECEFCFEE55F0F90B0C7F63D68EB1A80EAF07E953CFC0A3A5240A155D6E4DAA965BB
 Test: Verify
 
@@ -126,7 +126,7 @@ Comment: Test Case 12 (Mirror Tests 3 and 6)
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0xF5FA02B18298A72A8C23898A8703472C6EB179DC204C03425C970E3B164BF90FFF22D04836D0E2343BAC
 Test: Verify
 
@@ -137,7 +137,7 @@ Comment: Test Case 13 (Mirror Tests 1 and 4)
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: 0x000102030405060708090a0b0c
 Info: 0xf0f1f2f3f4f5f6f7f8f9
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x0D29F74CCD8640F44B0DD9638111C1B5766EFED752AF358109E2E7C9CD4A28EF2F90B2AD461FBA0744D4
 Test: Verify
 
@@ -148,7 +148,7 @@ Comment: Test Case 14 (Mirror Tests 2 and 5)
 Key: 0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f
 Salt: 0x606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
 Info: 0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff
-DerivedLength: 82
+DerivedKeyLength: 82
 DerivedKey: 0x4EBE4FE2DCCEC42661699500BE279A993FED90351E19373B3926FAA3A410700B2BBF77E254CF1451AE6068D64A0904D966F4FF25498445A501B88F50D21E3A68A890E09445DC5886DD00E7F4F7C58A512170
 Test: Verify
 
@@ -159,7 +159,7 @@ Comment: Test Case 15 (Mirror Tests 3 and 6)
 Key: 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
 Salt: ""
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x110632D0F7AEFAC31771FC66C22BB3462614B81E4B04BA7F2B662E0BD694F56458615F9A9CB56C57ECF2
 Test: Verify
 
@@ -170,6 +170,6 @@ Comment: Test Case 16 (Mirror Test 7)
 Key: 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
 Salt: r64 0x00
 Info: ""
-DerivedLength: 42
+DerivedKeyLength: 42
 DerivedKey: 0x4089286EBFB23DD8A02F0C9DAA35D538EB09CD0A8CBAB203F39083AA3E0BD313E6F91E64F21A187510B0
 Test: Verify
diff --git a/arc4.h b/arc4.h
index d02bd9ba..adf773ba 100644
--- a/arc4.h
+++ b/arc4.h
@@ -1,7 +1,6 @@
 // arc4.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile arc4.h
+//! \file arc4.h
 //! \brief Classes for ARC4 cipher
 
 #ifndef CRYPTOPP_ARC4_H
@@ -82,3 +81,6 @@ using namespace Weak1;	// import Weak1 into CryptoPP with warning
 NAMESPACE_END
 
 #endif
+E_END
+
+#endif
diff --git a/argnames.h b/argnames.h
index 8f24e577..4165bcc9 100644
--- a/argnames.h
+++ b/argnames.h
@@ -78,9 +78,9 @@ CRYPTOPP_DEFINE_NAME_STRING(MaxLineLength)		//< int
 CRYPTOPP_DEFINE_NAME_STRING(DigestSize)			//!< int, in bytes
 CRYPTOPP_DEFINE_NAME_STRING(L1KeyLength)		//!< int, in bytes
 CRYPTOPP_DEFINE_NAME_STRING(TableSize)			//!< int, in bytes
-CRYPTOPP_DEFINE_NAME_STRING(Blinding)			//!< bool
+CRYPTOPP_DEFINE_NAME_STRING(Blinding)			//!< bool, timing attack mitigations
 CRYPTOPP_DEFINE_NAME_STRING(DerivedKey)			//!< ByteArrayParameter, key derivation, derived key
-CRYPTOPP_DEFINE_NAME_STRING(DerivedLength)		//!< int, key derivation, derived key length in bytes
+CRYPTOPP_DEFINE_NAME_STRING(DerivedKeyLength)	//!< int, key derivation, derived key length in bytes
 DOCUMENTED_NAMESPACE_END
 
 NAMESPACE_END
diff --git a/base32.h b/base32.h
index ad4da97c..6790e59d 100644
--- a/base32.h
+++ b/base32.h
@@ -18,12 +18,32 @@ NAMESPACE_BEGIN(CryptoPP)
 class Base32Encoder : public SimpleProxyFilter
 {
 public:
-	Base32Encoder(BufferedTransformation *attachment = NULL, bool uppercase = true, int outputGroupSize = 0, const std::string &separator = ":", const std::string &terminator = "")
+	//! \brief Construct a Base32Encoder
+	//! \param attachment a BufferedTrasformation to attach to this object
+	//! \param uppercase a flag indicating uppercase output
+	//! \param groupSize the size of the grouping
+	//! \param separator the separator to use between groups
+	//! \param terminator the terminator appeand after processing
+	//! \details Base32Encoder() constructs a default encoder. The constructor lacks fields for padding and
+	//!   line breaks. You must use IsolatedInitialize() to change the default padding character or suppress it.
+	//! \sa IsolatedInitialize() for an example of modifying a Base32Encoder after construction.
+	Base32Encoder(BufferedTransformation *attachment = NULL, bool uppercase = true, int groupSize = 0, const std::string &separator = ":", const std::string &terminator = "")
 		: SimpleProxyFilter(new BaseN_Encoder(new Grouper), attachment)
 	{
-		IsolatedInitialize(MakeParameters(Name::Uppercase(), uppercase)(Name::GroupSize(), outputGroupSize)(Name::Separator(), ConstByteArrayParameter(separator))(Name::Terminator(), ConstByteArrayParameter(terminator)));
+		IsolatedInitialize(MakeParameters(Name::Uppercase(), uppercase)(Name::GroupSize(), groupSize)(Name::Separator(), ConstByteArrayParameter(separator))(Name::Terminator(), ConstByteArrayParameter(terminator)));
 	}
 
+	//! \brief Initialize or reinitialize this object, without signal propagation
+	//! \param parameters a set of NameValuePairs used to initialize this object
+	//! \details IsolatedInitialize() is used to initialize or reinitialize an object using a variable
+	//!   number of arbitrarily typed arguments. IsolatedInitialize() does not call Initialize() on attached
+	//!   transformations. If initialization should be propagated, then use the Initialize() function.
+	//! \details The following code modifies the padding and line break parameters for an encoder:
+	//!   <pre>
+	//!     Base32Encoder encoder;
+	//!     AlgorithmParameters params = MakeParameters(Pad(), false)(InsertLineBreaks(), false);
+	//!     encoder.IsolatedInitialize(params);
+	//!   </pre>
 	void IsolatedInitialize(const NameValuePairs &parameters);
 };
 
@@ -34,6 +54,8 @@ public:
 class Base32Decoder : public BaseN_Decoder
 {
 public:
+	//! \brief Construct a Base32Decoder
+	//! \param attachment a BufferedTrasformation to attach to this object
 	Base32Decoder(BufferedTransformation *attachment = NULL)
 		: BaseN_Decoder(GetDefaultDecodingLookupArray(), 5, attachment) {}
 
diff --git a/base64.h b/base64.h
index 0f957f32..2d81e61a 100644
--- a/base64.h
+++ b/base64.h
@@ -1,6 +1,6 @@
 // base64.h - written and placed in the public domain by Wei Dai
 
-//! \file
+//! \file base64.h
 //! \brief Classes for the Base64Encoder, Base64Decoder, Base64URLEncoder and Base64URLDecoder
 
 #ifndef CRYPTOPP_BASE64_H
@@ -18,12 +18,30 @@ NAMESPACE_BEGIN(CryptoPP)
 class Base64Encoder : public SimpleProxyFilter
 {
 public:
+	//! \brief Construct a Base64Encoder
+	//! \param attachment a BufferedTrasformation to attach to this object
+	//! \param insertLineBreaks a BufferedTrasformation to attach to this object
+	//! \param maxLineLength the lenght of a line if line breaks are used
+	//! \details Base64Encoder() constructs a default encoder. The constructor lacks parameters for padding.
+	//!    You must use IsolatedInitialize() to modify the Base64Encoder after construction.
+	//! \sa IsolatedInitialize() for an example of modifying a Base64Encoder after construction.
 	Base64Encoder(BufferedTransformation *attachment = NULL, bool insertLineBreaks = true, int maxLineLength = 72)
 		: SimpleProxyFilter(new BaseN_Encoder(new Grouper), attachment)
 	{
 		IsolatedInitialize(MakeParameters(Name::InsertLineBreaks(), insertLineBreaks)(Name::MaxLineLength(), maxLineLength));
 	}
-    
+
+	//! \brief Initialize or reinitialize this object, without signal propagation
+	//! \param parameters a set of NameValuePairs used to initialize this object
+	//! \details IsolatedInitialize() is used to initialize or reinitialize an object using a variable
+	//!   number of arbitrarily typed arguments. IsolatedInitialize() does not call Initialize() on attached
+	//!   transformations. If initialization should be propagated, then use the Initialize() function.
+	//! \details The following code modifies the padding and line break parameters for an encoder:
+	//!   <pre>
+	//!     Base64Encoder encoder;
+	//!     AlgorithmParameters params = MakeParameters(Pad(), false)(InsertLineBreaks(), false);
+	//!     encoder.IsolatedInitialize(params);
+	//!   </pre>
 	void IsolatedInitialize(const NameValuePairs &parameters);
 };
 
@@ -34,9 +52,16 @@ public:
 class Base64Decoder : public BaseN_Decoder
 {
 public:
+	//! \brief Construct a Base64Decoder
+	//! \param attachment a BufferedTrasformation to attach to this object
 	Base64Decoder(BufferedTransformation *attachment = NULL)
 		: BaseN_Decoder(GetDecodingLookupArray(), 6, attachment) {}
     
+	//! \brief Initialize or reinitialize this object, without signal propagation
+	//! \param parameters a set of NameValuePairs used to initialize this object
+	//! \details IsolatedInitialize() is used to initialize or reinitialize an object using a variable
+	//!   number of arbitrarily typed arguments. IsolatedInitialize() does not call Initialize() on
+	//!  attached transformations. If initialization should be propagated, then use the Initialize() function.
 	void IsolatedInitialize(const NameValuePairs &parameters)
 		{CRYPTOPP_UNUSED(parameters);}
     
@@ -51,12 +76,31 @@ private:
 class Base64URLEncoder : public SimpleProxyFilter
 {
 public:
+	//! \brief Construct a Base64URLEncoder
+	//! \param attachment a BufferedTrasformation to attach to this object
+	//! \param insertLineBreaks a BufferedTrasformation to attach to this object
+	//! \param maxLineLength the lenght of a line if line breaks are used
+	//! \details Base64URLEncoder() constructs a default encoder. The constructor ignores insertLineBreaks
+	//!   and maxLineLength because the web and URL safe specifications don't use them. They are present
+	//!   in the constructor for API compatibility with Base64Encoder (drop-in replacement).
+	//! \details If you need line breaks and padding, then you must use IsolatedInitialize() to set them
+	//!   after constructing a Base64URLEncoder.
+	//! \sa IsolatedInitialize() for an example of modifying a Base64URLEncoder after construction.
 	Base64URLEncoder(BufferedTransformation *attachment = NULL, bool insertLineBreaks = false, int maxLineLength = -1)
 		: SimpleProxyFilter(new BaseN_Encoder(new Grouper), attachment)
 	{
-		IsolatedInitialize(MakeParameters(Name::InsertLineBreaks(), insertLineBreaks)(Name::MaxLineLength(), maxLineLength));
+		IsolatedInitialize(MakeParameters(Name::InsertLineBreaks(), false)(Name::MaxLineLength(), -1)(Name::Pad(),false));
 	}
     
+	//! \details IsolatedInitialize() is used to initialize or reinitialize an object using a variable
+	//!   number of arbitrarily typed arguments. IsolatedInitialize() does not call Initialize() on attached
+	//!   transformations. If initialization should be propagated, then use the Initialize() function.
+	//! \details The following code modifies the padding and line break parameters for an encoder:
+	//!   <pre>
+	//!     Base64URLEncoder encoder;
+	//!     AlgorithmParameters params = MakeParameters(Name::Pad(), true)(Name::InsertLineBreaks(), true);
+	//!     encoder.IsolatedInitialize(params);
+	//!   </pre>
 	void IsolatedInitialize(const NameValuePairs &parameters);
 };
 
@@ -67,9 +111,16 @@ public:
 class Base64URLDecoder : public BaseN_Decoder
 {
 public:
+	//! \brief Construct a Base64URLDecoder
+	//! \param attachment a BufferedTrasformation to attach to this object
 	Base64URLDecoder(BufferedTransformation *attachment = NULL)
 		: BaseN_Decoder(GetDecodingLookupArray(), 6, attachment) {}
     
+	//! \brief Initialize or reinitialize this object, without signal propagation
+	//! \param parameters a set of NameValuePairs used to initialize this object
+	//! \details IsolatedInitialize() is used to initialize or reinitialize an object using a variable
+	//!   number of arbitrarily typed arguments. IsolatedInitialize() does not call Initialize() on
+	//!  attached transformations. If initialization should be propagated, then use the Initialize() function.
 	void IsolatedInitialize(const NameValuePairs &parameters)
 		{CRYPTOPP_UNUSED(parameters);}
     
diff --git a/basecode.h b/basecode.h
index bce550f4..75c6659f 100644
--- a/basecode.h
+++ b/basecode.h
@@ -14,15 +14,24 @@
 NAMESPACE_BEGIN(CryptoPP)
 
 //! \class BaseN_Encoder
-//! \details base n encoder, where n is a power of 2
+//! \brief Encoder for bases that are a power of 2
 class CRYPTOPP_DLL BaseN_Encoder : public Unflushable<Filter>
 {
 public:
+	//! \brief Construct a BaseN_Encoder
+	//! \param attachment a BufferedTransformation to attach to this object
 	BaseN_Encoder(BufferedTransformation *attachment=NULL)
 		: m_alphabet(NULL), m_padding(0), m_bitsPerChar(0)
 		, m_outputBlockSize(0), m_bytePos(0), m_bitPos(0)
 			{Detach(attachment);}
 
+	//! \brief Construct a BaseN_Encoder
+	//! \param alphabet table of ASCII characters to use as the alphabet
+	//! \param log2base the log<sub>2</sub>base
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param padding the character to use as padding
+	//! \pre log2base must be between 1 and 7 inclusive
+	//! \throws InvalidArgument if log2base is not between 1 and 7
 	BaseN_Encoder(const byte *alphabet, int log2base, BufferedTransformation *attachment=NULL, int padding=-1)
 		: m_alphabet(NULL), m_padding(0), m_bitsPerChar(0)
 		, m_outputBlockSize(0), m_bytePos(0), m_bitPos(0)
@@ -45,15 +54,27 @@ private:
 };
 
 //! \class BaseN_Decoder
-//! \details base n encoder, where n is a power of 2
+//! \brief Decoder for bases that are a power of 2
 class CRYPTOPP_DLL BaseN_Decoder : public Unflushable<Filter>
 {
 public:
+	//! \brief Construct a BaseN_Decoder
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \details padding is set to -1, which means use default padding. If not
+	//!   required, then the value must be set via IsolatedInitialize().
 	BaseN_Decoder(BufferedTransformation *attachment=NULL)
 		: m_lookup(0), m_padding(0), m_bitsPerChar(0)
 		, m_outputBlockSize(0), m_bytePos(0), m_bitPos(0)
 			{Detach(attachment);}
 
+	//! \brief Construct a BaseN_Decoder
+	//! \param lookup table of values
+	//! \param log2base the log<sub>2</sub>base
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \details log2base is the exponent (like 5 in 2<sup>5</sup>), and not
+	//!   the number of elements (like 32).
+	//! \details padding is set to -1, which means use default padding. If not
+	//!   required, then the value must be set via IsolatedInitialize().
 	BaseN_Decoder(const int *lookup, int log2base, BufferedTransformation *attachment=NULL)
 		: m_lookup(0), m_padding(0), m_bitsPerChar(0)
 		, m_outputBlockSize(0), m_bytePos(0), m_bitPos(0)
@@ -65,6 +86,16 @@ public:
 	void IsolatedInitialize(const NameValuePairs &parameters);
 	size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
 
+	//! \brief Intializes BaseN lookup array
+	//! \param lookup table of values
+	//! \param alphabet table of ASCII characters
+	//! \param base the base for the encoder
+	//! \param caseInsensitive flag indicating whether the alpabet is case sensitivie
+	//! \pre COUNTOF(lookup) == 256
+	//! \pre COUNTOF(alphabet) == base
+	//! \details Internally, the function sets the first 256 elements in the lookup table to
+	//   their value from the alphabet array or -1. base is the number of element (like 32),
+	//!  and not an exponent (like 5 in 2<sup>5</sup>)
 	static void CRYPTOPP_API InitializeDecodingLookupArray(int *lookup, const byte *alphabet, unsigned int base, bool caseInsensitive);
 
 private:
@@ -74,13 +105,21 @@ private:
 	SecByteBlock m_outBuf;
 };
 
-//! filter that breaks input stream into groups of fixed size
+//! \class Grouper
+//! \brief Filter that breaks input stream into groups of fixed size
 class CRYPTOPP_DLL Grouper : public Bufferless<Filter>
 {
 public:
+	//! \brief Construct a Grouper
+	//! \param attachment a BufferedTransformation to attach to this object
 	Grouper(BufferedTransformation *attachment=NULL)
 		: m_groupSize(0), m_counter(0) {Detach(attachment);}
 
+	//! \brief Construct a Grouper
+	//! \param groupSize the size of the grouping
+	//! \param separator the separator to use between groups
+	//! \param terminator the terminator appeand after processing
+	//! \param attachment a BufferedTransformation to attach to this object
 	Grouper(int groupSize, const std::string &separator, const std::string &terminator, BufferedTransformation *attachment=NULL)
 		: m_groupSize(0), m_counter(0)
 	{
diff --git a/blowfish.h b/blowfish.h
index ee8445cc..98336b45 100644
--- a/blowfish.h
+++ b/blowfish.h
@@ -1,7 +1,7 @@
 // blowfish.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \brief Classes for the Blowfish algorithm
+//! \file blowfish.h
+//! \brief Classes for the Blowfish block cipher
 
 #ifndef CRYPTOPP_BLOWFISH_H
 #define CRYPTOPP_BLOWFISH_H
diff --git a/camellia.h b/camellia.h
index 79d9b819..27d7cf5a 100644
--- a/camellia.h
+++ b/camellia.h
@@ -1,8 +1,7 @@
 // camellia.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile camellia.h
-//! \brief Classes for Cameliia cipher
+//! \file camellia.h
+//! \brief Classes for the Cameliia block cipher
 
 #ifndef CRYPTOPP_CAMELLIA_H
 #define CRYPTOPP_CAMELLIA_H
@@ -50,3 +49,4 @@ typedef Camellia::Decryption CamelliaDecryption;
 NAMESPACE_END
 
 #endif
+endif
diff --git a/cast.h b/cast.h
index 2db1e652..dbb53de5 100644
--- a/cast.h
+++ b/cast.h
@@ -1,8 +1,7 @@
 // cast.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile cast.h
-//! \brief Classes for CAST cipher
+//! \file cast.h
+//! \brief Classes for the CAST-128 and CAST-256 block ciphers
 
 #ifndef CRYPTOPP_CAST_H
 #define CRYPTOPP_CAST_H
diff --git a/config.h b/config.h
index 77c969cd..86c8921f 100644
--- a/config.h
+++ b/config.h
@@ -1,7 +1,6 @@
 // config.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile config.h
+//! \file config.h
 //! \brief Library configuration file
 
 #ifndef CRYPTOPP_CONFIG_H
@@ -41,7 +40,7 @@
 // Define this to ensure C/C++ standard compliance and respect for GCC aliasing rules and other alignment fodder. If you
 // experience a break with GCC at -O3, you should try this first. Guard it in case its set on the command line (and it differs).
 #ifndef CRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-// # define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS
+# define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS
 #endif
 
 // ***************** Less Important Settings ***************
@@ -56,7 +55,7 @@
 // Also see https://cryptopp.com/wiki/Config.h#Avoid_MAINTAIN_BACKWARDS_COMPATIBILITY
 #if (CRYPTOPP_VERSION <= 600)
 # if !defined(CRYPTOPP_NO_BACKWARDS_COMPATIBILITY_562) && !defined(CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562)
-#  define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
+// #  define CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
 # endif
 #endif
 
@@ -96,7 +95,7 @@
 // Under GCC, the library uses init_priority attribute in the range
 // [CRYPTOPP_INIT_PRIORITY, CRYPTOPP_INIT_PRIORITY+100]. Under Windows,
 // CRYPTOPP_INIT_PRIORITY enlists "#pragma init_seg(lib)".
-// #define CRYPTOPP_INIT_PRIORITY 250
+#define CRYPTOPP_INIT_PRIORITY 250
 
 // CRYPTOPP_USER_PRIORITY is for other libraries and user code that is using Crypto++
 // and managing C++ static object creation. It is guaranteed not to conflict with
@@ -706,4 +705,26 @@ NAMESPACE_END
 # error "std::uncaught_exception is not available. This is likely a configuration error."
 #endif
 
+#endif
+ CRYPTOPP_CXX11_VARIADIC_TEMPLATES 1
+#endif // variadic templates
+
+// TODO: Emplacement, R-values and Move semantics
+// Needed because we are catching warnings with GCC and MSC
+
+#endif // CRYPTOPP_CXX11
+	
+#if defined(CRYPTOPP_CXX11_NOEXCEPT)
+#  define CRYPTOPP_THROW noexcept(false)
+#  define CRYPTOPP_NO_THROW noexcept(true)
+#else
+#  define CRYPTOPP_THROW
+#  define CRYPTOPP_NO_THROW
+#endif // CRYPTOPP_CXX11_NOEXCEPT
+
+// OK to comment the following out, but please report it so we can fix it.
+#if (defined(__cplusplus) && (__cplusplus >= 199711L)) && !defined(CRYPTOPP_UNCAUGHT_EXCEPTION_AVAILABLE)
+# error "std::uncaught_exception is not available. This is likely a configuration error."
+#endif
+
 #endif
diff --git a/cryptest.sh b/cryptest.sh
index 2a880e5b..b4321601 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -7,9 +7,9 @@
 # to automate building the library and running the self test with various
 # combinations of flags, options, and conditions.
 
-# Everything is tee'd into cryptest-result.txt. Change it to suite your taste.
-# You should be able to use `egrep "(error|FAILED)" cryptest-result.txt` to
-# quickly find errors and failures.
+# Everything is tee'd into cryptest-result.txt. Change it to suite your taste. You
+# should be able to use `egrep -a "(Error|error|FAILED|Illegal)" cryptest-result.txt`
+# to quickly find errors and failures.
 
 # Set to suite your taste
 TEST_RESULTS=cryptest-result.txt
@@ -142,10 +142,6 @@ echo "User CXXFLAGS: $CXXFLAGS"
 echo "Retained CXXFLAGS: $ADD_CXXFLAGS"
 echo "Compiler:" $($CXX --version | head -1)
 
-# Remove previous test results
-rm -f "$TEST_RESULTS" > /dev/null 2>&1
-touch "$TEST_RESULTS"
-
 TEST_BEGIN=$(date)
 echo
 echo "Start time: $TEST_BEGIN"
@@ -153,6 +149,16 @@ echo "Start time: $TEST_BEGIN"
 ############################################
 ############################################
 
+# Remove previous test results
+rm -f "$TEST_RESULTS" > /dev/null 2>&1
+touch "$TEST_RESULTS"
+
+rm -f "$BENCHMARK_RESULTS" > /dev/null 2>&1
+touch "$BENCHMARK_RESULTS"
+
+rm -f "$WARN_RESULTS" > /dev/null 2>&1
+touch "$WARN_RESULTS"
+
 ############################################
 # Basic debug build
 echo
diff --git a/cryptlib.h b/cryptlib.h
index c27a23c1..3610e6ca 100644
--- a/cryptlib.h
+++ b/cryptlib.h
@@ -7,22 +7,26 @@
 <dl>
 <dt>Abstract Base Classes<dd>
 	cryptlib.h
-<dt>Authenticated Encryption<dd>
-	AuthenticatedSymmetricCipherDocumentation
-<dt>Symmetric Ciphers<dd>
-	SymmetricCipherDocumentation
+<dt>Authenticated Encryption Modes<dd>
+	CCM, EAX, \ref GCM "GCM (2K tables)", \ref GCM "GCM (64K tables)"
+<dt>Block Ciphers<dd>
+	\ref Rijndael "AES", Weak::ARC4, Blowfish, BTEA, Camellia, CAST128, CAST256, DES, \ref DES_EDE2 "2-key Triple-DES", \ref DES_EDE3 "3-key Triple-DES",
+	\ref DES_XEX3 "DESX", GOST, IDEA, \ref LR "Luby-Rackoff", MARS, RC2, RC5, RC6, \ref SAFER_K "SAFER-K", \ref SAFER_SK "SAFER-SK", SEED, Serpent,
+	\ref SHACAL2 "SHACAL-2", SHARK, SKIPJACK,
+Square, TEA, \ref ThreeWay "3-Way", Twofish, XTEA
+<dt>Stream Ciphers<dd>
+	\ref Panama "Panama-LE", \ref Panama "Panama-BE", Salsa20, \ref SEAL "SEAL-LE", \ref SEAL "SEAL-BE", WAKE, XSalsa20
 <dt>Hash Functions<dd>
-	SHA1, SHA224, SHA256, SHA384, SHA512, Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, Weak::MD2, Weak::MD4, Weak::MD5
+	SHA1, SHA224, SHA256, SHA384, SHA512, \ref SHA3 "SHA-3", Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, Weak::MD2, Weak::MD4, Weak::MD5
 <dt>Non-Cryptographic Checksums<dd>
 	CRC32, Adler32
 <dt>Message Authentication Codes<dd>
-	VMAC, HMAC, CBC_MAC, CMAC, DMAC, TTMAC, GCM (GMAC)
+	VMAC, HMAC, CBC_MAC, CMAC, DMAC, TTMAC, \ref GCM "GCM (GMAC)"
 <dt>Random Number Generators<dd>
-	NullRNG(), LC_RNG, RandomPool, BlockingRng, NonblockingRng, AutoSeededRandomPool, AutoSeededX917RNG
-<dt>Key Derivation<dd>
-	HKDF
-<dt>Password-based Cryptography<dd>
-	PasswordBasedKeyDerivationFunction
+	NullRNG(), LC_RNG, RandomPool, BlockingRng, NonblockingRng, AutoSeededRandomPool, AutoSeededX917RNG,
+	\ref MersenneTwister "MersenneTwister (MT19937 and MT19937-AR)", RDRAND, RDSEED
+<dt>Key Derivation and Password-based Cryptography<dd>
+	HKDF, \ref PKCS12_PBKDF "PBKDF (PKCS #12)", \ref PKCS5_PBKDF1 "PBKDF-1 (PKCS #5)", \ref PKCS5_PBKDF2_HMAC "PBKDF-2/HMAC (PKCS #5)"
 <dt>Public Key Cryptosystems<dd>
 	DLIES, ECIES, LUCES, RSAES, RabinES, LUC_IES
 <dt>Public Key Signature Schemes<dd>
@@ -31,8 +35,7 @@
 	DH, DH2, MQV, ECDH, ECMQV, XTR_DH
 <dt>Algebraic Structures<dd>
 	Integer, PolynomialMod2, PolynomialOver, RingOfPolynomialsOver,
-	ModularArithmetic, MontgomeryRepresentation, GFP2_ONB,
-	GF2NP, GF256, GF2_32, EC2N, ECP
+	ModularArithmetic, MontgomeryRepresentation, GFP2_ONB, GF2NP, GF256, GF2_32, EC2N, ECP
 <dt>Secret Sharing and Information Dispersal<dd>
 	SecretSharing, SecretRecovery, InformationDispersal, InformationRecovery
 <dt>Compression<dd>
@@ -40,21 +43,21 @@
 <dt>Input Source Classes<dd>
 	StringSource, ArraySource, FileSource, SocketSource, WindowsPipeSource, RandomNumberSource
 <dt>Output Sink Classes<dd>
-	StringSinkTemplate, ArraySink, FileSink, SocketSink, WindowsPipeSink, RandomNumberSink
+	StringSinkTemplate, StringSink, ArraySink, FileSink, SocketSink, WindowsPipeSink, RandomNumberSink
 <dt>Filter Wrappers<dd>
 	StreamTransformationFilter, HashFilter, HashVerificationFilter, SignerFilter, SignatureVerificationFilter
 <dt>Binary to Text Encoders and Decoders<dd>
-	HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base32Encoder, Base32Decoder
+	HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base64URLEncoder, Base64URLDecoder, Base32Encoder, Base32Decoder
 <dt>Wrappers for OS features<dd>
 	Timer, Socket, WindowsHandle, ThreadLocalStorage, ThreadUserTimer
-<dt>FIPS 140 related<dd>
+<dt>FIPS 140 validated cryptography<dd>
 	fips140.h
 </dl>
 
 In the DLL version of Crypto++, only the following implementation class are available.
 <dl>
 <dt>Block Ciphers<dd>
-	AES, DES_EDE2, DES_EDE3, SKIPJACK
+	AES, \ref DES_EDE2 "2-key Triple-DES", \ref DES_EDE3 "3-key Triple-DES", SKIPJACK
 <dt>Cipher Modes (replace template parameter BC with one of the block ciphers above)<dd>
 	ECB_Mode\<BC\>, CTR_Mode\<BC\>, CBC_Mode\<BC\>, CFB_FIPS_Mode\<BC\>, OFB_Mode\<BC\>, GCM\<AES\>
 <dt>Hash Functions<dd>
@@ -226,15 +229,17 @@ struct CRYPTOPP_DLL DecodingResult
 
 	//! \brief Compare two DecodingResult
 	//! \param rhs the other DecodingResult
-	//! \returns  true if both isValidCoding and messageLength are equal,  false otherwise
+	//! \returns true if both isValidCoding and messageLength are equal, false otherwise
 	bool operator==(const DecodingResult &rhs) const {return isValidCoding == rhs.isValidCoding && messageLength == rhs.messageLength;}
 	//! \brief Compare two DecodingResult
 	//! \param rhs the other DecodingResult
-	//! \returns  true if both isValidCoding and messageLength are \a not equal,  false otherwise
+	//! \returns true if either isValidCoding or messageLength is \a not equal, false otherwise
 	//! \details Returns <tt>!operator==(rhs)</tt>.
 	bool operator!=(const DecodingResult &rhs) const {return !operator==(rhs);}
 
+	//! \brief Flag to indicate the decoding is valid
 	bool isValidCoding;
+	//! \brief Recovered message length if isValidCoding is true, undefined otherwise
 	size_t messageLength;
 
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY
@@ -590,7 +595,7 @@ public:
 	}
 
 	//! \brief Gets a secure IV for the next message
-	//! \param rng a  RandomNumberGenerator to produce keying material
+	//! \param rng a RandomNumberGenerator to produce keying material
 	//! \param iv a block of bytes to receive the IV
 	//! \details This method should be called after you finish encrypting one message and are ready
 	//!    to start the next one. After calling it, you must call  SetKey() or  Resynchronize()
@@ -1910,7 +1915,7 @@ public:
 	virtual void AssignFrom(const NameValuePairs &source) =0;
 
 	//! \brief Check this object for errors
-	//! \param rng a  RandomNumberGenerator for objects which use randominzed testing
+	//! \param rng a RandomNumberGenerator for objects which use randomized testing
 	//! \param level the level of thoroughness
 	//! \returns  true if the tests succeed,  false otherwise
 	//! \details There are four levels of thoroughness:
@@ -1920,13 +1925,13 @@ public:
 	//!   <li>2 - ensure this object will function correctly, and perform reasonable security checks
 	//!   <li>3 - perform reasonable security checks, and do checks that may take a long time
 	//!   </ul>
-	//! \details Level 0 does not require a  RandomNumberGenerator. A  NullRNG () can be used for level 0.
+	//! \details Level 0 does not require a  RandomNumberGenerator. A  NullRNG() can be used for level 0.
 	//! \details Level 1 may not check for weak keys and such.
 	//! \details Levels 2 and 3 are recommended.
 	virtual bool Validate(RandomNumberGenerator &rng, unsigned int level) const =0;
 
 	//! \brief Check this object for errors
-	//! \param rng a  RandomNumberGenerator for objects which use randominzed testing
+	//! \param rng a RandomNumberGenerator for objects which use randomized testing
 	//! \param level the level of thoroughness
 	//! \throws InvalidMaterial
 	//! \details Internally,  ThrowIfInvalid() calls  Validate() and throws  InvalidMaterial if validation fails.
@@ -2005,7 +2010,7 @@ class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE GeneratableCryptoMaterial : virtual public
 public:
 
 	//! \brief Generate a random key or crypto parameters
-	//! \param rng a  RandomNumberGenerator to produce keying material
+	//! \param rng a RandomNumberGenerator to produce keying material
 	//! \param params additional initialization parameters
 	//! \throws KeyingErr if a key can't be generated or algorithm parameters are invalid
 	//! \details If a derived class does not override  GenerateRandom, then the base class throws
@@ -2016,7 +2021,7 @@ public:
 	}
 
 	//! \brief Generate a random key or crypto parameters
-	//! \param rng a  RandomNumberGenerator to produce keying material
+	//! \param rng a RandomNumberGenerator to produce keying material
 	//! \param keySize the size of the key, in bits
 	//! \throws KeyingErr if a key can't be generated or algorithm parameters are invalid	
 	//! \details GenerateRandomWithKeySize calls  GenerateRandom with a  NameValuePairs
@@ -2153,42 +2158,58 @@ public:
 #endif
 };
 
+//! \class PK_Encryptor
 //! \brief Interface for public-key encryptors
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Encryptor : public PK_CryptoSystem, public PublicKeyAlgorithm
 {
 public:
-	//! exception thrown when trying to encrypt plaintext of invalid length
+	//! \brief Exception thrown when trying to encrypt plaintext of invalid length
 	class CRYPTOPP_DLL InvalidPlaintextLength : public Exception
 	{
 	public:
 		InvalidPlaintextLength() : Exception(OTHER_ERROR, "PK_Encryptor: invalid plaintext length") {}
 	};
 
-	//! encrypt a byte string
-	/*! re CiphertextLength(plaintextLength) != 0 (i.e., plaintext isn't too long)
-		re size of ciphertext == CiphertextLength(plaintextLength)
-	*/
+	//! \brief Encrypt a byte string
+	//! \param rng a RandomNumberGenerator derived class
+	//! \param plaintext the plaintext byte buffer
+	//! \param plaintextLength the size of the plaintext byte buffer
+	//! \param ciphertext a byte buffer to hold the encrypted string
+	//! \param parameters additional configuration options
+	//! \pre <tt>CiphertextLength(plaintextLength) != 0</tt> ensures the plaintext isn't too large
+	//! \pre <tt>COUNTOF(ciphertext) == CiphertextLength(plaintextLength)</tt> ensures the output
+	//!   byte buffer is large enough.
+	//! \sa PK_Decryptor
 	virtual void Encrypt(RandomNumberGenerator &rng, 
 		const byte *plaintext, size_t plaintextLength, 
 		byte *ciphertext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
 
-	//! create a new encryption filter
-	/*! \note The caller is responsible for deleting the returned pointer.
-		\note Encoding parameters should be passed in the "EP" channel.
-	*/
+	//! \brief Create a new encryption filter
+	//! \note The caller is responsible for deleting the returned pointer.
+	//! \note Encoding parameters should be passed in the "EP" channel.
 	virtual BufferedTransformation * CreateEncryptionFilter(RandomNumberGenerator &rng, 
 		BufferedTransformation *attachment=NULL, const NameValuePairs &parameters = g_nullNameValuePairs) const;
 };
 
+//! \class PK_Decryptor
 //! \brief Interface for public-key decryptors
-
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE PK_Decryptor : public PK_CryptoSystem, public PrivateKeyAlgorithm
 {
 public:
-	//! decrypt a byte string, and return the length of plaintext
-	/*! re size of plaintext == MaxPlaintextLength(ciphertextLength) bytes.
-		\returns the actual length of the plaintext, indication that decryption failed.
-	*/
+	//! \brief Decrypt a byte string
+	//! \param rng a RandomNumberGenerator derived class
+	//! \param ciphertext the encrypted byte buffer
+	//! \param ciphertextLength the size of the encrypted byte buffer
+	//! \param plaintext a byte buffer to hold the decrypted string
+	//! \param parameters additional configuration options
+	//! \returns the result of the decryption operation
+	//! \pre <tt>COUNTOF(plaintext) == MaxPlaintextLength(ciphertextLength)</tt> ensures the output
+	//!   byte buffer is large enough
+	//! \details If DecodingResult::isValidCoding is true, then DecodingResult::messageLength
+	//!   is valid and holds the the actual length of the plaintext recovered.
+	//!   on success. The result is undefined if decryption failed. If DecodingResult::isValidCoding
+	//!   is false, then DecodingResult::messageLength is undefined.
+	//! \sa PK_Encryptor
 	virtual DecodingResult Decrypt(RandomNumberGenerator &rng, 
 		const byte *ciphertext, size_t ciphertextLength, 
 		byte *plaintext, const NameValuePairs &parameters = g_nullNameValuePairs) const =0;
@@ -2295,25 +2316,25 @@ public:
 	virtual void InputRecoverableMessage(PK_MessageAccumulator &messageAccumulator, const byte *recoverableMessage, size_t recoverableMessageLength) const =0;
 
 	//! sign and delete messageAccumulator (even in case of exception thrown)
-	/*! re size of signature == MaxSignatureLength()
+	/*! \pre size of signature == MaxSignatureLength()
 		\returns actual signature length
 	*/
 	virtual size_t Sign(RandomNumberGenerator &rng, PK_MessageAccumulator *messageAccumulator, byte *signature) const;
 
 	//! sign and restart messageAccumulator
-	/*! re size of signature == MaxSignatureLength()
+	/*! \pre size of signature == MaxSignatureLength()
 		\returns actual signature length
 	*/
 	virtual size_t SignAndRestart(RandomNumberGenerator &rng, PK_MessageAccumulator &messageAccumulator, byte *signature, bool restart=true) const =0;
 
 	//! sign a message
-	/*! re size of signature == MaxSignatureLength()
+	/*! \pre size of signature == MaxSignatureLength()
 		\returns actual signature length
 	*/
 	virtual size_t SignMessage(RandomNumberGenerator &rng, const byte *message, size_t messageLen, byte *signature) const;
 
 	//! sign a recoverable message
-	/*! re size of signature == MaxSignatureLength(recoverableMessageLength)
+	/*! \pre size of signature == MaxSignatureLength(recoverableMessageLength)
 		\returns actual signature length
 	*/
 	virtual size_t SignMessageWithRecovery(RandomNumberGenerator &rng, const byte *recoverableMessage, size_t recoverableMessageLength, 
@@ -2351,17 +2372,17 @@ public:
 		const byte *signature, size_t signatureLength) const;
 
 	//! recover a message from its signature
-	/*! re size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
+	/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
 	*/
 	virtual DecodingResult Recover(byte *recoveredMessage, PK_MessageAccumulator *messageAccumulator) const;
 
 	//! recover a message from its signature
-	/*! re size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
+	/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
 	*/
 	virtual DecodingResult RecoverAndRestart(byte *recoveredMessage, PK_MessageAccumulator &messageAccumulator) const =0;
 
 	//! recover a message from its signature
-	/*! re size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
+	/*! \pre size of recoveredMessage == MaxRecoverableLengthFromSignatureLength(signatureLength)
 	*/
 	virtual DecodingResult RecoverMessage(byte *recoveredMessage, 
 		const byte *nonrecoverableMessage, size_t nonrecoverableMessageLength, 
@@ -2388,7 +2409,7 @@ public:
 	//! return length of public keys in this domain
 	virtual unsigned int PublicKeyLength() const =0;
 	//! generate private key
-	/*! re size of privateKey == PrivateKeyLength() */
+	/*! \pre size of privateKey == PrivateKeyLength() */
 	virtual void GeneratePrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
 	//! generate public key
 	/*!	re size of publicKey == PublicKeyLength() */
@@ -2431,7 +2452,7 @@ public:
 	//! return length of static public keys in this domain
 	virtual unsigned int StaticPublicKeyLength() const =0;
 	//! generate static private key
-	/*! re size of privateKey == PrivateStaticKeyLength() */
+	/*! \pre size of privateKey == PrivateStaticKeyLength() */
 	virtual void GenerateStaticPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
 	//! generate static public key
 	/*!	re size of publicKey == PublicStaticKeyLength() */
@@ -2445,7 +2466,7 @@ public:
 	//! return length of ephemeral public keys in this domain
 	virtual unsigned int EphemeralPublicKeyLength() const =0;
 	//! generate ephemeral private key
-	/*! re size of privateKey == PrivateEphemeralKeyLength() */
+	/*! \pre size of privateKey == PrivateEphemeralKeyLength() */
 	virtual void GenerateEphemeralPrivateKey(RandomNumberGenerator &rng, byte *privateKey) const =0;
 	//! generate ephemeral public key
 	/*!	re size of publicKey == PublicEphemeralKeyLength() */
diff --git a/datatest.cpp b/datatest.cpp
index b4656541..98b5b642 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -610,10 +610,10 @@ void TestKeyDerivationFunction(TestData &v)
 	std::string salt = GetDecodedDatum(v, "Salt");
 	std::string info = GetDecodedDatum(v, "Info");
 	std::string derived = GetDecodedDatum(v, "DerivedKey");
-	std::string t = GetDecodedDatum(v, "DerivedLength");
+	std::string t = GetDecodedDatum(v, "DerivedKeyLength");
 	
 	TestDataNameValuePairs pairs(v);
-	unsigned int length = pairs.GetIntValueWithDefault(Name::DerivedLength(), (int)derived.size());
+	unsigned int length = pairs.GetIntValueWithDefault(Name::DerivedKeyLength(), (int)derived.size());
 
 	member_ptr<KeyDerivationFunction> kdf;
 	kdf.reset(ObjectFactoryRegistry<KeyDerivationFunction>::Registry().CreateObject(name.c_str()));
diff --git a/default.cpp b/default.cpp
index de9fb0e8..e2ad6d65 100644
--- a/default.cpp
+++ b/default.cpp
@@ -20,8 +20,8 @@ NAMESPACE_BEGIN(CryptoPP)
 
 static const unsigned int MASH_ITERATIONS = 200;
 static const unsigned int SALTLENGTH = 8;
-static const unsigned int BLOCKSIZE = Default_BlockCipher::Encryption::BLOCKSIZE;
-static const unsigned int KEYLENGTH = Default_BlockCipher::Encryption::DEFAULT_KEYLENGTH;
+static const unsigned int BLOCKSIZE = DefaultBlockCipher::Encryption::BLOCKSIZE;
+static const unsigned int KEYLENGTH = DefaultBlockCipher::Encryption::DEFAULT_KEYLENGTH;
 
 // The purpose of this function Mash() is to take an arbitrary length input
 // string and *deterministicly* produce an arbitrary length output string such
@@ -270,3 +270,4 @@ void DefaultDecryptorWithMAC::LastPut(const byte *inString, size_t length)
 }
 
 NAMESPACE_END
+
diff --git a/default.h b/default.h
index b4897e72..3dfbe7d7 100644
--- a/default.h
+++ b/default.h
@@ -1,8 +1,7 @@
 // default.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile default.h
-//! \brief Classes for DefaultEncryptor, DefaultEncryptorWithMAC and decryptors
+//! \file default.h
+//! \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 
 #ifndef CRYPTOPP_DEFAULT_H
 #define CRYPTOPP_DEFAULT_H
@@ -16,15 +15,29 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-typedef DES_EDE2 Default_BlockCipher;
+//! \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
+typedef DES_EDE2 DefaultBlockCipher;
+//! \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 typedef SHA DefaultHashModule;
+//! \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 typedef HMAC<DefaultHashModule> DefaultMAC;
 
-//! Password-Based Encryptor using DES-EDE2
+//! \class DefaultEncryptor
+//! \brief Password-Based Encryptor using TripleDES
+//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
 class DefaultEncryptor : public ProxyFilter
 {
 public:
+	//! \brief Construct a DefaultEncryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);
+
+	//! \brief Construct a DefaultEncryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 
 protected:
@@ -33,14 +46,34 @@ protected:
 
 private:
 	SecByteBlock m_passphrase;
-	CBC_Mode<Default_BlockCipher>::Encryption m_cipher;
-};
+	CBC_Mode<DefaultBlockCipher>::Encryption m_cipher;
 
-//! Password-Based Decryptor using DES-EDE2
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultEncryptor will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
+};
+#endif
+
+//! \class DefaultDecryptor
+//! \brief Password-Based Decryptor using TripleDES
+//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
 class DefaultDecryptor : public ProxyFilter
 {
 public:
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
+	
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 
 	class Err : public Exception
@@ -64,16 +97,39 @@ private:
 	void CheckKey(const byte *salt, const byte *keyCheck);
 
 	SecByteBlock m_passphrase;
-	CBC_Mode<Default_BlockCipher>::Decryption m_cipher;
+	CBC_Mode<DefaultBlockCipher>::Decryption m_cipher;
 	member_ptr<FilterWithBufferedInput> m_decryptor;
 	bool m_throwException;
-};
 
-//! Password-Based Encryptor using DES-EDE2 and HMAC/SHA-1
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultDecryptor will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
+};
+#endif
+
+//! \class DefaultEncryptorWithMAC
+//! \brief Password-Based encryptor using TripleDES and HMAC/SHA-1
+//! \details DefaultEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key
+//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
+//! \details The purpose of the function Mash() is to take an arbitrary length input string and
+//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
+//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
+//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
 class DefaultEncryptorWithMAC : public ProxyFilter
 {
 public:
+	//! \brief Constructs a DefaultEncryptorWithMAC
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);
+
+	//! \brief Constructs a DefaultEncryptorWithMAC
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 
 protected:
@@ -82,15 +138,42 @@ protected:
 
 private:
 	member_ptr<DefaultMAC> m_mac;
-};
 
-//! Password-Based Decryptor using DES-EDE2 and HMAC/SHA-1
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultEncryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
+};
+#endif
+
+//! \class DefaultDecryptorWithMAC
+//! \brief Password-Based decryptor using TripleDES and HMAC/SHA-1
+//! \details DefaultDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key
+//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
+//! \details The purpose of the function Mash() is to take an arbitrary length input string and
+//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
+//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
+//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
 class DefaultDecryptorWithMAC : public ProxyFilter
 {
 public:
+	//! \class MACBadErr
+	//! \brief Excpetion thrown when an incorrect MAC is encountered
 	class MACBadErr : public DefaultDecryptor::Err {public: MACBadErr() : DefaultDecryptor::Err("DefaultDecryptorWithMAC: MAC check failed") {}};
 
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
+
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 
 	DefaultDecryptor::State CurrentState() const;
@@ -104,7 +187,14 @@ private:
 	member_ptr<DefaultMAC> m_mac;
 	HashVerifier *m_hashVerifier;
 	bool m_throwException;
+
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultDecryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
 };
+#endif
 
 NAMESPACE_END
 
diff --git a/des.h b/des.h
index 92f3da7c..827b5e08 100644
--- a/des.h
+++ b/des.h
@@ -1,8 +1,7 @@
 // des.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile des.h
-//! \brief Classes for DES, 2-key and 3-key Triple-DES
+//! \file des.h
+//! \brief Classes for DES, 2-key Triple-DES, 3-key Triple-DES and DESX
 
 #ifndef CRYPTOPP_DES_H
 #define CRYPTOPP_DES_H
diff --git a/eccrypto.h b/eccrypto.h
index 1d7eab65..bee5e0de 100644
--- a/eccrypto.h
+++ b/eccrypto.h
@@ -1,9 +1,11 @@
+// eccrypto.h - written and placed in the public domain by Wei Dai
+
+//! \file eccrypto.h
+//! \brief Classes and functions for Elliptic Curves over prime and binary fields
+
 #ifndef CRYPTOPP_ECCRYPTO_H
 #define CRYPTOPP_ECCRYPTO_H
 
-/*! \file
-*/
-
 #include "config.h"
 #include "cryptlib.h"
 #include "pubkey.h"
@@ -139,8 +141,8 @@ protected:
 
 	OID m_oid;			// set if parameters loaded from a recommended curve
 	Integer m_n;		// order of base point
-	bool m_compress, m_encodeAsOID;
 	mutable Integer m_k;		// cofactor
+	mutable bool m_compress, m_encodeAsOID;		// presentation details
 };
 
 //! EC public key
diff --git a/ecp.h b/ecp.h
index 92cb5a1a..e8a5dc96 100644
--- a/ecp.h
+++ b/ecp.h
@@ -1,7 +1,6 @@
 // ecp.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile ecp.h
+//! \file ecp.h
 //! \brief Classes for Elliptic Curves over prime fields
 
 #ifndef CRYPTOPP_ECP_H
@@ -144,3 +143,6 @@ private:
 NAMESPACE_END
 
 #endif
+E_END
+
+#endif
diff --git a/elgamal.h b/elgamal.h
index 5138a812..4e7ef7f0 100644
--- a/elgamal.h
+++ b/elgamal.h
@@ -1,3 +1,8 @@
+// elgamal.h - written and placed in the public domain by Wei Dai
+
+//! \file elgamal.h
+//! \brief Classes and functions for ElGamal key agreement and encryption schemes
+
 #ifndef CRYPTOPP_ELGAMAL_H
 #define CRYPTOPP_ELGAMAL_H
 
@@ -116,7 +121,8 @@ struct ElGamalKeys
 	typedef DL_PublicKey_GFP_OldFormat<DL_CryptoKeys_GFP::PublicKey> PublicKey;
 };
 
-//! ElGamal encryption scheme with non-standard padding
+//! \class ElGamal
+//! \brief ElGamal encryption scheme with non-standard padding
 struct ElGamal
 {
 	typedef DL_CryptoSchemeOptions<ElGamal, ElGamalKeys, int, int, int> SchemeOptions;
diff --git a/emsa2.h b/emsa2.h
index 7e86b227..09cfab47 100644
--- a/emsa2.h
+++ b/emsa2.h
@@ -1,10 +1,12 @@
+// emsa2.h - written and placed in the public domain by Wei Dai
+
+//! \file emsa2.h
+//! \brief Classes and functions for various padding schemes used in public key algorithms
+
+
 #ifndef CRYPTOPP_EMSA2_H
 #define CRYPTOPP_EMSA2_H
 
-/** \file
-	This file contains various padding schemes for public key algorithms.
-*/
-
 #include "cryptlib.h"
 #include "pubkey.h"
 #include "misc.h"
diff --git a/eprecomp.h b/eprecomp.h
index 5c12cf93..73faa531 100644
--- a/eprecomp.h
+++ b/eprecomp.h
@@ -1,10 +1,15 @@
+// eprecomp.h - written and placed in the public domain by Wei Dai
+
+//! \file eprecomp.h
+//! \brief Classes for precomputation in a group
+
 #ifndef CRYPTOPP_EPRECOMP_H
 #define CRYPTOPP_EPRECOMP_H
 
 #include "cryptlib.h"
 #include "integer.h"
 #include "algebra.h"
-#include <vector>
+#include "stdcpp.h"
 
 NAMESPACE_BEGIN(CryptoPP)
 
diff --git a/gost.h b/gost.h
index 3ef2b9c3..6ef844e4 100644
--- a/gost.h
+++ b/gost.h
@@ -1,9 +1,11 @@
+// gost.h - written and placed in the public domain by Wei Dai
+
+//! \file gost.h
+//! \brief Classes for the GIST block cipher
+
 #ifndef CRYPTOPP_GOST_H
 #define CRYPTOPP_GOST_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/idea.h b/idea.h
index 4136ced6..897de889 100644
--- a/idea.h
+++ b/idea.h
@@ -1,9 +1,11 @@
+// idea.h - written and placed in the public domain by Wei Dai
+
+//! \file idea.h
+//! \brief Classes for the IDEA block cipher
+
 #ifndef CRYPTOPP_IDEA_H
 #define CRYPTOPP_IDEA_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/lubyrack.h b/lubyrack.h
index e2b30eac..446210b5 100644
--- a/lubyrack.h
+++ b/lubyrack.h
@@ -1,5 +1,8 @@
 // lubyrack.h - written and placed in the public domain by Wei Dai
 
+//! \file lubyrack.h
+//! \brief Classes for the Luby-Rackoff block cipher
+
 #ifndef CRYPTOPP_LUBYRACK_H
 #define CRYPTOPP_LUBYRACK_H
 
diff --git a/mars.h b/mars.h
index 424554df..2708c783 100644
--- a/mars.h
+++ b/mars.h
@@ -1,7 +1,7 @@
 // mars.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \brief Implementation of the MARS cipher (IBM AES submission)
+//! \file mars.h
+//! \brief Classes for the MARS block cipher (IBM AES submission)
 
 
 #ifndef CRYPTOPP_MARS_H
diff --git a/mersenne.h b/mersenne.h
index 217014f0..76336f9f 100644
--- a/mersenne.h
+++ b/mersenne.h
@@ -1,7 +1,9 @@
-// mersenne.h - written and placed in public domain by Jeffrey Walton. Copyright assigned to Crypto++ project.
+// mersenne.h - written and placed in public domain by Jeffrey Walton.
+//              Copyright assigned to Crypto++ project.
 
 //! \file
-//! \brief Implementation of the Mersenne Twister
+//! \brief Class file for Mersenne Twister
+//! \note Suitable for Monte Carlo simulations, and not cryptographic use
 
 #ifndef CRYPTOPP_MERSENNE_TWISTER_H
 #define CRYPTOPP_MERSENNE_TWISTER_H
@@ -25,7 +27,7 @@ class MersenneTwister : public RandomNumberGenerator
 {
 public:
 	//! \brief Construct a Mersenne Twister
-	//! \param seed 32 bit seed
+	//! \param seed 32-bit seed
 	//! \details Defaults to template parameter \p S due to changing algorithm
 	//!   parameters over time
 	MersenneTwister(unsigned long seed = S) : m_seed(seed), m_idx(N)
@@ -84,8 +86,9 @@ public:
 		*((volatile word32*)&temp) = 0;
 	}
 	
-	//! \brief Generate a random 32 bit word in the range min to max, inclusive
-	//! \details If the 32 bit candidate is not within the range, then it is discarded
+	//! \brief Generate a random 32-bit word in the range min to max, inclusive
+	//! \returns random 32-bit word in the range min to max, inclusive
+	//! \details If the 32-bit candidate is not within the range, then it is discarded
 	//!   and a new candidate is used.
 	word32 GenerateWord32(word32 min=0, word32 max=0xffffffffL)
 	{
@@ -118,6 +121,7 @@ public:
 protected:
 
 	//! \brief Returns the next 32-bit word from the state array
+	//! \returns the next 32-bit word from the state array
 	//! \details fetches the next word frm the state array, performs bit operations on
 	//!   it, and then returns the value to the caller.
 	word32 NextMersenneWord()
diff --git a/misc.h b/misc.h
index 4132d806..dfa5122d 100644
--- a/misc.h
+++ b/misc.h
@@ -129,8 +129,8 @@ struct CompileAssert
 //! \brief Counts elements in an array
 //! \param arr an array of elements
 //! \details COUNTOF counts elements in an array. On Windows COUNTOF(x) is deinfed
-//!   to _countof(x) to ensure correct results for pointers. Since the library code is
-//!   cross-platform, Windows will ensure the safety on non-Windows platforms.
+//!   to <tt>_countof(x)</tt> to ensure correct results for pointers. Since the library code
+//!   is cross-platform, Windows will ensure the safety on non-Windows platforms.
 //! \note COUNTOF does not produce correct results with pointers, and an array must be used.
 //!   The library ensures correct application of COUNTOF by enlisting _countof on Windows
 //!   platforms. Microsoft's _countof fails to compile using pointers.
diff --git a/mqv.h b/mqv.h
index 2f06c518..5d30de24 100644
--- a/mqv.h
+++ b/mqv.h
@@ -1,9 +1,11 @@
+// mqv.h - written and placed in the public domain by Wei Dai
+
+//! \file mqv.h
+//! \brief Classes for Menezes–Qu–Vanstone (MQV) key agreement
+
 #ifndef CRYPTOPP_MQV_H
 #define CRYPTOPP_MQV_H
 
-/** \file
-*/
-
 #include "cryptlib.h"
 #include "gfpcrypt.h"
 #include "modarith.h"
@@ -12,7 +14,13 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-//! _
+//! \class MQV_Domain
+//! \brief MQV domain for performing authenticated key agreement
+//! \tparam GROUP_PARAMETERS doamin parameters
+//! \tparam COFACTOR_OPTION cofactor option
+//! \details GROUP_PARAMETERS paramters include the curve coefcients and the base point.
+//!   Binary curves use a polynomial to represent its characteristic, while prime curves
+//!   use a prime number.
 template <class GROUP_PARAMETERS, class COFACTOR_OPTION = CPP_TYPENAME GROUP_PARAMETERS::DefaultCofactorOption>
 class MQV_Domain : public AuthenticatedKeyAgreementDomain
 {
diff --git a/nbtheory.h b/nbtheory.h
index 779d6dea..3620d8e2 100644
--- a/nbtheory.h
+++ b/nbtheory.h
@@ -1,5 +1,8 @@
 // nbtheory.h - written and placed in the public domain by Wei Dai
 
+//! \file nbtheory.h
+//! \brief Classes and functions  for number theoretic operations
+
 #ifndef CRYPTOPP_NBTHEORY_H
 #define CRYPTOPP_NBTHEORY_H
 
@@ -14,14 +17,31 @@ CRYPTOPP_DLL const word16 * CRYPTOPP_API GetPrimeTable(unsigned int &size);
 
 // ************ primality testing ****************
 
-// generate a provable prime
+//! \brief Generates a provable prime
+//! \param rng a RandomNumberGenerator to produce keying material
+//! \param bits the number of bits in the prime number
+//! \returns Integer() meeting Maurer's tests for primality
 CRYPTOPP_DLL Integer CRYPTOPP_API MaurerProvablePrime(RandomNumberGenerator &rng, unsigned int bits);
+
+//! \brief Generates a provable prime
+//! \param rng a RandomNumberGenerator to produce keying material
+//! \param bits the number of bits in the prime number
+//! \returns Integer() meeting Mihailescu's tests for primality
+//! \details Mihailescu's methods performs a search using algorithmic progressions.
 CRYPTOPP_DLL Integer CRYPTOPP_API MihailescuProvablePrime(RandomNumberGenerator &rng, unsigned int bits);
 
+//! \brief Tests whether a number is a small prime
+//! \param p a candidate prime to test
+//! \returns true if p is a small prime, false otherwise
+//! \details Internally, the library maintains a table fo the first 32719 prime numbers
+//!   in sorted order. IsSmallPrime() searches the table and returns true if p is
+//!   in the table.
 CRYPTOPP_DLL bool CRYPTOPP_API IsSmallPrime(const Integer &p);
 
-// returns true if p is divisible by some prime less than bound
-// bound not be greater than the largest entry in the prime table
+//! 
+//! \returns true if p is divisible by some prime less than bound.
+//! \details TrialDivision() true if p is divisible by some prime less than bound. bound not be
+//!   greater than the largest entry in the prime table, which is 32719.
 CRYPTOPP_DLL bool CRYPTOPP_API TrialDivision(const Integer &p, unsigned bound);
 
 // returns true if p is NOT divisible by small primes
@@ -38,12 +58,25 @@ CRYPTOPP_DLL bool CRYPTOPP_API IsStrongLucasProbablePrime(const Integer &n);
 // for several rounds with random bases
 CRYPTOPP_DLL bool CRYPTOPP_API RabinMillerTest(RandomNumberGenerator &rng, const Integer &w, unsigned int rounds);
 
-// primality test, used to generate primes
+//! \brief Verifies a prime number
+//! \param p a candidate prime to test
+//! \returns true if p is a probable prime, false otherwise
+//! \details IsPrime() is suitable for testing candidate primes when creating them. Internally,
+//!   IsPrime() utilizes SmallDivisorsTest(), IsStrongProbablePrime() and IsStrongLucasProbablePrime().
 CRYPTOPP_DLL bool CRYPTOPP_API IsPrime(const Integer &p);
 
-// more reliable than IsPrime(), used to verify primes generated by others
+//! \brief Verifies a prime number
+//! \param rng a RandomNumberGenerator for randomized testing
+//! \param p a candidate prime to test
+//! \param level the level of thoroughness of testing
+//! \returns true if p is a strong probable prime, false otherwise
+//! \details VerifyPrime() is suitable for testing candidate primes created by others. Internally,
+//!   VerifyPrime() utilizes IsPrime() and one-round RabinMillerTest(). If the candiate passes and
+//!   level is greater than 1, then 10 round RabinMillerTest() primality testing is performed.
 CRYPTOPP_DLL bool CRYPTOPP_API VerifyPrime(RandomNumberGenerator &rng, const Integer &p, unsigned int level = 1);
 
+//! \class PrimeSelector
+//! \brief Application callback to signal suitability of a cabdidate prime
 class CRYPTOPP_DLL PrimeSelector
 {
 public:
@@ -51,8 +84,16 @@ public:
 	virtual bool IsAcceptable(const Integer &candidate) const =0;
 };
 
-// use a fast sieve to find the first probable prime in {x | p<=x<=max and x%mod==equiv}
-// returns true iff successful, value of p is undefined if no such prime exists
+//! \brief Finds a random prime of special form
+//! \param p an Integer reference to receive the prime
+//! \param max the maximum value
+//! \param equiv the equivalence class based on the parameter mod
+//! \param mod the modulus used to reduce the equivalence class
+//! \param pSelector pointer to a PrimeSelector function for the application to signal suitability
+//! \returns true if and only if FirstPrime() finds a prime and returns the prime through p. If FirstPrime()
+//!   returns false, then no such prime exists and the value of p is undefined
+//! \details FirstPrime() uses a fast sieve to find the first probable prime
+//!   in <tt>{x | p<=x<=max and x%mod==equiv}</tt>
 CRYPTOPP_DLL bool CRYPTOPP_API FirstPrime(Integer &p, const Integer &max, const Integer &equiv, const Integer &mod, const PrimeSelector *pSelector);
 
 CRYPTOPP_DLL unsigned int CRYPTOPP_API PrimeSearchInterval(const Integer &max);
diff --git a/osrng.h b/osrng.h
index cb77de14..dd53112e 100644
--- a/osrng.h
+++ b/osrng.h
@@ -123,6 +123,7 @@ protected:
 
 //! OS_GenerateRandomBlock
 //! \brief Generate random array of bytes
+//! \param blocking specifies whther a bobcking or non-blocking generator should be used
 //! \param output the byte buffer
 //! \param size the length of the buffer, in bytes
 //! \details OS_GenerateRandomBlock() uses the underlying operating system's
diff --git a/panama.h b/panama.h
index 2a7ed725..97531928 100644
--- a/panama.h
+++ b/panama.h
@@ -1,3 +1,8 @@
+// panama.h - written and placed in the public domain by Wei Dai
+
+//! \file panama.h
+//! \brief Classes for Panama stream cipher
+
 #ifndef CRYPTOPP_PANAMA_H
 #define CRYPTOPP_PANAMA_H
 
diff --git a/pubkey.h b/pubkey.h
index 47547e47..98769f61 100644
--- a/pubkey.h
+++ b/pubkey.h
@@ -109,7 +109,7 @@ public:
 	virtual Integer ApplyRandomizedFunction(RandomNumberGenerator &rng, const Integer &x) const =0;
 	
 	//! \brief Determines if the encryption algorithm is randomized
-	//! \returns \p true if the encryption algorithm is randominzed, \p false otherwise
+	//! \returns \p true if the encryption algorithm is randomized, \p false otherwise
 	//! \details If \p IsRandomized() returns \p false, then \p NullRNG() can be used.
 	virtual bool IsRandomized() const {return true;}
 	
@@ -170,7 +170,7 @@ public:
 	virtual Integer CalculateRandomizedInverse(RandomNumberGenerator &rng, const Integer &x) const =0;
 	
 	//! \brief Determines if the decryption algorithm is randomized
-	//! \returns \p true if the decryption algorithm is randominzed, \p false otherwise
+	//! \returns \p true if the decryption algorithm is randomized, \p false otherwise
 	//! \details If \p IsRandomized() returns \p false, then \p NullRNG() can be used.
 	virtual bool IsRandomized() const {return true;}
 };
@@ -197,7 +197,7 @@ public:
 		{return CalculateInverse(rng, x);}
 	
 	//! \brief Determines if the decryption algorithm is randomized
-	//! \returns \p true if the decryption algorithm is randominzed, \p false otherwise
+	//! \returns \p true if the decryption algorithm is randomized, \p false otherwise
 	//! \details If \p IsRandomized() returns \p false, then \p NullRNG() can be used.
 	bool IsRandomized() const {return false;}
 
@@ -1966,3 +1966,4 @@ NAMESPACE_END
 #endif
 
 #endif
+f
diff --git a/rc2.h b/rc2.h
index fa2f3253..96ed6d4d 100644
--- a/rc2.h
+++ b/rc2.h
@@ -1,6 +1,7 @@
 // rc2.h - written and placed in the public domain by Wei Dai
+
 //! \file rc2.h
-//! \brief Class file for the RC2 stream cipher
+//! \brief Classes for the RC2 block cipher
 
 #ifndef CRYPTOPP_RC2_H
 #define CRYPTOPP_RC2_H
@@ -91,3 +92,4 @@ typedef RC2::Decryption RC2Decryption;
 NAMESPACE_END
 
 #endif
+
diff --git a/rc5.h b/rc5.h
index 36be4b71..9f125dd0 100644
--- a/rc5.h
+++ b/rc5.h
@@ -1,9 +1,11 @@
+// rc5.h - written and placed in the public domain by Wei Dai
+
+//! \file rc5.h
+//! \brief Classes for the RC5 block cipher
+
 #ifndef CRYPTOPP_RC5_H
 #define CRYPTOPP_RC5_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/rc6.h b/rc6.h
index 0499d333..37eba319 100644
--- a/rc6.h
+++ b/rc6.h
@@ -1,9 +1,11 @@
+// rc6.h - written and placed in the public domain by Wei Dai
+
+//! \file rc6.h
+//! \brief Classes for the RC6 block cipher
+
 #ifndef CRYPTOPP_RC6_H
 #define CRYPTOPP_RC6_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/rdrand.S b/rdrand.S
index e78b4f1a..91587598 100644
--- a/rdrand.S
+++ b/rdrand.S
@@ -21,9 +21,6 @@
 ;;   RRI = RDRAND, Intrinsic
 ;;   RSA = RDSEED, Intrinsic
 
-;;  Caller/Callee Saved Registers
-;;    https://msdn.microsoft.com/en-us/library/6t169e9c.aspx
-
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
@@ -100,7 +97,7 @@ NASM_RRA_GenerateBlock:
 .Call_RDRAND_EAX:
 %else
 .Call_RDRAND_RAX:
-	DB 		48h	;; X32 can use the full register, issue the REX.w prefix
+	DB		48h	;; X32 can use the full register, issue the REX.w prefix
 %endif
 			;; RDRAND is not available prior to VS2012. Just emit
 			;;   the byte codes using DB. This is `rdrand eax`.
@@ -237,7 +234,7 @@ NASM_RRA_GenerateBlock:
 .Call_RDRAND_RAX:
 			;; RDRAND is not available prior to VS2012. Just emit
 			;;   the byte codes using DB. This is `rdrand rax`.
-	DB 048h, 0Fh, 0C7h, 0F0h
+	DB		048h, 0Fh, 0C7h, 0F0h
 
 			;; If CF=1, the number returned by RDRAND is valid.
 			;; If CF=0, a random number was not available.
@@ -597,3 +594,6 @@ NASM_RSA_GenerateBlock:
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
+;;;;;;;;;;;;;;;;;;;;;;;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
diff --git a/rdrand.h b/rdrand.h
index 05b177f7..fc2b77b7 100644
--- a/rdrand.h
+++ b/rdrand.h
@@ -16,7 +16,7 @@
 //   to select an implementation or "throw NotImplemented". At runtime, the
 //   class uses the result of CPUID to determine if RDRAND or RDSEED are
 //   available. A lazy throw strategy is used in case the CPU does not support
-//   the instruction. I.e., the throw is deferred until GenerateBlock is called.
+//   the instruction. I.e., the throw is deferred until GenerateBlock() is called.
 
 // Microsoft added RDRAND in August 2012, VS2012. GCC added RDRAND in December 2010, GCC 4.6.
 // Clang added RDRAND in July 2012, Clang 3.2. Intel added RDRAND in September 2011, ICC 12.1.
@@ -48,7 +48,7 @@ public:
 	virtual ~RDRAND() {}
 	
 	//! \brief Retrieve the number of retries used by the generator
-	//! returns the number of times GenerateBlock will attempt to recover from a failed generation
+	//! \returns the number of times GenerateBlock() will attempt to recover from a failed generation
 	unsigned int GetRetries() const
 	{
 		return m_retries;
@@ -127,7 +127,7 @@ public:
 	virtual ~RDSEED() {}
 	
 	//! \brief Retrieve the number of retries used by the generator
-	//! returns the number of times GenerateBlock will attempt to recover from a failed generation
+	//! \returns the number of times GenerateBlock() will attempt to recover from a failed generation
 	unsigned int GetRetries() const
 	{
 		return m_retries;
diff --git a/safer.h b/safer.h
index beba9d10..a828c629 100644
--- a/safer.h
+++ b/safer.h
@@ -1,9 +1,11 @@
+// safer.h - written and placed in the public domain by Wei Dai
+
+//! \file safer.h
+//! \brief Classes for the SAFER block cipher
+
 #ifndef CRYPTOPP_SAFER_H
 #define CRYPTOPP_SAFER_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/salsa.h b/salsa.h
index df3ab32b..a2f9156e 100644
--- a/salsa.h
+++ b/salsa.h
@@ -1,8 +1,7 @@
 // salsa.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile salsa.h
-//! \brief Classes for Salsa encryption scheme
+//! \file salsa.h
+//! \brief Classes for Salsa and Salsa20 stream ciphers
 
 #ifndef CRYPTOPP_SALSA_H
 #define CRYPTOPP_SALSA_H
@@ -83,3 +82,4 @@ struct XSalsa20 : public XSalsa20_Info, public SymmetricCipherDocumentation
 NAMESPACE_END
 
 #endif
+#endif
diff --git a/seal.h b/seal.h
index 805d40fc..f091b7e0 100644
--- a/seal.h
+++ b/seal.h
@@ -1,8 +1,7 @@
 // seal.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile seal.h
-//! \brief Classes for SEAL encryption scheme
+//! \file seal.h
+//! \brief Classes for SEAL stream cipher
 
 #ifndef CRYPTOPP_SEAL_H
 #define CRYPTOPP_SEAL_H
@@ -49,3 +48,6 @@ struct SEAL : public SEAL_Info<B>, public SymmetricCipherDocumentation
 NAMESPACE_END
 
 #endif
+SPACE_END
+
+#endif
diff --git a/seed.h b/seed.h
index eb658f9e..2c90c073 100644
--- a/seed.h
+++ b/seed.h
@@ -1,8 +1,7 @@
 // seed.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile seed.h
-//! \brief Classes for SEED encryption scheme
+//! \file seed.h
+//! \brief Classes for the SEED block cipher
 
 #ifndef CRYPTOPP_SEED_H
 #define CRYPTOPP_SEED_H
@@ -39,3 +38,6 @@ public:
 NAMESPACE_END
 
 #endif
+CE_END
+
+#endif
diff --git a/serpent.h b/serpent.h
index 13a0bd0e..7c48cf76 100644
--- a/serpent.h
+++ b/serpent.h
@@ -1,9 +1,11 @@
+// serpent.h - written and placed in the public domain by Wei Dai
+
+//! \file serpent.h
+//! \brief Classes for the Serpent block cipher
+
 #ifndef CRYPTOPP_SERPENT_H
 #define CRYPTOPP_SERPENT_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/shacal2.h b/shacal2.h
index 5a95f8be..70532102 100644
--- a/shacal2.h
+++ b/shacal2.h
@@ -1,9 +1,11 @@
+// shacal.h - written and placed in the public domain by Wei Dai
+
+//! \file shacal.h
+//! \brief Classes for the SHACAL-2 block cipher
+
 #ifndef CRYPTOPP_SHACAL2_H
 #define CRYPTOPP_SHACAL2_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/shark.h b/shark.h
index 33f3c4ad..b2ff3af9 100644
--- a/shark.h
+++ b/shark.h
@@ -1,8 +1,7 @@
 // shark.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile shark.h
-//! \brief Classes for SHARK encryption scheme
+//! \file shark.h
+//! \brief Classes for the SHARK block cipher
 
 #ifndef CRYPTOPP_SHARK_H
 #define CRYPTOPP_SHARK_H
@@ -66,3 +65,6 @@ typedef SHARK::Decryption SHARKDecryption;
 NAMESPACE_END
 
 #endif
+CE_END
+
+#endif
diff --git a/skipjack.h b/skipjack.h
index f22390f8..f512e1bf 100644
--- a/skipjack.h
+++ b/skipjack.h
@@ -1,7 +1,7 @@
 // skipjack.h - written and placed in the public domain by Wei Dai
 
 //! \file skipjack.h
-//! \brief Classes for Skipjack encryption algorithm
+//! \brief Classes for the SKIPJACK block cipher
 
 #ifndef CRYPTOPP_SKIPJACK_H
 #define CRYPTOPP_SKIPJACK_H
@@ -61,3 +61,4 @@ typedef SKIPJACK::Decryption SKIPJACKDecryption;
 NAMESPACE_END
 
 #endif
+if
diff --git a/sosemanuk.h b/sosemanuk.h
index d1025c20..5b32ee85 100644
--- a/sosemanuk.h
+++ b/sosemanuk.h
@@ -1,3 +1,8 @@
+// sosemanuk.h - written and placed in the public domain by Wei Dai
+
+//! \file sosemanuk.h
+//! \brief Classes for Sosemanuk stream cipher
+
 #ifndef CRYPTOPP_SOSEMANUK_H
 #define CRYPTOPP_SOSEMANUK_H
 
diff --git a/square.h b/square.h
index 7ad8352e..d8131070 100644
--- a/square.h
+++ b/square.h
@@ -1,7 +1,7 @@
 // square.h - written and placed in the public domain by Wei Dai
 
 //! \file square.h
-//! \brief Classes for SQUARE encryption algorithm
+//! \brief Classes for the Square block cipher
 
 #ifndef CRYPTOPP_SQUARE_H
 #define CRYPTOPP_SQUARE_H
@@ -58,3 +58,4 @@ typedef Square::Decryption SquareDecryption;
 NAMESPACE_END
 
 #endif
+if
diff --git a/tea.h b/tea.h
index de511458..39923924 100644
--- a/tea.h
+++ b/tea.h
@@ -1,9 +1,11 @@
+// tea.h - written and placed in the public domain by Wei Dai
+
+//! \file tea.h
+//! \brief Classes for the TEA, BTEA and XTEA block ciphers
+
 #ifndef CRYPTOPP_TEA_H
 #define CRYPTOPP_TEA_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 #include "misc.h"
diff --git a/twofish.h b/twofish.h
index bc35fba5..f93395d7 100644
--- a/twofish.h
+++ b/twofish.h
@@ -1,9 +1,11 @@
+// twofish.h - written and placed in the public domain by Wei Dai
+
+//! \file twofish.h
+//! \brief Classes for the Twofish block cipher
+
 #ifndef CRYPTOPP_TWOFISH_H
 #define CRYPTOPP_TWOFISH_H
 
-/** \file
-*/
-
 #include "seckey.h"
 #include "secblock.h"
 
diff --git a/validat1.cpp b/validat1.cpp
index 38fe72c4..c58975a7 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -42,8 +42,8 @@
 #include "rdrand.h"
 #include "zdeflate.h"
 #include "smartptr.h"
-#include "rng.h"
 #include "cpu.h"
+#include "rng.h"
 
 #include <time.h>
 #include <memory>
diff --git a/wake.h b/wake.h
index b7e101b3..28c00e02 100644
--- a/wake.h
+++ b/wake.h
@@ -1,3 +1,8 @@
+// wake.h - written and placed in the public domain by Wei Dai
+
+//! \file wake.h
+//! \brief Classes for WAKE stream cipher
+
 #ifndef CRYPTOPP_WAKE_H
 #define CRYPTOPP_WAKE_H