Input buffers are not modified, so can be declared const arguments.
This will allow using `const` inputs for `modes/ccm`.
Also say `iv` const even if not required for the api update, just because it is
the case.
RFC3610 states that len_encoding is only valid for "0x0001 ... 0xFEFF"
If 0 < l(a) < (2^16 - 2^8), then the length field is encoded as two
octets which contain the value l(a) in most-significant-byte first
order.
Adds a cryptographically secure wipe function to wipe structs with
sensitive data. Works by first casting the pointer to a `volatile`
pointer to ensure that the compiler doesn't optimize the "memset" away.
Function is broken with num_bytes >= 4.
Could happen when storing input_len with len_encoding >= 4.
It can take values from 2 to 8, so make it work for cases it would overflow.
Maximum input_len depends only on length_encoding and not auth_data_len.
The current length_max value was also wrong.
RFC3610 page 2
3. The message m, consisting of a string of l(m) octets where 0 <=
l(m) < 2^(8L). The length restriction ensures that l(m) can be
encoded in a field of L octets.
`memcpy()` must not be used if the input and output ranges overlap,
because it is undefined if the data if copied from front to the end or
vice versa.
Found via valgrind.
This implementation is optimized for a little code and data size, not
for speed. IMO the code is more readable than in the reference
implementation.
The biggest advantage of ChaCha over other stream ciphers is the very
little data usage with only 64 bytes of context, and its good encryption
speed.
Also part of this PR is pseudo-random number generator, that just
returns the keystream of a randomly initialized ChaCha context.
For many modules the `Makefile` contains a line like
```
MODULE:=$(shell basename $(CURDIR))
```
This conclusively shows that we do not have to set the module name
manually.
This PR removes the need to set the module name manually, if it is the
same as the basename. E.g. for `…/sys/vtimer/Makefile` the variable
make `MODULE` will still be `vtimer`, because it is the basename of the
Makefile.
In #1119 old-style function declarations are exterminated and forbidden.
I missed the functions in `sys/crypto` because they weren't used
throughout the tests/examples before #1124.
Application developers use `$(USEMODULES)` in their Makefiles to have
the relevant functionally automagically added to their apps. This even
does basic dependency tracking by means of `Makefile.dep`.
But an important thing is missing: the automatic adding of include
paths. This is inconvenient, error prone, and will hinder the RIOT core
developers in future to change folder structures.