New macros related to ccm nonce size.

ChangeLog

+2014-04-30  Niels Möller  <nisse@lysator.liu.se>
+
+	* ccm.c (CCM_IV_MAX_SIZE, CCM_IV_MIN_SIZE): Deleted, replaced by
+	public constants CCM_MIN_NONCE_SIZE and CCM_MAX_NONCE_SIZE.
+	(ccm_build_iv): Updated for above rename.
+	(CCM_L_MAX_SIZE): Deleted, no longer used.
+
+	* ccm.h (CCM_MIN_NONCE_SIZE, CCM_MAX_NONCE_SIZE): New constants.
+	(CCM_MAX_MSG_SIZE): New macro.
+
 2014-04-27  Niels Möller  <nisse@lysator.liu.se>
 
 	* nettle.texinfo (Cipher modes): Subsection on AEAD constructions.

ccm.c

@@ -68,9 +68,6 @@
 #define CCM_OFFSET_FLAGS    0
 #define CCM_OFFSET_NONCE    1
 #define CCM_L_SIZE(_nlen_)  (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - (_nlen_))
-#define CCM_L_MAX_SIZE      (CCM_FLAG_L+1)
-#define CCM_IV_MAX_SIZE     (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - 1)
-#define CCM_IV_MIN_SIZE     (CCM_BLOCK_SIZE - CCM_OFFSET_NONCE - CCM_L_MAX_SIZE)
 
 /*
  * The data input to the CBC-MAC: L(a) | adata | padding | plaintext | padding
@@ -104,8 +101,8 @@ ccm_build_iv(uint8_t *iv, size_t noncelen, const uint8_t *nonce,
   unsigned int i;
 
   /* Sanity check the nonce length. */
-  assert(noncelen >= CCM_IV_MIN_SIZE);
-  assert(noncelen <= CCM_IV_MAX_SIZE);
+  assert(noncelen >= CCM_MIN_NONCE_SIZE);
+  assert(noncelen <= CCM_MAX_NONCE_SIZE);
 
   /* Generate the IV */
   iv[CCM_OFFSET_FLAGS] = flags | CCM_FLAG_SET_L(CCM_L_SIZE(noncelen));

ccm.h

@@ -89,6 +89,16 @@ extern "C" {
 
 /* For CCM, the block size of the block cipher shall be 128 bits. */
 #define CCM_BLOCK_SIZE  16
+#define CCM_MIN_NONCE_SIZE 7
+#define CCM_MAX_NONCE_SIZE 14
+
+/* Maximum cleartext message size, as a function of the nonce size N.
+   The length field is L octets, with L = 15 - N, and then the maximum
+   size M = 2^{8L} - 1. */
+#define CCM_MAX_MSG_SIZE(N)			\
+  ((sizeof(size_t) + (N) <= 15)			\
+   ? ~(size_t) 0				\
+   : ((size_t) 1 << (8*(15 - N))) - 1)
 
 /* Per-message state */
 struct ccm_ctx {