ccm panics on 32 bit architectures

[rkreis]

In some places liks this, to_be_bytes is called on usize values, which makes the code machine dependent:
https://github.com/RustCrypto/AEADs/blob/master/ccm/src/lib.rs#L119
If l_arr is only 4 bytes long, the index q a few lines below may overflow depending on the nonce length, for example with N=7 (l=8).

[newpavlov]

Note that if CCM max length exceeds usize range we use usize::MAX as a maximum length. If i am not missing something, it should prevent overflow issues (of course, the current code is unable to decode ciphertext larger than 4 GiB on 32 bit targets).

[rkreis]

That's not the problem - the code converts usize values to arrays and expects them to be 8 bytes long. It also panics for reasonably sized packets.

[tarcieri]

I can set up some tests on 32-bit Linux and cross-based tests for this like I have one many of the other crates in this project

[tarcieri]

Note: opened a PR to add 32-bit CI, which successfully reproduced the issue: #263

Failure here: https://github.com/RustCrypto/AEADs/pull/263/checks?check_run_id=1682295631

[newpavlov]

@rkreis
Ah, yes. You are indeed correct (as the CI rightfully shows :) ). I will try to push a fix today.