Coding guide
Coding style is ensured by clang-format. Formatting of our code should meet this (set it in your IDE), yet incorporated code (cryptoprimitives) should stay untouched. Therefore, do not enable clang-format on file save, you would accidentally reformat the cryptoprimitive's code and mess up diff and history.
Clang code model is an extension of compiler warnings. It can be configured for live inspections (may slow down the IDE significantly). The analysis is very strict and finds a way too much warnings (do not run it on the incorporated code of cryptoprimitives, everything is wrong there). Try to fix as many mistakes, as is possible without significant overhead. For example, signed/unsigned variables should be inspected concerning possible impact (maximum possible values...).
We are analyzing the project with clang static analyzer. It detects several false positives (statistics functions in core library), and many issues in the incorporated code of cryptoprimitives. The issues are of none severity; usually, there are unused variables, or variable is initialized, but then overwritten, so the initial value is not used.
There should be no issues in our code (neither our modifications of cryptoprimitives or our main code).
We can also run cpp-check on the project. Cpp check fits better C and old C++ (pre C++11) code. Therefore it usually does not find any issues in the main crypto-streams code, but it can find mistakes in API wrappers of cryptoprimitives.
Tests should not only pass, but their execution should also be memory safe. Run the tests with valgrid.
Getting started
Building notes
Running notes
Recommended scenarios
Configuration file structure
Developer notes
Framework components
Submodules
Third party libraries
Coding guide
Testing
Known bugs
User notes
List of streams
Block ciphers
Stream ciphers
Hash functions
PRNGs
WIP CAESAR
Useful links