Every 4294967295 milliseconds (2 ^ 32 - 1), system_millis will overflow.
This means that every 49.71 days, system_millis will reset to zero.
Comparisons like `system_millis < (system_millis + 1)` would fail if the
latter had overflown and the former had not.
This is non-critical because the worst case is that one second could be
skipped or the screen could lock early.
This poses no threat to the exponential backoff used for protection
against brute force.
Removed `usbDelay(uint32_t cycles)`, added `usbSleep(uint32_t millis)`
The same method signature could cause silent code breakage at runtime,
as opposed to noisy code breakage at compile time which is the better
kind.
This patch adds calls to usbPoll in the progress callback. This
should address #98.
We call usbDelay instead of Poll, to call usbd_poll several times.
Otherwise it would only handle one event instead of handling all
events that were pending so far. The ugly magic number 5 is a guess.
Note that we also need to set usbTiny, so that we don't recursively
process messages. Since we don't know whether usbTiny is set, we
need to store the old value (especially true for u2f).
This fix also relies on another fix in libopencm3.
Added usbDelay that polls usb port (for system requests) while delaying.
This is called instead of delay in the button and pin delay functions.
Experimental evaluation gave that the cycle count should be roughly divided
by 28.5.