BLE: Add ah in Nordic CryptoToolbox.

2018-04-16 16:53:31 +01:00 · 2018-04-16 16:53:31 +01:00 · 365f3d2527
parent a7f2384e10
commit 365f3d2527
2 changed files with 66 additions and 0 deletions
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5XCrypto.cpp
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5XCrypto.cpp
@ -37,6 +37,8 @@
 #include "cmsis.h"
 #include "nRF5xCrypto.h"
 #include "platform/mbed_assert.h"
+#include "nrf_soc.h"
+

 namespace ble {
 namespace pal {
@ -128,6 +130,36 @@ bool CryptoToolbox::generate_shared_secret(
    return err ? false : true;
 }

+bool CryptoToolbox::ah(
+    const ArrayView<const uint8_t, irk_size_>& irk,
+    const ArrayView<const uint8_t, prand_size_>& prand,
+    ArrayView<uint8_t, hash_size_> hash
+) {
+    // Note copy then swap operation can be optimized.
+
+    // Note: the encryption block works in big endian; go figure.
+    nrf_ecb_hal_data_t ecb_hal_data;
+
+    memcpy(ecb_hal_data.key, irk.data(), irk.size());
+    swap_endian(ecb_hal_data.key, sizeof(ecb_hal_data.key));
+
+    memcpy(ecb_hal_data.cleartext, prand.data(), prand.size());
+    memset(ecb_hal_data.cleartext + prand.size(), 0, sizeof(ecb_hal_data.cleartext) - prand.size());
+    swap_endian(ecb_hal_data.cleartext, sizeof(ecb_hal_data.cleartext));
+
+    uint32_t err = sd_ecb_block_encrypt(&ecb_hal_data);
+
+    if (err) {
+        return false;
+    }
+
+    swap_endian(ecb_hal_data.ciphertext, sizeof(ecb_hal_data.ciphertext));
+
+    memcpy(hash.data(), ecb_hal_data.ciphertext, hash.size());
+
+    return true;
+}
+

 void CryptoToolbox::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src) {
    ble::public_key_coord_t src_be = src.data();
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xCrypto.h
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xCrypto.h
@ -48,6 +48,21 @@ public:
     */
    static const ptrdiff_t lesc_key_size_ = public_key_coord_t::size_;

+    /**
+     * Size of an IRK.
+     */
+    static const ptrdiff_t irk_size_ = irk_t::size_;
+
+    /**
+     * Size of the hash generated by ah.
+     */
+    static const ptrdiff_t hash_size_ = 3;
+
+    /**
+     * Size of prand.
+     */
+    static const ptrdiff_t prand_size_ = 3;
+
    /**
     * Create a new CryptoToolbox.
     */
@ -88,6 +103,25 @@ public:
        ArrayView<uint8_t, lesc_key_size_> shared_secret
    );

+    /**
+     * Execute the function ah. This function can be used to generate private
+     * resolvable addresses and resolve them.
+     *
+     * @note all parameters passed and return by this fucntion are in little
+     * endian.
+     *
+     * @param[in] irk The key used to create hash.
+     * @param[in] prand The random part from which the hash will be generated.
+     * @param[out] hash The hash generated.
+     *
+     * @return true in case of success and false otherwise.
+     */
+    bool ah(
+        const ArrayView<const uint8_t, irk_size_>& irk,
+        const ArrayView<const uint8_t, prand_size_>& prand,
+        ArrayView<uint8_t, hash_size_> hash
+    );
+
 private:
    void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src);