BLE: CryptoToolbox enhancement

- Rename LescCrypto into CryptoToolbox
- Use ArrayView of fixed size as parameters
- Add licence

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5XCrypto.cpp

@@ -1,3 +1,19 @@
+/* mbed Microcontroller Library
+ * Copyright (c) 2018-2018 ARM Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 #include <algorithm>
 
 #if !defined(MBEDTLS_CONFIG_FILE)
@@ -27,7 +43,7 @@ namespace pal {
 namespace vendor {
 namespace nordic {
 
-LescCrypto::LescCrypto() : _initialized(false) {
+CryptoToolbox::CryptoToolbox() : _initialized(false) {
     mbedtls_entropy_init(&_entropy_context);
     mbedtls_ecp_group_init(&_group);
     int err = mbedtls_ecp_group_load(
@@ -37,20 +53,16 @@ LescCrypto::LescCrypto() : _initialized(false) {
     _initialized = err ? false : true;
 }
 
-LescCrypto::~LescCrypto() {
+CryptoToolbox::~CryptoToolbox() {
     mbedtls_ecp_group_free(&_group);
     mbedtls_entropy_free(&_entropy_context);
 }
 
-bool LescCrypto::generate_keys(
+bool CryptoToolbox::generate_keys(
-    ArrayView<uint8_t> X,
+    ArrayView<uint8_t, lesc_key_size_> X,
-    ArrayView<uint8_t> Y,
+    ArrayView<uint8_t, lesc_key_size_> Y,
-    ArrayView<uint8_t> secret
+    ArrayView<uint8_t, lesc_key_size_> secret
 ) {
-    MBED_ASSERT(X.size() == public_key_coord_t::size());
-    MBED_ASSERT(Y.size() == public_key_coord_t::size());
-    MBED_ASSERT(secret.size() == public_key_coord_t::size());
-
     mbedtls_mpi secret_key;
     mbedtls_ecp_point public_keys;
 
@@ -77,17 +89,12 @@ bool LescCrypto::generate_keys(
     return err ? false : true;
 }
 
-bool LescCrypto::generate_shared_secret(
+bool CryptoToolbox::generate_shared_secret(
-    const ArrayView<const uint8_t>& peer_X,
+    const ArrayView<const uint8_t, lesc_key_size_>& peer_X,
-    const ArrayView<const uint8_t>& peer_Y,
+    const ArrayView<const uint8_t, lesc_key_size_>& peer_Y,
-    const ArrayView<const uint8_t>& own_secret,
+    const ArrayView<const uint8_t, lesc_key_size_>& own_secret,
-    ArrayView<uint8_t> shared_secret
+    ArrayView<uint8_t, lesc_key_size_> shared_secret
 ) {
-    MBED_ASSERT(peer_X.size() == public_key_coord_t::size());
-    MBED_ASSERT(peer_Y.size() == public_key_coord_t::size());
-    MBED_ASSERT(own_secret.size() == public_key_coord_t::size());
-    MBED_ASSERT(shared_secret.size() == dhkey_t::size());
-
     mbedtls_mpi result;
     mbedtls_mpi secret_key;
     mbedtls_ecp_point public_keys;
@@ -122,18 +129,18 @@ bool LescCrypto::generate_shared_secret(
 }
 
 
-void LescCrypto::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src) {
+void CryptoToolbox::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src) {
     ble::public_key_coord_t src_be = src.data();
     swap_endian(src_be.buffer(), src_be.size());
     mbedtls_mpi_read_binary(&dest, src_be.data(), src_be.size());
 }
 
-void LescCrypto::store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src) {
+void CryptoToolbox::store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mbedtls_mpi& src) {
     mbedtls_mpi_write_binary(&src, dest.data(), dest.size());
     swap_endian(dest.data(), dest.size());
 }
 
-void LescCrypto::swap_endian(uint8_t* buf, size_t len) {
+void CryptoToolbox::swap_endian(uint8_t* buf, size_t len) {
     for(size_t low = 0, high = (len - 1); high > low; --high, ++low) {
         std::swap(buf[low], buf[high]);
     }

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xCrypto.h

@@ -1,3 +1,19 @@
+/* mbed Microcontroller Library
+ * Copyright (c) 2018-2018 ARM Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 #ifndef NRF5X_CRYPTO_
 #define NRF5X_CRYPTO_
 
@@ -29,33 +45,34 @@ namespace pal {
 namespace vendor {
 namespace nordic {
 
-class LescCrypto : mbed::NonCopyable<LescCrypto> {
+class CryptoToolbox : mbed::NonCopyable<CryptoToolbox> {
 
 public:
-    LescCrypto();
+    static const ptrdiff_t lesc_key_size_ = public_key_coord_t::size_;
 
-    ~LescCrypto();
+
+    CryptoToolbox();
+
+    ~CryptoToolbox();
 
     bool generate_keys(
-        ArrayView<uint8_t> X,
+        ArrayView<uint8_t, lesc_key_size_> X,
-        ArrayView<uint8_t> Y,
+        ArrayView<uint8_t, lesc_key_size_> Y,
-        ArrayView<uint8_t> secret
+        ArrayView<uint8_t, lesc_key_size_> secret
     );
 
     bool generate_shared_secret(
-        const ArrayView<const uint8_t>& peer_X,
+        const ArrayView<const uint8_t, lesc_key_size_>& peer_X,
-        const ArrayView<const uint8_t>& peer_Y,
+        const ArrayView<const uint8_t, lesc_key_size_>& peer_Y,
-        const ArrayView<const uint8_t>& own_secret,
+        const ArrayView<const uint8_t, lesc_key_size_>& own_secret,
-        ArrayView<uint8_t> shared_secret
+        ArrayView<uint8_t, lesc_key_size_> shared_secret
     );
 
 private:
 
-    void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src);
+    void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src);
 
-    void store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src);
+    void store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mbedtls_mpi& src);
-
-    void swap_endian(ArrayView<uint8_t>& to_swap);
 
     void swap_endian(uint8_t* buf, size_t len);
 

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp

@@ -105,9 +105,9 @@ nRF5xSecurityManager::~nRF5xSecurityManager()
 ble_error_t nRF5xSecurityManager::initialize()
 {
     if (_crypto.generate_keys(
-        make_ArrayView(X.buffer(), X.size()),
+        make_ArrayView(X),
-        make_ArrayView(Y.buffer(), Y.size()),
+        make_ArrayView(Y),
-        make_ArrayView(secret.buffer(), secret.size())
+        make_ArrayView(secret)
     )) {
         return BLE_ERROR_NONE;
     }
@@ -800,13 +800,13 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
             const ble_gap_evt_lesc_dhkey_request_t& dhkey_request =
                 gap_evt.params.lesc_dhkey_request;
 
-            size_t key_size = public_key_coord_t::size();
+            static const size_t key_size = public_key_coord_t::size_;
             ble_gap_lesc_dhkey_t shared_secret;
 
             _crypto.generate_shared_secret(
-                make_const_ArrayView(dhkey_request.p_pk_peer->pk, key_size),
+                make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk),
-                make_const_ArrayView(dhkey_request.p_pk_peer->pk + key_size, key_size),
+                make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk + key_size),
-                make_const_ArrayView(secret.data(), secret.size()),
+                make_const_ArrayView(secret),
                 shared_secret.key
             );
 

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h

@@ -337,7 +337,7 @@ private:
     void release_all_pairing_cb();
 
     pairing_control_block_t* _control_blocks;
-    LescCrypto _crypto;
+    CryptoToolbox _crypto;
     ble::public_key_coord_t X;
     ble::public_key_coord_t Y;
     ble::public_key_coord_t secret;