ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

BLE: CryptoToolbox enhancement 

- Rename LescCrypto into CryptoToolbox
- Use ArrayView of fixed size as parameters
- Add licence
pull/6932/head
Vincent Coubard 2018-04-04 15:31:31 +01:00
parent cd39406d20
commit 59a301a256
4 changed files with 69 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5XCrypto.cpp
View File

@ -1,3 +1,19 @@
/* mbed Microcontroller Library
* Copyright (c) 2018-2018 ARM Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <algorithm>
#if !defined(MBEDTLS_CONFIG_FILE)
@ -27,7 +43,7 @@ namespace pal {
namespace vendor {
namespace nordic {
LescCrypto::LescCrypto() : _initialized(false) {
CryptoToolbox::CryptoToolbox() : _initialized(false) {
mbedtls_entropy_init(&_entropy_context);
mbedtls_ecp_group_init(&_group);
int err = mbedtls_ecp_group_load(
@ -37,20 +53,16 @@ LescCrypto::LescCrypto() : _initialized(false) {
_initialized = err ? false : true;
}
LescCrypto::~LescCrypto() {
CryptoToolbox::~CryptoToolbox() {
mbedtls_ecp_group_free(&_group);
mbedtls_entropy_free(&_entropy_context);
}
bool LescCrypto::generate_keys(
ArrayView<uint8_t> X,
ArrayView<uint8_t> Y,
ArrayView<uint8_t> secret
bool CryptoToolbox::generate_keys(
ArrayView<uint8_t, lesc_key_size_> X,
ArrayView<uint8_t, lesc_key_size_> Y,
ArrayView<uint8_t, lesc_key_size_> secret
) {
MBED_ASSERT(X.size() == public_key_coord_t::size());
MBED_ASSERT(Y.size() == public_key_coord_t::size());
MBED_ASSERT(secret.size() == public_key_coord_t::size());
mbedtls_mpi secret_key;
mbedtls_ecp_point public_keys;
@ -77,17 +89,12 @@ bool LescCrypto::generate_keys(
return err ? false : true;
}
bool LescCrypto::generate_shared_secret(
const ArrayView<const uint8_t>& peer_X,
const ArrayView<const uint8_t>& peer_Y,
const ArrayView<const uint8_t>& own_secret,
ArrayView<uint8_t> shared_secret
bool CryptoToolbox::generate_shared_secret(
const ArrayView<const uint8_t, lesc_key_size_>& peer_X,
const ArrayView<const uint8_t, lesc_key_size_>& peer_Y,
const ArrayView<const uint8_t, lesc_key_size_>& own_secret,
ArrayView<uint8_t, lesc_key_size_> shared_secret
) {
MBED_ASSERT(peer_X.size() == public_key_coord_t::size());
MBED_ASSERT(peer_Y.size() == public_key_coord_t::size());
MBED_ASSERT(own_secret.size() == public_key_coord_t::size());
MBED_ASSERT(shared_secret.size() == dhkey_t::size());
mbedtls_mpi result;
mbedtls_mpi secret_key;
mbedtls_ecp_point public_keys;
@ -122,18 +129,18 @@ bool LescCrypto::generate_shared_secret(
}
void LescCrypto::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src) {
void CryptoToolbox::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src) {
ble::public_key_coord_t src_be = src.data();
swap_endian(src_be.buffer(), src_be.size());
mbedtls_mpi_read_binary(&dest, src_be.data(), src_be.size());
}
void LescCrypto::store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src) {
void CryptoToolbox::store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mbedtls_mpi& src) {
mbedtls_mpi_write_binary(&src, dest.data(), dest.size());
swap_endian(dest.data(), dest.size());
}
void LescCrypto::swap_endian(uint8_t* buf, size_t len) {
void CryptoToolbox::swap_endian(uint8_t* buf, size_t len) {
for(size_t low = 0, high = (len - 1); high > low; --high, ++low) {
std::swap(buf[low], buf[high]);
}

45
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xCrypto.h
View File

@ -1,3 +1,19 @@
/* mbed Microcontroller Library
* Copyright (c) 2018-2018 ARM Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef NRF5X_CRYPTO_
#define NRF5X_CRYPTO_
@ -29,33 +45,34 @@ namespace pal {
namespace vendor {
namespace nordic {
class LescCrypto : mbed::NonCopyable<LescCrypto> {
class CryptoToolbox : mbed::NonCopyable<CryptoToolbox> {
public:
LescCrypto();
static const ptrdiff_t lesc_key_size_ = public_key_coord_t::size_;
~LescCrypto();
CryptoToolbox();
~CryptoToolbox();
bool generate_keys(
ArrayView<uint8_t> X,
ArrayView<uint8_t> Y,
ArrayView<uint8_t> secret
ArrayView<uint8_t, lesc_key_size_> X,
ArrayView<uint8_t, lesc_key_size_> Y,
ArrayView<uint8_t, lesc_key_size_> secret
);
bool generate_shared_secret(
const ArrayView<const uint8_t>& peer_X,
const ArrayView<const uint8_t>& peer_Y,
const ArrayView<const uint8_t>& own_secret,
ArrayView<uint8_t> shared_secret
const ArrayView<const uint8_t, lesc_key_size_>& peer_X,
const ArrayView<const uint8_t, lesc_key_size_>& peer_Y,
const ArrayView<const uint8_t, lesc_key_size_>& own_secret,
ArrayView<uint8_t, lesc_key_size_> shared_secret
);
private:
void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src);
void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src);
void store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src);
void swap_endian(ArrayView<uint8_t>& to_swap);
void store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mbedtls_mpi& src);
void swap_endian(uint8_t* buf, size_t len);

14
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp
View File

@ -105,9 +105,9 @@ nRF5xSecurityManager::~nRF5xSecurityManager()
ble_error_t nRF5xSecurityManager::initialize()
{
if (_crypto.generate_keys(
make_ArrayView(X.buffer(), X.size()),
make_ArrayView(Y.buffer(), Y.size()),
make_ArrayView(secret.buffer(), secret.size())
make_ArrayView(X),
make_ArrayView(Y),
make_ArrayView(secret)
)) {
return BLE_ERROR_NONE;
}
@ -800,13 +800,13 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
const ble_gap_evt_lesc_dhkey_request_t& dhkey_request =
gap_evt.params.lesc_dhkey_request;
size_t key_size = public_key_coord_t::size();
static const size_t key_size = public_key_coord_t::size_;
ble_gap_lesc_dhkey_t shared_secret;
_crypto.generate_shared_secret(
make_const_ArrayView(dhkey_request.p_pk_peer->pk, key_size),
make_const_ArrayView(dhkey_request.p_pk_peer->pk + key_size, key_size),
make_const_ArrayView(secret.data(), secret.size()),
make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk),
make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk + key_size),
make_const_ArrayView(secret),
shared_secret.key
);

2
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h
View File

@ -337,7 +337,7 @@ private:
void release_all_pairing_cb();
pairing_control_block_t* _control_blocks;
LescCrypto _crypto;
CryptoToolbox _crypto;
ble::public_key_coord_t X;
ble::public_key_coord_t Y;
ble::public_key_coord_t secret;