BLE: use ArrayView to pass and get parameters in Crypto API

This change allow vendor pal code to use its own array format.

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5XCrypto.cpp

@@ -20,6 +20,7 @@
 #include "ble/BLETypes.h"
 #include "cmsis.h"
 #include "nRF5xCrypto.h"
+#include "platform/mbed_assert.h"
 
 namespace ble {
 namespace pal {
@@ -42,10 +43,14 @@ LescCrypto::~LescCrypto() {
 }
 
 bool LescCrypto::generate_keys(
-    ble::public_key_coord_t& X,
-    ble::public_key_coord_t& Y,
-    ble::public_key_coord_t& secret
+    ArrayView<uint8_t> X,
+    ArrayView<uint8_t> Y,
+    ArrayView<uint8_t> secret
 ) {
+    MBED_ASSERT(X.size() == public_key_coord_t::size());
+    MBED_ASSERT(Y.size() == public_key_coord_t::size());
+    MBED_ASSERT(secret.size() == public_key_coord_t::size());
+
     mbedtls_mpi secret_key;
     mbedtls_ecp_point public_keys;
 
@@ -73,11 +78,16 @@ bool LescCrypto::generate_keys(
 }
 
 bool LescCrypto::generate_shared_secret(
-    const ble::public_key_coord_t& peer_X,
-    const ble::public_key_coord_t& peer_Y,
-    const ble::public_key_coord_t& own_secret,
-    ble::public_key_coord_t& shared_secret
+    const ArrayView<const uint8_t>& peer_X,
+    const ArrayView<const uint8_t>& peer_Y,
+    const ArrayView<const uint8_t>& own_secret,
+    ArrayView<uint8_t> shared_secret
 ) {
+    MBED_ASSERT(peer_X.size() == public_key_coord_t::size());
+    MBED_ASSERT(peer_Y.size() == public_key_coord_t::size());
+    MBED_ASSERT(own_secret.size() == public_key_coord_t::size());
+    MBED_ASSERT(shared_secret.size() == dhkey_t::size());
+
     mbedtls_mpi result;
     mbedtls_mpi secret_key;
     mbedtls_ecp_point public_keys;
@@ -112,19 +122,15 @@ bool LescCrypto::generate_shared_secret(
 }
 
 
-void LescCrypto::load_mpi(mbedtls_mpi& dest, const ble::public_key_coord_t& src) {
-    ble::public_key_coord_t src_be = src;
-    swap_endian(src_be);
-    mbedtls_mpi_read_binary(&dest, src_be.buffer(), src_be.size());
+void LescCrypto::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src) {
+    ble::public_key_coord_t src_be = src.data();
+    swap_endian(src_be.buffer(), src_be.size());
+    mbedtls_mpi_read_binary(&dest, src_be.data(), src_be.size());
 }
 
-void LescCrypto::store_mpi(ble::public_key_coord_t& dest, const mbedtls_mpi& src) {
-    mbedtls_mpi_write_binary(&src, dest.buffer(), dest.size());
-    swap_endian(dest);
-}
-
-void LescCrypto::swap_endian(ble::public_key_coord_t& to_swap) {
-    swap_endian(to_swap.buffer(), to_swap.size());
+void LescCrypto::store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src) {
+    mbedtls_mpi_write_binary(&src, dest.data(), dest.size());
+    swap_endian(dest.data(), dest.size());
 }
 
 void LescCrypto::swap_endian(uint8_t* buf, size_t len) {

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xCrypto.h

@@ -22,6 +22,7 @@
 #include "platform/CriticalSectionLock.h"
 #include "ble/BLETypes.h"
 #include "cmsis.h"
+#include "ble/ArrayView.h"
 
 namespace ble {
 namespace pal {
@@ -36,25 +37,25 @@ public:
     ~LescCrypto();
 
     bool generate_keys(
-        ble::public_key_coord_t& X,
-        ble::public_key_coord_t& Y,
-        ble::public_key_coord_t& secret
+        ArrayView<uint8_t> X,
+        ArrayView<uint8_t> Y,
+        ArrayView<uint8_t> secret
     );
 
     bool generate_shared_secret(
-        const ble::public_key_coord_t& peer_X,
-        const ble::public_key_coord_t& peer_Y,
-        const ble::public_key_coord_t& own_secret,
-        ble::public_key_coord_t& shared_secret
+        const ArrayView<const uint8_t>& peer_X,
+        const ArrayView<const uint8_t>& peer_Y,
+        const ArrayView<const uint8_t>& own_secret,
+        ArrayView<uint8_t> shared_secret
     );
 
 private:
 
-    void load_mpi(mbedtls_mpi& dest, const ble::public_key_coord_t& src);
+    void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t>& src);
 
-    void store_mpi(ble::public_key_coord_t& dest, const mbedtls_mpi& src);
+    void store_mpi(ArrayView<uint8_t>& dest, const mbedtls_mpi& src);
 
-    void swap_endian(ble::public_key_coord_t& to_swap);
+    void swap_endian(ArrayView<uint8_t>& to_swap);
 
     void swap_endian(uint8_t* buf, size_t len);
 

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp

@@ -104,7 +104,11 @@ nRF5xSecurityManager::~nRF5xSecurityManager()
 
 ble_error_t nRF5xSecurityManager::initialize()
 {
-    if (_crypto.generate_keys(X, Y, secret)) {
+    if (_crypto.generate_keys(
+        make_ArrayView(X.buffer(), X.size()),
+        make_ArrayView(Y.buffer(), Y.size()),
+        make_ArrayView(secret.buffer(), secret.size())
+    )) {
         return BLE_ERROR_NONE;
     }
 
@@ -797,19 +801,15 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
                 gap_evt.params.lesc_dhkey_request;
 
             size_t key_size = public_key_coord_t::size();
-            public_key_coord_t peer_X(dhkey_request.p_pk_peer->pk, key_size);
-            public_key_coord_t peer_Y(dhkey_request.p_pk_peer->pk + key_size, key_size);
-            public_key_coord_t sh_secret;
             ble_gap_lesc_dhkey_t shared_secret;
 
             _crypto.generate_shared_secret(
-                peer_X,
-                peer_Y,
-                self.secret,
-                sh_secret
+                make_const_ArrayView(dhkey_request.p_pk_peer->pk, key_size),
+                make_const_ArrayView(dhkey_request.p_pk_peer->pk + key_size, key_size),
+                make_const_ArrayView(secret.data(), secret.size()),
+                shared_secret.key
             );
 
-            memcpy(shared_secret.key, sh_secret.data(), sh_secret.size());
             sd_ble_gap_lesc_dhkey_reply(connection, &shared_secret);
 
             if (dhkey_request.oobd_req) {