Nordic BLE: Remove dependency to mbedtls for CryptoToolbox::ah.

pan- · pan- · commit d427fcfb59af · 2018-05-22T17:33:49.000+01:00
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xCrypto.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xCrypto.cpp
@@ -32,6 +32,8 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/ecp.h"
 
+#endif
+
 #include "platform/NonCopyable.h"
 #include "platform/CriticalSectionLock.h"
 #include "ble/BLETypes.h"
@@ -46,6 +48,8 @@ namespace pal {
 namespace vendor {
 namespace nordic {
 
+#if defined(MBEDTLS_ECDH_C)
+
 CryptoToolbox::CryptoToolbox() : _initialized(false) {
     mbedtls_entropy_init(&_entropy_context);
     mbedtls_ecp_group_init(&_group);
@@ -131,6 +135,8 @@ bool CryptoToolbox::generate_shared_secret(
     return err ? false : true;
 }
 
+#endif
+
 bool CryptoToolbox::ah(
     const ArrayView<const uint8_t, irk_size_>& irk,
     const ArrayView<const uint8_t, prand_size_>& prand,
@@ -161,6 +167,7 @@ bool CryptoToolbox::ah(
     return true;
 }
 
+#if defined(MBEDTLS_ECDH_C)
 
 void CryptoToolbox::load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src) {
     ble::public_key_coord_t src_be = src.data();
@@ -173,6 +180,8 @@ void CryptoToolbox::store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mb
     swap_endian(dest.data(), dest.size());
 }
 
+#endif
+
 void CryptoToolbox::swap_endian(uint8_t* buf, size_t len) {
     for(size_t low = 0, high = (len - 1); high > low; --high, ++low) {
         std::swap(buf[low], buf[high]);
@@ -183,6 +192,3 @@ void CryptoToolbox::swap_endian(uint8_t* buf, size_t len) {
 } // vendor
 } // pal
 } // ble
-
-#endif //defined(MBEDTLS_ECDH_C)
-
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xCrypto.h b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xCrypto.h
@@ -31,6 +31,8 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/ecp.h"
 
+#endif
+
 #include "platform/NonCopyable.h"
 #include "ble/BLETypes.h"
 
@@ -65,6 +67,8 @@ class CryptoToolbox : mbed::NonCopyable<CryptoToolbox> {
      */
     static const ptrdiff_t prand_size_ = 3;
 
+#if defined(MBEDTLS_ECDH_C)
+
     /**
      * Create a new CryptoToolbox.
      */
@@ -105,6 +109,8 @@ class CryptoToolbox : mbed::NonCopyable<CryptoToolbox> {
         ArrayView<uint8_t, lesc_key_size_> shared_secret
     );
 
+#endif
+
     /**
      * Execute the function ah. This function can be used to generate private
      * resolvable addresses and resolve them.
@@ -118,29 +124,33 @@ class CryptoToolbox : mbed::NonCopyable<CryptoToolbox> {
      *
      * @return true in case of success and false otherwise.
      */
-    bool ah(
+    static bool ah(
         const ArrayView<const uint8_t, irk_size_>& irk,
         const ArrayView<const uint8_t, prand_size_>& prand,
         ArrayView<uint8_t, hash_size_> hash
     );
 
 private:
+
+#if defined(MBEDTLS_ECDH_C)
     void load_mpi(mbedtls_mpi& dest, const ArrayView<const uint8_t, lesc_key_size_>& src);
 
     void store_mpi(ArrayView<uint8_t, lesc_key_size_>& dest, const mbedtls_mpi& src);
+#endif
 
-    void swap_endian(uint8_t* buf, size_t len);
+    static void swap_endian(uint8_t* buf, size_t len);
 
+#if defined(MBEDTLS_ECDH_C)
     bool _initialized;
     mbedtls_entropy_context _entropy_context;
     mbedtls_ecp_group _group;
+#endif
+
 };
 
 } // nordic
 } // vendor
 } // pal
 } // ble
 
-#endif // defined(MBEDTLS_ECDH_C)
-
 #endif // NRF5X_CRYPTO_
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF51/source/nRF5xPalSecurityManager.cpp
@@ -213,7 +213,6 @@ nRF5xSecurityManager::get_resolving_list() {
 
 const nRF5xSecurityManager::resolving_list_entry_t*
 nRF5xSecurityManager::resolve_address(const address_t& resolvable_address) {
-#if defined(MBEDTLS_ECDH_C)
     typedef byte_array_t<CryptoToolbox::hash_size_> hash_t;
 
     for (size_t i = 0; i < resolving_list_entry_count; ++i) {
@@ -222,7 +221,7 @@ nRF5xSecurityManager::resolve_address(const address_t& resolvable_address) {
 
         // Compute the hash part from the random address part when the irk of
         // the entry is used
-        _crypto.ah(
+        CryptoToolbox::ah(
             make_const_ArrayView<CryptoToolbox::irk_size_>(entry.peer_irk),
             make_const_ArrayView<CryptoToolbox::prand_size_>(
                 resolvable_address.data() + CryptoToolbox::hash_size_
@@ -237,7 +236,7 @@ nRF5xSecurityManager::resolve_address(const address_t& resolvable_address) {
             return &entry;
         }
     }
-#endif
+
     return NULL;
 }
 
