From a10a10a3d72baf58bef91eff4767710c9bb3395f Mon Sep 17 00:00:00 2001 From: Vincent Coubard Date: Mon, 14 Jan 2019 16:56:07 +0000 Subject: [PATCH] BLE - Nordic: Release crypto cell when not in use. Previously, the CryptoToolbox was allocated once as part of the security manager. This was inneficient memory wise as it is only use to prepare key at initialization and when we need to compute shared keys. This was also inneficient power consumption wise as the Crypto cell was kept enabled even when it wasn't used. This fix creates a CryptoToolbox whenever it is needed and release it once it has fulfilled its purpose. Note that CryptoToolbox allocation happens on the heap as mbed tls data structure are huge and there's an high risk of crushing the stack. --- .../source/nRF5xPalSecurityManager.cpp | 18 ++++++++++++------ .../source/nRF5xPalSecurityManager.h | 1 - 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp index a1d6b1e7e9..0955becc08 100644 --- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp +++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp @@ -111,15 +111,17 @@ nRF5xSecurityManager::~nRF5xSecurityManager() ble_error_t nRF5xSecurityManager::initialize() { #if defined(MBEDTLS_ECDH_C) - if (_crypto.generate_keys( + // Note: we do not use the object on the stack as the CryptoToolbox is quite large + // Please do not change or we risk a stack overflow. + CryptoToolbox* crypto = new CryptoToolbox(); + bool success = crypto->generate_keys( make_ArrayView(X), make_ArrayView(Y), make_ArrayView(secret) - )) { - return BLE_ERROR_NONE; - } + ); + delete crypto; - return BLE_ERROR_INTERNAL_STACK_FAILURE; + return success ? BLE_ERROR_NONE : BLE_ERROR_INTERNAL_STACK_FAILURE; #endif return BLE_ERROR_NONE; } @@ -934,12 +936,16 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt) static const size_t key_size = public_key_coord_t::size_; ble_gap_lesc_dhkey_t shared_secret; - _crypto.generate_shared_secret( + // Allocated on the heap to reduce stack pressure. + // Risk stack overflows if allocated on stack. + CryptoToolbox* crypto = new CryptoToolbox(); + crypto->generate_shared_secret( make_const_ArrayView(dhkey_request.p_pk_peer->pk), make_const_ArrayView(dhkey_request.p_pk_peer->pk + key_size), make_const_ArrayView(secret), shared_secret.key ); + delete crypto; sd_ble_gap_lesc_dhkey_reply(connection, &shared_secret); diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h index 30ac7e20cc..b5a55d9dc0 100644 --- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h +++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h @@ -360,7 +360,6 @@ private: pairing_control_block_t* _control_blocks; #if defined(MBEDTLS_ECDH_C) - CryptoToolbox _crypto; ble::public_key_coord_t X; ble::public_key_coord_t Y; ble::public_key_coord_t secret;