BLE - Nordic: Release crypto cell when not in use.

Previously, the CryptoToolbox was allocated once as part of the security manager. This was inneficient memory wise as it is only use to prepare key at initialization and when we need to compute shared keys. This was also inneficient power consumption wise as the Crypto cell was kept enabled even when it wasn't used. This fix creates a CryptoToolbox whenever it is needed and release it once it has fulfilled its purpose. Note that CryptoToolbox allocation happens on the heap as mbed tls data structure are huge and there's an high risk of crushing the stack.
2019-01-14 16:56:07 +00:00 · 2019-01-14 16:56:07 +00:00 · a10a10a3d7
parent ebf3a192e1
commit a10a10a3d7
2 changed files with 12 additions and 7 deletions
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp
@ -111,15 +111,17 @@ nRF5xSecurityManager::~nRF5xSecurityManager()
 ble_error_t nRF5xSecurityManager::initialize()
 {
 #if defined(MBEDTLS_ECDH_C)
-    if (_crypto.generate_keys(
+    // Note: we do not use the object on the stack as the CryptoToolbox is quite large
+    // Please do not change or we risk a stack overflow.
+    CryptoToolbox* crypto = new CryptoToolbox();
+    bool success = crypto->generate_keys(
        make_ArrayView(X),
        make_ArrayView(Y),
        make_ArrayView(secret)
-    )) {
-        return BLE_ERROR_NONE;
-    }
+    );
+    delete crypto;

-    return BLE_ERROR_INTERNAL_STACK_FAILURE;
+    return success ? BLE_ERROR_NONE : BLE_ERROR_INTERNAL_STACK_FAILURE;
 #endif
    return BLE_ERROR_NONE;
 }
@ -934,12 +936,16 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
            static const size_t key_size = public_key_coord_t::size_;
            ble_gap_lesc_dhkey_t shared_secret;

-            _crypto.generate_shared_secret(
+            // Allocated on the heap to reduce stack pressure. 
+            // Risk stack overflows if allocated on stack.
+            CryptoToolbox* crypto = new CryptoToolbox();
+            crypto->generate_shared_secret(
                make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk),
                make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk + key_size),
                make_const_ArrayView(secret),
                shared_secret.key
            );
+            delete crypto;

            sd_ble_gap_lesc_dhkey_reply(connection, &shared_secret);

--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h
@ -360,7 +360,6 @@ private:

    pairing_control_block_t* _control_blocks;
 #if defined(MBEDTLS_ECDH_C)
-    CryptoToolbox _crypto;
    ble::public_key_coord_t X;
    ble::public_key_coord_t Y;
    ble::public_key_coord_t secret;