BLE - Nordic: Release crypto cell when not in use.

pan- · pan- · commit a10a10a3d72b · 2019-01-14T16:56:07.000Z
Previously, the CryptoToolbox was allocated once as part of the security manager.
This was inneficient memory wise as it is only use to prepare key at initialization
and when we need to compute shared keys.
This was also inneficient power consumption wise as the Crypto cell was kept enabled even
when it wasn't used.

This fix creates a CryptoToolbox whenever it is needed and release it once it has fulfilled its
purpose. Note that CryptoToolbox allocation happens on the heap as mbed tls data structure are huge
and there's an high risk of crushing the stack.
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp
@@ -111,15 +111,17 @@ nRF5xSecurityManager::~nRF5xSecurityManager()
 ble_error_t nRF5xSecurityManager::initialize()
 {
 #if defined(MBEDTLS_ECDH_C)
-    if (_crypto.generate_keys(
+    // Note: we do not use the object on the stack as the CryptoToolbox is quite large
+    // Please do not change or we risk a stack overflow.
+    CryptoToolbox* crypto = new CryptoToolbox();
+    bool success = crypto->generate_keys(
         make_ArrayView(X),
         make_ArrayView(Y),
         make_ArrayView(secret)
-    )) {
-        return BLE_ERROR_NONE;
-    }
+    );
+    delete crypto;
 
-    return BLE_ERROR_INTERNAL_STACK_FAILURE;
+    return success ? BLE_ERROR_NONE : BLE_ERROR_INTERNAL_STACK_FAILURE;
 #endif
     return BLE_ERROR_NONE;
 }
@@ -934,12 +936,16 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
             static const size_t key_size = public_key_coord_t::size_;
             ble_gap_lesc_dhkey_t shared_secret;
 
-            _crypto.generate_shared_secret(
+            // Allocated on the heap to reduce stack pressure. 
+            // Risk stack overflows if allocated on stack.
+            CryptoToolbox* crypto = new CryptoToolbox();
+            crypto->generate_shared_secret(
                 make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk),
                 make_const_ArrayView<key_size>(dhkey_request.p_pk_peer->pk + key_size),
                 make_const_ArrayView(secret),
                 shared_secret.key
             );
+            delete crypto;
 
             sd_ble_gap_lesc_dhkey_reply(connection, &shared_secret);
 
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.h
@@ -360,7 +360,6 @@ class nRF5xSecurityManager : public ::ble::pal::SecurityManager {
 
     pairing_control_block_t* _control_blocks;
 #if defined(MBEDTLS_ECDH_C)
-    CryptoToolbox _crypto;
     ble::public_key_coord_t X;
     ble::public_key_coord_t Y;
     ble::public_key_coord_t secret;
