mirror/btstack
1
0
Fork 0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-04-16 08:42:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

sm: use correct ec test key, reduce memory to 1500 bytes

Browse Source
This commit is contained in:
Matthias Ringwald 2016-06-09 15:07:53 +02:00
parent d7748d9cec
commit a83a05444b
3 changed files with 119 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
3rd-party/mbedtls/include/mbedtls/config.h vendored
View File

@ -37,7 +37,6 @@
// test to force malloc-free version
// #undef HAVE_MALLOC
// #define MBEDTLS_CALLOC_TRACKER
#ifndef HAVE_MALLOC
#define MBEDTLS_PLATFORM_MEMORY
@ -2449,8 +2448,8 @@ void sm_mbedtls_allocator_free(void * data);
/* ECP options */
//#define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
#define MBEDTLS_ECP_WINDOW_SIZE 2 /**< Maximum window size used */
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Enable fixed-point speed-up */
/* Entropy options */
//#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */

50
src/ble/sm.c
View File

@ -229,13 +229,8 @@ static uint8_t ec_qx[32];
static uint8_t ec_qy[32];
static uint8_t ec_d[32];
#ifndef HAVE_MALLOC
#ifdef ENABLE_FIXED_LE_EC_KEY
// 232 bytes with 6 allocations
#define MBEDTLS_ALLOC_BUFFER_SIZE (250+6*sizeof(void *))
#else
// 4304 bytes with 73 allocations
#define MBEDTLS_ALLOC_BUFFER_SIZE (4500+73*sizeof(void *))
#endif
#define MBEDTLS_ALLOC_BUFFER_SIZE (1300+23*sizeof(void *))
static uint8_t mbedtls_memory_buffer[MBEDTLS_ALLOC_BUFFER_SIZE];
#endif
#endif
@ -1137,14 +1132,6 @@ static void sm_init_setup(sm_connection_t * sm_conn){
}
uint8_t auth_req = sm_auth_req;
#ifdef ENABLE_FIXED_LE_EC_KEY
if (auth_req & SM_AUTHREQ_SECURE_CONNECTION){
if (!sm_have_ec_keypair){
log_error("sm: disablling secure connection as key generation disabled but no fixed key provided.");
auth_req &= ~SM_AUTHREQ_SECURE_CONNECTION;
}
}
#endif
sm_pairing_packet_set_io_capability(*local_packet, sm_io_capabilities);
sm_pairing_packet_set_oob_data_flag(*local_packet, have_oob_data);
sm_pairing_packet_set_auth_req(*local_packet, auth_req);
@ -2612,6 +2599,15 @@ static void sm_handle_random_result(uint8_t * data){
mbedtls_ecp_point_free(&P);
mbedtls_mpi_free(&d);
ec_key_generation_state = EC_KEY_GENERATION_DONE;
#if 1
printf("test dhkey check\n");
sm_key256_t dhkey;
memcpy(setup->sm_peer_qx, ec_qx, 32);
memcpy(setup->sm_peer_qy, ec_qy, 32);
sm_sc_calculate_dhkey(dhkey);
#endif
}
}
#endif
@ -2728,12 +2724,10 @@ static void sm_event_packet_handler (uint8_t packet_type, uint16_t channel, uint
dkg_state = sm_persistent_irk_ready ? DKG_CALC_DHK : DKG_CALC_IRK;
rau_state = RAU_IDLE;
#ifdef USE_MBEDTLS_FOR_ECDH
#ifndef ENABLE_FIXED_LE_EC_KEY
if (!sm_have_ec_keypair){
setup->sm_passkey_bit = 0;
ec_key_generation_state = EC_KEY_GENERATION_ACTIVE;
}
#endif
#endif
sm_run();
}
@ -3422,19 +3416,23 @@ void sm_init(void){
#ifdef USE_MBEDTLS_FOR_ECDH
ec_key_generation_state = EC_KEY_GENERATION_IDLE;
mbedtls_ecp_group_init(&mbedtls_ec_group);
mbedtls_ecp_group_load(&mbedtls_ec_group, MBEDTLS_ECP_DP_SECP256R1);
#ifndef HAVE_MALLOC
sm_mbedtls_allocator_init(mbedtls_memory_buffer, sizeof(mbedtls_memory_buffer));
#endif
mbedtls_ecp_group_init(&mbedtls_ec_group);
mbedtls_ecp_group_load(&mbedtls_ec_group, MBEDTLS_ECP_DP_SECP256R1);
#if 0
// test
printf("test dhkey check\n");
sm_key256_t dhkey;
memcpy(setup->sm_peer_qx, ec_qx, 32);
memcpy(setup->sm_peer_qy, ec_qy, 32);
sm_sc_calculate_dhkey(dhkey);
sm_test_use_fixed_ec_keypair();
if (sm_have_ec_keypair){
printf("test dhkey check\n");
sm_key256_t dhkey;
memcpy(setup->sm_peer_qx, ec_qx, 32);
memcpy(setup->sm_peer_qy, ec_qy, 32);
sm_sc_calculate_dhkey(dhkey);
}
#endif
#endif
}
@ -3453,11 +3451,11 @@ void sm_test_use_fixed_ec_keypair(void){
mbedtls_mpi x;
mbedtls_mpi_init(&x);
mbedtls_mpi_read_string( &x, 16, "3f49f6d4a3c55f3874c9b3e3d2103f504aff607beb40b7995899b8a6cd3c1abd");
mbedtls_mpi_write_binary(&x, ec_qx, 16);
mbedtls_mpi_write_binary(&x, ec_d, 32);
mbedtls_mpi_read_string( &x, 16, "20b003d2f297be2c5e2c83a7e9f9a5b9eff49111acf4fddbcc0301480e359de6");
mbedtls_mpi_write_binary(&x, ec_qy, 16);
mbedtls_mpi_write_binary(&x, ec_qx, 32);
mbedtls_mpi_read_string( &x, 16, "dc809c49652aeb6d63329abf5a52155c766345c28fed3024741c8ed01589d28b");
mbedtls_mpi_write_binary(&x, ec_d, 16);
mbedtls_mpi_write_binary(&x, ec_qy, 32);
mbedtls_mpi_free(&x);
#endif
sm_have_ec_keypair = 1;

97
src/ble/sm_mbedtls_allocator.c
View File

@ -43,6 +43,7 @@
#include "sm_mbedtls_allocator.h"
#include "btstack_util.h"
#include "btstack_debug.h"
#ifdef ENABLE_LE_SECURE_CONNECTIONS
#ifdef HAVE_HCI_CONTROLLER_DHKEY_SUPPORT
@ -65,6 +66,11 @@ size_t mbed_memory_max;
size_t mbed_memory_smallest_buffer = 0xfffffff;
int mbed_memory_num_allocations;
#define NUM_SIZES 150
int current_individual_allocation[NUM_SIZES];
int max_individual_allocation[NUM_SIZES];
int max_total_allocation[NUM_SIZES];
// customized allocator for use with BTstack's Security Manager
// assumptions:
// - allocations are multiple of 8
@ -81,6 +87,60 @@ static sm_allocator_node_t * sm_mbedtls_node_for_offset(uint32_t offset){
return (sm_allocator_node_t *) (sm_allocator_buffer + offset);
}
static void dump_allocations(void){
size_t overhead = mbed_memory_num_allocations * sizeof(void*);
printf("SM Per Block - Summary: Allocations %u. Current %lu (+ %zu = %zu used), Max %lu.\n",
mbed_memory_num_allocations,
mbed_memory_allocated_current, overhead, mbed_memory_allocated_current + overhead,
mbed_memory_allocated_max);
int i;
int total = 0;
printf("- current : [ ");
for (i=0;i<sizeof(current_individual_allocation) / sizeof(int);i++){
printf("%02u ", current_individual_allocation[i]);
total += current_individual_allocation[i] * i * 8;
if (i == 16) {
printf(" - ");
i = 40;
}
if (i == 46) {
printf(" - ");
i = 140;
}
}
printf(" = %u\n", total);
printf("- current max: [ ");
total = 0;
for (i=0;i<sizeof(max_individual_allocation) / sizeof(int);i++){
printf("%02u ", max_individual_allocation[i]);
total += max_individual_allocation[i] * i * 8;
if (i == 16) {
printf(" - ");
i = 40;
}
if (i == 46) {
printf(" - ");
i = 140;
}
}
printf(" = %u\n", total);
printf("- total max: [ ");
total = 0;
for (i=0;i<sizeof(max_total_allocation) / sizeof(int);i++){
printf("%02u ", max_total_allocation[i]);
total += max_total_allocation[i] * i * 8;
if (i == 16) {
printf(" - ");
i = 40;
}
if (i == 46) {
printf(" - ");
i = 140;
}
}
printf(" = %u\n", total);
}
void sm_mbedtls_allocator_status(void){
#ifdef DEBUG_ALLOCATIONS
uint32_t current_pos = 0;
@ -100,17 +160,19 @@ void sm_mbedtls_allocator_status(void){
mbed_memory_num_allocations,
mbed_memory_allocated_current, overhead, mbed_memory_allocated_current + overhead,
mbed_memory_allocated_max, bytes_free, bytes_free + mbed_memory_allocated_current + overhead );
dump_allocations();
#endif
}
static inline void sm_mbedtls_allocator_update_max(){
#if 0
#if 1
uint32_t current_pos = 0;
sm_allocator_node_t * current = sm_mbedtls_node_for_offset(current_pos);
while (1){
if (current_pos + 8 > mbed_memory_space_max) {
mbed_memory_space_max = current_pos + 8;
printf("SM Alloc: space used %zu (%zu data + %u allocations)\n", mbed_memory_space_max, mbed_memory_allocated_current, mbed_memory_num_allocations);
mbed_memory_space_max = current_pos + 8;
printf("SM Alloc: space used %zu (%zu data + %u allocations)\n", mbed_memory_space_max, mbed_memory_allocated_current, mbed_memory_num_allocations);
}
current_pos = current->next;
current = sm_mbedtls_node_for_offset(current_pos);
@ -119,14 +181,35 @@ static inline void sm_mbedtls_allocator_update_max(){
#endif
}
void * sm_mbedtls_allocator_calloc(size_t count, size_t size){
size_t num_bytes = count * size;
size_t total = num_bytes + sizeof(void *);
mbed_memory_allocated_current += num_bytes;
mbed_memory_allocated_max = btstack_max(mbed_memory_allocated_max, mbed_memory_allocated_current);
mbed_memory_smallest_buffer = btstack_min(mbed_memory_smallest_buffer, num_bytes);
mbed_memory_num_allocations++;
// printf("SM Alloc %zu bytes\n", num_bytes);
// if (num_bytes > 1000){
// printf("big alloc!\n");
// }
int index = num_bytes / 8;
current_individual_allocation[index]++;
if (current_individual_allocation[index] > max_individual_allocation[index]){
max_individual_allocation[index] = current_individual_allocation[index];
dump_allocations();
}
// mbed_memory_allocated_max = btstack_max(mbed_memory_allocated_max, mbed_memory_allocated_current);
if (mbed_memory_allocated_current > mbed_memory_allocated_max){
memcpy(max_total_allocation, current_individual_allocation, sizeof(max_total_allocation));
mbed_memory_allocated_max = mbed_memory_allocated_current;
dump_allocations();
}
uint32_t prev_pos, current_pos, node_pos;
sm_allocator_node_t * prev, * current, * node;
@ -204,6 +287,12 @@ void sm_mbedtls_allocator_free(void * data){
size_t num_bytes = total - sizeof(void *);
mbed_memory_allocated_current -= num_bytes;
mbed_memory_num_allocations--;
int index = num_bytes / 8;
current_individual_allocation[index]--;
// printf("SM Free %zu bytes\n", num_bytes);
#ifdef DEBUG_ALLOCATIONS
printf("sm_mbedtls_allocator_free: pos %u, total %zu\n", current_pos, total);