[crypto] PSA API: introduce platform API for crypto dynamic memory mgmt

This commit adds two new functions, `otPlatCryptoCAlloc` and
`otPlatCryptoFree`, which provide dynamic memory management for the
crypto subsystem. They are only enabled when
`OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE` is set.

Signed-off-by: Łukasz Duda <lukasz.duda@nordicsemi.no>

Author: LuDuda

examples/apps/cli/main.c

@@ -56,8 +56,7 @@ extern void otAppCliInit(otInstance *aInstance);
 
 #if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
 OT_TOOL_WEAK void *otPlatCAlloc(size_t aNum, size_t aSize) { return calloc(aNum, aSize); }
-
-OT_TOOL_WEAK void otPlatFree(void *aPtr) { free(aPtr); }
+OT_TOOL_WEAK void  otPlatFree(void *aPtr) { free(aPtr); }
 #endif
 
 #if OPENTHREAD_POSIX && !defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)

examples/apps/ncp/main.c

@@ -62,8 +62,7 @@ extern void otAppNcpInitMulti(otInstance **aInstances, uint8_t count);
 
 #if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
 OT_TOOL_WEAK void *otPlatCAlloc(size_t aNum, size_t aSize) { return calloc(aNum, aSize); }
-
-OT_TOOL_WEAK void otPlatFree(void *aPtr) { free(aPtr); }
+OT_TOOL_WEAK void  otPlatFree(void *aPtr) { free(aPtr); }
 #endif
 
 int main(int argc, char *argv[])

include/openthread/instance.h

@@ -52,7 +52,7 @@ extern "C" {
  *
  * @note This number versions both OpenThread platform and user APIs.
  */
-#define OPENTHREAD_API_VERSION (550)
+#define OPENTHREAD_API_VERSION (551)
 
 /**
  * @addtogroup api-instance

include/openthread/platform/crypto.h

@@ -286,6 +286,33 @@ otError otPlatCryptoDestroyKey(otCryptoKeyRef aKeyRef);
  */
 bool otPlatCryptoHasKey(otCryptoKeyRef aKeyRef);
 
+/**
+ * Dynamically allocates new memory for Crypto subsystem. On platforms that support it, should just redirect to calloc.
+ * For those that don't support calloc, should support the same functionality:
+ *
+ *   "The calloc() function contiguously allocates enough space for count objects that are size bytes of
+ *   memory each and returns a pointer to the allocated memory. The allocated memory is filled with bytes
+ *   of value zero."
+ *
+ * Is required for OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE.
+ *
+ * @param[in] aNum   The number of blocks to allocate
+ * @param[in] aSize  The size of each block to allocate
+ *
+ * @retval void*  The pointer to the front of the memory allocated
+ * @retval NULL   Failed to allocate the memory requested.
+ */
+void *otPlatCryptoCAlloc(size_t aNum, size_t aSize);
+
+/**
+ * Frees memory that was dynamically allocated by otPlatCryptoCAlloc.
+ *
+ * Is required for OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE.
+ *
+ * @param[in] aPtr  A pointer the memory blocks to free. The pointer may be NULL.
+ */
+void otPlatCryptoFree(void *aPtr);
+
 /**
  * Initialize the HMAC operation.
  *

src/core/crypto/crypto_platform_mbedtls.cpp

@@ -47,6 +47,7 @@
 #include <openthread/instance.h>
 #include <openthread/platform/crypto.h>
 #include <openthread/platform/entropy.h>
+#include <openthread/platform/memory.h>
 #include <openthread/platform/time.h>
 
 #include "common/code_utils.hpp"
@@ -78,6 +79,11 @@ static constexpr uint16_t kEntropyMinThreshold = 16;
 #endif
 #endif
 
+#if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
+OT_TOOL_WEAK void *otPlatCryptoCAlloc(size_t aNum, size_t aSize) { return otPlatCAlloc(aNum, aSize); }
+OT_TOOL_WEAK void  otPlatCryptoFree(void *aPtr) { otPlatFree(aPtr); }
+#endif
+
 // AES  Implementation
 OT_TOOL_WEAK otError otPlatCryptoAesInit(otCryptoContext *aContext)
 {

src/core/crypto/crypto_platform_psa.cpp

@@ -40,6 +40,7 @@
 #include <openthread/instance.h>
 #include <openthread/platform/crypto.h>
 #include <openthread/platform/entropy.h>
+#include <openthread/platform/memory.h>
 
 #include "common/code_utils.hpp"
 #include "common/debug.hpp"
@@ -200,6 +201,11 @@ static otError extractPrivateKeyInfo(const uint8_t *aAsn1KeyPair,
     return error;
 }
 
+#if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
+OT_TOOL_WEAK void *otPlatCryptoCAlloc(size_t aNum, size_t aSize) { return otPlatCAlloc(aNum, aSize); }
+OT_TOOL_WEAK void  otPlatCryptoFree(void *aPtr) { otPlatFree(aPtr); }
+#endif
+
 OT_TOOL_WEAK otError otPlatCryptoImportKey(otCryptoKeyRef      *aKeyRef,
                                            otCryptoKeyType      aKeyType,
                                            otCryptoKeyAlgorithm aKeyAlgorithm,

src/core/crypto/mbedtls.cpp

@@ -57,9 +57,9 @@ MbedTls::MbedTls(void)
     // mbedTLS's debug level is almost the same as OpenThread's
     mbedtls_debug_set_threshold(OPENTHREAD_CONFIG_LOG_LEVEL);
 #endif
-#if OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT
+#if OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT && !OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
     mbedtls_platform_set_calloc_free(Heap::CAlloc, Heap::Free);
-#endif // OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT
+#endif // OPENTHREAD_CONFIG_ENABLE_BUILTIN_MBEDTLS_MANAGEMENT && !OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
 }
 
 Error MbedTls::MapError(int aMbedTlsError)

tests/unit/test_dns_client.cpp

@@ -135,6 +135,9 @@ void otPlatFree(void *aPtr)
 
     free(aPtr);
 }
+
+void *otPlatCryptoCAlloc(size_t aNum, size_t aSize) { return calloc(aNum, aSize); }
+void  otPlatCryptoFree(void *aPtr) { free(aPtr); }
 #endif
 
 #if OPENTHREAD_CONFIG_LOG_OUTPUT == OPENTHREAD_CONFIG_LOG_OUTPUT_PLATFORM_DEFINED
@@ -1609,11 +1612,6 @@ void TestDnsClient(void)
     SuccessOrQuit(otBorderRouterRegister(sInstance));
     AdvanceTime(1000);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

tests/unit/test_srp_server.cpp

@@ -131,6 +131,9 @@ void otPlatFree(void *aPtr)
 
     free(aPtr);
 }
+
+void *otPlatCryptoCAlloc(size_t aNum, size_t aSize) { return calloc(aNum, aSize); }
+void  otPlatCryptoFree(void *aPtr) { free(aPtr); }
 #endif
 
 #if OPENTHREAD_CONFIG_LOG_OUTPUT == OPENTHREAD_CONFIG_LOG_OUTPUT_PLATFORM_DEFINED
@@ -480,11 +483,6 @@ void TestSrpServerBase(void)
     srpServer->SetEnabled(false);
     AdvanceTime(100);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -597,11 +595,6 @@ void TestSrpServerReject(void)
     srpServer->SetEnabled(false);
     AdvanceTime(100);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -714,11 +707,6 @@ void TestSrpServerIgnore(void)
     srpServer->SetEnabled(false);
     AdvanceTime(100);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -835,11 +823,6 @@ void TestSrpServerClientRemove(bool aShouldRemoveKeyLease)
     srpServer->SetEnabled(false);
     AdvanceTime(100);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -1034,11 +1017,6 @@ void TestUpdateLeaseShortVariant(void)
     srpServer->SetEnabled(false);
     AdvanceTime(100);
 
-#if (OPENTHREAD_CONFIG_CRYPTO_LIB == OPENTHREAD_CONFIG_CRYPTO_LIB_PSA) && OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-    // On a first attempt, SRP Client generates the SRP Key which adds additional heap allocation.
-    heapAllocations += 1;
-#endif
-
     VerifyOrQuit(heapAllocations == sHeapAllocatedPtrs.GetLength());
 
     //- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

third_party/mbedtls/mbedtls-config.h

@@ -194,8 +194,8 @@
 #define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf
 
 #if OPENTHREAD_CONFIG_HEAP_EXTERNAL_ENABLE
-#define MBEDTLS_PLATFORM_STD_CALLOC      otPlatCAlloc /**< Default allocator to use, can be undefined */
-#define MBEDTLS_PLATFORM_STD_FREE        otPlatFree /**< Default free to use, can be undefined */
+#define MBEDTLS_PLATFORM_STD_CALLOC otPlatCryptoCAlloc /**< Default allocator to use, can be undefined */
+#define MBEDTLS_PLATFORM_STD_FREE   otPlatCryptoFree   /**< Default free to use, can be undefined */
 #else
 #define MBEDTLS_MEMORY_BUFFER_ALLOC_C
 #endif