Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

BLE_GAP_SEC_STATUS_DHKEY_FAILURE when using size optimization on gcc

Hi,

after migrating from SDK12.2 to SDK14.2 we encountered a problem with GAP Security.

When setting optimization to -Os, the program fails with BLE_GAP_EVT_AUTH_STATUS returning 0x8B (BLE_GAP_SEC_STATUS_DHKEY_FAILURE).

When using -O2 (or lower) which should be mostly the same as -Os except the size optimizations it works without error.

Since the micro-ecc/nrf52_armgcc folder no longer existed in SDK 14 we used nrf52nf_armgcc instead. We already noticed a difference between those versions.

While we were able to use the same generated ecc-lib on different systems with SDK 12, we now need to build it anew on each system. Maybe there is something else we need to consider after this change.

We are currently using GCC version 5.3.1 20160413

Thanks and best regards,

Niclas

Parents
  • Hi Niclas,

     

    It was necessary to add a softFP target of micro-ecc due to adding nRF52810, which has no hardFP, to the SDK.  

    nrf52nf_armgcc is compiled with softFP, with flag -mfloat-abi=soft. If your firmware is running on nRF52832, with HardFP, you should try the nrf52hf_armgcc target.

    Q1: Is this failure behavior consistent, or "just once in a while"?

    Q2: Just to confirm: the peer_manager (and linked modules, like security manager etc) are taken from SDK 14 untouched?

     

    Best regards,

    Håkon

  • Hi Håkon,

    as i recall it, we had some problems with the HardFP.

    A1: Yes it happens every time

    A2: Yes they are untouched

    Best regards,

    Niclas

Reply Children
  • Hi Niclas,

     

    I tried to reproduce this with SDK v14.2 example ble_app_multirole_lesc, but I was unfortunately not able to. Here's my edited Makefile (rest of the example is as-is in v14.2):

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    PROJECT_NAME := ble_app_multirole_lesc_pca10040_s132
    TARGETS := nrf52832_xxaa
    OUTPUT_DIRECTORY := _build
    SDK_ROOT := ../../../../../../..
    PROJ_DIR := ../../..
    $(OUTPUT_DIRECTORY)/nrf52832_xxaa.out: \
    LINKER_SCRIPT := ble_app_multirole_lesc_gcc_nrf52.ld
    # Source files common to all targets
    SRC_FILES += \
    $(SDK_ROOT)/components/libraries/bsp/bsp.c \
    $(SDK_ROOT)/components/libraries/bsp/bsp_btn_ble.c \
    $(SDK_ROOT)/components/libraries/bsp/bsp_nfc.c \
    $(SDK_ROOT)/components/libraries/experimental_log/src/nrf_log_backend_rtt.c \
    $(SDK_ROOT)/components/libraries/experimental_log/src/nrf_log_backend_serial.c \
    $(SDK_ROOT)/components/libraries/experimental_log/src/nrf_log_backend_uart.c \
    $(SDK_ROOT)/components/libraries/experimental_log/src/nrf_log_default_backends.c \
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    Note that the above example requires that you press button_1 after pairing (see main.c::num_comp_reply() for more info on this).

    Does the same issue occur if you use HardFP, or is this only present on SoftFP?

    No other assertions, or HardFault occurring, only this event "BLE_GAP_SEC_STATUS_DHKEY_FAILURE"?

     

    Best regards,

    Håkon