Merge remote-tracking branch 'upstream/mbed-os-5.15' into feature-wisun

* upstream/mbed-os-5.15: (45 commits)
  Revert "Backport ARMmbed#12603: Add CYSBSYSKIT_01"
  Update STM32 EMAC driver based on review
  Update STM32 EMAC driver - limit RX frame length
  WHD: Remove an assert from get_rssi()
  crypto: Use updated ECC curve macros
  crypto: Update the service for Mbed Crypto 3.x
  crypto: Upgrade to Mbed Crypto 3.1.0
  tls: Upgrade to Mbed TLS 2.20.0
  Backport ARMmbed#12701: Custom BT Firmware for CYW9P62S1_43012EVB_01
  Backport ARMmbed#12603: Add CYSBSYSKIT_01
  Backport ARMmbed#12492: Update psoc6cm0p to version 1.1.1.
  Backport ARMmbed#12422: Cypress Asset Update
  Backport ARMmbed#12421: Cypress target reorganization
  Backport ARMmbed#12394: Fix Cypress 1M SDIO + other minor bugs
  Backport ARMmbed#12097: Cypress: Fix IAR Warnings
  Backport ARMmbed#12052: Fix for ARM issue 11859.
  Backport ARMmbed#12038: Remove qspi_frequency() call.
  Backport ARMmbed#12019: rework cypress lptimer hal
  Cellular: ALT1250 PPP cellular driver for mbed-os 5.15
  RZ_A1H and GR_LYCHEE: Enable bootloader support (Mbed OS 5.15)
  ...

Author: Arto Kinnunen

TESTS/mbed-crypto/sanity/main.cpp

@@ -262,13 +262,13 @@ void test_crypto_asymmetric_sign_verify(void)
     psa_set_key_algorithm(&attributes, alg);
     psa_set_key_type(&attributes, key_type);
     TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_import_key(&attributes, key, sizeof(key), &key_handle));
-    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_asymmetric_sign(key_handle, alg, input, sizeof(input),
-                                                       signature, sizeof(signature), &signature_len));
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_sign_hash(key_handle, alg, input, sizeof(input),
+                                                 signature, sizeof(signature), &signature_len));
     TEST_ASSERT_EQUAL(sizeof(signature), signature_len);
     TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_signature, signature, signature_len);
 
-    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_asymmetric_verify(key_handle, alg, input, sizeof(input),
-                                                         signature, signature_len));
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_verify_hash(key_handle, alg, input, sizeof(input),
+                                                   signature, signature_len));
     TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_destroy_key(key_handle));
 }
 

TESTS/mbed_hal_fpga_ci_test_shield/uart/main.cpp

@@ -133,6 +133,9 @@ static void uart_test_common(int baudrate, int data_bits, SerialParity parity, i
             serial_set_flow_control_direct(&serial, FlowControlRTSCTS, &pinmap);
 #else
             //skip this test case if static pinmap is not supported
+            // Cleanup uart to be able execute next test case
+            serial_free(&serial);
+            tester.reset();
             return;
 #endif
         } else {

TESTS/mbedtls/multi/main.cpp

@@ -33,7 +33,7 @@
 using namespace utest::v1;
 
 #if defined(MBEDTLS_SHA256_C)
-/* Tests several call to mbedtls_sha256_update function that are not modulo 64 bytes */
+/* Tests several call to mbedtls_sha256_update_ret function that are not modulo 64 bytes */
 void test_case_sha256_split()
 {
     const unsigned char test_buf[] = {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"};
@@ -50,18 +50,18 @@ void test_case_sha256_split()
     mbedtls_sha256_context ctx;
     printf("test sha256\n");
     mbedtls_sha256_init(&ctx);
-    mbedtls_sha256_starts(&ctx, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx, 0);
 #if 0
     printf("test not splitted\n");
-    mbedtls_sha256_update(&ctx, test_buf, 168);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf, 168);
 #else
     printf("test splitted into 3 pieces\n");
-    mbedtls_sha256_update(&ctx, test_buf, 2);
-    mbedtls_sha256_update(&ctx, test_buf + 2, 66);
-    mbedtls_sha256_update(&ctx, test_buf + 68, 100);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf, 2);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf + 2, 66);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf + 68, 100);
 #endif
 
-    mbedtls_sha256_finish(&ctx, outsum);
+    (void)mbedtls_sha256_finish_ret(&ctx, outsum);
     mbedtls_sha256_free(&ctx);
 
     printf("\nreceived result : ");
@@ -113,29 +113,29 @@ void test_case_sha256_multi()
     mbedtls_sha256_init(&ctx2);
     mbedtls_sha256_init(&ctx3);
     //Start both contexts
-    mbedtls_sha256_starts(&ctx1, 0);
-    mbedtls_sha256_starts(&ctx2, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx1, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx2, 0);
 
     printf("upd ctx1\n");
-    mbedtls_sha256_update(&ctx1, test_buf, 56);
+    (void)mbedtls_sha256_update_ret(&ctx1, test_buf, 56);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf, 66);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf, 66);
     printf("finish ctx1\n");
-    mbedtls_sha256_finish(&ctx1, outsum1);
+    (void)mbedtls_sha256_finish_ret(&ctx1, outsum1);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf + 66, 46);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 66, 46);
     printf("clone ctx2 in ctx3\n");
     mbedtls_sha256_clone(&ctx3, (const mbedtls_sha256_context *)&ctx2);
     printf("free ctx1\n");
     mbedtls_sha256_free(&ctx1);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf + 112, 56);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 112, 56);
     printf("upd ctx3 with different values than ctx2\n");
-    mbedtls_sha256_update(&ctx3, test_buf2, 56);
+    (void)mbedtls_sha256_update_ret(&ctx3, test_buf2, 56);
     printf("finish ctx2\n");
-    mbedtls_sha256_finish(&ctx2, outsum2);
+    (void)mbedtls_sha256_finish_ret(&ctx2, outsum2);
     printf("finish ctx3\n");
-    mbedtls_sha256_finish(&ctx3, outsum3);
+    (void)mbedtls_sha256_finish_ret(&ctx3, outsum3);
     printf("free ctx2\n");
     mbedtls_sha256_free(&ctx2);
     printf("free ctx3\n");

TESTS/psa/attestation/main.cpp

@@ -98,7 +98,7 @@ static void check_initial_attestation_get_token()
     TEST_ASSERT_EQUAL(status, PSA_SUCCESS);
     status = psa_attestation_inject_key(private_key_data,
                                         sizeof(private_key_data),
-                                        PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1),
+                                        PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1),
                                         exported,
                                         sizeof(exported),
                                         &exported_length);

TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp

@@ -348,7 +348,7 @@ void test_use_other_partition_key_aead(void)
 void test_use_other_partition_key_asymmetric_sign_verify(void)
 {
     static const psa_key_id_t key_id = 999;
-    static const psa_key_type_t key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP256R1);
+    static const psa_key_type_t key_type = PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_CURVE_SECP_R1);
     static const psa_algorithm_t key_alg = PSA_ALG_ECDSA(PSA_ALG_SHA_256);
     static const psa_key_usage_t key_usage = PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY;
     static const size_t key_bits = 256;
@@ -373,12 +373,12 @@ void test_use_other_partition_key_asymmetric_sign_verify(void)
     TEST_ASSERT_NOT_EQUAL(0, key_handle);
 
     /* try to asymmetric sign using the key that was created by the test partition */
-    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_sign(key_handle, key_alg, input, sizeof(input),
-                                                                    signature, sizeof(signature), &len));
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_sign_hash(key_handle, key_alg, input, sizeof(input),
+                                                              signature, sizeof(signature), &len));
 
     /* try to asymmetric verify using the key that was created by the test partition */
-    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_verify(key_handle, key_alg, input, sizeof(input),
-                                                                      signature, sizeof(signature)));
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_verify_hash(key_handle, key_alg, input, sizeof(input),
+                                                                signature, sizeof(signature)));
 
     /* via test partition - destroy the key created by the test partition */
     TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle));

components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto.c

@@ -58,13 +58,13 @@ t_cose_crypto_pub_key_sign(int32_t cose_alg_id,
         return T_COSE_ERR_NO_KID;
     }
 
-    crypto_ret = psa_asymmetric_sign(handle,
-                                     PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
-                                     hash_to_sign.ptr,
-                                     hash_to_sign.len,
-                                     signature_buffer.ptr,
-                                     signature_buffer.len,
-                                     &(signature->len));
+    crypto_ret = psa_sign_hash(handle,
+                               PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+                               hash_to_sign.ptr,
+                               hash_to_sign.len,
+                               signature_buffer.ptr,
+                               signature_buffer.len,
+                               &(signature->len));
 
 
     if (crypto_ret != PSA_SUCCESS)

components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto_keys.c

@@ -48,21 +48,12 @@ static psa_status_t get_curve(psa_key_type_t type, enum ecc_curve_t *curve_type)
 {
     psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE(type);
     switch (curve) {
-        case PSA_ECC_CURVE_SECP256R1:
+        case PSA_ECC_CURVE_SECP_R1:
             *curve_type = P_256;
             break;
-        case PSA_ECC_CURVE_SECP384R1:
-            *curve_type = P_384;
-            break;
-        case PSA_ECC_CURVE_SECP521R1:
-            *curve_type = P_521;
-            break;
-        case PSA_ECC_CURVE_CURVE25519:
+        case PSA_ECC_CURVE_MONTGOMERY:
             *curve_type = X25519;
             break;
-        case PSA_ECC_CURVE_CURVE448:
-            *curve_type = X448;
-            break;
         default:
             return (PSA_ERROR_NOT_SUPPORTED);
     }

components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/tfm_impl/attestation_core.c

@@ -942,7 +942,7 @@ attest_create_token(struct useful_buf_c *challenge,
 
 /* Limitations of the current implementation:
  *  - Token is not signed yet properly, just a fake signature is added to the
- *    token due to lack of psa_asymmetric_sign() implementation in crypto
+ *    token due to lack of psa_sign_hash() implementation in crypto
  *    service.
  */
 enum psa_attest_err_t

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h

@@ -87,8 +87,8 @@ typedef enum psa_sec_function_s {
     PSA_AEAD_FINISH,
     PSA_AEAD_VERIFY,
     PSA_AEAD_ABORT,
-    PSA_ASYMMETRIC_SIGN,
-    PSA_ASYMMETRIC_VERIFY,
+    PSA_SIGN_HASH,
+    PSA_VERIFY_HASH,
     PSA_ASYMMETRIC_ENCRYPT,
     PSA_ASYMMETRIC_DECRYPT,
     PSA_KEY_DERIVATION_SETUP,

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c

@@ -1216,16 +1216,16 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
     return ipc_call(&operation->handle, &in_vec, 1, NULL, 0, true);
 }
 
-psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
-                                 psa_algorithm_t alg,
-                                 const uint8_t *hash,
-                                 size_t hash_length,
-                                 uint8_t *signature,
-                                 size_t signature_size,
-                                 size_t *signature_length)
+psa_status_t psa_sign_hash(psa_key_handle_t handle,
+                           psa_algorithm_t alg,
+                           const uint8_t *hash,
+                           size_t hash_length,
+                           uint8_t *signature,
+                           size_t signature_size,
+                           size_t *signature_length)
 {
     psa_crypto_ipc_asymmetric_t psa_crypto_ipc = {
-        .func           = PSA_ASYMMETRIC_SIGN,
+        .func           = PSA_SIGN_HASH,
         .handle         = handle,
         .alg            = alg,
         .input_length   = 0,
@@ -1246,15 +1246,15 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
     return (status);
 }
 
-psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
-                                   psa_algorithm_t alg,
-                                   const uint8_t *hash,
-                                   size_t hash_length,
-                                   const uint8_t *signature,
-                                   size_t signature_size)
+psa_status_t psa_verify_hash(psa_key_handle_t handle,
+                             psa_algorithm_t alg,
+                             const uint8_t *hash,
+                             size_t hash_length,
+                             const uint8_t *signature,
+                             size_t signature_size)
 {
     psa_crypto_ipc_asymmetric_t psa_crypto_ipc = {
-        .func           = PSA_ASYMMETRIC_VERIFY,
+        .func           = PSA_VERIFY_HASH,
         .handle         = handle,
         .alg            = alg,
         .input_length   = 0,