ARMmbed · 0xc0170 · Sep 30, 2021 · Sep 23, 2021 · Sep 23, 2021 · Sep 23, 2021
diff --git a/components/802.15.4_RF/stm-s2lp-rf-driver/source/NanostackRfPhys2lp.cpp b/components/802.15.4_RF/stm-s2lp-rf-driver/source/NanostackRfPhys2lp.cpp
@@ -134,10 +134,15 @@ class RFPins {
     UnlockedSPI spi;
     DigitalOut CS;
     DigitalOut SDN;
+#if INTERRUPT_GPIO == S2LP_GPIO0
     InterruptIn RF_S2LP_GPIO0;
+#elif INTERRUPT_GPIO == S2LP_GPIO1
     InterruptIn RF_S2LP_GPIO1;
+#elif INTERRUPT_GPIO == S2LP_GPIO2
     InterruptIn RF_S2LP_GPIO2;
+#else
     InterruptIn RF_S2LP_GPIO3;
+#endif
     Timeout cca_timer;
     Timeout backup_timer;
     Timer tx_timer;
@@ -153,10 +158,15 @@ RFPins::RFPins(PinName spi_sdi, PinName spi_sdo,
     :   spi(spi_sdi, spi_sdo, spi_sclk),
         CS(spi_cs),
         SDN(spi_sdn),
+#if INTERRUPT_GPIO == S2LP_GPIO0
         RF_S2LP_GPIO0(spi_gpio0),
+#elif INTERRUPT_GPIO == S2LP_GPIO1
         RF_S2LP_GPIO1(spi_gpio1),
+#elif INTERRUPT_GPIO == S2LP_GPIO2
         RF_S2LP_GPIO2(spi_gpio2),
+#else
         RF_S2LP_GPIO3(spi_gpio3),
+#endif
         irq_thread(osPriorityRealtime, 1024)
 {
     irq_thread.start(mbed::callback(this, &RFPins::rf_irq_task));

diff --git a/features/nanostack/coap-service/source/coap_security_handler.c b/features/nanostack/coap-service/source/coap_security_handler.c
@@ -23,12 +23,12 @@
 
 #ifdef COAP_SECURITY_AVAILABLE
 
+#include "mbedtls/version.h"
 #include "mbedtls/sha256.h"
 #include "mbedtls/error.h"
 #include "mbedtls/platform.h"
 #include "mbedtls/ssl_cookie.h"
 #include "mbedtls/entropy.h"
-#include "mbedtls/entropy_poll.h"
 #include "mbedtls/ctr_drbg.h"
 #include "mbedtls/hmac_drbg.h"
 #include "mbedtls/ssl_ciphersuites.h"
@@ -310,6 +310,7 @@ static int simple_cookie_check(void *ctx,
 
 /**** Key export function ****/
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#if (MBEDTLS_VERSION_MAJOR < 3)
 static int export_key_block(void *ctx,
                             const unsigned char *mk, const unsigned char *kb,
                             size_t maclen, size_t keylen, size_t ivlen)
@@ -330,6 +331,7 @@ static int export_key_block(void *ctx,
     return 0;
 }
 #endif
+#endif
 
 static int coap_security_handler_configure_keys(coap_security_t *sec, coap_security_keys_t keys, bool is_server)
 {
@@ -343,9 +345,15 @@ static int coap_security_handler_configure_keys(coap_security_t *sec, coap_secur
                 break;
             }
 
+#if (MBEDTLS_VERSION_MAJOR >= 3)
+            if (mbedtls_pk_parse_key(&sec->_pkey, keys._priv_key, keys._priv_key_len, NULL, 0, DRBG_RANDOM, &sec->_drbg) < 0) {
+                break;
+            }
+#else
             if (mbedtls_pk_parse_key(&sec->_pkey, keys._priv_key, keys._priv_key_len, NULL, 0) < 0) {
                 break;
             }
+#endif
 
             if (0 != mbedtls_ssl_conf_own_cert(&sec->_conf, &sec->_owncert, &sec->_pkey)) {
                 break;
@@ -378,10 +386,15 @@ static int coap_security_handler_configure_keys(coap_security_t *sec, coap_secur
             mbedtls_ssl_conf_ciphersuites(&sec->_conf, ECJPAKE_SUITES);
 #endif /* !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) */
 
+#if (MBEDTLS_VERSION_MAJOR >= 3)
+            tr_error("FATAL ERROR: support for mbedtls_ssl_set_export_keys_cb() not implemented");
+#else
             //NOTE: If thread starts supporting PSK in other modes, then this will be needed!
             mbedtls_ssl_conf_export_keys_cb(&sec->_conf,
                                             export_key_block,
                                             &sec->_keyblk);
+#endif
+
             ret = 0;
 #endif
             break;
@@ -512,9 +525,15 @@ int coap_security_handler_continue_connecting(coap_security_t *sec)
             return ret;
         }
 
+#if (MBEDTLS_VERSION_MAJOR >= 3)
+        if (sec->_ssl.private_state == MBEDTLS_SSL_HANDSHAKE_OVER) {
+            return 0;
+        }
+#else
         if (sec->_ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER) {
             return 0;
         }
+#endif
     }
 
     if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {

diff --git a/features/nanostack/coap-service/source/include/coap_security_handler.h b/features/nanostack/coap-service/source/include/coap_security_handler.h
@@ -20,12 +20,8 @@
 #include "ns_types.h"
 
 #ifdef NS_USE_EXTERNAL_MBED_TLS
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
 // cppcheck-suppress preprocessorErrorDirective
-#include MBEDTLS_CONFIG_FILE
-#endif
+#include "mbedtls/version.h"
 
 #if defined(MBEDTLS_SSL_TLS_C)
 #include "mbedtls/ssl.h"

diff --git a/...oap-service/test/coap-service/unittest/coap_security_handler/test_coap_security_handler.c b/...oap-service/test/coap-service/unittest/coap_security_handler/test_coap_security_handler.c
@@ -184,7 +184,7 @@ bool test_coap_security_handler_connect()
     }
 
     mbedtls_stub.counter = 0;
-    mbedtls_stub.retArray[5] = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+    mbedtls_stub.retArray[5] = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
 
     if (-1 != coap_security_handler_connect_non_blocking(handle, true, DTLS, keys, 0, 1)) {
         return false;
@@ -230,9 +230,9 @@ bool test_coap_security_handler_continue_connecting()
     }
 
     mbedtls_stub.counter = 0;
-    mbedtls_stub.retArray[0] = MBEDTLS_ERR_SSL_BAD_HS_FINISHED;
+    mbedtls_stub.retArray[0] = MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
 
-    if (MBEDTLS_ERR_SSL_BAD_HS_FINISHED != coap_security_handler_continue_connecting(handle)) {
+    if (MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL != coap_security_handler_continue_connecting(handle)) {
         return false;
     }
 

diff --git a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c
@@ -15,6 +15,7 @@
  * limitations under the License.
  */
 
+#include <string.h> // memset
 #include "mbedtls_stub.h"
 
 mbedtls_stub_def mbedtls_stub;
@@ -26,8 +27,11 @@ int mbedtls_ssl_handshake_step(mbedtls_ssl_context *ssl)
 
         if (mbedtls_stub.retArray[mbedtls_stub.counter] == HANDSHAKE_FINISHED_VALUE ||
                 mbedtls_stub.retArray[mbedtls_stub.counter] == HANDSHAKE_FINISHED_VALUE_RETURN_ZERO) {
-
+#if (MBEDTLS_VERSION_MAJOR >= 3)
+            ssl->private_state = MBEDTLS_SSL_HANDSHAKE_OVER;
+#else
             ssl->state = MBEDTLS_SSL_HANDSHAKE_OVER;
+#endif
             if (mbedtls_stub.retArray[mbedtls_stub.counter] == HANDSHAKE_FINISHED_VALUE_RETURN_ZERO) {
                 return 0;
             }
@@ -345,9 +349,16 @@ int mbedtls_entropy_add_source(mbedtls_entropy_context *a,
 }
 
 //From pk.h
+#if (MBEDTLS_VERSION_MAJOR >= 3)
+int mbedtls_pk_parse_key(mbedtls_pk_context *ctx,
+                         const unsigned char *b, size_t c,
+                         const unsigned char *d, size_t e,
+                         int (*f_rng)(void *, unsigned char *, size_t), void *p_rng)
+#else
 int mbedtls_pk_parse_key(mbedtls_pk_context *a,
                          const unsigned char *b, size_t c,
                          const unsigned char *d, size_t e)
+#endif
 {
     if (mbedtls_stub.useCounter) {
         return mbedtls_stub.retArray[mbedtls_stub.counter++];
@@ -395,6 +406,7 @@ void mbedtls_ssl_conf_dtls_cookies(mbedtls_ssl_config *conf,
     }
 }
 
+#if (MBEDTLS_VERSION_MAJOR < 3)
 void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf,
                                      mbedtls_ssl_export_keys_t *f_export_keys,
                                      void *p_export_keys)
@@ -407,6 +419,7 @@ void mbedtls_ssl_conf_export_keys_cb(mbedtls_ssl_config *conf,
         f_export_keys(p_export_keys, &value, "", 0, 20, 0); //success case
     }
 }
+#endif
 
 int mbedtls_ssl_session_reset(mbedtls_ssl_context *ssl)
 {

diff --git a/features/nanostack/sal-stack-nanostack/nanostack/mac_api.h b/features/nanostack/sal-stack-nanostack/nanostack/mac_api.h
@@ -129,10 +129,11 @@ typedef void mcps_data_request(const mac_api_t *api, const mcps_data_req_t *data
  * @param ie_ext Information element list to MCPS-DATA.request
  * @param asynch_channel_list Optional channel list to asynch data request. Give NULL when normal data request.
  * @param priority Data request priority level
+ * @param phy_mode_id Use mode switch if given phy_mode_id > 0
  *
  * Asynch data request is mac standard extension. asynch_channel_list include channel mask which channel message is requested to send.
  */
-typedef void mcps_data_request_ext(const mac_api_t *api, const mcps_data_req_t *data, const mcps_data_req_ie_list_t *ie_ext, const struct channel_list_s *asynch_channel_list, mac_data_priority_t priority);
+typedef void mcps_data_request_ext(const mac_api_t *api, const mcps_data_req_t *data, const mcps_data_req_ie_list_t *ie_ext, const struct channel_list_s *asynch_channel_list, mac_data_priority_t priority, uint8_t phy_mode_id);
 
 /**
  * @brief mcps_purge_request MCPS_PURGE request call
@@ -192,6 +193,16 @@ typedef void mcps_ack_data_req_ext(const mac_api_t *api, mcps_ack_data_payload_t
 typedef void mcps_edfe_handler(const mac_api_t *api, mcps_edfe_response_t *response_message);
 
 
+/**
+ * @brief mode_switch_resolver Callback to resolve configuration behind received PHY mode ID
+ * @param api The API which handled the response
+ * @param phy_mode_id PHY mode ID to be resolved
+ * @param rf_config Resolved configuration
+ * @return 0 in case of success, negative otherwise
+ */
+typedef int8_t mode_switch_resolver(const mac_api_t *api, uint8_t phy_mode_id, phy_rf_channel_configuration_s *rf_config);
+
+
 /**
  * @brief mcps_purge_confirm MCPS-PURGE confirm is called as a response to MCPS-PURGE request
  * @param api The API which handled the request
@@ -272,37 +283,49 @@ typedef int8_t mac_api_enable_mcps_ext(mac_api_t *api,
 typedef int8_t mac_api_enable_mcps_edfe_ext(mac_api_t *api,
                                             mcps_edfe_handler *edfe_ind_cb);
 
+/**
+ * @brief mac_api_mode_switch_resolver_ext Initialises mode switch resolver callback. Upper layer must configure function when mode switch is used.
+ * @param api mac_api_t pointer, which is created by application.
+ * @param mode_resolver_cb Upper layer function to resolve received PHY mode ID
+ * @param base_phy_mode Base PHY mode, device returns to this mode after mode switch transmission or reception
+ * @return -1 if error, 0 otherwise
+ */
+typedef int8_t mac_api_mode_switch_resolver_ext(mac_api_t *api,
+                                                mode_switch_resolver *mode_resolver_cb, uint8_t base_phy_mode);
+
 /**
  * \brief Struct mac_api_s defines functions for two-way communications between external MAC and Upper layer.
  * Application creates mac_api_t object by calling external MAC's creator function.
  * Then object is passed to Upper layer which then initializes it's own callback functions.
  * Then MAC is operated by Upper layer by calling MLME or MCPS primitive functions.
  */
 struct mac_api_s {
-    mac_api_initialize          *mac_initialize;                /**< MAC initialize function to use */
-    mac_api_enable_mcps_ext     *mac_mcps_extension_enable;     /**< MAC MCPS IE extension enable function, optional feature */
-    mac_api_enable_mcps_edfe_ext *mac_mcps_edfe_enable;         /**< MAC MCPS MCPS EDFE frame extension enable function, optional feature */
+    mac_api_initialize                  *mac_initialize;                /**< MAC initialize function to use */
+    mac_api_enable_mcps_ext             *mac_mcps_extension_enable;     /**< MAC MCPS IE extension enable function, optional feature */
+    mac_api_enable_mcps_edfe_ext        *mac_mcps_edfe_enable;          /**< MAC MCPS MCPS EDFE frame extension enable function, optional feature */
+    mac_api_mode_switch_resolver_ext    *mac_mode_switch_resolver_set;  /**< MAC Mode switch resolver function set, optional feature */
     //External MAC callbacks
-    mlme_request                *mlme_req;                      /**< MAC MLME request function to use */
-    mcps_data_request           *mcps_data_req;                 /**< MAC MCPS data request function to use */
-    mcps_data_request_ext       *mcps_data_req_ext;             /**< MAC MCPS data request with Information element extension function to use */
-    mcps_purge_request          *mcps_purge_req;                /**< MAC MCPS purge request function to use */
+    mlme_request                        *mlme_req;                      /**< MAC MLME request function to use */
+    mcps_data_request                   *mcps_data_req;                 /**< MAC MCPS data request function to use */
+    mcps_data_request_ext               *mcps_data_req_ext;             /**< MAC MCPS data request with Information element extension function to use */
+    mcps_purge_request                  *mcps_purge_req;                /**< MAC MCPS purge request function to use */
     //Upper layer callbacksMLME_ASSOCIATE
-    mcps_data_confirm           *data_conf_cb;                  /**< MAC MCPS data confirm callback function */
-    mcps_data_confirm_ext       *data_conf_ext_cb;              /**< MAC MCPS data confirm with payload callback function */
-    mcps_data_indication        *data_ind_cb;                   /**< MAC MCPS data indication callback function */
-    mcps_data_indication_ext    *data_ind_ext_cb;               /**< MAC MCPS data indication with IE extension's callback function */
-    mcps_edfe_handler           *edfe_ind_cb;                   /**< MAC MCPS EDFE detection extension's callback function */
-    mcps_ack_data_req_ext       *enhanced_ack_data_req_cb;      /**< Enhanced ACK IE element and payload request from MAC user */
-    mcps_purge_confirm          *purge_conf_cb;                 /**< MAC MCPS purge confirm callback function */
-    mlme_confirm                *mlme_conf_cb;                  /**< MAC MLME confirm callback function */
-    mlme_indication             *mlme_ind_cb;                   /**< MAC MLME indication callback function */
-    mac_ext_mac64_address_set   *mac64_set;                     /**< MAC extension function to set mac64 address */
-    mac_ext_mac64_address_get   *mac64_get;                     /**< MAC extension function to get mac64 address */
-    mac_storage_decription_sizes_get *mac_storage_sizes_get;    /**< Getter function to query data storage sizes from MAC */
-
-    int8_t                      parent_id;                      /**< Upper layer id */
-    uint16_t                    phyMTU;                         /**< Maximum Transmission Unit(MTU) used by MAC*/
+    mcps_data_confirm                   *data_conf_cb;                  /**< MAC MCPS data confirm callback function */
+    mcps_data_confirm_ext               *data_conf_ext_cb;              /**< MAC MCPS data confirm with payload callback function */
+    mcps_data_indication                *data_ind_cb;                   /**< MAC MCPS data indication callback function */
+    mcps_data_indication_ext            *data_ind_ext_cb;               /**< MAC MCPS data indication with IE extension's callback function */
+    mcps_edfe_handler                   *edfe_ind_cb;                   /**< MAC MCPS EDFE detection extension's callback function */
+    mode_switch_resolver                *mode_resolver_cb;              /**< MAC Mode switch resolver callback function */
+    mcps_ack_data_req_ext               *enhanced_ack_data_req_cb;      /**< Enhanced ACK IE element and payload request from MAC user */
+    mcps_purge_confirm                  *purge_conf_cb;                 /**< MAC MCPS purge confirm callback function */
+    mlme_confirm                        *mlme_conf_cb;                  /**< MAC MLME confirm callback function */
+    mlme_indication                     *mlme_ind_cb;                   /**< MAC MLME indication callback function */
+    mac_ext_mac64_address_set           *mac64_set;                     /**< MAC extension function to set mac64 address */
+    mac_ext_mac64_address_get           *mac64_get;                     /**< MAC extension function to get mac64 address */
+    mac_storage_decription_sizes_get    *mac_storage_sizes_get;         /**< Getter function to query data storage sizes from MAC */
+
+    int8_t                              parent_id;                      /**< Upper layer id */
+    uint16_t                            phyMTU;                         /**< Maximum Transmission Unit(MTU) used by MAC*/
 };
 
 /**

diff --git a/features/nanostack/sal-stack-nanostack/nanostack/net_ws_test.h b/features/nanostack/sal-stack-nanostack/nanostack/net_ws_test.h
@@ -39,6 +39,23 @@ extern "C" {
 
 #include "ns_types.h"
 
+/**
+ * \brief Set Wi-SUN version number
+ *
+ * Sets the Wi-SUN protocol version.
+ *      1 = Wi-SUN FAN 1.0
+ *      2 = Wi-SUN FAN 1.1
+ *
+ * Set version to 0 to stop override and use stack default
+ *
+ * \param interface_id               Network Interface
+ * \param version                    Wi-SUN version
+ *
+ * \return 0                         OK
+ * \return <0                        Failure
+ */
+
+int ws_test_version_set(int8_t interface_id, uint8_t version);
 /**
  * \brief Set Pan size.
  *