Arm-Examples
diff --git a/‎.doc/README.md‎
Lines changed: 6 additions & 4 deletions b/‎.doc/README.md‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎.github/workflows/AWS_MQTT-ci.yml‎
Lines changed: 19 additions & 14 deletions b/‎.github/workflows/AWS_MQTT-ci.yml‎
Lines changed: 19 additions & 14 deletions
diff --git a/‎Demo.cproject.yml‎
Lines changed: 31 additions & 85 deletions b/‎Demo.cproject.yml‎
Lines changed: 31 additions & 85 deletions
diff --git a/‎Demo.csolution.yml‎
Lines changed: 14 additions & 15 deletions b/‎Demo.csolution.yml‎
Lines changed: 14 additions & 15 deletions
diff --git a/‎FreeRTOS-Plus/Demo/Config/app_crypto_config.h‎
Lines changed: 61 additions & 0 deletions b/‎FreeRTOS-Plus/Demo/Config/app_crypto_config.h‎
Lines changed: 61 additions & 0 deletions
@@ -9,10 +9,11 @@ actions but are otherwise not accessible. The following GitHub Secrets need to b
 
 GitHub Secret                  | Enables *AWS IoT Thing* Connection
 :------------------------------|:---------------------------------------
+`IOT_THING_NAME`               | Client (device) name
+`MQTT_BROKER_ENDPOINT`         | MQTT broker host name
+`ROOT_CA_PEM`                  | Server (host) root CA certificate
 `CLIENT_CERTIFICATE_PEM`       | Client (device) certificate
 `CLIENT_PRIVATE_KEY_PEM`       | Client (device) private key
-`IOT_THING_NAME`               | Client  (device) name
-`MQTT_BROKER_ENDPOINT`         | MQTT broker host name
 
 ## Format of GitHub Secrets
 
@@ -22,6 +23,7 @@ GitHub Secret name             | Original or issued format           | Github Se
 :------------------------------|:------------------------------------|:---------------------------------------
 `IOT_THING_NAME`               | Single line string without quotes   | Single line string without quotes i.e.  `myIoT_thing_name`
 `MQTT_BROKER_ENDPOINT`         | Single line string without quotes   | Single line string without quotes i.e.  `random-string.abcd.xyz.amazonaws.com`
+`ROOT_CA_PEM`                  | Multiline string. See **F1**.       | Single line string with double quotes and additional new-lines. See **F2**.
 `CLIENT_CERTIFICATE_PEM`       | Multiline string. See **F1**.       | Single line string with double quotes and additional new-lines. See **F2**.
 `CLIENT_PRIVATE_KEY_PEM`       | Multiline string. See **F3**.       | Single line string with double quotes and additional new-lines. See **F4**.
 
@@ -38,7 +40,7 @@ GitHub Secret name             | Original or issued format           | Github Se
 **F2**: The expected Certificate format must be a double-quoted singleline string. i.e.
 
 ```txt
-"-----BEGIN CERTIFICATE-----\n\::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::==\n-----END CERTIFICATE-----\n"
+"-----BEGIN CERTIFICATE-----\n::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::==\n-----END CERTIFICATE-----\n"
 ```
 
 **F3**: The issued Private Key format is a multiline string like:
@@ -53,5 +55,5 @@ GitHub Secret name             | Original or issued format           | Github Se
 **F4**: The expected Private Key format must be a double-quoted singleline string. i.e.
 
 ```txt
-"-----BEGIN RSA PRIVATE KEY-----\n\::::::::::::::::::::::::::::::::::::::::::::::\n-----END RSA PRIVATE KEY-----\n"
+"-----BEGIN RSA PRIVATE KEY-----\n::::::::::::::::::::::::::::::::::::::::::::::\n-----END RSA PRIVATE KEY-----\n"
 ```
@@ -43,26 +43,31 @@ jobs:
       - name: Configure AWS IoT Thing Credentials
         env:
           # Get the secrets from the Github
-          MQTT_BROKER_ENDPOINT: ${{ secrets.MQTT_BROKER_ENDPOINT }}
           IOT_THING_NAME: ${{ secrets.IOT_THING_NAME }}
+          MQTT_BROKER_ENDPOINT: ${{ secrets.MQTT_BROKER_ENDPOINT }}
+          ROOT_CA_PEM: ${{ secrets.ROOT_CA_PEM }}
           CLIENT_CERTIFICATE_PEM: ${{ secrets.CLIENT_CERTIFICATE_PEM }}
           CLIENT_PRIVATE_KEY_PEM: ${{ secrets.CLIENT_PRIVATE_KEY_PEM }}
 
         run: |
-          pushd amazon-freertos/demos/include/
-          # Add the Client-Certificate Client-Private-Key in aws_clientcredential_keys.h
-          cp aws_clientcredential_keys.h aws_clientcredential_keys.h.in
-          sed -i 's|\(#define keyCLIENT_CERTIFICATE_PEM \).*NULL|\1 ${CLIENT_CERTIFICATE_PEM}|' aws_clientcredential_keys.h.in
-          sed -i 's|\(#define keyCLIENT_PRIVATE_KEY_PEM \).*NULL|\1 ${CLIENT_PRIVATE_KEY_PEM}|' aws_clientcredential_keys.h.in
-          envsubst < aws_clientcredential_keys.h.in > aws_clientcredential_keys.h
+          DEMO_CONFIG="FreeRTOS-Plus/Demo/Config/demo_config.h"
+
+          cp "$DEMO_CONFIG" "${DEMO_CONFIG}.in"
+
+          # Activate the define by replacing the placeholder with the actual value.
+          activate_define() {
+            local define_name="$1"
+            local define_value="$2"
+            sed -i "/^[[:space:]]*\* #define ${define_name}/{N;s|^[[:space:]]*\* #define .*\n[[:space:]]*\*/| */\n#define ${define_name} ${define_value}|;}" "${DEMO_CONFIG}.in"
+          }
 
-          # Add the Client-Credentials in aws_clientcredential.h
-          cp aws_clientcredential.h aws_clientcredential.h.in
-          sed -i 's|\(#define clientcredentialMQTT_BROKER_ENDPOINT \).*""|\1 "${MQTT_BROKER_ENDPOINT}"|' aws_clientcredential.h.in
-          sed -i 's|\(#define clientcredentialIOT_THING_NAME \).*""|\1 "${IOT_THING_NAME}"|' aws_clientcredential.h.in
-          envsubst < aws_clientcredential.h.in > aws_clientcredential.h
+          activate_define democonfigCLIENT_IDENTIFIER '"${IOT_THING_NAME}"'
+          activate_define democonfigMQTT_BROKER_ENDPOINT '"${MQTT_BROKER_ENDPOINT}"'
+          activate_define democonfigROOT_CA_PEM '${ROOT_CA_PEM}'
+          activate_define democonfigCLIENT_CERTIFICATE_PEM '${CLIENT_CERTIFICATE_PEM}'
+          activate_define democonfigCLIENT_PRIVATE_KEY_PEM '${CLIENT_PRIVATE_KEY_PEM}'
 
-          popd
+          envsubst < "${DEMO_CONFIG}.in" > "$DEMO_CONFIG"
 
       # Build the executable
       - name: Build executable
@@ -91,7 +96,7 @@ jobs:
       - name: Analyze results
         run: |
          echo "Checking if a MQTT packet has been received"
-         if [ "$(grep -c "\[iot_thread\] \[INFO\] De-serialized incoming PUBLISH packet: DeserializerResult=MQTTSuccess." ./out/Demo/AWS_MQTT_Demo.log)" -eq 0 ]
+         if [ "$(grep -c "Incoming Publish Message : Hello World!" ./out/Demo/AWS_MQTT_Demo.log)" -eq 0 ]
          then 
                  exit 1
          else 
 
@@ -1,16 +1,10 @@
 project:
   packs:
     - pack: ARM::CMSIS@^6.1.0
-    - pack: ARM::CMSIS-FreeRTOS@^11.1.0
-    - pack: ARM::CMSIS-Compiler@^2.1.0
-    - pack: ARM::CMSIS-View@^1.2.0
-    - pack: ARM::mbedTLS@1.7.0
-    - pack: AWS::backoffAlgorithm@^4.1.1
-    - pack: AWS::coreMQTT@^4.0.0
-    - pack: AWS::coreMQTT_Agent@^4.0.0
-    - pack: AWS::corePKCS11@^4.0.1
-    - pack: AWS::FreeRTOS-Plus-TCP@^5.0.0
-    - pack: Arm-Packs::PKCS11@^1.0.0
+    - pack: ARM::CMSIS-FreeRTOS@^11.2.0
+    - pack: ARM::mbedTLS@^4.0.0
+    - pack: AWS::backoffAlgorithm@^4.1.0
+    - pack: AWS::coreMQTT@^5.0.0
     - pack: MDK-Packs::IoT_Socket@^1.4.0
 
   connections:
@@ -23,21 +17,14 @@ project:
         - STDOUT
         - Heap: 65536
 
+  define:
+    - MBEDTLS_CONFIG_FILE: \"app_mbedtls_config.h\"
+    - TF_PSA_CRYPTO_CONFIG_FILE: \"app_crypto_config.h\"
+
   add-path:
-    - ./config_files
-    - ./amazon-freertos/demos/include
-    - ./amazon-freertos/demos/network_manager
-    - ./amazon-freertos/demos/common/pkcs11_helpers
-    - ./amazon-freertos/libraries/3rdparty/mbedtls_config
-    - ./amazon-freertos/libraries/logging/include
-    - ./amazon-freertos/libraries/abstractions/platform/include
-    - ./amazon-freertos/libraries/abstractions/platform/freertos/include
-    - ./amazon-freertos/libraries/abstractions/secure_sockets/include
-    - ./amazon-freertos/libraries/abstractions/transport/secure_sockets
-    - ./amazon-freertos/libraries/c_sdk/standard/common/include
-    - ./amazon-freertos/libraries/c_sdk/standard/common/include/private
-    - ./amazon-freertos/libraries/freertos_plus/standard/crypto/include
-    - ./amazon-freertos/libraries/freertos_plus/standard/tls/include
+    - FreeRTOS-Plus/Source/Utilities/logging
+    - FreeRTOS-Plus/Source/Application-Protocols/network_transport
+    - FreeRTOS-Plus/Source/Application-Protocols/network_transport/tcp_sockets_wrapper/include
 
   components:
     - component: ARM::CMSIS:OS Tick:SysTick
@@ -46,81 +33,34 @@ project:
     - component: ARM::RTOS&FreeRTOS:Config&CMSIS RTOS2
     - component: ARM::RTOS&FreeRTOS:Core&Cortex-M
     - component: ARM::RTOS&FreeRTOS:Event Groups
-    - component: ARM::RTOS&FreeRTOS:Heap&Heap_5
+    - component: ARM::RTOS&FreeRTOS:Heap&Heap_4
     - component: ARM::RTOS&FreeRTOS:Stream Buffer
     - component: ARM::RTOS&FreeRTOS:Timers
 
     - component: ARM::Security:mbed TLS
-      define:
-        - MBEDTLS_CONFIG_FILE: \"aws_mbedtls_config.h\"
 
     - component: AWS::FreeRTOS:backoffAlgorithm
     - component: AWS::FreeRTOS:coreMQTT
-    - component: AWS::FreeRTOS:coreMQTT Agent
-
-    - component: AWS::FreeRTOS:corePKCS11:Core Library
-    - component: AWS::FreeRTOS:corePKCS11:Portable Abstraction Layer&Custom
-    - component: AWS::FreeRTOS:corePKCS11:Utilities
-    - component: AWS::Security:PKCS11:corePKCS11
-      define:
-        - MBEDTLS_CONFIG_FILE: \"aws_mbedtls_config.h\"
 
   groups:
     - group: Documentation
       files:
-        - file: ./README.md
-    - group: main
-      files:
-        - file: ./app_main.c
-    - group: config_files
+        - file: README.md
+    - group: Main
       files:
-        - file: ./config_files/aws_demo_config.h
-        - file: ./config_files/aws_iot_network_config.h
-        - file: ./config_files/aws_mbedtls_config.h
-        - file: ./config_files/core_mqtt_config.h
-        - file: ./config_files/core_pkcs11_config.h
-        - file: ./config_files/iot_config.h
-        - file: ./config_files/iot_secure_sockets_config.h
-        - file: ./config_files/mqtt_demo_mutual_auth_config.h
-    - group: demos_include
+        - file: FreeRTOS-Plus/Demo/app_main.c
+        - file: FreeRTOS-Plus/Demo/MutualAuthMQTTExample.c
+    - group: Config
       files:
-        - file: ./amazon-freertos/demos/include/aws_clientcredential.h
-        - file: ./amazon-freertos/demos/include/aws_clientcredential_keys.h
-        - file: ./amazon-freertos/demos/include/aws_demo.h
-        - file: ./amazon-freertos/demos/include/aws_iot_metrics.h
-        - file: ./amazon-freertos/demos/include/iot_config_common.h
-        - file: ./amazon-freertos/demos/include/iot_demo_logging.h
-        - file: ./amazon-freertos/demos/include/iot_demo_runner.h
-    - group: demos
+        - file: FreeRTOS-Plus/Demo/Config/demo_config.h
+        - file: FreeRTOS-Plus/Demo/Config/core_mqtt_config.h
+        - file: FreeRTOS-Plus/Demo/Config/app_mbedtls_config.h
+        - file: FreeRTOS-Plus/Demo/Config/app_crypto_config.h
+    - group: Network Transport
       files:
-        - file: ./amazon-freertos/demos/demo_runner/iot_demo_runner.c
-        - file: ./amazon-freertos/demos/demo_runner/iot_demo_freertos.c
-        - file: ./amazon-freertos/demos/coreMQTT/mqtt_demo_mutual_auth.c
-        - file: ./amazon-freertos/demos/network_manager/aws_iot_network_manager.c
-        - file: ./amazon-freertos/demos/common/pkcs11_helpers/pkcs11_helpers.c
-    - group: libraries
-      define:
-        - MBEDTLS_CONFIG_FILE: \"aws_mbedtls_config.h\"
-      files:
-        - file: ./amazon-freertos/libraries/c_sdk/standard/common/iot_device_metrics.c
-        - file: ./amazon-freertos/libraries/c_sdk/standard/common/iot_init.c
-        - file: ./amazon-freertos/libraries/c_sdk/standard/common/iot_static_memory_common.c
-        - file: ./amazon-freertos/libraries/c_sdk/standard/common/taskpool/iot_taskpool.c
-        - file: ./amazon-freertos/libraries/c_sdk/standard/common/taskpool/iot_taskpool_static_memory.c
-        - file: ./amazon-freertos/libraries/abstractions/platform/freertos/iot_threads_freertos.c
-        - file: ./amazon-freertos/libraries/abstractions/platform/freertos/iot_clock_freertos.c
-        - file: ./amazon-freertos/libraries/abstractions/secure_sockets/iot_socket/iot_secure_sockets.c
-        - file: ./amazon-freertos/libraries/abstractions/transport/secure_sockets/transport_secure_sockets.c
-        - file: ./amazon-freertos/libraries/freertos_plus/standard/crypto/src/iot_crypto.c
-        - file: ./amazon-freertos/libraries/freertos_plus/standard/tls/src/iot_tls.c
-        - file: ./amazon-freertos/libraries/logging/iot_logging.c
-        - file: ./amazon-freertos/libraries/logging/iot_logging_task_dynamic_buffers.c
-    - group: ports
-      files:
-        - file: ./amazon-freertos/ports/pkcs11/core_pkcs11_pal.c
-        - file: ./amazon-freertos/ports/mbedtls/entropy_poll_hw.c
-          define:
-            - MBEDTLS_CONFIG_FILE: \"aws_mbedtls_config.h\"
+        - file: FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls.c
+        - file: FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_bio_tcp_sockets_wrapper.c
+        - file: FreeRTOS-Plus/Source/Application-Protocols/network_transport/tcp_sockets_wrapper/ports/iot_socket/tcp_sockets_wrapper.c
 
   layers:
     - layer: $Shield-Layer$
@@ -131,3 +71,9 @@ project:
 
     - layer: $Board-Layer$
       type: Board
+
+  output:
+    type:
+      - elf
+      - hex
+      - map
@@ -1,6 +1,6 @@
 solution:
   description: AWS Cloud Connector Example
-  created-for: CMSIS-Toolbox@2.6.0
+  created-for: CMSIS-Toolbox@2.13.0
   cdefault:
 
   select-compiler:
@@ -11,10 +11,10 @@ solution:
 
   packs:
     - pack: ARM::V2M_MPS3_SSE_300_BSP@1.5.0
-# Add BSP pack to use a physical board
-#   - pack: <BSP or DFP>.pack
-# Add pack with shield layers to support Arduino WiFi Shields
-#   - pack: ARM::CMSIS-Driver@2.10.0
+  # Add BSP pack to use a physical board
+  #   - pack: <BSP or DFP>.pack
+  # Add pack with shield layers to support Arduino WiFi Shields
+  #   - pack: ARM::CMSIS-Driver@2.10.0
 
   build-types:
     - type: Debug
@@ -25,21 +25,20 @@ solution:
       optimize: balanced
 
   target-types:
-# This target is a AVH-FVP simulation model that does not require hardware
+    # This target is a AVH-FVP simulation model that does not require hardware
     - type: AVH
       board: ARM::V2M-MPS3-SSE-300-FVP
       variables:
         - Board-Layer: $SolutionDir()$/Board/AVH_MPS3_Corstone-300/Board.clayer.yml
         - Shield-Layer: ""
         - Socket-Layer: $SolutionDir()$/Socket/VSocket/Socket.clayer.yml
-
-# Add a target hardware to use the example on physical hardware 
-  # - type: MyBoard
-    # board: <board name>
-    # variables:
-    #   - Board-Layer: ""
-    #   - Shield-Layer: ""
-    #   - Socket-Layer: ""
+    # Add a target hardware to use the example on physical hardware 
+    # - type: MyBoard
+    #   board: <board name>
+    #   variables:
+    #     - Board-Layer: ""
+    #     - Shield-Layer: ""
+    #     - Socket-Layer: ""
 
   projects:
-    - project: ./Demo.cproject.yml
+    - project: Demo.cproject.yml
@@ -0,0 +1,61 @@
+/**
+ * PSA crypto configuration template
+ */
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#define TF_PSA_CRYPTO_CONFIG_VERSION 0x01000000
+
+/* Cryptographic mechanism selection (PSA API) */ 
+#define PSA_WANT_ALG_ECDH                       1
+#define PSA_WANT_ALG_ECDSA                      1
+#define PSA_WANT_ALG_GCM                        1
+#define PSA_WANT_ALG_HMAC                       1
+#define PSA_WANT_ALG_RSA_OAEP                   1
+#define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1
+#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN          1
+#define PSA_WANT_ALG_RSA_PSS                    1
+#define PSA_WANT_ALG_SHA_1                      1
+#define PSA_WANT_ALG_SHA_256                    1
+#define PSA_WANT_ALG_TLS12_PRF                  1
+#define PSA_WANT_ECC_SECP_R1_256                1
+#define PSA_WANT_KEY_TYPE_HMAC                  1
+#define PSA_WANT_KEY_TYPE_AES                   1
+#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY        1
+#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY        1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC    1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT   1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT   1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1
+#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE   1
+#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC    1
+#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT   1
+#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT   1
+
+/* Platform abstraction layer */
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_SELF_TEST
+
+/* Cryptographic mechanism selection (extended API) */
+#define MBEDTLS_MD_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+#define MBEDTLS_PK_PARSE_EC_COMPRESSED
+
+/* Data format support */
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_PEM_PARSE_C
+
+/* PSA core */
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_PSA_DRIVER_GET_ENTROPY
+
+/* Builtin drivers */
+#define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_ECP_NIST_OPTIM