Return and propagate UECC_FAULT_DETECTED

This commit first changes the return convention of EccPoint_mult_safer() so
that it properly reports when faults are detected. Then all functions that
call it need to be changed to (1) follow the same return convention and (2)
properly propagate UECC_FAULT_DETECTED when it occurs.

Here's the reverse call graph from EccPoint_mult_safer() to the rest of the
library (where return values are translated to the MBEDTLS_ERR_ space) and test
functions (where expected return values are asserted explicitly).

EccPoint_mult_safer()
    EccPoint_compute_public_key()
        uECC_compute_public_key()
            pkparse.c
            tests/suites/test_suite_pkparse.function
        uECC_make_key_with_d()
        uECC_make_key()
            ssl_cli.c
            ssl_srv.c
            tests/suites/test_suite_pk.function
            tests/suites/test_suite_tinycrypt.function
    uECC_shared_secret()
        ssl_tls.c
        tests/suites/test_suite_tinycrypt.function
    uECC_sign_with_k()
        uECC_sign()
            pk.c
            tests/suites/test_suite_tinycrypt.function

Note: in uECC_sign_with_k() a test for uECC_vli_isZero(p) is suppressed
because it is redundant with a more thorough test (point validity) done at the
end of EccPoint_mult_safer(). This redundancy was introduced in a previous
commit but not noticed earlier.

include/tinycrypt/ecc.h

@@ -217,7 +217,7 @@ int uECC_curve_public_key_size(void);
  * @param private_key IN -- The private key to compute the public key for
  * @param public_key OUT -- Will be filled in with the corresponding public key
  * @param curve
- * @return Returns 1 if key was computed successfully, 0 if an error occurred.
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  */
 int uECC_compute_public_key(const uint8_t *private_key,
 			    uint8_t *public_key);
@@ -228,6 +228,7 @@ int uECC_compute_public_key(const uint8_t *private_key,
  * @param result OUT -- public-key
  * @param private_key IN -- private-key
  * @param curve IN -- elliptic curve
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  */
 uECC_word_t EccPoint_compute_public_key(uECC_word_t *result,
 					uECC_word_t *private_key);
@@ -241,6 +242,7 @@ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result,
  * @param result OUT -- returns scalar*point
  * @param point IN -- elliptic curve point
  * @param scalar IN -- scalar
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  */
 int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point,
 			const uECC_word_t * scalar);

include/tinycrypt/ecc_dh.h

@@ -83,8 +83,7 @@ extern "C" {
 
 /**
  * @brief Create a public/private key pair.
- * @return returns TC_CRYPTO_SUCCESS (1) if the key pair was generated successfully
- *         returns TC_CRYPTO_FAIL (0) if error while generating key pair
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  *
  * @param p_public_key OUT -- Will be filled in with the public key. Must be at
  * least 2 * the curve size (in bytes) long. For curve secp256r1, p_public_key
@@ -114,8 +113,7 @@ int uECC_make_key_with_d(uint8_t *p_public_key, uint8_t *p_private_key,
 /**
  * @brief Compute a shared secret given your secret key and someone else's
  * public key.
- * @return returns TC_CRYPTO_SUCCESS (1) if the shared secret was computed successfully
- *         returns TC_CRYPTO_FAIL (0) otherwise
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  *
  * @param p_secret OUT -- Will be filled in with the shared secret value. Must be
  * the same size as the curve size (for curve secp256r1, secret must be 32 bytes

include/tinycrypt/ecc_dsa.h

@@ -92,8 +92,7 @@ extern "C" {
 
 /**
  * @brief Generate an ECDSA signature for a given hash value.
- * @return returns TC_CRYPTO_SUCCESS (1) if the signature generated successfully
- *         returns TC_CRYPTO_FAIL (0) if an error occurred.
+ * @return UECC_SUCCESS or UECC_FAILURE or UECC_FAULT_DETECTED
  *
  * @param p_private_key IN -- Your private key.
  * @param p_message_hash IN -- The hash of the message to sign.