Add UC config for disabling storage hash validation

[ccli8]

[x] I confirm this contribution is my own and I agree to license it with Apache 2.0. [x] I confirm the moderators may change the PR before merging it in. [x] I understand the release model prohibits detailed Git history and my contribution will be recorded to the list at the bottom of CONTRIBUTING.md.

Summary of changes

This PR tries to add one Update Client configuration option to disable the flow of storage hash validation for PAL using like PSA FWU API which doesn't support storage read of firmware candidate (no psa_fwu_read()).

@marcuschangarm

[marcuschangarm]

@ccli8 Thank you! I'll take a look!

[ccli8]

@marcuschangarm I merge the suggestion and original #91 into this PR.

[marcuschangarm]

@ccli8 good catch with disabling ARM_UC_FEATURE_DELTA_PAAL!

I've sent you an email with an alternative solution to disabling hash calculations, since that would have a negative impact on our security story.

[ccli8]

I've sent you an email with an alternative solution to disabling hash calculations, since that would have a negative impact on our security story.

@marcuschangarm I merge the in-transmit hash validation alternative into this PR. It's fine per my test.

[ccli8]

@marcuschangarm Added PSA implementation update-client-hub/modules/pal-psa. It follows update-client-hub/modules/pal-flashiap-mcuboot for firmware metadata management assuming secure bootloader is TF-M integrated MCUboot, and invokes PSA FWU API to install firmware candidate.

Currently, only non-secure firmware update is supported. To support secure or combined secure/non-secure firmware update, it is necessary to read header (and TLV) of active located in SPE, which is prohibited by TF-M.