manifest: Add PSA ed25519 image encryption/verification to MCUboot

[de-nordic]

Update MCUboot version to birng in PSA encryption support.

Note that at this point MCUboot partition > 76k is needed.
To build MCUboot only:

west build --no-sysbuild -d builds/mcuboot_x25519_54_encrypt -b nrf54l15pdk/nrf54l15/cpuapp bootloader/mcuboot/boot/zephyr/ -DDTC_OVERLAY_FILE=app.overlay -DCONFIG_BOOT_SIGNATURE_TYPE_ED25519=y -DCONFIG_BOOT_ENCRYPT_IMAGE=y -DCONFIG_BOOT_ED25519_PSA=y  -DCONFIG_MBEDTLS=n -DCONFIG_MULTITHREADING=y -DCONFIG_NRF_SECURITY=y  -DCONFIG_NRF_OBERON=y

or for nrf52840

west build --no-sysbuild -d builds/mcuboot_x25519_52_encrypt -b nrf52840dk/nrf52840 bootloader/mcuboot/boot/zephyr/ -DDTC_OVERLAY_FILE=app.overlay -DCONFIG_BOOT_SIGNATURE_TYPE_ED25519=y -DCONFIG_BOOT_ENCRYPT_IMAGE=y -DCONFIG_BOOT_ED25519_PSA=y  -DCONFIG_MBEDTLS=n -DCONFIG_MULTITHREADING=y -DCONFIG_NRF_SECURITY=y  -DCONFIG_NRF_OBERON=y

Above gives both encryption and verification.
The --no-sysbuild has been added to make life easier and note that you have to modify the partition layout to allow MCUboot to fit.

[NordicBuilder]

The following west manifest projects have been modified in this Pull Request:

Name	Old Revision	New Revision	Diff
mcuboot	nrfconnect/sdk-mcuboot@7aaeb63	nrfconnect/sdk-mcuboot@5f95fec (main)	nrfconnect/[email protected]

Note: This message is automatically posted and updated by the Manifest GitHub Action.

[NordicBuilder]

Test specification

CI/Jenkins/NRF

• Integration Platforms

CI/Jenkins/integration

Test Module	File based changes	Manually selected	West overwrite
test-fw-nrfconnect-boot	X
test-sdk-mcuboot	X

test-fw-nrfconnect-boot: added because there was no .github/test-spec.yml in 'mcuboot'
test-sdk-mcuboot: added because there was no .github/test-spec.yml in 'mcuboot'

Detailed information of selected test modules

Note: This message is automatically posted and updated by the CI

[NordicBuilder]

You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds.

Note: This comment is automatically posted by the Documentation Publishing GitHub Action.

[NordicBuilder]

CI Information

^{To view the history of this post, clich the 'edited' button above}
Build number: 10

Inputs:

Sources:

sdk-nrf: PR head: 0b6f76f19cbea12d4b233d9ce78828cce0120d4f
mcuboot: PR head: 5f95fecfa27e5b9924a91c69bca023e605fe751e

more details

sdk-nrf:

PR head: 0b6f76f19cbea12d4b233d9ce78828cce0120d4f
merge base: a46eda7f14f9c0f7ad79d24c362199e44197b3dd
target head (main): a46eda7f14f9c0f7ad79d24c362199e44197b3dd
Diff

mcuboot:

PR head: 5f95fecfa27e5b9924a91c69bca023e605fe751e
merge base: 7aaeb636812f7e5b0b901a1894916dbfd5334f3a
Diff

Github labels

Enabled	Name	Description
	ci-disabled	Disable the ci execution
	ci-all-test	Run all of ci, no test spec filtering will be done
	ci-force-downstream	Force execution of downstream even if twister fails
	ci-run-twister	Force run twister
	ci-run-zephyr-twister	Force run zephyr twister

List of changed files detected by CI (18)

bootloader
│  ├── mcuboot
│  │  ├── boot
│  │  │  ├── boot_serial
│  │  │  │  ├── src
│  │  │  │  │  │ boot_serial_encryption.c
│  │  │  ├── bootutil
│  │  │  │  ├── include
│  │  │  │  │  ├── bootutil
│  │  │  │  │  │  ├── crypto
│  │  │  │  │  │  │  ├── aes_ctr.h
│  │  │  │  │  │  │  ├── common.h
│  │  │  │  │  │  │  │ ecdsa.h
│  │  │  │  │  │  │ enc_key.h
│  │  │  │  ├── src
│  │  │  │  │  ├── bootutil_misc.c
│  │  │  │  │  ├── ed25519_psa.c
│  │  │  │  │  ├── encrypted.c
│  │  │  │  │  ├── encrypted_psa.c
│  │  │  │  │  ├── image_ed25519.c
│  │  │  │  │  ├── image_validate.c
│  │  │  │  │  ├── loader.c
│  │  │  │  │  │ swap_move.c
│  │  │  │  ├── zephyr
│  │  │  │  │  │ CMakeLists.txt
│  │  │  ├── zephyr
│  │  │  │  ├── CMakeLists.txt
│  │  │  │  ├── Kconfig
│  │  │  │  ├── include
│  │  │  │  │  │ mcuboot-mbedtls-cfg.h
west.yml

Outputs:

Toolchain

Version: 9583beca34
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:9583beca34_81ed5a52d6

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

• ◻️ Toolchain - Skipped: existing toolchain is used
• ✅ Build twister
  • sdk-nrf test count: 442
• ✅ Integration tests
  • ✅ test-fw-nrfconnect-boot
  • ✅ test-sdk-mcuboot

Disabled integration tests

• • desktop52_verification
  • doc-internal
  • test_ble_nrf_config
  • test-fw-nrfconnect-apps
  • test-fw-nrfconnect-ble_mesh
  • test-fw-nrfconnect-ble_samples
  • test-fw-nrfconnect-chip
  • test-fw-nrfconnect-fem
  • test-fw-nrfconnect-nfc
  • test-fw-nrfconnect-nrf-iot_cloud
  • test-fw-nrfconnect-nrf-iot_libmodem-nrf
  • test-fw-nrfconnect-nrf-iot_lwm2m
  • test-fw-nrfconnect-nrf-iot_mosh
  • test-fw-nrfconnect-nrf-iot_nrf_provisioning
  • test-fw-nrfconnect-nrf-iot_positioning
  • test-fw-nrfconnect-nrf-iot_samples
  • test-fw-nrfconnect-nrf-iot_serial_lte_modem
  • test-fw-nrfconnect-nrf-iot_thingy91
  • test-fw-nrfconnect-nrf-iot_zephyr_lwm2m
  • test-fw-nrfconnect-nrf_crypto
  • test-fw-nrfconnect-proprietary_esb
  • test-fw-nrfconnect-ps
  • test-fw-nrfconnect-rpc
  • test-fw-nrfconnect-rs
  • test-fw-nrfconnect-tfm
  • test-fw-nrfconnect-thread
  • test-fw-nrfconnect-zigbee
  • test-low-level
  • test-sdk-audio
  • test-sdk-dfu
  • test-sdk-find-my
  • test-sdk-pmic-samples
  • test-sdk-sidewalk
  • test-sdk-wifi

Note: This message is automatically posted and updated by the CI

[nordicjm]

minor commit typo *bring