suit: Add support for Ed25519PH

subsys/suit/platform/sdfw/src/suit_plat_authenticate.c

@@ -32,6 +32,9 @@ int suit_plat_authenticate_manifest(struct zcbor_string *manifest_component_id,
 	case suit_cose_EdDSA:
 		psa_alg = PSA_ALG_PURE_EDDSA; /* ed25519/curve25519 without internal hashing */
 		break;
+	case suit_cose_VS_Hashed_EdDSA:
+		psa_alg = PSA_ALG_ED25519PH; /* ed25519/curve25519 with internal hashing */
+		break;
 	default:
 		return SUIT_ERR_DECODING;
 	}

sysbuild/Kconfig.suit

@@ -122,6 +122,10 @@ config SUIT_ENVELOPE_ROOT_SIGN_ALG_ECDSA_384
 config SUIT_ENVELOPE_ROOT_SIGN_ALG_ECDSA_521
 	bool "Use the ECDSA algorithm with key length of 521 bits"
 
+config SUIT_ENVELOPE_ROOT_SIGN_ALG_HASHED_EDDSA
+	bool "Use the Hashed EdDSA algorithm (specifically: ed25519ph)"
+	select EXPERIMENTAL
+
 endchoice
 
 config SUIT_ENVELOPE_ROOT_SIGN_ALG_NAME
@@ -130,6 +134,7 @@ config SUIT_ENVELOPE_ROOT_SIGN_ALG_NAME
 	default "es-256" if SUIT_ENVELOPE_ROOT_SIGN_ALG_ECDSA_256
 	default "es-384" if SUIT_ENVELOPE_ROOT_SIGN_ALG_ECDSA_384
 	default "es-521" if SUIT_ENVELOPE_ROOT_SIGN_ALG_ECDSA_521
+	default "hashed-eddsa" if SUIT_ENVELOPE_ROOT_SIGN_ALG_HASHED_EDDSA
 
 endif # SUIT_ENVELOPE_ROOT_SIGN
 
@@ -257,6 +262,10 @@ config SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_ECDSA_384
 config SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_ECDSA_521
 	bool "Use the ECDSA algorithm with key length of 521 bits"
 
+config SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_HASHED_EDDSA
+	bool "Use the Hashed EdDSA algorithm (specifically: ed25519ph)"
+	select EXPERIMENTAL
+
 endchoice
 
 config SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_NAME
@@ -265,6 +274,7 @@ config SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_NAME
 	default "es-256" if SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_ECDSA_256
 	default "es-384" if SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_ECDSA_384
 	default "es-521" if SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_ECDSA_521
+	default "hashed-eddsa" if SUIT_ENVELOPE_APP_RECOVERY_SIGN_ALG_HASHED_EDDSA
 
 endif # SUIT_ENVELOPE_APP_RECOVERY_SIGN
 

west.yml

@@ -242,10 +242,10 @@ manifest:
           upstream-sha: c6eaeda5a1c1c5dbb24dce7e027340cb8893a77b
           compare-by-default: false
     - name: suit-generator
-      revision: b37972cd90c122bb8f384f2509b72fad62c3aa4b
+      revision: pull/167/head
       path: modules/lib/suit-generator
     - name: suit-processor
-      revision: a499bcadceff8877da63a0a140c6a91ff2f87b25
+      revision: pull/101/head
       path: modules/lib/suit-processor
     - name: doc-internal
       repo-path: doc-internal