Fabio Utzig

> we also had idea to add include/exclude repo options to project.yml. this way project can be configured to only include certain repositories required for that project or exclude those...

The CMake changes looks fine, I don't understand why you would need to remove the usages of `MBEDTLS_CONTEXT_MEMBER`.

> I've just opened [this PR](https://github.com/mcu-tools/mcuboot/pull/2051) to update the version of TF-M used in the fih-tests, however it also fails for a missing CMake dependency. @utzig could you help with...

> We do not have HashEdDSA, we have SHA256-ED25519-SHA512 or SHA512-ED25519-SHA512, as far as I understand http://ed25519.cr.yp.to/eddsa-20150704.pdf and https://www.rfc-editor.org/rfc/rfc8032.html#page-9 There is no such thing as ED25519-SHA512. ed25519 is by definition...

> I think @de-nordic was referring to the notation used in the first paper he cited, i.e. [EdDSA for more curves](http://ed25519.cr.yp.to/eddsa-20150704.pdf). The standard Ed25519 defined by RFC 8032 is indeed...

> > Good point, I stand corrected. Do you know any ed25519 implementation, in any library/language, that is not built with sha-512 as the hash? > > No. Still on...

> I think you are misunderstanding my intent. I'm saying the swap status is part of the image trailer, and each image slot has an image trailer. No, only the...

Try updating: https://github.com/mcu-tools/mcuboot/blob/main/boot/bootutil/include/bootutil/crypto/common.h#L14 To: `#if (MBEDTLS_VERSION_NUMBER >= 0x03000000) && (MBEDTLS_VERSION_NUMBER

Otherwise you could also update `ext/mbedtls-asn1` to 3.5.2, which seems the reason for the Mynewt failure, at least...

Mynewt does not define the date macros in tree; this config is coming from `ext/mbedtls-asn1` itself. Also seems like you're adding a whole MbedTLS to `ext/mbedtls-asn1` instead of just updating...