From 25f971db8750fc87f19f9981719b35b32040b74f Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Tue, 10 Mar 2026 14:02:38 +0000
Subject: [PATCH] Fix the MBEDTLS_TEST_HAS_ADDITIONAL_HASH macro

It should require a hash that is configured in TLS 1.2 SSL contexts by
default.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 tests/include/test/ssl_helpers.h | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 70e4bbaae1..2744016fa8 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -93,12 +93,10 @@
 
 /*
  * To use the test keys we need PSA_WANT_ALG_SHA_256. Some test cases need an additional hash that
- * can be used in modern TLS, but it doesn't matter which one.
+ * is configured by default (see mbedtls_ssl_config_defaults()), but it doesn't matter which one.
  */
 #if defined(PSA_WANT_ALG_SHA_512) || \
-    defined(PSA_WANT_ALG_SHA_384) || \
-    defined(PSA_WANT_ALG_SHA_224) || \
-    defined(PSA_WANT_ALG_SHA_1)
+    defined(PSA_WANT_ALG_SHA_384)
 #define MBEDTLS_TEST_HAS_ADDITIONAL_HASH
 #endif