From 51ea7aca6f61a78e59ec20fe5054dda553db34e2 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Wed, 11 Mar 2026 16:09:37 +0000
Subject: [PATCH] Fix dependencies

The unit test framework always loads the client key as well, which
requires a different curve and a hash than the server key.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 tests/include/test/ssl_helpers.h | 6 ++++++
 tests/suites/test_suite_ssl.data | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index f49cceca15..2c1828eea8 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -78,6 +78,12 @@
 #define MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
+    defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY
+#endif
+
 #if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)  || \
     defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)   || \
     defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)   || \
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index f1d53a74eb..54c0e319fe 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -3537,9 +3537,9 @@ depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:MBEDTLS_SHA256_C
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_RSA:MBEDTLS_SSL_HASH_SHA256:MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
 
 Baseline for: Server using sig_alg not offered by the client - ECDSA with SHA512
-depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY:MBEDTLS_SHA512_C
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_ECDSA:MBEDTLS_SSL_HASH_SHA512:0
 
 Negative Test: Server using sig_alg not offered by the client - ECDSA with SHA512
-depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_SHA512_C
+depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY:MBEDTLS_SHA512_C
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_ECDSA:MBEDTLS_SSL_HASH_SHA512:MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER