From 8d21dbf8e899f5ae501c2b6bc23550a21bac685f Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Wed, 11 Mar 2026 16:09:37 +0000
Subject: [PATCH] Fix dependencies

The unit test framework always loads the client key as well, which
requires a different curve and a hash than the server key.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 tests/include/test/ssl_helpers.h | 6 ++++++
 tests/suites/test_suite_ssl.data | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h
index 2744016fa8..a653c9643e 100644
--- a/tests/include/test/ssl_helpers.h
+++ b/tests/include/test/ssl_helpers.h
@@ -74,6 +74,12 @@
 #define MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
+    defined(PSA_WANT_ECC_SECP_R1_256) && \
+    defined(PSA_WANT_ALG_SHA_256)
+#define MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY
+#endif
+
 #if defined(PSA_WANT_ECC_MONTGOMERY_255)        || \
     defined(PSA_WANT_ECC_SECP_R1_256)           || \
     defined(PSA_WANT_ECC_SECP_R1_384)           || \
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 15b986a805..53c1c035a8 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -3540,9 +3540,9 @@ depends_on:MBEDTLS_CAN_HANDLE_RSA_TEST_KEY:PSA_WANT_ALG_SHA_256
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_RSA:MBEDTLS_SSL_HASH_SHA256:MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER
 
 Baseline for: Server using sig_alg not offered by the client - ECDSA with SHA512
-depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:PSA_WANT_ALG_SHA_512
+depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY:PSA_WANT_ALG_SHA_512
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_ECDSA:MBEDTLS_SSL_HASH_SHA512:0
 
 Negative Test: Server using sig_alg not offered by the client - ECDSA with SHA512
-depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:PSA_WANT_ALG_SHA_512
+depends_on:MBEDTLS_CAN_HANDLE_ECDSA_TEST_KEY:MBEDTLS_CAN_HANDLE_ECDSA_CLIENT_TEST_KEY:PSA_WANT_ALG_SHA_512
 send_invalid_sig_alg:MBEDTLS_SSL_SIG_ECDSA:MBEDTLS_SSL_HASH_SHA512:MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER