From 9cd8011978b719af8b3c60a81efdc4639901403f Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 25 Jul 2023 12:04:21 +0200
Subject: [PATCH] tls: fix definition of symbol KEY_EXCHANGE_SOME_XXDH_PSA_ANY

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 include/mbedtls/ssl_ciphersuites.h | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
index 48ed541d82..2db5209ea9 100644
--- a/include/mbedtls/ssl_ciphersuites.h
+++ b/include/mbedtls/ssl_ciphersuites.h
@@ -401,7 +401,16 @@ typedef enum {
 #define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_1_2_ENABLED
 #endif
 
-#if (defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_1_2_ENABLED) && defined(MBEDTLS_USE_PSA_CRYPTO)) || \
+/* The handshake params structure has a set of fields called xxdh_psa which are used:
+ * - by TLS 1.2 with `USE_PSA` to do ECDH or ECDHE;
+ * - by TLS 1.3 to do ECDHE or FFDHE.
+ * The following macros can be used to guard their declaration and use.
+ */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+#define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_1_2_ENABLED) || \
     defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED)
 #define MBEDTLS_KEY_EXCHANGE_SOME_XXDH_PSA_ANY_ENABLED
 #endif