From d0371b0a08b99cb3ab08a7b119deb441c5ef704d Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Tue, 25 Jul 2023 10:57:01 +0200
Subject: [PATCH] debug: keep ECDH_C guard for debug printf accessing
 ecdh_context's items

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 include/mbedtls/debug.h | 8 ++++++--
 library/debug.c         | 6 ++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 01d2901d9c..d6dd152243 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -280,7 +280,10 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
                              const char *text, const mbedtls_x509_crt *crt);
 #endif
 
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED)
+/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function
+         only works for the built-in implementation. */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
+    defined(MBEDTLS_ECDH_C)
 typedef enum {
     MBEDTLS_DEBUG_ECDH_Q,
     MBEDTLS_DEBUG_ECDH_QP,
@@ -307,7 +310,8 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
                                const char *file, int line,
                                const mbedtls_ecdh_context *ecdh,
                                mbedtls_debug_ecdh_attr attr);
-#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
+          MBEDTLS_ECDH_C */
 
 #ifdef __cplusplus
 }
diff --git a/library/debug.c b/library/debug.c
index 8c33f82812..56bc3f694f 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -397,7 +397,8 @@ void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level,
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_X509_REMOVE_INFO */
 
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \
+    defined(MBEDTLS_ECDH_C)
 static void mbedtls_debug_printf_ecdh_internal(const mbedtls_ssl_context *ssl,
                                                int level, const char *file,
                                                int line,
@@ -443,6 +444,7 @@ void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level,
     }
 #endif
 }
-#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED &&
+          MBEDTLS_ECDH_C */
 
 #endif /* MBEDTLS_DEBUG_C */