library: ssl: add macro for allocating a TLS-ID <-> group-name table

Being a macro allow the table to be instatiated only when/if necessary by the consuming code. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2026-03-20 11:11:08 +01:00 · 2026-01-26 10:15:12 +01:00
parent 2aecd2cd5f
commit 7ca3c602b7
2 changed files with 27 additions and 17 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -3660,6 +3660,31 @@ void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf,
 #endif /* MBEDTLS_SSL_SRV_C */
 #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */

+/**
+ *\brief    Define a TLS-ID <-> group-name table
+ */
+#define MBEDTLS_TLS_ID_GROUP_NAME_TABLE(table_name)                 \
+    struct {                                                        \
+        uint16_t tls_id;                                            \
+        const char *group_name;                                     \
+    } table_name[] = {                         \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519" },            \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448" },                \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1" },  \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1" },  \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1" },  \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192" },      \
+        { MBEDTLS_SSL_IANA_TLS_GROUP_NONE, "" }                      \
+    }
+
 /**
 * \brief       Return the list of supported groups (curves and finite fields).
 *
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5850,28 +5850,13 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id(mbedtls_ecp_group_id grp_id)
 }

 #if defined(MBEDTLS_DEBUG_C)
-static const struct {
-    uint16_t tls_id;
-    const char *name;
-} tls_id_curve_name_table[] =
-{
-    { MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1, "secp521r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_BP512R1, "brainpoolP512r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, "secp384r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_BP384R1, "brainpoolP384r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_BP256R1, "brainpoolP256r1" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519" },
-    { MBEDTLS_SSL_IANA_TLS_GROUP_X448, "x448" },
-    { 0, NULL },
-};
+static MBEDTLS_TLS_ID_GROUP_NAME_TABLE(tls_id_curve_name_table);

 const char *mbedtls_ssl_get_curve_name_from_tls_id(uint16_t tls_id)
 {
    for (int i = 0; tls_id_curve_name_table[i].tls_id != 0; i++) {
        if (tls_id_curve_name_table[i].tls_id == tls_id) {
-            return tls_id_curve_name_table[i].name;
+            return tls_id_curve_name_table[i].group_name;
        }
    }