From fb317afa9fd13c228a04a94f017301d18fc031b2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 27 Jan 2026 00:36:17 +0100 Subject: [PATCH] library: ssl: rework macro to define known TLS ID <-> group name list - let the macro be an initializer for the array of known TLS IDs, not a variable declarator; - last item's group name is NULL, not an empty string - change then name of the macro from MBEDTLS_TLS_ID_GROUP_NAME_TABLE to MBEDTLS_SSL_IANA_TLS_GROUPS_INFO - define a new public structure "mbedtls_ssl_iana_tls_group_info_t" to hold each element of the table and that can be used the go over the list from user code. Signed-off-by: Valerio Setti --- include/mbedtls/ssl.h | 26 ++++++++++++++++++-------- library/ssl_tls.c | 3 ++- tests/suites/test_suite_ssl.function | 12 ++++++++---- 3 files changed, 28 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b9e725e99e..aeb499586f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3660,14 +3660,24 @@ void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, #endif /* MBEDTLS_SSL_SRV_C */ #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ -/** - *\brief Define a TLS-ID <-> group-name table +/* + * This structure defines the correpondence between IANA's TLS-ID and its + * corresponding group name. + * This is used in macro #MBEDTLS_SSL_IANA_TLS_GROUPS_INFO to define the list + * of known TLS IDs and corresponding group names. */ -#define MBEDTLS_TLS_ID_GROUP_NAME_TABLE(table_name) \ - struct { \ - uint16_t tls_id; \ - const char *group_name; \ - } table_name[] = { \ +typedef struct { + uint16_t tls_id; + const char *group_name; +} mbedtls_ssl_iana_tls_group_info_t; + +/* + * Initializer for a list of known "TLS ID" <-> "group name". + * Each entry is a structure of type mbedtls_ssl_iana_tls_group_info_t. + * The last entry has 'tls_id = 0' and 'group_name = NULL'. + */ +#define MBEDTLS_SSL_IANA_TLS_GROUPS_INFO \ + { \ { MBEDTLS_SSL_IANA_TLS_GROUP_X25519, "x25519" }, \ { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, "secp256r1" }, \ { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256K1, "secp256k1" }, \ @@ -3682,7 +3692,7 @@ void mbedtls_ssl_conf_psk_cb(mbedtls_ssl_config *conf, { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096" }, \ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144" }, \ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192" }, \ - { MBEDTLS_SSL_IANA_TLS_GROUP_NONE, "" } \ + { MBEDTLS_SSL_IANA_TLS_GROUP_NONE, NULL } \ } /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 207a69d7d5..f6199195cb 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5850,7 +5850,8 @@ uint16_t mbedtls_ssl_get_tls_id_from_ecp_group_id(mbedtls_ecp_group_id grp_id) } #if defined(MBEDTLS_DEBUG_C) -static MBEDTLS_TLS_ID_GROUP_NAME_TABLE(tls_id_curve_name_table); +static +mbedtls_ssl_iana_tls_group_info_t tls_id_curve_name_table[] = MBEDTLS_SSL_IANA_TLS_GROUPS_INFO; const char *mbedtls_ssl_get_curve_name_from_tls_id(uint16_t tls_id) { diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 33c1d44a37..40f49a894b 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3596,13 +3596,17 @@ exit:; /* BEGIN_CASE */ void test_mbedtls_tls_id_group_name_table(int group_id, char *group_name) { - MBEDTLS_TLS_ID_GROUP_NAME_TABLE(test_table); + mbedtls_ssl_iana_tls_group_info_t test_table[] = MBEDTLS_SSL_IANA_TLS_GROUPS_INFO; + mbedtls_ssl_iana_tls_group_info_t *item; const char *table_name = NULL; size_t table_name_len = 0; - for (size_t i = 0; i < ARRAY_LENGTH(test_table); i++) { - if (test_table[i].tls_id == group_id) { - table_name = test_table[i].group_name; + /* Ensure that the list includes at least 1 valid entry. */ + TEST_ASSERT(test_table[0].tls_id != MBEDTLS_SSL_IANA_TLS_GROUP_NONE); + + for (item = &test_table[0]; item->tls_id != MBEDTLS_SSL_IANA_TLS_GROUP_NONE; item++) { + if (item->tls_id == group_id) { + table_name = item->group_name; table_name_len = strlen(table_name); } }