diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 476443c35..753a61d83 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1362,7 +1362,9 @@ struct mbedtls_ssl_config
     void *MBEDTLS_PRIVATE(p_psk);                    /*!< context for PSK callback           */
 #endif
 
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+#if (defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) ||                               \
+    (defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3))) && \
+    defined(MBEDTLS_SSL_SRV_C)
     /** Callback to create & write a cookie for ClientHello veirifcation    */
     int (*MBEDTLS_PRIVATE(f_cookie_write))( void *, unsigned char **, unsigned char *,
                            const unsigned char *, size_t );
@@ -1703,7 +1705,9 @@ struct mbedtls_ssl_context
     /*
      * Information for DTLS hello verify
      */
-#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+#if (defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) ||                               \
+    (defined(MBEDTLS_SSL_COOKIE_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3))) && \
+    defined(MBEDTLS_SSL_SRV_C)
     unsigned char  *MBEDTLS_PRIVATE(cli_id);         /*!<  transport-level ID of the client  */
     size_t          MBEDTLS_PRIVATE(cli_id_len);     /*!<  length of cli_id                  */
 #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 758dbfd49..22d83deeb 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1523,6 +1523,18 @@ static int ecdh_import_public_raw( mbedtls_ecdh_context_mbed *ctx,
                                            buf, end - buf ) );
 }
 
+#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED)
+static int everest_import_public_raw( mbedtls_x25519_context *ctx,
+                        const unsigned char *buf, const unsigned char *end )
+{
+    if( end - buf != MBEDTLS_X25519_KEY_SIZE_BYTES )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    memcpy( ctx->peer_point, buf, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    return( 0 );
+}
+#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
+
 int mbedtls_ecdh_import_public_raw( mbedtls_ecdh_context *ctx,
                                     const unsigned char *buf,
                                     const unsigned char *end )
@@ -1532,7 +1544,7 @@ int mbedtls_ecdh_import_public_raw( mbedtls_ecdh_context *ctx,
     ECDH_VALIDATE_RET( end != NULL );
 
 #if defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
-    return( ecdh_read_tls13_params_internal( ctx, buf, end ) );
+    return( ecdh_import_public_raw( ctx, buf, end ) );
 #else
     switch( ctx->var )
     {
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index be1277834..007b9fa77 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -276,11 +276,7 @@ static int ssl_tls13_parse_key_shares_ext( mbedtls_ssl_context *ssl,
          * - Check if it's supported
          */
 
-        const mbedtls_ecp_curve_info *curve_info;
-        curve_info = mbedtls_ecp_curve_info_from_tls_id( their_group );
-        if( curve_info == NULL )
-            return( MBEDTLS_ECP_DP_NONE );
-        their_curve =  curve_info->grp_id;
+        their_curve = mbedtls_ecp_named_group_to_id( their_group );
         if( mbedtls_ssl_check_curve( ssl, their_curve ) != 0 )
             continue;
 
@@ -462,6 +458,8 @@ cleanup:
 
 static void ssl_debug_print_client_hello_exts( mbedtls_ssl_context *ssl )
 {
+    ((void) ssl);
+
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Extensions:" ) );
     MBEDTLS_SSL_DEBUG_MSG( 3, ( "- KEY_SHARE_EXTENSION ( %s )",
                                 ( ( ssl->handshake->extensions_present & MBEDTLS_SSL_EXT_KEY_SHARE ) > 0 ) ?