diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 89a5d4313f..c0a370e06b 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1183,7 +1183,6 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush );
 int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
 
 int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl );
-int mbedtls_ssl_tls13_process_finished_out( mbedtls_ssl_context *ssl );
 
 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 83f7202242..9be6948cb2 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -853,7 +853,7 @@ cleanup:
  * Implementation
  */
 
-static int ssl_tls13_prepare_finished_in( mbedtls_ssl_context *ssl )
+static int ssl_tls13_preprocess_finished_message( mbedtls_ssl_context *ssl )
 {
     int ret;
 
@@ -906,7 +906,7 @@ static int ssl_tls13_parse_finished_message( mbedtls_ssl_context *ssl,
     return( 0 );
 }
 
-static int ssl_tls13_finalize_server_finished_message( mbedtls_ssl_context *ssl )
+static int ssl_tls13_postprocess_server_finished_message( mbedtls_ssl_context *ssl )
 {
     int ret = 0;
     mbedtls_ssl_key_set traffic_keys;
@@ -964,12 +964,12 @@ cleanup:
     return( ret );
 }
 
-static int ssl_tls13_finalize_finished_message( mbedtls_ssl_context* ssl )
+static int ssl_tls13_postprocess_finished_message( mbedtls_ssl_context* ssl )
 {
 
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {
-        return( ssl_tls13_finalize_server_finished_message( ssl ) );
+        return( ssl_tls13_postprocess_server_finished_message( ssl ) );
     }
 
     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
@@ -984,7 +984,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
     MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished_in" ) );
 
     /* Preprocessing step: Compute handshake digest */
-    MBEDTLS_SSL_PROC_CHK( ssl_tls13_prepare_finished_in( ssl ) );
+    MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
 
     MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls1_3_fetch_handshake_msg( ssl,
                                               MBEDTLS_SSL_HS_FINISHED,
@@ -992,7 +992,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
     MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_finished_message( ssl, buf, buf + buflen ) );
     mbedtls_ssl_tls1_3_add_hs_msg_to_checksum(
         ssl, MBEDTLS_SSL_HS_FINISHED, buf, buflen );
-    MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_finished_message( ssl ) );
+    MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_finished_message( ssl ) );
 
 cleanup:
 
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 8f089f580b..fbbf096c98 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -644,14 +644,14 @@ exit:
 }
 
 int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context* ssl,
-                                      unsigned char* dst,
-                                      size_t dst_len,
-                                      size_t *actual_len,
-                                      int from )
+                                             unsigned char* dst,
+                                             size_t dst_len,
+                                             size_t *actual_len,
+                                             int from )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
+    unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
     size_t transcript_len;
 
     unsigned char const *base_key = NULL;
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index c5c3a34162..53dbe732e8 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -615,7 +615,7 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
  * \param dst_len    The size of \p dst in bytes.
  * \param actual_len The address at which to store the amount of data
  *                   actually written to \p dst upon success.
- * \param from       The message to calculate the `verify_data` for:
+ * \param which      The message to calculate the `verify_data` for:
  *                   - #MBEDTLS_SSL_IS_CLIENT for the Client's Finished message
  *                   - #MBEDTLS_SSL_IS_SERVER for the Server's Finished message
  *
@@ -627,9 +627,9 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
  * \returns    A negative error code on failure.
  */
 int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl,
-                                                    unsigned char *dst,
-                                                    size_t dst_len,
-                                                    size_t *actual_len,
-                                                    int from );
+                                             unsigned char *dst,
+                                             size_t dst_len,
+                                             size_t *actual_len,
+                                             int which );
 
 #endif /* MBEDTLS_SSL_TLS1_3_KEYS_H */