From 4a66b48a7ee98553b7a91259eda6bed1e7c5bad3 Mon Sep 17 00:00:00 2001 From: Alexandre Bouvier Date: Fri, 26 May 2023 22:53:05 +0200 Subject: [PATCH] externals: update mbedtls to 3.5.1 --- .gitmodules | 2 +- CMakeLists.txt | 1 + externals/CMakeLists.txt | 15 +++++++++------ externals/mbedtls | 2 +- src/core/CMakeLists.txt | 2 +- src/core/crypto/aes_util.h | 2 +- src/core/crypto/key_manager.cpp | 2 +- src/core/crypto/partition_data_manager.cpp | 4 ++-- src/core/file_sys/registered_cache.cpp | 10 +++++----- src/core/file_sys/xts_archive.cpp | 2 +- src/core/hle/service/bcat/bcat_module.cpp | 2 +- src/core/hle/service/ro/ro.cpp | 2 +- src/core/loader/nca.cpp | 6 +++--- src/dedicated_room/CMakeLists.txt | 2 +- 14 files changed, 29 insertions(+), 25 deletions(-) diff --git a/.gitmodules b/.gitmodules index e65997afc2..8584798ffb 100644 --- a/.gitmodules +++ b/.gitmodules @@ -24,7 +24,7 @@ url = https://github.com/yuzu-emu/sirit.git [submodule "mbedtls"] path = externals/mbedtls - url = https://github.com/yuzu-emu/mbedtls.git + url = https://github.com/Mbed-TLS/mbedtls.git [submodule "xbyak"] path = externals/xbyak url = https://github.com/herumi/xbyak.git diff --git a/CMakeLists.txt b/CMakeLists.txt index 7cd6b21087..0b580d7edc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -295,6 +295,7 @@ find_package(enet 1.3 MODULE) find_package(fmt 9 REQUIRED) find_package(LLVM 17.0.2 MODULE COMPONENTS Demangle) find_package(lz4 REQUIRED) +find_package(MbedTLS 3 CONFIG) find_package(nlohmann_json 3.8 REQUIRED) find_package(Opus 1.3 MODULE) find_package(RenderDoc MODULE) diff --git a/externals/CMakeLists.txt b/externals/CMakeLists.txt index 15b444338f..8746133a3c 100644 --- a/externals/CMakeLists.txt +++ b/externals/CMakeLists.txt @@ -39,12 +39,15 @@ endif() add_subdirectory(glad) # mbedtls -add_subdirectory(mbedtls) -target_include_directories(mbedtls PUBLIC ./mbedtls/include) -if (NOT MSVC) - target_compile_options(mbedcrypto PRIVATE - -Wno-unused-but-set-variable - -Wno-string-concatenation) +if (NOT TARGET MbedTLS::mbedcrypto) + set(ENABLE_PROGRAMS OFF) + set(ENABLE_TESTING OFF) + add_subdirectory(mbedtls) + if (NOT MSVC) + target_compile_options(mbedcrypto PRIVATE + -Wno-unused-but-set-variable + -Wno-string-concatenation) + endif() endif() # MicroProfile diff --git a/externals/mbedtls b/externals/mbedtls index 8c88150ca1..edb8fec988 160000 --- a/externals/mbedtls +++ b/externals/mbedtls @@ -1 +1 @@ -Subproject commit 8c88150ca139e06aa2aae8349df8292a88148ea1 +Subproject commit edb8fec9882084344a314368ac7fd957a187519c diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt index 45a0d8746d..e1a3edfb06 100644 --- a/src/core/CMakeLists.txt +++ b/src/core/CMakeLists.txt @@ -901,7 +901,7 @@ endif() create_target_directory_groups(core) target_link_libraries(core PUBLIC common PRIVATE audio_core hid_core network video_core nx_tzdb tz) -target_link_libraries(core PUBLIC Boost::headers PRIVATE fmt::fmt nlohmann_json::nlohmann_json mbedtls RenderDoc::API) +target_link_libraries(core PUBLIC Boost::headers PRIVATE fmt::fmt nlohmann_json::nlohmann_json MbedTLS::mbedcrypto RenderDoc::API) if (MINGW) target_link_libraries(core PRIVATE ${MSWSOCK_LIBRARY}) endif() diff --git a/src/core/crypto/aes_util.h b/src/core/crypto/aes_util.h index a67ba53525..d1789c87c5 100644 --- a/src/core/crypto/aes_util.h +++ b/src/core/crypto/aes_util.h @@ -16,7 +16,7 @@ struct CipherContext; enum class Mode { CTR = 11, ECB = 2, - XTS = 70, + XTS = 74, }; enum class Op { diff --git a/src/core/crypto/key_manager.cpp b/src/core/crypto/key_manager.cpp index 43a3c5ffd6..099cdea2e4 100644 --- a/src/core/crypto/key_manager.cpp +++ b/src/core/crypto/key_manager.cpp @@ -532,7 +532,7 @@ static std::array MGF1(const std::array& seed) { while (out.size() < target_size) { out.resize(out.size() + 0x20); seed_exp[in_size + 3] = static_cast(i); - mbedtls_sha256_ret(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0); + mbedtls_sha256(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0); ++i; } diff --git a/src/core/crypto/partition_data_manager.cpp b/src/core/crypto/partition_data_manager.cpp index 97f5c8cea3..c1d609957c 100644 --- a/src/core/crypto/partition_data_manager.cpp +++ b/src/core/crypto/partition_data_manager.cpp @@ -178,7 +178,7 @@ std::array FindKeyFromHex(const std::vector& binary, std::array temp{}; for (size_t i = 0; i < binary.size() - key_size; ++i) { - mbedtls_sha256_ret(binary.data() + i, key_size, temp.data(), 0); + mbedtls_sha256(binary.data() + i, key_size, temp.data(), 0); if (temp != hash) continue; @@ -206,7 +206,7 @@ static std::array FindEncryptedMasterKeyFromHex(const std::vector< AESCipher cipher(key, Mode::ECB); for (size_t i = 0; i < binary.size() - 0x10; ++i) { cipher.Transcode(binary.data() + i, dec_temp.size(), dec_temp.data(), Op::Decrypt); - mbedtls_sha256_ret(dec_temp.data(), dec_temp.size(), temp.data(), 0); + mbedtls_sha256(dec_temp.data(), dec_temp.size(), temp.data(), 0); for (size_t k = 0; k < out.size(); ++k) { if (temp == master_key_hashes[k]) { diff --git a/src/core/file_sys/registered_cache.cpp b/src/core/file_sys/registered_cache.cpp index 1cc77ad147..999ea14528 100644 --- a/src/core/file_sys/registered_cache.cpp +++ b/src/core/file_sys/registered_cache.cpp @@ -64,7 +64,7 @@ static std::string GetRelativePathFromNcaID(const std::array& nca_id, bo } Core::Crypto::SHA256Hash hash{}; - mbedtls_sha256_ret(nca_id.data(), nca_id.size(), hash.data(), 0); + mbedtls_sha256(nca_id.data(), nca_id.size(), hash.data(), 0); const auto format_str = fmt::runtime(cnmt_suffix ? "/000000{:02X}/{}.cnmt.nca" : "/000000{:02X}/{}.nca"); @@ -146,7 +146,7 @@ bool PlaceholderCache::Create(const NcaID& id, u64 size) const { } Core::Crypto::SHA256Hash hash{}; - mbedtls_sha256_ret(id.data(), id.size(), hash.data(), 0); + mbedtls_sha256(id.data(), id.size(), hash.data(), 0); const auto dirname = fmt::format("000000{:02X}", hash[0]); const auto dir2 = GetOrCreateDirectoryRelative(dir, dirname); @@ -170,7 +170,7 @@ bool PlaceholderCache::Delete(const NcaID& id) const { } Core::Crypto::SHA256Hash hash{}; - mbedtls_sha256_ret(id.data(), id.size(), hash.data(), 0); + mbedtls_sha256(id.data(), id.size(), hash.data(), 0); const auto dirname = fmt::format("000000{:02X}", hash[0]); const auto dir2 = GetOrCreateDirectoryRelative(dir, dirname); @@ -665,7 +665,7 @@ InstallResult RegisteredCache::InstallEntry(const NCA& nca, TitleType type, const OptionalHeader opt_header{0, 0}; ContentRecord c_rec{{}, {}, {}, GetCRTypeFromNCAType(nca.GetType()), {}}; const auto& data = nca.GetBaseFile()->ReadBytes(0x100000); - mbedtls_sha256_ret(data.data(), data.size(), c_rec.hash.data(), 0); + mbedtls_sha256(data.data(), data.size(), c_rec.hash.data(), 0); std::memcpy(&c_rec.nca_id, &c_rec.hash, 16); const CNMT new_cnmt(header, opt_header, {c_rec}, {}); if (!RawInstallYuzuMeta(new_cnmt)) { @@ -776,7 +776,7 @@ InstallResult RegisteredCache::RawInstallNCA(const NCA& nca, const VfsCopyFuncti id = *override_id; } else { const auto& data = in->ReadBytes(0x100000); - mbedtls_sha256_ret(data.data(), data.size(), hash.data(), 0); + mbedtls_sha256(data.data(), data.size(), hash.data(), 0); memcpy(id.data(), hash.data(), 16); } diff --git a/src/core/file_sys/xts_archive.cpp b/src/core/file_sys/xts_archive.cpp index ede0aa11a5..d0b689e5a4 100644 --- a/src/core/file_sys/xts_archive.cpp +++ b/src/core/file_sys/xts_archive.cpp @@ -65,7 +65,7 @@ NAX::NAX(VirtualFile file_, std::array nca_id) : header(std::make_unique()), file(std::move(file_)), keys{Core::Crypto::KeyManager::Instance()} { Core::Crypto::SHA256Hash hash{}; - mbedtls_sha256_ret(nca_id.data(), nca_id.size(), hash.data(), 0); + mbedtls_sha256(nca_id.data(), nca_id.size(), hash.data(), 0); status = Parse(fmt::format("/registered/000000{:02X}/{}.nca", hash[0], Common::HexToString(nca_id, false))); } diff --git a/src/core/hle/service/bcat/bcat_module.cpp b/src/core/hle/service/bcat/bcat_module.cpp index a6281913a0..f4c10c5b04 100644 --- a/src/core/hle/service/bcat/bcat_module.cpp +++ b/src/core/hle/service/bcat/bcat_module.cpp @@ -44,7 +44,7 @@ u64 GetCurrentBuildID(const Core::System::CurrentBuildProcessID& id) { BCATDigest DigestFile(const FileSys::VirtualFile& file) { BCATDigest out{}; const auto bytes = file->ReadAllBytes(); - mbedtls_md5_ret(bytes.data(), bytes.size(), out.data()); + mbedtls_md5(bytes.data(), bytes.size(), out.data()); return out; } diff --git a/src/core/hle/service/ro/ro.cpp b/src/core/hle/service/ro/ro.cpp index ae62c430e7..feb603e382 100644 --- a/src/core/hle/service/ro/ro.cpp +++ b/src/core/hle/service/ro/ro.cpp @@ -178,7 +178,7 @@ struct ProcessContext { std::vector nro_data(size); m_process->GetMemory().ReadBlock(base_address, nro_data.data(), size); - mbedtls_sha256_ret(nro_data.data(), size, hash.data(), 0); + mbedtls_sha256(nro_data.data(), size, hash.data(), 0); } for (size_t i = 0; i < MaxNrrInfos; i++) { diff --git a/src/core/loader/nca.cpp b/src/core/loader/nca.cpp index 2a32b1276b..ba7147475c 100644 --- a/src/core/loader/nca.cpp +++ b/src/core/loader/nca.cpp @@ -115,7 +115,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function // Initialize sha256 verification context. mbedtls_sha256_context ctx; mbedtls_sha256_init(&ctx); - mbedtls_sha256_starts_ret(&ctx, 0); + mbedtls_sha256_starts(&ctx, 0); // Ensure we maintain a clean state on exit. SCOPE_EXIT({ mbedtls_sha256_free(&ctx); }); @@ -131,7 +131,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function const size_t read_size = file->Read(buffer.data(), intended_read_size, processed_size); // Update the hash function with the buffer contents. - mbedtls_sha256_update_ret(&ctx, buffer.data(), read_size); + mbedtls_sha256_update(&ctx, buffer.data(), read_size); // Update counters. processed_size += read_size; @@ -144,7 +144,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function // Finalize context and compute the output hash. std::array output_hash; - mbedtls_sha256_finish_ret(&ctx, output_hash.data()); + mbedtls_sha256_finish(&ctx, output_hash.data()); // Compare to expected. if (std::memcmp(input_hash.data(), output_hash.data(), NcaSha256HalfHashLength) != 0) { diff --git a/src/dedicated_room/CMakeLists.txt b/src/dedicated_room/CMakeLists.txt index 136109a0c8..0d679310ba 100644 --- a/src/dedicated_room/CMakeLists.txt +++ b/src/dedicated_room/CMakeLists.txt @@ -15,7 +15,7 @@ if (ENABLE_WEB_SERVICE) target_link_libraries(yuzu-room PRIVATE web_service) endif() -target_link_libraries(yuzu-room PRIVATE mbedtls mbedcrypto) +target_link_libraries(yuzu-room PRIVATE MbedTLS::mbedcrypto) if (MSVC) target_link_libraries(yuzu-room PRIVATE getopt) endif()