mbedTLS: Update to mbedTLS 3.6.4

mbedTLS 2.28 is now EOL, and will no longer receive security updates. This commit backports from Godot 4 the changes needed to update to mbedTLS 3.6 (new LTS), including TLSv1.3 support. (cherry picked from commit 0770c9a4a3)
2025-07-07 15:37:41 +02:00
parent 137691b900
commit ec635fdfd7
296 changed files with 107020 additions and 37530 deletions
--- a/modules/mbedtls/SCsub
+++ b/modules/mbedtls/SCsub
@ -12,24 +12,24 @@ thirdparty_obj = []
 if env["builtin_mbedtls"]:
    thirdparty_sources = [
        "aes.c",
+        "aesce.c",
        "aesni.c",
-        "arc4.c",
        "aria.c",
        "asn1parse.c",
        "asn1write.c",
        "base64.c",
        "bignum.c",
-        "blowfish.c",
+        "bignum_core.c",
+        "bignum_mod_raw.c",
        "camellia.c",
        "ccm.c",
-        "certs.c",
        "chacha20.c",
        "chachapoly.c",
        "cipher.c",
        "cipher_wrap.c",
        "cmac.c",
-        "ctr_drbg.c",
        "constant_time.c",
+        "ctr_drbg.c",
        "debug.c",
        "des.c",
        "dhm.c",
@ -42,13 +42,10 @@ if env["builtin_mbedtls"]:
        "entropy_poll.c",
        "error.c",
        "gcm.c",
-        "havege.c",
        "hkdf.c",
        "hmac_drbg.c",
-        "md2.c",
-        "md4.c",
-        "md5.c",
        "md.c",
+        "md5.c",
        "memory_buffer_alloc.c",
        "mps_reader.c",
        "mps_trace.c",
@ -58,30 +55,53 @@ if env["builtin_mbedtls"]:
        "padlock.c",
        "pem.c",
        "pk.c",
-        "pkcs11.c",
+        "pk_ecc.c",
+        "pk_wrap.c",
        "pkcs12.c",
        "pkcs5.c",
+        "pkcs7.c",
        "pkparse.c",
-        "pk_wrap.c",
        "pkwrite.c",
        "platform.c",
        "platform_util.c",
        "poly1305.c",
+        "psa_crypto.c",
+        "psa_crypto_aead.c",
+        "psa_crypto_cipher.c",
+        "psa_crypto_client.c",
+        "psa_crypto_driver_wrappers_no_static.c",
+        "psa_crypto_ecp.c",
+        "psa_crypto_ffdh.c",
+        "psa_crypto_hash.c",
+        "psa_crypto_mac.c",
+        "psa_crypto_pake.c",
+        "psa_crypto_rsa.c",
+        "psa_crypto_se.c",
+        "psa_crypto_slot_management.c",
+        "psa_crypto_storage.c",
+        "psa_its_file.c",
+        "psa_util.c",
        "ripemd160.c",
        "rsa.c",
-        "rsa_internal.c",
+        "rsa_alt_helpers.c",
        "sha1.c",
+        "sha3.c",
        "sha256.c",
        "sha512.c",
        "ssl_cache.c",
        "ssl_ciphersuites.c",
-        "ssl_cli.c",
+        "ssl_client.c",
        "ssl_cookie.c",
+        "ssl_debug_helpers_generated.c",
        "ssl_msg.c",
-        "ssl_srv.c",
        "ssl_ticket.c",
        "ssl_tls.c",
+        "ssl_tls12_client.c",
+        "ssl_tls12_server.c",
+        "ssl_tls13_client.c",
+        "ssl_tls13_generic.c",
        "ssl_tls13_keys.c",
+        "ssl_tls13_server.c",
        "threading.c",
        "timing.c",
        "version.c",
@ -91,19 +111,22 @@ if env["builtin_mbedtls"]:
        "x509_crl.c",
        "x509_crt.c",
        "x509_csr.c",
+        "x509write.c",
        "x509write_crt.c",
        "x509write_csr.c",
-        "xtea.c",
    ]

    thirdparty_dir = "#thirdparty/mbedtls/library/"
    thirdparty_sources = [thirdparty_dir + file for file in thirdparty_sources]

    env_mbed_tls.Prepend(CPPPATH=["#thirdparty/mbedtls/include/"])
+    config_path = '\\"thirdparty/mbedtls/include/godot_module_mbedtls_config.h\\"'
+    env_mbed_tls.Append(CPPDEFINES=[("MBEDTLS_CONFIG_FILE", config_path)])

    env_thirdparty = env_mbed_tls.Clone()
    env_thirdparty.disable_warnings()
    env_thirdparty.add_source_files(thirdparty_obj, thirdparty_sources)
+    env_thirdparty.Depends(thirdparty_obj, "#thirdparty/mbedtls/include/godot_module_mbedtls_config.h")
    env.modules_sources += thirdparty_obj


--- a/modules/mbedtls/crypto_mbedtls.cpp
+++ b/modules/mbedtls/crypto_mbedtls.cpp
@ -71,7 +71,7 @@ Error CryptoKeyMbedTLS::load(String p_path, bool p_public_only) {
 	if (p_public_only) {
 		ret = mbedtls_pk_parse_public_key(&pkey, out.read().ptr(), out.size());
 	} else {
-		ret = mbedtls_pk_parse_key(&pkey, out.read().ptr(), out.size(), nullptr, 0);
+		ret = _parse_key(out.read().ptr(), out.size());
 	}
 	// We MUST zeroize the memory for safety!
 	mbedtls_platform_zeroize(out.write().ptr(), out.size());
@ -112,7 +112,7 @@ Error CryptoKeyMbedTLS::load_from_string(String p_string_key, bool p_public_only
 	if (p_public_only) {
 		ret = mbedtls_pk_parse_public_key(&pkey, (unsigned char *)p_string_key.utf8().get_data(), p_string_key.utf8().size());
 	} else {
-		ret = mbedtls_pk_parse_key(&pkey, (unsigned char *)p_string_key.utf8().get_data(), p_string_key.utf8().size(), nullptr, 0);
+		ret = _parse_key((unsigned char *)p_string_key.utf8().get_data(), p_string_key.utf8().size());
 	}
 	ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing key '" + itos(ret) + "'.");

@ -138,6 +138,25 @@ String CryptoKeyMbedTLS::save_to_string(bool p_public_only) {
 	return s;
 }

+int CryptoKeyMbedTLS::_parse_key(const uint8_t *p_buf, int p_size) {
+#if MBEDTLS_VERSION_MAJOR >= 3
+	mbedtls_entropy_context rng_entropy;
+	mbedtls_ctr_drbg_context rng_drbg;
+
+	mbedtls_ctr_drbg_init(&rng_drbg);
+	mbedtls_entropy_init(&rng_entropy);
+	int ret = mbedtls_ctr_drbg_seed(&rng_drbg, mbedtls_entropy_func, &rng_entropy, nullptr, 0);
+	ERR_FAIL_COND_V_MSG(ret != 0, ret, vformat("mbedtls_ctr_drbg_seed returned -0x%x\n", (unsigned int)-ret));
+
+	ret = mbedtls_pk_parse_key(&pkey, p_buf, p_size, nullptr, 0, mbedtls_ctr_drbg_random, &rng_drbg);
+	mbedtls_ctr_drbg_free(&rng_drbg);
+	mbedtls_entropy_free(&rng_entropy);
+	return ret;
+#else
+	return mbedtls_pk_parse_key(&pkey, p_buf, p_size, nullptr, 0);
+#endif
+}
+
 X509Certificate *X509CertificateMbedTLS::create() {
 	return memnew(X509CertificateMbedTLS);
 }
@ -267,10 +286,6 @@ Crypto *CryptoMbedTLS::create() {
 }

 void CryptoMbedTLS::initialize_crypto() {
-#ifdef DEBUG_ENABLED
-	mbedtls_debug_set_threshold(1);
-#endif
-
 	Crypto::_create = create;
 	Crypto::_load_default_certificates = load_default_certificates;
 	X509CertificateMbedTLS::make_default();
@ -360,12 +375,18 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK
 	mbedtls_x509write_crt_set_version(&crt, MBEDTLS_X509_CRT_VERSION_3);
 	mbedtls_x509write_crt_set_md_alg(&crt, MBEDTLS_MD_SHA256);

+	uint8_t rand_serial[20];
+	mbedtls_ctr_drbg_random(&ctr_drbg, rand_serial, sizeof(rand_serial));
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+	mbedtls_x509write_crt_set_serial_raw(&crt, rand_serial, sizeof(rand_serial));
+#else
+
 	mbedtls_mpi serial;
 	mbedtls_mpi_init(&serial);
-	uint8_t rand_serial[20];
-	mbedtls_ctr_drbg_random(&ctr_drbg, rand_serial, 20);
-	ERR_FAIL_COND_V(mbedtls_mpi_read_binary(&serial, rand_serial, 20), nullptr);
+	ERR_FAIL_COND_V(mbedtls_mpi_read_binary(&serial, rand_serial, sizeof(rand_serial)), nullptr);
 	mbedtls_x509write_crt_set_serial(&crt, &serial);
+#endif

 	mbedtls_x509write_crt_set_validity(&crt, p_not_before.utf8().get_data(), p_not_after.utf8().get_data());
 	mbedtls_x509write_crt_set_basic_constraints(&crt, 1, -1);
@ -374,7 +395,9 @@ Ref<X509Certificate> CryptoMbedTLS::generate_self_signed_certificate(Ref<CryptoK
 	unsigned char buf[4096];
 	memset(buf, 0, 4096);
 	int ret = mbedtls_x509write_crt_pem(&crt, buf, 4096, mbedtls_ctr_drbg_random, &ctr_drbg);
+#if MBEDTLS_VERSION_MAJOR < 3
 	mbedtls_mpi_free(&serial);
+#endif
 	mbedtls_x509write_crt_free(&crt);
 	ERR_FAIL_COND_V_MSG(ret != 0, nullptr, "Failed to generate certificate: " + itos(ret));
 	buf[4095] = '\0'; // Make sure strlen can't fail.
@ -418,9 +441,18 @@ Vector<uint8_t> CryptoMbedTLS::sign(HashingContext::HashType p_hash_type, Vector
 	ERR_FAIL_COND_V_MSG(!key.is_valid(), Vector<uint8_t>(), "Invalid key provided.");
 	ERR_FAIL_COND_V_MSG(key->is_public_only(), Vector<uint8_t>(), "Invalid key provided. Cannot sign with public_only keys.");
 	size_t sig_size = 0;
+#if MBEDTLS_VERSION_MAJOR >= 3
+	unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
+#else
 	unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+#endif
 	Vector<uint8_t> out;
-	int ret = mbedtls_pk_sign(&(key->pkey), type, p_hash.ptr(), size, buf, &sig_size, mbedtls_ctr_drbg_random, &ctr_drbg);
+	int ret = mbedtls_pk_sign(&(key->pkey), type, p_hash.ptr(), size, buf,
+#if MBEDTLS_VERSION_MAJOR >= 3
+			sizeof(buf),
+#endif
+			&sig_size, mbedtls_ctr_drbg_random, &ctr_drbg);
+
 	ERR_FAIL_COND_V_MSG(ret, out, "Error while signing: " + itos(ret));
 	out.resize(sig_size);
 	memcpy(out.ptrw(), buf, sig_size);
--- a/modules/mbedtls/crypto_mbedtls.h
+++ b/modules/mbedtls/crypto_mbedtls.h
@ -46,6 +46,8 @@ private:
 	int locks = 0;
 	bool public_only = true;

+	int _parse_key(const uint8_t *p_buf, int p_size);
+
 public:
 	static CryptoKey *create();
 	static void make_default() { CryptoKey::_create = create; }
--- a/modules/mbedtls/register_types.cpp
+++ b/modules/mbedtls/register_types.cpp
@ -35,7 +35,67 @@
 #include "packet_peer_mbed_dtls.h"
 #include "stream_peer_mbedtls.h"

+#include "core/project_settings.h"
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+#include <psa/crypto.h>
+#endif
+
+static bool godot_mbedtls_initialized = false;
+
+#ifdef GODOT_MBEDTLS_THREADING_ALT
+extern "C" {
+void godot_mbedtls_mutex_init(mbedtls_threading_mutex_t *p_mutex) {
+	ERR_FAIL_NULL(p_mutex);
+	p_mutex->mutex = memnew(Mutex);
+}
+
+void godot_mbedtls_mutex_free(mbedtls_threading_mutex_t *p_mutex) {
+	ERR_FAIL_NULL(p_mutex);
+	ERR_FAIL_NULL(p_mutex->mutex);
+	memdelete((Mutex *)p_mutex->mutex);
+}
+
+int godot_mbedtls_mutex_lock(mbedtls_threading_mutex_t *p_mutex) {
+	ERR_FAIL_NULL_V(p_mutex, MBEDTLS_ERR_THREADING_BAD_INPUT_DATA);
+	ERR_FAIL_NULL_V(p_mutex->mutex, MBEDTLS_ERR_THREADING_BAD_INPUT_DATA);
+	((Mutex *)p_mutex->mutex)->lock();
+	return 0;
+}
+
+int godot_mbedtls_mutex_unlock(mbedtls_threading_mutex_t *p_mutex) {
+	ERR_FAIL_NULL_V(p_mutex, MBEDTLS_ERR_THREADING_BAD_INPUT_DATA);
+	ERR_FAIL_NULL_V(p_mutex->mutex, MBEDTLS_ERR_THREADING_BAD_INPUT_DATA);
+	((Mutex *)p_mutex->mutex)->unlock();
+	return 0;
+}
+};
+#endif
+
 void register_mbedtls_types() {
+	GLOBAL_DEF("network/ssl/enable_tls_v1.3", true);
+
+#ifdef GODOT_MBEDTLS_THREADING_ALT
+	mbedtls_threading_set_alt(
+			godot_mbedtls_mutex_init,
+			godot_mbedtls_mutex_free,
+			godot_mbedtls_mutex_lock,
+			godot_mbedtls_mutex_unlock);
+#endif
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+	int status = psa_crypto_init();
+	ERR_FAIL_COND_MSG(status != PSA_SUCCESS, "Failed to initialize psa crypto. The mbedTLS modules will not work.");
+#endif
+
+#ifdef DEBUG_ENABLED
+	if (OS::get_singleton()->is_stdout_verbose()) {
+		mbedtls_debug_set_threshold(1);
+	}
+#endif
+
+	godot_mbedtls_initialized = true;
+
 	CryptoMbedTLS::initialize_crypto();
 	StreamPeerMbedTLS::initialize_ssl();
 	PacketPeerMbedDTLS::initialize_dtls();
@ -43,8 +103,18 @@ void register_mbedtls_types() {
 }

 void unregister_mbedtls_types() {
-	DTLSServerMbedTLS::finalize();
-	PacketPeerMbedDTLS::finalize_dtls();
-	StreamPeerMbedTLS::finalize_ssl();
-	CryptoMbedTLS::finalize_crypto();
+	if (godot_mbedtls_initialized) {
+		DTLSServerMbedTLS::finalize();
+		PacketPeerMbedDTLS::finalize_dtls();
+		StreamPeerMbedTLS::finalize_ssl();
+		CryptoMbedTLS::finalize_crypto();
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+		mbedtls_psa_crypto_free();
+#endif
+	}
+
+#ifdef GODOT_MBEDTLS_THREADING_ALT
+	mbedtls_threading_free_alt();
+#endif
 }
--- a/modules/mbedtls/ssl_context_mbedtls.cpp
+++ b/modules/mbedtls/ssl_context_mbedtls.cpp
@ -30,6 +30,12 @@

 #include "ssl_context_mbedtls.h"

+#include "core/project_settings.h"
+
+#ifdef TOOLS_ENABLED
+#include "editor/editor_settings.h"
+#endif
+
 static void my_debug(void *ctx, int level,
 		const char *file, int line,
 		const char *str) {
@ -147,6 +153,22 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<Crypto
 		cookies = p_cookies;
 		mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &(cookies->cookie_ctx));
 	}
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+#ifdef TOOLS_ENABLED
+	if (EditorSettings::get_singleton()) {
+		if (!EditorSettings::get_singleton()->get_setting("network/ssl/enable_tls_v1.3").operator bool()) {
+			mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
+		}
+	} else
+#endif
+	{
+		if (!GLOBAL_GET("network/ssl/enable_tls_v1.3").operator bool()) {
+			mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
+		}
+	}
+#endif
+
 	mbedtls_ssl_setup(&ssl, &conf);
 	return OK;
 }
@ -173,6 +195,22 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509Ce

 	// Set valid CAs
 	mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), nullptr);
+
+#if MBEDTLS_VERSION_MAJOR >= 3
+#ifdef TOOLS_ENABLED
+	if (EditorSettings::get_singleton()) {
+		if (!EditorSettings::get_singleton()->get_setting("network/ssl/enable_tls_v1.3").operator bool()) {
+			mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
+		}
+	} else
+#endif
+	{
+		if (!GLOBAL_GET("network/ssl/enable_tls_v1.3").operator bool()) {
+			mbedtls_ssl_conf_max_tls_version(&conf, MBEDTLS_SSL_VERSION_TLS1_2);
+		}
+	}
+#endif
+
 	mbedtls_ssl_setup(&ssl, &conf);
 	return OK;
 }
--- a/modules/mbedtls/ssl_context_mbedtls.h
+++ b/modules/mbedtls/ssl_context_mbedtls.h
@ -37,7 +37,6 @@
 #include "core/pool_vector.h"
 #include "core/reference.h"

-#include <mbedtls/config.h>
 #include <mbedtls/ctr_drbg.h>
 #include <mbedtls/debug.h>
 #include <mbedtls/entropy.h>