Calchan/eden
1
0
Fork 0
forked from eden-emu/eden
Code Pull requests Activity

[cmake, core] refactor: update mbedtls and make YUZU_USE_CPM better (#485)

Browse source 
update mbedtls functors to support mbedtls3 signatures

moved some vulkan stuff from externals to root, yuzu_use_cpm manages
them now

needs testing:
- all key/derivation related things
- nca verification
- game loading/updates/stuff

Reviewed-on: eden-emu/eden#485
Reviewed-by: MaranBr <maranbr@eden-emu.dev>
This commit is contained in:
crueter 2025-09-15 04:22:15 +02:00
parent 28d26b0d76
commit d207df959a
Signed by untrusted user: crueter
GPG key ID: 425ACD2D4830EBC6
16 changed files with 114 additions and 139 deletions
Download patch file Download diff file Expand all files Collapse all files

36
CMakeLists.txt
View file

@ -159,8 +159,6 @@ option(ENABLE_WEB_SERVICE "Enable web services (telemetry, etc.)" ON)
option(ENABLE_WIFI_SCAN "Enable WiFi scanning" OFF)
option(YUZU_USE_BUNDLED_FFMPEG "Download/Build bundled FFmpeg" ${EXT_DEFAULT})
option(YUZU_USE_EXTERNAL_VULKAN_UTILITY_LIBRARIES "Use Vulkan Utility Headers from externals" ${EXT_DEFAULT})
option(YUZU_USE_EXTERNAL_VULKAN_SPIRV_TOOLS "Use SPIRV-Tools from externals" ${EXT_DEFAULT})
option(YUZU_USE_QT_MULTIMEDIA "Use QtMultimedia for Camera" OFF)
@ -172,8 +170,6 @@ option(ENABLE_CUBEB "Enables the cubeb audio backend" ON)
CMAKE_DEPENDENT_OPTION(USE_DISCORD_PRESENCE "Enables Discord Rich Presence" OFF "ENABLE_QT" OFF)
option(ENABLE_MICROPROFILE "Enables microprofile capabilities" OFF)
option(YUZU_TESTS "Compile tests" "${BUILD_TESTING}")
option(YUZU_USE_PRECOMPILED_HEADERS "Use precompiled headers" ${EXT_DEFAULT})
@ -455,6 +451,28 @@ if (YUZU_USE_CPM)
)
endif()
endif()
# VulkanUtilityHeaders - pulls in headers and utility libs
AddJsonPackage(vulkan-utility-headers)
# small hack
if (NOT VulkanUtilityLibraries_ADDED)
find_package(VulkanHeaders 1.3.274 REQUIRED)
endif()
# SPIRV Headers
AddJsonPackage(spirv-headers)
# SPIRV Tools
AddJsonPackage(spirv-tools)
if (SPIRV-Tools_ADDED)
add_library(SPIRV-Tools::SPIRV-Tools ALIAS SPIRV-Tools-static)
target_link_libraries(SPIRV-Tools-static PRIVATE SPIRV-Tools-opt SPIRV-Tools-link)
endif()
# mbedtls
AddJsonPackage(mbedtls)
else()
# Enforce the search mode of non-required packages for better and shorter failure messages
find_package(fmt 8 REQUIRED)
@ -467,7 +485,13 @@ else()
find_package(Opus 1.3 MODULE REQUIRED)
find_package(ZLIB 1.2 REQUIRED)
find_package(zstd 1.5 REQUIRED MODULE)
find_package(Boost 1.79.0 REQUIRED headers context system fiber)
find_package(Boost 1.57.0 REQUIRED context system fiber)
find_package(MbedTLS 3)
find_package(VulkanUtilityLibraries REQUIRED)
find_package(VulkanHeaders 1.3.274 REQUIRED)
find_package(SPIRV-Tools MODULE REQUIRED)
find_package(SPIRV-Headers 1.3.274 REQUIRED)
if (YUZU_TESTS)
find_package(Catch2 3.0.1 REQUIRED)
@ -594,10 +618,8 @@ endfunction()
add_subdirectory(externals)
# pass targets from externals
find_package(VulkanUtilityLibraries)
find_package(libusb)
find_package(VulkanMemoryAllocator)
find_package(SPIRV-Tools)
if (ARCHITECTURE_x86 OR ARCHITECTURE_x86_64)
find_package(xbyak)

17
CMakeModules/Findmbedtls.cmake
View file

@ -1,17 +0,0 @@
# SPDX-FileCopyrightText: 2025 Eden Emulator Project
# SPDX-License-Identifier: GPL-3.0-or-later
include(FindPackageHandleStandardArgs)
find_package(PkgConfig QUIET)
pkg_search_module(mbedtls QUIET IMPORTED_TARGET mbedtls)
find_package_handle_standard_args(mbedtls
REQUIRED_VARS mbedtls_LINK_LIBRARIES
VERSION_VAR mbedtls_VERSION
)
pkg_search_module(mbedcrypto QUIET IMPORTED_TARGET mbedcrypto)
find_package_handle_standard_args(mbedcrypto
REQUIRED_VARS mbedcrypto_LINK_LIBRARIES
VERSION_VAR mbedcrypto_VERSION
)

36
cpmfile.json
View file

@ -91,6 +91,42 @@
"OPUS_PRESUME_NEON ON"
]
},
"vulkan-utility-headers": {
"package": "VulkanUtilityLibraries",
"repo": "scripts/VulkanUtilityHeaders",
"tag": "1.4.326",
"artifact": "VulkanUtilityHeaders.tar.zst",
"git_host": "git.crueter.xyz",
"hash": "5924629755cb1605c4aa4eee20ef7957a9dd8d61e4df548be656d98054f2730c4109693c1bd35811f401f4705d2ccff9fc849be32b0d8480bc3f73541a5e0964"
},
"spirv-tools": {
"package": "SPIRV-Tools",
"repo": "KhronosGroup/SPIRV-Tools",
"sha": "40eb301f32",
"hash": "58d0fb1047d69373cf24c73e6f78c73a72a6cca3b4df1d9f083b9dcc0962745ef154abf3dbe9b3623b835be20c6ec769431cf11733349f45e7568b3525f707aa",
"find_args": "MODULE",
"options": [
"SPIRV_SKIP_EXECUTABLES ON"
]
},
"spirv-headers": {
"package": "SPIRV-Headers",
"repo": "KhronosGroup/SPIRV-Headers",
"sha": "4e209d3d7e",
"hash": "f48bbe18341ed55ea0fe280dbbbc0a44bf222278de6e716e143ca1e95ca320b06d4d23d6583fbf8d03e1428f3dac8fa00e5b82ddcd6b425e6236d85af09550a4",
"options": [
"SPIRV_WERROR OFF"
]
},
"mbedtls": {
"package": "MbedTLS",
"repo": "Mbed-TLS/mbedtls",
"tag": "mbedtls-%VERSION%",
"hash": "6671fb8fcaa832e5b115dfdce8f78baa6a4aea71f5c89a640583634cdee27aefe3bf4be075744da91f7c3ae5ea4e0c765c8fc3937b5cfd9ea73d87ef496524da",
"version": "3",
"git_version": "3.6.4",
"artifact": "%TAG%.tar.bz2"
},
"cubeb": {
"repo": "mozilla/cubeb",
"sha": "fa02160712",

76
externals/CMakeLists.txt vendored
View file

@ -54,36 +54,27 @@ endif()
# Glad
add_subdirectory(glad)
# mbedtls
AddJsonPackage(mbedtls)
if (mbedtls_ADDED)
target_include_directories(mbedtls PUBLIC ${mbedtls_SOURCE_DIR}/include)
if (NOT MSVC)
target_compile_options(mbedcrypto PRIVATE
-Wno-unused-but-set-variable
-Wno-string-concatenation
)
elseif(CXX_CLANG)
foreach(TARGET mbedtls mbedcrypto mbedx509)
target_compile_options(${TARGET} PRIVATE
-w
)
endforeach()
endif()
endif()
# libusb
if (ENABLE_LIBUSB)
add_subdirectory(libusb)
endif()
# Sirit
# TODO(crueter): spirv-tools doesn't work w/ system
set(SPIRV_WERROR OFF)
AddJsonPackage(spirv-headers)
# VMA
AddJsonPackage(vulkan-memory-allocator)
if (VulkanMemoryAllocator_ADDED)
if (CXX_CLANG)
target_compile_options(VulkanMemoryAllocator INTERFACE
-Wno-unused-variable
)
elseif(MSVC)
target_compile_options(VulkanMemoryAllocator INTERFACE
/wd4189
)
endif()
endif()
# Sirit
AddJsonPackage(sirit)
if(MSVC AND USE_CCACHE AND sirit_ADDED)
@ -117,46 +108,9 @@ if (YUZU_USE_BUNDLED_FFMPEG)
set(FFmpeg_INCLUDE_DIR "${FFmpeg_INCLUDE_DIR}" PARENT_SCOPE)
endif()
# VulkanUtilityHeaders - pulls in headers and utility libs
AddJsonPackage(
NAME vulkan-utility-headers
BUNDLED_PACKAGE ${YUZU_USE_EXTERNAL_VULKAN_UTILITY_LIBRARIES}
)
# small hack
if (NOT VulkanUtilityLibraries_ADDED)
find_package(VulkanHeaders 1.3.274 REQUIRED)
endif()
# SPIRV Tools
AddJsonPackage(
NAME spirv-tools
BUNDLED_PACKAGE ${YUZU_USE_EXTERNAL_VULKAN_SPIRV_TOOLS}
)
if (SPIRV-Tools_ADDED)
add_library(SPIRV-Tools::SPIRV-Tools ALIAS SPIRV-Tools-static)
target_link_libraries(SPIRV-Tools-static PRIVATE SPIRV-Tools-opt SPIRV-Tools-link)
endif()
# TZDB (Time Zone Database)
add_subdirectory(nx_tzdb)
# VMA
AddJsonPackage(vulkan-memory-allocator)
if (VulkanMemoryAllocator_ADDED)
if (CXX_CLANG)
target_compile_options(VulkanMemoryAllocator INTERFACE
-Wno-unused-variable
)
elseif(MSVC)
target_compile_options(VulkanMemoryAllocator INTERFACE
/wd4189
)
endif()
endif()
if (NOT TARGET LLVM::Demangle)
add_library(demangle demangle/ItaniumDemangle.cpp)
target_include_directories(demangle PUBLIC ./demangle)

42
externals/cpmfile.json vendored
View file

@ -1,15 +1,10 @@
{
"mbedtls": {
"repo": "eden-emulator/mbedtls",
"sha": "ce4f81f4a9",
"hash": "f2e7f887651b28745e508149214d409fd7cfdb92cb94b4146b47ff1e0fc09e47143f203ac18e34c2c1814b5bd031d04c74828676c0d4342920a2ddb7fd35e9a5",
"find_args": "MODULE"
},
"spirv-headers": {
"package": "SPIRV-Headers",
"repo": "KhronosGroup/SPIRV-Headers",
"sha": "4e209d3d7e",
"hash": "f48bbe18341ed55ea0fe280dbbbc0a44bf222278de6e716e143ca1e95ca320b06d4d23d6583fbf8d03e1428f3dac8fa00e5b82ddcd6b425e6236d85af09550a4"
"vulkan-memory-allocator": {
"package": "VulkanMemoryAllocator",
"repo": "GPUOpen-LibrariesAndSDKs/VulkanMemoryAllocator",
"sha": "1076b348ab",
"hash": "a46b44e4286d08cffda058e856c47f44c7fed3da55fe9555976eb3907fdcc20ead0b1860b0c38319cda01dbf9b1aa5d4b4038c7f1f8fbd97283d837fa9af9772",
"find_args": "CONFIG"
},
"sirit": {
"repo": "eden-emulator/sirit",
@ -35,31 +30,6 @@
"CPP_JWT_USE_VENDORED_NLOHMANN_JSON OFF"
]
},
"vulkan-utility-headers": {
"package": "VulkanUtilityLibraries",
"repo": "scripts/VulkanUtilityHeaders",
"tag": "1.4.326",
"artifact": "VulkanUtilityHeaders.tar.zst",
"git_host": "git.crueter.xyz",
"hash": "5924629755cb1605c4aa4eee20ef7957a9dd8d61e4df548be656d98054f2730c4109693c1bd35811f401f4705d2ccff9fc849be32b0d8480bc3f73541a5e0964"
},
"vulkan-memory-allocator": {
"package": "VulkanMemoryAllocator",
"repo": "GPUOpen-LibrariesAndSDKs/VulkanMemoryAllocator",
"sha": "1076b348ab",
"hash": "a46b44e4286d08cffda058e856c47f44c7fed3da55fe9555976eb3907fdcc20ead0b1860b0c38319cda01dbf9b1aa5d4b4038c7f1f8fbd97283d837fa9af9772",
"find_args": "CONFIG"
},
"spirv-tools": {
"package": "SPIRV-Tools",
"repo": "KhronosGroup/SPIRV-Tools",
"sha": "40eb301f32",
"hash": "58d0fb1047d69373cf24c73e6f78c73a72a6cca3b4df1d9f083b9dcc0962745ef154abf3dbe9b3623b835be20c6ec769431cf11733349f45e7568b3525f707aa",
"find_args": "MODULE",
"options": [
"SPIRV_SKIP_EXECUTABLES ON"
]
},
"xbyak_sun": {
"package": "xbyak",
"repo": "herumi/xbyak",

12
externals/libusb/CMakeLists.txt vendored
View file

@ -3,7 +3,17 @@
include(CPMUtil)
AddJsonPackage(libusb)
if (PLATFORM_SUN OR PLATFORM_OPENBSD OR PLATFORM_FREEBSD)
set(libusb_bundled ON)
else()
set(libusb_bundled OFF)
endif()
# TODO(crueter): Fix on *BSD/Solaris
AddJsonPackage(
NAME libusb
BUNDLED_PACKAGE ${libusb_bundled}
)
if (NOT libusb_ADDED)
return()

2
src/core/CMakeLists.txt
View file

@ -1200,7 +1200,7 @@ else()
target_link_libraries(core PUBLIC Boost::headers)
endif()
target_link_libraries(core PRIVATE fmt::fmt nlohmann_json::nlohmann_json RenderDoc::API mbedtls mbedcrypto)
target_link_libraries(core PRIVATE fmt::fmt nlohmann_json::nlohmann_json RenderDoc::API MbedTLS::mbedcrypto MbedTLS::mbedtls)
if (MINGW)
target_link_libraries(core PRIVATE ${MSWSOCK_LIBRARY})
endif()

2
src/core/crypto/aes_util.h
View file

@ -16,7 +16,7 @@ struct CipherContext;
enum class Mode {
CTR = 11,
ECB = 2,
XTS = 70,
XTS = 74,
};
enum class Op {

2
src/core/crypto/key_manager.cpp
View file

@ -539,7 +539,7 @@ static std::array<u8, target_size> MGF1(const std::array<u8, in_size>& seed) {
while (out.size() < target_size) {
out.resize(out.size() + 0x20);
seed_exp[in_size + 3] = static_cast<u8>(i);
mbedtls_sha256_ret(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0);
mbedtls_sha256(seed_exp.data(), seed_exp.size(), out.data() + out.size() - 0x20, 0);
++i;
}

4
src/core/crypto/partition_data_manager.cpp
View file

@ -178,7 +178,7 @@ std::array<u8, key_size> FindKeyFromHex(const std::vector<u8>& binary,
std::array<u8, 0x20> temp{};
for (size_t i = 0; i < binary.size() - key_size; ++i) {
mbedtls_sha256_ret(binary.data() + i, key_size, temp.data(), 0);
mbedtls_sha256(binary.data() + i, key_size, temp.data(), 0);
if (temp != hash)
continue;
@ -206,7 +206,7 @@ static std::array<Key128, 0x20> FindEncryptedMasterKeyFromHex(const std::vector<
AESCipher<Key128> cipher(key, Mode::ECB);
for (size_t i = 0; i < binary.size() - 0x10; ++i) {
cipher.Transcode(binary.data() + i, dec_temp.size(), dec_temp.data(), Op::Decrypt);
mbedtls_sha256_ret(dec_temp.data(), dec_temp.size(), temp.data(), 0);
mbedtls_sha256(dec_temp.data(), dec_temp.size(), temp.data(), 0);
for (size_t k = 0; k < out.size(); ++k) {
if (temp == master_key_hashes[k]) {

10
src/core/file_sys/registered_cache.cpp
View file

@ -64,7 +64,7 @@ static std::string GetRelativePathFromNcaID(const std::array<u8, 16>& nca_id, bo
}
Core::Crypto::SHA256Hash hash{};
mbedtls_sha256_ret(nca_id.data(), nca_id.size(), hash.data(), 0);
mbedtls_sha256(nca_id.data(), nca_id.size(), hash.data(), 0);
const auto format_str =
fmt::runtime(cnmt_suffix ? "/000000{:02X}/{}.cnmt.nca" : "/000000{:02X}/{}.nca");
@ -146,7 +146,7 @@ bool PlaceholderCache::Create(const NcaID& id, u64 size) const {
}
Core::Crypto::SHA256Hash hash{};
mbedtls_sha256_ret(id.data(), id.size(), hash.data(), 0);
mbedtls_sha256(id.data(), id.size(), hash.data(), 0);
const auto dirname = fmt::format("000000{:02X}", hash[0]);
const auto dir2 = GetOrCreateDirectoryRelative(dir, dirname);
@ -170,7 +170,7 @@ bool PlaceholderCache::Delete(const NcaID& id) const {
}
Core::Crypto::SHA256Hash hash{};
mbedtls_sha256_ret(id.data(), id.size(), hash.data(), 0);
mbedtls_sha256(id.data(), id.size(), hash.data(), 0);
const auto dirname = fmt::format("000000{:02X}", hash[0]);
const auto dir2 = GetOrCreateDirectoryRelative(dir, dirname);
@ -665,7 +665,7 @@ InstallResult RegisteredCache::InstallEntry(const NCA& nca, TitleType type,
const OptionalHeader opt_header{0, 0};
ContentRecord c_rec{{}, {}, {}, GetCRTypeFromNCAType(nca.GetType()), {}};
const auto& data = nca.GetBaseFile()->ReadBytes(0x100000);
mbedtls_sha256_ret(data.data(), data.size(), c_rec.hash.data(), 0);
mbedtls_sha256(data.data(), data.size(), c_rec.hash.data(), 0);
std::memcpy(&c_rec.nca_id, &c_rec.hash, 16);
const CNMT new_cnmt(header, opt_header, {c_rec}, {});
if (!RawInstallYuzuMeta(new_cnmt)) {
@ -776,7 +776,7 @@ InstallResult RegisteredCache::RawInstallNCA(const NCA& nca, const VfsCopyFuncti
id = *override_id;
} else {
const auto& data = in->ReadBytes(0x100000);
mbedtls_sha256_ret(data.data(), data.size(), hash.data(), 0);
mbedtls_sha256(data.data(), data.size(), hash.data(), 0);
memcpy(id.data(), hash.data(), 16);
}

2
src/core/file_sys/xts_archive.cpp
View file

@ -68,7 +68,7 @@ NAX::NAX(VirtualFile file_, std::array<u8, 0x10> nca_id)
: header(std::make_unique<NAXHeader>()),
file(std::move(file_)), keys{Core::Crypto::KeyManager::Instance()} {
Core::Crypto::SHA256Hash hash{};
mbedtls_sha256_ret(nca_id.data(), nca_id.size(), hash.data(), 0);
mbedtls_sha256(nca_id.data(), nca_id.size(), hash.data(), 0);
status = Parse(fmt::format("/registered/000000{:02X}/{}.nca", hash[0],
Common::HexToString(nca_id, false)));
}

2
src/core/hle/service/bcat/delivery_cache_directory_service.cpp
View file

@ -15,7 +15,7 @@ namespace Service::BCAT {
static BcatDigest DigestFile(const FileSys::VirtualFile& file) {
BcatDigest out{};
const auto bytes = file->ReadAllBytes();
mbedtls_md5_ret(bytes.data(), bytes.size(), out.data());
mbedtls_md5(bytes.data(), bytes.size(), out.data());
return out;
}

2
src/core/hle/service/ro/ro.cpp
View file

@ -178,7 +178,7 @@ struct ProcessContext {
std::vector<u8> nro_data(size);
m_process->GetMemory().ReadBlock(base_address, nro_data.data(), size);
mbedtls_sha256_ret(nro_data.data(), size, hash.data(), 0);
mbedtls_sha256(nro_data.data(), size, hash.data(), 0);
}
for (size_t i = 0; i < MaxNrrInfos; i++) {

6
src/core/loader/nca.cpp
View file

@ -150,7 +150,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function<bool(size_t, size_t)>
// Initialize sha256 verification context.
mbedtls_sha256_context ctx;
mbedtls_sha256_init(&ctx);
mbedtls_sha256_starts_ret(&ctx, 0);
mbedtls_sha256_starts(&ctx, 0);
// Ensure we maintain a clean state on exit.
SCOPE_EXIT {
@ -168,7 +168,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function<bool(size_t, size_t)>
const size_t read_size = file->Read(buffer.data(), intended_read_size, processed_size);
// Update the hash function with the buffer contents.
mbedtls_sha256_update_ret(&ctx, buffer.data(), read_size);
mbedtls_sha256_update(&ctx, buffer.data(), read_size);
// Update counters.
processed_size += read_size;
@ -181,7 +181,7 @@ ResultStatus AppLoader_NCA::VerifyIntegrity(std::function<bool(size_t, size_t)>
// Finalize context and compute the output hash.
std::array<u8, NcaSha256HashLength> output_hash;
mbedtls_sha256_finish_ret(&ctx, output_hash.data());
mbedtls_sha256_finish(&ctx, output_hash.data());
// Compare to expected.
if (std::memcmp(input_hash.data(), output_hash.data(), NcaSha256HalfHashLength) != 0) {

2
src/dedicated_room/CMakeLists.txt
View file

@ -20,7 +20,7 @@ if (ENABLE_WEB_SERVICE)
target_link_libraries(yuzu-room PRIVATE web_service)
endif()
target_link_libraries(yuzu-room PRIVATE mbedtls mbedcrypto)
target_link_libraries(yuzu-room PRIVATE MbedTLS::mbedcrypto MbedTLS::mbedtls)
if (MSVC)
target_link_libraries(yuzu-room PRIVATE getopt)
endif()