From 3de73d024942a5cdf4ce279ab7424d359cebea32 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Verschelde?= <rverschelde@gmail.com>
Date: Sun, 10 Mar 2024 00:05:03 +0100
Subject: [PATCH] mbedtls: Backport Windows fix to use bcrypt for entropy

We had a slightly older version of it for UWP, as the wincrypt API isn't allowed there.
We removed this with UWP in #81416, but since this was enabled inconditionally before,
this actually changed behavior for Windows compared to Godot 4.1 and earlier.

This change is also needed to properly supported Windows Store.

(cherry picked from commit b9d008de3d171fa7da763616161b462ed8815a58)
---
 thirdparty/README.md                          | 16 +++---
 thirdparty/mbedtls/library/entropy_poll.c     | 37 ++++--------
 thirdparty/mbedtls/patches/1453.diff          | 53 ------------------
 .../patches/windows-entropy-bcrypt.diff       | 56 +++++++++++++++++++
 4 files changed, 76 insertions(+), 86 deletions(-)
 delete mode 100644 thirdparty/mbedtls/patches/1453.diff
 create mode 100644 thirdparty/mbedtls/patches/windows-entropy-bcrypt.diff

diff --git a/thirdparty/README.md b/thirdparty/README.md
index c3038b453ac..14fd960362b 100644
--- a/thirdparty/README.md
+++ b/thirdparty/README.md
@@ -370,18 +370,18 @@ Patch `godot-node-debug-fix.patch` workarounds shadowing of godot's Node class i
 ## mbedtls
 
 - Upstream: https://github.com/Mbed-TLS/mbedtls
-- Version: 2.28.4 (aeb97a18913a86f051afab11b2c92c6be0c2eb83, 2023)
+- Version: 2.28.5 (47e8cc9db2e469d902b0e3093ae9e482c3d87188, 2023)
 - License: Apache 2.0
 
 File extracted from upstream release tarball:
 
-- All `*.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/` except `config_psa.h` and `psa_util.h`.
-- All `*.c` and `*.h` from `library/` to `thirdparty/mbedtls/library/` except those starting with `psa_*`.
-- The `LICENSE` file.
-- Applied the patch in `patches/1453.diff` to fix UWP build (upstream PR:
-  https://github.com/ARMmbed/mbedtls/pull/1453).
-  Applied the patch in `patches/windows-arm64-hardclock.diff`.
-  Applied the patch in `aesni-no-arm-intrinsics.patch` to fix MSVC ARM build.
+- All `.h` from `include/mbedtls/` to `thirdparty/mbedtls/include/mbedtls/`
+  except `config_psa.h` and `psa_util.h`
+- All `.c` and `.h` from `library/` to `thirdparty/mbedtls/library/` except
+  those starting with `psa_*`
+- The `LICENSE` file
+- Applied the patch `windows-arm64-hardclock.diff` to fix Windows ARM64 build
+  Applied the patch `windows-entropy-bcrypt.diff` to fix Windows Store support
 - Added 2 files `godot_core_mbedtls_platform.c` and `godot_core_mbedtls_config.h`
   providing configuration for light bundling with core.
 - Added the file `godot_module_mbedtls_config.h` to customize the build configuration when bundling the full library.
diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c
index 57fddd4d62b..fec2abc2e43 100644
--- a/thirdparty/mbedtls/library/entropy_poll.c
+++ b/thirdparty/mbedtls/library/entropy_poll.c
@@ -51,46 +51,33 @@
 
 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
 
-#if !defined(_WIN32_WINNT)
-#define _WIN32_WINNT 0x0400
-#endif
 #include <windows.h>
 #include <bcrypt.h>
-#if defined(_MSC_VER) && _MSC_VER <= 1600
-/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and
- * <intsafe.h> are included, as they redefine a number of <TYPE>_MAX constants.
- * These constants are guaranteed to be the same, though, so we suppress the
- * warning when including intsafe.h.
- */
-#pragma warning( push )
-#pragma warning( disable : 4005 )
-#endif
 #include <intsafe.h>
-#if defined(_MSC_VER) && _MSC_VER <= 1600
-#pragma warning( pop )
-#endif
 
 int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
                                   size_t *olen)
 {
-    ULONG len_as_ulong = 0;
     ((void) data);
     *olen = 0;
 
     /*
      * BCryptGenRandom takes ULONG for size, which is smaller than size_t on
-     * 64-bit Windows platforms. Ensure len's value can be safely converted into
-     * a ULONG.
+     * 64-bit Windows platforms. Extract entropy in chunks of len (dependent
+     * on ULONG_MAX) size.
      */
-    if (FAILED(SizeTToULong(len, &len_as_ulong))) {
-        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-    }
+    while (len != 0) {
+        unsigned long ulong_bytes =
+            (len > ULONG_MAX) ? ULONG_MAX : (unsigned long) len;
 
-    if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
-        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-    }
+        if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, ulong_bytes,
+                                            BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
+            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+        }
 
-    *olen = len;
+        *olen += ulong_bytes;
+        len -= ulong_bytes;
+    }
 
     return 0;
 }
diff --git a/thirdparty/mbedtls/patches/1453.diff b/thirdparty/mbedtls/patches/1453.diff
deleted file mode 100644
index a29a928dd3f..00000000000
--- a/thirdparty/mbedtls/patches/1453.diff
+++ /dev/null
@@ -1,53 +0,0 @@
-diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c
-index 3420616a06..57fddd4d62 100644
---- a/thirdparty/mbedtls/library/entropy_poll.c
-+++ b/thirdparty/mbedtls/library/entropy_poll.c
-@@ -55,26 +55,41 @@
- #define _WIN32_WINNT 0x0400
- #endif
- #include <windows.h>
--#include <wincrypt.h>
-+#include <bcrypt.h>
-+#if defined(_MSC_VER) && _MSC_VER <= 1600
-+/* Visual Studio 2010 and earlier issue a warning when both <stdint.h> and
-+ * <intsafe.h> are included, as they redefine a number of <TYPE>_MAX constants.
-+ * These constants are guaranteed to be the same, though, so we suppress the
-+ * warning when including intsafe.h.
-+ */
-+#pragma warning( push )
-+#pragma warning( disable : 4005 )
-+#endif
-+#include <intsafe.h>
-+#if defined(_MSC_VER) && _MSC_VER <= 1600
-+#pragma warning( pop )
-+#endif
- 
- int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
-                                   size_t *olen)
- {
--    HCRYPTPROV provider;
-+    ULONG len_as_ulong = 0;
-     ((void) data);
-     *olen = 0;
- 
--    if (CryptAcquireContext(&provider, NULL, NULL,
--                            PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) {
-+    /*
-+     * BCryptGenRandom takes ULONG for size, which is smaller than size_t on
-+     * 64-bit Windows platforms. Ensure len's value can be safely converted into
-+     * a ULONG.
-+     */
-+    if (FAILED(SizeTToULong(len, &len_as_ulong))) {
-         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-     }
- 
--    if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) {
--        CryptReleaseContext(provider, 0);
-+    if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, len_as_ulong, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
-         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
-     }
- 
--    CryptReleaseContext(provider, 0);
-     *olen = len;
- 
-     return 0;
diff --git a/thirdparty/mbedtls/patches/windows-entropy-bcrypt.diff b/thirdparty/mbedtls/patches/windows-entropy-bcrypt.diff
new file mode 100644
index 00000000000..2517687be63
--- /dev/null
+++ b/thirdparty/mbedtls/patches/windows-entropy-bcrypt.diff
@@ -0,0 +1,56 @@
+Backported from: https://github.com/Mbed-TLS/mbedtls/pull/8047
+
+diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c
+index 3420616a06..fec2abc2e4 100644
+--- a/thirdparty/mbedtls/library/entropy_poll.c
++++ b/thirdparty/mbedtls/library/entropy_poll.c
+@@ -51,32 +51,34 @@
+ 
+ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+ 
+-#if !defined(_WIN32_WINNT)
+-#define _WIN32_WINNT 0x0400
+-#endif
+ #include <windows.h>
+-#include <wincrypt.h>
++#include <bcrypt.h>
++#include <intsafe.h>
+ 
+ int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
+                                   size_t *olen)
+ {
+-    HCRYPTPROV provider;
+     ((void) data);
+     *olen = 0;
+ 
+-    if (CryptAcquireContext(&provider, NULL, NULL,
+-                            PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) {
+-        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+-    }
++    /*
++     * BCryptGenRandom takes ULONG for size, which is smaller than size_t on
++     * 64-bit Windows platforms. Extract entropy in chunks of len (dependent
++     * on ULONG_MAX) size.
++     */
++    while (len != 0) {
++        unsigned long ulong_bytes =
++            (len > ULONG_MAX) ? ULONG_MAX : (unsigned long) len;
++
++        if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, ulong_bytes,
++                                            BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
++            return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
++        }
+ 
+-    if (CryptGenRandom(provider, (DWORD) len, output) == FALSE) {
+-        CryptReleaseContext(provider, 0);
+-        return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
++        *olen += ulong_bytes;
++        len -= ulong_bytes;
+     }
+ 
+-    CryptReleaseContext(provider, 0);
+-    *olen = len;
+-
+     return 0;
+ }
+ #else /* _WIN32 && !EFIX64 && !EFI32 */