diff -ur mbedtls.orig/include/mbedtls/check_config.h mbedtls/include/mbedtls/check_config.h --- mbedtls.orig/include/mbedtls/check_config.h 2026-04-02 17:26:31.906276356 +0200 +++ mbedtls/include/mbedtls/check_config.h 2026-04-02 17:27:29.374384448 +0200 @@ -247,9 +247,10 @@ #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN) #error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer" #endif -#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM) -#error "MemorySanitizer does not support assembly implementation" -#endif +// skip this check for now because V test-self need a `fsanitizer` +//#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM) +//#error "MemorySanitizer does not support assembly implementation" +//#endif #undef MBEDTLS_HAS_MEMSAN // temporary macro defined above #if defined(MBEDTLS_CCM_C) && \ diff -ur mbedtls.orig/include/mbedtls/mbedtls_config.h mbedtls/include/mbedtls/mbedtls_config.h --- mbedtls.orig/include/mbedtls/mbedtls_config.h 2026-04-02 17:26:31.910276365 +0200 +++ mbedtls/include/mbedtls/mbedtls_config.h 2026-04-02 17:27:29.374384448 +0200 @@ -4435,3 +4435,22 @@ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ /** \} name SECTION: Module configuration options */ + + +#if defined(__TINYC__) +#undef MBEDTLS_HAVE_ASM +#undef MBEDTLS_AESNI_C +#undef MBEDTLS_PADLOCK_C +#else // __TINYC__ +#define MBEDTLS_HAVE_ASM +#define MBEDTLS_AESNI_C +#define MBEDTLS_PADLOCK_C +#endif // __TINYC__ + +#if ( defined(__linux__) || defined(__FreeBSD__) ) || defined (__OpenBSD__) +#define MBEDTLS_THREADING_PTHREAD +#define MBEDTLS_THREADING_C +#else +#undef MBEDTLS_THREADING_PTHREAD +#undef MBEDTLS_THREADING_C +#endif diff -ur mbedtls.orig/library/alignment.h mbedtls/library/alignment.h --- mbedtls.orig/library/alignment.h 2026-04-02 17:26:31.918276380 +0200 +++ mbedtls/library/alignment.h 2026-04-02 17:30:51.350689732 +0200 @@ -280,7 +280,7 @@ /* * Detect GCC built-in byteswap routines */ -#if defined(__GNUC__) +#if defined(__GNUC__) && !(defined(__TINYC__) && defined(__FreeBSD__)) #if MBEDTLS_GCC_VERSION >= 40800 #define MBEDTLS_BSWAP16 __builtin_bswap16 #endif @@ -293,7 +293,7 @@ /* * Detect Clang built-in byteswap routines */ -#if defined(__clang__) && defined(__has_builtin) +#if defined(__clang__) && defined(__has_builtin) && !(defined(__TINYC__) && defined(__FreeBSD__)) #if __has_builtin(__builtin_bswap16) && !defined(MBEDTLS_BSWAP16) #define MBEDTLS_BSWAP16 __builtin_bswap16 #endif /* __has_builtin(__builtin_bswap16) */ diff -ur mbedtls.orig/library/entropy_poll.c mbedtls/library/entropy_poll.c --- mbedtls.orig/library/entropy_poll.c 2026-04-02 17:26:31.922276388 +0200 +++ mbedtls/library/entropy_poll.c 2026-04-02 17:27:29.374384448 +0200 @@ -38,35 +38,36 @@ #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) +// fallback to 3.3.0 implmentation, as 3.6.5 need a high version of Windows SDK +#if !defined(_WIN32_WINNT) +#define _WIN32_WINNT 0x0400 +#endif #include -#include -#include +#include -int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len, - size_t *olen) +int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len, + size_t *olen ) { + HCRYPTPROV provider; ((void) data); *olen = 0; - /* - * BCryptGenRandom takes ULONG for size, which is smaller than size_t on - * 64-bit Windows platforms. Extract entropy in chunks of len (dependent - * on ULONG_MAX) size. - */ - while (len != 0) { - unsigned long ulong_bytes = - (len > ULONG_MAX) ? ULONG_MAX : (unsigned long) len; - - if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, ulong_bytes, - BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { - return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; - } + if( CryptAcquireContext( &provider, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) + { + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); + } - *olen += ulong_bytes; - len -= ulong_bytes; + if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) + { + CryptReleaseContext( provider, 0 ); + return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); } - return 0; + CryptReleaseContext( provider, 0 ); + *olen = len; + + return( 0 ); } #else /* _WIN32 && !EFIX64 && !EFI32 */ diff -ur mbedtls.orig/library/pk.c mbedtls/library/pk.c --- mbedtls.orig/library/pk.c 2026-04-02 17:26:31.926276396 +0200 +++ mbedtls/library/pk.c 2026-04-02 17:27:29.374384448 +0200 @@ -1336,6 +1336,7 @@ return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } + if (ctx == NULL) return MBEDTLS_ERR_PK_BAD_INPUT_DATA; if (ctx->pk_info == NULL || pk_hashlen_helper(md_alg, &hash_len) != 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } diff -ur mbedtls.orig/library/platform_util.c mbedtls/library/platform_util.c --- mbedtls.orig/library/platform_util.c 2026-04-02 17:26:31.926276396 +0200 +++ mbedtls/library/platform_util.c 2026-04-02 17:27:29.374384448 +0200 @@ -87,7 +87,7 @@ */ #if !defined(MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO) && !(defined(__STDC_LIB_EXT1__) && \ !defined(__IAR_SYSTEMS_ICC__)) \ - && !defined(_WIN32) + && !(defined(_WIN32) && !defined(__TINYC__)) static void *(*const volatile memset_func)(void *, int, size_t) = memset; #endif @@ -107,7 +107,8 @@ #endif #elif defined(__STDC_LIB_EXT1__) && !defined(__IAR_SYSTEMS_ICC__) memset_s(buf, len, 0, len); -#elif defined(_WIN32) +#elif defined(_WIN32) && !defined(__TINYC__) + /* tcc has a bad implementation of `SecureZeroMemory` */ SecureZeroMemory(buf, len); #else memset_func(buf, 0, len); diff -ur mbedtls.orig/library/ssl_misc.h mbedtls/library/ssl_misc.h --- mbedtls.orig/library/ssl_misc.h 2026-04-02 17:26:31.934276411 +0200 +++ mbedtls/library/ssl_misc.h 2026-04-02 17:27:29.374384448 +0200 @@ -1674,26 +1674,30 @@ { mbedtls_ssl_key_cert *key_cert; + if (ssl == NULL) return NULL; if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; } else { + if (ssl->conf == NULL) return NULL; key_cert = ssl->conf->key_cert; } - - return key_cert == NULL ? NULL : key_cert->key; + if (key_cert == NULL) return NULL; + return key_cert->key; } static inline mbedtls_x509_crt *mbedtls_ssl_own_cert(mbedtls_ssl_context *ssl) { mbedtls_ssl_key_cert *key_cert; + if (ssl == NULL) return NULL; if (ssl->handshake != NULL && ssl->handshake->key_cert != NULL) { key_cert = ssl->handshake->key_cert; } else { + if (ssl->conf == NULL) return NULL; key_cert = ssl->conf->key_cert; } - - return key_cert == NULL ? NULL : key_cert->cert; + if (key_cert == NULL) return NULL; + return key_cert->cert; } /* diff -ur mbedtls.orig/library/ssl_tls.c mbedtls/library/ssl_tls.c --- mbedtls.orig/library/ssl_tls.c 2026-04-02 17:26:31.938276419 +0200 +++ mbedtls/library/ssl_tls.c 2026-04-02 17:27:29.374384448 +0200 @@ -4563,8 +4563,8 @@ { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (ssl == NULL || - ssl->conf == NULL || + if (ssl == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + if (ssl->conf == NULL || ssl->handshake == NULL || ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; @@ -4653,10 +4653,8 @@ int ret = 0; /* Sanity checks */ - - if (ssl == NULL || ssl->conf == NULL) { - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; - } + if (ssl == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + if (ssl->conf == NULL) return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; #if defined(MBEDTLS_SSL_PROTO_DTLS) if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && diff -ur mbedtls.orig/library/ssl_tls12_client.c mbedtls/library/ssl_tls12_client.c --- mbedtls.orig/library/ssl_tls12_client.c 2026-04-02 17:26:31.940276423 +0200 +++ mbedtls/library/ssl_tls12_client.c 2026-04-02 17:27:29.374384448 +0200 @@ -13,6 +13,7 @@ #include "mbedtls/ssl.h" #include "ssl_client.h" +#include "ssl_debug_helpers.h" #include "ssl_misc.h" #include "debug_internal.h" #include "mbedtls/error.h" @@ -2087,32 +2088,73 @@ static int ssl_parse_signature_algorithm(mbedtls_ssl_context *ssl, { if (mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg(sig_alg, pk_alg, md_alg) != 0) { MBEDTLS_SSL_DEBUG_MSG(1, - ("Server used unsupported value in SigAlg extension 0x%04x", - sig_alg)); + ("Server used unsupported %s signature algorithm", + mbedtls_ssl_sig_alg_to_str(sig_alg))); return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER; } /* - * mbedtls_ssl_get_pk_sigalg_and_md_alg_from_sig_alg() understands sig_alg code points across - * TLS versions. Make sure that the received sig_alg extension is valid in TLS 1.2. + * mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg() understands + * signature algorithm code points from both TLS 1.2 and TLS 1.3. Make sure + * that the selected signature algorithm is acceptable when TLS 1.2 is + * negotiated. + * + * In TLS 1.2, RSA-PSS signature algorithms (rsa_pss_rsae_*) are not + * defined by RFC 5246. However, RFC 8446 Section 4.2.3 requires that + * implementations which advertise support for RSASSA-PSS must be + * prepared to accept such signatures even when TLS 1.2 is negotiated, + * provided they were offered in the signature_algorithms extension. + * + * Therefore, we allow rsa_pss_rsae_* here if: + * - the implementation supports them, and + * - they were offered in the signature_algorithms extension (checked by + * `mbedtls_ssl_sig_alg_is_offered()` below). + * + * If we were to add full support for rsa_pss_rsae_* signature algorithms + * in TLS 1.2, we should then integrate RSA-PSS into the TLS 1.2 signature + * algorithm support logic (`mbedtls_ssl_tls12_sig_alg_is_supported()`) + * instead of handling it as a special case here. */ if (!mbedtls_ssl_sig_alg_is_supported(ssl, sig_alg)) { - MBEDTLS_SSL_DEBUG_MSG(1, - ("Server used unsupported value in SigAlg extension 0x%04x", - sig_alg)); - return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER; + switch (sig_alg) { +#if defined(PSA_WANT_ALG_RSA_PSS) +#if defined(PSA_WANT_ALG_SHA_256) + case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256: +#endif +#if defined(PSA_WANT_ALG_SHA_384) + case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384: +#endif +#if defined(PSA_WANT_ALG_SHA_512) + case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512: +#endif +#if defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA_512) + MBEDTLS_SSL_DEBUG_MSG(3, + ( + "Accepting TLS 1.2 RSA-PSS signature algorithm %s via compatibility exception", + mbedtls_ssl_sig_alg_to_str(sig_alg))); + break; +#endif +#endif /* PSA_WANT_ALG_RSA_PSS */ + default: + MBEDTLS_SSL_DEBUG_MSG(1, + ("Server used unsupported %s signature algorithm", + mbedtls_ssl_sig_alg_to_str(sig_alg))); + return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER; + } } /* * Check if the signature algorithm is acceptable */ if (!mbedtls_ssl_sig_alg_is_offered(ssl, sig_alg)) { - MBEDTLS_SSL_DEBUG_MSG(1, ("Server used SigAlg value 0x%04x that was not offered", sig_alg)); + MBEDTLS_SSL_DEBUG_MSG(1, + ("Server used the signature algorithm %s that was not offered", + mbedtls_ssl_sig_alg_to_str(sig_alg))); return MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER; } - MBEDTLS_SSL_DEBUG_MSG(2, ("Server used SignatureAlgorithm %d", sig_alg & 0x00FF)); - MBEDTLS_SSL_DEBUG_MSG(2, ("Server used HashAlgorithm %d", sig_alg >> 8)); + MBEDTLS_SSL_DEBUG_MSG(2, ("Server used the signature algorithm %s", + mbedtls_ssl_sig_alg_to_str(sig_alg))); return 0; }