General: Migrate from deprecated mbedTLS functions

As indicated by mbedTLS' documentation, all of the relevant functions
have been superseded by _ret-suffixed variants in mbedTLS version
2.7.0.

Source/Core/Common/MD5.cpp

@@ -23,7 +23,7 @@ std::string MD5Sum(const std::string& file_path, std::function<bool(int)> report
   std::unique_ptr<DiscIO::BlobReader> file(DiscIO::CreateBlobReader(file_path));
   u64 game_size = file->GetDataSize();
 
-  mbedtls_md5_starts(&ctx);
+  mbedtls_md5_starts_ret(&ctx);
 
   while (read_offset < game_size)
   {
@@ -31,7 +31,7 @@ std::string MD5Sum(const std::string& file_path, std::function<bool(int)> report
     if (!file->Read(read_offset, read_size, data.data()))
       return output_string;
 
-    mbedtls_md5_update(&ctx, data.data(), read_size);
+    mbedtls_md5_update_ret(&ctx, data.data(), read_size);
     read_offset += read_size;
 
     int progress =
@@ -41,7 +41,7 @@ std::string MD5Sum(const std::string& file_path, std::function<bool(int)> report
   }
 
   std::array<u8, 16> output;
-  mbedtls_md5_finish(&ctx, output.data());
+  mbedtls_md5_finish_ret(&ctx, output.data());
 
   // Convert to hex
   for (u8 n : output)

Source/Core/Core/Analytics.cpp

@@ -102,7 +102,7 @@ std::string DolphinAnalytics::MakeUniqueId(std::string_view data) const
 {
   std::array<u8, 20> digest;
   const auto input = std::string{m_unique_id}.append(data);
-  mbedtls_sha1(reinterpret_cast<const u8*>(input.c_str()), input.size(), digest.data());
+  mbedtls_sha1_ret(reinterpret_cast<const u8*>(input.c_str()), input.size(), digest.data());
 
   // Convert to hex string and truncate to 64 bits.
   std::string out;

Source/Core/Core/HW/WiiSave.cpp

@@ -92,7 +92,7 @@ public:
     header.banner[7] &= ~1;
 
     Md5 md5_calc;
-    mbedtls_md5(reinterpret_cast<const u8*>(&header), sizeof(Header), md5_calc.data());
+    mbedtls_md5_ret(reinterpret_cast<const u8*>(&header), sizeof(Header), md5_calc.data());
     header.md5 = std::move(md5_calc);
     return header;
   }
@@ -264,7 +264,7 @@ public:
     Md5 md5_file = header.md5;
     header.md5 = s_md5_blanker;
     Md5 md5_calc;
-    mbedtls_md5(reinterpret_cast<const u8*>(&header), sizeof(Header), md5_calc.data());
+    mbedtls_md5_ret(reinterpret_cast<const u8*>(&header), sizeof(Header), md5_calc.data());
     if (md5_file != md5_calc)
     {
       ERROR_LOG(CONSOLE, "MD5 mismatch\n %016" PRIx64 "%016" PRIx64 " != %016" PRIx64 "%016" PRIx64,
@@ -411,7 +411,7 @@ private:
       m_file.Seek(sizeof(Header), SEEK_SET);
       if (!m_file.ReadBytes(data.get(), data_size))
         return false;
-      mbedtls_sha1(data.get(), data_size, data_sha1.data());
+      mbedtls_sha1_ret(data.get(), data_size, data_sha1.data());
     }
 
     // Sign the data.

Source/Core/Core/IOS/ES/Formats.cpp

@@ -121,7 +121,7 @@ std::array<u8, 20> SignedBlobReader::GetSha1() const
 {
   std::array<u8, 20> sha1;
   const size_t skip = GetIssuerOffset(GetSignatureType());
-  mbedtls_sha1(m_bytes.data() + skip, m_bytes.size() - skip, sha1.data());
+  mbedtls_sha1_ret(m_bytes.data() + skip, m_bytes.size() - skip, sha1.data());
   return sha1;
 }
 

Source/Core/Core/IOS/ES/Identity.cpp

@@ -179,7 +179,7 @@ ReturnCode ES::VerifySign(const std::vector<u8>& hash, const std::vector<u8>& ec
   }
 
   std::array<u8, 20> sha1;
-  mbedtls_sha1(hash.data(), hash.size(), sha1.data());
+  mbedtls_sha1_ret(hash.data(), hash.size(), sha1.data());
   ret = iosc.VerifyPublicKeySign(sha1, ap_cert, ecc_signature, PID_ES);
   if (ret != IPC_SUCCESS)
   {

Source/Core/Core/IOS/ES/TitleManagement.cpp

@@ -344,7 +344,7 @@ IPCCommandResult ES::ImportContentData(Context& context, const IOCtlVRequest& re
 static bool CheckIfContentHashMatches(const std::vector<u8>& content, const IOS::ES::Content& info)
 {
   std::array<u8, 20> sha1;
-  mbedtls_sha1(content.data(), info.size, sha1.data());
+  mbedtls_sha1_ret(content.data(), info.size, sha1.data());
   return sha1 == info.sha1;
 }
 

Source/Core/Core/IOS/IOSC.cpp

@@ -252,7 +252,7 @@ ReturnCode IOSC::ComputeSharedKey(Handle dest_handle, Handle private_handle, Han
       Common::ec::ComputeSharedSecret(private_entry->data.data(), public_entry->data.data());
 
   std::array<u8, 20> sha1;
-  mbedtls_sha1(shared_secret.data(), shared_secret.size() / 2, sha1.data());
+  mbedtls_sha1_ret(shared_secret.data(), shared_secret.size() / 2, sha1.data());
 
   dest_entry->data.resize(AES128_KEY_SIZE);
   std::copy_n(sha1.cbegin(), AES128_KEY_SIZE, dest_entry->data.begin());
@@ -453,12 +453,12 @@ void IOSC::Sign(u8* sig_out, u8* ap_cert_out, u64 title_id, const u8* data, u32
   CertECC cert = MakeBlankEccCert(signer, name, ap_priv.data(), 0);
   // Sign the AP cert.
   const size_t skip = offsetof(CertECC, signature.issuer);
-  mbedtls_sha1(reinterpret_cast<const u8*>(&cert) + skip, sizeof(cert) - skip, hash.data());
+  mbedtls_sha1_ret(reinterpret_cast<const u8*>(&cert) + skip, sizeof(cert) - skip, hash.data());
   cert.signature.sig = Common::ec::Sign(m_key_entries[HANDLE_CONSOLE_KEY].data.data(), hash.data());
   std::memcpy(ap_cert_out, &cert, sizeof(cert));
 
   // Sign the data.
-  mbedtls_sha1(data, data_size, hash.data());
+  mbedtls_sha1_ret(data, data_size, hash.data());
   const auto signature = Common::ec::Sign(ap_priv.data(), hash.data());
   std::copy(signature.cbegin(), signature.cend(), sig_out);
 }

Source/Core/Core/IOS/Network/SSL.cpp

@@ -118,7 +118,7 @@ static std::vector<u8> ReadCertFile(const std::string& path, const std::array<u8
   }
 
   std::array<u8, 32> hash;
-  mbedtls_sha256(bytes.data(), bytes.size(), hash.data(), 0);
+  mbedtls_sha256_ret(bytes.data(), bytes.size(), hash.data(), 0);
   if (hash != correct_hash)
   {
     ERROR_LOG(IOS_SSL, "Wrong hash for %s", path.c_str());

Source/Core/DiscIO/VolumeVerifier.cpp

@@ -652,13 +652,13 @@ void VolumeVerifier::SetUpHashing()
   if (m_hashes_to_calculate.md5)
   {
     mbedtls_md5_init(&m_md5_context);
-    mbedtls_md5_starts(&m_md5_context);
+    mbedtls_md5_starts_ret(&m_md5_context);
   }
 
   if (m_hashes_to_calculate.sha1)
   {
     mbedtls_sha1_init(&m_sha1_context);
-    mbedtls_sha1_starts(&m_sha1_context);
+    mbedtls_sha1_starts_ret(&m_sha1_context);
   }
 }
 
@@ -712,10 +712,10 @@ void VolumeVerifier::Process()
       }
 
       if (m_hashes_to_calculate.md5)
-        mbedtls_md5_update(&m_md5_context, data.data(), bytes_to_read);
+        mbedtls_md5_update_ret(&m_md5_context, data.data(), bytes_to_read);
 
       if (m_hashes_to_calculate.sha1)
-        mbedtls_sha1_update(&m_sha1_context, data.data(), bytes_to_read);
+        mbedtls_sha1_update_ret(&m_sha1_context, data.data(), bytes_to_read);
     }
   }
 
@@ -773,7 +773,7 @@ bool VolumeVerifier::CheckContentIntegrity(const IOS::ES::Content& content)
                         encrypted_data.data(), decrypted_data.data());
 
   std::array<u8, 20> sha1;
-  mbedtls_sha1(decrypted_data.data(), content.size, sha1.data());
+  mbedtls_sha1_ret(decrypted_data.data(), content.size, sha1.data());
   return sha1 == content.sha1;
 }
 
@@ -806,13 +806,13 @@ void VolumeVerifier::Finish()
     if (m_hashes_to_calculate.md5)
     {
       m_result.hashes.md5 = std::vector<u8>(16);
-      mbedtls_md5_finish(&m_md5_context, m_result.hashes.md5.data());
+      mbedtls_md5_finish_ret(&m_md5_context, m_result.hashes.md5.data());
     }
 
     if (m_hashes_to_calculate.sha1)
     {
       m_result.hashes.sha1 = std::vector<u8>(20);
-      mbedtls_sha1_finish(&m_sha1_context, m_result.hashes.sha1.data());
+      mbedtls_sha1_finish_ret(&m_sha1_context, m_result.hashes.sha1.data());
     }
   }
 

Source/Core/DiscIO/VolumeWii.cpp

@@ -443,7 +443,7 @@ bool VolumeWii::CheckH3TableIntegrity(const Partition& partition) const
     return false;
 
   std::array<u8, 20> h3_table_sha1;
-  mbedtls_sha1(h3_table.data(), h3_table.size(), h3_table_sha1.data());
+  mbedtls_sha1_ret(h3_table.data(), h3_table.size(), h3_table_sha1.data());
   return h3_table_sha1 == contents[0].sha1;
 }
 
@@ -481,23 +481,23 @@ bool VolumeWii::CheckBlockIntegrity(u64 block_index, const Partition& partition)
   for (u32 hash_index = 0; hash_index < 31; ++hash_index)
   {
     u8 h0_hash[SHA1_SIZE];
-    mbedtls_sha1(cluster_data + hash_index * 0x400, 0x400, h0_hash);
+    mbedtls_sha1_ret(cluster_data + hash_index * 0x400, 0x400, h0_hash);
     if (memcmp(h0_hash, cluster_metadata + hash_index * SHA1_SIZE, SHA1_SIZE))
       return false;
   }
 
   u8 h1_hash[SHA1_SIZE];
-  mbedtls_sha1(cluster_metadata, SHA1_SIZE * 31, h1_hash);
+  mbedtls_sha1_ret(cluster_metadata, SHA1_SIZE * 31, h1_hash);
   if (memcmp(h1_hash, cluster_metadata + 0x280 + (block_index % 8) * SHA1_SIZE, SHA1_SIZE))
     return false;
 
   u8 h2_hash[SHA1_SIZE];
-  mbedtls_sha1(cluster_metadata + 0x280, SHA1_SIZE * 8, h2_hash);
+  mbedtls_sha1_ret(cluster_metadata + 0x280, SHA1_SIZE * 8, h2_hash);
   if (memcmp(h2_hash, cluster_metadata + 0x340 + (block_index / 8 % 8) * SHA1_SIZE, SHA1_SIZE))
     return false;
 
   u8 h3_hash[SHA1_SIZE];
-  mbedtls_sha1(cluster_metadata + 0x340, SHA1_SIZE * 8, h3_hash);
+  mbedtls_sha1_ret(cluster_metadata + 0x340, SHA1_SIZE * 8, h3_hash);
   if (memcmp(h3_hash, partition_details.h3_table->data() + block_index / 64 * SHA1_SIZE, SHA1_SIZE))
     return false;
 

Source/Core/UpdaterCommon/UpdaterCommon.cpp

@@ -158,7 +158,8 @@ std::optional<std::string> GzipInflate(const std::string& data)
 Manifest::Hash ComputeHash(const std::string& contents)
 {
   std::array<u8, 32> full;
-  mbedtls_sha256(reinterpret_cast<const u8*>(contents.data()), contents.size(), full.data(), false);
+  mbedtls_sha256_ret(reinterpret_cast<const u8*>(contents.data()), contents.size(), full.data(),
+                     false);
 
   Manifest::Hash out;
   std::copy(full.begin(), full.begin() + 16, out.begin());