From e77a922a060144594c1613703ccc6d7747f0e20e Mon Sep 17 00:00:00 2001
From: Ellen Poe <ellen.h.poe@gmail.com>
Date: Thu, 3 Feb 2022 21:45:23 -0800
Subject: [PATCH] Support Xtensa, RISC-V and ESP-IDF

---
 Cargo.toml                        |  3 ++-
 build.rs                          | 13 +++++++------
 crypto/fipsmodule/bn/montgomery.c | 14 ++++++++++++++
 include/ring-core/base.h          |  6 ++++++
 src/rand.rs                       | 17 +++++++++++++++++
 5 files changed, 46 insertions(+), 7 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 97071e3a4c..2e86652d9a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -167,7 +167,7 @@ untrusted = { version = "0.9" }
 [target.'cfg(any(target_arch = "x86",target_arch = "x86_64", all(any(target_arch = "aarch64", target_arch = "arm"), any(target_os = "android", target_os = "fuchsia", target_os = "linux", target_os = "windows"))))'.dependencies]
 spin = { version = "0.9.2", default-features = false, features = ["once"] }
 
-[target.'cfg(any(target_os = "android", target_os = "linux"))'.dependencies]
+[target.'cfg(any(target_os = "android", target_os = "linux", target_os = "espidf"))'.dependencies]
 libc = { version = "0.2.100", default-features = false }
 once_cell = { version = "1.8.0", default-features = false, features=["std"], optional = true }
 
@@ -201,6 +201,7 @@ slow_tests = []
 std = ["alloc"]
 test_logging = []
 wasm32_unknown_unknown_js = ["web-sys"]
+size_optimized = []
 
 # XXX: debug = false because of https://github.com/rust-lang/rust/issues/34122
 
diff --git a/build.rs b/build.rs
index b50128a37f..9abc827f14 100644
--- a/build.rs
+++ b/build.rs
@@ -40,12 +40,12 @@ const RING_SRCS: &[(&[&str], &str)] = &[
     (&[], "crypto/mem.c"),
     (&[], "crypto/poly1305/poly1305.c"),
 
-    (&[AARCH64, ARM, X86_64, X86], "crypto/crypto.c"),
-    (&[AARCH64, ARM, X86_64, X86], "crypto/curve25519/curve25519.c"),
-    (&[AARCH64, ARM, X86_64, X86], "crypto/fipsmodule/ec/ecp_nistz.c"),
-    (&[AARCH64, ARM, X86_64, X86], "crypto/fipsmodule/ec/gfp_p256.c"),
-    (&[AARCH64, ARM, X86_64, X86], "crypto/fipsmodule/ec/gfp_p384.c"),
-    (&[AARCH64, ARM, X86_64, X86], "crypto/fipsmodule/ec/p256.c"),
+    (&[], "crypto/crypto.c"),
+    (&[], "crypto/curve25519/curve25519.c"),
+    (&[], "crypto/fipsmodule/ec/ecp_nistz.c"),
+    (&[], "crypto/fipsmodule/ec/gfp_p256.c"),
+    (&[], "crypto/fipsmodule/ec/gfp_p384.c"),
+    (&[], "crypto/fipsmodule/ec/p256.c"),
 
     (&[X86_64, X86], "crypto/cpu-intel.c"),
 
@@ -126,6 +126,7 @@ fn cpp_flags(compiler: &cc::Tool) -> &'static [&'static str] {
             "-Wenum-compare",
             "-Wfloat-equal",
             "-Wformat=2",
+            #[cfg(not(feature = "size_optimized"))]
             "-Winline",
             "-Winvalid-pch",
             "-Wmissing-field-initializers",
diff --git a/crypto/fipsmodule/bn/montgomery.c b/crypto/fipsmodule/bn/montgomery.c
index b1f1c69329..e047bf5a6a 100644
--- a/crypto/fipsmodule/bn/montgomery.c
+++ b/crypto/fipsmodule/bn/montgomery.c
@@ -156,3 +156,17 @@ int bn_from_montgomery_in_place(BN_ULONG r[], size_t num_r, BN_ULONG a[],
   }
   return 1;
 }
+
+#if !defined(OPENSSL_X86) && !defined(OPENSSL_X86_64) && \
+    !defined(OPENSSL_ARM) && !defined(OPENSSL_AARCH64)
+void bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                 const BN_ULONG *np, const BN_ULONG *n0, size_t num) {
+  Limb tmp[2 * num];
+  for (size_t i = 0; i < num; i++)
+    tmp[i] = 0;
+  for (size_t i = 0; i < num; i++)
+    tmp[num + i] = limbs_mul_add_limb(tmp + i, ap, bp[i], num);
+
+  bn_from_montgomery_in_place(rp, num, tmp, 2 * num, np, num, n0);
+}
+#endif
diff --git a/include/ring-core/base.h b/include/ring-core/base.h
index f1a027d1a4..19f0612f24 100644
--- a/include/ring-core/base.h
+++ b/include/ring-core/base.h
@@ -91,6 +91,12 @@
 #define OPENSSL_MIPS64
 #elif defined(__wasm__)
 #define OPENSSL_32_BIT
+#elif defined(__xtensa__)
+#define OPENSSL_32_BIT
+#elif defined(__riscv) && __riscv_xlen == 64
+#define OPENSSL_64_BIT
+#elif defined(__riscv) && __riscv_xlen == 32
+#define OPENSSL_32_BIT
 #else
 // Note BoringSSL only supports standard 32-bit and 64-bit two's-complement,
 // little-endian architectures. Functions will not produce the correct answer
diff --git a/src/rand.rs b/src/rand.rs
index e7ebece216..2616348d4e 100644
--- a/src/rand.rs
+++ b/src/rand.rs
@@ -169,6 +169,7 @@ impl crate::sealed::Sealed for SystemRandom {}
         not(feature = "dev_urandom_fallback")
     ),
     target_arch = "wasm32",
+    target_os = "espidf",
     windows
 ))]
 use self::sysrand::fill as fill_impl;
@@ -229,6 +230,21 @@ mod sysrand_chunk {
     }
 }
 
+#[cfg(target_os = "espidf")]
+mod sysrand_chunk {
+    use crate::{c, error};
+
+    #[inline]
+    pub fn chunk(dest: &mut [u8]) -> Result<usize, error::Unspecified> {
+        let chunk_len: c::size_t = dest.len();
+        let r = unsafe { libc::getrandom(dest.as_mut_ptr() as *mut libc::c_void, chunk_len, 0) };
+        if r < 0 {
+            return Err(error::Unspecified);
+        }
+        Ok(r as usize)
+    }
+}
+
 #[cfg(all(
     feature = "wasm32_unknown_unknown_js",
     target_arch = "wasm32",
@@ -286,6 +302,7 @@ mod sysrand_chunk {
     target_os = "android",
     target_os = "linux",
     target_arch = "wasm32",
+    target_os = "espidf",
     windows
 ))]
 mod sysrand {