From 616156f8e6eaefe5e3e0df6621129f4bf9003344 Mon Sep 17 00:00:00 2001
From: Kyle Evans <kevans@FreeBSD.org>
Date: Wed, 1 Jan 2025 15:10:27 -0600
Subject: [PATCH] secure: hook up libecc as libpkgecc

libecc is not intended to be general use, other applications should
really be using openssl.  pkg(7) uses libecc to align with the pkg(8)
project and its goals.  This will be used in the upcoming support for
ECC in pkg(7).

Reviewed by:	emaste

(cherry picked from commit 05427f4639bcf2703329a9be9d25ec09bb782742)
---
 secure/lib/Makefile                    |   2 +-
 secure/lib/libpkgecc/Makefile          | 137 +++++++++++++++++++++++++
 secure/lib/libpkgecc/pkg_libecc_rand.c |  22 ++++
 share/mk/src.libnames.mk               |   4 +
 4 files changed, 164 insertions(+), 1 deletion(-)
 create mode 100644 secure/lib/libpkgecc/Makefile
 create mode 100644 secure/lib/libpkgecc/pkg_libecc_rand.c

diff --git a/secure/lib/Makefile b/secure/lib/Makefile
index b4b586fa658..bc659916e15 100644
--- a/secure/lib/Makefile
+++ b/secure/lib/Makefile
@@ -1,7 +1,7 @@
 
 .include <src.opts.mk>
 
-SUBDIR= 
+SUBDIR= libpkgecc
 .if ${MK_OPENSSL} != "no"
 SUBDIR+=libcrypto libssl
 .if ${MK_OPENSSH} != "no"
diff --git a/secure/lib/libpkgecc/Makefile b/secure/lib/libpkgecc/Makefile
new file mode 100644
index 00000000000..476cd8635ae
--- /dev/null
+++ b/secure/lib/libpkgecc/Makefile
@@ -0,0 +1,137 @@
+
+# STOP - This is not a general purpose library and is only for use by pkg(7)
+# to align with the implementation in pkg(8).
+LIB=	pkgecc
+INTERNALLIB=
+
+.PATH: $(SRCTOP)/crypto/libecc
+SRCS+=	pkg_libecc_rand.c
+
+# curves_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/curves
+SRCS+=	aff_pt.c \
+	aff_pt_montgomery.c \
+	ec_edwards.c \
+	ec_montgomery.c \
+	ec_params.c \
+	ec_shortw.c \
+	aff_pt_edwards.c \
+	curves.c \
+	prj_pt.c
+
+# utils_ec_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/utils
+SRCS+=	print_curves.c
+
+# fp_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/fp
+SRCS+=	fp_add.c \
+	fp.c \
+	fp_montgomery.c \
+	fp_mul.c \
+	fp_mul_redc1.c \
+	fp_pow.c \
+	fp_rand.c \
+	fp_sqrt.c
+
+# nn_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/nn
+SRCS+=	nn_add.c \
+	nn.c \
+	nn_div.c \
+	nn_logical.c \
+	nn_modinv.c \
+	nn_mod_pow.c \
+	nn_mul.c \
+	nn_mul_redc1.c \
+	nn_rand.c
+
+# utils_arith_src
+SRCS+=	utils.c \
+	utils_rand.c \
+	print_buf.c \
+	print_fp.c \
+	print_nn.c
+
+## libsign bits
+# hash_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/hash
+SRCS+=	hash_algs.c \
+	sm3.c \
+	streebog.c \
+	ripemd160.c \
+	belt-hash.c \
+	hmac.c \
+	bash224.c \
+	bash256.c \
+	bash384.c \
+	bash512.c \
+	bash.c \
+	sha224.c \
+	sha256.c \
+	sha3-224.c \
+	sha3-256.c \
+	sha3-384.c \
+	sha3-512.c \
+	sha384.c \
+	sha3.c \
+	sha512-224.c \
+	sha512-256.c \
+	sha512.c \
+	sha512_core.c \
+	shake256.c \
+	shake.c
+
+# sig_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/sig
+SRCS+=	decdsa.c \
+	ecdsa.c \
+	ecfsdsa.c \
+	ecgdsa.c \
+	eckcdsa.c \
+	ecosdsa.c \
+	ecrdsa.c \
+	ecsdsa.c \
+	eddsa.c \
+	fuzzing_ecdsa.c \
+	fuzzing_ecgdsa.c \
+	fuzzing_ecrdsa.c \
+	ecdsa_common.c \
+	ecsdsa_common.c \
+	sig_algs.c \
+	sm2.c \
+	bign_common.c \
+	bign.c \
+	dbign.c \
+	bip0340.c
+
+# key_mod_src
+SRCS+=	ec_key.c
+
+# utils_sign_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/sig
+SRCS+=	print_keys.c
+
+# ecdh_mod_src
+.PATH:	$(SRCTOP)/crypto/libecc/src/ecdh
+SRCS+=	ecccdh.c \
+	x25519_448.c
+
+# external_deps
+.PATH:	$(SRCTOP)/crypto/libecc/src/external_deps
+SRCS+=	print.c
+
+CONFLICTS=	-Dsha256_init=_libecc_sha256_init \
+		-Dsha256_update=_libecc_sha256_update \
+		-Dsha256_final=_libecc_sha256_final \
+		-Dsha512_224_init=_libecc_sha512_224_init \
+		-Dsha512_256_init=_libecc_sha512_256_init
+
+CFLAGS=		-I$(SRCTOP)/crypto/libecc/include \
+		-ffreestanding \
+		-fno-builtin \
+		-DUSE_WARN_UNUSED_RET \
+		-DWITH_STDLIB \
+		$(CONFLICTS)
+
+.include <bsd.lib.mk>
diff --git a/secure/lib/libpkgecc/pkg_libecc_rand.c b/secure/lib/libpkgecc/pkg_libecc_rand.c
new file mode 100644
index 00000000000..c190c909453
--- /dev/null
+++ b/secure/lib/libpkgecc/pkg_libecc_rand.c
@@ -0,0 +1,22 @@
+/* SPDX-License-Identifier: Unlicense */
+#include <sys/types.h>
+#include <stdlib.h>
+
+#include <libecc/external_deps/rand.h>
+
+int
+get_random(unsigned char *buf, uint16_t len)
+{
+
+	/*
+	 * We need random numbers even in a sandbox, so we can't use
+	 * /dev/urandom as the external_deps version of get_random() does on
+	 * FreeBSD.  arc4random_buf() is a better choice because it uses the
+	 * underlying getrandom(2) instead of needing to open a device handle.
+	 *
+	 * We don't have any guarantees that this won't open a device on other
+	 * platforms, but we also don't do any sandboxing on those platforms.
+	 */
+	arc4random_buf(buf, len);
+	return 0;
+}
diff --git a/share/mk/src.libnames.mk b/share/mk/src.libnames.mk
index 9cba6c8cc7c..837d6f842da 100644
--- a/share/mk/src.libnames.mk
+++ b/share/mk/src.libnames.mk
@@ -61,6 +61,7 @@ _INTERNALLIBS=	\
 		parse \
 		pe \
 		pfctl \
+		pkgecc \
 		pmcstat \
 		sl \
 		sm \
@@ -616,6 +617,9 @@ LIBBSNMPTOOLS?=	${LIBBSNMPTOOLSDIR}/libbsnmptools${PIE_SUFFIX}.a
 
 LIBBE?=		${LIBBEDIR}/libbe${PIE_SUFFIX}.a
 
+LIBPKGECCDIR=	${_LIB_OBJTOP}/secure/lib/libpkgecc
+LIBPKGECC?=	${LIBPKGECCDIR}/libpkgecc${PIE_SUFFIX}.a
+
 LIBPMCSTATDIR=	${_LIB_OBJTOP}/lib/libpmcstat
 LIBPMCSTAT?=	${LIBPMCSTATDIR}/libpmcstat${PIE_SUFFIX}.a