From: Filippo Valsorda Date: Wed, 2 Oct 2024 19:25:31 +0000 (+0200) Subject: crypto/internal/fips/sha3: test alternative s390x implementation X-Git-Tag: go1.24rc1~577 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=ba1caa8b3051bc13bc353840946b404a13575410;p=gostls13.git crypto/internal/fips/sha3: test alternative s390x implementation The amd64 assembly is always-on, so we don't need to test disabling it. Fixes #36466 For #69536 Change-Id: I2cd4befcde688a1ba202e61c7119e15454ff6854 Reviewed-on: https://go-review.googlesource.com/c/go/+/617535 Reviewed-by: Daniel McCarney Reviewed-by: Roland Shoemaker LUCI-TryBot-Result: Go LUCI Reviewed-by: Michael Pratt Auto-Submit: Filippo Valsorda --- diff --git a/src/crypto/internal/fips/sha3/sha3_s390x.go b/src/crypto/internal/fips/sha3/sha3_s390x.go index 0a36d78b2c..36556955b5 100644 --- a/src/crypto/internal/fips/sha3/sha3_s390x.go +++ b/src/crypto/internal/fips/sha3/sha3_s390x.go @@ -8,6 +8,7 @@ package sha3 import ( "crypto/internal/fips/subtle" + "crypto/internal/impl" "internal/cpu" ) @@ -18,6 +19,13 @@ import ( // // [z/Architecture Principles of Operation, Fourteen Edition]: https://www.ibm.com/docs/en/module_1678991624569/pdf/SA22-7832-13.pdf +var useSHA3 = cpu.S390X.HasSHA3 + +func init() { + // CP Assist for Cryptographic Functions (CPACF) + impl.Register("crypto/sha3", "CPACF", &useSHA3) +} + func keccakF1600(a *[200]byte) { keccakF1600Generic(a) } @@ -60,7 +68,7 @@ func (d *Digest) write(p []byte) (n int, err error) { if d.state != spongeAbsorbing { panic("sha3: Write after Read") } - if !cpu.S390X.HasSHA3 { + if !useSHA3 { return d.writeGeneric(p) } @@ -101,8 +109,7 @@ func (d *Digest) sum(b []byte) []byte { if d.state != spongeAbsorbing { panic("sha3: Sum after Read") } - if !cpu.S390X.HasSHA3 || - d.dsbyte != dsbyteSHA3 && d.dsbyte != dsbyteShake { + if !useSHA3 || d.dsbyte != dsbyteSHA3 && d.dsbyte != dsbyteShake { return d.sumGeneric(b) } @@ -128,7 +135,7 @@ func (d *Digest) sum(b []byte) []byte { } func (d *Digest) read(out []byte) (n int, err error) { - if !cpu.S390X.HasSHA3 || d.dsbyte != dsbyteShake { + if !useSHA3 || d.dsbyte != dsbyteShake { return d.readGeneric(out) } diff --git a/src/crypto/internal/fips/sha3/sha3_test.go b/src/crypto/internal/fips/sha3/sha3_test.go index 73c9dfe9e3..1a3d571235 100644 --- a/src/crypto/internal/fips/sha3/sha3_test.go +++ b/src/crypto/internal/fips/sha3/sha3_test.go @@ -6,6 +6,7 @@ package sha3_test import ( "bytes" + "crypto/internal/cryptotest" "crypto/internal/fips" . "crypto/internal/fips/sha3" "encoding" @@ -105,6 +106,10 @@ func decodeHex(s string) []byte { // TestKeccak does a basic test of the non-standardized Keccak hash functions. func TestKeccak(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testKeccak) +} + +func testKeccak(t *testing.T) { tests := []struct { fn func() *Digest data []byte @@ -135,6 +140,10 @@ func TestKeccak(t *testing.T) { // TestShakeSum tests that the output of Sum matches the output of Read. func TestShakeSum(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testShakeSum) +} + +func testShakeSum(t *testing.T) { tests := [...]struct { name string hash *SHAKE @@ -164,6 +173,10 @@ func TestShakeSum(t *testing.T) { // TestUnalignedWrite tests that writing data in an arbitrary pattern with // small input buffers. func TestUnalignedWrite(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testUnalignedWrite) +} + +func testUnalignedWrite(t *testing.T) { buf := sequentialBytes(0x10000) for alg, df := range testDigests { d := df() @@ -220,6 +233,10 @@ func TestUnalignedWrite(t *testing.T) { // TestAppend checks that appending works when reallocation is necessary. func TestAppend(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testAppend) +} + +func testAppend(t *testing.T) { d := New224() for capacity := 2; capacity <= 66; capacity += 64 { @@ -238,6 +255,10 @@ func TestAppend(t *testing.T) { // TestAppendNoRealloc tests that appending works when no reallocation is necessary. func TestAppendNoRealloc(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testAppendNoRealloc) +} + +func testAppendNoRealloc(t *testing.T) { buf := make([]byte, 1, 200) d := New224() d.Write([]byte{0xcc}) @@ -251,6 +272,10 @@ func TestAppendNoRealloc(t *testing.T) { // TestSqueezing checks that squeezing the full output a single time produces // the same output as repeatedly squeezing the instance. func TestSqueezing(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testSqueezing) +} + +func testSqueezing(t *testing.T) { for algo, v := range testShakes { d0 := v.constructor([]byte(v.defAlgoName), []byte(v.defCustomStr)) d0.Write([]byte(testString)) @@ -288,6 +313,10 @@ func sequentialBytes(size int) []byte { } func TestReset(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testReset) +} + +func testReset(t *testing.T) { out1 := make([]byte, 32) out2 := make([]byte, 32) @@ -309,6 +338,10 @@ func TestReset(t *testing.T) { } func TestClone(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testClone) +} + +func testClone(t *testing.T) { out1 := make([]byte, 16) out2 := make([]byte, 16) @@ -419,13 +452,15 @@ func TestCSHAKEAccumulated(t *testing.T) { // } // console.log(bytesToHex(acc.xof(32))); // - t.Run("cSHAKE128", func(t *testing.T) { - testCSHAKEAccumulated(t, NewCShake128, (1600-256)/8, - "bb14f8657c6ec5403d0b0e2ef3d3393497e9d3b1a9a9e8e6c81dbaa5fd809252") - }) - t.Run("cSHAKE256", func(t *testing.T) { - testCSHAKEAccumulated(t, NewCShake256, (1600-512)/8, - "0baaf9250c6e25f0c14ea5c7f9bfde54c8a922c8276437db28f3895bdf6eeeef") + cryptotest.TestAllImplementations(t, "crypto/sha3", func(t *testing.T) { + t.Run("cSHAKE128", func(t *testing.T) { + testCSHAKEAccumulated(t, NewCShake128, (1600-256)/8, + "bb14f8657c6ec5403d0b0e2ef3d3393497e9d3b1a9a9e8e6c81dbaa5fd809252") + }) + t.Run("cSHAKE256", func(t *testing.T) { + testCSHAKEAccumulated(t, NewCShake256, (1600-512)/8, + "0baaf9250c6e25f0c14ea5c7f9bfde54c8a922c8276437db28f3895bdf6eeeef") + }) }) } @@ -458,6 +493,10 @@ func testCSHAKEAccumulated(t *testing.T, newCShake func(N, S []byte) *SHAKE, rat } func TestCSHAKELargeS(t *testing.T) { + cryptotest.TestAllImplementations(t, "crypto/sha3", testCSHAKELargeS) +} + +func testCSHAKELargeS(t *testing.T) { if testing.Short() { t.Skip("skipping test in short mode.") } @@ -486,16 +525,18 @@ func TestCSHAKELargeS(t *testing.T) { } func TestMarshalUnmarshal(t *testing.T) { - t.Run("SHA3-224", func(t *testing.T) { testMarshalUnmarshal(t, New224()) }) - t.Run("SHA3-256", func(t *testing.T) { testMarshalUnmarshal(t, New256()) }) - t.Run("SHA3-384", func(t *testing.T) { testMarshalUnmarshal(t, New384()) }) - t.Run("SHA3-512", func(t *testing.T) { testMarshalUnmarshal(t, New512()) }) - t.Run("SHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewShake128()) }) - t.Run("SHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewShake256()) }) - t.Run("cSHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake128([]byte("N"), []byte("S"))) }) - t.Run("cSHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake256([]byte("N"), []byte("S"))) }) - t.Run("Keccak-256", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak256()) }) - t.Run("Keccak-512", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak512()) }) + cryptotest.TestAllImplementations(t, "crypto/sha3", func(t *testing.T) { + t.Run("SHA3-224", func(t *testing.T) { testMarshalUnmarshal(t, New224()) }) + t.Run("SHA3-256", func(t *testing.T) { testMarshalUnmarshal(t, New256()) }) + t.Run("SHA3-384", func(t *testing.T) { testMarshalUnmarshal(t, New384()) }) + t.Run("SHA3-512", func(t *testing.T) { testMarshalUnmarshal(t, New512()) }) + t.Run("SHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewShake128()) }) + t.Run("SHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewShake256()) }) + t.Run("cSHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake128([]byte("N"), []byte("S"))) }) + t.Run("cSHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake256([]byte("N"), []byte("S"))) }) + t.Run("Keccak-256", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak256()) }) + t.Run("Keccak-512", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak512()) }) + }) } // TODO(filippo): move this to crypto/internal/cryptotest.