crypto/internal/fips/sha3: test alternative s390x implementation

The amd64 assembly is always-on, so we don't need to test disabling it. Fixes #36466 For #69536 Change-Id: I2cd4befcde688a1ba202e61c7119e15454ff6854 Reviewed-on: https://go-review.googlesource.com/c/go/+/617535 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org>
author: Filippo Valsorda <filippo@golang.org> 2024-10-02 21:25:31 +0200
committer: Gopher Robot <gobot@golang.org> 2024-10-28 14:55:24 +0000
commit: ba1caa8b3051bc13bc353840946b404a13575410 (patch)
tree: 289582b6da193c40c2ec2891dd5f2e93b97c33f4 /src/crypto
parent: d75fb40e52888dbd3ec9ff22e63e48b18cd5be31 (diff)
download: go-ba1caa8b3051bc13bc353840946b404a13575410.tar.xz
2 files changed, 69 insertions, 21 deletions
diff --git a/src/crypto/internal/fips/sha3/sha3_s390x.go b/src/crypto/internal/fips/sha3/sha3_s390x.go
index 0a36d78b2c..36556955b5 100644
--- a/src/crypto/internal/fips/sha3/sha3_s390x.go
+++ b/src/crypto/internal/fips/sha3/sha3_s390x.go
@@ -8,6 +8,7 @@ package sha3
 
 import (
 	"crypto/internal/fips/subtle"
+	"crypto/internal/impl"
 	"internal/cpu"
 )
 
@@ -18,6 +19,13 @@ import (
 //
 // [z/Architecture Principles of Operation, Fourteen Edition]: https://www.ibm.com/docs/en/module_1678991624569/pdf/SA22-7832-13.pdf
 
+var useSHA3 = cpu.S390X.HasSHA3
+
+func init() {
+	// CP Assist for Cryptographic Functions (CPACF)
+	impl.Register("crypto/sha3", "CPACF", &useSHA3)
+}
+
 func keccakF1600(a *[200]byte) {
 	keccakF1600Generic(a)
 }
@@ -60,7 +68,7 @@ func (d *Digest) write(p []byte) (n int, err error) {
 	if d.state != spongeAbsorbing {
 		panic("sha3: Write after Read")
 	}
-	if !cpu.S390X.HasSHA3 {
+	if !useSHA3 {
 		return d.writeGeneric(p)
 	}
 
@@ -101,8 +109,7 @@ func (d *Digest) sum(b []byte) []byte {
 	if d.state != spongeAbsorbing {
 		panic("sha3: Sum after Read")
 	}
-	if !cpu.S390X.HasSHA3 ||
-		d.dsbyte != dsbyteSHA3 && d.dsbyte != dsbyteShake {
+	if !useSHA3 || d.dsbyte != dsbyteSHA3 && d.dsbyte != dsbyteShake {
 		return d.sumGeneric(b)
 	}
 
@@ -128,7 +135,7 @@ func (d *Digest) sum(b []byte) []byte {
 }
 
 func (d *Digest) read(out []byte) (n int, err error) {
-	if !cpu.S390X.HasSHA3 || d.dsbyte != dsbyteShake {
+	if !useSHA3 || d.dsbyte != dsbyteShake {
 		return d.readGeneric(out)
 	}
 
diff --git a/src/crypto/internal/fips/sha3/sha3_test.go b/src/crypto/internal/fips/sha3/sha3_test.go
index 73c9dfe9e3..1a3d571235 100644
--- a/src/crypto/internal/fips/sha3/sha3_test.go
+++ b/src/crypto/internal/fips/sha3/sha3_test.go
@@ -6,6 +6,7 @@ package sha3_test
 
 import (
 	"bytes"
+	"crypto/internal/cryptotest"
 	"crypto/internal/fips"
 	. "crypto/internal/fips/sha3"
 	"encoding"
@@ -105,6 +106,10 @@ func decodeHex(s string) []byte {
 
 // TestKeccak does a basic test of the non-standardized Keccak hash functions.
 func TestKeccak(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testKeccak)
+}
+
+func testKeccak(t *testing.T) {
 	tests := []struct {
 		fn   func() *Digest
 		data []byte
@@ -135,6 +140,10 @@ func TestKeccak(t *testing.T) {
 
 // TestShakeSum tests that the output of Sum matches the output of Read.
 func TestShakeSum(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testShakeSum)
+}
+
+func testShakeSum(t *testing.T) {
 	tests := [...]struct {
 		name        string
 		hash        *SHAKE
@@ -164,6 +173,10 @@ func TestShakeSum(t *testing.T) {
 // TestUnalignedWrite tests that writing data in an arbitrary pattern with
 // small input buffers.
 func TestUnalignedWrite(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testUnalignedWrite)
+}
+
+func testUnalignedWrite(t *testing.T) {
 	buf := sequentialBytes(0x10000)
 	for alg, df := range testDigests {
 		d := df()
@@ -220,6 +233,10 @@ func TestUnalignedWrite(t *testing.T) {
 
 // TestAppend checks that appending works when reallocation is necessary.
 func TestAppend(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testAppend)
+}
+
+func testAppend(t *testing.T) {
 	d := New224()
 
 	for capacity := 2; capacity <= 66; capacity += 64 {
@@ -238,6 +255,10 @@ func TestAppend(t *testing.T) {
 
 // TestAppendNoRealloc tests that appending works when no reallocation is necessary.
 func TestAppendNoRealloc(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testAppendNoRealloc)
+}
+
+func testAppendNoRealloc(t *testing.T) {
 	buf := make([]byte, 1, 200)
 	d := New224()
 	d.Write([]byte{0xcc})
@@ -251,6 +272,10 @@ func TestAppendNoRealloc(t *testing.T) {
 // TestSqueezing checks that squeezing the full output a single time produces
 // the same output as repeatedly squeezing the instance.
 func TestSqueezing(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testSqueezing)
+}
+
+func testSqueezing(t *testing.T) {
 	for algo, v := range testShakes {
 		d0 := v.constructor([]byte(v.defAlgoName), []byte(v.defCustomStr))
 		d0.Write([]byte(testString))
@@ -288,6 +313,10 @@ func sequentialBytes(size int) []byte {
 }
 
 func TestReset(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testReset)
+}
+
+func testReset(t *testing.T) {
 	out1 := make([]byte, 32)
 	out2 := make([]byte, 32)
 
@@ -309,6 +338,10 @@ func TestReset(t *testing.T) {
 }
 
 func TestClone(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testClone)
+}
+
+func testClone(t *testing.T) {
 	out1 := make([]byte, 16)
 	out2 := make([]byte, 16)
 
@@ -419,13 +452,15 @@ func TestCSHAKEAccumulated(t *testing.T) {
 	//    }
 	//    console.log(bytesToHex(acc.xof(32)));
 	//
-	t.Run("cSHAKE128", func(t *testing.T) {
-		testCSHAKEAccumulated(t, NewCShake128, (1600-256)/8,
-			"bb14f8657c6ec5403d0b0e2ef3d3393497e9d3b1a9a9e8e6c81dbaa5fd809252")
-	})
-	t.Run("cSHAKE256", func(t *testing.T) {
-		testCSHAKEAccumulated(t, NewCShake256, (1600-512)/8,
-			"0baaf9250c6e25f0c14ea5c7f9bfde54c8a922c8276437db28f3895bdf6eeeef")
+	cryptotest.TestAllImplementations(t, "crypto/sha3", func(t *testing.T) {
+		t.Run("cSHAKE128", func(t *testing.T) {
+			testCSHAKEAccumulated(t, NewCShake128, (1600-256)/8,
+				"bb14f8657c6ec5403d0b0e2ef3d3393497e9d3b1a9a9e8e6c81dbaa5fd809252")
+		})
+		t.Run("cSHAKE256", func(t *testing.T) {
+			testCSHAKEAccumulated(t, NewCShake256, (1600-512)/8,
+				"0baaf9250c6e25f0c14ea5c7f9bfde54c8a922c8276437db28f3895bdf6eeeef")
+		})
 	})
 }
 
@@ -458,6 +493,10 @@ func testCSHAKEAccumulated(t *testing.T, newCShake func(N, S []byte) *SHAKE, rat
 }
 
 func TestCSHAKELargeS(t *testing.T) {
+	cryptotest.TestAllImplementations(t, "crypto/sha3", testCSHAKELargeS)
+}
+
+func testCSHAKELargeS(t *testing.T) {
 	if testing.Short() {
 		t.Skip("skipping test in short mode.")
 	}
@@ -486,16 +525,18 @@ func TestCSHAKELargeS(t *testing.T) {
 }
 
 func TestMarshalUnmarshal(t *testing.T) {
-	t.Run("SHA3-224", func(t *testing.T) { testMarshalUnmarshal(t, New224()) })
-	t.Run("SHA3-256", func(t *testing.T) { testMarshalUnmarshal(t, New256()) })
-	t.Run("SHA3-384", func(t *testing.T) { testMarshalUnmarshal(t, New384()) })
-	t.Run("SHA3-512", func(t *testing.T) { testMarshalUnmarshal(t, New512()) })
-	t.Run("SHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewShake128()) })
-	t.Run("SHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewShake256()) })
-	t.Run("cSHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake128([]byte("N"), []byte("S"))) })
-	t.Run("cSHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake256([]byte("N"), []byte("S"))) })
-	t.Run("Keccak-256", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak256()) })
-	t.Run("Keccak-512", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak512()) })
+	cryptotest.TestAllImplementations(t, "crypto/sha3", func(t *testing.T) {
+		t.Run("SHA3-224", func(t *testing.T) { testMarshalUnmarshal(t, New224()) })
+		t.Run("SHA3-256", func(t *testing.T) { testMarshalUnmarshal(t, New256()) })
+		t.Run("SHA3-384", func(t *testing.T) { testMarshalUnmarshal(t, New384()) })
+		t.Run("SHA3-512", func(t *testing.T) { testMarshalUnmarshal(t, New512()) })
+		t.Run("SHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewShake128()) })
+		t.Run("SHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewShake256()) })
+		t.Run("cSHAKE128", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake128([]byte("N"), []byte("S"))) })
+		t.Run("cSHAKE256", func(t *testing.T) { testMarshalUnmarshal(t, NewCShake256([]byte("N"), []byte("S"))) })
+		t.Run("Keccak-256", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak256()) })
+		t.Run("Keccak-512", func(t *testing.T) { testMarshalUnmarshal(t, NewLegacyKeccak512()) })
+	})
 }
 
 // TODO(filippo): move this to crypto/internal/cryptotest.
author	Filippo Valsorda <filippo@golang.org>	2024-10-02 21:25:31 +0200
committer	Gopher Robot <gobot@golang.org>	2024-10-28 14:55:24 +0000
commit	ba1caa8b3051bc13bc353840946b404a13575410 (patch)
tree	289582b6da193c40c2ec2891dd5f2e93b97c33f4 /src/crypto
parent	d75fb40e52888dbd3ec9ff22e63e48b18cd5be31 (diff)
download	go-ba1caa8b3051bc13bc353840946b404a13575410.tar.xz