cryptsuite: test hardware and software SHA, if possible.

Like the AES code before it, I've now exposed the explicit _sw and _hw
vtables for SHA-256 and SHA-1 through the testcrypt system, and now
cryptsuite will run the standard test vectors for those hashes over
both implementations, on a platform where more than one is available.

test/cryptsuite.py

@@ -1431,60 +1431,85 @@ class standard_test_vectors(MyTestBase):
                          unhex('56be34521d144c88dbb8c733f0e8b3f6'))
 
     def testSHA1(self):
+        for hashname in ['sha1_sw', 'sha1_hw']:
+            if ssh_hash_new(hashname) is None:
+                continue # skip testing of unavailable HW implementation
+
             # Test cases from RFC 6234 section 8.5, omitting the ones
             # whose input is not a multiple of 8 bits
-        self.assertEqualBin(hash_str('sha1', "abc"), unhex(
+            self.assertEqualBin(hash_str(hashname, "abc"), unhex(
                 "a9993e364706816aba3e25717850c26c9cd0d89d"))
-        self.assertEqualBin(hash_str('sha1',
+            self.assertEqualBin(hash_str(hashname,
-            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), unhex(
+                "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"),
-            "84983e441c3bd26ebaae4aa1f95129e5e54670f1"))
+                unhex("84983e441c3bd26ebaae4aa1f95129e5e54670f1"))
-        self.assertEqualBin(hash_str_iter('sha1',
+            self.assertEqualBin(hash_str_iter(hashname,
                 ("a" * 1000 for _ in range(1000))), unhex(
                 "34aa973cd4c4daa4f61eeb2bdbad27316534016f"))
-        self.assertEqualBin(hash_str('sha1',
+            self.assertEqualBin(hash_str(hashname,
                 "01234567012345670123456701234567" * 20), unhex(
                 "dea356a2cddd90c7a7ecedc5ebb563934f460452"))
-        self.assertEqualBin(hash_str('sha1', b"\x5e"), unhex(
+            self.assertEqualBin(hash_str(hashname, b"\x5e"), unhex(
                 "5e6f80a34a9798cafc6a5db96cc57ba4c4db59c2"))
-        self.assertEqualBin(hash_str('sha1',
+            self.assertEqualBin(hash_str(hashname,
                 unhex("9a7dfdf1ecead06ed646aa55fe757146")), unhex(
                 "82abff6605dbe1c17def12a394fa22a82b544a35"))
-        self.assertEqualBin(hash_str('sha1', unhex(
+            self.assertEqualBin(hash_str(hashname, unhex(
-            "f78f92141bcd170ae89b4fba15a1d59f3fd84d223c9251bdacbbae61d05ed115"
+                "f78f92141bcd170ae89b4fba15a1d59f"
-            "a06a7ce117b7beead24421ded9c32592bd57edeae39c39fa1fe8946a84d0cf1f"
+                "3fd84d223c9251bdacbbae61d05ed115"
-            "7beead1713e2e0959897347f67c80b0400c209815d6b10a683836fd5562a56ca"
+                "a06a7ce117b7beead24421ded9c32592"
-            "b1a28e81b6576654631cf16566b86e3b33a108b05307c00aff14a768ed735060"
+                "bd57edeae39c39fa1fe8946a84d0cf1f"
-            "6a0f85e6a91d396f5b5cbe577f9b38807c7d523d6d792f6ebc24a4ecf2b3a427"
+                "7beead1713e2e0959897347f67c80b04"
+                "00c209815d6b10a683836fd5562a56ca"
+                "b1a28e81b6576654631cf16566b86e3b"
+                "33a108b05307c00aff14a768ed735060"
+                "6a0f85e6a91d396f5b5cbe577f9b3880"
+                "7c7d523d6d792f6ebc24a4ecf2b3a427"
                 "cdbbfb")), unhex(
                 "cb0082c8f197d260991ba6a460e76e202bad27b3"))
 
     def testSHA256(self):
+        for hashname in ['sha256_sw', 'sha256_hw']:
+            if ssh_hash_new(hashname) is None:
+                continue # skip testing of unavailable HW implementation
+
             # Test cases from RFC 6234 section 8.5, omitting the ones
             # whose input is not a multiple of 8 bits
-        self.assertEqualBin(hash_str('sha256', "abc"), unhex(
+            self.assertEqualBin(hash_str(hashname, "abc"),
-            "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"))
+                                unhex("ba7816bf8f01cfea414140de5dae2223"
-        self.assertEqualBin(hash_str('sha256',
+                                      "b00361a396177a9cb410ff61f20015ad"))
-            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), unhex(
+            self.assertEqualBin(hash_str(hashname,
-            "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1"))
+                "abcdbcdecdefdefgefghfghighijhijk""ijkljklmklmnlmnomnopnopq"),
-        self.assertEqualBin(hash_str_iter('sha256',
+                                unhex("248d6a61d20638b8e5c026930c3e6039"
-            ("a" * 1000 for _ in range(1000))), unhex(
+                                      "a33ce45964ff2167f6ecedd419db06c1"))
-            "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0"))
+            self.assertEqualBin(
-        self.assertEqualBin(hash_str('sha256',
+                hash_str_iter(hashname, ("a" * 1000 for _ in range(1000))),
-            "01234567012345670123456701234567" * 20), unhex(
+                unhex("cdc76e5c9914fb9281a1c7e284d73e67"
-            "594847328451bdfa85056225462cc1d867d877fb388df0ce35f25ab5562bfbb5"))
+                      "f1809a48a497200e046d39ccc7112cd0"))
-        self.assertEqualBin(hash_str('sha256', b"\x19"), unhex(
+            self.assertEqualBin(
-            "68aa2e2ee5dff96e3355e6c7ee373e3d6a4e17f75f9518d843709c0c9bc3e3d4"))
+                hash_str(hashname, "01234567012345670123456701234567" * 20),
-        self.assertEqualBin(hash_str('sha256',
+                unhex("594847328451bdfa85056225462cc1d8"
-            unhex("e3d72570dcdd787ce3887ab2cd684652")), unhex(
+                      "67d877fb388df0ce35f25ab5562bfbb5"))
-            "175ee69b02ba9b58e2b0a5fd13819cea573f3940a94f825128cf4209beabb4e8"))
+            self.assertEqualBin(hash_str(hashname, b"\x19"),
-        self.assertEqualBin(hash_str('sha256', unhex(
+                                unhex("68aa2e2ee5dff96e3355e6c7ee373e3d"
-            "8326754e2277372f4fc12b20527afef04d8a056971b11ad57123a7c137760000"
+                                      "6a4e17f75f9518d843709c0c9bc3e3d4"))
-            "d7bef6f3c1f7a9083aa39d810db310777dab8b1e7f02b84a26c773325f8b2374"
+            self.assertEqualBin(
-            "de7a4b5a58cb5c5cf35bcee6fb946e5bd694fa593a8beb3f9d6592ecedaa66ca"
+                hash_str(hashname, unhex("e3d72570dcdd787ce3887ab2cd684652")),
-            "82a29d0c51bcf9336230e5d784e4c0a43f8d79a30a165cbabe452b774b9c7109"
+                unhex("175ee69b02ba9b58e2b0a5fd13819cea"
-            "a97d138f129228966f6c0adc106aad5a9fdd30825769b2c671af6759df28eb39"
+                      "573f3940a94f825128cf4209beabb4e8"))
+            self.assertEqualBin(hash_str(hashname, unhex(
+                "8326754e2277372f4fc12b20527afef0"
+                "4d8a056971b11ad57123a7c137760000"
+                "d7bef6f3c1f7a9083aa39d810db31077"
+                "7dab8b1e7f02b84a26c773325f8b2374"
+                "de7a4b5a58cb5c5cf35bcee6fb946e5b"
+                "d694fa593a8beb3f9d6592ecedaa66ca"
+                "82a29d0c51bcf9336230e5d784e4c0a4"
+                "3f8d79a30a165cbabe452b774b9c7109"
+                "a97d138f129228966f6c0adc106aad5a"
+                "9fdd30825769b2c671af6759df28eb39"
                 "3d54d6")), unhex(
-            "97dbca7df46d62c8a422c941dd7e835b8ad3361763f7e9b2d95f4f0da6e1ccbc"))
+                    "97dbca7df46d62c8a422c941dd7e835b"
+                    "8ad3361763f7e9b2d95f4f0da6e1ccbc"))
 
     def testSHA384(self):
         # Test cases from RFC 6234 section 8.5, omitting the ones

testcrypt.c

@@ -185,7 +185,11 @@ static const ssh_hashalg *get_hashalg(BinarySource *in)
     } algs[] = {
         {"md5", &ssh_md5},
         {"sha1", &ssh_sha1},
+        {"sha1_sw", &ssh_sha1_sw},
+        {"sha1_hw", &ssh_sha1_hw},
         {"sha256", &ssh_sha256},
+        {"sha256_sw", &ssh_sha256_sw},
+        {"sha256_hw", &ssh_sha256_hw},
         {"sha384", &ssh_sha384},
         {"sha512", &ssh_sha512},
     };
@@ -510,6 +514,14 @@ static void return_opt_val_cipher(strbuf *out, ssh_cipher *c)
         return_val_cipher(out, c);
 }
 
+static void return_opt_val_hash(strbuf *out, ssh_hash *h)
+{
+    if (!h)
+        strbuf_catf(out, "NULL\n");
+    else
+        return_val_hash(out, h);
+}
+
 static void handle_hello(BinarySource *in, strbuf *out)
 {
     strbuf_catf(out, "hello, world\n");

testcrypt.h

@@ -115,7 +115,7 @@ FUNC3(void, ecc_edwards_get_affine, val_epoint, out_val_mpint, out_val_mpint)
  * ssh_hash_update is an invention of testcrypt, handled in the real C
  * API by the hash object also functioning as a BinarySink.
  */
-FUNC1(val_hash, ssh_hash_new, hashalg)
+FUNC1(opt_val_hash, ssh_hash_new, hashalg)
 FUNC1(val_hash, ssh_hash_copy, val_hash)
 FUNC1(val_string, ssh_hash_final, consumed_val_hash)
 FUNC2(void, ssh_hash_update, val_hash, val_string_ptrlen)