Use standardized hash.CloneHash interface

microsoft · Jan 8, 2025 · f7e52d4 · f7e52d4
1 parent 66ceeb7
commit f7e52d4
Show file tree

Hide file tree

Showing 2 changed files with 1,118 additions and 1,130 deletions.
diff --git a/patches/0002-Add-crypto-backend-foundation.patch b/patches/0002-Add-crypto-backend-foundation.patch
@@ -66,17 +66,17 @@ Subject: [PATCH] Add crypto backend foundation
  src/crypto/tls/handshake_client.go            |  10 +-
  src/crypto/tls/handshake_client_tls13.go      |  14 +-
  src/crypto/tls/handshake_server.go            |  10 +-
- src/crypto/tls/handshake_server_tls13.go      |  24 +-
+ src/crypto/tls/handshake_server_tls13.go      |  22 +-
  src/crypto/tls/internal/fips140tls/fipstls.go |   3 +-
  src/crypto/tls/prf.go                         |  41 ++++
  src/go/build/deps_test.go                     |   8 +-
  src/hash/boring_test.go                       |   9 +
  src/hash/example_test.go                      |   2 +
- src/hash/marshal_test.go                      |   5 +
+ src/hash/marshal_test.go                      |   9 +
  src/hash/notboring_test.go                    |   9 +
  src/net/smtp/smtp_test.go                     |  72 ++++--
  src/runtime/runtime_boring.go                 |   5 +
- 72 files changed, 1181 insertions(+), 86 deletions(-)
+ 72 files changed, 1183 insertions(+), 86 deletions(-)
  create mode 100644 src/crypto/dsa/boring.go
  create mode 100644 src/crypto/dsa/notboring.go
  create mode 100644 src/crypto/ed25519/boring.go
@@ -2168,7 +2168,7 @@ index 7c75977ad3ffb2..b9db95ca7b9d5a 100644
 
  	if err := hs.processClientHello(); err != nil {
 diff --git a/src/crypto/tls/handshake_server_tls13.go b/src/crypto/tls/handshake_server_tls13.go
-index 76fff6974e7403..218d40171d2567 100644
+index 76fff6974e7403..967ebe27fd7391 100644
 --- a/src/crypto/tls/handshake_server_tls13.go
 +++ b/src/crypto/tls/handshake_server_tls13.go
 @@ -8,8 +8,9 @@ import (
@@ -2182,23 +2182,21 @@ index 76fff6974e7403..218d40171d2567 100644
  	"crypto/internal/fips140/mlkem"
  	"crypto/internal/fips140/tls13"
  	"crypto/internal/hpke"
-@@ -477,6 +478,15 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+@@ -477,6 +478,13 @@ func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
  	}
  	marshaler, ok := in.(binaryMarshaler)
  	if !ok {
 +		if boring.Enabled {
 +			// CNG and OpenSSL with SymCrypt hash functions do not implement the
 +			// encoding.BinaryMarshaler interface, but they do implement the Clone method.
-+			if cloner, ok := in.(interface{ Clone() (hash.Hash, error) }); ok {
-+				if out, err := cloner.Clone(); err == nil {
-+					return out
-+				}
++			if cloner, ok := in.(interface{ Clone() hash.Hash }); ok {
++				return cloner.Clone()
 +			}
 +		}
  		return nil
  	}
  	state, err := marshaler.MarshalBinary()
-@@ -572,8 +582,12 @@ func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID)
+@@ -572,8 +580,12 @@ func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID)
  		if err := transcriptMsg(helloRetryRequest, confTranscript); err != nil {
  			return nil, err
  		}
@@ -2212,7 +2210,7 @@ index 76fff6974e7403..218d40171d2567 100644
  			"hrr ech accept confirmation",
  			confTranscript.Sum(nil),
  			8,
-@@ -734,9 +748,13 @@ func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
+@@ -734,9 +746,13 @@ func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
  		if err := transcriptMsg(hs.hello, echTranscript); err != nil {
  			return err
  		}
@@ -2392,10 +2390,18 @@ index f07b9aaa2c4898..b380537215634d 100644
 
  import (
 diff --git a/src/hash/marshal_test.go b/src/hash/marshal_test.go
-index 3091f7a67acede..fead8cc4bec73a 100644
+index 3091f7a67acede..23736034d5c352 100644
 --- a/src/hash/marshal_test.go
 +++ b/src/hash/marshal_test.go
-@@ -65,6 +65,11 @@ func TestMarshalHash(t *testing.T) {
+@@ -21,6 +21,7 @@ import (
+ 	"hash/crc32"
+ 	"hash/crc64"
+ 	"hash/fnv"
++	"strings"
+ 	"testing"
+ )
+
+@@ -65,6 +66,11 @@ func TestMarshalHash(t *testing.T) {
  			}
 
  			h := tt.new()
@@ -2407,6 +2413,16 @@ index 3091f7a67acede..fead8cc4bec73a 100644
  			h.Write(buf[:256])
  			sum := h.Sum(nil)
 
+@@ -80,6 +86,9 @@ func TestMarshalHash(t *testing.T) {
+ 			}
+ 			enc, err := h2m.MarshalBinary()
+ 			if err != nil {
++				if strings.Contains(err.Error(), "hash state is not marshallable") {
++					t.Skip("BinaryMarshaler not supported")
++				}
+ 				t.Fatalf("MarshalBinary: %v", err)
+ 			}
+ 			if !bytes.Equal(enc, tt.golden) {
 diff --git a/src/hash/notboring_test.go b/src/hash/notboring_test.go
 new file mode 100644
 index 00000000000000..11dc691600b110