| OLD | NEW |
|---|
| 1 // Copyright 2013 The Go Authors. All rights reserved. | 1 // Copyright 2014 The Go Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style | 2 // Use of this source code is governed by a BSD-style |
| 3 // license that can be found in the LICENSE file. | 3 // license that can be found in the LICENSE file. |
| 4 | 4 |
| 5 package sha3 | 5 package sha3 |
| 6 | 6 |
| 7 // This file implements the core Keccak permutation function necessary for compu
ting SHA3. | |
| 8 // This is implemented in a separate file to allow for replacement by an optimiz
ed implementation. | |
| 9 // Nothing in this package is exported. | |
| 10 // For the detailed specification, refer to the Keccak web site (http://keccak.n
oekeon.org/). | |
| 11 | |
| 12 // rc stores the round constants for use in the ι step. | 7 // rc stores the round constants for use in the ι step. |
| 13 var rc = [...]uint64{ | 8 var rc = [24]uint64{ |
| 14 0x0000000000000001, | 9 0x0000000000000001, |
| 15 0x0000000000008082, | 10 0x0000000000008082, |
| 16 0x800000000000808A, | 11 0x800000000000808A, |
| 17 0x8000000080008000, | 12 0x8000000080008000, |
| 18 0x000000000000808B, | 13 0x000000000000808B, |
| 19 0x0000000080000001, | 14 0x0000000080000001, |
| 20 0x8000000080008081, | 15 0x8000000080008081, |
| 21 0x8000000000008009, | 16 0x8000000000008009, |
| 22 0x000000000000008A, | 17 0x000000000000008A, |
| 23 0x0000000000000088, | 18 0x0000000000000088, |
| 24 0x0000000080008009, | 19 0x0000000080008009, |
| 25 0x000000008000000A, | 20 0x000000008000000A, |
| 26 0x000000008000808B, | 21 0x000000008000808B, |
| 27 0x800000000000008B, | 22 0x800000000000008B, |
| 28 0x8000000000008089, | 23 0x8000000000008089, |
| 29 0x8000000000008003, | 24 0x8000000000008003, |
| 30 0x8000000000008002, | 25 0x8000000000008002, |
| 31 0x8000000000000080, | 26 0x8000000000000080, |
| 32 0x000000000000800A, | 27 0x000000000000800A, |
| 33 0x800000008000000A, | 28 0x800000008000000A, |
| 34 0x8000000080008081, | 29 0x8000000080008081, |
| 35 0x8000000000008080, | 30 0x8000000000008080, |
| 36 0x0000000080000001, | 31 0x0000000080000001, |
| 37 0x8000000080008008, | 32 0x8000000080008008, |
| 38 } | 33 } |
| 39 | 34 |
| 40 // keccakF computes the complete Keccak-f function consisting of 24 rounds with
a different | 35 // KeccakF1600 applies the Keccak permutation to a 1600b-wide |
| 41 // constant (rc) in each round. This implementation fully unrolls the round func
tion to avoid | 36 // state represented as a slice of 25 uint64s. |
| 42 // inner loops, as well as pre-calculating shift offsets. | 37 func KeccakF1600(a *[25]uint64) { |
| 43 func keccakF(a *[numLanes]uint64) { | |
| 44 var t, bc0, bc1, bc2, bc3, bc4 uint64 | 38 var t, bc0, bc1, bc2, bc3, bc4 uint64 |
| 45 for _, roundConstant := range rc { | 39 for _, roundConstant := range rc { |
| 46 // θ step | 40 // θ step |
| 47 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] | 41 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] |
| 48 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] | 42 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] |
| 49 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] | 43 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] |
| 50 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] | 44 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] |
| 51 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] | 45 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] |
| 52 t = bc4 ^ (bc1<<1 ^ bc1>>63) | 46 t = bc4 ^ (bc1<<1 ^ bc1>>63) |
| 53 a[0] ^= t | 47 a[0] ^= t |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 156 a[20] ^= bc2 &^ bc1 | 150 a[20] ^= bc2 &^ bc1 |
| 157 a[21] ^= bc3 &^ bc2 | 151 a[21] ^= bc3 &^ bc2 |
| 158 a[22] ^= bc4 &^ bc3 | 152 a[22] ^= bc4 &^ bc3 |
| 159 a[23] ^= bc0 &^ bc4 | 153 a[23] ^= bc0 &^ bc4 |
| 160 a[24] ^= bc1 &^ bc0 | 154 a[24] ^= bc1 &^ bc0 |
| 161 | 155 |
| 162 // ι step | 156 // ι step |
| 163 a[0] ^= roundConstant | 157 a[0] ^= roundConstant |
| 164 } | 158 } |
| 165 } | 159 } |
| OLD | NEW |
|---|
