sha2_compress/
lib.rs

1#![no_std]
2use fixed_array::Array;
3use uints::UInt;
4
5pub struct BigSigma(u32, u32, u32);
6
7impl BigSigma {
8    fn get<I: UInt>(&self, v: I) -> I {
9        v.ror(self.0) ^ v.ror(self.1) ^ v.ror(self.2)
10    }
11}
12
13pub struct SmallSigma(u32, u32, u8);
14
15impl SmallSigma {
16    fn get<I: UInt>(&self, v: I) -> I {
17        v.ror(self.0) ^ v.ror(self.1) ^ (v >> self.2)
18    }
19}
20
21pub type Hash<I> = [I; 8];
22
23type W<I> = [I; 16];
24
25pub trait Item: UInt + Copy + Sized {
26    type KType: Array<Output = Self>;
27    const K: Self::KType;
28    const BIG_S0: BigSigma;
29    const BIG_S1: BigSigma;
30    const SMALL_S0: SmallSigma;
31    const SMALL_S1: SmallSigma;
32    fn w(a: &Hash<Self>, b: &Hash<Self>) -> W<Self>;
33}
34
35impl Item for u32 {
36    type KType = [Self; 64];
37    const K: Self::KType = [
38        0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, // 4
39        0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, // 8
40        0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, // 12
41        0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, // 16
42        0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, // 20
43        0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, // 24
44        0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, // 28
45        0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, // 32
46        0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, // 36
47        0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, // 40
48        0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, // 44
49        0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, // 48
50        0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, // 52
51        0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, // 56
52        0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, // 60
53        0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2, // 64
54    ];
55    const BIG_S0: BigSigma = BigSigma(2, 13, 22);
56    const BIG_S1: BigSigma = BigSigma(6, 11, 25);
57    const SMALL_S0: SmallSigma = SmallSigma(7, 18, 3);
58    const SMALL_S1: SmallSigma = SmallSigma(17, 19, 10);
59    fn w(a: &Hash<Self>, b: &Hash<Self>) -> W<Self> {
60        [
61            a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], // a
62            b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], // b
63        ]
64    }
65}
66
67impl Item for u64 {
68    type KType = [Self; 80];
69    const K: Self::KType = [
70        0x428a2f98d728ae22,
71        0x7137449123ef65cd,
72        0xb5c0fbcfec4d3b2f,
73        0xe9b5dba58189dbbc,
74        0x3956c25bf348b538,
75        0x59f111f1b605d019,
76        0x923f82a4af194f9b,
77        0xab1c5ed5da6d8118,
78        0xd807aa98a3030242,
79        0x12835b0145706fbe,
80        0x243185be4ee4b28c,
81        0x550c7dc3d5ffb4e2,
82        0x72be5d74f27b896f,
83        0x80deb1fe3b1696b1,
84        0x9bdc06a725c71235,
85        0xc19bf174cf692694,
86        0xe49b69c19ef14ad2,
87        0xefbe4786384f25e3,
88        0x0fc19dc68b8cd5b5,
89        0x240ca1cc77ac9c65,
90        0x2de92c6f592b0275,
91        0x4a7484aa6ea6e483,
92        0x5cb0a9dcbd41fbd4,
93        0x76f988da831153b5,
94        0x983e5152ee66dfab,
95        0xa831c66d2db43210,
96        0xb00327c898fb213f,
97        0xbf597fc7beef0ee4,
98        0xc6e00bf33da88fc2,
99        0xd5a79147930aa725,
100        0x06ca6351e003826f,
101        0x142929670a0e6e70,
102        0x27b70a8546d22ffc,
103        0x2e1b21385c26c926,
104        0x4d2c6dfc5ac42aed,
105        0x53380d139d95b3df,
106        0x650a73548baf63de,
107        0x766a0abb3c77b2a8,
108        0x81c2c92e47edaee6,
109        0x92722c851482353b,
110        0xa2bfe8a14cf10364,
111        0xa81a664bbc423001,
112        0xc24b8b70d0f89791,
113        0xc76c51a30654be30,
114        0xd192e819d6ef5218,
115        0xd69906245565a910,
116        0xf40e35855771202a,
117        0x106aa07032bbd1b8,
118        0x19a4c116b8d2d0c8,
119        0x1e376c085141ab53,
120        0x2748774cdf8eeb99,
121        0x34b0bcb5e19b48a8,
122        0x391c0cb3c5c95a63,
123        0x4ed8aa4ae3418acb,
124        0x5b9cca4f7763e373,
125        0x682e6ff3d6b2b8a3,
126        0x748f82ee5defb2fc,
127        0x78a5636f43172f60,
128        0x84c87814a1f0ab72,
129        0x8cc702081a6439ec,
130        0x90befffa23631e28,
131        0xa4506cebde82bde9,
132        0xbef9a3f7b2c67915,
133        0xc67178f2e372532b,
134        0xca273eceea26619c,
135        0xd186b8c721c0c207,
136        0xeada7dd6cde0eb1e,
137        0xf57d4f7fee6ed178,
138        0x06f067aa72176fba,
139        0x0a637dc5a2c898a6,
140        0x113f9804bef90dae,
141        0x1b710b35131c471b,
142        0x28db77f523047d84,
143        0x32caab7b40c72493,
144        0x3c9ebe0a15c9bebc,
145        0x431d67c49c100d4c,
146        0x4cc5d4becb3e42b6,
147        0x597f299cfc657e2a,
148        0x5fcb6fab3ad6faec,
149        0x6c44198c4a475817,
150    ];
151    const BIG_S0: BigSigma = BigSigma(28, 34, 39);
152    const BIG_S1: BigSigma = BigSigma(14, 18, 41);
153    const SMALL_S0: SmallSigma = SmallSigma(1, 8, 7);
154    const SMALL_S1: SmallSigma = SmallSigma(19, 61, 6);
155    fn w(a: &Hash<Self>, b: &Hash<Self>) -> W<Self> {
156        [
157            a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], // a
158            b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], // b
159        ]
160    }
161}
162
163pub trait Sha2 {
164    fn compress(&self, h1: &Self, h2: &Self) -> Self;
165}
166
167impl<I: Item> Sha2 for Hash<I> {
168    fn compress(&self, h1: &Hash<I>, h2: &Hash<I>) -> Hash<I> {
169        let mut a = self[0];
170        let mut b = self[1];
171        let mut c = self[2];
172        let mut d = self[3];
173        let mut e = self[4];
174        let mut f = self[5];
175        let mut g = self[6];
176        let mut h = self[7];
177        let mut round = |i: usize, w: I| {
178            let big_s1 = I::BIG_S1.get(e);
179            let ch = (e & f) ^ (!e & g);
180            let temp1 = h
181                .overflow_add(big_s1)
182                .overflow_add(ch)
183                .overflow_add(I::K[i])
184                .overflow_add(w);
185            let big_s0 = I::BIG_S0.get(a);
186            let maj = (a & b) ^ (a & c) ^ (b & c);
187            let temp2 = big_s0.overflow_add(maj);
188            h = g;
189            g = f;
190            f = e;
191            e = d.overflow_add(temp1);
192            d = c;
193            c = b;
194            b = a;
195            a = temp1.overflow_add(temp2);
196        };
197        let mut w = I::w(h1, h2);
198        for i in 0..16 {
199            round(i, w[i]);
200        }
201        for i in 16..I::KType::SIZE {
202            let i16 = i & 0xF;
203            let wi = w[i16]
204                .overflow_add(I::SMALL_S0.get(w[(i + 1) & 0xF]))
205                .overflow_add(w[(i + 9) & 0xF])
206                .overflow_add(I::SMALL_S1.get(w[(i + 14) & 0xF]));
207            w[i16] = wi;
208            round(i, wi);
209        }
210        [
211            self[0].overflow_add(a),
212            self[1].overflow_add(b),
213            self[2].overflow_add(c),
214            self[3].overflow_add(d),
215            self[4].overflow_add(e),
216            self[5].overflow_add(f),
217            self[6].overflow_add(g),
218            self[7].overflow_add(h),
219        ]
220    }
221}
222
223pub const SHA256: Hash<u32> = [
224    0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19,
225];
226
227pub const SHA224: Hash<u32> = [
228    0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939, 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4,
229];
230
231pub const SHA512: Hash<u64> = [
232    0x6a09e667f3bcc908,
233    0xbb67ae8584caa73b,
234    0x3c6ef372fe94f82b,
235    0xa54ff53a5f1d36f1,
236    0x510e527fade682d1,
237    0x9b05688c2b3e6c1f,
238    0x1f83d9abfb41bd6b,
239    0x5be0cd19137e2179,
240];
241
242pub const SHA384: Hash<u64> = [
243    0xcbbb9d5dc1059ed8,
244    0x629a292a367cd507,
245    0x9159015a3070dd17,
246    0x152fecd8f70e5939,
247    0x67332667ffc00b31,
248    0x8eb44a8768581511,
249    0xdb0c2e0d64f98fa7,
250    0x47b5481dbefa4fa4,
251];
252
253pub const SHA512_256: Hash<u64> = [
254    0x22312194FC2BF72C,
255    0x9F555FA3C84C64C2,
256    0x2393B86B6F53B151,
257    0x963877195940EABD,
258    0x96283EE2A88EFFE3,
259    0xBE5E1E2553863992,
260    0x2B0199FC2C85B8AA,
261    0x0EB72DDC81C52CA2,
262];
263
264pub const SHA512_224: Hash<u64> = [
265    0x8C3D37C819544DA2,
266    0x73E1996689DCD4D6,
267    0x1DFAB7AE32FF9C82,
268    0x679DD514582F9FCF,
269    0x0F6D2B697BD44DA8,
270    0x77E36F7304C48942,
271    0x3F9D85A86A1D36C8,
272    0x1112E6AD91D692A1,
273];
274
275#[cfg(test)]
276mod tests {
277    use super::*;
278    #[test]
279    fn sha256() {
280        let result = SHA256.compress(
281            &[0x8000_0000, 0, 0, 0, 0, 0, 0, 0],
282            &[0, 0, 0, 0, 0, 0, 0, 0],
283        );
284        assert_eq!(
285            result,
286            [
287                0xe3b0c442, 0x98fc1c14, 0x9afbf4c8, 0x996fb924, // 4
288                0x27ae41e4, 0x649b934c, 0xa495991b, 0x7852b855, // 8
289            ]
290        );
291    }
292    #[test]
293    fn sha224() {
294        let result = SHA224.compress(
295            &[0x8000_0000, 0, 0, 0, 0, 0, 0, 0],
296            &[0, 0, 0, 0, 0, 0, 0, 0],
297        );
298        assert_eq!(
299            result[0..7],
300            [0xd14a028c, 0x2a3a2bc9, 0x476102bb, 0x288234c4, 0x15a2b01f, 0x828ea62a, 0xc5b3e42f]
301        );
302    }
303    #[test]
304    fn sha512() {
305        let result = SHA512.compress(
306            &[0x8000_0000_0000_0000, 0, 0, 0, 0, 0, 0, 0],
307            &[0, 0, 0, 0, 0, 0, 0, 0],
308        );
309        assert_eq!(
310            result,
311            [
312                0xcf83_e135_7eef_b8bd,
313                0xf154_2850_d66d_8007,
314                0xd620_e405_0b57_15dc,
315                0x83f4_a921_d36c_e9ce,
316                0x47d0_d13c_5d85_f2b0,
317                0xff83_18d2_877e_ec2f,
318                0x63b9_31bd_4741_7a81,
319                0xa538_327a_f927_da3e,
320            ]
321        );
322    }
323    #[test]
324    fn sha384() {
325        let result = SHA384.compress(
326            &[0x8000_0000_0000_0000, 0, 0, 0, 0, 0, 0, 0],
327            &[0, 0, 0, 0, 0, 0, 0, 0],
328        );
329        assert_eq!(
330            result[0..6],
331            [
332                0x38b0_60a7_51ac_9638,
333                0x4cd9_327e_b1b1_e36a,
334                0x21fd_b711_14be_0743,
335                0x4c0c_c7bf_63f6_e1da,
336                0x274e_debf_e76f_65fb,
337                0xd51a_d2f1_4898_b95b,
338            ]
339        );
340    }
341    #[test]
342    fn sha512_256() {
343        let result = SHA512_256.compress(
344            &[0x8000_0000_0000_0000, 0, 0, 0, 0, 0, 0, 0],
345            &[0, 0, 0, 0, 0, 0, 0, 0],
346        );
347        assert_eq!(
348            result[0..4],
349            [
350                0xc672_b8d1_ef56_ed28,
351                0xab87_c362_2c51_1406,
352                0x9bdd_3ad7_b8f9_7374,
353                0x98d0_c01e_cef0_967a,
354            ]
355        );
356    }
357    #[test]
358    fn sha512_224() {
359        let result = SHA512_224.compress(
360            &[0x8000_0000_0000_0000, 0, 0, 0, 0, 0, 0, 0],
361            &[0, 0, 0, 0, 0, 0, 0, 0],
362        );
363        assert_eq!(
364            result[0..3],
365            [
366                0x6ed0_dd02_806f_a89e,
367                0x25de_060c_19d3_ac86,
368                0xcabb_87d6_a0dd_d05c,
369            ]
370        );
371        assert_eq!(result[3] >> 32, 0x333b_84f4,);
372    }
373}
sha2_compress/lib.rs

sha2_compress/
lib.rs
