mirror of
https://github.com/denoland/deno.git
synced 2025-01-13 09:32:24 -05:00
feat(std/hash): add sha3 (#5558)
This commit is contained in:
parent
430beebc46
commit
e05ed53713
7 changed files with 1639 additions and 0 deletions
52
std/hash/_sha3/keccak.ts
Normal file
52
std/hash/_sha3/keccak.ts
Normal file
|
@ -0,0 +1,52 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
import { Sponge } from "./sponge.ts";
|
||||
import { keccakf } from "./keccakf.ts";
|
||||
|
||||
/** Keccak-224 hash */
|
||||
export class Keccak224 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 224,
|
||||
rate: 144,
|
||||
dsbyte: 1,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Keccak-256 hash */
|
||||
export class Keccak256 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 256,
|
||||
rate: 136,
|
||||
dsbyte: 1,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Keccak-384 hash */
|
||||
export class Keccak384 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 384,
|
||||
rate: 104,
|
||||
dsbyte: 1,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Keccak-512 hash */
|
||||
export class Keccak512 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 512,
|
||||
rate: 72,
|
||||
dsbyte: 1,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
790
std/hash/_sha3/keccakf.ts
Normal file
790
std/hash/_sha3/keccakf.ts
Normal file
|
@ -0,0 +1,790 @@
|
|||
// Ported from Go:
|
||||
// https://github.com/golang/crypto/blob/master/sha3/keccakf.go
|
||||
// Copyright 2011 The Go Authors. All rights reserved. BSD license.
|
||||
// https://github.com/golang/go/blob/master/LICENSE
|
||||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
const KECCAK_ROUNDS = 24;
|
||||
const KECCAK_RC: number[] = [
|
||||
0x1,
|
||||
0x0,
|
||||
0x8082,
|
||||
0x0,
|
||||
0x808a,
|
||||
0x80000000,
|
||||
0x80008000,
|
||||
0x80000000,
|
||||
0x808b,
|
||||
0x0,
|
||||
0x80000001,
|
||||
0x0,
|
||||
0x80008081,
|
||||
0x80000000,
|
||||
0x8009,
|
||||
0x80000000,
|
||||
0x8a,
|
||||
0x0,
|
||||
0x88,
|
||||
0x0,
|
||||
0x80008009,
|
||||
0x0,
|
||||
0x8000000a,
|
||||
0x0,
|
||||
0x8000808b,
|
||||
0x0,
|
||||
0x8b,
|
||||
0x80000000,
|
||||
0x8089,
|
||||
0x80000000,
|
||||
0x8003,
|
||||
0x80000000,
|
||||
0x8002,
|
||||
0x80000000,
|
||||
0x80,
|
||||
0x80000000,
|
||||
0x800a,
|
||||
0x0,
|
||||
0x8000000a,
|
||||
0x80000000,
|
||||
0x80008081,
|
||||
0x80000000,
|
||||
0x8080,
|
||||
0x80000000,
|
||||
0x80000001,
|
||||
0x0,
|
||||
0x80008008,
|
||||
0x80000000,
|
||||
];
|
||||
|
||||
/** keccak1600 permutation function */
|
||||
export function keccakf(state: Uint8Array): void {
|
||||
const s = new Uint32Array(state.buffer);
|
||||
let bc0 = 0;
|
||||
let bc1 = 0;
|
||||
let bc2 = 0;
|
||||
let bc3 = 0;
|
||||
let bc4 = 0;
|
||||
let bc5 = 0;
|
||||
let bc6 = 0;
|
||||
let bc7 = 0;
|
||||
let bc8 = 0;
|
||||
let bc9 = 0;
|
||||
let d0 = 0;
|
||||
let d1 = 0;
|
||||
let d2 = 0;
|
||||
let d3 = 0;
|
||||
let d4 = 0;
|
||||
let d5 = 0;
|
||||
let d6 = 0;
|
||||
let d7 = 0;
|
||||
let d8 = 0;
|
||||
let d9 = 0;
|
||||
let t0 = 0;
|
||||
let t1 = 0;
|
||||
|
||||
for (let n = 0; n < KECCAK_ROUNDS * 2; n += 8) {
|
||||
// Round 1
|
||||
bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40];
|
||||
bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41];
|
||||
bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42];
|
||||
bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43];
|
||||
bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44];
|
||||
bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45];
|
||||
bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46];
|
||||
bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47];
|
||||
bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48];
|
||||
bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49];
|
||||
|
||||
d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31));
|
||||
d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31));
|
||||
d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31));
|
||||
d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31));
|
||||
d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31));
|
||||
d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31));
|
||||
d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31));
|
||||
d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31));
|
||||
d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31));
|
||||
d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31));
|
||||
|
||||
bc0 = s[0] ^ d0;
|
||||
bc1 = s[1] ^ d1;
|
||||
t0 = s[12] ^ d2;
|
||||
t1 = s[13] ^ d3;
|
||||
bc2 = (t1 << 12) | (t0 >>> 20);
|
||||
bc3 = (t0 << 12) | (t1 >>> 20);
|
||||
t0 = s[24] ^ d4;
|
||||
t1 = s[25] ^ d5;
|
||||
bc4 = (t1 << 11) | (t0 >>> 21);
|
||||
bc5 = (t0 << 11) | (t1 >>> 21);
|
||||
t0 = s[36] ^ d6;
|
||||
t1 = s[37] ^ d7;
|
||||
bc6 = (t0 << 21) | (t1 >>> 11);
|
||||
bc7 = (t1 << 21) | (t0 >>> 11);
|
||||
t0 = s[48] ^ d8;
|
||||
t1 = s[49] ^ d9;
|
||||
bc8 = (t0 << 14) | (t1 >>> 18);
|
||||
bc9 = (t1 << 14) | (t0 >>> 18);
|
||||
s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n];
|
||||
s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 1];
|
||||
s[12] = bc2 ^ (bc6 & ~bc4);
|
||||
s[13] = bc3 ^ (bc7 & ~bc5);
|
||||
s[24] = bc4 ^ (bc8 & ~bc6);
|
||||
s[25] = bc5 ^ (bc9 & ~bc7);
|
||||
s[36] = bc6 ^ (bc0 & ~bc8);
|
||||
s[37] = bc7 ^ (bc1 & ~bc9);
|
||||
s[48] = bc8 ^ (bc2 & ~bc0);
|
||||
s[49] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[20] ^ d0;
|
||||
t1 = s[21] ^ d1;
|
||||
bc4 = (t0 << 3) | (t1 >>> 29);
|
||||
bc5 = (t1 << 3) | (t0 >>> 29);
|
||||
t0 = s[32] ^ d2;
|
||||
t1 = s[33] ^ d3;
|
||||
bc6 = (t1 << 13) | (t0 >>> 19);
|
||||
bc7 = (t0 << 13) | (t1 >>> 19);
|
||||
t0 = s[44] ^ d4;
|
||||
t1 = s[45] ^ d5;
|
||||
bc8 = (t1 << 29) | (t0 >>> 3);
|
||||
bc9 = (t0 << 29) | (t1 >>> 3);
|
||||
t0 = s[6] ^ d6;
|
||||
t1 = s[7] ^ d7;
|
||||
bc0 = (t0 << 28) | (t1 >>> 4);
|
||||
bc1 = (t1 << 28) | (t0 >>> 4);
|
||||
t0 = s[18] ^ d8;
|
||||
t1 = s[19] ^ d9;
|
||||
bc2 = (t0 << 20) | (t1 >>> 12);
|
||||
bc3 = (t1 << 20) | (t0 >>> 12);
|
||||
s[20] = bc0 ^ (bc4 & ~bc2);
|
||||
s[21] = bc1 ^ (bc5 & ~bc3);
|
||||
s[32] = bc2 ^ (bc6 & ~bc4);
|
||||
s[33] = bc3 ^ (bc7 & ~bc5);
|
||||
s[44] = bc4 ^ (bc8 & ~bc6);
|
||||
s[45] = bc5 ^ (bc9 & ~bc7);
|
||||
s[6] = bc6 ^ (bc0 & ~bc8);
|
||||
s[7] = bc7 ^ (bc1 & ~bc9);
|
||||
s[18] = bc8 ^ (bc2 & ~bc0);
|
||||
s[19] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[40] ^ d0;
|
||||
t1 = s[41] ^ d1;
|
||||
bc8 = (t0 << 18) | (t1 >>> 14);
|
||||
bc9 = (t1 << 18) | (t0 >>> 14);
|
||||
t0 = s[2] ^ d2;
|
||||
t1 = s[3] ^ d3;
|
||||
bc0 = (t0 << 1) | (t1 >>> 31);
|
||||
bc1 = (t1 << 1) | (t0 >>> 31);
|
||||
t0 = s[14] ^ d4;
|
||||
t1 = s[15] ^ d5;
|
||||
bc2 = (t0 << 6) | (t1 >>> 26);
|
||||
bc3 = (t1 << 6) | (t0 >>> 26);
|
||||
t0 = s[26] ^ d6;
|
||||
t1 = s[27] ^ d7;
|
||||
bc4 = (t0 << 25) | (t1 >>> 7);
|
||||
bc5 = (t1 << 25) | (t0 >>> 7);
|
||||
t0 = s[38] ^ d8;
|
||||
t1 = s[39] ^ d9;
|
||||
bc6 = (t0 << 8) | (t1 >>> 24);
|
||||
bc7 = (t1 << 8) | (t0 >>> 24);
|
||||
s[40] = bc0 ^ (bc4 & ~bc2);
|
||||
s[41] = bc1 ^ (bc5 & ~bc3);
|
||||
s[2] = bc2 ^ (bc6 & ~bc4);
|
||||
s[3] = bc3 ^ (bc7 & ~bc5);
|
||||
s[14] = bc4 ^ (bc8 & ~bc6);
|
||||
s[15] = bc5 ^ (bc9 & ~bc7);
|
||||
s[26] = bc6 ^ (bc0 & ~bc8);
|
||||
s[27] = bc7 ^ (bc1 & ~bc9);
|
||||
s[38] = bc8 ^ (bc2 & ~bc0);
|
||||
s[39] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[10] ^ d0;
|
||||
t1 = s[11] ^ d1;
|
||||
bc2 = (t1 << 4) | (t0 >>> 28);
|
||||
bc3 = (t0 << 4) | (t1 >>> 28);
|
||||
t0 = s[22] ^ d2;
|
||||
t1 = s[23] ^ d3;
|
||||
bc4 = (t0 << 10) | (t1 >>> 22);
|
||||
bc5 = (t1 << 10) | (t0 >>> 22);
|
||||
t0 = s[34] ^ d4;
|
||||
t1 = s[35] ^ d5;
|
||||
bc6 = (t0 << 15) | (t1 >>> 17);
|
||||
bc7 = (t1 << 15) | (t0 >>> 17);
|
||||
t0 = s[46] ^ d6;
|
||||
t1 = s[47] ^ d7;
|
||||
bc8 = (t1 << 24) | (t0 >>> 8);
|
||||
bc9 = (t0 << 24) | (t1 >>> 8);
|
||||
t0 = s[8] ^ d8;
|
||||
t1 = s[9] ^ d9;
|
||||
bc0 = (t0 << 27) | (t1 >>> 5);
|
||||
bc1 = (t1 << 27) | (t0 >>> 5);
|
||||
s[10] = bc0 ^ (bc4 & ~bc2);
|
||||
s[11] = bc1 ^ (bc5 & ~bc3);
|
||||
s[22] = bc2 ^ (bc6 & ~bc4);
|
||||
s[23] = bc3 ^ (bc7 & ~bc5);
|
||||
s[34] = bc4 ^ (bc8 & ~bc6);
|
||||
s[35] = bc5 ^ (bc9 & ~bc7);
|
||||
s[46] = bc6 ^ (bc0 & ~bc8);
|
||||
s[47] = bc7 ^ (bc1 & ~bc9);
|
||||
s[8] = bc8 ^ (bc2 & ~bc0);
|
||||
s[9] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[30] ^ d0;
|
||||
t1 = s[31] ^ d1;
|
||||
bc6 = (t1 << 9) | (t0 >>> 23);
|
||||
bc7 = (t0 << 9) | (t1 >>> 23);
|
||||
t0 = s[42] ^ d2;
|
||||
t1 = s[43] ^ d3;
|
||||
bc8 = (t0 << 2) | (t1 >>> 30);
|
||||
bc9 = (t1 << 2) | (t0 >>> 30);
|
||||
t0 = s[4] ^ d4;
|
||||
t1 = s[5] ^ d5;
|
||||
bc0 = (t1 << 30) | (t0 >>> 2);
|
||||
bc1 = (t0 << 30) | (t1 >>> 2);
|
||||
t0 = s[16] ^ d6;
|
||||
t1 = s[17] ^ d7;
|
||||
bc2 = (t1 << 23) | (t0 >>> 9);
|
||||
bc3 = (t0 << 23) | (t1 >>> 9);
|
||||
t0 = s[28] ^ d8;
|
||||
t1 = s[29] ^ d9;
|
||||
bc4 = (t1 << 7) | (t0 >>> 25);
|
||||
bc5 = (t0 << 7) | (t1 >>> 25);
|
||||
s[30] = bc0 ^ (bc4 & ~bc2);
|
||||
s[31] = bc1 ^ (bc5 & ~bc3);
|
||||
s[42] = bc2 ^ (bc6 & ~bc4);
|
||||
s[43] = bc3 ^ (bc7 & ~bc5);
|
||||
s[4] = bc4 ^ (bc8 & ~bc6);
|
||||
s[5] = bc5 ^ (bc9 & ~bc7);
|
||||
s[16] = bc6 ^ (bc0 & ~bc8);
|
||||
s[17] = bc7 ^ (bc1 & ~bc9);
|
||||
s[28] = bc8 ^ (bc2 & ~bc0);
|
||||
s[29] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
// Round 2
|
||||
bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40];
|
||||
bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41];
|
||||
bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42];
|
||||
bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43];
|
||||
bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44];
|
||||
bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45];
|
||||
bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46];
|
||||
bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47];
|
||||
bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48];
|
||||
bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49];
|
||||
|
||||
d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31));
|
||||
d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31));
|
||||
d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31));
|
||||
d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31));
|
||||
d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31));
|
||||
d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31));
|
||||
d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31));
|
||||
d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31));
|
||||
d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31));
|
||||
d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31));
|
||||
|
||||
bc0 = s[0] ^ d0;
|
||||
bc1 = s[1] ^ d1;
|
||||
t0 = s[32] ^ d2;
|
||||
t1 = s[33] ^ d3;
|
||||
bc2 = (t1 << 12) | (t0 >>> 20);
|
||||
bc3 = (t0 << 12) | (t1 >>> 20);
|
||||
t0 = s[14] ^ d4;
|
||||
t1 = s[15] ^ d5;
|
||||
bc4 = (t1 << 11) | (t0 >>> 21);
|
||||
bc5 = (t0 << 11) | (t1 >>> 21);
|
||||
t0 = s[46] ^ d6;
|
||||
t1 = s[47] ^ d7;
|
||||
bc6 = (t0 << 21) | (t1 >>> 11);
|
||||
bc7 = (t1 << 21) | (t0 >>> 11);
|
||||
t0 = s[28] ^ d8;
|
||||
t1 = s[29] ^ d9;
|
||||
bc8 = (t0 << 14) | (t1 >>> 18);
|
||||
bc9 = (t1 << 14) | (t0 >>> 18);
|
||||
s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 2];
|
||||
s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 3];
|
||||
s[32] = bc2 ^ (bc6 & ~bc4);
|
||||
s[33] = bc3 ^ (bc7 & ~bc5);
|
||||
s[14] = bc4 ^ (bc8 & ~bc6);
|
||||
s[15] = bc5 ^ (bc9 & ~bc7);
|
||||
s[46] = bc6 ^ (bc0 & ~bc8);
|
||||
s[47] = bc7 ^ (bc1 & ~bc9);
|
||||
s[28] = bc8 ^ (bc2 & ~bc0);
|
||||
s[29] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[40] ^ d0;
|
||||
t1 = s[41] ^ d1;
|
||||
bc4 = (t0 << 3) | (t1 >>> 29);
|
||||
bc5 = (t1 << 3) | (t0 >>> 29);
|
||||
t0 = s[22] ^ d2;
|
||||
t1 = s[23] ^ d3;
|
||||
bc6 = (t1 << 13) | (t0 >>> 19);
|
||||
bc7 = (t0 << 13) | (t1 >>> 19);
|
||||
t0 = s[4] ^ d4;
|
||||
t1 = s[5] ^ d5;
|
||||
bc8 = (t1 << 29) | (t0 >>> 3);
|
||||
bc9 = (t0 << 29) | (t1 >>> 3);
|
||||
t0 = s[36] ^ d6;
|
||||
t1 = s[37] ^ d7;
|
||||
bc0 = (t0 << 28) | (t1 >>> 4);
|
||||
bc1 = (t1 << 28) | (t0 >>> 4);
|
||||
t0 = s[18] ^ d8;
|
||||
t1 = s[19] ^ d9;
|
||||
bc2 = (t0 << 20) | (t1 >>> 12);
|
||||
bc3 = (t1 << 20) | (t0 >>> 12);
|
||||
s[40] = bc0 ^ (bc4 & ~bc2);
|
||||
s[41] = bc1 ^ (bc5 & ~bc3);
|
||||
s[22] = bc2 ^ (bc6 & ~bc4);
|
||||
s[23] = bc3 ^ (bc7 & ~bc5);
|
||||
s[4] = bc4 ^ (bc8 & ~bc6);
|
||||
s[5] = bc5 ^ (bc9 & ~bc7);
|
||||
s[36] = bc6 ^ (bc0 & ~bc8);
|
||||
s[37] = bc7 ^ (bc1 & ~bc9);
|
||||
s[18] = bc8 ^ (bc2 & ~bc0);
|
||||
s[19] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[30] ^ d0;
|
||||
t1 = s[31] ^ d1;
|
||||
bc8 = (t0 << 18) | (t1 >>> 14);
|
||||
bc9 = (t1 << 18) | (t0 >>> 14);
|
||||
t0 = s[12] ^ d2;
|
||||
t1 = s[13] ^ d3;
|
||||
bc0 = (t0 << 1) | (t1 >>> 31);
|
||||
bc1 = (t1 << 1) | (t0 >>> 31);
|
||||
t0 = s[44] ^ d4;
|
||||
t1 = s[45] ^ d5;
|
||||
bc2 = (t0 << 6) | (t1 >>> 26);
|
||||
bc3 = (t1 << 6) | (t0 >>> 26);
|
||||
t0 = s[26] ^ d6;
|
||||
t1 = s[27] ^ d7;
|
||||
bc4 = (t0 << 25) | (t1 >>> 7);
|
||||
bc5 = (t1 << 25) | (t0 >>> 7);
|
||||
t0 = s[8] ^ d8;
|
||||
t1 = s[9] ^ d9;
|
||||
bc6 = (t0 << 8) | (t1 >>> 24);
|
||||
bc7 = (t1 << 8) | (t0 >>> 24);
|
||||
s[30] = bc0 ^ (bc4 & ~bc2);
|
||||
s[31] = bc1 ^ (bc5 & ~bc3);
|
||||
s[12] = bc2 ^ (bc6 & ~bc4);
|
||||
s[13] = bc3 ^ (bc7 & ~bc5);
|
||||
s[44] = bc4 ^ (bc8 & ~bc6);
|
||||
s[45] = bc5 ^ (bc9 & ~bc7);
|
||||
s[26] = bc6 ^ (bc0 & ~bc8);
|
||||
s[27] = bc7 ^ (bc1 & ~bc9);
|
||||
s[8] = bc8 ^ (bc2 & ~bc0);
|
||||
s[9] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[20] ^ d0;
|
||||
t1 = s[21] ^ d1;
|
||||
bc2 = (t1 << 4) | (t0 >>> 28);
|
||||
bc3 = (t0 << 4) | (t1 >>> 28);
|
||||
t0 = s[2] ^ d2;
|
||||
t1 = s[3] ^ d3;
|
||||
bc4 = (t0 << 10) | (t1 >>> 22);
|
||||
bc5 = (t1 << 10) | (t0 >>> 22);
|
||||
t0 = s[34] ^ d4;
|
||||
t1 = s[35] ^ d5;
|
||||
bc6 = (t0 << 15) | (t1 >>> 17);
|
||||
bc7 = (t1 << 15) | (t0 >>> 17);
|
||||
t0 = s[16] ^ d6;
|
||||
t1 = s[17] ^ d7;
|
||||
bc8 = (t1 << 24) | (t0 >>> 8);
|
||||
bc9 = (t0 << 24) | (t1 >>> 8);
|
||||
t0 = s[48] ^ d8;
|
||||
t1 = s[49] ^ d9;
|
||||
bc0 = (t0 << 27) | (t1 >>> 5);
|
||||
bc1 = (t1 << 27) | (t0 >>> 5);
|
||||
s[20] = bc0 ^ (bc4 & ~bc2);
|
||||
s[21] = bc1 ^ (bc5 & ~bc3);
|
||||
s[2] = bc2 ^ (bc6 & ~bc4);
|
||||
s[3] = bc3 ^ (bc7 & ~bc5);
|
||||
s[34] = bc4 ^ (bc8 & ~bc6);
|
||||
s[35] = bc5 ^ (bc9 & ~bc7);
|
||||
s[16] = bc6 ^ (bc0 & ~bc8);
|
||||
s[17] = bc7 ^ (bc1 & ~bc9);
|
||||
s[48] = bc8 ^ (bc2 & ~bc0);
|
||||
s[49] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[10] ^ d0;
|
||||
t1 = s[11] ^ d1;
|
||||
bc6 = (t1 << 9) | (t0 >>> 23);
|
||||
bc7 = (t0 << 9) | (t1 >>> 23);
|
||||
t0 = s[42] ^ d2;
|
||||
t1 = s[43] ^ d3;
|
||||
bc8 = (t0 << 2) | (t1 >>> 30);
|
||||
bc9 = (t1 << 2) | (t0 >>> 30);
|
||||
t0 = s[24] ^ d4;
|
||||
t1 = s[25] ^ d5;
|
||||
bc0 = (t1 << 30) | (t0 >>> 2);
|
||||
bc1 = (t0 << 30) | (t1 >>> 2);
|
||||
t0 = s[6] ^ d6;
|
||||
t1 = s[7] ^ d7;
|
||||
bc2 = (t1 << 23) | (t0 >>> 9);
|
||||
bc3 = (t0 << 23) | (t1 >>> 9);
|
||||
t0 = s[38] ^ d8;
|
||||
t1 = s[39] ^ d9;
|
||||
bc4 = (t1 << 7) | (t0 >>> 25);
|
||||
bc5 = (t0 << 7) | (t1 >>> 25);
|
||||
s[10] = bc0 ^ (bc4 & ~bc2);
|
||||
s[11] = bc1 ^ (bc5 & ~bc3);
|
||||
s[42] = bc2 ^ (bc6 & ~bc4);
|
||||
s[43] = bc3 ^ (bc7 & ~bc5);
|
||||
s[24] = bc4 ^ (bc8 & ~bc6);
|
||||
s[25] = bc5 ^ (bc9 & ~bc7);
|
||||
s[6] = bc6 ^ (bc0 & ~bc8);
|
||||
s[7] = bc7 ^ (bc1 & ~bc9);
|
||||
s[38] = bc8 ^ (bc2 & ~bc0);
|
||||
s[39] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
// Round 3
|
||||
bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40];
|
||||
bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41];
|
||||
bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42];
|
||||
bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43];
|
||||
bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44];
|
||||
bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45];
|
||||
bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46];
|
||||
bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47];
|
||||
bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48];
|
||||
bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49];
|
||||
|
||||
d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31));
|
||||
d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31));
|
||||
d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31));
|
||||
d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31));
|
||||
d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31));
|
||||
d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31));
|
||||
d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31));
|
||||
d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31));
|
||||
d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31));
|
||||
d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31));
|
||||
|
||||
bc0 = s[0] ^ d0;
|
||||
bc1 = s[1] ^ d1;
|
||||
t0 = s[22] ^ d2;
|
||||
t1 = s[23] ^ d3;
|
||||
bc2 = (t1 << 12) | (t0 >>> 20);
|
||||
bc3 = (t0 << 12) | (t1 >>> 20);
|
||||
t0 = s[44] ^ d4;
|
||||
t1 = s[45] ^ d5;
|
||||
bc4 = (t1 << 11) | (t0 >>> 21);
|
||||
bc5 = (t0 << 11) | (t1 >>> 21);
|
||||
t0 = s[16] ^ d6;
|
||||
t1 = s[17] ^ d7;
|
||||
bc6 = (t0 << 21) | (t1 >>> 11);
|
||||
bc7 = (t1 << 21) | (t0 >>> 11);
|
||||
t0 = s[38] ^ d8;
|
||||
t1 = s[39] ^ d9;
|
||||
bc8 = (t0 << 14) | (t1 >>> 18);
|
||||
bc9 = (t1 << 14) | (t0 >>> 18);
|
||||
s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 4];
|
||||
s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 5];
|
||||
s[22] = bc2 ^ (bc6 & ~bc4);
|
||||
s[23] = bc3 ^ (bc7 & ~bc5);
|
||||
s[44] = bc4 ^ (bc8 & ~bc6);
|
||||
s[45] = bc5 ^ (bc9 & ~bc7);
|
||||
s[16] = bc6 ^ (bc0 & ~bc8);
|
||||
s[17] = bc7 ^ (bc1 & ~bc9);
|
||||
s[38] = bc8 ^ (bc2 & ~bc0);
|
||||
s[39] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[30] ^ d0;
|
||||
t1 = s[31] ^ d1;
|
||||
bc4 = (t0 << 3) | (t1 >>> 29);
|
||||
bc5 = (t1 << 3) | (t0 >>> 29);
|
||||
t0 = s[2] ^ d2;
|
||||
t1 = s[3] ^ d3;
|
||||
bc6 = (t1 << 13) | (t0 >>> 19);
|
||||
bc7 = (t0 << 13) | (t1 >>> 19);
|
||||
t0 = s[24] ^ d4;
|
||||
t1 = s[25] ^ d5;
|
||||
bc8 = (t1 << 29) | (t0 >>> 3);
|
||||
bc9 = (t0 << 29) | (t1 >>> 3);
|
||||
t0 = s[46] ^ d6;
|
||||
t1 = s[47] ^ d7;
|
||||
bc0 = (t0 << 28) | (t1 >>> 4);
|
||||
bc1 = (t1 << 28) | (t0 >>> 4);
|
||||
t0 = s[18] ^ d8;
|
||||
t1 = s[19] ^ d9;
|
||||
bc2 = (t0 << 20) | (t1 >>> 12);
|
||||
bc3 = (t1 << 20) | (t0 >>> 12);
|
||||
s[30] = bc0 ^ (bc4 & ~bc2);
|
||||
s[31] = bc1 ^ (bc5 & ~bc3);
|
||||
s[2] = bc2 ^ (bc6 & ~bc4);
|
||||
s[3] = bc3 ^ (bc7 & ~bc5);
|
||||
s[24] = bc4 ^ (bc8 & ~bc6);
|
||||
s[25] = bc5 ^ (bc9 & ~bc7);
|
||||
s[46] = bc6 ^ (bc0 & ~bc8);
|
||||
s[47] = bc7 ^ (bc1 & ~bc9);
|
||||
s[18] = bc8 ^ (bc2 & ~bc0);
|
||||
s[19] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[10] ^ d0;
|
||||
t1 = s[11] ^ d1;
|
||||
bc8 = (t0 << 18) | (t1 >>> 14);
|
||||
bc9 = (t1 << 18) | (t0 >>> 14);
|
||||
t0 = s[32] ^ d2;
|
||||
t1 = s[33] ^ d3;
|
||||
bc0 = (t0 << 1) | (t1 >>> 31);
|
||||
bc1 = (t1 << 1) | (t0 >>> 31);
|
||||
t0 = s[4] ^ d4;
|
||||
t1 = s[5] ^ d5;
|
||||
bc2 = (t0 << 6) | (t1 >>> 26);
|
||||
bc3 = (t1 << 6) | (t0 >>> 26);
|
||||
t0 = s[26] ^ d6;
|
||||
t1 = s[27] ^ d7;
|
||||
bc4 = (t0 << 25) | (t1 >>> 7);
|
||||
bc5 = (t1 << 25) | (t0 >>> 7);
|
||||
t0 = s[48] ^ d8;
|
||||
t1 = s[49] ^ d9;
|
||||
bc6 = (t0 << 8) | (t1 >>> 24);
|
||||
bc7 = (t1 << 8) | (t0 >>> 24);
|
||||
s[10] = bc0 ^ (bc4 & ~bc2);
|
||||
s[11] = bc1 ^ (bc5 & ~bc3);
|
||||
s[32] = bc2 ^ (bc6 & ~bc4);
|
||||
s[33] = bc3 ^ (bc7 & ~bc5);
|
||||
s[4] = bc4 ^ (bc8 & ~bc6);
|
||||
s[5] = bc5 ^ (bc9 & ~bc7);
|
||||
s[26] = bc6 ^ (bc0 & ~bc8);
|
||||
s[27] = bc7 ^ (bc1 & ~bc9);
|
||||
s[48] = bc8 ^ (bc2 & ~bc0);
|
||||
s[49] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[40] ^ d0;
|
||||
t1 = s[41] ^ d1;
|
||||
bc2 = (t1 << 4) | (t0 >>> 28);
|
||||
bc3 = (t0 << 4) | (t1 >>> 28);
|
||||
t0 = s[12] ^ d2;
|
||||
t1 = s[13] ^ d3;
|
||||
bc4 = (t0 << 10) | (t1 >>> 22);
|
||||
bc5 = (t1 << 10) | (t0 >>> 22);
|
||||
t0 = s[34] ^ d4;
|
||||
t1 = s[35] ^ d5;
|
||||
bc6 = (t0 << 15) | (t1 >>> 17);
|
||||
bc7 = (t1 << 15) | (t0 >>> 17);
|
||||
t0 = s[6] ^ d6;
|
||||
t1 = s[7] ^ d7;
|
||||
bc8 = (t1 << 24) | (t0 >>> 8);
|
||||
bc9 = (t0 << 24) | (t1 >>> 8);
|
||||
t0 = s[28] ^ d8;
|
||||
t1 = s[29] ^ d9;
|
||||
bc0 = (t0 << 27) | (t1 >>> 5);
|
||||
bc1 = (t1 << 27) | (t0 >>> 5);
|
||||
s[40] = bc0 ^ (bc4 & ~bc2);
|
||||
s[41] = bc1 ^ (bc5 & ~bc3);
|
||||
s[12] = bc2 ^ (bc6 & ~bc4);
|
||||
s[13] = bc3 ^ (bc7 & ~bc5);
|
||||
s[34] = bc4 ^ (bc8 & ~bc6);
|
||||
s[35] = bc5 ^ (bc9 & ~bc7);
|
||||
s[6] = bc6 ^ (bc0 & ~bc8);
|
||||
s[7] = bc7 ^ (bc1 & ~bc9);
|
||||
s[28] = bc8 ^ (bc2 & ~bc0);
|
||||
s[29] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[20] ^ d0;
|
||||
t1 = s[21] ^ d1;
|
||||
bc6 = (t1 << 9) | (t0 >>> 23);
|
||||
bc7 = (t0 << 9) | (t1 >>> 23);
|
||||
t0 = s[42] ^ d2;
|
||||
t1 = s[43] ^ d3;
|
||||
bc8 = (t0 << 2) | (t1 >>> 30);
|
||||
bc9 = (t1 << 2) | (t0 >>> 30);
|
||||
t0 = s[14] ^ d4;
|
||||
t1 = s[15] ^ d5;
|
||||
bc0 = (t1 << 30) | (t0 >>> 2);
|
||||
bc1 = (t0 << 30) | (t1 >>> 2);
|
||||
t0 = s[36] ^ d6;
|
||||
t1 = s[37] ^ d7;
|
||||
bc2 = (t1 << 23) | (t0 >>> 9);
|
||||
bc3 = (t0 << 23) | (t1 >>> 9);
|
||||
t0 = s[8] ^ d8;
|
||||
t1 = s[9] ^ d9;
|
||||
bc4 = (t1 << 7) | (t0 >>> 25);
|
||||
bc5 = (t0 << 7) | (t1 >>> 25);
|
||||
s[20] = bc0 ^ (bc4 & ~bc2);
|
||||
s[21] = bc1 ^ (bc5 & ~bc3);
|
||||
s[42] = bc2 ^ (bc6 & ~bc4);
|
||||
s[43] = bc3 ^ (bc7 & ~bc5);
|
||||
s[14] = bc4 ^ (bc8 & ~bc6);
|
||||
s[15] = bc5 ^ (bc9 & ~bc7);
|
||||
s[36] = bc6 ^ (bc0 & ~bc8);
|
||||
s[37] = bc7 ^ (bc1 & ~bc9);
|
||||
s[8] = bc8 ^ (bc2 & ~bc0);
|
||||
s[9] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
// Round 4
|
||||
bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40];
|
||||
bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41];
|
||||
bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42];
|
||||
bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43];
|
||||
bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44];
|
||||
bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45];
|
||||
bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46];
|
||||
bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47];
|
||||
bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48];
|
||||
bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49];
|
||||
|
||||
d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31));
|
||||
d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31));
|
||||
d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31));
|
||||
d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31));
|
||||
d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31));
|
||||
d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31));
|
||||
d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31));
|
||||
d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31));
|
||||
d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31));
|
||||
d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31));
|
||||
|
||||
bc0 = s[0] ^ d0;
|
||||
bc1 = s[1] ^ d1;
|
||||
t0 = s[2] ^ d2;
|
||||
t1 = s[3] ^ d3;
|
||||
bc2 = (t1 << 12) | (t0 >>> 20);
|
||||
bc3 = (t0 << 12) | (t1 >>> 20);
|
||||
t0 = s[4] ^ d4;
|
||||
t1 = s[5] ^ d5;
|
||||
bc4 = (t1 << 11) | (t0 >>> 21);
|
||||
bc5 = (t0 << 11) | (t1 >>> 21);
|
||||
t0 = s[6] ^ d6;
|
||||
t1 = s[7] ^ d7;
|
||||
bc6 = (t0 << 21) | (t1 >>> 11);
|
||||
bc7 = (t1 << 21) | (t0 >>> 11);
|
||||
t0 = s[8] ^ d8;
|
||||
t1 = s[9] ^ d9;
|
||||
bc8 = (t0 << 14) | (t1 >>> 18);
|
||||
bc9 = (t1 << 14) | (t0 >>> 18);
|
||||
s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 6];
|
||||
s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 7];
|
||||
s[2] = bc2 ^ (bc6 & ~bc4);
|
||||
s[3] = bc3 ^ (bc7 & ~bc5);
|
||||
s[4] = bc4 ^ (bc8 & ~bc6);
|
||||
s[5] = bc5 ^ (bc9 & ~bc7);
|
||||
s[6] = bc6 ^ (bc0 & ~bc8);
|
||||
s[7] = bc7 ^ (bc1 & ~bc9);
|
||||
s[8] = bc8 ^ (bc2 & ~bc0);
|
||||
s[9] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[10] ^ d0;
|
||||
t1 = s[11] ^ d1;
|
||||
bc4 = (t0 << 3) | (t1 >>> 29);
|
||||
bc5 = (t1 << 3) | (t0 >>> 29);
|
||||
t0 = s[12] ^ d2;
|
||||
t1 = s[13] ^ d3;
|
||||
bc6 = (t1 << 13) | (t0 >>> 19);
|
||||
bc7 = (t0 << 13) | (t1 >>> 19);
|
||||
t0 = s[14] ^ d4;
|
||||
t1 = s[15] ^ d5;
|
||||
bc8 = (t1 << 29) | (t0 >>> 3);
|
||||
bc9 = (t0 << 29) | (t1 >>> 3);
|
||||
t0 = s[16] ^ d6;
|
||||
t1 = s[17] ^ d7;
|
||||
bc0 = (t0 << 28) | (t1 >>> 4);
|
||||
bc1 = (t1 << 28) | (t0 >>> 4);
|
||||
t0 = s[18] ^ d8;
|
||||
t1 = s[19] ^ d9;
|
||||
bc2 = (t0 << 20) | (t1 >>> 12);
|
||||
bc3 = (t1 << 20) | (t0 >>> 12);
|
||||
s[10] = bc0 ^ (bc4 & ~bc2);
|
||||
s[11] = bc1 ^ (bc5 & ~bc3);
|
||||
s[12] = bc2 ^ (bc6 & ~bc4);
|
||||
s[13] = bc3 ^ (bc7 & ~bc5);
|
||||
s[14] = bc4 ^ (bc8 & ~bc6);
|
||||
s[15] = bc5 ^ (bc9 & ~bc7);
|
||||
s[16] = bc6 ^ (bc0 & ~bc8);
|
||||
s[17] = bc7 ^ (bc1 & ~bc9);
|
||||
s[18] = bc8 ^ (bc2 & ~bc0);
|
||||
s[19] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[20] ^ d0;
|
||||
t1 = s[21] ^ d1;
|
||||
bc8 = (t0 << 18) | (t1 >>> 14);
|
||||
bc9 = (t1 << 18) | (t0 >>> 14);
|
||||
t0 = s[22] ^ d2;
|
||||
t1 = s[23] ^ d3;
|
||||
bc0 = (t0 << 1) | (t1 >>> 31);
|
||||
bc1 = (t1 << 1) | (t0 >>> 31);
|
||||
t0 = s[24] ^ d4;
|
||||
t1 = s[25] ^ d5;
|
||||
bc2 = (t0 << 6) | (t1 >>> 26);
|
||||
bc3 = (t1 << 6) | (t0 >>> 26);
|
||||
t0 = s[26] ^ d6;
|
||||
t1 = s[27] ^ d7;
|
||||
bc4 = (t0 << 25) | (t1 >>> 7);
|
||||
bc5 = (t1 << 25) | (t0 >>> 7);
|
||||
t0 = s[28] ^ d8;
|
||||
t1 = s[29] ^ d9;
|
||||
bc6 = (t0 << 8) | (t1 >>> 24);
|
||||
bc7 = (t1 << 8) | (t0 >>> 24);
|
||||
s[20] = bc0 ^ (bc4 & ~bc2);
|
||||
s[21] = bc1 ^ (bc5 & ~bc3);
|
||||
s[22] = bc2 ^ (bc6 & ~bc4);
|
||||
s[23] = bc3 ^ (bc7 & ~bc5);
|
||||
s[24] = bc4 ^ (bc8 & ~bc6);
|
||||
s[25] = bc5 ^ (bc9 & ~bc7);
|
||||
s[26] = bc6 ^ (bc0 & ~bc8);
|
||||
s[27] = bc7 ^ (bc1 & ~bc9);
|
||||
s[28] = bc8 ^ (bc2 & ~bc0);
|
||||
s[29] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[30] ^ d0;
|
||||
t1 = s[31] ^ d1;
|
||||
bc2 = (t1 << 4) | (t0 >>> 28);
|
||||
bc3 = (t0 << 4) | (t1 >>> 28);
|
||||
t0 = s[32] ^ d2;
|
||||
t1 = s[33] ^ d3;
|
||||
bc4 = (t0 << 10) | (t1 >>> 22);
|
||||
bc5 = (t1 << 10) | (t0 >>> 22);
|
||||
t0 = s[34] ^ d4;
|
||||
t1 = s[35] ^ d5;
|
||||
bc6 = (t0 << 15) | (t1 >>> 17);
|
||||
bc7 = (t1 << 15) | (t0 >>> 17);
|
||||
t0 = s[36] ^ d6;
|
||||
t1 = s[37] ^ d7;
|
||||
bc8 = (t1 << 24) | (t0 >>> 8);
|
||||
bc9 = (t0 << 24) | (t1 >>> 8);
|
||||
t0 = s[38] ^ d8;
|
||||
t1 = s[39] ^ d9;
|
||||
bc0 = (t0 << 27) | (t1 >>> 5);
|
||||
bc1 = (t1 << 27) | (t0 >>> 5);
|
||||
s[30] = bc0 ^ (bc4 & ~bc2);
|
||||
s[31] = bc1 ^ (bc5 & ~bc3);
|
||||
s[32] = bc2 ^ (bc6 & ~bc4);
|
||||
s[33] = bc3 ^ (bc7 & ~bc5);
|
||||
s[34] = bc4 ^ (bc8 & ~bc6);
|
||||
s[35] = bc5 ^ (bc9 & ~bc7);
|
||||
s[36] = bc6 ^ (bc0 & ~bc8);
|
||||
s[37] = bc7 ^ (bc1 & ~bc9);
|
||||
s[38] = bc8 ^ (bc2 & ~bc0);
|
||||
s[39] = bc9 ^ (bc3 & ~bc1);
|
||||
|
||||
t0 = s[40] ^ d0;
|
||||
t1 = s[41] ^ d1;
|
||||
bc6 = (t1 << 9) | (t0 >>> 23);
|
||||
bc7 = (t0 << 9) | (t1 >>> 23);
|
||||
t0 = s[42] ^ d2;
|
||||
t1 = s[43] ^ d3;
|
||||
bc8 = (t0 << 2) | (t1 >>> 30);
|
||||
bc9 = (t1 << 2) | (t0 >>> 30);
|
||||
t0 = s[44] ^ d4;
|
||||
t1 = s[45] ^ d5;
|
||||
bc0 = (t1 << 30) | (t0 >>> 2);
|
||||
bc1 = (t0 << 30) | (t1 >>> 2);
|
||||
t0 = s[46] ^ d6;
|
||||
t1 = s[47] ^ d7;
|
||||
bc2 = (t1 << 23) | (t0 >>> 9);
|
||||
bc3 = (t0 << 23) | (t1 >>> 9);
|
||||
t0 = s[48] ^ d8;
|
||||
t1 = s[49] ^ d9;
|
||||
bc4 = (t1 << 7) | (t0 >>> 25);
|
||||
bc5 = (t0 << 7) | (t1 >>> 25);
|
||||
s[40] = bc0 ^ (bc4 & ~bc2);
|
||||
s[41] = bc1 ^ (bc5 & ~bc3);
|
||||
s[42] = bc2 ^ (bc6 & ~bc4);
|
||||
s[43] = bc3 ^ (bc7 & ~bc5);
|
||||
s[44] = bc4 ^ (bc8 & ~bc6);
|
||||
s[45] = bc5 ^ (bc9 & ~bc7);
|
||||
s[46] = bc6 ^ (bc0 & ~bc8);
|
||||
s[47] = bc7 ^ (bc1 & ~bc9);
|
||||
s[48] = bc8 ^ (bc2 & ~bc0);
|
||||
s[49] = bc9 ^ (bc3 & ~bc1);
|
||||
}
|
||||
}
|
54
std/hash/_sha3/sha3.ts
Normal file
54
std/hash/_sha3/sha3.ts
Normal file
|
@ -0,0 +1,54 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
import { Sponge } from "./sponge.ts";
|
||||
import { keccakf } from "./keccakf.ts";
|
||||
|
||||
/* eslint-disable @typescript-eslint/camelcase, @typescript-eslint/class-name-casing */
|
||||
|
||||
/** Sha3-224 hash */
|
||||
export class Sha3_224 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 224,
|
||||
rate: 144,
|
||||
dsbyte: 6,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Sha3-256 hash */
|
||||
export class Sha3_256 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 256,
|
||||
rate: 136,
|
||||
dsbyte: 6,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Sha3-384 hash */
|
||||
export class Sha3_384 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 384,
|
||||
rate: 104,
|
||||
dsbyte: 6,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/** Sha3-512 hash */
|
||||
export class Sha3_512 extends Sponge {
|
||||
constructor() {
|
||||
super({
|
||||
bitsize: 512,
|
||||
rate: 72,
|
||||
dsbyte: 6,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
51
std/hash/_sha3/shake.ts
Normal file
51
std/hash/_sha3/shake.ts
Normal file
|
@ -0,0 +1,51 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
import { Sponge } from "./sponge.ts";
|
||||
import { keccakf } from "./keccakf.ts";
|
||||
|
||||
/** Shake128 hash */
|
||||
export class Shake128 extends Sponge {
|
||||
/**
|
||||
* Instantiates a new Shake128 hash
|
||||
* @param bitsize length of hash in bits
|
||||
*/
|
||||
constructor(bitsize: number) {
|
||||
if (bitsize < 8) {
|
||||
throw new Error("shake128: `bitsize` too small");
|
||||
}
|
||||
|
||||
if (bitsize % 8 !== 0) {
|
||||
throw new Error("shake128: `bitsize` must be multiple of 8");
|
||||
}
|
||||
|
||||
super({
|
||||
bitsize: bitsize,
|
||||
rate: 168,
|
||||
dsbyte: 0x1f,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Instantiates a new Shake256 hash
|
||||
* @param bitsize length of hash in bits
|
||||
*/
|
||||
export class Shake256 extends Sponge {
|
||||
constructor(bitsize: number) {
|
||||
if (bitsize < 8) {
|
||||
throw new Error("shake256: `bitsize` too small");
|
||||
}
|
||||
|
||||
if (bitsize % 8 !== 0) {
|
||||
throw new Error("shake256: `bitsize` must be multiple of 8");
|
||||
}
|
||||
|
||||
super({
|
||||
bitsize: bitsize,
|
||||
rate: 136,
|
||||
dsbyte: 0x1f,
|
||||
permutator: keccakf,
|
||||
});
|
||||
}
|
||||
}
|
111
std/hash/_sha3/sponge.ts
Normal file
111
std/hash/_sha3/sponge.ts
Normal file
|
@ -0,0 +1,111 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
import * as hex from "../../encoding/hex.ts";
|
||||
|
||||
type SpongePermutator = (data: Uint8Array) => void;
|
||||
|
||||
/** Sponge construction option */
|
||||
export interface SpongeOption {
|
||||
bitsize: number;
|
||||
rate: number;
|
||||
dsbyte: number;
|
||||
permutator: SpongePermutator;
|
||||
}
|
||||
|
||||
export type Message = string | ArrayBuffer;
|
||||
|
||||
const STATE_SIZE = 200;
|
||||
const TYPE_ERROR_MSG = "sha3: `data` is invalid type";
|
||||
|
||||
/** Sponge construction */
|
||||
export class Sponge {
|
||||
#option: SpongeOption;
|
||||
#state: Uint8Array;
|
||||
#rp: number;
|
||||
#absorbing: boolean;
|
||||
|
||||
constructor(option: SpongeOption) {
|
||||
this.#option = option;
|
||||
this.#state = new Uint8Array(STATE_SIZE);
|
||||
this.#rp = 0;
|
||||
this.#absorbing = true;
|
||||
}
|
||||
|
||||
/** Applies padding to internal state */
|
||||
private pad(): void {
|
||||
this.#state[this.#rp] ^= this.#option.dsbyte;
|
||||
this.#state[this.#option.rate - 1] ^= 0x80;
|
||||
}
|
||||
|
||||
/** Squeezes internal state */
|
||||
protected squeeze(length: number): Uint8Array {
|
||||
if (length < 0) {
|
||||
throw new Error("sha3: length cannot be negative");
|
||||
}
|
||||
|
||||
this.pad();
|
||||
|
||||
const hash = new Uint8Array(length);
|
||||
let pos = 0;
|
||||
while (length > 0) {
|
||||
const r = length > this.#option.rate ? this.#option.rate : length;
|
||||
this.#option.permutator(this.#state);
|
||||
hash.set(this.#state.slice(0, r), pos);
|
||||
length -= r;
|
||||
pos += r;
|
||||
}
|
||||
|
||||
this.#absorbing = false;
|
||||
return hash;
|
||||
}
|
||||
|
||||
/** Updates internal state by absorbing */
|
||||
update(data: Message): this {
|
||||
if (!this.#absorbing) {
|
||||
throw new Error("sha3: cannot update already finalized hash");
|
||||
}
|
||||
|
||||
let msg: Uint8Array;
|
||||
|
||||
if (typeof data === "string") {
|
||||
msg = new TextEncoder().encode(data as string);
|
||||
} else if (typeof data === "object") {
|
||||
if (data instanceof ArrayBuffer || ArrayBuffer.isView(data)) {
|
||||
msg = new Uint8Array(data);
|
||||
} else {
|
||||
throw new Error(TYPE_ERROR_MSG);
|
||||
}
|
||||
} else {
|
||||
throw new Error(TYPE_ERROR_MSG);
|
||||
}
|
||||
|
||||
let rp = this.#rp;
|
||||
|
||||
for (let i = 0; i < msg.length; ++i) {
|
||||
this.#state[rp++] ^= msg[i];
|
||||
if (rp >= this.#option.rate) {
|
||||
this.#option.permutator(this.#state);
|
||||
rp = 0;
|
||||
}
|
||||
}
|
||||
|
||||
this.#rp = rp;
|
||||
return this;
|
||||
}
|
||||
|
||||
/** Returns the hash in ArrayBuffer */
|
||||
digest(): ArrayBuffer {
|
||||
return this.squeeze(this.#option.bitsize >> 3);
|
||||
}
|
||||
|
||||
/** Returns the hash in given format */
|
||||
toString(format: "hex" = "hex"): string {
|
||||
const rawOutput = this.squeeze(this.#option.bitsize >> 3);
|
||||
switch (format) {
|
||||
case "hex":
|
||||
return hex.encodeToString(rawOutput);
|
||||
default:
|
||||
throw new Error("sha3: invalid output format");
|
||||
}
|
||||
}
|
||||
}
|
6
std/hash/sha3.ts
Normal file
6
std/hash/sha3.ts
Normal file
|
@ -0,0 +1,6 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
/* eslint-disable-next-line @typescript-eslint/camelcase */
|
||||
export { Sha3_224, Sha3_256, Sha3_384, Sha3_512 } from "./_sha3/sha3.ts";
|
||||
export { Keccak224, Keccak256, Keccak384, Keccak512 } from "./_sha3/keccak.ts";
|
||||
export { Shake128, Shake256 } from "./_sha3/shake.ts";
|
575
std/hash/sha3_test.ts
Normal file
575
std/hash/sha3_test.ts
Normal file
|
@ -0,0 +1,575 @@
|
|||
// Copyright 2018-2020 the Deno authors. All rights reserved. MIT license.
|
||||
|
||||
/* eslint-disable @typescript-eslint/camelcase */
|
||||
|
||||
const { test } = Deno;
|
||||
import { assertEquals, assertThrows } from "../testing/asserts.ts";
|
||||
import {
|
||||
Keccak224,
|
||||
Keccak256,
|
||||
Keccak384,
|
||||
Keccak512,
|
||||
Sha3_224,
|
||||
Sha3_256,
|
||||
Sha3_384,
|
||||
Sha3_512,
|
||||
Shake128,
|
||||
Shake256,
|
||||
} from "./sha3.ts";
|
||||
import * as hex from "../encoding/hex.ts";
|
||||
|
||||
const millionAs = "a".repeat(1000000);
|
||||
|
||||
const testSetSha3_224 = [
|
||||
["", "6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"],
|
||||
["abc", "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33",
|
||||
],
|
||||
[
|
||||
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
||||
"f9019111996dcf160e284e320fd6d8825cabcd41a5ffdc4c5e9d64b6",
|
||||
],
|
||||
[millionAs, "d69335b93325192e516a912e6d19a15cb51c6ed5c15243e7a7fd653c"],
|
||||
];
|
||||
|
||||
const testSetSha3_256 = [
|
||||
["", "a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"],
|
||||
["abc", "3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376",
|
||||
],
|
||||
[
|
||||
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
||||
"3fc5559f14db8e453a0a3091edbd2bc25e11528d81c66fa570a4efdcc2695ee1",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"5c8875ae474a3634ba4fd55ec85bffd661f32aca75c6d699d0cdcb6c115891c1",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetSha3_384 = [
|
||||
[
|
||||
"",
|
||||
"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25",
|
||||
],
|
||||
[
|
||||
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
||||
"3a4f3b6284e571238884e95655e8c8a60e068e4059a9734abc08823a900d161592860243f00619ae699a29092ed91a16",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"eee9e24d78c1855337983451df97c8ad9eedf256c6334f8e948d252d5e0e76847aa0774ddb90a842190d2c558b4b8340",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetSha3_512 = [
|
||||
[
|
||||
"",
|
||||
"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e",
|
||||
],
|
||||
[
|
||||
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
||||
"a8ae722a78e10cbbc413886c02eb5b369a03f6560084aff566bd597bb7ad8c1ccd86e81296852359bf2faddb5153c0a7445722987875e74287adac21adebe952",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"3c3a876da14034ab60627c077bb98f7e120a2a5370212dffb3385a18d4f38859ed311d0a9d5141ce9cc5c66ee689b266a8aa18ace8282a0e0db596c90b0a7b87",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetKeccak224 = [
|
||||
["", "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd"],
|
||||
["abc", "c30411768506ebe1c2871b1ee2e87d38df342317300a9b97a95ec6a8"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"e51faa2b4655150b931ee8d700dc202f763ca5f962c529eae55012b6",
|
||||
],
|
||||
[millionAs, "19f9167be2a04c43abd0ed554788101b9c339031acc8e1468531303f"],
|
||||
];
|
||||
|
||||
const testSetKeccak256 = [
|
||||
["", "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470"],
|
||||
["abc", "4e03657aea45a94fc7d47ba826c8d667c0d1e6e33a64a036ec44f58fa12d6c45"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"45d3b367a6904e6e8d502ee04999a7c27647f91fa845d456525fd352ae3d7371",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"fadae6b49f129bbb812be8407b7b2894f34aecf6dbd1f9b0f0c7e9853098fc96",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetKeccak384 = [
|
||||
[
|
||||
"",
|
||||
"2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"f7df1165f033337be098e7d288ad6a2f74409d7a60b49c36642218de161b1f99f8c681e4afaf31a34db29fb763e3c28e",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"b41e8896428f1bcbb51e17abd6acc98052a3502e0d5bf7fa1af949b4d3c855e7c4dc2c390326b3f3e74c7b1e2b9a3657",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"0c8324e1ebc182822c5e2a086cac07c2fe00e3bce61d01ba8ad6b71780e2dec5fb89e5ae90cb593e57bc6258fdd94e17",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetKeccak512 = [
|
||||
[
|
||||
"",
|
||||
"0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"6aa6d3669597df6d5a007b00d09c20795b5c4218234e1698a944757a488ecdc09965435d97ca32c3cfed7201ff30e070cd947f1fc12b9d9214c467d342bcba5d",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"5cf53f2e556be5a624425ede23d0e8b2c7814b4ba0e4e09cbbf3c2fac7056f61e048fc341262875ebc58a5183fea651447124370c1ebf4d6c89bc9a7731063bb",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetShake128 = [
|
||||
["", "7f9c2ba4e88f827d616045507605853e"],
|
||||
["abc", "5881092dd818bf5cf8a3ddb793fbcba7"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"1a96182b50fb8c7e74e0a707788f55e9",
|
||||
],
|
||||
[millionAs, "9d222c79c4ff9d092cf6ca86143aa411"],
|
||||
];
|
||||
|
||||
const testSetShake128_224 = [
|
||||
["", "7f9c2ba4e88f827d616045507605853ed73b8093f6efbc88eb1a6eac"],
|
||||
["abc", "5881092dd818bf5cf8a3ddb793fbcba74097d5c526a6d35f97b83351"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"1a96182b50fb8c7e74e0a707788f55e98209b8d91fade8f32f8dd5cf",
|
||||
],
|
||||
[millionAs, "9d222c79c4ff9d092cf6ca86143aa411e369973808ef97093255826c"],
|
||||
];
|
||||
|
||||
const testSetShake128_2048 = [
|
||||
[
|
||||
"",
|
||||
"7f9c2ba4e88f827d616045507605853ed73b8093f6efbc88eb1a6eacfa66ef263cb1eea988004b93103cfb0aeefd2a686e01fa4a58e8a3639ca8a1e3f9ae57e235b8cc873c23dc62b8d260169afa2f75ab916a58d974918835d25e6a435085b2badfd6dfaac359a5efbb7bcc4b59d538df9a04302e10c8bc1cbf1a0b3a5120ea17cda7cfad765f5623474d368ccca8af0007cd9f5e4c849f167a580b14aabdefaee7eef47cb0fca9767be1fda69419dfb927e9df07348b196691abaeb580b32def58538b8d23f87732ea63b02b4fa0f4873360e2841928cd60dd4cee8cc0d4c922a96188d032675c8ac850933c7aff1533b94c834adbb69c6115bad4692d8619",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"5881092dd818bf5cf8a3ddb793fbcba74097d5c526a6d35f97b83351940f2cc844c50af32acd3f2cdd066568706f509bc1bdde58295dae3f891a9a0fca5783789a41f8611214ce612394df286a62d1a2252aa94db9c538956c717dc2bed4f232a0294c857c730aa16067ac1062f1201fb0d377cfb9cde4c63599b27f3462bba4a0ed296c801f9ff7f57302bb3076ee145f97a32ae68e76ab66c48d51675bd49acc29082f5647584e6aa01b3f5af057805f973ff8ecb8b226ac32ada6f01c1fcd4818cb006aa5b4cdb3611eb1e533c8964cacfdf31012cd3fb744d02225b988b475375faad996eb1b9176ecb0f8b2871723d6dbb804e23357e50732f5cfc904b1",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"1a96182b50fb8c7e74e0a707788f55e98209b8d91fade8f32f8dd5cff7bf21f54ee5f19550825a6e070030519e944263ac1c6765287065621f9fcb3201723e3223b63a46c2938aa953ba8401d0ea77b8d26490775566407b95673c0f4cc1ce9fd966148d7efdff26bbf9f48a21c6da35bfaa545654f70ae586ff10131420771483ec92edab408c767bf4c5b4fffaa80c8ca214d84c4dc700d0c50630b2ffc3793ea4d87258b4c9548c5485a5ca666ef73fbd816d418aea6395b503addd9b150f9e0663325f01e5518b71ffa1244ea284cebe0cea2f774d7b3a437dca3282e324777e19624bf2be3cd355c1bfbddb323a33f11efafb2448293501dc0454c6b72f",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"9d222c79c4ff9d092cf6ca86143aa411e369973808ef97093255826c5572ef58424c4b5c28475ffdcf981663867fec6321c1262e387bccf8ca676884c4a9d0c13bfa6869763d5ae4bbc9b3ccd09d1ca5ea7446538d69b3fb98c72b59a2b4817db5eadd9011f90fa71091931f8134f4f00b562e2fe105937270361c1909862ad45046e3932f5dd311ec72fec5f8fb8f60b45a3bee3f85bbf7fcedc6a555677648e0654b381941a86bd3e512657b0d57a7991fc4543f89d8290492222ce4a33e17602b3b99c009f7655f87535cdaa3716f58c47b8a157ad195f02809f27500b9254979311c6bb415968cd10431169a27d5a8d61e13a6b8b77af1f8b6dd2eefdea0",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetShake256 = [
|
||||
["", "46b9dd2b0ba88d13233b3feb743eeb243fcd52ea62b81b82b50c27646ed5762f"],
|
||||
["abc", "483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"4d8c2dd2435a0128eefbb8c36f6f87133a7911e18d979ee1ae6be5d4fd2e3329",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"3578a7a4ca9137569cdf76ed617d31bb994fca9c1bbf8b184013de8234dfd13a",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetShake256_128 = [
|
||||
["", "46b9dd2b0ba88d13233b3feb743eeb24"],
|
||||
["abc", "483366601360a8771c6863080cc4114d"],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"4d8c2dd2435a0128eefbb8c36f6f8713",
|
||||
],
|
||||
[millionAs, "3578a7a4ca9137569cdf76ed617d31bb"],
|
||||
];
|
||||
|
||||
const testSetShake256_384 = [
|
||||
[
|
||||
"",
|
||||
"46b9dd2b0ba88d13233b3feb743eeb243fcd52ea62b81b82b50c27646ed5762fd75dc4ddd8c0f200cb05019d67b592f6",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739d5a15bef186a5386c75744c0527e1faa",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"4d8c2dd2435a0128eefbb8c36f6f87133a7911e18d979ee1ae6be5d4fd2e332940d8688a4e6a59aa8060f1f9bc996c05",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"3578a7a4ca9137569cdf76ed617d31bb994fca9c1bbf8b184013de8234dfd13a3fd124d4df76c0a539ee7dd2f6e1ec34",
|
||||
],
|
||||
];
|
||||
|
||||
const testSetShake256_512 = [
|
||||
[
|
||||
"",
|
||||
"46b9dd2b0ba88d13233b3feb743eeb243fcd52ea62b81b82b50c27646ed5762fd75dc4ddd8c0f200cb05019d67b592f6fc821c49479ab48640292eacb3b7c4be",
|
||||
],
|
||||
[
|
||||
"abc",
|
||||
"483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739d5a15bef186a5386c75744c0527e1faa9f8726e462a12a4feb06bd8801e751e4",
|
||||
],
|
||||
[
|
||||
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"4d8c2dd2435a0128eefbb8c36f6f87133a7911e18d979ee1ae6be5d4fd2e332940d8688a4e6a59aa8060f1f9bc996c05aca3c696a8b66279dc672c740bb224ec",
|
||||
],
|
||||
[
|
||||
millionAs,
|
||||
"3578a7a4ca9137569cdf76ed617d31bb994fca9c1bbf8b184013de8234dfd13a3fd124d4df76c0a539ee7dd2f6e1ec346124c815d9410e145eb561bcd97b18ab",
|
||||
],
|
||||
];
|
||||
|
||||
function s2b(data: string): Uint8Array {
|
||||
return new TextEncoder().encode(data);
|
||||
}
|
||||
|
||||
test("[hash/sha3] testSha3-224Raw", () => {
|
||||
const sha3sum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const sha3 = new Sha3_224();
|
||||
return sha3.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_224) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(sha3sum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-224String", () => {
|
||||
const sha3sum = (data: string): string => {
|
||||
const sha3 = new Sha3_224();
|
||||
return sha3.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_224) {
|
||||
assertEquals(sha3sum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-256Raw", () => {
|
||||
const sha3sum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const sha3 = new Sha3_256();
|
||||
return sha3.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_256) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(sha3sum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-256String", () => {
|
||||
const sha3sum = (data: string): string => {
|
||||
const sha3 = new Sha3_256();
|
||||
return sha3.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_256) {
|
||||
assertEquals(sha3sum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-384Raw", () => {
|
||||
const sha3sum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const sha3 = new Sha3_384();
|
||||
return sha3.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_384) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(sha3sum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-384String", () => {
|
||||
const sha3sum = (data: string): string => {
|
||||
const sha3 = new Sha3_384();
|
||||
return sha3.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_384) {
|
||||
assertEquals(sha3sum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-512Raw", () => {
|
||||
const sha3sum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const sha3 = new Sha3_512();
|
||||
return sha3.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_512) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(sha3sum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-512String", () => {
|
||||
const sha3sum = (data: string): string => {
|
||||
const sha3 = new Sha3_512();
|
||||
return sha3.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetSha3_512) {
|
||||
assertEquals(sha3sum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-224Raw", () => {
|
||||
const keccakSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const keccak = new Keccak224();
|
||||
return keccak.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak224) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(keccakSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-224String", () => {
|
||||
const keccakSum = (data: string): string => {
|
||||
const keccak = new Keccak224();
|
||||
return keccak.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak224) {
|
||||
assertEquals(keccakSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-256Raw", () => {
|
||||
const keccakSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const keccak = new Keccak256();
|
||||
return keccak.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak256) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(keccakSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-256String", () => {
|
||||
const keccakSum = (data: string): string => {
|
||||
const keccak = new Keccak256();
|
||||
return keccak.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak256) {
|
||||
assertEquals(keccakSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-384Raw", () => {
|
||||
const keccakSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const keccak = new Keccak384();
|
||||
return keccak.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak384) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(keccakSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-384String", () => {
|
||||
const keccakSum = (data: string): string => {
|
||||
const keccak = new Keccak384();
|
||||
return keccak.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak384) {
|
||||
assertEquals(keccakSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-512Raw", () => {
|
||||
const keccakSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const keccak = new Keccak512();
|
||||
return keccak.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak512) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(keccakSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testKeccak-512String", () => {
|
||||
const keccakSum = (data: string): string => {
|
||||
const keccak = new Keccak512();
|
||||
return keccak.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetKeccak512) {
|
||||
assertEquals(keccakSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-128Raw", () => {
|
||||
const shakeSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const shake = new Shake128(128);
|
||||
return shake.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake128) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(shakeSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-128String", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake128(128);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake128) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-128-224Raw", () => {
|
||||
const shakeSum = (data: ArrayBuffer): ArrayBuffer => {
|
||||
const shake = new Shake128(224);
|
||||
return shake.update(data).digest();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake128_224) {
|
||||
const rawOutput = hex.decodeString(output);
|
||||
assertEquals(shakeSum(s2b(input)), rawOutput);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-128-224String", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake128(224);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake128_224) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-128-2048", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake128(2048);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake128_2048) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-256", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake256(256);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake256) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-256-128", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake256(128);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake256_128) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-256-384", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake256(384);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake256_384) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSHAKE-256-512", () => {
|
||||
const shakeSum = (data: string): string => {
|
||||
const shake = new Shake256(512);
|
||||
return shake.update(data).toString();
|
||||
};
|
||||
|
||||
for (const [input, output] of testSetShake256_512) {
|
||||
assertEquals(shakeSum(input), output);
|
||||
}
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3-256Chain", () => {
|
||||
const sha3 = new Sha3_256();
|
||||
const output = sha3
|
||||
.update(s2b("a"))
|
||||
.update(s2b("b"))
|
||||
.update(s2b("c"))
|
||||
.toString();
|
||||
|
||||
assertEquals(
|
||||
output,
|
||||
"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
|
||||
);
|
||||
});
|
||||
|
||||
test("[hash/sha3] testSha3UpdateFinalized", () => {
|
||||
assertThrows(
|
||||
() => {
|
||||
const sha3 = new Sha3_256();
|
||||
const hash = sha3.update(s2b("a")).digest();
|
||||
const hash2 = sha3.update(s2b("a")).digest();
|
||||
assertEquals(hash, hash2);
|
||||
},
|
||||
Error,
|
||||
"sha3: cannot update already finalized hash"
|
||||
);
|
||||
});
|
Loading…
Reference in a new issue