github.com/linapex/ethereum-dpos-chinese@v0.0.0-20190316121959-b78b3a4a1ece/crypto/sha3/keccakf.go (about) 1 2 //<developer> 3 // <name>linapex 曹一峰</name> 4 // <email>linapex@163.com</email> 5 // <wx>superexc</wx> 6 // <qqgroup>128148617</qqgroup> 7 // <url>https://jsq.ink</url> 8 // <role>pku engineer</role> 9 // <date>2019-03-16 12:09:36</date> 10 //</624342628002959360> 11 12 //版权所有2014 Go作者。版权所有。 13 //此源代码的使用受BSD样式的控制 14 //可以在许可文件中找到的许可证。 15 16 //+建设!AMD64发动机GCCGO 17 18 package sha3 19 20 //rc存储圆形常量以在_步骤中使用。 21 var rc = [24]uint64{ 22 0x0000000000000001, 23 0x0000000000008082, 24 0x800000000000808A, 25 0x8000000080008000, 26 0x000000000000808B, 27 0x0000000080000001, 28 0x8000000080008081, 29 0x8000000000008009, 30 0x000000000000008A, 31 0x0000000000000088, 32 0x0000000080008009, 33 0x000000008000000A, 34 0x000000008000808B, 35 0x800000000000008B, 36 0x8000000000008089, 37 0x8000000000008003, 38 0x8000000000008002, 39 0x8000000000000080, 40 0x000000000000800A, 41 0x800000008000000A, 42 0x8000000080008081, 43 0x8000000000008080, 44 0x0000000080000001, 45 0x8000000080008008, 46 } 47 48 //KECCAKF1600将KECCAK排列应用于1600B宽 49 //状态表示为25个uint64的切片。 50 func keccakF1600(a *[25]uint64) { 51 //从keccak inplace.c翻译的实现 52 //在Keccak参考代码中。 53 var t, bc0, bc1, bc2, bc3, bc4, d0, d1, d2, d3, d4 uint64 54 55 for i := 0; i < 24; i += 4 { 56 //将每轮的5个步骤组合为2个步骤。 57 //每个循环展开4个回合,并在回合之间展开一些步骤。 58 59 //第1轮 60 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 61 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 62 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 63 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 64 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 65 d0 = bc4 ^ (bc1<<1 | bc1>>63) 66 d1 = bc0 ^ (bc2<<1 | bc2>>63) 67 d2 = bc1 ^ (bc3<<1 | bc3>>63) 68 d3 = bc2 ^ (bc4<<1 | bc4>>63) 69 d4 = bc3 ^ (bc0<<1 | bc0>>63) 70 71 bc0 = a[0] ^ d0 72 t = a[6] ^ d1 73 bc1 = t<<44 | t>>(64-44) 74 t = a[12] ^ d2 75 bc2 = t<<43 | t>>(64-43) 76 t = a[18] ^ d3 77 bc3 = t<<21 | t>>(64-21) 78 t = a[24] ^ d4 79 bc4 = t<<14 | t>>(64-14) 80 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i] 81 a[6] = bc1 ^ (bc3 &^ bc2) 82 a[12] = bc2 ^ (bc4 &^ bc3) 83 a[18] = bc3 ^ (bc0 &^ bc4) 84 a[24] = bc4 ^ (bc1 &^ bc0) 85 86 t = a[10] ^ d0 87 bc2 = t<<3 | t>>(64-3) 88 t = a[16] ^ d1 89 bc3 = t<<45 | t>>(64-45) 90 t = a[22] ^ d2 91 bc4 = t<<61 | t>>(64-61) 92 t = a[3] ^ d3 93 bc0 = t<<28 | t>>(64-28) 94 t = a[9] ^ d4 95 bc1 = t<<20 | t>>(64-20) 96 a[10] = bc0 ^ (bc2 &^ bc1) 97 a[16] = bc1 ^ (bc3 &^ bc2) 98 a[22] = bc2 ^ (bc4 &^ bc3) 99 a[3] = bc3 ^ (bc0 &^ bc4) 100 a[9] = bc4 ^ (bc1 &^ bc0) 101 102 t = a[20] ^ d0 103 bc4 = t<<18 | t>>(64-18) 104 t = a[1] ^ d1 105 bc0 = t<<1 | t>>(64-1) 106 t = a[7] ^ d2 107 bc1 = t<<6 | t>>(64-6) 108 t = a[13] ^ d3 109 bc2 = t<<25 | t>>(64-25) 110 t = a[19] ^ d4 111 bc3 = t<<8 | t>>(64-8) 112 a[20] = bc0 ^ (bc2 &^ bc1) 113 a[1] = bc1 ^ (bc3 &^ bc2) 114 a[7] = bc2 ^ (bc4 &^ bc3) 115 a[13] = bc3 ^ (bc0 &^ bc4) 116 a[19] = bc4 ^ (bc1 &^ bc0) 117 118 t = a[5] ^ d0 119 bc1 = t<<36 | t>>(64-36) 120 t = a[11] ^ d1 121 bc2 = t<<10 | t>>(64-10) 122 t = a[17] ^ d2 123 bc3 = t<<15 | t>>(64-15) 124 t = a[23] ^ d3 125 bc4 = t<<56 | t>>(64-56) 126 t = a[4] ^ d4 127 bc0 = t<<27 | t>>(64-27) 128 a[5] = bc0 ^ (bc2 &^ bc1) 129 a[11] = bc1 ^ (bc3 &^ bc2) 130 a[17] = bc2 ^ (bc4 &^ bc3) 131 a[23] = bc3 ^ (bc0 &^ bc4) 132 a[4] = bc4 ^ (bc1 &^ bc0) 133 134 t = a[15] ^ d0 135 bc3 = t<<41 | t>>(64-41) 136 t = a[21] ^ d1 137 bc4 = t<<2 | t>>(64-2) 138 t = a[2] ^ d2 139 bc0 = t<<62 | t>>(64-62) 140 t = a[8] ^ d3 141 bc1 = t<<55 | t>>(64-55) 142 t = a[14] ^ d4 143 bc2 = t<<39 | t>>(64-39) 144 a[15] = bc0 ^ (bc2 &^ bc1) 145 a[21] = bc1 ^ (bc3 &^ bc2) 146 a[2] = bc2 ^ (bc4 &^ bc3) 147 a[8] = bc3 ^ (bc0 &^ bc4) 148 a[14] = bc4 ^ (bc1 &^ bc0) 149 150 //第2轮 151 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 152 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 153 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 154 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 155 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 156 d0 = bc4 ^ (bc1<<1 | bc1>>63) 157 d1 = bc0 ^ (bc2<<1 | bc2>>63) 158 d2 = bc1 ^ (bc3<<1 | bc3>>63) 159 d3 = bc2 ^ (bc4<<1 | bc4>>63) 160 d4 = bc3 ^ (bc0<<1 | bc0>>63) 161 162 bc0 = a[0] ^ d0 163 t = a[16] ^ d1 164 bc1 = t<<44 | t>>(64-44) 165 t = a[7] ^ d2 166 bc2 = t<<43 | t>>(64-43) 167 t = a[23] ^ d3 168 bc3 = t<<21 | t>>(64-21) 169 t = a[14] ^ d4 170 bc4 = t<<14 | t>>(64-14) 171 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+1] 172 a[16] = bc1 ^ (bc3 &^ bc2) 173 a[7] = bc2 ^ (bc4 &^ bc3) 174 a[23] = bc3 ^ (bc0 &^ bc4) 175 a[14] = bc4 ^ (bc1 &^ bc0) 176 177 t = a[20] ^ d0 178 bc2 = t<<3 | t>>(64-3) 179 t = a[11] ^ d1 180 bc3 = t<<45 | t>>(64-45) 181 t = a[2] ^ d2 182 bc4 = t<<61 | t>>(64-61) 183 t = a[18] ^ d3 184 bc0 = t<<28 | t>>(64-28) 185 t = a[9] ^ d4 186 bc1 = t<<20 | t>>(64-20) 187 a[20] = bc0 ^ (bc2 &^ bc1) 188 a[11] = bc1 ^ (bc3 &^ bc2) 189 a[2] = bc2 ^ (bc4 &^ bc3) 190 a[18] = bc3 ^ (bc0 &^ bc4) 191 a[9] = bc4 ^ (bc1 &^ bc0) 192 193 t = a[15] ^ d0 194 bc4 = t<<18 | t>>(64-18) 195 t = a[6] ^ d1 196 bc0 = t<<1 | t>>(64-1) 197 t = a[22] ^ d2 198 bc1 = t<<6 | t>>(64-6) 199 t = a[13] ^ d3 200 bc2 = t<<25 | t>>(64-25) 201 t = a[4] ^ d4 202 bc3 = t<<8 | t>>(64-8) 203 a[15] = bc0 ^ (bc2 &^ bc1) 204 a[6] = bc1 ^ (bc3 &^ bc2) 205 a[22] = bc2 ^ (bc4 &^ bc3) 206 a[13] = bc3 ^ (bc0 &^ bc4) 207 a[4] = bc4 ^ (bc1 &^ bc0) 208 209 t = a[10] ^ d0 210 bc1 = t<<36 | t>>(64-36) 211 t = a[1] ^ d1 212 bc2 = t<<10 | t>>(64-10) 213 t = a[17] ^ d2 214 bc3 = t<<15 | t>>(64-15) 215 t = a[8] ^ d3 216 bc4 = t<<56 | t>>(64-56) 217 t = a[24] ^ d4 218 bc0 = t<<27 | t>>(64-27) 219 a[10] = bc0 ^ (bc2 &^ bc1) 220 a[1] = bc1 ^ (bc3 &^ bc2) 221 a[17] = bc2 ^ (bc4 &^ bc3) 222 a[8] = bc3 ^ (bc0 &^ bc4) 223 a[24] = bc4 ^ (bc1 &^ bc0) 224 225 t = a[5] ^ d0 226 bc3 = t<<41 | t>>(64-41) 227 t = a[21] ^ d1 228 bc4 = t<<2 | t>>(64-2) 229 t = a[12] ^ d2 230 bc0 = t<<62 | t>>(64-62) 231 t = a[3] ^ d3 232 bc1 = t<<55 | t>>(64-55) 233 t = a[19] ^ d4 234 bc2 = t<<39 | t>>(64-39) 235 a[5] = bc0 ^ (bc2 &^ bc1) 236 a[21] = bc1 ^ (bc3 &^ bc2) 237 a[12] = bc2 ^ (bc4 &^ bc3) 238 a[3] = bc3 ^ (bc0 &^ bc4) 239 a[19] = bc4 ^ (bc1 &^ bc0) 240 241 //第3轮 242 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 243 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 244 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 245 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 246 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 247 d0 = bc4 ^ (bc1<<1 | bc1>>63) 248 d1 = bc0 ^ (bc2<<1 | bc2>>63) 249 d2 = bc1 ^ (bc3<<1 | bc3>>63) 250 d3 = bc2 ^ (bc4<<1 | bc4>>63) 251 d4 = bc3 ^ (bc0<<1 | bc0>>63) 252 253 bc0 = a[0] ^ d0 254 t = a[11] ^ d1 255 bc1 = t<<44 | t>>(64-44) 256 t = a[22] ^ d2 257 bc2 = t<<43 | t>>(64-43) 258 t = a[8] ^ d3 259 bc3 = t<<21 | t>>(64-21) 260 t = a[19] ^ d4 261 bc4 = t<<14 | t>>(64-14) 262 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+2] 263 a[11] = bc1 ^ (bc3 &^ bc2) 264 a[22] = bc2 ^ (bc4 &^ bc3) 265 a[8] = bc3 ^ (bc0 &^ bc4) 266 a[19] = bc4 ^ (bc1 &^ bc0) 267 268 t = a[15] ^ d0 269 bc2 = t<<3 | t>>(64-3) 270 t = a[1] ^ d1 271 bc3 = t<<45 | t>>(64-45) 272 t = a[12] ^ d2 273 bc4 = t<<61 | t>>(64-61) 274 t = a[23] ^ d3 275 bc0 = t<<28 | t>>(64-28) 276 t = a[9] ^ d4 277 bc1 = t<<20 | t>>(64-20) 278 a[15] = bc0 ^ (bc2 &^ bc1) 279 a[1] = bc1 ^ (bc3 &^ bc2) 280 a[12] = bc2 ^ (bc4 &^ bc3) 281 a[23] = bc3 ^ (bc0 &^ bc4) 282 a[9] = bc4 ^ (bc1 &^ bc0) 283 284 t = a[5] ^ d0 285 bc4 = t<<18 | t>>(64-18) 286 t = a[16] ^ d1 287 bc0 = t<<1 | t>>(64-1) 288 t = a[2] ^ d2 289 bc1 = t<<6 | t>>(64-6) 290 t = a[13] ^ d3 291 bc2 = t<<25 | t>>(64-25) 292 t = a[24] ^ d4 293 bc3 = t<<8 | t>>(64-8) 294 a[5] = bc0 ^ (bc2 &^ bc1) 295 a[16] = bc1 ^ (bc3 &^ bc2) 296 a[2] = bc2 ^ (bc4 &^ bc3) 297 a[13] = bc3 ^ (bc0 &^ bc4) 298 a[24] = bc4 ^ (bc1 &^ bc0) 299 300 t = a[20] ^ d0 301 bc1 = t<<36 | t>>(64-36) 302 t = a[6] ^ d1 303 bc2 = t<<10 | t>>(64-10) 304 t = a[17] ^ d2 305 bc3 = t<<15 | t>>(64-15) 306 t = a[3] ^ d3 307 bc4 = t<<56 | t>>(64-56) 308 t = a[14] ^ d4 309 bc0 = t<<27 | t>>(64-27) 310 a[20] = bc0 ^ (bc2 &^ bc1) 311 a[6] = bc1 ^ (bc3 &^ bc2) 312 a[17] = bc2 ^ (bc4 &^ bc3) 313 a[3] = bc3 ^ (bc0 &^ bc4) 314 a[14] = bc4 ^ (bc1 &^ bc0) 315 316 t = a[10] ^ d0 317 bc3 = t<<41 | t>>(64-41) 318 t = a[21] ^ d1 319 bc4 = t<<2 | t>>(64-2) 320 t = a[7] ^ d2 321 bc0 = t<<62 | t>>(64-62) 322 t = a[18] ^ d3 323 bc1 = t<<55 | t>>(64-55) 324 t = a[4] ^ d4 325 bc2 = t<<39 | t>>(64-39) 326 a[10] = bc0 ^ (bc2 &^ bc1) 327 a[21] = bc1 ^ (bc3 &^ bc2) 328 a[7] = bc2 ^ (bc4 &^ bc3) 329 a[18] = bc3 ^ (bc0 &^ bc4) 330 a[4] = bc4 ^ (bc1 &^ bc0) 331 332 //第4轮 333 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 334 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 335 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 336 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 337 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 338 d0 = bc4 ^ (bc1<<1 | bc1>>63) 339 d1 = bc0 ^ (bc2<<1 | bc2>>63) 340 d2 = bc1 ^ (bc3<<1 | bc3>>63) 341 d3 = bc2 ^ (bc4<<1 | bc4>>63) 342 d4 = bc3 ^ (bc0<<1 | bc0>>63) 343 344 bc0 = a[0] ^ d0 345 t = a[1] ^ d1 346 bc1 = t<<44 | t>>(64-44) 347 t = a[2] ^ d2 348 bc2 = t<<43 | t>>(64-43) 349 t = a[3] ^ d3 350 bc3 = t<<21 | t>>(64-21) 351 t = a[4] ^ d4 352 bc4 = t<<14 | t>>(64-14) 353 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+3] 354 a[1] = bc1 ^ (bc3 &^ bc2) 355 a[2] = bc2 ^ (bc4 &^ bc3) 356 a[3] = bc3 ^ (bc0 &^ bc4) 357 a[4] = bc4 ^ (bc1 &^ bc0) 358 359 t = a[5] ^ d0 360 bc2 = t<<3 | t>>(64-3) 361 t = a[6] ^ d1 362 bc3 = t<<45 | t>>(64-45) 363 t = a[7] ^ d2 364 bc4 = t<<61 | t>>(64-61) 365 t = a[8] ^ d3 366 bc0 = t<<28 | t>>(64-28) 367 t = a[9] ^ d4 368 bc1 = t<<20 | t>>(64-20) 369 a[5] = bc0 ^ (bc2 &^ bc1) 370 a[6] = bc1 ^ (bc3 &^ bc2) 371 a[7] = bc2 ^ (bc4 &^ bc3) 372 a[8] = bc3 ^ (bc0 &^ bc4) 373 a[9] = bc4 ^ (bc1 &^ bc0) 374 375 t = a[10] ^ d0 376 bc4 = t<<18 | t>>(64-18) 377 t = a[11] ^ d1 378 bc0 = t<<1 | t>>(64-1) 379 t = a[12] ^ d2 380 bc1 = t<<6 | t>>(64-6) 381 t = a[13] ^ d3 382 bc2 = t<<25 | t>>(64-25) 383 t = a[14] ^ d4 384 bc3 = t<<8 | t>>(64-8) 385 a[10] = bc0 ^ (bc2 &^ bc1) 386 a[11] = bc1 ^ (bc3 &^ bc2) 387 a[12] = bc2 ^ (bc4 &^ bc3) 388 a[13] = bc3 ^ (bc0 &^ bc4) 389 a[14] = bc4 ^ (bc1 &^ bc0) 390 391 t = a[15] ^ d0 392 bc1 = t<<36 | t>>(64-36) 393 t = a[16] ^ d1 394 bc2 = t<<10 | t>>(64-10) 395 t = a[17] ^ d2 396 bc3 = t<<15 | t>>(64-15) 397 t = a[18] ^ d3 398 bc4 = t<<56 | t>>(64-56) 399 t = a[19] ^ d4 400 bc0 = t<<27 | t>>(64-27) 401 a[15] = bc0 ^ (bc2 &^ bc1) 402 a[16] = bc1 ^ (bc3 &^ bc2) 403 a[17] = bc2 ^ (bc4 &^ bc3) 404 a[18] = bc3 ^ (bc0 &^ bc4) 405 a[19] = bc4 ^ (bc1 &^ bc0) 406 407 t = a[20] ^ d0 408 bc3 = t<<41 | t>>(64-41) 409 t = a[21] ^ d1 410 bc4 = t<<2 | t>>(64-2) 411 t = a[22] ^ d2 412 bc0 = t<<62 | t>>(64-62) 413 t = a[23] ^ d3 414 bc1 = t<<55 | t>>(64-55) 415 t = a[24] ^ d4 416 bc2 = t<<39 | t>>(64-39) 417 a[20] = bc0 ^ (bc2 &^ bc1) 418 a[21] = bc1 ^ (bc3 &^ bc2) 419 a[22] = bc2 ^ (bc4 &^ bc3) 420 a[23] = bc3 ^ (bc0 &^ bc4) 421 a[24] = bc4 ^ (bc1 &^ bc0) 422 } 423 } 424