github.com/yinchengtsinghua/golang-Eos-dpos-Ethereum@v0.0.0-20190121132951-92cc4225ed8e/crypto/sha3/keccakf.go (about) 1 2 //此源码被清华学神尹成大魔王专业翻译分析并修改 3 //尹成QQ77025077 4 //尹成微信18510341407 5 //尹成所在QQ群721929980 6 //尹成邮箱 yinc13@mails.tsinghua.edu.cn 7 //尹成毕业于清华大学,微软区块链领域全球最有价值专家 8 //https://mvp.microsoft.com/zh-cn/PublicProfile/4033620 9 //版权所有2014 Go作者。版权所有。 10 //此源代码的使用受BSD样式的控制 11 //可以在许可文件中找到的许可证。 12 13 //+建设!AMD64发动机GCCGO 14 15 package sha3 16 17 //rc存储圆形常量以在_步骤中使用。 18 var rc = [24]uint64{ 19 0x0000000000000001, 20 0x0000000000008082, 21 0x800000000000808A, 22 0x8000000080008000, 23 0x000000000000808B, 24 0x0000000080000001, 25 0x8000000080008081, 26 0x8000000000008009, 27 0x000000000000008A, 28 0x0000000000000088, 29 0x0000000080008009, 30 0x000000008000000A, 31 0x000000008000808B, 32 0x800000000000008B, 33 0x8000000000008089, 34 0x8000000000008003, 35 0x8000000000008002, 36 0x8000000000000080, 37 0x000000000000800A, 38 0x800000008000000A, 39 0x8000000080008081, 40 0x8000000000008080, 41 0x0000000080000001, 42 0x8000000080008008, 43 } 44 45 //KECCAKF1600将KECCAK排列应用于1600B宽 46 //状态表示为25个uint64的切片。 47 func keccakF1600(a *[25]uint64) { 48 //从keccak inplace.c翻译的实现 49 //在Keccak参考代码中。 50 var t, bc0, bc1, bc2, bc3, bc4, d0, d1, d2, d3, d4 uint64 51 52 for i := 0; i < 24; i += 4 { 53 //将每轮的5个步骤组合为2个步骤。 54 //每个循环展开4个回合,并在回合之间展开一些步骤。 55 56 //第1轮 57 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 58 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 59 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 60 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 61 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 62 d0 = bc4 ^ (bc1<<1 | bc1>>63) 63 d1 = bc0 ^ (bc2<<1 | bc2>>63) 64 d2 = bc1 ^ (bc3<<1 | bc3>>63) 65 d3 = bc2 ^ (bc4<<1 | bc4>>63) 66 d4 = bc3 ^ (bc0<<1 | bc0>>63) 67 68 bc0 = a[0] ^ d0 69 t = a[6] ^ d1 70 bc1 = t<<44 | t>>(64-44) 71 t = a[12] ^ d2 72 bc2 = t<<43 | t>>(64-43) 73 t = a[18] ^ d3 74 bc3 = t<<21 | t>>(64-21) 75 t = a[24] ^ d4 76 bc4 = t<<14 | t>>(64-14) 77 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i] 78 a[6] = bc1 ^ (bc3 &^ bc2) 79 a[12] = bc2 ^ (bc4 &^ bc3) 80 a[18] = bc3 ^ (bc0 &^ bc4) 81 a[24] = bc4 ^ (bc1 &^ bc0) 82 83 t = a[10] ^ d0 84 bc2 = t<<3 | t>>(64-3) 85 t = a[16] ^ d1 86 bc3 = t<<45 | t>>(64-45) 87 t = a[22] ^ d2 88 bc4 = t<<61 | t>>(64-61) 89 t = a[3] ^ d3 90 bc0 = t<<28 | t>>(64-28) 91 t = a[9] ^ d4 92 bc1 = t<<20 | t>>(64-20) 93 a[10] = bc0 ^ (bc2 &^ bc1) 94 a[16] = bc1 ^ (bc3 &^ bc2) 95 a[22] = bc2 ^ (bc4 &^ bc3) 96 a[3] = bc3 ^ (bc0 &^ bc4) 97 a[9] = bc4 ^ (bc1 &^ bc0) 98 99 t = a[20] ^ d0 100 bc4 = t<<18 | t>>(64-18) 101 t = a[1] ^ d1 102 bc0 = t<<1 | t>>(64-1) 103 t = a[7] ^ d2 104 bc1 = t<<6 | t>>(64-6) 105 t = a[13] ^ d3 106 bc2 = t<<25 | t>>(64-25) 107 t = a[19] ^ d4 108 bc3 = t<<8 | t>>(64-8) 109 a[20] = bc0 ^ (bc2 &^ bc1) 110 a[1] = bc1 ^ (bc3 &^ bc2) 111 a[7] = bc2 ^ (bc4 &^ bc3) 112 a[13] = bc3 ^ (bc0 &^ bc4) 113 a[19] = bc4 ^ (bc1 &^ bc0) 114 115 t = a[5] ^ d0 116 bc1 = t<<36 | t>>(64-36) 117 t = a[11] ^ d1 118 bc2 = t<<10 | t>>(64-10) 119 t = a[17] ^ d2 120 bc3 = t<<15 | t>>(64-15) 121 t = a[23] ^ d3 122 bc4 = t<<56 | t>>(64-56) 123 t = a[4] ^ d4 124 bc0 = t<<27 | t>>(64-27) 125 a[5] = bc0 ^ (bc2 &^ bc1) 126 a[11] = bc1 ^ (bc3 &^ bc2) 127 a[17] = bc2 ^ (bc4 &^ bc3) 128 a[23] = bc3 ^ (bc0 &^ bc4) 129 a[4] = bc4 ^ (bc1 &^ bc0) 130 131 t = a[15] ^ d0 132 bc3 = t<<41 | t>>(64-41) 133 t = a[21] ^ d1 134 bc4 = t<<2 | t>>(64-2) 135 t = a[2] ^ d2 136 bc0 = t<<62 | t>>(64-62) 137 t = a[8] ^ d3 138 bc1 = t<<55 | t>>(64-55) 139 t = a[14] ^ d4 140 bc2 = t<<39 | t>>(64-39) 141 a[15] = bc0 ^ (bc2 &^ bc1) 142 a[21] = bc1 ^ (bc3 &^ bc2) 143 a[2] = bc2 ^ (bc4 &^ bc3) 144 a[8] = bc3 ^ (bc0 &^ bc4) 145 a[14] = bc4 ^ (bc1 &^ bc0) 146 147 //第2轮 148 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 149 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 150 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 151 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 152 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 153 d0 = bc4 ^ (bc1<<1 | bc1>>63) 154 d1 = bc0 ^ (bc2<<1 | bc2>>63) 155 d2 = bc1 ^ (bc3<<1 | bc3>>63) 156 d3 = bc2 ^ (bc4<<1 | bc4>>63) 157 d4 = bc3 ^ (bc0<<1 | bc0>>63) 158 159 bc0 = a[0] ^ d0 160 t = a[16] ^ d1 161 bc1 = t<<44 | t>>(64-44) 162 t = a[7] ^ d2 163 bc2 = t<<43 | t>>(64-43) 164 t = a[23] ^ d3 165 bc3 = t<<21 | t>>(64-21) 166 t = a[14] ^ d4 167 bc4 = t<<14 | t>>(64-14) 168 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+1] 169 a[16] = bc1 ^ (bc3 &^ bc2) 170 a[7] = bc2 ^ (bc4 &^ bc3) 171 a[23] = bc3 ^ (bc0 &^ bc4) 172 a[14] = bc4 ^ (bc1 &^ bc0) 173 174 t = a[20] ^ d0 175 bc2 = t<<3 | t>>(64-3) 176 t = a[11] ^ d1 177 bc3 = t<<45 | t>>(64-45) 178 t = a[2] ^ d2 179 bc4 = t<<61 | t>>(64-61) 180 t = a[18] ^ d3 181 bc0 = t<<28 | t>>(64-28) 182 t = a[9] ^ d4 183 bc1 = t<<20 | t>>(64-20) 184 a[20] = bc0 ^ (bc2 &^ bc1) 185 a[11] = bc1 ^ (bc3 &^ bc2) 186 a[2] = bc2 ^ (bc4 &^ bc3) 187 a[18] = bc3 ^ (bc0 &^ bc4) 188 a[9] = bc4 ^ (bc1 &^ bc0) 189 190 t = a[15] ^ d0 191 bc4 = t<<18 | t>>(64-18) 192 t = a[6] ^ d1 193 bc0 = t<<1 | t>>(64-1) 194 t = a[22] ^ d2 195 bc1 = t<<6 | t>>(64-6) 196 t = a[13] ^ d3 197 bc2 = t<<25 | t>>(64-25) 198 t = a[4] ^ d4 199 bc3 = t<<8 | t>>(64-8) 200 a[15] = bc0 ^ (bc2 &^ bc1) 201 a[6] = bc1 ^ (bc3 &^ bc2) 202 a[22] = bc2 ^ (bc4 &^ bc3) 203 a[13] = bc3 ^ (bc0 &^ bc4) 204 a[4] = bc4 ^ (bc1 &^ bc0) 205 206 t = a[10] ^ d0 207 bc1 = t<<36 | t>>(64-36) 208 t = a[1] ^ d1 209 bc2 = t<<10 | t>>(64-10) 210 t = a[17] ^ d2 211 bc3 = t<<15 | t>>(64-15) 212 t = a[8] ^ d3 213 bc4 = t<<56 | t>>(64-56) 214 t = a[24] ^ d4 215 bc0 = t<<27 | t>>(64-27) 216 a[10] = bc0 ^ (bc2 &^ bc1) 217 a[1] = bc1 ^ (bc3 &^ bc2) 218 a[17] = bc2 ^ (bc4 &^ bc3) 219 a[8] = bc3 ^ (bc0 &^ bc4) 220 a[24] = bc4 ^ (bc1 &^ bc0) 221 222 t = a[5] ^ d0 223 bc3 = t<<41 | t>>(64-41) 224 t = a[21] ^ d1 225 bc4 = t<<2 | t>>(64-2) 226 t = a[12] ^ d2 227 bc0 = t<<62 | t>>(64-62) 228 t = a[3] ^ d3 229 bc1 = t<<55 | t>>(64-55) 230 t = a[19] ^ d4 231 bc2 = t<<39 | t>>(64-39) 232 a[5] = bc0 ^ (bc2 &^ bc1) 233 a[21] = bc1 ^ (bc3 &^ bc2) 234 a[12] = bc2 ^ (bc4 &^ bc3) 235 a[3] = bc3 ^ (bc0 &^ bc4) 236 a[19] = bc4 ^ (bc1 &^ bc0) 237 238 //第3轮 239 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 240 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 241 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 242 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 243 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 244 d0 = bc4 ^ (bc1<<1 | bc1>>63) 245 d1 = bc0 ^ (bc2<<1 | bc2>>63) 246 d2 = bc1 ^ (bc3<<1 | bc3>>63) 247 d3 = bc2 ^ (bc4<<1 | bc4>>63) 248 d4 = bc3 ^ (bc0<<1 | bc0>>63) 249 250 bc0 = a[0] ^ d0 251 t = a[11] ^ d1 252 bc1 = t<<44 | t>>(64-44) 253 t = a[22] ^ d2 254 bc2 = t<<43 | t>>(64-43) 255 t = a[8] ^ d3 256 bc3 = t<<21 | t>>(64-21) 257 t = a[19] ^ d4 258 bc4 = t<<14 | t>>(64-14) 259 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+2] 260 a[11] = bc1 ^ (bc3 &^ bc2) 261 a[22] = bc2 ^ (bc4 &^ bc3) 262 a[8] = bc3 ^ (bc0 &^ bc4) 263 a[19] = bc4 ^ (bc1 &^ bc0) 264 265 t = a[15] ^ d0 266 bc2 = t<<3 | t>>(64-3) 267 t = a[1] ^ d1 268 bc3 = t<<45 | t>>(64-45) 269 t = a[12] ^ d2 270 bc4 = t<<61 | t>>(64-61) 271 t = a[23] ^ d3 272 bc0 = t<<28 | t>>(64-28) 273 t = a[9] ^ d4 274 bc1 = t<<20 | t>>(64-20) 275 a[15] = bc0 ^ (bc2 &^ bc1) 276 a[1] = bc1 ^ (bc3 &^ bc2) 277 a[12] = bc2 ^ (bc4 &^ bc3) 278 a[23] = bc3 ^ (bc0 &^ bc4) 279 a[9] = bc4 ^ (bc1 &^ bc0) 280 281 t = a[5] ^ d0 282 bc4 = t<<18 | t>>(64-18) 283 t = a[16] ^ d1 284 bc0 = t<<1 | t>>(64-1) 285 t = a[2] ^ d2 286 bc1 = t<<6 | t>>(64-6) 287 t = a[13] ^ d3 288 bc2 = t<<25 | t>>(64-25) 289 t = a[24] ^ d4 290 bc3 = t<<8 | t>>(64-8) 291 a[5] = bc0 ^ (bc2 &^ bc1) 292 a[16] = bc1 ^ (bc3 &^ bc2) 293 a[2] = bc2 ^ (bc4 &^ bc3) 294 a[13] = bc3 ^ (bc0 &^ bc4) 295 a[24] = bc4 ^ (bc1 &^ bc0) 296 297 t = a[20] ^ d0 298 bc1 = t<<36 | t>>(64-36) 299 t = a[6] ^ d1 300 bc2 = t<<10 | t>>(64-10) 301 t = a[17] ^ d2 302 bc3 = t<<15 | t>>(64-15) 303 t = a[3] ^ d3 304 bc4 = t<<56 | t>>(64-56) 305 t = a[14] ^ d4 306 bc0 = t<<27 | t>>(64-27) 307 a[20] = bc0 ^ (bc2 &^ bc1) 308 a[6] = bc1 ^ (bc3 &^ bc2) 309 a[17] = bc2 ^ (bc4 &^ bc3) 310 a[3] = bc3 ^ (bc0 &^ bc4) 311 a[14] = bc4 ^ (bc1 &^ bc0) 312 313 t = a[10] ^ d0 314 bc3 = t<<41 | t>>(64-41) 315 t = a[21] ^ d1 316 bc4 = t<<2 | t>>(64-2) 317 t = a[7] ^ d2 318 bc0 = t<<62 | t>>(64-62) 319 t = a[18] ^ d3 320 bc1 = t<<55 | t>>(64-55) 321 t = a[4] ^ d4 322 bc2 = t<<39 | t>>(64-39) 323 a[10] = bc0 ^ (bc2 &^ bc1) 324 a[21] = bc1 ^ (bc3 &^ bc2) 325 a[7] = bc2 ^ (bc4 &^ bc3) 326 a[18] = bc3 ^ (bc0 &^ bc4) 327 a[4] = bc4 ^ (bc1 &^ bc0) 328 329 //第4轮 330 bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20] 331 bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21] 332 bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22] 333 bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23] 334 bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24] 335 d0 = bc4 ^ (bc1<<1 | bc1>>63) 336 d1 = bc0 ^ (bc2<<1 | bc2>>63) 337 d2 = bc1 ^ (bc3<<1 | bc3>>63) 338 d3 = bc2 ^ (bc4<<1 | bc4>>63) 339 d4 = bc3 ^ (bc0<<1 | bc0>>63) 340 341 bc0 = a[0] ^ d0 342 t = a[1] ^ d1 343 bc1 = t<<44 | t>>(64-44) 344 t = a[2] ^ d2 345 bc2 = t<<43 | t>>(64-43) 346 t = a[3] ^ d3 347 bc3 = t<<21 | t>>(64-21) 348 t = a[4] ^ d4 349 bc4 = t<<14 | t>>(64-14) 350 a[0] = bc0 ^ (bc2 &^ bc1) ^ rc[i+3] 351 a[1] = bc1 ^ (bc3 &^ bc2) 352 a[2] = bc2 ^ (bc4 &^ bc3) 353 a[3] = bc3 ^ (bc0 &^ bc4) 354 a[4] = bc4 ^ (bc1 &^ bc0) 355 356 t = a[5] ^ d0 357 bc2 = t<<3 | t>>(64-3) 358 t = a[6] ^ d1 359 bc3 = t<<45 | t>>(64-45) 360 t = a[7] ^ d2 361 bc4 = t<<61 | t>>(64-61) 362 t = a[8] ^ d3 363 bc0 = t<<28 | t>>(64-28) 364 t = a[9] ^ d4 365 bc1 = t<<20 | t>>(64-20) 366 a[5] = bc0 ^ (bc2 &^ bc1) 367 a[6] = bc1 ^ (bc3 &^ bc2) 368 a[7] = bc2 ^ (bc4 &^ bc3) 369 a[8] = bc3 ^ (bc0 &^ bc4) 370 a[9] = bc4 ^ (bc1 &^ bc0) 371 372 t = a[10] ^ d0 373 bc4 = t<<18 | t>>(64-18) 374 t = a[11] ^ d1 375 bc0 = t<<1 | t>>(64-1) 376 t = a[12] ^ d2 377 bc1 = t<<6 | t>>(64-6) 378 t = a[13] ^ d3 379 bc2 = t<<25 | t>>(64-25) 380 t = a[14] ^ d4 381 bc3 = t<<8 | t>>(64-8) 382 a[10] = bc0 ^ (bc2 &^ bc1) 383 a[11] = bc1 ^ (bc3 &^ bc2) 384 a[12] = bc2 ^ (bc4 &^ bc3) 385 a[13] = bc3 ^ (bc0 &^ bc4) 386 a[14] = bc4 ^ (bc1 &^ bc0) 387 388 t = a[15] ^ d0 389 bc1 = t<<36 | t>>(64-36) 390 t = a[16] ^ d1 391 bc2 = t<<10 | t>>(64-10) 392 t = a[17] ^ d2 393 bc3 = t<<15 | t>>(64-15) 394 t = a[18] ^ d3 395 bc4 = t<<56 | t>>(64-56) 396 t = a[19] ^ d4 397 bc0 = t<<27 | t>>(64-27) 398 a[15] = bc0 ^ (bc2 &^ bc1) 399 a[16] = bc1 ^ (bc3 &^ bc2) 400 a[17] = bc2 ^ (bc4 &^ bc3) 401 a[18] = bc3 ^ (bc0 &^ bc4) 402 a[19] = bc4 ^ (bc1 &^ bc0) 403 404 t = a[20] ^ d0 405 bc3 = t<<41 | t>>(64-41) 406 t = a[21] ^ d1 407 bc4 = t<<2 | t>>(64-2) 408 t = a[22] ^ d2 409 bc0 = t<<62 | t>>(64-62) 410 t = a[23] ^ d3 411 bc1 = t<<55 | t>>(64-55) 412 t = a[24] ^ d4 413 bc2 = t<<39 | t>>(64-39) 414 a[20] = bc0 ^ (bc2 &^ bc1) 415 a[21] = bc1 ^ (bc3 &^ bc2) 416 a[22] = bc2 ^ (bc4 &^ bc3) 417 a[23] = bc3 ^ (bc0 &^ bc4) 418 a[24] = bc4 ^ (bc1 &^ bc0) 419 } 420 }