arnaucube
/
circom
mirror of https://github.com/arnaucube/circom.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commits
8 Branches
61 Tags
15 MiB
Tree: 3090419a1c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3090419a1c'
${ noResults }
circom/circuits/sha256/sha256compression.circom

146 lines
3.9 KiB
Raw Normal View History

First commit
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
First iteration sha256
6 years ago
sha256 done
6 years ago
First commit
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
First iteration sha256
6 years ago
First commit
6 years ago
sha256 done
6 years ago
First commit
6 years ago
  2. include "constants.circom";
  3. include "t1.circom";
  4. include "t2.circom";
  5. include "binsum.circom";
  6. include "sigmaplus.circom";
  8. template Sha256compression() {
  9. signal input inp[512];
  10. signal output out[256];
  11. signal a[65][32];
  12. signal b[65][32];
  13. signal c[65][32];
  14. signal d[65][32];
  15. signal e[65][32];
  16. signal f[65][32];
  17. signal g[65][32];
  18. signal h[65][32];
  19. signal w[64][32];
  21. var i;
  23. component sigmaPlus[48];
  24. for (i=0; i<48; i++) sigmaPlus[i] = SigmaPlus();
  26. component ct_k[64];
  27. for (i=0; i<64; i++) ct_k[i] = K(i);
  29. component ha0 = H(0);
  30. component hb0 = H(1);
  31. component hc0 = H(2);
  32. component hd0 = H(3);
  33. component he0 = H(4);
  34. component hf0 = H(5);
  35. component hg0 = H(6);
  36. component hh0 = H(7);
  38. component t1[64];
  39. for (i=0; i<64; i++) t1[i] = T1();
  41. component t2[64];
  42. for (i=0; i<64; i++) t2[i] = T2();
  44. component suma[64];
  45. for (i=0; i<64; i++) suma[i] = BinSum(32, 2);
  47. component sume[64];
  48. for (i=0; i<64; i++) sume[i] = BinSum(32, 2);
  50. component fsum[8];
  51. for (i=0; i<8; i++) fsum[i] = BinSum(32, 2);
  53. var k;
  54. var t;
  56. for (t=0; t<64; t++) {
  57. if (t<16) {
  58. for (k=0; k<32; k++) {
  59. w[t][k] <== inp[t*32+31-k];
  60. }
  61. } else {
  62. for (k=0; k<32; k++) {
  63. sigmaPlus[t-16].in2[k] <== w[t-2][k];
  64. sigmaPlus[t-16].in7[k] <== w[t-7][k];
  65. sigmaPlus[t-16].in15[k] <== w[t-15][k];
  66. sigmaPlus[t-16].in16[k] <== w[t-16][k];
  67. w[t][k] <== sigmaPlus[t-16].out[k];
  68. }
  69. }
  70. }
  72. for (k=0; k<32; k++ ) {
  73. a[0][k] <== ha0.out[k]
  74. b[0][k] <== hb0.out[k]
  75. c[0][k] <== hc0.out[k]
  76. d[0][k] <== hd0.out[k]
  77. e[0][k] <== he0.out[k]
  78. f[0][k] <== hf0.out[k]
  79. g[0][k] <== hg0.out[k]
  80. h[0][k] <== hh0.out[k]
  81. }
  83. for (t = 0; t<64; t++) {
  84. for (k=0; k<32; k++) {
  85. t1[t].h[k] <== h[t][k];
  86. t1[t].e[k] <== e[t][k];
  87. t1[t].f[k] <== f[t][k];
  88. t1[t].g[k] <== g[t][k];
  89. t1[t].k[k] <== ct_k[t].out[k];
  90. t1[t].w[k] <== w[t][k];
  92. t2[t].a[k] <== a[t][k];
  93. t2[t].b[k] <== b[t][k];
  94. t2[t].c[k] <== c[t][k];
  95. }
  97. for (k=0; k<32; k++) {
  98. sume[t].in[0][k] <== d[t][k];
  99. sume[t].in[1][k] <== t1[t].out[k];
  101. suma[t].in[0][k] <== t1[t].out[k];
  102. suma[t].in[1][k] <== t2[t].out[k];
  103. }
  105. for (k=0; k<32; k++) {
  106. h[t+1][k] <== g[t][k];
  107. g[t+1][k] <== f[t][k];
  108. f[t+1][k] <== e[t][k];
  109. e[t+1][k] <== sume[t].out[k];
  110. d[t+1][k] <== c[t][k];
  111. c[t+1][k] <== b[t][k];
  112. b[t+1][k] <== a[t][k];
  113. a[t+1][k] <== suma[t].out[k];
  114. }
  115. }
  117. for (k=0; k<32; k++) {
  118. fsum[0].in[0][k] <== ha0.out[k];
  119. fsum[0].in[1][k] <== a[64][k];
  120. fsum[1].in[0][k] <== hb0.out[k];
  121. fsum[1].in[1][k] <== b[64][k];
  122. fsum[2].in[0][k] <== hc0.out[k];
  123. fsum[2].in[1][k] <== c[64][k];
  124. fsum[3].in[0][k] <== hd0.out[k];
  125. fsum[3].in[1][k] <== d[64][k];
  126. fsum[4].in[0][k] <== he0.out[k];
  127. fsum[4].in[1][k] <== e[64][k];
  128. fsum[5].in[0][k] <== hf0.out[k];
  129. fsum[5].in[1][k] <== f[64][k];
  130. fsum[6].in[0][k] <== hg0.out[k];
  131. fsum[6].in[1][k] <== g[64][k];
  132. fsum[7].in[0][k] <== hh0.out[k];
  133. fsum[7].in[1][k] <== h[64][k];
  134. }
  136. for (k=0; k<32; k++) {
  137. out[31-k] <== fsum[0].out[k];
  138. out[32+31-k] <== fsum[1].out[k];
  139. out[64+31-k] <== fsum[2].out[k];
  140. out[96+31-k] <== fsum[3].out[k];
  141. out[128+31-k] <== fsum[4].out[k];
  142. out[160+31-k] <== fsum[5].out[k];
  143. out[192+31-k] <== fsum[6].out[k];
  144. out[224+31-k] <== fsum[7].out[k];
  145. }
  146. }