|
|
pragma circom 2.0.0;
include "./utils.circom";
template RC(r) { signal output out[64]; var rc[24] = [ 0x0000000000000001, 0x0000000000008082, 0x800000000000808A, 0x8000000080008000, 0x000000000000808B, 0x0000000080000001, 0x8000000080008081, 0x8000000000008009, 0x000000000000008A, 0x0000000000000088, 0x0000000080008009, 0x000000008000000A, 0x000000008000808B, 0x800000000000008B, 0x8000000000008089, 0x8000000000008003, 0x8000000000008002, 0x8000000000000080, 0x000000000000800A, 0x800000008000000A, 0x8000000080008081, 0x8000000000008080, 0x0000000080000001, 0x8000000080008008 ]; for (var i=0; i<64; i++) { out[i] <== (rc[r] >> i) & 1; }}
template Iota(r) { signal input in[25*64]; signal output out[25*64]; var i;
component rc = RC(r);
component iota = XorArray(64); for (var i=0; i<64; i++) { iota.a[i] <== in[i]; iota.b[i] <== rc.out[i]; } for (i=0; i<64; i++) { out[i] <== iota.out[i]; } for (i=64; i<25*64; i++) { out[i] <== in[i]; }}
|
