-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #27 from erdoganishe/main
Separating hashing into submodule
- Loading branch information
Showing
37 changed files
with
1,964 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| pragma circom 2.1.8; | ||
|
|
||
| include "./passportHash.circom"; | ||
|
|
||
| component main = PassportHash(512, 1, 160); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| pragma circom 2.1.8; | ||
|
|
||
| include "./sha1/sha1.circom"; | ||
| include "./sha2/sha224/sha224_hash_bits.circom"; | ||
| include "./sha2/sha256/sha256_hash_bits.circom"; | ||
| include "./sha2/sha384/sha384_hash_bits.circom"; | ||
| include "./sha2/sha512/sha512_hash_bits.circom"; | ||
|
|
||
| template PassportHash(BLOCK_SIZE, BLOCK_NUM, ALGO){ | ||
|
|
||
| assert(ALGO == 160 || ALGO == 224 || ALGO == 256 || ALGO == 384 || ALGO == 512); | ||
|
|
||
| signal input in[BLOCK_SIZE * BLOCK_NUM]; | ||
| signal output out[ALGO]; | ||
|
|
||
| if (ALGO == 160) { | ||
| component hash160 = Sha1(BLOCK_NUM); | ||
| hash160.in <== in; | ||
| hash160.out ==> out; | ||
| } | ||
| if (ALGO == 224) { | ||
| component hash224 = Sha224_hash_chunks(BLOCK_NUM); | ||
| hash224.in <== in; | ||
| hash224.out ==> out; | ||
| } | ||
| if (ALGO == 256) { | ||
| component hash256 = Sha256_hash_chunks(BLOCK_NUM); | ||
| hash256.in <== in; | ||
| hash256.out ==> out; | ||
| } | ||
| if (ALGO == 384) { | ||
| component hash384 = Sha384_hash_chunks(BLOCK_NUM); | ||
| hash384.in <== in; | ||
| hash384.out ==> out; | ||
| } | ||
| if (ALGO == 512) { | ||
| component hash512 = Sha512_hash_chunks(BLOCK_NUM); | ||
| hash512.in <== in; | ||
| hash512.out ==> out; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| include "circomlib/circuits/bitify.circom"; | ||
|
|
||
| template H(x) { | ||
| signal output out[32]; | ||
| var c[5] = [ | ||
| 0x67452301, | ||
| 0xefcdab89, | ||
| 0x98badcfe, | ||
| 0x10325476, | ||
| 0xc3d2e1f0 | ||
| ]; | ||
|
|
||
| component bitify = Num2Bits(32); | ||
| bitify.in <== c[x]; | ||
|
|
||
| for (var k = 0; k < 32; k++) { | ||
| out[k] <== bitify.out[31 - k]; | ||
| } | ||
| } | ||
|
|
||
| template K(t) { | ||
| signal output out[32]; | ||
| var k[4] = [0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6]; | ||
|
|
||
| component bitify = Num2Bits(32); | ||
|
|
||
| var i; | ||
|
|
||
| if (0 <= t && t <= 19) { | ||
| bitify.in <== k[0]; | ||
| } | ||
|
|
||
| if (20 <= t && t <= 39) { | ||
| bitify.in <== k[1]; | ||
| } | ||
|
|
||
| if (40 <= t && t <= 59) { | ||
| bitify.in <== k[2]; | ||
| } | ||
|
|
||
| if (60 <= t && t <= 79) { | ||
| bitify.in <== k[3]; | ||
| } | ||
|
|
||
| for (var k = 0; k < 32; k++) { | ||
| out[k] <== bitify.out[31 - k]; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| include "./parity.circom"; | ||
| include "circomlib/circuits/sha256/maj.circom"; | ||
| include "circomlib/circuits/sha256/ch.circom"; | ||
|
|
||
| template f_t(t) { | ||
| signal input b[32]; | ||
| signal input c[32]; | ||
| signal input d[32]; | ||
| signal output out[32]; | ||
|
|
||
| component maj = Maj_t(32); | ||
| component parity = Parity_t(32); | ||
| component ch = Ch_t(32); | ||
|
|
||
| var k; | ||
|
|
||
| // ch(x, y, z) | ||
| for (k = 0; k < 32; k++) { | ||
| ch.a[k] <== b[k]; | ||
| ch.b[k] <== c[k]; | ||
| ch.c[k] <== d[k]; | ||
| } | ||
|
|
||
| // parity(x, y, z) | ||
| for (k = 0; k < 32; k++) { | ||
| parity.a[k] <== b[k]; | ||
| parity.b[k] <== c[k]; | ||
| parity.c[k] <== d[k]; | ||
| } | ||
|
|
||
| // maj(x, y, z) | ||
| for (k = 0; k < 32; k++) { | ||
| maj.a[k] <== b[k]; | ||
| maj.b[k] <== c[k]; | ||
| maj.c[k] <== d[k]; | ||
| } | ||
|
|
||
| if (t <= 19) { | ||
| for (k = 0; k < 32; k++) { | ||
| out[k] <== ch.out[k]; | ||
| } | ||
| } else { | ||
| if (t <= 39 || t >= 60) { | ||
| for (k = 0; k < 32; k++) { | ||
| out[k] <== parity.out[k]; | ||
| } | ||
| } else { | ||
| for (k = 0; k < 32; k++) { | ||
| out[k] <== maj.out[k]; | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| include "circomlib/circuits/sha256/xor3.circom"; | ||
|
|
||
| template Parity_t(n) { | ||
| signal input a[n]; | ||
| signal input b[n]; | ||
| signal input c[n]; | ||
| signal output out[n]; | ||
|
|
||
| component xor3 = Xor3(32); | ||
| var k; | ||
|
|
||
| for (k = 0; k < 32; k++) { | ||
| xor3.a[k] <== a[k]; | ||
| xor3.b[k] <== b[k]; | ||
| xor3.c[k] <== c[k]; | ||
| } | ||
|
|
||
| for (k = 0; k < 32; k++) { | ||
| out[k] <== xor3.out[k]; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| template RotL(n, l) { | ||
| signal input in[n]; | ||
| signal output out[n]; | ||
|
|
||
| for (var i = n - 1; i >= 0; i--) { | ||
| out[i] <== in[(i + l) % n]; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| include "constants.circom"; | ||
| include "sha1compression.circom"; | ||
|
|
||
| template Sha1(BLOCK_NUM) { | ||
| signal input in[BLOCK_NUM * 512]; | ||
| signal output out[160]; | ||
|
|
||
| var i; | ||
| var k; | ||
| var bitsLastBlock; | ||
|
|
||
|
|
||
| component ha0 = H(0); | ||
| component hb0 = H(1); | ||
| component hc0 = H(2); | ||
| component hd0 = H(3); | ||
| component he0 = H(4); | ||
|
|
||
| component sha1compression[BLOCK_NUM]; | ||
|
|
||
| for (i = 0; i < BLOCK_NUM; i++) { | ||
| sha1compression[i] = Sha1compression(); | ||
|
|
||
| if (i == 0) { | ||
| for (k = 0; k < 32; k++) { | ||
| sha1compression[i].hin[32 * 0 + k] <== ha0.out[k]; | ||
| sha1compression[i].hin[32 * 1 + k] <== hb0.out[k]; | ||
| sha1compression[i].hin[32 * 2 + k] <== hc0.out[k]; | ||
| sha1compression[i].hin[32 * 3 + k] <== hd0.out[k]; | ||
| sha1compression[i].hin[32 * 4 + k] <== he0.out[k]; | ||
| } | ||
| } else { | ||
| for (k = 0; k < 32; k++) { | ||
| sha1compression[i].hin[32 * 0 + k] <== sha1compression[i - 1].out[32 * 0 + 31 - k]; | ||
| sha1compression[i].hin[32 * 1 + k] <== sha1compression[i - 1].out[32 * 1 + 31 - k]; | ||
| sha1compression[i].hin[32 * 2 + k] <== sha1compression[i - 1].out[32 * 2 + 31 - k]; | ||
| sha1compression[i].hin[32 * 3 + k] <== sha1compression[i - 1].out[32 * 3 + 31 - k]; | ||
| sha1compression[i].hin[32 * 4 + k] <== sha1compression[i - 1].out[32 * 4 + 31 - k]; | ||
| } | ||
| } | ||
|
|
||
| for (k = 0; k < 512; k++) { | ||
| sha1compression[i].inp[k] <== in[i * 512 + k]; | ||
| } | ||
| } | ||
|
|
||
| for (i = 0; i < 5; i++) { | ||
| for (k = 0; k < 32; k++) { | ||
| out[(31 - k) + i * 32] <== sha1compression[BLOCK_NUM - 1].out[k + i * 32]; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,119 @@ | ||
| pragma circom 2.1.6; | ||
|
|
||
| include "./rotate.circom"; | ||
| include "./xor4.circom"; | ||
| include "./constants.circom"; | ||
| include "./t.circom"; | ||
|
|
||
| template Sha1compression() { | ||
| signal input hin[160]; | ||
| signal input inp[512]; | ||
| signal output out[160]; | ||
|
|
||
| signal a[81][32]; | ||
| signal b[81][32]; | ||
| signal c[81][32]; | ||
| signal d[81][32]; | ||
| signal e[81][32]; | ||
| signal w[80][32]; | ||
|
|
||
| var i; | ||
|
|
||
| component rotl_1[64]; | ||
| for (i = 0; i < 64; i++) rotl_1[i] = RotL(32, 1); | ||
|
|
||
| component xor4[64]; | ||
| for (i = 0; i < 64; i++) xor4[i] = Xor4(32); | ||
|
|
||
| component rotl_30[80]; | ||
| for (i = 0; i <= 79; i++) rotl_30[i] = RotL(32, 30); | ||
|
|
||
| component K_t[80]; | ||
| for (i = 0; i <= 79; i++) K_t[i] = K(i); | ||
|
|
||
| component t_tmp[80]; | ||
| for (i = 0; i <= 79; i++) t_tmp[i] = T(i); | ||
|
|
||
| component fsum[5]; | ||
| for (i = 0; i < 5; i++) fsum[i] = BinSum(32, 2); | ||
|
|
||
| var k; | ||
| var t; | ||
|
|
||
| for (t = 0; t <= 15; t++) { | ||
| for (k = 0; k < 32; k++) { | ||
| w[t][k] <== inp[t * 32 + k]; | ||
| } | ||
| } | ||
|
|
||
| for (t = 16; t <= 79; t++) { | ||
| for (k = 0; k < 32; k++) { | ||
| xor4[t - 16].a[k] <== w[t - 3][k]; | ||
| xor4[t - 16].b[k] <== w[t - 8][k]; | ||
| xor4[t - 16].c[k] <== w[t - 14][k]; | ||
| xor4[t - 16].d[k] <== w[t - 16][k]; | ||
| } | ||
| for (k = 0; k < 32; k++) { | ||
| rotl_1[t - 16].in[k] <== xor4[t - 16].out[k]; | ||
| } | ||
| for (k = 0; k < 32; k++) { | ||
| w[t][k] <== rotl_1[t - 16].out[k]; | ||
| } | ||
| } | ||
|
|
||
| // Initialize five working variables | ||
| for (k = 0; k < 32; k++) { | ||
| a[0][k] <== hin[k]; | ||
| b[0][k] <== hin[32 * 1 + k]; | ||
| c[0][k] <== hin[32 * 2 + k]; | ||
| d[0][k] <== hin[32 * 3 + k]; | ||
| e[0][k] <== hin[32 * 4 + k]; | ||
| } | ||
|
|
||
| for (t = 0; t <= 79; t++) { | ||
| for (k = 0; k < 32; k++) { | ||
| t_tmp[t].a[k] <== a[t][k]; | ||
| t_tmp[t].b[k] <== b[t][k]; | ||
| t_tmp[t].c[k] <== c[t][k]; | ||
| t_tmp[t].d[k] <== d[t][k]; | ||
| t_tmp[t].e[k] <== e[t][k]; | ||
| t_tmp[t].k_t[k] <== K_t[t].out[k]; | ||
| t_tmp[t].w[k] <== w[t][k]; | ||
|
|
||
| rotl_30[t].in[k] <== b[t][k]; | ||
| } | ||
|
|
||
| for (k = 0; k < 32; k++) { | ||
| e[t + 1][k] <== d[t][k]; | ||
| d[t + 1][k] <== c[t][k]; | ||
| c[t + 1][k] <== rotl_30[t].out[k]; | ||
| b[t + 1][k] <== a[t][k]; | ||
| a[t + 1][k] <== t_tmp[t].out[k]; | ||
| } | ||
| } | ||
|
|
||
| for (k = 0; k < 32; k++) { | ||
| fsum[0].in[0][k] <== hin[31 * 1 - k]; | ||
| fsum[0].in[1][k] <== a[80][31 - k]; | ||
|
|
||
| fsum[1].in[0][k] <== hin[31 * 2 - k + 1]; | ||
| fsum[1].in[1][k] <== b[80][31 - k]; | ||
|
|
||
| fsum[2].in[0][k] <== hin[31 * 3 - k + 2]; | ||
| fsum[2].in[1][k] <== c[80][31 - k]; | ||
|
|
||
| fsum[3].in[0][k] <== hin[31 * 4 - k + 3 ]; | ||
| fsum[3].in[1][k] <== d[80][31 - k]; | ||
|
|
||
| fsum[4].in[0][k] <== hin[31 * 5 - k + 4]; | ||
| fsum[4].in[1][k] <== e[80][31 - k]; | ||
| } | ||
|
|
||
| for (k=0; k<32; k++) { | ||
| out[k] <== fsum[0].out[k]; | ||
| out[k + 32 * 1] <== fsum[1].out[k]; | ||
| out[k + 32 * 2] <== fsum[2].out[k]; | ||
| out[k + 32 * 3] <== fsum[3].out[k]; | ||
| out[k + 32 * 4] <== fsum[4].out[k]; | ||
| } | ||
| } |
Oops, something went wrong.