- Generated by
1.9.8
|
Barretenberg
The ZK-SNARK library at the core of Aztec
|
#include <sha256.hpp>
Classes | |
| struct | sparse_ch_value |
| struct | sparse_maj_value |
| struct | sparse_value |
| struct | sparse_witness_limbs |
Static Public Member Functions | |
| static std::array< field_ct, 8 > | sha256_block (const std::array< field_ct, 8 > &h_init, const std::array< field_ct, 16 > &input) |
| Apply the SHA-256 compression function to a single 512-bit message block. | |
| static std::array< field_ct, 64 > | extend_witness (const std::array< field_ct, 16 > &w_in) |
Private Types | |
| using | field_ct = field_t< Builder > |
| using | byte_array_ct = byte_array< Builder > |
Static Private Member Functions | |
| static void | prepare_constants (std::array< field_ct, 8 > &input) |
| static sparse_witness_limbs | convert_witness (const field_ct &w) |
| static field_ct | choose (sparse_value &e, const sparse_value &f, const sparse_value &g) |
| static field_ct | majority (sparse_value &a, const sparse_value &b, const sparse_value &c) |
| static sparse_value | map_into_choose_sparse_form (const field_ct &e) |
| static sparse_value | map_into_maj_sparse_form (const field_ct &e) |
| static field_ct | add_normalize (const field_ct &a, const field_ct &b) |
Static Private Attributes | |
| static constexpr uint64_t | init_constants [8] |
| static constexpr fr | base { 16 } |
| static constexpr std::array< fr, 4 > | left_multipliers |
| static constexpr std::array< fr, 4 > | right_multipliers |
| static constexpr uint64_t | round_constants [64] |
Definition at line 19 of file sha256.hpp.
|
private |
Definition at line 22 of file sha256.hpp.
|
private |
Definition at line 21 of file sha256.hpp.
|
staticprivate |
Definition at line 212 of file sha256.cpp.
|
staticprivate |
Definition at line 161 of file sha256.cpp.
|
staticprivate |
Definition at line 34 of file sha256.cpp.
|
static |
Definition at line 60 of file sha256.cpp.
|
staticprivate |
Definition at line 187 of file sha256.cpp.
|
staticprivate |
Definition at line 141 of file sha256.cpp.
|
staticprivate |
Definition at line 151 of file sha256.cpp.
|
staticprivate |
Definition at line 26 of file sha256.cpp.
|
static |
Apply the SHA-256 compression function to a single 512-bit message block.
This is the only public entry point for the stdlib SHA-256 implementation. We implement only the compression function (rather than a full hash) because this is all that is required in DSL.
| h_init | The 8-word (256-bit) initial hash state. For the first block of a message, this should be the standard SHA-256 IV. For subsequent blocks, this is the output of the previous compression. |
| input | The 16-word (512-bit) message block to compress. |
Initialize round variables with previous block output
We can initialize round variables a and c and put value h_init[0] and h_init[4] in .normal, and don't do lookup for maj_output, because majority and choose functions will do that in the next step
Extend witness
Apply SHA-256 compression function to the message schedule
Add into previous block output and return
At this point, a malicilous prover could tweak the add_normalise function and the result could be 'overflowed'. Thus, we need 32-bit range checks on the outputs. Note that we won't need range checks while applying the SHA-256 compression function because the outputs of the lookup table ensures that the output is contrained to 32 bits.
Definition at line 248 of file sha256.cpp.
|
staticconstexprprivate |
Definition at line 41 of file sha256.hpp.
|
staticconstexprprivate |
Definition at line 38 of file sha256.hpp.
|
staticconstexprprivate |
Definition at line 43 of file sha256.hpp.
|
staticconstexprprivate |
|
staticconstexprprivate |
Definition at line 57 of file sha256.hpp.
1.9.8