Barretenberg: src/barretenberg/stdlib/hash/sha256/sha256.fuzzer.cpp Source File

#include "sha256.hpp"

#include "barretenberg/circuit_checker/circuit_checker.hpp"

#include "barretenberg/crypto/sha256/sha256.hpp"

#include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"

#include <array>

#include <cassert>

#include <cstdint>


using namespace bb;

using namespace bb::stdlib;


// Convert 4 bytes to uint32_t (big-endian, as per SHA-256 spec)

static uint32_t bytes_to_uint32(const uint8_t* bytes)

{

    return (static_cast<uint32_t>(bytes[0]) << 24) | (static_cast<uint32_t>(bytes[1]) << 16) |

           (static_cast<uint32_t>(bytes[2]) << 8) | static_cast<uint32_t>(bytes[3]);

}


extern "C" int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size)

{

    // SHA-256 compression input: 32 bytes h_init (8 x uint32) + 64 bytes block (16 x uint32)

    constexpr size_t SHA256_BLOCK_INPUT_SIZE = 96;

    if (Size < SHA256_BLOCK_INPUT_SIZE) {

        return 0;

    }


    // Parse h_init (8 x 32-bit words) from first 32 bytes

    std::array<uint32_t, 8> h_init_native;

    for (size_t i = 0; i < 8; i++) {

        h_init_native[i] = bytes_to_uint32(Data + i * 4);

    }


    // Parse block (16 x 32-bit words) from next 64 bytes

    std::array<uint32_t, 16> block_native;

    for (size_t i = 0; i < 16; i++) {

        block_native[i] = bytes_to_uint32(Data + 32 + i * 4);

    }


    // Compute native result

    auto expected_output = crypto::sha256_block(h_init_native, block_native);


    // Build circuit with compression

    UltraCircuitBuilder builder;


    // Convert state to circuit field elements

    std::array<field_t<UltraCircuitBuilder>, 8> h_init;

    for (size_t i = 0; i < 8; i++) {

        h_init[i] = witness_t<UltraCircuitBuilder>(&builder, h_init_native[i]);

    }


    std::array<field_t<UltraCircuitBuilder>, 16> block;

    for (size_t i = 0; i < 16; i++) {

        block[i] = witness_t<UltraCircuitBuilder>(&builder, block_native[i]);

    }


    // Run circuit compression

    auto circuit_output = SHA256<UltraCircuitBuilder>::sha256_block(h_init, block);


    // Verify circuit correctness

    assert(CircuitChecker::check(builder));


    // Compare outputs

    for (size_t i = 0; i < 8; i++) {

        uint32_t circuit_val = static_cast<uint32_t>(uint256_t(circuit_output[i].get_value()));

        assert(circuit_val == expected_output[i]);

    }


    return 0;

}


circuit_checker.hpp

bb::TranslatorCircuitChecker::check
static bool check(const Builder &circuit)
Check the witness satisifies the circuit.
Definition translator_circuit_checker.cpp:20

bb::UltraCircuitBuilder_
Definition ultra_circuit_builder.hpp:41

bb::numeric::uint256_t
Definition uint256.hpp:32

bb::stdlib::SHA256::sha256_block
static std::array< field_ct, 8 > sha256_block(const std::array< field_ct, 8 > &h_init, const std::array< field_ct, 16 > &input)
Apply the SHA-256 compression function to a single 512-bit message block.
Definition sha256.cpp:248

bb::stdlib::witness_t
Definition witness.hpp:16

builder
AluTraceBuilder builder
Definition alu.test.cpp:124

sha256.hpp

bb::crypto::sha256_block
std::array< uint32_t, 8 > sha256_block(const std::array< uint32_t, 8 > &h_init, const std::array< uint32_t, 16 > &input)
SHA-256 compression function (FIPS 180-4 Section 6.2.2)
Definition sha256.cpp:73

bb::stdlib
Definition graph_description_goblin.test.cpp:13

bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5

std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13

LLVMFuzzerTestOneInput
int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
Definition sha256.fuzzer.cpp:34

ultra_circuit_builder.hpp

sha256.hpp