diff options
Diffstat (limited to 'std/hash/_sha3')
| -rw-r--r-- | std/hash/_sha3/keccak.ts | 52 | ||||
| -rw-r--r-- | std/hash/_sha3/keccakf.ts | 790 | ||||
| -rw-r--r-- | std/hash/_sha3/sha3.ts | 56 | ||||
| -rw-r--r-- | std/hash/_sha3/shake.ts | 51 | ||||
| -rw-r--r-- | std/hash/_sha3/sponge.ts | 111 |
5 files changed, 0 insertions, 1060 deletions
diff --git a/std/hash/_sha3/keccak.ts b/std/hash/_sha3/keccak.ts deleted file mode 100644 index 403a2dcb0..000000000 --- a/std/hash/_sha3/keccak.ts +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. - -import { Sponge } from "./sponge.ts"; -import { keccakf } from "./keccakf.ts"; - -/** Keccak-224 hash */ -export class Keccak224 extends Sponge { - constructor() { - super({ - bitsize: 224, - rate: 144, - dsbyte: 1, - permutator: keccakf, - }); - } -} - -/** Keccak-256 hash */ -export class Keccak256 extends Sponge { - constructor() { - super({ - bitsize: 256, - rate: 136, - dsbyte: 1, - permutator: keccakf, - }); - } -} - -/** Keccak-384 hash */ -export class Keccak384 extends Sponge { - constructor() { - super({ - bitsize: 384, - rate: 104, - dsbyte: 1, - permutator: keccakf, - }); - } -} - -/** Keccak-512 hash */ -export class Keccak512 extends Sponge { - constructor() { - super({ - bitsize: 512, - rate: 72, - dsbyte: 1, - permutator: keccakf, - }); - } -} diff --git a/std/hash/_sha3/keccakf.ts b/std/hash/_sha3/keccakf.ts deleted file mode 100644 index 0ba2b870c..000000000 --- a/std/hash/_sha3/keccakf.ts +++ /dev/null @@ -1,790 +0,0 @@ -// Ported from Go: -// https://github.com/golang/crypto/blob/master/sha3/keccakf.go -// Copyright 2011 The Go Authors. All rights reserved. BSD license. -// https://github.com/golang/go/blob/master/LICENSE -// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. - -const KECCAK_ROUNDS = 24; -const KECCAK_RC: number[] = [ - 0x1, - 0x0, - 0x8082, - 0x0, - 0x808a, - 0x80000000, - 0x80008000, - 0x80000000, - 0x808b, - 0x0, - 0x80000001, - 0x0, - 0x80008081, - 0x80000000, - 0x8009, - 0x80000000, - 0x8a, - 0x0, - 0x88, - 0x0, - 0x80008009, - 0x0, - 0x8000000a, - 0x0, - 0x8000808b, - 0x0, - 0x8b, - 0x80000000, - 0x8089, - 0x80000000, - 0x8003, - 0x80000000, - 0x8002, - 0x80000000, - 0x80, - 0x80000000, - 0x800a, - 0x0, - 0x8000000a, - 0x80000000, - 0x80008081, - 0x80000000, - 0x8080, - 0x80000000, - 0x80000001, - 0x0, - 0x80008008, - 0x80000000, -]; - -/** keccak1600 permutation function */ -export function keccakf(state: Uint8Array): void { - const s = new Uint32Array(state.buffer); - let bc0 = 0; - let bc1 = 0; - let bc2 = 0; - let bc3 = 0; - let bc4 = 0; - let bc5 = 0; - let bc6 = 0; - let bc7 = 0; - let bc8 = 0; - let bc9 = 0; - let d0 = 0; - let d1 = 0; - let d2 = 0; - let d3 = 0; - let d4 = 0; - let d5 = 0; - let d6 = 0; - let d7 = 0; - let d8 = 0; - let d9 = 0; - let t0 = 0; - let t1 = 0; - - for (let n = 0; n < KECCAK_ROUNDS * 2; n += 8) { - // Round 1 - bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40]; - bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41]; - bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42]; - bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43]; - bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44]; - bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45]; - bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46]; - bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47]; - bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48]; - bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49]; - - d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31)); - d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31)); - d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31)); - d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31)); - d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31)); - d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31)); - d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31)); - d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31)); - d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31)); - d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31)); - - bc0 = s[0] ^ d0; - bc1 = s[1] ^ d1; - t0 = s[12] ^ d2; - t1 = s[13] ^ d3; - bc2 = (t1 << 12) | (t0 >>> 20); - bc3 = (t0 << 12) | (t1 >>> 20); - t0 = s[24] ^ d4; - t1 = s[25] ^ d5; - bc4 = (t1 << 11) | (t0 >>> 21); - bc5 = (t0 << 11) | (t1 >>> 21); - t0 = s[36] ^ d6; - t1 = s[37] ^ d7; - bc6 = (t0 << 21) | (t1 >>> 11); - bc7 = (t1 << 21) | (t0 >>> 11); - t0 = s[48] ^ d8; - t1 = s[49] ^ d9; - bc8 = (t0 << 14) | (t1 >>> 18); - bc9 = (t1 << 14) | (t0 >>> 18); - s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n]; - s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 1]; - s[12] = bc2 ^ (bc6 & ~bc4); - s[13] = bc3 ^ (bc7 & ~bc5); - s[24] = bc4 ^ (bc8 & ~bc6); - s[25] = bc5 ^ (bc9 & ~bc7); - s[36] = bc6 ^ (bc0 & ~bc8); - s[37] = bc7 ^ (bc1 & ~bc9); - s[48] = bc8 ^ (bc2 & ~bc0); - s[49] = bc9 ^ (bc3 & ~bc1); - - t0 = s[20] ^ d0; - t1 = s[21] ^ d1; - bc4 = (t0 << 3) | (t1 >>> 29); - bc5 = (t1 << 3) | (t0 >>> 29); - t0 = s[32] ^ d2; - t1 = s[33] ^ d3; - bc6 = (t1 << 13) | (t0 >>> 19); - bc7 = (t0 << 13) | (t1 >>> 19); - t0 = s[44] ^ d4; - t1 = s[45] ^ d5; - bc8 = (t1 << 29) | (t0 >>> 3); - bc9 = (t0 << 29) | (t1 >>> 3); - t0 = s[6] ^ d6; - t1 = s[7] ^ d7; - bc0 = (t0 << 28) | (t1 >>> 4); - bc1 = (t1 << 28) | (t0 >>> 4); - t0 = s[18] ^ d8; - t1 = s[19] ^ d9; - bc2 = (t0 << 20) | (t1 >>> 12); - bc3 = (t1 << 20) | (t0 >>> 12); - s[20] = bc0 ^ (bc4 & ~bc2); - s[21] = bc1 ^ (bc5 & ~bc3); - s[32] = bc2 ^ (bc6 & ~bc4); - s[33] = bc3 ^ (bc7 & ~bc5); - s[44] = bc4 ^ (bc8 & ~bc6); - s[45] = bc5 ^ (bc9 & ~bc7); - s[6] = bc6 ^ (bc0 & ~bc8); - s[7] = bc7 ^ (bc1 & ~bc9); - s[18] = bc8 ^ (bc2 & ~bc0); - s[19] = bc9 ^ (bc3 & ~bc1); - - t0 = s[40] ^ d0; - t1 = s[41] ^ d1; - bc8 = (t0 << 18) | (t1 >>> 14); - bc9 = (t1 << 18) | (t0 >>> 14); - t0 = s[2] ^ d2; - t1 = s[3] ^ d3; - bc0 = (t0 << 1) | (t1 >>> 31); - bc1 = (t1 << 1) | (t0 >>> 31); - t0 = s[14] ^ d4; - t1 = s[15] ^ d5; - bc2 = (t0 << 6) | (t1 >>> 26); - bc3 = (t1 << 6) | (t0 >>> 26); - t0 = s[26] ^ d6; - t1 = s[27] ^ d7; - bc4 = (t0 << 25) | (t1 >>> 7); - bc5 = (t1 << 25) | (t0 >>> 7); - t0 = s[38] ^ d8; - t1 = s[39] ^ d9; - bc6 = (t0 << 8) | (t1 >>> 24); - bc7 = (t1 << 8) | (t0 >>> 24); - s[40] = bc0 ^ (bc4 & ~bc2); - s[41] = bc1 ^ (bc5 & ~bc3); - s[2] = bc2 ^ (bc6 & ~bc4); - s[3] = bc3 ^ (bc7 & ~bc5); - s[14] = bc4 ^ (bc8 & ~bc6); - s[15] = bc5 ^ (bc9 & ~bc7); - s[26] = bc6 ^ (bc0 & ~bc8); - s[27] = bc7 ^ (bc1 & ~bc9); - s[38] = bc8 ^ (bc2 & ~bc0); - s[39] = bc9 ^ (bc3 & ~bc1); - - t0 = s[10] ^ d0; - t1 = s[11] ^ d1; - bc2 = (t1 << 4) | (t0 >>> 28); - bc3 = (t0 << 4) | (t1 >>> 28); - t0 = s[22] ^ d2; - t1 = s[23] ^ d3; - bc4 = (t0 << 10) | (t1 >>> 22); - bc5 = (t1 << 10) | (t0 >>> 22); - t0 = s[34] ^ d4; - t1 = s[35] ^ d5; - bc6 = (t0 << 15) | (t1 >>> 17); - bc7 = (t1 << 15) | (t0 >>> 17); - t0 = s[46] ^ d6; - t1 = s[47] ^ d7; - bc8 = (t1 << 24) | (t0 >>> 8); - bc9 = (t0 << 24) | (t1 >>> 8); - t0 = s[8] ^ d8; - t1 = s[9] ^ d9; - bc0 = (t0 << 27) | (t1 >>> 5); - bc1 = (t1 << 27) | (t0 >>> 5); - s[10] = bc0 ^ (bc4 & ~bc2); - s[11] = bc1 ^ (bc5 & ~bc3); - s[22] = bc2 ^ (bc6 & ~bc4); - s[23] = bc3 ^ (bc7 & ~bc5); - s[34] = bc4 ^ (bc8 & ~bc6); - s[35] = bc5 ^ (bc9 & ~bc7); - s[46] = bc6 ^ (bc0 & ~bc8); - s[47] = bc7 ^ (bc1 & ~bc9); - s[8] = bc8 ^ (bc2 & ~bc0); - s[9] = bc9 ^ (bc3 & ~bc1); - - t0 = s[30] ^ d0; - t1 = s[31] ^ d1; - bc6 = (t1 << 9) | (t0 >>> 23); - bc7 = (t0 << 9) | (t1 >>> 23); - t0 = s[42] ^ d2; - t1 = s[43] ^ d3; - bc8 = (t0 << 2) | (t1 >>> 30); - bc9 = (t1 << 2) | (t0 >>> 30); - t0 = s[4] ^ d4; - t1 = s[5] ^ d5; - bc0 = (t1 << 30) | (t0 >>> 2); - bc1 = (t0 << 30) | (t1 >>> 2); - t0 = s[16] ^ d6; - t1 = s[17] ^ d7; - bc2 = (t1 << 23) | (t0 >>> 9); - bc3 = (t0 << 23) | (t1 >>> 9); - t0 = s[28] ^ d8; - t1 = s[29] ^ d9; - bc4 = (t1 << 7) | (t0 >>> 25); - bc5 = (t0 << 7) | (t1 >>> 25); - s[30] = bc0 ^ (bc4 & ~bc2); - s[31] = bc1 ^ (bc5 & ~bc3); - s[42] = bc2 ^ (bc6 & ~bc4); - s[43] = bc3 ^ (bc7 & ~bc5); - s[4] = bc4 ^ (bc8 & ~bc6); - s[5] = bc5 ^ (bc9 & ~bc7); - s[16] = bc6 ^ (bc0 & ~bc8); - s[17] = bc7 ^ (bc1 & ~bc9); - s[28] = bc8 ^ (bc2 & ~bc0); - s[29] = bc9 ^ (bc3 & ~bc1); - - // Round 2 - bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40]; - bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41]; - bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42]; - bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43]; - bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44]; - bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45]; - bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46]; - bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47]; - bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48]; - bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49]; - - d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31)); - d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31)); - d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31)); - d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31)); - d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31)); - d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31)); - d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31)); - d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31)); - d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31)); - d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31)); - - bc0 = s[0] ^ d0; - bc1 = s[1] ^ d1; - t0 = s[32] ^ d2; - t1 = s[33] ^ d3; - bc2 = (t1 << 12) | (t0 >>> 20); - bc3 = (t0 << 12) | (t1 >>> 20); - t0 = s[14] ^ d4; - t1 = s[15] ^ d5; - bc4 = (t1 << 11) | (t0 >>> 21); - bc5 = (t0 << 11) | (t1 >>> 21); - t0 = s[46] ^ d6; - t1 = s[47] ^ d7; - bc6 = (t0 << 21) | (t1 >>> 11); - bc7 = (t1 << 21) | (t0 >>> 11); - t0 = s[28] ^ d8; - t1 = s[29] ^ d9; - bc8 = (t0 << 14) | (t1 >>> 18); - bc9 = (t1 << 14) | (t0 >>> 18); - s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 2]; - s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 3]; - s[32] = bc2 ^ (bc6 & ~bc4); - s[33] = bc3 ^ (bc7 & ~bc5); - s[14] = bc4 ^ (bc8 & ~bc6); - s[15] = bc5 ^ (bc9 & ~bc7); - s[46] = bc6 ^ (bc0 & ~bc8); - s[47] = bc7 ^ (bc1 & ~bc9); - s[28] = bc8 ^ (bc2 & ~bc0); - s[29] = bc9 ^ (bc3 & ~bc1); - - t0 = s[40] ^ d0; - t1 = s[41] ^ d1; - bc4 = (t0 << 3) | (t1 >>> 29); - bc5 = (t1 << 3) | (t0 >>> 29); - t0 = s[22] ^ d2; - t1 = s[23] ^ d3; - bc6 = (t1 << 13) | (t0 >>> 19); - bc7 = (t0 << 13) | (t1 >>> 19); - t0 = s[4] ^ d4; - t1 = s[5] ^ d5; - bc8 = (t1 << 29) | (t0 >>> 3); - bc9 = (t0 << 29) | (t1 >>> 3); - t0 = s[36] ^ d6; - t1 = s[37] ^ d7; - bc0 = (t0 << 28) | (t1 >>> 4); - bc1 = (t1 << 28) | (t0 >>> 4); - t0 = s[18] ^ d8; - t1 = s[19] ^ d9; - bc2 = (t0 << 20) | (t1 >>> 12); - bc3 = (t1 << 20) | (t0 >>> 12); - s[40] = bc0 ^ (bc4 & ~bc2); - s[41] = bc1 ^ (bc5 & ~bc3); - s[22] = bc2 ^ (bc6 & ~bc4); - s[23] = bc3 ^ (bc7 & ~bc5); - s[4] = bc4 ^ (bc8 & ~bc6); - s[5] = bc5 ^ (bc9 & ~bc7); - s[36] = bc6 ^ (bc0 & ~bc8); - s[37] = bc7 ^ (bc1 & ~bc9); - s[18] = bc8 ^ (bc2 & ~bc0); - s[19] = bc9 ^ (bc3 & ~bc1); - - t0 = s[30] ^ d0; - t1 = s[31] ^ d1; - bc8 = (t0 << 18) | (t1 >>> 14); - bc9 = (t1 << 18) | (t0 >>> 14); - t0 = s[12] ^ d2; - t1 = s[13] ^ d3; - bc0 = (t0 << 1) | (t1 >>> 31); - bc1 = (t1 << 1) | (t0 >>> 31); - t0 = s[44] ^ d4; - t1 = s[45] ^ d5; - bc2 = (t0 << 6) | (t1 >>> 26); - bc3 = (t1 << 6) | (t0 >>> 26); - t0 = s[26] ^ d6; - t1 = s[27] ^ d7; - bc4 = (t0 << 25) | (t1 >>> 7); - bc5 = (t1 << 25) | (t0 >>> 7); - t0 = s[8] ^ d8; - t1 = s[9] ^ d9; - bc6 = (t0 << 8) | (t1 >>> 24); - bc7 = (t1 << 8) | (t0 >>> 24); - s[30] = bc0 ^ (bc4 & ~bc2); - s[31] = bc1 ^ (bc5 & ~bc3); - s[12] = bc2 ^ (bc6 & ~bc4); - s[13] = bc3 ^ (bc7 & ~bc5); - s[44] = bc4 ^ (bc8 & ~bc6); - s[45] = bc5 ^ (bc9 & ~bc7); - s[26] = bc6 ^ (bc0 & ~bc8); - s[27] = bc7 ^ (bc1 & ~bc9); - s[8] = bc8 ^ (bc2 & ~bc0); - s[9] = bc9 ^ (bc3 & ~bc1); - - t0 = s[20] ^ d0; - t1 = s[21] ^ d1; - bc2 = (t1 << 4) | (t0 >>> 28); - bc3 = (t0 << 4) | (t1 >>> 28); - t0 = s[2] ^ d2; - t1 = s[3] ^ d3; - bc4 = (t0 << 10) | (t1 >>> 22); - bc5 = (t1 << 10) | (t0 >>> 22); - t0 = s[34] ^ d4; - t1 = s[35] ^ d5; - bc6 = (t0 << 15) | (t1 >>> 17); - bc7 = (t1 << 15) | (t0 >>> 17); - t0 = s[16] ^ d6; - t1 = s[17] ^ d7; - bc8 = (t1 << 24) | (t0 >>> 8); - bc9 = (t0 << 24) | (t1 >>> 8); - t0 = s[48] ^ d8; - t1 = s[49] ^ d9; - bc0 = (t0 << 27) | (t1 >>> 5); - bc1 = (t1 << 27) | (t0 >>> 5); - s[20] = bc0 ^ (bc4 & ~bc2); - s[21] = bc1 ^ (bc5 & ~bc3); - s[2] = bc2 ^ (bc6 & ~bc4); - s[3] = bc3 ^ (bc7 & ~bc5); - s[34] = bc4 ^ (bc8 & ~bc6); - s[35] = bc5 ^ (bc9 & ~bc7); - s[16] = bc6 ^ (bc0 & ~bc8); - s[17] = bc7 ^ (bc1 & ~bc9); - s[48] = bc8 ^ (bc2 & ~bc0); - s[49] = bc9 ^ (bc3 & ~bc1); - - t0 = s[10] ^ d0; - t1 = s[11] ^ d1; - bc6 = (t1 << 9) | (t0 >>> 23); - bc7 = (t0 << 9) | (t1 >>> 23); - t0 = s[42] ^ d2; - t1 = s[43] ^ d3; - bc8 = (t0 << 2) | (t1 >>> 30); - bc9 = (t1 << 2) | (t0 >>> 30); - t0 = s[24] ^ d4; - t1 = s[25] ^ d5; - bc0 = (t1 << 30) | (t0 >>> 2); - bc1 = (t0 << 30) | (t1 >>> 2); - t0 = s[6] ^ d6; - t1 = s[7] ^ d7; - bc2 = (t1 << 23) | (t0 >>> 9); - bc3 = (t0 << 23) | (t1 >>> 9); - t0 = s[38] ^ d8; - t1 = s[39] ^ d9; - bc4 = (t1 << 7) | (t0 >>> 25); - bc5 = (t0 << 7) | (t1 >>> 25); - s[10] = bc0 ^ (bc4 & ~bc2); - s[11] = bc1 ^ (bc5 & ~bc3); - s[42] = bc2 ^ (bc6 & ~bc4); - s[43] = bc3 ^ (bc7 & ~bc5); - s[24] = bc4 ^ (bc8 & ~bc6); - s[25] = bc5 ^ (bc9 & ~bc7); - s[6] = bc6 ^ (bc0 & ~bc8); - s[7] = bc7 ^ (bc1 & ~bc9); - s[38] = bc8 ^ (bc2 & ~bc0); - s[39] = bc9 ^ (bc3 & ~bc1); - - // Round 3 - bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40]; - bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41]; - bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42]; - bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43]; - bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44]; - bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45]; - bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46]; - bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47]; - bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48]; - bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49]; - - d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31)); - d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31)); - d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31)); - d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31)); - d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31)); - d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31)); - d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31)); - d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31)); - d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31)); - d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31)); - - bc0 = s[0] ^ d0; - bc1 = s[1] ^ d1; - t0 = s[22] ^ d2; - t1 = s[23] ^ d3; - bc2 = (t1 << 12) | (t0 >>> 20); - bc3 = (t0 << 12) | (t1 >>> 20); - t0 = s[44] ^ d4; - t1 = s[45] ^ d5; - bc4 = (t1 << 11) | (t0 >>> 21); - bc5 = (t0 << 11) | (t1 >>> 21); - t0 = s[16] ^ d6; - t1 = s[17] ^ d7; - bc6 = (t0 << 21) | (t1 >>> 11); - bc7 = (t1 << 21) | (t0 >>> 11); - t0 = s[38] ^ d8; - t1 = s[39] ^ d9; - bc8 = (t0 << 14) | (t1 >>> 18); - bc9 = (t1 << 14) | (t0 >>> 18); - s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 4]; - s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 5]; - s[22] = bc2 ^ (bc6 & ~bc4); - s[23] = bc3 ^ (bc7 & ~bc5); - s[44] = bc4 ^ (bc8 & ~bc6); - s[45] = bc5 ^ (bc9 & ~bc7); - s[16] = bc6 ^ (bc0 & ~bc8); - s[17] = bc7 ^ (bc1 & ~bc9); - s[38] = bc8 ^ (bc2 & ~bc0); - s[39] = bc9 ^ (bc3 & ~bc1); - - t0 = s[30] ^ d0; - t1 = s[31] ^ d1; - bc4 = (t0 << 3) | (t1 >>> 29); - bc5 = (t1 << 3) | (t0 >>> 29); - t0 = s[2] ^ d2; - t1 = s[3] ^ d3; - bc6 = (t1 << 13) | (t0 >>> 19); - bc7 = (t0 << 13) | (t1 >>> 19); - t0 = s[24] ^ d4; - t1 = s[25] ^ d5; - bc8 = (t1 << 29) | (t0 >>> 3); - bc9 = (t0 << 29) | (t1 >>> 3); - t0 = s[46] ^ d6; - t1 = s[47] ^ d7; - bc0 = (t0 << 28) | (t1 >>> 4); - bc1 = (t1 << 28) | (t0 >>> 4); - t0 = s[18] ^ d8; - t1 = s[19] ^ d9; - bc2 = (t0 << 20) | (t1 >>> 12); - bc3 = (t1 << 20) | (t0 >>> 12); - s[30] = bc0 ^ (bc4 & ~bc2); - s[31] = bc1 ^ (bc5 & ~bc3); - s[2] = bc2 ^ (bc6 & ~bc4); - s[3] = bc3 ^ (bc7 & ~bc5); - s[24] = bc4 ^ (bc8 & ~bc6); - s[25] = bc5 ^ (bc9 & ~bc7); - s[46] = bc6 ^ (bc0 & ~bc8); - s[47] = bc7 ^ (bc1 & ~bc9); - s[18] = bc8 ^ (bc2 & ~bc0); - s[19] = bc9 ^ (bc3 & ~bc1); - - t0 = s[10] ^ d0; - t1 = s[11] ^ d1; - bc8 = (t0 << 18) | (t1 >>> 14); - bc9 = (t1 << 18) | (t0 >>> 14); - t0 = s[32] ^ d2; - t1 = s[33] ^ d3; - bc0 = (t0 << 1) | (t1 >>> 31); - bc1 = (t1 << 1) | (t0 >>> 31); - t0 = s[4] ^ d4; - t1 = s[5] ^ d5; - bc2 = (t0 << 6) | (t1 >>> 26); - bc3 = (t1 << 6) | (t0 >>> 26); - t0 = s[26] ^ d6; - t1 = s[27] ^ d7; - bc4 = (t0 << 25) | (t1 >>> 7); - bc5 = (t1 << 25) | (t0 >>> 7); - t0 = s[48] ^ d8; - t1 = s[49] ^ d9; - bc6 = (t0 << 8) | (t1 >>> 24); - bc7 = (t1 << 8) | (t0 >>> 24); - s[10] = bc0 ^ (bc4 & ~bc2); - s[11] = bc1 ^ (bc5 & ~bc3); - s[32] = bc2 ^ (bc6 & ~bc4); - s[33] = bc3 ^ (bc7 & ~bc5); - s[4] = bc4 ^ (bc8 & ~bc6); - s[5] = bc5 ^ (bc9 & ~bc7); - s[26] = bc6 ^ (bc0 & ~bc8); - s[27] = bc7 ^ (bc1 & ~bc9); - s[48] = bc8 ^ (bc2 & ~bc0); - s[49] = bc9 ^ (bc3 & ~bc1); - - t0 = s[40] ^ d0; - t1 = s[41] ^ d1; - bc2 = (t1 << 4) | (t0 >>> 28); - bc3 = (t0 << 4) | (t1 >>> 28); - t0 = s[12] ^ d2; - t1 = s[13] ^ d3; - bc4 = (t0 << 10) | (t1 >>> 22); - bc5 = (t1 << 10) | (t0 >>> 22); - t0 = s[34] ^ d4; - t1 = s[35] ^ d5; - bc6 = (t0 << 15) | (t1 >>> 17); - bc7 = (t1 << 15) | (t0 >>> 17); - t0 = s[6] ^ d6; - t1 = s[7] ^ d7; - bc8 = (t1 << 24) | (t0 >>> 8); - bc9 = (t0 << 24) | (t1 >>> 8); - t0 = s[28] ^ d8; - t1 = s[29] ^ d9; - bc0 = (t0 << 27) | (t1 >>> 5); - bc1 = (t1 << 27) | (t0 >>> 5); - s[40] = bc0 ^ (bc4 & ~bc2); - s[41] = bc1 ^ (bc5 & ~bc3); - s[12] = bc2 ^ (bc6 & ~bc4); - s[13] = bc3 ^ (bc7 & ~bc5); - s[34] = bc4 ^ (bc8 & ~bc6); - s[35] = bc5 ^ (bc9 & ~bc7); - s[6] = bc6 ^ (bc0 & ~bc8); - s[7] = bc7 ^ (bc1 & ~bc9); - s[28] = bc8 ^ (bc2 & ~bc0); - s[29] = bc9 ^ (bc3 & ~bc1); - - t0 = s[20] ^ d0; - t1 = s[21] ^ d1; - bc6 = (t1 << 9) | (t0 >>> 23); - bc7 = (t0 << 9) | (t1 >>> 23); - t0 = s[42] ^ d2; - t1 = s[43] ^ d3; - bc8 = (t0 << 2) | (t1 >>> 30); - bc9 = (t1 << 2) | (t0 >>> 30); - t0 = s[14] ^ d4; - t1 = s[15] ^ d5; - bc0 = (t1 << 30) | (t0 >>> 2); - bc1 = (t0 << 30) | (t1 >>> 2); - t0 = s[36] ^ d6; - t1 = s[37] ^ d7; - bc2 = (t1 << 23) | (t0 >>> 9); - bc3 = (t0 << 23) | (t1 >>> 9); - t0 = s[8] ^ d8; - t1 = s[9] ^ d9; - bc4 = (t1 << 7) | (t0 >>> 25); - bc5 = (t0 << 7) | (t1 >>> 25); - s[20] = bc0 ^ (bc4 & ~bc2); - s[21] = bc1 ^ (bc5 & ~bc3); - s[42] = bc2 ^ (bc6 & ~bc4); - s[43] = bc3 ^ (bc7 & ~bc5); - s[14] = bc4 ^ (bc8 & ~bc6); - s[15] = bc5 ^ (bc9 & ~bc7); - s[36] = bc6 ^ (bc0 & ~bc8); - s[37] = bc7 ^ (bc1 & ~bc9); - s[8] = bc8 ^ (bc2 & ~bc0); - s[9] = bc9 ^ (bc3 & ~bc1); - - // Round 4 - bc0 = s[0] ^ s[10] ^ s[20] ^ s[30] ^ s[40]; - bc1 = s[1] ^ s[11] ^ s[21] ^ s[31] ^ s[41]; - bc2 = s[2] ^ s[12] ^ s[22] ^ s[32] ^ s[42]; - bc3 = s[3] ^ s[13] ^ s[23] ^ s[33] ^ s[43]; - bc4 = s[4] ^ s[14] ^ s[24] ^ s[34] ^ s[44]; - bc5 = s[5] ^ s[15] ^ s[25] ^ s[35] ^ s[45]; - bc6 = s[6] ^ s[16] ^ s[26] ^ s[36] ^ s[46]; - bc7 = s[7] ^ s[17] ^ s[27] ^ s[37] ^ s[47]; - bc8 = s[8] ^ s[18] ^ s[28] ^ s[38] ^ s[48]; - bc9 = s[9] ^ s[19] ^ s[29] ^ s[39] ^ s[49]; - - d0 = bc8 ^ ((bc2 << 1) | (bc3 >>> 31)); - d1 = bc9 ^ ((bc3 << 1) | (bc2 >>> 31)); - d2 = bc0 ^ ((bc4 << 1) | (bc5 >>> 31)); - d3 = bc1 ^ ((bc5 << 1) | (bc4 >>> 31)); - d4 = bc2 ^ ((bc6 << 1) | (bc7 >>> 31)); - d5 = bc3 ^ ((bc7 << 1) | (bc6 >>> 31)); - d6 = bc4 ^ ((bc8 << 1) | (bc9 >>> 31)); - d7 = bc5 ^ ((bc9 << 1) | (bc8 >>> 31)); - d8 = bc6 ^ ((bc0 << 1) | (bc1 >>> 31)); - d9 = bc7 ^ ((bc1 << 1) | (bc0 >>> 31)); - - bc0 = s[0] ^ d0; - bc1 = s[1] ^ d1; - t0 = s[2] ^ d2; - t1 = s[3] ^ d3; - bc2 = (t1 << 12) | (t0 >>> 20); - bc3 = (t0 << 12) | (t1 >>> 20); - t0 = s[4] ^ d4; - t1 = s[5] ^ d5; - bc4 = (t1 << 11) | (t0 >>> 21); - bc5 = (t0 << 11) | (t1 >>> 21); - t0 = s[6] ^ d6; - t1 = s[7] ^ d7; - bc6 = (t0 << 21) | (t1 >>> 11); - bc7 = (t1 << 21) | (t0 >>> 11); - t0 = s[8] ^ d8; - t1 = s[9] ^ d9; - bc8 = (t0 << 14) | (t1 >>> 18); - bc9 = (t1 << 14) | (t0 >>> 18); - s[0] = bc0 ^ (bc4 & ~bc2) ^ KECCAK_RC[n + 6]; - s[1] = bc1 ^ (bc5 & ~bc3) ^ KECCAK_RC[n + 7]; - s[2] = bc2 ^ (bc6 & ~bc4); - s[3] = bc3 ^ (bc7 & ~bc5); - s[4] = bc4 ^ (bc8 & ~bc6); - s[5] = bc5 ^ (bc9 & ~bc7); - s[6] = bc6 ^ (bc0 & ~bc8); - s[7] = bc7 ^ (bc1 & ~bc9); - s[8] = bc8 ^ (bc2 & ~bc0); - s[9] = bc9 ^ (bc3 & ~bc1); - - t0 = s[10] ^ d0; - t1 = s[11] ^ d1; - bc4 = (t0 << 3) | (t1 >>> 29); - bc5 = (t1 << 3) | (t0 >>> 29); - t0 = s[12] ^ d2; - t1 = s[13] ^ d3; - bc6 = (t1 << 13) | (t0 >>> 19); - bc7 = (t0 << 13) | (t1 >>> 19); - t0 = s[14] ^ d4; - t1 = s[15] ^ d5; - bc8 = (t1 << 29) | (t0 >>> 3); - bc9 = (t0 << 29) | (t1 >>> 3); - t0 = s[16] ^ d6; - t1 = s[17] ^ d7; - bc0 = (t0 << 28) | (t1 >>> 4); - bc1 = (t1 << 28) | (t0 >>> 4); - t0 = s[18] ^ d8; - t1 = s[19] ^ d9; - bc2 = (t0 << 20) | (t1 >>> 12); - bc3 = (t1 << 20) | (t0 >>> 12); - s[10] = bc0 ^ (bc4 & ~bc2); - s[11] = bc1 ^ (bc5 & ~bc3); - s[12] = bc2 ^ (bc6 & ~bc4); - s[13] = bc3 ^ (bc7 & ~bc5); - s[14] = bc4 ^ (bc8 & ~bc6); - s[15] = bc5 ^ (bc9 & ~bc7); - s[16] = bc6 ^ (bc0 & ~bc8); - s[17] = bc7 ^ (bc1 & ~bc9); - s[18] = bc8 ^ (bc2 & ~bc0); - s[19] = bc9 ^ (bc3 & ~bc1); - - t0 = s[20] ^ d0; - t1 = s[21] ^ d1; - bc8 = (t0 << 18) | (t1 >>> 14); - bc9 = (t1 << 18) | (t0 >>> 14); - t0 = s[22] ^ d2; - t1 = s[23] ^ d3; - bc0 = (t0 << 1) | (t1 >>> 31); - bc1 = (t1 << 1) | (t0 >>> 31); - t0 = s[24] ^ d4; - t1 = s[25] ^ d5; - bc2 = (t0 << 6) | (t1 >>> 26); - bc3 = (t1 << 6) | (t0 >>> 26); - t0 = s[26] ^ d6; - t1 = s[27] ^ d7; - bc4 = (t0 << 25) | (t1 >>> 7); - bc5 = (t1 << 25) | (t0 >>> 7); - t0 = s[28] ^ d8; - t1 = s[29] ^ d9; - bc6 = (t0 << 8) | (t1 >>> 24); - bc7 = (t1 << 8) | (t0 >>> 24); - s[20] = bc0 ^ (bc4 & ~bc2); - s[21] = bc1 ^ (bc5 & ~bc3); - s[22] = bc2 ^ (bc6 & ~bc4); - s[23] = bc3 ^ (bc7 & ~bc5); - s[24] = bc4 ^ (bc8 & ~bc6); - s[25] = bc5 ^ (bc9 & ~bc7); - s[26] = bc6 ^ (bc0 & ~bc8); - s[27] = bc7 ^ (bc1 & ~bc9); - s[28] = bc8 ^ (bc2 & ~bc0); - s[29] = bc9 ^ (bc3 & ~bc1); - - t0 = s[30] ^ d0; - t1 = s[31] ^ d1; - bc2 = (t1 << 4) | (t0 >>> 28); - bc3 = (t0 << 4) | (t1 >>> 28); - t0 = s[32] ^ d2; - t1 = s[33] ^ d3; - bc4 = (t0 << 10) | (t1 >>> 22); - bc5 = (t1 << 10) | (t0 >>> 22); - t0 = s[34] ^ d4; - t1 = s[35] ^ d5; - bc6 = (t0 << 15) | (t1 >>> 17); - bc7 = (t1 << 15) | (t0 >>> 17); - t0 = s[36] ^ d6; - t1 = s[37] ^ d7; - bc8 = (t1 << 24) | (t0 >>> 8); - bc9 = (t0 << 24) | (t1 >>> 8); - t0 = s[38] ^ d8; - t1 = s[39] ^ d9; - bc0 = (t0 << 27) | (t1 >>> 5); - bc1 = (t1 << 27) | (t0 >>> 5); - s[30] = bc0 ^ (bc4 & ~bc2); - s[31] = bc1 ^ (bc5 & ~bc3); - s[32] = bc2 ^ (bc6 & ~bc4); - s[33] = bc3 ^ (bc7 & ~bc5); - s[34] = bc4 ^ (bc8 & ~bc6); - s[35] = bc5 ^ (bc9 & ~bc7); - s[36] = bc6 ^ (bc0 & ~bc8); - s[37] = bc7 ^ (bc1 & ~bc9); - s[38] = bc8 ^ (bc2 & ~bc0); - s[39] = bc9 ^ (bc3 & ~bc1); - - t0 = s[40] ^ d0; - t1 = s[41] ^ d1; - bc6 = (t1 << 9) | (t0 >>> 23); - bc7 = (t0 << 9) | (t1 >>> 23); - t0 = s[42] ^ d2; - t1 = s[43] ^ d3; - bc8 = (t0 << 2) | (t1 >>> 30); - bc9 = (t1 << 2) | (t0 >>> 30); - t0 = s[44] ^ d4; - t1 = s[45] ^ d5; - bc0 = (t1 << 30) | (t0 >>> 2); - bc1 = (t0 << 30) | (t1 >>> 2); - t0 = s[46] ^ d6; - t1 = s[47] ^ d7; - bc2 = (t1 << 23) | (t0 >>> 9); - bc3 = (t0 << 23) | (t1 >>> 9); - t0 = s[48] ^ d8; - t1 = s[49] ^ d9; - bc4 = (t1 << 7) | (t0 >>> 25); - bc5 = (t0 << 7) | (t1 >>> 25); - s[40] = bc0 ^ (bc4 & ~bc2); - s[41] = bc1 ^ (bc5 & ~bc3); - s[42] = bc2 ^ (bc6 & ~bc4); - s[43] = bc3 ^ (bc7 & ~bc5); - s[44] = bc4 ^ (bc8 & ~bc6); - s[45] = bc5 ^ (bc9 & ~bc7); - s[46] = bc6 ^ (bc0 & ~bc8); - s[47] = bc7 ^ (bc1 & ~bc9); - s[48] = bc8 ^ (bc2 & ~bc0); - s[49] = bc9 ^ (bc3 & ~bc1); - } -} diff --git a/std/hash/_sha3/sha3.ts b/std/hash/_sha3/sha3.ts deleted file mode 100644 index 2966ce2a4..000000000 --- a/std/hash/_sha3/sha3.ts +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. - -import { Sponge } from "./sponge.ts"; -import { keccakf } from "./keccakf.ts"; - -/** Sha3-224 hash */ -// deno-lint-ignore camelcase -export class Sha3_224 extends Sponge { - constructor() { - super({ - bitsize: 224, - rate: 144, - dsbyte: 6, - permutator: keccakf, - }); - } -} - -/** Sha3-256 hash */ -// deno-lint-ignore camelcase -export class Sha3_256 extends Sponge { - constructor() { - super({ - bitsize: 256, - rate: 136, - dsbyte: 6, - permutator: keccakf, - }); - } -} - -/** Sha3-384 hash */ -// deno-lint-ignore camelcase -export class Sha3_384 extends Sponge { - constructor() { - super({ - bitsize: 384, - rate: 104, - dsbyte: 6, - permutator: keccakf, - }); - } -} - -/** Sha3-512 hash */ -// deno-lint-ignore camelcase -export class Sha3_512 extends Sponge { - constructor() { - super({ - bitsize: 512, - rate: 72, - dsbyte: 6, - permutator: keccakf, - }); - } -} diff --git a/std/hash/_sha3/shake.ts b/std/hash/_sha3/shake.ts deleted file mode 100644 index 4fe24d7cf..000000000 --- a/std/hash/_sha3/shake.ts +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. - -import { Sponge } from "./sponge.ts"; -import { keccakf } from "./keccakf.ts"; - -/** Shake128 hash */ -export class Shake128 extends Sponge { - /** - * Instantiates a new Shake128 hash - * @param bitsize length of hash in bits - */ - constructor(bitsize: number) { - if (bitsize < 8) { - throw new Error("shake128: `bitsize` too small"); - } - - if (bitsize % 8 !== 0) { - throw new Error("shake128: `bitsize` must be multiple of 8"); - } - - super({ - bitsize: bitsize, - rate: 168, - dsbyte: 0x1f, - permutator: keccakf, - }); - } -} - -/** - * Instantiates a new Shake256 hash - * @param bitsize length of hash in bits - */ -export class Shake256 extends Sponge { - constructor(bitsize: number) { - if (bitsize < 8) { - throw new Error("shake256: `bitsize` too small"); - } - - if (bitsize % 8 !== 0) { - throw new Error("shake256: `bitsize` must be multiple of 8"); - } - - super({ - bitsize: bitsize, - rate: 136, - dsbyte: 0x1f, - permutator: keccakf, - }); - } -} diff --git a/std/hash/_sha3/sponge.ts b/std/hash/_sha3/sponge.ts deleted file mode 100644 index 9ad67ca07..000000000 --- a/std/hash/_sha3/sponge.ts +++ /dev/null @@ -1,111 +0,0 @@ -// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. - -import * as hex from "../../encoding/hex.ts"; - -type SpongePermutator = (data: Uint8Array) => void; - -/** Sponge construction option */ -export interface SpongeOption { - bitsize: number; - rate: number; - dsbyte: number; - permutator: SpongePermutator; -} - -export type Message = string | ArrayBuffer; - -const STATE_SIZE = 200; -const TYPE_ERROR_MSG = "sha3: `data` is invalid type"; - -/** Sponge construction */ -export class Sponge { - #option: SpongeOption; - #state: Uint8Array; - #rp: number; - #absorbing: boolean; - - constructor(option: SpongeOption) { - this.#option = option; - this.#state = new Uint8Array(STATE_SIZE); - this.#rp = 0; - this.#absorbing = true; - } - - /** Applies padding to internal state */ - private pad(): void { - this.#state[this.#rp] ^= this.#option.dsbyte; - this.#state[this.#option.rate - 1] ^= 0x80; - } - - /** Squeezes internal state */ - protected squeeze(length: number): Uint8Array { - if (length < 0) { - throw new Error("sha3: length cannot be negative"); - } - - this.pad(); - - const hash = new Uint8Array(length); - let pos = 0; - while (length > 0) { - const r = length > this.#option.rate ? this.#option.rate : length; - this.#option.permutator(this.#state); - hash.set(this.#state.slice(0, r), pos); - length -= r; - pos += r; - } - - this.#absorbing = false; - return hash; - } - - /** Updates internal state by absorbing */ - update(data: Message): this { - if (!this.#absorbing) { - throw new Error("sha3: cannot update already finalized hash"); - } - - let msg: Uint8Array; - - if (typeof data === "string") { - msg = new TextEncoder().encode(data as string); - } else if (typeof data === "object") { - if (data instanceof ArrayBuffer || ArrayBuffer.isView(data)) { - msg = new Uint8Array(data); - } else { - throw new Error(TYPE_ERROR_MSG); - } - } else { - throw new Error(TYPE_ERROR_MSG); - } - - let rp = this.#rp; - - for (let i = 0; i < msg.length; ++i) { - this.#state[rp++] ^= msg[i]; - if (rp >= this.#option.rate) { - this.#option.permutator(this.#state); - rp = 0; - } - } - - this.#rp = rp; - return this; - } - - /** Returns the hash in ArrayBuffer */ - digest(): ArrayBuffer { - return this.squeeze(this.#option.bitsize >> 3); - } - - /** Returns the hash in given format */ - toString(format: "hex" = "hex"): string { - const rawOutput = this.squeeze(this.#option.bitsize >> 3); - switch (format) { - case "hex": - return hex.encodeToString(rawOutput); - default: - throw new Error("sha3: invalid output format"); - } - } -} |