diff --git a/sm3/gen_sm3block_ni.go b/internal/sm3/gen_sm3block_ni.go similarity index 100% rename from sm3/gen_sm3block_ni.go rename to internal/sm3/gen_sm3block_ni.go diff --git a/sm3/kdf_amd64.go b/internal/sm3/kdf_amd64.go similarity index 100% rename from sm3/kdf_amd64.go rename to internal/sm3/kdf_amd64.go diff --git a/sm3/kdf_arm64.go b/internal/sm3/kdf_arm64.go similarity index 100% rename from sm3/kdf_arm64.go rename to internal/sm3/kdf_arm64.go diff --git a/sm3/kdf_generic.go b/internal/sm3/kdf_generic.go similarity index 100% rename from sm3/kdf_generic.go rename to internal/sm3/kdf_generic.go diff --git a/sm3/kdf_mult4_asm.go b/internal/sm3/kdf_mult4_asm.go similarity index 100% rename from sm3/kdf_mult4_asm.go rename to internal/sm3/kdf_mult4_asm.go diff --git a/sm3/kdf_mult8_amd64.go b/internal/sm3/kdf_mult8_amd64.go similarity index 100% rename from sm3/kdf_mult8_amd64.go rename to internal/sm3/kdf_mult8_amd64.go diff --git a/sm3/kdf_ppc64x.go b/internal/sm3/kdf_ppc64x.go similarity index 100% rename from sm3/kdf_ppc64x.go rename to internal/sm3/kdf_ppc64x.go diff --git a/sm3/kdf_s390x.go b/internal/sm3/kdf_s390x.go similarity index 100% rename from sm3/kdf_s390x.go rename to internal/sm3/kdf_s390x.go diff --git a/internal/sm3/sm3.go b/internal/sm3/sm3.go new file mode 100644 index 0000000..bc90194 --- /dev/null +++ b/internal/sm3/sm3.go @@ -0,0 +1,223 @@ +// Package sm3 implements ShangMi(SM) sm3 hash algorithm. +package sm3 + +// [GM/T] SM3 GB/T 32905-2016 + +import ( + "errors" + "hash" + + "github.com/emmansun/gmsm/internal/byteorder" +) + +// Size the size of a SM3 checksum in bytes. +const Size = 32 + +// SizeBitSize the bit size of Size. +const SizeBitSize = 5 + +// BlockSize the blocksize of SM3 in bytes. +const BlockSize = 64 + +const ( + chunk = 64 + init0 = 0x7380166f + init1 = 0x4914b2b9 + init2 = 0x172442d7 + init3 = 0xda8a0600 + init4 = 0xa96f30bc + init5 = 0x163138aa + init6 = 0xe38dee4d + init7 = 0xb0fb0e4e +) + +// digest represents the partial evaluation of a checksum. +type digest struct { + h [8]uint32 + x [chunk]byte + nx int + len uint64 +} + +const ( + magic = "sm3\x03" + marshaledSize = len(magic) + 8*4 + chunk + 8 +) + +func (d *digest) MarshalBinary() ([]byte, error) { + return d.AppendBinary(make([]byte, 0, marshaledSize)) +} + +func (d *digest) AppendBinary(b []byte) ([]byte, error) { + b = append(b, magic...) + b = byteorder.BEAppendUint32(b, d.h[0]) + b = byteorder.BEAppendUint32(b, d.h[1]) + b = byteorder.BEAppendUint32(b, d.h[2]) + b = byteorder.BEAppendUint32(b, d.h[3]) + b = byteorder.BEAppendUint32(b, d.h[4]) + b = byteorder.BEAppendUint32(b, d.h[5]) + b = byteorder.BEAppendUint32(b, d.h[6]) + b = byteorder.BEAppendUint32(b, d.h[7]) + b = append(b, d.x[:d.nx]...) + b = append(b, make([]byte, len(d.x)-d.nx)...) + b = byteorder.BEAppendUint64(b, d.len) + return b, nil +} + +func (d *digest) UnmarshalBinary(b []byte) error { + if len(b) < len(magic) || (string(b[:len(magic)]) != magic) { + return errors.New("sm3: invalid hash state identifier") + } + if len(b) != marshaledSize { + return errors.New("sm3: invalid hash state size") + } + b = b[len(magic):] + b, d.h[0] = consumeUint32(b) + b, d.h[1] = consumeUint32(b) + b, d.h[2] = consumeUint32(b) + b, d.h[3] = consumeUint32(b) + b, d.h[4] = consumeUint32(b) + b, d.h[5] = consumeUint32(b) + b, d.h[6] = consumeUint32(b) + b, d.h[7] = consumeUint32(b) + b = b[copy(d.x[:], b):] + b, d.len = consumeUint64(b) + d.nx = int(d.len % chunk) + return nil +} + +func consumeUint64(b []byte) ([]byte, uint64) { + return b[8:], byteorder.BEUint64(b) +} + +func consumeUint32(b []byte) ([]byte, uint32) { + return b[4:], byteorder.BEUint32(b) +} + +// New returns a new hash.Hash computing the SM3 checksum. The Hash +// also implements encoding.BinaryMarshaler and +// encoding.BinaryUnmarshaler to marshal and unmarshal the internal +// state of the hash. +func New() hash.Hash { + d := new(digest) + d.Reset() + return d +} + +// Sum appends the current hash to in and returns the resulting slice. +// It does not change the underlying hash state. +func (d *digest) Sum(in []byte) []byte { + // Make a copy of d so that caller can keep writing and summing. + d0 := *d + hash := d0.checkSum() + return append(in, hash[:]...) +} + +func (d *digest) checkSum() [Size]byte { + len := d.len + // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. + var tmp [64 + 8]byte // padding + length buffer + tmp[0] = 0x80 + var t uint64 + if len%64 < 56 { + t = 56 - len%64 + } else { + t = 64 + 56 - len%64 + } + // Length in bits. + len <<= 3 + padlen := tmp[:t+8] + byteorder.BEPutUint64(padlen[t:], len) + d.Write(padlen) + + if d.nx != 0 { + panic("d.nx != 0") + } + + var digest [Size]byte + + byteorder.BEPutUint32(digest[0:], d.h[0]) + byteorder.BEPutUint32(digest[4:], d.h[1]) + byteorder.BEPutUint32(digest[8:], d.h[2]) + byteorder.BEPutUint32(digest[12:], d.h[3]) + byteorder.BEPutUint32(digest[16:], d.h[4]) + byteorder.BEPutUint32(digest[20:], d.h[5]) + byteorder.BEPutUint32(digest[24:], d.h[6]) + byteorder.BEPutUint32(digest[28:], d.h[7]) + + return digest +} + +func (d *digest) Write(p []byte) (nn int, err error) { + nn = len(p) + d.len += uint64(nn) + if d.nx > 0 { + n := copy(d.x[d.nx:], p) + d.nx += n + if d.nx == chunk { + block(d, d.x[:]) + d.nx = 0 + } + p = p[n:] + } + if len(p) >= chunk { + n := len(p) &^ (chunk - 1) + block(d, p[:n]) + p = p[n:] + } + if len(p) > 0 { + d.nx = copy(d.x[:], p) + } + return +} + +func (d *digest) Size() int { + return Size +} + +func (d *digest) BlockSize() int { return BlockSize } + +// Reset resets the Hash to its initial state. +func (d *digest) Reset() { + d.h[0] = init0 + d.h[1] = init1 + d.h[2] = init2 + d.h[3] = init3 + d.h[4] = init4 + d.h[5] = init5 + d.h[6] = init6 + d.h[7] = init7 + d.nx = 0 + d.len = 0 +} + +// Kdf key derivation function using SM3, compliance with GB/T 32918.4-2016 5.4.3. +func (baseMD *digest) Kdf(z []byte, keyLen int) []byte { + limit := uint64(keyLen+Size-1) / uint64(Size) + if limit >= uint64(1<<32)-1 { + panic("sm3: key length too long") + } + baseMD.Reset() + baseMD.Write(z) + return kdf(baseMD, keyLen, int(limit)) +} + +func kdfGeneric(baseMD *digest, keyLen int, limit int) []byte { + var countBytes [4]byte + var ct uint32 = 1 + k := make([]byte, keyLen) + for i := 0; i < limit; i++ { + byteorder.BEPutUint32(countBytes[:], ct) + md := *baseMD + md.Write(countBytes[:]) + h := md.checkSum() + copy(k[i*Size:], h[:]) + ct++ + } + return k +} + +func Kdf(z []byte, keyLen int) []byte { + baseMD := new(digest) + return baseMD.Kdf(z, keyLen) +} diff --git a/sm3/sm3_const_asm.s b/internal/sm3/sm3_const_asm.s similarity index 100% rename from sm3/sm3_const_asm.s rename to internal/sm3/sm3_const_asm.s diff --git a/sm3/sm3block.go b/internal/sm3/sm3block.go similarity index 100% rename from sm3/sm3block.go rename to internal/sm3/sm3block.go diff --git a/sm3/sm3block_amd64.go b/internal/sm3/sm3block_amd64.go similarity index 100% rename from sm3/sm3block_amd64.go rename to internal/sm3/sm3block_amd64.go diff --git a/sm3/sm3block_amd64.s b/internal/sm3/sm3block_amd64.s similarity index 100% rename from sm3/sm3block_amd64.s rename to internal/sm3/sm3block_amd64.s diff --git a/sm3/sm3block_arm64.go b/internal/sm3/sm3block_arm64.go similarity index 100% rename from sm3/sm3block_arm64.go rename to internal/sm3/sm3block_arm64.go diff --git a/sm3/sm3block_arm64.s b/internal/sm3/sm3block_arm64.s similarity index 100% rename from sm3/sm3block_arm64.s rename to internal/sm3/sm3block_arm64.s diff --git a/sm3/sm3block_avx2_amd64.s b/internal/sm3/sm3block_avx2_amd64.s similarity index 100% rename from sm3/sm3block_avx2_amd64.s rename to internal/sm3/sm3block_avx2_amd64.s diff --git a/sm3/sm3block_generic.go b/internal/sm3/sm3block_generic.go similarity index 100% rename from sm3/sm3block_generic.go rename to internal/sm3/sm3block_generic.go diff --git a/sm3/sm3block_ppc64x.go b/internal/sm3/sm3block_ppc64x.go similarity index 100% rename from sm3/sm3block_ppc64x.go rename to internal/sm3/sm3block_ppc64x.go diff --git a/sm3/sm3block_ppc64x.s b/internal/sm3/sm3block_ppc64x.s similarity index 100% rename from sm3/sm3block_ppc64x.s rename to internal/sm3/sm3block_ppc64x.s diff --git a/sm3/sm3block_s390x.go b/internal/sm3/sm3block_s390x.go similarity index 100% rename from sm3/sm3block_s390x.go rename to internal/sm3/sm3block_s390x.go diff --git a/sm3/sm3block_s390x.s b/internal/sm3/sm3block_s390x.s similarity index 100% rename from sm3/sm3block_s390x.s rename to internal/sm3/sm3block_s390x.s diff --git a/sm3/sm3block_simd_amd64.s b/internal/sm3/sm3block_simd_amd64.s similarity index 100% rename from sm3/sm3block_simd_amd64.s rename to internal/sm3/sm3block_simd_amd64.s diff --git a/sm3/sm3blockni_arm64.s b/internal/sm3/sm3blockni_arm64.s similarity index 100% rename from sm3/sm3blockni_arm64.s rename to internal/sm3/sm3blockni_arm64.s diff --git a/sm3/sm3blocks_arm64.s b/internal/sm3/sm3blocks_arm64.s similarity index 100% rename from sm3/sm3blocks_arm64.s rename to internal/sm3/sm3blocks_arm64.s diff --git a/sm3/sm3blocks_avx2_amd64.s b/internal/sm3/sm3blocks_avx2_amd64.s similarity index 100% rename from sm3/sm3blocks_avx2_amd64.s rename to internal/sm3/sm3blocks_avx2_amd64.s diff --git a/sm3/sm3blocks_avx2_test.go b/internal/sm3/sm3blocks_avx2_test.go similarity index 100% rename from sm3/sm3blocks_avx2_test.go rename to internal/sm3/sm3blocks_avx2_test.go diff --git a/sm3/sm3blocks_ppc64x.s b/internal/sm3/sm3blocks_ppc64x.s similarity index 100% rename from sm3/sm3blocks_ppc64x.s rename to internal/sm3/sm3blocks_ppc64x.s diff --git a/sm3/sm3blocks_s390x.s b/internal/sm3/sm3blocks_s390x.s similarity index 100% rename from sm3/sm3blocks_s390x.s rename to internal/sm3/sm3blocks_s390x.s diff --git a/sm3/sm3blocks_simd_amd64.s b/internal/sm3/sm3blocks_simd_amd64.s similarity index 100% rename from sm3/sm3blocks_simd_amd64.s rename to internal/sm3/sm3blocks_simd_amd64.s diff --git a/sm3/sm3blocks_test.go b/internal/sm3/sm3blocks_test.go similarity index 100% rename from sm3/sm3blocks_test.go rename to internal/sm3/sm3blocks_test.go diff --git a/sm3/sm3.go b/sm3/sm3.go index e221784..445fee0 100644 --- a/sm3/sm3.go +++ b/sm3/sm3.go @@ -4,228 +4,34 @@ package sm3 // [GM/T] SM3 GB/T 32905-2016 import ( - "errors" "hash" - "github.com/emmansun/gmsm/internal/byteorder" + "github.com/emmansun/gmsm/internal/sm3" ) // Size the size of a SM3 checksum in bytes. const Size = 32 -// SizeBitSize the bit size of Size. -const SizeBitSize = 5 - // BlockSize the blocksize of SM3 in bytes. const BlockSize = 64 -const ( - chunk = 64 - init0 = 0x7380166f - init1 = 0x4914b2b9 - init2 = 0x172442d7 - init3 = 0xda8a0600 - init4 = 0xa96f30bc - init5 = 0x163138aa - init6 = 0xe38dee4d - init7 = 0xb0fb0e4e -) - -// digest represents the partial evaluation of a checksum. -type digest struct { - h [8]uint32 - x [chunk]byte - nx int - len uint64 -} - -const ( - magic = "sm3\x03" - marshaledSize = len(magic) + 8*4 + chunk + 8 -) - -func (d *digest) MarshalBinary() ([]byte, error) { - return d.AppendBinary(make([]byte, 0, marshaledSize)) -} - -func (d *digest) AppendBinary(b []byte) ([]byte, error) { - b = append(b, magic...) - b = byteorder.BEAppendUint32(b, d.h[0]) - b = byteorder.BEAppendUint32(b, d.h[1]) - b = byteorder.BEAppendUint32(b, d.h[2]) - b = byteorder.BEAppendUint32(b, d.h[3]) - b = byteorder.BEAppendUint32(b, d.h[4]) - b = byteorder.BEAppendUint32(b, d.h[5]) - b = byteorder.BEAppendUint32(b, d.h[6]) - b = byteorder.BEAppendUint32(b, d.h[7]) - b = append(b, d.x[:d.nx]...) - b = append(b, make([]byte, len(d.x)-d.nx)...) - b = byteorder.BEAppendUint64(b, d.len) - return b, nil -} - -func (d *digest) UnmarshalBinary(b []byte) error { - if len(b) < len(magic) || (string(b[:len(magic)]) != magic) { - return errors.New("sm3: invalid hash state identifier") - } - if len(b) != marshaledSize { - return errors.New("sm3: invalid hash state size") - } - b = b[len(magic):] - b, d.h[0] = consumeUint32(b) - b, d.h[1] = consumeUint32(b) - b, d.h[2] = consumeUint32(b) - b, d.h[3] = consumeUint32(b) - b, d.h[4] = consumeUint32(b) - b, d.h[5] = consumeUint32(b) - b, d.h[6] = consumeUint32(b) - b, d.h[7] = consumeUint32(b) - b = b[copy(d.x[:], b):] - b, d.len = consumeUint64(b) - d.nx = int(d.len % chunk) - return nil -} - -func consumeUint64(b []byte) ([]byte, uint64) { - return b[8:], byteorder.BEUint64(b) -} - -func consumeUint32(b []byte) ([]byte, uint32) { - return b[4:], byteorder.BEUint32(b) -} - // New returns a new hash.Hash computing the SM3 checksum. The Hash // also implements encoding.BinaryMarshaler and // encoding.BinaryUnmarshaler to marshal and unmarshal the internal // state of the hash. func New() hash.Hash { - d := new(digest) - d.Reset() - return d -} - -// Sum appends the current hash to in and returns the resulting slice. -// It does not change the underlying hash state. -func (d *digest) Sum(in []byte) []byte { - // Make a copy of d so that caller can keep writing and summing. - d0 := *d - hash := d0.checkSum() - return append(in, hash[:]...) -} - -func (d *digest) checkSum() [Size]byte { - len := d.len - // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. - var tmp [64 + 8]byte // padding + length buffer - tmp[0] = 0x80 - var t uint64 - if len%64 < 56 { - t = 56 - len%64 - } else { - t = 64 + 56 - len%64 - } - // Length in bits. - len <<= 3 - padlen := tmp[:t+8] - byteorder.BEPutUint64(padlen[t:], len) - d.Write(padlen) - - if d.nx != 0 { - panic("d.nx != 0") - } - - var digest [Size]byte - - byteorder.BEPutUint32(digest[0:], d.h[0]) - byteorder.BEPutUint32(digest[4:], d.h[1]) - byteorder.BEPutUint32(digest[8:], d.h[2]) - byteorder.BEPutUint32(digest[12:], d.h[3]) - byteorder.BEPutUint32(digest[16:], d.h[4]) - byteorder.BEPutUint32(digest[20:], d.h[5]) - byteorder.BEPutUint32(digest[24:], d.h[6]) - byteorder.BEPutUint32(digest[28:], d.h[7]) - - return digest -} - -func (d *digest) Write(p []byte) (nn int, err error) { - nn = len(p) - d.len += uint64(nn) - if d.nx > 0 { - n := copy(d.x[d.nx:], p) - d.nx += n - if d.nx == chunk { - block(d, d.x[:]) - d.nx = 0 - } - p = p[n:] - } - if len(p) >= chunk { - n := len(p) &^ (chunk - 1) - block(d, p[:n]) - p = p[n:] - } - if len(p) > 0 { - d.nx = copy(d.x[:], p) - } - return -} - -func (d *digest) Size() int { - return Size -} - -func (d *digest) BlockSize() int { return BlockSize } - -// Reset resets the Hash to its initial state. -func (d *digest) Reset() { - d.h[0] = init0 - d.h[1] = init1 - d.h[2] = init2 - d.h[3] = init3 - d.h[4] = init4 - d.h[5] = init5 - d.h[6] = init6 - d.h[7] = init7 - d.nx = 0 - d.len = 0 + return sm3.New() } // Sum returns the SM3 checksum of the data. func Sum(data []byte) [Size]byte { - var d digest - d.Reset() - d.Write(data) - return d.checkSum() -} - -// Kdf key derivation function using SM3, compliance with GB/T 32918.4-2016 5.4.3. -func (baseMD *digest) Kdf(z []byte, keyLen int) []byte { - limit := uint64(keyLen+Size-1) / uint64(Size) - if limit >= uint64(1<<32)-1 { - panic("sm3: key length too long") - } - baseMD.Reset() - baseMD.Write(z) - return kdf(baseMD, keyLen, int(limit)) -} - -func kdfGeneric(baseMD *digest, keyLen int, limit int) []byte { - var countBytes [4]byte - var ct uint32 = 1 - k := make([]byte, keyLen) - for i := 0; i < limit; i++ { - byteorder.BEPutUint32(countBytes[:], ct) - md := *baseMD - md.Write(countBytes[:]) - h := md.checkSum() - copy(k[i*Size:], h[:]) - ct++ - } - return k + h := New() + h.Write(data) + var sum [Size]byte + h.Sum(sum[:0]) + return sum } func Kdf(z []byte, keyLen int) []byte { - baseMD := new(digest) - return baseMD.Kdf(z, keyLen) + return sm3.Kdf(z, keyLen) } diff --git a/sm3/sm3_test.go b/sm3/sm3_test.go index 3a30e71..f629aeb 100644 --- a/sm3/sm3_test.go +++ b/sm3/sm3_test.go @@ -2,7 +2,6 @@ package sm3 import ( "bytes" - "crypto/rand" "crypto/sha256" "encoding" "encoding/base64" @@ -14,8 +13,8 @@ import ( "reflect" "testing" - "github.com/emmansun/gmsm/internal/cryptotest" "github.com/emmansun/gmsm/internal/cpu" + "github.com/emmansun/gmsm/internal/cryptotest" ) type sm3Test struct { @@ -372,18 +371,6 @@ func TestBlockSize(t *testing.T) { fmt.Printf("ARM64 has sm3 %v, has sm4 %v, has aes %v\n", cpu.ARM64.HasSM3, cpu.ARM64.HasSM4, cpu.ARM64.HasAES) } -// Tests that blockGeneric (pure Go) and block (in assembly for some architectures) match. -func TestBlockGeneric(t *testing.T) { - gen, asm := New().(*digest), New().(*digest) - buf := make([]byte, BlockSize*20) // arbitrary factor - rand.Read(buf) - blockGeneric(gen, buf) - block(asm, buf) - if *gen != *asm { - t.Error("block and blockGeneric resulted in different states") - } -} - func TestAllocations(t *testing.T) { in := []byte("hello, world!") out := make([]byte, 0, Size) @@ -516,133 +503,3 @@ func BenchmarkKdfWithSM3(b *testing.B) { }) } } - -/* -func round1(a, b, c, d, e, f, g, h string, i int) { - fmt.Printf("//Round %d\n", i+1) - fmt.Printf("tt2 = bits.RotateLeft32(%s, 12)\n", a) - fmt.Printf("ss1 = bits.RotateLeft32(tt2+%s+_K[%d], 7)\n", e, i) - fmt.Printf("%s = %s ^ %s ^ %s + %s + (ss1 ^ tt2) + (w[%d] ^ w[%d])\n", d, a, b, c, d, i, i+4) - fmt.Printf("tt2 = %s ^ %s ^ %s + %s + ss1 + w[%d]\n", e, f, g, h, i) - fmt.Printf("%s = bits.RotateLeft32(%s, 9)\n", b, b) - fmt.Printf("%s = bits.RotateLeft32(%s, 19)\n", f, f) - fmt.Printf("%s = tt2 ^ bits.RotateLeft32(tt2, 9) ^ bits.RotateLeft32(tt2, 17)\n\n", h) -} - -func round2(a, b, c, d, e, f, g, h string, i int) { - fmt.Printf("//Round %d\n", i+1) - fmt.Printf("w[%d] = p1(w[%d]^w[%d]^bits.RotateLeft32(w[%d], 15)) ^ bits.RotateLeft32(w[%d], 7) ^ w[%d]\n", i+4, i-12, i-5, i+1, i-9, i-2) - fmt.Printf("tt2 = bits.RotateLeft32(%s, 12)\n", a) - fmt.Printf("ss1 = bits.RotateLeft32(tt2+%s+_K[%d], 7)\n", e, i) - fmt.Printf("%s = %s ^ %s ^ %s + %s + (ss1 ^ tt2) + (w[%d] ^ w[%d])\n", d, a, b, c, d, i, i+4) - fmt.Printf("tt2 = %s ^ %s ^ %s + %s + ss1 + w[%d]\n", e, f, g, h, i) - fmt.Printf("%s = bits.RotateLeft32(%s, 9)\n", b, b) - fmt.Printf("%s = bits.RotateLeft32(%s, 19)\n", f, f) - fmt.Printf("%s = tt2 ^ bits.RotateLeft32(tt2, 9) ^ bits.RotateLeft32(tt2, 17)\n\n", h) -} - -func round3(a, b, c, d, e, f, g, h string, i int) { - fmt.Printf("//Round %d\n", i+1) - fmt.Printf("w[%d] = p1(w[%d]^w[%d]^bits.RotateLeft32(w[%d], 15)) ^ bits.RotateLeft32(w[%d], 7) ^ w[%d]\n", i+4, i-12, i-5, i+1, i-9, i-2) - fmt.Printf("tt2 = bits.RotateLeft32(%s, 12)\n", a) - fmt.Printf("ss1 = bits.RotateLeft32(tt2+%s+_K[%d], 7)\n", e, i) - fmt.Printf("%s = %s&(%s|%s) | (%s & %s) + %s + (ss1 ^ tt2) + (w[%d] ^ w[%d])\n", d, a, b, c, b, c, d, i, i+4) - fmt.Printf("tt2 = (%s^%s)&%s ^ %s + %s + ss1 + w[%d]\n", f, g, e, g, h, i) - fmt.Printf("%s = bits.RotateLeft32(%s, 9)\n", b, b) - fmt.Printf("%s = bits.RotateLeft32(%s, 19)\n", f, f) - fmt.Printf("%s = tt2 ^ bits.RotateLeft32(tt2, 9) ^ bits.RotateLeft32(tt2, 17)\n\n", h) -} - -func TestGenerateBlock(t *testing.T) { - round1("a", "b", "c", "d", "e", "f", "g", "h", 0) - round1("d", "a", "b", "c", "h", "e", "f", "g", 1) - round1("c", "d", "a", "b", "g", "h", "e", "f", 2) - round1("b", "c", "d", "a", "f", "g", "h", "e", 3) - - round1("a", "b", "c", "d", "e", "f", "g", "h", 4) - round1("d", "a", "b", "c", "h", "e", "f", "g", 5) - round1("c", "d", "a", "b", "g", "h", "e", "f", 6) - round1("b", "c", "d", "a", "f", "g", "h", "e", 7) - - round1("a", "b", "c", "d", "e", "f", "g", "h", 8) - round1("d", "a", "b", "c", "h", "e", "f", "g", 9) - round1("c", "d", "a", "b", "g", "h", "e", "f", 10) - round1("b", "c", "d", "a", "f", "g", "h", "e", 11) - - round2("a", "b", "c", "d", "e", "f", "g", "h", 12) - round2("d", "a", "b", "c", "h", "e", "f", "g", 13) - round2("c", "d", "a", "b", "g", "h", "e", "f", 14) - round2("b", "c", "d", "a", "f", "g", "h", "e", 15) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 16) - round3("d", "a", "b", "c", "h", "e", "f", "g", 17) - round3("c", "d", "a", "b", "g", "h", "e", "f", 18) - round3("b", "c", "d", "a", "f", "g", "h", "e", 19) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 20) - round3("d", "a", "b", "c", "h", "e", "f", "g", 21) - round3("c", "d", "a", "b", "g", "h", "e", "f", 22) - round3("b", "c", "d", "a", "f", "g", "h", "e", 23) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 24) - round3("d", "a", "b", "c", "h", "e", "f", "g", 25) - round3("c", "d", "a", "b", "g", "h", "e", "f", 26) - round3("b", "c", "d", "a", "f", "g", "h", "e", 27) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 28) - round3("d", "a", "b", "c", "h", "e", "f", "g", 29) - round3("c", "d", "a", "b", "g", "h", "e", "f", 30) - round3("b", "c", "d", "a", "f", "g", "h", "e", 31) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 32) - round3("d", "a", "b", "c", "h", "e", "f", "g", 33) - round3("c", "d", "a", "b", "g", "h", "e", "f", 34) - round3("b", "c", "d", "a", "f", "g", "h", "e", 35) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 36) - round3("d", "a", "b", "c", "h", "e", "f", "g", 37) - round3("c", "d", "a", "b", "g", "h", "e", "f", 38) - round3("b", "c", "d", "a", "f", "g", "h", "e", 39) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 40) - round3("d", "a", "b", "c", "h", "e", "f", "g", 41) - round3("c", "d", "a", "b", "g", "h", "e", "f", 42) - round3("b", "c", "d", "a", "f", "g", "h", "e", 43) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 44) - round3("d", "a", "b", "c", "h", "e", "f", "g", 45) - round3("c", "d", "a", "b", "g", "h", "e", "f", 46) - round3("b", "c", "d", "a", "f", "g", "h", "e", 47) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 48) - round3("d", "a", "b", "c", "h", "e", "f", "g", 49) - round3("c", "d", "a", "b", "g", "h", "e", "f", 50) - round3("b", "c", "d", "a", "f", "g", "h", "e", 51) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 52) - round3("d", "a", "b", "c", "h", "e", "f", "g", 53) - round3("c", "d", "a", "b", "g", "h", "e", "f", 54) - round3("b", "c", "d", "a", "f", "g", "h", "e", 55) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 56) - round3("d", "a", "b", "c", "h", "e", "f", "g", 57) - round3("c", "d", "a", "b", "g", "h", "e", "f", 58) - round3("b", "c", "d", "a", "f", "g", "h", "e", 59) - - round3("a", "b", "c", "d", "e", "f", "g", "h", 60) - round3("d", "a", "b", "c", "h", "e", "f", "g", 61) - round3("c", "d", "a", "b", "g", "h", "e", "f", 62) - round3("b", "c", "d", "a", "f", "g", "h", "e", 63) -} - -func TestGenerateT(t *testing.T) { - for i := 0; i < 16; i++ { - fmt.Printf("0x%x, ", bits.RotateLeft32(_T0, i)) - } - fmt.Println() - for i := 16; i < 64; i++ { - fmt.Printf("0x%x, ", bits.RotateLeft32(_T1, i)) - } - fmt.Println() -} -*/