Source

sha3 / block.go

Full commit
// Copyright 2012 Eric Roshan-Eisner. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package sha3

var rndc = [24]uint64{
	0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
	0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
	0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
	0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
	0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
	0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
	0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
	0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
}

func block(st *[25]uint64) {
	var t, bc0, bc1, bc2, bc3, bc4 uint64
	for _, roundc := range rndc {
		// Theta
		bc0 = st[0] ^ st[5] ^ st[10] ^ st[15] ^ st[20]
		bc1 = st[1] ^ st[6] ^ st[11] ^ st[16] ^ st[21]
		bc2 = st[2] ^ st[7] ^ st[12] ^ st[17] ^ st[22]
		bc3 = st[3] ^ st[8] ^ st[13] ^ st[18] ^ st[23]
		bc4 = st[4] ^ st[9] ^ st[14] ^ st[19] ^ st[24]
		t = bc4 ^ (bc1<<1 | bc1>>63)
		st[0] ^= t
		st[5] ^= t
		st[10] ^= t
		st[15] ^= t
		st[20] ^= t
		t = bc0 ^ (bc2<<1 | bc2>>63)
		st[1] ^= t
		st[6] ^= t
		st[11] ^= t
		st[16] ^= t
		st[21] ^= t
		t = bc1 ^ (bc3<<1 | bc3>>63)
		st[2] ^= t
		st[7] ^= t
		st[12] ^= t
		st[17] ^= t
		st[22] ^= t
		t = bc2 ^ (bc4<<1 | bc4>>63)
		st[3] ^= t
		st[8] ^= t
		st[13] ^= t
		st[18] ^= t
		st[23] ^= t
		t = bc3 ^ (bc0<<1 | bc0>>63)
		st[4] ^= t
		st[9] ^= t
		st[14] ^= t
		st[19] ^= t
		st[24] ^= t

		// Rho Pi
		t = st[1]
		t, st[10] = st[10], t<<1|t>>(64-1)
		t, st[7] = st[7], t<<3|t>>(64-3)
		t, st[11] = st[11], t<<6|t>>(64-6)
		t, st[17] = st[17], t<<10|t>>(64-10)
		t, st[18] = st[18], t<<15|t>>(64-15)
		t, st[3] = st[3], t<<21|t>>(64-21)
		t, st[5] = st[5], t<<28|t>>(64-28)
		t, st[16] = st[16], t<<36|t>>(64-36)
		t, st[8] = st[8], t<<45|t>>(64-45)
		t, st[21] = st[21], t<<55|t>>(64-55)
		t, st[24] = st[24], t<<2|t>>(64-2)
		t, st[4] = st[4], t<<14|t>>(64-14)
		t, st[15] = st[15], t<<27|t>>(64-27)
		t, st[23] = st[23], t<<41|t>>(64-41)
		t, st[19] = st[19], t<<56|t>>(64-56)
		t, st[13] = st[13], t<<8|t>>(64-8)
		t, st[12] = st[12], t<<25|t>>(64-25)
		t, st[2] = st[2], t<<43|t>>(64-43)
		t, st[20] = st[20], t<<62|t>>(64-62)
		t, st[14] = st[14], t<<18|t>>(64-18)
		t, st[22] = st[22], t<<39|t>>(64-39)
		t, st[9] = st[9], t<<61|t>>(64-61)
		t, st[6] = st[6], t<<20|t>>(64-20)
		t, st[1] = st[1], t<<44|t>>(64-44)

		//  Chi
		bc0 = st[0]
		bc1 = st[1]
		bc2 = st[2]
		bc3 = st[3]
		bc4 = st[4]
		st[0] ^= bc2 &^ bc1
		st[1] ^= bc3 &^ bc2
		st[2] ^= bc4 &^ bc3
		st[3] ^= bc0 &^ bc4
		st[4] ^= bc1 &^ bc0
		bc0 = st[5]
		bc1 = st[6]
		bc2 = st[7]
		bc3 = st[8]
		bc4 = st[9]
		st[5] ^= bc2 &^ bc1
		st[6] ^= bc3 &^ bc2
		st[7] ^= bc4 &^ bc3
		st[8] ^= bc0 &^ bc4
		st[9] ^= bc1 &^ bc0
		bc0 = st[10]
		bc1 = st[11]
		bc2 = st[12]
		bc3 = st[13]
		bc4 = st[14]
		st[10] ^= bc2 &^ bc1
		st[11] ^= bc3 &^ bc2
		st[12] ^= bc4 &^ bc3
		st[13] ^= bc0 &^ bc4
		st[14] ^= bc1 &^ bc0
		bc0 = st[15]
		bc1 = st[16]
		bc2 = st[17]
		bc3 = st[18]
		bc4 = st[19]
		st[15] ^= bc2 &^ bc1
		st[16] ^= bc3 &^ bc2
		st[17] ^= bc4 &^ bc3
		st[18] ^= bc0 &^ bc4
		st[19] ^= bc1 &^ bc0
		bc0 = st[20]
		bc1 = st[21]
		bc2 = st[22]
		bc3 = st[23]
		bc4 = st[24]
		st[20] ^= bc2 &^ bc1
		st[21] ^= bc3 &^ bc2
		st[22] ^= bc4 &^ bc3
		st[23] ^= bc0 &^ bc4
		st[24] ^= bc1 &^ bc0

		//  Iota
		st[0] ^= roundc
	}
}