Expand description
Implementation of the SHA256 compression function without padding This this AIR doesn’t constrain any of the message padding
Structs§
- Sha256
Air - Expects the message to be padded to a multiple of 512 bits
- Sha256
Digest Cols - Sha256
Filler Helper - A helper struct for the SHA256 trace generation. Also, separates the inner AIR from the trace generation.
- Sha256
Flags Cols - Sha256
Message Helper Cols - These are the columns that are used to help with the message schedule additions Note: these need to be correctly assigned for every row even on padding rows
- Sha256
Message Schedule Cols - Sha256
Round Cols - In each SHA256 block:
- Sha256
Work Vars Cols
Constants§
- SHA256_
BLOCK_ BITS - Number of bits in a SHA256 block
- SHA256_
BLOCK_ U8S - Number of cells in a SHA256 block
- SHA256_
BLOCK_ WORDS - Number of words in a SHA256 block
- SHA256_
BUFFER_ SIZE - Size of the buffer of the first 4 rows of a block (each row’s size)
- SHA256_
DIGEST_ WIDTH - Width of the Sha256DigestCols
- SHA256_
H - SHA256 initial hash values
- SHA256_
HASH_ WORDS - Number of words in a SHA256 hash
- SHA256_
K - SHA256 constant K’s
- SHA256_
ROUNDS_ PER_ ROW - Number of rounds per row
- SHA256_
ROUND_ WIDTH - Width of the Sha256RoundCols
- SHA256_
ROWS_ PER_ BLOCK - Number of rows per block
- SHA256_
ROW_ VAR_ CNT - Number of vars needed to encode the row index with Encoder
- SHA256_
WIDTH - Width of the Sha256Cols
- SHA256_
WORD_ BITS - Number of bits in a SHA256 word
- SHA256_
WORD_ U8S - Number of 8-bit limbs in a SHA256 word
- SHA256_
WORD_ U16S - Number of 16-bit limbs in a SHA256 word
Functions§
- big_
sig0 - Big sigma_0 function from SHA256
- big_
sig1 - Big sigma_1 function from SHA256
- ch
- Choose function from SHA256
- compose
- Composes a list of limb values into a single field element
- constraint_
word_ addition - Constrain the addition of SHA256_WORD_BITS bit words in 16-bit limbs It takes in the terms some in bits some in 16-bit limbs, the expected sum in bits and the carries
- generate_
trace - Generates a trace for a standalone SHA256 computation (currently only used for testing)
recordsconsists of pairs of(input_block, is_last_block). - get_
flag_ pt_ array - Wrapper of
get_flag_ptto get the flag pointer as an array - get_
sha256_ num_ blocks - Returns the number of blocks required to hash a message of length
len - limbs_
into_ u32 - Convert a list of limbs in little endian into a u32
- maj
- Majority function from SHA256
- small_
sig0 - Small sigma_0 function from SHA256
- small_
sig1 - Small sigma_1 function from SHA256
- u32_
into_ bits_ field - Convert a u32 into a list of bits in little endian then convert each bit into a field element
- u32_
into_ u16s - Convert a u32 into a an array of 2 16-bit limbs in little endian