Expand description
Implementation of the SHA256 compression function without padding This this AIR doesn’t constrain any of the message padding
Structs§
- These are the columns that are used to help with the message schedule additions Note: these need to be correctly assigned for every row even on padding rows
- In each SHA256 block:
Constants§
- Number of bits in a SHA256 block
- Number of cells in a SHA256 block
- Number of words in a SHA256 block
- Size of the buffer of the first 4 rows of a block (each row’s size)
- Width of the Sha256DigestCols
- SHA256 initial hash values
- Number of words in a SHA256 hash
- SHA256 constant K’s
- Number of rounds per row
- Width of the Sha256RoundCols
- Number of rows per block
- Number of vars needed to encode the row index with Encoder
- Width of the Sha256Cols
- Number of bits in a SHA256 word
- Number of 8-bit limbs in a SHA256 word
- Number of 16-bit limbs in a SHA256 word
Functions§
- Big sigma_0 function from SHA256
- Big sigma_1 function from SHA256
- Choose function from SHA256
- Composes a list of limb values into a single field element
- Constrain the addition of SHA256_WORD_BITS bit words in 16-bit limbs It takes in the terms some in bits some in 16-bit limbs, the expected sum in bits and the carries
records
consists of pairs of(input_block, is_last_block)
.- Wrapper of
get_flag_pt
to get the flag pointer as an array - Generate a random message of a given length
- Convert a list of limbs in little endian into a u32
- Majority function from SHA256
- Small sigma_0 function from SHA256
- Small sigma_1 function from SHA256
- Convert a u32 into a list of limbs in little endian