Skip to content

Consolidate constants to a single file #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TomAFrench merged 3 commits into from
Nov 9, 2022
Merged

Consolidate constants to a single file #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0f9a2bc
refactor: move constants to a single file
TomAFrench Nov 4, 2022
009e9b4
Merge branch 'master' into constants
TomAFrench Nov 9, 2022
5053b00
fix: add missing import to padding test
TomAFrench Nov 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions circuits/Prover.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
input = [1,0,0,0,0,0,0,0,0,0]
return = [1,1,0,0,0,0,0,0,0,1]
input = [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
return = [0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1]
input_length = 1
2 changes: 1 addition & 1 deletion circuits/Verifier.toml
View file
Open in desktop

Large diffs are not rendered by default.

10 changes: 4 additions & 6 deletions circuits/src/main.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
use dep::keccak;
use dep::keccak::padding as padding;

global INPUT_SIZE: Field = 10;

global BLOCK_SIZE: Field = 10; // Blocks are 136 bytes. 138 * 8 = 1088 bits.
use dep::keccak::constants as constants;

// This is a simplified implementation of the Keccak256 hash function.
// In particular we assume that the `input_length` will be less than the size of the absorb step's block size.
fn main(input: [u1; INPUT_SIZE], input_length: u64) -> pub [u1; BLOCK_SIZE] {
dep::keccak::padding::pad(input, input_length)
fn main(input: [u1; constants::INPUT_SIZE], input_length: u64) -> pub [u1; constants::BLOCK_SIZE] {
padding::pad(input, input_length)
}
15 changes: 15 additions & 0 deletions lib/src/constants.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
// Input size related

// The input must be at least 2 bits smaller than the block size to accommodate the padding bits.
global INPUT_SIZE: Field = 1086;
// Blocks are 136 bytes. 138 * 8 = 1088 bits.
global BLOCK_SIZE: Field = 1088;

// State size related
global STATE_SIZE: Field = 1600;
global LANE_LENGTH: Field = 64;
global COLUMN_LENGTH: Field = 5;
global NUM_LANES: Field = 25;

// Misc
global NUM_ROUNDS: Field = 24;
1 change: 1 addition & 0 deletions lib/src/lib.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
mod constants;
mod padding;
mod permutations;
12 changes: 5 additions & 7 deletions lib/src/padding.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
global INPUT_SIZE: Field = 10;

global BLOCK_SIZE: Field = 10; // Blocks are 136 bytes. 138 * 8 = 1088 bits.
use crate::constants as constants;

// This is a simplified implementation of the pad10*1 algorithm.
// As we assume that the input length is smaller than the block size, we can ignore the potential for the padding
// sequence to be spread over multiple blocks.
fn pad(input: [u1; INPUT_SIZE], input_length: u64) -> [u1; BLOCK_SIZE] {
fn pad(input: [u1; constants::INPUT_SIZE], input_length: u64) -> [u1; constants::BLOCK_SIZE] {
// We require 2 bits of space after the message in order to include the padding bits.
// constrain input_length < BLOCK_SIZE - 2;

let mut padded_input: [u1; BLOCK_SIZE] = [0 as u1; BLOCK_SIZE];
for i in 0..BLOCK_SIZE {
let mut padded_input: [u1; constants::BLOCK_SIZE] = [0 as u1; constants::BLOCK_SIZE];
for i in 0..constants::INPUT_SIZE {
if (i as u64) < input_length {
// Copy input into padded array.
padded_input[i] = input[i];
Expand All @@ -25,7 +23,7 @@ fn pad(input: [u1; INPUT_SIZE], input_length: u64) -> [u1; BLOCK_SIZE] {
}
};
// Place the second 1 bit of the padding in the last bit of the block.
padded_input[BLOCK_SIZE - 1] = 1;
padded_input[constants::BLOCK_SIZE - 1] = 1;

padded_input
}
20 changes: 9 additions & 11 deletions lib/src/permutations/chi.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,18 @@
global STATE_SIZE: Field = 1600;
global LANE_LENGTH: Field = 64;
global COLUMN_LENGTH: Field = 5;
use crate::constants as constants;

fn chi(state: [u1; STATE_SIZE]) -> [u1; STATE_SIZE] {
fn chi(state: [u1; constants::STATE_SIZE]) -> [u1; constants::STATE_SIZE] {
// The labelling convention for the state array is `state[x, y, z] = state[LANE_LENGTH * (5y + x) + z]`.
let mut new_state = state;
for z in 0..LANE_LENGTH {
for z in 0..constants::LANE_LENGTH {
// Iterate over each slice...
for y in 0..COLUMN_LENGTH {
for y in 0..constants::COLUMN_LENGTH {
// and write updated values for each row.
// new_state[x, y, z] = new_state[x, y, z] ^ new_state[(x + 1) % 5, y, z] ^ new_state[(x + 2) % 5, y, z]
new_state[LANE_LENGTH * (5 * y + 0) + z] = state[LANE_LENGTH * (5 * y + 0) + z] ^ state[LANE_LENGTH * (5 * y + 1) + z] ^ state[LANE_LENGTH * (5 * y + 2) + z];
new_state[LANE_LENGTH * (5 * y + 1) + z] = state[LANE_LENGTH * (5 * y + 1) + z] ^ state[LANE_LENGTH * (5 * y + 2) + z] ^ state[LANE_LENGTH * (5 * y + 3) + z];
new_state[LANE_LENGTH * (5 * y + 2) + z] = state[LANE_LENGTH * (5 * y + 2) + z] ^ state[LANE_LENGTH * (5 * y + 3) + z] ^ state[LANE_LENGTH * (5 * y + 4) + z];
new_state[LANE_LENGTH * (5 * y + 3) + z] = state[LANE_LENGTH * (5 * y + 3) + z] ^ state[LANE_LENGTH * (5 * y + 4) + z] ^ state[LANE_LENGTH * (5 * y + 0) + z];
new_state[LANE_LENGTH * (5 * y + 4) + z] = state[LANE_LENGTH * (5 * y + 4) + z] ^ state[LANE_LENGTH * (5 * y + 0) + z] ^ state[LANE_LENGTH * (5 * y + 1) + z];
new_state[constants::LANE_LENGTH * (5 * y + 0) + z] = state[constants::LANE_LENGTH * (5 * y + 0) + z] ^ state[constants::LANE_LENGTH * (5 * y + 1) + z] ^ state[constants::LANE_LENGTH * (5 * y + 2) + z];
new_state[constants::LANE_LENGTH * (5 * y + 1) + z] = state[constants::LANE_LENGTH * (5 * y + 1) + z] ^ state[constants::LANE_LENGTH * (5 * y + 2) + z] ^ state[constants::LANE_LENGTH * (5 * y + 3) + z];
new_state[constants::LANE_LENGTH * (5 * y + 2) + z] = state[constants::LANE_LENGTH * (5 * y + 2) + z] ^ state[constants::LANE_LENGTH * (5 * y + 3) + z] ^ state[constants::LANE_LENGTH * (5 * y + 4) + z];
new_state[constants::LANE_LENGTH * (5 * y + 3) + z] = state[constants::LANE_LENGTH * (5 * y + 3) + z] ^ state[constants::LANE_LENGTH * (5 * y + 4) + z] ^ state[constants::LANE_LENGTH * (5 * y + 0) + z];
new_state[constants::LANE_LENGTH * (5 * y + 4) + z] = state[constants::LANE_LENGTH * (5 * y + 4) + z] ^ state[constants::LANE_LENGTH * (5 * y + 0) + z] ^ state[constants::LANE_LENGTH * (5 * y + 1) + z];
};
};

Expand Down
10 changes: 4 additions & 6 deletions lib/src/permutations/iota.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
global STATE_SIZE: Field = 1600;
global LANE_LENGTH: Field = 64;
global NUM_ROUNDS: Field = 24;
use crate::constants as constants;

fn iota(state: [u1; STATE_SIZE], round_number: comptime Field) -> [u1; STATE_SIZE] {
fn iota(state: [u1; constants::STATE_SIZE], round_number: comptime Field) -> [u1; constants::STATE_SIZE] {
// Each element of RC is a bitmap for the mask to apply to the lane.
let RC: [u64; NUM_ROUNDS] = [
let RC: [u64; constants::NUM_ROUNDS] = [
0x0000000000000001, 0x0000000000008082, 0x800000000000808A,
0x8000000080008000, 0x000000000000808B, 0x0000000080000001,
0x8000000080008081, 0x8000000000008009, 0x000000000000008A,
Expand All @@ -19,7 +17,7 @@ fn iota(state: [u1; STATE_SIZE], round_number: comptime Field) -> [u1; STATE_SIZ
// The labelling convention for the state array is `state[x, y, z] = state[LANE_LENGTH * (5y + x) + z]`.
// In order to update Lane(0,0) we must only update the first `LANE_LENGTH` values of the state array.
let mut new_state = state;
for i in 0..LANE_LENGTH {
for i in 0..constants::LANE_LENGTH {
new_state[i] = state[i] ^ (rc as u1);
// Equivalent to a bitshift right.
rc = rc / 2;
Expand Down
16 changes: 7 additions & 9 deletions lib/src/permutations/rhoPi.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
global STATE_SIZE: Field = 1600;
global LANE_LENGTH: Field = 64;
global NUM_LANES: Field = 25;
use crate::constants as constants;

// This function is a combination of the rho and pi functions as defined in the Keccak256 specification.
// We merge these two functions as rho consists of a rotation of the bits within each lane and pi is a remapping of
// the lane indices. We can then efficiently perform both of these steps simultaneously by writing the output of rho
// directly into the remapped lane specified by pi.
fn rhoPi(state: [u1; STATE_SIZE]) -> [u1; STATE_SIZE] {
fn rhoPi(state: [u1; constants::STATE_SIZE]) -> [u1; constants::STATE_SIZE] {
// These are precomputed pairs of indices within the state array which specify how to perform the pi mapping.
// Lanes are remapped such that the lane sitting at index READ_LANE_OFFSETS[i] is remapped to WRITE_LANE_OFFSETS[i].
let READ_LANE_OFFSETS: [comptime Field; 24] = [64, 640, 448, 704, 1088, 1152, 192, 320, 1024, 512, 1344, 1536, 256, 960, 1472, 1216, 832, 768, 128, 1280, 896, 1408, 576, 384];
Expand All @@ -19,17 +17,17 @@ fn rhoPi(state: [u1; STATE_SIZE]) -> [u1; STATE_SIZE] {
// This definition adds an additional modulo compared to the spec but makes it easier to calculate correct offsets.
let T: [comptime Field; 24] = [1, 3, 6, 10, 15, 21, 28, 36, 45, 55, 2, 14, 27, 41, 56, 8, 25, 43, 62, 18, 39, 61, 20, 44];

let mut new_state: [u1; STATE_SIZE] = [0 as u1; STATE_SIZE];
let mut new_state: [u1; constants::STATE_SIZE] = [0 as u1; constants::STATE_SIZE];
// The center lane is unaffected by the rho and pi functions so we write it directly into the new state.
for i in 0..LANE_LENGTH {
for i in 0..constants::LANE_LENGTH {
new_state[i] = state[i];
};

// Now for the remaining lanes we write the rotated lane outputted from rho into the remapped lane specified by pi.
for i in 0..NUM_LANES - 1 {
for z in 0..LANE_LENGTH {
for i in 0..constants::NUM_LANES - 1 {
for z in 0..constants::LANE_LENGTH {
// This is equivalent to `(z - T[i]) % LANE_LENGTH`
let shifted_z_position = if z >= T[i] { z - T[i] } else { LANE_LENGTH - T[i] + z };
let shifted_z_position = if z >= T[i] { z - T[i] } else { constants::LANE_LENGTH - T[i] + z };
new_state[WRITE_LANE_OFFSETS[i] + z] = state[READ_LANE_OFFSETS[i] + shifted_z_position];
};
};
Expand Down
61 changes: 30 additions & 31 deletions lib/src/permutations/theta.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,36 +1,35 @@
global STATE_SIZE: Field = 1600;
global LANE_LENGTH: Field = 64;
use crate::constants as constants;

fn theta(state: [u1; STATE_SIZE]) -> [u1; STATE_SIZE] {
fn theta(state: [u1; constants::STATE_SIZE]) -> [u1; constants::STATE_SIZE] {
// The theta function works by calculating the parity of each of the columns in the state array. We store these
// in the C[x, z] arrays.
// C[x, z] = A[x, 0, z] ^ A[x, 1, z] ^ A[x, 2, z] ^ A[x, 3, z] ^ A[x, 4, z]
let mut c0: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH];
let mut c1: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH];
let mut c2: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH];
let mut c3: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH];
let mut c4: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH];
for i in 0..LANE_LENGTH {
c0[i] = state[0 * LANE_LENGTH + i] ^ state[5 * LANE_LENGTH + i] ^ state[10 * LANE_LENGTH + i] ^ state[15 * LANE_LENGTH + i] ^ state[20 * LANE_LENGTH + i];
c1[i] = state[1 * LANE_LENGTH + i] ^ state[6 * LANE_LENGTH + i] ^ state[11 * LANE_LENGTH + i] ^ state[16 * LANE_LENGTH + i] ^ state[21 * LANE_LENGTH + i];
c2[i] = state[2 * LANE_LENGTH + i] ^ state[7 * LANE_LENGTH + i] ^ state[12 * LANE_LENGTH + i] ^ state[17 * LANE_LENGTH + i] ^ state[22 * LANE_LENGTH + i];
c3[i] = state[3 * LANE_LENGTH + i] ^ state[8 * LANE_LENGTH + i] ^ state[13 * LANE_LENGTH + i] ^ state[18 * LANE_LENGTH + i] ^ state[23 * LANE_LENGTH + i];
c4[i] = state[4 * LANE_LENGTH + i] ^ state[9 * LANE_LENGTH + i] ^ state[14 * LANE_LENGTH + i] ^ state[19 * LANE_LENGTH + i] ^ state[24 * LANE_LENGTH + i];
let mut c0: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH];
let mut c1: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH];
let mut c2: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH];
let mut c3: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH];
let mut c4: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH];
for i in 0..constants::LANE_LENGTH {
c0[i] = state[0 * constants::LANE_LENGTH + i] ^ state[5 * constants::LANE_LENGTH + i] ^ state[10 * constants::LANE_LENGTH + i] ^ state[15 * constants::LANE_LENGTH + i] ^ state[20 * constants::LANE_LENGTH + i];
c1[i] = state[1 * constants::LANE_LENGTH + i] ^ state[6 * constants::LANE_LENGTH + i] ^ state[11 * constants::LANE_LENGTH + i] ^ state[16 * constants::LANE_LENGTH + i] ^ state[21 * constants::LANE_LENGTH + i];
c2[i] = state[2 * constants::LANE_LENGTH + i] ^ state[7 * constants::LANE_LENGTH + i] ^ state[12 * constants::LANE_LENGTH + i] ^ state[17 * constants::LANE_LENGTH + i] ^ state[22 * constants::LANE_LENGTH + i];
c3[i] = state[3 * constants::LANE_LENGTH + i] ^ state[8 * constants::LANE_LENGTH + i] ^ state[13 * constants::LANE_LENGTH + i] ^ state[18 * constants::LANE_LENGTH + i] ^ state[23 * constants::LANE_LENGTH + i];
c4[i] = state[4 * constants::LANE_LENGTH + i] ^ state[9 * constants::LANE_LENGTH + i] ^ state[14 * constants::LANE_LENGTH + i] ^ state[19 * constants::LANE_LENGTH + i] ^ state[24 * constants::LANE_LENGTH + i];
};

// D[x, z] = C[(x - 1) mod 5, z] ^ C[(x + 1) mod 5, (z - 1) mod LANE_LENGTH]
let mut d0: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH]; // D[0, Z] = C[4, z] ^ C[1, (z-1) mod LANE_LENGTH]
let mut d1: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH]; // D[1, Z] = C[0, z] ^ C[2, (z-1) mod LANE_LENGTH]
let mut d2: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH]; // D[2, Z] = C[1, z] ^ C[3, (z-1) mod LANE_LENGTH]
let mut d3: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH]; // D[3, Z] = C[2, z] ^ C[4, (z-1) mod LANE_LENGTH]
let mut d4: [u1; LANE_LENGTH] = [0 as u1; LANE_LENGTH]; // D[4, Z] = C[3, z] ^ C[0, (z-1) mod LANE_LENGTH]
let mut d0: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH]; // D[0, Z] = C[4, z] ^ C[1, (z-1) mod LANE_LENGTH]
let mut d1: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH]; // D[1, Z] = C[0, z] ^ C[2, (z-1) mod LANE_LENGTH]
let mut d2: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH]; // D[2, Z] = C[1, z] ^ C[3, (z-1) mod LANE_LENGTH]
let mut d3: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH]; // D[3, Z] = C[2, z] ^ C[4, (z-1) mod LANE_LENGTH]
let mut d4: [u1; constants::LANE_LENGTH] = [0 as u1; constants::LANE_LENGTH]; // D[4, Z] = C[3, z] ^ C[0, (z-1) mod LANE_LENGTH]
// The modulus only affects the first cell in the lane so we handle this outside of the for-loop.
d0[0] = c4[0] ^ c1[LANE_LENGTH - 1];
d1[0] = c0[0] ^ c2[LANE_LENGTH - 1];
d2[0] = c1[0] ^ c3[LANE_LENGTH - 1];
d3[0] = c2[0] ^ c4[LANE_LENGTH - 1];
d4[0] = c3[0] ^ c0[LANE_LENGTH - 1];
for i in 1..LANE_LENGTH {
d0[0] = c4[0] ^ c1[constants::LANE_LENGTH - 1];
d1[0] = c0[0] ^ c2[constants::LANE_LENGTH - 1];
d2[0] = c1[0] ^ c3[constants::LANE_LENGTH - 1];
d3[0] = c2[0] ^ c4[constants::LANE_LENGTH - 1];
d4[0] = c3[0] ^ c0[constants::LANE_LENGTH - 1];
for i in 1..constants::LANE_LENGTH {
d0[i] = c4[i] ^ c1[i-1];
d1[i] = c0[i] ^ c2[i-1];
d2[i] = c1[i] ^ c3[i-1];
Expand All @@ -42,13 +41,13 @@ fn theta(state: [u1; STATE_SIZE]) -> [u1; STATE_SIZE] {
let mut new_state = state;
for y in 0..4 {
// Iterate over each row...
for i in 0..LANE_LENGTH {
for i in 0..constants::LANE_LENGTH {
// and write updated values for each lane.
new_state[LANE_LENGTH * (5 * y + 0) + i] = state[LANE_LENGTH * (5 * y + 0) + i] ^ d0[i];
new_state[LANE_LENGTH * (5 * y + 1) + i] = state[LANE_LENGTH * (5 * y + 1) + i] ^ d1[i];
new_state[LANE_LENGTH * (5 * y + 2) + i] = state[LANE_LENGTH * (5 * y + 2) + i] ^ d2[i];
new_state[LANE_LENGTH * (5 * y + 3) + i] = state[LANE_LENGTH * (5 * y + 3) + i] ^ d3[i];
new_state[LANE_LENGTH * (5 * y + 4) + i] = state[LANE_LENGTH * (5 * y + 4) + i] ^ d4[i];
new_state[constants::LANE_LENGTH * (5 * y + 0) + i] = state[constants::LANE_LENGTH * (5 * y + 0) + i] ^ d0[i];
new_state[constants::LANE_LENGTH * (5 * y + 1) + i] = state[constants::LANE_LENGTH * (5 * y + 1) + i] ^ d1[i];
new_state[constants::LANE_LENGTH * (5 * y + 2) + i] = state[constants::LANE_LENGTH * (5 * y + 2) + i] ^ d2[i];
new_state[constants::LANE_LENGTH * (5 * y + 3) + i] = state[constants::LANE_LENGTH * (5 * y + 3) + i] ^ d3[i];
new_state[constants::LANE_LENGTH * (5 * y + 4) + i] = state[constants::LANE_LENGTH * (5 * y + 4) + i] ^ d4[i];
};
};

Expand Down
Loading