Function core::arch::riscv32::sm3p1

source ·
pub fn sm3p1(x: u32) -> u32
🔬This is a nightly-only experimental API. (stdsimd #48556)
Available on RISC-V RV32 and target feature zksh only.
Expand description

P1 transformation function as is used in the SM3 hash algorithm

This function is included in Zksh extension. It’s defined as:

P1(X) = X ⊕ (X ≪ 15) ⊕ (X ≪ 23)

where represents 32-bit xor, and ≪ k represents rotate left by k bits.

In the SM3 algorithm, the P1 transformation is used to expand message, where expanded word Wj can be generated from the previous words. The whole process can be described as the following pseudocode:

FOR j=16 TO 67
    Wj ← P1(Wj−16 ⊕ Wj−9 ⊕ (Wj−3 ≪ 15)) ⊕ (Wj−13 ≪ 7) ⊕ Wj−6
ENDFOR

According to RISC-V Cryptography Extensions, Volume I, the execution latency of this instruction must always be independent from the data it operates on.