solutions/zokrates_prover/.zokrates/stdlib/hashes/sha256/sha256.zok

import "./shaRound" as shaRound;

// Initial values, FIPS 180-3, section 5.3.3
// https://csrc.nist.gov/csrc/media/publications/fips/180/3/archive/2008-10-31/documents/fips180-3_final.pdf
const u32[8] IV = [
    0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
    0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
];

// A function that takes N u32[16] arrays as inputs, concatenates them,
// and returns their sha256 compression as a u32[8].
// Note: no padding is applied
def main<N>(u32[N][16] a) -> u32[8] {
    u32[8] mut current = IV;

    for u32 i in 0..N {
        current = shaRound(a[i], current);
    }

    return current;
}
WIP 2023-12-05 06:06:28 +00:00			`import "./shaRound" as shaRound;`

			`// Initial values, FIPS 180-3, section 5.3.3`
			`// https://csrc.nist.gov/csrc/media/publications/fips/180/3/archive/2008-10-31/documents/fips180-3_final.pdf`
			`const u32[8] IV = [`
			`0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,`
			`0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19`
			`];`

			`// A function that takes N u32[16] arrays as inputs, concatenates them,`
			`// and returns their sha256 compression as a u32[8].`
			`// Note: no padding is applied`
			`def main<N>(u32[N][16] a) -> u32[8] {`
			`u32[8] mut current = IV;`

			`for u32 i in 0..N {`
			`current = shaRound(a[i], current);`
			`}`

			`return current;`
			`}`