diff --git a/evm/src/cpu/kernel/asm/sha2/compression.asm b/evm/src/cpu/kernel/asm/sha2/compression.asm index bee829f3..2bf48e65 100644 --- a/evm/src/cpu/kernel/asm/sha2/compression.asm +++ b/evm/src/cpu/kernel/asm/sha2/compression.asm @@ -185,9 +185,7 @@ sha2_compression_loop: // stack: num_blocks, i+1, a[i+1], b[i+1], c[i+1], d[i+1], e[i+1], f[i+1], g[i+1], h[i+1], num_blocks new, scratch_space_addr, message_schedule_addr new, i, new_retdest POP // stack: i+1, a[i+1], b[i+1], c[i+1], d[i+1], e[i+1], f[i+1], g[i+1], h[i+1], num_blocks new, scratch_space_addr, message_schedule_addr new, i, new_retdest - PUSH 64 - SWAP1 - MOD + %and_const(63) // stack: (i+1)%64, a[i+1], b[i+1], c[i+1], d[i+1], e[i+1], f[i+1], g[i+1], h[i+1], num_blocks new, scratch_space_addr, message_schedule_addr new, i, retdest SWAP12 // stack: i, a[i+1], b[i+1], c[i+1], d[i+1], e[i+1], f[i+1], g[i+1], h[i+1], num_blocks new, scratch_space_addr, message_schedule_addr new, (i+1)%64, retdest @@ -296,4 +294,5 @@ sha2_compression_end: // stack: i, scratch_space_addr, message_schedule_addr, concat(a[0]+a[64], b[0]+b[64], c[0]+c[64], d[0]+d[64], e[0]+e[64], f[0]+f[64], g[0]+g[64], h[0]+h[64]), retdest %pop3 // stack: sha2_result = concat(a[0]+a[64], b[0]+b[64], c[0]+c[64], d[0]+d[64], e[0]+e[64], f[0]+f[64], g[0]+g[64], h[0]+h[64]), retdest - STOP \ No newline at end of file + SWAP1 + JUMP diff --git a/evm/src/cpu/kernel/asm/sha2/memory.asm b/evm/src/cpu/kernel/asm/sha2/memory.asm index 843461e7..cd7cef92 100644 --- a/evm/src/cpu/kernel/asm/sha2/memory.asm +++ b/evm/src/cpu/kernel/asm/sha2/memory.asm @@ -115,43 +115,31 @@ // stack: offset, value SWAP1 // stack: value, offset - PUSH 1 - PUSH 8 - SHL - // stack: 1 << 8, value, offset - %stack (shift, val, offset) -> (val, shift, val, shift, offset) - // stack: value, 1 << 8, value, 1 << 8, offset - MOD - // stack: c_0 = value % (1 << 8), value, 1 << 8, offset - SWAP2 + DUP1 + // stack: value, value, offset + %and_const(0xff) + // stack: c_0 = value % (1 << 8), value, offset SWAP1 - // stack: value, 1 << 8, c_0, offset - PUSH 8 - SHR - // stack: value >> 8, 1 << 8, c_0, offset - DUP2 - DUP2 - // stack: value >> 8, 1 << 8, value >> 8, 1 << 8, c_0, offset - MOD - // stack: c_1 = (value >> 8) % (1 << 8), value >> 8, 1 << 8, c_0, offset - SWAP2 + // stack: value, c_0, offset + %shr_const(8) + // stack: value >> 8, c_0, offset + DUP1 + // stack: value >> 8, value >> 8, c_0, offset + %and_const(0xff) + // stack: c_1 = (value >> 8) % (1 << 8), value >> 8, c_0, offset SWAP1 - // stack: value >> 8, 1 << 8, c_1, c_0, offset - PUSH 8 - SHR - // stack: value >> 16, 1 << 8, c_1, c_0, offset - DUP2 - DUP2 - // stack: value >> 16, 1 << 8, value >> 16, 1 << 8, c_1, c_0, offset - MOD - // stack: c_2 = (value >> 16) % (1 << 8), value >> 16, 1 << 8, c_1, c_0, offset - SWAP2 + // stack: value >> 8, c_1, c_0, offset + %shr_const(8) + // stack: value >> 16, c_1, c_0, offset + DUP1 + // stack: value >> 16, value >> 16, c_1, c_0, offset + %and_const(0xff) + // stack: c_2 = (value >> 16) % (1 << 8), value >> 16, c_1, c_0, offset SWAP1 - // stack: value >> 16, 1 << 8, c_2, c_1, c_0, offset - PUSH 8 - SHR - // stack: value >> 24, 1 << 8, c_2, c_1, c_0, offset - MOD + // stack: value >> 16, c_2, c_1, c_0, offset + %shr_const(8) + // stack: value >> 24, c_2, c_1, c_0, offset + %and_const(0xff) // stack: c_3 = (value >> 24) % (1 << 8), c_2, c_1, c_0, offset DUP5 // stack: offset, c_3, c_2, c_1, c_0, offset diff --git a/evm/src/cpu/kernel/asm/sha2/message_schedule.asm b/evm/src/cpu/kernel/asm/sha2/message_schedule.asm index 6b2fa472..f786d31d 100644 --- a/evm/src/cpu/kernel/asm/sha2/message_schedule.asm +++ b/evm/src/cpu/kernel/asm/sha2/message_schedule.asm @@ -26,22 +26,13 @@ sha2_gen_message_schedule_from_block_0_loop: // stack: counter, output_addr, block[0], block[1], retdest SWAP2 // stack: block[0], output_addr, counter, block[1], retdest - PUSH 1 - PUSH 32 - SHL - // stack: 1 << 32, block[0], output_addr, counter, block[1], retdest - DUP2 - DUP2 - // stack: 1 << 32, block[0], 1 << 32, block[0], output_addr, counter, block[1], retdest - SWAP1 - // stack: block[0], 1 << 32, 1 << 32, block[0], output_addr, counter, block[1], retdest - MOD - // stack: block[0] % (1 << 32), 1 << 32, block[0], output_addr, counter, block[1], retdest - SWAP2 - // stack: block[0], 1 << 32, block[0] % (1 << 32), output_addr, counter, block[1], retdest - DIV - // stack: block[0] >> 32, block[0] % (1 << 32), output_addr, counter, block[1], retdest + DUP1 + // stack: block[0], block[0], output_addr, counter, block[1], retdest + %shr_const(32) + // stack: block[0] >> 32, block[0], output_addr, counter, block[1], retdest SWAP1 + // stack: block[0], block[0] >> 32, output_addr, counter, block[1], retdest + %truncate_to_u32 // stack: block[0] % (1 << 32), block[0] >> 32, output_addr, counter, block[1], retdest DUP3 // stack: output_addr, block[0] % (1 << 32), block[0] >> 32, output_addr, counter, block[1], retdest @@ -76,22 +67,13 @@ sha2_gen_message_schedule_from_block_1_loop: // stack: counter, output_addr, block[1], block[0], retdest SWAP2 // stack: block[1], output_addr, counter, block[0], retdest - PUSH 1 - PUSH 32 - SHL - // stack: 1 << 32, block[1], output_addr, counter, block[0], retdest - DUP2 - DUP2 - // stack: 1 << 32, block[1], 1 << 32, block[1], output_addr, counter, block[0], retdest - SWAP1 - // stack: block[1], 1 << 32, 1 << 32, block[1], output_addr, counter, block[0], retdest - MOD - // stack: block[1] % (1 << 32), 1 << 32, block[1], output_addr, counter, block[0], retdest - SWAP2 - // stack: block[1], 1 << 32, block[1] % (1 << 32), output_addr, counter, block[0], retdest - DIV - // stack: block[1] >> 32, block[1] % (1 << 32), output_addr, counter, block[0], retdest + DUP1 + // stack: block[1], block[1], output_addr, counter, block[0], retdest + %shr_const(32) + // stack: block[1] >> 32, block[1], output_addr, counter, block[0], retdest SWAP1 + // stack: block[1], block[1] >> 32, output_addr, counter, block[0], retdest + %truncate_to_u32 // stack: block[1] % (1 << 32), block[1] >> 32, output_addr, counter, block[0], retdest DUP3 // stack: output_addr, block[1] % (1 << 32), block[1] >> 32, output_addr, counter, block[0], retdest diff --git a/evm/src/cpu/kernel/asm/sha2/write_length.asm b/evm/src/cpu/kernel/asm/sha2/write_length.asm index 40395707..5727498c 100644 --- a/evm/src/cpu/kernel/asm/sha2/write_length.asm +++ b/evm/src/cpu/kernel/asm/sha2/write_length.asm @@ -2,146 +2,118 @@ // stack: last_addr, length SWAP1 // stack: length, last_addr - PUSH 1 - PUSH 8 - SHL - - // stack: 1 << 8, length, last_addr DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr + // stack: length, length, last_addr + %and_const(0xff) + // stack: length % (1 << 8), length, last_addr DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: length % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, length % (1 << 8), 1 << 8, length, last_addr + // stack: last_addr, length % (1 << 8), length, last_addr %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 8 - SHR - // stack: length >> 8, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 8) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 8) % (1 << 8), 1 << 8, length, last_addr - PUSH 1 + // stack: length, last_addr SWAP1 - SUB - // stack: last_addr - 1, (length >> 8) % (1 << 8), 1 << 8, length, last_addr + %decrement + SWAP1 + // stack: length, last_addr - 1 + %shr_const(8) + // stack: length >> 8, last_addr - 1 + DUP1 + // stack: length >> 8, length >> 8, last_addr - 1 + %and_const(0xff) + // stack: (length >> 8) % (1 << 8), length >> 8, last_addr - 1 + DUP3 + // stack: last_addr - 1, (length >> 8) % (1 << 8), length >> 8, last_addr - 1 + %mstore_kernel_general + + // stack: length >> 8, last_addr - 1 + SWAP1 + %decrement + SWAP1 + // stack: length >> 8, last_addr - 2 + %shr_const(8) + // stack: length >> 16, last_addr - 2 + DUP1 + // stack: length >> 16, length >> 16, last_addr - 2 + %and_const(0xff) + // stack: (length >> 16) % (1 << 8), length >> 16, last_addr - 2 + DUP3 + // stack: last_addr - 2, (length >> 16) % (1 << 8), length >> 16, last_addr - 2 %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 16 - SHR - // stack: length >> 16, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 16) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 16) % (1 << 8), 1 << 8, length, last_addr - PUSH 2 + // stack: length >> 16, last_addr - 2 SWAP1 - SUB - // stack: last_addr - 2, (length >> 16) % (1 << 8), 1 << 8, length, last_addr + %decrement + SWAP1 + // stack: length >> 16, last_addr - 3 + %shr_const(8) + // stack: length >> 24, last_addr - 3 + DUP1 + // stack: length >> 24, length >> 24, last_addr - 3 + %and_const(0xff) + // stack: (length >> 24) % (1 << 8), length >> 24, last_addr - 3 + DUP3 + // stack: last_addr - 3, (length >> 24) % (1 << 8), length >> 24, last_addr - 3 %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 24 - SHR - // stack: length >> 24, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 24) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 24) % (1 << 8), 1 << 8, length, last_addr - PUSH 3 + // stack: length >> 24, last_addr - 3 SWAP1 - SUB - // stack: last_addr - 3, (length >> 24) % (1 << 8), 1 << 8, length, last_addr + %decrement + SWAP1 + // stack: length >> 24, last_addr - 4 + %shr_const(8) + // stack: length >> 32, last_addr - 4 + DUP1 + // stack: length >> 32, length >> 32, last_addr - 4 + %and_const(0xff) + // stack: (length >> 32) % (1 << 8), length >> 32, last_addr - 4 + DUP3 + // stack: last_addr - 4, (length >> 32) % (1 << 8), length >> 32, last_addr - 4 %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 32 - SHR - // stack: length >> 32, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 32) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 32) % (1 << 8), 1 << 8, length, last_addr - PUSH 4 + // stack: length >> 32, last_addr - 4 SWAP1 - SUB - // stack: last_addr - 4, (length >> 32) % (1 << 8), 1 << 8, length, last_addr + %decrement + SWAP1 + // stack: length >> 32, last_addr - 5 + %shr_const(8) + // stack: length >> 40, last_addr - 5 + DUP1 + // stack: length >> 40, length >> 40, last_addr - 5 + %and_const(0xff) + // stack: (length >> 40) % (1 << 8), length >> 40, last_addr - 5 + DUP3 + // stack: last_addr - 5, (length >> 40) % (1 << 8), length >> 40, last_addr - 5 %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 40 - SHR - // stack: length >> 40, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 40) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 40) % (1 << 8), 1 << 8, length, last_addr - PUSH 5 + // stack: length >> 40, last_addr - 5 SWAP1 - SUB - // stack: last_addr - 5, (length >> 40) % (1 << 8), 1 << 8, length, last_addr + %decrement + SWAP1 + // stack: length >> 40, last_addr - 6 + %shr_const(8) + // stack: length >> 48, last_addr - 6 + DUP1 + // stack: length >> 48, length >> 48, last_addr - 6 + %and_const(0xff) + // stack: (length >> 48) % (1 << 8), length >> 48, last_addr - 6 + DUP3 + // stack: last_addr - 6, (length >> 48) % (1 << 8), length >> 48, last_addr - 6 %mstore_kernel_general - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 48 - SHR - // stack: length >> 48, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 48) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 48) % (1 << 8), 1 << 8, length, last_addr - PUSH 6 + // stack: length >> 48, last_addr - 6 SWAP1 - SUB - // stack: last_addr - 6, (length >> 48) % (1 << 8), 1 << 8, length, last_addr - %mstore_kernel_general - - // stack: 1 << 8, length, last_addr - DUP1 - // stack: 1 << 8, 1 << 8, length, last_addr - DUP3 - // stack: length, 1 << 8, 1 << 8, length, last_addr - PUSH 56 - SHR - // stack: length >> 56, 1 << 8, 1 << 8, length, last_addr - MOD - // stack: (length >> 56) % (1 << 8), 1 << 8, length, last_addr - DUP4 - // stack: last_addr, (length >> 56) % (1 << 8), 1 << 8, length, last_addr - PUSH 7 + %decrement SWAP1 - SUB - // stack: last_addr - 7, (length >> 56) % (1 << 8), 1 << 8, length, last_addr + // stack: length >> 48, last_addr - 7 + %shr_const(8) + // stack: length >> 56, last_addr - 7 + DUP1 + // stack: length >> 56, length >> 56, last_addr - 7 + %and_const(0xff) + // stack: (length >> 56) % (1 << 8), length >> 56, last_addr - 7 + DUP3 + // stack: last_addr - 7, (length >> 56) % (1 << 8), length >> 56, last_addr - 7 %mstore_kernel_general - %pop3 + %pop2 // stack: (empty) %endmacro diff --git a/evm/src/cpu/kernel/tests/sha2.rs b/evm/src/cpu/kernel/tests/sha2.rs index 94b3ac61..a493c1fb 100644 --- a/evm/src/cpu/kernel/tests/sha2.rs +++ b/evm/src/cpu/kernel/tests/sha2.rs @@ -15,25 +15,28 @@ fn test_sha2() -> Result<()> { let mut rng = thread_rng(); + // Generate a random message, between 0 and 9999 bytes. let num_bytes = rng.gen_range(0..10000); let message: Vec = (0..num_bytes).map(|_| rng.gen()).collect(); + // Hash the message using a standard Sha256 implementation. let mut hasher = Sha256::new(); hasher.update(message.clone()); let expected = format!("{:X}", hasher.finalize()); - let bytes: Vec = message.iter().map(|&x| U256::from(x as u32)).collect(); - + // Load the message onto the stack. let mut initial_stack = vec![U256::from(num_bytes)]; + let bytes: Vec = message.iter().map(|&x| U256::from(x as u32)).collect(); initial_stack.extend(bytes); initial_stack.push(U256::from_str("0xdeadbeef").unwrap()); initial_stack.reverse(); - let after_sha2 = run(&kernel.code, sha2, initial_stack, &kernel.prover_inputs)?; - let stack_after_sha2 = after_sha2.stack(); - let result = stack_after_sha2[1]; - let actual = format!("{:X}", result); + // Run the sha2 kernel code. + let result = run(&kernel.code, sha2, initial_stack, &kernel.prover_inputs)?; + let result_hash = result.stack()[0]; + let actual = format!("{:X}", result_hash); + // Check that the result is correct. assert_eq!(expected, actual); Ok(())