Function core::arch::riscv64::sm3p0

source ·
pub unsafe fn sm3p0(rs1: u32) -> u32
🔬This is a nightly-only experimental API. (stdsimd #48556)
Available with target feature zksh only.
Expand description

Implements the P0 transformation function as used in the SM3 hash function [4, 30].

This instruction is supported for the RV32 and RV64 base architectures. It implements the P0 transform of the SM3 hash function [4, 30]. This instruction must always be implemented such that its execution latency does not depend on the data being operated on.

Source: RISC-V Cryptography Extensions Volume I: Scalar & Entropy Source Instructions

Version: v1.0.1

Section: 3.41

§Safety

This function is safe to use if the zksh target feature is present.

§Details

P0 transformation function as is used in the SM3 hash algorithm

This function is included in Zksh extension. It’s defined as:

P0(X) = X ⊕ (X ≪ 9) ⊕ (X ≪ 17)

where represents 32-bit xor, and ≪ k represents rotate left by k bits.

In the SM3 algorithm, the P0 transformation is used as E ← P0(TT2) when the compression function CF uses the intermediate value TT2 to calculate the variable E in one iteration for subsequent processes.