Function sm3p0

pub fn sm3p0(rs1: u32) -> u32

🔬This is a nightly-only experimental API. (riscv_ext_intrinsics #114544)

Available on RISC-V RV64 and target feature zksh only.

Implements the P0 transformation function as used in the SM3 hash function [4, 30].

This instruction is supported for the RV32 and RV64 base architectures. It implements the P0 transform of the SM3 hash function [4, 30]. This instruction must always be implemented such that its execution latency does not depend on the data being operated on.

Source: RISC-V Cryptography Extensions Volume I: Scalar & Entropy Source Instructions

Version: v1.0.1

Section: 3.41

Details

P0 transformation function as is used in the SM3 hash algorithm

This function is included in Zksh extension. It’s defined as:

P0(X) = X ⊕ (X ≪ 9) ⊕ (X ≪ 17)

where ⊕ represents 32-bit xor, and ≪ k represents rotate left by k bits.

In the SM3 algorithm, the P0 transformation is used as E ← P0(TT2) when the compression function CF uses the intermediate value TT2 to calculate the variable E in one iteration for subsequent processes.