1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
| def sha256(message: str) -> str:
"""
计算输入字符串的 SHA-256 哈希值(十六进制字符串)
"""
# === 步骤 1:预处理 ===
# 将字符串转为字节(UTF-8 编码)
if isinstance(message, str):
message = message.encode('utf-8')
# 获取原始长度(单位:bit)
original_bit_len = len(message) * 8
# 添加 bit '1'
message += b'\x80'
# 补零,直到长度 ≡ 448 (mod 512)
while (len(message) * 8) % 512 != 448:
message += b'\x00'
# 添加 64-bit 原始长度(大端序)
message += original_bit_len.to_bytes(8, 'big')
# === 步骤 2:初始化哈希值(H₀)IV===
# 这些是前8个质数的平方根的小数部分 × 2³² 的整数部分
h = [
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
]
# === 步骤 3:定义常量 K(前64个质数的立方根的小数部分 × 2³²)===
k = [
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
]
# === 步骤 4:主循环(每 512-bit 一块)===
for chunk_start in range(0, len(message), 64): # 64 bytes = 512 bits
chunk = message[chunk_start:chunk_start + 64]
# 将 chunk 拆分为 16 个 32-bit word(大端序)
w = [0] * 64
for i in range(16):
w[i] = int.from_bytes(chunk[i*4:(i+1)*4], 'big')
# 扩展到 64 个 word
for i in range(16, 64):
s0 = _rotr(w[i-15], 7) ^ _rotr(w[i-15], 18) ^ (w[i-15] >> 3)
s1 = _rotr(w[i-2], 17) ^ _rotr(w[i-2], 19) ^ (w[i-2] >> 10)
w[i] = (w[i-16] + s0 + w[i-7] + s1) & 0xffffffff
# 初始化工作变量
a, b, c, d, e, f, g, h_ = h
# 主压缩循环
for i in range(64):
S1 = _rotr(e, 6) ^ _rotr(e, 11) ^ _rotr(e, 25)
ch = (e & f) ^ ((~e) & g)
S0 = _rotr(a, 2) ^ _rotr(a, 13) ^ _rotr(a, 22)
maj = (a & b) ^ (a & c) ^ (b & c)
temp1 = (h_ + S1 + ch + k[i] + w[i]) & 0xffffffff
temp2 = (S0 + maj) & 0xffffffff
h_ = g
g = f
f = e
e = (d + temp1) & 0xffffffff
d = c
c = b
b = a
a = (temp1 + temp2) & 0xffffffff
# 更新哈希值
h[0] = (h[0] + a) & 0xffffffff
h[1] = (h[1] + b) & 0xffffffff
h[2] = (h[2] + c) & 0xffffffff
h[3] = (h[3] + d) & 0xffffffff
h[4] = (h[4] + e) & 0xffffffff
h[5] = (h[5] + f) & 0xffffffff
h[6] = (h[6] + g) & 0xffffffff
h[7] = (h[7] + h_) & 0xffffffff
# === 步骤 5:输出最终哈希值(十六进制)===
return ''.join(f'{val:08x}' for val in h)
# 辅助函数:右循环移位
def _rotr(x, n):
return ((x >> n) | (x << (32 - n))) & 0xffffffff
# === 测试 ===
if __name__ == "__main__":
msg = "password"
result = sha256(msg)
print(f"Hash: {result}")
|