仕様に近い形でソースを書けてた。ruby3.0は少し速くなってるね。Digest::SHA256を使えない環境でも動く。固定長のビット演算モジュールがあればもっと高速に計算できるはず。
# -*- encoding: US-ASCII -*- # SHA-256 implementation of pure ruby. module Purerubysha256 MASK = 0xffffffff def self.rotr(i, n) (i >> n) | (MASK & (i << (32 - n))) end def self.inttostr(i) sprintf("%08X", i) end def self.digest(str) [hexdigest(str)].pack("H*") end def self.hexdigest(str) #H[0]..H[7] h_a = [0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19] # ch(x, y, z) = (x and y) xor (not x and z) ch = lambda {|x, y, z| (x & y) ^ (~x & z)} # Maj(x, y, z) = (x and y) xor (x and z) xor (y and z) maj = lambda {|x, y, z| (x & y) ^ (x & z) ^ (y & z)} # s ss s0 = lambda {|x| rotr(x, 2) ^ rotr(x, 13) ^ rotr(x, 22)} s1 = lambda {|x| rotr(x, 6) ^ rotr(x, 11) ^ rotr(x, 25)} ss0 = lambda {|x| rotr(x, 7) ^ rotr(x, 18) ^ (x >> 3)} ss1 = lambda {|x| rotr(x, 17) ^ rotr(x, 19) ^ (x >> 10)} # K[0]..K[63] k_a = [ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2, ] # "1" is appended. buf = str + ["10000000"].pack("B8") if (56 - buf.size % 64) < 0 (64 + (56 - buf.size % 64)).times do buf += [0].pack("C") end else (56 - buf.size % 64).times do buf += [0].pack("C") end end # set the number of bits in the original message. buf += [sprintf("%016X", str.size * 8)].pack("H*") m_a = [] (buf.size / 64).times do |i| m_a[i] = buf[i * 64, 64] end m_a.each do |m| w = [] # W0 to W15 w = m.unpack("N16") # W16 to W63 (16..63).each do |t| # W(t) = ss1(W(t - 2)) + W(t - 7) + ss0(W(t - 15)) + W(t - 16) w[t] = MASK & (ss1.call(w[t - 2]) + w[t - 7] + ss0.call(w[t - 15]) + w[t - 16]) end a = h_a[0] b = h_a[1] c = h_a[2] d = h_a[3] e = h_a[4] f = h_a[5] g = h_a[6] h = h_a[7] 64.times do |t| # T1 = h + s1(e) + ch(e,f,g) + K(t) + W(t) t1 = MASK & (h + s1.call(e) + ch.call(e, f, g) + k_a[t] + w[t]) # T2 = s0(a) + maj(a,b,c) t2 = MASK & (s0.call(a) + maj.call(a, b, c)) # h = g, g = f, f = e, e = d + T1, d = c, c = b, b = a, a = T1 + T2 h = g g = f f = e e = MASK & (d + t1) d = c c = b b = a a = MASK & (t1 + t2) end # H0 = H0 + A, H1 = H1 + B, H2 = H2 + C, H3 = H3 + D, H4 = H4 + E h_a[0] = MASK & (h_a[0] + a) h_a[1] = MASK & (h_a[1] + b) h_a[2] = MASK & (h_a[2] + c) h_a[3] = MASK & (h_a[3] + d) h_a[4] = MASK & (h_a[4] + e) h_a[5] = MASK & (h_a[5] + f) h_a[6] = MASK & (h_a[6] + g) h_a[7] = MASK & (h_a[7] + h) end str = "" h_a.each do |v| str << inttostr(v) end str end end require 'benchmark' require 'digest/sha2' Benchmark.bm do |x| p "abc" x.report { p Purerubysha256.hexdigest("abc") } x.report { p Digest::SHA256.hexdigest("abc") } p "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" p "" p "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" x.report { p Purerubysha256.hexdigest("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") } x.report { p Digest::SHA256.hexdigest("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") } p "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" p "" p "a * 1000000" buf = "a" * 1000000 x.report { p Purerubysha256.hexdigest(buf) } x.report { p Digest::SHA256.hexdigest(buf) } p "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0" end