Left-shift operation in Python is different from the one defined in NIST.FIPS.180-4.pdf #2
Description
Left-shift operation is discribed in NIST.FIPS.180-4.pdf as follow:
2.2.2 Symbols and Operations
The following symbols are used in the secure hash algorithm specifications; each operates onw-
bit words.
<<Left-shift operation, wherex << nis obtained by discarding the left-mostn
bits of the wordxand then padding the result withnzeroes on the right.
In contrast, Python integers are unbounded and the left-shift operator never discards bits. For example, (2 ** 63) << 63 == 2 ** 126 in Python. As the result, the following code def _rotate_right(num: int, shift: int, size: int = 32): """Rotate an integer right.""" return (num >> shift) | (num << size - shift) doesn't really rotate num. Instead, it might result an integer equal or larger than 2 ** 32...
Although the code doesn't literally match the computation specified in NIST.FIPS.180-4.pdf, generate_hash still computes the SHA-256 hash because ^ (num >> 3) in _sigma0, ^ (num >> 10) in _sigma1, and two % 2**32 in t loop in generate_hash trim extra bits, and we might think the code is optimized to reduced the number of % operator. I still think it might be better to explicitly state this in the document string of _rotate_right, and update it to something like """Rotate an integer right for lower 32-bits.""" . Another approach is adding an % 2**32 in _rotate_right to explicitly trim extra bits...