diff --git a/Cargo.lock b/Cargo.lock index 75a660c64..e09691d28 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -702,7 +702,7 @@ dependencies = [ [[package]] name = "hax-lib" version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#dc2725b99a689f85331d108c0b8057eb7bf9b8dc" +source = "git+https://github.com/hacspec/hax/?branch=main#c2093b4963099522c65f5cd42b96d6433afb0617" dependencies = [ "hax-lib-macros", "num-bigint", @@ -712,7 +712,7 @@ dependencies = [ [[package]] name = "hax-lib-macros" version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#dc2725b99a689f85331d108c0b8057eb7bf9b8dc" +source = "git+https://github.com/hacspec/hax/?branch=main#c2093b4963099522c65f5cd42b96d6433afb0617" dependencies = [ "hax-lib-macros-types", "paste", @@ -725,7 +725,7 @@ dependencies = [ [[package]] name = "hax-lib-macros-types" version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#dc2725b99a689f85331d108c0b8057eb7bf9b8dc" +source = "git+https://github.com/hacspec/hax/?branch=main#c2093b4963099522c65f5cd42b96d6433afb0617" dependencies = [ "proc-macro2", "quote", diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index 12d9d454e..e4e28910d 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -2,5 +2,5 @@ This code was generated with the following revisions: Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 -F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty -Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 +F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd +Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index eaff82347..4dc60c6c7 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_c61( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( uint8_t value[1568U]); /** @@ -82,7 +82,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_8d1( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk); @@ -95,7 +95,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_721( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( uint8_t value[3168U]); /** @@ -107,7 +107,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_c60( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( uint8_t value[1184U]); /** @@ -120,7 +120,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_8d0( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk); @@ -133,7 +133,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_720( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( uint8_t value[2400U]); /** @@ -145,7 +145,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_c6( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( uint8_t value[800U]); /** @@ -158,7 +158,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_8d( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk); @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_72( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( uint8_t value[1632U]); /** @@ -182,7 +182,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc1( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf1( libcrux_ml_kem_types_MlKemPublicKey_15 *self); /** @@ -194,7 +194,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_fc1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_1f1( uint8_t value[1088U]); /** @@ -206,7 +206,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_471( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_491( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -228,7 +228,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc0( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf0( libcrux_ml_kem_types_MlKemPublicKey_be *self); /** @@ -240,7 +240,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_fc0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_1f0( uint8_t value[768U]); /** @@ -252,7 +252,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_470( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_490( libcrux_ml_kem_types_MlKemCiphertext_e8 *self); /** @@ -274,7 +274,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf( libcrux_ml_kem_types_MlKemPublicKey_1f *self); /** @@ -321,7 +321,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_fc( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_1f( uint8_t value[1568U]); /** @@ -344,7 +344,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_47( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_49( libcrux_ml_kem_types_MlKemCiphertext_1f *self); /** diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index 49e1f29a2..edc4170ea 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -41,7 +41,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_951(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_2e1(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -51,7 +51,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca1( +bool libcrux_ml_kem_ind_cca_validate_private_key_c61( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -69,7 +69,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a1(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -90,7 +90,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c61( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c21( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -116,7 +116,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab1( +void libcrux_ml_kem_ind_cca_decapsulate_0b1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); @@ -128,7 +128,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_950(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_2e0(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -138,7 +138,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca0( +bool libcrux_ml_kem_ind_cca_validate_private_key_c60( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -156,7 +156,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -177,7 +177,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c60( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c20( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -203,7 +203,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab0( +void libcrux_ml_kem_ind_cca_decapsulate_0b0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -215,7 +215,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_95(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_2e(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -225,7 +225,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca( +bool libcrux_ml_kem_ind_cca_validate_private_key_c6( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -242,7 +242,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_2a( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( uint8_t randomness[64U]); /** @@ -264,7 +264,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c6( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c2( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -290,7 +290,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab( +void libcrux_ml_kem_ind_cca_decapsulate_0b( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index f3a967c5f..be78cb001 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __internal_libcrux_mlkem_portable_H @@ -46,7 +46,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c1(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_f71(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -56,7 +56,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_53( +bool libcrux_ml_kem_ind_cca_validate_private_key_ed( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -74,7 +74,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b21(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -95,7 +95,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_131( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_361( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -121,7 +121,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_551( +void libcrux_ml_kem_ind_cca_decapsulate_391( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -133,7 +133,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c0(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_f70(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -143,7 +143,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_24( +bool libcrux_ml_kem_ind_cca_validate_private_key_d8( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -161,7 +161,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -182,7 +182,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_130( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_360( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -208,7 +208,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_550( +void libcrux_ml_kem_ind_cca_decapsulate_390( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); @@ -220,7 +220,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_f7(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -230,7 +230,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_9e( +bool libcrux_ml_kem_ind_cca_validate_private_key_c3( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -248,7 +248,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -269,7 +269,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_13( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_36( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -295,7 +295,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_55( +void libcrux_ml_kem_ind_cca_decapsulate_39( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index ff78ba53c..354aca0c1 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __internal_libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index 063a10640..513206ab2 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __internal_libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index 9b9cd41ce..c0efed48a 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "internal/libcrux_core.h" @@ -91,7 +91,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_c61( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -111,7 +111,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_8d1( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk) { return ( @@ -127,7 +127,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_721( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; @@ -146,7 +146,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_c60( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; @@ -166,7 +166,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_8d0( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( @@ -182,7 +182,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_720( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; @@ -201,7 +201,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_c6( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; @@ -221,7 +221,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_8d( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk) { return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); @@ -236,7 +236,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_72( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; @@ -254,7 +254,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc1( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf1( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -268,7 +268,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_fc1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_1f1( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -287,7 +287,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_471( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_491( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -319,7 +319,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc0( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf0( libcrux_ml_kem_types_MlKemPublicKey_be *self) { return self->value; } @@ -333,7 +333,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_fc0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_1f0( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; @@ -352,7 +352,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_470( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_490( libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -384,7 +384,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_cc( +uint8_t *libcrux_ml_kem_types_as_slice_fd_cf( libcrux_ml_kem_types_MlKemPublicKey_1f *self) { return self->value; } @@ -438,7 +438,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_fc( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_1f( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -476,7 +476,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_47( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_49( libcrux_ml_kem_types_MlKemCiphertext_1f *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index 9d39b6164..f7265777c 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index 4f564c146..0a85a746d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem1024_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index 65f4818c6..31d8304e1 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem1024_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_1b0( +static void decapsulate_ee0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_ab0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_0b0(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_1b0( void libcrux_ml_kem_mlkem1024_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_1b0(private_key, ciphertext, ret); + decapsulate_ee0(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_ac0( +static tuple_21 encapsulate_370( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c60(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_c20(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ac0(uu____0, copy_of_randomness); + return encapsulate_370(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_630( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_200( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_2a0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_630(copy_of_randomness); + return generate_keypair_200(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_550( +static KRML_MUSTINLINE bool validate_private_key_5f0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ca0(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c60(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_550( bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_550(private_key, ciphertext); + return validate_private_key_5f0(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_d30(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_950(public_key); +static KRML_MUSTINLINE bool validate_public_key_4a0(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_2e0(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_d30(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_d30(public_key->value); + return validate_public_key_4a0(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index 5552a8b63..8e758c512 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem1024_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index 01b6def3f..e8df4813a 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem1024_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_861( +static void decapsulate_c81( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_551(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_391(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_861( void libcrux_ml_kem_mlkem1024_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_861(private_key, ciphertext, ret); + decapsulate_c81(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_6f1( +static tuple_21 encapsulate_7d1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_131(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_361(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_6f1(uu____0, copy_of_randomness); + return encapsulate_7d1(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_7f1( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_081( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_b21(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_911(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_7f1(copy_of_randomness); + return generate_keypair_081(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_1e1( +static KRML_MUSTINLINE bool validate_private_key_501( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_53(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_ed(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_1e1( bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_1e1(private_key, ciphertext); + return validate_private_key_501(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_f91(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_3c1(public_key); +static KRML_MUSTINLINE bool validate_public_key_931(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_f71(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_f91(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_f91(public_key->value); + return validate_public_key_931(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index da249a492..fa38f9693 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem1024_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index 75bb82159..2c452d78b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem512_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index 9e27b56f2..a285e9e59 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem512_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_1b(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, +static void decapsulate_ee(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_ab(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_0b(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_1b(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, void libcrux_ml_kem_mlkem512_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_1b(private_key, ciphertext, ret); + decapsulate_ee(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_ac( +static tuple_ec encapsulate_37( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c6(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_c2(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ac(uu____0, copy_of_randomness); + return encapsulate_37(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_63( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_20( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_2a(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_63(copy_of_randomness); + return generate_keypair_20(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_55( +static KRML_MUSTINLINE bool validate_private_key_5f( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ca(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c6(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_55( bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_55(private_key, ciphertext); + return validate_private_key_5f(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_d3(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_95(public_key); +static KRML_MUSTINLINE bool validate_public_key_4a(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_2e(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_d3(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_d3(public_key->value); + return validate_public_key_4a(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 4b8af1f2a..13b581872 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem512_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index 39e4b67b9..25be9d68b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem512_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_860( +static void decapsulate_c80( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_550(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_390(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_860( void libcrux_ml_kem_mlkem512_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_860(private_key, ciphertext, ret); + decapsulate_c80(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_6f0( +static tuple_ec encapsulate_7d0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_130(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_360(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_6f0(uu____0, copy_of_randomness); + return encapsulate_7d0(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_7f0( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_080( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_b20(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_7f0(copy_of_randomness); + return generate_keypair_080(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_1e0( +static KRML_MUSTINLINE bool validate_private_key_500( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_24(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_d8(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_1e0( bool libcrux_ml_kem_mlkem512_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_1e0(private_key, ciphertext); + return validate_private_key_500(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_f90(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_3c0(public_key); +static KRML_MUSTINLINE bool validate_public_key_930(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_f70(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_f90(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_f90(public_key->value); + return validate_public_key_930(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index 3f156c570..71cbfb6fe 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem512_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index 172185891..537ec47e9 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index 1033e69a1..282d5e8f3 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem768_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_1b1( +static void decapsulate_ee1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_ab1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_0b1(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_1b1( void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_1b1(private_key, ciphertext, ret); + decapsulate_ee1(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_ac1( +static tuple_3c encapsulate_371( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c61(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_c21(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ac1(uu____0, copy_of_randomness); + return encapsulate_371(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_631( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_201( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_2a1(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd1(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_631(copy_of_randomness); + return generate_keypair_201(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_551( +static KRML_MUSTINLINE bool validate_private_key_5f1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ca1(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c61(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_551( bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_551(private_key, ciphertext); + return validate_private_key_5f1(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_d31(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_951(public_key); +static KRML_MUSTINLINE bool validate_public_key_4a1(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_2e1(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_d31(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_d31(public_key->value); + return validate_public_key_4a1(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index 4d8d496ac..36ab7426f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index 4f102ff81..fae5cc397 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_mlkem768_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_86( +static void decapsulate_c8( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_55(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_39(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_86( void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_86(private_key, ciphertext, ret); + decapsulate_c8(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_6f( +static tuple_3c encapsulate_7d( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_13(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_36(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_6f(uu____0, copy_of_randomness); + return encapsulate_7d(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_7f( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_08( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_b2(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_7f(copy_of_randomness); + return generate_keypair_08(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_1e( +static KRML_MUSTINLINE bool validate_private_key_50( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_9e(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c3(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_1e( bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_1e(private_key, ciphertext); + return validate_private_key_50(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_f9(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_3c(public_key); +static KRML_MUSTINLINE bool validate_public_key_93(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_f7(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_f9(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_f9(public_key->value); + return validate_public_key_93(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index a3cebbef2..ff60c10cb 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 18db095f7..97b6fd741 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "internal/libcrux_mlkem_avx2.h" @@ -1068,7 +1068,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_ec(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_b8(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -1088,7 +1088,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_fb1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -1102,7 +1102,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_ec(ring_element); + deserialize_to_reduced_ring_element_b8(ring_element); deserialized_pk[i0] = uu____0; } } @@ -1113,13 +1113,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_851( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_bf1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_7d();); - deserialize_ring_elements_reduced_3d1(public_key, deserialized_pk); + deserialize_ring_elements_reduced_fb1(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -1130,7 +1130,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_d1(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_e4(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1143,8 +1143,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_09 with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_09_bb(__m256i vector) { - return shift_right_d1(vector); +static __m256i shift_right_09_92(__m256i vector) { + return shift_right_e4(vector); } /** @@ -1154,25 +1154,35 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static __m256i to_unsigned_representative_b5(__m256i a) { - __m256i t = shift_right_09_bb(a); + __m256i t = shift_right_09_92(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); } +/** +A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics + +*/ +static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_88(__m256i a) { + return to_unsigned_representative_b5(a); +} + /** A monomorphic instance of libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_88( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_b8( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_representative_b5(re->coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_88(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1180,7 +1190,9 @@ static KRML_MUSTINLINE void serialize_uncompressed_ring_element_88( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); + uint8_t result[384U]; + memcpy(result, serialized, (size_t)384U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)384U * sizeof(uint8_t)); } /** @@ -1190,7 +1202,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_721( +static KRML_MUSTINLINE void serialize_secret_key_051( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -1208,7 +1220,7 @@ static KRML_MUSTINLINE void serialize_secret_key_721( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_88(&re, ret0); + serialize_uncompressed_ring_element_b8(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -1223,13 +1235,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_821( +static KRML_MUSTINLINE void serialize_public_key_mut_7b1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_721(t_as_ntt, ret); + serialize_secret_key_051(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1246,11 +1258,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_391( +static KRML_MUSTINLINE void serialize_public_key_f71( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_821(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_7b1(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1184U]; memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); @@ -1264,15 +1276,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_951(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_2e1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_851( + deserialize_ring_elements_reduced_out_bf1( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_391( + serialize_public_key_f71( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1302,7 +1314,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca1( +bool libcrux_ml_kem_ind_cca_validate_private_key_c61( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -1414,7 +1426,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7e1( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_0e1( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2384,7 +2396,7 @@ static void generate_keypair_unpacked_4a1( IndCpaPrivateKeyUnpacked_a0 *private_key, IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7e1(key_generation_seed, hashed); + cpa_keygen_seed_d8_0e1(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -2435,18 +2447,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_1c1( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_1e1( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_191(); IndCpaPublicKeyUnpacked_a0 public_key = default_8d_801(); generate_keypair_unpacked_4a1(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_391( + serialize_public_key_f71( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_721(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_051(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2470,7 +2482,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_281( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b1( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2526,7 +2538,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a1(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2535,13 +2547,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a1(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_1c1(ind_cpa_keypair_randomness); + generate_keypair_1e1(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_281( + serialize_kem_secret_key_7b1( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2550,13 +2562,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a1(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_720(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d0( - uu____2, libcrux_ml_kem_types_from_5a_c60(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f60( + uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); } /** @@ -2569,7 +2581,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_7b1(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_441(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -2586,7 +2598,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_461(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_2d1(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_7d();); @@ -2654,7 +2666,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_f8( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_92( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2675,7 +2687,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_de( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_7a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2694,7 +2706,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_0f( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_2e( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16(i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -2711,7 +2723,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_cb(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_57(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); @@ -2741,7 +2753,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_0f( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_cb( + inv_ntt_layer_int_vec_step_reduce_57( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2758,13 +2770,13 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_4a1( +static KRML_MUSTINLINE void invert_ntt_montgomery_0c1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f8(&zeta_i, re); - invert_ntt_at_layer_2_de(&zeta_i, re); - invert_ntt_at_layer_3_0f(&zeta_i, re); + invert_ntt_at_layer_1_92(&zeta_i, re); + invert_ntt_at_layer_2_7a(&zeta_i, re); + invert_ntt_at_layer_3_2e(&zeta_i, re); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)4U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)5U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)6U); @@ -2783,7 +2795,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_84( +static KRML_MUSTINLINE void add_error_reduce_ef_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -2804,7 +2816,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_a91( +static KRML_MUSTINLINE void compute_vector_u_7f1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -2834,8 +2846,8 @@ static KRML_MUSTINLINE void compute_vector_u_a91( ntt_multiply_ef_63(a_element, &r_as_ntt[j]); add_to_ring_element_ef_311(&result0[i1], &product); } - invert_ntt_montgomery_4a1(&result0[i1]); - add_error_reduce_ef_84(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_0c1(&result0[i1]); + add_error_reduce_ef_a2(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( @@ -2852,7 +2864,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_14(__m256i vec) { +static __m256i decompress_1_46(__m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09(s, @@ -2866,7 +2878,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_a6(uint8_t serialized[32U]) { +deserialize_then_decompress_message_4f(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -2875,7 +2887,7 @@ deserialize_then_decompress_message_a6(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_14(coefficient_compressed);); + re.coefficients[i0] = decompress_1_46(coefficient_compressed);); return re; } @@ -2891,7 +2903,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_ef_b0( +add_message_error_reduce_ef_df( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -2918,7 +2930,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_e61( +compute_ring_element_v_ac1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -2928,8 +2940,8 @@ compute_ring_element_v_e61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_311(&result, &product);); - invert_ntt_montgomery_4a1(&result); - result = add_message_error_reduce_ef_b0(error_2, message, result); + invert_ntt_montgomery_0c1(&result); + result = add_message_error_reduce_ef_df(error_2, message, result); return result; } @@ -2940,7 +2952,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_57(__m256i vector) { +compress_ciphertext_coefficient_b6(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -2987,8 +2999,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_09_a1(__m256i vector) { - return compress_ciphertext_coefficient_57(vector); +static __m256i compress_09_46(__m256i vector) { + return compress_ciphertext_coefficient_b6(vector); } /** @@ -2997,14 +3009,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_0a0( +static KRML_MUSTINLINE void compress_then_serialize_10_6b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_a1(to_unsigned_representative_b5(re->coefficients[i0])); + compress_09_46(to_unsigned_field_modulus_88(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3012,7 +3024,9 @@ static KRML_MUSTINLINE void compress_then_serialize_10_0a0( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + memcpy(result, serialized, (size_t)320U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3022,7 +3036,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_570(__m256i vector) { +compress_ciphertext_coefficient_b60(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3069,8 +3083,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_09_a10(__m256i vector) { - return compress_ciphertext_coefficient_570(vector); +static __m256i compress_09_460(__m256i vector) { + return compress_ciphertext_coefficient_b60(vector); } /** @@ -3080,10 +3094,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_130( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_430( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_0a0(re, uu____0); + compress_then_serialize_10_6b0(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3096,7 +3110,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_491( +static void compress_then_serialize_u_6d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3112,7 +3126,7 @@ static void compress_then_serialize_u_491( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_130(&re, ret); + compress_then_serialize_ring_element_u_430(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3125,7 +3139,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_571(__m256i vector) { +compress_ciphertext_coefficient_b61(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3172,8 +3186,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_09_a11(__m256i vector) { - return compress_ciphertext_coefficient_571(vector); +static __m256i compress_09_461(__m256i vector) { + return compress_ciphertext_coefficient_b61(vector); } /** @@ -3182,16 +3196,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_22( +static KRML_MUSTINLINE void compress_then_serialize_4_85( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_a11(to_unsigned_representative_b5(re.coefficients[i0])); + compress_09_461(to_unsigned_field_modulus_88(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); Eurydice_slice_copy( @@ -3208,7 +3220,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_572(__m256i vector) { +compress_ciphertext_coefficient_b62(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3255,8 +3267,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_09_a12(__m256i vector) { - return compress_ciphertext_coefficient_572(vector); +static __m256i compress_09_462(__m256i vector) { + return compress_ciphertext_coefficient_b62(vector); } /** @@ -3265,16 +3277,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_10( +static KRML_MUSTINLINE void compress_then_serialize_5_c3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_09_a12(to_unsigned_representative_b5(re.coefficients[i0])); + compress_09_462(to_unsigned_representative_b5(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); Eurydice_slice_copy( @@ -3291,9 +3301,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_460( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_610( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_22(re, out); + compress_then_serialize_4_85(re, out); } /** @@ -3313,7 +3323,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_671(IndCpaPublicKeyUnpacked_a0 *public_key, +static void encrypt_unpacked_721(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -3332,7 +3342,7 @@ static void encrypt_unpacked_671(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b0 uu____3 = - sample_ring_element_cbd_461(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_2d1(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -3346,25 +3356,25 @@ static void encrypt_unpacked_671(IndCpaPublicKeyUnpacked_a0 *public_key, sample_from_binomial_distribution_73( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_a91(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_7f1(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_a6(copy_of_message); + deserialize_then_decompress_message_4f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_e61(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_ac1(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_491( + compress_then_serialize_u_6d1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_460( + compress_then_serialize_ring_element_v_610( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3387,10 +3397,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_601(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_691(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_801(); - deserialize_ring_elements_reduced_3d1( + deserialize_ring_elements_reduced_fb1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -3405,7 +3415,7 @@ static void encrypt_601(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1088U]; - encrypt_unpacked_671(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_721(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } @@ -3420,7 +3430,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_5a1(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_541(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3447,11 +3457,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c61( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c21( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_7b1( + entropy_preprocess_d8_441( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -3461,7 +3471,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c61( size_t); uint8_t ret[32U]; H_a9_161(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cc1(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cf1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -3475,19 +3485,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c61( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cc1(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cf1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_601(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_691(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_fc1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_5a1(shared_secret, shared_secret_array); + kdf_d8_541(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -3507,7 +3517,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_d1(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_59(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -3525,7 +3535,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_941( +static KRML_MUSTINLINE void deserialize_secret_key_181( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -3542,7 +3552,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_941( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_d1(secret_bytes); + deserialize_to_uncompressed_ring_element_59(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; @@ -3561,7 +3571,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_c7(__m256i vector) { +decompress_ciphertext_coefficient_74(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3605,8 +3615,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_09_79(__m256i vector) { - return decompress_ciphertext_coefficient_c7(vector); +static __m256i decompress_ciphertext_coefficient_09_da(__m256i vector) { + return decompress_ciphertext_coefficient_74(vector); } /** @@ -3616,7 +3626,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_2d(Eurydice_slice serialized) { +deserialize_then_decompress_10_3d(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -3629,7 +3639,7 @@ deserialize_then_decompress_10_2d(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_79(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_da(coefficient); } return re; } @@ -3641,7 +3651,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_c70(__m256i vector) { +decompress_ciphertext_coefficient_740(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3685,8 +3695,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_09_790(__m256i vector) { - return decompress_ciphertext_coefficient_c70(vector); +static __m256i decompress_ciphertext_coefficient_09_da0(__m256i vector) { + return decompress_ciphertext_coefficient_740(vector); } /** @@ -3696,7 +3706,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_57(Eurydice_slice serialized) { +deserialize_then_decompress_11_1a(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -3704,7 +3714,7 @@ deserialize_then_decompress_11_57(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_790(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_da0(coefficient); } return re; } @@ -3716,8 +3726,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_cc0(Eurydice_slice serialized) { - return deserialize_then_decompress_10_2d(serialized); +deserialize_then_decompress_ring_element_u_880(Eurydice_slice serialized) { + return deserialize_then_decompress_10_3d(serialized); } /** @@ -3726,7 +3736,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_600( +static KRML_MUSTINLINE void ntt_vector_u_2c0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)7U); @@ -3747,7 +3757,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_841( +static KRML_MUSTINLINE void deserialize_then_decompress_u_a81( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -3770,8 +3780,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_841( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cc0(u_bytes); - ntt_vector_u_600(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_880(u_bytes); + ntt_vector_u_2c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -3785,7 +3795,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_c71(__m256i vector) { +decompress_ciphertext_coefficient_741(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3829,8 +3839,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_09_791(__m256i vector) { - return decompress_ciphertext_coefficient_c71(vector); +static __m256i decompress_ciphertext_coefficient_09_da1(__m256i vector) { + return decompress_ciphertext_coefficient_741(vector); } /** @@ -3840,7 +3850,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_39(Eurydice_slice serialized) { +deserialize_then_decompress_4_f1(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -3848,7 +3858,7 @@ deserialize_then_decompress_4_39(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_791(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_da1(coefficient); } return re; } @@ -3860,7 +3870,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_c72(__m256i vector) { +decompress_ciphertext_coefficient_742(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3904,8 +3914,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_09_792(__m256i vector) { - return decompress_ciphertext_coefficient_c72(vector); +static __m256i decompress_ciphertext_coefficient_09_da2(__m256i vector) { + return decompress_ciphertext_coefficient_742(vector); } /** @@ -3915,7 +3925,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_7b(Eurydice_slice serialized) { +deserialize_then_decompress_5_7e(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -3924,7 +3934,7 @@ deserialize_then_decompress_5_7b(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_09_792(re.coefficients[i0]); + decompress_ciphertext_coefficient_09_da2(re.coefficients[i0]); } return re; } @@ -3936,8 +3946,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_800(Eurydice_slice serialized) { - return deserialize_then_decompress_4_39(serialized); +deserialize_then_decompress_ring_element_v_050(Eurydice_slice serialized) { + return deserialize_then_decompress_4_f1(serialized); } /** @@ -3952,7 +3962,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_ef_79(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +subtract_reduce_ef_27(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3974,7 +3984,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_781( +compute_message_a41( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -3983,8 +3993,8 @@ compute_message_781( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_311(&result, &product);); - invert_ntt_montgomery_4a1(&result); - result = subtract_reduce_ef_79(v, result); + invert_ntt_montgomery_0c1(&result); + result = subtract_reduce_ef_27(v, result); return result; } @@ -3994,12 +4004,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_e4( +static KRML_MUSTINLINE void compress_then_serialize_message_d2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_representative_b5(re.coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_88(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); uint8_t bytes[2U]; @@ -4009,7 +4019,9 @@ static KRML_MUSTINLINE void compress_then_serialize_message_e4( Eurydice_slice_copy(uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t);); - memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + memcpy(result, serialized, (size_t)32U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -4022,18 +4034,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_cb1(IndCpaPrivateKeyUnpacked_a0 *secret_key, +static void decrypt_unpacked_e51(IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_841(ciphertext, u_as_ntt); + deserialize_then_decompress_u_a81(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_800( + deserialize_then_decompress_ring_element_v_050( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_781(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_a41(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_e4(message, ret0); + compress_then_serialize_message_d2(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4047,10 +4059,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_b81(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_981(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_941(secret_key, secret_as_ntt); + deserialize_secret_key_181(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -4061,7 +4073,7 @@ static void decrypt_b81(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t result[32U]; - decrypt_unpacked_cb1(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_e51(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -4113,7 +4125,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab1( +void libcrux_ml_kem_ind_cca_decapsulate_0b1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4131,7 +4143,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_b81(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_981(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -4153,7 +4165,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab1( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_471(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_491(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_423(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -4163,17 +4175,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab1( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_601(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_691(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_5a1(Eurydice_array_to_slice( + kdf_d8_541(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_5a1(shared_secret0, shared_secret1); + kdf_d8_541(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_471(ciphertext), + libcrux_ml_kem_types_as_ref_00_491(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4188,7 +4200,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_fb( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -4202,7 +4214,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_ec(ring_element); + deserialize_to_reduced_ring_element_b8(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4213,13 +4225,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_850( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_bf0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_7d();); - deserialize_ring_elements_reduced_3d(public_key, deserialized_pk); + deserialize_ring_elements_reduced_fb(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -4232,7 +4244,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_72( +static KRML_MUSTINLINE void serialize_secret_key_05( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -4250,7 +4262,7 @@ static KRML_MUSTINLINE void serialize_secret_key_72( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_88(&re, ret0); + serialize_uncompressed_ring_element_b8(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4265,13 +4277,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_82( +static KRML_MUSTINLINE void serialize_public_key_mut_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_72(t_as_ntt, ret); + serialize_secret_key_05(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4288,11 +4300,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_39( +static KRML_MUSTINLINE void serialize_public_key_f7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_82(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_7b(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1568U]; memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); @@ -4306,15 +4318,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_950(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_2e0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_850( + deserialize_ring_elements_reduced_out_bf0( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_39( + serialize_public_key_f7( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4344,7 +4356,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca0( +bool libcrux_ml_kem_ind_cca_validate_private_key_c60( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -4464,7 +4476,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7e( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_0e( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5078,7 +5090,7 @@ static void generate_keypair_unpacked_4a( IndCpaPrivateKeyUnpacked_01 *private_key, IndCpaPublicKeyUnpacked_01 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7e(key_generation_seed, hashed); + cpa_keygen_seed_d8_0e(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5129,18 +5141,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_1c0( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_1e0( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_01 private_key = default_1a_19(); IndCpaPublicKeyUnpacked_01 public_key = default_8d_80(); generate_keypair_unpacked_4a(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_39( + serialize_public_key_f7( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_72(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_05(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5164,7 +5176,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_280( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5220,7 +5232,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5229,13 +5241,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_1c0(ind_cpa_keypair_randomness); + generate_keypair_1e0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_280( + serialize_kem_secret_key_7b0( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5244,13 +5256,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_721(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d1( - uu____2, libcrux_ml_kem_types_from_5a_c61(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f61( + uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); } /** @@ -5263,7 +5275,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_7b0(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_440(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5280,7 +5292,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_46(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_2d(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_7d();); @@ -5336,13 +5348,13 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_4a( +static KRML_MUSTINLINE void invert_ntt_montgomery_0c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f8(&zeta_i, re); - invert_ntt_at_layer_2_de(&zeta_i, re); - invert_ntt_at_layer_3_0f(&zeta_i, re); + invert_ntt_at_layer_1_92(&zeta_i, re); + invert_ntt_at_layer_2_7a(&zeta_i, re); + invert_ntt_at_layer_3_2e(&zeta_i, re); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)4U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)5U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)6U); @@ -5356,7 +5368,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_a9( +static KRML_MUSTINLINE void compute_vector_u_7f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -5386,8 +5398,8 @@ static KRML_MUSTINLINE void compute_vector_u_a9( ntt_multiply_ef_63(a_element, &r_as_ntt[j]); add_to_ring_element_ef_31(&result0[i1], &product); } - invert_ntt_montgomery_4a(&result0[i1]); - add_error_reduce_ef_84(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_0c(&result0[i1]); + add_error_reduce_ef_a2(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; memcpy( @@ -5405,7 +5417,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_e6( +compute_ring_element_v_ac( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -5415,8 +5427,8 @@ compute_ring_element_v_e6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_31(&result, &product);); - invert_ntt_montgomery_4a(&result); - result = add_message_error_reduce_ef_b0(error_2, message, result); + invert_ntt_montgomery_0c(&result); + result = add_message_error_reduce_ef_df(error_2, message, result); return result; } @@ -5426,14 +5438,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_78( +static KRML_MUSTINLINE void compress_then_serialize_11_99( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_a10(to_unsigned_representative_b5(re->coefficients[i0])); + compress_09_460(to_unsigned_representative_b5(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5451,10 +5463,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_13( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_43( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_78(re, uu____0); + compress_then_serialize_11_99(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -5467,7 +5479,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_49( +static void compress_then_serialize_u_6d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -5483,7 +5495,7 @@ static void compress_then_serialize_u_49( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_13(&re, ret); + compress_then_serialize_ring_element_u_43(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5496,9 +5508,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_46( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_10(re, out); + compress_then_serialize_5_c3(re, out); } /** @@ -5518,7 +5530,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_67(IndCpaPublicKeyUnpacked_01 *public_key, +static void encrypt_unpacked_72(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -5536,7 +5548,7 @@ static void encrypt_unpacked_67(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_71 uu____3 = - sample_ring_element_cbd_46(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_2d(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -5550,25 +5562,25 @@ static void encrypt_unpacked_67(IndCpaPublicKeyUnpacked_01 *public_key, sample_from_binomial_distribution_73( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_a9(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_7f(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_a6(copy_of_message); + deserialize_then_decompress_message_4f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_e6(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_ac(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_49( + compress_then_serialize_u_6d( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_46( + compress_then_serialize_ring_element_v_61( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -5591,10 +5603,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_600(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_690(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_80(); - deserialize_ring_elements_reduced_3d( + deserialize_ring_elements_reduced_fb( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5609,7 +5621,7 @@ static void encrypt_600(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1568U]; - encrypt_unpacked_67(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_72(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } @@ -5624,7 +5636,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_5a0(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_540(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5651,11 +5663,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c60( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c20( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_7b0( + entropy_preprocess_d8_440( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5665,7 +5677,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c60( size_t); uint8_t ret[32U]; H_a9_16(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cc(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cf(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5679,19 +5691,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_c60( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cc(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cf(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_600(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_690(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_fc(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_5a0(shared_secret, shared_secret_array); + kdf_d8_540(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -5710,7 +5722,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_940( +static KRML_MUSTINLINE void deserialize_secret_key_180( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; @@ -5727,7 +5739,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_940( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_d1(secret_bytes); + deserialize_to_uncompressed_ring_element_59(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; @@ -5746,8 +5758,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_cc(Eurydice_slice serialized) { - return deserialize_then_decompress_11_57(serialized); +deserialize_then_decompress_ring_element_u_88(Eurydice_slice serialized) { + return deserialize_then_decompress_11_1a(serialized); } /** @@ -5756,7 +5768,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_60( +static KRML_MUSTINLINE void ntt_vector_u_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)7U); @@ -5777,7 +5789,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_84( +static KRML_MUSTINLINE void deserialize_then_decompress_u_a8( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; @@ -5800,8 +5812,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_84( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cc(u_bytes); - ntt_vector_u_60(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_88(u_bytes); + ntt_vector_u_2c(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -5815,8 +5827,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_80(Eurydice_slice serialized) { - return deserialize_then_decompress_5_7b(serialized); +deserialize_then_decompress_ring_element_v_05(Eurydice_slice serialized) { + return deserialize_then_decompress_5_7e(serialized); } /** @@ -5826,7 +5838,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_78( +compute_message_a4( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -5835,8 +5847,8 @@ compute_message_78( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_31(&result, &product);); - invert_ntt_montgomery_4a(&result); - result = subtract_reduce_ef_79(v, result); + invert_ntt_montgomery_0c(&result); + result = subtract_reduce_ef_27(v, result); return result; } @@ -5850,18 +5862,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_cb(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_e5(IndCpaPrivateKeyUnpacked_01 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_84(ciphertext, u_as_ntt); + deserialize_then_decompress_u_a8(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_80( + deserialize_then_decompress_ring_element_v_05( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_78(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_a4(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_e4(message, ret0); + compress_then_serialize_message_d2(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5875,10 +5887,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_b80(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_980(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_940(secret_key, secret_as_ntt); + deserialize_secret_key_180(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; memcpy( @@ -5889,7 +5901,7 @@ static void decrypt_b80(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t result[32U]; - decrypt_unpacked_cb(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_e5(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -5929,7 +5941,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab0( +void libcrux_ml_kem_ind_cca_decapsulate_0b0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5947,7 +5959,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_b80(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_980(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -5969,7 +5981,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_47(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_49(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_42(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -5979,17 +5991,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_600(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_690(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_5a0(Eurydice_array_to_slice( + kdf_d8_540(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_5a0(shared_secret0, shared_secret1); + kdf_d8_540(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_47(ciphertext), + libcrux_ml_kem_types_as_ref_00_49(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6004,7 +6016,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_fb0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6018,7 +6030,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_3d0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_ec(ring_element); + deserialize_to_reduced_ring_element_b8(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6029,13 +6041,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_85( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_bf( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_7d();); - deserialize_ring_elements_reduced_3d0(public_key, deserialized_pk); + deserialize_ring_elements_reduced_fb0(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -6048,7 +6060,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_720( +static KRML_MUSTINLINE void serialize_secret_key_050( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -6066,7 +6078,7 @@ static KRML_MUSTINLINE void serialize_secret_key_720( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_88(&re, ret0); + serialize_uncompressed_ring_element_b8(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -6081,13 +6093,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_820( +static KRML_MUSTINLINE void serialize_public_key_mut_7b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_720(t_as_ntt, ret); + serialize_secret_key_050(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6104,11 +6116,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_390( +static KRML_MUSTINLINE void serialize_public_key_f70( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_820(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_7b0(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[800U]; memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); @@ -6122,15 +6134,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_95(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_2e(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_85( + deserialize_ring_elements_reduced_out_bf( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_390( + serialize_public_key_f70( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6160,7 +6172,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ca( +bool libcrux_ml_kem_ind_cca_validate_private_key_c6( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -6266,7 +6278,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7e0( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_0e0( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6873,7 +6885,7 @@ static void generate_keypair_unpacked_4a0( IndCpaPrivateKeyUnpacked_d6 *private_key, IndCpaPublicKeyUnpacked_d6 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7e0(key_generation_seed, hashed); + cpa_keygen_seed_d8_0e0(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6924,18 +6936,18 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_1c( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_1e( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_190(); IndCpaPublicKeyUnpacked_d6 public_key = default_8d_800(); generate_keypair_unpacked_4a0(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_390( + serialize_public_key_f70( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_720(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_050(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6959,7 +6971,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_28( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -7014,7 +7026,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_2a( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -7024,13 +7036,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_2a( LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_1c(ind_cpa_keypair_randomness); + generate_keypair_1e(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_28( + serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7039,13 +7051,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_2a( memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -7058,7 +7070,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_7b(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_44(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7121,7 +7133,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_460(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_2d0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_7d();); @@ -7177,13 +7189,13 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_4a0( +static KRML_MUSTINLINE void invert_ntt_montgomery_0c0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f8(&zeta_i, re); - invert_ntt_at_layer_2_de(&zeta_i, re); - invert_ntt_at_layer_3_0f(&zeta_i, re); + invert_ntt_at_layer_1_92(&zeta_i, re); + invert_ntt_at_layer_2_7a(&zeta_i, re); + invert_ntt_at_layer_3_2e(&zeta_i, re); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)4U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)5U); invert_ntt_at_layer_4_plus_0f(&zeta_i, re, (size_t)6U); @@ -7197,7 +7209,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_a90( +static KRML_MUSTINLINE void compute_vector_u_7f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -7227,8 +7239,8 @@ static KRML_MUSTINLINE void compute_vector_u_a90( ntt_multiply_ef_63(a_element, &r_as_ntt[j]); add_to_ring_element_ef_310(&result0[i1], &product); } - invert_ntt_montgomery_4a0(&result0[i1]); - add_error_reduce_ef_84(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_0c0(&result0[i1]); + add_error_reduce_ef_a2(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; memcpy( @@ -7246,7 +7258,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_e60( +compute_ring_element_v_ac0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -7256,8 +7268,8 @@ compute_ring_element_v_e60( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_310(&result, &product);); - invert_ntt_montgomery_4a0(&result); - result = add_message_error_reduce_ef_b0(error_2, message, result); + invert_ntt_montgomery_0c0(&result); + result = add_message_error_reduce_ef_df(error_2, message, result); return result; } @@ -7270,7 +7282,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_490( +static void compress_then_serialize_u_6d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7286,7 +7298,7 @@ static void compress_then_serialize_u_490( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_130(&re, ret); + compress_then_serialize_ring_element_u_430(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7309,7 +7321,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_670(IndCpaPublicKeyUnpacked_d6 *public_key, +static void encrypt_unpacked_720(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -7327,7 +7339,7 @@ static void encrypt_unpacked_670(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_74 uu____3 = - sample_ring_element_cbd_460(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_2d0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7341,25 +7353,25 @@ static void encrypt_unpacked_670(IndCpaPublicKeyUnpacked_d6 *public_key, sample_from_binomial_distribution_73( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_a90(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_7f0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_a6(copy_of_message); + deserialize_then_decompress_message_4f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_e60(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_ac0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_490( + compress_then_serialize_u_6d0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_460( + compress_then_serialize_ring_element_v_610( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7382,10 +7394,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_60(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_69(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_800(); - deserialize_ring_elements_reduced_3d0( + deserialize_ring_elements_reduced_fb0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -7400,7 +7412,7 @@ static void encrypt_60(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[768U]; - encrypt_unpacked_670(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_720(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); } @@ -7415,7 +7427,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_5a(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_54(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7442,11 +7454,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c6( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c2( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_7b( + entropy_preprocess_d8_44( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -7456,7 +7468,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c6( size_t); uint8_t ret[32U]; H_a9_160(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cc0(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cf0(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -7470,19 +7482,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_c6( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cc0(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cf0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_60(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_69(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_fc0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_5a(shared_secret, shared_secret_array); + kdf_d8_54(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -7501,7 +7513,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_94( +static KRML_MUSTINLINE void deserialize_secret_key_18( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; @@ -7518,7 +7530,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_94( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_d1(secret_bytes); + deserialize_to_uncompressed_ring_element_59(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; @@ -7538,7 +7550,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_840( +static KRML_MUSTINLINE void deserialize_then_decompress_u_a80( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; @@ -7561,8 +7573,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_840( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cc0(u_bytes); - ntt_vector_u_600(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_880(u_bytes); + ntt_vector_u_2c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -7576,7 +7588,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_780( +compute_message_a40( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -7585,8 +7597,8 @@ compute_message_780( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_310(&result, &product);); - invert_ntt_montgomery_4a0(&result); - result = subtract_reduce_ef_79(v, result); + invert_ntt_montgomery_0c0(&result); + result = subtract_reduce_ef_27(v, result); return result; } @@ -7600,18 +7612,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_cb0(IndCpaPrivateKeyUnpacked_d6 *secret_key, +static void decrypt_unpacked_e50(IndCpaPrivateKeyUnpacked_d6 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_840(ciphertext, u_as_ntt); + deserialize_then_decompress_u_a80(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_800( + deserialize_then_decompress_ring_element_v_050( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_780(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_a40(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_e4(message, ret0); + compress_then_serialize_message_d2(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7625,10 +7637,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_b8(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_98(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_94(secret_key, secret_as_ntt); + deserialize_secret_key_18(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; memcpy( @@ -7639,7 +7651,7 @@ static void decrypt_b8(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t result[32U]; - decrypt_unpacked_cb0(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_e50(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -7679,7 +7691,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_ab( +void libcrux_ml_kem_ind_cca_decapsulate_0b( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7697,7 +7709,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_b8(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_98(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7719,7 +7731,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_470(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_490(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_421(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7729,16 +7741,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_ab( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_60(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_69(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_5a(Eurydice_array_to_slice((size_t)32U, + kdf_d8_54(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_5a(shared_secret0, shared_secret1); + kdf_d8_54(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_470(ciphertext), + libcrux_ml_kem_types_as_ref_00_490(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index 679ea6f82..705b94d1c 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index ccc6f3b26..65f4405d5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "internal/libcrux_mlkem_portable.h" @@ -1146,15 +1146,15 @@ uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_compress_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - v.elements[i0] = (int16_t) + a.elements[i0] = (int16_t) libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( - (uint16_t)v.elements[i0]); + (uint16_t)a.elements[i0]); } - return v; + return a; } /** @@ -1163,8 +1163,8 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_1_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_1(v); + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_1(a); } KRML_MUSTINLINE uint32_t @@ -2318,7 +2318,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_d3(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_8a(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -2340,7 +2340,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_bb( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2354,7 +2354,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_d3(ring_element); + deserialize_to_reduced_ring_element_8a(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2365,13 +2365,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_581( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_611( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_19();); - deserialize_ring_elements_reduced_8b(public_key, deserialized_pk); + deserialize_ring_elements_reduced_bb(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -2383,7 +2383,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_95(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +shift_right_3c(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2402,8 +2402,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_64(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_95(v); +shift_right_0d_3e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_3c(v); } /** @@ -2416,27 +2416,41 @@ static libcrux_ml_kem_vector_portable_vector_type_PortableVector to_unsigned_representative_9f( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_64(a); + shift_right_0d_3e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_portable_add_0d(a, &fm); } +/** +A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +to_unsigned_field_modulus_c4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector result = + to_unsigned_representative_9f(a); + return result; +} + /** A monomorphic instance of libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_c4( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_c6( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_9f(re->coefficients[i0]); + to_unsigned_field_modulus_c4(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2444,7 +2458,9 @@ static KRML_MUSTINLINE void serialize_uncompressed_ring_element_c4( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); + uint8_t result[384U]; + memcpy(result, serialized, (size_t)384U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)384U * sizeof(uint8_t)); } /** @@ -2454,7 +2470,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_80( +static KRML_MUSTINLINE void serialize_secret_key_1d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -2472,7 +2488,7 @@ static KRML_MUSTINLINE void serialize_secret_key_80( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c4(&re, ret0); + serialize_uncompressed_ring_element_c6(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -2487,13 +2503,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_1d( +static KRML_MUSTINLINE void serialize_public_key_mut_0d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_80(t_as_ntt, ret); + serialize_secret_key_1d(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2510,11 +2526,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_96( +static KRML_MUSTINLINE void serialize_public_key_8c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_1d(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_0d(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1568U]; memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); @@ -2528,15 +2544,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c1(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_f71(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_581( + deserialize_ring_elements_reduced_out_611( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_96( + serialize_public_key_8c( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2566,7 +2582,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_53( +bool libcrux_ml_kem_ind_cca_validate_private_key_ed( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -2686,7 +2702,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_61( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_39( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -3664,7 +3680,7 @@ static void generate_keypair_unpacked_86( IndCpaPrivateKeyUnpacked_42 *private_key, IndCpaPublicKeyUnpacked_42 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_61(key_generation_seed, hashed); + cpa_keygen_seed_d8_39(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -3715,18 +3731,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_ea1( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_791( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_42 private_key = default_1a_a3(); IndCpaPublicKeyUnpacked_42 public_key = default_8d_6b(); generate_keypair_unpacked_86(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_96( + serialize_public_key_8c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_80(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_1d(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3750,7 +3766,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_bb( +static KRML_MUSTINLINE void serialize_kem_secret_key_64( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3806,7 +3822,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b21(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3815,13 +3831,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b21(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_ea1(ind_cpa_keypair_randomness); + generate_keypair_791(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_bb( + serialize_kem_secret_key_64( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3830,13 +3846,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b21(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_721(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d1( - uu____2, libcrux_ml_kem_types_from_5a_c61(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f61( + uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); } /** @@ -3849,7 +3865,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_f3(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_8d(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3867,7 +3883,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_72(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_f9(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_19();); @@ -3935,7 +3951,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_2e( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_9d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3956,7 +3972,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_42( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_82( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3975,7 +3991,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_0c( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_be( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3995,7 +4011,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_1b( + inv_ntt_layer_int_vec_step_reduce_66( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4015,7 +4031,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_6a( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_8c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -4030,7 +4046,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_6a( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_1b( + inv_ntt_layer_int_vec_step_reduce_66( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4047,17 +4063,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_04( +static KRML_MUSTINLINE void invert_ntt_montgomery_45( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2e(&zeta_i, re); - invert_ntt_at_layer_2_42(&zeta_i, re); - invert_ntt_at_layer_3_0c(&zeta_i, re); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)7U); + invert_ntt_at_layer_1_9d(&zeta_i, re); + invert_ntt_at_layer_2_82(&zeta_i, re); + invert_ntt_at_layer_3_be(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); poly_barrett_reduce_ef_0a(re); } @@ -4072,7 +4088,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_15( +static KRML_MUSTINLINE void add_error_reduce_ef_bd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4096,7 +4112,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_02( +static KRML_MUSTINLINE void compute_vector_u_cc( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4126,8 +4142,8 @@ static KRML_MUSTINLINE void compute_vector_u_02( ntt_multiply_ef_76(a_element, &r_as_ntt[j]); add_to_ring_element_ef_3a(&result0[i1], &product); } - invert_ntt_montgomery_04(&result0[i1]); - add_error_reduce_ef_15(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_45(&result0[i1]); + add_error_reduce_ef_bd(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; memcpy( @@ -4163,7 +4179,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_c9(uint8_t serialized[32U]) { +deserialize_then_decompress_message_52(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -4191,7 +4207,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_ef_f0( +add_message_error_reduce_ef_42( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4221,7 +4237,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_c7( +compute_ring_element_v_14( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4231,8 +4247,8 @@ compute_ring_element_v_c7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_3a(&result, &product);); - invert_ntt_montgomery_04(&result); - result = add_message_error_reduce_ef_f0(error_2, message, result); + invert_ntt_montgomery_45(&result); + result = add_message_error_reduce_ef_42(error_2, message, result); return result; } @@ -4242,16 +4258,16 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6c(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_c5(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)10, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4263,9 +4279,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_20( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_6c(v); +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_4f( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_c5(a); } /** @@ -4274,16 +4290,16 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6c0(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_c50(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)11, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4296,8 +4312,8 @@ with const generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_200(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_6c0(v); +compress_0d_4f0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_c50(a); } /** @@ -4306,14 +4322,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_ba( +static KRML_MUSTINLINE void compress_then_serialize_11_8b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_200(to_unsigned_representative_9f(re->coefficients[i0])); + compress_0d_4f0(to_unsigned_representative_9f(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4331,10 +4347,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_ed( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_03( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_ba(re, uu____0); + compress_then_serialize_11_8b(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -4347,7 +4363,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_bf( +static void compress_then_serialize_u_7a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4363,7 +4379,7 @@ static void compress_then_serialize_u_bf( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_ed(&re, ret); + compress_then_serialize_ring_element_u_03(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4375,16 +4391,16 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6c1(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_c51(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)4, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4397,8 +4413,8 @@ with const generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_201(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_6c1(v); +compress_0d_4f1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_c51(a); } /** @@ -4407,16 +4423,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_b7( +static KRML_MUSTINLINE void compress_then_serialize_4_51( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_201(to_unsigned_representative_9f(re.coefficients[i0])); + compress_0d_4f1(to_unsigned_field_modulus_c4(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4432,16 +4446,16 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6c2(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_c52(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)5, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4454,8 +4468,8 @@ with const generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_202(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_6c2(v); +compress_0d_4f2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_c52(a); } /** @@ -4464,16 +4478,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_96( +static KRML_MUSTINLINE void compress_then_serialize_5_32( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_202(to_unsigned_representative_9f(re.coefficients[i0])); + compress_0d_4f2(to_unsigned_representative_9f(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4490,9 +4502,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_de( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_8f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_96(re, out); + compress_then_serialize_5_32(re, out); } /** @@ -4513,7 +4525,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_0d(IndCpaPublicKeyUnpacked_42 *public_key, +static void encrypt_unpacked_ad(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -4531,7 +4543,7 @@ static void encrypt_unpacked_0d(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_710 uu____3 = - sample_ring_element_cbd_72(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_f9(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -4545,25 +4557,25 @@ static void encrypt_unpacked_0d(IndCpaPublicKeyUnpacked_42 *public_key, sample_from_binomial_distribution_ce( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_02(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_cc(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_c9(copy_of_message); + deserialize_then_decompress_message_52(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_c7(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_14(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_bf( + compress_then_serialize_u_7a( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_de( + compress_then_serialize_ring_element_v_8f( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4587,10 +4599,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_5f1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_f41(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_6b(); - deserialize_ring_elements_reduced_8b( + deserialize_ring_elements_reduced_bb( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4605,7 +4617,7 @@ static void encrypt_5f1(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1568U]; - encrypt_unpacked_0d(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_ad(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } @@ -4620,7 +4632,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_cf(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_f0(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4647,11 +4659,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_131( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_361( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_f3( + entropy_preprocess_d8_8d( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4661,7 +4673,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_131( size_t); uint8_t ret[32U]; H_f1_c6(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cc(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cf(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4675,19 +4687,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_131( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cc(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_cf(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_5f1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_f41(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_fc(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_cf(shared_secret, shared_secret_array); + kdf_d8_f0(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -4707,7 +4719,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_0b(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_7a(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -4727,7 +4739,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_e71( +static KRML_MUSTINLINE void deserialize_secret_key_a71( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; @@ -4744,7 +4756,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_e71( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_0b(secret_bytes); + deserialize_to_uncompressed_ring_element_7a(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; @@ -4763,7 +4775,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_be( +decompress_ciphertext_coefficient_b4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4788,9 +4800,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_4f( +decompress_ciphertext_coefficient_0d_4c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_be(v); + return decompress_ciphertext_coefficient_b4(v); } /** @@ -4800,7 +4812,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_c9(Eurydice_slice serialized) { +deserialize_then_decompress_10_58(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -4817,7 +4829,7 @@ deserialize_then_decompress_10_c9(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_4f(coefficient); + decompress_ciphertext_coefficient_0d_4c(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4830,7 +4842,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_be0( +decompress_ciphertext_coefficient_b40( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4855,9 +4867,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_4f0( +decompress_ciphertext_coefficient_0d_4c0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_be0(v); + return decompress_ciphertext_coefficient_b40(v); } /** @@ -4867,7 +4879,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_fe(Eurydice_slice serialized) { +deserialize_then_decompress_11_5c(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -4877,7 +4889,7 @@ deserialize_then_decompress_11_fe(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_4f0(coefficient); + decompress_ciphertext_coefficient_0d_4c0(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4890,8 +4902,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_17(Eurydice_slice serialized) { - return deserialize_then_decompress_11_fe(serialized); +deserialize_then_decompress_ring_element_u_9c(Eurydice_slice serialized) { + return deserialize_then_decompress_11_5c(serialized); } /** @@ -4900,7 +4912,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_2a( +static KRML_MUSTINLINE void ntt_vector_u_72( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; ntt_at_layer_4_plus_18(&zeta_i, re, (size_t)7U); @@ -4921,7 +4933,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_7c( +static KRML_MUSTINLINE void deserialize_then_decompress_u_1e( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; @@ -4944,8 +4956,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_7c( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_17(u_bytes); - ntt_vector_u_2a(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_9c(u_bytes); + ntt_vector_u_72(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -4959,7 +4971,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_be1( +decompress_ciphertext_coefficient_b41( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4984,9 +4996,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_4f1( +decompress_ciphertext_coefficient_0d_4c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_be1(v); + return decompress_ciphertext_coefficient_b41(v); } /** @@ -4996,7 +5008,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_c2(Eurydice_slice serialized) { +deserialize_then_decompress_4_6c(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -5006,7 +5018,7 @@ deserialize_then_decompress_4_c2(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_4f1(coefficient); + decompress_ciphertext_coefficient_0d_4c1(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5019,7 +5031,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_be2( +decompress_ciphertext_coefficient_b42( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -5044,9 +5056,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_4f2( +decompress_ciphertext_coefficient_0d_4c2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_be2(v); + return decompress_ciphertext_coefficient_b42(v); } /** @@ -5056,7 +5068,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_a7(Eurydice_slice serialized) { +deserialize_then_decompress_5_96(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -5066,7 +5078,7 @@ deserialize_then_decompress_5_a7(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_4f2(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_4c2(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5079,8 +5091,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_41(Eurydice_slice serialized) { - return deserialize_then_decompress_5_a7(serialized); +deserialize_then_decompress_ring_element_v_ad(Eurydice_slice serialized) { + return deserialize_then_decompress_5_96(serialized); } /** @@ -5095,7 +5107,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_ef_1e(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +subtract_reduce_ef_87(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -5120,7 +5132,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_b7( +compute_message_7e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -5129,8 +5141,8 @@ compute_message_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_3a(&result, &product);); - invert_ntt_montgomery_04(&result); - result = subtract_reduce_ef_1e(v, result); + invert_ntt_montgomery_45(&result); + result = subtract_reduce_ef_87(v, result); return result; } @@ -5140,13 +5152,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_2c( +static KRML_MUSTINLINE void compress_then_serialize_message_4f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_9f(re.coefficients[i0]); + to_unsigned_field_modulus_c4(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5157,7 +5169,9 @@ static KRML_MUSTINLINE void compress_then_serialize_message_2c( Eurydice_slice_copy(uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t);); - memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + memcpy(result, serialized, (size_t)32U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -5170,18 +5184,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_ed(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_81(IndCpaPrivateKeyUnpacked_42 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_7c(ciphertext, u_as_ntt); + deserialize_then_decompress_u_1e(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_41( + deserialize_then_decompress_ring_element_v_ad( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_b7(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7e(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_2c(message, ret0); + compress_then_serialize_message_4f(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5195,10 +5209,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_1f1(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_411(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_e71(secret_key, secret_as_ntt); + deserialize_secret_key_a71(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; memcpy( @@ -5209,7 +5223,7 @@ static void decrypt_1f1(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t result[32U]; - decrypt_unpacked_ed(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_81(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -5261,7 +5275,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_551( +void libcrux_ml_kem_ind_cca_decapsulate_391( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5279,7 +5293,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_551( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_1f1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_411(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -5301,7 +5315,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_551( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_47(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_49(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -5311,17 +5325,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_551( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_5f1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_f41(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_cf(Eurydice_array_to_slice((size_t)32U, + kdf_d8_f0(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_cf(shared_secret0, shared_secret1); + kdf_d8_f0(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_47(ciphertext), + libcrux_ml_kem_types_as_ref_00_49(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5336,7 +5350,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_bb0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5350,7 +5364,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_d3(ring_element); + deserialize_to_reduced_ring_element_8a(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5361,13 +5375,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_580( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_610( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_19();); - deserialize_ring_elements_reduced_8b0(public_key, deserialized_pk); + deserialize_ring_elements_reduced_bb0(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -5380,7 +5394,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_800( +static KRML_MUSTINLINE void serialize_secret_key_1d0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -5398,7 +5412,7 @@ static KRML_MUSTINLINE void serialize_secret_key_800( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c4(&re, ret0); + serialize_uncompressed_ring_element_c6(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5413,13 +5427,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_1d0( +static KRML_MUSTINLINE void serialize_public_key_mut_0d0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_800(t_as_ntt, ret); + serialize_secret_key_1d0(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5436,11 +5450,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_960( +static KRML_MUSTINLINE void serialize_public_key_8c0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_1d0(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_0d0(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[800U]; memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); @@ -5454,15 +5468,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c0(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_f70(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_580( + deserialize_ring_elements_reduced_out_610( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_960( + serialize_public_key_8c0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5492,7 +5506,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_24( +bool libcrux_ml_kem_ind_cca_validate_private_key_d8( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -5598,7 +5612,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_c9( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_eb( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6197,7 +6211,7 @@ static void generate_keypair_unpacked_860( IndCpaPrivateKeyUnpacked_ae *private_key, IndCpaPublicKeyUnpacked_ae *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_c9(key_generation_seed, hashed); + cpa_keygen_seed_d8_eb(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6248,18 +6262,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_ea0( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_790( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_ae private_key = default_1a_a30(); IndCpaPublicKeyUnpacked_ae public_key = default_8d_6b0(); generate_keypair_unpacked_860(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_960( + serialize_public_key_8c0( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_800(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_1d0(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6283,7 +6297,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_ad( +static KRML_MUSTINLINE void serialize_kem_secret_key_ee( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6339,7 +6353,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6348,13 +6362,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_ea0(ind_cpa_keypair_randomness); + generate_keypair_790(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_ad( + serialize_kem_secret_key_ee( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6363,13 +6377,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -6382,7 +6396,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_64(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_91(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6432,7 +6446,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_720(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_f90(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_19();); @@ -6488,17 +6502,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_040( +static KRML_MUSTINLINE void invert_ntt_montgomery_450( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2e(&zeta_i, re); - invert_ntt_at_layer_2_42(&zeta_i, re); - invert_ntt_at_layer_3_0c(&zeta_i, re); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)7U); + invert_ntt_at_layer_1_9d(&zeta_i, re); + invert_ntt_at_layer_2_82(&zeta_i, re); + invert_ntt_at_layer_3_be(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); poly_barrett_reduce_ef_0a(re); } @@ -6508,7 +6522,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_020( +static KRML_MUSTINLINE void compute_vector_u_cc0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -6538,8 +6552,8 @@ static KRML_MUSTINLINE void compute_vector_u_020( ntt_multiply_ef_76(a_element, &r_as_ntt[j]); add_to_ring_element_ef_3a0(&result0[i1], &product); } - invert_ntt_montgomery_040(&result0[i1]); - add_error_reduce_ef_15(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_450(&result0[i1]); + add_error_reduce_ef_bd(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; memcpy( @@ -6557,7 +6571,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_c70( +compute_ring_element_v_140( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -6567,8 +6581,8 @@ compute_ring_element_v_c70( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_3a0(&result, &product);); - invert_ntt_montgomery_040(&result); - result = add_message_error_reduce_ef_f0(error_2, message, result); + invert_ntt_montgomery_450(&result); + result = add_message_error_reduce_ef_42(error_2, message, result); return result; } @@ -6578,14 +6592,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_7e0( +static KRML_MUSTINLINE void compress_then_serialize_10_630( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_20(to_unsigned_representative_9f(re->coefficients[i0])); + compress_0d_4f(to_unsigned_field_modulus_c4(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6593,7 +6607,9 @@ static KRML_MUSTINLINE void compress_then_serialize_10_7e0( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + memcpy(result, serialized, (size_t)320U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -6603,10 +6619,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_ed0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_030( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_7e0(re, uu____0); + compress_then_serialize_10_630(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -6619,7 +6635,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_bf0( +static void compress_then_serialize_u_7a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -6635,7 +6651,7 @@ static void compress_then_serialize_u_bf0( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_ed0(&re, ret); + compress_then_serialize_ring_element_u_030(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -6648,9 +6664,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_de0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_8f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_b7(re, out); + compress_then_serialize_4_51(re, out); } /** @@ -6671,7 +6687,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_0d0(IndCpaPublicKeyUnpacked_ae *public_key, +static void encrypt_unpacked_ad0(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -6690,7 +6706,7 @@ static void encrypt_unpacked_0d0(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____3 = - sample_ring_element_cbd_720(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_f90(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -6704,25 +6720,25 @@ static void encrypt_unpacked_0d0(IndCpaPublicKeyUnpacked_ae *public_key, sample_from_binomial_distribution_ce( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_020(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_cc0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_c9(copy_of_message); + deserialize_then_decompress_message_52(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_c70(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_140(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_bf0( + compress_then_serialize_u_7a0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_de0( + compress_then_serialize_ring_element_v_8f0( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -6746,10 +6762,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_5f0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_f40(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_6b0(); - deserialize_ring_elements_reduced_8b0( + deserialize_ring_elements_reduced_bb0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -6764,7 +6780,7 @@ static void encrypt_5f0(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[768U]; - encrypt_unpacked_0d0(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_ad0(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); } @@ -6779,7 +6795,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_c2(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_3b(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6806,11 +6822,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_130( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_360( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_64( + entropy_preprocess_d8_91( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6820,7 +6836,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_130( size_t); uint8_t ret[32U]; H_f1_c60(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cc0(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cf0(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6834,19 +6850,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_130( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cc0(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_cf0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_5f0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_f40(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_fc0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_c2(shared_secret, shared_secret_array); + kdf_d8_3b(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -6865,7 +6881,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_e70( +static KRML_MUSTINLINE void deserialize_secret_key_a70( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; @@ -6882,7 +6898,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_e70( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_0b(secret_bytes); + deserialize_to_uncompressed_ring_element_7a(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; @@ -6901,8 +6917,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_170(Eurydice_slice serialized) { - return deserialize_then_decompress_10_c9(serialized); +deserialize_then_decompress_ring_element_u_9c0(Eurydice_slice serialized) { + return deserialize_then_decompress_10_58(serialized); } /** @@ -6911,7 +6927,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_2a0( +static KRML_MUSTINLINE void ntt_vector_u_720( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; ntt_at_layer_4_plus_18(&zeta_i, re, (size_t)7U); @@ -6932,7 +6948,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_7c0( +static KRML_MUSTINLINE void deserialize_then_decompress_u_1e0( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; @@ -6955,8 +6971,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_7c0( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_170(u_bytes); - ntt_vector_u_2a0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_9c0(u_bytes); + ntt_vector_u_720(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -6970,8 +6986,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_410(Eurydice_slice serialized) { - return deserialize_then_decompress_4_c2(serialized); +deserialize_then_decompress_ring_element_v_ad0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_6c(serialized); } /** @@ -6981,7 +6997,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_b70( +compute_message_7e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -6990,8 +7006,8 @@ compute_message_b70( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_3a0(&result, &product);); - invert_ntt_montgomery_040(&result); - result = subtract_reduce_ef_1e(v, result); + invert_ntt_montgomery_450(&result); + result = subtract_reduce_ef_87(v, result); return result; } @@ -7005,18 +7021,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_ed0(IndCpaPrivateKeyUnpacked_ae *secret_key, +static void decrypt_unpacked_810(IndCpaPrivateKeyUnpacked_ae *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_7c0(ciphertext, u_as_ntt); + deserialize_then_decompress_u_1e0(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_410( + deserialize_then_decompress_ring_element_v_ad0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_b70(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7e0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_2c(message, ret0); + compress_then_serialize_message_4f(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7030,10 +7046,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_1f0(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_410(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_e70(secret_key, secret_as_ntt); + deserialize_secret_key_a70(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; memcpy( @@ -7044,7 +7060,7 @@ static void decrypt_1f0(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t result[32U]; - decrypt_unpacked_ed0(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_810(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -7084,7 +7100,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_550( +void libcrux_ml_kem_ind_cca_decapsulate_390( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7102,7 +7118,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_550( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_1f0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_410(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7124,7 +7140,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_550( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_470(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_490(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7134,17 +7150,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_550( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_5f0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_f40(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_c2(Eurydice_array_to_slice((size_t)32U, + kdf_d8_3b(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_c2(shared_secret0, shared_secret1); + kdf_d8_3b(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_470(ciphertext), + libcrux_ml_kem_types_as_ref_00_490(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7159,7 +7175,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_bb1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -7173,7 +7189,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8b1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_d3(ring_element); + deserialize_to_reduced_ring_element_8a(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7184,13 +7200,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_58( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_61( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_19();); - deserialize_ring_elements_reduced_8b1(public_key, deserialized_pk); + deserialize_ring_elements_reduced_bb1(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -7203,7 +7219,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_801( +static KRML_MUSTINLINE void serialize_secret_key_1d1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -7221,7 +7237,7 @@ static KRML_MUSTINLINE void serialize_secret_key_801( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c4(&re, ret0); + serialize_uncompressed_ring_element_c6(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -7236,13 +7252,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_1d1( +static KRML_MUSTINLINE void serialize_public_key_mut_0d1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_801(t_as_ntt, ret); + serialize_secret_key_1d1(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7259,11 +7275,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_961( +static KRML_MUSTINLINE void serialize_public_key_8c1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_1d1(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_0d1(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1184U]; memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); @@ -7277,15 +7293,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_3c(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_f7(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_58( + deserialize_ring_elements_reduced_out_61( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_961( + serialize_public_key_8c1( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7315,7 +7331,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_9e( +bool libcrux_ml_kem_ind_cca_validate_private_key_c3( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -7427,7 +7443,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_26( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_99( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -8015,7 +8031,7 @@ static void generate_keypair_unpacked_861( IndCpaPrivateKeyUnpacked_f8 *private_key, IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_26(key_generation_seed, hashed); + cpa_keygen_seed_d8_99(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -8066,18 +8082,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_ea( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_79( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_a31(); IndCpaPublicKeyUnpacked_f8 public_key = default_8d_6b1(); generate_keypair_unpacked_861(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_961( + serialize_public_key_8c1( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_801(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_1d1(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8101,7 +8117,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_59( +static KRML_MUSTINLINE void serialize_kem_secret_key_d8( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8157,7 +8173,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8166,13 +8182,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_ea(ind_cpa_keypair_randomness); + generate_keypair_79(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_59( + serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8181,13 +8197,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_720(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d0( - uu____2, libcrux_ml_kem_types_from_5a_c60(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f60( + uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); } /** @@ -8200,7 +8216,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_b7(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_03(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8218,7 +8234,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_721(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_f91(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_19();); @@ -8274,17 +8290,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_041( +static KRML_MUSTINLINE void invert_ntt_montgomery_451( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2e(&zeta_i, re); - invert_ntt_at_layer_2_42(&zeta_i, re); - invert_ntt_at_layer_3_0c(&zeta_i, re); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_6a(&zeta_i, re, (size_t)7U); + invert_ntt_at_layer_1_9d(&zeta_i, re); + invert_ntt_at_layer_2_82(&zeta_i, re); + invert_ntt_at_layer_3_be(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); poly_barrett_reduce_ef_0a(re); } @@ -8294,7 +8310,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_021( +static KRML_MUSTINLINE void compute_vector_u_cc1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -8324,8 +8340,8 @@ static KRML_MUSTINLINE void compute_vector_u_021( ntt_multiply_ef_76(a_element, &r_as_ntt[j]); add_to_ring_element_ef_3a1(&result0[i1], &product); } - invert_ntt_montgomery_041(&result0[i1]); - add_error_reduce_ef_15(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_451(&result0[i1]); + add_error_reduce_ef_bd(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( @@ -8343,7 +8359,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_c71( +compute_ring_element_v_141( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -8353,8 +8369,8 @@ compute_ring_element_v_c71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); add_to_ring_element_ef_3a1(&result, &product);); - invert_ntt_montgomery_041(&result); - result = add_message_error_reduce_ef_f0(error_2, message, result); + invert_ntt_montgomery_451(&result); + result = add_message_error_reduce_ef_42(error_2, message, result); return result; } @@ -8367,7 +8383,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_bf1( +static void compress_then_serialize_u_7a1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -8383,7 +8399,7 @@ static void compress_then_serialize_u_bf1( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_ed0(&re, ret); + compress_then_serialize_ring_element_u_030(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -8407,7 +8423,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_0d1(IndCpaPublicKeyUnpacked_f8 *public_key, +static void encrypt_unpacked_ad1(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -8427,7 +8443,7 @@ static void encrypt_unpacked_0d1(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____3 = - sample_ring_element_cbd_721(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_f91(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -8441,25 +8457,25 @@ static void encrypt_unpacked_0d1(IndCpaPublicKeyUnpacked_f8 *public_key, sample_from_binomial_distribution_ce( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_021(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_cc1(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_c9(copy_of_message); + deserialize_then_decompress_message_52(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_c71(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_141(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_bf1( + compress_then_serialize_u_7a1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_de0( + compress_then_serialize_ring_element_v_8f0( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -8483,10 +8499,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_5f(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_f4(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_6b1(); - deserialize_ring_elements_reduced_8b1( + deserialize_ring_elements_reduced_bb1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -8501,7 +8517,7 @@ static void encrypt_5f(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1088U]; - encrypt_unpacked_0d1(uu____1, copy_of_message, randomness, result); + encrypt_unpacked_ad1(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } @@ -8516,7 +8532,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_1a(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_b2(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8543,11 +8559,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_13( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_36( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_b7( + entropy_preprocess_d8_03( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -8557,7 +8573,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_13( size_t); uint8_t ret[32U]; H_f1_c61(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cc1(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cf1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -8571,19 +8587,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_13( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cc1(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_cf1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_5f(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_f4(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_fc1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_1f1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_1a(shared_secret, shared_secret_array); + kdf_d8_b2(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -8602,7 +8618,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_e7( +static KRML_MUSTINLINE void deserialize_secret_key_a7( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -8619,7 +8635,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_e7( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_0b(secret_bytes); + deserialize_to_uncompressed_ring_element_7a(secret_bytes); secret_as_ntt[i0] = uu____0; } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; @@ -8639,7 +8655,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_7c1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_1e1( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -8662,8 +8678,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_7c1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_170(u_bytes); - ntt_vector_u_2a0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_9c0(u_bytes); + ntt_vector_u_720(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -8677,7 +8693,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_b71( +compute_message_7e1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -8686,8 +8702,8 @@ compute_message_b71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); add_to_ring_element_ef_3a1(&result, &product);); - invert_ntt_montgomery_041(&result); - result = subtract_reduce_ef_1e(v, result); + invert_ntt_montgomery_451(&result); + result = subtract_reduce_ef_87(v, result); return result; } @@ -8701,18 +8717,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_ed1(IndCpaPrivateKeyUnpacked_f8 *secret_key, +static void decrypt_unpacked_811(IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_7c1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_1e1(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_410( + deserialize_then_decompress_ring_element_v_ad0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_b71(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7e1(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_2c(message, ret0); + compress_then_serialize_message_4f(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8726,10 +8742,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_1f(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_41(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_e7(secret_key, secret_as_ntt); + deserialize_secret_key_a7(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -8740,7 +8756,7 @@ static void decrypt_1f(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t result[32U]; - decrypt_unpacked_ed1(&secret_key_unpacked, ciphertext, result); + decrypt_unpacked_811(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -8780,7 +8796,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_55( +void libcrux_ml_kem_ind_cca_decapsulate_39( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -8798,7 +8814,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_55( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_1f(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_41(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -8820,7 +8836,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_55( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_471(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_491(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d3(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -8830,16 +8846,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_55( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_5f(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_f4(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_1a(Eurydice_array_to_slice((size_t)32U, + kdf_d8_b2(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_1a(shared_secret0, shared_secret1); + kdf_d8_b2(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_471(ciphertext), + libcrux_ml_kem_types_as_ref_00_491(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index 626edaff4..850ef79ff 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem_portable_H @@ -312,7 +312,7 @@ uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_compress_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v); + libcrux_ml_kem_vector_portable_vector_type_PortableVector a); /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for @@ -320,7 +320,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_1_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v); + libcrux_ml_kem_vector_portable_vector_type_PortableVector a); uint32_t libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits( uint8_t n, uint32_t value); diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index 3ae00514c..3c9d12e58 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index 467def628..b246030f2 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "internal/libcrux_sha3_avx2.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index 47d070cdc..ae63d5635 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index 3678325cd..1ccb6aef7 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index f0331c49a..e84736e6c 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #include "libcrux_sha3_neon.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index ec5a84fa2..dcf61fdac 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_neon_H diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index 12d9d454e..e4e28910d 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -2,5 +2,5 @@ This code was generated with the following revisions: Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 -F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty -Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 +F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd +Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 diff --git a/libcrux-ml-kem/cg/eurydice_glue.h b/libcrux-ml-kem/cg/eurydice_glue.h index 30a7c281d..1e2772eba 100644 --- a/libcrux-ml-kem/cg/eurydice_glue.h +++ b/libcrux-ml-kem/cg/eurydice_glue.h @@ -19,7 +19,6 @@ extern "C" { #include "karamel/target.h" -// Ignore an expression. #define LowStar_Ignore_ignore(e, t, _ret_t) ((void)e) // SLICES, ARRAYS, ETC. diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index ad3b32845..167e6f0ec 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_core_H @@ -221,7 +221,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_4c( +static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_e2( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -245,7 +245,7 @@ with const generics - SIZE= 1184 */ static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_5a_c6(uint8_t value[1184U]) { +libcrux_ml_kem_types_from_5a_45(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); @@ -279,7 +279,7 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_3a_8d(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, +libcrux_ml_kem_types_from_3a_f6(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); @@ -295,7 +295,7 @@ with const generics - SIZE= 2400 */ static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_7f_72(uint8_t value[2400U]) { +libcrux_ml_kem_types_from_7f_8c(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); @@ -359,7 +359,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_c4(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_01_6e(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -376,7 +376,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_e0( +static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_0e( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -428,7 +428,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_d9( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_b6( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index f3a831536..be254be76 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index 674633a41..31e79d8fb 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_avx2_H @@ -1236,7 +1236,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_3a(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_b0(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -1248,7 +1248,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_81( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_60( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -1269,7 +1269,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_06( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_33( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -1287,7 +1287,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_06( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_81( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_60( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -1310,7 +1310,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_56(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_e9(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -1322,7 +1322,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_88( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1374,9 +1374,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e6( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_75( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_88( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e( vector); } @@ -1388,7 +1388,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_1c( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_d9( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -1404,7 +1404,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_1c( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e6( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_75( coefficient); } return re; @@ -1418,7 +1418,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_880( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e0( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1470,9 +1470,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e60( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_750( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_880( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e0( vector); } @@ -1484,7 +1484,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_6e( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_5d( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -1495,7 +1495,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_6e( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e60( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_750( coefficient); } return re; @@ -1509,9 +1509,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_f1( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_75( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_1c(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_d9(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1669,7 +1669,7 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_61( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_88( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; libcrux_ml_kem_ntt_ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)7U, @@ -1699,7 +1699,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_84( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_37( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -1724,9 +1724,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_84( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_f1( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_75( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_61(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_88(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -1741,7 +1741,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_881( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e1( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1793,9 +1793,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e61( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_751( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_881( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e1( vector); } @@ -1807,7 +1807,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_44( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_2e( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -1818,7 +1818,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_44( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e61( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_751( coefficient); } return re; @@ -1832,7 +1832,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_882( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e2( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1884,9 +1884,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e62( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_752( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_882( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_3e2( vector); } @@ -1898,7 +1898,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_c7( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_d5( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -1909,7 +1909,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_c7( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e62( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_752( re.coefficients[i0]); } return re; @@ -1923,9 +1923,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_da( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_51( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_44(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_2e(serialized); } /** @@ -1995,7 +1995,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_02( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ee( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2019,7 +2019,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_28( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_9c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2041,7 +2041,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_2f( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2062,7 +2062,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_60(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_e3(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); @@ -2081,7 +2081,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2096,7 +2096,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_60( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_e3( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2114,20 +2114,20 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b2( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_05( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_02(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_28(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_b8(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ee(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_9c(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_2f(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7c(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7c(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7c(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_19(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7c(&zeta_i, re, (size_t)7U); libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_09(re); } @@ -2145,7 +2145,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_ef_70( +libcrux_ml_kem_polynomial_subtract_reduce_ef_6f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; @@ -2169,7 +2169,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_52( +libcrux_ml_kem_matrix_compute_message_74( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -2182,8 +2182,8 @@ libcrux_ml_kem_matrix_compute_message_52( &u_as_ntt[i0]); libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b2(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_70(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_05(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_6f(v, result); return result; } @@ -2194,7 +2194,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_aa(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_d4(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2208,9 +2208,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_dc( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_16( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_aa(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_d4(vector); } /** @@ -2222,12 +2222,24 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i libcrux_ml_kem_vector_traits_to_unsigned_representative_b5(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_dc(a); + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_16(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); } +/** +A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics + +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static KRML_MUSTINLINE __m256i +libcrux_ml_kem_serialize_to_unsigned_field_modulus_88(__m256i a) { + return libcrux_ml_kem_vector_traits_to_unsigned_representative_b5(a); +} + /** A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_message with types @@ -2236,14 +2248,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_da( +libcrux_ml_kem_serialize_compress_then_serialize_message_bc( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; - __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( - re.coefficients[i0]); + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); uint8_t bytes[2U]; @@ -2253,7 +2264,9 @@ libcrux_ml_kem_serialize_compress_then_serialize_message_da( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + memcpy(result, serialized, (size_t)32U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -2267,20 +2280,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_88( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_69( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_84(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_37(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_da( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_51( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_52(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_74(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_da(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_bc(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2295,11 +2308,11 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_b7(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_2a(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_06(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_33(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -2311,7 +2324,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_b7(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_88(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_69(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -2405,7 +2418,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_26( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_5a( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -2429,7 +2442,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_4f( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_3b( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2443,7 +2456,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_4f( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_26( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_5a( ring_element); deserialized_pk[i0] = uu____0; } @@ -3215,7 +3228,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_d4(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_93(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -3229,7 +3242,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_8c(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_66(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3307,7 +3320,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_4e(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_83(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -3323,7 +3336,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_cf( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_9e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3345,7 +3358,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_52( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_38( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -3377,8 +3390,8 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_52( libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result0[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b2(&result0[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_cf(&result0[i1], + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_05(&result0[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_9e(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; @@ -3397,7 +3410,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_28( +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_fd( __m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); @@ -3413,7 +3426,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_b0( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_03( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -3424,7 +3437,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_b0( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_28(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_fd(coefficient_compressed); } return re; } @@ -3442,7 +3455,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_62( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_c6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3470,7 +3483,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_c3( +libcrux_ml_kem_matrix_compute_ring_element_v_af( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3484,8 +3497,8 @@ libcrux_ml_kem_matrix_compute_ring_element_v_c3( &r_as_ntt[i0]); libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b2(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_62( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_05(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_c6( error_2, message, result); return result; } @@ -3498,7 +3511,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3553,9 +3566,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_dc( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_b7( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f( vector); } @@ -3567,14 +3580,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_2b( +libcrux_ml_kem_serialize_compress_then_serialize_10_33( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_dc( - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_b7( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); @@ -3583,7 +3596,9 @@ libcrux_ml_kem_serialize_compress_then_serialize_10_2b( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + memcpy(result, serialized, (size_t)320U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3594,7 +3609,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf0( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f0( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3649,9 +3664,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_dc0( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_b70( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf0( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f0( vector); } @@ -3663,13 +3678,13 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_86( +libcrux_ml_kem_serialize_compress_then_serialize_11_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_dc0( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_b70( libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( re->coefficients[i0])); uint8_t bytes[22U]; @@ -3691,10 +3706,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_4d( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_2b(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_33(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3708,7 +3723,7 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_83( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_98( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3724,7 +3739,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_83( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_4d(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3739,7 +3754,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf1( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f1( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3794,9 +3809,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_dc1( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_b71( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf1( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f1( vector); } @@ -3808,16 +3823,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_fd( +libcrux_ml_kem_serialize_compress_then_serialize_4_7a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_dc1( - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_b71( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); @@ -3836,7 +3849,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf2( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f2( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3891,9 +3904,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_dc2( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_b72( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_bf2( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_8f2( vector); } @@ -3905,15 +3918,13 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_60( +libcrux_ml_kem_serialize_compress_then_serialize_5_15( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_dc2( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_b72( libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( re.coefficients[i0])); uint8_t bytes[10U]; @@ -3934,9 +3945,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_3c( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_dc( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_fd(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_7a(re, out); } /** @@ -3957,7 +3968,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_25( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -3975,7 +3986,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_25( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_8c( + tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_66( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( @@ -3990,27 +4001,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_25( libcrux_ml_kem_sampling_sample_from_binomial_distribution_73( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_52(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_38(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_b0( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_03( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_c3( + libcrux_ml_kem_matrix_compute_ring_element_v_af( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_83( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_98( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_3c( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_dc( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4034,13 +4045,13 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_88(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_65(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_4f( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_3b( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4056,7 +4067,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_88(Eurydice_slice public_key, uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_25(uu____1, copy_of_message, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } @@ -4073,7 +4084,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_5a( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_54( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4105,7 +4116,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_c5( +static inline void libcrux_ml_kem_ind_cca_decapsulate_82( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4123,7 +4134,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c5( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_b7(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_2a(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4147,7 +4158,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c5( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -4158,18 +4169,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c5( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_88(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_65(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_5a( + libcrux_ml_kem_variant_kdf_d8_54( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_5a(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_54(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4199,10 +4210,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0d( +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_63( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_c5(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_82(private_key, ciphertext, ret); } /** @@ -4216,7 +4227,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0d(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_63(private_key, ciphertext, ret); } @@ -4231,7 +4242,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_7b( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_44( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4274,11 +4285,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_02( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_86( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_7b( + libcrux_ml_kem_variant_entropy_preprocess_d8_44( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4289,7 +4300,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_02( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4304,20 +4315,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_02( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_e0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_88(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_65(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_5a(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_54(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4350,14 +4361,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_ad( +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_c5( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_02(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_86(uu____0, copy_of_randomness); } /** @@ -4375,7 +4386,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_ad( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_c5( uu____0, copy_of_randomness); } @@ -4411,7 +4422,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_7e( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4528,7 +4539,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_7e(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -4578,15 +4589,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_88( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b8( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( - re->coefficients[i0]); + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4594,7 +4604,9 @@ libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_88( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); + uint8_t result[384U]; + memcpy(result, serialized, (size_t)384U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)384U * sizeof(uint8_t)); } /** @@ -4605,7 +4617,7 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_72( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_05( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4623,7 +4635,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_72( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_88(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b8(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4639,13 +4651,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_82( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_72(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_05(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4663,11 +4675,11 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_39( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_f7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_82(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_7b(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1184U]; memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); @@ -4688,7 +4700,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_1c(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_1e(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = @@ -4696,12 +4708,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_1c(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_39( + libcrux_ml_kem_ind_cpa_serialize_public_key_f7( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_72(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_05(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4727,7 +4739,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_28( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -4784,7 +4796,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -4793,13 +4805,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_1c(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_1e(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_28( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -4808,13 +4820,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -4830,12 +4842,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_96( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_ff( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_2a(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); } /** @@ -4847,7 +4859,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_96( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_ff( copy_of_randomness); } @@ -4863,7 +4875,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_08( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_42( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -4874,7 +4886,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_08( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_4c(ciphertext), + libcrux_ml_kem_types_as_slice_d4_e2(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -4908,7 +4920,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_c50( +static inline void libcrux_ml_kem_ind_cca_decapsulate_820( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4926,7 +4938,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c50( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_b7(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_2a(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4950,7 +4962,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c50( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -4961,18 +4973,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_c50( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_88(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_65(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_08( + libcrux_ml_kem_variant_kdf_33_42( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_08(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_42(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5006,10 +5018,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_9f( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_0b( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_c50(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_820(private_key, ciphertext, ret); } /** @@ -5023,7 +5035,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_9f( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_0b( private_key, ciphertext, ret); } @@ -5038,7 +5050,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_44( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_ad( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H_a9_16(randomness, ret); } @@ -5063,11 +5075,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_020( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_860( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_44( + libcrux_ml_kem_variant_entropy_preprocess_33_ad( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5078,7 +5090,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_020( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5093,20 +5105,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_020( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_e0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_88(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_65(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_08(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_42(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5142,14 +5154,14 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_e1( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_e7( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_020(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_860(uu____0, copy_of_randomness); } /** @@ -5167,7 +5179,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_e1( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_e7( uu____0, copy_of_randomness); } @@ -5182,7 +5194,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_63( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_08( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G_a9_67(key_generation_seed, ret); } @@ -5202,7 +5214,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_63(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_08(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5258,7 +5270,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_1c0( +libcrux_ml_kem_ind_cpa_generate_keypair_1e0( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); @@ -5267,12 +5279,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_1c0( libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_39( + libcrux_ml_kem_ind_cpa_serialize_public_key_f7( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_72(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_05(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5305,7 +5317,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5314,13 +5326,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_1c0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_1e0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_28( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5329,13 +5341,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_2a0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -5352,12 +5364,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_0a( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_b1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_2a0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); } /** @@ -5369,7 +5381,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_0a( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_b1( copy_of_randomness); } @@ -5382,7 +5394,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_5e( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_e9( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -5408,10 +5420,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_72( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_cf( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_5e(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_e9(private_key, ciphertext); } @@ -5424,7 +5436,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_72( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_cf( private_key, ciphertext); } @@ -5436,7 +5448,7 @@ types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_a7( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_3d( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -5449,14 +5461,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_40( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_d1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_7d(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_4f( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_3b( public_key, deserialized_pk); memcpy( ret, deserialized_pk, @@ -5472,16 +5484,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_c9( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_eb( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_40( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_d1( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_39( + libcrux_ml_kem_ind_cpa_serialize_public_key_f7( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5500,9 +5512,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_fc( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_91( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_c9(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_eb(public_key); } /** @@ -5513,7 +5525,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_fc( KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_fc( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_91( public_key->value); } @@ -5539,11 +5551,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_c2( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_64( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_88( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_69( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5573,7 +5585,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_c2( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -5585,11 +5597,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_c2( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_25( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -5626,10 +5638,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_0c( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_31( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_c2(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_64(key_pair, ciphertext, ret); } /** @@ -5643,7 +5655,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_decapsulate( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_0c( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_31( private_key, ciphertext, ret); } @@ -5666,7 +5678,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_e2( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_1d( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -5694,7 +5706,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_e2( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_25(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -5704,7 +5716,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_e2( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -5738,7 +5750,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_5c( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_ab( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = @@ -5746,7 +5758,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_5c( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_e2(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_1d(uu____0, copy_of_randomness); } @@ -5767,7 +5779,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_5c( + return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_ab( uu____0, copy_of_randomness); } @@ -5787,7 +5799,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_b0(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_b2(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_7d(); } @@ -5806,7 +5818,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_81( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_64( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_7d(); @@ -5826,7 +5838,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_clone_8d_c2( +libcrux_ml_kem_polynomial_clone_8d_d3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; __m256i ret[16U]; @@ -5853,7 +5865,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_98( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -5868,14 +5880,14 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15( &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_81(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_64(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_c2( + libcrux_ml_kem_polynomial_clone_8d_d3( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -5888,7 +5900,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_39( + libcrux_ml_kem_ind_cpa_serialize_public_key_f7( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -5924,13 +5936,13 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_56( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_1b( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_98(copy_of_randomness, out); } /** @@ -5943,7 +5955,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_56( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_1b( copy_of_randomness, key_pair); } @@ -5960,7 +5972,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_default_1c_31(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_c5(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); lit.public_key_hash[0U] = 0U; @@ -6012,7 +6024,7 @@ with const generics KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_0e(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_bb(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); uu____0.implicit_rejection_value[0U] = 0U; @@ -6050,7 +6062,7 @@ static KRML_MUSTINLINE return ( CLITERAL(libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_31()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_c5()}); } /** @@ -6059,7 +6071,7 @@ static KRML_MUSTINLINE KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_0e(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_bb(); } /** @@ -6068,7 +6080,7 @@ libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_31(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_c5(); } /** @@ -6089,10 +6101,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_05( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_7b( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_82( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_7b( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -6117,10 +6129,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_84( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_b6( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_05( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_7b( &self->public_key, serialized); } @@ -6132,7 +6144,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_84(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_b6(key_pair, serialized); } @@ -6149,7 +6161,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_c1( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_0d( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -6186,11 +6198,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_clone_28_a6( +libcrux_ml_kem_ind_cca_unpacked_clone_28_56( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_c1(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_0d(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -6214,7 +6226,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_7a( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_e2( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -6227,8 +6239,8 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_a6( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_7a(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_56( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_e2(key_pair)); pk[0U] = uu____0; } @@ -6239,7 +6251,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_05(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_7b(public_key, serialized); } @@ -6257,13 +6269,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_fe( +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_ed( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_4f( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_3b( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -6283,7 +6295,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_fe( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -6304,11 +6316,11 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_f1( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_aa( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_fe(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_ed(public_key, unpacked_public_key); } @@ -6320,7 +6332,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_f1( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_aa( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h index 34a008cc6..9d502829e 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_avx2_types_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 0e3e07dc6..32f0d2918 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_portable_H @@ -1226,15 +1226,15 @@ libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_compress_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - v.elements[i0] = (int16_t) + a.elements[i0] = (int16_t) libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( - (uint16_t)v.elements[i0]); + (uint16_t)a.elements[i0]); } - return v; + return a; } /** @@ -1243,8 +1243,8 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_compress_1_0d( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_1(v); + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_1(a); } static KRML_MUSTINLINE uint32_t @@ -2486,7 +2486,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_a5(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_75(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -2497,7 +2497,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_50( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8f( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -2519,7 +2519,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_55( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_5f( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -2537,7 +2537,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_55( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_50( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8f( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -2559,7 +2559,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - U_COMPRESSION_FACTOR= 10 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_e3(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_ef(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -2570,7 +2570,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2595,9 +2595,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b4( v); } @@ -2608,7 +2608,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_c8( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_38( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -2627,7 +2627,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_c8( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c( coefficient); re.coefficients[i0] = uu____0; } @@ -2641,7 +2641,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be0( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b40( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2666,9 +2666,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f0( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be0( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b40( v); } @@ -2679,7 +2679,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_c6( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_68( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -2691,7 +2691,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_c6( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f0( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c0( coefficient); re.coefficients[i0] = uu____0; } @@ -2705,9 +2705,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_a4( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_f7( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_c8(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_38(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2872,7 +2872,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_ec( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_52( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; libcrux_ml_kem_ntt_ntt_at_layer_4_plus_18(&zeta_i, re, (size_t)7U, @@ -2901,7 +2901,7 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_70( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f8( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -2926,9 +2926,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_70( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_a4( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_f7( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_ec(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_52(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -2942,7 +2942,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be1( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b41( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2967,9 +2967,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f1( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be1( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b41( v); } @@ -2980,7 +2980,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_c5( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -2992,7 +2992,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_c5( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f1( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c1( coefficient); re.coefficients[i0] = uu____0; } @@ -3006,7 +3006,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be2( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b42( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3031,9 +3031,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f2( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_be2( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_b42( v); } @@ -3044,7 +3044,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_20( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_57( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -3056,7 +3056,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_20( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4f2( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c2( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3070,9 +3070,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_7c( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_32( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_c5(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2(serialized); } /** @@ -3145,7 +3145,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_fe( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ab( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3168,7 +3168,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_7c( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_3a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3189,7 +3189,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_23( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_10( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3211,7 +3211,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ca( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3232,7 +3232,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ce( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3247,7 +3247,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ca( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ef( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3264,20 +3264,20 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_fe(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_7c(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_23(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ab(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_3a(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_10(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ce(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ce(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ce(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ce(&zeta_i, re, (size_t)7U); libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_0a(re); } @@ -3294,7 +3294,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_ef_7e( +libcrux_ml_kem_polynomial_subtract_reduce_ef_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; @@ -3320,7 +3320,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_60( +libcrux_ml_kem_matrix_compute_message_dc( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -3333,8 +3333,8 @@ libcrux_ml_kem_matrix_compute_message_60( &u_as_ntt[i0]); libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_7e(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_2c(v, result); return result; } @@ -3344,7 +3344,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_95( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3364,9 +3364,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_64( +libcrux_ml_kem_vector_portable_shift_right_0d_3e( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_95(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c(v); } /** @@ -3379,13 +3379,27 @@ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_64(a); + libcrux_ml_kem_vector_portable_shift_right_0d_3e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_portable_add_0d(a, &fm); } +/** +A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics + +*/ +static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector result = + libcrux_ml_kem_vector_traits_to_unsigned_representative_9f(a); + return result; +} + /** A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_message with types @@ -3393,13 +3407,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_39( +libcrux_ml_kem_serialize_compress_then_serialize_message_ec( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3412,7 +3426,9 @@ libcrux_ml_kem_serialize_compress_then_serialize_message_39( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + memcpy(result, serialized, (size_t)32U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -3425,20 +3441,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_15( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_75( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_70(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f8(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_7c( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_32( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_60(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_dc(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_39(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_ec(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3452,11 +3468,11 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_80(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_46(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_55(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_5f(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -3468,7 +3484,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_80(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_15(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_75(&secret_key_unpacked, ciphertext, result); memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } @@ -3557,7 +3573,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_b2( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_c7( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -3582,7 +3598,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_22( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_b2( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -3596,7 +3612,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_22( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_b2( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_c7( ring_element); deserialized_pk[i0] = uu____0; } @@ -4337,7 +4353,7 @@ generics - ETA2= 2 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_3e(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_ed(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -4351,7 +4367,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_d6(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4426,7 +4442,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_76(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_4e(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -4441,7 +4457,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_9d( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_33( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4465,7 +4481,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_42( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4497,8 +4513,8 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_42( libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result0[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result0[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_9d(&result0[i1], + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result0[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_33(&result0[i1], &error_1[i1]); } libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; @@ -4517,7 +4533,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_f7( +libcrux_ml_kem_vector_traits_decompress_1_5b( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4536,7 +4552,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_f0( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_c4( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -4549,7 +4565,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_f0( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_f7(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_5b(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4567,7 +4583,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_e4( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4597,7 +4613,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_58( +libcrux_ml_kem_matrix_compute_ring_element_v_43( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4611,8 +4627,8 @@ libcrux_ml_kem_matrix_compute_ring_element_v_58( &r_as_ntt[i0]); libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_e4( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_f0( error_2, message, result); return result; } @@ -4623,17 +4639,17 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6c( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_c5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)10, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4646,9 +4662,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_20( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_6c(v); +libcrux_ml_kem_vector_portable_compress_0d_4f( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_c5(a); } /** @@ -4658,15 +4674,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_04( +libcrux_ml_kem_serialize_compress_then_serialize_10_83( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_20( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_vector_portable_compress_0d_4f( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4675,7 +4691,9 @@ libcrux_ml_kem_serialize_compress_then_serialize_10_04( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + memcpy(result, serialized, (size_t)320U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -4684,17 +4702,17 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6c0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_c50( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)11, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4707,9 +4725,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_200( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_6c0(v); +libcrux_ml_kem_vector_portable_compress_0d_4f0( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_c50(a); } /** @@ -4719,14 +4737,14 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_41( +libcrux_ml_kem_serialize_compress_then_serialize_11_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_200( + libcrux_ml_kem_vector_portable_compress_0d_4f0( libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( re->coefficients[i0])); uint8_t bytes[22U]; @@ -4747,10 +4765,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_ae( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_04(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_83(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -4763,7 +4781,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_48( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_86( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4779,7 +4797,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_48( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_ae(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cf(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4792,17 +4810,17 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6c1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_c51( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)4, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4815,9 +4833,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_201( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_6c1(v); +libcrux_ml_kem_vector_portable_compress_0d_4f1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_c51(a); } /** @@ -4827,17 +4845,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_b6( +libcrux_ml_kem_serialize_compress_then_serialize_4_17( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_201( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_vector_portable_compress_0d_4f1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4854,17 +4870,17 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6c2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_compress_c52( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( - (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]); - v.elements[i0] = uu____0; + (uint8_t)(int32_t)5, (uint16_t)a.elements[i0]); + a.elements[i0] = uu____0; } - return v; + return a; } /** @@ -4877,9 +4893,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_202( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_6c2(v); +libcrux_ml_kem_vector_portable_compress_0d_4f2( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return libcrux_ml_kem_vector_portable_compress_compress_c52(a); } /** @@ -4889,16 +4905,14 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_a0( +libcrux_ml_kem_serialize_compress_then_serialize_5_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { - LowStar_Ignore_ignore(Eurydice_slice_len(serialized, uint8_t), size_t, - void *); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_202( + libcrux_ml_kem_vector_portable_compress_0d_4f2( libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( re.coefficients[i0])); uint8_t bytes[10U]; @@ -4918,9 +4932,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_79( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_e9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_b6(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_17(re, out); } /** @@ -4941,7 +4955,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_02( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_f8( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -4959,7 +4973,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_02( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95( + tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_d6( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( @@ -4974,27 +4988,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_02( libcrux_ml_kem_sampling_sample_from_binomial_distribution_ce( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_42(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_7b(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_f0( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_c4( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_58( + libcrux_ml_kem_matrix_compute_ring_element_v_43( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_48( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_86( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_79( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_e9( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5018,13 +5032,13 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_ca(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_3b(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_22( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_b2( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5040,7 +5054,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_ca(Eurydice_slice public_key, uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_02(uu____1, copy_of_message, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_f8(uu____1, copy_of_message, randomness, result); memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } @@ -5056,7 +5070,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_1a( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_b2( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5087,7 +5101,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_68( +static inline void libcrux_ml_kem_ind_cca_decapsulate_6b( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5105,7 +5119,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_68( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_80(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_46(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5129,7 +5143,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_68( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -5140,18 +5154,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_68( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_ca(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_3b(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_1a( + libcrux_ml_kem_variant_kdf_d8_b2( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_1a(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_b2(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5181,10 +5195,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_85( +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d5( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_68(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_6b(private_key, ciphertext, ret); } /** @@ -5197,7 +5211,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_85( static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_85( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d5( private_key, ciphertext, ret); } @@ -5211,7 +5225,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_b7( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_03( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5252,11 +5266,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_fd( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_b7( + libcrux_ml_kem_variant_entropy_preprocess_d8_03( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5267,7 +5281,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5282,20 +5296,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_e0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_ca(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_3b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_1a(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_b2(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5327,14 +5341,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_16( +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_28( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_8a(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_fd(uu____0, copy_of_randomness); } /** @@ -5351,7 +5365,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_16( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_28( uu____0, copy_of_randomness); } @@ -5385,7 +5399,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_26( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_99( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5502,7 +5516,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_26(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_99(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5551,14 +5565,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c4( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c6( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5567,7 +5581,9 @@ libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c4( Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t); } - memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t)); + uint8_t result[384U]; + memcpy(result, serialized, (size_t)384U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)384U * sizeof(uint8_t)); } /** @@ -5577,7 +5593,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_80( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_1d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -5595,7 +5611,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_80( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c4(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c6(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5610,13 +5626,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_1d( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_0d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_80(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5633,11 +5649,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_96( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_8c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_1d(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_0d(t_as_ntt, seed_for_a, public_key_serialized); uint8_t result[1184U]; memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); @@ -5657,7 +5673,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_ea(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_79(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = @@ -5665,12 +5681,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_ea(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_96( + libcrux_ml_kem_ind_cpa_serialize_public_key_8c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_80(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5695,7 +5711,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_59( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5751,7 +5767,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5760,13 +5776,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_ea(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_79(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_59( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5775,13 +5791,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b2(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -5797,12 +5813,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_7f( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_08( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_b2(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); } /** @@ -5813,7 +5829,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_7f( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_08( copy_of_randomness); } @@ -5828,7 +5844,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_23( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_44( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -5839,7 +5855,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_23( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_4c(ciphertext), + libcrux_ml_kem_types_as_slice_d4_e2(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -5872,7 +5888,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_680( +static inline void libcrux_ml_kem_ind_cca_decapsulate_6b0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5890,7 +5906,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_680( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_80(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_46(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5914,7 +5930,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_680( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -5925,18 +5941,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_680( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_ca(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_3b(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_23( + libcrux_ml_kem_variant_kdf_33_44( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_23(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_44(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5970,10 +5986,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_1b( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_c7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_680(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_6b0(private_key, ciphertext, ret); } /** @@ -5986,7 +6002,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_1b( static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_1b( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_c7( private_key, ciphertext, ret); } @@ -6000,7 +6016,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_3b( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_ec( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H_f1_c6(randomness, ret); } @@ -6024,11 +6040,11 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a0( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_fd0( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_3b( + libcrux_ml_kem_variant_entropy_preprocess_33_ec( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6039,7 +6055,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a0( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6054,20 +6070,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_e0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_ca(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_3b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_23(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_44(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6103,14 +6119,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_32( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_5e( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_8a0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_fd0(uu____0, copy_of_randomness); } /** @@ -6127,7 +6143,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_32( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_5e( uu____0, copy_of_randomness); } @@ -6141,7 +6157,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_22( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_01( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G_f1_07(key_generation_seed, ret); } @@ -6160,7 +6176,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_22(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_01(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6215,7 +6231,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_ea0( +libcrux_ml_kem_ind_cpa_generate_keypair_790( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); @@ -6224,12 +6240,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_ea0( libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_96( + libcrux_ml_kem_ind_cpa_serialize_public_key_8c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_80(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6261,7 +6277,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6270,13 +6286,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_ea0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_790(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_59( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6285,13 +6301,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_b20(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_72(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_8d( - uu____2, libcrux_ml_kem_types_from_5a_c6(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -6307,12 +6323,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_08( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_05( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_b20(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); } /** @@ -6324,7 +6340,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_08( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_05( copy_of_randomness); } @@ -6336,7 +6352,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_a9( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_79( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -6361,10 +6377,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_4d( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_03( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_a9(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_79(private_key, ciphertext); } @@ -6376,7 +6392,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_4d( static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_4d( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_03( private_key, ciphertext); } @@ -6388,7 +6404,7 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_a3( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_8b( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -6400,14 +6416,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_21( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_7b( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_19(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_22( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_b2( public_key, deserialized_pk); memcpy( ret, deserialized_pk, @@ -6422,16 +6438,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_be( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_bb( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_21( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_7b( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_96( + libcrux_ml_kem_ind_cpa_serialize_public_key_8c( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6449,9 +6465,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_34( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_aa( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_be(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_bb(public_key); } /** @@ -6461,7 +6477,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_34( */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_34( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_aa( public_key->value); } @@ -6491,7 +6507,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_d6( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_15( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_75( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6521,7 +6537,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_d6( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_b6(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -6533,11 +6549,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_d6( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_02( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_f8( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d9(ciphertext), + libcrux_ml_kem_types_as_ref_00_b6(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -6573,7 +6589,7 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_8e( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_2e( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_ind_cca_unpacked_decapsulate_d6(key_pair, ciphertext, ret); @@ -6590,7 +6606,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_8e( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_2e( private_key, ciphertext, ret); } @@ -6613,7 +6629,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_a4( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_02( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -6641,7 +6657,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_a4( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_02(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_f8(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6651,7 +6667,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_a4( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_c4(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_6e(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -6684,7 +6700,7 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_c0( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_10( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = @@ -6692,7 +6708,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_c0( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_a4(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_02(uu____0, copy_of_randomness); } @@ -6712,7 +6728,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_c0( + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_10( uu____0, copy_of_randomness); } @@ -6731,7 +6747,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_6d(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_95(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_19(); } @@ -6749,7 +6765,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8e( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6b( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_19(); @@ -6768,7 +6784,7 @@ with const generics */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_clone_8d_a6( +libcrux_ml_kem_polynomial_clone_8d_06( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; @@ -6812,14 +6828,14 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_3b( &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8e(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6b(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_a6( + libcrux_ml_kem_polynomial_clone_8d_06( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -6832,7 +6848,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_3b( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_96( + libcrux_ml_kem_ind_cpa_serialize_public_key_8c( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6867,7 +6883,7 @@ const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_08( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ec( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6886,7 +6902,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_08( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ec( copy_of_randomness, key_pair); } @@ -6902,7 +6918,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_default_1c_fe(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_05(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); lit.public_key_hash[0U] = 0U; @@ -6953,7 +6969,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_27(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_c3(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); uu____0.implicit_rejection_value[0U] = 0U; @@ -6991,7 +7007,7 @@ static KRML_MUSTINLINE return (CLITERAL( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_fe()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_05()}); } /** @@ -6999,7 +7015,7 @@ static KRML_MUSTINLINE */ static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_27(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_c3(); } /** @@ -7007,7 +7023,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_fe(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_05(); } /** @@ -7027,10 +7043,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_c8( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_0d( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_1d( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_0d( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -7054,10 +7070,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a6( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_6b( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_c8( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_0d( &self->public_key, serialized); } @@ -7068,7 +7084,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a6(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_6b(key_pair, serialized); } @@ -7084,7 +7100,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_99( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_25( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -7120,11 +7136,11 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_clone_28_b4( +libcrux_ml_kem_ind_cca_unpacked_clone_28_e5( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_99(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_25(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -7147,7 +7163,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_52( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_7e( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -7159,8 +7175,8 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_b4( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_52(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_e5( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_7e(key_pair)); pk[0U] = uu____0; } @@ -7171,7 +7187,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_c8(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_0d(public_key, serialized); } @@ -7194,7 +7210,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_22( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_b2( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -7214,7 +7230,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_e0(public_key), + libcrux_ml_kem_types_as_slice_fd_0e(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -7234,7 +7250,7 @@ const generics - PUBLIC_KEY_SIZE= 1184 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_fa( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_ee( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { @@ -7250,7 +7266,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_fa( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_ee( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h index 0ae3513dd..b8421f790 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_mlkem768_portable_types_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index 7c68c3394..5b77b14b3 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index 52282e41f..eb7601a34 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -7,8 +7,8 @@ * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 2cc5d08dc51d9011b73e45fa933da711162d0d01 + * F*: 650b216aeb5901ec6f1c44ff275acd924e54bdbd + * Libcrux: ff16b9e8164d0fd89efabd103d4a6c874df0c127 */ #ifndef __libcrux_sha3_portable_H diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst index 92dd7571e..5bb6b9214 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst @@ -231,8 +231,6 @@ let sample_vector_cbd_then_ntt_out let _:Prims.unit = admit () (* Panic freedom *) in result -#push-options "--z3rlimit 200" - let compress_then_serialize_u (v_K v_OUT_LEN v_COMPRESSION_FACTOR v_BLOCK_LEN: usize) (#v_Vector: Type0) @@ -253,7 +251,9 @@ let compress_then_serialize_u (fun out i -> let out:t_Slice u8 = out in let i:usize = i in - (Core.Slice.impl__len #u8 out <: usize) =. v_OUT_LEN <: bool) + v i < v v_K ==> + (Seq.length out == v v_OUT_LEN /\ + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index input (v i)))) out (fun out temp_1_ -> let out:t_Slice u8 = out in @@ -297,8 +297,6 @@ let compress_then_serialize_u let hax_temp_output:Prims.unit = result in out -#pop-options - #push-options "--admit_smt_queries true" let deserialize_then_decompress_u diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti index edbaf7c17..11fd6f8e5 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti @@ -89,7 +89,10 @@ val compress_then_serialize_u (requires Spec.MLKEM.is_rank v_K /\ v_OUT_LEN == Spec.MLKEM.v_C1_SIZE v_K /\ v_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K /\ - v_BLOCK_LEN == Spec.MLKEM.v_C1_BLOCK_SIZE v_K /\ Core.Slice.impl__len #u8 out == v_OUT_LEN) + v_BLOCK_LEN == Spec.MLKEM.v_C1_BLOCK_SIZE v_K /\ Core.Slice.impl__len #u8 out == v_OUT_LEN /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index input i))) (ensures fun out_future -> let out_future:t_Slice u8 = out_future in diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst index b30f263ee..3d92db16f 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst @@ -9,7 +9,17 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () -#push-options "--admit_smt_queries true" +let to_unsigned_field_modulus + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (a: v_Vector) + = + let _:Prims.unit = reveal_opaque (`%field_modulus_range) (field_modulus_range #v_Vector) in + let result:v_Vector = Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector a in + let _:Prims.unit = admit () (* Panic freedom *) in + result let compress_then_serialize_10_ (v_OUT_LEN: usize) @@ -19,23 +29,29 @@ let compress_then_serialize_10_ Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + let _:Prims.unit = assert_norm (pow2 10 == 1024) in let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized temp_1_ -> + (fun serialized i -> let serialized:t_Array u8 v_OUT_LEN = serialized in - let _:usize = temp_1_ in - true) + let i:usize = i in + v i >= 0 /\ v i <= 16 /\ v i < 16 ==> coefficients_field_modulus_range re) serialized (fun serialized i -> let serialized:t_Array u8 v_OUT_LEN = serialized in let i:usize = i in + let _:Prims.unit = assert (20 * v i + 20 <= 320) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in let coefficient:v_Vector = Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector #FStar.Tactics.Typeclasses.solve 10l - (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + (to_unsigned_field_modulus #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) <: v_Vector) @@ -68,9 +84,9 @@ let compress_then_serialize_10_ in serialized) in - serialized - -#pop-options + let result:t_Array u8 v_OUT_LEN = serialized in + let _:Prims.unit = admit () (* Panic freedom *) in + result #push-options "--admit_smt_queries true" @@ -135,8 +151,6 @@ let compress_then_serialize_11_ #pop-options -#push-options "--admit_smt_queries true" - let compress_then_serialize_4_ (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -145,23 +159,29 @@ let compress_then_serialize_4_ (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) (serialized: t_Slice u8) = - let v__serialized_len:usize = Core.Slice.impl__len #u8 serialized in + let _:Prims.unit = assert_norm (pow2 4 == 16) in let serialized:t_Slice u8 = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT (fun serialized i -> let serialized:t_Slice u8 = serialized in let i:usize = i in - (Core.Slice.impl__len #u8 serialized <: usize) =. v__serialized_len <: bool) + v i >= 0 /\ v i <= 16 /\ v i < 16 ==> + (Seq.length serialized == 128 /\ coefficients_field_modulus_range re)) serialized (fun serialized i -> let serialized:t_Slice u8 = serialized in let i:usize = i in + let _:Prims.unit = assert (8 * v i + 8 <= 128) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in let coefficient:v_Vector = Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector #FStar.Tactics.Typeclasses.solve 4l - (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + (to_unsigned_field_modulus #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) <: v_Vector) @@ -194,11 +214,11 @@ let compress_then_serialize_4_ in serialized) in - let hax_temp_output:Prims.unit = () <: Prims.unit in + let result:Prims.unit = () <: Prims.unit in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in serialized -#pop-options - #push-options "--admit_smt_queries true" let compress_then_serialize_5_ @@ -209,14 +229,13 @@ let compress_then_serialize_5_ (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) (serialized: t_Slice u8) = - let v__serialized_len:usize = Core.Slice.impl__len #u8 serialized in let serialized:t_Slice u8 = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized i -> + (fun serialized temp_1_ -> let serialized:t_Slice u8 = serialized in - let i:usize = i in - (Core.Slice.impl__len #u8 serialized <: usize) =. v__serialized_len <: bool) + let _:usize = temp_1_ in + true) serialized (fun serialized i -> let serialized:t_Slice u8 = serialized in @@ -263,8 +282,6 @@ let compress_then_serialize_5_ #pop-options -#push-options "--admit_smt_queries true" - let compress_then_serialize_message (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -276,16 +293,21 @@ let compress_then_serialize_message let serialized:t_Array u8 (sz 32) = Rust_primitives.Hax.Folds.fold_range (sz 0) (sz 16) - (fun serialized temp_1_ -> + (fun serialized i -> let serialized:t_Array u8 (sz 32) = serialized in - let _:usize = temp_1_ in - true) + let i:usize = i in + v i < 16 ==> coefficients_field_modulus_range re) serialized (fun serialized i -> let serialized:t_Array u8 (sz 32) = serialized in let i:usize = i in + let _:Prims.unit = assert (2 * v i + 2 <= 32) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + to_unsigned_field_modulus #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) in let coefficient_compressed:v_Vector = @@ -321,9 +343,9 @@ let compress_then_serialize_message in serialized) in - serialized - -#pop-options + let result:t_Array u8 (sz 32) = serialized in + let _:Prims.unit = admit () (* Panic freedom *) in + result let compress_then_serialize_ring_element_u (v_COMPRESSION_FACTOR v_OUT_LEN: usize) @@ -335,7 +357,8 @@ let compress_then_serialize_ring_element_u = let _:Prims.unit = assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 10) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 11)) + (v (cast v_COMPRESSION_FACTOR <: u32) == 11)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) in match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with | 10ul -> compress_then_serialize_10_ v_OUT_LEN #v_Vector re @@ -357,7 +380,8 @@ let compress_then_serialize_ring_element_v = let _:Prims.unit = assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 4) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 5)) + (v (cast v_COMPRESSION_FACTOR <: u32) == 5)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) in let out, hax_temp_output:(t_Slice u8 & Prims.unit) = match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with @@ -593,8 +617,6 @@ let deserialize_then_decompress_5_ in re -#push-options "--admit_smt_queries true" - let deserialize_then_decompress_message (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -645,9 +667,9 @@ let deserialize_then_decompress_message in re) in - re - -#pop-options + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:Prims.unit = admit () (* Panic freedom *) in + result let deserialize_then_decompress_ring_element_u (v_COMPRESSION_FACTOR: usize) @@ -691,8 +713,6 @@ let deserialize_then_decompress_ring_element_v <: Rust_primitives.Hax.t_Never) -#push-options "--admit_smt_queries true" - let deserialize_to_reduced_ring_element (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -739,9 +759,9 @@ let deserialize_to_reduced_ring_element in re) in - re - -#pop-options + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:Prims.unit = admit () (* Panic freedom *) in + result let deserialize_ring_elements_reduced (v_K: usize) @@ -844,8 +864,6 @@ let deserialize_to_uncompressed_ring_element in re -#push-options "--admit_smt_queries true" - let serialize_uncompressed_ring_element (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -853,20 +871,26 @@ let serialize_uncompressed_ring_element Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + let _:Prims.unit = assert_norm (pow2 12 == 4096) in let serialized:t_Array u8 (sz 384) = Rust_primitives.Hax.repeat 0uy (sz 384) in let serialized:t_Array u8 (sz 384) = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized temp_1_ -> + (fun serialized i -> let serialized:t_Array u8 (sz 384) = serialized in - let _:usize = temp_1_ in - true) + let i:usize = i in + v i >= 0 /\ v i <= 16 /\ v i < 16 ==> coefficients_field_modulus_range re) serialized (fun serialized i -> let serialized:t_Array u8 (sz 384) = serialized in let i:usize = i in + let _:Prims.unit = assert (24 * v i + 24 <= 384) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + to_unsigned_field_modulus #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) in let bytes:t_Array u8 (sz 24) = @@ -897,6 +921,6 @@ let serialize_uncompressed_ring_element in serialized) in - serialized - -#pop-options + let result:t_Array u8 (sz 384) = serialized in + let _:Prims.unit = admit () (* Panic freedom *) in + result diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti index ffe2bb9af..2d1d64184 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti @@ -9,19 +9,50 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () +[@@ "opaque_to_smt"] +let field_modulus_range (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (a: v_Vector) = + let coef = Libcrux_ml_kem.Vector.Traits.f_to_i16_array a in + forall (i:nat). i < 16 ==> v (Seq.index coef i) > -(v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) /\ + v (Seq.index coef i) < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS + +[@@ "opaque_to_smt"] +let coefficients_field_modulus_range (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + forall (i:nat). i < 16 ==> field_modulus_range (Seq.index re.f_coefficients i) + +val to_unsigned_field_modulus + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (a: v_Vector) + : Prims.Pure v_Vector + (requires field_modulus_range a) + (ensures + fun result -> + let result:v_Vector = result in + forall (i: nat). + i < 16 ==> + v (Seq.index (Libcrux_ml_kem.Vector.Traits.f_to_i16_array result) i) >= 0 /\ + v (Seq.index (Libcrux_ml_kem.Vector.Traits.f_to_i16_array result) i) < + v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) + val compress_then_serialize_10_ (v_OUT_LEN: usize) (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 v_OUT_LEN) (requires v_OUT_LEN =. sz 320) (fun _ -> Prims.l_True) + : Prims.Pure (t_Array u8 v_OUT_LEN) + (requires v v_OUT_LEN == 320 /\ coefficients_field_modulus_range re) + (fun _ -> Prims.l_True) val compress_then_serialize_11_ (v_OUT_LEN: usize) (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 v_OUT_LEN) (requires v_OUT_LEN =. sz 352) (fun _ -> Prims.l_True) + : Prims.Pure (t_Array u8 v_OUT_LEN) Prims.l_True (fun _ -> Prims.l_True) val compress_then_serialize_4_ (#v_Vector: Type0) @@ -29,8 +60,11 @@ val compress_then_serialize_4_ (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) (serialized: t_Slice u8) : Prims.Pure (t_Slice u8) - (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 128) - (fun _ -> Prims.l_True) + (requires Seq.length serialized == 128 /\ coefficients_field_modulus_range re) + (ensures + fun serialized_future -> + let serialized_future:t_Slice u8 = serialized_future in + Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) val compress_then_serialize_5_ (#v_Vector: Type0) @@ -39,13 +73,18 @@ val compress_then_serialize_5_ (serialized: t_Slice u8) : Prims.Pure (t_Slice u8) (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 160) - (fun _ -> Prims.l_True) + (ensures + fun serialized_future -> + let serialized_future:t_Slice u8 = serialized_future in + Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) val compress_then_serialize_message (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 (sz 32)) Prims.l_True (fun _ -> Prims.l_True) + : Prims.Pure (t_Array u8 (sz 32)) + (requires coefficients_field_modulus_range re) + (fun _ -> Prims.l_True) val compress_then_serialize_ring_element_u (v_COMPRESSION_FACTOR v_OUT_LEN: usize) @@ -54,8 +93,8 @@ val compress_then_serialize_ring_element_u (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) : Prims.Pure (t_Array u8 v_OUT_LEN) (requires - (v_COMPRESSION_FACTOR =. sz 10 || v_COMPRESSION_FACTOR =. sz 11) && - v_OUT_LEN =. (sz 32 *! v_COMPRESSION_FACTOR <: usize)) + (v v_COMPRESSION_FACTOR == 10 \/ v v_COMPRESSION_FACTOR == 11) /\ + v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ coefficients_field_modulus_range re) (fun _ -> Prims.l_True) val compress_then_serialize_ring_element_v @@ -66,9 +105,9 @@ val compress_then_serialize_ring_element_v (out: t_Slice u8) : Prims.Pure (t_Slice u8) (requires - (v_COMPRESSION_FACTOR =. sz 4 || v_COMPRESSION_FACTOR =. sz 5) && - v_OUT_LEN =. (sz 32 *! v_COMPRESSION_FACTOR <: usize) && - (Core.Slice.impl__len #u8 out <: usize) =. v_OUT_LEN) + (v v_COMPRESSION_FACTOR == 4 \/ v v_COMPRESSION_FACTOR == 5) /\ + v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ Seq.length out == v v_OUT_LEN /\ + coefficients_field_modulus_range re) (ensures fun out_future -> let out_future:t_Slice u8 = out_future in @@ -189,4 +228,6 @@ val serialize_uncompressed_ring_element (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 (sz 384)) Prims.l_True (fun _ -> Prims.l_True) + : Prims.Pure (t_Array u8 (sz 384)) + (requires coefficients_field_modulus_range re) + (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti index 9c2b8909f..0a135cf42 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti @@ -203,11 +203,20 @@ let impl_3: Libcrux_ml_kem.Vector.Traits.t_Operations t_SIMD256Vector = } <: t_SIMD256Vector); - f_compress_1_pre = (fun (vector: t_SIMD256Vector) -> true); - f_compress_1_post = (fun (vector: t_SIMD256Vector) (out: t_SIMD256Vector) -> true); + f_compress_1_pre + = + (fun (vector: t_SIMD256Vector) -> + forall (i: nat). + i < 16 ==> + v (Seq.index (impl.f_repr vector) i) >= 0 /\ v (Seq.index (impl.f_repr vector) i) < 3329); + f_compress_1_post + = + (fun (vector: t_SIMD256Vector) (out: t_SIMD256Vector) -> + forall (i: nat). i < 16 ==> bounded (Seq.index (impl.f_repr out) i) 1); f_compress_1_ = (fun (vector: t_SIMD256Vector) -> + let _:Prims.unit = admit () in { f_elements = @@ -218,14 +227,23 @@ let impl_3: Libcrux_ml_kem.Vector.Traits.t_Operations t_SIMD256Vector = f_compress_pre = (fun (v_COEFFICIENT_BITS: i32) (vector: t_SIMD256Vector) -> - v_COEFFICIENT_BITS =. 4l || v_COEFFICIENT_BITS =. 5l || v_COEFFICIENT_BITS =. 10l || - v_COEFFICIENT_BITS =. 11l); + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) /\ + (forall (i: nat). + i < 16 ==> + v (Seq.index (impl.f_repr vector) i) >= 0 /\ v (Seq.index (impl.f_repr vector) i) < 3329 + )); f_compress_post = - (fun (v_COEFFICIENT_BITS: i32) (vector: t_SIMD256Vector) (out: t_SIMD256Vector) -> true); + (fun (v_COEFFICIENT_BITS: i32) (vector: t_SIMD256Vector) (out: t_SIMD256Vector) -> + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) ==> + (forall (i: nat). i < 16 ==> bounded (Seq.index (impl.f_repr out) i) (v v_COEFFICIENT_BITS)) + ); f_compress = (fun (v_COEFFICIENT_BITS: i32) (vector: t_SIMD256Vector) -> + let _:Prims.unit = admit () in { f_elements = diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst index 1d8993c9e..8bda725bd 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst @@ -22,78 +22,146 @@ let compress_message_coefficient (fe: u16) = let shifted_positive_in_range:i16 = shifted_to_positive -! 832s in cast ((shifted_positive_in_range >>! 15l <: i16) &. 1s <: i16) <: u8 +#push-options "--fuel 0 --ifuel 0 --z3rlimit 2000" + let compress (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) = - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + let _:Prims.unit = + assert (v (cast (v_COEFFICIENT_BITS) <: u8) == v v_COEFFICIENT_BITS); + assert (v (cast (v_COEFFICIENT_BITS) <: u32) == v v_COEFFICIENT_BITS) + in + let _:Prims.unit = + assert (forall (i: nat). + i < 16 ==> + (cast (a.f_elements.[ sz i ]) <: u16) <. + (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16)) + in + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Vector.Traits.v_FIELD_ELEMENTS_IN_VECTOR - (fun v temp_1_ -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in - let _:usize = temp_1_ in - true) - v - (fun v i -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in + let i:usize = i in + (v i < 16 ==> + (forall (j: nat). + (j >= v i /\ j < 16) ==> + v (cast (a.f_elements.[ sz j ]) <: u16) < + v (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16))) /\ + (forall (j: nat). + j < v i ==> + v (a.f_elements.[ sz j ] <: i16) >= 0 /\ + v (a.f_elements.[ sz j ] <: i16) < pow2 (v (cast (v_COEFFICIENT_BITS) <: u32)))) + a + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in let i:usize = i in - { - v with - Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v - .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements - i - (compress_ciphertext_coefficient (cast (v_COEFFICIENT_BITS <: i32) <: u8) - (cast (v.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] <: i16) - <: - u16) - <: - i16) + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + { + a with + Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize a + .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + i + (compress_ciphertext_coefficient (cast (v_COEFFICIENT_BITS <: i32) <: u8) + (cast (a.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] <: i16) + <: + u16) + <: + i16) + } <: - t_Array i16 (sz 16) - } - <: - Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + in + let _:Prims.unit = + assert (v (a.f_elements.[ i ] <: i16) >= 0 /\ + v (a.f_elements.[ i ] <: i16) < pow2 (v (cast (v_COEFFICIENT_BITS) <: u32))) + in + a) in - v + let _:Prims.unit = + assert (forall (i: nat). + i < 16 ==> + v (a.f_elements.[ sz i ] <: i16) >= 0 /\ + v (a.f_elements.[ sz i ] <: i16) < pow2 (v v_COEFFICIENT_BITS)) + in + a -let compress_1_ (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) = - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = +#pop-options + +#push-options "--fuel 0 --ifuel 0 --z3rlimit 2000" + +let compress_message_coefficient_range_helper (fe: u16) : Lemma + (requires fe <. (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16)) + (ensures v (cast (compress_message_coefficient fe) <: i16) >= 0 /\ + v (cast (compress_message_coefficient fe) <: i16) < 2) = + assert (v (cast (compress_message_coefficient fe) <: i16) >= 0 /\ + v (cast (compress_message_coefficient fe) <: i16) < 2) + +let compress_1_ (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) = + let _:Prims.unit = + assert (forall (i: nat). + i < 16 ==> + (cast (a.f_elements.[ sz i ]) <: u16) <. + (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16)) + in + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Vector.Traits.v_FIELD_ELEMENTS_IN_VECTOR - (fun v temp_1_ -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in - let _:usize = temp_1_ in - true) - v - (fun v i -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in + let i:usize = i in + (v i < 16 ==> + (forall (j: nat). + (j >= v i /\ j < 16) ==> + v (cast (a.f_elements.[ sz j ]) <: u16) < + v (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16))) /\ + (forall (j: nat). + j < v i ==> + v (a.f_elements.[ sz j ] <: i16) >= 0 /\ v (a.f_elements.[ sz j ] <: i16) < 2)) + a + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in let i:usize = i in - { - v with - Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v - .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements - i - (cast (compress_message_coefficient (cast (v - .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] - <: - i16) - <: - u16) - <: - u8) - <: - i16) + let _:Prims.unit = + compress_message_coefficient_range_helper (cast (a.f_elements.[ i ]) <: u16) + in + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + { + a with + Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize a + .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + i + (cast (compress_message_coefficient (cast (a + .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] + <: + i16) + <: + u16) + <: + u8) + <: + i16) + } <: - t_Array i16 (sz 16) - } - <: - Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + in + let _:Prims.unit = + assert (v (a.f_elements.[ i ] <: i16) >= 0 /\ v (a.f_elements.[ i ] <: i16) < 2) + in + a) in - v + let _:Prims.unit = + assert (forall (i: nat). + i < 16 ==> v (a.f_elements.[ sz i ] <: i16) >= 0 /\ v (a.f_elements.[ sz i ] <: i16) < 2) + in + a + +#pop-options let decompress_ciphertext_coefficient (v_COEFFICIENT_BITS: i32) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti index 4a89ca30f..938330976 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti @@ -47,15 +47,32 @@ val compress_message_coefficient (fe: u16) val compress (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector - Prims.l_True - (fun _ -> Prims.l_True) + (requires + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) /\ + (forall (i: nat). + i < 16 ==> v (Seq.index a.f_elements i) >= 0 /\ v (Seq.index a.f_elements i) < 3329)) + (ensures + fun result -> + let result:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = result in + forall (i: nat). + i < 16 ==> + v (result.f_elements.[ sz i ] <: i16) >= 0 /\ + v (result.f_elements.[ sz i ] <: i16) < pow2 (v v_COEFFICIENT_BITS)) -val compress_1_ (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) +val compress_1_ (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector - Prims.l_True - (fun _ -> Prims.l_True) + (requires + forall (i: nat). + i < 16 ==> v (Seq.index a.f_elements i) >= 0 /\ v (Seq.index a.f_elements i) < 3329) + (ensures + fun result -> + let result:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = result in + forall (i: nat). + i < 16 ==> + v (result.f_elements.[ sz i ] <: i16) >= 0 /\ v (result.f_elements.[ sz i ] <: i16) < 2) val decompress_ciphertext_coefficient (v_COEFFICIENT_BITS: i32) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fst index b676b472e..37ca063e4 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fst @@ -418,6 +418,9 @@ let deserialize_1_lemma inputs = #pop-options +let deserialize_1_bounded_lemma inputs = + admit() + let deserialize_10_ (bytes: t_Slice u8) = let v0_7_:(i16 & i16 & i16 & i16 & i16 & i16 & i16 & i16) = deserialize_10_int (bytes.[ { Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = sz 10 } @@ -469,6 +472,9 @@ let deserialize_10_lemma inputs = #pop-options +let deserialize_10_bounded_lemma inputs = + admit() + let deserialize_12_ (bytes: t_Slice u8) = let v0_1_:(i16 & i16) = deserialize_12_int (bytes.[ { Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = sz 3 } @@ -562,6 +568,9 @@ let deserialize_12_lemma inputs = #pop-options +let deserialize_12_bounded_lemma inputs = + admit() + let deserialize_4_ (bytes: t_Slice u8) = let v0_7_:(i16 & i16 & i16 & i16 & i16 & i16 & i16 & i16) = deserialize_4_int (bytes.[ { Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = sz 4 } @@ -613,6 +622,9 @@ let deserialize_4_lemma inputs = #pop-options +let deserialize_4_bounded_lemma inputs = + admit() + let serialize_1_ (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) = let result0:u8 = (((((((cast (v.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ sz 0 ] <: i16) <: u8) |. diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fsti index 856f8399d..97118a4cc 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Serialize.fsti @@ -77,6 +77,9 @@ val deserialize_1_ (v: t_Slice u8) val deserialize_1_lemma (inputs: t_Array u8 (sz 2)) : Lemma (ensures bit_vec_of_int_t_array (deserialize_1_ inputs).f_elements 1 == bit_vec_of_int_t_array inputs 8) +val deserialize_1_bounded_lemma (inputs: t_Array u8 (sz 2)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (deserialize_1_ inputs).f_elements i) 1) + val deserialize_10_ (bytes: t_Slice u8) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (requires Core.Slice.impl__len #u8 bytes =. sz 20) @@ -85,6 +88,9 @@ val deserialize_10_ (bytes: t_Slice u8) val deserialize_10_lemma (inputs: t_Array u8 (sz 20)) : Lemma (ensures bit_vec_of_int_t_array (deserialize_10_ inputs).f_elements 10 == bit_vec_of_int_t_array inputs 8) +val deserialize_10_bounded_lemma (inputs: t_Array u8 (sz 20)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (deserialize_10_ inputs).f_elements i) 10) + val deserialize_12_ (bytes: t_Slice u8) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (requires Core.Slice.impl__len #u8 bytes =. sz 24) @@ -93,6 +99,9 @@ val deserialize_12_ (bytes: t_Slice u8) val deserialize_12_lemma (inputs: t_Array u8 (sz 24)) : Lemma (ensures bit_vec_of_int_t_array (deserialize_12_ inputs).f_elements 12 == bit_vec_of_int_t_array inputs 8) +val deserialize_12_bounded_lemma (inputs: t_Array u8 (sz 24)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (deserialize_12_ inputs).f_elements i) 12) + val deserialize_4_ (bytes: t_Slice u8) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (requires Core.Slice.impl__len #u8 bytes =. sz 8) @@ -101,6 +110,9 @@ val deserialize_4_ (bytes: t_Slice u8) val deserialize_4_lemma (inputs: t_Array u8 (sz 8)) : Lemma (ensures bit_vec_of_int_t_array (deserialize_4_ inputs).f_elements 4 == bit_vec_of_int_t_array inputs 8) +val deserialize_4_bounded_lemma (inputs: t_Array u8 (sz 8)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (deserialize_4_ inputs).f_elements i) 4) + val serialize_1_ (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) : Prims.Pure (t_Array u8 (sz 2)) Prims.l_True (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst new file mode 100644 index 000000000..dbd72c7e0 --- /dev/null +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst @@ -0,0 +1,15 @@ +module Libcrux_ml_kem.Vector.Portable +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open Core +open FStar.Mul + +let _ = + (* This module has implicit dependencies, here we make them explicit. *) + (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Vector.Portable.Vector_type in + let open Libcrux_ml_kem.Vector.Traits in + () + +#push-options "--z3rlimit 300" + +#pop-options diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti index d7a0d3f21..2c4690115 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti @@ -30,7 +30,7 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = Libcrux_ml_kem.Vector.Portable.Vector_type.to_i16_array x } -#push-options "--admit_smt_queries true" +#push-options "--z3rlimit 200" [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_1: Libcrux_ml_kem.Vector.Traits.t_Operations @@ -224,41 +224,49 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = Libcrux_ml_kem.Vector.Portable.Arithmetic.montgomery_multiply_by_constant v r); f_compress_1_pre = - (fun (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> true); + (fun (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> + forall (i: nat). + i < 16 ==> v (Seq.index (impl.f_repr a) i) >= 0 /\ v (Seq.index (impl.f_repr a) i) < 3329); f_compress_1_post = (fun - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) (out: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> - true); + forall (i: nat). i < 16 ==> bounded (Seq.index (impl.f_repr out) i) 1); f_compress_1_ = - (fun (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> - Libcrux_ml_kem.Vector.Portable.Compress.compress_1_ v); + (fun (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> + Libcrux_ml_kem.Vector.Portable.Compress.compress_1_ a); f_compress_pre = (fun (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> - v_COEFFICIENT_BITS =. 4l || v_COEFFICIENT_BITS =. 5l || v_COEFFICIENT_BITS =. 10l || - v_COEFFICIENT_BITS =. 11l); + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) /\ + (forall (i: nat). + i < 16 ==> + v (Seq.index (impl.f_repr a) i) >= 0 /\ v (Seq.index (impl.f_repr a) i) < 3329)); f_compress_post = (fun (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) (out: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> - true); + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) ==> + (forall (i: nat). i < 16 ==> bounded (Seq.index (impl.f_repr out) i) (v v_COEFFICIENT_BITS)) + ); f_compress = (fun (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> - Libcrux_ml_kem.Vector.Portable.Compress.compress v_COEFFICIENT_BITS v); + Libcrux_ml_kem.Vector.Portable.Compress.compress v_COEFFICIENT_BITS a); f_decompress_ciphertext_coefficient_pre = (fun @@ -499,6 +507,7 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = = (fun (a: t_Slice u8) -> let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_1_lemma a in + let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_1_bounded_lemma a in Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_1_ a); f_serialize_4_pre = @@ -529,6 +538,7 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = = (fun (a: t_Slice u8) -> let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_4_lemma a in + let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_4_bounded_lemma a in Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_4_ a); f_serialize_5_pre = @@ -577,6 +587,9 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = = (fun (a: t_Slice u8) -> let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_10_lemma a in + let _:Prims.unit = + Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_10_bounded_lemma a + in Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_10_ a); f_serialize_11_pre = @@ -625,6 +638,9 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = = (fun (a: t_Slice u8) -> let _:Prims.unit = Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_12_lemma a in + let _:Prims.unit = + Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_12_bounded_lemma a + in Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_12_ a); f_rej_sample_pre = diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fst index 1c6967d6d..31c67d6b2 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fst @@ -53,8 +53,6 @@ let to_standard_domain v v_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS -#push-options "--z3rlimit 100" - #push-options "--admit_smt_queries true" let to_unsigned_representative @@ -69,5 +67,3 @@ let to_unsigned_representative f_add #v_T #FStar.Tactics.Typeclasses.solve a fm #pop-options - -#pop-options diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti index e5599b2b3..e2a2bbbe4 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti @@ -137,17 +137,32 @@ class t_Operations (v_Self: Type0) = { -> Prims.Pure v_Self (f_montgomery_multiply_by_constant_pre x0 x1) (fun result -> f_montgomery_multiply_by_constant_post x0 x1 result); - f_compress_1_pre:v: v_Self -> pred: Type0{true ==> pred}; - f_compress_1_post:v_Self -> v_Self -> Type0; + f_compress_1_pre:a: v_Self + -> pred: + Type0 + { (forall (i: nat). + i < 16 ==> v (Seq.index (f_repr a) i) >= 0 /\ v (Seq.index (f_repr a) i) < 3329) ==> + pred }; + f_compress_1_post:a: v_Self -> result: v_Self + -> pred: Type0{pred ==> (forall (i: nat). i < 16 ==> bounded (Seq.index (f_repr result) i) 1)}; f_compress_1_:x0: v_Self -> Prims.Pure v_Self (f_compress_1_pre x0) (fun result -> f_compress_1_post x0 result); - f_compress_pre:v_COEFFICIENT_BITS: i32 -> v: v_Self + f_compress_pre:v_COEFFICIENT_BITS: i32 -> a: v_Self -> pred: Type0 - { v_COEFFICIENT_BITS =. 4l || v_COEFFICIENT_BITS =. 5l || v_COEFFICIENT_BITS =. 10l || - v_COEFFICIENT_BITS =. 11l ==> + { (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) /\ + (forall (i: nat). + i < 16 ==> v (Seq.index (f_repr a) i) >= 0 /\ v (Seq.index (f_repr a) i) < 3329) ==> pred }; - f_compress_post:v_COEFFICIENT_BITS: i32 -> v_Self -> v_Self -> Type0; + f_compress_post:v_COEFFICIENT_BITS: i32 -> a: v_Self -> result: v_Self + -> pred: + Type0 + { pred ==> + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) ==> + (forall (i: nat). i < 16 ==> bounded (Seq.index (f_repr result) i) (v v_COEFFICIENT_BITS)) + }; f_compress:v_COEFFICIENT_BITS: i32 -> x0: v_Self -> Prims.Pure v_Self (f_compress_pre v_COEFFICIENT_BITS x0) diff --git a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst index 0fba37313..bb8601b20 100644 --- a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst +++ b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst @@ -277,7 +277,7 @@ let serialize_post (coefficients: t_Array i16 (sz 16) { serialize_pre d1 coefficients }) (output: t_Array u8 (sz (d1 * 2))) = BitVecEq.int_t_array_bitwise_eq coefficients d1 - output 8 + output 8 // TODO: this is an alternative version of byte_decode // rename to decoded bytes @@ -286,5 +286,6 @@ let deserialize_post (bytes: t_Array u8 (sz (d1 * 2))) (output: t_Array i16 (sz 16)) = BitVecEq.int_t_array_bitwise_eq bytes 8 - output d1 + output d1 /\ + forall (i:nat). i < 16 ==> bounded (Seq.index output i) d1 #pop-options diff --git a/libcrux-ml-kem/src/ind_cpa.rs b/libcrux-ml-kem/src/ind_cpa.rs index 5ba8b40d5..e00498e93 100644 --- a/libcrux-ml-kem/src/ind_cpa.rs +++ b/libcrux-ml-kem/src/ind_cpa.rs @@ -384,12 +384,13 @@ pub(crate) fn generate_keypair< /// Call [`compress_then_serialize_ring_element_u`] on each ring element. #[hax_lib::fstar::verification_status(panic_free)] -#[hax_lib::fstar::options("--z3rlimit 200")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $OUT_LEN == Spec.MLKEM.v_C1_SIZE $K /\\ $COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR $K /\\ $BLOCK_LEN == Spec.MLKEM.v_C1_BLOCK_SIZE $K /\\ - ${out.len()} == $OUT_LEN"))] + ${out.len()} == $OUT_LEN /\\ + (forall (i:nat). i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $input i))"))] #[hax_lib::ensures(|_| fstar!("$out_future == Spec.MLKEM.compress_then_encode_u #$K (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $input)") @@ -410,7 +411,8 @@ fn compress_then_serialize_u< // for the following bug https://github.com/hacspec/hax/issues/720 cloop! { for (i, re) in input.into_iter().enumerate() { - hax_lib::loop_invariant!(|i: usize| out.len() == OUT_LEN); + hax_lib::loop_invariant!(|i: usize| { fstar!("v $i < v $K ==> (Seq.length out == v $OUT_LEN /\\ + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $input (v $i)))") }); out[i * (OUT_LEN / K)..(i + 1) * (OUT_LEN / K)].copy_from_slice( &compress_then_serialize_ring_element_u::(&re), ); diff --git a/libcrux-ml-kem/src/serialize.rs b/libcrux-ml-kem/src/serialize.rs index 64d1f1eda..c8aa0a6f1 100644 --- a/libcrux-ml-kem/src/serialize.rs +++ b/libcrux-ml-kem/src/serialize.rs @@ -2,17 +2,48 @@ use crate::{ constants::{COEFFICIENTS_IN_RING_ELEMENT, BYTES_PER_RING_ELEMENT, SHARED_SECRET_SIZE}, helper::cloop, polynomial::{PolynomialRingElement, VECTORS_IN_RING_ELEMENT}, - vector::{decompress_1, to_unsigned_representative, Operations}, + vector::{decompress_1, to_unsigned_representative, Operations, FIELD_MODULUS}, }; #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] +#[hax_lib::fstar::before(interface, "[@@ \"opaque_to_smt\"] +let coefficients_field_modulus_range (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + forall (i:nat). i < 16 ==> field_modulus_range (Seq.index re.f_coefficients i)")] +#[hax_lib::fstar::before(interface, "[@@ \"opaque_to_smt\"] +let field_modulus_range (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (a: v_Vector) = + let coef = Libcrux_ml_kem.Vector.Traits.f_to_i16_array a in + forall (i:nat). i < 16 ==> v (Seq.index coef i) > -(v $FIELD_MODULUS) /\\ + v (Seq.index coef i) < v $FIELD_MODULUS")] +#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::requires(fstar!("field_modulus_range $a"))] +#[hax_lib::ensures(|result| fstar!("forall (i:nat). i < 16 ==> + v (Seq.index (Libcrux_ml_kem.Vector.Traits.f_to_i16_array $result) i) >= 0 /\\ + v (Seq.index (Libcrux_ml_kem.Vector.Traits.f_to_i16_array $result) i) < v $FIELD_MODULUS"))] +pub(super) fn to_unsigned_field_modulus( + a: Vector, +) -> Vector { + hax_lib::fstar!("reveal_opaque (`%field_modulus_range) (field_modulus_range #$:Vector)"); + to_unsigned_representative::(a) +} + +#[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::requires(fstar!("coefficients_field_modulus_range $re"))] pub(super) fn compress_then_serialize_message( re: PolynomialRingElement, ) -> [u8; SHARED_SECRET_SIZE] { let mut serialized = [0u8; SHARED_SECRET_SIZE]; for i in 0..16 { - let coefficient = to_unsigned_representative::(re.coefficients[i]); + hax_lib::loop_invariant!(|i: usize| { fstar!("v $i < 16 ==> + coefficients_field_modulus_range $re") }); + hax_lib::fstar!("assert (2 * v $i + 2 <= 32)"); + hax_lib::fstar!("reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #$:Vector)"); + let coefficient = to_unsigned_field_modulus(re.coefficients[i]); let coefficient_compressed = Vector::compress_1(coefficient); let bytes = Vector::serialize_1(coefficient_compressed); @@ -21,8 +52,9 @@ pub(super) fn compress_then_serialize_message( serialized } + #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] +#[hax_lib::fstar::verification_status(panic_free)] pub(super) fn deserialize_then_decompress_message( serialized: [u8; SHARED_SECRET_SIZE], ) -> PolynomialRingElement { @@ -35,13 +67,20 @@ pub(super) fn deserialize_then_decompress_message( } #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] +#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::requires(fstar!("coefficients_field_modulus_range $re"))] pub(super) fn serialize_uncompressed_ring_element( re: &PolynomialRingElement, ) -> [u8; BYTES_PER_RING_ELEMENT] { + hax_lib::fstar!("assert_norm (pow2 12 == 4096)"); let mut serialized = [0u8; BYTES_PER_RING_ELEMENT]; for i in 0..VECTORS_IN_RING_ELEMENT { - let coefficient = to_unsigned_representative::(re.coefficients[i]); + hax_lib::loop_invariant!(|i: usize| { fstar!("v $i >= 0 /\\ v $i <= 16 /\\ + v $i < 16 ==> coefficients_field_modulus_range $re") }); + hax_lib::fstar!("assert (24 * v $i + 24 <= 384)"); + hax_lib::fstar!("reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #$:Vector)"); + let coefficient = to_unsigned_field_modulus(re.coefficients[i]); let bytes = Vector::serialize_12(coefficient); serialized[24 * i..24 * i + 24].copy_from_slice(&bytes); @@ -72,7 +111,7 @@ pub(super) fn deserialize_to_uncompressed_ring_element( /// /// This MUST NOT be used with secret inputs, like its caller `deserialize_ring_elements_reduced`. #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires( serialized.len() == BYTES_PER_RING_ELEMENT )] @@ -139,17 +178,21 @@ pub(super) fn deserialize_ring_elements_reduced< } #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] -#[hax_lib::requires( - OUT_LEN == 320 -)] +#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::requires(fstar!("v $OUT_LEN == 320 /\\ coefficients_field_modulus_range $re"))] fn compress_then_serialize_10( re: &PolynomialRingElement, ) -> [u8; OUT_LEN] { + hax_lib::fstar!("assert_norm (pow2 10 == 1024)"); let mut serialized = [0u8; OUT_LEN]; for i in 0..VECTORS_IN_RING_ELEMENT { + hax_lib::loop_invariant!(|i: usize| { fstar!("v $i >= 0 /\\ v $i <= 16 /\\ + v $i < 16 ==> coefficients_field_modulus_range $re") }); + hax_lib::fstar!("assert (20 * v $i + 20 <= 320)"); + hax_lib::fstar!("reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #$:Vector)"); let coefficient = - Vector::compress::<10>(to_unsigned_representative::(re.coefficients[i])); + Vector::compress::<10>(to_unsigned_field_modulus(re.coefficients[i])); let bytes = Vector::serialize_10(coefficient); serialized[20 * i..20 * i + 20].copy_from_slice(&bytes); @@ -159,9 +202,6 @@ fn compress_then_serialize_10( #[inline(always)] #[hax_lib::fstar::verification_status(lax)] -#[hax_lib::requires( - OUT_LEN == 352 -)] fn compress_then_serialize_11( re: &PolynomialRingElement, ) -> [u8; OUT_LEN] { @@ -177,10 +217,8 @@ fn compress_then_serialize_11( } #[inline(always)] -#[hax_lib::requires( - (COMPRESSION_FACTOR == 10 || COMPRESSION_FACTOR == 11) && - OUT_LEN == 32 * COMPRESSION_FACTOR -)] +#[hax_lib::requires(fstar!("(v $COMPRESSION_FACTOR == 10 \\/ v $COMPRESSION_FACTOR == 11) /\\ + v $OUT_LEN == 32 * v $COMPRESSION_FACTOR /\\ coefficients_field_modulus_range $re"))] pub(super) fn compress_then_serialize_ring_element_u< const COMPRESSION_FACTOR: usize, const OUT_LEN: usize, @@ -190,7 +228,8 @@ pub(super) fn compress_then_serialize_ring_element_u< ) -> [u8; OUT_LEN] { hax_lib::fstar!("assert ( (v (cast $COMPRESSION_FACTOR <: u32) == 10) \\/ - (v (cast $COMPRESSION_FACTOR <: u32) == 11))"); + (v (cast $COMPRESSION_FACTOR <: u32) == 11)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v $COMPRESSION_FACTOR)"); match COMPRESSION_FACTOR as u32 { 10 => compress_then_serialize_10(re), 11 => compress_then_serialize_11(re), @@ -199,21 +238,28 @@ pub(super) fn compress_then_serialize_ring_element_u< } #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] -#[hax_lib::requires( - serialized.len() == 128 +#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::requires(fstar!("Seq.length $serialized == 128 /\\ + coefficients_field_modulus_range $re"))] +#[hax_lib::ensures(|_| + fstar!("${serialized_future.len()} == ${serialized.len()}") )] fn compress_then_serialize_4( re: PolynomialRingElement, serialized: &mut [u8], ) { - let _serialized_len = serialized.len(); + hax_lib::fstar!("assert_norm (pow2 4 == 16)"); // The semicolon and parentheses at the end of loop are a workaround // for the following bug https://github.com/hacspec/hax/issues/720 for i in 0..VECTORS_IN_RING_ELEMENT { - hax_lib::loop_invariant!(|i: usize| serialized.len() == _serialized_len); + // NOTE: Using `$serialized` in loop_invariant doesn't work here + hax_lib::loop_invariant!(|i: usize| { fstar!("v $i >= 0 /\\ v $i <= 16 /\\ + v $i < 16 ==> (Seq.length serialized == 128 /\\ coefficients_field_modulus_range $re)") }); + hax_lib::fstar!("assert (8 * v $i + 8 <= 128)"); + hax_lib::fstar!("reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #$:Vector)"); let coefficient = - Vector::compress::<4>(to_unsigned_representative::(re.coefficients[i])); + Vector::compress::<4>(to_unsigned_field_modulus(re.coefficients[i])); let bytes = Vector::serialize_4(coefficient); serialized[8 * i..8 * i + 8].copy_from_slice(&bytes); @@ -226,15 +272,16 @@ fn compress_then_serialize_4( #[hax_lib::requires( serialized.len() == 160 )] +#[hax_lib::ensures(|_| + fstar!("${serialized_future.len()} == ${serialized.len()}") +)] fn compress_then_serialize_5( re: PolynomialRingElement, serialized: &mut [u8], ) { - let _serialized_len = serialized.len(); // The semicolon and parentheses at the end of loop are a workaround // for the following bug https://github.com/hacspec/hax/issues/720 for i in 0..VECTORS_IN_RING_ELEMENT { - hax_lib::loop_invariant!(|i: usize| serialized.len() == _serialized_len); let coefficients = Vector::compress::<5>(to_unsigned_representative::(re.coefficients[i])); @@ -245,11 +292,8 @@ fn compress_then_serialize_5( } #[inline(always)] -#[hax_lib::requires( - (COMPRESSION_FACTOR == 4 || COMPRESSION_FACTOR == 5) && - OUT_LEN == 32 * COMPRESSION_FACTOR && - out.len() == OUT_LEN -)] +#[hax_lib::requires(fstar!("(v $COMPRESSION_FACTOR == 4 \\/ v $COMPRESSION_FACTOR == 5) /\\ v $OUT_LEN == 32 * v $COMPRESSION_FACTOR /\\ + Seq.length $out == v $OUT_LEN /\\ coefficients_field_modulus_range $re"))] #[hax_lib::ensures(|_| fstar!("${out_future.len()} == ${out.len()}") )] @@ -263,7 +307,8 @@ pub(super) fn compress_then_serialize_ring_element_v< ) { hax_lib::fstar!("assert ( (v (cast $COMPRESSION_FACTOR <: u32) == 4) \\/ - (v (cast $COMPRESSION_FACTOR <: u32) == 5))"); + (v (cast $COMPRESSION_FACTOR <: u32) == 5)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v $COMPRESSION_FACTOR)"); match COMPRESSION_FACTOR as u32 { 4 => compress_then_serialize_4(re, out), 5 => compress_then_serialize_5(re, out), diff --git a/libcrux-ml-kem/src/vector/avx2.rs b/libcrux-ml-kem/src/vector/avx2.rs index 2649ab808..907f14ecd 100644 --- a/libcrux-ml-kem/src/vector/avx2.rs +++ b/libcrux-ml-kem/src/vector/avx2.rs @@ -139,15 +139,29 @@ impl Operations for SIMD256Vector { } } + #[requires(fstar!("forall (i:nat). i < 16 ==> v (Seq.index (impl.f_repr $vector) i) >= 0 /\\ + v (Seq.index (impl.f_repr $vector) i) < 3329"))] + #[ensures(|out| fstar!("forall (i:nat). i < 16 ==> bounded (Seq.index (impl.f_repr $out) i) 1"))] fn compress_1(vector: Self) -> Self { + hax_lib::fstar!("admit()"); Self { elements: compress::compress_message_coefficient(vector.elements), } } - #[requires(COEFFICIENT_BITS == 4 || COEFFICIENT_BITS == 5 || - COEFFICIENT_BITS == 10 || COEFFICIENT_BITS == 11)] + #[requires(fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) /\\ + (forall (i:nat). i < 16 ==> v (Seq.index (impl.f_repr $vector) i) >= 0 /\\ + v (Seq.index (impl.f_repr $vector) i) < 3329)"))] + #[ensures(|out| fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) ==> + (forall (i:nat). i < 16 ==> bounded (Seq.index (impl.f_repr $out) i) (v $COEFFICIENT_BITS))"))] fn compress(vector: Self) -> Self { + hax_lib::fstar!("admit()"); Self { elements: compress::compress_ciphertext_coefficient::( vector.elements, diff --git a/libcrux-ml-kem/src/vector/portable.rs b/libcrux-ml-kem/src/vector/portable.rs index 6f9ca5d53..0c1d07d1e 100644 --- a/libcrux-ml-kem/src/vector/portable.rs +++ b/libcrux-ml-kem/src/vector/portable.rs @@ -22,7 +22,7 @@ impl crate::vector::traits::Repr for PortableVector { } } -#[hax_lib::fstar::before(interface, r#"#push-options "--admit_smt_queries true""#)] +#[hax_lib::fstar::before(interface, r#"#push-options "--z3rlimit 200""#)] #[hax_lib::fstar::after(interface, r#"#pop-options"#)] #[hax_lib::attributes] impl Operations for PortableVector { @@ -96,14 +96,26 @@ impl Operations for PortableVector { montgomery_multiply_by_constant(v, r) } - fn compress_1(v: Self) -> Self { - compress_1(v) + #[requires(fstar!("forall (i:nat). i < 16 ==> v (Seq.index (impl.f_repr $a) i) >= 0 /\\ + v (Seq.index (impl.f_repr $a) i) < 3329"))] + #[ensures(|out| fstar!("forall (i:nat). i < 16 ==> bounded (Seq.index (impl.f_repr $out) i) 1"))] + fn compress_1(a: Self) -> Self { + compress_1(a) } - #[requires(COEFFICIENT_BITS == 4 || COEFFICIENT_BITS == 5 || - COEFFICIENT_BITS == 10 || COEFFICIENT_BITS == 11)] - fn compress(v: Self) -> Self { - compress::(v) + #[requires(fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) /\\ + (forall (i:nat). i < 16 ==> v (Seq.index (impl.f_repr $a) i) >= 0 /\\ + v (Seq.index (impl.f_repr $a) i) < 3329)"))] + #[ensures(|out| fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) ==> + (forall (i:nat). i < 16 ==> bounded (Seq.index (impl.f_repr $out) i) (v $COEFFICIENT_BITS))"))] + fn compress(a: Self) -> Self { + compress::(a) } #[requires(COEFFICIENT_BITS == 4 || COEFFICIENT_BITS == 5 || @@ -185,6 +197,7 @@ impl Operations for PortableVector { #[ensures(|out| fstar!("sz (Seq.length $a) =. sz 2 ==> Spec.MLKEM.deserialize_post 1 $a (impl.f_repr $out)"))] fn deserialize_1(a: &[u8]) -> Self { hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_1_lemma $a"); + hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_1_bounded_lemma $a"); deserialize_1(a) } @@ -200,6 +213,7 @@ impl Operations for PortableVector { #[ensures(|out| fstar!("sz (Seq.length $a) =. sz 8 ==> Spec.MLKEM.deserialize_post 4 $a (impl.f_repr $out)"))] fn deserialize_4(a: &[u8]) -> Self { hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_4_lemma $a"); + hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_4_bounded_lemma $a"); deserialize_4(a) } @@ -223,6 +237,7 @@ impl Operations for PortableVector { #[ensures(|out| fstar!("sz (Seq.length $a) =. sz 20 ==> Spec.MLKEM.deserialize_post 10 $a (impl.f_repr $out)"))] fn deserialize_10(a: &[u8]) -> Self { hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_10_lemma $a"); + hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_10_bounded_lemma $a"); deserialize_10(a) } @@ -246,6 +261,7 @@ impl Operations for PortableVector { #[ensures(|out| fstar!("sz (Seq.length $a) =. sz 24 ==> Spec.MLKEM.deserialize_post 12 $a (impl.f_repr $out)"))] fn deserialize_12(a: &[u8]) -> Self { hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_12_lemma $a"); + hax_lib::fstar!("Libcrux_ml_kem.Vector.Portable.Serialize.deserialize_12_bounded_lemma $a"); deserialize_12(a) } diff --git a/libcrux-ml-kem/src/vector/portable/compress.rs b/libcrux-ml-kem/src/vector/portable/compress.rs index dab3e8190..fa8e5a0ee 100644 --- a/libcrux-ml-kem/src/vector/portable/compress.rs +++ b/libcrux-ml-kem/src/vector/portable/compress.rs @@ -84,21 +84,66 @@ pub(crate) fn compress_ciphertext_coefficient(coefficient_bits: u8, fe: u16) -> } #[inline(always)] -pub(crate) fn compress_1(mut v: PortableVector) -> PortableVector { +#[cfg_attr(hax, hax_lib::fstar::before(" +let compress_message_coefficient_range_helper (fe: u16) : Lemma + (requires fe <. (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16)) + (ensures v (cast (compress_message_coefficient fe) <: i16) >= 0 /\\ + v (cast (compress_message_coefficient fe) <: i16) < 2) = + assert (v (cast (compress_message_coefficient fe) <: i16) >= 0 /\\ + v (cast (compress_message_coefficient fe) <: i16) < 2) +"))] +#[hax_lib::fstar::options("--fuel 0 --ifuel 0 --z3rlimit 2000")] +#[hax_lib::requires(fstar!("forall (i:nat). i < 16 ==> v (Seq.index ${a}.f_elements i) >= 0 /\\ + v (Seq.index ${a}.f_elements i) < 3329"))] +#[hax_lib::ensures(|result| fstar!("forall (i:nat). i < 16 ==> v (${result}.f_elements.[ sz i ] <: i16) >= 0 /\\ + v (${result}.f_elements.[ sz i ] <: i16) < 2"))] +pub(crate) fn compress_1(mut a: PortableVector) -> PortableVector { + hax_lib::fstar!("assert (forall (i:nat). i < 16 ==> (cast (${a}.f_elements.[ sz i ]) <: u16) <. + (cast ($FIELD_MODULUS) <: u16))"); for i in 0..FIELD_ELEMENTS_IN_VECTOR { - v.elements[i] = compress_message_coefficient(v.elements[i] as u16) as i16; + hax_lib::loop_invariant!(|i: usize| { fstar!("(v $i < 16 ==> (forall (j:nat). (j >= v $i /\\ j < 16) ==> + v (cast (${a}.f_elements.[ sz j ]) <: u16) < v (cast ($FIELD_MODULUS) <: u16))) /\\ + (forall (j:nat). j < v $i ==> v (${a}.f_elements.[ sz j ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ sz j ] <: i16) < 2)") }); + hax_lib::fstar!("compress_message_coefficient_range_helper (cast (${a}.f_elements.[ $i ]) <: u16)"); + a.elements[i] = compress_message_coefficient(a.elements[i] as u16) as i16; + hax_lib::fstar!("assert (v (${a}.f_elements.[ $i ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ $i ] <: i16) < 2)"); } - v + hax_lib::fstar!("assert (forall (i:nat). i < 16 ==> v (${a}.f_elements.[ sz i ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ sz i ] <: i16) < 2)"); + a } #[inline(always)] -pub(crate) fn compress(mut v: PortableVector) -> PortableVector { +#[hax_lib::fstar::options("--fuel 0 --ifuel 0 --z3rlimit 2000")] +#[hax_lib::requires(fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) /\\ + (forall (i:nat). i < 16 ==> v (Seq.index ${a}.f_elements i) >= 0 /\\ + v (Seq.index ${a}.f_elements i) < 3329)"))] +#[hax_lib::ensures(|result| fstar!("forall (i:nat). i < 16 ==> v (${result}.f_elements.[ sz i ] <: i16) >= 0 /\\ + v (${result}.f_elements.[ sz i ] <: i16) < pow2 (v $COEFFICIENT_BITS))"))] +pub(crate) fn compress(mut a: PortableVector) -> PortableVector { + hax_lib::fstar!("assert (v (cast ($COEFFICIENT_BITS) <: u8) == v $COEFFICIENT_BITS); + assert (v (cast ($COEFFICIENT_BITS) <: u32) == v $COEFFICIENT_BITS)"); + hax_lib::fstar!("assert (forall (i:nat). i < 16 ==> (cast (${a}.f_elements.[ sz i ]) <: u16) <. + (cast ($FIELD_MODULUS) <: u16))"); for i in 0..FIELD_ELEMENTS_IN_VECTOR { - v.elements[i] = - compress_ciphertext_coefficient(COEFFICIENT_BITS as u8, v.elements[i] as u16) as i16; + hax_lib::loop_invariant!(|i: usize| { fstar!("(v $i < 16 ==> (forall (j:nat). (j >= v $i /\\ j < 16) ==> + v (cast (${a}.f_elements.[ sz j ]) <: u16) < v (cast ($FIELD_MODULUS) <: u16))) /\\ + (forall (j:nat). j < v $i ==> v (${a}.f_elements.[ sz j ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ sz j ] <: i16) < pow2 (v (cast ($COEFFICIENT_BITS) <: u32)))") }); + a.elements[i] = + compress_ciphertext_coefficient(COEFFICIENT_BITS as u8, a.elements[i] as u16) as i16; + hax_lib::fstar!("assert (v (${a}.f_elements.[ $i ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ $i ] <: i16) < pow2 (v (cast ($COEFFICIENT_BITS) <: u32)))"); } - v + hax_lib::fstar!("assert (forall (i:nat). i < 16 ==> v (${a}.f_elements.[ sz i ] <: i16) >= 0 /\\ + v (${a}.f_elements.[ sz i ] <: i16) < pow2 (v $COEFFICIENT_BITS))"); + a } #[inline(always)] diff --git a/libcrux-ml-kem/src/vector/portable/serialize.rs b/libcrux-ml-kem/src/vector/portable/serialize.rs index e10194a40..151c1b31b 100644 --- a/libcrux-ml-kem/src/vector/portable/serialize.rs +++ b/libcrux-ml-kem/src/vector/portable/serialize.rs @@ -59,6 +59,16 @@ pub(crate) fn serialize_1(v: PortableVector) -> [u8; 2] { ] } +//deserialize_1_bounded_lemma +#[cfg_attr(hax, hax_lib::fstar::after(interface, " +val deserialize_1_bounded_lemma (inputs: t_Array u8 (sz 2)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (${deserialize_1} inputs).f_elements i) 1) +"))] +#[cfg_attr(hax, hax_lib::fstar::after(" +let deserialize_1_bounded_lemma inputs = + admit() +"))] +//deserialize_1_lemma #[cfg_attr(hax, hax_lib::fstar::after(interface, " val deserialize_1_lemma (inputs: t_Array u8 (sz 2)) : Lemma (ensures bit_vec_of_int_t_array (${deserialize_1} inputs).f_elements 1 == bit_vec_of_int_t_array inputs 8) @@ -73,6 +83,7 @@ let deserialize_1_lemma inputs = #pop-options "))] +//deserialize_1_bit_vec_lemma #[cfg_attr(hax, hax_lib::fstar::after(" #push-options \"--compat_pre_core 2 --z3rlimit 300 --z3refresh\" @@ -200,6 +211,16 @@ pub(crate) fn deserialize_4_int(bytes: &[u8]) -> (i16, i16, i16, i16, i16, i16, (v0, v1, v2, v3, v4, v5, v6, v7) } +//deserialize_4_bounded_lemma +#[cfg_attr(hax, hax_lib::fstar::after(interface, " +val deserialize_4_bounded_lemma (inputs: t_Array u8 (sz 8)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (${deserialize_4} inputs).f_elements i) 4) +"))] +#[cfg_attr(hax, hax_lib::fstar::after(" +let deserialize_4_bounded_lemma inputs = + admit() +"))] +//deserialize_4_lemma #[cfg_attr(hax, hax_lib::fstar::after(interface, " val deserialize_4_lemma (inputs: t_Array u8 (sz 8)) : Lemma (ensures bit_vec_of_int_t_array (${deserialize_4} inputs).f_elements 4 == bit_vec_of_int_t_array inputs 8) @@ -214,6 +235,7 @@ let deserialize_4_lemma inputs = #pop-options "))] +//deserialize_4_bit_vec_lemma #[cfg_attr(hax, hax_lib::fstar::after(" #push-options \"--compat_pre_core 2 --z3rlimit 300 --z3refresh\" @@ -454,6 +476,16 @@ pub(crate) fn deserialize_10_int(bytes: &[u8]) -> (i16, i16, i16, i16, i16, i16, (r0, r1, r2, r3, r4, r5, r6, r7) } +//deserialize_10_bounded_lemma +#[cfg_attr(hax, hax_lib::fstar::after(interface, " +val deserialize_10_bounded_lemma (inputs: t_Array u8 (sz 20)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (${deserialize_10} inputs).f_elements i) 10) +"))] +#[cfg_attr(hax, hax_lib::fstar::after(" +let deserialize_10_bounded_lemma inputs = + admit() +"))] +//deserialize_10_lemma #[cfg_attr(hax, hax_lib::fstar::after(interface, " val deserialize_10_lemma (inputs: t_Array u8 (sz 20)) : Lemma (ensures bit_vec_of_int_t_array (${deserialize_10} inputs).f_elements 10 == bit_vec_of_int_t_array inputs 8) @@ -468,6 +500,7 @@ let deserialize_10_lemma inputs = #pop-options "))] +//deserialize_10_bit_vec_lemma #[cfg_attr(hax, hax_lib::fstar::after(" #push-options \"--compat_pre_core 2 --z3rlimit 300 --z3refresh\" @@ -711,6 +744,16 @@ pub(crate) fn deserialize_12_int(bytes: &[u8]) -> (i16, i16) { (r0, r1) } +//deserialize_12_bounded_lemma +#[cfg_attr(hax, hax_lib::fstar::after(interface, " +val deserialize_12_bounded_lemma (inputs: t_Array u8 (sz 24)) : Lemma + (ensures forall i. i < 16 ==> bounded (Seq.index (${deserialize_12} inputs).f_elements i) 12) +"))] +#[cfg_attr(hax, hax_lib::fstar::after(" +let deserialize_12_bounded_lemma inputs = + admit() +"))] +//deserialize_12_lemma #[cfg_attr(hax, hax_lib::fstar::after(interface, " val deserialize_12_lemma (inputs: t_Array u8 (sz 24)) : Lemma (ensures bit_vec_of_int_t_array (${deserialize_12} inputs).f_elements 12 == bit_vec_of_int_t_array inputs 8) @@ -725,6 +768,7 @@ let deserialize_12_lemma inputs = #pop-options "))] +//deserialize_12_bit_vec_lemma #[cfg_attr(hax, hax_lib::fstar::after(" #push-options \"--compat_pre_core 2 --z3rlimit 300 --z3refresh\" diff --git a/libcrux-ml-kem/src/vector/traits.rs b/libcrux-ml-kem/src/vector/traits.rs index aa0434e85..3dd66ac97 100644 --- a/libcrux-ml-kem/src/vector/traits.rs +++ b/libcrux-ml-kem/src/vector/traits.rs @@ -72,11 +72,22 @@ pub trait Operations: Copy + Clone + Repr { fn montgomery_multiply_by_constant(v: Self, c: i16) -> Self; // Compression - #[requires(true)] - fn compress_1(v: Self) -> Self; - #[requires(COEFFICIENT_BITS == 4 || COEFFICIENT_BITS == 5 || - COEFFICIENT_BITS == 10 || COEFFICIENT_BITS == 11)] - fn compress(v: Self) -> Self; + #[requires(fstar!("forall (i:nat). i < 16 ==> v (Seq.index (f_repr $a) i) >= 0 /\\ + v (Seq.index (f_repr $a) i) < 3329"))] + #[ensures(|result| fstar!("forall (i:nat). i < 16 ==> bounded (Seq.index (f_repr $result) i) 1"))] + fn compress_1(a: Self) -> Self; + #[requires(fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) /\\ + (forall (i:nat). i < 16 ==> v (Seq.index (f_repr $a) i) >= 0 /\\ + v (Seq.index (f_repr $a) i) < 3329)"))] + #[ensures(|result| fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) ==> + (forall (i:nat). i < 16 ==> bounded (Seq.index (f_repr $result) i) (v $COEFFICIENT_BITS))"))] + fn compress(a: Self) -> Self; #[requires(COEFFICIENT_BITS == 4 || COEFFICIENT_BITS == 5 || COEFFICIENT_BITS == 10 || COEFFICIENT_BITS == 11)] fn decompress_ciphertext_coefficient(v: Self) -> Self; @@ -213,7 +224,6 @@ pub fn to_standard_domain(v: T) -> T { } #[hax_lib::fstar::verification_status(lax)] -#[hax_lib::fstar::options("--z3rlimit 100")] #[hax_lib::requires(fstar!("Spec.Utils.is_i16b_array 3328 (i1._super_8706949974463268012.f_repr a)"))] #[hax_lib::ensures(|result| fstar!("forall i. (let x = Seq.index (i1._super_8706949974463268012.f_repr ${a}) i in