diff --git a/.github/workflows/mlkem.yml b/.github/workflows/mlkem.yml index 741c22304..ca57fcc63 100644 --- a/.github/workflows/mlkem.yml +++ b/.github/workflows/mlkem.yml @@ -158,14 +158,16 @@ jobs: cargo test --features kyber --verbose $RUST_TARGET_FLAG - name: 🏃🏻‍♀️ Cargo Check Features + if: ${{ matrix.bits == 64 }} run: | cargo clean cargo hack check --feature-powerset $EXCLUDE_FEATURES --verbose --no-dev-deps $RUST_TARGET_FLAG - name: 🏃🏻‍♀️ Cargo Test Features + if: ${{ matrix.bits == 64 }} run: | cargo clean - cargo hack test --each-feature $EXCLUDE_FEATURES --verbose --no-dev-deps $RUST_TARGET_FLAG + cargo hack test --each-feature $EXCLUDE_FEATURES --verbose $RUST_TARGET_FLAG benchmarks: strategy: diff --git a/libcrux-ml-kem/c.sh b/libcrux-ml-kem/c.sh index ffed1c80c..1299cf49b 100755 --- a/libcrux-ml-kem/c.sh +++ b/libcrux-ml-kem/c.sh @@ -21,6 +21,7 @@ out=c glue=$EURYDICE_HOME/include/eurydice_glue.h features="--cargo-arg=--features=pre-verification" eurydice_glue=1 +unrolling=16 # Parse command line arguments. all_args=("$@") @@ -35,6 +36,7 @@ while [ $# -gt 0 ]; do --glue) glue="$2"; shift ;; --mlkem768) features="${features} --cargo-arg=--no-default-features --cargo-arg=--features=mlkem768" ;; --no-glue) eurydice_glue=0 ;; + --no-unrolling) unrolling=0 ;; esac shift done @@ -72,7 +74,7 @@ if [[ "$clean" = 1 ]]; then fi echo "Running eurydice ..." -$EURYDICE_HOME/eurydice --config ../$config ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc +$EURYDICE_HOME/eurydice --config ../$config -funroll-loops $unrolling ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc if [[ "$eurydice_glue" = 1 ]]; then cp $EURYDICE_HOME/include/eurydice_glue.h . fi diff --git a/libcrux-ml-kem/cg.yaml b/libcrux-ml-kem/cg.yaml index d4b5be5a8..f7833c76c 100644 --- a/libcrux-ml-kem/cg.yaml +++ b/libcrux-ml-kem/cg.yaml @@ -48,50 +48,6 @@ files: monomorphizations_using: - [libcrux_sha3, "*"] - # Common parts of SHA3 (this catches stuff that hasn't matched above). Must - # # come after the (more precise) patterns above concerning platform-specific hash_functions - # - name: libcrux_sha3_internal - # api: - # patterns: - # - [libcrux_sha3, "*"] - # monomorphizations_of: - # - [libcrux_sha3, "*"] - # monomorphizations_using: - # - [libcrux_sha3, "*"] - # inline_static: true - - # MLKEM: HASH FUNCTIONS (as used by mlkem) - - # - name: libcrux_mlkem_avx2 - # api: - # - [libcrux_ml_kem, vector, avx2, "*"] - # - [libcrux_ml_kem, hash_functions, avx2, "*"] - # private: - # monomorphizations_using: - # - [libcrux_ml_kem, vector, avx2, "*"] - # - [libcrux_ml_kem, hash_functions, avx2, "*"] - # monomorphizations_of: - # - [libcrux_ml_kem, vector, avx2, "*"] - # - [libcrux_ml_kem, hash_functions, avx2, "*"] - - # # This covers slightly more than the two bundles above, but this greatly - # # simplifies our lives. - # - name: libcrux_mlkem_portable - # inline_static: true - # api: - # patterns: - # - [libcrux_ml_kem, vector, "*"] - # - [libcrux_ml_kem, hash_functions, portable, "*"] - # - [ libcrux_ml_kem, polynomial, "*" ] - # monomorphizations_using: - # - [ libcrux_ml_kem, polynomial, "*" ] - # - [libcrux_ml_kem, vector, "*"] - # - [libcrux_ml_kem, hash_functions, portable, "*"] - # monomorphizations_of: - # - [ libcrux_ml_kem, polynomial, "*" ] - # - [libcrux_ml_kem, vector, "*"] - # - [libcrux_ml_kem, hash_functions, portable, "*"] - # MLKEM: MISC NON-ARCHITECTURE SPECIFIC HEADERS - name: libcrux_core inline_static: true @@ -139,7 +95,6 @@ files: - [libcrux_ml_kem, "*"] - [libcrux_ml_kem, vector, "*"] - [libcrux_ml_kem, hash_functions, portable, "*"] - # - [libcrux_ml_kem, polynomial, "*" ] - [libcrux_ml_kem, mlkem768, portable, "*"] - [libcrux_ml_kem, ind_cca, instantiations, portable, "*"] monomorphizations_of: diff --git a/libcrux-ml-kem/cg/README.md b/libcrux-ml-kem/cg/README.md index f5a975b99..b18d42280 100644 --- a/libcrux-ml-kem/cg/README.md +++ b/libcrux-ml-kem/cg/README.md @@ -11,7 +11,7 @@ While running the commands separately is possible, it is not recommended because the script sets all necessary configuration flags. ```bash -./c.sh --config cg.yaml --out cg --mlkem768 --no-glue +./c.sh --config cg.yaml --out cg --mlkem768 --no-glue --no-unrolling ``` ## Build diff --git a/libcrux-ml-kem/cg/eurydice_glue.h b/libcrux-ml-kem/cg/eurydice_glue.h index 9f42825da..ec6d47b7f 100644 --- a/libcrux-ml-kem/cg/eurydice_glue.h +++ b/libcrux-ml-kem/cg/eurydice_glue.h @@ -129,13 +129,6 @@ static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x, uint8_t y) { return x - y; } -// static inline uint8_t Eurydice_bitand_pv_u8(uint8_t *p, uint8_t v) { -// return (*p) & v; -// } -// static inline uint8_t Eurydice_shr_pv_u8(uint8_t *p, int32_t v) { -// return (*p) >> v; -// } - // ITERATORS #define Eurydice_range_iter_next(iter_ptr, t, ret_t) \ diff --git a/libcrux-ml-kem/cg/karamel/target.h b/libcrux-ml-kem/cg/karamel/target.h index 65a621972..804507b80 100644 --- a/libcrux-ml-kem/cg/karamel/target.h +++ b/libcrux-ml-kem/cg/karamel/target.h @@ -4,8 +4,6 @@ #ifndef __KRML_TARGET_H #define __KRML_TARGET_H -/* For "bare" targets that do not have a C stdlib, the user might want to use - * [-add-early-include '"mydefinitions.h"'] and override these. */ #ifndef KRML_HOST_PRINTF # define KRML_HOST_PRINTF printf #endif @@ -23,190 +21,4 @@ # define KRML_HOST_EXIT exit #endif -/* Macros for prettier unrolling of loops */ -#define KRML_LOOP1(i, n, x) { \ - x \ - i += n; \ - (void) i; \ -} - -#define KRML_LOOP2(i, n, x) \ - KRML_LOOP1(i, n, x) \ - KRML_LOOP1(i, n, x) - -#define KRML_LOOP3(i, n, x) \ - KRML_LOOP2(i, n, x) \ - KRML_LOOP1(i, n, x) - -#define KRML_LOOP4(i, n, x) \ - KRML_LOOP2(i, n, x) \ - KRML_LOOP2(i, n, x) - -#define KRML_LOOP5(i, n, x) \ - KRML_LOOP4(i, n, x) \ - KRML_LOOP1(i, n, x) - -#define KRML_LOOP6(i, n, x) \ - KRML_LOOP4(i, n, x) \ - KRML_LOOP2(i, n, x) - -#define KRML_LOOP7(i, n, x) \ - KRML_LOOP4(i, n, x) \ - KRML_LOOP3(i, n, x) - -#define KRML_LOOP8(i, n, x) \ - KRML_LOOP4(i, n, x) \ - KRML_LOOP4(i, n, x) - -#define KRML_LOOP9(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP1(i, n, x) - -#define KRML_LOOP10(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP2(i, n, x) - -#define KRML_LOOP11(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP3(i, n, x) - -#define KRML_LOOP12(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP4(i, n, x) - -#define KRML_LOOP13(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP5(i, n, x) - -#define KRML_LOOP14(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP6(i, n, x) - -#define KRML_LOOP15(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP7(i, n, x) - -#define KRML_LOOP16(i, n, x) \ - KRML_LOOP8(i, n, x) \ - KRML_LOOP8(i, n, x) - -#define KRML_UNROLL_FOR(i, z, n, k, x) \ - do { \ - uint32_t i = z; \ - KRML_LOOP##n(i, k, x) \ - } while (0) - -#define KRML_ACTUAL_FOR(i, z, n, k, x) \ - do { \ - for (uint32_t i = z; i < n; i += k) { \ - x \ - } \ - } while (0) - -#ifndef KRML_UNROLL_MAX -# define KRML_UNROLL_MAX 0 -#endif - -/* 1 is the number of loop iterations, i.e. (n - z)/k as evaluated by krml */ -#if 0 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR0(i, z, n, k, x) -#else -# define KRML_MAYBE_FOR0(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 1 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR1(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 1, k, x) -#else -# define KRML_MAYBE_FOR1(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 2 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR2(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 2, k, x) -#else -# define KRML_MAYBE_FOR2(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 3 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR3(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 3, k, x) -#else -# define KRML_MAYBE_FOR3(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 4 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR4(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 4, k, x) -#else -# define KRML_MAYBE_FOR4(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 5 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR5(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 5, k, x) -#else -# define KRML_MAYBE_FOR5(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 6 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR6(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 6, k, x) -#else -# define KRML_MAYBE_FOR6(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 7 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR7(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 7, k, x) -#else -# define KRML_MAYBE_FOR7(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 8 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR8(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 8, k, x) -#else -# define KRML_MAYBE_FOR8(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 9 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR9(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 9, k, x) -#else -# define KRML_MAYBE_FOR9(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 10 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR10(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 10, k, x) -#else -# define KRML_MAYBE_FOR10(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 11 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR11(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 11, k, x) -#else -# define KRML_MAYBE_FOR11(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 12 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR12(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 12, k, x) -#else -# define KRML_MAYBE_FOR12(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 13 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR13(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 13, k, x) -#else -# define KRML_MAYBE_FOR13(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 14 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR14(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 14, k, x) -#else -# define KRML_MAYBE_FOR14(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 15 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR15(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 15, k, x) -#else -# define KRML_MAYBE_FOR15(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif - -#if 16 <= KRML_UNROLL_MAX -# define KRML_MAYBE_FOR16(i, z, n, k, x) KRML_UNROLL_FOR(i, z, 16, k, x) -#else -# define KRML_MAYBE_FOR16(i, z, n, k, x) KRML_ACTUAL_FOR(i, z, n, k, x) -#endif #endif diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index 4c13971d0..d822e5644 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -1,8 +1,8 @@ /* This file was generated by KaRaMeL KaRaMeL invocation: /home/franziskus/eurydice//eurydice --config ../cg.yaml - ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: - KaRaMeL version: 42a43169 + -funroll-loops 0 ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: + KaRaMeL version: 42a43169 */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index 26c3be607..26dd84eab 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -1,8 +1,8 @@ /* This file was generated by KaRaMeL KaRaMeL invocation: /home/franziskus/eurydice//eurydice --config ../cg.yaml - ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: - KaRaMeL version: 42a43169 + -funroll-loops 0 ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: + KaRaMeL version: 42a43169 */ #ifndef __libcrux_mlkem768_avx2_H @@ -676,10 +676,10 @@ libcrux_ml_kem_vector_avx2_serialize_deserialize_1(Eurydice_slice bytes) { libcrux_intrinsics_avx2_mm256_set_epi16( (int16_t)1 << 8U, (int16_t)1 << 9U, (int16_t)1 << 10U, (int16_t)1 << 11U, (int16_t)1 << 12U, (int16_t)1 << 13U, - (int16_t)1 << 14U, (int16_t)1 << 15U, (int16_t)1 << 8U, + (int16_t)1 << 14U, (int16_t)-32768, (int16_t)1 << 8U, (int16_t)1 << 9U, (int16_t)1 << 10U, (int16_t)1 << 11U, (int16_t)1 << 12U, (int16_t)1 << 13U, (int16_t)1 << 14U, - (int16_t)1 << 15U); + (int16_t)-32768); core_core_arch_x86___m256i coefficients_in_msb = libcrux_intrinsics_avx2_mm256_mullo_epi16(coefficients, shift_lsb_to_msb); return libcrux_intrinsics_avx2_mm256_srli_epi16( @@ -1920,14 +1920,15 @@ libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_avx2_SIMD256Vector( libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_3_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); - re->coefficients[round] = uu____0;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_3_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + re->coefficients[round] = uu____0; + } } __attribute__((target("avx2"))) @@ -1937,16 +1938,18 @@ libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_avx2_SIMD256Vector( libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_2_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] + (size_t)1U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_2_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)1U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + } } __attribute__((target("avx2"))) @@ -1956,20 +1959,22 @@ libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_avx2_SIMD256Vector( libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_1_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)3U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] + (size_t)3U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___ntt_layer_1_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)1U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)2U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)3U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] + (size_t)3U; + } } __attribute__((target("avx2"))) @@ -2019,10 +2024,10 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_avx2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector u_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + u_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t, @@ -2294,10 +2299,10 @@ libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_avx2_SIMD25 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector secret_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + secret_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(secret_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2384,20 +2389,22 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1__libcrux_ml_kem_vector_avx2_SIMD libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_1_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)3U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] - (size_t)3U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_1_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)1U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)2U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)3U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] - (size_t)3U; + } } __attribute__((target("avx2"))) @@ -2407,16 +2414,18 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2__libcrux_ml_kem_vector_avx2_SIMD libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_2_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] - (size_t)1U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_2_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)1U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + } } __attribute__((target("avx2"))) @@ -2426,14 +2435,15 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3__libcrux_ml_kem_vector_avx2_SIMD libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_3_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); - re->coefficients[round] = uu____0;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___inv_ntt_layer_3_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + re->coefficients[round] = uu____0; + } } __attribute__((target("avx2"))) @@ -2545,14 +2555,15 @@ libcrux_ml_kem_matrix_compute_message__libcrux_ml_kem_vector_avx2_SIMD256Vector_ libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector result = libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_avx2_SIMD256Vector( - &secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( - &result, &product);); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector + product = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_avx2_SIMD256Vector( + &secret_as_ntt[i0], &u_as_ntt[i0]); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( + &result, &product); + } libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( &result); result = @@ -2597,26 +2608,27 @@ libcrux_ml_kem_serialize_compress_then_serialize_message__libcrux_ml_kem_vector_ re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - core_core_arch_x86___m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_avx2_SIMD256Vector( - re.coefficients[i0]); - core_core_arch_x86___m256i coefficient_compressed = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___compress_1( - coefficient); - uint8_t bytes[2U]; - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___serialize_1( - coefficient_compressed, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)32U, serialized, - (CLITERAL(core_ops_range_Range__size_t){ - .start = (size_t)2U * i0, .end = (size_t)2U * i0 + (size_t)2U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice( - uu____0, - Eurydice_array_to_slice((size_t)2U, bytes, uint8_t, Eurydice_slice), - uint8_t, void *);); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t i0 = i; + core_core_arch_x86___m256i coefficient = + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_avx2_SIMD256Vector( + re.coefficients[i0]); + core_core_arch_x86___m256i coefficient_compressed = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___compress_1( + coefficient); + uint8_t bytes[2U]; + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___serialize_1( + coefficient_compressed, bytes); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)32U, serialized, + (CLITERAL(core_ops_range_Range__size_t){ + .start = (size_t)2U * i0, .end = (size_t)2U * i0 + (size_t)2U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + core_slice___Slice_T___copy_from_slice( + uu____0, + Eurydice_array_to_slice((size_t)2U, bytes, uint8_t, Eurydice_slice), + uint8_t, void *); + } memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); } @@ -2712,10 +2724,10 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector deserialized_pk[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + deserialized_pk[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(public_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2756,10 +2768,10 @@ libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_avx2_SIMD25 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector ret0[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + ret0[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } memcpy( ret, ret0, (size_t)3U * @@ -2817,40 +2829,43 @@ static inline bool libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t_504size_t( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - for (size_t i = (size_t)0U; i < (size_t)504U / (size_t)24U; i++) { - size_t r = i; - if (sampled_coefficients[i1] < - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)504U, randomness[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = r * (size_t)24U, - .end = r * (size_t)24U + (size_t)24U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - size_t sampled = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___rej_sample( - uu____0, - Eurydice_array_to_subslice( - (size_t)272U, out[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = sampled_coefficients[i1], - .end = sampled_coefficients[i1] + (size_t)16U}), - int16_t, core_ops_range_Range__size_t, Eurydice_slice)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = - sampled_coefficients[uu____1] + sampled; - } - }); - bool done = true; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - if (sampled_coefficients[i0] >= + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)504U / (size_t)24U; i++) { + size_t r = i; + if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - sampled_coefficients[i0] = - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; - } else { done = false; }); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)504U, randomness[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = r * (size_t)24U, + .end = r * (size_t)24U + (size_t)24U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + size_t sampled = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___rej_sample( + uu____0, + Eurydice_array_to_subslice( + (size_t)272U, out[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = sampled_coefficients[i1], + .end = sampled_coefficients[i1] + (size_t)16U}), + int16_t, core_ops_range_Range__size_t, Eurydice_slice)); + size_t uu____1 = i1; + sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + } + } + } + bool done = true; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + if (sampled_coefficients[i0] >= + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { + sampled_coefficients[i0] = + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; + } else { + done = false; + } + } return done; } @@ -2886,40 +2901,43 @@ static inline bool libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t_168size_t( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)24U; i++) { - size_t r = i; - if (sampled_coefficients[i1] < - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)168U, randomness[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = r * (size_t)24U, - .end = r * (size_t)24U + (size_t)24U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - size_t sampled = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___rej_sample( - uu____0, - Eurydice_array_to_subslice( - (size_t)272U, out[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = sampled_coefficients[i1], - .end = sampled_coefficients[i1] + (size_t)16U}), - int16_t, core_ops_range_Range__size_t, Eurydice_slice)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = - sampled_coefficients[uu____1] + sampled; - } - }); - bool done = true; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - if (sampled_coefficients[i0] >= + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)24U; i++) { + size_t r = i; + if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - sampled_coefficients[i0] = - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; - } else { done = false; }); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)168U, randomness[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = r * (size_t)24U, + .end = r * (size_t)24U + (size_t)24U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + size_t sampled = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___rej_sample( + uu____0, + Eurydice_array_to_subslice( + (size_t)272U, out[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = sampled_coefficients[i1], + .end = sampled_coefficients[i1] + (size_t)16U}), + int16_t, core_ops_range_Range__size_t, Eurydice_slice)); + size_t uu____1 = i1; + sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + } + } + } + bool done = true; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + if (sampled_coefficients[i0] >= + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { + sampled_coefficients[i0] = + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; + } else { + done = false; + } + } return done; } @@ -2997,11 +3015,11 @@ libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_avx2_SIMD256Vecto memcpy(uu____3, out, (size_t)3U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector ret0[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( - uu____3[i]);); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + ret0[i] = + libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( + uu____3[i]); + } memcpy( ret, ret0, (size_t)3U * @@ -3017,45 +3035,50 @@ libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_avx2_SIMD256Vector_ ret[3U][3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector A_transpose[3U][3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( - i, A_transpose[i]);); - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - uint8_t uu____0[34U]; - memcpy(uu____0, seed, (size_t)34U * sizeof(uint8_t)); - uint8_t seeds[3U][34U]; KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(seeds[i], uu____0, (size_t)34U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t j = i; - seeds[j][32U] = (uint8_t)i1; seeds[j][33U] = (uint8_t)j;); - uint8_t uu____1[3U][34U]; - memcpy(uu____1, seeds, (size_t)3U * sizeof(uint8_t[34U])); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( + i, A_transpose[i]); + } + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + uint8_t uu____0[34U]; + memcpy(uu____0, seed, (size_t)34U * sizeof(uint8_t)); + uint8_t seeds[3U][34U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(seeds[i], uu____0, (size_t)34U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t j = i; + seeds[j][32U] = (uint8_t)i1; + seeds[j][33U] = (uint8_t)j; + } + uint8_t uu____1[3U][34U]; + memcpy(uu____1, seeds, (size_t)3U * sizeof(uint8_t[34U])); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector + sampled[3U]; + libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( + uu____1, sampled); + for ( + size_t i = (size_t)0U; + i < + core_slice___Slice_T___len( + Eurydice_array_to_slice( + (size_t)3U, sampled, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector, + Eurydice_slice), + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector, + size_t); + i++) { + size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_avx2_SIMD256Vector_libcrux_ml_kem_hash_functions_avx2_Simd256Hash_3size_t( - uu____1, sampled); - for ( - size_t i = (size_t)0U; - i < - core_slice___Slice_T___len( - Eurydice_array_to_slice( - (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector, - Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector, - size_t); - i++) { - size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - sample = sampled[j]; - if (transpose) { - A_transpose[j][i1] = sample; - } else { - A_transpose[i1][j] = sample; - } - }); + sample = sampled[j]; + if (transpose) { + A_transpose[j][i1] = sample; + } else { + A_transpose[i1][j] = sample; + } + } + } memcpy( ret, A_transpose, (size_t)3U * @@ -3268,32 +3291,35 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_avx2_SI uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector re_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + re_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } uint8_t uu____0[33U]; memcpy(uu____0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t prf_inputs[3U][33U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U;); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + prf_inputs[i0][32U] = domain_separator; + domain_separator = (uint32_t)domain_separator + 1U; + } uint8_t prf_outputs[3U][128U]; libcrux_ml_kem_hash_functions_avx2___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__avx2__Simd256Hash___PRFxN___3size_t_128size_t( prf_inputs, prf_outputs); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_avx2_SIMD256Vector_2size_t( - Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], - uint8_t, Eurydice_slice)); - re_as_ntt[i0] = uu____1; - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector( - &re_as_ntt[i0]);); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector + uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_avx2_SIMD256Vector_2size_t( + Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t, + Eurydice_slice)); + re_as_ntt[i0] = uu____1; + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector( + &re_as_ntt[i0]); + } libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector uu____2[3U]; memcpy( @@ -3325,30 +3351,33 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd__libcrux_ml_kem_vector_avx2_SIMD2 uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector error_1[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + error_1[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } uint8_t uu____0[33U]; memcpy(uu____0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t prf_inputs[3U][33U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U;); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + prf_inputs[i0][32U] = domain_separator; + domain_separator = (uint32_t)domain_separator + 1U; + } uint8_t prf_outputs[3U][128U]; libcrux_ml_kem_hash_functions_avx2___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__avx2__Simd256Hash___PRFxN___3size_t_128size_t( prf_inputs, prf_outputs); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_avx2_SIMD256Vector_2size_t( - Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], - uint8_t, Eurydice_slice)); - error_1[i0] = uu____1;); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector + uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_avx2_SIMD256Vector_2size_t( + Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t, + Eurydice_slice)); + error_1[i0] = uu____1; + } libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector uu____2[3U]; memcpy( @@ -3419,10 +3448,10 @@ libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_avx2_SIMD256Vector ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector result[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + result[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for ( size_t i0 = (size_t)0U; i0 < @@ -3491,20 +3520,21 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message__libcrux_ml_kem_vec libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector re = libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - core_core_arch_x86___m256i coefficient_compressed = - libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___deserialize_1( - Eurydice_array_to_subslice( - (size_t)32U, serialized, - (CLITERAL(core_ops_range_Range__size_t){ - .start = (size_t)2U * i0, - .end = (size_t)2U * i0 + (size_t)2U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice)); - core_core_arch_x86___m256i uu____0 = - libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_avx2_SIMD256Vector( - coefficient_compressed); - re.coefficients[i0] = uu____0;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t i0 = i; + core_core_arch_x86___m256i coefficient_compressed = + libcrux_ml_kem_vector_avx2___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__avx2__SIMD256Vector___deserialize_1( + Eurydice_array_to_subslice( + (size_t)32U, serialized, + (CLITERAL(core_ops_range_Range__size_t){ + .start = (size_t)2U * i0, + .end = (size_t)2U * i0 + (size_t)2U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice)); + core_core_arch_x86___m256i uu____0 = + libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_avx2_SIMD256Vector( + coefficient_compressed); + re.coefficients[i0] = uu____0; + } return re; } @@ -3551,14 +3581,15 @@ libcrux_ml_kem_matrix_compute_ring_element_v__libcrux_ml_kem_vector_avx2_SIMD256 libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector result = libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector - product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_avx2_SIMD256Vector( - &t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( - &result, &product);); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector + product = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_avx2_SIMD256Vector( + &t_as_ntt[i0], &r_as_ntt[i0]); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( + &result, &product); + } libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_avx2_SIMD256Vector_3size_t( &result); result = @@ -4393,10 +4424,10 @@ libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_avx2_SIMD256Vecto ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector result[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + result[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for ( size_t i0 = (size_t)0U; i0 < @@ -4767,10 +4798,10 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_avx2_SIMD256Vector deserialized_pk[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + deserialized_pk[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_avx2_SIMD256Vector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(public_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 9ed3e89a3..f8ee1b1c3 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -1,8 +1,8 @@ /* This file was generated by KaRaMeL KaRaMeL invocation: /home/franziskus/eurydice//eurydice --config ../cg.yaml - ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: - KaRaMeL version: 42a43169 + -funroll-loops 0 ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: + KaRaMeL version: 42a43169 */ #ifndef __libcrux_mlkem768_portable_H @@ -597,13 +597,13 @@ static const uint8_t {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U}}; -typedef struct libcrux_ml_kem_vector_portable_PortableVector_s { +typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_s { int16_t elements[16U]; -} libcrux_ml_kem_vector_portable_PortableVector; +} libcrux_ml_kem_vector_portable_vector_type_PortableVector; -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_zero(void) { - libcrux_ml_kem_vector_portable_PortableVector lit; +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_vector_type_zero(void) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; lit.elements[0U] = (int16_t)0; lit.elements[1U] = (int16_t)0; lit.elements[2U] = (int16_t)0; @@ -623,15 +623,16 @@ libcrux_ml_kem_vector_zero(void) { return lit; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO( void) { - return libcrux_ml_kem_vector_zero(); + return libcrux_ml_kem_vector_portable_vector_type_zero(); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_from_i16_array(Eurydice_slice array) { - libcrux_ml_kem_vector_portable_PortableVector lit; +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_vector_type_from_i16_array( + Eurydice_slice array) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; int16_t ret[16U]; core_result_Result__int16_t_16size_t__core_array_TryFromSliceError dst; Eurydice_slice_to_array2( @@ -648,15 +649,16 @@ libcrux_ml_kem_vector_from_i16_array(Eurydice_slice array) { return lit; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___from_i16_array( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___from_i16_array( Eurydice_slice array) { - return libcrux_ml_kem_vector_from_i16_array(array); + return libcrux_ml_kem_vector_portable_vector_type_from_i16_array(array); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_add(libcrux_ml_kem_vector_portable_PortableVector lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -666,16 +668,17 @@ libcrux_ml_kem_vector_add(libcrux_ml_kem_vector_portable_PortableVector lhs, return lhs; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( - libcrux_ml_kem_vector_portable_PortableVector lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs) { - return libcrux_ml_kem_vector_add(lhs, rhs); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { + return libcrux_ml_kem_vector_portable_arithmetic_add(lhs, rhs); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_sub(libcrux_ml_kem_vector_portable_PortableVector lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_sub( + libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -685,16 +688,16 @@ libcrux_ml_kem_vector_sub(libcrux_ml_kem_vector_portable_PortableVector lhs, return lhs; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( - libcrux_ml_kem_vector_portable_PortableVector lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs) { - return libcrux_ml_kem_vector_sub(lhs, rhs); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( + libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { + return libcrux_ml_kem_vector_portable_arithmetic_sub(lhs, rhs); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_multiply_by_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t c) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -704,15 +707,15 @@ libcrux_ml_kem_vector_multiply_by_constant( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___multiply_by_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t c) { - return libcrux_ml_kem_vector_multiply_by_constant(v, c); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___multiply_by_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { + return libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(v, c); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_bitwise_and_with_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t c) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -722,15 +725,16 @@ libcrux_ml_kem_vector_bitwise_and_with_constant( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___bitwise_and_with_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t c) { - return libcrux_ml_kem_vector_bitwise_and_with_constant(v, c); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___bitwise_and_with_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { + return libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(v, + c); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_cond_subtract_3329( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { core_ops_range_Range__size_t iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( (CLITERAL(core_ops_range_Range__size_t){ @@ -753,92 +757,109 @@ libcrux_ml_kem_vector_cond_subtract_3329( } } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___cond_subtract_3329( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_cond_subtract_3329(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___cond_subtract_3329( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329(v); } -#define LIBCRUX_ML_KEM_VECTOR_BARRETT_MULTIPLIER ((int32_t)20159) +#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER \ + ((int32_t)20159) -#define LIBCRUX_ML_KEM_VECTOR_BARRETT_SHIFT ((int32_t)26) +#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT ((int32_t)26) -#define LIBCRUX_ML_KEM_VECTOR_BARRETT_R \ - ((int32_t)1 << (uint32_t)LIBCRUX_ML_KEM_VECTOR_BARRETT_SHIFT) +#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R \ + ((int32_t)1 << (uint32_t) \ + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT) -static inline int16_t libcrux_ml_kem_vector_barrett_reduce_element( +static inline int16_t +libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( int16_t value) { - int32_t t = (int32_t)value * LIBCRUX_ML_KEM_VECTOR_BARRETT_MULTIPLIER + - (LIBCRUX_ML_KEM_VECTOR_BARRETT_R >> 1U); + int32_t t = (int32_t)value * + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER + + (LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R >> 1U); int16_t quotient = - (int16_t)(t >> (uint32_t)LIBCRUX_ML_KEM_VECTOR_BARRETT_SHIFT); + (int16_t)(t >> + (uint32_t) + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT); return value - quotient * LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_barrett_reduce( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = - libcrux_ml_kem_vector_barrett_reduce_element(v.elements[i0]); + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[i0]); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_barrett_reduce(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(v); } -#define LIBCRUX_ML_KEM_VECTOR_MONTGOMERY_SHIFT (16U) +#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT (16U) -#define LIBCRUX_ML_KEM_VECTOR_MONTGOMERY_R \ - ((int32_t)1 << (uint32_t)LIBCRUX_ML_KEM_VECTOR_MONTGOMERY_SHIFT) +#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_R \ + ((int32_t)1 << (uint32_t) \ + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT) -static inline int16_t libcrux_ml_kem_vector_montgomery_reduce_element( +static inline int16_t +libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( int32_t value) { int32_t k = (int32_t)(int16_t)value * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R; int32_t k_times_modulus = (int32_t)(int16_t)k * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; - int16_t c = (int16_t)(k_times_modulus >> - (uint32_t)LIBCRUX_ML_KEM_VECTOR_MONTGOMERY_SHIFT); + int16_t c = + (int16_t)(k_times_modulus >> + (uint32_t) + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); int16_t value_high = - (int16_t)(value >> (uint32_t)LIBCRUX_ML_KEM_VECTOR_MONTGOMERY_SHIFT); + (int16_t)(value >> + (uint32_t) + LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT); return value_high - c; } -static inline int16_t libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( +static inline int16_t +libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( int16_t fe, int16_t fer) { - return libcrux_ml_kem_vector_montgomery_reduce_element((int32_t)fe * - (int32_t)fer); + return libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + (int32_t)fe * (int32_t)fer); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_montgomery_multiply_by_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t c) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; int16_t uu____0 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(v.elements[i0], c); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[i0], c); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t r) { - return libcrux_ml_kem_vector_montgomery_multiply_by_constant(v, r); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t r) { + return libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant( + v, r); } -static inline uint8_t libcrux_ml_kem_vector_compress_message_coefficient( +static inline uint8_t +libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( uint16_t fe) { int16_t shifted = (int16_t)1664 - (int16_t)fe; int16_t mask = shifted >> 15U; @@ -847,80 +868,92 @@ static inline uint8_t libcrux_ml_kem_vector_compress_message_coefficient( return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_compress_1( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_compress_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - uint8_t uu____0 = libcrux_ml_kem_vector_compress_message_coefficient( - (uint16_t)v.elements[i0]); + uint8_t uu____0 = + libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( + (uint16_t)v.elements[i0]); v.elements[i0] = (int16_t)uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress_1( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_compress_1(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_compress_1(v); } -static inline uint32_t libcrux_ml_kem_vector_get_n_least_significant_bits( +static inline uint32_t +libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits( uint8_t n, uint32_t value) { return value & ((1U << (uint32_t)n) - 1U); } -static inline int16_t libcrux_ml_kem_vector_compress_ciphertext_coefficient( +static inline int16_t +libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( uint8_t coefficient_bits, uint16_t fe) { uint64_t compressed = (uint64_t)fe << (uint32_t)coefficient_bits; compressed = compressed + 1664ULL; compressed = compressed * 10321340ULL; compressed = compressed >> 35U; - return (int16_t)libcrux_ml_kem_vector_get_n_least_significant_bits( - coefficient_bits, (uint32_t)compressed); + return (int16_t) + libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits( + coefficient_bits, (uint32_t)compressed); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_ntt_layer_1_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { - int16_t t = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[2U], zeta0); + int16_t t = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[2U], zeta0); v.elements[2U] = v.elements[0U] - t; v.elements[0U] = v.elements[0U] + t; - int16_t t0 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[3U], zeta0); + int16_t t0 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[3U], zeta0); v.elements[3U] = v.elements[1U] - t0; v.elements[1U] = v.elements[1U] + t0; - int16_t t1 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[6U], zeta1); + int16_t t1 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[6U], zeta1); v.elements[6U] = v.elements[4U] - t1; v.elements[4U] = v.elements[4U] + t1; - int16_t t2 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[7U], zeta1); + int16_t t2 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[7U], zeta1); v.elements[7U] = v.elements[5U] - t2; v.elements[5U] = v.elements[5U] + t2; - int16_t t3 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)2U], zeta2); + int16_t t3 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)2U], zeta2); v.elements[(size_t)8U + (size_t)2U] = v.elements[(size_t)8U + (size_t)0U] - t3; v.elements[(size_t)8U + (size_t)0U] = v.elements[(size_t)8U + (size_t)0U] + t3; - int16_t t4 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)3U], zeta2); + int16_t t4 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)3U], zeta2); v.elements[(size_t)8U + (size_t)3U] = v.elements[(size_t)8U + (size_t)1U] - t4; v.elements[(size_t)8U + (size_t)1U] = v.elements[(size_t)8U + (size_t)1U] + t4; - int16_t t5 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)6U], zeta3); + int16_t t5 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)6U], zeta3); v.elements[(size_t)8U + (size_t)6U] = v.elements[(size_t)8U + (size_t)4U] - t5; v.elements[(size_t)8U + (size_t)4U] = v.elements[(size_t)8U + (size_t)4U] + t5; - int16_t t6 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)7U], zeta3); + int16_t t6 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)7U], zeta3); v.elements[(size_t)8U + (size_t)7U] = v.elements[(size_t)8U + (size_t)5U] - t6; v.elements[(size_t)8U + (size_t)5U] = @@ -928,53 +961,62 @@ libcrux_ml_kem_vector_ntt_layer_1_step( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_1_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_1_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { - return libcrux_ml_kem_vector_ntt_layer_1_step(a, zeta0, zeta1, zeta2, zeta3); + return libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step(a, zeta0, zeta1, + zeta2, zeta3); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_ntt_layer_2_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, int16_t zeta1) { - int16_t t = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[4U], zeta0); + int16_t t = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[4U], zeta0); v.elements[4U] = v.elements[0U] - t; v.elements[0U] = v.elements[0U] + t; - int16_t t0 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[5U], zeta0); + int16_t t0 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[5U], zeta0); v.elements[5U] = v.elements[1U] - t0; v.elements[1U] = v.elements[1U] + t0; - int16_t t1 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[6U], zeta0); + int16_t t1 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[6U], zeta0); v.elements[6U] = v.elements[2U] - t1; v.elements[2U] = v.elements[2U] + t1; - int16_t t2 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[7U], zeta0); + int16_t t2 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[7U], zeta0); v.elements[7U] = v.elements[3U] - t2; v.elements[3U] = v.elements[3U] + t2; - int16_t t3 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)4U], zeta1); + int16_t t3 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)4U], zeta1); v.elements[(size_t)8U + (size_t)4U] = v.elements[(size_t)8U + (size_t)0U] - t3; v.elements[(size_t)8U + (size_t)0U] = v.elements[(size_t)8U + (size_t)0U] + t3; - int16_t t4 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)5U], zeta1); + int16_t t4 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)5U], zeta1); v.elements[(size_t)8U + (size_t)5U] = v.elements[(size_t)8U + (size_t)1U] - t4; v.elements[(size_t)8U + (size_t)1U] = v.elements[(size_t)8U + (size_t)1U] + t4; - int16_t t5 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)6U], zeta1); + int16_t t5 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)6U], zeta1); v.elements[(size_t)8U + (size_t)6U] = v.elements[(size_t)8U + (size_t)2U] - t5; v.elements[(size_t)8U + (size_t)2U] = v.elements[(size_t)8U + (size_t)2U] + t5; - int16_t t6 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[(size_t)8U + (size_t)7U], zeta1); + int16_t t6 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[(size_t)8U + (size_t)7U], zeta1); v.elements[(size_t)8U + (size_t)7U] = v.elements[(size_t)8U + (size_t)3U] - t6; v.elements[(size_t)8U + (size_t)3U] = @@ -982,248 +1024,289 @@ libcrux_ml_kem_vector_ntt_layer_2_step( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_2_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_2_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1) { - return libcrux_ml_kem_vector_ntt_layer_2_step(a, zeta0, zeta1); + return libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step(a, zeta0, zeta1); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_ntt_layer_3_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) { int16_t t = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(v.elements[8U], zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[8U], zeta); v.elements[8U] = v.elements[0U] - t; v.elements[0U] = v.elements[0U] + t; int16_t t0 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(v.elements[9U], zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[9U], zeta); v.elements[9U] = v.elements[1U] - t0; v.elements[1U] = v.elements[1U] + t0; - int16_t t1 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[10U], zeta); + int16_t t1 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[10U], zeta); v.elements[10U] = v.elements[2U] - t1; v.elements[2U] = v.elements[2U] + t1; - int16_t t2 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[11U], zeta); + int16_t t2 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[11U], zeta); v.elements[11U] = v.elements[3U] - t2; v.elements[3U] = v.elements[3U] + t2; - int16_t t3 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[12U], zeta); + int16_t t3 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[12U], zeta); v.elements[12U] = v.elements[4U] - t3; v.elements[4U] = v.elements[4U] + t3; - int16_t t4 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[13U], zeta); + int16_t t4 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[13U], zeta); v.elements[13U] = v.elements[5U] - t4; v.elements[5U] = v.elements[5U] + t4; - int16_t t5 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[14U], zeta); + int16_t t5 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[14U], zeta); v.elements[14U] = v.elements[6U] - t5; v.elements[6U] = v.elements[6U] + t5; - int16_t t6 = libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer( - v.elements[15U], zeta); + int16_t t6 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + v.elements[15U], zeta); v.elements[15U] = v.elements[7U] - t6; v.elements[7U] = v.elements[7U] + t6; return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_3_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta) { - return libcrux_ml_kem_vector_ntt_layer_3_step(a, zeta); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_3_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) { + return libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step(a, zeta); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_inv_ntt_layer_1_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { int16_t a_minus_b = v.elements[2U] - v.elements[0U]; - int16_t uu____0 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[0U] + v.elements[2U]); + int16_t uu____0 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[0U] + v.elements[2U]); v.elements[0U] = uu____0; int16_t uu____1 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b, zeta0); v.elements[2U] = uu____1; int16_t a_minus_b0 = v.elements[3U] - v.elements[1U]; - int16_t uu____2 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[1U] + v.elements[3U]); + int16_t uu____2 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[1U] + v.elements[3U]); v.elements[1U] = uu____2; int16_t uu____3 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b0, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b0, zeta0); v.elements[3U] = uu____3; int16_t a_minus_b1 = v.elements[6U] - v.elements[4U]; - int16_t uu____4 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[4U] + v.elements[6U]); + int16_t uu____4 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[4U] + v.elements[6U]); v.elements[4U] = uu____4; int16_t uu____5 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b1, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b1, zeta1); v.elements[6U] = uu____5; int16_t a_minus_b2 = v.elements[7U] - v.elements[5U]; - int16_t uu____6 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[5U] + v.elements[7U]); + int16_t uu____6 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[5U] + v.elements[7U]); v.elements[5U] = uu____6; int16_t uu____7 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b2, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b2, zeta1); v.elements[7U] = uu____7; int16_t a_minus_b3 = v.elements[(size_t)8U + (size_t)2U] - v.elements[(size_t)8U + (size_t)0U]; - int16_t uu____8 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[(size_t)8U + (size_t)0U] + - v.elements[(size_t)8U + (size_t)2U]); + int16_t uu____8 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[(size_t)8U + (size_t)0U] + + v.elements[(size_t)8U + (size_t)2U]); v.elements[(size_t)8U + (size_t)0U] = uu____8; int16_t uu____9 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b3, zeta2); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b3, zeta2); v.elements[(size_t)8U + (size_t)2U] = uu____9; int16_t a_minus_b4 = v.elements[(size_t)8U + (size_t)3U] - v.elements[(size_t)8U + (size_t)1U]; - int16_t uu____10 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[(size_t)8U + (size_t)1U] + - v.elements[(size_t)8U + (size_t)3U]); + int16_t uu____10 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[(size_t)8U + (size_t)1U] + + v.elements[(size_t)8U + (size_t)3U]); v.elements[(size_t)8U + (size_t)1U] = uu____10; int16_t uu____11 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b4, zeta2); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b4, zeta2); v.elements[(size_t)8U + (size_t)3U] = uu____11; int16_t a_minus_b5 = v.elements[(size_t)8U + (size_t)6U] - v.elements[(size_t)8U + (size_t)4U]; - int16_t uu____12 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[(size_t)8U + (size_t)4U] + - v.elements[(size_t)8U + (size_t)6U]); + int16_t uu____12 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[(size_t)8U + (size_t)4U] + + v.elements[(size_t)8U + (size_t)6U]); v.elements[(size_t)8U + (size_t)4U] = uu____12; int16_t uu____13 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b5, zeta3); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b5, zeta3); v.elements[(size_t)8U + (size_t)6U] = uu____13; int16_t a_minus_b6 = v.elements[(size_t)8U + (size_t)7U] - v.elements[(size_t)8U + (size_t)5U]; - int16_t uu____14 = libcrux_ml_kem_vector_barrett_reduce_element( - v.elements[(size_t)8U + (size_t)5U] + - v.elements[(size_t)8U + (size_t)7U]); + int16_t uu____14 = + libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( + v.elements[(size_t)8U + (size_t)5U] + + v.elements[(size_t)8U + (size_t)7U]); v.elements[(size_t)8U + (size_t)5U] = uu____14; int16_t uu____15 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b6, zeta3); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b6, zeta3); v.elements[(size_t)8U + (size_t)7U] = uu____15; return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_1_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_1_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { - return libcrux_ml_kem_vector_inv_ntt_layer_1_step(a, zeta0, zeta1, zeta2, - zeta3); + return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step( + a, zeta0, zeta1, zeta2, zeta3); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_inv_ntt_layer_2_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0, int16_t zeta1) { int16_t a_minus_b = v.elements[4U] - v.elements[0U]; v.elements[0U] = v.elements[0U] + v.elements[4U]; int16_t uu____0 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b, zeta0); v.elements[4U] = uu____0; int16_t a_minus_b0 = v.elements[5U] - v.elements[1U]; v.elements[1U] = v.elements[1U] + v.elements[5U]; int16_t uu____1 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b0, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b0, zeta0); v.elements[5U] = uu____1; int16_t a_minus_b1 = v.elements[6U] - v.elements[2U]; v.elements[2U] = v.elements[2U] + v.elements[6U]; int16_t uu____2 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b1, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b1, zeta0); v.elements[6U] = uu____2; int16_t a_minus_b2 = v.elements[7U] - v.elements[3U]; v.elements[3U] = v.elements[3U] + v.elements[7U]; int16_t uu____3 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b2, zeta0); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b2, zeta0); v.elements[7U] = uu____3; int16_t a_minus_b3 = v.elements[(size_t)8U + (size_t)4U] - v.elements[(size_t)8U + (size_t)0U]; v.elements[(size_t)8U + (size_t)0U] = v.elements[(size_t)8U + (size_t)0U] + v.elements[(size_t)8U + (size_t)4U]; int16_t uu____4 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b3, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b3, zeta1); v.elements[(size_t)8U + (size_t)4U] = uu____4; int16_t a_minus_b4 = v.elements[(size_t)8U + (size_t)5U] - v.elements[(size_t)8U + (size_t)1U]; v.elements[(size_t)8U + (size_t)1U] = v.elements[(size_t)8U + (size_t)1U] + v.elements[(size_t)8U + (size_t)5U]; int16_t uu____5 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b4, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b4, zeta1); v.elements[(size_t)8U + (size_t)5U] = uu____5; int16_t a_minus_b5 = v.elements[(size_t)8U + (size_t)6U] - v.elements[(size_t)8U + (size_t)2U]; v.elements[(size_t)8U + (size_t)2U] = v.elements[(size_t)8U + (size_t)2U] + v.elements[(size_t)8U + (size_t)6U]; int16_t uu____6 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b5, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b5, zeta1); v.elements[(size_t)8U + (size_t)6U] = uu____6; int16_t a_minus_b6 = v.elements[(size_t)8U + (size_t)7U] - v.elements[(size_t)8U + (size_t)3U]; v.elements[(size_t)8U + (size_t)3U] = v.elements[(size_t)8U + (size_t)3U] + v.elements[(size_t)8U + (size_t)7U]; int16_t uu____7 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b6, zeta1); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b6, zeta1); v.elements[(size_t)8U + (size_t)7U] = uu____7; return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_2_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta0, +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_2_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0, int16_t zeta1) { - return libcrux_ml_kem_vector_inv_ntt_layer_2_step(a, zeta0, zeta1); + return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step(a, zeta0, + zeta1); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_inv_ntt_layer_3_step( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t zeta) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) { int16_t a_minus_b = v.elements[8U] - v.elements[0U]; v.elements[0U] = v.elements[0U] + v.elements[8U]; int16_t uu____0 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b, zeta); v.elements[8U] = uu____0; int16_t a_minus_b0 = v.elements[9U] - v.elements[1U]; v.elements[1U] = v.elements[1U] + v.elements[9U]; int16_t uu____1 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b0, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b0, zeta); v.elements[9U] = uu____1; int16_t a_minus_b1 = v.elements[10U] - v.elements[2U]; v.elements[2U] = v.elements[2U] + v.elements[10U]; int16_t uu____2 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b1, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b1, zeta); v.elements[10U] = uu____2; int16_t a_minus_b2 = v.elements[11U] - v.elements[3U]; v.elements[3U] = v.elements[3U] + v.elements[11U]; int16_t uu____3 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b2, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b2, zeta); v.elements[11U] = uu____3; int16_t a_minus_b3 = v.elements[12U] - v.elements[4U]; v.elements[4U] = v.elements[4U] + v.elements[12U]; int16_t uu____4 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b3, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b3, zeta); v.elements[12U] = uu____4; int16_t a_minus_b4 = v.elements[13U] - v.elements[5U]; v.elements[5U] = v.elements[5U] + v.elements[13U]; int16_t uu____5 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b4, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b4, zeta); v.elements[13U] = uu____5; int16_t a_minus_b5 = v.elements[14U] - v.elements[6U]; v.elements[6U] = v.elements[6U] + v.elements[14U]; int16_t uu____6 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b5, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b5, zeta); v.elements[14U] = uu____6; int16_t a_minus_b6 = v.elements[15U] - v.elements[7U]; v.elements[7U] = v.elements[7U] + v.elements[15U]; int16_t uu____7 = - libcrux_ml_kem_vector_montgomery_multiply_fe_by_fer(a_minus_b6, zeta); + libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( + a_minus_b6, zeta); v.elements[15U] = uu____7; return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_3_step( - libcrux_ml_kem_vector_portable_PortableVector a, int16_t zeta) { - return libcrux_ml_kem_vector_inv_ntt_layer_3_step(a, zeta); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_3_step( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) { + return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step(a, zeta); } typedef struct K___int16_t_int16_t_s { @@ -1231,30 +1314,35 @@ typedef struct K___int16_t_int16_t_s { int16_t snd; } K___int16_t_int16_t; -static inline K___int16_t_int16_t libcrux_ml_kem_vector_ntt_multiply_binomials( +static inline K___int16_t_int16_t +libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( K___int16_t_int16_t _, K___int16_t_int16_t _0, int16_t zeta) { int16_t a0 = _.fst; int16_t a1 = _.snd; int16_t b0 = _0.fst; int16_t b1 = _0.snd; int32_t uu____0 = (int32_t)a0 * (int32_t)b0; - int16_t uu____1 = libcrux_ml_kem_vector_montgomery_reduce_element( - uu____0 + (int32_t)libcrux_ml_kem_vector_montgomery_reduce_element( - (int32_t)a1 * (int32_t)b1) * - (int32_t)zeta); + int16_t uu____1 = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + uu____0 + + (int32_t) + libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + (int32_t)a1 * (int32_t)b1) * + (int32_t)zeta); return (CLITERAL(K___int16_t_int16_t){ .fst = uu____1, - .snd = libcrux_ml_kem_vector_montgomery_reduce_element( - (int32_t)a0 * (int32_t)b1 + (int32_t)a1 * (int32_t)b0)}); -} - -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_ntt_multiply( - libcrux_ml_kem_vector_portable_PortableVector *lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs, int16_t zeta0, - int16_t zeta1, int16_t zeta2, int16_t zeta3) { - libcrux_ml_kem_vector_portable_PortableVector out = - libcrux_ml_kem_vector_zero(); + .snd = + libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( + (int32_t)a0 * (int32_t)b1 + (int32_t)a1 * (int32_t)b0)}); +} + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_ntt_ntt_multiply( + libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs, + int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector out = + libcrux_ml_kem_vector_portable_vector_type_zero(); K___int16_t_int16_t lit0; lit0.fst = lhs->elements[0U]; lit0.snd = lhs->elements[1U]; @@ -1262,7 +1350,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit1.fst = rhs->elements[0U]; lit1.snd = rhs->elements[1U]; K___int16_t_int16_t product = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit0, lit1, zeta0); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit0, lit1, + zeta0); out.elements[0U] = product.fst; out.elements[1U] = product.snd; K___int16_t_int16_t lit2; @@ -1272,7 +1361,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit3.fst = rhs->elements[2U]; lit3.snd = rhs->elements[3U]; K___int16_t_int16_t product0 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit2, lit3, -zeta0); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit2, lit3, + -zeta0); out.elements[2U] = product0.fst; out.elements[3U] = product0.snd; K___int16_t_int16_t lit4; @@ -1282,7 +1372,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit5.fst = rhs->elements[4U]; lit5.snd = rhs->elements[5U]; K___int16_t_int16_t product1 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit4, lit5, zeta1); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit4, lit5, + zeta1); out.elements[4U] = product1.fst; out.elements[5U] = product1.snd; K___int16_t_int16_t lit6; @@ -1292,7 +1383,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit7.fst = rhs->elements[6U]; lit7.snd = rhs->elements[7U]; K___int16_t_int16_t product2 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit6, lit7, -zeta1); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit6, lit7, + -zeta1); out.elements[6U] = product2.fst; out.elements[7U] = product2.snd; K___int16_t_int16_t lit8; @@ -1302,7 +1394,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit9.fst = rhs->elements[(size_t)8U + (size_t)0U]; lit9.snd = rhs->elements[(size_t)8U + (size_t)1U]; K___int16_t_int16_t product3 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit8, lit9, zeta2); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit8, lit9, + zeta2); out.elements[(size_t)8U + (size_t)0U] = product3.fst; out.elements[(size_t)8U + (size_t)1U] = product3.snd; K___int16_t_int16_t lit10; @@ -1312,7 +1405,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit11.fst = rhs->elements[(size_t)8U + (size_t)2U]; lit11.snd = rhs->elements[(size_t)8U + (size_t)3U]; K___int16_t_int16_t product4 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit10, lit11, -zeta2); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit10, lit11, + -zeta2); out.elements[(size_t)8U + (size_t)2U] = product4.fst; out.elements[(size_t)8U + (size_t)3U] = product4.snd; K___int16_t_int16_t lit12; @@ -1322,7 +1416,8 @@ libcrux_ml_kem_vector_ntt_multiply( lit13.fst = rhs->elements[(size_t)8U + (size_t)4U]; lit13.snd = rhs->elements[(size_t)8U + (size_t)5U]; K___int16_t_int16_t product5 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit12, lit13, zeta3); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit12, lit13, + zeta3); out.elements[(size_t)8U + (size_t)4U] = product5.fst; out.elements[(size_t)8U + (size_t)5U] = product5.snd; K___int16_t_int16_t lit14; @@ -1332,54 +1427,61 @@ libcrux_ml_kem_vector_ntt_multiply( lit.fst = rhs->elements[(size_t)8U + (size_t)6U]; lit.snd = rhs->elements[(size_t)8U + (size_t)7U]; K___int16_t_int16_t product6 = - libcrux_ml_kem_vector_ntt_multiply_binomials(lit14, lit, -zeta3); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lit14, lit, + -zeta3); out.elements[(size_t)8U + (size_t)6U] = product6.fst; out.elements[(size_t)8U + (size_t)7U] = product6.snd; return out; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_multiply( - libcrux_ml_kem_vector_portable_PortableVector *lhs, - libcrux_ml_kem_vector_portable_PortableVector *rhs, int16_t zeta0, - int16_t zeta1, int16_t zeta2, int16_t zeta3) { - return libcrux_ml_kem_vector_ntt_multiply(lhs, rhs, zeta0, zeta1, zeta2, - zeta3); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_multiply( + libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs, + int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) { + return libcrux_ml_kem_vector_portable_ntt_ntt_multiply(lhs, rhs, zeta0, zeta1, + zeta2, zeta3); } -static inline void libcrux_ml_kem_vector_serialize_1( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[2U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[2U]) { uint8_t result[2U] = {0U}; - KRML_MAYBE_FOR8( - i, (size_t)0U, (size_t)8U, (size_t)1U, size_t i0 = i; - size_t uu____0 = (size_t)0U; - result[uu____0] = (uint32_t)result[uu____0] | - (uint32_t)(uint8_t)v.elements[i0] << (uint32_t)i0;); - KRML_MAYBE_FOR8(i, (size_t)8U, (size_t)16U, (size_t)1U, size_t i0 = i; - size_t uu____1 = (size_t)1U; - result[uu____1] = (uint32_t)result[uu____1] | - (uint32_t)(uint8_t)v.elements[i0] - << (uint32_t)(i0 - (size_t)8U);); + for (size_t i = (size_t)0U; i < (size_t)8U; i++) { + size_t i0 = i; + size_t uu____0 = (size_t)0U; + result[uu____0] = (uint32_t)result[uu____0] | + (uint32_t)(uint8_t)v.elements[i0] << (uint32_t)i0; + } + for (size_t i = (size_t)8U; i < (size_t)16U; i++) { + size_t i0 = i; + size_t uu____1 = (size_t)1U; + result[uu____1] = + (uint32_t)result[uu____1] | (uint32_t)(uint8_t)v.elements[i0] + << (uint32_t)(i0 - (size_t)8U); + } memcpy(ret, result, (size_t)2U * sizeof(uint8_t)); } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_1( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[2U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[2U]) { uint8_t ret0[2U]; - libcrux_ml_kem_vector_serialize_1(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret0); memcpy(ret, ret0, (size_t)2U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_1(Eurydice_slice v) { - libcrux_ml_kem_vector_portable_PortableVector result = - libcrux_ml_kem_vector_zero(); - KRML_MAYBE_FOR8(i, (size_t)0U, (size_t)8U, (size_t)1U, size_t i0 = i; - uint8_t *uu____0 = &Eurydice_slice_index( - v, (size_t)0U, uint8_t, uint8_t *, uint8_t); - result.elements[i0] = - (int16_t)((uint32_t)uu____0[0U] >> (uint32_t)i0 & 1U);); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector result = + libcrux_ml_kem_vector_portable_vector_type_zero(); + for (size_t i = (size_t)0U; i < (size_t)8U; i++) { + size_t i0 = i; + uint8_t *uu____0 = + &Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *, uint8_t); + result.elements[i0] = (int16_t)((uint32_t)uu____0[0U] >> (uint32_t)i0 & 1U); + } for (size_t i = (size_t)8U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -1391,14 +1493,15 @@ libcrux_ml_kem_vector_deserialize_1(Eurydice_slice v) { return result; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_1( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_1( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_1(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); } -static inline void libcrux_ml_kem_vector_serialize_4( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[8U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[8U]) { uint8_t result[8U] = {0U}; result[0U] = (uint32_t)(uint8_t)v.elements[1U] << 4U | (uint32_t)(uint8_t)v.elements[0U]; @@ -1420,17 +1523,18 @@ static inline void libcrux_ml_kem_vector_serialize_4( } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_4( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[8U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[8U]) { uint8_t ret0[8U]; - libcrux_ml_kem_vector_serialize_4(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret0); memcpy(ret, ret0, (size_t)8U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_4(Eurydice_slice bytes) { - libcrux_ml_kem_vector_portable_PortableVector v = - libcrux_ml_kem_vector_zero(); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector v = + libcrux_ml_kem_vector_portable_vector_type_zero(); uint8_t *uu____0 = &Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *, uint8_t); v.elements[0U] = (int16_t)((uint32_t)uu____0[0U] & 15U); @@ -1482,14 +1586,15 @@ libcrux_ml_kem_vector_deserialize_4(Eurydice_slice bytes) { return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_4( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_4( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_4(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); } -static inline void libcrux_ml_kem_vector_serialize_5( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[10U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[10U]) { uint8_t result[10U] = {0U}; result[0U] = (uint8_t)((v.elements[1U] & (int16_t)7) << 5U | v.elements[0U]); result[1U] = @@ -1521,17 +1626,18 @@ static inline void libcrux_ml_kem_vector_serialize_5( } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_5( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[10U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[10U]) { uint8_t ret0[10U]; - libcrux_ml_kem_vector_serialize_5(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret0); memcpy(ret, ret0, (size_t)10U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_5(Eurydice_slice bytes) { - libcrux_ml_kem_vector_portable_PortableVector v = - libcrux_ml_kem_vector_zero(); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector v = + libcrux_ml_kem_vector_portable_vector_type_zero(); uint8_t *uu____0 = &Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *, uint8_t); v.elements[0U] = (int16_t)((uint32_t)uu____0[0U] & 31U); @@ -1622,14 +1728,15 @@ libcrux_ml_kem_vector_deserialize_5(Eurydice_slice bytes) { return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_5( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_5( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_5(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); } -static inline void libcrux_ml_kem_vector_serialize_10( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[20U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[20U]) { uint8_t result[20U] = {0U}; result[0U] = (uint8_t)(v.elements[0U] & (int16_t)255); result[1U] = (uint32_t)(uint8_t)(v.elements[1U] & (int16_t)63) << 2U | @@ -1687,17 +1794,18 @@ static inline void libcrux_ml_kem_vector_serialize_10( } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_10( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[20U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[20U]) { uint8_t ret0[20U]; - libcrux_ml_kem_vector_serialize_10(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret0); memcpy(ret, ret0, (size_t)20U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_10(Eurydice_slice bytes) { - libcrux_ml_kem_vector_portable_PortableVector result = - libcrux_ml_kem_vector_zero(); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector result = + libcrux_ml_kem_vector_portable_vector_type_zero(); int16_t uu____0 = ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *, uint8_t) & (int16_t)3) @@ -1817,14 +1925,15 @@ libcrux_ml_kem_vector_deserialize_10(Eurydice_slice bytes) { return result; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_10( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_10( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_10(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); } -static inline void libcrux_ml_kem_vector_serialize_11( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[22U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[22U]) { uint8_t result[22U] = {0U}; result[0U] = (uint8_t)v.elements[0U]; result[1U] = (uint32_t)(uint8_t)(v.elements[1U] & (int16_t)31) << 3U | @@ -1882,17 +1991,18 @@ static inline void libcrux_ml_kem_vector_serialize_11( } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_11( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[22U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[22U]) { uint8_t ret0[22U]; - libcrux_ml_kem_vector_serialize_11(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret0); memcpy(ret, ret0, (size_t)22U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_11(Eurydice_slice bytes) { - libcrux_ml_kem_vector_portable_PortableVector result = - libcrux_ml_kem_vector_zero(); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector result = + libcrux_ml_kem_vector_portable_vector_type_zero(); int16_t uu____0 = ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *, uint8_t) & (int16_t)7) @@ -2030,14 +2140,15 @@ libcrux_ml_kem_vector_deserialize_11(Eurydice_slice bytes) { return result; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_11( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_11( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_11(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); } -static inline void libcrux_ml_kem_vector_serialize_12( - libcrux_ml_kem_vector_portable_PortableVector v, uint8_t ret[24U]) { +static inline void libcrux_ml_kem_vector_portable_serialize_serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, + uint8_t ret[24U]) { uint8_t result[24U] = {0U}; result[0U] = (uint8_t)(v.elements[0U] & (int16_t)255); result[1U] = @@ -2083,17 +2194,18 @@ static inline void libcrux_ml_kem_vector_serialize_12( } static inline void -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_12( - libcrux_ml_kem_vector_portable_PortableVector a, uint8_t ret[24U]) { +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[24U]) { uint8_t ret0[24U]; - libcrux_ml_kem_vector_serialize_12(a, ret0); + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret0); memcpy(ret, ret0, (size_t)24U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_deserialize_12(Eurydice_slice bytes) { - libcrux_ml_kem_vector_portable_PortableVector re = - libcrux_ml_kem_vector_zero(); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector re = + libcrux_ml_kem_vector_portable_vector_type_zero(); int16_t byte0 = (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *, uint8_t); int16_t byte1 = (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, @@ -2161,14 +2273,14 @@ libcrux_ml_kem_vector_deserialize_12(Eurydice_slice bytes) { return re; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_12( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_12( Eurydice_slice a) { - return libcrux_ml_kem_vector_deserialize_12(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); } -static inline size_t libcrux_ml_kem_vector_rej_sample(Eurydice_slice a, - Eurydice_slice result) { +static inline size_t libcrux_ml_kem_vector_portable_sampling_rej_sample( + Eurydice_slice a, Eurydice_slice result) { size_t sampled = (size_t)0U; for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(a, uint8_t, size_t) / (size_t)3U; i++) { @@ -2232,9 +2344,9 @@ static inline size_t libcrux_ml_kem_vector_rej_sample(Eurydice_slice a, } static inline size_t -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___rej_sample( +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___rej_sample( Eurydice_slice a, Eurydice_slice out) { - return libcrux_ml_kem_vector_rej_sample(a, out); + return libcrux_ml_kem_vector_portable_sampling_rej_sample(a, out); } #define LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR_768 ((size_t)10U) @@ -2301,59 +2413,59 @@ typedef libcrux_ml_kem_types_MlKemPublicKey____1184size_t LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE) typedef struct - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_s { - libcrux_ml_kem_vector_portable_PortableVector coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_s { + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients[16U]; +} libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector; -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector( void) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; lit.coefficients[0U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[1U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[2U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[3U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[4U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[5U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[6U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[7U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[8U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[9U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[10U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[11U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[12U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[13U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[14U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); lit.coefficients[15U] = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); return lit; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1088size_t_10size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1088size_t_10size_t( size_t _) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_decompress_ciphertext_coefficient___10int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___10int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2366,18 +2478,19 @@ libcrux_ml_kem_vector_decompress_ciphertext_coefficient___10int32_t( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___10int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_decompress_ciphertext_coefficient___10int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___10int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___10int32_t( + v); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_10__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_10__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)20U; @@ -2388,20 +2501,20 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10__libcrux_ml_kem_vector_p (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)20U, .end = i0 * (size_t)20U + (size_t)20U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_10( bytes); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___10int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___10int32_t( coefficient); re.coefficients[i0] = uu____0; } return re; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_decompress_ciphertext_coefficient___11int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___11int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2414,18 +2527,19 @@ libcrux_ml_kem_vector_decompress_ciphertext_coefficient___11int32_t( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___11int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_decompress_ciphertext_coefficient___11int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___11int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___11int32_t( + v); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_11__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_11__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)22U; @@ -2436,61 +2550,62 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11__libcrux_ml_kem_vector_p (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)22U, .end = i0 * (size_t)22U + (size_t)22U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_11( bytes); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___11int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___11int32_t( coefficient); re.coefficients[i0] = uu____0; } return re; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0; uu____0 = - libcrux_ml_kem_serialize_deserialize_then_decompress_10__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_then_decompress_10__libcrux_ml_kem_vector_portable_vector_type_PortableVector( serialized); return uu____0; } typedef struct - K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector_s { - libcrux_ml_kem_vector_portable_PortableVector fst; - libcrux_ml_kem_vector_portable_PortableVector snd; -} K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector; - -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector v, int16_t fer) { - return libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( + K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector_s { + libcrux_ml_kem_vector_portable_vector_type_PortableVector fst; + libcrux_ml_kem_vector_portable_vector_type_PortableVector snd; +} K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector; + +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { + return libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( v, fer); } -static inline K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_ntt_ntt_layer_int_vec_step__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector a, - libcrux_ml_kem_vector_portable_PortableVector b, int16_t zeta_r) { - libcrux_ml_kem_vector_portable_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_PortableVector( +static inline K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_ntt_ntt_layer_int_vec_step__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + libcrux_ml_kem_vector_portable_vector_type_PortableVector b, + int16_t zeta_r) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector t = + libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_vector_type_PortableVector( b, zeta_r); - b = libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( + b = libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( a, &t); - a = libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + a = libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( a, &t); return (CLITERAL( - K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector){ + K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector){ .fst = a, .snd = b}); } static inline void -libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2502,14 +2617,14 @@ libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableV size_t step_vec = step / (size_t)16U; for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; - K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector + K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R [zeta_i[0U]]); - libcrux_ml_kem_vector_portable_PortableVector x = uu____0.fst; - libcrux_ml_kem_vector_portable_PortableVector y = uu____0.snd; + libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; + libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd; re->coefficients[j] = x; re->coefficients[j + step_vec] = y; } @@ -2517,109 +2632,114 @@ libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableV } static inline void -libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_3_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); - re->coefficients[round] = uu____0;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_3_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + re->coefficients[round] = uu____0; + } } static inline void -libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_2_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] + (size_t)1U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_2_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)1U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + } } static inline void -libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer, size_t _initial_coefficient_bound) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] + (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_layer_1_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + - (size_t)3U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] + (size_t)3U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] + (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_layer_1_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)1U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)2U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] + + (size_t)3U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] + (size_t)3U; + } } static inline void -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( self->coefficients[i0]); self->coefficients[i0] = uu____0; } } static inline void -libcrux_ml_kem_ntt_ntt_vector_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ntt_ntt_vector_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)6U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)5U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)4U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re); } static inline void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1088size_t_10size_t( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1088size_t_10size_t( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector u_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + u_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t, @@ -2640,24 +2760,24 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_port LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t( u_bytes); u_as_ntt[i0] = uu____0; - libcrux_ml_kem_ntt_ntt_vector_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t( + libcrux_ml_kem_ntt_ntt_vector_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t( &u_as_ntt[i0]); } memcpy( ret, u_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_decompress_ciphertext_coefficient___4int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___4int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2670,18 +2790,19 @@ libcrux_ml_kem_vector_decompress_ciphertext_coefficient___4int32_t( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___4int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_decompress_ciphertext_coefficient___4int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___4int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___4int32_t( + v); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_4__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_4__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)8U; i++) { @@ -2691,20 +2812,20 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4__libcrux_ml_kem_vector_po (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)8U, .end = i0 * (size_t)8U + (size_t)8U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_4( bytes); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___4int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___4int32_t( coefficient); re.coefficients[i0] = uu____0; } return re; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_decompress_ciphertext_coefficient___5int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___5int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2717,18 +2838,19 @@ libcrux_ml_kem_vector_decompress_ciphertext_coefficient___5int32_t( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___5int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_decompress_ciphertext_coefficient___5int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___5int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient___5int32_t( + v); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_5__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_5__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)10U; @@ -2739,41 +2861,41 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5__libcrux_ml_kem_vector_po (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)10U, .end = i0 * (size_t)10U + (size_t)10U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_5( bytes); re.coefficients[i0] = uu____0; - libcrux_ml_kem_vector_portable_PortableVector uu____1 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___decompress_ciphertext_coefficient___5int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___decompress_ciphertext_coefficient___5int32_t( re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_4size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_4size_t( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0; uu____0 = - libcrux_ml_kem_serialize_deserialize_then_decompress_4__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_then_decompress_4__libcrux_ml_kem_vector_portable_vector_type_PortableVector( serialized); return uu____0; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure__libcrux_ml_kem_vector_portable_PortableVector_3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( size_t _) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)24U; @@ -2784,8 +2906,8 @@ libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_ke (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)24U, .end = i0 * (size_t)24U + (size_t)24U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_12( bytes); re.coefficients[i0] = uu____0; } @@ -2793,16 +2915,16 @@ libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_ke } static inline void -libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t( +libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector secret_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + secret_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(secret_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2815,9 +2937,9 @@ libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_Po .end = i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -2825,23 +2947,23 @@ libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_Po ret, secret_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector out = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ntt_multiply( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ntt_multiply( &self->coefficients[i0], &rhs->coefficients[i0], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U + (size_t)4U * i0], @@ -2860,104 +2982,111 @@ libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vec } static inline void -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) { for (size_t i = (size_t)0U; - i < - core_slice___Slice_T___len( - Eurydice_array_to_slice( - (size_t)16U, self->coefficients, - libcrux_ml_kem_vector_portable_PortableVector, Eurydice_slice), - libcrux_ml_kem_vector_portable_PortableVector, size_t); + i < core_slice___Slice_T___len( + Eurydice_array_to_slice( + (size_t)16U, self->coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector, + Eurydice_slice), + libcrux_ml_kem_vector_portable_vector_type_PortableVector, + size_t); i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( self->coefficients[i0], &rhs->coefficients[i0]); self->coefficients[i0] = uu____0; } } static inline void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_1_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)2U], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)3U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] - (size_t)3U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_1_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)1U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)2U], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)3U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] - (size_t)3U; + } } static inline void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_2_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - - (size_t)1U]); - re->coefficients[round] = uu____0; zeta_i[0U] = zeta_i[0U] - (size_t)1U;); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_2_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] - + (size_t)1U]); + re->coefficients[round] = uu____0; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + } } static inline void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t _layer) { - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; - zeta_i[0U] = zeta_i[0U] - (size_t)1U; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___inv_ntt_layer_3_step( - re->coefficients[round], - libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); - re->coefficients[round] = uu____0;); -} - -static inline K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector a, - libcrux_ml_kem_vector_portable_PortableVector b, int16_t zeta_r) { - libcrux_ml_kem_vector_portable_PortableVector a_minus_b = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t round = i; + zeta_i[0U] = zeta_i[0U] - (size_t)1U; + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___inv_ntt_layer_3_step( + re->coefficients[round], + libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); + re->coefficients[round] = uu____0; + } +} + +static inline K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + libcrux_ml_kem_vector_portable_vector_type_PortableVector b, + int16_t zeta_r) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector a_minus_b = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( b, &a); - a = libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + a = libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_PortableVector( + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe__libcrux_ml_kem_vector_portable_vector_type_PortableVector( a_minus_b, zeta_r); return (CLITERAL( - K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector){ + K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector){ .fst = a, .snd = b}); } static inline void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( size_t *zeta_i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2971,14 +3100,14 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_port step / LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; - K___libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_vector_portable_PortableVector + K___libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R [zeta_i[0U]]); - libcrux_ml_kem_vector_portable_PortableVector x = uu____0.fst; - libcrux_ml_kem_vector_portable_PortableVector y = uu____0.snd; + libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; + libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd; re->coefficients[j] = x; re->coefficients[j + step_vec] = y; } @@ -2986,80 +3115,82 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_port } static inline void -libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___subtract_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___subtract_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( - b.coefficients[i0], (int16_t)1441); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_normal_form = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( + b.coefficients[i0], (int16_t)1441); + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( self->coefficients[i0], &coefficient_normal_form)); b.coefficients[i0] = uu____0; } return b; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_matrix_compute_message__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_matrix_compute_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *v, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_PortableVector( - &secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - &result, &product);); - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + product = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + &secret_as_ntt[i0], &u_as_ntt[i0]); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + &result, &product); + } + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &result); result = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___subtract_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___subtract_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( v, result); return result; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_shift_right___15int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_arithmetic_shift_right___15int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -3068,76 +3199,78 @@ libcrux_ml_kem_vector_shift_right___15int32_t( return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___shift_right___15int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_shift_right___15int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___shift_right___15int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_arithmetic_shift_right___15int32_t(v); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector a) { - libcrux_ml_kem_vector_portable_PortableVector t = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___shift_right___15int32_t( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector t = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___shift_right___15int32_t( a); - libcrux_ml_kem_vector_portable_PortableVector fm = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___bitwise_and_with_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___bitwise_and_with_constant( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); - return libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + return libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( a, &fm); } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_message__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( - re.coefficients[i0]); - libcrux_ml_kem_vector_portable_PortableVector coefficient_compressed = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress_1( - coefficient); - uint8_t bytes[2U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_1( - coefficient_compressed, bytes); - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)32U, serialized, - (CLITERAL(core_ops_range_Range__size_t){ - .start = (size_t)2U * i0, .end = (size_t)2U * i0 + (size_t)2U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice( - uu____0, - Eurydice_array_to_slice((size_t)2U, bytes, uint8_t, Eurydice_slice), - uint8_t, void *);); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t i0 = i; + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + re.coefficients[i0]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_compressed = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress_1( + coefficient); + uint8_t bytes[2U]; + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_1( + coefficient_compressed, bytes); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)32U, serialized, + (CLITERAL(core_ops_range_Range__size_t){ + .start = (size_t)2U * i0, .end = (size_t)2U * i0 + (size_t)2U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + core_slice___Slice_T___copy_from_slice( + uu____0, + Eurydice_array_to_slice((size_t)2U, bytes, uint8_t, Eurydice_slice), + uint8_t, void *); + } memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t)); } static inline void -libcrux_ml_kem_ind_cpa_decrypt__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1088size_t_960size_t_10size_t_4size_t( +libcrux_ml_kem_ind_cpa_decrypt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1088size_t_960size_t_10size_t_4size_t( Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1088size_t_10size_t( + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1088size_t_10size_t( ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - v = libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_4size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + v = libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_4size_t( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t, Eurydice_slice)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_ind_cpa_deserialize_secret_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( secret_key, secret_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector message = - libcrux_ml_kem_matrix_compute_message__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_matrix_compute_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &v, secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_compress_then_serialize_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector( message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3162,18 +3295,18 @@ libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K_ memcpy(ret, digest, (size_t)32U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure__libcrux_ml_kem_vector_portable_PortableVector_1152size_t_3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1152size_t_3size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(serialized, uint8_t, size_t) / (size_t)24U; @@ -3184,11 +3317,11 @@ libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vec (CLITERAL(core_ops_range_Range__size_t){ .start = i0 * (size_t)24U, .end = i0 * (size_t)24U + (size_t)24U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_12( bytes); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___cond_subtract_3329( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___cond_subtract_3329( coefficient); re.coefficients[i0] = uu____0; } @@ -3196,16 +3329,16 @@ libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vec } static inline void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_PortableVector_1152size_t_3size_t( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1152size_t_3size_t( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector deserialized_pk[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + deserialized_pk[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(public_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -3218,9 +3351,9 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto .end = i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( ring_element); deserialized_pk[i0] = uu____0; } @@ -3228,31 +3361,31 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto ret, deserialized_pk, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_matrix_sample_matrix_A_closure_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_matrix_sample_matrix_A_closure_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( size_t _j) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } static inline void -libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( +libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( size_t _i, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret0[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + ret0[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } memcpy( ret, ret0, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } typedef struct @@ -3264,14 +3397,15 @@ static inline libcrux_ml_kem_hash_functions_portable_PortableHash____3size_t libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____shake128_init_absorb___3size_t( uint8_t input[3U][34U]) { libcrux_sha3_generic_keccak_KeccakState__uint64_t__1size_t state[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - state[i] = libcrux_sha3_portable_incremental_shake128_init();); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_sha3_portable_incremental_shake128_absorb_final( - &state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t, - Eurydice_slice));); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + state[i] = libcrux_sha3_portable_incremental_shake128_init(); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_sha3_portable_incremental_shake128_absorb_final( + &state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t, + Eurydice_slice)); + } libcrux_sha3_generic_keccak_KeccakState__uint64_t__1size_t uu____0[3U]; memcpy( uu____0, state, @@ -3290,53 +3424,57 @@ libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K_ libcrux_ml_kem_hash_functions_portable_PortableHash____3size_t *self, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( - &self->shake128_state[i0], - Eurydice_array_to_slice((size_t)504U, out[i0], uint8_t, - Eurydice_slice));); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( + &self->shake128_state[i0], + Eurydice_array_to_slice((size_t)504U, out[i0], uint8_t, + Eurydice_slice)); + } memcpy(ret, out, (size_t)3U * sizeof(uint8_t[504U])); } static inline bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_PortableVector_3size_t_504size_t( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_504size_t( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - for (size_t i = (size_t)0U; i < (size_t)504U / (size_t)24U; i++) { - size_t r = i; - if (sampled_coefficients[i1] < - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)504U, randomness[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = r * (size_t)24U, - .end = r * (size_t)24U + (size_t)24U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - size_t sampled = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___rej_sample( - uu____0, - Eurydice_array_to_subslice( - (size_t)272U, out[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = sampled_coefficients[i1], - .end = sampled_coefficients[i1] + (size_t)16U}), - int16_t, core_ops_range_Range__size_t, Eurydice_slice)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = - sampled_coefficients[uu____1] + sampled; - } - }); - bool done = true; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - if (sampled_coefficients[i0] >= + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)504U / (size_t)24U; i++) { + size_t r = i; + if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - sampled_coefficients[i0] = - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; - } else { done = false; }); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)504U, randomness[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = r * (size_t)24U, + .end = r * (size_t)24U + (size_t)24U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + size_t sampled = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___rej_sample( + uu____0, + Eurydice_array_to_subslice( + (size_t)272U, out[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = sampled_coefficients[i1], + .end = sampled_coefficients[i1] + (size_t)16U}), + int16_t, core_ops_range_Range__size_t, Eurydice_slice)); + size_t uu____1 = i1; + sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + } + } + } + bool done = true; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + if (sampled_coefficients[i0] >= + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { + sampled_coefficients[i0] = + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; + } else { + done = false; + } + } return done; } @@ -3345,66 +3483,71 @@ libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K_ libcrux_ml_kem_hash_functions_portable_PortableHash____3size_t *self, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_sha3_portable_incremental_shake128_squeeze_next_block( - &self->shake128_state[i0], - Eurydice_array_to_slice((size_t)168U, out[i0], uint8_t, - Eurydice_slice));); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_sha3_portable_incremental_shake128_squeeze_next_block( + &self->shake128_state[i0], + Eurydice_array_to_slice((size_t)168U, out[i0], uint8_t, + Eurydice_slice)); + } memcpy(ret, out, (size_t)3U * sizeof(uint8_t[168U])); } static inline bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_PortableVector_3size_t_168size_t( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_168size_t( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)24U; i++) { - size_t r = i; - if (sampled_coefficients[i1] < - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)168U, randomness[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = r * (size_t)24U, - .end = r * (size_t)24U + (size_t)24U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - size_t sampled = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___rej_sample( - uu____0, - Eurydice_array_to_subslice( - (size_t)272U, out[i1], - (CLITERAL(core_ops_range_Range__size_t){ - .start = sampled_coefficients[i1], - .end = sampled_coefficients[i1] + (size_t)16U}), - int16_t, core_ops_range_Range__size_t, Eurydice_slice)); - size_t uu____1 = i1; - sampled_coefficients[uu____1] = - sampled_coefficients[uu____1] + sampled; - } - }); - bool done = true; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - if (sampled_coefficients[i0] >= + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)24U; i++) { + size_t r = i; + if (sampled_coefficients[i1] < LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { - sampled_coefficients[i0] = - LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; - } else { done = false; }); + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)168U, randomness[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = r * (size_t)24U, + .end = r * (size_t)24U + (size_t)24U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + size_t sampled = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___rej_sample( + uu____0, + Eurydice_array_to_subslice( + (size_t)272U, out[i1], + (CLITERAL(core_ops_range_Range__size_t){ + .start = sampled_coefficients[i1], + .end = sampled_coefficients[i1] + (size_t)16U}), + int16_t, core_ops_range_Range__size_t, Eurydice_slice)); + size_t uu____1 = i1; + sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled; + } + } + } + bool done = true; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + if (sampled_coefficients[i0] >= + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) { + sampled_coefficients[i0] = + LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT; + } else { + done = false; + } + } return done; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___from_i16_array( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___from_i16_array( Eurydice_slice_subslice( a, (CLITERAL(core_ops_range_Range__size_t){ @@ -3416,10 +3559,10 @@ libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vec return result; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( int16_t s[272U]) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_PortableVector( + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_array_to_subslice((size_t)272U, s, (CLITERAL(core_ops_range_Range__size_t){ .start = (size_t)0U, .end = (size_t)256U}), @@ -3428,9 +3571,9 @@ libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_portable_ } static inline void -libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( +libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; @@ -3445,7 +3588,7 @@ libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_Portable uint8_t uu____1[3U][504U]; memcpy(uu____1, randomness0, (size_t)3U * sizeof(uint8_t[504U])); bool done = - libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_PortableVector_3size_t_504size_t( + libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_504size_t( uu____1, sampled_coefficients, out); while (true) { if (done) { @@ -3457,108 +3600,114 @@ libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_Portable uint8_t uu____2[3U][168U]; memcpy(uu____2, randomness, (size_t)3U * sizeof(uint8_t[168U])); done = - libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_PortableVector_3size_t_168size_t( + libcrux_ml_kem_sampling_sample_from_uniform_distribution_next__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_168size_t( uu____2, sampled_coefficients, out); } } int16_t uu____3[3U][272U]; memcpy(uu____3, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret0[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( - uu____3[i]);); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + ret0[i] = + libcrux_ml_kem_sampling_sample_from_xof_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( + uu____3[i]); + } memcpy( ret, ret0, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } static inline void -libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( +libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( uint8_t seed[34U], bool transpose, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U][3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector A_transpose[3U][3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( - i, A_transpose[i]);); - KRML_MAYBE_FOR3( - i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; - uint8_t uu____0[34U]; - memcpy(uu____0, seed, (size_t)34U * sizeof(uint8_t)); - uint8_t seeds[3U][34U]; KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(seeds[i], uu____0, (size_t)34U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t j = i; - seeds[j][32U] = (uint8_t)i1; seeds[j][33U] = (uint8_t)j;); - uint8_t uu____1[3U][34U]; - memcpy(uu____1, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( - uu____1, sampled); - for ( - size_t i = (size_t)0U; - i < - core_slice___Slice_T___len( - Eurydice_array_to_slice( - (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, - Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, - size_t); - i++) { - size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - sample = sampled[j]; - if (transpose) { - A_transpose[j][i1] = sample; - } else { - A_transpose[i1][j] = sample; - } - }); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + libcrux_ml_kem_matrix_sample_matrix_A_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( + i, A_transpose[i]); + } + for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { + size_t i1 = i0; + uint8_t uu____0[34U]; + memcpy(uu____0, seed, (size_t)34U * sizeof(uint8_t)); + uint8_t seeds[3U][34U]; + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(seeds[i], uu____0, (size_t)34U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t j = i; + seeds[j][32U] = (uint8_t)i1; + seeds[j][33U] = (uint8_t)j; + } + uint8_t uu____1[3U][34U]; + memcpy(uu____1, seeds, (size_t)3U * sizeof(uint8_t[34U])); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + sampled[3U]; + libcrux_ml_kem_sampling_sample_from_xof__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( + uu____1, sampled); + for ( + size_t i = (size_t)0U; + i < + core_slice___Slice_T___len( + Eurydice_array_to_slice( + (size_t)3U, sampled, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, + Eurydice_slice), + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, + size_t); + i++) { + size_t j = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + sample = sampled[j]; + if (transpose) { + A_transpose[j][i1] = sample; + } else { + A_transpose[i1][j] = sample; + } + } + } memcpy( ret, A_transpose, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector [3U])); } typedef struct - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t_s { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t_s { + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector fst[3U]; uint8_t snd; -} K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t; +} K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t; -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } static inline void libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____PRFxN___3size_t_128size_t( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_sha3_portable_shake256( - Eurydice_array_to_slice((size_t)128U, out[i0], uint8_t, - Eurydice_slice), - Eurydice_array_to_slice((size_t)33U, input[i0], uint8_t, - Eurydice_slice));); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_sha3_portable_shake256( + Eurydice_array_to_slice((size_t)128U, out[i0], uint8_t, Eurydice_slice), + Eurydice_array_to_slice((size_t)33U, input[i0], uint8_t, + Eurydice_slice)); + } memcpy(ret, out, (size_t)3U * sizeof(uint8_t[128U])); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3600,13 +3749,13 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2__libcrux_ml_kem_vect sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_PortableVector( + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t, Eurydice_slice)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3646,164 +3795,170 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3__libcrux_ml_kem_vect sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_PortableVector( + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___from_i16_array__libcrux_ml_kem_vector_portable_vector_type_PortableVector( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t, Eurydice_slice)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_PortableVector_2size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_vector_type_PortableVector_2size_t( Eurydice_slice randomness) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0; uu____0 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_2__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( randomness); return uu____0; } static inline void -libcrux_ml_kem_ntt_ntt_at_layer_7__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ntt_ntt_at_layer_7__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; - libcrux_ml_kem_vector_portable_PortableVector t = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___multiply_by_constant( + libcrux_ml_kem_vector_portable_vector_type_PortableVector t = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___multiply_by_constant( re->coefficients[j + step], (int16_t)-1600); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( re->coefficients[j], &t); re->coefficients[j + step] = uu____0; - libcrux_ml_kem_vector_portable_PortableVector uu____1 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( re->coefficients[j], &t); re->coefficients[j] = uu____1; } } static inline void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_7__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)6U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)5U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)4U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_3__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_2__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_ntt_ntt_at_layer_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___poly_barrett_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re); } -static inline K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( +static inline K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re_as_ntt[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + re_as_ntt[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } uint8_t uu____0[33U]; memcpy(uu____0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t prf_inputs[3U][33U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U;); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + prf_inputs[i0][32U] = domain_separator; + domain_separator = (uint32_t)domain_separator + 1U; + } uint8_t prf_outputs[3U][128U]; libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____PRFxN___3size_t_128size_t( prf_inputs, prf_outputs); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_PortableVector_2size_t( - Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], - uint8_t, Eurydice_slice)); - re_as_ntt[i0] = uu____1; - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_portable_PortableVector( - &re_as_ntt[i0]);); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_vector_type_PortableVector_2size_t( + Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t, + Eurydice_slice)); + re_as_ntt[i0] = uu____1; + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + &re_as_ntt[i0]); + } + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____2[3U]; memcpy( uu____2, re_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t lit; memcpy( lit.fst, uu____2, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); lit.snd = domain_separator; return lit; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } -static inline K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( +static inline K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector error_1[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + error_1[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } uint8_t uu____0[33U]; memcpy(uu____0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t prf_inputs[3U][33U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t));); - KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - prf_inputs[i0][32U] = domain_separator; - domain_separator = (uint32_t)domain_separator + 1U;); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + memcpy(prf_inputs[i], uu____0, (size_t)33U * sizeof(uint8_t)); + } + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + prf_inputs[i0][32U] = domain_separator; + domain_separator = (uint32_t)domain_separator + 1U; + } uint8_t prf_outputs[3U][128U]; libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____PRFxN___3size_t_128size_t( prf_inputs, prf_outputs); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_PortableVector_2size_t( - Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], - uint8_t, Eurydice_slice)); - error_1[i0] = uu____1;); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_vector_type_PortableVector_2size_t( + Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t, + Eurydice_slice)); + error_1[i0] = uu____1; + } + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____2[3U]; memcpy( uu____2, error_1, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t lit; memcpy( lit.fst, uu____2, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); lit.snd = domain_separator; return lit; } @@ -3818,63 +3973,64 @@ libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K_ memcpy(ret, digest, (size_t)128U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_matrix_compute_vector_u_closure__libcrux_ml_kem_vector_portable_PortableVector_3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_matrix_compute_vector_u_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } static inline void -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( - self->coefficients[j], (int16_t)1441); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_normal_form = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( + self->coefficients[j], (int16_t)1441); + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( coefficient_normal_form, &error->coefficients[j])); self->coefficients[j] = uu____0; } } static inline void -libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector ( +libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ( *a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + result[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for ( size_t i0 = (size_t)0U; i0 < core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector [3U], Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector [3U], size_t); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *row = a_as_ntt[i1]; for ( size_t i = (size_t)0U; @@ -3882,158 +4038,163 @@ libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_portable_PortableV core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, size_t); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_vector_type_PortableVector( a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &result[i1]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &result[i1], &error_1[i1]); } memcpy( ret, result, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector v) { - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___ZERO(); - return libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___bitwise_and_with_constant( - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___sub( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___ZERO(); + return libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___bitwise_and_with_constant( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___sub( uu____0, &v), (int16_t)1665); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_then_decompress_message__libcrux_ml_kem_vector_portable_PortableVector( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_then_decompress_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector( uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); - KRML_MAYBE_FOR16( - i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient_compressed = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___deserialize_1( - Eurydice_array_to_subslice( - (size_t)32U, serialized, - (CLITERAL(core_ops_range_Range__size_t){ - .start = (size_t)2U * i0, - .end = (size_t)2U * i0 + (size_t)2U}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice)); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_portable_PortableVector( - coefficient_compressed); - re.coefficients[i0] = uu____0;); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + for (size_t i = (size_t)0U; i < (size_t)16U; i++) { + size_t i0 = i; + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_compressed = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___deserialize_1( + Eurydice_array_to_subslice( + (size_t)32U, serialized, + (CLITERAL(core_ops_range_Range__size_t){ + .start = (size_t)2U * i0, + .end = (size_t)2U * i0 + (size_t)2U}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice)); + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_traits_decompress_1__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + coefficient_compressed); + re.coefficients[i0] = uu____0; + } return re; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_message_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_message_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *message, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( - result.coefficients[i0], (int16_t)1441); - libcrux_ml_kem_vector_portable_PortableVector tmp = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_normal_form = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( + result.coefficients[i0], (int16_t)1441); + libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( self->coefficients[i0], &message->coefficients[i0]); - libcrux_ml_kem_vector_portable_PortableVector tmp0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( coefficient_normal_form, &tmp); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( tmp0); result.coefficients[i0] = uu____0; } return result; } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_matrix_compute_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_matrix_compute_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_PortableVector( - &t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - &result, &product);); - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + size_t i0 = i; + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + product = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + &t_as_ntt[i0], &r_as_ntt[i0]); + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + &result, &product); + } + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &result); result = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_message_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_message_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( error_2, message, result); return result; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_compress___10int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_compress___10int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = libcrux_ml_kem_vector_compress_ciphertext_coefficient( - (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]); + int16_t uu____0 = + libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( + (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___10int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_compress___10int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___10int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_compress___10int32_t(v); } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_10__libcrux_ml_kem_vector_portable_PortableVector_320size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_10__libcrux_ml_kem_vector_portable_vector_type_PortableVector_320size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___10int32_t( - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___10int32_t( + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re->coefficients[i0])); uint8_t bytes[20U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_10( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_10( coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice( (size_t)320U, serialized, @@ -4048,40 +4209,41 @@ libcrux_ml_kem_serialize_compress_then_serialize_10__libcrux_ml_kem_vector_porta memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t)); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_compress___11int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_compress___11int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = libcrux_ml_kem_vector_compress_ciphertext_coefficient( - (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]); + int16_t uu____0 = + libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( + (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___11int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_compress___11int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___11int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_compress___11int32_t(v); } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_11__libcrux_ml_kem_vector_portable_PortableVector_320size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_11__libcrux_ml_kem_vector_portable_vector_type_PortableVector_320size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___11int32_t( - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___11int32_t( + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re->coefficients[i0])); uint8_t bytes[22U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_11( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_11( coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice( (size_t)320U, serialized, @@ -4097,19 +4259,19 @@ libcrux_ml_kem_serialize_compress_then_serialize_11__libcrux_ml_kem_vector_porta } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t_320size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t_320size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10__libcrux_ml_kem_vector_portable_PortableVector_320size_t( + libcrux_ml_kem_serialize_compress_then_serialize_10__libcrux_ml_kem_vector_portable_vector_type_PortableVector_320size_t( re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } static inline void -libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t_960size_t_10size_t_320size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_960size_t_10size_t_320size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector input[3U], Eurydice_slice out) { for ( @@ -4118,13 +4280,13 @@ libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, size_t); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice( out, @@ -4133,7 +4295,7 @@ libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable .end = (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U)}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u__libcrux_ml_kem_vector_portable_PortableVector_10size_t_320size_t( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_10size_t_320size_t( &re, ret); core_slice___Slice_T___copy_from_slice( uu____0, @@ -4142,39 +4304,40 @@ libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable } } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_compress___4int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_compress___4int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = libcrux_ml_kem_vector_compress_ciphertext_coefficient( - (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]); + int16_t uu____0 = + libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( + (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___4int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_compress___4int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___4int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_compress___4int32_t(v); } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_4__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_4__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___4int32_t( - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___4int32_t( + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re.coefficients[i0])); uint8_t bytes[8U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_4( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_4( coefficient, bytes); Eurydice_slice uu____0 = Eurydice_slice_subslice( serialized, @@ -4188,39 +4351,40 @@ libcrux_ml_kem_serialize_compress_then_serialize_4__libcrux_ml_kem_vector_portab } } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_compress___5int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_compress_compress___5int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int16_t uu____0 = libcrux_ml_kem_vector_compress_ciphertext_coefficient( - (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]); + int16_t uu____0 = + libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient( + (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]); v.elements[i0] = uu____0; } return v; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___5int32_t( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector_compress___5int32_t(v); +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___5int32_t( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable_compress_compress___5int32_t(v); } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_5__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_5__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficients = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___compress___5int32_t( - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___compress___5int32_t( + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re.coefficients[i0])); uint8_t bytes[10U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_5( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_5( coefficients, bytes); Eurydice_slice uu____0 = Eurydice_slice_subslice( serialized, @@ -4235,102 +4399,102 @@ libcrux_ml_kem_serialize_compress_then_serialize_5__libcrux_ml_kem_vector_portab } static inline void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_4size_t_128size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_4size_t_128size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_compress_then_serialize_4__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re, out); } static inline void -libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( +libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector t_as_ntt[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_PortableVector_1152size_t_3size_t( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1152size_t_3size_t( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t, Eurydice_slice), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from( public_key, (size_t)1152U, uint8_t, size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector A_transpose[3U][3U]; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array___34size_t(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( + libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( ret0, false, A_transpose); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array___33size_t(randomness, prf_input); uint8_t uu____0[33U]; memcpy(uu____0, prf_input, (size_t)33U * sizeof(uint8_t)); - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t uu____1 = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( uu____0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t domain_separator0 = uu____1.snd; uint8_t uu____2[33U]; memcpy(uu____2, prf_input, (size_t)33U * sizeof(uint8_t)); - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t uu____3 = - libcrux_ml_kem_ind_cpa_sample_ring_element_cbd__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( + libcrux_ml_kem_ind_cpa_sample_ring_element_cbd__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_128size_t_2size_t( uu____2, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector error_1[3U]; memcpy( error_1, uu____3.fst, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____PRF___3size_t_128size_t( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t, Eurydice_slice), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_PortableVector_2size_t( + libcrux_ml_kem_sampling_sample_from_binomial_distribution__libcrux_ml_kem_vector_portable_vector_type_PortableVector_2size_t( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t, Eurydice_slice)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector u[3U]; - libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_matrix_compute_vector_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( A_transpose, r_as_ntt, error_1, u); uint8_t uu____4[32U]; memcpy(uu____4, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_then_decompress_message__libcrux_ml_kem_vector_portable_vector_type_PortableVector( uu____4); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector - v = libcrux_ml_kem_matrix_compute_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector + v = libcrux_ml_kem_matrix_compute_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable_PortableVector_3size_t_960size_t_10size_t_320size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + libcrux_ml_kem_ind_cpa_compress_then_serialize_u__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_960size_t_10size_t_320size_t( uu____5, Eurydice_array_to_subslice( (size_t)1088U, ciphertext, (CLITERAL(core_ops_range_Range__size_t){ .start = (size_t)0U, .end = (size_t)960U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v__libcrux_ml_kem_vector_portable_PortableVector_4size_t_128size_t( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v__libcrux_ml_kem_vector_portable_vector_type_PortableVector_4size_t_128size_t( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t, Eurydice_slice)); @@ -4349,7 +4513,7 @@ libcrux_ml_kem_ind_cca___libcrux_ml_kem__ind_cca__Variant_for_libcrux_ml_kem__in } static inline void -libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_2400size_t_1152size_t_1184size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t_1120size_t( +libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_2400size_t_1152size_t_1184size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t_1120size_t( libcrux_ml_kem_types_MlKemPrivateKey____2400size_t *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { K___Eurydice_slice_uint8_t_Eurydice_slice_uint8_t uu____0 = @@ -4373,7 +4537,7 @@ libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_PortableVecto Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1088size_t_960size_t_10size_t_4size_t( + libcrux_ml_kem_ind_cpa_decrypt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1088size_t_960size_t_10size_t_4size_t( ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array___64size_t( @@ -4414,7 +4578,7 @@ libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_PortableVecto uint8_t uu____6[32U]; memcpy(uu____6, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( uu____5, uu____6, pseudorandomness, expected_ciphertext); Eurydice_slice uu____7 = libcrux_ml_kem_types___core__convert__AsRef__Slice_u8___for_libcrux_ml_kem__types__MlKemCiphertext_SIZE___1__as_ref___1088size_t( @@ -4446,7 +4610,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate___3size_t_2400size_t_ libcrux_ml_kem_types_MlKemPrivateKey____2400size_t *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t ret0[32U]; - libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_2400size_t_1152size_t_1184size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t_1120size_t( + libcrux_ml_kem_ind_cca_decapsulate__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_2400size_t_1152size_t_1184size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t_1120size_t( private_key, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4481,7 +4645,7 @@ libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K_ } static inline K___libcrux_ml_kem_types_MlKemCiphertext___1088size_t___uint8_t_32size_t_ -libcrux_ml_kem_ind_cca_encapsulate__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_1088size_t_1184size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( +libcrux_ml_kem_ind_cca_encapsulate__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_1088size_t_1184size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( libcrux_ml_kem_types_MlKemPublicKey____1184size_t *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; @@ -4527,7 +4691,7 @@ libcrux_ml_kem_ind_cca_encapsulate__libcrux_ml_kem_vector_portable_PortableVecto uint8_t uu____3[32U]; memcpy(uu____3, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_encrypt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1088size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( uu____2, uu____3, pseudorandomness, ciphertext); uint8_t uu____4[1088U]; memcpy(uu____4, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4553,7 +4717,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate___3size_t_1088size_t_ libcrux_ml_kem_types_MlKemPublicKey____1184size_t *uu____0 = public_key; uint8_t uu____1[32U]; memcpy(uu____1, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_1088size_t_1184size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( + return libcrux_ml_kem_ind_cca_encapsulate__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___libcrux_ml_kem_ind_cca_MlKem_3size_t_1088size_t_1184size_t_1152size_t_960size_t_128size_t_10size_t_4size_t_320size_t_2size_t_128size_t_2size_t_128size_t( uu____0, uu____1); } @@ -4568,70 +4732,71 @@ libcrux_ml_kem_mlkem768_portable_encapsulate( uu____0, uu____1); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_matrix_compute_As_plus_e_closure__libcrux_ml_kem_vector_portable_PortableVector_3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_matrix_compute_As_plus_e_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_vector_portable_PortableVector v) { - return libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___montgomery_multiply_by_constant( +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_traits_to_standard_domain__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___montgomery_multiply_by_constant( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } static inline void -libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_standard_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_standard_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *self, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain__libcrux_ml_kem_vector_portable_PortableVector( - self->coefficients[j]); - libcrux_ml_kem_vector_portable_PortableVector uu____0 = - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___barrett_reduce( - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___add( + libcrux_ml_kem_vector_portable_vector_type_PortableVector + coefficient_normal_form = + libcrux_ml_kem_vector_traits_to_standard_domain__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + self->coefficients[j]); + libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___barrett_reduce( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___add( coefficient_normal_form, &error->coefficients[j])); self->coefficients[j] = uu____0; } } static inline void -libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_portable_PortableVector_3size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector ( +libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ( *matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *error_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector result[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + result[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for ( size_t i0 = (size_t)0U; i0 < core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector [3U], Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector [3U], size_t); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *row = matrix_A[i1]; for ( size_t i = (size_t)0U; @@ -4639,45 +4804,45 @@ libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_portable_Portable core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, size_t); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector product = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ntt_multiply__libcrux_ml_kem_vector_portable_vector_type_PortableVector( matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_to_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( &result[i1], &product); } - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_standard_error_reduce__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___add_standard_error_reduce__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &result[i1], &error_as_ntt[i1]); } memcpy( ret, result, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } static inline void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element__libcrux_ml_kem_vector_portable_PortableVector( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - libcrux_ml_kem_vector_portable_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = + libcrux_ml_kem_vector_traits_to_unsigned_representative__libcrux_ml_kem_vector_portable_vector_type_PortableVector( re->coefficients[i0]); uint8_t bytes[24U]; - libcrux_ml_kem_vector___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__PortableVector___serialize_12( + libcrux_ml_kem_vector_portable___libcrux_ml_kem__vector__traits__Operations_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___serialize_12( coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice( (size_t)384U, serialized, @@ -4693,8 +4858,8 @@ libcrux_ml_kem_serialize_serialize_uncompressed_ring_element__libcrux_ml_kem_vec } static inline void -libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector key[3U], uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4704,13 +4869,13 @@ libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_Port core_slice___Slice_T___len( Eurydice_array_to_slice( (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, Eurydice_slice), - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector, + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector, size_t); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice( (size_t)1152U, out, @@ -4720,7 +4885,7 @@ libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_Port LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( &re, ret0); core_slice___Slice_T___copy_from_slice( uu____0, @@ -4731,8 +4896,8 @@ libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_Port } static inline void -libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t_1184size_t( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector +libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t_1184size_t( + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector t_as_ntt[3U], Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; @@ -4741,15 +4906,15 @@ libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_Port (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = (size_t)1152U}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1[3U]; memcpy( uu____1, t_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t ret0[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t( + libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t( uu____1, ret0); core_slice___Slice_T___copy_from_slice( uu____0, @@ -4764,7 +4929,7 @@ libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_Port } static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_1184size_t_1152size_t_2size_t_128size_t( +libcrux_ml_kem_ind_cpa_generate_keypair__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_1184size_t_1152size_t_2size_t_128size_t( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; libcrux_ml_kem_hash_functions_portable___libcrux_ml_kem__hash_functions__Hash_K__for_libcrux_ml_kem__hash_functions__portable__PortableHash_K____G___3size_t( @@ -4776,64 +4941,64 @@ libcrux_ml_kem_ind_cpa_generate_keypair__libcrux_ml_kem_vector_portable_Portable K___Eurydice_slice_uint8_t_Eurydice_slice_uint8_t); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector A_transpose[3U][3U]; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array___34size_t(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( + libcrux_ml_kem_matrix_sample_matrix_A__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t( ret, true, A_transpose); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array___33size_t(seed_for_secret_and_error, prf_input); uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector_3size_t__uint8_t + K___libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t__uint8_t uu____2 = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( uu____1, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector secret_as_ntt[3U]; memcpy( secret_as_ntt, uu____2.fst, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t domain_separator = uu____2.snd; uint8_t uu____3[33U]; memcpy(uu____3, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_2size_t_128size_t( uu____3, domain_separator) .fst, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_portable_PortableVector_3size_t( + libcrux_ml_kem_matrix_compute_As_plus_e__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t( A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____4[3U]; memcpy( uu____4, t_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t_1184size_t( + libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t_1184size_t( uu____4, seed_for_A, public_key_serialized); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____5[3U]; memcpy( uu____5, secret_as_ntt, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t( + libcrux_ml_kem_ind_cpa_serialize_secret_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t( uu____5, secret_key_serialized); uint8_t uu____6[1152U]; memcpy(uu____6, secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); @@ -4907,7 +5072,7 @@ libcrux_ml_kem_ind_cca_serialize_kem_secret_key__libcrux_ml_kem_hash_functions_p } static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_2400size_t_1184size_t_1152size_t_2size_t_128size_t( +libcrux_ml_kem_ind_cca_generate_keypair__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_2400size_t_1184size_t_1152size_t_2size_t_128size_t( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice( (size_t)64U, randomness, @@ -4920,7 +5085,7 @@ libcrux_ml_kem_ind_cca_generate_keypair__libcrux_ml_kem_vector_portable_Portable LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t, Eurydice_slice); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_1184size_t_1152size_t_2size_t_128size_t( + libcrux_ml_kem_ind_cpa_generate_keypair__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_1184size_t_1152size_t_2size_t_128size_t( ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); @@ -4952,7 +5117,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair___3size_t_1152si uint8_t randomness[64U]) { uint8_t uu____0[64U]; memcpy(uu____0, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair__libcrux_ml_kem_vector_portable_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_2400size_t_1184size_t_1152size_t_2size_t_128size_t( + return libcrux_ml_kem_ind_cca_generate_keypair__libcrux_ml_kem_vector_portable_vector_type_PortableVector_libcrux_ml_kem_hash_functions_portable_PortableHash___3size_t___3size_t_1152size_t_2400size_t_1184size_t_1152size_t_2size_t_128size_t( uu____0); } @@ -4964,23 +5129,23 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { uu____0); } -static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure__libcrux_ml_kem_vector_portable_PortableVector_1184size_t_3size_t( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1184size_t_3size_t( size_t _i) { - return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector(); + return libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); } static inline void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_PortableVector_1184size_t_3size_t( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1184size_t_3size_t( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector deserialized_pk[3U]; - KRML_MAYBE_FOR3( - i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = - libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_PortableVector();); + for (size_t i = (size_t)0U; i < (size_t)3U; i++) { + deserialized_pk[i] = + libcrux_ml_kem_polynomial__libcrux_ml_kem__polynomial__PolynomialRingElement_Vector__TraitClause_0___ZERO__libcrux_ml_kem_vector_portable_vector_type_PortableVector(); + } for (size_t i = (size_t)0U; i < core_slice___Slice_T___len(public_key, uint8_t, size_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -4993,9 +5158,9 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto .end = i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_PortableVector( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element__libcrux_ml_kem_vector_portable_vector_type_PortableVector( ring_element); deserialized_pk[i0] = uu____0; } @@ -5003,27 +5168,27 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vecto ret, deserialized_pk, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); } static inline bool -libcrux_ml_kem_ind_cca_validate_public_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t_1184size_t( +libcrux_ml_kem_ind_cca_validate_public_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t_1184size_t( uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_PortableVector_1184size_t_3size_t( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced__libcrux_ml_kem_vector_portable_vector_type_PortableVector_1184size_t_3size_t( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t, Eurydice_slice), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0[3U]; memcpy( uu____0, deserialized_pk, (size_t)3U * sizeof( - libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_PortableVector)); + libcrux_ml_kem_polynomial_PolynomialRingElement__libcrux_ml_kem_vector_portable_vector_type_PortableVector)); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t_1184size_t( + libcrux_ml_kem_ind_cpa_serialize_public_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t_1184size_t( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t, Eurydice_slice), @@ -5035,7 +5200,7 @@ libcrux_ml_kem_ind_cca_validate_public_key__libcrux_ml_kem_vector_portable_Porta static inline bool libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key___3size_t_1152size_t_1184size_t( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key__libcrux_ml_kem_vector_portable_PortableVector_3size_t_1152size_t_1184size_t( + return libcrux_ml_kem_ind_cca_validate_public_key__libcrux_ml_kem_vector_portable_vector_type_PortableVector_3size_t_1152size_t_1184size_t( public_key); } @@ -5057,17 +5222,19 @@ libcrux_ml_kem_mlkem768_portable_validate_public_key( return uu____0; } -static inline libcrux_ml_kem_vector_portable_PortableVector -libcrux_ml_kem_vector_portable___core__clone__Clone_for_libcrux_ml_kem__vector__portable__PortableVector___clone( - libcrux_ml_kem_vector_portable_PortableVector *self) { +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_vector_type___core__clone__Clone_for_libcrux_ml_kem__vector__portable__vector_type__PortableVector___clone( + libcrux_ml_kem_vector_portable_vector_type_PortableVector *self) { return self[0U]; } -typedef int16_t libcrux_ml_kem_vector_MontgomeryFieldElement; +typedef int16_t libcrux_ml_kem_vector_portable_vector_type_FieldElement; -typedef int16_t libcrux_ml_kem_vector_FieldElementTimesMontgomeryR; +typedef int16_t + libcrux_ml_kem_vector_portable_arithmetic_MontgomeryFieldElement; -typedef int16_t libcrux_ml_kem_vector_FieldElement; +typedef int16_t + libcrux_ml_kem_vector_portable_arithmetic_FieldElementTimesMontgomeryR; #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index 2bc4d84ea..1e8f134ed 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -1,8 +1,8 @@ /* This file was generated by KaRaMeL KaRaMeL invocation: /home/franziskus/eurydice//eurydice --config ../cg.yaml - ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: - KaRaMeL version: 42a43169 + -funroll-loops 0 ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: + KaRaMeL version: 42a43169 */ #ifndef __libcrux_sha3_avx2_H @@ -1286,14 +1286,17 @@ libcrux_sha3_generic_keccak_chi__core_core_arch_x86___m256i_4size_t( *s) { core_core_arch_x86___m256i old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(core_core_arch_x86___m256i[5U])); - KRML_MAYBE_FOR5( - i0, (size_t)0U, (size_t)5U, (size_t)1U, size_t i1 = i0; KRML_MAYBE_FOR5( - i, (size_t)0U, (size_t)5U, (size_t)1U, size_t j = i; - core_core_arch_x86___m256i uu____0 = - libcrux_sha3_simd_avx2___libcrux_sha3__traits__internal__KeccakItem_4__usize__for_core__core_arch__x86____m256i___and_not_xor( - s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U], - old[i1][(j + (size_t)1U) % (size_t)5U]); - s->st[i1][j] = uu____0;);); + for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)5U; i++) { + size_t j = i; + core_core_arch_x86___m256i uu____0 = + libcrux_sha3_simd_avx2___libcrux_sha3__traits__internal__KeccakItem_4__usize__for_core__core_arch__x86____m256i___and_not_xor( + s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U], + old[i1][(j + (size_t)1U) % (size_t)5U]); + s->st[i1][j] = uu____0; + } + } } __attribute__((target("avx2"))) @@ -1370,18 +1373,19 @@ libcrux_sha3_generic_keccak_absorb_final__core_core_arch_x86___m256i_4size_t_136 Eurydice_slice last[4U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[4U][200U] = {{0U}}; - KRML_MAYBE_FOR4( - i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i0], - (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, - .end = last_len}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, - void *); - blocks[i0][last_len] = 31U; size_t uu____1 = i0; - size_t uu____2 = (size_t)136U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;); + for (size_t i = (size_t)0U; i < (size_t)4U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)200U, blocks[i0], + (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, + .end = last_len}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 31U; + size_t uu____1 = i0; + size_t uu____2 = (size_t)136U - (size_t)1U; + blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; + } core_core_arch_x86___m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); @@ -1636,17 +1640,20 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__core_core_arch_x86___m256i_4 uint8_t b[4U][200U]; libcrux_sha3_simd_avx2___libcrux_sha3__traits__internal__KeccakItem_4__usize__for_core__core_arch__x86____m256i___store_block_full___136size_t( s->st, b); - KRML_MAYBE_FOR4( - i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); - core_slice___Slice_T___copy_from_slice( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range__size_t, - Eurydice_slice), - uint8_t, void *);); + for (size_t i = (size_t)0U; i < (size_t)4U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; + core_ops_range_Range__size_t lit; + lit.start = (size_t)0U; + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); + core_slice___Slice_T___copy_from_slice( + uu____0, + Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, + core_ops_range_Range__size_t, + Eurydice_slice), + uint8_t, void *); + } } __attribute__((target("avx2"))) @@ -1689,17 +1696,20 @@ libcrux_sha3_generic_keccak_squeeze_last__core_core_arch_x86___m256i_4size_t_136 uint8_t b[4U][200U]; libcrux_sha3_simd_avx2___libcrux_sha3__traits__internal__KeccakItem_4__usize__for_core__core_arch__x86____m256i___store_block_full___136size_t( s.st, b); - KRML_MAYBE_FOR4( - i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); - core_slice___Slice_T___copy_from_slice( - uu____0, - Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range__size_t, - Eurydice_slice), - uint8_t, void *);); + for (size_t i = (size_t)0U; i < (size_t)4U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; + core_ops_range_Range__size_t lit; + lit.start = (size_t)0U; + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); + core_slice___Slice_T___copy_from_slice( + uu____0, + Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, + core_ops_range_Range__size_t, + Eurydice_slice), + uint8_t, void *); + } } __attribute__((target("avx2"))) @@ -2042,18 +2052,19 @@ libcrux_sha3_generic_keccak_absorb_final__core_core_arch_x86___m256i_4size_t_168 Eurydice_slice last[4U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[4U][200U] = {{0U}}; - KRML_MAYBE_FOR4( - i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i0], - (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, - .end = last_len}), - uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, - void *); - blocks[i0][last_len] = 31U; size_t uu____1 = i0; - size_t uu____2 = (size_t)168U - (size_t)1U; - blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;); + for (size_t i = (size_t)0U; i < (size_t)4U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = Eurydice_array_to_subslice( + (size_t)200U, blocks[i0], + (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, + .end = last_len}), + uint8_t, core_ops_range_Range__size_t, Eurydice_slice); + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 31U; + size_t uu____1 = i0; + size_t uu____2 = (size_t)168U - (size_t)1U; + blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; + } core_core_arch_x86___m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index 431ba6275..53df0e9b0 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -1,8 +1,8 @@ /* This file was generated by KaRaMeL KaRaMeL invocation: /home/franziskus/eurydice//eurydice --config ../cg.yaml - ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: - KaRaMeL version: 42a43169 + -funroll-loops 0 ../../libcrux_ml_kem.llbc ../../libcrux_sha3.llbc F* version: + KaRaMeL version: 42a43169 */ #ifndef __libcrux_sha3_portable_H @@ -848,14 +848,17 @@ static inline void libcrux_sha3_generic_keccak_chi__uint64_t_1size_t( libcrux_sha3_generic_keccak_KeccakState__uint64_t__1size_t *s) { uint64_t old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); - KRML_MAYBE_FOR5( - i0, (size_t)0U, (size_t)5U, (size_t)1U, size_t i1 = i0; KRML_MAYBE_FOR5( - i, (size_t)0U, (size_t)5U, (size_t)1U, size_t j = i; - uint64_t uu____0 = - libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___and_not_xor( - s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U], - old[i1][(j + (size_t)1U) % (size_t)5U]); - s->st[i1][j] = uu____0;);); + for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; i < (size_t)5U; i++) { + size_t j = i; + uint64_t uu____0 = + libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___and_not_xor( + s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U], + old[i1][(j + (size_t)1U) % (size_t)5U]); + s->st[i1][j] = uu____0; + } + } } static inline void libcrux_sha3_generic_keccak_iota__uint64_t_1size_t( @@ -911,16 +914,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_72size_t_6uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 6U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 6U; + size_t uu____1 = i0; size_t uu____2 = (size_t)72U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -976,13 +979,13 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__uint64_t_1size_t_72size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___72size_t( s->st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -1023,13 +1026,13 @@ libcrux_sha3_generic_keccak_squeeze_last__uint64_t_1size_t_72size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___72size_t( s.st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -1195,16 +1198,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_136size_t_6uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 6U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 6U; + size_t uu____1 = i0; size_t uu____2 = (size_t)136U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -1260,13 +1263,13 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__uint64_t_1size_t_136size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___136size_t( s->st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -1307,13 +1310,13 @@ libcrux_sha3_generic_keccak_squeeze_last__uint64_t_1size_t_136size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___136size_t( s.st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -1419,16 +1422,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_136size_t_31uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 31U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 31U; + size_t uu____1 = i0; size_t uu____2 = (size_t)136U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -1642,16 +1645,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_168size_t_31uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 31U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 31U; + size_t uu____1 = i0; size_t uu____2 = (size_t)168U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -1857,16 +1860,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_144size_t_6uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 6U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 6U; + size_t uu____1 = i0; size_t uu____2 = (size_t)144U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -1922,13 +1925,13 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__uint64_t_1size_t_144size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___144size_t( s->st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -1969,13 +1972,13 @@ libcrux_sha3_generic_keccak_squeeze_last__uint64_t_1size_t_144size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___144size_t( s.st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -2141,16 +2144,16 @@ libcrux_sha3_generic_keccak_absorb_final__uint64_t_1size_t_104size_t_6uint8_t( Eurydice_slice last[1U]) { size_t last_len = core_slice___Slice_T___len(last[0U], uint8_t, size_t); uint8_t blocks[1U][200U] = {{0U}}; - { - size_t i = (size_t)0U; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; Eurydice_slice uu____0 = Eurydice_array_to_subslice( - (size_t)200U, blocks[i], + (size_t)200U, blocks[i0], (CLITERAL(core_ops_range_Range__size_t){.start = (size_t)0U, .end = last_len}), uint8_t, core_ops_range_Range__size_t, Eurydice_slice); - core_slice___Slice_T___copy_from_slice(uu____0, last[i], uint8_t, void *); - blocks[i][last_len] = 6U; - size_t uu____1 = i; + core_slice___Slice_T___copy_from_slice(uu____0, last[i0], uint8_t, void *); + blocks[i0][last_len] = 6U; + size_t uu____1 = i0; size_t uu____2 = (size_t)104U - (size_t)1U; blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U; } @@ -2206,13 +2209,13 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__uint64_t_1size_t_104size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___104size_t( s->st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -2253,13 +2256,13 @@ libcrux_sha3_generic_keccak_squeeze_last__uint64_t_1size_t_104size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___104size_t( s.st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -2454,13 +2457,13 @@ libcrux_sha3_generic_keccak_squeeze_first_and_last__uint64_t_1size_t_168size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___168size_t( s->st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, @@ -2478,13 +2481,13 @@ libcrux_sha3_generic_keccak_squeeze_last__uint64_t_1size_t_168size_t( uint8_t b[1U][200U]; libcrux_sha3_portable_keccak___libcrux_sha3__traits__internal__KeccakItem_1__usize__for_u64___store_block_full___168size_t( s.st, b); - { - size_t i = (size_t)0U; - Eurydice_slice uu____0 = out[i]; - uint8_t *uu____1 = b[i]; + for (size_t i = (size_t)0U; i < (size_t)1U; i++) { + size_t i0 = i; + Eurydice_slice uu____0 = out[i0]; + uint8_t *uu____1 = b[i0]; core_ops_range_Range__size_t lit; lit.start = (size_t)0U; - lit.end = core_slice___Slice_T___len(out[i], uint8_t, size_t); + lit.end = core_slice___Slice_T___len(out[i0], uint8_t, size_t); core_slice___Slice_T___copy_from_slice( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,