From e6f5c98e0e9e3b4d5486fe6b95818b1859c1f278 Mon Sep 17 00:00:00 2001 From: mamonet Date: Wed, 30 Oct 2024 10:03:02 +0000 Subject: [PATCH 1/5] Proofs for Ind-cpa and portable compress modules --- .../Libcrux_ml_kem.Hash_functions.Avx2.fsti | 25 +- .../Libcrux_ml_kem.Hash_functions.Neon.fsti | 25 +- ...ibcrux_ml_kem.Hash_functions.Portable.fsti | 25 +- .../Libcrux_ml_kem.Hash_functions.fsti | 14 +- .../Libcrux_ml_kem.Ind_cpa.Unpacked.fsti | 18 +- .../extraction/Libcrux_ml_kem.Ind_cpa.fst | 1183 +++++++++------- .../extraction/Libcrux_ml_kem.Ind_cpa.fsti | 474 ++++--- .../extraction/Libcrux_ml_kem.Matrix.fst | 346 ++--- .../extraction/Libcrux_ml_kem.Matrix.fsti | 108 +- .../fstar/extraction/Libcrux_ml_kem.Ntt.fst | 10 +- .../fstar/extraction/Libcrux_ml_kem.Ntt.fsti | 12 +- .../extraction/Libcrux_ml_kem.Sampling.fst | 210 +-- .../extraction/Libcrux_ml_kem.Sampling.fsti | 30 +- .../extraction/Libcrux_ml_kem.Serialize.fst | 1206 +++++++++-------- .../extraction/Libcrux_ml_kem.Serialize.fsti | 236 ++-- .../extraction/Libcrux_ml_kem.Variant.fsti | 21 +- ...ibcrux_ml_kem.Vector.Portable.Compress.fst | 111 +- ...bcrux_ml_kem.Vector.Portable.Compress.fsti | 21 +- .../proofs/fstar/spec/Spec.MLKEM.Math.fst | 8 +- .../proofs/fstar/spec/Spec.MLKEM.fst | 105 +- .../proofs/fstar/spec/Spec.Utils.fst | 3 + libcrux-ml-kem/src/hash_functions.rs | 38 +- libcrux-ml-kem/src/ind_cpa.rs | 199 ++- libcrux-ml-kem/src/matrix.rs | 4 +- libcrux-ml-kem/src/ntt.rs | 6 + libcrux-ml-kem/src/sampling.rs | 5 + libcrux-ml-kem/src/serialize.rs | 42 +- libcrux-ml-kem/src/variant.rs | 8 + .../src/vector/portable/compress.rs | 84 +- 29 files changed, 2714 insertions(+), 1863 deletions(-) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Avx2.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Avx2.fsti index b5a8cb0e2..fc7ae6c87 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Avx2.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Avx2.fsti @@ -3,6 +3,11 @@ module Libcrux_ml_kem.Hash_functions.Avx2 open Core open FStar.Mul +/// The state. +/// It\'s only used for SHAKE128. +/// All other functions don\'t actually use any members. +val t_Simd256Hash:Type0 + val v_G (input: t_Slice u8) : Prims.Pure (t_Array u8 (sz 64)) Prims.l_True @@ -28,12 +33,12 @@ val v_PRF (v_LEN: usize) (input: t_Slice u8) result == Spec.Utils.v_PRF v_LEN input) val v_PRFxN (v_K v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) - : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) Prims.l_True (fun _ -> Prims.l_True) - -/// The state. -/// It\'s only used for SHAKE128. -/// All other functions don\'t actually use any members. -val t_Simd256Hash:Type0 + : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) + (requires v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) + (ensures + fun result -> + let result:t_Array (t_Array u8 v_LEN) v_K = result in + result == Spec.Utils.v_PRFxN v_K v_LEN input) val shake128_init_absorb_final (v_K: usize) (input: t_Array (t_Array u8 (sz 34)) v_K) : Prims.Pure t_Simd256Hash Prims.l_True (fun _ -> Prims.l_True) @@ -63,7 +68,10 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash t_Simd256Hash v_K = (fun (v_LEN: usize) (input: t_Slice u8) (out: t_Array u8 v_LEN) -> v v_LEN < pow2 32 ==> out == Spec.Utils.v_PRF v_LEN input); f_PRF = (fun (v_LEN: usize) (input: t_Slice u8) -> v_PRF v_LEN input); - f_PRFxN_pre = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> true); + f_PRFxN_pre + = + (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> + v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)); f_PRFxN_post = (fun @@ -71,7 +79,8 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash t_Simd256Hash v_K = (input: t_Array (t_Array u8 (sz 33)) v_K) (out: t_Array (t_Array u8 v_LEN) v_K) -> - true); + (v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) ==> + out == Spec.Utils.v_PRFxN v_K v_LEN input); f_PRFxN = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> v_PRFxN v_K v_LEN input); diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Neon.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Neon.fsti index 5294a8dc5..8232d0b3d 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Neon.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Neon.fsti @@ -3,6 +3,11 @@ module Libcrux_ml_kem.Hash_functions.Neon open Core open FStar.Mul +/// The state. +/// It\'s only used for SHAKE128. +/// All other functions don\'t actually use any members. +val t_Simd128Hash:Type0 + val v_G (input: t_Slice u8) : Prims.Pure (t_Array u8 (sz 64)) Prims.l_True @@ -28,12 +33,12 @@ val v_PRF (v_LEN: usize) (input: t_Slice u8) result == Spec.Utils.v_PRF v_LEN input) val v_PRFxN (v_K v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) - : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) Prims.l_True (fun _ -> Prims.l_True) - -/// The state. -/// It\'s only used for SHAKE128. -/// All other functions don\'t actually use any members. -val t_Simd128Hash:Type0 + : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) + (requires v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) + (ensures + fun result -> + let result:t_Array (t_Array u8 v_LEN) v_K = result in + result == Spec.Utils.v_PRFxN v_K v_LEN input) val shake128_init_absorb_final (v_K: usize) (input: t_Array (t_Array u8 (sz 34)) v_K) : Prims.Pure t_Simd128Hash Prims.l_True (fun _ -> Prims.l_True) @@ -63,7 +68,10 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash t_Simd128Hash v_K = (fun (v_LEN: usize) (input: t_Slice u8) (out: t_Array u8 v_LEN) -> v v_LEN < pow2 32 ==> out == Spec.Utils.v_PRF v_LEN input); f_PRF = (fun (v_LEN: usize) (input: t_Slice u8) -> v_PRF v_LEN input); - f_PRFxN_pre = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> true); + f_PRFxN_pre + = + (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> + v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)); f_PRFxN_post = (fun @@ -71,7 +79,8 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash t_Simd128Hash v_K = (input: t_Array (t_Array u8 (sz 33)) v_K) (out: t_Array (t_Array u8 v_LEN) v_K) -> - true); + (v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) ==> + out == Spec.Utils.v_PRFxN v_K v_LEN input); f_PRFxN = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> v_PRFxN v_K v_LEN input); diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Portable.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Portable.fsti index 89c8300ff..33e10a142 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Portable.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.Portable.fsti @@ -3,6 +3,11 @@ module Libcrux_ml_kem.Hash_functions.Portable open Core open FStar.Mul +/// The state. +/// It\'s only used for SHAKE128. +/// All other functions don\'t actually use any members. +val t_PortableHash (v_K: usize) : Type0 + val v_G (input: t_Slice u8) : Prims.Pure (t_Array u8 (sz 64)) Prims.l_True @@ -28,12 +33,12 @@ val v_PRF (v_LEN: usize) (input: t_Slice u8) result == Spec.Utils.v_PRF v_LEN input) val v_PRFxN (v_K v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) - : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) Prims.l_True (fun _ -> Prims.l_True) - -/// The state. -/// It\'s only used for SHAKE128. -/// All other functions don\'t actually use any members. -val t_PortableHash (v_K: usize) : Type0 + : Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) + (requires v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) + (ensures + fun result -> + let result:t_Array (t_Array u8 v_LEN) v_K = result in + result == Spec.Utils.v_PRFxN v_K v_LEN input) val shake128_init_absorb_final (v_K: usize) (input: t_Array (t_Array u8 (sz 34)) v_K) : Prims.Pure (t_PortableHash v_K) Prims.l_True (fun _ -> Prims.l_True) @@ -63,7 +68,10 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash (t_PortableHash v_K (fun (v_LEN: usize) (input: t_Slice u8) (out: t_Array u8 v_LEN) -> v v_LEN < pow2 32 ==> out == Spec.Utils.v_PRF v_LEN input); f_PRF = (fun (v_LEN: usize) (input: t_Slice u8) -> v_PRF v_LEN input); - f_PRFxN_pre = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> true); + f_PRFxN_pre + = + (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> + v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)); f_PRFxN_post = (fun @@ -71,7 +79,8 @@ let impl (v_K: usize) : Libcrux_ml_kem.Hash_functions.t_Hash (t_PortableHash v_K (input: t_Array (t_Array u8 (sz 33)) v_K) (out: t_Array (t_Array u8 v_LEN) v_K) -> - true); + (v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) ==> + out == Spec.Utils.v_PRFxN v_K v_LEN input); f_PRFxN = (fun (v_LEN: usize) (input: t_Array (t_Array u8 (sz 33)) v_K) -> v_PRFxN v_K v_LEN input); diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.fsti index 076ee08eb..f734de676 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Hash_functions.fsti @@ -25,9 +25,17 @@ class t_Hash (v_Self: Type0) (v_K: usize) = { -> pred: Type0{pred ==> v v_LEN < pow2 32 ==> result == Spec.Utils.v_PRF v_LEN input}; f_PRF:v_LEN: usize -> x0: t_Slice u8 -> Prims.Pure (t_Array u8 v_LEN) (f_PRF_pre v_LEN x0) (fun result -> f_PRF_post v_LEN x0 result); - f_PRFxN_pre:v_LEN: usize -> input: t_Array (t_Array u8 (sz 33)) v_K -> pred: Type0{true ==> pred}; - f_PRFxN_post:v_LEN: usize -> t_Array (t_Array u8 (sz 33)) v_K -> t_Array (t_Array u8 v_LEN) v_K - -> Type0; + f_PRFxN_pre:v_LEN: usize -> input: t_Array (t_Array u8 (sz 33)) v_K + -> pred: Type0{v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4) ==> pred}; + f_PRFxN_post: + v_LEN: usize -> + input: t_Array (t_Array u8 (sz 33)) v_K -> + result: t_Array (t_Array u8 v_LEN) v_K + -> pred: + Type0 + { pred ==> + (v v_LEN < pow2 32 /\ (v v_K == 2 \/ v v_K == 3 \/ v v_K == 4)) ==> + result == Spec.Utils.v_PRFxN v_K v_LEN input }; f_PRFxN:v_LEN: usize -> x0: t_Array (t_Array u8 (sz 33)) v_K -> Prims.Pure (t_Array (t_Array u8 v_LEN) v_K) (f_PRFxN_pre v_LEN x0) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.Unpacked.fsti index a0ce84565..b7e0c4efc 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.Unpacked.fsti @@ -14,6 +14,15 @@ type t_IndCpaPrivateKeyUnpacked (v_K: usize) (v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} = { f_secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K } +/// An unpacked ML-KEM IND-CPA Private Key +type t_IndCpaPublicKeyUnpacked + (v_K: usize) (v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + = { + f_t_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K; + f_seed_for_A:t_Array u8 (sz 32); + f_A:t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K +} + [@@ FStar.Tactics.Typeclasses.tcinstance] let impl (v_K: usize) @@ -40,15 +49,6 @@ let impl t_IndCpaPrivateKeyUnpacked v_K v_Vector } -/// An unpacked ML-KEM IND-CPA Private Key -type t_IndCpaPublicKeyUnpacked - (v_K: usize) (v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - = { - f_t_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K; - f_seed_for_A:t_Array u8 (sz 32); - f_A:t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K -} - [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_1 (v_K: usize) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst index 4821be2e5..aa3f657ef 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst @@ -12,6 +12,76 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () +#push-options "--ext context_pruning" + +let deserialize_secret_key + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (secret_key: t_Slice u8) + = + let _:Prims.unit = assert_norm (Spec.MLKEM.polynomial_d 12 == Spec.MLKEM.polynomial) in + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K + (fun temp_0_ -> + let _:usize = temp_0_ in + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT + secret_key + (fun secret_as_ntt i -> + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + = + secret_as_ntt + in + let i:usize = i in + forall (j: nat). + j < v i ==> + j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT + + v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <= + v (Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K) /\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index secret_as_ntt j) == + Spec.MLKEM.byte_decode 12 + (Seq.slice secret_key + (j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + (j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT + + v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT))) + secret_as_ntt + (fun secret_as_ntt temp_1_ -> + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + = + secret_as_ntt + in + let i, secret_bytes:(usize & t_Slice u8) = temp_1_ in + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize secret_as_ntt + i + (Libcrux_ml_kem.Serialize.deserialize_to_uncompressed_ring_element #v_Vector + secret_bytes + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + secret_as_ntt) + in + let _:Prims.unit = + Lib.Sequence.eq_intro #Spec.MLKEM.polynomial + #(v v_K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector secret_as_ntt) + (Spec.MLKEM.vector_decode_12 #v_K secret_key) + in + secret_as_ntt + +#pop-options + +#push-options "--max_fuel 10 --z3rlimit 1000 --ext context_pruning --z3refresh --split_queries always" + let sample_ring_element_cbd (v_K v_ETA2_RANDOMNESS_SIZE v_ETA2: usize) (#v_Vector #v_Hasher: Type0) @@ -35,13 +105,22 @@ let sample_ring_element_cbd in let prf_inputs:t_Array (t_Array u8 (sz 33)) v_K = Rust_primitives.Hax.repeat prf_input v_K in let v__domain_separator_init:u8 = domain_separator in + let v__prf_inputs_init:t_Array (t_Array u8 (sz 33)) v_K = prf_inputs in let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = Rust_primitives.Hax.Folds.fold_range (sz 0) v_K (fun temp_0_ i -> let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = temp_0_ in let i:usize = i in - v domain_separator == v v__domain_separator_init + v i) + v domain_separator == v v__domain_separator_init + v i /\ + (v i < v v_K ==> + (forall (j: nat). + (j >= v i /\ j < v v_K) ==> prf_inputs.[ sz j ] == v__prf_inputs_init.[ sz j ])) /\ + (forall (j: nat). + j < v i ==> + v (Seq.index (Seq.index prf_inputs j) 32) == v v__domain_separator_init + j /\ + Seq.slice (Seq.index prf_inputs j) 0 32 == + Seq.slice (Seq.index v__prf_inputs_init j) 0 32)) (domain_separator, prf_inputs <: (u8 & t_Array (t_Array u8 (sz 33)) v_K)) (fun temp_0_ i -> let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = temp_0_ in @@ -60,6 +139,28 @@ let sample_ring_element_cbd let domain_separator:u8 = domain_separator +! 1uy in domain_separator, prf_inputs <: (u8 & t_Array (t_Array u8 (sz 33)) v_K)) in + let _:Prims.unit = + let lemma_aux (i: nat{i < v v_K}) + : Lemma + (prf_inputs.[ sz i ] == + (Seq.append (Seq.slice prf_input 0 32) + (Seq.create 1 + (mk_int #u8_inttype (v (v__domain_separator_init +! (mk_int #u8_inttype i))))))) = + Lib.Sequence.eq_intro #u8 + #33 + prf_inputs.[ sz i ] + (Seq.append (Seq.slice prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v v__domain_separator_init + i)))) + in + Classical.forall_intro lemma_aux; + Lib.Sequence.eq_intro #(t_Array u8 (sz 33)) + #(v v_K) + prf_inputs + (createi v_K + (Spec.MLKEM.sample_vector_cbd2_prf_input #v_K + (Seq.slice prf_input 0 32) + (sz (v v__domain_separator_init)))) + in let (prf_outputs: t_Array (t_Array u8 v_ETA2_RANDOMNESS_SIZE) v_K):t_Array (t_Array u8 v_ETA2_RANDOMNESS_SIZE) v_K = Libcrux_ml_kem.Hash_functions.f_PRFxN #v_Hasher @@ -71,37 +172,47 @@ let sample_ring_element_cbd let error_1_:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = Rust_primitives.Hax.Folds.fold_range (sz 0) v_K - (fun error_1_ temp_1_ -> + (fun error_1_ i -> let error_1_:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = error_1_ in - let _:usize = temp_1_ in - true) + let i:usize = i in + forall (j: nat). + j < v i ==> + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector error_1_.[ sz j ] == + Spec.MLKEM.sample_poly_cbd v_ETA2 prf_outputs.[ sz j ]) error_1_ (fun error_1_ i -> let error_1_:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = error_1_ in let i:usize = i in - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize error_1_ - i - (Libcrux_ml_kem.Sampling.sample_from_binomial_distribution v_ETA2 - #v_Vector - (prf_outputs.[ i ] <: t_Slice u8) - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + let error_1_:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize error_1_ + i + (Libcrux_ml_kem.Sampling.sample_from_binomial_distribution v_ETA2 + #v_Vector + (prf_outputs.[ i ] <: t_Slice u8) + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + error_1_) in - let result:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) = - error_1_, domain_separator - <: - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) + let _:Prims.unit = + Lib.Sequence.eq_intro #(Spec.MLKEM.polynomial) + #(v v_K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector error_1_) + (Spec.MLKEM.sample_vector_cbd2 #v_K + (Seq.slice prf_input 0 32) + (sz (v v__domain_separator_init))) in - let _:Prims.unit = admit () (* Panic freedom *) in - result + error_1_, domain_separator + <: + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) -#push-options "--admit_smt_queries true" +#pop-options + +#push-options "--max_fuel 10 --z3rlimit 1000 --ext context_pruning --z3refresh --split_queries always" let sample_vector_cbd_then_ntt (v_K v_ETA v_ETA_RANDOMNESS_SIZE: usize) @@ -118,13 +229,22 @@ let sample_vector_cbd_then_ntt = let prf_inputs:t_Array (t_Array u8 (sz 33)) v_K = Rust_primitives.Hax.repeat prf_input v_K in let v__domain_separator_init:u8 = domain_separator in + let v__prf_inputs_init:t_Array (t_Array u8 (sz 33)) v_K = prf_inputs in let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = Rust_primitives.Hax.Folds.fold_range (sz 0) v_K (fun temp_0_ i -> let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = temp_0_ in let i:usize = i in - v domain_separator == v v__domain_separator_init + v i) + v domain_separator == v v__domain_separator_init + v i /\ + (v i < v v_K ==> + (forall (j: nat). + (j >= v i /\ j < v v_K) ==> prf_inputs.[ sz j ] == v__prf_inputs_init.[ sz j ])) /\ + (forall (j: nat). + j < v i ==> + v (Seq.index (Seq.index prf_inputs j) 32) == v v__domain_separator_init + j /\ + Seq.slice (Seq.index prf_inputs j) 0 32 == + Seq.slice (Seq.index v__prf_inputs_init j) 0 32)) (domain_separator, prf_inputs <: (u8 & t_Array (t_Array u8 (sz 33)) v_K)) (fun temp_0_ i -> let domain_separator, prf_inputs:(u8 & t_Array (t_Array u8 (sz 33)) v_K) = temp_0_ in @@ -143,6 +263,28 @@ let sample_vector_cbd_then_ntt let domain_separator:u8 = domain_separator +! 1uy in domain_separator, prf_inputs <: (u8 & t_Array (t_Array u8 (sz 33)) v_K)) in + let _:Prims.unit = + let lemma_aux (i: nat{i < v v_K}) + : Lemma + (prf_inputs.[ sz i ] == + (Seq.append (Seq.slice prf_input 0 32) + (Seq.create 1 + (mk_int #u8_inttype (v (v__domain_separator_init +! (mk_int #u8_inttype i))))))) = + Lib.Sequence.eq_intro #u8 + #33 + prf_inputs.[ sz i ] + (Seq.append (Seq.slice prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v v__domain_separator_init + i)))) + in + Classical.forall_intro lemma_aux; + Lib.Sequence.eq_intro #(t_Array u8 (sz 33)) + #(v v_K) + prf_inputs + (createi v_K + (Spec.MLKEM.sample_vector_cbd1_prf_input #v_K + (Seq.slice prf_input 0 32) + (sz (v v__domain_separator_init)))) + in let (prf_outputs: t_Array (t_Array u8 v_ETA_RANDOMNESS_SIZE) v_K):t_Array (t_Array u8 v_ETA_RANDOMNESS_SIZE) v_K = Libcrux_ml_kem.Hash_functions.f_PRFxN #v_Hasher @@ -154,12 +296,15 @@ let sample_vector_cbd_then_ntt let re_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = Rust_primitives.Hax.Folds.fold_range (sz 0) v_K - (fun re_as_ntt temp_1_ -> + (fun re_as_ntt i -> let re_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = re_as_ntt in - let _:usize = temp_1_ in - true) + let i:usize = i in + forall (j: nat). + j < v i ==> + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re_as_ntt.[ sz j ] == + Spec.MLKEM.poly_ntt (Spec.MLKEM.sample_poly_cbd v_ETA prf_outputs.[ sz j ])) re_as_ntt (fun re_as_ntt i -> let re_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = @@ -185,6 +330,14 @@ let sample_vector_cbd_then_ntt in re_as_ntt) in + let _:Prims.unit = + Lib.Sequence.eq_intro #(Spec.MLKEM.polynomial) + #(v v_K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector re_as_ntt) + (Spec.MLKEM.sample_vector_cbd_then_ntt #v_K + (Seq.slice prf_input 0 32) + (sz (v v__domain_separator_init))) + in let hax_temp_output:u8 = domain_separator in re_as_ntt, hax_temp_output <: @@ -225,13 +378,149 @@ let sample_vector_cbd_then_ntt_out in let re_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = tmp0 in let domain_separator:u8 = out in - let result:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) = - re_as_ntt, domain_separator + re_as_ntt, domain_separator + <: + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) + +let generate_keypair_unpacked + (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) + (#v_Vector #v_Hasher #v_Scheme: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i3: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i4: + Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme) + (key_generation_seed: t_Slice u8) + (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) + (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + = + let hashed:t_Array u8 (sz 64) = + Libcrux_ml_kem.Variant.f_cpa_keygen_seed #v_Scheme + #FStar.Tactics.Typeclasses.solve + v_K + #v_Hasher + key_generation_seed + in + let seed_for_A, seed_for_secret_and_error:(t_Slice u8 & t_Slice u8) = + Core.Slice.impl__split_at #u8 (hashed <: t_Slice u8) (sz 32) + in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 + #32 + seed_for_A + (Seq.slice (Libcrux_ml_kem.Utils.into_padded_array (sz 34) seed_for_A) 0 32) + in + let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = + { + public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + = + Libcrux_ml_kem.Matrix.sample_matrix_A v_K + #v_Vector + #v_Hasher + public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + (Libcrux_ml_kem.Utils.into_padded_array (sz 34) seed_for_A <: t_Array u8 (sz 34)) + true + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + in + let _:Prims.unit = + let matrix_A_as_ntt, valid = Spec.MLKEM.sample_matrix_A_ntt #v_K seed_for_A in + assert (valid ==> matrix_A_as_ntt == Libcrux_ml_kem.Polynomial.to_spec_matrix_t public_key.f_A) + in + let (prf_input: t_Array u8 (sz 33)):t_Array u8 (sz 33) = + Libcrux_ml_kem.Utils.into_padded_array (sz 33) seed_for_secret_and_error + in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 #32 seed_for_secret_and_error (Seq.slice prf_input 0 32) + in + let tmp0, out:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) = + sample_vector_cbd_then_ntt v_K + v_ETA1 + v_ETA1_RANDOMNESS_SIZE + #v_Vector + #v_Hasher + private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + prf_input + 0uy + in + let private_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector = + { private_key with Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt = tmp0 } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector + in + let domain_separator:u8 = out in + let error_as_ntt, _:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8 + ) = + sample_vector_cbd_then_ntt_out v_K + v_ETA1 + v_ETA1_RANDOMNESS_SIZE + #v_Vector + #v_Hasher + prf_input + domain_separator + in + let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = + { + public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + = + Libcrux_ml_kem.Matrix.compute_As_plus_e v_K + #v_Vector + public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + error_as_ntt + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + in + let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = + { + public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_seed_for_A + = + Core.Result.impl__unwrap #(t_Array u8 (sz 32)) + #Core.Array.t_TryFromSliceError + (Core.Convert.f_try_into #(t_Slice u8) + #(t_Array u8 (sz 32)) + #FStar.Tactics.Typeclasses.solve + seed_for_A + <: + Core.Result.t_Result (t_Array u8 (sz 32)) Core.Array.t_TryFromSliceError) + } <: - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector in - let _:Prims.unit = admit () (* Panic freedom *) in - result + let _:Prims.unit = + let ((t_as_ntt, seed_for_A), secret_as_ntt), valid = + Spec.MLKEM.ind_cpa_generate_keypair_unpacked v_K key_generation_seed + in + assert (valid ==> + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector public_key.f_t_as_ntt) == + t_as_ntt) /\ (public_key.f_seed_for_A == seed_for_A) /\ + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector private_key.f_secret_as_ntt) == + secret_as_ntt)); + assert ((forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index private_key + .f_secret_as_ntt + i)) /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index public_key + .f_t_as_ntt + i))) + in + private_key, public_key + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + +#push-options "--z3rlimit 200 --ext context_pruning --z3refresh" let compress_then_serialize_u (v_K v_OUT_LEN v_COMPRESSION_FACTOR v_BLOCK_LEN: usize) @@ -243,25 +532,37 @@ let compress_then_serialize_u (out: t_Slice u8) = let _:Prims.unit = - assert ((v Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT * v v_COMPRESSION_FACTOR) / 8 == - 320 \/ - (v Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT * v v_COMPRESSION_FACTOR) / 8 == - 352) + assert (v (sz 32 *! v_COMPRESSION_FACTOR) == 32 * v v_COMPRESSION_FACTOR); + assert (v (v_OUT_LEN /! v_K) == v v_OUT_LEN / v v_K); + assert (v v_OUT_LEN / v v_K == 32 * v v_COMPRESSION_FACTOR) in let out:t_Slice u8 = Rust_primitives.Hax.Folds.fold_enumerated_slice input (fun out i -> let out:t_Slice u8 = out in let i:usize = i in - v i < v v_K ==> - (Seq.length out == v v_OUT_LEN /\ - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index input (v i)))) + (v i < v v_K ==> + Seq.length out == v v_OUT_LEN /\ + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index input (v i))) /\ + (forall (j: nat). + j < v i ==> + Seq.length out == v v_OUT_LEN /\ (j + 1) * (v v_OUT_LEN / v v_K) <= Seq.length out /\ + (Seq.slice out (j * (v v_OUT_LEN / v v_K)) (((j + 1)) * (v v_OUT_LEN / v v_K)) == + Spec.MLKEM.compress_then_byte_encode (v v_COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index input j))))) out (fun out temp_1_ -> let out:t_Slice u8 = out in let i, re:(usize & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = temp_1_ in + let _:Prims.unit = + assert (forall (j: nat). + j < v i ==> + ((Seq.slice out (j * (v v_OUT_LEN / v v_K)) (((j + 1)) * (v v_OUT_LEN / v v_K)) == + Spec.MLKEM.compress_then_byte_encode (v v_COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index input j))))) + in let out:t_Slice u8 = Rust_primitives.Hax.Monomorphized_update_at.update_at_range out ({ @@ -292,342 +593,52 @@ let compress_then_serialize_u <: t_Slice u8) in + let _:Prims.unit = + let lemma_aux (j: nat{j < v i}) + : Lemma + (Seq.slice out (j * (v v_OUT_LEN / v v_K)) (((j + 1)) * (v v_OUT_LEN / v v_K)) == + Spec.MLKEM.compress_then_byte_encode (v v_COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index input j))) = + Lib.Sequence.eq_intro #u8 + #(v v_OUT_LEN / v v_K) + (Seq.slice out (j * (v v_OUT_LEN / v v_K)) (((j + 1)) * (v v_OUT_LEN / v v_K))) + (Spec.MLKEM.compress_then_byte_encode (v v_COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index input j))) + in + Classical.forall_intro lemma_aux + in out) in - let result:Prims.unit = () <: Prims.unit in - let _:Prims.unit = admit () (* Panic freedom *) in - let hax_temp_output:Prims.unit = result in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 + #(v v_OUT_LEN) + out + (Spec.MLKEM.compress_then_encode_u #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector input)) + in + let hax_temp_output:Prims.unit = () <: Prims.unit in out -let deserialize_then_decompress_u - (v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR: usize) - (#v_Vector: Type0) +#pop-options + +#push-options "--z3rlimit 200" + +let encrypt_unpacked + (v_K v_CIPHERTEXT_SIZE v_T_AS_NTT_ENCODED_SIZE v_C1_LEN v_C2_LEN v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR v_BLOCK_LEN v_ETA1 v_ETA1_RANDOMNESS_SIZE v_ETA2 v_ETA2_RANDOMNESS_SIZE: + usize) + (#v_Vector #v_Hasher: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: + i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i3: + Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + (message: t_Array u8 (sz 32)) + (randomness: t_Slice u8) = - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - v_K - (fun temp_0_ -> - let _:usize = temp_0_ in - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! - v_U_COMPRESSION_FACTOR - <: - usize) /! - sz 8 - <: - usize) - (ciphertext <: t_Slice u8) - (fun u_as_ntt temp_1_ -> - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - u_as_ntt - in - let _:usize = temp_1_ in - true) - u_as_ntt - (fun u_as_ntt temp_1_ -> - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - u_as_ntt - in - let i, u_bytes:(usize & t_Slice u8) = temp_1_ in - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize u_as_ntt - i - (Libcrux_ml_kem.Serialize.deserialize_then_decompress_ring_element_u v_U_COMPRESSION_FACTOR - #v_Vector - u_bytes - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize u_as_ntt - i - (Libcrux_ml_kem.Ntt.ntt_vector_u v_U_COMPRESSION_FACTOR - #v_Vector - (u_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - u_as_ntt) - in - let result:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = u_as_ntt in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -let deserialize_secret_key - (v_K: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (secret_key: t_Slice u8) - = - let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - v_K - (fun temp_0_ -> - let _:usize = temp_0_ in - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT - secret_key - (fun secret_as_ntt temp_1_ -> - let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K - = - secret_as_ntt - in - let _:usize = temp_1_ in - true) - secret_as_ntt - (fun secret_as_ntt temp_1_ -> - let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K - = - secret_as_ntt - in - let i, secret_bytes:(usize & t_Slice u8) = temp_1_ in - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize secret_as_ntt - i - (Libcrux_ml_kem.Serialize.deserialize_to_uncompressed_ring_element #v_Vector - secret_bytes - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - in - let result:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - secret_as_ntt - in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -#push-options "--z3rlimit 200" - -let serialize_secret_key - (v_K v_OUT_LEN: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (key: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - = - let out:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in - let out:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Folds.fold_enumerated_slice key - (fun out i -> - let out:t_Array u8 v_OUT_LEN = out in - let i:usize = i in - v i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index key (v i))) - out - (fun out temp_1_ -> - let out:t_Array u8 v_OUT_LEN = out in - let i, re:(usize & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = - temp_1_ - in - let out:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range out - ({ - Core.Ops.Range.f_start - = - i *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize; - Core.Ops.Range.f_end - = - (i +! sz 1 <: usize) *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (out.[ { - Core.Ops.Range.f_start - = - i *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize; - Core.Ops.Range.f_end - = - (i +! sz 1 <: usize) *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT - <: - usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (Libcrux_ml_kem.Serialize.serialize_uncompressed_ring_element #v_Vector re - <: - t_Slice u8) - <: - t_Slice u8) - in - out) - in - let result:t_Array u8 v_OUT_LEN = out in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -#pop-options - -let serialize_public_key_mut - (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (seed_for_a: t_Slice u8) - (serialized: t_Array u8 v_PUBLIC_KEY_SIZE) - = - let serialized:t_Array u8 v_PUBLIC_KEY_SIZE = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = v_RANKED_BYTES_PER_RING_ELEMENT } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 0; - Core.Ops.Range.f_end = v_RANKED_BYTES_PER_RING_ELEMENT - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (serialize_secret_key v_K v_RANKED_BYTES_PER_RING_ELEMENT #v_Vector tt_as_ntt - <: - t_Slice u8) - <: - t_Slice u8) - in - let serialized:t_Array u8 v_PUBLIC_KEY_SIZE = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range_from serialized - ({ Core.Ops.Range.f_start = v_RANKED_BYTES_PER_RING_ELEMENT } - <: - Core.Ops.Range.t_RangeFrom usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { Core.Ops.Range.f_start = v_RANKED_BYTES_PER_RING_ELEMENT } - <: - Core.Ops.Range.t_RangeFrom usize ] - <: - t_Slice u8) - seed_for_a - <: - t_Slice u8) - in - let hax_temp_output:Prims.unit = admit () (* Panic freedom *) in - serialized - -let serialize_public_key - (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (seed_for_a: t_Slice u8) - = - let public_key_serialized:t_Array u8 v_PUBLIC_KEY_SIZE = - Rust_primitives.Hax.repeat 0uy v_PUBLIC_KEY_SIZE - in - let public_key_serialized:t_Array u8 v_PUBLIC_KEY_SIZE = - serialize_public_key_mut v_K - v_RANKED_BYTES_PER_RING_ELEMENT - v_PUBLIC_KEY_SIZE - #v_Vector - tt_as_ntt - seed_for_a - public_key_serialized - in - let result:t_Array u8 v_PUBLIC_KEY_SIZE = public_key_serialized in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -let decrypt_unpacked - (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: - usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (secret_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) - = - let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - deserialize_then_decompress_u v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR #v_Vector ciphertext - in - let v:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Serialize.deserialize_then_decompress_ring_element_v v_V_COMPRESSION_FACTOR - #v_Vector - (ciphertext.[ { Core.Ops.Range.f_start = v_VECTOR_U_ENCODED_SIZE } - <: - Core.Ops.Range.t_RangeFrom usize ] - <: - t_Slice u8) - in - let message:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Matrix.compute_message v_K - #v_Vector - v - secret_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt - u_as_ntt - in - Libcrux_ml_kem.Serialize.compress_then_serialize_message #v_Vector message - -let decrypt - (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: - usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (secret_key: t_Slice u8) - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) - = - let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - deserialize_secret_key v_K #v_Vector secret_key - in - let secret_key_unpacked:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector = - { Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt = secret_as_ntt } - <: - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector - in - let result:t_Array u8 (sz 32) = - decrypt_unpacked v_K - v_CIPHERTEXT_SIZE - v_VECTOR_U_ENCODED_SIZE - v_U_COMPRESSION_FACTOR - v_V_COMPRESSION_FACTOR - #v_Vector - secret_key_unpacked - ciphertext - in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -#push-options "--z3rlimit 200" - -let encrypt_unpacked - (v_K v_CIPHERTEXT_SIZE v_T_AS_NTT_ENCODED_SIZE v_C1_LEN v_C2_LEN v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR v_BLOCK_LEN v_ETA1 v_ETA1_RANDOMNESS_SIZE v_ETA2 v_ETA2_RANDOMNESS_SIZE: - usize) - (#v_Vector #v_Hasher: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i2: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: - Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) - (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) - (message: t_Array u8 (sz 32)) - (randomness: t_Slice u8) - = - let (prf_input: t_Array u8 (sz 33)):t_Array u8 (sz 33) = - Libcrux_ml_kem.Utils.into_padded_array (sz 33) randomness + let (prf_input: t_Array u8 (sz 33)):t_Array u8 (sz 33) = + Libcrux_ml_kem.Utils.into_padded_array (sz 33) randomness in let r_as_ntt, domain_separator:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & @@ -640,6 +651,10 @@ let encrypt_unpacked prf_input 0uy in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 #32 randomness (Seq.slice prf_input 0 32); + assert (v domain_separator == v v_K) + in let error_1_, domain_separator:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) = @@ -654,6 +669,10 @@ let encrypt_unpacked let prf_input:t_Array u8 (sz 33) = Rust_primitives.Hax.Monomorphized_update_at.update_at_usize prf_input (sz 32) domain_separator in + let _:Prims.unit = + assert (Seq.equal prf_input (Seq.append randomness (Seq.create 1 domain_separator))); + assert (prf_input == Seq.append randomness (Seq.create 1 domain_separator)) + in let (prf_output: t_Array u8 v_ETA2_RANDOMNESS_SIZE):t_Array u8 v_ETA2_RANDOMNESS_SIZE = Libcrux_ml_kem.Hash_functions.f_PRF #v_Hasher #v_K @@ -684,6 +703,12 @@ let encrypt_unpacked error_2_ message_as_ring_element in + let _:Prims.unit = + assert (v_C1_LEN = Spec.MLKEM.v_C1_SIZE v_K); + assert (v_C2_LEN = Spec.MLKEM.v_C2_SIZE v_K); + assert (v_CIPHERTEXT_SIZE == v_C1_LEN +! v_C2_LEN); + assert (v_C1_LEN <=. v_CIPHERTEXT_SIZE) + in let ciphertext:t_Array u8 v_CIPHERTEXT_SIZE = Rust_primitives.Hax.repeat 0uy v_CIPHERTEXT_SIZE in let ciphertext:t_Array u8 v_CIPHERTEXT_SIZE = Rust_primitives.Hax.Monomorphized_update_at.update_at_range ciphertext @@ -717,6 +742,11 @@ let encrypt_unpacked <: t_Slice u8) in + let _:Prims.unit = + lemma_slice_append ciphertext + (Seq.slice ciphertext 0 (Rust_primitives.v v_C1_LEN)) + (Seq.slice ciphertext (Rust_primitives.v v_C1_LEN) (Seq.length ciphertext)) + in ciphertext #pop-options @@ -735,6 +765,7 @@ let encrypt (message: t_Array u8 (sz 32)) (randomness: t_Slice u8) = + let _:Prims.unit = reveal_opaque (`%Spec.MLKEM.ind_cpa_encrypt) Spec.MLKEM.ind_cpa_encrypt in let unpacked_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = Core.Default.f_default #(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) #FStar.Tactics.Typeclasses.solve @@ -762,6 +793,12 @@ let encrypt <: Core.Ops.Range.t_RangeFrom usize ] in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 + #32 + seed + (Seq.slice (Libcrux_ml_kem.Utils.into_padded_array (Rust_primitives.mk_usize 34) seed) 0 32) + in let unpacked_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = { unpacked_public_key with @@ -777,119 +814,333 @@ let encrypt <: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector in - let result:t_Array u8 v_CIPHERTEXT_SIZE = - encrypt_unpacked v_K v_CIPHERTEXT_SIZE v_T_AS_NTT_ENCODED_SIZE v_C1_LEN v_C2_LEN - v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR v_BLOCK_LEN v_ETA1 v_ETA1_RANDOMNESS_SIZE v_ETA2 - v_ETA2_RANDOMNESS_SIZE #v_Vector #v_Hasher unpacked_public_key message randomness - in - let _:Prims.unit = admit () (* Panic freedom *) in - result + encrypt_unpacked v_K v_CIPHERTEXT_SIZE v_T_AS_NTT_ENCODED_SIZE v_C1_LEN v_C2_LEN + v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR v_BLOCK_LEN v_ETA1 v_ETA1_RANDOMNESS_SIZE v_ETA2 + v_ETA2_RANDOMNESS_SIZE #v_Vector #v_Hasher unpacked_public_key message randomness -let generate_keypair_unpacked - (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher #v_Scheme: Type0) +#push-options "--ext context_pruning" + +let deserialize_then_decompress_u + (v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR: usize) + (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: + i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i4: - Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme) - (key_generation_seed: t_Slice u8) - (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) - (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) = - let hashed:t_Array u8 (sz 64) = - Libcrux_ml_kem.Variant.f_cpa_keygen_seed #v_Scheme - #FStar.Tactics.Typeclasses.solve + let _:Prims.unit = + assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! v_U_COMPRESSION_FACTOR) /! + Rust_primitives.mk_usize 8) == + v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K)) + in + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K - #v_Hasher - key_generation_seed + (fun temp_0_ -> + let _:usize = temp_0_ in + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) in - let seed_for_A, seed_for_secret_and_error:(t_Slice u8 & t_Slice u8) = - Core.Slice.impl__split_at #u8 (hashed <: t_Slice u8) (sz 32) + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! + v_U_COMPRESSION_FACTOR + <: + usize) /! + sz 8 + <: + usize) + (ciphertext <: t_Slice u8) + (fun u_as_ntt i -> + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + u_as_ntt + in + let i:usize = i in + forall (j: nat). + j < v i ==> + j * v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K) + v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K) <= + v v_CIPHERTEXT_SIZE /\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index u_as_ntt j) == + Spec.MLKEM.poly_ntt (Spec.MLKEM.byte_decode_then_decompress (v v_U_COMPRESSION_FACTOR) + (Seq.slice ciphertext + (j * v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K)) + (j * v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K) + v (Spec.MLKEM.v_C1_BLOCK_SIZE v_K))) + )) + u_as_ntt + (fun u_as_ntt temp_1_ -> + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + u_as_ntt + in + let i, u_bytes:(usize & t_Slice u8) = temp_1_ in + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize u_as_ntt + i + (Libcrux_ml_kem.Serialize.deserialize_then_decompress_ring_element_u v_U_COMPRESSION_FACTOR + #v_Vector + u_bytes + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize u_as_ntt + i + (Libcrux_ml_kem.Ntt.ntt_vector_u v_U_COMPRESSION_FACTOR + #v_Vector + (u_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + u_as_ntt) in - let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = - { - public_key with - Libcrux_ml_kem.Ind_cpa.Unpacked.f_A - = - Libcrux_ml_kem.Matrix.sample_matrix_A v_K - #v_Vector - #v_Hasher - public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A - (Libcrux_ml_kem.Utils.into_padded_array (sz 34) seed_for_A <: t_Array u8 (sz 34)) - true - } - <: - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + let _:Prims.unit = + Lib.Sequence.eq_intro #Spec.MLKEM.polynomial + #(v v_K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector u_as_ntt) + (let open Spec.MLKEM in + vector_ntt (decode_then_decompress_u #v_K + (Seq.slice ciphertext 0 (v (Spec.MLKEM.v_C1_SIZE v_K))))) in - let (prf_input: t_Array u8 (sz 33)):t_Array u8 (sz 33) = - Libcrux_ml_kem.Utils.into_padded_array (sz 33) seed_for_secret_and_error + u_as_ntt + +#pop-options + +let decrypt_unpacked + (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: + usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (secret_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + = + let u_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + deserialize_then_decompress_u v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR #v_Vector ciphertext in - let tmp0, out:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) = - sample_vector_cbd_then_ntt v_K - v_ETA1 - v_ETA1_RANDOMNESS_SIZE + let v:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Serialize.deserialize_then_decompress_ring_element_v v_V_COMPRESSION_FACTOR #v_Vector - #v_Hasher - private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt - prf_input - 0uy + (ciphertext.[ { Core.Ops.Range.f_start = v_VECTOR_U_ENCODED_SIZE } + <: + Core.Ops.Range.t_RangeFrom usize ] + <: + t_Slice u8) in - let private_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector = - { private_key with Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt = tmp0 } + let message:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Matrix.compute_message v_K + #v_Vector + v + secret_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + u_as_ntt + in + Libcrux_ml_kem.Serialize.compress_then_serialize_message #v_Vector message + +let decrypt + (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: + usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (secret_key: t_Slice u8) + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + = + let _:Prims.unit = reveal_opaque (`%Spec.MLKEM.ind_cpa_decrypt) Spec.MLKEM.ind_cpa_decrypt in + let secret_as_ntt:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + deserialize_secret_key v_K #v_Vector secret_key + in + let secret_key_unpacked:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector = + { Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt = secret_as_ntt } <: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector in - let domain_separator:u8 = out in - let error_as_ntt, _:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8 - ) = - sample_vector_cbd_then_ntt_out v_K - v_ETA1 - v_ETA1_RANDOMNESS_SIZE - #v_Vector - #v_Hasher - prf_input - domain_separator + decrypt_unpacked v_K + v_CIPHERTEXT_SIZE + v_VECTOR_U_ENCODED_SIZE + v_U_COMPRESSION_FACTOR + v_V_COMPRESSION_FACTOR + #v_Vector + secret_key_unpacked + ciphertext + +#push-options "--z3rlimit 200 --ext context_pruning --z3refresh" + +let serialize_secret_key + (v_K v_OUT_LEN: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (key: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + = + let _:Prims.unit = assert_norm (Spec.MLKEM.polynomial_d 12 == Spec.MLKEM.polynomial) in + let out:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in + let out:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Folds.fold_enumerated_slice key + (fun out i -> + let out:t_Array u8 v_OUT_LEN = out in + let i:usize = i in + (v i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index key (v i))) /\ + (forall (j: nat). + j < v i ==> + (j + 1) * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <= Seq.length out /\ + (Seq.slice out + (j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + ((j + 1) * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) == + Spec.MLKEM.byte_encode 12 + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index key j))))) + out + (fun out temp_1_ -> + let out:t_Array u8 v_OUT_LEN = out in + let i, re:(usize & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + temp_1_ + in + let out:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ + Core.Ops.Range.f_start + = + i *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize; + Core.Ops.Range.f_end + = + (i +! sz 1 <: usize) *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (out.[ { + Core.Ops.Range.f_start + = + i *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <: usize; + Core.Ops.Range.f_end + = + (i +! sz 1 <: usize) *! Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT + <: + usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (Libcrux_ml_kem.Serialize.serialize_uncompressed_ring_element #v_Vector re + <: + t_Slice u8) + <: + t_Slice u8) + in + let _:Prims.unit = + let lemma_aux (j: nat{j < v i}) + : Lemma + (Seq.slice out + (j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + ((j + 1) * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) == + Spec.MLKEM.byte_encode 12 + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index key j))) = + Lib.Sequence.eq_intro #u8 + #(v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + (Seq.slice out + (j * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + ((j + 1) * v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT)) + (Spec.MLKEM.byte_encode 12 + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index key j))) + in + Classical.forall_intro lemma_aux + in + out) in - let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = - { - public_key with - Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt - = - Libcrux_ml_kem.Matrix.compute_As_plus_e v_K - #v_Vector - public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt - public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A - private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt - error_as_ntt - } - <: - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + let _:Prims.unit = + assert (Spec.MLKEM.coerce_vector_12 (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K + #v_Vector + key) == + Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector key); + Lib.Sequence.eq_intro #u8 + #(v v_OUT_LEN) + out + (Spec.MLKEM.vector_encode_12 #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector key)) in - let public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = - { - public_key with - Libcrux_ml_kem.Ind_cpa.Unpacked.f_seed_for_A - = - Core.Result.impl__unwrap #(t_Array u8 (sz 32)) - #Core.Array.t_TryFromSliceError - (Core.Convert.f_try_into #(t_Slice u8) - #(t_Array u8 (sz 32)) - #FStar.Tactics.Typeclasses.solve - seed_for_A - <: - Core.Result.t_Result (t_Array u8 (sz 32)) Core.Array.t_TryFromSliceError) - } - <: - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + out + +#pop-options + +let serialize_public_key_mut + (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (seed_for_a: t_Slice u8) + (serialized: t_Array u8 v_PUBLIC_KEY_SIZE) + = + let serialized:t_Array u8 v_PUBLIC_KEY_SIZE = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = v_RANKED_BYTES_PER_RING_ELEMENT } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 0; + Core.Ops.Range.f_end = v_RANKED_BYTES_PER_RING_ELEMENT + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (serialize_secret_key v_K v_RANKED_BYTES_PER_RING_ELEMENT #v_Vector tt_as_ntt + <: + t_Slice u8) + <: + t_Slice u8) in - let hax_temp_output:Prims.unit = admit () (* Panic freedom *) in - private_key, public_key - <: - (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + let serialized:t_Array u8 v_PUBLIC_KEY_SIZE = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range_from serialized + ({ Core.Ops.Range.f_start = v_RANKED_BYTES_PER_RING_ELEMENT } + <: + Core.Ops.Range.t_RangeFrom usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { Core.Ops.Range.f_start = v_RANKED_BYTES_PER_RING_ELEMENT } + <: + Core.Ops.Range.t_RangeFrom usize ] + <: + t_Slice u8) + seed_for_a + <: + t_Slice u8) + in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 + #(v v_PUBLIC_KEY_SIZE) + serialized + (Seq.append (Spec.MLKEM.vector_encode_12 #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector tt_as_ntt)) + seed_for_a) + in + serialized + +let serialize_public_key + (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (seed_for_a: t_Slice u8) + = + let public_key_serialized:t_Array u8 v_PUBLIC_KEY_SIZE = + Rust_primitives.Hax.repeat 0uy v_PUBLIC_KEY_SIZE + in + let public_key_serialized:t_Array u8 v_PUBLIC_KEY_SIZE = + serialize_public_key_mut v_K + v_RANKED_BYTES_PER_RING_ELEMENT + v_PUBLIC_KEY_SIZE + #v_Vector + tt_as_ntt + seed_for_a + public_key_serialized + in + public_key_serialized let generate_keypair (v_K v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_RANKED_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE: @@ -944,10 +1195,6 @@ let generate_keypair #v_Vector private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt in - let result:(t_Array u8 v_PRIVATE_KEY_SIZE & t_Array u8 v_PUBLIC_KEY_SIZE) = - secret_key_serialized, public_key_serialized - <: - (t_Array u8 v_PRIVATE_KEY_SIZE & t_Array u8 v_PUBLIC_KEY_SIZE) - in - let _:Prims.unit = admit () (* Panic freedom *) in - result + secret_key_serialized, public_key_serialized + <: + (t_Array u8 v_PRIVATE_KEY_SIZE & t_Array u8 v_PUBLIC_KEY_SIZE) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti index 34b5b8ade..51c306877 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti @@ -12,6 +12,24 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () +/// Call [`deserialize_to_uncompressed_ring_element`] for each ring element. +val deserialize_secret_key + (v_K: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (secret_key: t_Slice u8) + : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (requires + Spec.MLKEM.is_rank v_K /\ length secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ + v (Core.Slice.impl__len #u8 secret_key) / + v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <= + v v_K) + (ensures + fun res -> + let res:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = res in + Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector res == + Spec.MLKEM.vector_decode_12 #v_K secret_key) + /// Sample a vector of ring elements from a centered binomial distribution. val sample_ring_element_cbd (v_K v_ETA2_RANDOMNESS_SIZE v_ETA2: usize) @@ -23,8 +41,17 @@ val sample_ring_element_cbd : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & u8) (requires Spec.MLKEM.is_rank v_K /\ v_ETA2_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA2_RANDOMNESS_SIZE v_K /\ - v_ETA2 == Spec.MLKEM.v_ETA2 v_K /\ range (v domain_separator + v v_K) u8_inttype) - (fun _ -> Prims.l_True) + v_ETA2 == Spec.MLKEM.v_ETA2 v_K /\ v domain_separator < 2 * v v_K /\ + range (v domain_separator + v v_K) u8_inttype) + (ensures + fun temp_0_ -> + let err1, ds:(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K & + u8) = + temp_0_ + in + v ds == v domain_separator + v v_K /\ + Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector err1 == + Spec.MLKEM.sample_vector_cbd2 #v_K (Seq.slice prf_input 0 32) (sz (v domain_separator))) /// Sample a vector of ring elements from a centered binomial distribution and /// convert them into their NTT representations. @@ -52,7 +79,11 @@ val sample_vector_cbd_then_ntt Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector re_as_ntt_future == Spec.MLKEM.sample_vector_cbd_then_ntt #v_K (Seq.slice prf_input 0 32) - (sz (v domain_separator))) + (sz (v domain_separator)) /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index re_as_ntt_future + i))) val sample_vector_cbd_then_ntt_out (v_K v_ETA v_ETA_RANDOMNESS_SIZE: usize) @@ -78,6 +109,84 @@ val sample_vector_cbd_then_ntt_out (Seq.slice prf_input 0 32) (sz (v domain_separator))) +/// This function implements most of Algorithm 12 of the +/// NIST FIPS 203 specification; this is the Kyber CPA-PKE key generation algorithm. +/// We say \"most of\" since Algorithm 12 samples the required randomness within +/// the function itself, whereas this implementation expects it to be provided +/// through the `key_generation_seed` parameter. +/// Algorithm 12 is reproduced below: +/// ```plaintext +/// Output: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}. +/// Output: decryption key dkₚₖₑ ∈ 𝔹^{384k}. +/// d ←$ B +/// (ρ,σ) ← G(d) +/// N ← 0 +/// for (i ← 0; i < k; i++) +/// for(j ← 0; j < k; j++) +/// Â[i,j] ← SampleNTT(XOF(ρ, i, j)) +/// end for +/// end for +/// for(i ← 0; i < k; i++) +/// s[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(σ,N)) +/// N ← N + 1 +/// end for +/// for(i ← 0; i < k; i++) +/// e[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(σ,N)) +/// N ← N + 1 +/// end for +/// ŝ ← NTT(s) +/// ê ← NTT(e) +/// t\u{302} ← Â◦ŝ + ê +/// ekₚₖₑ ← ByteEncode₁₂(t\u{302}) ‖ ρ +/// dkₚₖₑ ← ByteEncode₁₂(ŝ) +/// ``` +/// The NIST FIPS 203 standard can be found at +/// . +val generate_keypair_unpacked + (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) + (#v_Vector #v_Hasher #v_Scheme: Type0) + {| i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + {| i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + {| i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme |} + (key_generation_seed: t_Slice u8) + (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) + (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + : Prims.Pure + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + (requires + Spec.MLKEM.is_rank v_K /\ v_ETA1_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE v_K /\ + v_ETA1 == Spec.MLKEM.v_ETA1 v_K /\ + length key_generation_seed == Spec.MLKEM.v_CPA_KEY_GENERATION_SEED_SIZE) + (ensures + fun temp_0_ -> + let private_key_future, public_key_future:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked + v_K v_Vector & + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) = + temp_0_ + in + let ((t_as_ntt, seed_for_A), secret_as_ntt), valid = + Spec.MLKEM.ind_cpa_generate_keypair_unpacked v_K key_generation_seed + in + (valid ==> + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector public_key_future.f_t_as_ntt + ) == + t_as_ntt) /\ (public_key_future.f_seed_for_A == seed_for_A) /\ + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K + #v_Vector + private_key_future.f_secret_as_ntt) == + secret_as_ntt)) /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index private_key_future + .f_secret_as_ntt + i)) /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index public_key_future + .f_t_as_ntt + i))) + /// Call [`compress_then_serialize_ring_element_u`] on each ring element. val compress_then_serialize_u (v_K v_OUT_LEN v_COMPRESSION_FACTOR v_BLOCK_LEN: usize) @@ -100,160 +209,6 @@ val compress_then_serialize_u Spec.MLKEM.compress_then_encode_u #v_K (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector input)) -/// Call [`deserialize_then_decompress_ring_element_u`] on each ring element -/// in the `ciphertext`. -val deserialize_then_decompress_u - (v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) - : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (requires - Spec.MLKEM.is_rank v_K /\ v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ - v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K) - (ensures - fun res -> - let res:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = res in - Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector res == - Spec.MLKEM.(vector_ntt (decode_then_decompress_u #v_K - (Seq.slice ciphertext 0 (v (Spec.MLKEM.v_C1_SIZE v_K)))))) - -/// Call [`deserialize_to_uncompressed_ring_element`] for each ring element. -val deserialize_secret_key - (v_K: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (secret_key: t_Slice u8) - : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (requires - Spec.MLKEM.is_rank v_K /\ length secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ - v (Core.Slice.impl__len #u8 secret_key) / - v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT <= - v v_K) - (ensures - fun res -> - let res:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = res in - Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector res == - Spec.MLKEM.vector_decode_12 #v_K secret_key) - -/// Call [`serialize_uncompressed_ring_element`] for each ring element. -val serialize_secret_key - (v_K v_OUT_LEN: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (key: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - : Prims.Pure (t_Array u8 v_OUT_LEN) - (requires - Spec.MLKEM.is_rank v_K /\ v_OUT_LEN == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ - (forall (i: nat). - i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index key i))) - (ensures - fun res -> - let res:t_Array u8 v_OUT_LEN = res in - res == - Spec.MLKEM.vector_encode_12 #v_K - (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector key)) - -/// Concatenate `t` and `ρ` into the public key. -val serialize_public_key_mut - (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (seed_for_a: t_Slice u8) - (serialized: t_Array u8 v_PUBLIC_KEY_SIZE) - : Prims.Pure (t_Array u8 v_PUBLIC_KEY_SIZE) - (requires - Spec.MLKEM.is_rank v_K /\ - v_RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT v_K /\ - v_PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE v_K /\ length seed_for_a == sz 32 /\ - (forall (i: nat). - i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index tt_as_ntt i))) - (ensures - fun serialized_future -> - let serialized_future:t_Array u8 v_PUBLIC_KEY_SIZE = serialized_future in - serialized_future == - Seq.append (Spec.MLKEM.vector_encode_12 #v_K - (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector tt_as_ntt)) - seed_for_a) - -/// Concatenate `t` and `ρ` into the public key. -val serialize_public_key - (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - (seed_for_a: t_Slice u8) - : Prims.Pure (t_Array u8 v_PUBLIC_KEY_SIZE) - (requires - Spec.MLKEM.is_rank v_K /\ - v_RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT v_K /\ - v_PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE v_K /\ length seed_for_a == sz 32 /\ - (forall (i: nat). - i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index tt_as_ntt i))) - (ensures - fun res -> - let res:t_Array u8 v_PUBLIC_KEY_SIZE = res in - res == - Seq.append (Spec.MLKEM.vector_encode_12 #v_K - (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector tt_as_ntt)) - seed_for_a) - -/// This function implements Algorithm 14 of the -/// NIST FIPS 203 specification; this is the Kyber CPA-PKE decryption algorithm. -/// Algorithm 14 is reproduced below: -/// ```plaintext -/// Input: decryption key dkₚₖₑ ∈ 𝔹^{384k}. -/// Input: ciphertext c ∈ 𝔹^{32(dᵤk + dᵥ)}. -/// Output: message m ∈ 𝔹^{32}. -/// c₁ ← c[0 : 32dᵤk] -/// c₂ ← c[32dᵤk : 32(dᵤk + dᵥ)] -/// u ← Decompress_{dᵤ}(ByteDecode_{dᵤ}(c₁)) -/// v ← Decompress_{dᵥ}(ByteDecode_{dᵥ}(c₂)) -/// ŝ ← ByteDecode₁₂(dkₚₖₑ) -/// w ← v - NTT-¹(ŝᵀ ◦ NTT(u)) -/// m ← ByteEncode₁(Compress₁(w)) -/// return m -/// ``` -/// The NIST FIPS 203 standard can be found at -/// . -val decrypt_unpacked - (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: - usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (secret_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) - : Prims.Pure (t_Array u8 (sz 32)) - (requires - Spec.MLKEM.is_rank v_K /\ v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ - v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K /\ - v_V_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_V_COMPRESSION_FACTOR v_K /\ - v_VECTOR_U_ENCODED_SIZE == Spec.MLKEM.v_C1_SIZE v_K) - (fun _ -> Prims.l_True) - -val decrypt - (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: - usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (secret_key: t_Slice u8) - (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) - : Prims.Pure (t_Array u8 (sz 32)) - (requires - Spec.MLKEM.is_rank v_K /\ length secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ - v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ - v_VECTOR_U_ENCODED_SIZE == Spec.MLKEM.v_C1_SIZE v_K /\ - v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K /\ - v_V_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_V_COMPRESSION_FACTOR v_K) - (ensures - fun result -> - let result:t_Array u8 (sz 32) = result in - result == Spec.MLKEM.ind_cpa_decrypt v_K secret_key ciphertext) - /// This function implements Algorithm 13 of the /// NIST FIPS 203 specification; this is the Kyber CPA-PKE encryption algorithm. /// Algorithm 13 is reproduced below: @@ -310,7 +265,15 @@ val encrypt_unpacked v_BLOCK_LEN == Spec.MLKEM.v_C1_BLOCK_SIZE v_K /\ v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ length randomness == Spec.MLKEM.v_SHARED_SECRET_SIZE) - (fun _ -> Prims.l_True) + (ensures + fun result -> + let result:t_Array u8 v_CIPHERTEXT_SIZE = result in + result == + Spec.MLKEM.ind_cpa_encrypt_unpacked v_K + message + randomness + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector public_key.f_t_as_ntt) + (Libcrux_ml_kem.Polynomial.to_spec_matrix_t #v_K #v_Vector public_key.f_A)) val encrypt (v_K v_CIPHERTEXT_SIZE v_T_AS_NTT_ENCODED_SIZE v_C1_LEN v_C2_LEN v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR v_BLOCK_LEN v_ETA1 v_ETA1_RANDOMNESS_SIZE v_ETA2 v_ETA2_RANDOMNESS_SIZE: @@ -340,72 +303,147 @@ val encrypt let expected, valid = Spec.MLKEM.ind_cpa_encrypt v_K public_key message randomness in valid ==> result == expected) -/// This function implements most of Algorithm 12 of the -/// NIST FIPS 203 specification; this is the Kyber CPA-PKE key generation algorithm. -/// We say \"most of\" since Algorithm 12 samples the required randomness within -/// the function itself, whereas this implementation expects it to be provided -/// through the `key_generation_seed` parameter. -/// Algorithm 12 is reproduced below: +/// Call [`deserialize_then_decompress_ring_element_u`] on each ring element +/// in the `ciphertext`. +val deserialize_then_decompress_u + (v_K v_CIPHERTEXT_SIZE v_U_COMPRESSION_FACTOR: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (requires + Spec.MLKEM.is_rank v_K /\ v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ + v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K) + (ensures + fun res -> + let res:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = res in + Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector res == + Spec.MLKEM.(vector_ntt (decode_then_decompress_u #v_K + (Seq.slice ciphertext 0 (v (Spec.MLKEM.v_C1_SIZE v_K)))))) + +/// This function implements Algorithm 14 of the +/// NIST FIPS 203 specification; this is the Kyber CPA-PKE decryption algorithm. +/// Algorithm 14 is reproduced below: /// ```plaintext -/// Output: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}. -/// Output: decryption key dkₚₖₑ ∈ 𝔹^{384k}. -/// d ←$ B -/// (ρ,σ) ← G(d) -/// N ← 0 -/// for (i ← 0; i < k; i++) -/// for(j ← 0; j < k; j++) -/// Â[i,j] ← SampleNTT(XOF(ρ, i, j)) -/// end for -/// end for -/// for(i ← 0; i < k; i++) -/// s[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(σ,N)) -/// N ← N + 1 -/// end for -/// for(i ← 0; i < k; i++) -/// e[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(σ,N)) -/// N ← N + 1 -/// end for -/// ŝ ← NTT(s) -/// ê ← NTT(e) -/// t\u{302} ← Â◦ŝ + ê -/// ekₚₖₑ ← ByteEncode₁₂(t\u{302}) ‖ ρ -/// dkₚₖₑ ← ByteEncode₁₂(ŝ) +/// Input: decryption key dkₚₖₑ ∈ 𝔹^{384k}. +/// Input: ciphertext c ∈ 𝔹^{32(dᵤk + dᵥ)}. +/// Output: message m ∈ 𝔹^{32}. +/// c₁ ← c[0 : 32dᵤk] +/// c₂ ← c[32dᵤk : 32(dᵤk + dᵥ)] +/// u ← Decompress_{dᵤ}(ByteDecode_{dᵤ}(c₁)) +/// v ← Decompress_{dᵥ}(ByteDecode_{dᵥ}(c₂)) +/// ŝ ← ByteDecode₁₂(dkₚₖₑ) +/// w ← v - NTT-¹(ŝᵀ ◦ NTT(u)) +/// m ← ByteEncode₁(Compress₁(w)) +/// return m /// ``` /// The NIST FIPS 203 standard can be found at /// . -val generate_keypair_unpacked - (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher #v_Scheme: Type0) - {| i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - {| i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} - {| i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme |} - (key_generation_seed: t_Slice u8) - (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) - (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) - : Prims.Pure - (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) +val decrypt_unpacked + (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: + usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (secret_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + : Prims.Pure (t_Array u8 (sz 32)) (requires - Spec.MLKEM.is_rank v_K /\ v_ETA1_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE v_K /\ - v_ETA1 == Spec.MLKEM.v_ETA1 v_K /\ - length key_generation_seed == Spec.MLKEM.v_CPA_KEY_GENERATION_SEED_SIZE) + Spec.MLKEM.is_rank v_K /\ v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ + v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K /\ + v_V_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_V_COMPRESSION_FACTOR v_K /\ + v_VECTOR_U_ENCODED_SIZE == Spec.MLKEM.v_C1_SIZE v_K) (ensures - fun temp_0_ -> - let private_key_future, public_key_future:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked - v_K v_Vector & - Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) = - temp_0_ - in - (forall (i: nat). - i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index private_key_future - .f_secret_as_ntt - i)) /\ - (forall (i: nat). - i < v v_K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index public_key_future - .f_t_as_ntt - i))) + fun result -> + let result:t_Array u8 (sz 32) = result in + result == + Spec.MLKEM.ind_cpa_decrypt_unpacked v_K + ciphertext + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector secret_key.f_secret_as_ntt)) + +val decrypt + (v_K v_CIPHERTEXT_SIZE v_VECTOR_U_ENCODED_SIZE v_U_COMPRESSION_FACTOR v_V_COMPRESSION_FACTOR: + usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (secret_key: t_Slice u8) + (ciphertext: t_Array u8 v_CIPHERTEXT_SIZE) + : Prims.Pure (t_Array u8 (sz 32)) + (requires + Spec.MLKEM.is_rank v_K /\ length secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ + v_CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE v_K /\ + v_VECTOR_U_ENCODED_SIZE == Spec.MLKEM.v_C1_SIZE v_K /\ + v_U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR v_K /\ + v_V_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_V_COMPRESSION_FACTOR v_K) + (ensures + fun result -> + let result:t_Array u8 (sz 32) = result in + result == Spec.MLKEM.ind_cpa_decrypt v_K secret_key ciphertext) + +/// Call [`serialize_uncompressed_ring_element`] for each ring element. +val serialize_secret_key + (v_K v_OUT_LEN: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (key: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + : Prims.Pure (t_Array u8 v_OUT_LEN) + (requires + Spec.MLKEM.is_rank v_K /\ v_OUT_LEN == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE v_K /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index key i))) + (ensures + fun res -> + let res:t_Array u8 v_OUT_LEN = res in + res == + Spec.MLKEM.vector_encode_12 #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector key)) + +/// Concatenate `t` and `ρ` into the public key. +val serialize_public_key_mut + (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (seed_for_a: t_Slice u8) + (serialized: t_Array u8 v_PUBLIC_KEY_SIZE) + : Prims.Pure (t_Array u8 v_PUBLIC_KEY_SIZE) + (requires + Spec.MLKEM.is_rank v_K /\ + v_RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT v_K /\ + v_PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE v_K /\ length seed_for_a == sz 32 /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index tt_as_ntt i))) + (ensures + fun serialized_future -> + let serialized_future:t_Array u8 v_PUBLIC_KEY_SIZE = serialized_future in + serialized_future == + Seq.append (Spec.MLKEM.vector_encode_12 #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector tt_as_ntt)) + seed_for_a) + +/// Concatenate `t` and `ρ` into the public key. +val serialize_public_key + (v_K v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (tt_as_ntt: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (seed_for_a: t_Slice u8) + : Prims.Pure (t_Array u8 v_PUBLIC_KEY_SIZE) + (requires + Spec.MLKEM.is_rank v_K /\ + v_RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT v_K /\ + v_PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE v_K /\ length seed_for_a == sz 32 /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index tt_as_ntt i))) + (ensures + fun res -> + let res:t_Array u8 v_PUBLIC_KEY_SIZE = res in + res == + Seq.append (Spec.MLKEM.vector_encode_12 #v_K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector tt_as_ntt)) + seed_for_a) val generate_keypair (v_K v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_RANKED_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fst index 227ecb785..0fe17e19e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fst @@ -10,6 +10,133 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () +let sample_matrix_A + (v_K: usize) + (#v_Vector #v_Hasher: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i2: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i3: + Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (v_A_transpose: + t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) + (seed: t_Array u8 (sz 34)) + (transpose: bool) + = + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + Rust_primitives.Hax.Folds.fold_range (sz 0) + v_K + (fun v_A_transpose temp_1_ -> + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + v_A_transpose + in + let _:usize = temp_1_ in + true) + v_A_transpose + (fun v_A_transpose i -> + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + v_A_transpose + in + let i:usize = i in + let seeds:t_Array (t_Array u8 (sz 34)) v_K = Rust_primitives.Hax.repeat seed v_K in + let seeds:t_Array (t_Array u8 (sz 34)) v_K = + Rust_primitives.Hax.Folds.fold_range (sz 0) + v_K + (fun seeds temp_1_ -> + let seeds:t_Array (t_Array u8 (sz 34)) v_K = seeds in + let _:usize = temp_1_ in + true) + seeds + (fun seeds j -> + let seeds:t_Array (t_Array u8 (sz 34)) v_K = seeds in + let j:usize = j in + let seeds:t_Array (t_Array u8 (sz 34)) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize seeds + j + (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (seeds.[ j ] + <: + t_Array u8 (sz 34)) + (sz 32) + (cast (i <: usize) <: u8) + <: + t_Array u8 (sz 34)) + in + let seeds:t_Array (t_Array u8 (sz 34)) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize seeds + j + (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (seeds.[ j ] + <: + t_Array u8 (sz 34)) + (sz 33) + (cast (j <: usize) <: u8) + <: + t_Array u8 (sz 34)) + in + seeds) + in + let sampled:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Libcrux_ml_kem.Sampling.sample_from_xof v_K #v_Vector #v_Hasher seeds + in + Rust_primitives.Hax.Folds.fold_enumerated_slice sampled + (fun v_A_transpose temp_1_ -> + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + v_A_transpose + in + let _:usize = temp_1_ in + true) + v_A_transpose + (fun v_A_transpose temp_1_ -> + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + v_A_transpose + in + let j, sample:(usize & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = + temp_1_ + in + if transpose + then + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v_A_transpose + j + (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (v_A_transpose.[ j + ] + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + ) + i + sample + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + in + v_A_transpose + else + let v_A_transpose:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v_A_transpose + i + (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (v_A_transpose.[ i + ] + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + ) + j + sample + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + in + v_A_transpose)) + in + let result:Prims.unit = () <: Prims.unit in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in + v_A_transpose + let compute_As_plus_e (v_K: usize) (#v_Vector: Type0) @@ -107,6 +234,52 @@ let compute_As_plus_e #push-options "--admit_smt_queries true" +let compute_message + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (v: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (secret_as_ntt u_as_ntt: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + = + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Rust_primitives.Hax.Folds.fold_range (sz 0) + v_K + (fun result temp_1_ -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + let _:usize = temp_1_ in + true) + result + (fun result i -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + let i:usize = i in + let product:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ntt_multiply #v_Vector + (secret_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (u_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__add_to_ring_element #v_Vector v_K result product + in + result) + in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Invert_ntt.invert_ntt_montgomery v_K #v_Vector result + in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__subtract_reduce #v_Vector v result + in + result + +#pop-options + +#push-options "--admit_smt_queries true" + let compute_ring_element_v (v_K: usize) (#v_Vector: Type0) @@ -254,176 +427,3 @@ let compute_vector_u result #pop-options - -#push-options "--admit_smt_queries true" - -let compute_message - (v_K: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (v: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (secret_as_ntt u_as_ntt: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - = - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_range (sz 0) - v_K - (fun result temp_1_ -> - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in - let _:usize = temp_1_ in - true) - result - (fun result i -> - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in - let i:usize = i in - let product:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ntt_multiply #v_Vector - (secret_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (u_as_ntt.[ i ] <: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__add_to_ring_element #v_Vector v_K result product - in - result) - in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Invert_ntt.invert_ntt_montgomery v_K #v_Vector result - in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__subtract_reduce #v_Vector v result - in - result - -#pop-options - -let sample_matrix_A - (v_K: usize) - (#v_Vector #v_Hasher: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i2: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: - Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) - (v_A_transpose: - t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) - (seed: t_Array u8 (sz 34)) - (transpose: bool) - = - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - Rust_primitives.Hax.Folds.fold_range (sz 0) - v_K - (fun v_A_transpose temp_1_ -> - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - v_A_transpose - in - let _:usize = temp_1_ in - true) - v_A_transpose - (fun v_A_transpose i -> - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - v_A_transpose - in - let i:usize = i in - let seeds:t_Array (t_Array u8 (sz 34)) v_K = Rust_primitives.Hax.repeat seed v_K in - let seeds:t_Array (t_Array u8 (sz 34)) v_K = - Rust_primitives.Hax.Folds.fold_range (sz 0) - v_K - (fun seeds temp_1_ -> - let seeds:t_Array (t_Array u8 (sz 34)) v_K = seeds in - let _:usize = temp_1_ in - true) - seeds - (fun seeds j -> - let seeds:t_Array (t_Array u8 (sz 34)) v_K = seeds in - let j:usize = j in - let seeds:t_Array (t_Array u8 (sz 34)) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize seeds - j - (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (seeds.[ j ] - <: - t_Array u8 (sz 34)) - (sz 32) - (cast (i <: usize) <: u8) - <: - t_Array u8 (sz 34)) - in - let seeds:t_Array (t_Array u8 (sz 34)) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize seeds - j - (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (seeds.[ j ] - <: - t_Array u8 (sz 34)) - (sz 33) - (cast (j <: usize) <: u8) - <: - t_Array u8 (sz 34)) - in - seeds) - in - let sampled:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Libcrux_ml_kem.Sampling.sample_from_xof v_K #v_Vector #v_Hasher seeds - in - Rust_primitives.Hax.Folds.fold_enumerated_slice sampled - (fun v_A_transpose temp_1_ -> - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - v_A_transpose - in - let _:usize = temp_1_ in - true) - v_A_transpose - (fun v_A_transpose temp_1_ -> - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - v_A_transpose - in - let j, sample:(usize & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = - temp_1_ - in - if transpose - then - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v_A_transpose - j - (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (v_A_transpose.[ j - ] - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K - ) - i - sample - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - in - v_A_transpose - else - let v_A_transpose:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v_A_transpose - i - (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (v_A_transpose.[ i - ] - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K - ) - j - sample - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - in - v_A_transpose)) - in - let result:Prims.unit = () <: Prims.unit in - let _:Prims.unit = admit () (* Panic freedom *) in - let hax_temp_output:Prims.unit = result in - v_A_transpose diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fsti index 0520e4a48..7c0e78e63 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Matrix.fsti @@ -10,6 +10,32 @@ let _ = let open Libcrux_ml_kem.Vector.Traits in () +val sample_matrix_A + (v_K: usize) + (#v_Vector #v_Hasher: Type0) + {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + (v_A_transpose: + t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) + (seed: t_Array u8 (sz 34)) + (transpose: bool) + : Prims.Pure + (t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) + (requires Spec.MLKEM.is_rank v_K) + (ensures + fun v_A_transpose_future -> + let v_A_transpose_future:t_Array + (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = + v_A_transpose_future + in + let matrix_A, valid = Spec.MLKEM.sample_matrix_A_ntt (Seq.slice seed 0 32) in + valid ==> + (if transpose + then Libcrux_ml_kem.Polynomial.to_spec_matrix_t v_A_transpose_future == matrix_A + else + Libcrux_ml_kem.Polynomial.to_spec_matrix_t v_A_transpose_future == + Spec.MLKEM.matrix_transpose matrix_A)) + /// Compute  ◦ ŝ + ê val compute_As_plus_e (v_K: usize) @@ -32,7 +58,36 @@ val compute_As_plus_e to_spec_vector_t tt_as_ntt_future = Spec.MLKEM.compute_As_plus_e_ntt (to_spec_matrix_t matrix_A) (to_spec_vector_t s_as_ntt) - (to_spec_vector_t error_as_ntt)) + (to_spec_vector_t error_as_ntt) /\ + (forall (i: nat). + i < v v_K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index tt_as_ntt_future + i))) + +/// The following functions compute various expressions involving +/// vectors and matrices. The computation of these expressions has been +/// abstracted away into these functions in order to save on loop iterations. +/// Compute v − InverseNTT(sᵀ ◦ NTT(u)) +val compute_message + (v_K: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (v: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (secret_as_ntt u_as_ntt: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (requires Spec.MLKEM.is_rank v_K) + (ensures + fun res -> + let res:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = res in + let open Libcrux_ml_kem.Polynomial in + let secret_spec = to_spec_vector_t secret_as_ntt in + let u_spec = to_spec_vector_t u_as_ntt in + let v_spec = to_spec_poly_t v in + to_spec_poly_t res == + Spec.MLKEM.(poly_sub v_spec + (poly_inv_ntt (vector_dot_product_ntt #v_K secret_spec u_spec))) /\ + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range res) /// Compute InverseNTT(tᵀ ◦ r\u{302}) + e₂ + message val compute_ring_element_v @@ -79,54 +134,3 @@ val compute_vector_u (forall (i: nat). i < v v_K ==> Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index res i))) - -/// The following functions compute various expressions involving -/// vectors and matrices. The computation of these expressions has been -/// abstracted away into these functions in order to save on loop iterations. -/// Compute v − InverseNTT(sᵀ ◦ NTT(u)) -val compute_message - (v_K: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (v: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (secret_as_ntt u_as_ntt: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (requires Spec.MLKEM.is_rank v_K) - (ensures - fun res -> - let res:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = res in - let open Libcrux_ml_kem.Polynomial in - let secret_spec = to_spec_vector_t secret_as_ntt in - let u_spec = to_spec_vector_t u_as_ntt in - let v_spec = to_spec_poly_t v in - to_spec_poly_t res == - Spec.MLKEM.(poly_sub v_spec - (poly_inv_ntt (vector_dot_product_ntt #v_K secret_spec u_spec))) /\ - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range res) - -val sample_matrix_A - (v_K: usize) - (#v_Vector #v_Hasher: Type0) - {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} - (v_A_transpose: - t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) - (seed: t_Array u8 (sz 34)) - (transpose: bool) - : Prims.Pure - (t_Array (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K) - (requires Spec.MLKEM.is_rank v_K) - (ensures - fun v_A_transpose_future -> - let v_A_transpose_future:t_Array - (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) v_K = - v_A_transpose_future - in - let matrix_A, valid = Spec.MLKEM.sample_matrix_A_ntt (Seq.slice seed 0 32) in - valid ==> - (if transpose - then Libcrux_ml_kem.Polynomial.to_spec_matrix_t v_A_transpose_future == matrix_A - else - Libcrux_ml_kem.Polynomial.to_spec_matrix_t v_A_transpose_future == - Spec.MLKEM.matrix_transpose matrix_A)) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fst index 5d86ce050..d974fbef3 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fst @@ -464,12 +464,13 @@ let ntt_binomially_sampled_ring_element let zeta_i:usize = tmp0 in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = tmp1 in let _:Prims.unit = () in - let hax_temp_output, re:(Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - = + let result, re:(Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = (), Libcrux_ml_kem.Polynomial.impl_2__poly_barrett_reduce #v_Vector re <: (Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in re #pop-options @@ -527,12 +528,13 @@ let ntt_vector_u let zeta_i:usize = tmp0 in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = tmp1 in let _:Prims.unit = () in - let hax_temp_output, re:(Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - = + let result, re:(Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = (), Libcrux_ml_kem.Polynomial.impl_2__poly_barrett_reduce #v_Vector re <: (Prims.unit & Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in re #pop-options diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fsti index 487f928cf..8cf047654 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ntt.fsti @@ -164,7 +164,11 @@ val ntt_binomially_sampled_ring_element forall i. i < 8 ==> ntt_layer_7_pre (re.f_coefficients.[ sz i ]) (re.f_coefficients.[ sz i +! sz 8 ])) - (fun _ -> Prims.l_True) + (ensures + fun re_future -> + let re_future:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re_future in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re_future == + Spec.MLKEM.poly_ntt (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re)) val ntt_vector_u (v_VECTOR_U_COMPRESSION_FACTOR: usize) @@ -173,4 +177,8 @@ val ntt_vector_u (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) Prims.l_True - (fun _ -> Prims.l_True) + (ensures + fun re_future -> + let re_future:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re_future in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re_future == + Spec.MLKEM.poly_ntt (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re)) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fst index 0ed1d6ebd..13f72a5df 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fst @@ -144,6 +144,104 @@ let sample_from_uniform_distribution_next <: (t_Array usize v_K & t_Array (t_Array i16 (sz 272)) v_K & bool) +#push-options "--admit_smt_queries true" + +let sample_from_xof + (v_K: usize) + (#v_Vector #v_Hasher: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i2: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i3: + Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (seeds: t_Array (t_Array u8 (sz 34)) v_K) + = + let (sampled_coefficients: t_Array usize v_K):t_Array usize v_K = + Rust_primitives.Hax.repeat (sz 0) v_K + in + let (out: t_Array (t_Array i16 (sz 272)) v_K):t_Array (t_Array i16 (sz 272)) v_K = + Rust_primitives.Hax.repeat (Rust_primitives.Hax.repeat 0s (sz 272) <: t_Array i16 (sz 272)) v_K + in + let xof_state:v_Hasher = + Libcrux_ml_kem.Hash_functions.f_shake128_init_absorb_final #v_Hasher + #v_K + #FStar.Tactics.Typeclasses.solve + seeds + in + let tmp0, out1:(v_Hasher & t_Array (t_Array u8 (sz 504)) v_K) = + Libcrux_ml_kem.Hash_functions.f_shake128_squeeze_first_three_blocks #v_Hasher + #v_K + #FStar.Tactics.Typeclasses.solve + xof_state + in + let xof_state:v_Hasher = tmp0 in + let randomness:t_Array (t_Array u8 (sz 504)) v_K = out1 in + let tmp0, tmp1, out1:(t_Array usize v_K & t_Array (t_Array i16 (sz 272)) v_K & bool) = + sample_from_uniform_distribution_next #v_Vector v_K (sz 504) randomness sampled_coefficients out + in + let sampled_coefficients:t_Array usize v_K = tmp0 in + let out:t_Array (t_Array i16 (sz 272)) v_K = tmp1 in + let done:bool = out1 in + let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & + t_Array usize v_K & + v_Hasher) = + Rust_primitives.f_while_loop (fun temp_0_ -> + let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & + t_Array usize v_K & + v_Hasher) = + temp_0_ + in + ~.done <: bool) + (done, out, sampled_coefficients, xof_state + <: + (bool & t_Array (t_Array i16 (sz 272)) v_K & t_Array usize v_K & v_Hasher)) + (fun temp_0_ -> + let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & + t_Array usize v_K & + v_Hasher) = + temp_0_ + in + let tmp0, out1:(v_Hasher & t_Array (t_Array u8 (sz 168)) v_K) = + Libcrux_ml_kem.Hash_functions.f_shake128_squeeze_next_block #v_Hasher + #v_K + #FStar.Tactics.Typeclasses.solve + xof_state + in + let xof_state:v_Hasher = tmp0 in + let randomness:t_Array (t_Array u8 (sz 168)) v_K = out1 in + let tmp0, tmp1, out1:(t_Array usize v_K & t_Array (t_Array i16 (sz 272)) v_K & bool) = + sample_from_uniform_distribution_next #v_Vector + v_K + (sz 168) + randomness + sampled_coefficients + out + in + let sampled_coefficients:t_Array usize v_K = tmp0 in + let out:t_Array (t_Array i16 (sz 272)) v_K = tmp1 in + let done:bool = out1 in + done, out, sampled_coefficients, xof_state + <: + (bool & t_Array (t_Array i16 (sz 272)) v_K & t_Array usize v_K & v_Hasher)) + in + Core.Array.impl_23__map #(t_Array i16 (sz 272)) + v_K + #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + out + (fun s -> + let s:t_Array i16 (sz 272) = s in + Libcrux_ml_kem.Polynomial.impl_2__from_i16_array #v_Vector + (s.[ { Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = sz 256 } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice i16) + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + +#pop-options + #push-options "--z3rlimit 800" let sample_from_binomial_distribution_2_ @@ -316,109 +414,15 @@ let sample_from_binomial_distribution (randomness: t_Slice u8) = let _:Prims.unit = assert ((v (cast v_ETA <: u32) == 2) \/ (v (cast v_ETA <: u32) == 3)) in - match cast (v_ETA <: usize) <: u32 with - | 2ul -> sample_from_binomial_distribution_2_ #v_Vector randomness - | 3ul -> sample_from_binomial_distribution_3_ #v_Vector randomness - | _ -> - Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + match cast (v_ETA <: usize) <: u32 with + | 2ul -> sample_from_binomial_distribution_2_ #v_Vector randomness + | 3ul -> sample_from_binomial_distribution_3_ #v_Vector randomness + | _ -> + Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" - <: - Rust_primitives.Hax.t_Never) - -#push-options "--admit_smt_queries true" - -let sample_from_xof - (v_K: usize) - (#v_Vector #v_Hasher: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i2: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: - Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) - (seeds: t_Array (t_Array u8 (sz 34)) v_K) - = - let (sampled_coefficients: t_Array usize v_K):t_Array usize v_K = - Rust_primitives.Hax.repeat (sz 0) v_K - in - let (out: t_Array (t_Array i16 (sz 272)) v_K):t_Array (t_Array i16 (sz 272)) v_K = - Rust_primitives.Hax.repeat (Rust_primitives.Hax.repeat 0s (sz 272) <: t_Array i16 (sz 272)) v_K - in - let xof_state:v_Hasher = - Libcrux_ml_kem.Hash_functions.f_shake128_init_absorb_final #v_Hasher - #v_K - #FStar.Tactics.Typeclasses.solve - seeds - in - let tmp0, out1:(v_Hasher & t_Array (t_Array u8 (sz 504)) v_K) = - Libcrux_ml_kem.Hash_functions.f_shake128_squeeze_first_three_blocks #v_Hasher - #v_K - #FStar.Tactics.Typeclasses.solve - xof_state - in - let xof_state:v_Hasher = tmp0 in - let randomness:t_Array (t_Array u8 (sz 504)) v_K = out1 in - let tmp0, tmp1, out1:(t_Array usize v_K & t_Array (t_Array i16 (sz 272)) v_K & bool) = - sample_from_uniform_distribution_next #v_Vector v_K (sz 504) randomness sampled_coefficients out - in - let sampled_coefficients:t_Array usize v_K = tmp0 in - let out:t_Array (t_Array i16 (sz 272)) v_K = tmp1 in - let done:bool = out1 in - let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & - t_Array usize v_K & - v_Hasher) = - Rust_primitives.f_while_loop (fun temp_0_ -> - let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & - t_Array usize v_K & - v_Hasher) = - temp_0_ - in - ~.done <: bool) - (done, out, sampled_coefficients, xof_state - <: - (bool & t_Array (t_Array i16 (sz 272)) v_K & t_Array usize v_K & v_Hasher)) - (fun temp_0_ -> - let done, out, sampled_coefficients, xof_state:(bool & t_Array (t_Array i16 (sz 272)) v_K & - t_Array usize v_K & - v_Hasher) = - temp_0_ - in - let tmp0, out1:(v_Hasher & t_Array (t_Array u8 (sz 168)) v_K) = - Libcrux_ml_kem.Hash_functions.f_shake128_squeeze_next_block #v_Hasher - #v_K - #FStar.Tactics.Typeclasses.solve - xof_state - in - let xof_state:v_Hasher = tmp0 in - let randomness:t_Array (t_Array u8 (sz 168)) v_K = out1 in - let tmp0, tmp1, out1:(t_Array usize v_K & t_Array (t_Array i16 (sz 272)) v_K & bool) = - sample_from_uniform_distribution_next #v_Vector - v_K - (sz 168) - randomness - sampled_coefficients - out - in - let sampled_coefficients:t_Array usize v_K = tmp0 in - let out:t_Array (t_Array i16 (sz 272)) v_K = tmp1 in - let done:bool = out1 in - done, out, sampled_coefficients, xof_state <: - (bool & t_Array (t_Array i16 (sz 272)) v_K & t_Array usize v_K & v_Hasher)) + Rust_primitives.Hax.t_Never) in - Core.Array.impl_23__map #(t_Array i16 (sz 272)) - v_K - #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - out - (fun s -> - let s:t_Array i16 (sz 272) = s in - Libcrux_ml_kem.Polynomial.impl_2__from_i16_array #v_Vector - (s.[ { Core.Ops.Range.f_start = sz 0; Core.Ops.Range.f_end = sz 256 } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice i16) - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - -#pop-options + let _:Prims.unit = admit () (* Panic freedom *) in + result diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fsti index 8d7df649d..701fc9640 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Sampling.fsti @@ -54,6 +54,16 @@ val sample_from_uniform_distribution_next Prims.l_True (fun _ -> Prims.l_True) +val sample_from_xof + (v_K: usize) + (#v_Vector #v_Hasher: Type0) + {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + (seeds: t_Array (t_Array u8 (sz 34)) v_K) + : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + Prims.l_True + (fun _ -> Prims.l_True) + /// Given a series of uniformly random bytes in `randomness`, for some number `eta`, /// the `sample_from_binomial_distribution_{eta}` functions sample /// a ring element from a binomial distribution centered at 0 that uses two sets @@ -117,14 +127,12 @@ val sample_from_binomial_distribution (requires (v_ETA =. sz 2 || v_ETA =. sz 3) && (Core.Slice.impl__len #u8 randomness <: usize) =. (v_ETA *! sz 64 <: usize)) - (fun _ -> Prims.l_True) - -val sample_from_xof - (v_K: usize) - (#v_Vector #v_Hasher: Type0) - {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} - (seeds: t_Array (t_Array u8 (sz 34)) v_K) - : Prims.Pure (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) - Prims.l_True - (fun _ -> Prims.l_True) + (ensures + fun result -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + (forall (i: nat). + i < 8 ==> + Libcrux_ml_kem.Ntt.ntt_layer_7_pre (result.f_coefficients.[ sz i ]) + (result.f_coefficients.[ sz i +! sz 8 ])) /\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector result == + Spec.MLKEM.sample_poly_cbd v_ETA randomness) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst index 3d527ad48..ca0e4382e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fst @@ -21,401 +21,263 @@ let to_unsigned_field_modulus let _:Prims.unit = admit () (* Panic freedom *) in result -let compress_then_serialize_10_ - (v_OUT_LEN: usize) +let deserialize_then_decompress_11_ (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Slice u8) = - let _:Prims.unit = assert_norm (pow2 10 == 1024) in - let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in - let serialized:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Folds.fold_range (sz 0) - Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized i -> - let serialized:t_Array u8 v_OUT_LEN = serialized in - let i:usize = i in - v i >= 0 /\ v i <= 16 /\ v i < 16 ==> coefficients_field_modulus_range re) - serialized - (fun serialized i -> - let serialized:t_Array u8 v_OUT_LEN = serialized in - let i:usize = i in - let _:Prims.unit = assert (20 * v i + 20 <= 320) in - let _:Prims.unit = - reveal_opaque (`%coefficients_field_modulus_range) - (coefficients_field_modulus_range #v_Vector) - in - let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector - #FStar.Tactics.Typeclasses.solve - 10l - (to_unsigned_field_modulus #v_Vector - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - <: - v_Vector) - in - let bytes:t_Array u8 (sz 20) = - Libcrux_ml_kem.Vector.Traits.f_serialize_10_ #v_Vector - #FStar.Tactics.Typeclasses.solve - coefficient - in - let serialized:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ - Core.Ops.Range.f_start = sz 20 *! i <: usize; - Core.Ops.Range.f_end = (sz 20 *! i <: usize) +! sz 20 <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 20 *! i <: usize; - Core.Ops.Range.f_end = (sz 20 *! i <: usize) +! sz 20 <: usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (bytes <: t_Slice u8) - <: - t_Slice u8) - in - serialized) + let _:Prims.unit = + assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 11) /! sz 8) == 352) in - let result:t_Array u8 v_OUT_LEN = serialized in - let _:Prims.unit = admit () (* Panic freedom *) in - result - -#push-options "--admit_smt_queries true" - -let compress_then_serialize_11_ - (v_OUT_LEN: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - = - let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in - let serialized:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Folds.fold_range (sz 0) - Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized temp_1_ -> - let serialized:t_Array u8 v_OUT_LEN = serialized in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 22) + serialized + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let _:usize = temp_1_ in true) - serialized - (fun serialized i -> - let serialized:t_Array u8 v_OUT_LEN = serialized in - let i:usize = i in + re + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let i, bytes:(usize & t_Slice u8) = temp_1_ in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector - #FStar.Tactics.Typeclasses.solve - 11l - (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - <: - v_Vector) - in - let bytes:t_Array u8 (sz 22) = - Libcrux_ml_kem.Vector.Traits.f_serialize_11_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_deserialize_11_ #v_Vector #FStar.Tactics.Typeclasses.solve - coefficient + bytes in - let serialized:t_Array u8 v_OUT_LEN = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ - Core.Ops.Range.f_start = sz 22 *! i <: usize; - Core.Ops.Range.f_end = (sz 22 *! i <: usize) +! sz 22 <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 22 *! i <: usize; - Core.Ops.Range.f_end = (sz 22 *! i <: usize) +! sz 22 <: usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (bytes <: t_Slice u8) - <: - t_Slice u8) + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector + #FStar.Tactics.Typeclasses.solve + 11l + coefficient + <: + v_Vector) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector in - serialized) + re) in - serialized - -#pop-options + re -let compress_then_serialize_4_ +let deserialize_then_decompress_4_ (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) (serialized: t_Slice u8) = - let _:Prims.unit = assert_norm (pow2 4 == 16) in - let serialized:t_Slice u8 = - Rust_primitives.Hax.Folds.fold_range (sz 0) - Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized i -> - let serialized:t_Slice u8 = serialized in - let i:usize = i in - v i >= 0 /\ v i <= 16 /\ v i < 16 ==> - (Seq.length serialized == 128 /\ coefficients_field_modulus_range re)) + let _:Prims.unit = + assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 4) /! sz 8) == 128) + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 8) serialized - (fun serialized i -> - let serialized:t_Slice u8 = serialized in - let i:usize = i in - let _:Prims.unit = assert (8 * v i + 8 <= 128) in - let _:Prims.unit = - reveal_opaque (`%coefficients_field_modulus_range) - (coefficients_field_modulus_range #v_Vector) - in + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:usize = temp_1_ in + true) + re + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let i, bytes:(usize & t_Slice u8) = temp_1_ in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector - #FStar.Tactics.Typeclasses.solve - 4l - (to_unsigned_field_modulus #v_Vector - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - <: - v_Vector) - in - let bytes:t_Array u8 (sz 8) = - Libcrux_ml_kem.Vector.Traits.f_serialize_4_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_deserialize_4_ #v_Vector #FStar.Tactics.Typeclasses.solve - coefficient + bytes in - let serialized:t_Slice u8 = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ - Core.Ops.Range.f_start = sz 8 *! i <: usize; - Core.Ops.Range.f_end = (sz 8 *! i <: usize) +! sz 8 <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 8 *! i <: usize; - Core.Ops.Range.f_end = (sz 8 *! i <: usize) +! sz 8 <: usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (bytes <: t_Slice u8) - <: - t_Slice u8) + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector + #FStar.Tactics.Typeclasses.solve + 4l + coefficient + <: + v_Vector) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector in - serialized) + re) in - let result:Prims.unit = () <: Prims.unit in - let _:Prims.unit = admit () (* Panic freedom *) in - let hax_temp_output:Prims.unit = result in - serialized - -#push-options "--admit_smt_queries true" + re -let compress_then_serialize_5_ +let deserialize_then_decompress_5_ (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) (serialized: t_Slice u8) = - let serialized:t_Slice u8 = - Rust_primitives.Hax.Folds.fold_range (sz 0) - Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT - (fun serialized temp_1_ -> - let serialized:t_Slice u8 = serialized in + let _:Prims.unit = + assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 5) /! sz 8) == 160) + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 10) + serialized + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let _:usize = temp_1_ in true) - serialized - (fun serialized i -> - let serialized:t_Slice u8 = serialized in - let i:usize = i in - let coefficients:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector - #FStar.Tactics.Typeclasses.solve - 5l - (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - <: - v_Vector) - in - let bytes:t_Array u8 (sz 10) = - Libcrux_ml_kem.Vector.Traits.f_serialize_5_ #v_Vector - #FStar.Tactics.Typeclasses.solve - coefficients + re + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let i, bytes:(usize & t_Slice u8) = temp_1_ in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.f_deserialize_5_ #v_Vector + #FStar.Tactics.Typeclasses.solve + bytes + <: + v_Vector) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector in - let serialized:t_Slice u8 = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ - Core.Ops.Range.f_start = sz 10 *! i <: usize; - Core.Ops.Range.f_end = (sz 10 *! i <: usize) +! sz 10 <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 10 *! i <: usize; - Core.Ops.Range.f_end = (sz 10 *! i <: usize) +! sz 10 <: usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (bytes <: t_Slice u8) - <: - t_Slice u8) + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector + #FStar.Tactics.Typeclasses.solve + 5l + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + <: + v_Vector) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector in - serialized) + re) in - let hax_temp_output:Prims.unit = () <: Prims.unit in - serialized - -#pop-options + re -let compress_then_serialize_message +let deserialize_then_decompress_message (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Array u8 (sz 32)) = - let serialized:t_Array u8 (sz 32) = Rust_primitives.Hax.repeat 0uy (sz 32) in - let serialized:t_Array u8 (sz 32) = + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + in + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = Rust_primitives.Hax.Folds.fold_range (sz 0) (sz 16) - (fun serialized i -> - let serialized:t_Array u8 (sz 32) = serialized in - let i:usize = i in - v i < 16 ==> coefficients_field_modulus_range re) - serialized - (fun serialized i -> - let serialized:t_Array u8 (sz 32) = serialized in + (fun re temp_1_ -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:usize = temp_1_ in + true) + re + (fun re i -> + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let i:usize = i in - let _:Prims.unit = assert (2 * v i + 2 <= 32) in - let _:Prims.unit = - reveal_opaque (`%coefficients_field_modulus_range) - (coefficients_field_modulus_range #v_Vector) - in - let coefficient:v_Vector = - to_unsigned_field_modulus #v_Vector - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - in let coefficient_compressed:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_compress_1_ #v_Vector - #FStar.Tactics.Typeclasses.solve - coefficient - in - let bytes:t_Array u8 (sz 2) = - Libcrux_ml_kem.Vector.Traits.f_serialize_1_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_deserialize_1_ #v_Vector #FStar.Tactics.Typeclasses.solve - coefficient_compressed - in - let serialized:t_Array u8 (sz 32) = - Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized - ({ - Core.Ops.Range.f_start = sz 2 *! i <: usize; - Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize - } - <: - Core.Ops.Range.t_Range usize) - (Core.Slice.impl__copy_from_slice #u8 - (serialized.[ { - Core.Ops.Range.f_start = sz 2 *! i <: usize; - Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize - } - <: - Core.Ops.Range.t_Range usize ] - <: - t_Slice u8) - (bytes <: t_Slice u8) + (serialized.[ { + Core.Ops.Range.f_start = sz 2 *! i <: usize; + Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize + } + <: + Core.Ops.Range.t_Range usize ] <: t_Slice u8) in - serialized) + let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.decompress_1_ #v_Vector coefficient_compressed + <: + v_Vector) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector + in + re) in - let result:t_Array u8 (sz 32) = serialized in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let _:Prims.unit = admit () (* Panic freedom *) in result -let compress_then_serialize_ring_element_u - (v_COMPRESSION_FACTOR v_OUT_LEN: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - = - let _:Prims.unit = - assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 10) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 11)); - Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) - in - match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with - | 10ul -> compress_then_serialize_10_ v_OUT_LEN #v_Vector re - | 11ul -> compress_then_serialize_11_ v_OUT_LEN #v_Vector re - | _ -> - Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" - - <: - Rust_primitives.Hax.t_Never) - -let compress_then_serialize_ring_element_v - (v_COMPRESSION_FACTOR v_OUT_LEN: usize) +let deserialize_then_decompress_ring_element_v + (v_COMPRESSION_FACTOR: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (out: t_Slice u8) + (serialized: t_Slice u8) = let _:Prims.unit = assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 4) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 5)); - Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) + (v (cast v_COMPRESSION_FACTOR <: u32) == 5)) in - let out, hax_temp_output:(t_Slice u8 & Prims.unit) = + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with - | 4ul -> compress_then_serialize_4_ #v_Vector re out, () <: (t_Slice u8 & Prims.unit) - | 5ul -> compress_then_serialize_5_ #v_Vector re out, () <: (t_Slice u8 & Prims.unit) + | 4ul -> deserialize_then_decompress_4_ #v_Vector serialized + | 5ul -> deserialize_then_decompress_5_ #v_Vector serialized | _ -> - out, Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" <: Rust_primitives.Hax.t_Never) - <: - (t_Slice u8 & Prims.unit) in - out + let _:Prims.unit = admit () (* Panic freedom *) in + result -let deserialize_then_decompress_10_ +let deserialize_to_reduced_ring_element (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (serialized: t_Slice u8) = - let _:Prims.unit = - assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 10) /! sz 8) == 320) - in + let _:Prims.unit = assert (v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT / 24 == 16) in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () in - let v__coefficients_length:usize = - Core.Slice.impl__len #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients <: t_Slice v_Vector) - in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 20) + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 24) serialized (fun re temp_1_ -> let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in @@ -426,7 +288,7 @@ let deserialize_then_decompress_10_ let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let i, bytes:(usize & t_Slice u8) = temp_1_ in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_deserialize_10_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_deserialize_12_ #v_Vector #FStar.Tactics.Typeclasses.solve bytes in @@ -438,9 +300,8 @@ let deserialize_then_decompress_10_ Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re .Libcrux_ml_kem.Polynomial.f_coefficients i - (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector + (Libcrux_ml_kem.Vector.Traits.f_cond_subtract_3329_ #v_Vector #FStar.Tactics.Typeclasses.solve - 10l coefficient <: v_Vector) @@ -450,74 +311,88 @@ let deserialize_then_decompress_10_ in re) in - re + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:Prims.unit = admit () (* Panic freedom *) in + result -let deserialize_then_decompress_11_ +let deserialize_ring_elements_reduced + (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) + (public_key: t_Slice u8) + (deserialized_pk: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) = - let _:Prims.unit = - assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 11) /! sz 8) == 352) - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 22) - serialized - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT + public_key + (fun deserialized_pk temp_1_ -> + let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K = + deserialized_pk + in let _:usize = temp_1_ in true) - re - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let i, bytes:(usize & t_Slice u8) = temp_1_ in - let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_deserialize_11_ #v_Vector - #FStar.Tactics.Typeclasses.solve - bytes - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector - #FStar.Tactics.Typeclasses.solve - 11l - coefficient - <: - v_Vector) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector + deserialized_pk + (fun deserialized_pk temp_1_ -> + let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K = + deserialized_pk in - re) + let i, ring_element:(usize & t_Slice u8) = temp_1_ in + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize deserialized_pk + i + (deserialize_to_reduced_ring_element #v_Vector ring_element + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) in - re + let result:Prims.unit = () <: Prims.unit in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in + deserialized_pk -let deserialize_then_decompress_4_ +let deserialize_ring_elements_reduced_out + (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) + (public_key: t_Slice u8) = - let _:Prims.unit = - assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 4) /! sz 8) == 128) + let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K + (fun v__i -> + let v__i:usize = v__i in + Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + deserialize_ring_elements_reduced v_K #v_Vector public_key deserialized_pk + in + let result:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + deserialized_pk in + let _:Prims.unit = admit () (* Panic freedom *) in + result + +let deserialize_to_uncompressed_ring_element + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (serialized: t_Slice u8) + = + let _:Prims.unit = assert (v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT / 24 == 16) in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 8) + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 24) serialized (fun re temp_1_ -> let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in @@ -527,205 +402,429 @@ let deserialize_then_decompress_4_ (fun re temp_1_ -> let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let i, bytes:(usize & t_Slice u8) = temp_1_ in + { + re with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re + .Libcrux_ml_kem.Polynomial.f_coefficients + i + (Libcrux_ml_kem.Vector.Traits.f_deserialize_12_ #v_Vector + #FStar.Tactics.Typeclasses.solve + bytes + <: + v_Vector) + <: + t_Array v_Vector (sz 16) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + in + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let _:Prims.unit = admit () (* Panic freedom *) in + result + +let compress_then_serialize_10_ + (v_OUT_LEN: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + = + let _:Prims.unit = assert_norm (pow2 10 == 1024) in + let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in + let serialized:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Folds.fold_range (sz 0) + Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT + (fun serialized i -> + let serialized:t_Array u8 v_OUT_LEN = serialized in + let i:usize = i in + v i >= 0 /\ v i <= 16 /\ v i < 16 ==> coefficients_field_modulus_range re) + serialized + (fun serialized i -> + let serialized:t_Array u8 v_OUT_LEN = serialized in + let i:usize = i in + let _:Prims.unit = assert (20 * v i + 20 <= 320) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_deserialize_4_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector #FStar.Tactics.Typeclasses.solve - bytes + 10l + (to_unsigned_field_modulus #v_Vector + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + <: + v_Vector) in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector - #FStar.Tactics.Typeclasses.solve - 4l - coefficient - <: - v_Vector) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector + let bytes:t_Array u8 (sz 20) = + Libcrux_ml_kem.Vector.Traits.f_serialize_10_ #v_Vector + #FStar.Tactics.Typeclasses.solve + coefficient in - re) + let serialized:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ + Core.Ops.Range.f_start = sz 20 *! i <: usize; + Core.Ops.Range.f_end = (sz 20 *! i <: usize) +! sz 20 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 20 *! i <: usize; + Core.Ops.Range.f_end = (sz 20 *! i <: usize) +! sz 20 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (bytes <: t_Slice u8) + <: + t_Slice u8) + in + serialized) in - re + let result:t_Array u8 v_OUT_LEN = serialized in + let _:Prims.unit = admit () (* Panic freedom *) in + result -let deserialize_then_decompress_5_ +#push-options "--admit_smt_queries true" + +let compress_then_serialize_11_ + (v_OUT_LEN: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = - let _:Prims.unit = - assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 5) /! sz 8) == 160) - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () + let serialized:t_Array u8 v_OUT_LEN = Rust_primitives.Hax.repeat 0uy v_OUT_LEN in + let serialized:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Folds.fold_range (sz 0) + Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT + (fun serialized temp_1_ -> + let serialized:t_Array u8 v_OUT_LEN = serialized in + let _:usize = temp_1_ in + true) + serialized + (fun serialized i -> + let serialized:t_Array u8 v_OUT_LEN = serialized in + let i:usize = i in + let coefficient:v_Vector = + Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector + #FStar.Tactics.Typeclasses.solve + 11l + (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + <: + v_Vector) + in + let bytes:t_Array u8 (sz 22) = + Libcrux_ml_kem.Vector.Traits.f_serialize_11_ #v_Vector + #FStar.Tactics.Typeclasses.solve + coefficient + in + let serialized:t_Array u8 v_OUT_LEN = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ + Core.Ops.Range.f_start = sz 22 *! i <: usize; + Core.Ops.Range.f_end = (sz 22 *! i <: usize) +! sz 22 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 22 *! i <: usize; + Core.Ops.Range.f_end = (sz 22 *! i <: usize) +! sz 22 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (bytes <: t_Slice u8) + <: + t_Slice u8) + in + serialized) in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 10) + serialized + +#pop-options + +let compress_then_serialize_4_ + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Slice u8) + = + let _:Prims.unit = assert_norm (pow2 4 == 16) in + let serialized:t_Slice u8 = + Rust_primitives.Hax.Folds.fold_range (sz 0) + Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT + (fun serialized i -> + let serialized:t_Slice u8 = serialized in + let i:usize = i in + v i >= 0 /\ v i <= 16 /\ v i < 16 ==> + (Seq.length serialized == 128 /\ coefficients_field_modulus_range re)) serialized - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + (fun serialized i -> + let serialized:t_Slice u8 = serialized in + let i:usize = i in + let _:Prims.unit = assert (8 * v i + 8 <= 128) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in + let coefficient:v_Vector = + Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector + #FStar.Tactics.Typeclasses.solve + 4l + (to_unsigned_field_modulus #v_Vector + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + <: + v_Vector) + in + let bytes:t_Array u8 (sz 8) = + Libcrux_ml_kem.Vector.Traits.f_serialize_4_ #v_Vector + #FStar.Tactics.Typeclasses.solve + coefficient + in + let serialized:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ + Core.Ops.Range.f_start = sz 8 *! i <: usize; + Core.Ops.Range.f_end = (sz 8 *! i <: usize) +! sz 8 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 8 *! i <: usize; + Core.Ops.Range.f_end = (sz 8 *! i <: usize) +! sz 8 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (bytes <: t_Slice u8) + <: + t_Slice u8) + in + serialized) + in + let result:Prims.unit = () <: Prims.unit in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in + serialized + +#push-options "--admit_smt_queries true" + +let compress_then_serialize_5_ + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Slice u8) + = + let serialized:t_Slice u8 = + Rust_primitives.Hax.Folds.fold_range (sz 0) + Libcrux_ml_kem.Polynomial.v_VECTORS_IN_RING_ELEMENT + (fun serialized temp_1_ -> + let serialized:t_Slice u8 = serialized in let _:usize = temp_1_ in true) - re - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let i, bytes:(usize & t_Slice u8) = temp_1_ in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.f_deserialize_5_ #v_Vector - #FStar.Tactics.Typeclasses.solve - bytes - <: - v_Vector) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector + serialized + (fun serialized i -> + let serialized:t_Slice u8 = serialized in + let i:usize = i in + let coefficients:v_Vector = + Libcrux_ml_kem.Vector.Traits.f_compress #v_Vector + #FStar.Tactics.Typeclasses.solve + 5l + (Libcrux_ml_kem.Vector.Traits.to_unsigned_representative #v_Vector + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + <: + v_Vector) in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector - #FStar.Tactics.Typeclasses.solve - 5l - (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) - <: - v_Vector) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector + let bytes:t_Array u8 (sz 10) = + Libcrux_ml_kem.Vector.Traits.f_serialize_5_ #v_Vector + #FStar.Tactics.Typeclasses.solve + coefficients + in + let serialized:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ + Core.Ops.Range.f_start = sz 10 *! i <: usize; + Core.Ops.Range.f_end = (sz 10 *! i <: usize) +! sz 10 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 10 *! i <: usize; + Core.Ops.Range.f_end = (sz 10 *! i <: usize) +! sz 10 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (bytes <: t_Slice u8) + <: + t_Slice u8) in - re) + serialized) in - re + let hax_temp_output:Prims.unit = () <: Prims.unit in + serialized -let deserialize_then_decompress_message +#pop-options + +let compress_then_serialize_message (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Array u8 (sz 32)) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + let serialized:t_Array u8 (sz 32) = Rust_primitives.Hax.repeat 0uy (sz 32) in + let serialized:t_Array u8 (sz 32) = Rust_primitives.Hax.Folds.fold_range (sz 0) (sz 16) - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let _:usize = temp_1_ in - true) - re - (fun re i -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + (fun serialized i -> + let serialized:t_Array u8 (sz 32) = serialized in + let i:usize = i in + v i < 16 ==> coefficients_field_modulus_range re) + serialized + (fun serialized i -> + let serialized:t_Array u8 (sz 32) = serialized in let i:usize = i in + let _:Prims.unit = assert (2 * v i + 2 <= 32) in + let _:Prims.unit = + reveal_opaque (`%coefficients_field_modulus_range) + (coefficients_field_modulus_range #v_Vector) + in + let coefficient:v_Vector = + to_unsigned_field_modulus #v_Vector + (re.Libcrux_ml_kem.Polynomial.f_coefficients.[ i ] <: v_Vector) + in let coefficient_compressed:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_deserialize_1_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_compress_1_ #v_Vector #FStar.Tactics.Typeclasses.solve - (serialized.[ { - Core.Ops.Range.f_start = sz 2 *! i <: usize; - Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize - } - <: - Core.Ops.Range.t_Range usize ] + coefficient + in + let bytes:t_Array u8 (sz 2) = + Libcrux_ml_kem.Vector.Traits.f_serialize_1_ #v_Vector + #FStar.Tactics.Typeclasses.solve + coefficient_compressed + in + let serialized:t_Array u8 (sz 32) = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range serialized + ({ + Core.Ops.Range.f_start = sz 2 *! i <: usize; + Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (serialized.[ { + Core.Ops.Range.f_start = sz 2 *! i <: usize; + Core.Ops.Range.f_end = (sz 2 *! i <: usize) +! sz 2 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (bytes <: t_Slice u8) <: t_Slice u8) in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.decompress_1_ #v_Vector coefficient_compressed - <: - v_Vector) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector - in - re) + serialized) in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in + let result:t_Array u8 (sz 32) = serialized in let _:Prims.unit = admit () (* Panic freedom *) in result -let deserialize_then_decompress_ring_element_u - (v_COMPRESSION_FACTOR: usize) +let compress_then_serialize_ring_element_u + (v_COMPRESSION_FACTOR v_OUT_LEN: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) = let _:Prims.unit = assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 10) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 11)) + (v (cast v_COMPRESSION_FACTOR <: u32) == 11)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) in - match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with - | 10ul -> deserialize_then_decompress_10_ #v_Vector serialized - | 11ul -> deserialize_then_decompress_11_ #v_Vector serialized - | _ -> - Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" + let result:t_Array u8 v_OUT_LEN = + match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with + | 10ul -> compress_then_serialize_10_ v_OUT_LEN #v_Vector re + | 11ul -> compress_then_serialize_11_ v_OUT_LEN #v_Vector re + | _ -> + Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" - <: - Rust_primitives.Hax.t_Never) + <: + Rust_primitives.Hax.t_Never) + in + let _:Prims.unit = admit () (* Panic freedom *) in + result -let deserialize_then_decompress_ring_element_v - (v_COMPRESSION_FACTOR: usize) +let compress_then_serialize_ring_element_v + (v_COMPRESSION_FACTOR v_OUT_LEN: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (out: t_Slice u8) = let _:Prims.unit = assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 4) \/ - (v (cast v_COMPRESSION_FACTOR <: u32) == 5)) + (v (cast v_COMPRESSION_FACTOR <: u32) == 5)); + Rust_primitives.Integers.mk_int_equiv_lemma #usize_inttype (v v_COMPRESSION_FACTOR) in - match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with - | 4ul -> deserialize_then_decompress_4_ #v_Vector serialized - | 5ul -> deserialize_then_decompress_5_ #v_Vector serialized - | _ -> - Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" + let out, result:(t_Slice u8 & Prims.unit) = + match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with + | 4ul -> compress_then_serialize_4_ #v_Vector re out, () <: (t_Slice u8 & Prims.unit) + | 5ul -> compress_then_serialize_5_ #v_Vector re out, () <: (t_Slice u8 & Prims.unit) + | _ -> + out, + Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" - <: - Rust_primitives.Hax.t_Never) + <: + Rust_primitives.Hax.t_Never) + <: + (t_Slice u8 & Prims.unit) + in + let _:Prims.unit = admit () (* Panic freedom *) in + let hax_temp_output:Prims.unit = result in + out -let deserialize_to_reduced_ring_element +let deserialize_then_decompress_10_ (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (serialized: t_Slice u8) = - let _:Prims.unit = assert (v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT / 24 == 16) in + let _:Prims.unit = + assert (v ((Libcrux_ml_kem.Constants.v_COEFFICIENTS_IN_RING_ELEMENT *! sz 10) /! sz 8) == 320) + in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () in + let v__coefficients_length:usize = + Core.Slice.impl__len #v_Vector (re.Libcrux_ml_kem.Polynomial.f_coefficients <: t_Slice v_Vector) + in let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 24) + Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 20) serialized (fun re temp_1_ -> let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in @@ -736,7 +835,7 @@ let deserialize_to_reduced_ring_element let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in let i, bytes:(usize & t_Slice u8) = temp_1_ in let coefficient:v_Vector = - Libcrux_ml_kem.Vector.Traits.f_deserialize_12_ #v_Vector + Libcrux_ml_kem.Vector.Traits.f_deserialize_10_ #v_Vector #FStar.Tactics.Typeclasses.solve bytes in @@ -748,8 +847,9 @@ let deserialize_to_reduced_ring_element Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re .Libcrux_ml_kem.Polynomial.f_coefficients i - (Libcrux_ml_kem.Vector.Traits.f_cond_subtract_3329_ #v_Vector + (Libcrux_ml_kem.Vector.Traits.f_decompress_ciphertext_coefficient #v_Vector #FStar.Tactics.Typeclasses.solve + 10l coefficient <: v_Vector) @@ -759,115 +859,33 @@ let deserialize_to_reduced_ring_element in re) in - let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let _:Prims.unit = admit () (* Panic freedom *) in - result + re -let deserialize_ring_elements_reduced - (v_K: usize) +let deserialize_then_decompress_ring_element_u + (v_COMPRESSION_FACTOR: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (public_key: t_Slice u8) - (deserialized_pk: t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + (serialized: t_Slice u8) = - let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT - public_key - (fun deserialized_pk temp_1_ -> - let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - v_K = - deserialized_pk - in - let _:usize = temp_1_ in - true) - deserialized_pk - (fun deserialized_pk temp_1_ -> - let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - v_K = - deserialized_pk - in - let i, ring_element:(usize & t_Slice u8) = temp_1_ in - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize deserialized_pk - i - (deserialize_to_reduced_ring_element #v_Vector ring_element - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - <: - t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K) + let _:Prims.unit = + assert ((v (cast v_COMPRESSION_FACTOR <: u32) == 10) \/ + (v (cast v_COMPRESSION_FACTOR <: u32) == 11)) in - let hax_temp_output:Prims.unit = () <: Prims.unit in - deserialized_pk + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + match cast (v_COMPRESSION_FACTOR <: usize) <: u32 with + | 10ul -> deserialize_then_decompress_10_ #v_Vector serialized + | 11ul -> deserialize_then_decompress_11_ #v_Vector serialized + | _ -> + Rust_primitives.Hax.never_to_any (Core.Panicking.panic "internal error: entered unreachable code" -let deserialize_ring_elements_reduced_out - (v_K: usize) - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (public_key: t_Slice u8) - = - let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - Core.Array.from_fn #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - v_K - (fun v__i -> - let v__i:usize = v__i in - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - let deserialized_pk:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - deserialize_ring_elements_reduced v_K #v_Vector public_key deserialized_pk - in - let result:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = - deserialized_pk + Rust_primitives.Hax.t_Never) in let _:Prims.unit = admit () (* Panic freedom *) in result -let deserialize_to_uncompressed_ring_element - (#v_Vector: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: - Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) - (serialized: t_Slice u8) - = - let _:Prims.unit = assert (v Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT / 24 == 16) in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Libcrux_ml_kem.Polynomial.impl_2__ZERO #v_Vector () - in - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = - Rust_primitives.Hax.Folds.fold_enumerated_chunked_slice (sz 24) - serialized - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let _:usize = temp_1_ in - true) - re - (fun re temp_1_ -> - let re:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = re in - let i, bytes:(usize & t_Slice u8) = temp_1_ in - { - re with - Libcrux_ml_kem.Polynomial.f_coefficients - = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize re - .Libcrux_ml_kem.Polynomial.f_coefficients - i - (Libcrux_ml_kem.Vector.Traits.f_deserialize_12_ #v_Vector - #FStar.Tactics.Typeclasses.solve - bytes - <: - v_Vector) - <: - t_Array v_Vector (sz 16) - } - <: - Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - in - re - let serialize_uncompressed_ring_element (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti index 129fd3ced..415926dbf 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Serialize.fsti @@ -38,89 +38,6 @@ val to_unsigned_field_modulus v (Seq.index (Libcrux_ml_kem.Vector.Traits.f_to_i16_array result) i) < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) -val compress_then_serialize_10_ - (v_OUT_LEN: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 v_OUT_LEN) - (requires v v_OUT_LEN == 320 /\ coefficients_field_modulus_range re) - (fun _ -> Prims.l_True) - -val compress_then_serialize_11_ - (v_OUT_LEN: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 v_OUT_LEN) Prims.l_True (fun _ -> Prims.l_True) - -val compress_then_serialize_4_ - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (serialized: t_Slice u8) - : Prims.Pure (t_Slice u8) - (requires Seq.length serialized == 128 /\ coefficients_field_modulus_range re) - (ensures - fun serialized_future -> - let serialized_future:t_Slice u8 = serialized_future in - Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) - -val compress_then_serialize_5_ - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (serialized: t_Slice u8) - : Prims.Pure (t_Slice u8) - (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 160) - (ensures - fun serialized_future -> - let serialized_future:t_Slice u8 = serialized_future in - Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) - -val compress_then_serialize_message - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 (sz 32)) - (requires coefficients_field_modulus_range re) - (fun _ -> Prims.l_True) - -val compress_then_serialize_ring_element_u - (v_COMPRESSION_FACTOR v_OUT_LEN: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - : Prims.Pure (t_Array u8 v_OUT_LEN) - (requires - (v v_COMPRESSION_FACTOR == 10 \/ v v_COMPRESSION_FACTOR == 11) /\ - v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ coefficients_field_modulus_range re) - (fun _ -> Prims.l_True) - -val compress_then_serialize_ring_element_v - (v_COMPRESSION_FACTOR v_OUT_LEN: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (out: t_Slice u8) - : Prims.Pure (t_Slice u8) - (requires - (v v_COMPRESSION_FACTOR == 4 \/ v v_COMPRESSION_FACTOR == 5) /\ - v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ Seq.length out == v v_OUT_LEN /\ - coefficients_field_modulus_range re) - (ensures - fun out_future -> - let out_future:t_Slice u8 = out_future in - Core.Slice.impl__len #u8 out_future == Core.Slice.impl__len #u8 out) - -val deserialize_then_decompress_10_ - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (serialized: t_Slice u8) - : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 320) - (fun _ -> Prims.l_True) - val deserialize_then_decompress_11_ (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} @@ -151,18 +68,11 @@ val deserialize_then_decompress_message (serialized: t_Array u8 (sz 32)) : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) Prims.l_True - (fun _ -> Prims.l_True) - -val deserialize_then_decompress_ring_element_u - (v_COMPRESSION_FACTOR: usize) - (#v_Vector: Type0) - {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - (serialized: t_Slice u8) - : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) - (requires - (v_COMPRESSION_FACTOR =. sz 10 || v_COMPRESSION_FACTOR =. sz 11) && - (Core.Slice.impl__len #u8 serialized <: usize) =. (sz 32 *! v_COMPRESSION_FACTOR <: usize)) - (fun _ -> Prims.l_True) + (ensures + fun result -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector result == + Spec.MLKEM.decode_then_decompress_message serialized) val deserialize_then_decompress_ring_element_v (v_COMPRESSION_FACTOR: usize) @@ -173,7 +83,11 @@ val deserialize_then_decompress_ring_element_v (requires (v_COMPRESSION_FACTOR =. sz 4 || v_COMPRESSION_FACTOR =. sz 5) && (Core.Slice.impl__len #u8 serialized <: usize) =. (sz 32 *! v_COMPRESSION_FACTOR <: usize)) - (fun _ -> Prims.l_True) + (ensures + fun result -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector result == + Spec.MLKEM.decode_then_decompress_v v_COMPRESSION_FACTOR serialized) /// Only use with public values. /// This MUST NOT be used with secret inputs, like its caller `deserialize_ring_elements_reduced`. @@ -198,7 +112,14 @@ val deserialize_ring_elements_reduced (requires Spec.MLKEM.is_rank v_K /\ Seq.length public_key == v (Spec.MLKEM.v_T_AS_NTT_ENCODED_SIZE v_K)) - (fun _ -> Prims.l_True) + (ensures + fun deserialized_pk_future -> + let deserialized_pk_future:t_Array + (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + deserialized_pk_future + in + Libcrux_ml_kem.Polynomial.to_spec_vector_t #v_K #v_Vector deserialized_pk_future == + Spec.MLKEM.vector_decode_12 #v_K public_key) /// This function deserializes ring elements and reduces the result by the field /// modulus. @@ -227,12 +148,131 @@ val deserialize_to_uncompressed_ring_element (requires (Core.Slice.impl__len #u8 serialized <: usize) =. Libcrux_ml_kem.Constants.v_BYTES_PER_RING_ELEMENT) + (ensures + fun result -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector result == + Spec.MLKEM.byte_decode 12 serialized) + +val compress_then_serialize_10_ + (v_OUT_LEN: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + : Prims.Pure (t_Array u8 v_OUT_LEN) + (requires v v_OUT_LEN == 320 /\ coefficients_field_modulus_range re) (fun _ -> Prims.l_True) +val compress_then_serialize_11_ + (v_OUT_LEN: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + : Prims.Pure (t_Array u8 v_OUT_LEN) Prims.l_True (fun _ -> Prims.l_True) + +val compress_then_serialize_4_ + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Slice u8) + : Prims.Pure (t_Slice u8) + (requires Seq.length serialized == 128 /\ coefficients_field_modulus_range re) + (ensures + fun serialized_future -> + let serialized_future:t_Slice u8 = serialized_future in + Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) + +val compress_then_serialize_5_ + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (serialized: t_Slice u8) + : Prims.Pure (t_Slice u8) + (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 160) + (ensures + fun serialized_future -> + let serialized_future:t_Slice u8 = serialized_future in + Core.Slice.impl__len #u8 serialized_future == Core.Slice.impl__len #u8 serialized) + +val compress_then_serialize_message + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + : Prims.Pure (t_Array u8 (sz 32)) + (requires coefficients_field_modulus_range re) + (ensures + fun result -> + let result:t_Array u8 (sz 32) = result in + result == + Spec.MLKEM.compress_then_encode_message (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector + re)) + +val compress_then_serialize_ring_element_u + (v_COMPRESSION_FACTOR v_OUT_LEN: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + : Prims.Pure (t_Array u8 v_OUT_LEN) + (requires + (v v_COMPRESSION_FACTOR == 10 \/ v v_COMPRESSION_FACTOR == 11) /\ + v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ coefficients_field_modulus_range re) + (ensures + fun result -> + let result:t_Array u8 v_OUT_LEN = result in + result == + Spec.MLKEM.compress_then_byte_encode (v v_COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re)) + +val compress_then_serialize_ring_element_v + (v_COMPRESSION_FACTOR v_OUT_LEN: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) + (requires + (v v_COMPRESSION_FACTOR == 4 \/ v v_COMPRESSION_FACTOR == 5) /\ + v v_OUT_LEN == 32 * v v_COMPRESSION_FACTOR /\ Seq.length out == v v_OUT_LEN /\ + coefficients_field_modulus_range re) + (ensures + fun out_future -> + let out_future:t_Slice u8 = out_future in + Core.Slice.impl__len #u8 out_future == Core.Slice.impl__len #u8 out /\ + out_future == + Spec.MLKEM.compress_then_encode_v v_COMPRESSION_FACTOR + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re)) + +val deserialize_then_decompress_10_ + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (serialized: t_Slice u8) + : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (requires (Core.Slice.impl__len #u8 serialized <: usize) =. sz 320) + (fun _ -> Prims.l_True) + +val deserialize_then_decompress_ring_element_u + (v_COMPRESSION_FACTOR: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (serialized: t_Slice u8) + : Prims.Pure (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (requires + (v_COMPRESSION_FACTOR =. sz 10 || v_COMPRESSION_FACTOR =. sz 11) && + (Core.Slice.impl__len #u8 serialized <: usize) =. (sz 32 *! v_COMPRESSION_FACTOR <: usize)) + (ensures + fun result -> + let result:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = result in + Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector result == + Spec.MLKEM.byte_decode_then_decompress (v v_COMPRESSION_FACTOR) serialized) + val serialize_uncompressed_ring_element (#v_Vector: Type0) {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} (re: Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) : Prims.Pure (t_Array u8 (sz 384)) (requires coefficients_field_modulus_range re) - (fun _ -> Prims.l_True) + (ensures + fun result -> + let result:t_Array u8 (sz 384) = result in + result == + Spec.MLKEM.byte_encode 12 (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector re)) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Variant.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Variant.fsti index 943518133..0d74da846 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Variant.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Variant.fsti @@ -80,9 +80,13 @@ class t_Variant (v_Self: Type0) = { v_K: usize -> #v_Hasher: Type0 -> {| i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} -> - t_Slice u8 -> - t_Array u8 (sz 64) - -> Type0; + seed: t_Slice u8 -> + res: t_Array u8 (sz 64) + -> pred: + Type0 + { pred ==> + Seq.length seed == 32 ==> + res == Spec.Utils.v_G (Seq.append seed (Seq.create 1 (cast v_K <: u8))) }; f_cpa_keygen_seed: v_K: usize -> #v_Hasher: Type0 -> @@ -194,9 +198,10 @@ let impl: t_Variant t_MlKem = i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) (key_generation_seed: t_Slice u8) - (out: t_Array u8 (sz 64)) + (res: t_Array u8 (sz 64)) -> - true); + Seq.length key_generation_seed == 32 ==> + res == Spec.Utils.v_G (Seq.append key_generation_seed (Seq.create 1 (cast v_K <: u8)))); f_cpa_keygen_seed = fun @@ -236,6 +241,12 @@ let impl: t_Variant t_MlKem = Libcrux_ml_kem.Constants.v_CPA_PKE_KEY_GENERATION_SEED_SIZE (cast (v_K <: usize) <: u8) in + let _:Prims.unit = + Lib.Sequence.eq_intro #u8 + #33 + seed + (Seq.append key_generation_seed (Seq.create 1 (cast v_K <: u8))) + in Libcrux_ml_kem.Hash_functions.f_G #v_Hasher #v_K #FStar.Tactics.Typeclasses.solve diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst index 8bda725bd..aa963a309 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fst @@ -17,10 +17,43 @@ let compress_ciphertext_coefficient (coefficient_bits: u8) (fe: u16) = let compress_message_coefficient (fe: u16) = let (shifted: i16):i16 = 1664s -! (cast (fe <: u16) <: i16) in + let _:Prims.unit = assert (v shifted == 1664 - v fe) in let mask:i16 = shifted >>! 15l in + let _:Prims.unit = + assert (v mask = v shifted / pow2 15); + assert (if v shifted < 0 then mask = ones else mask = zero) + in let shifted_to_positive:i16 = mask ^. shifted in + let _:Prims.unit = + logxor_lemma shifted mask; + assert (v shifted < 0 ==> v shifted_to_positive = v (lognot shifted)); + neg_equiv_lemma shifted; + assert (v (lognot shifted) = - (v shifted) - 1); + assert (v shifted >= 0 ==> v shifted_to_positive = v (mask `logxor` shifted)); + assert (v shifted >= 0 ==> mask = zero); + assert (v shifted >= 0 ==> mask ^. shifted = shifted); + assert (v shifted >= 0 ==> v shifted_to_positive = v shifted); + assert (shifted_to_positive >=. mk_i16 0) + in let shifted_positive_in_range:i16 = shifted_to_positive -! 832s in - cast ((shifted_positive_in_range >>! 15l <: i16) &. 1s <: i16) <: u8 + let _:Prims.unit = + assert (1664 - v fe >= 0 ==> v shifted_positive_in_range == 832 - v fe); + assert (1664 - v fe < 0 ==> v shifted_positive_in_range == - 2497 + v fe) + in + let r0:i16 = shifted_positive_in_range >>! 15l in + let (r1: i16):i16 = r0 &. 1s in + let res:u8 = cast (r1 <: i16) <: u8 in + let _:Prims.unit = + assert (v r0 = v shifted_positive_in_range / pow2 15); + assert (if v shifted_positive_in_range < 0 then r0 = ones else r0 = zero); + logand_lemma (mk_i16 1) r0; + assert (if v shifted_positive_in_range < 0 then r1 = mk_i16 1 else r1 = mk_i16 0); + assert ((v fe >= 833 && v fe <= 2496) ==> r1 = mk_i16 1); + assert (v fe < 833 ==> r1 = mk_i16 0); + assert (v fe > 2496 ==> r1 = mk_i16 0); + assert (v res = v r1) + in + res #push-options "--fuel 0 --ifuel 0 --z3rlimit 2000" @@ -30,7 +63,8 @@ let compress = let _:Prims.unit = assert (v (cast (v_COEFFICIENT_BITS) <: u8) == v v_COEFFICIENT_BITS); - assert (v (cast (v_COEFFICIENT_BITS) <: u32) == v v_COEFFICIENT_BITS) + assert (v (cast (v_COEFFICIENT_BITS) <: u32) == v v_COEFFICIENT_BITS); + assert (v (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) <: u16) == 3329) in let _:Prims.unit = assert (forall (i: nat). @@ -163,35 +197,76 @@ let compress_1_ (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) #pop-options +#push-options "--z3rlimit 300 --ext context_pruning" + let decompress_ciphertext_coefficient (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) = - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + let _:Prims.unit = + assert_norm (pow2 1 == 2); + assert_norm (pow2 4 == 16); + assert_norm (pow2 5 == 32); + assert_norm (pow2 10 == 1024); + assert_norm (pow2 11 == 2048) + in + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = Rust_primitives.Hax.Folds.fold_range (sz 0) Libcrux_ml_kem.Vector.Traits.v_FIELD_ELEMENTS_IN_VECTOR - (fun v temp_1_ -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in - let _:usize = temp_1_ in - true) - v - (fun v i -> - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = v in + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in let i:usize = i in + (v i < 16 ==> + (forall (j: nat). + (j >= v i /\ j < 16) ==> + v (Seq.index a.f_elements j) >= 0 /\ + v (Seq.index a.f_elements j) < pow2 (v v_COEFFICIENT_BITS))) /\ + (forall (j: nat). + j < v i ==> + v (Seq.index a.f_elements j) < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS)) + a + (fun a i -> + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = a in + let i:usize = i in + let _:Prims.unit = + assert (v (a.f_elements.[ i ] <: i16) < pow2 11); + assert (v (a.f_elements.[ i ] <: i16) == v (cast (a.f_elements.[ i ] <: i16) <: i32)); + assert (v (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS <: i16) == + v (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS <: i16) <: i32)); + assert (v ((cast (a.f_elements.[ i ] <: i16) <: i32) *! + (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS <: i16) <: i32)) == + v (cast (a.f_elements.[ i ] <: i16) <: i32) * + v (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS <: i16) <: i32)) + in let decompressed:i32 = - (cast (v.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] <: i16) <: i32) *! + (cast (a.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i ] <: i16) <: i32) *! (cast (Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS <: i16) <: i32) in + let _:Prims.unit = + assert (v (decompressed <>! (v_COEFFICIENT_BITS +! mk_i32 1 <: i32)) == + v decompressed / pow2 (v v_COEFFICIENT_BITS + 1)) + in let decompressed:i32 = decompressed >>! (v_COEFFICIENT_BITS +! 1l <: i32) in - let v:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + let _:Prims.unit = + assert (v decompressed < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS); + assert (v (cast decompressed <: i16) < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) + in + let a:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = { - v with + a with Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements = - Rust_primitives.Hax.Monomorphized_update_at.update_at_usize v + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize a .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements i (cast (decompressed <: i32) <: i16) @@ -199,6 +274,8 @@ let decompress_ciphertext_coefficient <: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector in - v) + a) in - v + a + +#pop-options diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti index 938330976..cdba6253e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.Compress.fsti @@ -36,11 +36,11 @@ val compress_message_coefficient (fe: u16) (ensures fun result -> let result:u8 = result in - Hax_lib.implies ((833us <=. fe <: bool) && (fe <=. 2596us <: bool)) + Hax_lib.implies ((833us <=. fe <: bool) && (fe <=. 2496us <: bool)) (fun temp_0_ -> let _:Prims.unit = temp_0_ in result =. 1uy <: bool) && - Hax_lib.implies (~.((833us <=. fe <: bool) && (fe <=. 2596us <: bool)) <: bool) + Hax_lib.implies (~.((833us <=. fe <: bool) && (fe <=. 2496us <: bool)) <: bool) (fun temp_0_ -> let _:Prims.unit = temp_0_ in result =. 0uy <: bool)) @@ -76,7 +76,18 @@ val compress_1_ (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) val decompress_ciphertext_coefficient (v_COEFFICIENT_BITS: i32) - (v: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (a: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) : Prims.Pure Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector - Prims.l_True - (fun _ -> Prims.l_True) + (requires + (v v_COEFFICIENT_BITS == 4 \/ v v_COEFFICIENT_BITS == 5 \/ v v_COEFFICIENT_BITS == 10 \/ + v v_COEFFICIENT_BITS == 11) /\ + (forall (i: nat). + i < 16 ==> + v (Seq.index a.f_elements i) >= 0 /\ + v (Seq.index a.f_elements i) < pow2 (v v_COEFFICIENT_BITS))) + (ensures + fun result -> + let result:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = result in + forall (i: nat). + i < 16 ==> + v (Seq.index result.f_elements i) < v Libcrux_ml_kem.Vector.Traits.v_FIELD_MODULUS) diff --git a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst index 571e879fb..dc97bb645 100644 --- a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst +++ b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.Math.fst @@ -107,6 +107,7 @@ let poly_ntt_layer (p:polynomial) (l:nat{l > 0 /\ l < 8}) : polynomial = #pop-options val poly_ntt: polynomial -> polynomial +[@ "opaque_to_smt"] let poly_ntt p = let p = poly_ntt_layer p 7 in let p = poly_ntt_layer p 6 in @@ -184,6 +185,7 @@ val vector_dot_product_ntt: #r:rank -> vector r -> vector r -> polynomial let vector_dot_product_ntt a b = vector_sum (vector_mul_ntt a b) val matrix_transpose: #r:rank -> matrix r -> matrix r +[@ "opaque_to_smt"] let matrix_transpose #r m = createi r (fun i -> createi r (fun j -> @@ -194,6 +196,7 @@ let matrix_vector_mul_ntt #r m v = createi r (fun i -> vector_dot_product_ntt m.[i] v) val compute_As_plus_e_ntt: #r:rank -> a:matrix r -> s:vector r -> e:vector r -> vector r +[@ "opaque_to_smt"] let compute_As_plus_e_ntt #p a s e = vector_add (matrix_vector_mul_ntt a s) e @@ -235,12 +238,13 @@ let decompress_d (d: dT {d <> 12}) (x: field_element_d d): field_element = let r = (x * v v_FIELD_MODULUS + 1664) / pow2 d in r - +[@ "opaque_to_smt"] let byte_encode (d: dT) (coefficients: polynomial_d d): t_Array u8 (sz (32 * d)) = let coefficients' : t_Array nat (sz 256) = map_array #(field_element_d d) (fun x -> x <: nat) coefficients in bits_to_bytes #(sz (32 * d)) (retype_bit_vector (bit_vec_of_nat_array coefficients' d)) +[@ "opaque_to_smt"] let byte_decode (d: dT) (coefficients: t_Array u8 (sz (32 * d))): polynomial_d d = let bv = bytes_to_bits coefficients in let arr: t_Array nat (sz 256) = bit_vec_to_nat_array d (retype_bit_vector bv) in @@ -256,11 +260,13 @@ let byte_decode (d: dT) (coefficients: t_Array u8 (sz (32 * d))): polynomial_d d let coerce_polynomial_12 (p:polynomial): polynomial_d 12 = p let coerce_vector_12 (#r:rank) (v:vector r): vector_d r 12 = v +[@ "opaque_to_smt"] let compress_then_byte_encode (d: dT {d <> 12}) (coefficients: polynomial): t_Array u8 (sz (32 * d)) = let coefs: t_Array (field_element_d d) (sz 256) = map_array (compress_d d) coefficients in byte_encode d coefs +[@ "opaque_to_smt"] let byte_decode_then_decompress (d: dT {d <> 12}) (b:t_Array u8 (sz (32 * d))): polynomial = map_array (decompress_d d) (byte_decode d b) diff --git a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.fst b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.fst index 07c9216ae..7defc385c 100644 --- a/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.fst +++ b/libcrux-ml-kem/proofs/fstar/spec/Spec.MLKEM.fst @@ -28,7 +28,10 @@ val v_ETA1 (r:rank) : u:usize{u == sz 3 \/ u == sz 2} let v_ETA1 (r:rank) : usize = if r = sz 2 then sz 3 else if r = sz 3 then sz 2 else - if r = sz 4 then sz 2 + if r = sz 4 then sz 2 else ( + assert (false); + sz 0) + let v_ETA2 (r:rank) : usize = sz 2 @@ -135,6 +138,7 @@ let sample_polynomial_ntt_at_index (seed:t_Array u8 (sz 32)) (i j: (x:usize{v x sample_polynomial_ntt seed34 val sample_matrix_A_ntt: #r:rank -> seed:t_Array u8 (sz 32) -> (matrix r & bool) +[@ "opaque_to_smt"] let sample_matrix_A_ntt #r seed = let m = createi r (fun i -> @@ -159,18 +163,29 @@ let sample_poly_cbd2 #r seed domain_sep = let prf_output = v_PRF (v_ETA2_RANDOMNESS_SIZE r) prf_input in sample_poly_cbd (v_ETA2 r) prf_output -val sample_poly_cbd1: #r:rank -> seed:t_Array u8 (sz 32) -> domain_sep:usize{v domain_sep < 256} -> polynomial -let sample_poly_cbd1 #r seed domain_sep = - let prf_input = Seq.append seed (Seq.create 1 (mk_int #u8_inttype (v domain_sep))) in - let prf_output = v_PRF (v_ETA1_RANDOMNESS_SIZE r) prf_input in - sample_poly_cbd (v_ETA1 r) prf_output +let sample_vector_cbd1_prf_input (#r:rank) (seed:t_Array u8 (sz 32)) (domain_sep:usize{v domain_sep < 2 * v r}) (i:usize{i <. r}) : t_Array u8 (sz 33) = + Seq.append seed (Seq.create 1 (mk_int #u8_inttype (v domain_sep + v i))) + +let sample_vector_cbd1_prf_output (#r:rank) (prf_output:t_Array (t_Array u8 (v_ETA1_RANDOMNESS_SIZE r)) r) (i:usize{i <. r}) : polynomial = + sample_poly_cbd (v_ETA1 r) prf_output.[i] let sample_vector_cbd1 (#r:rank) (seed:t_Array u8 (sz 32)) (domain_sep:usize{v domain_sep < 2 * v r}) : vector r = - createi r (fun i -> sample_poly_cbd1 #r seed (domain_sep +! i)) + let prf_input = createi r (sample_vector_cbd1_prf_input #r seed domain_sep) in + let prf_output = v_PRFxN r (v_ETA1_RANDOMNESS_SIZE r) prf_input in + createi r (sample_vector_cbd1_prf_output #r prf_output) + +let sample_vector_cbd2_prf_input (#r:rank) (seed:t_Array u8 (sz 32)) (domain_sep:usize{v domain_sep < 2 * v r}) (i:usize{i <. r}) : t_Array u8 (sz 33) = + Seq.append seed (Seq.create 1 (mk_int #u8_inttype (v domain_sep + v i))) + +let sample_vector_cbd2_prf_output (#r:rank) (prf_output:t_Array (t_Array u8 (v_ETA2_RANDOMNESS_SIZE r)) r) (i:usize{i <. r}) : polynomial = + sample_poly_cbd (v_ETA2 r) prf_output.[i] let sample_vector_cbd2 (#r:rank) (seed:t_Array u8 (sz 32)) (domain_sep:usize{v domain_sep < 2 * v r}) : vector r = - createi r (fun i -> sample_poly_cbd2 #r seed (domain_sep +! i)) + let prf_input = createi r (sample_vector_cbd2_prf_input #r seed domain_sep) in + let prf_output = v_PRFxN r (v_ETA2_RANDOMNESS_SIZE r) prf_input in + createi r (sample_vector_cbd2_prf_output #r prf_output) +[@ "opaque_to_smt"] let sample_vector_cbd_then_ntt (#r:rank) (seed:t_Array u8 (sz 32)) (domain_sep:usize{v domain_sep < 2 * v r}) : vector r = vector_ntt (sample_vector_cbd1 #r seed domain_sep) @@ -205,14 +220,25 @@ let decode_then_decompress_u (#r:rank) (arr: t_Array u8 (v_C1_SIZE r)): vector r byte_decode_then_decompress (v d) slice ) -let compress_then_encode_v (#r:rank): polynomial -> t_Array u8 (v_C2_SIZE r) - = compress_then_byte_encode (v (v_VECTOR_V_COMPRESSION_FACTOR r)) +let compress_then_encode_v (u:usize{u == sz 4 \/ u == sz 5}): polynomial -> t_Array u8 (sz 32 *! u) + = compress_then_byte_encode (v u) -let decode_then_decompress_v (#r:rank): t_Array u8 (v_C2_SIZE r) -> polynomial - = byte_decode_then_decompress (v (v_VECTOR_V_COMPRESSION_FACTOR r)) +let decode_then_decompress_v (u:usize{u == sz 4 \/ u == sz 5}): t_Array u8 (sz 32 *! u) -> polynomial + = byte_decode_then_decompress (v u) (** IND-CPA Functions *) +val ind_cpa_generate_keypair_unpacked (r:rank) (randomness:t_Array u8 v_CPA_KEY_GENERATION_SEED_SIZE) : + ((((vector r) & (t_Array u8 (sz 32))) & (vector r)) & bool) +let ind_cpa_generate_keypair_unpacked r randomness = + let hashed = v_G (Seq.append randomness (Seq.create 1 (cast r <: u8))) in + let (seed_for_A, seed_for_secret_and_error) = split hashed (sz 32) in + let (matrix_A_as_ntt, sufficient_randomness) = sample_matrix_A_ntt #r seed_for_A in + let secret_as_ntt = sample_vector_cbd_then_ntt #r seed_for_secret_and_error (sz 0) in + let error_as_ntt = sample_vector_cbd_then_ntt #r seed_for_secret_and_error r in + let t_as_ntt = compute_As_plus_e_ntt #r matrix_A_as_ntt secret_as_ntt error_as_ntt in + (((t_as_ntt,seed_for_A), secret_as_ntt), sufficient_randomness) + /// This function implements most of Algorithm 12 of the /// NIST FIPS 203 specification; this is the MLKEM CPA-PKE key generation algorithm. /// @@ -223,16 +249,30 @@ let decode_then_decompress_v (#r:rank): t_Array u8 (v_C2_SIZE r) -> polynomial val ind_cpa_generate_keypair (r:rank) (randomness:t_Array u8 v_CPA_KEY_GENERATION_SEED_SIZE) : (t_MLKEMCPAKeyPair r & bool) let ind_cpa_generate_keypair r randomness = - let hashed = v_G randomness in - let (seed_for_A, seed_for_secret_and_error) = split hashed (sz 32) in - let (matrix_A_as_ntt, sufficient_randomness) = sample_matrix_A_ntt #r seed_for_A in - let secret_as_ntt = sample_vector_cbd_then_ntt #r seed_for_secret_and_error (sz 0) in - let error_as_ntt = sample_vector_cbd_then_ntt #r seed_for_secret_and_error r in - let t_as_ntt = compute_As_plus_e_ntt #r matrix_A_as_ntt secret_as_ntt error_as_ntt in + let (((t_as_ntt,seed_for_A), secret_as_ntt), sufficient_randomness) = + ind_cpa_generate_keypair_unpacked r randomness in let public_key_serialized = Seq.append (vector_encode_12 #r t_as_ntt) seed_for_A in let secret_key_serialized = vector_encode_12 #r secret_as_ntt in ((secret_key_serialized,public_key_serialized), sufficient_randomness) +val ind_cpa_encrypt_unpacked (r:rank) + (message: t_Array u8 v_SHARED_SECRET_SIZE) + (randomness:t_Array u8 v_SHARED_SECRET_SIZE) + (t_as_ntt:vector r) + (matrix_A_as_ntt:matrix r) : + t_MLKEMCiphertext r + +let ind_cpa_encrypt_unpacked r message randomness t_as_ntt matrix_A_as_ntt = + let r_as_ntt = sample_vector_cbd_then_ntt #r randomness (sz 0) in + let error_1 = sample_vector_cbd2 #r randomness r in + let error_2 = sample_poly_cbd2 #r randomness (r +! r) in + let u = vector_add (vector_inv_ntt (matrix_vector_mul_ntt matrix_A_as_ntt r_as_ntt)) error_1 in + let mu = decode_then_decompress_message message in + let v = poly_add (poly_add (vector_dot_product_ntt t_as_ntt r_as_ntt) error_2) mu in + let c1 = compress_then_encode_u #r u in + let c2 = compress_then_encode_v (v_VECTOR_V_COMPRESSION_FACTOR r) v in + concat c1 c2 + /// This function implements Algorithm 13 of the /// NIST FIPS 203 specification; this is the MLKEM CPA-PKE encryption algorithm. @@ -246,15 +286,19 @@ let ind_cpa_encrypt r public_key message randomness = let (t_as_ntt_bytes, seed_for_A) = split public_key (v_T_AS_NTT_ENCODED_SIZE r) in let t_as_ntt = vector_decode_12 #r t_as_ntt_bytes in let matrix_A_as_ntt, sufficient_randomness = sample_matrix_A_ntt #r seed_for_A in - let r_as_ntt = sample_vector_cbd_then_ntt #r randomness (sz 0) in - let error_1 = sample_vector_cbd2 #r randomness r in - let error_2 = sample_poly_cbd2 #r randomness (r +! r) in - let u = vector_add (vector_inv_ntt (matrix_vector_mul_ntt (matrix_transpose matrix_A_as_ntt) r_as_ntt)) error_1 in - let mu = decode_then_decompress_message message in - let v = poly_add (poly_add (vector_dot_product_ntt t_as_ntt r_as_ntt) error_2) mu in - let c1 = compress_then_encode_u #r u in - let c2 = compress_then_encode_v #r v in - (concat c1 c2, sufficient_randomness) + let c = ind_cpa_encrypt_unpacked r message randomness t_as_ntt (matrix_transpose matrix_A_as_ntt) in + (c, sufficient_randomness) + +val ind_cpa_decrypt_unpacked (r:rank) + (ciphertext: t_MLKEMCiphertext r) (secret_as_ntt:vector r): + t_MLKEMSharedSecret + +let ind_cpa_decrypt_unpacked r ciphertext secret_as_ntt = + let (c1,c2) = split ciphertext (v_C1_SIZE r) in + let u = decode_then_decompress_u #r c1 in + let v = decode_then_decompress_v (v_VECTOR_V_COMPRESSION_FACTOR r) c2 in + let w = poly_sub v (poly_inv_ntt (vector_dot_product_ntt secret_as_ntt (vector_ntt u))) in + compress_then_encode_message w /// This function implements Algorithm 14 of the /// NIST FIPS 203 specification; this is the MLKEM CPA-PKE decryption algorithm. @@ -265,12 +309,8 @@ val ind_cpa_decrypt (r:rank) (secret_key: t_MLKEMCPAPrivateKey r) [@ "opaque_to_smt"] let ind_cpa_decrypt r secret_key ciphertext = - let (c1,c2) = split ciphertext (v_C1_SIZE r) in - let u = decode_then_decompress_u #r c1 in - let v = decode_then_decompress_v #r c2 in let secret_as_ntt = vector_decode_12 #r secret_key in - let w = poly_sub v (poly_inv_ntt (vector_dot_product_ntt secret_as_ntt (vector_ntt u))) in - compress_then_encode_message w + ind_cpa_decrypt_unpacked r ciphertext secret_as_ntt (** IND-CCA Functions *) @@ -340,4 +380,3 @@ let ind_cca_decapsulate p secret_key ciphertext = if reencrypted = ciphertext then success_shared_secret, sufficient_randomness else rejection_shared_secret, sufficient_randomness - diff --git a/libcrux-ml-kem/proofs/fstar/spec/Spec.Utils.fst b/libcrux-ml-kem/proofs/fstar/spec/Spec.Utils.fst index 1c6ed14b1..5c77472f2 100644 --- a/libcrux-ml-kem/proofs/fstar/spec/Spec.Utils.fst +++ b/libcrux-ml-kem/proofs/fstar/spec/Spec.Utils.fst @@ -126,6 +126,9 @@ val v_PRF (v_LEN: usize{v v_LEN < pow2 32}) (input: t_Slice u8) : t_Array u8 v_L let v_PRF v_LEN input = map_slice Lib.RawIntTypes.u8_to_UInt8 ( shake256 (Seq.length input) (map_slice Lib.IntTypes.secret input) (v v_LEN)) +assume val v_PRFxN (r:usize{v r == 2 \/ v r == 3 \/ v r == 4}) (v_LEN: usize{v v_LEN < pow2 32}) + (input: t_Array (t_Array u8 (sz 33)) r) : t_Array (t_Array u8 v_LEN) r + let v_J (input: t_Slice u8) : t_Array u8 (sz 32) = v_PRF (sz 32) input val v_XOF (v_LEN: usize{v v_LEN < pow2 32}) (input: t_Slice u8) : t_Array u8 v_LEN diff --git a/libcrux-ml-kem/src/hash_functions.rs b/libcrux-ml-kem/src/hash_functions.rs index 6627b3d72..aa91579d3 100644 --- a/libcrux-ml-kem/src/hash_functions.rs +++ b/libcrux-ml-kem/src/hash_functions.rs @@ -48,7 +48,12 @@ pub(crate) trait Hash { fn PRF(input: &[u8]) -> [u8; LEN]; /// PRFxN aka N SHAKE256 - #[requires(true)] + #[requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + #[ensures(|result| + // We need to repeat the pre-condition here because of https://github.com/hacspec/hax/issues/784 + fstar!("(v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)) ==> + $result == Spec.Utils.v_PRFxN $K $LEN $input")) + ] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K]; /// Create a SHAKE128 state and absorb the input. @@ -113,6 +118,10 @@ pub(crate) mod portable { digest } + #[hax_lib::requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + #[hax_lib::ensures(|result| + fstar!("$result == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { debug_assert!(K == 2 || K == 3 || K == 4); @@ -190,6 +199,12 @@ pub(crate) mod portable { PRF::(input) } + #[requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + // Output name has be `out` https://github.com/hacspec/hax/issues/832 + #[ensures(|out| + fstar!("(v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)) ==> + $out == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { PRFxN::(input) @@ -261,6 +276,10 @@ pub(crate) mod avx2 { digest } + #[hax_lib::requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + #[hax_lib::ensures(|result| + fstar!("$result == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { debug_assert!(K == 2 || K == 3 || K == 4); @@ -437,6 +456,12 @@ pub(crate) mod avx2 { PRF::(input) } + #[requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + // Output name has be `out` https://github.com/hacspec/hax/issues/832 + #[ensures(|out| + fstar!("(v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)) ==> + $out == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { PRFxN::(input) @@ -506,6 +531,10 @@ pub(crate) mod neon { digest } + #[hax_lib::requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + #[hax_lib::ensures(|result| + fstar!("$result == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { debug_assert!(K == 2 || K == 3 || K == 4); @@ -712,6 +741,13 @@ pub(crate) mod neon { PRF::(input) } + #[requires(fstar!("v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)"))] + // Output name has be `out` https://github.com/hacspec/hax/issues/832 + #[ensures(|out| + // We need to repeat the pre-condition here because of https://github.com/hacspec/hax/issues/784 + fstar!("(v $LEN < pow2 32 /\\ (v $K == 2 \\/ v $K == 3 \\/ v $K == 4)) ==> + $out == Spec.Utils.v_PRFxN $K $LEN $input")) + ] #[inline(always)] fn PRFxN(input: &[[u8; 33]; K]) -> [[u8; LEN]; K] { PRFxN::(input) diff --git a/libcrux-ml-kem/src/ind_cpa.rs b/libcrux-ml-kem/src/ind_cpa.rs index 81aa3e1e8..b27030255 100644 --- a/libcrux-ml-kem/src/ind_cpa.rs +++ b/libcrux-ml-kem/src/ind_cpa.rs @@ -60,7 +60,6 @@ use unpacked::*; /// Concatenate `t` and `ρ` into the public key. #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT $K /\\ $PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE $K /\\ @@ -92,7 +91,6 @@ pub(crate) fn serialize_public_key< /// Concatenate `t` and `ρ` into the public key. #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $RANKED_BYTES_PER_RING_ELEMENT == Spec.MLKEM.v_RANKED_BYTES_PER_RING_ELEMENT $K /\\ $PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE $K /\\ @@ -121,12 +119,14 @@ pub(crate) fn serialize_public_key_mut< Vector, >(t_as_ntt)); serialized[RANKED_BYTES_PER_RING_ELEMENT..].copy_from_slice(seed_for_a); + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #(v $PUBLIC_KEY_SIZE) serialized + (Seq.append (Spec.MLKEM.vector_encode_12 #$K (Libcrux_ml_kem.Polynomial.to_spec_vector_t + #$K #$:Vector $t_as_ntt)) $seed_for_a)"); } /// Call [`serialize_uncompressed_ring_element`] for each ring element. #[inline(always)] -#[hax_lib::fstar::options("--z3rlimit 200")] -#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::fstar::options("--z3rlimit 200 --ext context_pruning --z3refresh")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $OUT_LEN == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE $K /\\ (forall (i:nat). i < v $K ==> @@ -138,27 +138,51 @@ pub(crate) fn serialize_public_key_mut< pub(crate) fn serialize_secret_key( key: &[PolynomialRingElement; K], ) -> [u8; OUT_LEN] { + hax_lib::fstar!("assert_norm (Spec.MLKEM.polynomial_d 12 == Spec.MLKEM.polynomial)"); let mut out = [0u8; OUT_LEN]; cloop! { for (i, re) in key.into_iter().enumerate() { - hax_lib::loop_invariant!(|i: usize| { fstar!("v $i < v $K ==> - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $key (v $i))") }); + hax_lib::loop_invariant!(|i: usize| { fstar!("(v $i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $key (v $i))) /\\ + (forall (j: nat). j < v $i ==> + (j + 1) * v $BYTES_PER_RING_ELEMENT <= Seq.length $out /\\ + (Seq.slice $out (j * v $BYTES_PER_RING_ELEMENT) ((j + 1) * v $BYTES_PER_RING_ELEMENT) == + Spec.MLKEM.byte_encode 12 (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $key j))))") }); out[i * BYTES_PER_RING_ELEMENT..(i + 1) * BYTES_PER_RING_ELEMENT] .copy_from_slice(&serialize_uncompressed_ring_element(&re)); + hax_lib::fstar!("let lemma_aux (j: nat{ j < v $i }) : Lemma + (Seq.slice out (j * v $BYTES_PER_RING_ELEMENT) ((j + 1) * v $BYTES_PER_RING_ELEMENT) == + Spec.MLKEM.byte_encode 12 (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $key j))) = + Lib.Sequence.eq_intro #u8 #(v $BYTES_PER_RING_ELEMENT) + (Seq.slice out (j * v $BYTES_PER_RING_ELEMENT) ((j + 1) * v $BYTES_PER_RING_ELEMENT)) + (Spec.MLKEM.byte_encode 12 (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $key j))) + in + Classical.forall_intro lemma_aux"); } } + hax_lib::fstar!("assert (Spec.MLKEM.coerce_vector_12 (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $key) == + Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $key); + Lib.Sequence.eq_intro #u8 #(v $OUT_LEN) $out + (Spec.MLKEM.vector_encode_12 #$K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $key))"); out } /// Sample a vector of ring elements from a centered binomial distribution. #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::fstar::options("--max_fuel 10 --z3rlimit 1000 --ext context_pruning --z3refresh --split_queries always")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $ETA2_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA2_RANDOMNESS_SIZE $K /\\ $ETA2 == Spec.MLKEM.v_ETA2 $K /\\ + v $domain_separator < 2 * v $K /\\ range (v $domain_separator + v $K) u8_inttype"))] +#[hax_lib::ensures(|(err1,ds)| + fstar!("v $ds == v $domain_separator + v $K /\\ + Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $err1 == + Spec.MLKEM.sample_vector_cbd2 #$K (Seq.slice $prf_input 0 32) (sz (v $domain_separator))") +)] fn sample_ring_element_cbd< const K: usize, const ETA2_RANDOMNESS_SIZE: usize, @@ -172,22 +196,41 @@ fn sample_ring_element_cbd< let mut error_1 = from_fn(|_i| PolynomialRingElement::::ZERO()); let mut prf_inputs = [prf_input; K]; let _domain_separator_init = domain_separator; + let _prf_inputs_init = prf_inputs; for i in 0..K { - hax_lib::loop_invariant!(|i: usize| { fstar!("v $domain_separator == v $_domain_separator_init + v $i") }); + hax_lib::loop_invariant!(|i: usize| { fstar!("v $domain_separator == v $_domain_separator_init + v $i /\\ + (v $i < v $K ==> (forall (j:nat). (j >= v $i /\\ j < v $K) ==> + ${prf_inputs}.[ sz j ] == ${_prf_inputs_init}.[ sz j ])) /\\ + (forall (j:nat). j < v $i ==> v (Seq.index (Seq.index $prf_inputs j) 32) == v $_domain_separator_init + j /\\ + Seq.slice (Seq.index $prf_inputs j) 0 32 == Seq.slice (Seq.index $_prf_inputs_init j) 0 32)") }); prf_inputs[i][32] = domain_separator; domain_separator += 1; } + hax_lib::fstar!("let lemma_aux (i:nat{ i < v $K }) : Lemma (${prf_inputs}.[sz i] == (Seq.append (Seq.slice $prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v ($_domain_separator_init +! (mk_int #u8_inttype i))))))) = + Lib.Sequence.eq_intro #u8 #33 ${prf_inputs}.[sz i] (Seq.append (Seq.slice $prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v $_domain_separator_init + i)))) in + + Classical.forall_intro lemma_aux; + Lib.Sequence.eq_intro #(t_Array u8 (sz 33)) #(v $K) $prf_inputs + (createi $K (Spec.MLKEM.sample_vector_cbd2_prf_input #$K (Seq.slice $prf_input 0 32) (sz (v $_domain_separator_init))))"); let prf_outputs: [[u8; ETA2_RANDOMNESS_SIZE]; K] = Hasher::PRFxN(&prf_inputs); for i in 0..K { + hax_lib::loop_invariant!(|i: usize| { fstar!("forall (j:nat). j < v $i ==> + Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector ${error_1}.[ sz j ] == + Spec.MLKEM.sample_poly_cbd $ETA2 ${prf_outputs}.[ sz j ]") }); error_1[i] = sample_from_binomial_distribution::(&prf_outputs[i]); } + hax_lib::fstar!("Lib.Sequence.eq_intro #(Spec.MLKEM.polynomial) #(v $K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $error_1) + (Spec.MLKEM.sample_vector_cbd2 #$K (Seq.slice $prf_input 0 32) (sz (v $_domain_separator_init)))"); (error_1, domain_separator) } /// Sample a vector of ring elements from a centered binomial distribution and /// convert them into their NTT representations. #[inline(always)] -#[hax_lib::fstar::verification_status(lax)] +#[hax_lib::fstar::options("--max_fuel 10 --z3rlimit 1000 --ext context_pruning --z3refresh --split_queries always")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $ETA_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE $K /\\ $ETA == Spec.MLKEM.v_ETA1 $K /\\ @@ -195,8 +238,10 @@ fn sample_ring_element_cbd< range (v $domain_separator + v $K) u8_inttype"))] #[hax_lib::ensures(|ds| fstar!("v $ds == v $domain_separator + v $K /\\ - Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${re_as_ntt}_future == - Spec.MLKEM.sample_vector_cbd_then_ntt #$K (Seq.slice $prf_input 0 32) (sz (v $domain_separator))") + Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${re_as_ntt}_future == + Spec.MLKEM.sample_vector_cbd_then_ntt #$K (Seq.slice $prf_input 0 32) (sz (v $domain_separator)) /\\ + (forall (i: nat). i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index ${re_as_ntt}_future i))") )] fn sample_vector_cbd_then_ntt< const K: usize, @@ -211,21 +256,39 @@ fn sample_vector_cbd_then_ntt< ) -> u8 { let mut prf_inputs = [prf_input; K]; let _domain_separator_init = domain_separator; + let _prf_inputs_init = prf_inputs; for i in 0..K { - hax_lib::loop_invariant!(|i: usize| { fstar!("v $domain_separator == v $_domain_separator_init + v $i") }); + hax_lib::loop_invariant!(|i: usize| { fstar!("v $domain_separator == v $_domain_separator_init + v $i /\\ + (v $i < v $K ==> (forall (j:nat). (j >= v $i /\\ j < v $K) ==> + ${prf_inputs}.[ sz j ] == ${_prf_inputs_init}.[ sz j ])) /\\ + (forall (j:nat). j < v $i ==> v (Seq.index (Seq.index $prf_inputs j) 32) == v $_domain_separator_init + j /\\ + Seq.slice (Seq.index $prf_inputs j) 0 32 == Seq.slice (Seq.index $_prf_inputs_init j) 0 32)") }); prf_inputs[i][32] = domain_separator; domain_separator += 1; } + hax_lib::fstar!("let lemma_aux (i:nat{ i < v $K }) : Lemma (${prf_inputs}.[sz i] == (Seq.append (Seq.slice $prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v ($_domain_separator_init +! (mk_int #u8_inttype i))))))) = + Lib.Sequence.eq_intro #u8 #33 ${prf_inputs}.[sz i] (Seq.append (Seq.slice $prf_input 0 32) + (Seq.create 1 (mk_int #u8_inttype (v $_domain_separator_init + i)))) in + + Classical.forall_intro lemma_aux; + Lib.Sequence.eq_intro #(t_Array u8 (sz 33)) #(v $K) $prf_inputs + (createi $K (Spec.MLKEM.sample_vector_cbd1_prf_input #$K (Seq.slice $prf_input 0 32) (sz (v $_domain_separator_init))))"); let prf_outputs: [[u8; ETA_RANDOMNESS_SIZE]; K] = Hasher::PRFxN(&prf_inputs); for i in 0..K { + hax_lib::loop_invariant!(|i: usize| { fstar!("forall (j:nat). j < v $i ==> + Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector re_as_ntt.[ sz j ] == + Spec.MLKEM.poly_ntt (Spec.MLKEM.sample_poly_cbd $ETA ${prf_outputs}.[ sz j ])") }); re_as_ntt[i] = sample_from_binomial_distribution::(&prf_outputs[i]); ntt_binomially_sampled_ring_element(&mut re_as_ntt[i]); } + hax_lib::fstar!("Lib.Sequence.eq_intro #(Spec.MLKEM.polynomial) #(v $K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector re_as_ntt) + (Spec.MLKEM.sample_vector_cbd_then_ntt #$K (Seq.slice $prf_input 0 32) (sz (v $_domain_separator_init)))"); domain_separator } #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $ETA_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE $K /\\ $ETA == Spec.MLKEM.v_ETA1 $K /\\ @@ -294,12 +357,14 @@ fn sample_vector_cbd_then_ntt_out< /// The NIST FIPS 203 standard can be found at /// . #[allow(non_snake_case)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $ETA1_RANDOMNESS_SIZE == Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE $K /\\ $ETA1 == Spec.MLKEM.v_ETA1 $K /\\ length $key_generation_seed == Spec.MLKEM.v_CPA_KEY_GENERATION_SEED_SIZE"))] -#[hax_lib::ensures(|_| fstar!(" +#[hax_lib::ensures(|_| fstar!("let (((t_as_ntt,seed_for_A), secret_as_ntt), valid) = Spec.MLKEM.ind_cpa_generate_keypair_unpacked $K $key_generation_seed in + (valid ==> ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${public_key}_future.f_t_as_ntt) == t_as_ntt) /\\ + (${public_key}_future.f_seed_for_A == seed_for_A) /\\ + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${private_key}_future.f_secret_as_ntt) == secret_as_ntt)) /\\ (forall (i:nat). i < v $K ==> Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index ${private_key}_future.f_secret_as_ntt i)) /\\ (forall (i:nat). i < v $K ==> @@ -321,9 +386,14 @@ pub(crate) fn generate_keypair_unpacked< let hashed = Scheme::cpa_keygen_seed::(key_generation_seed); let (seed_for_A, seed_for_secret_and_error) = hashed.split_at(32); + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #32 $seed_for_A + (Seq.slice (Libcrux_ml_kem.Utils.into_padded_array (sz 34) $seed_for_A) 0 32)"); sample_matrix_A::(&mut public_key.A, into_padded_array(seed_for_A), true); + hax_lib::fstar!("let (matrix_A_as_ntt, valid) = Spec.MLKEM.sample_matrix_A_ntt #$K $seed_for_A in + assert (valid ==> matrix_A_as_ntt == Libcrux_ml_kem.Polynomial.to_spec_matrix_t public_key.f_A)"); let prf_input: [u8; 33] = into_padded_array(seed_for_secret_and_error); + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #32 $seed_for_secret_and_error (Seq.slice $prf_input 0 32)"); let domain_separator = sample_vector_cbd_then_ntt::( &mut private_key.secret_as_ntt, @@ -346,13 +416,24 @@ pub(crate) fn generate_keypair_unpacked< public_key.seed_for_A = seed_for_A.try_into().unwrap(); + hax_lib::fstar!("let ((t_as_ntt, seed_for_A), secret_as_ntt), valid = + Spec.MLKEM.ind_cpa_generate_keypair_unpacked $K $key_generation_seed in + assert (valid ==> + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector public_key.f_t_as_ntt) == + t_as_ntt) /\\ (public_key.f_seed_for_A == seed_for_A) /\\ + ((Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector private_key.f_secret_as_ntt) == + secret_as_ntt)); + assert ((forall (i: nat). i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index private_key.f_secret_as_ntt i)) /\\ + (forall (i: nat). i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index public_key.f_t_as_ntt i)))"); + // For encapsulation, we need to store A not Aˆ, and so we untranspose A // However, we pass A_transpose here and let the IND-CCA layer do the untranspose. // We could do it here, but then we would pay the performance cost (if any) for the packed API as well. } #[allow(non_snake_case)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $PRIVATE_KEY_SIZE == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE $K /\\ $PUBLIC_KEY_SIZE == Spec.MLKEM.v_CPA_PUBLIC_KEY_SIZE $K /\\ @@ -398,7 +479,7 @@ pub(crate) fn generate_keypair< } /// Call [`compress_then_serialize_ring_element_u`] on each ring element. -#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::fstar::options("--z3rlimit 200 --ext context_pruning --z3refresh")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $OUT_LEN == Spec.MLKEM.v_C1_SIZE $K /\\ $COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR $K /\\ @@ -420,19 +501,43 @@ fn compress_then_serialize_u< input: [PolynomialRingElement; K], out: &mut [u8], ) { - hax_lib::fstar!("assert ((v $COEFFICIENTS_IN_RING_ELEMENT * v $COMPRESSION_FACTOR) / 8 == 320 \\/ - (v $COEFFICIENTS_IN_RING_ELEMENT * v $COMPRESSION_FACTOR) / 8 == 352)"); + hax_lib::fstar!("assert (v (sz 32 *! $COMPRESSION_FACTOR) == 32 * v $COMPRESSION_FACTOR); + assert (v ($OUT_LEN /! $K) == v $OUT_LEN / v $K); + assert (v $OUT_LEN / v $K == 32 * v $COMPRESSION_FACTOR)"); // The semicolon and parentheses at the end of loop are a workaround // for the following bug https://github.com/hacspec/hax/issues/720 cloop! { for (i, re) in input.into_iter().enumerate() { - hax_lib::loop_invariant!(|i: usize| { fstar!("v $i < v $K ==> (Seq.length out == v $OUT_LEN /\\ - Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $input (v $i)))") }); + hax_lib::loop_invariant!(|i: usize| { fstar!("(v $i < v $K ==> Seq.length out == v $OUT_LEN /\\ + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index $input (v $i))) /\\ + (forall (j: nat). j < v $i ==> + Seq.length out == v $OUT_LEN /\\ + (j + 1) * (v $OUT_LEN / v $K) <= Seq.length out /\\ + (Seq.slice out (j * (v $OUT_LEN / v $K)) (((j + 1)) * (v $OUT_LEN / v $K)) == + Spec.MLKEM.compress_then_byte_encode (v $COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $input j))))") }); + hax_lib::fstar!("assert (forall (j: nat). j < v $i ==> + ((Seq.slice out (j * (v $OUT_LEN / v $K)) (((j + 1)) * (v $OUT_LEN / v $K)) == + Spec.MLKEM.compress_then_byte_encode (v $COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $input j)))))"); out[i * (OUT_LEN / K)..(i + 1) * (OUT_LEN / K)].copy_from_slice( &compress_then_serialize_ring_element_u::(&re), ); + hax_lib::fstar!("let lemma_aux (j: nat{ j < v $i }) : Lemma + (Seq.slice out (j * (v $OUT_LEN / v $K)) (((j + 1)) * (v $OUT_LEN / v $K)) == + Spec.MLKEM.compress_then_byte_encode (v $COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #v_Vector (Seq.index $input j))) = + Lib.Sequence.eq_intro #u8 #(v $OUT_LEN / v $K) + (Seq.slice out (j * (v $OUT_LEN / v $K)) (((j + 1)) * (v $OUT_LEN / v $K))) + (Spec.MLKEM.compress_then_byte_encode (v $COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $input j))) + in + Classical.forall_intro lemma_aux"); } }; + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #(v $OUT_LEN) out + (Spec.MLKEM.compress_then_encode_u #$K + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $input))"); () } @@ -489,6 +594,11 @@ fn compress_then_serialize_u< $BLOCK_LEN == Spec.MLKEM.v_C1_BLOCK_SIZE $K /\\ $CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE $K /\\ length $randomness == Spec.MLKEM.v_SHARED_SECRET_SIZE"))] +#[hax_lib::ensures(|result| + fstar!("$result == Spec.MLKEM.ind_cpa_encrypt_unpacked $K $message $randomness + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${public_key}.f_t_as_ntt) + (Libcrux_ml_kem.Polynomial.to_spec_matrix_t #$K #$:Vector ${public_key}.f_A)") +)] pub(crate) fn encrypt_unpacked< const K: usize, const CIPHERTEXT_SIZE: usize, @@ -519,6 +629,8 @@ pub(crate) fn encrypt_unpacked< sample_vector_cbd_then_ntt_out::( prf_input, 0, ); + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #32 $randomness (Seq.slice $prf_input 0 32); + assert (v $domain_separator == v $K)"); // for i from 0 to k−1 do // e1[i] := CBD_{η2}(PRF(r,N)) @@ -532,6 +644,8 @@ pub(crate) fn encrypt_unpacked< // e_2 := CBD{η2}(PRF(r, N)) prf_input[32] = domain_separator; + hax_lib::fstar!("assert (Seq.equal $prf_input (Seq.append $randomness (Seq.create 1 $domain_separator))); + assert ($prf_input == Seq.append $randomness (Seq.create 1 $domain_separator))"); let prf_output: [u8; ETA2_RANDOMNESS_SIZE] = Hasher::PRF(&prf_input); let error_2 = sample_from_binomial_distribution::(&prf_output); @@ -546,6 +660,10 @@ pub(crate) fn encrypt_unpacked< &error_2, &message_as_ring_element, ); + hax_lib::fstar!("assert ($C1_LEN = Spec.MLKEM.v_C1_SIZE v_K); + assert ($C2_LEN = Spec.MLKEM.v_C2_SIZE v_K); + assert ($CIPHERTEXT_SIZE == $C1_LEN +! $C2_LEN); + assert ($C1_LEN <=. $CIPHERTEXT_SIZE)"); let mut ciphertext = [0u8; CIPHERTEXT_SIZE]; @@ -560,12 +678,13 @@ pub(crate) fn encrypt_unpacked< v, &mut ciphertext[C1_LEN..], ); + hax_lib::fstar!("lemma_slice_append $ciphertext (Seq.slice $ciphertext 0 (Rust_primitives.v $C1_LEN)) + (Seq.slice $ciphertext (Rust_primitives.v $C1_LEN) (Seq.length $ciphertext))"); ciphertext } #[allow(non_snake_case)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $ETA1 = Spec.MLKEM.v_ETA1 $K /\\ $ETA1_RANDOMNESS_SIZE = Spec.MLKEM.v_ETA1_RANDOMNESS_SIZE $K /\\ @@ -604,6 +723,7 @@ pub(crate) fn encrypt< message: [u8; SHARED_SECRET_SIZE], randomness: &[u8], ) -> [u8; CIPHERTEXT_SIZE] { + hax_lib::fstar!("reveal_opaque (`%Spec.MLKEM.ind_cpa_encrypt) Spec.MLKEM.ind_cpa_encrypt"); let mut unpacked_public_key = IndCpaPublicKeyUnpacked::::default(); // tˆ := Decode_12(pk) @@ -619,6 +739,8 @@ pub(crate) fn encrypt< // end for // end for let seed = &public_key[T_AS_NTT_ENCODED_SIZE..]; + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #32 $seed (Seq.slice + (Libcrux_ml_kem.Utils.into_padded_array (Rust_primitives.mk_usize 34) $seed) 0 32)"); sample_matrix_A::( &mut unpacked_public_key.A, into_padded_array(seed), @@ -647,7 +769,7 @@ pub(crate) fn encrypt< /// Call [`deserialize_then_decompress_ring_element_u`] on each ring element /// in the `ciphertext`. #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::fstar::options("--ext context_pruning")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ $CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE $K /\\ $U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR $K"))] @@ -663,22 +785,34 @@ fn deserialize_then_decompress_u< >( ciphertext: &[u8; CIPHERTEXT_SIZE], ) -> [PolynomialRingElement; K] { + hax_lib::fstar!("assert (v (($COEFFICIENTS_IN_RING_ELEMENT *! $U_COMPRESSION_FACTOR ) /! + Rust_primitives.mk_usize 8) == v (Spec.MLKEM.v_C1_BLOCK_SIZE $K))"); let mut u_as_ntt = from_fn(|_| PolynomialRingElement::::ZERO()); cloop! { for (i, u_bytes) in ciphertext .chunks_exact((COEFFICIENTS_IN_RING_ELEMENT * U_COMPRESSION_FACTOR) / 8) .enumerate() { + hax_lib::loop_invariant!(|i: usize| { fstar!("forall (j: nat). j < v $i ==> + j * v (Spec.MLKEM.v_C1_BLOCK_SIZE $K) + v (Spec.MLKEM.v_C1_BLOCK_SIZE $K) <= v $CIPHERTEXT_SIZE /\\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $u_as_ntt j) == + Spec.MLKEM.poly_ntt (Spec.MLKEM.byte_decode_then_decompress (v $U_COMPRESSION_FACTOR) + (Seq.slice $ciphertext (j * v (Spec.MLKEM.v_C1_BLOCK_SIZE $K)) + (j * v (Spec.MLKEM.v_C1_BLOCK_SIZE $K) + v (Spec.MLKEM.v_C1_BLOCK_SIZE $K))))") }); u_as_ntt[i] = deserialize_then_decompress_ring_element_u::(u_bytes); ntt_vector_u::(&mut u_as_ntt[i]); } } + hax_lib::fstar!("Lib.Sequence.eq_intro #Spec.MLKEM.polynomial #(v $K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $u_as_ntt) + (Spec.MLKEM.(vector_ntt (decode_then_decompress_u #$K + (Seq.slice $ciphertext 0 (v (Spec.MLKEM.v_C1_SIZE $K))))))"); u_as_ntt } /// Call [`deserialize_to_uncompressed_ring_element`] for each ring element. #[inline(always)] -#[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::fstar::options("--ext context_pruning")] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ length $secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE $K /\\ v (${secret_key.len()}) / v $BYTES_PER_RING_ELEMENT <= v $K"))] @@ -689,12 +823,23 @@ fn deserialize_then_decompress_u< fn deserialize_secret_key( secret_key: &[u8], ) -> [PolynomialRingElement; K] { + hax_lib::fstar!("assert_norm (Spec.MLKEM.polynomial_d 12 == Spec.MLKEM.polynomial)"); let mut secret_as_ntt = from_fn(|_| PolynomialRingElement::::ZERO()); cloop! { for (i, secret_bytes) in secret_key.chunks_exact(BYTES_PER_RING_ELEMENT).enumerate() { + hax_lib::loop_invariant!(|i: usize| { fstar!("forall (j: nat). j < v $i ==> + j * v $BYTES_PER_RING_ELEMENT + v $BYTES_PER_RING_ELEMENT <= + v (Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE $K) /\\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector (Seq.index $secret_as_ntt j) == + Spec.MLKEM.byte_decode 12 (Seq.slice $secret_key + (j * v $BYTES_PER_RING_ELEMENT) + (j * v $BYTES_PER_RING_ELEMENT + v $BYTES_PER_RING_ELEMENT))") }); secret_as_ntt[i] = deserialize_to_uncompressed_ring_element(secret_bytes); } } + hax_lib::fstar!("Lib.Sequence.eq_intro #Spec.MLKEM.polynomial #(v $K) + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector $secret_as_ntt) + (Spec.MLKEM.vector_decode_12 #$K $secret_key)"); secret_as_ntt } @@ -726,6 +871,10 @@ fn deserialize_secret_key( $U_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_U_COMPRESSION_FACTOR $K /\\ $V_COMPRESSION_FACTOR == Spec.MLKEM.v_VECTOR_V_COMPRESSION_FACTOR $K /\\ $VECTOR_U_ENCODED_SIZE == Spec.MLKEM.v_C1_SIZE $K"))] +#[hax_lib::ensures(|result| + fstar!("$result == Spec.MLKEM.ind_cpa_decrypt_unpacked $K $ciphertext + (Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${secret_key}.f_secret_as_ntt)") +)] pub(crate) fn decrypt_unpacked< const K: usize, const CIPHERTEXT_SIZE: usize, @@ -753,7 +902,6 @@ pub(crate) fn decrypt_unpacked< } #[allow(non_snake_case)] -#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("Spec.MLKEM.is_rank $K /\\ length $secret_key == Spec.MLKEM.v_CPA_PRIVATE_KEY_SIZE $K /\\ $CIPHERTEXT_SIZE == Spec.MLKEM.v_CPA_CIPHERTEXT_SIZE $K /\\ @@ -774,6 +922,7 @@ pub(crate) fn decrypt< secret_key: &[u8], ciphertext: &[u8; CIPHERTEXT_SIZE], ) -> [u8; SHARED_SECRET_SIZE] { + hax_lib::fstar!("reveal_opaque (`%Spec.MLKEM.ind_cpa_decrypt) Spec.MLKEM.ind_cpa_decrypt"); // sˆ := Decode_12(sk) let secret_as_ntt = deserialize_secret_key::(secret_key); let secret_key_unpacked = IndCpaPrivateKeyUnpacked { secret_as_ntt }; diff --git a/libcrux-ml-kem/src/matrix.rs b/libcrux-ml-kem/src/matrix.rs index 855b45891..01c2d987d 100644 --- a/libcrux-ml-kem/src/matrix.rs +++ b/libcrux-ml-kem/src/matrix.rs @@ -156,7 +156,9 @@ pub(crate) fn compute_vector_u( Spec.MLKEM.compute_As_plus_e_ntt (to_spec_matrix_t $matrix_A) (to_spec_vector_t $s_as_ntt) - (to_spec_vector_t $error_as_ntt)") + (to_spec_vector_t $error_as_ntt) /\\ + (forall (i: nat). i < v $K ==> + Libcrux_ml_kem.Serialize.coefficients_field_modulus_range (Seq.index ${t_as_ntt}_future i))") )] pub(crate) fn compute_As_plus_e( t_as_ntt: &mut [PolynomialRingElement; K], diff --git a/libcrux-ml-kem/src/ntt.rs b/libcrux-ml-kem/src/ntt.rs index b3aa4087e..9008f7190 100644 --- a/libcrux-ml-kem/src/ntt.rs +++ b/libcrux-ml-kem/src/ntt.rs @@ -256,9 +256,12 @@ pub(crate) fn ntt_at_layer_7(re: &mut PolynomialRingElement< } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::fstar::options("--z3rlimit 200")] #[hax_lib::requires(fstar!("forall i. i < 8 ==> ntt_layer_7_pre (${re}.f_coefficients.[ sz i ]) (${re}.f_coefficients.[ sz i +! sz 8 ])"))] +#[hax_lib::ensures(|_| fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector ${re}_future == + Spec.MLKEM.poly_ntt (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)"))] pub(crate) fn ntt_binomially_sampled_ring_element( re: &mut PolynomialRingElement, ) { @@ -278,7 +281,10 @@ pub(crate) fn ntt_binomially_sampled_ring_element( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::fstar::options("--z3rlimit 200")] +#[hax_lib::ensures(|_| fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector ${re}_future == + Spec.MLKEM.poly_ntt (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)"))] pub(crate) fn ntt_vector_u( re: &mut PolynomialRingElement, ) { diff --git a/libcrux-ml-kem/src/sampling.rs b/libcrux-ml-kem/src/sampling.rs index 094334c58..1a140d1a8 100644 --- a/libcrux-ml-kem/src/sampling.rs +++ b/libcrux-ml-kem/src/sampling.rs @@ -252,7 +252,12 @@ fn sample_from_binomial_distribution_3( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires((ETA == 2 || ETA == 3) && randomness.len() == ETA * 64)] +#[hax_lib::ensures(|result| fstar!("(forall (i:nat). i < 8 ==> Libcrux_ml_kem.Ntt.ntt_layer_7_pre + (${result}.f_coefficients.[ sz i ]) (${result}.f_coefficients.[ sz i +! sz 8 ])) /\\ + Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $result == + Spec.MLKEM.sample_poly_cbd $ETA $randomness"))] pub(super) fn sample_from_binomial_distribution( randomness: &[u8], ) -> PolynomialRingElement { diff --git a/libcrux-ml-kem/src/serialize.rs b/libcrux-ml-kem/src/serialize.rs index 9e059baf7..18f8444b7 100644 --- a/libcrux-ml-kem/src/serialize.rs +++ b/libcrux-ml-kem/src/serialize.rs @@ -33,6 +33,10 @@ pub(super) fn to_unsigned_field_modulus( #[inline(always)] #[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("coefficients_field_modulus_range $re"))] +#[hax_lib::ensures(|result| + fstar!("$result == + Spec.MLKEM.compress_then_encode_message (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)") +)] pub(super) fn compress_then_serialize_message( re: PolynomialRingElement, ) -> [u8; SHARED_SECRET_SIZE] { @@ -55,6 +59,10 @@ pub(super) fn compress_then_serialize_message( #[inline(always)] #[hax_lib::fstar::verification_status(panic_free)] +#[hax_lib::ensures(|result| + fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $result == + Spec.MLKEM.decode_then_decompress_message $serialized") +)] pub(super) fn deserialize_then_decompress_message( serialized: [u8; SHARED_SECRET_SIZE], ) -> PolynomialRingElement { @@ -69,6 +77,10 @@ pub(super) fn deserialize_then_decompress_message( #[inline(always)] #[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("coefficients_field_modulus_range $re"))] +#[hax_lib::ensures(|result| + fstar!("$result == + Spec.MLKEM.byte_encode 12 (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)") +)] pub(super) fn serialize_uncompressed_ring_element( re: &PolynomialRingElement, ) -> [u8; BYTES_PER_RING_ELEMENT] { @@ -89,9 +101,14 @@ pub(super) fn serialize_uncompressed_ring_element( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires( serialized.len() == BYTES_PER_RING_ELEMENT )] +#[hax_lib::ensures(|result| + fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $result == + Spec.MLKEM.byte_decode 12 $serialized") +)] pub(super) fn deserialize_to_uncompressed_ring_element( serialized: &[u8], ) -> PolynomialRingElement { @@ -160,10 +177,15 @@ pub(super) fn deserialize_ring_elements_reduced_out< /// See [deserialize_ring_elements_reduced_out]. #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires( fstar!("Spec.MLKEM.is_rank v_K /\\ Seq.length public_key == v (Spec.MLKEM.v_T_AS_NTT_ENCODED_SIZE v_K)") )] +#[hax_lib::ensures(|_| + fstar!("Libcrux_ml_kem.Polynomial.to_spec_vector_t #$K #$:Vector ${deserialized_pk}_future == + Spec.MLKEM.vector_decode_12 #$K $public_key") +)] pub(super) fn deserialize_ring_elements_reduced< const K: usize, Vector: Operations, @@ -222,8 +244,13 @@ fn compress_then_serialize_11( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("(v $COMPRESSION_FACTOR == 10 \\/ v $COMPRESSION_FACTOR == 11) /\\ v $OUT_LEN == 32 * v $COMPRESSION_FACTOR /\\ coefficients_field_modulus_range $re"))] +#[hax_lib::ensures(|result| + fstar!("$result == Spec.MLKEM.compress_then_byte_encode (v $COMPRESSION_FACTOR) + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)") +)] pub(super) fn compress_then_serialize_ring_element_u< const COMPRESSION_FACTOR: usize, const OUT_LEN: usize, @@ -297,10 +324,13 @@ fn compress_then_serialize_5( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires(fstar!("(v $COMPRESSION_FACTOR == 4 \\/ v $COMPRESSION_FACTOR == 5) /\\ v $OUT_LEN == 32 * v $COMPRESSION_FACTOR /\\ Seq.length $out == v $OUT_LEN /\\ coefficients_field_modulus_range $re"))] #[hax_lib::ensures(|_| - fstar!("${out_future.len()} == ${out.len()}") + fstar!("${out_future.len()} == ${out.len()} /\\ + ${out}_future == Spec.MLKEM.compress_then_encode_v $COMPRESSION_FACTOR + (Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $re)") )] pub(super) fn compress_then_serialize_ring_element_v< const COMPRESSION_FACTOR: usize, @@ -362,10 +392,15 @@ fn deserialize_then_decompress_11( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires( (COMPRESSION_FACTOR == 10 || COMPRESSION_FACTOR == 11) && serialized.len() == 32 * COMPRESSION_FACTOR )] +#[hax_lib::ensures(|result| + fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $result == + Spec.MLKEM.byte_decode_then_decompress (v $COMPRESSION_FACTOR) $serialized") +)] pub(super) fn deserialize_then_decompress_ring_element_u< const COMPRESSION_FACTOR: usize, Vector: Operations, @@ -421,10 +456,15 @@ fn deserialize_then_decompress_5( } #[inline(always)] +#[hax_lib::fstar::verification_status(panic_free)] #[hax_lib::requires( (COMPRESSION_FACTOR == 4 || COMPRESSION_FACTOR == 5) && serialized.len() == 32 * COMPRESSION_FACTOR )] +#[hax_lib::ensures(|result| + fstar!("Libcrux_ml_kem.Polynomial.to_spec_poly_t #$:Vector $result == + Spec.MLKEM.decode_then_decompress_v $COMPRESSION_FACTOR $serialized") +)] pub(super) fn deserialize_then_decompress_ring_element_v< const COMPRESSION_FACTOR: usize, Vector: Operations, diff --git a/libcrux-ml-kem/src/variant.rs b/libcrux-ml-kem/src/variant.rs index 0ce3c7182..080559de4 100644 --- a/libcrux-ml-kem/src/variant.rs +++ b/libcrux-ml-kem/src/variant.rs @@ -21,6 +21,9 @@ pub(crate) trait Variant { #[ensures(|res| fstar!("$res == $randomness"))] // We only have post-conditions for ML-KEM, not Kyber fn entropy_preprocess>(randomness: &[u8]) -> [u8; 32]; #[requires(seed.len() == 32)] + #[ensures(|res| fstar!("Seq.length $seed == 32 ==> $res == Spec.Utils.v_G + (Seq.append $seed (Seq.create 1 (cast $K <: u8)))") + )] fn cpa_keygen_seed>(seed: &[u8]) -> [u8; 64]; } @@ -91,10 +94,15 @@ impl Variant for MlKem { #[inline(always)] #[requires(key_generation_seed.len() == 32)] + #[ensures(|res| fstar!("Seq.length $key_generation_seed == 32 ==> $res == Spec.Utils.v_G + (Seq.append $key_generation_seed (Seq.create 1 (cast $K <: u8)))") + )] fn cpa_keygen_seed>(key_generation_seed: &[u8]) -> [u8; 64] { let mut seed = [0u8; CPA_PKE_KEY_GENERATION_SEED_SIZE + 1]; seed[0..CPA_PKE_KEY_GENERATION_SEED_SIZE].copy_from_slice(key_generation_seed); seed[CPA_PKE_KEY_GENERATION_SEED_SIZE] = K as u8; + hax_lib::fstar!("Lib.Sequence.eq_intro #u8 #33 $seed + (Seq.append $key_generation_seed (Seq.create 1 (cast $K <: u8)))"); Hasher::G(&seed) } } diff --git a/libcrux-ml-kem/src/vector/portable/compress.rs b/libcrux-ml-kem/src/vector/portable/compress.rs index fa8e5a0ee..ae3be0ab3 100644 --- a/libcrux-ml-kem/src/vector/portable/compress.rs +++ b/libcrux-ml-kem/src/vector/portable/compress.rs @@ -25,8 +25,8 @@ use crate::vector::FIELD_MODULUS; /// . #[cfg_attr(hax, hax_lib::requires(fe < (FIELD_MODULUS as u16)))] #[cfg_attr(hax, hax_lib::ensures(|result| - hax_lib::implies(833 <= fe && fe <= 2596, || result == 1) && - hax_lib::implies(!(833 <= fe && fe <= 2596), || result == 0) + hax_lib::implies(833 <= fe && fe <= 2496, || result == 1) && + hax_lib::implies(!(833 <= fe && fe <= 2496), || result == 0) ))] pub(crate) fn compress_message_coefficient(fe: u16) -> u8 { // The approach used here is inspired by: @@ -35,6 +35,7 @@ pub(crate) fn compress_message_coefficient(fe: u16) -> u8 { // If 833 <= fe <= 2496, // then -832 <= shifted <= 831 let shifted: i16 = 1664 - (fe as i16); + hax_lib::fstar!("assert (v $shifted == 1664 - v $fe)"); // If shifted < 0, then // (shifted >> 15) ^ shifted = flip_bits(shifted) = -shifted - 1, and so @@ -44,13 +45,37 @@ pub(crate) fn compress_message_coefficient(fe: u16) -> u8 { // (shifted >> 15) ^ shifted = shifted, and so // if 0 <= shifted <= 831 then 0 <= shifted_positive <= 831 let mask = shifted >> 15; + hax_lib::fstar!("assert (v $mask = v $shifted / pow2 15); + assert (if v $shifted < 0 then $mask = ones else $mask = zero)"); let shifted_to_positive = mask ^ shifted; + hax_lib::fstar!("logxor_lemma $shifted $mask; + assert (v $shifted < 0 ==> v $shifted_to_positive = v (lognot $shifted)); + neg_equiv_lemma $shifted; + assert (v (lognot $shifted) = -(v $shifted) -1); + assert (v $shifted >= 0 ==> v $shifted_to_positive = v ($mask `logxor` $shifted)); + assert (v $shifted >= 0 ==> $mask = zero); + assert (v $shifted >= 0 ==> $mask ^. $shifted = $shifted); + assert (v $shifted >= 0 ==> v $shifted_to_positive = v $shifted); + assert ($shifted_to_positive >=. mk_i16 0)"); let shifted_positive_in_range = shifted_to_positive - 832; + hax_lib::fstar!("assert (1664 - v $fe >= 0 ==> v $shifted_positive_in_range == 832 - v $fe); + assert (1664 - v $fe < 0 ==> v $shifted_positive_in_range == -2497 + v $fe)"); // If x <= 831, then x - 832 <= -1, and so x - 832 < 0, which means // the most significant bit of shifted_positive_in_range will be 1. - ((shifted_positive_in_range >> 15) & 1) as u8 + let r0 = shifted_positive_in_range >> 15; + let r1: i16 = r0 & 1; + let res = r1 as u8; + hax_lib::fstar!("assert (v $r0 = v $shifted_positive_in_range / pow2 15); + assert (if v $shifted_positive_in_range < 0 then $r0 = ones else $r0 = zero); + logand_lemma (mk_i16 1) $r0; + assert (if v $shifted_positive_in_range < 0 then $r1 = mk_i16 1 else $r1 = mk_i16 0); + assert ((v $fe >= 833 && v $fe <= 2496) ==> $r1 = mk_i16 1); + assert (v $fe < 833 ==> $r1 = mk_i16 0); + assert (v $fe > 2496 ==> $r1 = mk_i16 0); + assert (v $res = v $r1)"); + res } #[cfg_attr(hax, @@ -128,7 +153,8 @@ pub(crate) fn compress_1(mut a: PortableVector) -> PortableVector { v (${result}.f_elements.[ sz i ] <: i16) < pow2 (v $COEFFICIENT_BITS))"))] pub(crate) fn compress(mut a: PortableVector) -> PortableVector { hax_lib::fstar!("assert (v (cast ($COEFFICIENT_BITS) <: u8) == v $COEFFICIENT_BITS); - assert (v (cast ($COEFFICIENT_BITS) <: u32) == v $COEFFICIENT_BITS)"); + assert (v (cast ($COEFFICIENT_BITS) <: u32) == v $COEFFICIENT_BITS); + assert (v (cast ($FIELD_MODULUS) <: u16) == 3329)"); hax_lib::fstar!("assert (forall (i:nat). i < 16 ==> (cast (${a}.f_elements.[ sz i ]) <: u16) <. (cast ($FIELD_MODULUS) <: u16))"); for i in 0..FIELD_ELEMENTS_IN_VECTOR { @@ -147,23 +173,51 @@ pub(crate) fn compress(mut a: PortableVector) -> Po } #[inline(always)] +#[hax_lib::fstar::options("--z3rlimit 300 --ext context_pruning")] +#[hax_lib::requires(fstar!("(v $COEFFICIENT_BITS == 4 \\/ + v $COEFFICIENT_BITS == 5 \\/ + v $COEFFICIENT_BITS == 10 \\/ + v $COEFFICIENT_BITS == 11) /\\ + (forall (i:nat). i < 16 ==> v (Seq.index ${a}.f_elements i) >= 0 /\\ + v (Seq.index ${a}.f_elements i) < pow2 (v $COEFFICIENT_BITS))"))] +#[hax_lib::ensures(|result| fstar!("forall (i:nat). i < 16 ==> v (Seq.index ${result}.f_elements i) < v $FIELD_MODULUS"))] pub(crate) fn decompress_ciphertext_coefficient( - mut v: PortableVector, + mut a: PortableVector, ) -> PortableVector { - // debug_assert!(to_i16_array(v) - // .into_iter() - // .all(|coefficient| coefficient.abs() < 1 << COEFFICIENT_BITS)); + hax_lib::fstar!("assert_norm (pow2 1 == 2); + assert_norm (pow2 4 == 16); + assert_norm (pow2 5 == 32); + assert_norm (pow2 10 == 1024); + assert_norm (pow2 11 == 2048)"); for i in 0..FIELD_ELEMENTS_IN_VECTOR { - let mut decompressed = v.elements[i] as i32 * FIELD_MODULUS as i32; + hax_lib::loop_invariant!(|i: usize| { fstar!("(v $i < 16 ==> (forall (j:nat). (j >= v $i /\\ j < 16) ==> + v (Seq.index ${a}.f_elements j) >= 0 /\\ v (Seq.index ${a}.f_elements j) < pow2 (v $COEFFICIENT_BITS))) /\\ + (forall (j:nat). j < v $i ==> + v (Seq.index ${a}.f_elements j) < v $FIELD_MODULUS)") }); + hax_lib::fstar!("assert (v (${a}.f_elements.[ $i ] <: i16) < pow2 11); + assert (v (${a}.f_elements.[ $i ] <: i16) == + v (cast (${a}.f_elements.[ $i ] <: i16) <: i32)); + assert (v ($FIELD_MODULUS <: i16) == + v (cast ($FIELD_MODULUS <: i16) <: i32)); + assert (v ((cast (${a}.f_elements.[ $i ] <: i16) <: i32) *! + (cast ($FIELD_MODULUS <: i16) <: i32)) == + v (cast (${a}.f_elements.[ $i ] <: i16) <: i32) * + v (cast ($FIELD_MODULUS <: i16) <: i32))"); + let mut decompressed = a.elements[i] as i32 * FIELD_MODULUS as i32; + hax_lib::fstar!("assert (v ($decompressed <>! ($COEFFICIENT_BITS +! mk_i32 1 <: i32)) == + v $decompressed / pow2 (v $COEFFICIENT_BITS + 1))"); decompressed = decompressed >> (COEFFICIENT_BITS + 1); - v.elements[i] = decompressed as i16; + hax_lib::fstar!("assert (v $decompressed < v $FIELD_MODULUS); + assert (v (cast $decompressed <: i16) < v $FIELD_MODULUS)"); + a.elements[i] = decompressed as i16; } - // debug_assert!(to_i16_array(v) - // .into_iter() - // .all(|coefficient| coefficient.abs() as u16 <= 1 << 12)); - - v + a } From 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad Mon Sep 17 00:00:00 2001 From: mamonet Date: Wed, 30 Oct 2024 10:27:31 +0000 Subject: [PATCH 2/5] Update Cargo.lock --- Cargo.lock | 192 ++++++++++++++++++++++++++--------------------------- 1 file changed, 96 insertions(+), 96 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1384219f6..c1c73469d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -29,9 +29,9 @@ checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" [[package]] name = "anstream" -version = "0.6.15" +version = "0.6.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +checksum = "23a1e53f0f5d86382dafe1cf314783b2044280f406e7e1506368220ad11b1338" dependencies = [ "anstyle", "anstyle-parse", @@ -44,36 +44,36 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" +checksum = "8365de52b16c035ff4fcafe0092ba9390540e3e352870ac09933bebcaa2c8c56" [[package]] name = "anstyle-parse" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.4" +version = "3.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +checksum = "2109dbce0e72be3ec00bed26e6a7479ca384ad226efdd66db8fa2e3a38c83125" dependencies = [ "anstyle", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -84,9 +84,9 @@ checksum = "7d5a26814d8dcb93b0e5a0ff3c6d80a8843bafb21b39e8e18a6f05471870e110" [[package]] name = "autocfg" -version = "1.3.0" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0" +checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26" [[package]] name = "base16ct" @@ -126,9 +126,9 @@ dependencies = [ [[package]] name = "bindgen" -version = "0.69.4" +version = "0.69.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a00dc851838a2120612785d195287475a3ac45514741da670b735818822129a0" +checksum = "271383c67ccabffb7381723dea0672a673f292304fcb45c01cc648c7a8d58088" dependencies = [ "bitflags", "cexpr", @@ -143,7 +143,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.77", + "syn 2.0.85", "which", ] @@ -191,9 +191,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.1.21" +version = "1.1.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07b1695e2c7e8fc85310cde85aeaab7e3097f593c91d209d3f9df76c928100f0" +checksum = "c2e7962b54006dcfcc61cb72735f4d89bb97061dd6a7ed882ec6b8ee53714c6f" dependencies = [ "jobserver", "libc", @@ -290,9 +290,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.18" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0956a43b323ac1afaffc053ed5c4b7c1f1800bacd1683c353aabbb752515dd3" +checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" dependencies = [ "clap_builder", "clap_derive", @@ -300,9 +300,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.18" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d72166dd41634086d5803a47eb71ae740e61d84709c36f3c34110173db3961b" +checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" dependencies = [ "anstream", "anstyle", @@ -319,7 +319,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] @@ -341,9 +341,9 @@ dependencies = [ [[package]] name = "colorchoice" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" [[package]] name = "console_error_panic_hook" @@ -483,7 +483,7 @@ checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] @@ -701,8 +701,8 @@ dependencies = [ [[package]] name = "hax-lib" -version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#a3875a77e66411d3e4837851938a76819d78da72" +version = "0.1.0-alpha.1" +source = "git+https://github.com/hacspec/hax/?branch=main#cd66c7ce60ebbbdc9444635a53b4e51fb8fda14c" dependencies = [ "hax-lib-macros", "num-bigint", @@ -711,21 +711,21 @@ dependencies = [ [[package]] name = "hax-lib-macros" -version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#a3875a77e66411d3e4837851938a76819d78da72" +version = "0.1.0-alpha.1" +source = "git+https://github.com/hacspec/hax/?branch=main#cd66c7ce60ebbbdc9444635a53b4e51fb8fda14c" dependencies = [ "hax-lib-macros-types", "paste", "proc-macro-error", "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] name = "hax-lib-macros-types" -version = "0.1.0-pre.1" -source = "git+https://github.com/hacspec/hax/?branch=main#a3875a77e66411d3e4837851938a76819d78da72" +version = "0.1.0-alpha.1" +source = "git+https://github.com/hacspec/hax/?branch=main#cd66c7ce60ebbbdc9444635a53b4e51fb8fda14c" dependencies = [ "proc-macro2", "quote", @@ -849,9 +849,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.70" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1868808506b929d7b0cfa8f75951347aa71bb21144b7791bae35d9bccfcfe37a" +checksum = "6a88f1bda2bd75b0452a14784937d796722fdebfe50df998aeb3f0b7603019a9" dependencies = [ "wasm-bindgen", ] @@ -889,9 +889,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.159" +version = "0.2.161" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" +checksum = "8e9489c2807c139ffd9c1794f4af0ebe86a828db53ecdc7fea2111d0fed085d1" [[package]] name = "libcrux" @@ -1112,9 +1112,9 @@ checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" [[package]] name = "minicov" -version = "0.3.5" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c71e683cd655513b99affab7d317deb690528255a0d5f717f1024093c12b169" +checksum = "def6d99771d7c499c26ad4d40eb6645eafd3a1553b35fc26ea5a489a45e82d9a" dependencies = [ "cc", "walkdir", @@ -1166,9 +1166,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.19.0" +version = "1.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" +checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775" [[package]] name = "oorandom" @@ -1184,9 +1184,9 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" [[package]] name = "openssl" -version = "0.10.66" +version = "0.10.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1" +checksum = "6174bc48f102d208783c2c84bf931bb75927a617866870de8a4ea85597f871f5" dependencies = [ "bitflags", "cfg-if", @@ -1205,14 +1205,14 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] name = "openssl-sys" -version = "0.9.103" +version = "0.9.104" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6" +checksum = "45abf306cbf99debc8195b66b7346498d7b10c210de50418b5ccd7ceba08c741" dependencies = [ "cc", "libc", @@ -1326,9 +1326,9 @@ dependencies = [ [[package]] name = "pqcrypto-internals" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9d34bec6abe2283e6de7748b68b292d1ffa2203397e3e71380ff8418a49fb46" +checksum = "e10cdd9eee50fe65bbd4f40211f1a492f1ee52e97a51100950b6f1fa319ab7cd" dependencies = [ "cc", "dunce", @@ -1367,12 +1367,12 @@ dependencies = [ [[package]] name = "prettyplease" -version = "0.2.22" +version = "0.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "479cf940fbbb3426c32c5d5176f62ad57549a0bb84773423ba8be9d089f5faba" +checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033" dependencies = [ "proc-macro2", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] @@ -1410,9 +1410,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.86" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" dependencies = [ "unicode-ident", ] @@ -1500,9 +1500,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.10.6" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" dependencies = [ "aho-corasick", "memchr", @@ -1512,9 +1512,9 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.7" +version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" +checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3" dependencies = [ "aho-corasick", "memchr", @@ -1523,9 +1523,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.8.4" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" [[package]] name = "rfc6979" @@ -1569,9 +1569,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.37" +version = "0.38.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +checksum = "aa260229e6538e52293eeb577aabd09945a09d6d9cc0fc550ed7529056c2e32a" dependencies = [ "bitflags", "errno", @@ -1623,29 +1623,29 @@ checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" [[package]] name = "serde" -version = "1.0.210" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +checksum = "f55c3193aca71c12ad7890f1785d2b73e1b9f63a0bbc353c08ef26fe03fc56b5" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.210" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] name = "serde_json" -version = "1.0.128" +version = "1.0.132" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" +checksum = "d726bfaff4b320266d395898905d0eba0345aae23b54aee3a737e260fd46db03" dependencies = [ "itoa", "memchr", @@ -1737,9 +1737,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.77" +version = "2.0.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed" +checksum = "5023162dfcd14ef8f32034d8bcd4cc5ddc61ef7a247c024a33e24e1f24d21b56" dependencies = [ "proc-macro2", "quote", @@ -1801,9 +1801,9 @@ checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" [[package]] name = "uuid" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81dfa00651efa65069b0b6b651f4aaa31ba9e3c3ce0137aaad053604ee7e0314" +checksum = "f8c5f0a0af699448548ad1a2fbf920fb4bee257eae39953ba95cb84891a0446a" dependencies = [ "getrandom", ] @@ -1838,9 +1838,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5" +checksum = "128d1e363af62632b8eb57219c8fd7877144af57558fb2ef0368d0087bddeb2e" dependencies = [ "cfg-if", "once_cell", @@ -1849,24 +1849,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b" +checksum = "cb6dd4d3ca0ddffd1dd1c9c04f94b868c37ff5fac97c30b97cff2d74fce3a358" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.43" +version = "0.4.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61e9300f63a621e96ed275155c108eb6f843b6a26d053f122ab69724559dc8ed" +checksum = "cc7ec4f8827a71586374db3e87abdb5a2bb3a15afed140221307c3ec06b1f63b" dependencies = [ "cfg-if", "js-sys", @@ -1876,9 +1876,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf" +checksum = "e79384be7f8f5a9dd5d7167216f022090cf1f9ec128e6e6a482a2cb5c5422c56" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -1886,28 +1886,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836" +checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.93" +version = "0.2.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" +checksum = "65fc09f10666a9f147042251e0dda9c18f166ff7de300607007e96bdebc1068d" [[package]] name = "wasm-bindgen-test" -version = "0.3.43" +version = "0.3.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68497a05fb21143a08a7d24fc81763384a3072ee43c44e86aad1744d6adef9d9" +checksum = "d381749acb0943d357dcbd8f0b100640679883fcdeeef04def49daf8d33a5426" dependencies = [ "console_error_panic_hook", "js-sys", @@ -1920,20 +1920,20 @@ dependencies = [ [[package]] name = "wasm-bindgen-test-macro" -version = "0.3.43" +version = "0.3.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b8220be1fa9e4c889b30fd207d4906657e7e90b12e0e6b0c8b8d8709f5de021" +checksum = "c97b2ef2c8d627381e51c071c2ab328eac606d3f69dd82bcbca20a9e389d95f0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] name = "web-sys" -version = "0.3.70" +version = "0.3.72" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26fdeaafd9bd129f65e7c031593c24d62186301e0c72c8978fa1678be7d532c0" +checksum = "f6488b90108c040df0fe62fa815cbdee25124641df01814dd7282749234c6112" dependencies = [ "js-sys", "wasm-bindgen", @@ -2084,7 +2084,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] [[package]] @@ -2104,5 +2104,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.77", + "syn 2.0.85", ] From 7f7e08c4207f63ce2c4978f38618b141a601e738 Mon Sep 17 00:00:00 2001 From: karthikbhargavan Date: Wed, 30 Oct 2024 10:53:09 +0000 Subject: [PATCH 3/5] refreshed C code --- libcrux-ml-kem/c/code_gen.txt | 2 +- libcrux-ml-kem/c/internal/libcrux_core.h | 38 +- .../c/internal/libcrux_mlkem_avx2.h | 32 +- .../c/internal/libcrux_mlkem_portable.h | 32 +- libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h | 2 +- .../c/internal/libcrux_sha3_internal.h | 2 +- libcrux-ml-kem/c/libcrux_core.c | 38 +- libcrux-ml-kem/c/libcrux_core.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem_avx2.c | 1054 ++++++++-------- libcrux-ml-kem/c/libcrux_mlkem_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem_portable.c | 1090 ++++++++--------- libcrux-ml-kem/c/libcrux_mlkem_portable.h | 2 +- libcrux-ml-kem/c/libcrux_sha3.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_avx2.c | 2 +- libcrux-ml-kem/c/libcrux_sha3_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_internal.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_neon.c | 2 +- libcrux-ml-kem/c/libcrux_sha3_neon.h | 2 +- libcrux-ml-kem/cg/code_gen.txt | 2 +- libcrux-ml-kem/cg/libcrux_core.h | 16 +- libcrux-ml-kem/cg/libcrux_ct_ops.h | 2 +- libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h | 714 ++++++----- .../cg/libcrux_mlkem768_avx2_types.h | 2 +- libcrux-ml-kem/cg/libcrux_mlkem768_portable.h | 754 ++++++------ .../cg/libcrux_mlkem768_portable_types.h | 2 +- libcrux-ml-kem/cg/libcrux_sha3_avx2.h | 2 +- libcrux-ml-kem/cg/libcrux_sha3_portable.h | 2 +- 42 files changed, 1977 insertions(+), 2037 deletions(-) diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index d393ef31c..620e1c137 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 +Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index 9c0e8828e..b5eb18527 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_af1( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( uint8_t value[1568U]); /** @@ -82,7 +82,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_781( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk); @@ -95,7 +95,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_e61( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( uint8_t value[3168U]); /** @@ -107,7 +107,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_af0( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( uint8_t value[1184U]); /** @@ -120,7 +120,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_780( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk); @@ -133,7 +133,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_e60( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( uint8_t value[2400U]); /** @@ -145,7 +145,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_af( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( uint8_t value[800U]); /** @@ -158,7 +158,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_78( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk); @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_e6( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( uint8_t value[1632U]); /** @@ -182,7 +182,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_121( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d11( libcrux_ml_kem_types_MlKemPublicKey_15 *self); /** @@ -194,7 +194,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_7b1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_3a1( uint8_t value[1088U]); /** @@ -206,7 +206,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae1( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be1( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -228,7 +228,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_120( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d10( libcrux_ml_kem_types_MlKemPublicKey_be *self); /** @@ -240,7 +240,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_7b0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_3a0( uint8_t value[768U]); /** @@ -252,7 +252,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae0( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be0( libcrux_ml_kem_types_MlKemCiphertext_e8 *self); /** @@ -274,7 +274,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_12( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d1( libcrux_ml_kem_types_MlKemPublicKey_1f *self); /** @@ -321,7 +321,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_7b( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_3a( uint8_t value[1568U]); /** @@ -344,7 +344,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be( libcrux_ml_kem_types_MlKemCiphertext_1f *self); /** diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index cd446e37c..ea36300ae 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -41,7 +41,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a1(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_db1(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -51,7 +51,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e11( +bool libcrux_ml_kem_ind_cca_validate_private_key_a81( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -69,7 +69,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d21(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -90,7 +90,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f41( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -116,7 +116,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f1( +void libcrux_ml_kem_ind_cca_decapsulate_cd1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); @@ -128,7 +128,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a0(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_db0(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -138,7 +138,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e10( +bool libcrux_ml_kem_ind_cca_validate_private_key_a80( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -156,7 +156,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -177,7 +177,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f40( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -203,7 +203,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f0( +void libcrux_ml_kem_ind_cca_decapsulate_cd0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -215,7 +215,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_db(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -225,7 +225,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e1( +bool libcrux_ml_kem_ind_cca_validate_private_key_a8( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -242,7 +242,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_d2( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( uint8_t randomness[64U]); /** @@ -264,7 +264,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f4( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -290,7 +290,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f( +void libcrux_ml_kem_ind_cca_decapsulate_cd( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index c67068ba0..7475145d9 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __internal_libcrux_mlkem_portable_H @@ -46,7 +46,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_071(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_8c1(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -56,7 +56,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_c0( +bool libcrux_ml_kem_ind_cca_validate_private_key_99( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -74,7 +74,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_281(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -95,7 +95,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_8a1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -121,7 +121,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_811( +void libcrux_ml_kem_ind_cca_decapsulate_2d1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -133,7 +133,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_070(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_8c0(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -143,7 +143,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_90( +bool libcrux_ml_kem_ind_cca_validate_private_key_ba( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -161,7 +161,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -182,7 +182,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_8a0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -208,7 +208,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_810( +void libcrux_ml_kem_ind_cca_decapsulate_2d0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); @@ -220,7 +220,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_07(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_8c(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -230,7 +230,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_94( +bool libcrux_ml_kem_ind_cca_validate_private_key_4e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -248,7 +248,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -269,7 +269,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -295,7 +295,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_81( +void libcrux_ml_kem_ind_cca_decapsulate_2d( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index 2f2a3e44e..b25010cbc 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __internal_libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index 6ee3decbd..5f8662e56 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __internal_libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index 1cbf9e303..394f12228 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "internal/libcrux_core.h" @@ -80,7 +80,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_af1( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -100,7 +100,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_781( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk) { return ( @@ -116,7 +116,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_e61( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; @@ -135,7 +135,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_af0( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; @@ -155,7 +155,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_780( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_e60( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; @@ -190,7 +190,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_af( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; @@ -210,7 +210,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_78( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk) { return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); @@ -225,7 +225,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_e6( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; @@ -243,7 +243,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_121( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d11( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -257,7 +257,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_7b1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_3a1( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -276,7 +276,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae1( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be1( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -308,7 +308,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_120( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d10( libcrux_ml_kem_types_MlKemPublicKey_be *self) { return self->value; } @@ -322,7 +322,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_7b0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_3a0( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; @@ -341,7 +341,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae0( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be0( libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -373,7 +373,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_12( +uint8_t *libcrux_ml_kem_types_as_slice_fd_d1( libcrux_ml_kem_types_MlKemPublicKey_1f *self) { return self->value; } @@ -427,7 +427,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_7b( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_3a( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -465,7 +465,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_ae( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_be( libcrux_ml_kem_types_MlKemCiphertext_1f *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index 788f288e4..106b44b1f 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index cdea86609..052060fb6 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem1024_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index a62e4b058..f8b601eef 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem1024_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_150( +static void decapsulate_200( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6f0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_cd0(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_150( void libcrux_ml_kem_mlkem1024_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_150(private_key, ciphertext, ret); + decapsulate_200(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_9e0( +static tuple_21 encapsulate_b00( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_f40(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_790(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_9e0(uu____0, copy_of_randomness); + return encapsulate_b00(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_010( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_8e0( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_d20(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_010(copy_of_randomness); + return generate_keypair_8e0(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_840( +static KRML_MUSTINLINE bool validate_private_key_a10( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_e10(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_a80(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_840( bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_840(private_key, ciphertext); + return validate_private_key_a10(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_e30(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_4a0(public_key); +static KRML_MUSTINLINE bool validate_public_key_c20(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_db0(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_e30(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_e30(public_key->value); + return validate_public_key_c20(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index 037013ac3..a20c4e836 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem1024_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index 96788b0a9..0b655b537 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem1024_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_e51( +static void decapsulate_f71( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_811(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_2d1(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_e51( void libcrux_ml_kem_mlkem1024_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_e51(private_key, ciphertext, ret); + decapsulate_f71(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_1f1( +static tuple_21 encapsulate_af1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_8a1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_1e1(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1f1(uu____0, copy_of_randomness); + return encapsulate_af1(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_e31( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_561( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_281(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_911(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e31(copy_of_randomness); + return generate_keypair_561(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_a41( +static KRML_MUSTINLINE bool validate_private_key_a91( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_c0(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_99(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a41( bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_a41(private_key, ciphertext); + return validate_private_key_a91(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_101(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_071(public_key); +static KRML_MUSTINLINE bool validate_public_key_a81(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_8c1(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_101(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_101(public_key->value); + return validate_public_key_a81(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index 9a9d19aa3..8dac186df 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem1024_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index bc9966b87..1ec63a95d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem512_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index 92728c869..1ea59179a 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem512_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_15(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, +static void decapsulate_20(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6f(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_cd(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_15(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, void libcrux_ml_kem_mlkem512_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_15(private_key, ciphertext, ret); + decapsulate_20(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_9e( +static tuple_ec encapsulate_b0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_f4(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_79(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_9e(uu____0, copy_of_randomness); + return encapsulate_b0(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_01( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_8e( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_d2(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_01(copy_of_randomness); + return generate_keypair_8e(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_84( +static KRML_MUSTINLINE bool validate_private_key_a1( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_e1(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_a8(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_84( bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_84(private_key, ciphertext); + return validate_private_key_a1(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_e3(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_4a(public_key); +static KRML_MUSTINLINE bool validate_public_key_c2(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_db(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_e3(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_e3(public_key->value); + return validate_public_key_c2(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 9a569226e..8227a08bf 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem512_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index b8c676f21..3f1132f00 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem512_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_e50( +static void decapsulate_f70( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_810(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_2d0(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_e50( void libcrux_ml_kem_mlkem512_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_e50(private_key, ciphertext, ret); + decapsulate_f70(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_1f0( +static tuple_ec encapsulate_af0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_8a0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_1e0(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1f0(uu____0, copy_of_randomness); + return encapsulate_af0(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_e30( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_560( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_280(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e30(copy_of_randomness); + return generate_keypair_560(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_a40( +static KRML_MUSTINLINE bool validate_private_key_a90( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_90(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_ba(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a40( bool libcrux_ml_kem_mlkem512_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_a40(private_key, ciphertext); + return validate_private_key_a90(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_100(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_070(public_key); +static KRML_MUSTINLINE bool validate_public_key_a80(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_8c0(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_100(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_100(public_key->value); + return validate_public_key_a80(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index d77580778..b35f61b44 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem512_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index a6116f34c..d9947c213 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index e40e70dc4..aca4d93f8 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem768_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_151( +static void decapsulate_201( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6f1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_cd1(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_151( void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_151(private_key, ciphertext, ret); + decapsulate_201(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_9e1( +static tuple_3c encapsulate_b01( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_f41(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_791(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_9e1(uu____0, copy_of_randomness); + return encapsulate_b01(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_011( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_8e1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_d21(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd1(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_011(copy_of_randomness); + return generate_keypair_8e1(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_841( +static KRML_MUSTINLINE bool validate_private_key_a11( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_e11(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_a81(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_841( bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_841(private_key, ciphertext); + return validate_private_key_a11(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_e31(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_4a1(public_key); +static KRML_MUSTINLINE bool validate_public_key_c21(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_db1(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_e31(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_e31(public_key->value); + return validate_public_key_c21(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index aaf21051e..a977c4abe 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index 5b18705f9..6f19bf422 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_mlkem768_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_e5( +static void decapsulate_f7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_81(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_2d(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_e5( void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_e5(private_key, ciphertext, ret); + decapsulate_f7(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_1f( +static tuple_3c encapsulate_af( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_8a(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_1e(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1f(uu____0, copy_of_randomness); + return encapsulate_af(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_e3( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_56( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_28(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e3(copy_of_randomness); + return generate_keypair_56(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_a4( +static KRML_MUSTINLINE bool validate_private_key_a9( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_94(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_4e(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a4( bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_a4(private_key, ciphertext); + return validate_private_key_a9(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_10(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_07(public_key); +static KRML_MUSTINLINE bool validate_public_key_a8(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_8c(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_10(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_10(public_key->value); + return validate_public_key_a8(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index 3e1a2fe82..47c0dd223 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 4893a5ab2..7112fa8d3 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "internal/libcrux_mlkem_avx2.h" @@ -1140,7 +1140,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_d7(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_65(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -1160,7 +1160,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e71( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -1174,7 +1174,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e71( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_d7(ring_element); + deserialize_to_reduced_ring_element_65(ring_element); deserialized_pk[i0] = uu____0; } } @@ -1185,13 +1185,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_001( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_191( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_e71(public_key, deserialized_pk); + deserialize_ring_elements_reduced_9f1(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( result, deserialized_pk, @@ -1206,7 +1206,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_1f(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_70(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1219,8 +1219,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_09 with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_09_c7(__m256i vector) { - return shift_right_1f(vector); +static __m256i shift_right_09_58(__m256i vector) { + return shift_right_70(vector); } /** @@ -1229,8 +1229,8 @@ libcrux_ml_kem.vector.traits.to_unsigned_representative with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_unsigned_representative_b5(__m256i a) { - __m256i t = shift_right_09_c7(a); +static __m256i to_unsigned_representative_e5(__m256i a) { + __m256i t = shift_right_09_58(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -1242,8 +1242,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_88(__m256i a) { - return to_unsigned_representative_b5(a); +static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_8a(__m256i a) { + return to_unsigned_representative_e5(a); } /** @@ -1252,13 +1252,13 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_b8( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_09( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_88(re->coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_8a(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1278,7 +1278,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_051( +static KRML_MUSTINLINE void serialize_secret_key_231( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -1296,13 +1296,11 @@ static KRML_MUSTINLINE void serialize_secret_key_051( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b8(&re, ret0); + serialize_uncompressed_ring_element_09(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1152U]; - memcpy(result, out, (size_t)1152U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1152U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1152U * sizeof(uint8_t)); } /** @@ -1313,13 +1311,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_071( +static KRML_MUSTINLINE void serialize_public_key_mut_ff1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_051(t_as_ntt, ret); + serialize_secret_key_231(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1336,14 +1334,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_e51( +static KRML_MUSTINLINE void serialize_public_key_161( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_071(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_ff1(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -1354,15 +1350,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a1(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_db1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_001( + deserialize_ring_elements_reduced_out_191( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_e51( + serialize_public_key_161( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1392,7 +1388,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e11( +bool libcrux_ml_kem_ind_cca_validate_private_key_a81( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -1504,7 +1500,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_101( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b1( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2087,7 +2083,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_13( +static KRML_MUSTINLINE void ntt_at_layer_7_69( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -2112,7 +2108,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i montgomery_multiply_fe_5f(__m256i v, int16_t fer) { +static __m256i montgomery_multiply_fe_e0(__m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -2123,8 +2119,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -ntt_layer_int_vec_step_97(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = montgomery_multiply_fe_5f(b, zeta_r); +ntt_layer_int_vec_step_e8(__m256i a, __m256i b, int16_t zeta_r) { + __m256i t = montgomery_multiply_fe_e0(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -2137,7 +2133,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_ca( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_07( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2150,7 +2146,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_ca( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - ntt_layer_int_vec_step_97( + ntt_layer_int_vec_step_e8( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2167,7 +2163,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_bc( +static KRML_MUSTINLINE void ntt_at_layer_3_46( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2183,7 +2179,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_c2( +static KRML_MUSTINLINE void ntt_at_layer_2_53( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2201,7 +2197,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_09( +static KRML_MUSTINLINE void ntt_at_layer_1_42( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2226,7 +2222,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_dc( +static KRML_MUSTINLINE void poly_barrett_reduce_ef_83( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2242,17 +2238,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_44( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_25( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - ntt_at_layer_7_13(re); + ntt_at_layer_7_69(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_bc(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_09(&zeta_i, re); - poly_barrett_reduce_ef_dc(re); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_42(&zeta_i, re); + poly_barrett_reduce_ef_83(re); } /** @@ -2263,7 +2259,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_081( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_681( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -2273,6 +2269,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_081( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -2282,7 +2280,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_081( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_44(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); return domain_separator; } @@ -2305,7 +2303,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_d71( +static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_481( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -2314,18 +2312,18 @@ static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_d71( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_081(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_681(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 result; + tuple_b0 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -2340,7 +2338,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -ntt_multiply_ef_63(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +ntt_multiply_ef_d5(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_ef_05(); for (size_t i = (size_t)0U; @@ -2370,7 +2368,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_311( +static KRML_MUSTINLINE void add_to_ring_element_ef_aa1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2390,7 +2388,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_standard_domain_c1(__m256i v) { +static __m256i to_standard_domain_bb(__m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } @@ -2406,14 +2404,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_ba( +static KRML_MUSTINLINE void add_standard_error_reduce_ef_e7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - to_standard_domain_c1(self->coefficients[j]); + to_standard_domain_bb(self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, &error->coefficients[j])); @@ -2426,7 +2424,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_671( +static KRML_MUSTINLINE void compute_As_plus_e_b61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -2453,10 +2451,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_671( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_311(&t_as_ntt[i0], &product); + ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_aa1(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_ba(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -2469,12 +2467,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_4a1( +static void generate_keypair_unpacked_a21( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_a0 *private_key, IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_101(key_generation_seed, hashed); + cpa_keygen_seed_d8_6b1(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -2494,17 +2492,17 @@ static void generate_keypair_unpacked_4a1( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_081(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_681(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_d71(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_481(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_671(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_b61(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -2529,14 +2527,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_471( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_3c1(); IndCpaPublicKeyUnpacked_a0 public_key = default_8d_891(); - generate_keypair_unpacked_4a1(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a21(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_e51( + serialize_public_key_161( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_051(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_231(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2545,12 +2543,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_471( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -2560,7 +2558,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_711( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b1( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2616,7 +2614,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d21(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2631,7 +2629,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_d21(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_711( + serialize_kem_secret_key_7b1( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2640,13 +2638,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_d21(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e60(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_780( - uu____2, libcrux_ml_kem_types_from_5a_af0(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f60( + uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); } /** @@ -2659,7 +2657,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c51(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_6c1(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -2676,7 +2674,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_6a1(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -2687,6 +2685,8 @@ sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -2703,12 +2703,12 @@ sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 result; + tuple_b0 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -2744,7 +2744,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_a3( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_78( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2765,7 +2765,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_cd( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_2c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2784,7 +2784,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_d7( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_73( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16(i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -2801,11 +2801,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_2d(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_83(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = montgomery_multiply_fe_5f(a_minus_b, zeta_r); + b = montgomery_multiply_fe_e0(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2816,7 +2816,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_af( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_04( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2831,7 +2831,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_af( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_2d( + inv_ntt_layer_int_vec_step_reduce_83( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2848,18 +2848,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_801( +static KRML_MUSTINLINE void invert_ntt_montgomery_401( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_a3(&zeta_i, re); - invert_ntt_at_layer_2_cd(&zeta_i, re); - invert_ntt_at_layer_3_d7(&zeta_i, re); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_dc(re); + invert_ntt_at_layer_1_78(&zeta_i, re); + invert_ntt_at_layer_2_2c(&zeta_i, re); + invert_ntt_at_layer_3_73(&zeta_i, re); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_83(re); } /** @@ -2873,7 +2873,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_05( +static KRML_MUSTINLINE void add_error_reduce_ef_ee( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -2894,7 +2894,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_3c1( +static KRML_MUSTINLINE void compute_vector_u_421( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -2921,11 +2921,11 @@ static KRML_MUSTINLINE void compute_vector_u_3c1( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_311(&result[i1], &product); + ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_aa1(&result[i1], &product); } - invert_ntt_montgomery_801(&result[i1]); - add_error_reduce_ef_05(&result[i1], &error_1[i1]); + invert_ntt_montgomery_401(&result[i1]); + add_error_reduce_ef_ee(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -2938,7 +2938,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_20(__m256i vec) { +static __m256i decompress_1_4e(__m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09(s, @@ -2952,7 +2952,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_12(uint8_t serialized[32U]) { +deserialize_then_decompress_message_6f(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -2961,7 +2961,7 @@ deserialize_then_decompress_message_12(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_20(coefficient_compressed);); + re.coefficients[i0] = decompress_1_4e(coefficient_compressed);); return re; } @@ -2977,7 +2977,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_ef_b9( +add_message_error_reduce_ef_a6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3004,7 +3004,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_511( +compute_ring_element_v_d21( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3012,10 +3012,10 @@ compute_ring_element_v_511( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_311(&result, &product);); - invert_ntt_montgomery_801(&result); - result = add_message_error_reduce_ef_b9(error_2, message, result); + ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_aa1(&result, &product);); + invert_ntt_montgomery_401(&result); + result = add_message_error_reduce_ef_a6(error_2, message, result); return result; } @@ -3026,7 +3026,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_76(__m256i vector) { +compress_ciphertext_coefficient_19(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3073,8 +3073,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_09_70(__m256i vector) { - return compress_ciphertext_coefficient_76(vector); +static __m256i compress_09_8f(__m256i vector) { + return compress_ciphertext_coefficient_19(vector); } /** @@ -3083,14 +3083,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_170( +static KRML_MUSTINLINE void compress_then_serialize_10_4d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_70(to_unsigned_field_modulus_88(re->coefficients[i0])); + compress_09_8f(to_unsigned_field_modulus_8a(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3110,7 +3110,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_760(__m256i vector) { +compress_ciphertext_coefficient_190(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3157,8 +3157,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_09_700(__m256i vector) { - return compress_ciphertext_coefficient_760(vector); +static __m256i compress_09_8f0(__m256i vector) { + return compress_ciphertext_coefficient_190(vector); } /** @@ -3168,11 +3168,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b00( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_680( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - compress_then_serialize_10_170(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + compress_then_serialize_10_4d0(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3184,7 +3184,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_e81( +static void compress_then_serialize_u_931( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3200,7 +3200,7 @@ static void compress_then_serialize_u_e81( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_b00(&re, ret); + compress_then_serialize_ring_element_u_680(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3213,7 +3213,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_761(__m256i vector) { +compress_ciphertext_coefficient_191(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3260,8 +3260,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_09_701(__m256i vector) { - return compress_ciphertext_coefficient_761(vector); +static __m256i compress_09_8f1(__m256i vector) { + return compress_ciphertext_coefficient_191(vector); } /** @@ -3270,14 +3270,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_06( +static KRML_MUSTINLINE void compress_then_serialize_4_aa( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_701(to_unsigned_field_modulus_88(re.coefficients[i0])); + compress_09_8f1(to_unsigned_field_modulus_8a(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); Eurydice_slice_copy( @@ -3294,7 +3294,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_762(__m256i vector) { +compress_ciphertext_coefficient_192(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3341,8 +3341,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_09_702(__m256i vector) { - return compress_ciphertext_coefficient_762(vector); +static __m256i compress_09_8f2(__m256i vector) { + return compress_ciphertext_coefficient_192(vector); } /** @@ -3351,14 +3351,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_7a( +static KRML_MUSTINLINE void compress_then_serialize_5_fc( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_09_702(to_unsigned_representative_b5(re.coefficients[i0])); + compress_09_8f2(to_unsigned_representative_e5(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); Eurydice_slice_copy( @@ -3375,9 +3375,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_f20( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_7b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_06(re, out); + compress_then_serialize_4_aa(re, out); } /** @@ -3397,7 +3397,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_031(IndCpaPublicKeyUnpacked_a0 *public_key, +static void encrypt_unpacked_ec1(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -3406,7 +3406,7 @@ static void encrypt_unpacked_031(IndCpaPublicKeyUnpacked_a0 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_d71(copy_of_prf_input0, 0U); + tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_481(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -3416,7 +3416,7 @@ static void encrypt_unpacked_031(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b0 uu____3 = - sample_ring_element_cbd_a01(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_6a1(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -3430,25 +3430,25 @@ static void encrypt_unpacked_031(IndCpaPublicKeyUnpacked_a0 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_3c1(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_421(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_12(copy_of_message); + deserialize_then_decompress_message_6f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_511(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_d21(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_e81( + compress_then_serialize_u_931( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f20( + compress_then_serialize_ring_element_v_7b0( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3471,10 +3471,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_b41(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_681(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_891(); - deserialize_ring_elements_reduced_e71( + deserialize_ring_elements_reduced_9f1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -3488,9 +3488,9 @@ static void encrypt_b41(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - encrypt_unpacked_031(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + encrypt_unpacked_ec1(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -3504,7 +3504,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_dc1(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_b21(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3531,11 +3531,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f41( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c51( + entropy_preprocess_d8_6c1( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -3545,7 +3545,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f41( size_t); uint8_t ret[32U]; H_a9_411(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_121(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -3559,19 +3559,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f41( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_121(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_b41(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_681(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_7b1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_dc1(shared_secret, shared_secret_array); + kdf_d8_b21(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -3590,7 +3590,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_fe(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_6e(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -3608,7 +3608,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_0d1( +static KRML_MUSTINLINE void deserialize_secret_key_cf1( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -3625,15 +3625,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_0d1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_fe(secret_bytes); + deserialize_to_uncompressed_ring_element_6e(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -3644,7 +3640,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_6c(__m256i vector) { +decompress_ciphertext_coefficient_4f(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3688,8 +3684,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_09_0f(__m256i vector) { - return decompress_ciphertext_coefficient_6c(vector); +static __m256i decompress_ciphertext_coefficient_09_4c(__m256i vector) { + return decompress_ciphertext_coefficient_4f(vector); } /** @@ -3699,7 +3695,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_47(Eurydice_slice serialized) { +deserialize_then_decompress_10_e4(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -3712,7 +3708,7 @@ deserialize_then_decompress_10_47(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_0f(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c(coefficient); } return re; } @@ -3724,7 +3720,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_6c0(__m256i vector) { +decompress_ciphertext_coefficient_4f0(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3768,8 +3764,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_09_0f0(__m256i vector) { - return decompress_ciphertext_coefficient_6c0(vector); +static __m256i decompress_ciphertext_coefficient_09_4c0(__m256i vector) { + return decompress_ciphertext_coefficient_4f0(vector); } /** @@ -3779,7 +3775,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_a8(Eurydice_slice serialized) { +deserialize_then_decompress_11_39(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -3787,7 +3783,7 @@ deserialize_then_decompress_11_a8(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_0f0(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c0(coefficient); } return re; } @@ -3799,8 +3795,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_d30(Eurydice_slice serialized) { - return deserialize_then_decompress_10_47(serialized); +deserialize_then_decompress_ring_element_u_180(Eurydice_slice serialized) { + return deserialize_then_decompress_10_e4(serialized); } /** @@ -3809,17 +3805,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_090( +static KRML_MUSTINLINE void ntt_vector_u_b10( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_bc(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_09(&zeta_i, re); - poly_barrett_reduce_ef_dc(re); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_42(&zeta_i, re); + poly_barrett_reduce_ef_83(re); } /** @@ -3830,7 +3826,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_411( +static KRML_MUSTINLINE void deserialize_then_decompress_u_b11( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -3853,15 +3849,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_411( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_d30(u_bytes); - ntt_vector_u_090(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_180(u_bytes); + ntt_vector_u_b10(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; - memcpy( - result, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, result, + ret, u_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -3872,7 +3864,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_6c1(__m256i vector) { +decompress_ciphertext_coefficient_4f1(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3916,8 +3908,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_09_0f1(__m256i vector) { - return decompress_ciphertext_coefficient_6c1(vector); +static __m256i decompress_ciphertext_coefficient_09_4c1(__m256i vector) { + return decompress_ciphertext_coefficient_4f1(vector); } /** @@ -3927,7 +3919,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_98(Eurydice_slice serialized) { +deserialize_then_decompress_4_4d(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -3935,7 +3927,7 @@ deserialize_then_decompress_4_98(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_0f1(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c1(coefficient); } return re; } @@ -3947,7 +3939,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_6c2(__m256i vector) { +decompress_ciphertext_coefficient_4f2(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3991,8 +3983,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_09_0f2(__m256i vector) { - return decompress_ciphertext_coefficient_6c2(vector); +static __m256i decompress_ciphertext_coefficient_09_4c2(__m256i vector) { + return decompress_ciphertext_coefficient_4f2(vector); } /** @@ -4002,7 +3994,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_45(Eurydice_slice serialized) { +deserialize_then_decompress_5_67(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -4011,7 +4003,7 @@ deserialize_then_decompress_5_45(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_09_0f2(re.coefficients[i0]); + decompress_ciphertext_coefficient_09_4c2(re.coefficients[i0]); } return re; } @@ -4023,8 +4015,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_860(Eurydice_slice serialized) { - return deserialize_then_decompress_4_98(serialized); +deserialize_then_decompress_ring_element_v_3d0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_4d(serialized); } /** @@ -4039,7 +4031,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_ef_73(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +subtract_reduce_ef_07(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -4061,17 +4053,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7e1( +compute_message_c31( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_311(&result, &product);); - invert_ntt_montgomery_801(&result); - result = subtract_reduce_ef_73(v, result); + ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_aa1(&result, &product);); + invert_ntt_montgomery_401(&result); + result = subtract_reduce_ef_07(v, result); return result; } @@ -4081,12 +4073,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_83( +static KRML_MUSTINLINE void compress_then_serialize_message_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_88(re.coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_8a(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); uint8_t bytes[2U]; @@ -4111,18 +4103,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_461(IndCpaPrivateKeyUnpacked_a0 *secret_key, +static void decrypt_unpacked_981(IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_411(ciphertext, u_as_ntt); + deserialize_then_decompress_u_b11(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_860( + deserialize_then_decompress_ring_element_v_3d0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7e1(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_c31(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_83(message, ret0); + compress_then_serialize_message_6c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4136,10 +4128,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_9a1(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_361(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_0d1(secret_key, secret_as_ntt); + deserialize_secret_key_cf1(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -4149,9 +4141,9 @@ static void decrypt_9a1(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_461(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_981(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -4202,7 +4194,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f1( +void libcrux_ml_kem_ind_cca_decapsulate_cd1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4220,7 +4212,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_9a1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_361(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -4242,7 +4234,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f1( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be1(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_163(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -4252,17 +4244,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f1( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_b41(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_681(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_dc1(Eurydice_array_to_slice( + kdf_d8_b21(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_dc1(shared_secret0, shared_secret1); + kdf_d8_b21(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae1(ciphertext), + libcrux_ml_kem_types_as_ref_00_be1(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4277,7 +4269,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e7( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -4291,7 +4283,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e7( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_d7(ring_element); + deserialize_to_reduced_ring_element_65(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4302,13 +4294,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_000( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_190( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_e7(public_key, deserialized_pk); + deserialize_ring_elements_reduced_9f(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; memcpy( result, deserialized_pk, @@ -4325,7 +4317,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_05( +static KRML_MUSTINLINE void serialize_secret_key_23( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -4343,13 +4335,11 @@ static KRML_MUSTINLINE void serialize_secret_key_05( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b8(&re, ret0); + serialize_uncompressed_ring_element_09(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1536U]; - memcpy(result, out, (size_t)1536U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1536U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1536U * sizeof(uint8_t)); } /** @@ -4360,13 +4350,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_07( +static KRML_MUSTINLINE void serialize_public_key_mut_ff( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_05(t_as_ntt, ret); + serialize_secret_key_23(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4383,14 +4373,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_e5( +static KRML_MUSTINLINE void serialize_public_key_16( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_07(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1568U]; - memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_ff(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4401,15 +4389,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a0(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_db0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_000( + deserialize_ring_elements_reduced_out_190( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_e5( + serialize_public_key_16( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4439,7 +4427,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e10( +bool libcrux_ml_kem_ind_cca_validate_private_key_a80( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -4559,7 +4547,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_10( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5029,7 +5017,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_08( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_68( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -5039,6 +5027,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_08( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -5048,7 +5038,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_08( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_44(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); return domain_separator; } @@ -5071,7 +5061,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_d7( +static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_48( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -5080,18 +5070,18 @@ static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_d7( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_08(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_68(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 result; + tuple_71 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -5105,7 +5095,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_31( +static KRML_MUSTINLINE void add_to_ring_element_ef_aa( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -5125,7 +5115,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_67( +static KRML_MUSTINLINE void compute_As_plus_e_b6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -5152,10 +5142,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_67( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_31(&t_as_ntt[i0], &product); + ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_aa(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_ba(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5168,12 +5158,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_4a( +static void generate_keypair_unpacked_a2( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_01 *private_key, IndCpaPublicKeyUnpacked_01 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_10(key_generation_seed, hashed); + cpa_keygen_seed_d8_6b(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5193,17 +5183,17 @@ static void generate_keypair_unpacked_4a( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_08(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_68(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_d7(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_48(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_67(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_b6(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -5228,14 +5218,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_470( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_01 private_key = default_1a_3c(); IndCpaPublicKeyUnpacked_01 public_key = default_8d_89(); - generate_keypair_unpacked_4a(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a2(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_e5( + serialize_public_key_16( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_05(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_23(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5244,12 +5234,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_470( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5259,7 +5249,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_710( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5315,7 +5305,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5330,7 +5320,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_710( + serialize_kem_secret_key_7b0( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5339,13 +5329,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_e61(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_781( - uu____2, libcrux_ml_kem_types_from_5a_af1(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f61( + uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); } /** @@ -5358,7 +5348,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c50(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_6c0(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5375,7 +5365,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_6a(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -5386,6 +5376,8 @@ sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -5402,12 +5394,12 @@ sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 result; + tuple_71 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -5431,18 +5423,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_80( +static KRML_MUSTINLINE void invert_ntt_montgomery_40( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_a3(&zeta_i, re); - invert_ntt_at_layer_2_cd(&zeta_i, re); - invert_ntt_at_layer_3_d7(&zeta_i, re); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_dc(re); + invert_ntt_at_layer_1_78(&zeta_i, re); + invert_ntt_at_layer_2_2c(&zeta_i, re); + invert_ntt_at_layer_3_73(&zeta_i, re); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_83(re); } /** @@ -5451,7 +5443,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_3c( +static KRML_MUSTINLINE void compute_vector_u_42( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -5478,11 +5470,11 @@ static KRML_MUSTINLINE void compute_vector_u_3c( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_31(&result[i1], &product); + ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_aa(&result[i1], &product); } - invert_ntt_montgomery_80(&result[i1]); - add_error_reduce_ef_05(&result[i1], &error_1[i1]); + invert_ntt_montgomery_40(&result[i1]); + add_error_reduce_ef_ee(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -5496,7 +5488,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_51( +compute_ring_element_v_d2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -5504,10 +5496,10 @@ compute_ring_element_v_51( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_31(&result, &product);); - invert_ntt_montgomery_80(&result); - result = add_message_error_reduce_ef_b9(error_2, message, result); + ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_aa(&result, &product);); + invert_ntt_montgomery_40(&result); + result = add_message_error_reduce_ef_a6(error_2, message, result); return result; } @@ -5517,14 +5509,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_b8( +static KRML_MUSTINLINE void compress_then_serialize_11_fd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_700(to_unsigned_representative_b5(re->coefficients[i0])); + compress_09_8f0(to_unsigned_representative_e5(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5542,11 +5534,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_68( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { - uint8_t uu____0[352U]; - compress_then_serialize_11_b8(re, uu____0); - memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); + uint8_t result[352U]; + compress_then_serialize_11_fd(re, result); + memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); } /** @@ -5558,7 +5550,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_e8( +static void compress_then_serialize_u_93( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -5574,7 +5566,7 @@ static void compress_then_serialize_u_e8( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_b0(&re, ret); + compress_then_serialize_ring_element_u_68(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5587,9 +5579,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_f2( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_7a(re, out); + compress_then_serialize_5_fc(re, out); } /** @@ -5609,7 +5601,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_03(IndCpaPublicKeyUnpacked_01 *public_key, +static void encrypt_unpacked_ec(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -5617,7 +5609,7 @@ static void encrypt_unpacked_03(IndCpaPublicKeyUnpacked_01 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_d7(copy_of_prf_input0, 0U); + tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_48(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -5627,7 +5619,7 @@ static void encrypt_unpacked_03(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_71 uu____3 = - sample_ring_element_cbd_a0(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_6a(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -5641,25 +5633,25 @@ static void encrypt_unpacked_03(IndCpaPublicKeyUnpacked_01 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_3c(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_42(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_12(copy_of_message); + deserialize_then_decompress_message_6f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_51(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_d2(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_e8( + compress_then_serialize_u_93( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f2( + compress_then_serialize_ring_element_v_7b( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -5682,10 +5674,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_b40(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_680(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_89(); - deserialize_ring_elements_reduced_e7( + deserialize_ring_elements_reduced_9f( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5699,9 +5691,9 @@ static void encrypt_b40(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1568U]; - encrypt_unpacked_03(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + uint8_t ret1[1568U]; + encrypt_unpacked_ec(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } /** @@ -5715,7 +5707,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_dc0(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_b20(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5742,11 +5734,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f40( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c50( + entropy_preprocess_d8_6c0( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5756,7 +5748,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f40( size_t); uint8_t ret[32U]; H_a9_41(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_12(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5770,19 +5762,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f40( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_12(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_b40(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_680(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_7b(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_dc0(shared_secret, shared_secret_array); + kdf_d8_b20(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -5800,7 +5792,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_0d0( +static KRML_MUSTINLINE void deserialize_secret_key_cf0( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; @@ -5817,15 +5809,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_0d0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_fe(secret_bytes); + deserialize_to_uncompressed_ring_element_6e(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; - memcpy( - result, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, result, + ret, secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -5836,8 +5824,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_d3(Eurydice_slice serialized) { - return deserialize_then_decompress_11_a8(serialized); +deserialize_then_decompress_ring_element_u_18(Eurydice_slice serialized) { + return deserialize_then_decompress_11_39(serialized); } /** @@ -5846,17 +5834,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_09( +static KRML_MUSTINLINE void ntt_vector_u_b1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_bc(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_09(&zeta_i, re); - poly_barrett_reduce_ef_dc(re); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_42(&zeta_i, re); + poly_barrett_reduce_ef_83(re); } /** @@ -5867,7 +5855,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_41( +static KRML_MUSTINLINE void deserialize_then_decompress_u_b1( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; @@ -5890,15 +5878,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_41( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_d3(u_bytes); - ntt_vector_u_09(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_18(u_bytes); + ntt_vector_u_b1(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; memcpy( - result, u_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, u_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -5909,8 +5893,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_86(Eurydice_slice serialized) { - return deserialize_then_decompress_5_45(serialized); +deserialize_then_decompress_ring_element_v_3d(Eurydice_slice serialized) { + return deserialize_then_decompress_5_67(serialized); } /** @@ -5920,17 +5904,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7e( +compute_message_c3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_31(&result, &product);); - invert_ntt_montgomery_80(&result); - result = subtract_reduce_ef_73(v, result); + ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_aa(&result, &product);); + invert_ntt_montgomery_40(&result); + result = subtract_reduce_ef_07(v, result); return result; } @@ -5944,18 +5928,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_46(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_98(IndCpaPrivateKeyUnpacked_01 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_41(ciphertext, u_as_ntt); + deserialize_then_decompress_u_b1(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_86( + deserialize_then_decompress_ring_element_v_3d( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7e(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_c3(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_83(message, ret0); + compress_then_serialize_message_6c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5969,10 +5953,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_9a0(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_360(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_0d0(secret_key, secret_as_ntt); + deserialize_secret_key_cf0(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; memcpy( @@ -5982,9 +5966,9 @@ static void decrypt_9a0(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_46(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_98(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -6023,7 +6007,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f0( +void libcrux_ml_kem_ind_cca_decapsulate_cd0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -6041,7 +6025,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_9a0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_360(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -6063,7 +6047,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_16(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -6073,17 +6057,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_b40(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_680(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_dc0(Eurydice_array_to_slice( + kdf_d8_b20(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_dc0(shared_secret0, shared_secret1); + kdf_d8_b20(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae(ciphertext), + libcrux_ml_kem_types_as_ref_00_be(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6098,7 +6082,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e70( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6112,7 +6096,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_e70( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_d7(ring_element); + deserialize_to_reduced_ring_element_65(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6123,13 +6107,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_00( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_19( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_e70(public_key, deserialized_pk); + deserialize_ring_elements_reduced_9f0(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; memcpy( result, deserialized_pk, @@ -6146,7 +6130,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_050( +static KRML_MUSTINLINE void serialize_secret_key_230( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -6164,13 +6148,11 @@ static KRML_MUSTINLINE void serialize_secret_key_050( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b8(&re, ret0); + serialize_uncompressed_ring_element_09(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[768U]; - memcpy(result, out, (size_t)768U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)768U * sizeof(uint8_t)); } /** @@ -6181,13 +6163,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_070( +static KRML_MUSTINLINE void serialize_public_key_mut_ff0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_050(t_as_ntt, ret); + serialize_secret_key_230(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6204,14 +6186,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_e50( +static KRML_MUSTINLINE void serialize_public_key_160( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_070(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[800U]; - memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_ff0(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } /** @@ -6222,15 +6202,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_4a(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_db(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_00( + deserialize_ring_elements_reduced_out_19( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_e50( + serialize_public_key_160( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6260,7 +6240,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_e1( +bool libcrux_ml_kem_ind_cca_validate_private_key_a8( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -6366,7 +6346,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_100( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b0( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6829,7 +6809,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_080( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_680( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6839,6 +6819,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_080( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6848,7 +6830,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_080( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d70( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_44(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); return domain_separator; } @@ -6871,7 +6853,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_d70( +static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_480( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -6880,18 +6862,18 @@ static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_d70( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_080(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_680(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 result; + tuple_74 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -6905,7 +6887,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_310( +static KRML_MUSTINLINE void add_to_ring_element_ef_aa0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -6925,7 +6907,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_670( +static KRML_MUSTINLINE void compute_As_plus_e_b60( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -6952,10 +6934,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_670( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_310(&t_as_ntt[i0], &product); + ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_aa0(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_ba(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6968,12 +6950,12 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_4a0( +static void generate_keypair_unpacked_a20( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_d6 *private_key, IndCpaPublicKeyUnpacked_d6 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_100(key_generation_seed, hashed); + cpa_keygen_seed_d8_6b0(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6993,17 +6975,17 @@ static void generate_keypair_unpacked_4a0( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_080(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_680(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_d70(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_480(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_670(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_b60(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -7028,14 +7010,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_47( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_3c0(); IndCpaPublicKeyUnpacked_d6 public_key = default_8d_890(); - generate_keypair_unpacked_4a0(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a20(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_e50( + serialize_public_key_160( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_050(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_230(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -7044,12 +7026,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_47( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -7059,7 +7041,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_71( +static KRML_MUSTINLINE void serialize_kem_secret_key_7b( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -7114,7 +7096,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_d2( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -7130,7 +7112,7 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_d2( uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_71( + serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7139,13 +7121,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_d2( memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -7158,7 +7140,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c5(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_6c(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7221,7 +7203,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_6a0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -7232,6 +7214,8 @@ sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -7248,12 +7232,12 @@ sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 result; + tuple_74 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -7277,18 +7261,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_800( +static KRML_MUSTINLINE void invert_ntt_montgomery_400( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_a3(&zeta_i, re); - invert_ntt_at_layer_2_cd(&zeta_i, re); - invert_ntt_at_layer_3_d7(&zeta_i, re); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_af(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_dc(re); + invert_ntt_at_layer_1_78(&zeta_i, re); + invert_ntt_at_layer_2_2c(&zeta_i, re); + invert_ntt_at_layer_3_73(&zeta_i, re); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_83(re); } /** @@ -7297,7 +7281,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_3c0( +static KRML_MUSTINLINE void compute_vector_u_420( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -7324,11 +7308,11 @@ static KRML_MUSTINLINE void compute_vector_u_3c0( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_310(&result[i1], &product); + ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_aa0(&result[i1], &product); } - invert_ntt_montgomery_800(&result[i1]); - add_error_reduce_ef_05(&result[i1], &error_1[i1]); + invert_ntt_montgomery_400(&result[i1]); + add_error_reduce_ef_ee(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -7342,7 +7326,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_510( +compute_ring_element_v_d20( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -7350,10 +7334,10 @@ compute_ring_element_v_510( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_310(&result, &product);); - invert_ntt_montgomery_800(&result); - result = add_message_error_reduce_ef_b9(error_2, message, result); + ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_aa0(&result, &product);); + invert_ntt_montgomery_400(&result); + result = add_message_error_reduce_ef_a6(error_2, message, result); return result; } @@ -7366,7 +7350,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_e80( +static void compress_then_serialize_u_930( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7382,7 +7366,7 @@ static void compress_then_serialize_u_e80( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_b00(&re, ret); + compress_then_serialize_ring_element_u_680(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7405,7 +7389,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_030(IndCpaPublicKeyUnpacked_d6 *public_key, +static void encrypt_unpacked_ec0(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -7413,7 +7397,7 @@ static void encrypt_unpacked_030(IndCpaPublicKeyUnpacked_d6 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_d70(copy_of_prf_input0, 0U); + tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_480(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -7423,7 +7407,7 @@ static void encrypt_unpacked_030(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_74 uu____3 = - sample_ring_element_cbd_a00(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_6a0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7437,25 +7421,25 @@ static void encrypt_unpacked_030(IndCpaPublicKeyUnpacked_d6 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_3c0(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_420(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_12(copy_of_message); + deserialize_then_decompress_message_6f(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_510(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_d20(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_e80( + compress_then_serialize_u_930( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f20( + compress_then_serialize_ring_element_v_7b0( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7478,10 +7462,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_b4(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_68(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_890(); - deserialize_ring_elements_reduced_e70( + deserialize_ring_elements_reduced_9f0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -7495,9 +7479,9 @@ static void encrypt_b4(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[768U]; - encrypt_unpacked_030(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + uint8_t ret1[768U]; + encrypt_unpacked_ec0(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } /** @@ -7511,7 +7495,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_dc(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_b2(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7538,11 +7522,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f4( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c5( + entropy_preprocess_d8_6c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -7552,7 +7536,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f4( size_t); uint8_t ret[32U]; H_a9_410(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_120(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -7566,19 +7550,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f4( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_120(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_b4(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_68(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_7b0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_dc(shared_secret, shared_secret_array); + kdf_d8_b2(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -7596,7 +7580,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_0d( +static KRML_MUSTINLINE void deserialize_secret_key_cf( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; @@ -7613,15 +7597,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_0d( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_fe(secret_bytes); + deserialize_to_uncompressed_ring_element_6e(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; memcpy( - result, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -7633,7 +7613,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_410( +static KRML_MUSTINLINE void deserialize_then_decompress_u_b10( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; @@ -7656,15 +7636,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_410( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_d30(u_bytes); - ntt_vector_u_090(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_180(u_bytes); + ntt_vector_u_b10(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; memcpy( - result, u_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, u_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -7675,17 +7651,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7e0( +compute_message_c30( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_63(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_310(&result, &product);); - invert_ntt_montgomery_800(&result); - result = subtract_reduce_ef_73(v, result); + ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_aa0(&result, &product);); + invert_ntt_montgomery_400(&result); + result = subtract_reduce_ef_07(v, result); return result; } @@ -7699,18 +7675,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_460(IndCpaPrivateKeyUnpacked_d6 *secret_key, +static void decrypt_unpacked_980(IndCpaPrivateKeyUnpacked_d6 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_410(ciphertext, u_as_ntt); + deserialize_then_decompress_u_b10(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_860( + deserialize_then_decompress_ring_element_v_3d0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7e0(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_c30(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_83(message, ret0); + compress_then_serialize_message_6c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7724,10 +7700,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_9a(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_36(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_0d(secret_key, secret_as_ntt); + deserialize_secret_key_cf(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; memcpy( @@ -7737,9 +7713,9 @@ static void decrypt_9a(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_460(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_980(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -7778,7 +7754,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_6f( +void libcrux_ml_kem_ind_cca_decapsulate_cd( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7796,7 +7772,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_9a(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_36(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7818,7 +7794,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_161(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7828,16 +7804,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_6f( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_b4(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_68(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_dc(Eurydice_array_to_slice((size_t)32U, + kdf_d8_b2(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_dc(shared_secret0, shared_secret1); + kdf_d8_b2(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae0(ciphertext), + libcrux_ml_kem_types_as_ref_00_be0(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index ce38cd383..7f1adf92e 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index 3bc08594b..12ab2b9e6 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "internal/libcrux_mlkem_portable.h" @@ -1152,7 +1152,9 @@ uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); + int16_t r0 = shifted_positive_in_range >> 15U; + int16_t r1 = r0 & (int16_t)1; + return (uint8_t)r1; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -2388,7 +2390,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_01(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_60(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -2410,7 +2412,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_75( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2424,7 +2426,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_75( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_01(ring_element); + deserialize_to_reduced_ring_element_60(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2435,13 +2437,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_fa1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_661( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_75(public_key, deserialized_pk); + deserialize_ring_elements_reduced_ed(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; memcpy( result, deserialized_pk, @@ -2457,7 +2459,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_38(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +shift_right_3c(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2476,8 +2478,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_6b(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_38(v); +shift_right_0d_3e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_3c(v); } /** @@ -2487,10 +2489,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_representative_9f( +to_unsigned_representative_30( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_6b(a); + shift_right_0d_3e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -2504,10 +2506,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_field_modulus_c4( +to_unsigned_field_modulus_05( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - to_unsigned_representative_9f(a); + to_unsigned_representative_30(a); return result; } @@ -2517,14 +2519,14 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_c6( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_13( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_c4(re->coefficients[i0]); + to_unsigned_field_modulus_05(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2544,7 +2546,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_1d( +static KRML_MUSTINLINE void serialize_secret_key_9e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -2562,13 +2564,11 @@ static KRML_MUSTINLINE void serialize_secret_key_1d( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c6(&re, ret0); + serialize_uncompressed_ring_element_13(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1536U]; - memcpy(result, out, (size_t)1536U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1536U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1536U * sizeof(uint8_t)); } /** @@ -2579,13 +2579,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_12( +static KRML_MUSTINLINE void serialize_public_key_mut_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_1d(t_as_ntt, ret); + serialize_secret_key_9e(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2602,14 +2602,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_e9( +static KRML_MUSTINLINE void serialize_public_key_fd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_12(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1568U]; - memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } /** @@ -2620,15 +2618,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_071(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_8c1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_fa1( + deserialize_ring_elements_reduced_out_661( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_e9( + serialize_public_key_fd( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2658,7 +2656,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_c0( +bool libcrux_ml_kem_ind_cca_validate_private_key_99( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -2778,7 +2776,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_e4( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_28( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -3340,7 +3338,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_97( +static KRML_MUSTINLINE void ntt_at_layer_7_5f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3368,7 +3366,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -montgomery_multiply_fe_ad( +montgomery_multiply_fe_5d( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -3382,12 +3380,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - ntt_layer_int_vec_step_57( + ntt_layer_int_vec_step_31( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - montgomery_multiply_fe_ad(b, zeta_r); + montgomery_multiply_fe_5d(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -3401,7 +3399,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_bf( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_64( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3414,7 +3412,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_bf( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - ntt_layer_int_vec_step_57( + ntt_layer_int_vec_step_31( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3431,7 +3429,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_b8( +static KRML_MUSTINLINE void ntt_at_layer_3_7b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3449,7 +3447,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_34( +static KRML_MUSTINLINE void ntt_at_layer_2_ea( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3468,7 +3466,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_21( +static KRML_MUSTINLINE void ntt_at_layer_1_76( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3494,7 +3492,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_b4( +static KRML_MUSTINLINE void poly_barrett_reduce_ef_e7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3512,17 +3510,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_36( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - ntt_at_layer_7_97(re); + ntt_at_layer_7_5f(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_b8(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_21(&zeta_i, re); - poly_barrett_reduce_ef_b4(re); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_7b(&zeta_i, re); + ntt_at_layer_2_ea(&zeta_i, re); + ntt_at_layer_1_76(&zeta_i, re); + poly_barrett_reduce_ef_e7(re); } /** @@ -3534,7 +3532,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f7( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_76( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3544,6 +3542,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f7( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -3553,7 +3553,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f7( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_36(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); return domain_separator; } @@ -3577,7 +3577,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_44( +static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_15( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -3586,18 +3586,18 @@ static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_44( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_f7(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_76(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 result; + tuple_710 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -3612,7 +3612,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -ntt_multiply_ef_76(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +ntt_multiply_ef_66(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_ef_1b(); for (size_t i = (size_t)0U; @@ -3644,7 +3644,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_3a( +static KRML_MUSTINLINE void add_to_ring_element_ef_59( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3669,7 +3669,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_standard_domain_73( +to_standard_domain_c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -3686,14 +3686,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_69( +static KRML_MUSTINLINE void add_standard_error_reduce_ef_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = to_standard_domain_73(self->coefficients[j]); + coefficient_normal_form = to_standard_domain_c1(self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, @@ -3708,7 +3708,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_f0( +static KRML_MUSTINLINE void compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -3735,10 +3735,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_3a(&t_as_ntt[i0], &product); + ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_59(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_69(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -3751,12 +3751,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_86( +static void generate_keypair_unpacked_1a( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_42 *private_key, IndCpaPublicKeyUnpacked_42 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_e4(key_generation_seed, hashed); + cpa_keygen_seed_d8_28(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -3776,17 +3776,17 @@ static void generate_keypair_unpacked_86( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_f7(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_76(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_44(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_15(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_f0(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_6a(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -3811,14 +3811,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_081( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_42 private_key = default_1a_e9(); IndCpaPublicKeyUnpacked_42 public_key = default_8d_d1(); - generate_keypair_unpacked_86(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_1a(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_e9( + serialize_public_key_fd( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_1d(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_9e(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3827,12 +3827,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_081( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -3842,7 +3842,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_50( +static KRML_MUSTINLINE void serialize_kem_secret_key_64( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3898,7 +3898,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_281(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3913,7 +3913,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_281(uint8_t randomness[64U]) { uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_50( + serialize_kem_secret_key_64( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3922,13 +3922,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_281(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_e61(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_781( - uu____2, libcrux_ml_kem_types_from_5a_af1(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f61( + uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); } /** @@ -3941,7 +3941,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_b3(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_5f(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3959,7 +3959,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_23(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_22(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -3970,6 +3970,8 @@ sample_ring_element_cbd_23(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -3986,12 +3988,12 @@ sample_ring_element_cbd_23(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 result; + tuple_710 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -4027,7 +4029,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_19( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_ed( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4048,7 +4050,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_f7( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_30( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4067,7 +4069,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_77( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_2f( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4087,7 +4089,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_97( + inv_ntt_layer_int_vec_step_reduce_2b( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4095,7 +4097,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = montgomery_multiply_fe_ad(a_minus_b, zeta_r); + b = montgomery_multiply_fe_5d(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -4107,7 +4109,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_dd( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_7a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -4122,7 +4124,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_dd( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_97( + inv_ntt_layer_int_vec_step_reduce_2b( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4139,18 +4141,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8c( +static KRML_MUSTINLINE void invert_ntt_montgomery_fa( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_19(&zeta_i, re); - invert_ntt_at_layer_2_f7(&zeta_i, re); - invert_ntt_at_layer_3_77(&zeta_i, re); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_b4(re); + invert_ntt_at_layer_1_ed(&zeta_i, re); + invert_ntt_at_layer_2_30(&zeta_i, re); + invert_ntt_at_layer_3_2f(&zeta_i, re); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_e7(re); } /** @@ -4164,7 +4166,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_da( +static KRML_MUSTINLINE void add_error_reduce_ef_0d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4188,7 +4190,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_d2( +static KRML_MUSTINLINE void compute_vector_u_a3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4215,11 +4217,11 @@ static KRML_MUSTINLINE void compute_vector_u_d2( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_3a(&result[i1], &product); + ntt_multiply_ef_66(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_59(&result[i1], &product); } - invert_ntt_montgomery_8c(&result[i1]); - add_error_reduce_ef_da(&result[i1], &error_1[i1]); + invert_ntt_montgomery_fa(&result[i1]); + add_error_reduce_ef_0d(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4233,7 +4235,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_1_4a(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +decompress_1_16(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); libcrux_ml_kem_vector_portable_vector_type_PortableVector s = @@ -4251,7 +4253,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_5e(uint8_t serialized[32U]) { +deserialize_then_decompress_message_97(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -4262,7 +4264,7 @@ deserialize_then_decompress_message_5e(uint8_t serialized[32U]) { (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_1_4a(coefficient_compressed); + decompress_1_16(coefficient_compressed); re.coefficients[i0] = uu____0;); return re; } @@ -4279,7 +4281,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_ef_5c( +add_message_error_reduce_ef_b4( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4309,7 +4311,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_95( +compute_ring_element_v_da( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4317,10 +4319,10 @@ compute_ring_element_v_95( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_3a(&result, &product);); - invert_ntt_montgomery_8c(&result); - result = add_message_error_reduce_ef_5c(error_2, message, result); + ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_59(&result, &product);); + invert_ntt_montgomery_fa(&result); + result = add_message_error_reduce_ef_b4(error_2, message, result); return result; } @@ -4330,7 +4332,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6a(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_de(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4351,9 +4353,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_83( +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_48( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_6a(a); + return compress_de(a); } /** @@ -4362,7 +4364,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6a0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_de0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4384,8 +4386,8 @@ with const generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_830(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_6a0(a); +compress_0d_480(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_de0(a); } /** @@ -4394,14 +4396,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_00( +static KRML_MUSTINLINE void compress_then_serialize_11_f3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_830(to_unsigned_representative_9f(re->coefficients[i0])); + compress_0d_480(to_unsigned_representative_30(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4419,11 +4421,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_39( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { - uint8_t uu____0[352U]; - compress_then_serialize_11_00(re, uu____0); - memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); + uint8_t result[352U]; + compress_then_serialize_11_f3(re, result); + memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); } /** @@ -4435,7 +4437,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_54( +static void compress_then_serialize_u_0f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4451,7 +4453,7 @@ static void compress_then_serialize_u_54( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_39(&re, ret); + compress_then_serialize_ring_element_u_e0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4463,7 +4465,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6a1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_de1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4485,8 +4487,8 @@ with const generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_831(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_6a1(a); +compress_0d_481(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_de1(a); } /** @@ -4495,14 +4497,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_df( +static KRML_MUSTINLINE void compress_then_serialize_4_71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_831(to_unsigned_field_modulus_c4(re.coefficients[i0])); + compress_0d_481(to_unsigned_field_modulus_05(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4518,7 +4520,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_6a2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_de2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4540,8 +4542,8 @@ with const generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_832(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_6a2(a); +compress_0d_482(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_de2(a); } /** @@ -4550,14 +4552,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_51( +static KRML_MUSTINLINE void compress_then_serialize_5_42( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_832(to_unsigned_representative_9f(re.coefficients[i0])); + compress_0d_482(to_unsigned_representative_30(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4574,9 +4576,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_ce( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_51(re, out); + compress_then_serialize_5_42(re, out); } /** @@ -4597,7 +4599,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_43(IndCpaPublicKeyUnpacked_42 *public_key, +static void encrypt_unpacked_15(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -4605,7 +4607,7 @@ static void encrypt_unpacked_43(IndCpaPublicKeyUnpacked_42 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_44(copy_of_prf_input0, 0U); + tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_15(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -4615,7 +4617,7 @@ static void encrypt_unpacked_43(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_710 uu____3 = - sample_ring_element_cbd_23(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_22(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -4629,25 +4631,25 @@ static void encrypt_unpacked_43(IndCpaPublicKeyUnpacked_42 *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_d2(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a3(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_5e(copy_of_message); + deserialize_then_decompress_message_97(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_95(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_da(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_54( + compress_then_serialize_u_0f( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_ce( + compress_then_serialize_ring_element_v_e3( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4671,10 +4673,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_dc1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_d1(); - deserialize_ring_elements_reduced_75( + deserialize_ring_elements_reduced_ed( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4688,9 +4690,9 @@ static void encrypt_6f1(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1568U]; - encrypt_unpacked_43(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + uint8_t ret1[1568U]; + encrypt_unpacked_15(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4704,7 +4706,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_a6(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_91(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4731,11 +4733,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_8a1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_b3( + entropy_preprocess_d8_5f( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4745,7 +4747,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_8a1( size_t); uint8_t ret[32U]; H_f1_d5(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_12(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4759,19 +4761,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_8a1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_12(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_6f1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_dc1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_7b(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_a6(shared_secret, shared_secret_array); + kdf_d8_91(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -4790,7 +4792,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_a4(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_96(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -4810,7 +4812,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_831( +static KRML_MUSTINLINE void deserialize_secret_key_631( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; @@ -4827,15 +4829,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_831( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_a4(secret_bytes); + deserialize_to_uncompressed_ring_element_96(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; memcpy( - result, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -4846,18 +4844,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_fe( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_99( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -4871,9 +4869,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_78( +decompress_ciphertext_coefficient_0d_f5( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_fe(v); + return decompress_ciphertext_coefficient_99(v); } /** @@ -4883,7 +4881,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_40(Eurydice_slice serialized) { +deserialize_then_decompress_10_0d(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -4900,7 +4898,7 @@ deserialize_then_decompress_10_40(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_78(coefficient); + decompress_ciphertext_coefficient_0d_f5(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4913,18 +4911,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_fe0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_990( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -4938,9 +4936,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_780( +decompress_ciphertext_coefficient_0d_f50( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_fe0(v); + return decompress_ciphertext_coefficient_990(v); } /** @@ -4950,7 +4948,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_0a(Eurydice_slice serialized) { +deserialize_then_decompress_11_eb(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -4960,7 +4958,7 @@ deserialize_then_decompress_11_0a(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_780(coefficient); + decompress_ciphertext_coefficient_0d_f50(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4973,8 +4971,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_58(Eurydice_slice serialized) { - return deserialize_then_decompress_11_0a(serialized); +deserialize_then_decompress_ring_element_u_91(Eurydice_slice serialized) { + return deserialize_then_decompress_11_eb(serialized); } /** @@ -4983,17 +4981,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_f1( +static KRML_MUSTINLINE void ntt_vector_u_1a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_b8(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_21(&zeta_i, re); - poly_barrett_reduce_ef_b4(re); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_7b(&zeta_i, re); + ntt_at_layer_2_ea(&zeta_i, re); + ntt_at_layer_1_76(&zeta_i, re); + poly_barrett_reduce_ef_e7(re); } /** @@ -5004,7 +5002,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_f2( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; @@ -5027,15 +5025,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_58(u_bytes); - ntt_vector_u_f1(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_91(u_bytes); + ntt_vector_u_1a(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; memcpy( - result, u_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, u_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -5046,18 +5040,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_fe1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_991( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -5071,9 +5065,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_781( +decompress_ciphertext_coefficient_0d_f51( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_fe1(v); + return decompress_ciphertext_coefficient_991(v); } /** @@ -5083,7 +5077,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_dd(Eurydice_slice serialized) { +deserialize_then_decompress_4_e9(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -5093,7 +5087,7 @@ deserialize_then_decompress_4_dd(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_781(coefficient); + decompress_ciphertext_coefficient_0d_f51(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5106,18 +5100,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_fe2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_992( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -5131,9 +5125,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_782( +decompress_ciphertext_coefficient_0d_f52( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_fe2(v); + return decompress_ciphertext_coefficient_992(v); } /** @@ -5143,7 +5137,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_e7(Eurydice_slice serialized) { +deserialize_then_decompress_5_53(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -5153,7 +5147,7 @@ deserialize_then_decompress_5_e7(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_782(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_f52(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5166,8 +5160,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_87(Eurydice_slice serialized) { - return deserialize_then_decompress_5_e7(serialized); +deserialize_then_decompress_ring_element_v_c1(Eurydice_slice serialized) { + return deserialize_then_decompress_5_53(serialized); } /** @@ -5182,7 +5176,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_ef_59(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +subtract_reduce_ef_c0(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -5207,17 +5201,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_fc( +compute_message_ac( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_3a(&result, &product);); - invert_ntt_montgomery_8c(&result); - result = subtract_reduce_ef_59(v, result); + ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_59(&result, &product);); + invert_ntt_montgomery_fa(&result); + result = subtract_reduce_ef_c0(v, result); return result; } @@ -5227,13 +5221,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_ee( +static KRML_MUSTINLINE void compress_then_serialize_message_44( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_c4(re.coefficients[i0]); + to_unsigned_field_modulus_05(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5259,18 +5253,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_ee(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_41(IndCpaPrivateKeyUnpacked_42 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_b1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_f2(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_87( + deserialize_then_decompress_ring_element_v_c1( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_fc(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_ac(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_ee(message, ret0); + compress_then_serialize_message_44(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5284,10 +5278,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_5f1(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_151(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_831(secret_key, secret_as_ntt); + deserialize_secret_key_631(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; memcpy( @@ -5297,9 +5291,9 @@ static void decrypt_5f1(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_ee(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_41(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -5350,7 +5344,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_811( +void libcrux_ml_kem_ind_cca_decapsulate_2d1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5368,7 +5362,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_811( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_5f1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_151(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -5390,7 +5384,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_811( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -5400,17 +5394,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_811( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_6f1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_dc1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_a6(Eurydice_array_to_slice((size_t)32U, + kdf_d8_91(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_a6(shared_secret0, shared_secret1); + kdf_d8_91(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae(ciphertext), + libcrux_ml_kem_types_as_ref_00_be(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5425,7 +5419,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_750( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5439,7 +5433,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_750( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_01(ring_element); + deserialize_to_reduced_ring_element_60(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5450,13 +5444,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_fa0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_660( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_750(public_key, deserialized_pk); + deserialize_ring_elements_reduced_ed0(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; memcpy( result, deserialized_pk, @@ -5473,7 +5467,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_1d0( +static KRML_MUSTINLINE void serialize_secret_key_9e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -5491,13 +5485,11 @@ static KRML_MUSTINLINE void serialize_secret_key_1d0( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c6(&re, ret0); + serialize_uncompressed_ring_element_13(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[768U]; - memcpy(result, out, (size_t)768U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)768U * sizeof(uint8_t)); } /** @@ -5508,13 +5500,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_120( +static KRML_MUSTINLINE void serialize_public_key_mut_6c0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_1d0(t_as_ntt, ret); + serialize_secret_key_9e0(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5531,14 +5523,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_e90( +static KRML_MUSTINLINE void serialize_public_key_fd0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_120(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[800U]; - memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_6c0(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } /** @@ -5549,15 +5539,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_070(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_8c0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_fa0( + deserialize_ring_elements_reduced_out_660( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_e90( + serialize_public_key_fd0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5587,7 +5577,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_90( +bool libcrux_ml_kem_ind_cca_validate_private_key_ba( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -5693,7 +5683,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7e( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_40( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6143,7 +6133,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f70( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_760( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6153,6 +6143,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f70( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6162,7 +6154,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f70( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b0( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_36(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); return domain_separator; } @@ -6186,7 +6178,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_440( +static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_150( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -6195,18 +6187,18 @@ static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_440( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_f70(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_760(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 result; + tuple_740 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -6220,7 +6212,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_3a0( +static KRML_MUSTINLINE void add_to_ring_element_ef_590( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -6244,7 +6236,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_f00( +static KRML_MUSTINLINE void compute_As_plus_e_6a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -6271,10 +6263,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_f00( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_3a0(&t_as_ntt[i0], &product); + ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_590(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_69(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6287,12 +6279,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_860( +static void generate_keypair_unpacked_1a0( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_ae *private_key, IndCpaPublicKeyUnpacked_ae *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7e(key_generation_seed, hashed); + cpa_keygen_seed_d8_40(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6312,17 +6304,17 @@ static void generate_keypair_unpacked_860( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_f70(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_760(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_440(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_150(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_f00(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_6a0(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -6347,14 +6339,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_080( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_ae private_key = default_1a_e90(); IndCpaPublicKeyUnpacked_ae public_key = default_8d_d10(); - generate_keypair_unpacked_860(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_1a0(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_e90( + serialize_public_key_fd0( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_1d0(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_9e0(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6363,12 +6355,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_080( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -6378,7 +6370,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_4a( +static KRML_MUSTINLINE void serialize_kem_secret_key_ee( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6434,7 +6426,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6449,7 +6441,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_4a( + serialize_kem_secret_key_ee( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6458,13 +6450,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -6477,7 +6469,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_9c(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_53(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6527,7 +6519,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_230(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_220(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -6538,6 +6530,8 @@ sample_ring_element_cbd_230(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6554,12 +6548,12 @@ sample_ring_element_cbd_230(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 result; + tuple_740 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -6583,18 +6577,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8c0( +static KRML_MUSTINLINE void invert_ntt_montgomery_fa0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_19(&zeta_i, re); - invert_ntt_at_layer_2_f7(&zeta_i, re); - invert_ntt_at_layer_3_77(&zeta_i, re); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_b4(re); + invert_ntt_at_layer_1_ed(&zeta_i, re); + invert_ntt_at_layer_2_30(&zeta_i, re); + invert_ntt_at_layer_3_2f(&zeta_i, re); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_e7(re); } /** @@ -6603,7 +6597,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_d20( +static KRML_MUSTINLINE void compute_vector_u_a30( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -6630,11 +6624,11 @@ static KRML_MUSTINLINE void compute_vector_u_d20( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_3a0(&result[i1], &product); + ntt_multiply_ef_66(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_590(&result[i1], &product); } - invert_ntt_montgomery_8c0(&result[i1]); - add_error_reduce_ef_da(&result[i1], &error_1[i1]); + invert_ntt_montgomery_fa0(&result[i1]); + add_error_reduce_ef_0d(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -6648,7 +6642,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_950( +compute_ring_element_v_da0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -6656,10 +6650,10 @@ compute_ring_element_v_950( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_3a0(&result, &product);); - invert_ntt_montgomery_8c0(&result); - result = add_message_error_reduce_ef_5c(error_2, message, result); + ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_590(&result, &product);); + invert_ntt_montgomery_fa0(&result); + result = add_message_error_reduce_ef_b4(error_2, message, result); return result; } @@ -6669,14 +6663,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_c50( +static KRML_MUSTINLINE void compress_then_serialize_10_100( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_83(to_unsigned_field_modulus_c4(re->coefficients[i0])); + compress_0d_48(to_unsigned_field_modulus_05(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6696,11 +6690,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_390( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_e00( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - compress_then_serialize_10_c50(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + compress_then_serialize_10_100(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -6712,7 +6706,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_540( +static void compress_then_serialize_u_0f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -6728,7 +6722,7 @@ static void compress_then_serialize_u_540( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_390(&re, ret); + compress_then_serialize_ring_element_u_e00(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -6741,9 +6735,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_ce0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e30( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_df(re, out); + compress_then_serialize_4_71(re, out); } /** @@ -6764,7 +6758,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_430(IndCpaPublicKeyUnpacked_ae *public_key, +static void encrypt_unpacked_150(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -6773,7 +6767,7 @@ static void encrypt_unpacked_430(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____1 = - sample_vector_cbd_then_ntt_out_440(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_150(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -6783,7 +6777,7 @@ static void encrypt_unpacked_430(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____3 = - sample_ring_element_cbd_230(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_220(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -6797,25 +6791,25 @@ static void encrypt_unpacked_430(IndCpaPublicKeyUnpacked_ae *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_d20(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a30(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_5e(copy_of_message); + deserialize_then_decompress_message_97(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_950(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_da0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_540( + compress_then_serialize_u_0f0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_ce0( + compress_then_serialize_ring_element_v_e30( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -6839,10 +6833,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_dc0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_d10(); - deserialize_ring_elements_reduced_750( + deserialize_ring_elements_reduced_ed0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -6856,9 +6850,9 @@ static void encrypt_6f0(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[768U]; - encrypt_unpacked_430(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + uint8_t ret1[768U]; + encrypt_unpacked_150(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } /** @@ -6872,7 +6866,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_f4(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_70(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6899,11 +6893,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_8a0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_9c( + entropy_preprocess_d8_53( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6913,7 +6907,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_8a0( size_t); uint8_t ret[32U]; H_f1_d50(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_120(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6927,19 +6921,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_8a0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_120(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_6f0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_dc0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_7b0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_f4(shared_secret, shared_secret_array); + kdf_d8_70(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -6957,7 +6951,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_830( +static KRML_MUSTINLINE void deserialize_secret_key_630( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; @@ -6974,15 +6968,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_830( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_a4(secret_bytes); + deserialize_to_uncompressed_ring_element_96(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; memcpy( - result, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -6993,8 +6983,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_580(Eurydice_slice serialized) { - return deserialize_then_decompress_10_40(serialized); +deserialize_then_decompress_ring_element_u_910(Eurydice_slice serialized) { + return deserialize_then_decompress_10_0d(serialized); } /** @@ -7003,17 +6993,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_f10( +static KRML_MUSTINLINE void ntt_vector_u_1a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_b8(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_21(&zeta_i, re); - poly_barrett_reduce_ef_b4(re); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_7b(&zeta_i, re); + ntt_at_layer_2_ea(&zeta_i, re); + ntt_at_layer_1_76(&zeta_i, re); + poly_barrett_reduce_ef_e7(re); } /** @@ -7024,7 +7014,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b10( +static KRML_MUSTINLINE void deserialize_then_decompress_u_f20( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; @@ -7047,15 +7037,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b10( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_580(u_bytes); - ntt_vector_u_f10(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_910(u_bytes); + ntt_vector_u_1a0(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; memcpy( - result, u_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, u_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -7066,8 +7052,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_870(Eurydice_slice serialized) { - return deserialize_then_decompress_4_dd(serialized); +deserialize_then_decompress_ring_element_v_c10(Eurydice_slice serialized) { + return deserialize_then_decompress_4_e9(serialized); } /** @@ -7077,17 +7063,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_fc0( +compute_message_ac0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_3a0(&result, &product);); - invert_ntt_montgomery_8c0(&result); - result = subtract_reduce_ef_59(v, result); + ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_590(&result, &product);); + invert_ntt_montgomery_fa0(&result); + result = subtract_reduce_ef_c0(v, result); return result; } @@ -7101,18 +7087,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_ee0(IndCpaPrivateKeyUnpacked_ae *secret_key, +static void decrypt_unpacked_410(IndCpaPrivateKeyUnpacked_ae *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_b10(ciphertext, u_as_ntt); + deserialize_then_decompress_u_f20(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_870( + deserialize_then_decompress_ring_element_v_c10( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_fc0(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_ac0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_ee(message, ret0); + compress_then_serialize_message_44(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7126,10 +7112,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_5f0(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_150(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_830(secret_key, secret_as_ntt); + deserialize_secret_key_630(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; memcpy( @@ -7139,9 +7125,9 @@ static void decrypt_5f0(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_ee0(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_410(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -7180,7 +7166,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_810( +void libcrux_ml_kem_ind_cca_decapsulate_2d0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7198,7 +7184,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_810( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_5f0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_150(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7220,7 +7206,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_810( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7230,17 +7216,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_810( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_6f0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_dc0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_f4(Eurydice_array_to_slice((size_t)32U, + kdf_d8_70(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_f4(shared_secret0, shared_secret1); + kdf_d8_70(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae0(ciphertext), + libcrux_ml_kem_types_as_ref_00_be0(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7255,7 +7241,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_751( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -7269,7 +7255,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_751( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_01(ring_element); + deserialize_to_reduced_ring_element_60(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7280,13 +7266,13 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_fa( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_66( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_751(public_key, deserialized_pk); + deserialize_ring_elements_reduced_ed1(public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( result, deserialized_pk, @@ -7303,7 +7289,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_1d1( +static KRML_MUSTINLINE void serialize_secret_key_9e1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -7321,13 +7307,11 @@ static KRML_MUSTINLINE void serialize_secret_key_1d1( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_c6(&re, ret0); + serialize_uncompressed_ring_element_13(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1152U]; - memcpy(result, out, (size_t)1152U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1152U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1152U * sizeof(uint8_t)); } /** @@ -7338,13 +7322,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_121( +static KRML_MUSTINLINE void serialize_public_key_mut_6c1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_1d1(t_as_ntt, ret); + serialize_secret_key_9e1(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7361,14 +7345,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_e91( +static KRML_MUSTINLINE void serialize_public_key_fd1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_121(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_6c1(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -7379,15 +7361,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_07(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_8c(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_fa( + deserialize_ring_elements_reduced_out_66( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_e91( + serialize_public_key_fd1( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7417,7 +7399,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_94( +bool libcrux_ml_kem_ind_cca_validate_private_key_4e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -7529,7 +7511,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_a4( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_58( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -7968,7 +7950,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f71( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_761( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -7978,6 +7960,8 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f71( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -7987,7 +7971,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_f71( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_36(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); return domain_separator; } @@ -8011,7 +7995,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_441( +static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_151( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -8020,18 +8004,18 @@ static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_441( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_f71(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_761(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 result; + tuple_b00 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -8045,7 +8029,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_3a1( +static KRML_MUSTINLINE void add_to_ring_element_ef_591( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -8069,7 +8053,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_f01( +static KRML_MUSTINLINE void compute_As_plus_e_6a1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -8096,10 +8080,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_f01( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_3a1(&t_as_ntt[i0], &product); + ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_591(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_69(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -8112,12 +8096,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_861( +static void generate_keypair_unpacked_1a1( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_f8 *private_key, IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_a4(key_generation_seed, hashed); + cpa_keygen_seed_d8_58(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -8137,17 +8121,17 @@ static void generate_keypair_unpacked_861( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_f71(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_761(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_441(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_151(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_f01(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_6a1(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -8172,14 +8156,14 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_08( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_e91(); IndCpaPublicKeyUnpacked_f8 public_key = default_8d_d11(); - generate_keypair_unpacked_861(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_1a1(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_e91( + serialize_public_key_fd1( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_1d1(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_9e1(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8188,12 +8172,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_08( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -8203,7 +8187,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_c0( +static KRML_MUSTINLINE void serialize_kem_secret_key_d8( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8259,7 +8243,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8274,7 +8258,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_c0( + serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8283,13 +8267,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e60(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_780( - uu____2, libcrux_ml_kem_types_from_5a_af0(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f60( + uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); } /** @@ -8302,7 +8286,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_05(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_be(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8320,7 +8304,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_231(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_221(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -8331,6 +8315,8 @@ sample_ring_element_cbd_231(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -8347,12 +8333,12 @@ sample_ring_element_cbd_231(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 result; + tuple_b00 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -8376,18 +8362,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8c1( +static KRML_MUSTINLINE void invert_ntt_montgomery_fa1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_19(&zeta_i, re); - invert_ntt_at_layer_2_f7(&zeta_i, re); - invert_ntt_at_layer_3_77(&zeta_i, re); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_b4(re); + invert_ntt_at_layer_1_ed(&zeta_i, re); + invert_ntt_at_layer_2_30(&zeta_i, re); + invert_ntt_at_layer_3_2f(&zeta_i, re); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_e7(re); } /** @@ -8396,7 +8382,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_d21( +static KRML_MUSTINLINE void compute_vector_u_a31( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -8423,11 +8409,11 @@ static KRML_MUSTINLINE void compute_vector_u_d21( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_3a1(&result[i1], &product); + ntt_multiply_ef_66(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_591(&result[i1], &product); } - invert_ntt_montgomery_8c1(&result[i1]); - add_error_reduce_ef_da(&result[i1], &error_1[i1]); + invert_ntt_montgomery_fa1(&result[i1]); + add_error_reduce_ef_0d(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -8441,7 +8427,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_951( +compute_ring_element_v_da1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -8449,10 +8435,10 @@ compute_ring_element_v_951( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_3a1(&result, &product);); - invert_ntt_montgomery_8c1(&result); - result = add_message_error_reduce_ef_5c(error_2, message, result); + ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_591(&result, &product);); + invert_ntt_montgomery_fa1(&result); + result = add_message_error_reduce_ef_b4(error_2, message, result); return result; } @@ -8465,7 +8451,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_541( +static void compress_then_serialize_u_0f1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -8481,7 +8467,7 @@ static void compress_then_serialize_u_541( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_390(&re, ret); + compress_then_serialize_ring_element_u_e00(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -8505,7 +8491,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_431(IndCpaPublicKeyUnpacked_f8 *public_key, +static void encrypt_unpacked_151(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -8515,7 +8501,7 @@ static void encrypt_unpacked_431(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____1 = - sample_vector_cbd_then_ntt_out_441(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_151(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -8525,7 +8511,7 @@ static void encrypt_unpacked_431(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____3 = - sample_ring_element_cbd_231(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_221(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -8539,25 +8525,25 @@ static void encrypt_unpacked_431(IndCpaPublicKeyUnpacked_f8 *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_d21(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a31(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_5e(copy_of_message); + deserialize_then_decompress_message_97(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_951(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_da1(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_541( + compress_then_serialize_u_0f1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_ce0( + compress_then_serialize_ring_element_v_e30( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -8581,10 +8567,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_dc(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_d11(); - deserialize_ring_elements_reduced_751( + deserialize_ring_elements_reduced_ed1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -8598,9 +8584,9 @@ static void encrypt_6f(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - encrypt_unpacked_431(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + encrypt_unpacked_151(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -8614,7 +8600,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_8d(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_ea(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8641,11 +8627,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_05( + entropy_preprocess_d8_be( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -8655,7 +8641,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( size_t); uint8_t ret[32U]; H_f1_d51(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_121(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -8669,19 +8655,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_8a( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_121(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_6f(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_dc(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_7b1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_3a1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_8d(shared_secret, shared_secret_array); + kdf_d8_ea(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -8699,7 +8685,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_83( +static KRML_MUSTINLINE void deserialize_secret_key_63( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -8716,15 +8702,11 @@ static KRML_MUSTINLINE void deserialize_secret_key_83( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_a4(secret_bytes); + deserialize_to_uncompressed_ring_element_96(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, + ret, secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -8736,7 +8718,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b11( +static KRML_MUSTINLINE void deserialize_then_decompress_u_f21( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -8759,15 +8741,11 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b11( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_580(u_bytes); - ntt_vector_u_f10(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_910(u_bytes); + ntt_vector_u_1a0(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, + ret, u_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -8778,17 +8756,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_fc1( +compute_message_ac1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_76(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_3a1(&result, &product);); - invert_ntt_montgomery_8c1(&result); - result = subtract_reduce_ef_59(v, result); + ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_591(&result, &product);); + invert_ntt_montgomery_fa1(&result); + result = subtract_reduce_ef_c0(v, result); return result; } @@ -8802,18 +8780,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_ee1(IndCpaPrivateKeyUnpacked_f8 *secret_key, +static void decrypt_unpacked_411(IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_b11(ciphertext, u_as_ntt); + deserialize_then_decompress_u_f21(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_870( + deserialize_then_decompress_ring_element_v_c10( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_fc1(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_ac1(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_ee(message, ret0); + compress_then_serialize_message_44(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8827,10 +8805,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_5f(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_15(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_83(secret_key, secret_as_ntt); + deserialize_secret_key_63(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -8840,9 +8818,9 @@ static void decrypt_5f(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_ee1(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + decrypt_unpacked_411(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -8881,7 +8859,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_81( +void libcrux_ml_kem_ind_cca_decapsulate_2d( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -8899,7 +8877,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_81( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_5f(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_15(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -8921,7 +8899,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_81( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_ae1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be1(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f3(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -8931,16 +8909,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_81( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_6f(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_dc(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_8d(Eurydice_array_to_slice((size_t)32U, + kdf_d8_ea(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_8d(shared_secret0, shared_secret1); + kdf_d8_ea(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_ae1(ciphertext), + libcrux_ml_kem_types_as_ref_00_be1(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index b375e1f09..61ab4ae2b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem_portable_H diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index ee291c40e..573e394f6 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index 65d87344a..401087870 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "internal/libcrux_sha3_avx2.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index 67f5d174c..f16eb40f0 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index a20e6c410..1a0eb4009 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index 360ff4122..e6ff85f86 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #include "libcrux_sha3_neon.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index 2fc24f7d1..faa5831e2 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_neon_H diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index d393ef31c..620e1c137 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 +Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index 1a0b95675..20077092f 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_core_H @@ -221,7 +221,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_24( +static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_73( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -245,7 +245,7 @@ with const generics - SIZE= 1184 */ static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_5a_af(uint8_t value[1184U]) { +libcrux_ml_kem_types_from_5a_45(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); @@ -279,7 +279,7 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_3a_78(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, +libcrux_ml_kem_types_from_3a_f6(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); @@ -295,7 +295,7 @@ with const generics - SIZE= 2400 */ static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_7f_e6(uint8_t value[2400U]) { +libcrux_ml_kem_types_from_7f_8c(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); @@ -359,7 +359,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_96(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_01_33(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -376,7 +376,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_60( +static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_d9( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -428,7 +428,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_e7( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_69( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index 443142103..677876656 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index 686aabb0d..f78826e2c 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_avx2_H @@ -1319,7 +1319,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_ff(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_87(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -1331,7 +1331,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_a4( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_db( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1352,7 +1352,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_a9( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -1370,16 +1370,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_a4( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_db( secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; - memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, result, + ret, secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -1393,7 +1389,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_a8(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_6d(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -1405,7 +1401,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_72( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_04( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1457,9 +1453,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_64( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e0( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_72( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_04( vector); } @@ -1471,7 +1467,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_58( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_6a( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1487,7 +1483,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_58( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_64( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e0( coefficient); } return re; @@ -1501,7 +1497,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_720( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_040( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1553,9 +1549,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_640( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e00( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_720( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_040( vector); } @@ -1567,7 +1563,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_33( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_ce( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1578,7 +1574,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_33( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_640( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e00( coefficient); } return re; @@ -1592,9 +1588,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_7b( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e0( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_58(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_6a(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1609,7 +1605,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f( +static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0( __m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -1622,9 +1618,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97(__m256i a, __m256i b, +libcrux_ml_kem_ntt_ntt_layer_int_vec_step_e8(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(b, zeta_r); + __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -1638,7 +1634,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -1651,7 +1647,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_e8( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -1669,7 +1665,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_bc( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_46( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1688,7 +1684,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_c2( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_53( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1708,7 +1704,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_09( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_42( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1735,7 +1731,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_dc( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -1752,24 +1748,24 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_b5( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_76( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_bc(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_46(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_c2(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_53(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_09(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_42(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_dc(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); } /** @@ -1782,7 +1778,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_96( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_8e( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -1807,16 +1803,12 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_96( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_7b( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e0( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_b5(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_76(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - result, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, u_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -1828,7 +1820,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_721( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_041( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1880,9 +1872,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_641( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e01( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_721( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_041( vector); } @@ -1894,7 +1886,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_a9( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1905,7 +1897,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_a9( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_641( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e01( coefficient); } return re; @@ -1919,7 +1911,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_722( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_042( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1971,9 +1963,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_642( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e02( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_722( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_042( vector); } @@ -1985,7 +1977,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_9b( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_05( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1996,7 +1988,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_9b( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_642( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e02( re.coefficients[i0]); } return re; @@ -2010,9 +2002,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_2a( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_ca( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_a9(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2(serialized); } /** @@ -2028,7 +2020,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ntt_multiply_ef_63( +libcrux_ml_kem_polynomial_ntt_multiply_ef_d5( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = @@ -2061,7 +2053,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_31( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2082,7 +2074,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_d8( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_cd( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2106,7 +2098,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_73( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_56( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2128,7 +2120,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_18( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_76( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2149,13 +2141,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ef(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_db(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2168,7 +2160,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2183,7 +2175,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ef( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_db( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2205,18 +2197,18 @@ static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_d8(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_73(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_18(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_cd(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_56(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_76(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_72(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_dc(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); } /** @@ -2232,7 +2224,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_ef_a0( +libcrux_ml_kem_polynomial_subtract_reduce_ef_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; @@ -2256,7 +2248,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_a0( +libcrux_ml_kem_matrix_compute_message_fc( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -2265,12 +2257,12 @@ libcrux_ml_kem_matrix_compute_message_a0( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_63(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result, &product); } libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_a0(v, result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_dd(v, result); return result; } @@ -2281,7 +2273,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_0c(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6b(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2295,9 +2287,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_0f( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_ff( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_0c(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6b(vector); } /** @@ -2308,8 +2300,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_traits_to_unsigned_representative_b5(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_0f(a); +libcrux_ml_kem_vector_traits_to_unsigned_representative_e5(__m256i a) { + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_ff(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -2323,8 +2315,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_serialize_to_unsigned_field_modulus_88(__m256i a) { - return libcrux_ml_kem_vector_traits_to_unsigned_representative_b5(a); +libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a(__m256i a) { + return libcrux_ml_kem_vector_traits_to_unsigned_representative_e5(a); } /** @@ -2335,12 +2327,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_53( +libcrux_ml_kem_serialize_compress_then_serialize_message_76( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); @@ -2367,20 +2359,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_1d( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_96(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_8e(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_2a( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_ca( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_a0(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_fc(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_53(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_76(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2395,11 +2387,11 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_3a(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_6f(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_a9(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -2410,10 +2402,10 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_3a(Eurydice_slice secret_key, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_1d(&secret_key_unpacked, ciphertext, - result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a(&secret_key_unpacked, ciphertext, + ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -2505,7 +2497,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_63( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_d9( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -2529,7 +2521,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e4( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2543,7 +2535,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e4( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_63( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_d9( ring_element); deserialized_pk[i0] = uu____0; } @@ -3024,7 +3016,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_2d(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_1b(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3193,7 +3185,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_13( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_69( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3215,23 +3207,23 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_44( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_25( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_13(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_69(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_bc( + libcrux_ml_kem_ntt_ntt_at_layer_3_46( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_c2( + libcrux_ml_kem_ntt_ntt_at_layer_2_53( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_09( + libcrux_ml_kem_ntt_ntt_at_layer_1_42( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_dc(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); } /** @@ -3244,7 +3236,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3254,6 +3246,8 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -3266,7 +3260,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( re_as_ntt[i0] = libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_44(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]); } return domain_separator; } @@ -3281,7 +3275,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_d7( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3290,19 +3284,19 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_d7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 result; + tuple_b00 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -3315,7 +3309,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_0d(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_22(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3329,7 +3323,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e7(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3342,6 +3336,8 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e7(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -3361,12 +3357,12 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e7(uint8_t prf_input[33U], memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 result; + tuple_b00 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -3407,7 +3403,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_8e(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_fe(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3423,7 +3419,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_e3( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_03( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3445,7 +3441,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_cf( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -3473,12 +3469,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_cf( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_63(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result[i1], &product); } libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_e3(&result[i1], &error_1[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_03(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -3492,7 +3488,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_8f( +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_22( __m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); @@ -3508,7 +3504,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_44( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_50( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -3519,7 +3515,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_44( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_8f(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_22(coefficient_compressed); } return re; } @@ -3537,7 +3533,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_d4( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_9e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3565,7 +3561,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_de( +libcrux_ml_kem_matrix_compute_ring_element_v_c3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3575,12 +3571,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_de( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_63(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result, &product); } libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_d4( + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_9e( error_2, message, result); return result; } @@ -3593,7 +3589,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d6( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3648,9 +3644,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_eb( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d6( vector); } @@ -3662,14 +3658,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_b4( +libcrux_ml_kem_serialize_compress_then_serialize_10_36( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_eb( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); @@ -3691,7 +3687,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e0( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d60( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3746,9 +3742,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_eb0( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc0( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e0( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d60( vector); } @@ -3760,14 +3756,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_65( +libcrux_ml_kem_serialize_compress_then_serialize_11_aa( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_eb0( - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_e5( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); @@ -3788,11 +3784,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_b8( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_b4(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_36(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3805,7 +3801,7 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_84( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c5( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3821,7 +3817,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_84( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_b8(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3836,7 +3832,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e1( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d61( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3891,9 +3887,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_eb1( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e1( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d61( vector); } @@ -3905,14 +3901,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_ea( +libcrux_ml_kem_serialize_compress_then_serialize_4_25( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_eb1( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); @@ -3931,7 +3927,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e2( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d62( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3986,9 +3982,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_eb2( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc2( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4e2( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d62( vector); } @@ -4000,14 +3996,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_47( +libcrux_ml_kem_serialize_compress_then_serialize_5_de( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_eb2( - libcrux_ml_kem_vector_traits_to_unsigned_representative_b5( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_fc2( + libcrux_ml_kem_vector_traits_to_unsigned_representative_e5( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); @@ -4027,9 +4023,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_63( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_2a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_ea(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_25(re, out); } /** @@ -4050,7 +4046,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_32( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -4058,7 +4054,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_32( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_d7( + tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( @@ -4068,7 +4064,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_32( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e7( + tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( @@ -4083,27 +4079,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_32( libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_cf(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_59(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_44( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_50( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_de( + libcrux_ml_kem_matrix_compute_ring_element_v_c3( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_84( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c5( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_63( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_2a( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4127,13 +4123,13 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_e7(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_cf(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4148,10 +4144,10 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_e7(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_32(uu____1, copy_of_message, - randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4(uu____1, copy_of_message, + randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -4166,7 +4162,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_dc( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_b2( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4198,7 +4194,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_5b( +static inline void libcrux_ml_kem_ind_cca_decapsulate_1b( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4216,7 +4212,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_3a(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_6f(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4240,7 +4236,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -4251,18 +4247,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_e7(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_cf(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_dc( + libcrux_ml_kem_variant_kdf_d8_b2( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_dc(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_b2(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4292,10 +4288,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_10( +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7f( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_5b(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1b(private_key, ciphertext, ret); } /** @@ -4309,7 +4305,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_10(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7f(private_key, ciphertext, ret); } @@ -4324,7 +4320,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_c5( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_6c( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4367,11 +4363,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a7( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_c5( + libcrux_ml_kem_variant_entropy_preprocess_d8_6c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4382,7 +4378,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a7( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4397,20 +4393,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a7( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_60(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_e7(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_cf(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_dc(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_b2(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4442,14 +4438,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_bd( +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_00( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_a7(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_cf(uu____0, copy_of_randomness); } /** @@ -4467,7 +4463,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_bd( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_00( uu____0, copy_of_randomness); } @@ -4503,7 +4499,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_10( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4526,7 +4522,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_c1( +static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_bb( __m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -4545,14 +4541,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_ba( +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_e7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_c1( + libcrux_ml_kem_vector_traits_to_standard_domain_bb( self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, @@ -4567,7 +4563,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_67( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_b6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -4595,12 +4591,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_67( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_63(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_31(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_ba( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_e7( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -4615,12 +4611,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_10(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -4640,7 +4636,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4648,11 +4644,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_d7( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_67( + libcrux_ml_kem_matrix_compute_As_plus_e_b6( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -4670,13 +4666,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b8( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_09( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_88( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); @@ -4698,7 +4694,7 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_05( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_23( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4716,13 +4712,11 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_05( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b8(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_09(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1152U]; - memcpy(result, out, (size_t)1152U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1152U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1152U * sizeof(uint8_t)); } /** @@ -4734,13 +4728,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_07( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_05(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_23(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4758,15 +4752,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_e5( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_16( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_07(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -4788,15 +4780,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_47(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e5( + libcrux_ml_kem_ind_cpa_serialize_public_key_16( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_05(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_23(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4806,12 +4798,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_47(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -4822,7 +4814,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_71( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -4879,7 +4871,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d2(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -4894,7 +4886,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_d2(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_71( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -4903,13 +4895,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_d2(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -4925,12 +4917,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_dd( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_91( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_d2(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); } /** @@ -4942,7 +4934,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_dd( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_91( copy_of_randomness); } @@ -4958,7 +4950,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_20( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_45( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -4969,7 +4961,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_20( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_24(ciphertext), + libcrux_ml_kem_types_as_slice_d4_73(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -5003,7 +4995,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_5b0( +static inline void libcrux_ml_kem_ind_cca_decapsulate_1b0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5021,7 +5013,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_3a(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_6f(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5045,7 +5037,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -5056,18 +5048,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_5b0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_e7(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_cf(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_20( + libcrux_ml_kem_variant_kdf_33_45( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_20(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_45(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5101,10 +5093,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_6e( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_5c( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_5b0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1b0(private_key, ciphertext, ret); } /** @@ -5118,7 +5110,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_6e( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_5c( private_key, ciphertext, ret); } @@ -5133,7 +5125,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_d3( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_bf( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H_a9_41(randomness, ret); } @@ -5158,11 +5150,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a70( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf0( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_d3( + libcrux_ml_kem_variant_entropy_preprocess_33_bf( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5173,7 +5165,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a70( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5188,20 +5180,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a70( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_60(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_e7(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_cf(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_20(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_45(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5236,14 +5228,14 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_c1( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_9d( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_a70(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_cf0(uu____0, copy_of_randomness); } /** @@ -5261,7 +5253,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_c1( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_9d( uu____0, copy_of_randomness); } @@ -5276,7 +5268,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_39( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_c2( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G_a9_9f(key_generation_seed, ret); } @@ -5291,12 +5283,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_39(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_c2(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5316,7 +5308,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_08( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5324,11 +5316,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_d7( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_67( + libcrux_ml_kem_matrix_compute_As_plus_e_b6( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5358,15 +5350,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_470( libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a0( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e5( + libcrux_ml_kem_ind_cpa_serialize_public_key_16( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_05(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_23(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5376,12 +5368,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_470( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5399,7 +5391,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5414,7 +5406,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_71( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5423,13 +5415,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_d20(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -5446,12 +5438,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_8f( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_47( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_d20(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); } /** @@ -5463,7 +5455,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_8f( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_47( copy_of_randomness); } @@ -5476,7 +5468,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_e5( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_7e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -5502,10 +5494,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_cf( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_ac( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_e5(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_7e(private_key, ciphertext); } @@ -5518,7 +5510,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_cf( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_ac( private_key, ciphertext); } @@ -5530,7 +5522,7 @@ types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_1a( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_c0( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -5543,14 +5535,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_86( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_17( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( @@ -5570,16 +5562,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_84( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_7d( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_86( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_17( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e5( + libcrux_ml_kem_ind_cpa_serialize_public_key_16( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5598,9 +5590,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_96( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a2( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_84(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_7d(public_key); } /** @@ -5611,7 +5603,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_96( KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_96( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a2( public_key->value); } @@ -5637,11 +5629,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_81( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_1d( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5671,7 +5663,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_81( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -5683,11 +5675,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_81( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_32( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -5724,10 +5716,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_ad( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_03( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_81(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0(key_pair, ciphertext, ret); } /** @@ -5741,7 +5733,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_decapsulate( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_ad( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_03( private_key, ciphertext, ret); } @@ -5764,7 +5756,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_f8( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_98( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -5792,7 +5784,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_f8( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_32(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -5802,7 +5794,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_f8( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -5836,7 +5828,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_62( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cf( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = @@ -5844,7 +5836,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_62( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_f8(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_98(uu____0, copy_of_randomness); } @@ -5865,7 +5857,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_62( + return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cf( uu____0, copy_of_randomness); } @@ -5885,7 +5877,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_dd(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_d8(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -5904,7 +5896,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_0a( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_b6( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -5924,7 +5916,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_clone_8d_55( +libcrux_ml_kem_polynomial_clone_8d_35( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; __m256i ret[16U]; @@ -5951,7 +5943,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_12( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -5961,19 +5953,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_12( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_4a( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_0a(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_b6(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_55( + libcrux_ml_kem_polynomial_clone_8d_35( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -5986,7 +5978,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_12( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e5( + libcrux_ml_kem_ind_cpa_serialize_public_key_16( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6022,13 +6014,13 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_64( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b3( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_12(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0(copy_of_randomness, out); } /** @@ -6041,7 +6033,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_64( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b3( copy_of_randomness, key_pair); } @@ -6058,7 +6050,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_default_1c_a5(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_c3(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); lit.public_key_hash[0U] = 0U; @@ -6110,7 +6102,7 @@ with const generics KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_e3(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_0d(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); uu____0.implicit_rejection_value[0U] = 0U; @@ -6148,7 +6140,7 @@ static KRML_MUSTINLINE return ( CLITERAL(libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_a5()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_c3()}); } /** @@ -6157,7 +6149,7 @@ static KRML_MUSTINLINE KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_e3(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_0d(); } /** @@ -6166,7 +6158,7 @@ libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_a5(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_c3(); } /** @@ -6187,10 +6179,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_91( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_07( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -6215,10 +6207,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1d( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_19( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_91( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32( &self->public_key, serialized); } @@ -6230,7 +6222,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1d(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_19(key_pair, serialized); } @@ -6247,7 +6239,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_c1( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_d3( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -6284,11 +6276,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_clone_28_e1( +libcrux_ml_kem_ind_cca_unpacked_clone_28_35( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_c1(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_d3(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -6312,7 +6304,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_8c( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_d5( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -6325,8 +6317,8 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_e1( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_8c(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_35( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_d5(key_pair)); pk[0U] = uu____0; } @@ -6337,7 +6329,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_91(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32(public_key, serialized); } @@ -6355,13 +6347,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_8b( +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_e7( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -6381,7 +6373,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_8b( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -6402,11 +6394,11 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_aa( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_02( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_8b(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_e7(public_key, unpacked_public_key); } @@ -6418,7 +6410,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_aa( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_02( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h index 162259dd8..6a6aba124 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_avx2_types_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 091d5acc2..3cc9d5fa2 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_portable_H @@ -1232,7 +1232,9 @@ libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); + int16_t r0 = shifted_positive_in_range >> 15U; + int16_t r1 = r0 & (int16_t)1; + return (uint8_t)r1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -2556,7 +2558,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_97(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_e3(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -2567,7 +2569,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_e8( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_2b( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2589,7 +2591,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_d9( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_66( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -2607,16 +2609,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_d9( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_e8( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_2b( secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -2629,7 +2627,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - U_COMPRESSION_FACTOR= 10 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_46(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_3c(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -2640,18 +2638,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_99( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -2665,9 +2663,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_78( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f5( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_99( v); } @@ -2678,7 +2676,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_4c( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_3b( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2697,7 +2695,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_4c( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_78( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f5( coefficient); re.coefficients[i0] = uu____0; } @@ -2711,18 +2709,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_990( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -2736,9 +2734,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_780( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f50( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe0( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_990( v); } @@ -2749,7 +2747,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_6f( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_0b( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2761,7 +2759,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_6f( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_780( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f50( coefficient); re.coefficients[i0] = uu____0; } @@ -2775,9 +2773,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ad( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_19( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_4c(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_3b(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2792,7 +2790,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad( +libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -2806,12 +2804,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_31( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(b, zeta_r); + libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -2825,7 +2823,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2838,7 +2836,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_31( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -2855,7 +2853,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_7b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2875,7 +2873,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_34( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ea( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2896,7 +2894,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_21( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_76( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2924,7 +2922,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_b4( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2942,24 +2940,24 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_7c( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_04( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_b8(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_7b(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_34(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_ea(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_21(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_76(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_b4(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); } /** @@ -2971,7 +2969,7 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_23( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -2996,16 +2994,12 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_23( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ad( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_19( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_7c(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_04(&u_as_ntt[i0]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, + ret, u_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -3016,18 +3010,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_991( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -3041,9 +3035,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_781( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f51( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe1( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_991( v); } @@ -3054,7 +3048,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_2d( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_b6( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3066,7 +3060,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_2d( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_781( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f51( coefficient); re.coefficients[i0] = uu____0; } @@ -3080,18 +3074,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_992( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -3105,9 +3099,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_782( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f52( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_fe2( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_992( v); } @@ -3118,7 +3112,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_34( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_e8( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3130,7 +3124,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_34( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_782( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f52( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3144,9 +3138,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_c5( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_e4( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_2d(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_b6(serialized); } /** @@ -3161,7 +3155,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_ef_76( +libcrux_ml_kem_polynomial_ntt_multiply_ef_66( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = @@ -3195,7 +3189,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_59( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3219,7 +3213,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_60( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3242,7 +3236,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_2f( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_d5( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3263,7 +3257,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_47( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_60( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3285,7 +3279,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_01( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_c4( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3293,7 +3287,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -3306,7 +3300,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3321,7 +3315,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_01( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_c4( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3338,22 +3332,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_60(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_2f(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_47(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f7(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_d5(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_60(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_b5(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_b4(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); } /** @@ -3368,7 +3362,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_ef_55( +libcrux_ml_kem_polynomial_subtract_reduce_ef_15( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; @@ -3394,7 +3388,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_9f( +libcrux_ml_kem_matrix_compute_message_95( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -3403,12 +3397,12 @@ libcrux_ml_kem_matrix_compute_message_9f( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_76(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_55(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_15(v, result); return result; } @@ -3418,7 +3412,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_38( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3438,9 +3432,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_6b( +libcrux_ml_kem_vector_portable_shift_right_0d_3e( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_38(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c(v); } /** @@ -3450,10 +3444,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( +libcrux_ml_kem_vector_traits_to_unsigned_representative_30( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_6b(a); + libcrux_ml_kem_vector_portable_shift_right_0d_3e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -3467,10 +3461,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( +libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f(a); + libcrux_ml_kem_vector_traits_to_unsigned_representative_30(a); return result; } @@ -3481,13 +3475,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_80( +libcrux_ml_kem_serialize_compress_then_serialize_message_8c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3515,20 +3509,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_b7( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_46( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_23(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_c5( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_e4( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_9f(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_95(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_80(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_8c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3542,11 +3536,11 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_0d(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_66(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_d9(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_66(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -3557,10 +3551,10 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_0d(Eurydice_slice secret_key, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b7(&secret_key_unpacked, ciphertext, - result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + uint8_t ret0[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_46(&secret_key_unpacked, ciphertext, + ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -3647,7 +3641,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_53( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_f3( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3672,7 +3666,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_a4( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -3686,7 +3680,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_a4( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_53( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_f3( ring_element); deserialized_pk[i0] = uu____0; } @@ -4157,7 +4151,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_25(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_ba(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4304,7 +4298,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_97( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_5f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -4327,23 +4321,23 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_36( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_97(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_5f(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_b8( + libcrux_ml_kem_ntt_ntt_at_layer_3_7b( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_34( + libcrux_ml_kem_ntt_ntt_at_layer_2_ea( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_21( + libcrux_ml_kem_ntt_ntt_at_layer_1_76( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_b4(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); } /** @@ -4356,7 +4350,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -4366,6 +4360,8 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -4378,7 +4374,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( re_as_ntt[i0] = libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_36(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]); } return domain_separator; } @@ -4393,7 +4389,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_44( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4402,19 +4398,19 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_44( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 result; + tuple_b0 lit; memcpy( - result.fst, copy_of_re_as_ntt, + lit.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -4427,7 +4423,7 @@ generics - ETA2= 2 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_44(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_2b(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4441,7 +4437,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_67(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4454,6 +4450,8 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_67(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -4473,12 +4471,12 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_67(uint8_t prf_input[33U], memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 result; + tuple_b0 lit; memcpy( - result.fst, copy_of_error_1, + lit.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.snd = domain_separator; + return lit; } /** @@ -4516,7 +4514,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_9f(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_7e(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4531,7 +4529,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_7b( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_1a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4555,7 +4553,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_ec( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_5e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4583,12 +4581,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_ec( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_76(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_ef_66(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_7b(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_1a(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4602,7 +4600,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_a8( +libcrux_ml_kem_vector_traits_decompress_1_8d( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4621,7 +4619,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_fc( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_f2( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -4634,7 +4632,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_fc( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_a8(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_8d(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4652,7 +4650,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_45( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_01( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4682,7 +4680,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_aa( +libcrux_ml_kem_matrix_compute_ring_element_v_63( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4692,12 +4690,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_aa( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_76(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_0e(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_45( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_01( error_2, message, result); return result; } @@ -4708,7 +4706,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6a( +libcrux_ml_kem_vector_portable_compress_compress_de( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4731,9 +4729,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_83( +libcrux_ml_kem_vector_portable_compress_0d_48( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_6a(a); + return libcrux_ml_kem_vector_portable_compress_compress_de(a); } /** @@ -4743,15 +4741,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_86( +libcrux_ml_kem_serialize_compress_then_serialize_10_22( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_83( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( + libcrux_ml_kem_vector_portable_compress_0d_48( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4771,7 +4769,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6a0( +libcrux_ml_kem_vector_portable_compress_compress_de0( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4794,9 +4792,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_830( +libcrux_ml_kem_vector_portable_compress_0d_480( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_6a0(a); + return libcrux_ml_kem_vector_portable_compress_compress_de0(a); } /** @@ -4806,15 +4804,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_dc( +libcrux_ml_kem_serialize_compress_then_serialize_11_ca( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_830( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_vector_portable_compress_0d_480( + libcrux_ml_kem_vector_traits_to_unsigned_representative_30( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); @@ -4834,11 +4832,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_c5( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cb( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_86(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); + uint8_t result[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_22(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -4850,7 +4848,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_3a( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4866,7 +4864,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_3a( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_c5(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cb(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4879,7 +4877,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6a1( +libcrux_ml_kem_vector_portable_compress_compress_de1( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4902,9 +4900,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_831( +libcrux_ml_kem_vector_portable_compress_0d_481( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_6a1(a); + return libcrux_ml_kem_vector_portable_compress_compress_de1(a); } /** @@ -4914,15 +4912,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_56( +libcrux_ml_kem_serialize_compress_then_serialize_4_20( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_831( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( + libcrux_ml_kem_vector_portable_compress_0d_481( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4939,7 +4937,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_6a2( +libcrux_ml_kem_vector_portable_compress_compress_de2( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4962,9 +4960,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_832( +libcrux_ml_kem_vector_portable_compress_0d_482( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_6a2(a); + return libcrux_ml_kem_vector_portable_compress_compress_de2(a); } /** @@ -4974,15 +4972,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_53( +libcrux_ml_kem_serialize_compress_then_serialize_5_6d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_832( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9f( + libcrux_ml_kem_vector_portable_compress_0d_482( + libcrux_ml_kem_vector_traits_to_unsigned_representative_30( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); @@ -5001,9 +4999,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ef( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_cf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_56(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_20(re, out); } /** @@ -5024,7 +5022,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -5032,7 +5030,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_44( + tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( @@ -5042,7 +5040,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_67( + tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( @@ -5057,27 +5055,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_ec(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_5e(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_fc( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_f2( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_aa( + libcrux_ml_kem_matrix_compute_ring_element_v_63( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_3a( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f9( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ef( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_cf( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5101,13 +5099,13 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_a5(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_2a(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_a4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5122,10 +5120,10 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_a5(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____1, copy_of_message, - randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e(uu____1, copy_of_message, + randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -5139,7 +5137,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_8d( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_ea( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5170,7 +5168,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_1a( +static inline void libcrux_ml_kem_ind_cca_decapsulate_58( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5188,7 +5186,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_0d(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_66(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5212,7 +5210,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -5223,18 +5221,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a5(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_8d( + libcrux_ml_kem_variant_kdf_d8_ea( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_8d(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_ea(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5264,10 +5262,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_ce( +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d2( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1a(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_58(private_key, ciphertext, ret); } /** @@ -5280,7 +5278,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_ce( static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_ce( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d2( private_key, ciphertext, ret); } @@ -5294,7 +5292,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_05( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_be( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5335,11 +5333,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_05( + libcrux_ml_kem_variant_entropy_preprocess_d8_be( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5350,7 +5348,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5365,20 +5363,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_60(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a5(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_8d(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_ea(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5409,14 +5407,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_db( +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_da( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_4e(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_eb(uu____0, copy_of_randomness); } /** @@ -5433,7 +5431,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_db( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_da( uu____0, copy_of_randomness); } @@ -5467,7 +5465,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_a4( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_58( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5490,7 +5488,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_73( +libcrux_ml_kem_vector_traits_to_standard_domain_c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -5508,7 +5506,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_69( +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -5516,7 +5514,7 @@ libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_69( size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_73( + libcrux_ml_kem_vector_traits_to_standard_domain_c1( self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( @@ -5532,7 +5530,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_f0( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -5560,12 +5558,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_76(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_3a(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_69( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_6c( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5579,12 +5577,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_a4(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_58(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5604,7 +5602,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5612,11 +5610,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_44( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_f0( + libcrux_ml_kem_matrix_compute_As_plus_e_6a( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5633,14 +5631,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c6( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_13( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_c4( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5661,7 +5659,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_1d( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_9e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -5679,13 +5677,11 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_1d( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_c6(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_13(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } - uint8_t result[1152U]; - memcpy(result, out, (size_t)1152U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1152U * sizeof(uint8_t)); + memcpy(ret, out, (size_t)1152U * sizeof(uint8_t)); } /** @@ -5696,13 +5692,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_12( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5719,15 +5715,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_e9( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_fd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_12(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -5748,15 +5742,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_08(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e9( + libcrux_ml_kem_ind_cpa_serialize_public_key_fd( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5766,12 +5760,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_08(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5781,7 +5775,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_c0( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5837,7 +5831,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5852,7 +5846,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_c0( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5861,13 +5855,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_28(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -5883,12 +5877,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_e3( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_56( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_28(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); } /** @@ -5899,7 +5893,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_e3( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_56( copy_of_randomness); } @@ -5914,7 +5908,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_ff( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_a1( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -5925,7 +5919,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_ff( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_24(ciphertext), + libcrux_ml_kem_types_as_slice_d4_73(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -5958,7 +5952,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_1a0( +static inline void libcrux_ml_kem_ind_cca_decapsulate_580( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5976,7 +5970,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_0d(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_66(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6000,7 +5994,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -6011,18 +6005,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1a0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a5(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_ff( + libcrux_ml_kem_variant_kdf_33_a1( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_ff(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_a1(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6056,10 +6050,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_d6( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_bc( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1a0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_580(private_key, ciphertext, ret); } /** @@ -6072,7 +6066,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_d6( static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_d6( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_bc( private_key, ciphertext, ret); } @@ -6086,7 +6080,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_57( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_cd( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H_f1_d5(randomness, ret); } @@ -6110,11 +6104,11 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e0( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb0( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_57( + libcrux_ml_kem_variant_entropy_preprocess_33_cd( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6125,7 +6119,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e0( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6140,20 +6134,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_4e0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_60(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a5(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_ff(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_a1(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6188,14 +6182,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_f2( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_02( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_4e0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_eb0(uu____0, copy_of_randomness); } /** @@ -6212,7 +6206,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_f2( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_02( uu____0, copy_of_randomness); } @@ -6226,7 +6220,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_f9( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_9f( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G_f1_87(key_generation_seed, ret); } @@ -6240,12 +6234,12 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_f9(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_9f(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6265,7 +6259,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_f7( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -6273,11 +6267,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_44( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_f0( + libcrux_ml_kem_matrix_compute_As_plus_e_6a( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -6306,15 +6300,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_080( libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_860( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e9( + libcrux_ml_kem_ind_cpa_serialize_public_key_fd( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_1d(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6324,12 +6318,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_080( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -6346,7 +6340,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6361,7 +6355,7 @@ libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_c0( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6370,13 +6364,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_280(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_e6(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_78( - uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_f6( + uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); } /** @@ -6392,12 +6386,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_28( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_63( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_280(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); } /** @@ -6409,7 +6403,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_28( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_63( copy_of_randomness); } @@ -6421,7 +6415,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_96( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_c7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -6446,10 +6440,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_c5( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_94( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_96(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c7(private_key, ciphertext); } @@ -6461,7 +6455,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_c5( static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_c5( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_94( private_key, ciphertext); } @@ -6473,7 +6467,7 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_16( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_bc( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -6485,14 +6479,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ae( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ff( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_a4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( public_key, deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( @@ -6511,16 +6505,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_f6( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_2a( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ae( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ff( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e9( + libcrux_ml_kem_ind_cpa_serialize_public_key_fd( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6538,9 +6532,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b6( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4f( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_f6(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_2a(public_key); } /** @@ -6550,7 +6544,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b6( */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b6( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4f( public_key->value); } @@ -6576,11 +6570,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_be( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_32( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b7( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_46( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6610,7 +6604,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_be( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_69(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -6622,11 +6616,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_be( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_e7(ciphertext), + libcrux_ml_kem_types_as_ref_00_69(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -6662,10 +6656,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_57( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_d3( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_be(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_32(key_pair, ciphertext, ret); } /** @@ -6679,7 +6673,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_57( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_d3( private_key, ciphertext, ret); } @@ -6702,7 +6696,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_fa( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -6730,7 +6724,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_fa( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6740,7 +6734,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_fa( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_96(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -6773,7 +6767,7 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_91( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_fb( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = @@ -6781,7 +6775,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_91( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_fa(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(uu____0, copy_of_randomness); } @@ -6801,7 +6795,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_91( + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_fb( uu____0, copy_of_randomness); } @@ -6820,7 +6814,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_08(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_61(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -6838,7 +6832,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_e0( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6c( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -6857,7 +6851,7 @@ with const generics */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_clone_8d_ef( +libcrux_ml_kem_polynomial_clone_8d_9f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; @@ -6886,7 +6880,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f0( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -6896,19 +6890,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f0( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_86( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_e0(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6c(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_ef( + libcrux_ml_kem_polynomial_clone_8d_9f( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -6921,7 +6915,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f0( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_e9( + libcrux_ml_kem_ind_cpa_serialize_public_key_fd( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6956,13 +6950,13 @@ const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_26( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c1( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f0(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a(copy_of_randomness, out); } /** @@ -6975,7 +6969,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_26( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c1( copy_of_randomness, key_pair); } @@ -6991,7 +6985,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_default_1c_e8(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_fd(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); lit.public_key_hash[0U] = 0U; @@ -7042,7 +7036,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_e2(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_9f(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); uu____0.implicit_rejection_value[0U] = 0U; @@ -7080,7 +7074,7 @@ static KRML_MUSTINLINE return (CLITERAL( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_e8()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_fd()}); } /** @@ -7088,7 +7082,7 @@ static KRML_MUSTINLINE */ static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_e2(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_9f(); } /** @@ -7096,7 +7090,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_e8(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_fd(); } /** @@ -7116,10 +7110,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_80( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_12( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -7143,10 +7137,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1a( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_85( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_80( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85( &self->public_key, serialized); } @@ -7157,7 +7151,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1a(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_85(key_pair, serialized); } @@ -7173,7 +7167,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_93( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ce( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -7209,11 +7203,11 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_clone_28_68( +libcrux_ml_kem_ind_cca_unpacked_clone_28_20( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_93(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ce(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -7236,7 +7230,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_e9( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_1e( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -7248,8 +7242,8 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_68( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_e9(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_20( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_1e(key_pair)); pk[0U] = uu____0; } @@ -7260,7 +7254,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_80(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85(public_key, serialized); } @@ -7283,7 +7277,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_a4( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -7303,7 +7297,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_60(public_key), + libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -7323,7 +7317,7 @@ const generics - PUBLIC_KEY_SIZE= 1184 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_17( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_c5( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { @@ -7339,7 +7333,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_17( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_c5( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h index f381a6d12..9b8b7968c 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_mlkem768_portable_types_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index 872af5692..12bdcaa69 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index ef344518f..251b5abff 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 098de7d283a7867de9c3e5672d7b3c915ef9b2f1 + * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad */ #ifndef __libcrux_sha3_portable_H From 4b0d78759e0adf160bab80862883bd5ba7338977 Mon Sep 17 00:00:00 2001 From: karthikbhargavan Date: Wed, 30 Oct 2024 12:53:54 +0000 Subject: [PATCH 4/5] restored c/cg --- libcrux-ml-kem/c/code_gen.txt | 2 +- libcrux-ml-kem/c/internal/libcrux_core.h | 38 +- .../c/internal/libcrux_mlkem_avx2.h | 32 +- .../c/internal/libcrux_mlkem_portable.h | 32 +- libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h | 2 +- .../c/internal/libcrux_sha3_internal.h | 2 +- libcrux-ml-kem/c/libcrux_core.c | 38 +- libcrux-ml-kem/c/libcrux_core.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.c | 32 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem_avx2.c | 1078 +++++++------- libcrux-ml-kem/c/libcrux_mlkem_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_mlkem_portable.c | 1262 ++++++++--------- libcrux-ml-kem/c/libcrux_mlkem_portable.h | 47 +- libcrux-ml-kem/c/libcrux_sha3.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_avx2.c | 2 +- libcrux-ml-kem/c/libcrux_sha3_avx2.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_internal.h | 2 +- libcrux-ml-kem/c/libcrux_sha3_neon.c | 2 +- libcrux-ml-kem/c/libcrux_sha3_neon.h | 2 +- libcrux-ml-kem/cg/code_gen.txt | 2 +- libcrux-ml-kem/cg/libcrux_core.h | 16 +- libcrux-ml-kem/cg/libcrux_ct_ops.h | 2 +- libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h | 733 +++++----- .../cg/libcrux_mlkem768_avx2_types.h | 2 +- libcrux-ml-kem/cg/libcrux_mlkem768_portable.h | 913 ++++++------ .../cg/libcrux_mlkem768_portable_types.h | 2 +- libcrux-ml-kem/cg/libcrux_sha3_avx2.h | 2 +- libcrux-ml-kem/cg/libcrux_sha3_portable.h | 2 +- 42 files changed, 2133 insertions(+), 2300 deletions(-) diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index 620e1c137..7599cb2f1 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad +Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index b5eb18527..31a212a7c 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_671( uint8_t value[1568U]); /** @@ -82,7 +82,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_ee1( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk); @@ -95,7 +95,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_af1( uint8_t value[3168U]); /** @@ -107,7 +107,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_670( uint8_t value[1184U]); /** @@ -120,7 +120,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_ee0( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk); @@ -133,7 +133,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_af0( uint8_t value[2400U]); /** @@ -145,7 +145,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_67( uint8_t value[800U]); /** @@ -158,7 +158,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_ee( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk); @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_af( uint8_t value[1632U]); /** @@ -182,7 +182,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d11( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe1( libcrux_ml_kem_types_MlKemPublicKey_15 *self); /** @@ -194,7 +194,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_3a1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_451( uint8_t value[1088U]); /** @@ -206,7 +206,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be1( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_401( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -228,7 +228,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d10( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe0( libcrux_ml_kem_types_MlKemPublicKey_be *self); /** @@ -240,7 +240,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_3a0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_450( uint8_t value[768U]); /** @@ -252,7 +252,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be0( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_400( libcrux_ml_kem_types_MlKemCiphertext_e8 *self); /** @@ -274,7 +274,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d1( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe( libcrux_ml_kem_types_MlKemPublicKey_1f *self); /** @@ -321,7 +321,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_3a( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_45( uint8_t value[1568U]); /** @@ -344,7 +344,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_40( libcrux_ml_kem_types_MlKemCiphertext_1f *self); /** diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index ea36300ae..c4c213b73 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -41,7 +41,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db1(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_521(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -51,7 +51,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a81( +bool libcrux_ml_kem_ind_cca_validate_private_key_701( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -69,7 +69,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -90,7 +90,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a11( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -116,7 +116,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd1( +void libcrux_ml_kem_ind_cca_decapsulate_7f1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); @@ -128,7 +128,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db0(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_520(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -138,7 +138,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a80( +bool libcrux_ml_kem_ind_cca_validate_private_key_700( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -156,7 +156,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -177,7 +177,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_a10( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -203,7 +203,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd0( +void libcrux_ml_kem_ind_cca_decapsulate_7f0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -215,7 +215,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_52(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -225,7 +225,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a8( +bool libcrux_ml_kem_ind_cca_validate_private_key_70( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -242,7 +242,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( uint8_t randomness[64U]); /** @@ -264,7 +264,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_a1( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -290,7 +290,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd( +void libcrux_ml_kem_ind_cca_decapsulate_7f( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index 7475145d9..def86cf8e 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __internal_libcrux_mlkem_portable_H @@ -46,7 +46,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c1(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_bf1(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -56,7 +56,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_99( +bool libcrux_ml_kem_ind_cca_validate_private_key_ae( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -74,7 +74,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -95,7 +95,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_661( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -121,7 +121,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d1( +void libcrux_ml_kem_ind_cca_decapsulate_191( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -133,7 +133,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c0(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_bf0(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -143,7 +143,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ba( +bool libcrux_ml_kem_ind_cca_validate_private_key_b4( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -161,7 +161,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -182,7 +182,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_660( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -208,7 +208,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d0( +void libcrux_ml_kem_ind_cca_decapsulate_190( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); @@ -220,7 +220,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_bf(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -230,7 +230,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e( +bool libcrux_ml_kem_ind_cca_validate_private_key_33( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -248,7 +248,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -269,7 +269,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_66( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -295,7 +295,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d( +void libcrux_ml_kem_ind_cca_decapsulate_19( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index b25010cbc..95df92565 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __internal_libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index 5f8662e56..a57bfa85c 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __internal_libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index 394f12228..bad4aa323 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "internal/libcrux_core.h" @@ -80,7 +80,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_451( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_671( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -100,7 +100,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_f61( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_ee1( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk) { return ( @@ -116,7 +116,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_8c1( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_af1( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; @@ -135,7 +135,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_450( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_670( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; @@ -155,7 +155,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_f60( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_ee0( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_8c0( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_af0( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; @@ -190,7 +190,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_45( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_67( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; @@ -210,7 +210,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_f6( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_ee( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk) { return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); @@ -225,7 +225,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_8c( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_af( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; @@ -243,7 +243,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d11( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe1( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -257,7 +257,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_3a1( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_451( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -276,7 +276,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be1( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_401( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -308,7 +308,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d10( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe0( libcrux_ml_kem_types_MlKemPublicKey_be *self) { return self->value; } @@ -322,7 +322,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_3a0( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_450( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; @@ -341,7 +341,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be0( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_400( libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -373,7 +373,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_d1( +uint8_t *libcrux_ml_kem_types_as_slice_fd_fe( libcrux_ml_kem_types_MlKemPublicKey_1f *self) { return self->value; } @@ -427,7 +427,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_3a( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_45( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -465,7 +465,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_be( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_40( libcrux_ml_kem_types_MlKemCiphertext_1f *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index 106b44b1f..bc1f587a2 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index 052060fb6..63a7ab056 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem1024_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index f8b601eef..1028b5ac1 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem1024_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_200( +static void decapsulate_0c0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_cd0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_7f0(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_200( void libcrux_ml_kem_mlkem1024_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_200(private_key, ciphertext, ret); + decapsulate_0c0(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_b00( +static tuple_21 encapsulate_ae0( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_790(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_a10(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_b00(uu____0, copy_of_randomness); + return encapsulate_ae0(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_8e0( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_5a0( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_0b0(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_8e0(copy_of_randomness); + return generate_keypair_5a0(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_a10( +static KRML_MUSTINLINE bool validate_private_key_080( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_a80(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_700(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_a10( bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_a10(private_key, ciphertext); + return validate_private_key_080(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_c20(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_db0(public_key); +static KRML_MUSTINLINE bool validate_public_key_f60(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_520(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_c20(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_c20(public_key->value); + return validate_public_key_f60(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index a20c4e836..dede724bf 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem1024_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index 0b655b537..bed205e56 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem1024_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_f71( +static void decapsulate_831( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_2d1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_191(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_f71( void libcrux_ml_kem_mlkem1024_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_f71(private_key, ciphertext, ret); + decapsulate_831(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_af1( +static tuple_21 encapsulate_951( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_1e1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_661(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_af1(uu____0, copy_of_randomness); + return encapsulate_951(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_561( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_d11( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_911(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_6f1(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_561(copy_of_randomness); + return generate_keypair_d11(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_a91( +static KRML_MUSTINLINE bool validate_private_key_da1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_99(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_ae(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a91( bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_a91(private_key, ciphertext); + return validate_private_key_da1(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_a81(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_8c1(public_key); +static KRML_MUSTINLINE bool validate_public_key_e91(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_bf1(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_a81(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_a81(public_key->value); + return validate_public_key_e91(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index 8dac186df..87b018021 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem1024_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index 1ec63a95d..157226146 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem512_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index 1ea59179a..8008c0304 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem512_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_20(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, +static void decapsulate_0c(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_cd(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_7f(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_20(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, void libcrux_ml_kem_mlkem512_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_20(private_key, ciphertext, ret); + decapsulate_0c(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_b0( +static tuple_ec encapsulate_ae( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_79(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_a1(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_b0(uu____0, copy_of_randomness); + return encapsulate_ae(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_8e( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_5a( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_0b(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_8e(copy_of_randomness); + return generate_keypair_5a(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_a1( +static KRML_MUSTINLINE bool validate_private_key_08( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_a8(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_70(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_a1( bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_a1(private_key, ciphertext); + return validate_private_key_08(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_c2(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_db(public_key); +static KRML_MUSTINLINE bool validate_public_key_f6(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_52(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_c2(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_c2(public_key->value); + return validate_public_key_f6(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 8227a08bf..8a66b75c4 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem512_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index 3f1132f00..2fc5a3251 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem512_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_f70( +static void decapsulate_830( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_2d0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_190(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_f70( void libcrux_ml_kem_mlkem512_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_f70(private_key, ciphertext, ret); + decapsulate_830(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_af0( +static tuple_ec encapsulate_950( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_1e0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_660(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_af0(uu____0, copy_of_randomness); + return encapsulate_950(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_560( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_d10( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_6f0(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_560(copy_of_randomness); + return generate_keypair_d10(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_a90( +static KRML_MUSTINLINE bool validate_private_key_da0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ba(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_b4(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a90( bool libcrux_ml_kem_mlkem512_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_a90(private_key, ciphertext); + return validate_private_key_da0(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_a80(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_8c0(public_key); +static KRML_MUSTINLINE bool validate_public_key_e90(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_bf0(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_a80(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_a80(public_key->value); + return validate_public_key_e90(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index b35f61b44..66032c07f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem512_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index d9947c213..85985206f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index aca4d93f8..3fd65a30d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem768_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_201( +static void decapsulate_0c1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_cd1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_7f1(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_201( void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_201(private_key, ciphertext, ret); + decapsulate_0c1(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_b01( +static tuple_3c encapsulate_ae1( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_791(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_a11(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_b01(uu____0, copy_of_randomness); + return encapsulate_ae1(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_8e1( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_5a1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_dd1(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_0b1(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_8e1(copy_of_randomness); + return generate_keypair_5a1(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_a11( +static KRML_MUSTINLINE bool validate_private_key_081( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_a81(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_701(private_key, ciphertext); } @@ -151,7 +151,7 @@ static KRML_MUSTINLINE bool validate_private_key_a11( bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_a11(private_key, ciphertext); + return validate_private_key_081(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_c21(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_db1(public_key); +static KRML_MUSTINLINE bool validate_public_key_f61(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_521(public_key); } /** @@ -173,5 +173,5 @@ static KRML_MUSTINLINE bool validate_public_key_c21(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_c21(public_key->value); + return validate_public_key_f61(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index a977c4abe..af5edca86 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index 6f19bf422..1794e74b4 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_mlkem768_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_f7( +static void decapsulate_83( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_2d(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_19(private_key, ciphertext, ret); } /** @@ -51,7 +51,7 @@ static void decapsulate_f7( void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_f7(private_key, ciphertext, ret); + decapsulate_83(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_af( +static tuple_3c encapsulate_95( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_1e(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_66(uu____0, copy_of_randomness); } /** @@ -95,7 +95,7 @@ tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_af(uu____0, copy_of_randomness); + return encapsulate_95(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_56( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_d1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_6f(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_56(copy_of_randomness); + return generate_keypair_d1(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_a9( +static KRML_MUSTINLINE bool validate_private_key_da( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4e(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_33(private_key, ciphertext); } @@ -152,7 +152,7 @@ static KRML_MUSTINLINE bool validate_private_key_a9( bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_a9(private_key, ciphertext); + return validate_private_key_da(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_a8(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_8c(public_key); +static KRML_MUSTINLINE bool validate_public_key_e9(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_bf(public_key); } /** @@ -174,5 +174,5 @@ static KRML_MUSTINLINE bool validate_public_key_a8(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_a8(public_key->value); + return validate_public_key_e9(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index 47c0dd223..4e8116617 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 7112fa8d3..05520bf99 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "internal/libcrux_mlkem_avx2.h" @@ -1140,7 +1140,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_65(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_dc(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -1160,7 +1160,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_531( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -1174,7 +1174,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_65(ring_element); + deserialize_to_reduced_ring_element_dc(ring_element); deserialized_pk[i0] = uu____0; } } @@ -1185,19 +1185,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_191( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_9f1(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + deserialize_ring_elements_reduced_531(public_key, deserialized_pk); memcpy( - result, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -1206,7 +1202,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_70(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_65(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1219,8 +1215,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_09 with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_09_58(__m256i vector) { - return shift_right_70(vector); +static __m256i shift_right_09_85(__m256i vector) { + return shift_right_65(vector); } /** @@ -1229,8 +1225,8 @@ libcrux_ml_kem.vector.traits.to_unsigned_representative with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_unsigned_representative_e5(__m256i a) { - __m256i t = shift_right_09_58(a); +static __m256i to_unsigned_representative_3f(__m256i a) { + __m256i t = shift_right_09_85(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -1242,8 +1238,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_8a(__m256i a) { - return to_unsigned_representative_e5(a); +static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_7b(__m256i a) { + return to_unsigned_representative_3f(a); } /** @@ -1252,13 +1248,13 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_09( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_8a(re->coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_7b(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1278,7 +1274,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_231( +static KRML_MUSTINLINE void serialize_secret_key_991( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -1296,7 +1292,7 @@ static KRML_MUSTINLINE void serialize_secret_key_231( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_09(&re, ret0); + serialize_uncompressed_ring_element_2c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -1311,13 +1307,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_ff1( +static KRML_MUSTINLINE void serialize_public_key_mut_6c1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_231(t_as_ntt, ret); + serialize_secret_key_991(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1334,12 +1330,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_161( +static KRML_MUSTINLINE void serialize_public_key_ca1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_ff1(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_6c1(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[1184U]; + memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); } /** @@ -1350,15 +1348,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db1(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_521(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_191( + deserialize_ring_elements_reduced_out_cc1( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_161( + serialize_public_key_ca1( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1388,7 +1386,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a81( +bool libcrux_ml_kem_ind_cca_validate_private_key_701( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -1500,7 +1498,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b1( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_751( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2083,7 +2081,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_69( +static KRML_MUSTINLINE void ntt_at_layer_7_13( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -2108,7 +2106,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i montgomery_multiply_fe_e0(__m256i v, int16_t fer) { +static __m256i montgomery_multiply_fe_5f(__m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -2119,8 +2117,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -ntt_layer_int_vec_step_e8(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = montgomery_multiply_fe_e0(b, zeta_r); +ntt_layer_int_vec_step_97(__m256i a, __m256i b, int16_t zeta_r) { + __m256i t = montgomery_multiply_fe_5f(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -2133,7 +2131,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_07( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_ca( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2146,7 +2144,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_07( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - ntt_layer_int_vec_step_e8( + ntt_layer_int_vec_step_97( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2163,7 +2161,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_46( +static KRML_MUSTINLINE void ntt_at_layer_3_ba( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2179,7 +2177,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_53( +static KRML_MUSTINLINE void ntt_at_layer_2_89( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2197,7 +2195,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_42( +static KRML_MUSTINLINE void ntt_at_layer_1_d7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2222,7 +2220,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_83( +static KRML_MUSTINLINE void poly_barrett_reduce_ef_a9( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2238,17 +2236,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_25( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_ef( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - ntt_at_layer_7_69(re); + ntt_at_layer_7_13(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_46(&zeta_i, re); - ntt_at_layer_2_53(&zeta_i, re); - ntt_at_layer_1_42(&zeta_i, re); - poly_barrett_reduce_ef_83(re); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_ba(&zeta_i, re); + ntt_at_layer_2_89(&zeta_i, re); + ntt_at_layer_1_d7(&zeta_i, re); + poly_barrett_reduce_ef_a9(re); } /** @@ -2259,7 +2257,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_681( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b01( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -2269,8 +2267,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_681( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -2280,7 +2276,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_681( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); return domain_separator; } @@ -2303,7 +2299,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_481( +static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_811( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -2312,18 +2308,18 @@ static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_481( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_681(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b01(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 lit; + tuple_b0 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -2338,7 +2334,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -ntt_multiply_ef_d5(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +ntt_multiply_ef_b2(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_ef_05(); for (size_t i = (size_t)0U; @@ -2368,7 +2364,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_aa1( +static KRML_MUSTINLINE void add_to_ring_element_ef_4f1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2388,7 +2384,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_standard_domain_bb(__m256i v) { +static __m256i to_standard_domain_79(__m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } @@ -2404,14 +2400,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_e7( +static KRML_MUSTINLINE void add_standard_error_reduce_ef_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - to_standard_domain_bb(self->coefficients[j]); + to_standard_domain_79(self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, &error->coefficients[j])); @@ -2424,7 +2420,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_b61( +static KRML_MUSTINLINE void compute_As_plus_e_2d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -2451,10 +2447,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_b61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_aa1(&t_as_ntt[i0], &product); + ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_4f1(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -2467,12 +2463,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_a21( +static void generate_keypair_unpacked_a41( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_a0 *private_key, IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_6b1(key_generation_seed, hashed); + cpa_keygen_seed_d8_751(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -2492,17 +2488,17 @@ static void generate_keypair_unpacked_a21( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_681(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b01(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_481(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_811(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_b61(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_2d1(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -2523,18 +2519,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_471( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_6a1( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_3c1(); IndCpaPublicKeyUnpacked_a0 public_key = default_8d_891(); - generate_keypair_unpacked_a21(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a41(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_161( + serialize_public_key_ca1( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_231(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_991(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2543,12 +2539,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_471( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -2558,7 +2554,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_7b1( +static KRML_MUSTINLINE void serialize_kem_secret_key_1f1( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2614,7 +2610,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2623,13 +2619,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_471(ind_cpa_keypair_randomness); + generate_keypair_6a1(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_7b1( + serialize_kem_secret_key_1f1( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2638,13 +2634,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd1(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f60( - uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee0( + uu____2, libcrux_ml_kem_types_from_5a_670(copy_of_public_key)); } /** @@ -2657,7 +2653,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_6c1(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_641(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -2674,7 +2670,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_6a1(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -2685,8 +2681,6 @@ sample_ring_element_cbd_6a1(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -2703,12 +2697,12 @@ sample_ring_element_cbd_6a1(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 lit; + tuple_b0 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -2744,7 +2738,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_78( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_f7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2765,7 +2759,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_2c( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_98( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2784,7 +2778,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_73( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_fe( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16(i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -2801,11 +2795,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_83(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_75(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = montgomery_multiply_fe_e0(a_minus_b, zeta_r); + b = montgomery_multiply_fe_5f(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2816,7 +2810,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_04( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_bc( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2831,7 +2825,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_04( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_83( + inv_ntt_layer_int_vec_step_reduce_75( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2848,18 +2842,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_401( +static KRML_MUSTINLINE void invert_ntt_montgomery_8f1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_78(&zeta_i, re); - invert_ntt_at_layer_2_2c(&zeta_i, re); - invert_ntt_at_layer_3_73(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_83(re); + invert_ntt_at_layer_1_f7(&zeta_i, re); + invert_ntt_at_layer_2_98(&zeta_i, re); + invert_ntt_at_layer_3_fe(&zeta_i, re); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_a9(re); } /** @@ -2873,7 +2867,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_ee( +static KRML_MUSTINLINE void add_error_reduce_ef_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -2894,14 +2888,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_421( +static KRML_MUSTINLINE void compute_vector_u_dd1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_ef_05();); + result0[i] = ZERO_ef_05();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -2921,12 +2915,16 @@ static KRML_MUSTINLINE void compute_vector_u_421( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_aa1(&result[i1], &product); + ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_4f1(&result0[i1], &product); } - invert_ntt_montgomery_401(&result[i1]); - add_error_reduce_ef_ee(&result[i1], &error_1[i1]); + invert_ntt_montgomery_8f1(&result0[i1]); + add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + memcpy( + result, result0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -2938,7 +2936,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_4e(__m256i vec) { +static __m256i decompress_1_08(__m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09(s, @@ -2952,7 +2950,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_6f(uint8_t serialized[32U]) { +deserialize_then_decompress_message_d3(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -2961,7 +2959,7 @@ deserialize_then_decompress_message_6f(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_4e(coefficient_compressed);); + re.coefficients[i0] = decompress_1_08(coefficient_compressed);); return re; } @@ -2977,7 +2975,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_ef_a6( +add_message_error_reduce_ef_79( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3004,7 +3002,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_d21( +compute_ring_element_v_771( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3012,10 +3010,10 @@ compute_ring_element_v_d21( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_aa1(&result, &product);); - invert_ntt_montgomery_401(&result); - result = add_message_error_reduce_ef_a6(error_2, message, result); + ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_4f1(&result, &product);); + invert_ntt_montgomery_8f1(&result); + result = add_message_error_reduce_ef_79(error_2, message, result); return result; } @@ -3026,7 +3024,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_19(__m256i vector) { +compress_ciphertext_coefficient_1a(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3073,8 +3071,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_09_8f(__m256i vector) { - return compress_ciphertext_coefficient_19(vector); +static __m256i compress_09_74(__m256i vector) { + return compress_ciphertext_coefficient_1a(vector); } /** @@ -3083,14 +3081,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_4d0( +static KRML_MUSTINLINE void compress_then_serialize_10_2b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_8f(to_unsigned_field_modulus_8a(re->coefficients[i0])); + compress_09_74(to_unsigned_field_modulus_7b(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3110,7 +3108,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_190(__m256i vector) { +compress_ciphertext_coefficient_1a0(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3157,8 +3155,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_09_8f0(__m256i vector) { - return compress_ciphertext_coefficient_190(vector); +static __m256i compress_09_740(__m256i vector) { + return compress_ciphertext_coefficient_1a0(vector); } /** @@ -3168,11 +3166,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_680( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_9e0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t result[320U]; - compress_then_serialize_10_4d0(re, result); - memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); + uint8_t uu____0[320U]; + compress_then_serialize_10_2b0(re, uu____0); + memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } /** @@ -3184,7 +3182,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_931( +static void compress_then_serialize_u_421( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3200,7 +3198,7 @@ static void compress_then_serialize_u_931( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_680(&re, ret); + compress_then_serialize_ring_element_u_9e0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3213,7 +3211,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_191(__m256i vector) { +compress_ciphertext_coefficient_1a1(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3260,8 +3258,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_09_8f1(__m256i vector) { - return compress_ciphertext_coefficient_191(vector); +static __m256i compress_09_741(__m256i vector) { + return compress_ciphertext_coefficient_1a1(vector); } /** @@ -3270,14 +3268,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_aa( +static KRML_MUSTINLINE void compress_then_serialize_4_a4( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_8f1(to_unsigned_field_modulus_8a(re.coefficients[i0])); + compress_09_741(to_unsigned_field_modulus_7b(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); Eurydice_slice_copy( @@ -3294,7 +3292,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_192(__m256i vector) { +compress_ciphertext_coefficient_1a2(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3341,8 +3339,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_09_8f2(__m256i vector) { - return compress_ciphertext_coefficient_192(vector); +static __m256i compress_09_742(__m256i vector) { + return compress_ciphertext_coefficient_1a2(vector); } /** @@ -3351,14 +3349,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_fc( +static KRML_MUSTINLINE void compress_then_serialize_5_03( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_09_8f2(to_unsigned_representative_e5(re.coefficients[i0])); + compress_09_742(to_unsigned_representative_3f(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); Eurydice_slice_copy( @@ -3375,9 +3373,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_7b0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_d10( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_aa(re, out); + compress_then_serialize_4_a4(re, out); } /** @@ -3397,7 +3395,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_ec1(IndCpaPublicKeyUnpacked_a0 *public_key, +static void encrypt_unpacked_a41(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -3406,7 +3404,7 @@ static void encrypt_unpacked_ec1(IndCpaPublicKeyUnpacked_a0 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_481(copy_of_prf_input0, 0U); + tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_811(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -3416,7 +3414,7 @@ static void encrypt_unpacked_ec1(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b0 uu____3 = - sample_ring_element_cbd_6a1(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a01(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -3430,25 +3428,25 @@ static void encrypt_unpacked_ec1(IndCpaPublicKeyUnpacked_a0 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_421(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_dd1(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_6f(copy_of_message); + deserialize_then_decompress_message_d3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_d21(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_771(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_931( + compress_then_serialize_u_421( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_7b0( + compress_then_serialize_ring_element_v_d10( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3471,10 +3469,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_681(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_6f1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_891(); - deserialize_ring_elements_reduced_9f1( + deserialize_ring_elements_reduced_531( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -3488,9 +3486,9 @@ static void encrypt_681(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1088U]; - encrypt_unpacked_ec1(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); + uint8_t result[1088U]; + encrypt_unpacked_a41(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } /** @@ -3504,7 +3502,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_b21(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_161(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3531,11 +3529,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a11( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_6c1( + entropy_preprocess_d8_641( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -3545,7 +3543,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( size_t); uint8_t ret[32U]; H_a9_411(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -3559,19 +3557,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_791( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_681(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_6f1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_3a1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_451(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_b21(shared_secret, shared_secret_array); + kdf_d8_161(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -3590,7 +3588,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_6e(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_6c(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -3608,7 +3606,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_cf1( +static KRML_MUSTINLINE void deserialize_secret_key_541( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -3625,11 +3623,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_cf1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6e(secret_bytes); + deserialize_to_uncompressed_ring_element_6c(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - ret, secret_as_ntt, + result, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + memcpy( + ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -3640,7 +3642,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_4f(__m256i vector) { +decompress_ciphertext_coefficient_8e(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3684,8 +3686,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_09_4c(__m256i vector) { - return decompress_ciphertext_coefficient_4f(vector); +static __m256i decompress_ciphertext_coefficient_09_70(__m256i vector) { + return decompress_ciphertext_coefficient_8e(vector); } /** @@ -3695,7 +3697,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_e4(Eurydice_slice serialized) { +deserialize_then_decompress_10_c7(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -3708,7 +3710,7 @@ deserialize_then_decompress_10_e4(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_70(coefficient); } return re; } @@ -3720,7 +3722,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_4f0(__m256i vector) { +decompress_ciphertext_coefficient_8e0(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3764,8 +3766,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_09_4c0(__m256i vector) { - return decompress_ciphertext_coefficient_4f0(vector); +static __m256i decompress_ciphertext_coefficient_09_700(__m256i vector) { + return decompress_ciphertext_coefficient_8e0(vector); } /** @@ -3775,7 +3777,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_39(Eurydice_slice serialized) { +deserialize_then_decompress_11_d5(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -3783,7 +3785,7 @@ deserialize_then_decompress_11_39(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c0(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_700(coefficient); } return re; } @@ -3795,8 +3797,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_180(Eurydice_slice serialized) { - return deserialize_then_decompress_10_e4(serialized); +deserialize_then_decompress_ring_element_u_790(Eurydice_slice serialized) { + return deserialize_then_decompress_10_c7(serialized); } /** @@ -3805,17 +3807,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_b10( +static KRML_MUSTINLINE void ntt_vector_u_b70( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_46(&zeta_i, re); - ntt_at_layer_2_53(&zeta_i, re); - ntt_at_layer_1_42(&zeta_i, re); - poly_barrett_reduce_ef_83(re); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_ba(&zeta_i, re); + ntt_at_layer_2_89(&zeta_i, re); + ntt_at_layer_1_d7(&zeta_i, re); + poly_barrett_reduce_ef_a9(re); } /** @@ -3826,7 +3828,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b11( +static KRML_MUSTINLINE void deserialize_then_decompress_u_251( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -3849,8 +3851,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b11( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_180(u_bytes); - ntt_vector_u_b10(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_790(u_bytes); + ntt_vector_u_b70(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -3864,7 +3866,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_4f1(__m256i vector) { +decompress_ciphertext_coefficient_8e1(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3908,8 +3910,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_09_4c1(__m256i vector) { - return decompress_ciphertext_coefficient_4f1(vector); +static __m256i decompress_ciphertext_coefficient_09_701(__m256i vector) { + return decompress_ciphertext_coefficient_8e1(vector); } /** @@ -3919,7 +3921,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_4d(Eurydice_slice serialized) { +deserialize_then_decompress_4_75(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -3927,7 +3929,7 @@ deserialize_then_decompress_4_4d(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_4c1(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_701(coefficient); } return re; } @@ -3939,7 +3941,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_4f2(__m256i vector) { +decompress_ciphertext_coefficient_8e2(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3983,8 +3985,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_09_4c2(__m256i vector) { - return decompress_ciphertext_coefficient_4f2(vector); +static __m256i decompress_ciphertext_coefficient_09_702(__m256i vector) { + return decompress_ciphertext_coefficient_8e2(vector); } /** @@ -3994,7 +3996,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_67(Eurydice_slice serialized) { +deserialize_then_decompress_5_f8(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -4003,7 +4005,7 @@ deserialize_then_decompress_5_67(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_09_4c2(re.coefficients[i0]); + decompress_ciphertext_coefficient_09_702(re.coefficients[i0]); } return re; } @@ -4015,8 +4017,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_3d0(Eurydice_slice serialized) { - return deserialize_then_decompress_4_4d(serialized); +deserialize_then_decompress_ring_element_v_b90(Eurydice_slice serialized) { + return deserialize_then_decompress_4_75(serialized); } /** @@ -4031,7 +4033,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_ef_07(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +subtract_reduce_ef_da(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -4053,17 +4055,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_c31( +compute_message_7d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_aa1(&result, &product);); - invert_ntt_montgomery_401(&result); - result = subtract_reduce_ef_07(v, result); + ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_4f1(&result, &product);); + invert_ntt_montgomery_8f1(&result); + result = subtract_reduce_ef_da(v, result); return result; } @@ -4073,12 +4075,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_6c( +static KRML_MUSTINLINE void compress_then_serialize_message_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_8a(re.coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_7b(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); uint8_t bytes[2U]; @@ -4103,18 +4105,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_981(IndCpaPrivateKeyUnpacked_a0 *secret_key, +static void decrypt_unpacked_9d1(IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_b11(ciphertext, u_as_ntt); + deserialize_then_decompress_u_251(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_3d0( + deserialize_then_decompress_ring_element_v_b90( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_c31(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d1(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_6c(message, ret0); + compress_then_serialize_message_dd(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4128,10 +4130,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_361(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_751(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_cf1(secret_key, secret_as_ntt); + deserialize_secret_key_541(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -4141,9 +4143,9 @@ static void decrypt_361(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t ret0[32U]; - decrypt_unpacked_981(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_9d1(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -4194,7 +4196,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd1( +void libcrux_ml_kem_ind_cca_decapsulate_7f1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4212,7 +4214,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_361(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_751(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -4234,7 +4236,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd1( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_401(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_163(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -4244,17 +4246,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd1( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_681(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_6f1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_b21(Eurydice_array_to_slice( + kdf_d8_161(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_b21(shared_secret0, shared_secret1); + kdf_d8_161(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be1(ciphertext), + libcrux_ml_kem_types_as_ref_00_401(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4269,7 +4271,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_53( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -4283,7 +4285,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_65(ring_element); + deserialize_to_reduced_ring_element_dc(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4294,19 +4296,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_190( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_9f(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; + deserialize_ring_elements_reduced_53(public_key, deserialized_pk); memcpy( - result, deserialized_pk, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -4317,7 +4315,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_23( +static KRML_MUSTINLINE void serialize_secret_key_99( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -4335,7 +4333,7 @@ static KRML_MUSTINLINE void serialize_secret_key_23( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_09(&re, ret0); + serialize_uncompressed_ring_element_2c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4350,13 +4348,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_ff( +static KRML_MUSTINLINE void serialize_public_key_mut_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_23(t_as_ntt, ret); + serialize_secret_key_99(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4373,12 +4371,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_16( +static KRML_MUSTINLINE void serialize_public_key_ca( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_ff(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[1568U]; + memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4389,15 +4389,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db0(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_520(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_190( + deserialize_ring_elements_reduced_out_cc0( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_16( + serialize_public_key_ca( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4427,7 +4427,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a80( +bool libcrux_ml_kem_ind_cca_validate_private_key_700( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -4547,7 +4547,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_75( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5017,7 +5017,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_68( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -5027,8 +5027,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_68( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[4U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -5038,7 +5036,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_68( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); return domain_separator; } @@ -5061,7 +5059,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_48( +static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_81( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -5070,18 +5068,18 @@ static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_48( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_68(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b0(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 lit; + tuple_71 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -5095,7 +5093,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_aa( +static KRML_MUSTINLINE void add_to_ring_element_ef_4f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -5115,7 +5113,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_b6( +static KRML_MUSTINLINE void compute_As_plus_e_2d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -5142,10 +5140,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_b6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_aa(&t_as_ntt[i0], &product); + ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_4f(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5158,12 +5156,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_a2( +static void generate_keypair_unpacked_a4( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_01 *private_key, IndCpaPublicKeyUnpacked_01 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_6b(key_generation_seed, hashed); + cpa_keygen_seed_d8_75(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5183,17 +5181,17 @@ static void generate_keypair_unpacked_a2( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_68(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b0(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_48(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_81(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_b6(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_2d(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -5214,18 +5212,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_470( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_6a0( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_01 private_key = default_1a_3c(); IndCpaPublicKeyUnpacked_01 public_key = default_8d_89(); - generate_keypair_unpacked_a2(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a4(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_16( + serialize_public_key_ca( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_23(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_99(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5234,12 +5232,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_470( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -5249,7 +5247,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_7b0( +static KRML_MUSTINLINE void serialize_kem_secret_key_1f0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5305,7 +5303,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5314,13 +5312,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_470(ind_cpa_keypair_randomness); + generate_keypair_6a0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_7b0( + serialize_kem_secret_key_1f0( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5329,13 +5327,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f61( - uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee1( + uu____2, libcrux_ml_kem_types_from_5a_671(copy_of_public_key)); } /** @@ -5348,7 +5346,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_6c0(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_640(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5365,7 +5363,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_6a(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -5376,8 +5374,6 @@ sample_ring_element_cbd_6a(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[4U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -5394,12 +5390,12 @@ sample_ring_element_cbd_6a(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 lit; + tuple_71 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -5423,18 +5419,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_40( +static KRML_MUSTINLINE void invert_ntt_montgomery_8f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_78(&zeta_i, re); - invert_ntt_at_layer_2_2c(&zeta_i, re); - invert_ntt_at_layer_3_73(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_83(re); + invert_ntt_at_layer_1_f7(&zeta_i, re); + invert_ntt_at_layer_2_98(&zeta_i, re); + invert_ntt_at_layer_3_fe(&zeta_i, re); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_a9(re); } /** @@ -5443,14 +5439,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_42( +static KRML_MUSTINLINE void compute_vector_u_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_ef_05();); + result0[i] = ZERO_ef_05();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -5470,12 +5466,16 @@ static KRML_MUSTINLINE void compute_vector_u_42( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_aa(&result[i1], &product); + ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_4f(&result0[i1], &product); } - invert_ntt_montgomery_40(&result[i1]); - add_error_reduce_ef_ee(&result[i1], &error_1[i1]); + invert_ntt_montgomery_8f(&result0[i1]); + add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; + memcpy( + result, result0, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -5488,7 +5488,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_d2( +compute_ring_element_v_77( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -5496,10 +5496,10 @@ compute_ring_element_v_d2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_aa(&result, &product);); - invert_ntt_montgomery_40(&result); - result = add_message_error_reduce_ef_a6(error_2, message, result); + ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_4f(&result, &product);); + invert_ntt_montgomery_8f(&result); + result = add_message_error_reduce_ef_79(error_2, message, result); return result; } @@ -5509,14 +5509,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_fd( +static KRML_MUSTINLINE void compress_then_serialize_11_17( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_8f0(to_unsigned_representative_e5(re->coefficients[i0])); + compress_09_740(to_unsigned_representative_3f(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5534,11 +5534,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_68( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_9e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { - uint8_t result[352U]; - compress_then_serialize_11_fd(re, result); - memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); + uint8_t uu____0[352U]; + compress_then_serialize_11_17(re, uu____0); + memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } /** @@ -5550,7 +5550,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_93( +static void compress_then_serialize_u_42( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -5566,7 +5566,7 @@ static void compress_then_serialize_u_93( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_68(&re, ret); + compress_then_serialize_ring_element_u_9e(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5579,9 +5579,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_7b( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_fc(re, out); + compress_then_serialize_5_03(re, out); } /** @@ -5601,7 +5601,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_ec(IndCpaPublicKeyUnpacked_01 *public_key, +static void encrypt_unpacked_a4(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -5609,7 +5609,7 @@ static void encrypt_unpacked_ec(IndCpaPublicKeyUnpacked_01 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_48(copy_of_prf_input0, 0U); + tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_81(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -5619,7 +5619,7 @@ static void encrypt_unpacked_ec(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_71 uu____3 = - sample_ring_element_cbd_6a(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -5633,25 +5633,25 @@ static void encrypt_unpacked_ec(IndCpaPublicKeyUnpacked_01 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_42(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_dd(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_6f(copy_of_message); + deserialize_then_decompress_message_d3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_d2(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_77(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_93( + compress_then_serialize_u_42( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_7b( + compress_then_serialize_ring_element_v_d1( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -5674,10 +5674,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_680(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_6f0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_89(); - deserialize_ring_elements_reduced_9f( + deserialize_ring_elements_reduced_53( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5691,9 +5691,9 @@ static void encrypt_680(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1568U]; - encrypt_unpacked_ec(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); + uint8_t result[1568U]; + encrypt_unpacked_a4(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } /** @@ -5707,7 +5707,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_b20(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_160(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5734,11 +5734,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_a10( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_6c0( + entropy_preprocess_d8_640( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5748,7 +5748,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( size_t); uint8_t ret[32U]; H_a9_41(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5762,19 +5762,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_790( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_680(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_6f0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_3a(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_45(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_b20(shared_secret, shared_secret_array); + kdf_d8_160(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -5792,7 +5792,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_cf0( +static KRML_MUSTINLINE void deserialize_secret_key_540( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; @@ -5809,11 +5809,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_cf0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6e(secret_bytes); + deserialize_to_uncompressed_ring_element_6c(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; memcpy( - ret, secret_as_ntt, + result, secret_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + memcpy( + ret, result, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -5824,8 +5828,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_18(Eurydice_slice serialized) { - return deserialize_then_decompress_11_39(serialized); +deserialize_then_decompress_ring_element_u_79(Eurydice_slice serialized) { + return deserialize_then_decompress_11_d5(serialized); } /** @@ -5834,17 +5838,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_b1( +static KRML_MUSTINLINE void ntt_vector_u_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_46(&zeta_i, re); - ntt_at_layer_2_53(&zeta_i, re); - ntt_at_layer_1_42(&zeta_i, re); - poly_barrett_reduce_ef_83(re); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_ba(&zeta_i, re); + ntt_at_layer_2_89(&zeta_i, re); + ntt_at_layer_1_d7(&zeta_i, re); + poly_barrett_reduce_ef_a9(re); } /** @@ -5855,7 +5859,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_25( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; @@ -5878,8 +5882,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_18(u_bytes); - ntt_vector_u_b1(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_79(u_bytes); + ntt_vector_u_b7(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -5893,8 +5897,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_3d(Eurydice_slice serialized) { - return deserialize_then_decompress_5_67(serialized); +deserialize_then_decompress_ring_element_v_b9(Eurydice_slice serialized) { + return deserialize_then_decompress_5_f8(serialized); } /** @@ -5904,17 +5908,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_c3( +compute_message_7d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_aa(&result, &product);); - invert_ntt_montgomery_40(&result); - result = subtract_reduce_ef_07(v, result); + ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_4f(&result, &product);); + invert_ntt_montgomery_8f(&result); + result = subtract_reduce_ef_da(v, result); return result; } @@ -5928,18 +5932,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_98(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_9d(IndCpaPrivateKeyUnpacked_01 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_b1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_25(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_3d( + deserialize_then_decompress_ring_element_v_b9( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_c3(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_6c(message, ret0); + compress_then_serialize_message_dd(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5953,10 +5957,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_360(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_750(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_cf0(secret_key, secret_as_ntt); + deserialize_secret_key_540(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; memcpy( @@ -5966,9 +5970,9 @@ static void decrypt_360(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t ret0[32U]; - decrypt_unpacked_98(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_9d(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -6007,7 +6011,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd0( +void libcrux_ml_kem_ind_cca_decapsulate_7f0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -6025,7 +6029,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_360(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_750(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -6047,7 +6051,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_40(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_16(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -6057,17 +6061,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_680(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_6f0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_b20(Eurydice_array_to_slice( + kdf_d8_160(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_b20(shared_secret0, shared_secret1); + kdf_d8_160(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be(ciphertext), + libcrux_ml_kem_types_as_ref_00_40(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6082,7 +6086,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_530( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6096,7 +6100,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_9f0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_65(ring_element); + deserialize_to_reduced_ring_element_dc(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6107,19 +6111,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_19( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_9f0(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; + deserialize_ring_elements_reduced_530(public_key, deserialized_pk); memcpy( - result, deserialized_pk, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -6130,7 +6130,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_230( +static KRML_MUSTINLINE void serialize_secret_key_990( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -6148,7 +6148,7 @@ static KRML_MUSTINLINE void serialize_secret_key_230( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_09(&re, ret0); + serialize_uncompressed_ring_element_2c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -6163,13 +6163,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_ff0( +static KRML_MUSTINLINE void serialize_public_key_mut_6c0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_230(t_as_ntt, ret); + serialize_secret_key_990(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6186,12 +6186,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_160( +static KRML_MUSTINLINE void serialize_public_key_ca0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_ff0(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_6c0(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[800U]; + memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); } /** @@ -6202,15 +6204,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_db(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_52(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_19( + deserialize_ring_elements_reduced_out_cc( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_160( + serialize_public_key_ca0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6240,7 +6242,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_a8( +bool libcrux_ml_kem_ind_cca_validate_private_key_70( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -6346,7 +6348,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b0( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_750( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6809,7 +6811,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_680( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b00( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6819,8 +6821,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_680( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[2U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6830,7 +6830,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_680( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_d70( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); return domain_separator; } @@ -6853,7 +6853,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_480( +static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_810( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -6862,18 +6862,18 @@ static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_480( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_680(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b00(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 lit; + tuple_74 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -6887,7 +6887,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_aa0( +static KRML_MUSTINLINE void add_to_ring_element_ef_4f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -6907,7 +6907,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_b60( +static KRML_MUSTINLINE void compute_As_plus_e_2d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -6934,10 +6934,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_b60( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_aa0(&t_as_ntt[i0], &product); + ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_4f0(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_e7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6950,12 +6950,12 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_a20( +static void generate_keypair_unpacked_a40( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_d6 *private_key, IndCpaPublicKeyUnpacked_d6 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_6b0(key_generation_seed, hashed); + cpa_keygen_seed_d8_750(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6975,17 +6975,17 @@ static void generate_keypair_unpacked_a20( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_680(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b00(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_480(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_810(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_b60(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_2d0(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -7006,18 +7006,18 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_47( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_6a( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_3c0(); IndCpaPublicKeyUnpacked_d6 public_key = default_8d_890(); - generate_keypair_unpacked_a20(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_a40(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_160( + serialize_public_key_ca0( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_230(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_990(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -7026,12 +7026,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_47( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -7041,7 +7041,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_7b( +static KRML_MUSTINLINE void serialize_kem_secret_key_1f( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -7096,7 +7096,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -7106,13 +7106,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_47(ind_cpa_keypair_randomness); + generate_keypair_6a(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_7b( + serialize_kem_secret_key_1f( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7121,13 +7121,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_dd( memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -7140,7 +7140,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_6c(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_64(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7203,7 +7203,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_6a0(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_05();); @@ -7214,8 +7214,6 @@ sample_ring_element_cbd_6a0(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[2U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -7232,12 +7230,12 @@ sample_ring_element_cbd_6a0(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 lit; + tuple_74 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -7261,18 +7259,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_400( +static KRML_MUSTINLINE void invert_ntt_montgomery_8f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_78(&zeta_i, re); - invert_ntt_at_layer_2_2c(&zeta_i, re); - invert_ntt_at_layer_3_73(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_83(re); + invert_ntt_at_layer_1_f7(&zeta_i, re); + invert_ntt_at_layer_2_98(&zeta_i, re); + invert_ntt_at_layer_3_fe(&zeta_i, re); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_a9(re); } /** @@ -7281,14 +7279,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_420( +static KRML_MUSTINLINE void compute_vector_u_dd0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_ef_05();); + result0[i] = ZERO_ef_05();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7308,12 +7306,16 @@ static KRML_MUSTINLINE void compute_vector_u_420( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_aa0(&result[i1], &product); + ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_4f0(&result0[i1], &product); } - invert_ntt_montgomery_400(&result[i1]); - add_error_reduce_ef_ee(&result[i1], &error_1[i1]); + invert_ntt_montgomery_8f0(&result0[i1]); + add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; + memcpy( + result, result0, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -7326,7 +7328,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_d20( +compute_ring_element_v_770( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -7334,10 +7336,10 @@ compute_ring_element_v_d20( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_aa0(&result, &product);); - invert_ntt_montgomery_400(&result); - result = add_message_error_reduce_ef_a6(error_2, message, result); + ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_4f0(&result, &product);); + invert_ntt_montgomery_8f0(&result); + result = add_message_error_reduce_ef_79(error_2, message, result); return result; } @@ -7350,7 +7352,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_930( +static void compress_then_serialize_u_420( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7366,7 +7368,7 @@ static void compress_then_serialize_u_930( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_680(&re, ret); + compress_then_serialize_ring_element_u_9e0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7389,7 +7391,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_ec0(IndCpaPublicKeyUnpacked_d6 *public_key, +static void encrypt_unpacked_a40(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -7397,7 +7399,7 @@ static void encrypt_unpacked_ec0(IndCpaPublicKeyUnpacked_d6 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_480(copy_of_prf_input0, 0U); + tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_810(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -7407,7 +7409,7 @@ static void encrypt_unpacked_ec0(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_74 uu____3 = - sample_ring_element_cbd_6a0(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a00(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7421,25 +7423,25 @@ static void encrypt_unpacked_ec0(IndCpaPublicKeyUnpacked_d6 *public_key, sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_420(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_dd0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_6f(copy_of_message); + deserialize_then_decompress_message_d3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_d20(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_770(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_930( + compress_then_serialize_u_420( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_7b0( + compress_then_serialize_ring_element_v_d10( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7462,10 +7464,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_68(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_6f(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_890(); - deserialize_ring_elements_reduced_9f0( + deserialize_ring_elements_reduced_530( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -7479,9 +7481,9 @@ static void encrypt_68(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[768U]; - encrypt_unpacked_ec0(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); + uint8_t result[768U]; + encrypt_unpacked_a40(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); } /** @@ -7495,7 +7497,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_b2(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_16(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7522,11 +7524,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_a1( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_6c( + entropy_preprocess_d8_64( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -7536,7 +7538,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( size_t); uint8_t ret[32U]; H_a9_410(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -7550,19 +7552,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_79( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_68(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_6f(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_3a0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_450(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_b2(shared_secret, shared_secret_array); + kdf_d8_16(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -7580,7 +7582,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_cf( +static KRML_MUSTINLINE void deserialize_secret_key_54( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; @@ -7597,11 +7599,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_cf( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6e(secret_bytes); + deserialize_to_uncompressed_ring_element_6c(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; + memcpy( + result, secret_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, secret_as_ntt, + ret, result, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -7613,7 +7619,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_b10( +static KRML_MUSTINLINE void deserialize_then_decompress_u_250( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; @@ -7636,8 +7642,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_b10( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_180(u_bytes); - ntt_vector_u_b10(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_790(u_bytes); + ntt_vector_u_b70(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -7651,17 +7657,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_c30( +compute_message_7d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_d5(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_aa0(&result, &product);); - invert_ntt_montgomery_400(&result); - result = subtract_reduce_ef_07(v, result); + ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_4f0(&result, &product);); + invert_ntt_montgomery_8f0(&result); + result = subtract_reduce_ef_da(v, result); return result; } @@ -7675,18 +7681,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_980(IndCpaPrivateKeyUnpacked_d6 *secret_key, +static void decrypt_unpacked_9d0(IndCpaPrivateKeyUnpacked_d6 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_b10(ciphertext, u_as_ntt); + deserialize_then_decompress_u_250(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_3d0( + deserialize_then_decompress_ring_element_v_b90( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_c30(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_6c(message, ret0); + compress_then_serialize_message_dd(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7700,10 +7706,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_36(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_75(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_cf(secret_key, secret_as_ntt); + deserialize_secret_key_54(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; memcpy( @@ -7713,9 +7719,9 @@ static void decrypt_36(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t ret0[32U]; - decrypt_unpacked_980(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_9d0(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -7754,7 +7760,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_cd( +void libcrux_ml_kem_ind_cca_decapsulate_7f( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7772,7 +7778,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_36(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_75(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7794,7 +7800,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_400(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_161(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7804,16 +7810,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_cd( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_68(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_6f(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_b2(Eurydice_array_to_slice((size_t)32U, + kdf_d8_16(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_b2(shared_secret0, shared_secret1); + kdf_d8_16(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be0(ciphertext), + libcrux_ml_kem_types_as_ref_00_400(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index 7f1adf92e..02a4b1c04 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index 12ab2b9e6..25021f8c9 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "internal/libcrux_mlkem_portable.h" @@ -199,12 +199,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_11( ret[21U] = r11_21.f10; } -void libcrux_ml_kem_vector_portable_serialize_11( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -212,7 +206,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_11_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_11(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -305,18 +299,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_11(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); } KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_vector_type_to_i16_array( @@ -1152,9 +1141,7 @@ uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - int16_t r0 = shifted_positive_in_range >> 15U; - int16_t r1 = r0 & (int16_t)1; - return (uint8_t)r1; + return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1203,10 +1190,8 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step( int16_t t = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( vec->elements[j], zeta); - int16_t a_minus_t = vec->elements[i] - t; - int16_t a_plus_t = vec->elements[i] + t; - vec->elements[j] = a_minus_t; - vec->elements[i] = a_plus_t; + vec->elements[j] = vec->elements[i] - t; + vec->elements[i] = vec->elements[i] + t; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1315,9 +1300,8 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step( libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, int16_t zeta, size_t i, size_t j) { int16_t a_minus_b = vec->elements[j] - vec->elements[i]; - int16_t a_plus_b = vec->elements[j] + vec->elements[i]; int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - a_plus_b); + vec->elements[i] + vec->elements[j]); int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( a_minus_b, zeta); @@ -1431,11 +1415,12 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { - int16_t ai = a->elements[(size_t)2U * i]; - int16_t bi = b->elements[(size_t)2U * i]; - int16_t aj = a->elements[(size_t)2U * i + (size_t)1U]; - int16_t bj = b->elements[(size_t)2U * i + (size_t)1U]; + size_t i, size_t j, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { + int16_t ai = a->elements[i]; + int16_t bi = b->elements[i]; + int16_t aj = a->elements[j]; + int16_t bj = b->elements[j]; int32_t ai_bi = (int32_t)ai * (int32_t)bi; int32_t aj_bj_ = (int32_t)aj * (int32_t)bj; int16_t aj_bj = @@ -1452,10 +1437,8 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( ai_bj_aj_bi); - int16_t _out0[16U]; - memcpy(_out0, out->elements, (size_t)16U * sizeof(int16_t)); - out->elements[(size_t)2U * i] = o0; - out->elements[(size_t)2U * i + (size_t)1U] = o1; + out->elements[i] = o0; + out->elements[j] = o1; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1469,22 +1452,22 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply( int16_t nzeta3 = -zeta3; libcrux_ml_kem_vector_portable_vector_type_PortableVector out = libcrux_ml_kem_vector_portable_vector_type_zero(); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta0, - (size_t)0U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta0, - (size_t)1U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta1, - (size_t)2U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta1, - (size_t)3U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta2, - (size_t)4U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta2, - (size_t)5U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta3, - (size_t)6U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta3, - (size_t)7U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta0, (size_t)2U, (size_t)3U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta1, (size_t)6U, (size_t)7U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta2, (size_t)10U, (size_t)11U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta3, (size_t)14U, (size_t)15U, &out); return out; } @@ -1524,12 +1507,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_1( ret[1U] = result1; } -void libcrux_ml_kem_vector_portable_serialize_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1537,7 +1514,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_1(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1624,18 +1601,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_1(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); } KRML_MUSTINLINE uint8_t_x4 @@ -1685,12 +1657,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_4( ret[7U] = result4_7.f3; } -void libcrux_ml_kem_vector_portable_serialize_4( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1698,7 +1664,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_4_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_4(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -1768,18 +1734,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_4(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); } KRML_MUSTINLINE uint8_t_x5 @@ -1827,12 +1788,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_5( ret[9U] = r5_9.f4; } -void libcrux_ml_kem_vector_portable_serialize_5( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1840,7 +1795,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_5_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_5(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -1921,18 +1876,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_5(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); } KRML_MUSTINLINE uint8_t_x5 @@ -2006,12 +1956,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_10( ret[19U] = r15_19.f4; } -void libcrux_ml_kem_vector_portable_serialize_10( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2019,7 +1963,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_10_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_10(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -2108,18 +2052,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_10(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); } KRML_MUSTINLINE uint8_t_x3 @@ -2187,12 +2126,6 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_12( ret[23U] = r21_23.thd; } -void libcrux_ml_kem_vector_portable_serialize_12( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2200,7 +2133,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_12_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_12(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); } KRML_MUSTINLINE int16_t_x2 @@ -2258,18 +2191,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { return lit; } -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_12(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); } KRML_MUSTINLINE size_t libcrux_ml_kem_vector_portable_sampling_rej_sample( @@ -2390,7 +2318,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_60(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_a5(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -2412,7 +2340,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2426,7 +2354,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_60(ring_element); + deserialize_to_reduced_ring_element_a5(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2437,19 +2365,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_661( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_531( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_ed(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; + deserialize_ring_elements_reduced_da(public_key, deserialized_pk); memcpy( - result, deserialized_pk, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -2459,7 +2383,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_3c(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +shift_right_95(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2478,8 +2402,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_3e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_3c(v); +shift_right_0d_9d(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_95(v); } /** @@ -2489,10 +2413,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_representative_30( +to_unsigned_representative_7c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_3e(a); + shift_right_0d_9d(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -2506,10 +2430,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_field_modulus_05( +to_unsigned_field_modulus_b0( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - to_unsigned_representative_30(a); + to_unsigned_representative_7c(a); return result; } @@ -2519,14 +2443,14 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_13( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_8b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_05(re->coefficients[i0]); + to_unsigned_field_modulus_b0(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2546,7 +2470,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_9e( +static KRML_MUSTINLINE void serialize_secret_key_5a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -2564,7 +2488,7 @@ static KRML_MUSTINLINE void serialize_secret_key_9e( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_13(&re, ret0); + serialize_uncompressed_ring_element_8b(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -2579,13 +2503,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c( +static KRML_MUSTINLINE void serialize_public_key_mut_3c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_9e(t_as_ntt, ret); + serialize_secret_key_5a(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2602,12 +2526,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_fd( +static KRML_MUSTINLINE void serialize_public_key_07( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_3c(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[1568U]; + memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } /** @@ -2618,15 +2544,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c1(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_bf1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_661( + deserialize_ring_elements_reduced_out_531( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_fd( + serialize_public_key_07( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2656,7 +2582,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_99( +bool libcrux_ml_kem_ind_cca_validate_private_key_ae( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -2776,7 +2702,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_28( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_57( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -3338,7 +3264,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_5f( +static KRML_MUSTINLINE void ntt_at_layer_7_97( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3366,7 +3292,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -montgomery_multiply_fe_5d( +montgomery_multiply_fe_ad( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -3380,12 +3306,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - ntt_layer_int_vec_step_31( + ntt_layer_int_vec_step_57( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - montgomery_multiply_fe_5d(b, zeta_r); + montgomery_multiply_fe_ad(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -3399,7 +3325,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_64( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_bf( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3412,7 +3338,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_64( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - ntt_layer_int_vec_step_31( + ntt_layer_int_vec_step_57( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3429,7 +3355,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_7b( +static KRML_MUSTINLINE void ntt_at_layer_3_d0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3447,7 +3373,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_ea( +static KRML_MUSTINLINE void ntt_at_layer_2_76( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3466,7 +3392,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_76( +static KRML_MUSTINLINE void ntt_at_layer_1_5d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3492,7 +3418,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_e7( +static KRML_MUSTINLINE void poly_barrett_reduce_ef_17( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3510,17 +3436,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_62( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_d8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - ntt_at_layer_7_5f(re); + ntt_at_layer_7_97(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_7b(&zeta_i, re); - ntt_at_layer_2_ea(&zeta_i, re); - ntt_at_layer_1_76(&zeta_i, re); - poly_barrett_reduce_ef_e7(re); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_d0(&zeta_i, re); + ntt_at_layer_2_76(&zeta_i, re); + ntt_at_layer_1_5d(&zeta_i, re); + poly_barrett_reduce_ef_17(re); } /** @@ -3532,7 +3458,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_76( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3542,8 +3468,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_76( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[4U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -3553,7 +3477,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_76( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); return domain_separator; } @@ -3577,7 +3501,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_15( +static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_cb( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -3586,18 +3510,18 @@ static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_15( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_76(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b1(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 lit; + tuple_710 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -3612,7 +3536,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -ntt_multiply_ef_66(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +ntt_multiply_ef_45(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_ef_1b(); for (size_t i = (size_t)0U; @@ -3644,7 +3568,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_59( +static KRML_MUSTINLINE void add_to_ring_element_ef_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3669,7 +3593,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_standard_domain_c1( +to_standard_domain_bf( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -3686,14 +3610,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_6c( +static KRML_MUSTINLINE void add_standard_error_reduce_ef_0f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = to_standard_domain_c1(self->coefficients[j]); + coefficient_normal_form = to_standard_domain_bf(self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, @@ -3708,7 +3632,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_6a( +static KRML_MUSTINLINE void compute_As_plus_e_c7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -3735,10 +3659,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_59(&t_as_ntt[i0], &product); + ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_5d(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -3751,12 +3675,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_1a( +static void generate_keypair_unpacked_e9( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_42 *private_key, IndCpaPublicKeyUnpacked_42 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_28(key_generation_seed, hashed); + cpa_keygen_seed_d8_57(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -3776,17 +3700,17 @@ static void generate_keypair_unpacked_1a( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_76(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b1(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_15(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_cb(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_6a(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_c7(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -3807,18 +3731,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_081( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_501( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_42 private_key = default_1a_e9(); IndCpaPublicKeyUnpacked_42 public_key = default_8d_d1(); - generate_keypair_unpacked_1a(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_e9(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_fd( + serialize_public_key_07( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_9e(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_5a(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3827,12 +3751,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_081( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -3842,7 +3766,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_64( +static KRML_MUSTINLINE void serialize_kem_secret_key_d4( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3898,7 +3822,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3907,13 +3831,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_081(ind_cpa_keypair_randomness); + generate_keypair_501(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_64( + serialize_kem_secret_key_d4( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3922,13 +3846,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_911(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_8c1(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f61( - uu____2, libcrux_ml_kem_types_from_5a_451(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee1( + uu____2, libcrux_ml_kem_types_from_5a_671(copy_of_public_key)); } /** @@ -3941,7 +3865,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_5f(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_62(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3959,7 +3883,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_22(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_7f(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -3970,8 +3894,6 @@ sample_ring_element_cbd_22(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[4U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -3988,12 +3910,12 @@ sample_ring_element_cbd_22(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 lit; + tuple_710 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -4029,7 +3951,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_ed( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_08( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4050,7 +3972,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_30( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_91( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4069,7 +3991,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_2f( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_41( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4089,7 +4011,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_2b( + inv_ntt_layer_int_vec_step_reduce_13( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4097,7 +4019,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = montgomery_multiply_fe_5d(a_minus_b, zeta_r); + b = montgomery_multiply_fe_ad(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -4109,7 +4031,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_7a( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_ed( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -4124,7 +4046,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_7a( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_2b( + inv_ntt_layer_int_vec_step_reduce_13( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4141,18 +4063,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_fa( +static KRML_MUSTINLINE void invert_ntt_montgomery_55( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_ed(&zeta_i, re); - invert_ntt_at_layer_2_30(&zeta_i, re); - invert_ntt_at_layer_3_2f(&zeta_i, re); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_e7(re); + invert_ntt_at_layer_1_08(&zeta_i, re); + invert_ntt_at_layer_2_91(&zeta_i, re); + invert_ntt_at_layer_3_41(&zeta_i, re); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_17(re); } /** @@ -4166,7 +4088,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_0d( +static KRML_MUSTINLINE void add_error_reduce_ef_4d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4190,14 +4112,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_a3( +static KRML_MUSTINLINE void compute_vector_u_b8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_ef_1b();); + result0[i] = ZERO_ef_1b();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -4217,12 +4139,16 @@ static KRML_MUSTINLINE void compute_vector_u_a3( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_59(&result[i1], &product); + ntt_multiply_ef_45(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_5d(&result0[i1], &product); } - invert_ntt_montgomery_fa(&result[i1]); - add_error_reduce_ef_0d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_55(&result0[i1]); + add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; + memcpy( + result, result0, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -4235,7 +4161,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_1_16(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +decompress_1_78(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); libcrux_ml_kem_vector_portable_vector_type_PortableVector s = @@ -4253,7 +4179,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_97(uint8_t serialized[32U]) { +deserialize_then_decompress_message_e3(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -4264,7 +4190,7 @@ deserialize_then_decompress_message_97(uint8_t serialized[32U]) { (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_1_16(coefficient_compressed); + decompress_1_78(coefficient_compressed); re.coefficients[i0] = uu____0;); return re; } @@ -4281,7 +4207,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_ef_b4( +add_message_error_reduce_ef_21( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4311,7 +4237,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_da( +compute_ring_element_v_1e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4319,10 +4245,10 @@ compute_ring_element_v_da( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_59(&result, &product);); - invert_ntt_montgomery_fa(&result); - result = add_message_error_reduce_ef_b4(error_2, message, result); + ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_5d(&result, &product);); + invert_ntt_montgomery_55(&result); + result = add_message_error_reduce_ef_21(error_2, message, result); return result; } @@ -4332,7 +4258,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_de(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_61(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4353,9 +4279,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_48( +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_fe( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_de(a); + return compress_61(a); } /** @@ -4364,7 +4290,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_de0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_610(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4386,8 +4312,8 @@ with const generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_480(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_de0(a); +compress_0d_fe0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_610(a); } /** @@ -4396,14 +4322,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_f3( +static KRML_MUSTINLINE void compress_then_serialize_11_a9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_480(to_unsigned_representative_30(re->coefficients[i0])); + compress_0d_fe0(to_unsigned_representative_7c(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4421,11 +4347,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_e0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b5( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { - uint8_t result[352U]; - compress_then_serialize_11_f3(re, result); - memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); + uint8_t uu____0[352U]; + compress_then_serialize_11_a9(re, uu____0); + memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } /** @@ -4437,7 +4363,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_0f( +static void compress_then_serialize_u_cd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4453,7 +4379,7 @@ static void compress_then_serialize_u_0f( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_e0(&re, ret); + compress_then_serialize_ring_element_u_b5(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4465,7 +4391,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_de1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_611(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4487,8 +4413,8 @@ with const generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_481(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_de1(a); +compress_0d_fe1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_611(a); } /** @@ -4497,14 +4423,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_71( +static KRML_MUSTINLINE void compress_then_serialize_4_06( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_481(to_unsigned_field_modulus_05(re.coefficients[i0])); + compress_0d_fe1(to_unsigned_field_modulus_b0(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4520,7 +4446,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_de2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_612(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4542,8 +4468,8 @@ with const generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_482(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_de2(a); +compress_0d_fe2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_612(a); } /** @@ -4552,14 +4478,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_42( +static KRML_MUSTINLINE void compress_then_serialize_5_69( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_482(to_unsigned_representative_30(re.coefficients[i0])); + compress_0d_fe2(to_unsigned_representative_7c(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4576,9 +4502,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e3( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_cf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_42(re, out); + compress_then_serialize_5_69(re, out); } /** @@ -4599,7 +4525,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_15(IndCpaPublicKeyUnpacked_42 *public_key, +static void encrypt_unpacked_c3(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -4607,7 +4533,7 @@ static void encrypt_unpacked_15(IndCpaPublicKeyUnpacked_42 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_15(copy_of_prf_input0, 0U); + tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_cb(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -4617,7 +4543,7 @@ static void encrypt_unpacked_15(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_710 uu____3 = - sample_ring_element_cbd_22(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_7f(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -4631,25 +4557,25 @@ static void encrypt_unpacked_15(IndCpaPublicKeyUnpacked_42 *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_a3(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_b8(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_97(copy_of_message); + deserialize_then_decompress_message_e3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_da(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_1e(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_0f( + compress_then_serialize_u_cd( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_e3( + compress_then_serialize_ring_element_v_cf( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4673,10 +4599,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_dc1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_4b1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_d1(); - deserialize_ring_elements_reduced_ed( + deserialize_ring_elements_reduced_da( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4690,9 +4616,9 @@ static void encrypt_dc1(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1568U]; - encrypt_unpacked_15(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); + uint8_t result[1568U]; + encrypt_unpacked_c3(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4706,7 +4632,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_91(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_19(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4733,11 +4659,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_661( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_5f( + entropy_preprocess_d8_62( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4747,7 +4673,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( size_t); uint8_t ret[32U]; H_f1_d5(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4761,19 +4687,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_1e1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_d1(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_dc1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_4b1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_3a(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_45(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_91(shared_secret, shared_secret_array); + kdf_d8_19(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -4792,7 +4718,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_96(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_07(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -4812,7 +4738,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_631( +static KRML_MUSTINLINE void deserialize_secret_key_121( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; @@ -4829,11 +4755,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_631( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_96(secret_bytes); + deserialize_to_uncompressed_ring_element_07(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; memcpy( - ret, secret_as_ntt, + result, secret_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + memcpy( + ret, result, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -4844,18 +4774,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_99( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +decompress_ciphertext_coefficient_4a( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -4869,9 +4799,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_f5( +decompress_ciphertext_coefficient_0d_ea( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_99(v); + return decompress_ciphertext_coefficient_4a(v); } /** @@ -4881,7 +4811,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_0d(Eurydice_slice serialized) { +deserialize_then_decompress_10_5c(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); LowStar_Ignore_ignore( Eurydice_slice_len( @@ -4898,7 +4828,7 @@ deserialize_then_decompress_10_0d(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_f5(coefficient); + decompress_ciphertext_coefficient_0d_ea(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4911,18 +4841,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_990( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +decompress_ciphertext_coefficient_4a0( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -4936,9 +4866,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_f50( +decompress_ciphertext_coefficient_0d_ea0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_990(v); + return decompress_ciphertext_coefficient_4a0(v); } /** @@ -4948,7 +4878,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_eb(Eurydice_slice serialized) { +deserialize_then_decompress_11_77(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -4958,7 +4888,7 @@ deserialize_then_decompress_11_eb(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_f50(coefficient); + decompress_ciphertext_coefficient_0d_ea0(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4971,8 +4901,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_91(Eurydice_slice serialized) { - return deserialize_then_decompress_11_eb(serialized); +deserialize_then_decompress_ring_element_u_cd(Eurydice_slice serialized) { + return deserialize_then_decompress_11_77(serialized); } /** @@ -4981,17 +4911,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_1a( +static KRML_MUSTINLINE void ntt_vector_u_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_7b(&zeta_i, re); - ntt_at_layer_2_ea(&zeta_i, re); - ntt_at_layer_1_76(&zeta_i, re); - poly_barrett_reduce_ef_e7(re); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_d0(&zeta_i, re); + ntt_at_layer_2_76(&zeta_i, re); + ntt_at_layer_1_5d(&zeta_i, re); + poly_barrett_reduce_ef_17(re); } /** @@ -5002,7 +4932,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_f2( +static KRML_MUSTINLINE void deserialize_then_decompress_u_bb( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; @@ -5025,8 +4955,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_f2( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_91(u_bytes); - ntt_vector_u_1a(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd(u_bytes); + ntt_vector_u_2c(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -5040,18 +4970,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_991( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +decompress_ciphertext_coefficient_4a1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -5065,9 +4995,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_f51( +decompress_ciphertext_coefficient_0d_ea1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_991(v); + return decompress_ciphertext_coefficient_4a1(v); } /** @@ -5077,7 +5007,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_e9(Eurydice_slice serialized) { +deserialize_then_decompress_4_b1(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -5087,7 +5017,7 @@ deserialize_then_decompress_4_e9(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_f51(coefficient); + decompress_ciphertext_coefficient_0d_ea1(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5100,18 +5030,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_992( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +decompress_ciphertext_coefficient_4a2( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -5125,9 +5055,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_f52( +decompress_ciphertext_coefficient_0d_ea2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_992(v); + return decompress_ciphertext_coefficient_4a2(v); } /** @@ -5137,7 +5067,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_53(Eurydice_slice serialized) { +deserialize_then_decompress_5_7b(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -5147,7 +5077,7 @@ deserialize_then_decompress_5_53(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_f52(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_ea2(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5160,8 +5090,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_c1(Eurydice_slice serialized) { - return deserialize_then_decompress_5_53(serialized); +deserialize_then_decompress_ring_element_v_ce(Eurydice_slice serialized) { + return deserialize_then_decompress_5_7b(serialized); } /** @@ -5176,7 +5106,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_ef_c0(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +subtract_reduce_ef_92(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -5201,17 +5131,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_ac( +compute_message_82( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_59(&result, &product);); - invert_ntt_montgomery_fa(&result); - result = subtract_reduce_ef_c0(v, result); + ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_5d(&result, &product);); + invert_ntt_montgomery_55(&result); + result = subtract_reduce_ef_92(v, result); return result; } @@ -5221,13 +5151,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_44( +static KRML_MUSTINLINE void compress_then_serialize_message_15( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_05(re.coefficients[i0]); + to_unsigned_field_modulus_b0(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5253,18 +5183,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_41(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_c9(IndCpaPrivateKeyUnpacked_42 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_f2(ciphertext, u_as_ntt); + deserialize_then_decompress_u_bb(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_c1( + deserialize_then_decompress_ring_element_v_ce( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_ac(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_82(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_44(message, ret0); + compress_then_serialize_message_15(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5278,10 +5208,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_151(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_dc1(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_631(secret_key, secret_as_ntt); + deserialize_secret_key_121(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; memcpy( @@ -5291,9 +5221,9 @@ static void decrypt_151(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t ret0[32U]; - decrypt_unpacked_41(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_c9(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -5344,7 +5274,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d1( +void libcrux_ml_kem_ind_cca_decapsulate_191( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5362,7 +5292,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_151(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_dc1(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -5384,7 +5314,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d1( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_40(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -5394,17 +5324,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d1( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_dc1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_4b1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_91(Eurydice_array_to_slice((size_t)32U, + kdf_d8_19(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_91(shared_secret0, shared_secret1); + kdf_d8_19(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be(ciphertext), + libcrux_ml_kem_types_as_ref_00_40(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5419,7 +5349,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5433,7 +5363,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_60(ring_element); + deserialize_to_reduced_ring_element_a5(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5444,19 +5374,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_660( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_530( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_ed0(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; + deserialize_ring_elements_reduced_da0(public_key, deserialized_pk); memcpy( - result, deserialized_pk, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -5467,7 +5393,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_9e0( +static KRML_MUSTINLINE void serialize_secret_key_5a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -5485,7 +5411,7 @@ static KRML_MUSTINLINE void serialize_secret_key_9e0( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_13(&re, ret0); + serialize_uncompressed_ring_element_8b(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5500,13 +5426,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c0( +static KRML_MUSTINLINE void serialize_public_key_mut_3c0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_9e0(t_as_ntt, ret); + serialize_secret_key_5a0(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5523,12 +5449,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_fd0( +static KRML_MUSTINLINE void serialize_public_key_070( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_6c0(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_3c0(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[800U]; + memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); } /** @@ -5539,15 +5467,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c0(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_bf0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_660( + deserialize_ring_elements_reduced_out_530( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_fd0( + serialize_public_key_070( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5577,7 +5505,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ba( +bool libcrux_ml_kem_ind_cca_validate_private_key_b4( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -5683,7 +5611,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_40( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_36( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6133,7 +6061,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_760( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b10( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6143,8 +6071,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_760( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[2U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6154,7 +6080,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_760( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b0( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); return domain_separator; } @@ -6178,7 +6104,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_150( +static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_cb0( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -6187,18 +6113,18 @@ static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_150( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_760(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b10(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 lit; + tuple_740 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -6212,7 +6138,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_590( +static KRML_MUSTINLINE void add_to_ring_element_ef_5d0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -6236,7 +6162,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_6a0( +static KRML_MUSTINLINE void compute_As_plus_e_c70( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -6263,10 +6189,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_6a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_590(&t_as_ntt[i0], &product); + ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_5d0(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6279,12 +6205,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_1a0( +static void generate_keypair_unpacked_e90( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_ae *private_key, IndCpaPublicKeyUnpacked_ae *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_40(key_generation_seed, hashed); + cpa_keygen_seed_d8_36(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6304,17 +6230,17 @@ static void generate_keypair_unpacked_1a0( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_760(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b10(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_150(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_cb0(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_6a0(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_c70(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -6335,18 +6261,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_080( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_500( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_ae private_key = default_1a_e90(); IndCpaPublicKeyUnpacked_ae public_key = default_8d_d10(); - generate_keypair_unpacked_1a0(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_e90(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_fd0( + serialize_public_key_070( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_9e0(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_5a0(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6355,12 +6281,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_080( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -6370,7 +6296,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_ee( +static KRML_MUSTINLINE void serialize_kem_secret_key_a1( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6426,7 +6352,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6435,13 +6361,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_080(ind_cpa_keypair_randomness); + generate_keypair_500(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_ee( + serialize_kem_secret_key_a1( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6450,13 +6376,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -6469,7 +6395,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_53(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_89(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6519,7 +6445,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_220(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_7f0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -6530,8 +6456,6 @@ sample_ring_element_cbd_220(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[2U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -6548,12 +6472,12 @@ sample_ring_element_cbd_220(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 lit; + tuple_740 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -6577,18 +6501,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_fa0( +static KRML_MUSTINLINE void invert_ntt_montgomery_550( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_ed(&zeta_i, re); - invert_ntt_at_layer_2_30(&zeta_i, re); - invert_ntt_at_layer_3_2f(&zeta_i, re); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_e7(re); + invert_ntt_at_layer_1_08(&zeta_i, re); + invert_ntt_at_layer_2_91(&zeta_i, re); + invert_ntt_at_layer_3_41(&zeta_i, re); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_17(re); } /** @@ -6597,14 +6521,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_a30( +static KRML_MUSTINLINE void compute_vector_u_b80( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_ef_1b();); + result0[i] = ZERO_ef_1b();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6624,12 +6548,16 @@ static KRML_MUSTINLINE void compute_vector_u_a30( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_590(&result[i1], &product); + ntt_multiply_ef_45(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_5d0(&result0[i1], &product); } - invert_ntt_montgomery_fa0(&result[i1]); - add_error_reduce_ef_0d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_550(&result0[i1]); + add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; + memcpy( + result, result0, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -6642,7 +6570,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_da0( +compute_ring_element_v_1e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -6650,10 +6578,10 @@ compute_ring_element_v_da0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_590(&result, &product);); - invert_ntt_montgomery_fa0(&result); - result = add_message_error_reduce_ef_b4(error_2, message, result); + ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_5d0(&result, &product);); + invert_ntt_montgomery_550(&result); + result = add_message_error_reduce_ef_21(error_2, message, result); return result; } @@ -6663,14 +6591,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_100( +static KRML_MUSTINLINE void compress_then_serialize_10_470( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_48(to_unsigned_field_modulus_05(re->coefficients[i0])); + compress_0d_fe(to_unsigned_field_modulus_b0(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6690,11 +6618,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_e00( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b50( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t result[320U]; - compress_then_serialize_10_100(re, result); - memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); + uint8_t uu____0[320U]; + compress_then_serialize_10_470(re, uu____0); + memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } /** @@ -6706,7 +6634,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_0f0( +static void compress_then_serialize_u_cd0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -6722,7 +6650,7 @@ static void compress_then_serialize_u_0f0( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_e00(&re, ret); + compress_then_serialize_ring_element_u_b50(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -6735,9 +6663,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e30( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_cf0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_71(re, out); + compress_then_serialize_4_06(re, out); } /** @@ -6758,7 +6686,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_150(IndCpaPublicKeyUnpacked_ae *public_key, +static void encrypt_unpacked_c30(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -6767,7 +6695,7 @@ static void encrypt_unpacked_150(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____1 = - sample_vector_cbd_then_ntt_out_150(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_cb0(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -6777,7 +6705,7 @@ static void encrypt_unpacked_150(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____3 = - sample_ring_element_cbd_220(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_7f0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -6791,25 +6719,25 @@ static void encrypt_unpacked_150(IndCpaPublicKeyUnpacked_ae *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_a30(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_b80(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_97(copy_of_message); + deserialize_then_decompress_message_e3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_da0(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_1e0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_0f0( + compress_then_serialize_u_cd0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_e30( + compress_then_serialize_ring_element_v_cf0( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -6833,10 +6761,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_dc0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_4b0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_d10(); - deserialize_ring_elements_reduced_ed0( + deserialize_ring_elements_reduced_da0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -6850,9 +6778,9 @@ static void encrypt_dc0(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[768U]; - encrypt_unpacked_150(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); + uint8_t result[768U]; + encrypt_unpacked_c30(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); } /** @@ -6866,7 +6794,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_70(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_ab(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6893,11 +6821,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_660( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_53( + entropy_preprocess_d8_89( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6907,7 +6835,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( size_t); uint8_t ret[32U]; H_f1_d50(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6921,19 +6849,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_1e0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_d10(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_dc0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_4b0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_3a0(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_450(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_70(shared_secret, shared_secret_array); + kdf_d8_ab(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -6951,7 +6879,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_630( +static KRML_MUSTINLINE void deserialize_secret_key_120( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; @@ -6968,11 +6896,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_630( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_96(secret_bytes); + deserialize_to_uncompressed_ring_element_07(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; + memcpy( + result, secret_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, secret_as_ntt, + ret, result, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -6983,8 +6915,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_910(Eurydice_slice serialized) { - return deserialize_then_decompress_10_0d(serialized); +deserialize_then_decompress_ring_element_u_cd0(Eurydice_slice serialized) { + return deserialize_then_decompress_10_5c(serialized); } /** @@ -6993,17 +6925,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_1a0( +static KRML_MUSTINLINE void ntt_vector_u_2c0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_7b(&zeta_i, re); - ntt_at_layer_2_ea(&zeta_i, re); - ntt_at_layer_1_76(&zeta_i, re); - poly_barrett_reduce_ef_e7(re); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_d0(&zeta_i, re); + ntt_at_layer_2_76(&zeta_i, re); + ntt_at_layer_1_5d(&zeta_i, re); + poly_barrett_reduce_ef_17(re); } /** @@ -7014,7 +6946,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_f20( +static KRML_MUSTINLINE void deserialize_then_decompress_u_bb0( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; @@ -7037,8 +6969,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_f20( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_910(u_bytes); - ntt_vector_u_1a0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd0(u_bytes); + ntt_vector_u_2c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -7052,8 +6984,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_c10(Eurydice_slice serialized) { - return deserialize_then_decompress_4_e9(serialized); +deserialize_then_decompress_ring_element_v_ce0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_b1(serialized); } /** @@ -7063,17 +6995,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_ac0( +compute_message_820( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_590(&result, &product);); - invert_ntt_montgomery_fa0(&result); - result = subtract_reduce_ef_c0(v, result); + ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_5d0(&result, &product);); + invert_ntt_montgomery_550(&result); + result = subtract_reduce_ef_92(v, result); return result; } @@ -7087,18 +7019,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_410(IndCpaPrivateKeyUnpacked_ae *secret_key, +static void decrypt_unpacked_c90(IndCpaPrivateKeyUnpacked_ae *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_f20(ciphertext, u_as_ntt); + deserialize_then_decompress_u_bb0(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_c10( + deserialize_then_decompress_ring_element_v_ce0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_ac0(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_820(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_44(message, ret0); + compress_then_serialize_message_15(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7112,10 +7044,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_150(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_dc0(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_630(secret_key, secret_as_ntt); + deserialize_secret_key_120(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; memcpy( @@ -7125,9 +7057,9 @@ static void decrypt_150(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t ret0[32U]; - decrypt_unpacked_410(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_c90(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -7166,7 +7098,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d0( +void libcrux_ml_kem_ind_cca_decapsulate_190( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7184,7 +7116,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_150(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_dc0(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7206,7 +7138,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_400(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7216,17 +7148,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_dc0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_4b0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_70(Eurydice_array_to_slice((size_t)32U, + kdf_d8_ab(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_70(shared_secret0, shared_secret1); + kdf_d8_ab(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be0(ciphertext), + libcrux_ml_kem_types_as_ref_00_400(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7241,7 +7173,7 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -7255,7 +7187,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ed1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_60(ring_element); + deserialize_to_reduced_ring_element_a5(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7266,19 +7198,15 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_66( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_53( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_ed1(public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + deserialize_ring_elements_reduced_da1(public_key, deserialized_pk); memcpy( - ret, result, + ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -7289,7 +7217,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_9e1( +static KRML_MUSTINLINE void serialize_secret_key_5a1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -7307,7 +7235,7 @@ static KRML_MUSTINLINE void serialize_secret_key_9e1( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_13(&re, ret0); + serialize_uncompressed_ring_element_8b(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -7322,13 +7250,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c1( +static KRML_MUSTINLINE void serialize_public_key_mut_3c1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_9e1(t_as_ntt, ret); + serialize_secret_key_5a1(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7345,12 +7273,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_fd1( +static KRML_MUSTINLINE void serialize_public_key_071( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_6c1(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_3c1(t_as_ntt, seed_for_a, public_key_serialized); + uint8_t result[1184U]; + memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); } /** @@ -7361,15 +7291,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_8c(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_bf(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_66( + deserialize_ring_elements_reduced_out_53( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_fd1( + serialize_public_key_071( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7399,7 +7329,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e( +bool libcrux_ml_kem_ind_cca_validate_private_key_33( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -7511,7 +7441,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_58( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_d1( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -7950,7 +7880,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_761( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b11( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -7960,8 +7890,6 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_761( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -7971,7 +7899,7 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_761( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; re_as_ntt[i0] = sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); return domain_separator; } @@ -7995,7 +7923,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_151( +static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_cb1( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -8004,18 +7932,18 @@ static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_151( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_761(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b11(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 lit; + tuple_b00 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -8029,7 +7957,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_591( +static KRML_MUSTINLINE void add_to_ring_element_ef_5d1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -8053,7 +7981,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_6a1( +static KRML_MUSTINLINE void compute_As_plus_e_c71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -8080,10 +8008,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_6a1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_591(&t_as_ntt[i0], &product); + ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_5d1(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_6c(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -8096,12 +8024,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_1a1( +static void generate_keypair_unpacked_e91( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_f8 *private_key, IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_58(key_generation_seed, hashed); + cpa_keygen_seed_d8_d1(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -8121,17 +8049,17 @@ static void generate_keypair_unpacked_1a1( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_761(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b11(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_151(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_cb1(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_6a1(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_c71(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -8152,18 +8080,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_08( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_50( Eurydice_slice key_generation_seed) { IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_e91(); IndCpaPublicKeyUnpacked_f8 public_key = default_8d_d11(); - generate_keypair_unpacked_1a1(key_generation_seed, &private_key, &public_key); + generate_keypair_unpacked_e91(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_fd1( + serialize_public_key_071( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_9e1(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_5a1(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8172,12 +8100,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_08( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -8187,7 +8115,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_d8( +static KRML_MUSTINLINE void serialize_kem_secret_key_b0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8243,7 +8171,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8252,13 +8180,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_08(ind_cpa_keypair_randomness); + generate_keypair_50(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_d8( + serialize_kem_secret_key_b0( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8267,13 +8195,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c0(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f60( - uu____2, libcrux_ml_kem_types_from_5a_450(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee0( + uu____2, libcrux_ml_kem_types_from_5a_670(copy_of_public_key)); } /** @@ -8286,7 +8214,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_be(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_a9(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8304,7 +8232,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_221(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_7f1(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_ef_1b();); @@ -8315,8 +8243,6 @@ sample_ring_element_cbd_221(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); @@ -8333,12 +8259,12 @@ sample_ring_element_cbd_221(uint8_t prf_input[33U], uint8_t domain_separator) { memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 lit; + tuple_b00 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -8362,18 +8288,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_fa1( +static KRML_MUSTINLINE void invert_ntt_montgomery_551( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_ed(&zeta_i, re); - invert_ntt_at_layer_2_30(&zeta_i, re); - invert_ntt_at_layer_3_2f(&zeta_i, re); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_7a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_e7(re); + invert_ntt_at_layer_1_08(&zeta_i, re); + invert_ntt_at_layer_2_91(&zeta_i, re); + invert_ntt_at_layer_3_41(&zeta_i, re); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_17(re); } /** @@ -8382,14 +8308,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_a31( +static KRML_MUSTINLINE void compute_vector_u_b81( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_ef_1b();); + result0[i] = ZERO_ef_1b();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -8409,12 +8335,16 @@ static KRML_MUSTINLINE void compute_vector_u_a31( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_591(&result[i1], &product); + ntt_multiply_ef_45(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_5d1(&result0[i1], &product); } - invert_ntt_montgomery_fa1(&result[i1]); - add_error_reduce_ef_0d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_551(&result0[i1]); + add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; + memcpy( + result, result0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -8427,7 +8357,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_da1( +compute_ring_element_v_1e1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -8435,10 +8365,10 @@ compute_ring_element_v_da1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_591(&result, &product);); - invert_ntt_montgomery_fa1(&result); - result = add_message_error_reduce_ef_b4(error_2, message, result); + ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_5d1(&result, &product);); + invert_ntt_montgomery_551(&result); + result = add_message_error_reduce_ef_21(error_2, message, result); return result; } @@ -8451,7 +8381,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_0f1( +static void compress_then_serialize_u_cd1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -8467,7 +8397,7 @@ static void compress_then_serialize_u_0f1( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_e00(&re, ret); + compress_then_serialize_ring_element_u_b50(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -8491,7 +8421,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_151(IndCpaPublicKeyUnpacked_f8 *public_key, +static void encrypt_unpacked_c31(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -8501,7 +8431,7 @@ static void encrypt_unpacked_151(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____1 = - sample_vector_cbd_then_ntt_out_151(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_cb1(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -8511,7 +8441,7 @@ static void encrypt_unpacked_151(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____3 = - sample_ring_element_cbd_221(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_7f1(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -8525,25 +8455,25 @@ static void encrypt_unpacked_151(IndCpaPublicKeyUnpacked_f8 *public_key, sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_a31(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_b81(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_97(copy_of_message); + deserialize_then_decompress_message_e3(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_da1(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_1e1(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_0f1( + compress_then_serialize_u_cd1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_e30( + compress_then_serialize_ring_element_v_cf0( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -8567,10 +8497,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_dc(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_4b(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_d11(); - deserialize_ring_elements_reduced_ed1( + deserialize_ring_elements_reduced_da1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -8584,9 +8514,9 @@ static void encrypt_dc(Eurydice_slice public_key, uint8_t message[32U], /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1088U]; - encrypt_unpacked_151(uu____1, copy_of_message, randomness, ret1); - memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); + uint8_t result[1088U]; + encrypt_unpacked_c31(uu____1, copy_of_message, randomness, result); + memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } /** @@ -8600,7 +8530,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_ea(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_b7(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8627,11 +8557,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_66( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_be( + entropy_preprocess_d8_a9( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -8641,7 +8571,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( size_t); uint8_t ret[32U]; H_f1_d51(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -8655,19 +8585,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_1e( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d11(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_dc(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_4b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_3a1(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_451(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_ea(shared_secret, shared_secret_array); + kdf_d8_b7(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -8685,7 +8615,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_63( +static KRML_MUSTINLINE void deserialize_secret_key_12( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -8702,11 +8632,15 @@ static KRML_MUSTINLINE void deserialize_secret_key_63( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_96(secret_bytes); + deserialize_to_uncompressed_ring_element_07(secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( - ret, secret_as_ntt, + result, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + memcpy( + ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -8718,7 +8652,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_f21( +static KRML_MUSTINLINE void deserialize_then_decompress_u_bb1( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -8741,8 +8675,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_f21( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_910(u_bytes); - ntt_vector_u_1a0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd0(u_bytes); + ntt_vector_u_2c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -8756,17 +8690,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_ac1( +compute_message_821( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_66(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_591(&result, &product);); - invert_ntt_montgomery_fa1(&result); - result = subtract_reduce_ef_c0(v, result); + ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_5d1(&result, &product);); + invert_ntt_montgomery_551(&result); + result = subtract_reduce_ef_92(v, result); return result; } @@ -8780,18 +8714,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_411(IndCpaPrivateKeyUnpacked_f8 *secret_key, +static void decrypt_unpacked_c91(IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_f21(ciphertext, u_as_ntt); + deserialize_then_decompress_u_bb1(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_c10( + deserialize_then_decompress_ring_element_v_ce0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_ac1(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_821(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_44(message, ret0); + compress_then_serialize_message_15(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8805,10 +8739,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_15(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_dc(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_63(secret_key, secret_as_ntt); + deserialize_secret_key_12(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -8818,9 +8752,9 @@ static void decrypt_15(Eurydice_slice secret_key, uint8_t *ciphertext, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t ret0[32U]; - decrypt_unpacked_411(&secret_key_unpacked, ciphertext, ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + decrypt_unpacked_c91(&secret_key_unpacked, ciphertext, result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -8859,7 +8793,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_2d( +void libcrux_ml_kem_ind_cca_decapsulate_19( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -8877,7 +8811,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_15(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_dc(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -8899,7 +8833,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_be1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_401(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9f3(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -8909,16 +8843,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_2d( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_dc(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_4b(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_ea(Eurydice_array_to_slice((size_t)32U, + kdf_d8_b7(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_ea(shared_secret0, shared_secret1); + kdf_d8_b7(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_be1(ciphertext), + libcrux_ml_kem_types_as_ref_00_401(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index 61ab4ae2b..e36fc4ae2 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem_portable_H @@ -74,10 +74,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_11( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[22U]); -void libcrux_ml_kem_vector_portable_serialize_11( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[22U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -103,9 +99,6 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_11_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -428,7 +421,8 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out); + size_t i, size_t j, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *out); libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_ntt_multiply( @@ -450,10 +444,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[2U]); -void libcrux_ml_kem_vector_portable_serialize_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[2U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -465,9 +455,6 @@ void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -489,10 +476,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[8U]); -void libcrux_ml_kem_vector_portable_serialize_4( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[8U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -507,9 +490,6 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_4_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -532,10 +512,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_5( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[10U]); -void libcrux_ml_kem_vector_portable_serialize_5( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[10U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -550,9 +526,6 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_5_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -567,10 +540,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_10( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[20U]); -void libcrux_ml_kem_vector_portable_serialize_10( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[20U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -585,9 +554,6 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_10_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -608,10 +574,6 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_12( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[24U]); -void libcrux_ml_kem_vector_portable_serialize_12( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[24U]); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -631,9 +593,6 @@ int16_t_x2 libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes); -libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a); - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index 573e394f6..09a7923b5 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index 401087870..49d6623c3 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "internal/libcrux_sha3_avx2.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index f16eb40f0..1e2e63c96 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index 1a0eb4009..5b4b70a94 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index e6ff85f86..d84fc7126 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #include "libcrux_sha3_neon.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index faa5831e2..bdb6771ab 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_neon_H diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index 620e1c137..7599cb2f1 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad +Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index 20077092f..c6916acab 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_core_H @@ -221,7 +221,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_73( +static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_76( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -245,7 +245,7 @@ with const generics - SIZE= 1184 */ static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_5a_45(uint8_t value[1184U]) { +libcrux_ml_kem_types_from_5a_67(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); @@ -279,7 +279,7 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_3a_f6(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, +libcrux_ml_kem_types_from_3a_ee(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); @@ -295,7 +295,7 @@ with const generics - SIZE= 2400 */ static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_7f_8c(uint8_t value[2400U]) { +libcrux_ml_kem_types_from_7f_af(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); @@ -359,7 +359,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_33(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_01_8c(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -376,7 +376,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_d9( +static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_02( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -428,7 +428,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_69( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_8c( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index 677876656..2b5ee19c2 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index f78826e2c..553bb0252 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_avx2_H @@ -1319,7 +1319,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_87(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_23(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -1331,7 +1331,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_db( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ff( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1352,7 +1352,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_a9( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_c6( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -1370,12 +1370,16 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_a9( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_db( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ff( secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + memcpy( + result, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, secret_as_ntt, + ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -1389,7 +1393,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_6d(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_53(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -1401,7 +1405,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_04( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_53( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1453,9 +1457,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e0( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_04( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_53( vector); } @@ -1467,7 +1471,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_6a( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_86( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1483,7 +1487,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_6a( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e0( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb( coefficient); } return re; @@ -1497,7 +1501,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_040( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_530( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1549,9 +1553,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e00( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb0( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_040( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_530( vector); } @@ -1563,7 +1567,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_ce( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_6d( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1574,7 +1578,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_ce( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e00( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb0( coefficient); } return re; @@ -1588,9 +1592,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e0( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_3c( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_6a(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_86(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1605,7 +1609,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0( +static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f( __m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -1618,9 +1622,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_ntt_ntt_layer_int_vec_step_e8(__m256i a, __m256i b, +libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0(b, zeta_r); + __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -1634,7 +1638,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -1647,7 +1651,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_e8( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -1665,7 +1669,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_46( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_ba( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1684,7 +1688,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_53( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_89( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1704,7 +1708,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_42( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_d7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1731,7 +1735,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -1748,24 +1752,24 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_76( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_96( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_46(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_ba(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_53(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_89(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_42(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_d7(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); } /** @@ -1778,7 +1782,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_8e( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9c( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -1803,9 +1807,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_8e( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e0( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_3c( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_76(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_96(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -1820,7 +1824,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_041( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_531( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1872,9 +1876,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e01( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_041( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_531( vector); } @@ -1886,7 +1890,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_c2( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1897,7 +1901,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e01( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb1( coefficient); } return re; @@ -1911,7 +1915,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_042( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_532( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1963,9 +1967,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e02( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb2( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_042( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_532( vector); } @@ -1977,7 +1981,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_05( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_1b( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -1988,7 +1992,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_05( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_e02( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb2( re.coefficients[i0]); } return re; @@ -2002,9 +2006,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_ca( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f4( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_d2(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_c2(serialized); } /** @@ -2020,7 +2024,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ntt_multiply_ef_d5( +libcrux_ml_kem_polynomial_ntt_multiply_ef_b2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = @@ -2053,7 +2057,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2074,7 +2078,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_cd( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_2d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2098,7 +2102,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_56( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_38( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2120,7 +2124,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_76( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_0f( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2141,13 +2145,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_db(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_9b(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e0(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2160,7 +2164,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2175,7 +2179,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_db( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_9b( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2193,22 +2197,22 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_cd(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_56(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_76(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_2d(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_38(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_0f(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_14(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); } /** @@ -2224,7 +2228,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_ef_dd( +libcrux_ml_kem_polynomial_subtract_reduce_ef_23( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; @@ -2248,7 +2252,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_fc( +libcrux_ml_kem_matrix_compute_message_ee( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -2257,12 +2261,12 @@ libcrux_ml_kem_matrix_compute_message_fc( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_dd(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_23(v, result); return result; } @@ -2273,7 +2277,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6b(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_f2(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2287,9 +2291,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_ff( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_c1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6b(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_f2(vector); } /** @@ -2300,8 +2304,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_traits_to_unsigned_representative_e5(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_ff(a); +libcrux_ml_kem_vector_traits_to_unsigned_representative_3f(__m256i a) { + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_c1(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -2315,8 +2319,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a(__m256i a) { - return libcrux_ml_kem_vector_traits_to_unsigned_representative_e5(a); +libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b(__m256i a) { + return libcrux_ml_kem_vector_traits_to_unsigned_representative_3f(a); } /** @@ -2327,12 +2331,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_76( +libcrux_ml_kem_serialize_compress_then_serialize_message_db( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); @@ -2359,20 +2363,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_8e(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9c(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_ca( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f4( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_fc(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_ee(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_76(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_db(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2387,11 +2391,11 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_6f(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_1c(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_a9(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_c6(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -2402,10 +2406,10 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_6f(Eurydice_slice secret_key, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a(&secret_key_unpacked, ciphertext, - ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3(&secret_key_unpacked, ciphertext, + result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -2497,7 +2501,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_d9( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ed( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -2521,7 +2525,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2535,7 +2539,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_d9( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ed( ring_element); deserialized_pk[i0] = uu____0; } @@ -3016,7 +3020,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_1b(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_f4(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3185,7 +3189,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_69( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_13( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3207,23 +3211,23 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_25( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ef( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_69(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_13(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_07( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_46( + libcrux_ml_kem_ntt_ntt_at_layer_3_ba( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_53( + libcrux_ml_kem_ntt_ntt_at_layer_2_89( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_42( + libcrux_ml_kem_ntt_ntt_at_layer_1_d7( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_83(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); } /** @@ -3236,7 +3240,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3246,8 +3250,6 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -3260,7 +3262,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( re_as_ntt[i0] = libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_25(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]); } return domain_separator; } @@ -3275,7 +3277,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3284,19 +3286,19 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 lit; + tuple_b00 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -3309,7 +3311,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_22(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_92(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3323,7 +3325,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_fe(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3336,8 +3338,6 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -3357,12 +3357,12 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88(uint8_t prf_input[33U], memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 lit; + tuple_b00 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -3403,7 +3403,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_fe(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_c6(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -3419,7 +3419,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_03( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_3a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3441,14 +3441,14 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_43( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + result0[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -3469,13 +3469,18 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result0[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_03(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result0[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_3a(&result0[i1], + &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; + memcpy( + result, result0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -3488,7 +3493,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_22( +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_06( __m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); @@ -3504,7 +3509,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_50( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_45( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -3515,7 +3520,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_50( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_22(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_06(coefficient_compressed); } return re; } @@ -3533,7 +3538,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_9e( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_81( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3561,7 +3566,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_c3( +libcrux_ml_kem_matrix_compute_ring_element_v_5b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3571,12 +3576,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_c3( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3e(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_9e( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_81( error_2, message, result); return result; } @@ -3589,7 +3594,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d6( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3644,9 +3649,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d6( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f( vector); } @@ -3658,14 +3663,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_36( +libcrux_ml_kem_serialize_compress_then_serialize_10_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); @@ -3687,7 +3692,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d60( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f0( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3742,9 +3747,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc0( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e0( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d60( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f0( vector); } @@ -3756,14 +3761,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_aa( +libcrux_ml_kem_serialize_compress_then_serialize_11_47( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc0( - libcrux_ml_kem_vector_traits_to_unsigned_representative_e5( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_3f( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); @@ -3784,11 +3789,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_e3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t result[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_36(re, result); - memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); + uint8_t uu____0[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_34(re, uu____0); + memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } /** @@ -3801,7 +3806,7 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c5( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_57( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3817,7 +3822,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c5( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_25(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_e3(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3832,7 +3837,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d61( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f1( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3887,9 +3892,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc1( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d61( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f1( vector); } @@ -3901,14 +3906,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_25( +libcrux_ml_kem_serialize_compress_then_serialize_4_c3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_fc1( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); @@ -3927,7 +3932,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d62( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f2( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3982,9 +3987,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_fc2( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e2( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d62( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f2( vector); } @@ -4002,8 +4007,8 @@ libcrux_ml_kem_serialize_compress_then_serialize_5_de( for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_fc2( - libcrux_ml_kem_vector_traits_to_unsigned_representative_e5( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_3e2( + libcrux_ml_kem_vector_traits_to_unsigned_representative_3f( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); @@ -4023,9 +4028,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_2a( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ba( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_25(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_c3(re, out); } /** @@ -4046,7 +4051,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -4054,7 +4059,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( + tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( @@ -4064,7 +4069,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_88( + tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_fe( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( @@ -4079,27 +4084,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_59(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_43(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_50( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_45( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_c3( + libcrux_ml_kem_matrix_compute_ring_element_v_5b( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c5( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_57( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_2a( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ba( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4123,13 +4128,13 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_cf(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_b6(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4144,10 +4149,10 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_cf(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4(uu____1, copy_of_message, - randomness, ret1); - memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); + uint8_t result[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____1, copy_of_message, + randomness, result); + memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } /** @@ -4162,7 +4167,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_b2( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_16( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4194,7 +4199,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_1b( +static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4212,7 +4217,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_6f(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_1c(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4236,7 +4241,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -4247,18 +4252,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_cf(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_b6(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_b2( + libcrux_ml_kem_variant_kdf_d8_16( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_b2(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_16(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4288,10 +4293,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7f( +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0b( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1b(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1f(private_key, ciphertext, ret); } /** @@ -4305,7 +4310,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7f(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0b(private_key, ciphertext, ret); } @@ -4320,7 +4325,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_6c( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_64( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4363,11 +4368,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_82( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_6c( + libcrux_ml_kem_variant_entropy_preprocess_d8_64( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4378,7 +4383,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4393,20 +4398,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_cf(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_b6(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_b2(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_16(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4438,14 +4443,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_00( +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_71( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cf(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_82(uu____0, copy_of_randomness); } /** @@ -4463,7 +4468,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_00( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_71( uu____0, copy_of_randomness); } @@ -4499,7 +4504,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_75( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4522,7 +4527,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_bb( +static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_79( __m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -4541,14 +4546,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_e7( +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_bb( + libcrux_ml_kem_vector_traits_to_standard_domain_79( self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, @@ -4563,7 +4568,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_b6( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_2d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -4591,12 +4596,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_b6( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_d5(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_aa(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_e7( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_34( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -4611,12 +4616,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_75(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -4636,7 +4641,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4644,11 +4649,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_b6( + libcrux_ml_kem_matrix_compute_As_plus_e_2d( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -4666,13 +4671,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_09( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_2c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_8a( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); @@ -4694,7 +4699,7 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_23( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_99( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4712,7 +4717,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_23( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_09(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_2c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4728,13 +4733,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_23(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_99(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4752,13 +4757,15 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_16( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_ca( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + uint8_t result[1184U]; + memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); } /** @@ -4775,20 +4782,20 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_47(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_6a(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_16( + libcrux_ml_kem_ind_cpa_serialize_public_key_ca( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_23(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_99(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4798,12 +4805,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_47(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -4814,7 +4821,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -4871,7 +4878,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_0b(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -4880,13 +4887,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_47(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_6a(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -4895,13 +4902,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -4917,12 +4924,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_91( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_20( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_dd(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_0b(copy_of_randomness); } /** @@ -4934,7 +4941,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_91( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_20( copy_of_randomness); } @@ -4950,7 +4957,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_45( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_f5( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -4961,7 +4968,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_45( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_73(ciphertext), + libcrux_ml_kem_types_as_slice_d4_76(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -4995,7 +5002,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_1b0( +static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5013,7 +5020,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_6f(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_1c(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5037,7 +5044,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -5048,18 +5055,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1b0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_cf(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_b6(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_45( + libcrux_ml_kem_variant_kdf_33_f5( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_45(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_f5(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5093,10 +5100,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_5c( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_02( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1b0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1f0(private_key, ciphertext, ret); } /** @@ -5110,7 +5117,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_5c( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_02( private_key, ciphertext, ret); } @@ -5125,7 +5132,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_bf( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_e7( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H_a9_41(randomness, ret); } @@ -5150,11 +5157,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf0( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_820( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_bf( + libcrux_ml_kem_variant_entropy_preprocess_33_e7( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5165,7 +5172,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf0( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5180,20 +5187,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_cf(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_b6(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_45(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_f5(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5228,14 +5235,14 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_9d( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_7a( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cf0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_820(uu____0, copy_of_randomness); } /** @@ -5253,7 +5260,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_9d( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_7a( uu____0, copy_of_randomness); } @@ -5268,7 +5275,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_c2( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_bc( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G_a9_9f(key_generation_seed, ret); } @@ -5283,12 +5290,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a40( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_c2(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_bc(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5308,7 +5315,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_68( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5316,11 +5323,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_48( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_b6( + libcrux_ml_kem_matrix_compute_As_plus_e_2d( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5344,21 +5351,21 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_470( +libcrux_ml_kem_ind_cpa_generate_keypair_6a0( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a20( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a40( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_16( + libcrux_ml_kem_ind_cpa_serialize_public_key_ca( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_23(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_99(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5368,12 +5375,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_470( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -5391,7 +5398,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5400,13 +5407,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_470(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_6a0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7b( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5415,13 +5422,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_dd0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -5438,12 +5445,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_47( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_74( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_dd0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_0b0(copy_of_randomness); } /** @@ -5455,7 +5462,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_47( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_74( copy_of_randomness); } @@ -5468,7 +5475,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_7e( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_3a( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -5494,10 +5501,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_ac( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_4f( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_7e(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_3a(private_key, ciphertext); } @@ -5510,7 +5517,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_ac( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_4f( private_key, ciphertext); } @@ -5522,7 +5529,7 @@ types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_c0( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_4b( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -5535,21 +5542,17 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_17( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_3e( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - result, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); } @@ -5562,16 +5565,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_7d( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_c0( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_17( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_3e( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_16( + libcrux_ml_kem_ind_cpa_serialize_public_key_ca( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5590,9 +5593,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a2( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a4( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_7d(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_c0(public_key); } /** @@ -5603,7 +5606,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a2( KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a2( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a4( public_key->value); } @@ -5629,11 +5632,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_2a( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5663,7 +5666,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( @@ -5675,11 +5678,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -5716,10 +5719,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_03( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_e8( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_e0(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a(key_pair, ciphertext, ret); } /** @@ -5733,7 +5736,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_decapsulate( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_03( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_e8( private_key, ciphertext, ret); } @@ -5756,7 +5759,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_98( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_11( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -5784,7 +5787,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_98( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_b4(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -5794,7 +5797,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_98( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -5828,7 +5831,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cf( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_89( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = @@ -5836,7 +5839,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cf( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_98(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_11(uu____0, copy_of_randomness); } @@ -5857,7 +5860,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cf( + return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_89( uu____0, copy_of_randomness); } @@ -5877,7 +5880,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_d8(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_59(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_05(); } @@ -5896,7 +5899,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_b6( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_c4( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); @@ -5916,7 +5919,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_clone_8d_35( +libcrux_ml_kem_polynomial_clone_8d_ae( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; __m256i ret[16U]; @@ -5943,7 +5946,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_41( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -5953,19 +5956,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a2( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_b6(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_c4(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_35( + libcrux_ml_kem_polynomial_clone_8d_ae( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -5978,7 +5981,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_16( + libcrux_ml_kem_ind_cpa_serialize_public_key_ca( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6014,13 +6017,13 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b3( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b7( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_c0(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_41(copy_of_randomness, out); } /** @@ -6033,7 +6036,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b3( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b7( copy_of_randomness, key_pair); } @@ -6050,7 +6053,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_default_1c_c3(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_9e(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); lit.public_key_hash[0U] = 0U; @@ -6102,7 +6105,7 @@ with const generics KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_0d(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_e2(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); uu____0.implicit_rejection_value[0U] = 0U; @@ -6140,7 +6143,7 @@ static KRML_MUSTINLINE return ( CLITERAL(libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_c3()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_9e()}); } /** @@ -6149,7 +6152,7 @@ static KRML_MUSTINLINE KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_0d(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_e2(); } /** @@ -6158,7 +6161,7 @@ libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_c3(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_9e(); } /** @@ -6179,10 +6182,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ff( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -6207,10 +6210,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_19( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a7( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92( &self->public_key, serialized); } @@ -6222,7 +6225,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_19(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a7(key_pair, serialized); } @@ -6239,7 +6242,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_d3( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_42( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -6276,11 +6279,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_clone_28_35( +libcrux_ml_kem_ind_cca_unpacked_clone_28_24( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_d3(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_42(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -6304,7 +6307,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_d5( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_77( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -6317,8 +6320,8 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_35( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_d5(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_24( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_77(key_pair)); pk[0U] = uu____0; } @@ -6329,7 +6332,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_32(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92(public_key, serialized); } @@ -6347,13 +6350,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_e7( +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_72( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ba( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -6373,7 +6376,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_e7( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_41( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -6394,11 +6397,11 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_02( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_d1( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_e7(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_72(public_key, unpacked_public_key); } @@ -6410,7 +6413,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_02( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_d1( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h index 6a6aba124..a99ed2625 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_avx2_types_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 3cc9d5fa2..2d7b89018 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_portable_H @@ -250,12 +250,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_11( ret[21U] = r11_21.f10; } -static inline void libcrux_ml_kem_vector_portable_serialize_11( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -263,7 +257,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_11_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_11(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); } typedef struct int16_t_x8_s { @@ -367,18 +361,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_11(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); } static KRML_MUSTINLINE void @@ -1232,9 +1221,7 @@ libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - int16_t r0 = shifted_positive_in_range >> 15U; - int16_t r1 = r0 & (int16_t)1; - return (uint8_t)r1; + return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1284,10 +1271,8 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step( int16_t t = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( vec->elements[j], zeta); - int16_t a_minus_t = vec->elements[i] - t; - int16_t a_plus_t = vec->elements[i] + t; - vec->elements[j] = a_minus_t; - vec->elements[i] = a_plus_t; + vec->elements[j] = vec->elements[i] - t; + vec->elements[i] = vec->elements[i] + t; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1396,9 +1381,8 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step( libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, int16_t zeta, size_t i, size_t j) { int16_t a_minus_b = vec->elements[j] - vec->elements[i]; - int16_t a_plus_b = vec->elements[j] + vec->elements[i]; int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - a_plus_b); + vec->elements[i] + vec->elements[j]); int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( a_minus_b, zeta); @@ -1513,11 +1497,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { - int16_t ai = a->elements[(size_t)2U * i]; - int16_t bi = b->elements[(size_t)2U * i]; - int16_t aj = a->elements[(size_t)2U * i + (size_t)1U]; - int16_t bj = b->elements[(size_t)2U * i + (size_t)1U]; + size_t i, size_t j, + libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { + int16_t ai = a->elements[i]; + int16_t bi = b->elements[i]; + int16_t aj = a->elements[j]; + int16_t bj = b->elements[j]; int32_t ai_bi = (int32_t)ai * (int32_t)bi; int32_t aj_bj_ = (int32_t)aj * (int32_t)bj; int16_t aj_bj = @@ -1534,10 +1519,8 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( ai_bj_aj_bi); - int16_t _out0[16U]; - memcpy(_out0, out->elements, (size_t)16U * sizeof(int16_t)); - out->elements[(size_t)2U * i] = o0; - out->elements[(size_t)2U * i + (size_t)1U] = o1; + out->elements[i] = o0; + out->elements[j] = o1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1551,22 +1534,22 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply( int16_t nzeta3 = -zeta3; libcrux_ml_kem_vector_portable_vector_type_PortableVector out = libcrux_ml_kem_vector_portable_vector_type_zero(); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta0, - (size_t)0U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta0, - (size_t)1U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta1, - (size_t)2U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta1, - (size_t)3U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta2, - (size_t)4U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta2, - (size_t)5U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta3, - (size_t)6U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta3, - (size_t)7U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta0, (size_t)2U, (size_t)3U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta1, (size_t)6U, (size_t)7U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta2, (size_t)10U, (size_t)11U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( + lhs, rhs, nzeta3, (size_t)14U, (size_t)15U, &out); return out; } @@ -1607,12 +1590,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_1( ret[1U] = result1; } -static inline void libcrux_ml_kem_vector_portable_serialize_1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1620,7 +1597,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_1(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1707,18 +1684,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_1(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); } typedef struct uint8_t_x4_s { @@ -1776,12 +1748,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_4( ret[7U] = result4_7.f3; } -static inline void libcrux_ml_kem_vector_portable_serialize_4( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1789,7 +1755,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_4_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_4(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -1859,18 +1825,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_4(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); } typedef struct uint8_t_x5_s { @@ -1927,12 +1888,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_5( ret[9U] = r5_9.f4; } -static inline void libcrux_ml_kem_vector_portable_serialize_5( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1940,7 +1895,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_5_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_5(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -2021,18 +1976,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_5(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); } static KRML_MUSTINLINE uint8_t_x5 @@ -2107,12 +2057,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_10( ret[19U] = r15_19.f4; } -static inline void libcrux_ml_kem_vector_portable_serialize_10( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2120,7 +2064,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_10_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_10(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -2209,18 +2153,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_10(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); } typedef struct uint8_t_x3_s { @@ -2295,12 +2234,6 @@ libcrux_ml_kem_vector_portable_serialize_serialize_12( ret[23U] = r21_23.thd; } -static inline void libcrux_ml_kem_vector_portable_serialize_12( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a, - uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2308,7 +2241,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_12_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_12(a, ret); + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); } typedef struct int16_t_x2_s { @@ -2371,18 +2304,13 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { return lit; } -static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); -} - /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_deserialize_12(a); + return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); } static KRML_MUSTINLINE size_t @@ -2558,7 +2486,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_e3(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_57(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -2569,7 +2497,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_2b( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_4c( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2591,7 +2519,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_66( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -2609,12 +2537,16 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_66( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_2b( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_4c( secret_bytes); secret_as_ntt[i0] = uu____0; } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( - ret, secret_as_ntt, + result, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + memcpy( + ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -2627,7 +2559,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - U_COMPRESSION_FACTOR= 10 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_3c(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_77(size_t _) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -2638,18 +2570,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_99( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -2663,9 +2595,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f5( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_99( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a( v); } @@ -2676,7 +2608,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_3b( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_f9( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2695,7 +2627,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_3b( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f5( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea( coefficient); re.coefficients[i0] = uu____0; } @@ -2709,18 +2641,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_990( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a0( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -2734,9 +2666,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f50( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_990( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a0( v); } @@ -2747,7 +2679,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_0b( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_a7( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -2759,7 +2691,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_0b( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f50( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea0( coefficient); re.coefficients[i0] = uu____0; } @@ -2773,9 +2705,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_19( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_d9( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_3b(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_f9(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2790,7 +2722,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d( +libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -2804,12 +2736,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_31( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d(b, zeta_r); + libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -2823,7 +2755,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2836,7 +2768,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_31( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -2853,7 +2785,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_7b( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_d0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2873,7 +2805,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ea( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_76( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2894,7 +2826,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_76( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_5d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2922,7 +2854,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2940,24 +2872,24 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_04( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_7b(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_d0(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_ea(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_76(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_76(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_5d(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); } /** @@ -2969,7 +2901,7 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9d( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -2994,9 +2926,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_19( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_d9( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_04(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_62(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -3010,18 +2942,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_991( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -3035,9 +2967,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f51( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_991( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a1( v); } @@ -3048,7 +2980,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_b6( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_87( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3060,7 +2992,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_b6( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f51( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea1( coefficient); re.coefficients[i0] = uu____0; } @@ -3074,18 +3006,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_992( - libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a2( + libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)a.elements[i0] * + int32_t decompressed = (int32_t)v.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - a.elements[i0] = (int16_t)decompressed; + v.elements[i0] = (int16_t)decompressed; } - return a; + return v; } /** @@ -3099,9 +3031,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f52( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_992( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a2( v); } @@ -3112,7 +3044,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_e8( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_df( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3124,7 +3056,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_e8( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f52( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea2( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3138,9 +3070,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_e4( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_54( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_b6(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_87(serialized); } /** @@ -3155,7 +3087,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_ef_66( +libcrux_ml_kem_polynomial_ntt_multiply_ef_45( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = @@ -3189,7 +3121,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_59( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3213,7 +3145,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f7( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_28( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3236,7 +3168,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_d5( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_69( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3257,7 +3189,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_60( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_6a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3279,7 +3211,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_c4( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_96( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3287,7 +3219,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5d(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -3300,7 +3232,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3315,7 +3247,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_c4( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_96( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3332,22 +3264,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f7(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_d5(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_60(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_28(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_69(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_6a(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1d(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); } /** @@ -3362,7 +3294,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_ef_15( +libcrux_ml_kem_polynomial_subtract_reduce_ef_3d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; @@ -3388,7 +3320,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_95( +libcrux_ml_kem_matrix_compute_message_d5( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -3397,12 +3329,12 @@ libcrux_ml_kem_matrix_compute_message_95( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_66(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_15(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_3d(v, result); return result; } @@ -3412,7 +3344,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_95( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3432,9 +3364,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_3e( +libcrux_ml_kem_vector_portable_shift_right_0d_9d( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_3c(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_95(v); } /** @@ -3444,10 +3376,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_30( +libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_3e(a); + libcrux_ml_kem_vector_portable_shift_right_0d_9d(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -3461,10 +3393,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( +libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_vector_traits_to_unsigned_representative_30(a); + libcrux_ml_kem_vector_traits_to_unsigned_representative_7c(a); return result; } @@ -3475,13 +3407,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_8c( +libcrux_ml_kem_serialize_compress_then_serialize_message_b1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3509,20 +3441,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_46( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9d(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_e4( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_54( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_95(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_d5(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_8c(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_b1(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3536,11 +3468,11 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_66(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_35(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_66(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -3551,10 +3483,10 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_66(Eurydice_slice secret_key, memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_46(&secret_key_unpacked, ciphertext, - ret0); - memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); + uint8_t result[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d(&secret_key_unpacked, ciphertext, + result); + memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); } /** @@ -3641,7 +3573,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_f3( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_87( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -3666,7 +3598,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -3680,7 +3612,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_f3( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_87( ring_element); deserialized_pk[i0] = uu____0; } @@ -4151,7 +4083,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_ba(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_55(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4298,7 +4230,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_5f( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_97( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -4321,23 +4253,23 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_62( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_5f(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_97(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_64( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_7b( + libcrux_ml_kem_ntt_ntt_at_layer_3_d0( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_ea( + libcrux_ml_kem_ntt_ntt_at_layer_2_76( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_76( + libcrux_ml_kem_ntt_ntt_at_layer_1_5d( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_e7(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); } /** @@ -4350,7 +4282,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -4360,8 +4292,6 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -4374,7 +4304,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( re_as_ntt[i0] = libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_62(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]); } return domain_separator; } @@ -4389,7 +4319,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4398,19 +4328,19 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 lit; + tuple_b0 result; memcpy( - lit.fst, copy_of_re_as_ntt, + result.fst, copy_of_re_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -4423,7 +4353,7 @@ generics - ETA2= 2 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_2b(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_b7(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4437,7 +4367,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4450,8 +4380,6 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } - uint8_t _prf_inputs_init[3U][33U]; - memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; @@ -4471,12 +4399,12 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f(uint8_t prf_input[33U], memcpy( copy_of_error_1, error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 lit; + tuple_b0 result; memcpy( - lit.fst, copy_of_error_1, + result.fst, copy_of_error_1, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - lit.snd = domain_separator; - return lit; + result.snd = domain_separator; + return result; } /** @@ -4514,7 +4442,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_7e(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_a1(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -4529,7 +4457,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_1a( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_2f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4553,14 +4481,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_5e( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_90( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + result0[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -4581,13 +4509,18 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_5e( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_66(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_ef_45(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result0[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_1a(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result0[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_2f(&result0[i1], + &error_1[i1]); } + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; + memcpy( + result, result0, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -4600,7 +4533,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_8d( +libcrux_ml_kem_vector_traits_decompress_1_d4( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4619,7 +4552,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_f2( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_c5( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -4632,7 +4565,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_f2( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_8d(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_d4(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4650,7 +4583,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_01( +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_bf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4680,7 +4613,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_63( +libcrux_ml_kem_matrix_compute_ring_element_v_c6( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4690,12 +4623,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_63( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_66(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_be(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_01( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_bf( error_2, message, result); return result; } @@ -4706,7 +4639,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_de( +libcrux_ml_kem_vector_portable_compress_compress_61( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4729,9 +4662,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_48( +libcrux_ml_kem_vector_portable_compress_0d_fe( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_de(a); + return libcrux_ml_kem_vector_portable_compress_compress_61(a); } /** @@ -4741,15 +4674,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_22( +libcrux_ml_kem_serialize_compress_then_serialize_10_9d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_48( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( + libcrux_ml_kem_vector_portable_compress_0d_fe( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4769,7 +4702,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_de0( +libcrux_ml_kem_vector_portable_compress_compress_610( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4792,9 +4725,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_480( +libcrux_ml_kem_vector_portable_compress_0d_fe0( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_de0(a); + return libcrux_ml_kem_vector_portable_compress_compress_610(a); } /** @@ -4804,15 +4737,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_ca( +libcrux_ml_kem_serialize_compress_then_serialize_11_63( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_480( - libcrux_ml_kem_vector_traits_to_unsigned_representative_30( + libcrux_ml_kem_vector_portable_compress_0d_fe0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); @@ -4832,11 +4765,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cb( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_78( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t result[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_22(re, result); - memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); + uint8_t uu____0[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_9d(re, uu____0); + memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } /** @@ -4848,7 +4781,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f9( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_d3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4864,7 +4797,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f9( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_cb(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_78(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4877,7 +4810,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_de1( +libcrux_ml_kem_vector_portable_compress_compress_611( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4900,9 +4833,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_481( +libcrux_ml_kem_vector_portable_compress_0d_fe1( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_de1(a); + return libcrux_ml_kem_vector_portable_compress_compress_611(a); } /** @@ -4912,15 +4845,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_20( +libcrux_ml_kem_serialize_compress_then_serialize_4_32( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_481( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( + libcrux_ml_kem_vector_portable_compress_0d_fe1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4937,7 +4870,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_de2( +libcrux_ml_kem_vector_portable_compress_compress_612( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4960,9 +4893,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_482( +libcrux_ml_kem_vector_portable_compress_0d_fe2( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_de2(a); + return libcrux_ml_kem_vector_portable_compress_compress_612(a); } /** @@ -4972,15 +4905,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_6d( +libcrux_ml_kem_serialize_compress_then_serialize_5_14( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_482( - libcrux_ml_kem_vector_traits_to_unsigned_representative_30( + libcrux_ml_kem_vector_portable_compress_0d_fe2( + libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); @@ -4999,9 +4932,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_cf( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_32( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_20(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_32(re, out); } /** @@ -5022,7 +4955,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_24( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -5030,7 +4963,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( + tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( @@ -5040,7 +4973,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6f( + tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( @@ -5055,27 +4988,27 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_5e(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_90(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_f2( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_c5( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_63( + libcrux_ml_kem_matrix_compute_ring_element_v_c6( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f9( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_d3( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_cf( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_32( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5099,13 +5032,13 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_2a(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_a7(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5120,10 +5053,10 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_2a(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t ret1[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e(uu____1, copy_of_message, - randomness, ret1); - memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); + uint8_t result[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_24(uu____1, copy_of_message, + randomness, result); + memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); } /** @@ -5137,7 +5070,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_ea( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_b7( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5168,7 +5101,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_58( +static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5186,7 +5119,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_58( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_66(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_35(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5210,7 +5143,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_58( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -5221,18 +5154,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_58( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_a7(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_ea( + libcrux_ml_kem_variant_kdf_d8_b7( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_ea(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_b7(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5262,10 +5195,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d2( +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_a8( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_58(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_d5(private_key, ciphertext, ret); } /** @@ -5278,7 +5211,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d2( static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_d2( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_a8( private_key, ciphertext, ret); } @@ -5292,7 +5225,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_be( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_a9( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5333,11 +5266,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_49( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_be( + libcrux_ml_kem_variant_entropy_preprocess_d8_a9( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5348,7 +5281,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5363,20 +5296,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_a7(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_ea(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_b7(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5407,14 +5340,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_da( +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_a9( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_eb(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_49(uu____0, copy_of_randomness); } /** @@ -5431,7 +5364,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_da( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_a9( uu____0, copy_of_randomness); } @@ -5465,7 +5398,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_58( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_d1( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5488,7 +5421,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_c1( +libcrux_ml_kem_vector_traits_to_standard_domain_bf( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -5506,7 +5439,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_6c( +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_0f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -5514,7 +5447,7 @@ libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_6c( size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_c1( + libcrux_ml_kem_vector_traits_to_standard_domain_bf( self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( @@ -5530,7 +5463,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_6a( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_c7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -5558,12 +5491,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_66(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_59(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_6c( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_0f( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5577,12 +5510,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_58(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_d1(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5602,7 +5535,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5610,11 +5543,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_6a( + libcrux_ml_kem_matrix_compute_As_plus_e_c7( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5631,14 +5564,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_13( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_05( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5659,7 +5592,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_9e( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_5a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -5677,7 +5610,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_9e( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_13(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8b(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5692,13 +5625,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5715,13 +5648,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_fd( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_07( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c(t_as_ntt, seed_for_a, public_key_serialized); - memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + uint8_t result[1184U]; + memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); } /** @@ -5737,20 +5672,20 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_08(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_50(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_fd( + libcrux_ml_kem_ind_cpa_serialize_public_key_07( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5760,12 +5695,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_08(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -5775,7 +5710,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5831,7 +5766,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5840,13 +5775,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_08(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_50(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5855,13 +5790,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_91(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -5877,12 +5812,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_56( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_91(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_6f(copy_of_randomness); } /** @@ -5893,7 +5828,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_56( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d1( copy_of_randomness); } @@ -5908,7 +5843,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_a1( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_de( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -5919,7 +5854,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_a1( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_73(ciphertext), + libcrux_ml_kem_types_as_slice_d4_76(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -5952,7 +5887,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_580( +static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5970,7 +5905,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_580( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_66(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_35(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5994,7 +5929,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_580( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -6005,18 +5940,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_580( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_a7(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_a1( + libcrux_ml_kem_variant_kdf_33_de( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_a1(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_de(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6050,10 +5985,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_bc( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_08( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_580(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_d50(private_key, ciphertext, ret); } /** @@ -6066,7 +6001,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_bc( static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_bc( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_08( private_key, ciphertext, ret); } @@ -6080,7 +6015,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_cd( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_47( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H_f1_d5(randomness, ret); } @@ -6104,11 +6039,11 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb0( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_490( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_cd( + libcrux_ml_kem_variant_entropy_preprocess_33_47( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6119,7 +6054,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb0( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6134,20 +6069,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d9(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_a7(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_a1(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_de(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6182,14 +6117,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_02( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_9e( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_eb0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_490(uu____0, copy_of_randomness); } /** @@ -6206,7 +6141,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_02( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_9e( uu____0, copy_of_randomness); } @@ -6220,7 +6155,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_9f( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_de( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G_f1_87(key_generation_seed, ret); } @@ -6234,12 +6169,12 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e90( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_9f(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_de(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6259,7 +6194,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_76( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -6267,11 +6202,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_15( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_6a( + libcrux_ml_kem_matrix_compute_As_plus_e_c7( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -6294,21 +6229,21 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_080( +libcrux_ml_kem_ind_cpa_generate_keypair_500( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a0( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e90( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_fd( + libcrux_ml_kem_ind_cpa_serialize_public_key_07( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_9e(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6318,12 +6253,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_080( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; - memcpy(lit.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 result; + memcpy(result.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(lit.snd, copy_of_public_key_serialized, + memcpy(result.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return lit; + return result; } /** @@ -6340,7 +6275,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6349,13 +6284,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_080(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_500(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d8( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6364,13 +6299,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_910(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_8c(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_f6( - uu____2, libcrux_ml_kem_types_from_5a_45(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_ee( + uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); } /** @@ -6386,12 +6321,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_63( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_69( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_910(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_6f0(copy_of_randomness); } /** @@ -6403,7 +6338,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_63( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_69( copy_of_randomness); } @@ -6415,7 +6350,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_c7( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_fd( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -6440,10 +6375,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_94( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_b9( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_c7(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_fd(private_key, ciphertext); } @@ -6455,7 +6390,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_94( static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_94( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_b9( private_key, ciphertext); } @@ -6479,21 +6414,17 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ff( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a9( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( public_key, deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; memcpy( - result, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, + ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); } @@ -6505,16 +6436,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_2a( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_68( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ff( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a9( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_fd( + libcrux_ml_kem_ind_cpa_serialize_public_key_07( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6532,9 +6463,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4f( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_1f( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_2a(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_68(public_key); } /** @@ -6544,7 +6475,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4f( */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4f( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_1f( public_key->value); } @@ -6570,11 +6501,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_32( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_46( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6604,7 +6535,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_32( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_69(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( @@ -6616,11 +6547,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_32( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_24( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_69(ciphertext), + libcrux_ml_kem_types_as_ref_00_8c(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -6656,10 +6587,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_d3( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_65( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_32(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6(key_pair, ciphertext, ret); } /** @@ -6673,7 +6604,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_d3( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_65( private_key, ciphertext, ret); } @@ -6696,7 +6627,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -6724,7 +6655,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_0e(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_24(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6734,7 +6665,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -6767,7 +6698,7 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_fb( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_37( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = @@ -6775,7 +6706,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_fb( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e(uu____0, copy_of_randomness); } @@ -6795,7 +6726,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_fb( + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_37( uu____0, copy_of_randomness); } @@ -6814,7 +6745,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_61(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_42(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_ef_1b(); } @@ -6832,7 +6763,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6c( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8d( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); @@ -6851,7 +6782,7 @@ with const generics */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_clone_8d_9f( +libcrux_ml_kem_polynomial_clone_8d_26( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; @@ -6880,7 +6811,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_db( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -6890,19 +6821,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1a( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_6c(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8d(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_9f( + libcrux_ml_kem_polynomial_clone_8d_26( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -6915,7 +6846,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_fd( + libcrux_ml_kem_ind_cpa_serialize_public_key_07( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6950,13 +6881,13 @@ const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c1( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_b3( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_4a(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_db(copy_of_randomness, out); } /** @@ -6969,7 +6900,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c1( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_b3( copy_of_randomness, key_pair); } @@ -6985,7 +6916,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_default_1c_fd(void) { +libcrux_ml_kem_ind_cca_unpacked_default_1c_bd(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); lit.public_key_hash[0U] = 0U; @@ -7036,7 +6967,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_9f(void) { + libcrux_ml_kem_ind_cca_unpacked_default_07_db(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 uu____0; uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); uu____0.implicit_rejection_value[0U] = 0U; @@ -7074,7 +7005,7 @@ static KRML_MUSTINLINE return (CLITERAL( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_fd()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_bd()}); } /** @@ -7082,7 +7013,7 @@ static KRML_MUSTINLINE */ static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_9f(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_db(); } /** @@ -7090,7 +7021,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_fd(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_bd(); } /** @@ -7110,10 +7041,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -7137,10 +7068,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_85( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a4( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1( &self->public_key, serialized); } @@ -7151,7 +7082,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_85(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a4(key_pair, serialized); } @@ -7167,7 +7098,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ce( +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_59( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( @@ -7203,11 +7134,11 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_clone_28_20( +libcrux_ml_kem_ind_cca_unpacked_clone_28_d3( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ce(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_59(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -7230,7 +7161,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_1e( +libcrux_ml_kem_ind_cca_unpacked_public_key_de_3d( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -7242,8 +7173,8 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_20( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_1e(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_28_d3( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_3d(key_pair)); pk[0U] = uu____0; } @@ -7254,7 +7185,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_85(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1(public_key, serialized); } @@ -7277,7 +7208,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_30( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -7297,7 +7228,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_d5( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_d9(public_key), + libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -7317,7 +7248,7 @@ const generics - PUBLIC_KEY_SIZE= 1184 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_c5( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_5b( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { @@ -7333,7 +7264,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_c5( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_5b( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h index 9b8b7968c..e305985cd 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_mlkem768_portable_types_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index 12bdcaa69..6cdf64314 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index 251b5abff..cfdd6e5d5 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: 020cd93ab7a1437ba4a4c626b1acbf9fa14525ad + * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf */ #ifndef __libcrux_sha3_portable_H From 18a089ceff3ef1a9f6876cd99a9f4f42c0fe05d9 Mon Sep 17 00:00:00 2001 From: karthikbhargavan Date: Wed, 30 Oct 2024 15:25:24 +0000 Subject: [PATCH 5/5] c code refresh --- libcrux-ml-kem/c/code_gen.txt | 10 +- libcrux-ml-kem/c/internal/libcrux_core.h | 130 +- .../c/internal/libcrux_mlkem_avx2.h | 70 +- .../c/internal/libcrux_mlkem_portable.h | 72 +- libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h | 33 +- .../c/internal/libcrux_sha3_internal.h | 288 +- .../c/karamel/include/krml/internal/target.h | 6 + libcrux-ml-kem/c/libcrux_core.c | 120 +- libcrux-ml-kem/c/libcrux_core.h | 96 +- libcrux-ml-kem/c/libcrux_mlkem1024.h | 16 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c | 70 +- libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h | 24 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.c | 68 +- libcrux-ml-kem/c/libcrux_mlkem1024_portable.h | 24 +- libcrux-ml-kem/c/libcrux_mlkem512.h | 18 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.c | 68 +- libcrux-ml-kem/c/libcrux_mlkem512_avx2.h | 26 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.c | 70 +- libcrux-ml-kem/c/libcrux_mlkem512_portable.h | 26 +- libcrux-ml-kem/c/libcrux_mlkem768.h | 14 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.c | 62 +- libcrux-ml-kem/c/libcrux_mlkem768_avx2.h | 20 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.c | 60 +- libcrux-ml-kem/c/libcrux_mlkem768_portable.h | 20 +- libcrux-ml-kem/c/libcrux_mlkem_avx2.c | 2630 ++++++++------- libcrux-ml-kem/c/libcrux_mlkem_avx2.h | 11 +- libcrux-ml-kem/c/libcrux_mlkem_portable.c | 2879 +++++++++-------- libcrux-ml-kem/c/libcrux_mlkem_portable.h | 55 +- libcrux-ml-kem/c/libcrux_sha3.h | 22 +- libcrux-ml-kem/c/libcrux_sha3_avx2.c | 548 ++-- libcrux-ml-kem/c/libcrux_sha3_avx2.h | 36 +- libcrux-ml-kem/c/libcrux_sha3_internal.h | 992 +++--- libcrux-ml-kem/c/libcrux_sha3_neon.c | 10 +- libcrux-ml-kem/c/libcrux_sha3_neon.h | 12 +- libcrux-ml-kem/cg.yaml | 26 +- libcrux-ml-kem/cg/benches/sha3.cc | 8 +- libcrux-ml-kem/cg/code_gen.txt | 10 +- libcrux-ml-kem/cg/libcrux_core.h | 124 +- libcrux-ml-kem/cg/libcrux_ct_ops.h | 10 +- libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h | 1619 +++++---- .../cg/libcrux_mlkem768_avx2_types.h | 46 +- libcrux-ml-kem/cg/libcrux_mlkem768_portable.h | 1826 ++++++----- .../cg/libcrux_mlkem768_portable_types.h | 46 +- libcrux-ml-kem/cg/libcrux_sha3_avx2.h | 590 ++-- libcrux-ml-kem/cg/libcrux_sha3_portable.h | 1274 ++++---- 45 files changed, 7156 insertions(+), 7029 deletions(-) diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index 7599cb2f1..03c666cb2 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -1,6 +1,6 @@ This code was generated with the following revisions: -Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 -Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac -Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 -F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf +Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 +Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b +Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df +F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 +Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index 31a212a7c..d9157cb4f 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_671( +libcrux_ml_kem_types_MlKemPublicKey_64 libcrux_ml_kem_types_from_5a_af( uint8_t value[1568U]); /** @@ -82,9 +82,9 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_ee1( - libcrux_ml_kem_types_MlKemPrivateKey_95 sk, - libcrux_ml_kem_types_MlKemPublicKey_1f pk); +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_94( + libcrux_ml_kem_types_MlKemPrivateKey_83 sk, + libcrux_ml_kem_types_MlKemPublicKey_64 pk); /** This function found in impl {(core::convert::From<@Array> for @@ -95,7 +95,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_af1( +libcrux_ml_kem_types_MlKemPrivateKey_83 libcrux_ml_kem_types_from_7f_39( uint8_t value[3168U]); /** @@ -107,7 +107,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_670( +libcrux_ml_kem_types_MlKemPublicKey_30 libcrux_ml_kem_types_from_5a_d0( uint8_t value[1184U]); /** @@ -120,9 +120,9 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_ee0( - libcrux_ml_kem_types_MlKemPrivateKey_55 sk, - libcrux_ml_kem_types_MlKemPublicKey_15 pk); +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_74( + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk, + libcrux_ml_kem_types_MlKemPublicKey_30 pk); /** This function found in impl {(core::convert::From<@Array> for @@ -133,7 +133,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_af0( +libcrux_ml_kem_types_MlKemPrivateKey_d9 libcrux_ml_kem_types_from_7f_28( uint8_t value[2400U]); /** @@ -145,7 +145,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_67( +libcrux_ml_kem_types_MlKemPublicKey_52 libcrux_ml_kem_types_from_5a_4d( uint8_t value[800U]); /** @@ -158,9 +158,9 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_ee( - libcrux_ml_kem_types_MlKemPrivateKey_5e sk, - libcrux_ml_kem_types_MlKemPublicKey_be pk); +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_types_from_3a_fa( + libcrux_ml_kem_types_MlKemPrivateKey_fa sk, + libcrux_ml_kem_types_MlKemPublicKey_52 pk); /** This function found in impl {(core::convert::From<@Array> for @@ -171,7 +171,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_af( +libcrux_ml_kem_types_MlKemPrivateKey_fa libcrux_ml_kem_types_from_7f_2a( uint8_t value[1632U]); /** @@ -182,8 +182,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe1( - libcrux_ml_kem_types_MlKemPublicKey_15 *self); +uint8_t *libcrux_ml_kem_types_as_slice_fd_d0( + libcrux_ml_kem_types_MlKemPublicKey_30 *self); /** This function found in impl {(core::convert::From<@Array> for @@ -194,7 +194,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_451( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_80( uint8_t value[1088U]); /** @@ -206,7 +206,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_401( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_80( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -217,8 +217,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -void libcrux_ml_kem_utils_into_padded_array_425(Eurydice_slice slice, - uint8_t ret[1120U]); +void libcrux_ml_kem_utils_into_padded_array_15(Eurydice_slice slice, + uint8_t ret[1120U]); /** This function found in impl {libcrux_ml_kem::types::MlKemPublicKey#20} @@ -228,8 +228,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe0( - libcrux_ml_kem_types_MlKemPublicKey_be *self); +uint8_t *libcrux_ml_kem_types_as_slice_fd_4d( + libcrux_ml_kem_types_MlKemPublicKey_52 *self); /** This function found in impl {(core::convert::From<@Array> for @@ -240,7 +240,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_450( +libcrux_ml_kem_types_MlKemCiphertext_1a libcrux_ml_kem_types_from_01_d0( uint8_t value[768U]); /** @@ -252,8 +252,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_400( - libcrux_ml_kem_types_MlKemCiphertext_e8 *self); +Eurydice_slice libcrux_ml_kem_types_as_ref_00_d0( + libcrux_ml_kem_types_MlKemCiphertext_1a *self); /** Pad the `slice` with `0`s at the end. @@ -263,8 +263,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 800 */ -void libcrux_ml_kem_utils_into_padded_array_424(Eurydice_slice slice, - uint8_t ret[800U]); +void libcrux_ml_kem_utils_into_padded_array_4d(Eurydice_slice slice, + uint8_t ret[800U]); /** This function found in impl {libcrux_ml_kem::types::MlKemPublicKey#20} @@ -274,21 +274,21 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe( - libcrux_ml_kem_types_MlKemPublicKey_1f *self); +uint8_t *libcrux_ml_kem_types_as_slice_fd_af( + libcrux_ml_kem_types_MlKemPublicKey_64 *self); /** A monomorphic instance of core.result.Result with types uint8_t[32size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_00_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_fb_s { + core_result_Result_a9_tags tag; union { uint8_t case_Ok[32U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_00; +} core_result_Result_fb; /** This function found in impl {core::result::Result[TraitClause@0, @@ -299,7 +299,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[32size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_33(core_result_Result_00 self, uint8_t ret[32U]); +void core_result_unwrap_26_b3(core_result_Result_fb self, uint8_t ret[32U]); /** Pad the `slice` with `0`s at the end. @@ -309,8 +309,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -void libcrux_ml_kem_utils_into_padded_array_422(Eurydice_slice slice, - uint8_t ret[34U]); +void libcrux_ml_kem_utils_into_padded_array_b6(Eurydice_slice slice, + uint8_t ret[34U]); /** This function found in impl {(core::convert::From<@Array> for @@ -321,7 +321,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_45( +libcrux_ml_kem_types_MlKemCiphertext_64 libcrux_ml_kem_types_from_01_af( uint8_t value[1568U]); /** @@ -332,8 +332,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -void libcrux_ml_kem_utils_into_padded_array_421(Eurydice_slice slice, - uint8_t ret[33U]); +void libcrux_ml_kem_utils_into_padded_array_c8(Eurydice_slice slice, + uint8_t ret[33U]); /** This function found in impl {(core::convert::AsRef<@Slice> for @@ -344,8 +344,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_40( - libcrux_ml_kem_types_MlKemCiphertext_1f *self); +Eurydice_slice libcrux_ml_kem_types_as_ref_00_af( + libcrux_ml_kem_types_MlKemCiphertext_64 *self); /** Pad the `slice` with `0`s at the end. @@ -355,8 +355,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1600 */ -void libcrux_ml_kem_utils_into_padded_array_420(Eurydice_slice slice, - uint8_t ret[1600U]); +void libcrux_ml_kem_utils_into_padded_array_7f(Eurydice_slice slice, + uint8_t ret[1600U]); /** Pad the `slice` with `0`s at the end. @@ -366,7 +366,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -void libcrux_ml_kem_utils_into_padded_array_42(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_24(Eurydice_slice slice, uint8_t ret[64U]); /** @@ -374,13 +374,13 @@ A monomorphic instance of core.result.Result with types uint8_t[24size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_6f_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_b2_s { + core_result_Result_a9_tags tag; union { uint8_t case_Ok[24U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_6f; +} core_result_Result_b2; /** This function found in impl {core::result::Result[TraitClause@0, @@ -391,20 +391,20 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[24size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_76(core_result_Result_6f self, uint8_t ret[24U]); +void core_result_unwrap_26_70(core_result_Result_b2 self, uint8_t ret[24U]); /** A monomorphic instance of core.result.Result with types uint8_t[20size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_7a_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_e1_s { + core_result_Result_a9_tags tag; union { uint8_t case_Ok[20U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_7a; +} core_result_Result_e1; /** This function found in impl {core::result::Result[TraitClause@0, @@ -415,20 +415,20 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[20size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_ea(core_result_Result_7a self, uint8_t ret[20U]); +void core_result_unwrap_26_20(core_result_Result_e1 self, uint8_t ret[20U]); /** A monomorphic instance of core.result.Result with types uint8_t[10size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_cd_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_9d_s { + core_result_Result_a9_tags tag; union { uint8_t case_Ok[10U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_cd; +} core_result_Result_9d; /** This function found in impl {core::result::Result[TraitClause@0, @@ -439,20 +439,20 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[10size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_07(core_result_Result_cd self, uint8_t ret[10U]); +void core_result_unwrap_26_ce(core_result_Result_9d self, uint8_t ret[10U]); /** A monomorphic instance of core.result.Result with types int16_t[16size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_c0_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_0a_s { + core_result_Result_a9_tags tag; union { int16_t case_Ok[16U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_c0; +} core_result_Result_0a; /** This function found in impl {core::result::Result[TraitClause@0, @@ -463,7 +463,7 @@ A monomorphic instance of core.result.unwrap_26 with types int16_t[16size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_30(core_result_Result_c0 self, int16_t ret[16U]); +void core_result_unwrap_26_00(core_result_Result_0a self, int16_t ret[16U]); typedef struct Eurydice_slice_uint8_t_4size_t__x2_s { Eurydice_slice fst[4U]; diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index c4c213b73..dbdaa5e70 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -29,9 +29,9 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement with types libcrux_ml_kem_vector_avx2_SIMD256Vector */ -typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_d2_s { +typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f6_s { __m256i coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement_d2; +} libcrux_ml_kem_polynomial_PolynomialRingElement_f6; /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key @@ -41,7 +41,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_521(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_ed(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -51,8 +51,8 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_701( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +bool libcrux_ml_kem_ind_cca_validate_private_key_12( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); /** @@ -69,7 +69,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_d61(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -90,8 +90,8 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a11( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_701( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]); /** @@ -116,8 +116,8 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f1( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +void libcrux_ml_kem_ind_cca_decapsulate_a11( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); /** @@ -128,7 +128,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_520(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_1e(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -138,9 +138,9 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_700( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); +bool libcrux_ml_kem_ind_cca_validate_private_key_b9( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *_ciphertext); /** A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair @@ -156,7 +156,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_d60(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -177,8 +177,8 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_a10( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_ind_cca_encapsulate_700( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]); /** @@ -203,9 +203,9 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f0( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); +void libcrux_ml_kem_ind_cca_decapsulate_a10( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key @@ -215,7 +215,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_52(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_ba(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -225,9 +225,9 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_70( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); +bool libcrux_ml_kem_ind_cca_validate_private_key_ad( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *_ciphertext); /** A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair @@ -242,7 +242,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_ind_cca_generate_keypair_d6( uint8_t randomness[64U]); /** @@ -264,8 +264,8 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_a1( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_ind_cca_encapsulate_70( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]); /** @@ -290,9 +290,9 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); +void libcrux_ml_kem_ind_cca_decapsulate_a1( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index def86cf8e..9160fa4ed 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __internal_libcrux_mlkem_portable_H @@ -34,9 +34,9 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement with types libcrux_ml_kem_vector_portable_vector_type_PortableVector */ -typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f0_s { +typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_1d_s { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement_f0; +} libcrux_ml_kem_polynomial_PolynomialRingElement_1d; /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key @@ -46,7 +46,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf1(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_00(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -56,9 +56,9 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ae( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); +bool libcrux_ml_kem_ind_cca_validate_private_key_b5( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *_ciphertext); /** A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair @@ -74,7 +74,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_f81(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -95,8 +95,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_661( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_ind_cca_encapsulate_ca1( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]); /** @@ -121,9 +121,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_191( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); +void libcrux_ml_kem_ind_cca_decapsulate_621( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key @@ -133,7 +133,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf0(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_86(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -143,9 +143,9 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_b4( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); +bool libcrux_ml_kem_ind_cca_validate_private_key_fb( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *_ciphertext); /** A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair @@ -160,8 +160,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]); +libcrux_ml_kem_types_MlKemKeyPair_3e +libcrux_ml_kem_ind_cca_generate_keypair_f80(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -182,8 +182,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_660( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_ind_cca_encapsulate_ca0( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]); /** @@ -208,9 +208,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_190( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); +void libcrux_ml_kem_ind_cca_decapsulate_620( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key @@ -220,7 +220,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_6c(uint8_t *public_key); /** A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key @@ -230,8 +230,8 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_33( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +bool libcrux_ml_kem_ind_cca_validate_private_key_37( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); /** @@ -248,7 +248,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_f8(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -269,8 +269,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_66( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]); /** @@ -295,8 +295,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_19( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +void libcrux_ml_kem_ind_cca_decapsulate_62( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); #if defined(__cplusplus) diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index 95df92565..e1421a6c3 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __internal_libcrux_sha3_avx2_H @@ -23,30 +23,9 @@ extern "C" { #include "internal/libcrux_core.h" #include "intrinsics/libcrux_intrinsics_avx2.h" -/** -A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final -with types core_core_arch_x86___m256i -with const generics -- N= 4 -- RATE= 136 -- DELIM= 31 -*/ -void libcrux_sha3_generic_keccak_absorb_final_7f( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice last[4U]); - -typedef libcrux_sha3_generic_keccak_KeccakState_29 +typedef libcrux_sha3_generic_keccak_KeccakState_55 libcrux_sha3_avx2_x4_incremental_KeccakState; -/** -A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_three_blocks -with types core_core_arch_x86___m256i -with const generics -- N= 4 -- RATE= 168 -*/ -void libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]); - #if defined(__cplusplus) } #endif diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index a57bfa85c..c42e543fd 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __internal_libcrux_sha3_internal_H @@ -21,15 +21,15 @@ extern "C" { #include "../libcrux_sha3_internal.h" #include "eurydice_glue.h" -typedef libcrux_sha3_generic_keccak_KeccakState_48 +typedef libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_KeccakState; /** Create a new SHAKE-128 state object. */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_incremental_shake128_init(void) { - return libcrux_sha3_generic_keccak_new_89_cf(); + return libcrux_sha3_generic_keccak_new_89_04(); } /** @@ -37,9 +37,9 @@ libcrux_sha3_portable_incremental_shake128_init(void) { */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data0) { Eurydice_slice buf[1U] = {data0}; - libcrux_sha3_generic_keccak_absorb_final_40(s, buf); + libcrux_sha3_generic_keccak_absorb_final_9e(s, buf); } /** @@ -50,23 +50,23 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_three_blocks_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { Eurydice_slice_uint8_t_1size_t__x2 uu____0 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); Eurydice_slice o0[1U]; memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o10[1U]; memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_c6(s, o0); Eurydice_slice_uint8_t_1size_t__x2 uu____1 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); Eurydice_slice o1[1U]; memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o2[1U]; memcpy(o2, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o1); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o2); } /** @@ -74,9 +74,9 @@ libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_three_blocks_c6(s, buf); } /** @@ -84,9 +84,9 @@ libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, buf); } #define libcrux_sha3_Sha224 0 @@ -149,37 +149,37 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_five_blocks_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { Eurydice_slice_uint8_t_1size_t__x2 uu____0 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); Eurydice_slice o0[1U]; memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o10[1U]; memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_c6(s, o0); Eurydice_slice_uint8_t_1size_t__x2 uu____1 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); Eurydice_slice o1[1U]; memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o20[1U]; memcpy(o20, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o1); Eurydice_slice_uint8_t_1size_t__x2 uu____2 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o20, (size_t)168U); Eurydice_slice o2[1U]; memcpy(o2, uu____2.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o30[1U]; memcpy(o30, uu____2.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o2); Eurydice_slice_uint8_t_1size_t__x2 uu____3 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o30, (size_t)168U); Eurydice_slice o3[1U]; memcpy(o3, uu____3.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o4[1U]; memcpy(o4, uu____3.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o3); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(s, o4); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o3); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(s, o4); } /** @@ -187,9 +187,9 @@ libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_five_blocks_c6(s, buf); } /** @@ -197,17 +197,17 @@ libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data) { Eurydice_slice buf[1U] = {data}; - libcrux_sha3_generic_keccak_absorb_final_400(s, buf); + libcrux_sha3_generic_keccak_absorb_final_9e0(s, buf); } /** Create a new SHAKE-256 state object. */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_incremental_shake256_init(void) { - return libcrux_sha3_generic_keccak_new_89_cf(); + return libcrux_sha3_generic_keccak_new_89_04(); } /** @@ -215,9 +215,9 @@ libcrux_sha3_portable_incremental_shake256_init(void) { */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_block_c60(s, buf); } /** @@ -225,9 +225,9 @@ libcrux_sha3_portable_incremental_shake256_squeeze_first_block( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_next_block_c20(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(s, buf); } /** @@ -237,14 +237,14 @@ with const generics - $1size_t - $136size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_4f_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_KeccakXofState_e2_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][136U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_4f; +} libcrux_sha3_generic_keccak_KeccakXofState_e2; -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f +typedef libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_Shake256Absorb; /** @@ -267,8 +267,8 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_15( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; @@ -301,15 +301,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs0[1U]; memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_8b_15(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_fill_buffer_8b_c6(uu____0, copy_of_inputs0); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; { @@ -325,8 +325,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( uint64_t(*uu____2)[5U] = self->inner.st; Eurydice_slice uu____3[1U]; memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_35(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____2, uu____3); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -342,8 +342,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_inputs, input_consumed + i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_portable_keccak_load_block_5a_35(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____4, ret); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } return remainder; } @@ -371,15 +371,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_45( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c6(uu____0, copy_of_inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); { @@ -406,12 +406,12 @@ This function found in impl libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ static inline void libcrux_sha3_portable_incremental_absorb_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_8b_45(self, buf); + libcrux_sha3_generic_keccak_absorb_8b_c6(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f +typedef libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_Shake256Squeeze; /** @@ -432,15 +432,15 @@ with const generics - RATE= 136 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b6( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_9e( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c6(uu____0, copy_of_inputs); size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -471,8 +471,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b6( uint64_t(*uu____6)[5U] = self->inner.st; uint8_t uu____7[1U][200U]; memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____6, uu____7); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } /** @@ -483,11 +483,11 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_absorb_final_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_8b_b6(&self, buf); + libcrux_sha3_generic_keccak_absorb_final_8b_9e(&self, buf); return self; } @@ -505,7 +505,7 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline void libcrux_sha3_generic_keccak_zero_block_8b_5e( +static inline void libcrux_sha3_generic_keccak_zero_block_8b_c6( uint8_t ret[136U]) { ret[0U] = 0U; ret[1U] = 0U; @@ -659,12 +659,12 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f -libcrux_sha3_generic_keccak_new_8b_47(void) { - libcrux_sha3_generic_keccak_KeccakXofState_4f lit; - lit.inner = libcrux_sha3_generic_keccak_new_89_cf(); +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 +libcrux_sha3_generic_keccak_new_8b_c6(void) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 lit; + lit.inner = libcrux_sha3_generic_keccak_new_89_04(); uint8_t ret[136U]; - libcrux_sha3_generic_keccak_zero_block_8b_5e(ret); + libcrux_sha3_generic_keccak_zero_block_8b_c6(ret); memcpy(lit.buf[0U], ret, (size_t)136U * sizeof(uint8_t)); lit.buf_len = (size_t)0U; lit.sponge = false; @@ -679,9 +679,9 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_new_7d(void) { - return libcrux_sha3_generic_keccak_new_8b_47(); + return libcrux_sha3_generic_keccak_new_8b_c6(); } /** @@ -691,14 +691,14 @@ with const generics - $1size_t - $168size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_78_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_KeccakXofState_97_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][168U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_78; +} libcrux_sha3_generic_keccak_KeccakXofState_97; -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 +typedef libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_Shake128Absorb; /** @@ -721,8 +721,8 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_150( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; @@ -755,15 +755,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs0[1U]; memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_8b_150(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_fill_buffer_8b_c60(uu____0, copy_of_inputs0); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; { @@ -779,8 +779,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( uint64_t(*uu____2)[5U] = self->inner.st; Eurydice_slice uu____3[1U]; memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____2, uu____3); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -796,8 +796,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_inputs, input_consumed + i0 * (size_t)168U, (size_t)168U, ret); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____4, ret); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } return remainder; } @@ -825,15 +825,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_450( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a0(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c60(uu____0, copy_of_inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); { @@ -857,12 +857,12 @@ This function found in impl libcrux_sha3::portable::incremental::Shake128Absorb)} */ static inline void libcrux_sha3_portable_incremental_absorb_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_8b_450(self, buf); + libcrux_sha3_generic_keccak_absorb_8b_c60(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 +typedef libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_Shake128Squeeze; /** @@ -883,15 +883,15 @@ with const generics - RATE= 168 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b60( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_9e0( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a0(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c60(uu____0, copy_of_inputs); size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -922,8 +922,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b60( uint64_t(*uu____6)[5U] = self->inner.st; uint8_t uu____7[1U][200U]; memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_05(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_full_5a_3a(uu____6, uu____7); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } /** @@ -931,11 +931,11 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for libcrux_sha3::portable::incremental::Shake128Absorb)} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_absorb_final_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_97 self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_8b_b60(&self, buf); + libcrux_sha3_generic_keccak_absorb_final_8b_9e0(&self, buf); return self; } @@ -953,7 +953,7 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline void libcrux_sha3_generic_keccak_zero_block_8b_5e0( +static inline void libcrux_sha3_generic_keccak_zero_block_8b_c60( uint8_t ret[168U]) { ret[0U] = 0U; ret[1U] = 0U; @@ -1139,12 +1139,12 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 -libcrux_sha3_generic_keccak_new_8b_470(void) { - libcrux_sha3_generic_keccak_KeccakXofState_78 lit; - lit.inner = libcrux_sha3_generic_keccak_new_89_cf(); +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 +libcrux_sha3_generic_keccak_new_8b_c60(void) { + libcrux_sha3_generic_keccak_KeccakXofState_97 lit; + lit.inner = libcrux_sha3_generic_keccak_new_89_04(); uint8_t ret[168U]; - libcrux_sha3_generic_keccak_zero_block_8b_5e0(ret); + libcrux_sha3_generic_keccak_zero_block_8b_c60(ret); memcpy(lit.buf[0U], ret, (size_t)168U * sizeof(uint8_t)); lit.buf_len = (size_t)0U; lit.sponge = false; @@ -1156,9 +1156,9 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for libcrux_sha3::portable::incremental::Shake128Absorb)} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_new_1c(void) { - return libcrux_sha3_generic_keccak_new_8b_470(); + return libcrux_sha3_generic_keccak_new_8b_c60(); } /** @@ -1173,7 +1173,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_81( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_5b( uint64_t (*state)[5U], Eurydice_slice out[1U]) { size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; @@ -1214,11 +1214,11 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice out[1U]) { if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } size_t out_len = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = out_len / (size_t)136U; @@ -1235,15 +1235,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice out_rest[1U]; memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out00); - core_ops_range_Range_b3 iter = + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out00); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -1254,14 +1254,14 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice tmp[1U]; memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out0); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out0); memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out_rest); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out_rest); } self->sponge = true; } @@ -1275,9 +1275,9 @@ This function found in impl libcrux_sha3::portable::incremental::Shake256Squeeze)#3} */ static inline void libcrux_sha3_portable_incremental_squeeze_8a( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_8b_ba(self, buf); + libcrux_sha3_generic_keccak_squeeze_8b_c6(self, buf); } /** @@ -1292,7 +1292,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_810( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_3a( uint64_t (*state)[5U], Eurydice_slice out[1U]) { size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; @@ -1333,11 +1333,11 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice out[1U]) { if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } size_t out_len = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = out_len / (size_t)168U; @@ -1354,15 +1354,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice out_rest[1U]; memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out00); - core_ops_range_Range_b3 iter = + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out00); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -1373,14 +1373,14 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice tmp[1U]; memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out0); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out0); memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out_rest); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out_rest); } self->sponge = true; } @@ -1394,18 +1394,18 @@ This function found in impl libcrux_sha3::portable::incremental::Shake128Squeeze)#1} */ static inline void libcrux_sha3_portable_incremental_squeeze_10( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_8b_ba0(self, buf); + libcrux_sha3_generic_keccak_squeeze_8b_c60(self, buf); } /** This function found in impl {(core::clone::Clone for libcrux_sha3::portable::KeccakState)} */ -static inline libcrux_sha3_generic_keccak_KeccakState_48 +static inline libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_clone_3d( - libcrux_sha3_generic_keccak_KeccakState_48 *self) { + libcrux_sha3_generic_keccak_KeccakState_17 *self) { return self[0U]; } diff --git a/libcrux-ml-kem/c/karamel/include/krml/internal/target.h b/libcrux-ml-kem/c/karamel/include/krml/internal/target.h index dbe3aec09..25313e254 100644 --- a/libcrux-ml-kem/c/karamel/include/krml/internal/target.h +++ b/libcrux-ml-kem/c/karamel/include/krml/internal/target.h @@ -81,6 +81,8 @@ #define KRML_NOINLINE __declspec(noinline) #elif defined(__GNUC__) #define KRML_NOINLINE __attribute__((noinline, unused)) +#elif defined(__SUNPRO_C) +#define KRML_NOINLINE __attribute__((noinline)) #else #define KRML_NOINLINE #warning "The KRML_NOINLINE macro is not defined for this toolchain!" @@ -95,6 +97,8 @@ #define KRML_MUSTINLINE inline __forceinline #elif defined(__GNUC__) #define KRML_MUSTINLINE inline __attribute__((always_inline)) +#elif defined(__SUNPRO_C) +#define KRML_MUSTINLINE inline __attribute__((always_inline)) #else #define KRML_MUSTINLINE inline #warning \ @@ -209,6 +213,8 @@ inline static int32_t krml_time(void) { return (int32_t)time(NULL); } #elif defined(__GNUC__) /* deprecated attribute is not defined in GCC < 4.5. */ #define KRML_DEPRECATED(x) +#elif defined(__SUNPRO_C) +#define KRML_DEPRECATED(x) __attribute__((deprecated(x))) #elif defined(_MSC_VER) #define KRML_DEPRECATED(x) __declspec(deprecated(x)) #endif diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index bad4aa323..1be8ad169 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "internal/libcrux_core.h" @@ -80,12 +80,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_5a_671( +libcrux_ml_kem_types_MlKemPublicKey_64 libcrux_ml_kem_types_from_5a_af( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; memcpy(copy_of_value, value, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPublicKey_1f lit; + libcrux_ml_kem_types_MlKemPublicKey_64 lit; memcpy(lit.value, copy_of_value, (size_t)1568U * sizeof(uint8_t)); return lit; } @@ -100,9 +100,9 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_ee1( - libcrux_ml_kem_types_MlKemPrivateKey_95 sk, - libcrux_ml_kem_types_MlKemPublicKey_1f pk) { +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_3a_94( + libcrux_ml_kem_types_MlKemPrivateKey_83 sk, + libcrux_ml_kem_types_MlKemPublicKey_64 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem1024_MlKem1024KeyPair){.sk = sk, .pk = pk}); } @@ -116,12 +116,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_7f_af1( +libcrux_ml_kem_types_MlKemPrivateKey_83 libcrux_ml_kem_types_from_7f_39( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; memcpy(copy_of_value, value, (size_t)3168U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_95 lit; + libcrux_ml_kem_types_MlKemPrivateKey_83 lit; memcpy(lit.value, copy_of_value, (size_t)3168U * sizeof(uint8_t)); return lit; } @@ -135,12 +135,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_5a_670( +libcrux_ml_kem_types_MlKemPublicKey_30 libcrux_ml_kem_types_from_5a_d0( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPublicKey_15 lit; + libcrux_ml_kem_types_MlKemPublicKey_30 lit; memcpy(lit.value, copy_of_value, (size_t)1184U * sizeof(uint8_t)); return lit; } @@ -155,9 +155,9 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_ee0( - libcrux_ml_kem_types_MlKemPrivateKey_55 sk, - libcrux_ml_kem_types_MlKemPublicKey_15 pk) { +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_3a_74( + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk, + libcrux_ml_kem_types_MlKemPublicKey_30 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); } @@ -171,12 +171,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_7f_af0( +libcrux_ml_kem_types_MlKemPrivateKey_d9 libcrux_ml_kem_types_from_7f_28( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 lit; + libcrux_ml_kem_types_MlKemPrivateKey_d9 lit; memcpy(lit.value, copy_of_value, (size_t)2400U * sizeof(uint8_t)); return lit; } @@ -190,12 +190,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_5a_67( +libcrux_ml_kem_types_MlKemPublicKey_52 libcrux_ml_kem_types_from_5a_4d( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; memcpy(copy_of_value, value, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPublicKey_be lit; + libcrux_ml_kem_types_MlKemPublicKey_52 lit; memcpy(lit.value, copy_of_value, (size_t)800U * sizeof(uint8_t)); return lit; } @@ -210,10 +210,10 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_3a_ee( - libcrux_ml_kem_types_MlKemPrivateKey_5e sk, - libcrux_ml_kem_types_MlKemPublicKey_be pk) { - return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_types_from_3a_fa( + libcrux_ml_kem_types_MlKemPrivateKey_fa sk, + libcrux_ml_kem_types_MlKemPublicKey_52 pk) { + return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_3e){.sk = sk, .pk = pk}); } /** @@ -225,12 +225,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_7f_af( +libcrux_ml_kem_types_MlKemPrivateKey_fa libcrux_ml_kem_types_from_7f_2a( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; memcpy(copy_of_value, value, (size_t)1632U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_5e lit; + libcrux_ml_kem_types_MlKemPrivateKey_fa lit; memcpy(lit.value, copy_of_value, (size_t)1632U * sizeof(uint8_t)); return lit; } @@ -243,8 +243,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe1( - libcrux_ml_kem_types_MlKemPublicKey_15 *self) { +uint8_t *libcrux_ml_kem_types_as_slice_fd_d0( + libcrux_ml_kem_types_MlKemPublicKey_30 *self) { return self->value; } @@ -257,7 +257,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_451( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_80( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -276,7 +276,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_401( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_80( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -289,8 +289,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -void libcrux_ml_kem_utils_into_padded_array_425(Eurydice_slice slice, - uint8_t ret[1120U]) { +void libcrux_ml_kem_utils_into_padded_array_15(Eurydice_slice slice, + uint8_t ret[1120U]) { uint8_t out[1120U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( @@ -308,8 +308,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe0( - libcrux_ml_kem_types_MlKemPublicKey_be *self) { +uint8_t *libcrux_ml_kem_types_as_slice_fd_4d( + libcrux_ml_kem_types_MlKemPublicKey_52 *self) { return self->value; } @@ -322,12 +322,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_450( +libcrux_ml_kem_types_MlKemCiphertext_1a libcrux_ml_kem_types_from_01_d0( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; memcpy(copy_of_value, value, (size_t)768U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_e8 lit; + libcrux_ml_kem_types_MlKemCiphertext_1a lit; memcpy(lit.value, copy_of_value, (size_t)768U * sizeof(uint8_t)); return lit; } @@ -341,8 +341,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_400( - libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { +Eurydice_slice libcrux_ml_kem_types_as_ref_00_d0( + libcrux_ml_kem_types_MlKemCiphertext_1a *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -354,8 +354,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 800 */ -void libcrux_ml_kem_utils_into_padded_array_424(Eurydice_slice slice, - uint8_t ret[800U]) { +void libcrux_ml_kem_utils_into_padded_array_4d(Eurydice_slice slice, + uint8_t ret[800U]) { uint8_t out[800U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( @@ -373,8 +373,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_fd_fe( - libcrux_ml_kem_types_MlKemPublicKey_1f *self) { +uint8_t *libcrux_ml_kem_types_as_slice_fd_af( + libcrux_ml_kem_types_MlKemPublicKey_64 *self) { return self->value; } @@ -387,7 +387,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[32size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_33(core_result_Result_00 self, uint8_t ret[32U]) { +void core_result_unwrap_26_b3(core_result_Result_fb self, uint8_t ret[32U]) { if (self.tag == core_result_Ok) { uint8_t f0[32U]; memcpy(f0, self.val.case_Ok, (size_t)32U * sizeof(uint8_t)); @@ -407,8 +407,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -void libcrux_ml_kem_utils_into_padded_array_422(Eurydice_slice slice, - uint8_t ret[34U]) { +void libcrux_ml_kem_utils_into_padded_array_b6(Eurydice_slice slice, + uint8_t ret[34U]) { uint8_t out[34U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( @@ -427,12 +427,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_01_45( +libcrux_ml_kem_types_MlKemCiphertext_64 libcrux_ml_kem_types_from_01_af( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; memcpy(copy_of_value, value, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_1f lit; + libcrux_ml_kem_types_MlKemCiphertext_64 lit; memcpy(lit.value, copy_of_value, (size_t)1568U * sizeof(uint8_t)); return lit; } @@ -445,8 +445,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -void libcrux_ml_kem_utils_into_padded_array_421(Eurydice_slice slice, - uint8_t ret[33U]) { +void libcrux_ml_kem_utils_into_padded_array_c8(Eurydice_slice slice, + uint8_t ret[33U]) { uint8_t out[33U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( @@ -465,8 +465,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_40( - libcrux_ml_kem_types_MlKemCiphertext_1f *self) { +Eurydice_slice libcrux_ml_kem_types_as_ref_00_af( + libcrux_ml_kem_types_MlKemCiphertext_64 *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } @@ -478,8 +478,8 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1600 */ -void libcrux_ml_kem_utils_into_padded_array_420(Eurydice_slice slice, - uint8_t ret[1600U]) { +void libcrux_ml_kem_utils_into_padded_array_7f(Eurydice_slice slice, + uint8_t ret[1600U]) { uint8_t out[1600U] = {0U}; uint8_t *uu____0 = out; Eurydice_slice_copy( @@ -497,7 +497,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -void libcrux_ml_kem_utils_into_padded_array_42(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_24(Eurydice_slice slice, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; uint8_t *uu____0 = out; @@ -517,7 +517,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[24size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_76(core_result_Result_6f self, uint8_t ret[24U]) { +void core_result_unwrap_26_70(core_result_Result_b2 self, uint8_t ret[24U]) { if (self.tag == core_result_Ok) { uint8_t f0[24U]; memcpy(f0, self.val.case_Ok, (size_t)24U * sizeof(uint8_t)); @@ -538,7 +538,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[20size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_ea(core_result_Result_7a self, uint8_t ret[20U]) { +void core_result_unwrap_26_20(core_result_Result_e1 self, uint8_t ret[20U]) { if (self.tag == core_result_Ok) { uint8_t f0[20U]; memcpy(f0, self.val.case_Ok, (size_t)20U * sizeof(uint8_t)); @@ -559,7 +559,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[10size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_07(core_result_Result_cd self, uint8_t ret[10U]) { +void core_result_unwrap_26_ce(core_result_Result_9d self, uint8_t ret[10U]) { if (self.tag == core_result_Ok) { uint8_t f0[10U]; memcpy(f0, self.val.case_Ok, (size_t)10U * sizeof(uint8_t)); @@ -580,7 +580,7 @@ A monomorphic instance of core.result.unwrap_26 with types int16_t[16size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_30(core_result_Result_c0 self, int16_t ret[16U]) { +void core_result_unwrap_26_00(core_result_Result_0a self, int16_t ret[16U]) { if (self.tag == core_result_Ok) { int16_t f0[16U]; memcpy(f0, self.val.case_Ok, (size_t)16U * sizeof(int16_t)); @@ -601,7 +601,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[8size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_0e(core_result_Result_56 self, uint8_t ret[8U]) { +void core_result_unwrap_26_68(core_result_Result_15 self, uint8_t ret[8U]) { if (self.tag == core_result_Ok) { uint8_t f0[8U]; memcpy(f0, self.val.case_Ok, (size_t)8U * sizeof(uint8_t)); diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index bc1f587a2..697272772 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_core_H @@ -25,30 +25,30 @@ A monomorphic instance of core.ops.range.Range with types size_t */ -typedef struct core_ops_range_Range_b3_s { +typedef struct core_ops_range_Range_08_s { size_t start; size_t end; -} core_ops_range_Range_b3; +} core_ops_range_Range_08; #define core_result_Ok 0 #define core_result_Err 1 -typedef uint8_t core_result_Result_86_tags; +typedef uint8_t core_result_Result_a9_tags; #define core_option_None 0 #define core_option_Some 1 -typedef uint8_t core_option_Option_ef_tags; +typedef uint8_t core_option_Option_9e_tags; /** A monomorphic instance of core.option.Option with types size_t */ -typedef struct core_option_Option_b3_s { - core_option_Option_ef_tags tag; +typedef struct core_option_Option_08_s { + core_option_Option_9e_tags tag; size_t f0; -} core_option_Option_b3; +} core_option_Option_08; static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t x0[8U]); @@ -59,22 +59,22 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey with const generics - $1568size_t */ -typedef struct libcrux_ml_kem_types_MlKemPublicKey_1f_s { +typedef struct libcrux_ml_kem_types_MlKemPublicKey_64_s { uint8_t value[1568U]; -} libcrux_ml_kem_types_MlKemPublicKey_1f; +} libcrux_ml_kem_types_MlKemPublicKey_64; /** A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey with const generics - $3168size_t */ -typedef struct libcrux_ml_kem_types_MlKemPrivateKey_95_s { +typedef struct libcrux_ml_kem_types_MlKemPrivateKey_83_s { uint8_t value[3168U]; -} libcrux_ml_kem_types_MlKemPrivateKey_95; +} libcrux_ml_kem_types_MlKemPrivateKey_83; typedef struct libcrux_ml_kem_mlkem1024_MlKem1024KeyPair_s { - libcrux_ml_kem_types_MlKemPrivateKey_95 sk; - libcrux_ml_kem_types_MlKemPublicKey_1f pk; + libcrux_ml_kem_types_MlKemPrivateKey_83 sk; + libcrux_ml_kem_types_MlKemPublicKey_64 pk; } libcrux_ml_kem_mlkem1024_MlKem1024KeyPair; /** @@ -82,22 +82,22 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey with const generics - $1184size_t */ -typedef struct libcrux_ml_kem_types_MlKemPublicKey_15_s { +typedef struct libcrux_ml_kem_types_MlKemPublicKey_30_s { uint8_t value[1184U]; -} libcrux_ml_kem_types_MlKemPublicKey_15; +} libcrux_ml_kem_types_MlKemPublicKey_30; /** A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey with const generics - $2400size_t */ -typedef struct libcrux_ml_kem_types_MlKemPrivateKey_55_s { +typedef struct libcrux_ml_kem_types_MlKemPrivateKey_d9_s { uint8_t value[2400U]; -} libcrux_ml_kem_types_MlKemPrivateKey_55; +} libcrux_ml_kem_types_MlKemPrivateKey_d9; typedef struct libcrux_ml_kem_mlkem768_MlKem768KeyPair_s { - libcrux_ml_kem_types_MlKemPrivateKey_55 sk; - libcrux_ml_kem_types_MlKemPublicKey_15 pk; + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk; + libcrux_ml_kem_types_MlKemPublicKey_30 pk; } libcrux_ml_kem_mlkem768_MlKem768KeyPair; /** @@ -105,18 +105,18 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey with const generics - $800size_t */ -typedef struct libcrux_ml_kem_types_MlKemPublicKey_be_s { +typedef struct libcrux_ml_kem_types_MlKemPublicKey_52_s { uint8_t value[800U]; -} libcrux_ml_kem_types_MlKemPublicKey_be; +} libcrux_ml_kem_types_MlKemPublicKey_52; /** A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey with const generics - $1632size_t */ -typedef struct libcrux_ml_kem_types_MlKemPrivateKey_5e_s { +typedef struct libcrux_ml_kem_types_MlKemPrivateKey_fa_s { uint8_t value[1632U]; -} libcrux_ml_kem_types_MlKemPrivateKey_5e; +} libcrux_ml_kem_types_MlKemPrivateKey_fa; /** A monomorphic instance of libcrux_ml_kem.types.MlKemKeyPair @@ -124,10 +124,10 @@ with const generics - $1632size_t - $800size_t */ -typedef struct libcrux_ml_kem_types_MlKemKeyPair_cb_s { - libcrux_ml_kem_types_MlKemPrivateKey_5e sk; - libcrux_ml_kem_types_MlKemPublicKey_be pk; -} libcrux_ml_kem_types_MlKemKeyPair_cb; +typedef struct libcrux_ml_kem_types_MlKemKeyPair_3e_s { + libcrux_ml_kem_types_MlKemPrivateKey_fa sk; + libcrux_ml_kem_types_MlKemPublicKey_52 pk; +} libcrux_ml_kem_types_MlKemKeyPair_3e; typedef struct libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s { uint8_t value[1088U]; @@ -139,38 +139,38 @@ with types libcrux_ml_kem_types_MlKemCiphertext[[$1088size_t]], uint8_t[32size_t] */ -typedef struct tuple_3c_s { +typedef struct tuple_c2_s { libcrux_ml_kem_mlkem768_MlKem768Ciphertext fst; uint8_t snd[32U]; -} tuple_3c; +} tuple_c2; /** A monomorphic instance of libcrux_ml_kem.types.MlKemCiphertext with const generics - $768size_t */ -typedef struct libcrux_ml_kem_types_MlKemCiphertext_e8_s { +typedef struct libcrux_ml_kem_types_MlKemCiphertext_1a_s { uint8_t value[768U]; -} libcrux_ml_kem_types_MlKemCiphertext_e8; +} libcrux_ml_kem_types_MlKemCiphertext_1a; /** A monomorphic instance of K. with types libcrux_ml_kem_types_MlKemCiphertext[[$768size_t]], uint8_t[32size_t] */ -typedef struct tuple_ec_s { - libcrux_ml_kem_types_MlKemCiphertext_e8 fst; +typedef struct tuple_41_s { + libcrux_ml_kem_types_MlKemCiphertext_1a fst; uint8_t snd[32U]; -} tuple_ec; +} tuple_41; /** A monomorphic instance of libcrux_ml_kem.types.MlKemCiphertext with const generics - $1568size_t */ -typedef struct libcrux_ml_kem_types_MlKemCiphertext_1f_s { +typedef struct libcrux_ml_kem_types_MlKemCiphertext_64_s { uint8_t value[1568U]; -} libcrux_ml_kem_types_MlKemCiphertext_1f; +} libcrux_ml_kem_types_MlKemCiphertext_64; /** A monomorphic instance of K. @@ -178,23 +178,23 @@ with types libcrux_ml_kem_types_MlKemCiphertext[[$1568size_t]], uint8_t[32size_t] */ -typedef struct tuple_21_s { - libcrux_ml_kem_types_MlKemCiphertext_1f fst; +typedef struct tuple_fa_s { + libcrux_ml_kem_types_MlKemCiphertext_64 fst; uint8_t snd[32U]; -} tuple_21; +} tuple_fa; /** A monomorphic instance of core.result.Result with types uint8_t[8size_t], core_array_TryFromSliceError */ -typedef struct core_result_Result_56_s { - core_result_Result_86_tags tag; +typedef struct core_result_Result_15_s { + core_result_Result_a9_tags tag; union { uint8_t case_Ok[8U]; core_array_TryFromSliceError case_Err; } val; -} core_result_Result_56; +} core_result_Result_15; /** This function found in impl {core::result::Result[TraitClause@0, @@ -205,7 +205,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[8size_t], core_array_TryFromSliceError */ -void core_result_unwrap_26_0e(core_result_Result_56 self, uint8_t ret[8U]); +void core_result_unwrap_26_68(core_result_Result_15 self, uint8_t ret[8U]); typedef struct Eurydice_slice_uint8_t_x2_s { Eurydice_slice fst; diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index 63a7ab056..a94d8c0a2 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem1024_H @@ -70,13 +70,13 @@ extern "C" { (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE + \ LIBCRUX_ML_KEM_MLKEM1024_CPA_PKE_CIPHERTEXT_SIZE_1024) -typedef libcrux_ml_kem_types_MlKemCiphertext_1f +typedef libcrux_ml_kem_types_MlKemCiphertext_64 libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext; -typedef libcrux_ml_kem_types_MlKemPrivateKey_95 +typedef libcrux_ml_kem_types_MlKemPrivateKey_83 libcrux_ml_kem_mlkem1024_MlKem1024PrivateKey; -typedef libcrux_ml_kem_types_MlKemPublicKey_1f +typedef libcrux_ml_kem_types_MlKemPublicKey_64 libcrux_ml_kem_mlkem1024_MlKem1024PublicKey; #define LIBCRUX_ML_KEM_MLKEM1024_RANKED_BYTES_PER_RING_ELEMENT_1024 \ diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index 1028b5ac1..4e1fed99d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem1024_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_0c0( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_7f0(private_key, ciphertext, ret); +static void decapsulate_e0(libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_ind_cca_decapsulate_a10(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_0c0( [`MlKem1024Ciphertext`]. */ void libcrux_ml_kem_mlkem1024_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_0c0(private_key, ciphertext, ret); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]) { + decapsulate_e0(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_ae0( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +static tuple_fa encapsulate_8f( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_64 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_a10(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_700(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_21 encapsulate_ae0( The input is a reference to an [`MlKem1024PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_mlkem1024_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_64 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ae0(uu____0, copy_of_randomness); + return encapsulate_8f(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_5a0( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_c9( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_0b0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d60(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_5a0(copy_of_randomness); + return generate_keypair_c9(copy_of_randomness); } /** @@ -136,11 +136,11 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_080( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_700(private_key, - ciphertext); +static KRML_MUSTINLINE bool validate_private_key_6b( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_b9(private_key, + ciphertext); } /** @@ -149,9 +149,9 @@ static KRML_MUSTINLINE bool validate_private_key_080( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_080(private_key, ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext) { + return validate_private_key_6b(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_f60(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_520(public_key); +static KRML_MUSTINLINE bool validate_public_key_6b(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_1e(public_key); } /** @@ -172,6 +172,6 @@ static KRML_MUSTINLINE bool validate_public_key_f60(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_f60(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key) { + return validate_public_key_6b(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index dede724bf..22afe46de 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem1024_avx2_H @@ -29,8 +29,8 @@ extern "C" { [`MlKem1024Ciphertext`]. */ void libcrux_ml_kem_mlkem1024_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]); /** Encapsulate ML-KEM 1024 @@ -39,8 +39,8 @@ void libcrux_ml_kem_mlkem1024_avx2_decapsulate( The input is a reference to an [`MlKem1024PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_mlkem1024_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]); /** @@ -55,8 +55,8 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext); /** Validate a public key. @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key); + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index bed205e56..f0b421213 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem1024_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_831( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_191(private_key, ciphertext, ret); +static void decapsulate_e0(libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_ind_cca_decapsulate_621(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_831( [`MlKem1024Ciphertext`]. */ void libcrux_ml_kem_mlkem1024_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_831(private_key, ciphertext, ret); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]) { + decapsulate_e0(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_951( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +static tuple_fa encapsulate_8f( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_64 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_661(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ca1(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_21 encapsulate_951( The input is a reference to an [`MlKem1024PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_mlkem1024_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_64 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_951(uu____0, copy_of_randomness); + return encapsulate_8f(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_d11( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_c9( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_6f1(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_f81(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_d11(copy_of_randomness); + return generate_keypair_c9(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_da1( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ae(private_key, +static KRML_MUSTINLINE bool validate_private_key_6b( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_b5(private_key, ciphertext); } @@ -150,9 +150,9 @@ static KRML_MUSTINLINE bool validate_private_key_da1( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_da1(private_key, ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext) { + return validate_private_key_6b(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_e91(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_bf1(public_key); +static KRML_MUSTINLINE bool validate_public_key_6b(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_00(public_key); } /** @@ -173,6 +173,6 @@ static KRML_MUSTINLINE bool validate_public_key_e91(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_e91(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key) { + return validate_public_key_6b(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index 87b018021..66bd0b9e5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem1024_portable_H @@ -29,8 +29,8 @@ extern "C" { [`MlKem1024Ciphertext`]. */ void libcrux_ml_kem_mlkem1024_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]); /** Encapsulate ML-KEM 1024 @@ -39,8 +39,8 @@ void libcrux_ml_kem_mlkem1024_portable_decapsulate( The input is a reference to an [`MlKem1024PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_mlkem1024_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]); /** @@ -55,8 +55,8 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext); /** Validate a public key. @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key); + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index 157226146..f7c289e29 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem512_H @@ -44,16 +44,16 @@ extern "C" { #define LIBCRUX_ML_KEM_MLKEM512_IMPLICIT_REJECTION_HASH_INPUT_SIZE \ ((size_t)800U) -typedef libcrux_ml_kem_types_MlKemCiphertext_e8 +typedef libcrux_ml_kem_types_MlKemCiphertext_1a libcrux_ml_kem_mlkem512_MlKem512Ciphertext; -typedef libcrux_ml_kem_types_MlKemKeyPair_cb +typedef libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_mlkem512_MlKem512KeyPair; -typedef libcrux_ml_kem_types_MlKemPrivateKey_5e +typedef libcrux_ml_kem_types_MlKemPrivateKey_fa libcrux_ml_kem_mlkem512_MlKem512PrivateKey; -typedef libcrux_ml_kem_types_MlKemPublicKey_be +typedef libcrux_ml_kem_types_MlKemPublicKey_52 libcrux_ml_kem_mlkem512_MlKem512PublicKey; #define LIBCRUX_ML_KEM_MLKEM512_RANKED_BYTES_PER_RING_ELEMENT_512 ((size_t)768U) diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index 8008c0304..fa3a2eac5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem512_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_0c(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, +static void decapsulate_69(libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_7f(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a1(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_0c(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, [`MlKem512Ciphertext`]. */ void libcrux_ml_kem_mlkem512_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_0c(private_key, ciphertext, ret); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]) { + decapsulate_69(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_ae( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +static tuple_41 encapsulate_35( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_52 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_a1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_70(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_ec encapsulate_ae( The input is a reference to an [`MlKem512PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_mlkem512_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_52 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ae(uu____0, copy_of_randomness); + return encapsulate_35(uu____0, copy_of_randomness); } /** @@ -109,23 +109,23 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_5a( +static libcrux_ml_kem_types_MlKemKeyPair_3e generate_keypair_a8( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_0b(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d6(copy_of_randomness); } /** Generate ML-KEM 512 Key Pair */ -libcrux_ml_kem_types_MlKemKeyPair_cb +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_5a(copy_of_randomness); + return generate_keypair_a8(copy_of_randomness); } /** @@ -136,10 +136,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_08( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_70(private_key, +static KRML_MUSTINLINE bool validate_private_key_1c( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_ad(private_key, ciphertext); } @@ -149,9 +149,9 @@ static KRML_MUSTINLINE bool validate_private_key_08( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_08(private_key, ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext) { + return validate_private_key_1c(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_f6(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_52(public_key); +static KRML_MUSTINLINE bool validate_public_key_1c(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_ba(public_key); } /** @@ -172,6 +172,6 @@ static KRML_MUSTINLINE bool validate_public_key_f6(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_f6(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key) { + return validate_public_key_1c(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 8a66b75c4..4258c183c 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem512_avx2_H @@ -29,8 +29,8 @@ extern "C" { [`MlKem512Ciphertext`]. */ void libcrux_ml_kem_mlkem512_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]); /** Encapsulate ML-KEM 512 @@ -39,14 +39,14 @@ void libcrux_ml_kem_mlkem512_avx2_decapsulate( The input is a reference to an [`MlKem512PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_mlkem512_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]); /** Generate ML-KEM 512 Key Pair */ -libcrux_ml_kem_types_MlKemKeyPair_cb +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]); /** @@ -55,8 +55,8 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext); /** Validate a public key. @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key); + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index 2fc5a3251..007b75d92 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem512_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_830( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_190(private_key, ciphertext, ret); +static void decapsulate_69(libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_ind_cca_decapsulate_620(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_830( [`MlKem512Ciphertext`]. */ void libcrux_ml_kem_mlkem512_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_830(private_key, ciphertext, ret); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]) { + decapsulate_69(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_950( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +static tuple_41 encapsulate_35( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_52 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_660(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ca0(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_ec encapsulate_950( The input is a reference to an [`MlKem512PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_mlkem512_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_52 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_950(uu____0, copy_of_randomness); + return encapsulate_35(uu____0, copy_of_randomness); } /** @@ -110,23 +110,23 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_d10( +static libcrux_ml_kem_types_MlKemKeyPair_3e generate_keypair_a8( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_6f0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_f80(copy_of_randomness); } /** Generate ML-KEM 512 Key Pair */ -libcrux_ml_kem_types_MlKemKeyPair_cb +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_d10(copy_of_randomness); + return generate_keypair_a8(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_da0( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_b4(private_key, +static KRML_MUSTINLINE bool validate_private_key_1c( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext) { + return libcrux_ml_kem_ind_cca_validate_private_key_fb(private_key, ciphertext); } @@ -150,9 +150,9 @@ static KRML_MUSTINLINE bool validate_private_key_da0( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_da0(private_key, ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext) { + return validate_private_key_1c(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_e90(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_bf0(public_key); +static KRML_MUSTINLINE bool validate_public_key_1c(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_86(public_key); } /** @@ -173,6 +173,6 @@ static KRML_MUSTINLINE bool validate_public_key_e90(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_e90(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key) { + return validate_public_key_1c(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index 66032c07f..d0b8d757d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem512_portable_H @@ -29,8 +29,8 @@ extern "C" { [`MlKem512Ciphertext`]. */ void libcrux_ml_kem_mlkem512_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]); /** Encapsulate ML-KEM 512 @@ -39,14 +39,14 @@ void libcrux_ml_kem_mlkem512_portable_decapsulate( The input is a reference to an [`MlKem512PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_mlkem512_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]); /** Generate ML-KEM 512 Key Pair */ -libcrux_ml_kem_types_MlKemKeyPair_cb +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]); /** @@ -55,8 +55,8 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext); + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext); /** Validate a public key. @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem512_portable_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key); + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index 85985206f..0703da140 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_H @@ -68,10 +68,10 @@ extern "C" { (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE + \ LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768) -typedef libcrux_ml_kem_types_MlKemPrivateKey_55 +typedef libcrux_ml_kem_types_MlKemPrivateKey_d9 libcrux_ml_kem_mlkem768_MlKem768PrivateKey; -typedef libcrux_ml_kem_types_MlKemPublicKey_15 +typedef libcrux_ml_kem_types_MlKemPublicKey_30 libcrux_ml_kem_mlkem768_MlKem768PublicKey; #define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT_768 \ diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index 3fd65a30d..df43fef6b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem768_avx2.h" @@ -35,10 +35,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_0c1( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static void decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_7f1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a11(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_0c1( [`MlKem768Ciphertext`]. */ void libcrux_ml_kem_mlkem768_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_0c1(private_key, ciphertext, ret); + decapsulate_35(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_ae1( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static tuple_c2 encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_a11(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_701(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_3c encapsulate_ae1( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_mlkem768_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_ae1(uu____0, copy_of_randomness); + return encapsulate_cd(uu____0, copy_of_randomness); } /** @@ -109,12 +109,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_5a1( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_0b1(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d61(copy_of_randomness); } /** @@ -125,7 +125,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_5a1(copy_of_randomness); + return generate_keypair_c6(copy_of_randomness); } /** @@ -136,11 +136,11 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_081( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE bool validate_private_key_31( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_701(private_key, - ciphertext); + return libcrux_ml_kem_ind_cca_validate_private_key_12(private_key, + ciphertext); } /** @@ -149,9 +149,9 @@ static KRML_MUSTINLINE bool validate_private_key_081( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_081(private_key, ciphertext); + return validate_private_key_31(private_key, ciphertext); } /** @@ -162,8 +162,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_f61(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_521(public_key); +static KRML_MUSTINLINE bool validate_public_key_31(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_ed(public_key); } /** @@ -172,6 +172,6 @@ static KRML_MUSTINLINE bool validate_public_key_f61(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_f61(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) { + return validate_public_key_31(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index af5edca86..54763392b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_avx2_H @@ -29,7 +29,7 @@ extern "C" { [`MlKem768Ciphertext`]. */ void libcrux_ml_kem_mlkem768_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); /** @@ -39,8 +39,8 @@ void libcrux_ml_kem_mlkem768_avx2_decapsulate( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_mlkem768_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]); /** @@ -55,7 +55,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext); /** @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key); + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index 1794e74b4..98f3524ad 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_mlkem768_portable.h" @@ -35,10 +35,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_83( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static void decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_19(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_62(private_key, ciphertext, ret); } /** @@ -49,9 +49,9 @@ static void decapsulate_83( [`MlKem768Ciphertext`]. */ void libcrux_ml_kem_mlkem768_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_83(private_key, ciphertext, ret); + decapsulate_35(private_key, ciphertext, ret); } /** @@ -71,14 +71,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_95( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static tuple_c2 encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_66(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ca(uu____0, copy_of_randomness); } /** @@ -88,14 +88,14 @@ static tuple_3c encapsulate_95( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_95(uu____0, copy_of_randomness); + return encapsulate_cd(uu____0, copy_of_randomness); } /** @@ -110,12 +110,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_d1( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_6f(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_f8(copy_of_randomness); } /** @@ -126,7 +126,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_d1(copy_of_randomness); + return generate_keypair_c6(copy_of_randomness); } /** @@ -137,10 +137,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_da( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE bool validate_private_key_31( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_33(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_37(private_key, ciphertext); } @@ -150,9 +150,9 @@ static KRML_MUSTINLINE bool validate_private_key_da( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_da(private_key, ciphertext); + return validate_private_key_31(private_key, ciphertext); } /** @@ -163,8 +163,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_e9(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_bf(public_key); +static KRML_MUSTINLINE bool validate_public_key_31(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_6c(public_key); } /** @@ -173,6 +173,6 @@ static KRML_MUSTINLINE bool validate_public_key_e9(uint8_t *public_key) { Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_e9(public_key->value); + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) { + return validate_public_key_31(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index 4e8116617..40d10c58e 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_portable_H @@ -29,7 +29,7 @@ extern "C" { [`MlKem768Ciphertext`]. */ void libcrux_ml_kem_mlkem768_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); /** @@ -39,8 +39,8 @@ void libcrux_ml_kem_mlkem768_portable_decapsulate( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]); /** @@ -55,7 +55,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]); Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext); /** @@ -64,7 +64,7 @@ bool libcrux_ml_kem_mlkem768_portable_validate_private_key( Returns `true` if valid, and `false` otherwise. */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key); + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key); #if defined(__cplusplus) } diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 05520bf99..7bc6760f3 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "internal/libcrux_mlkem_avx2.h" @@ -612,12 +612,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_4( mm_storeu_bytes_si128( Eurydice_array_to_slice((size_t)16U, serialized, uint8_t), combined0); uint8_t ret0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, ret0); + core_result_unwrap_26_68(dst, ret0); memcpy(ret, ret0, (size_t)8U * sizeof(uint8_t)); } @@ -713,12 +713,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_5( Eurydice_array_to_subslice2(serialized, (size_t)5U, (size_t)21U, uint8_t), upper_8); uint8_t ret0[10U]; - core_result_Result_cd dst; + core_result_Result_9d dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)10U, uint8_t), Eurydice_slice, uint8_t[10U]); - core_result_unwrap_26_07(dst, ret0); + core_result_unwrap_26_ce(dst, ret0); memcpy(ret, ret0, (size_t)10U * sizeof(uint8_t)); } @@ -839,12 +839,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_10( (size_t)26U, uint8_t), upper_8); uint8_t ret0[20U]; - core_result_Result_7a dst; + core_result_Result_e1 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)20U, uint8_t), Eurydice_slice, uint8_t[20U]); - core_result_unwrap_26_ea(dst, ret0); + core_result_unwrap_26_20(dst, ret0); memcpy(ret, ret0, (size_t)20U * sizeof(uint8_t)); } @@ -982,12 +982,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_12( (size_t)28U, uint8_t), upper_8); uint8_t ret0[24U]; - core_result_Result_6f dst; + core_result_Result_b2 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)24U, uint8_t), Eurydice_slice, uint8_t[24U]); - core_result_unwrap_26_76(dst, ret0); + core_result_unwrap_26_70(dst, ret0); memcpy(ret, ret0, (size_t)24U * sizeof(uint8_t)); } @@ -1112,8 +1112,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ZERO_ef_05(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; +static libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ZERO_ef_61(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_avx2_ZERO_09(); lit.coefficients[1U] = libcrux_ml_kem_vector_avx2_ZERO_09(); lit.coefficients[2U] = libcrux_ml_kem_vector_avx2_ZERO_09(); @@ -1139,9 +1139,9 @@ libcrux_ml_kem.serialize.deserialize_to_reduced_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_dc(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_to_reduced_ring_element_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -1160,9 +1160,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_531( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_ab( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -1173,8 +1173,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_531( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_dc(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_reduced_ring_element_61(ring_element); deserialized_pk[i0] = uu____0; } } @@ -1185,16 +1185,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_ab( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_531(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_61();); + deserialize_ring_elements_reduced_ab(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[3U]; memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + result, deserialized_pk, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + memcpy( + ret, result, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -1202,7 +1206,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_65(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_ef(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1215,8 +1219,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_09 with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_09_85(__m256i vector) { - return shift_right_65(vector); +static __m256i shift_right_09_ef(__m256i vector) { + return shift_right_ef(vector); } /** @@ -1225,8 +1229,8 @@ libcrux_ml_kem.vector.traits.to_unsigned_representative with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_unsigned_representative_3f(__m256i a) { - __m256i t = shift_right_09_85(a); +static __m256i to_unsigned_representative_61(__m256i a) { + __m256i t = shift_right_09_ef(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -1238,8 +1242,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_7b(__m256i a) { - return to_unsigned_representative_3f(a); +static KRML_MUSTINLINE __m256i to_unsigned_field_modulus_61(__m256i a) { + return to_unsigned_representative_61(a); } /** @@ -1248,13 +1252,13 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_2c( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_7b(re->coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_61(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1274,25 +1278,25 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_991( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, +static KRML_MUSTINLINE void serialize_secret_key_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_2c(&re, ret0); + serialize_uncompressed_ring_element_61(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -1307,13 +1311,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_991(t_as_ntt, ret); + serialize_secret_key_ed(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1330,14 +1334,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_ca1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_6c1(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_ed(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -1348,15 +1350,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_521(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_cc1( +bool libcrux_ml_kem_ind_cca_validate_public_key_ed(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[3U]; + deserialize_ring_elements_reduced_out_ab( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_ca1( + serialize_public_key_ed( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1374,7 +1376,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void H_a9_411(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_e0(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -1386,14 +1388,14 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_701( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +bool libcrux_ml_kem_ind_cca_validate_private_key_12( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - H_a9_411(Eurydice_array_to_subslice2( - private_key->value, (size_t)384U * (size_t)3U, - (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), - t); + H_a9_e0(Eurydice_array_to_subslice2( + private_key->value, (size_t)384U * (size_t)3U, + (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), + t); Eurydice_slice expected = Eurydice_array_to_subslice2( private_key->value, (size_t)768U * (size_t)3U + (size_t)32U, (size_t)768U * (size_t)3U + (size_t)64U, uint8_t); @@ -1407,9 +1409,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct IndCpaPrivateKeyUnpacked_a0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; -} IndCpaPrivateKeyUnpacked_a0; +typedef struct IndCpaPrivateKeyUnpacked_63_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; +} IndCpaPrivateKeyUnpacked_63; /** This function found in impl {(core::default::Default for @@ -1422,11 +1424,11 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static IndCpaPrivateKeyUnpacked_a0 default_1a_3c1(void) { - IndCpaPrivateKeyUnpacked_a0 lit; - lit.secret_as_ntt[0U] = ZERO_ef_05(); - lit.secret_as_ntt[1U] = ZERO_ef_05(); - lit.secret_as_ntt[2U] = ZERO_ef_05(); +static IndCpaPrivateKeyUnpacked_63 default_1a_ab(void) { + IndCpaPrivateKeyUnpacked_63 lit; + lit.secret_as_ntt[0U] = ZERO_ef_61(); + lit.secret_as_ntt[1U] = ZERO_ef_61(); + lit.secret_as_ntt[2U] = ZERO_ef_61(); return lit; } @@ -1436,11 +1438,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct IndCpaPublicKeyUnpacked_a0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; +typedef struct IndCpaPublicKeyUnpacked_63_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 t_as_ntt[3U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; -} IndCpaPublicKeyUnpacked_a0; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 A[3U][3U]; +} IndCpaPublicKeyUnpacked_63; /** This function found in impl {(core::default::Default for @@ -1453,25 +1455,25 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static IndCpaPublicKeyUnpacked_a0 default_8d_891(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; +static IndCpaPublicKeyUnpacked_63 default_8d_ab(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - uu____0[i] = ZERO_ef_05();); + uu____0[i] = ZERO_ef_61();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_a0 lit; + IndCpaPublicKeyUnpacked_63 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_05(); - lit.A[0U][1U] = ZERO_ef_05(); - lit.A[0U][2U] = ZERO_ef_05(); - lit.A[1U][0U] = ZERO_ef_05(); - lit.A[1U][1U] = ZERO_ef_05(); - lit.A[1U][2U] = ZERO_ef_05(); - lit.A[2U][0U] = ZERO_ef_05(); - lit.A[2U][1U] = ZERO_ef_05(); - lit.A[2U][2U] = ZERO_ef_05(); + lit.A[0U][0U] = ZERO_ef_61(); + lit.A[0U][1U] = ZERO_ef_61(); + lit.A[0U][2U] = ZERO_ef_61(); + lit.A[1U][0U] = ZERO_ef_61(); + lit.A[1U][1U] = ZERO_ef_61(); + lit.A[1U][2U] = ZERO_ef_61(); + lit.A[2U][0U] = ZERO_ef_61(); + lit.A[2U][1U] = ZERO_ef_61(); + lit.A[2U][2U] = ZERO_ef_61(); return lit; } @@ -1484,7 +1486,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void G_a9_9f1(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_e0(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -1498,7 +1500,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_751( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_be( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -1509,7 +1511,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_751( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - G_a9_9f1(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_e0(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -1520,8 +1522,8 @@ generics - K= 3 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_961(uint8_t input[3U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_29 state = +shake128_init_absorb_final_e0(uint8_t input[3U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_55 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( &state, Eurydice_array_to_slice((size_t)34U, input[0U], uint8_t), @@ -1542,11 +1544,11 @@ generics - K= 3 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_a9_c11(uint8_t input[3U][34U]) { +shake128_init_absorb_final_a9_e0(uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_961(copy_of_input); + return shake128_init_absorb_final_e0(copy_of_input); } /** @@ -1555,7 +1557,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_081( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -1589,9 +1591,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_7a1( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][504U]) { - shake128_squeeze_first_three_blocks_081(self, ret); + shake128_squeeze_first_three_blocks_e0(self, ret); } /** @@ -1642,7 +1644,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe3( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_ed( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1680,7 +1682,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_011( +static KRML_MUSTINLINE void shake128_squeeze_next_block_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -1714,9 +1716,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_9f1( +static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][168U]) { - shake128_squeeze_next_block_011(self, ret); + shake128_squeeze_next_block_e0(self, ret); } /** @@ -1767,7 +1769,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe4( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_ed0( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1810,9 +1812,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -from_i16_array_ef_ef(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +from_i16_array_ef_61(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -1829,9 +1831,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_b41( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f6 closure_6c1( int16_t s[272U]) { - return from_i16_array_ef_ef( + return from_i16_array_ef_61( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -1841,46 +1843,46 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_901( +static KRML_MUSTINLINE void sample_from_xof_6c1( uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_final_a9_c11(copy_of_seeds); + shake128_init_absorb_final_a9_e0(copy_of_seeds); uint8_t randomness0[3U][504U]; - shake128_squeeze_first_three_blocks_a9_7a1(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_a9_e0(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fe3( + bool done = sample_from_uniform_distribution_next_ed( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - shake128_squeeze_next_block_a9_9f1(&xof_state, randomness); + shake128_squeeze_next_block_a9_e0(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fe4( + done = sample_from_uniform_distribution_next_ed0( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[3U][272U]; memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_b41(copy_of_out[i]);); + ret0[i] = closure_6c1(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -1889,8 +1891,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_ee1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[3U], +static KRML_MUSTINLINE void sample_matrix_A_6c1( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR3( i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; @@ -1905,25 +1907,23 @@ static KRML_MUSTINLINE void sample_matrix_A_ee1( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - sample_from_xof_901(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sampled[3U]; + sample_from_xof_6c1(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -1932,8 +1932,8 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_fb2(uint8_t (*input)[33U], - uint8_t ret[3U][128U]) { +static KRML_MUSTINLINE void PRFxN_41(uint8_t (*input)[33U], + uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; uint8_t out1[128U] = {0U}; @@ -1970,9 +1970,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_b22(uint8_t (*input)[33U], - uint8_t ret[3U][128U]) { - PRFxN_fb2(input, ret); +static KRML_MUSTINLINE void PRFxN_a9_41(uint8_t (*input)[33U], + uint8_t ret[3U][128U]) { + PRFxN_41(input, ret); } /** @@ -1981,8 +1981,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_2 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_2_4a(Eurydice_slice randomness) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +sample_from_binomial_distribution_2_61(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -2016,7 +2016,7 @@ sample_from_binomial_distribution_2_4a(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_ef_ef( + return from_i16_array_ef_61( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -2026,8 +2026,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_3 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_3_20(Eurydice_slice randomness) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +sample_from_binomial_distribution_3_61(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -2060,7 +2060,7 @@ sample_from_binomial_distribution_3_20(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_ef_ef( + return from_i16_array_ef_61( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -2070,9 +2070,9 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_d7(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_4a(randomness); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +sample_from_binomial_distribution_89(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_61(randomness); } /** @@ -2081,8 +2081,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_13( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_at_layer_7_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; @@ -2106,7 +2106,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i montgomery_multiply_fe_5f(__m256i v, int16_t fer) { +static __m256i montgomery_multiply_fe_61(__m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -2117,8 +2117,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -ntt_layer_int_vec_step_97(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = montgomery_multiply_fe_5f(b, zeta_r); +ntt_layer_int_vec_step_61(__m256i a, __m256i b, int16_t zeta_r) { + __m256i t = montgomery_multiply_fe_61(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -2131,8 +2131,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_ca( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void ntt_at_layer_4_plus_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -2144,7 +2144,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_ca( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - ntt_layer_int_vec_step_97( + ntt_layer_int_vec_step_61( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2161,8 +2161,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_ba( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_at_layer_3_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -2177,8 +2177,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_89( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_at_layer_2_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -2195,8 +2195,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_d7( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_at_layer_1_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -2220,8 +2220,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_a9( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { +static KRML_MUSTINLINE void poly_barrett_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2236,17 +2236,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_ef( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - ntt_at_layer_7_13(re); +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { + ntt_at_layer_7_61(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_ba(&zeta_i, re); - ntt_at_layer_2_89(&zeta_i, re); - ntt_at_layer_1_d7(&zeta_i, re); - poly_barrett_reduce_ef_a9(re); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_61(&zeta_i, re); + ntt_at_layer_2_61(&zeta_i, re); + ntt_at_layer_1_61(&zeta_i, re); + poly_barrett_reduce_ef_61(re); } /** @@ -2257,8 +2257,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b01( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b41( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -2267,16 +2267,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b01( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_a9_b22(prf_inputs, prf_outputs); + PRFxN_a9_41(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_d7( + re_as_ntt[i0] = sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_61(&re_as_ntt[i0]);); return domain_separator; } @@ -2286,10 +2288,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_avx2_SIMD256Vector[3size_t], uint8_t */ -typedef struct tuple_b0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 fst[3U]; +typedef struct tuple_23_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 fst[3U]; uint8_t snd; -} tuple_b0; +} tuple_23; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -2299,27 +2301,27 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_811( +static KRML_MUSTINLINE tuple_23 sample_vector_cbd_then_ntt_out_b41( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_05();); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_61();); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b01(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b41(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_23 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -2333,10 +2335,10 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -ntt_multiply_ef_b2(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +ntt_multiply_ef_61(libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 out = ZERO_ef_61(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2364,9 +2366,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_4f1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(Eurydice_array_to_slice( (size_t)16U, self->coefficients, __m256i), @@ -2384,7 +2386,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_standard_domain_79(__m256i v) { +static __m256i to_standard_domain_61(__m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } @@ -2400,14 +2402,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_34( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { +static KRML_MUSTINLINE void add_standard_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - to_standard_domain_79(self->coefficients[j]); + to_standard_domain_61(self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, &error->coefficients[j])); @@ -2420,37 +2422,37 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*matrix_A)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = ZERO_ef_61(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_4f1(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_ab(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_61(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -2463,47 +2465,47 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_a41( +static void generate_keypair_unpacked_221( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_a0 *private_key, - IndCpaPublicKeyUnpacked_a0 *public_key) { + IndCpaPrivateKeyUnpacked_63 *private_key, + IndCpaPublicKeyUnpacked_63 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_751(key_generation_seed, hashed); + cpa_keygen_seed_d8_be(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ee1(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_6c1(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b01(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b41(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_811(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_b41(copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_2d1(public_key->t_as_ntt, public_key->A, - private_key->secret_as_ntt, error_as_ntt); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compute_As_plus_e_ab(public_key->t_as_ntt, public_key->A, + private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -2519,18 +2521,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_6a1( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_bb1( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_3c1(); - IndCpaPublicKeyUnpacked_a0 public_key = default_8d_891(); - generate_keypair_unpacked_a41(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_63 private_key = default_1a_ab(); + IndCpaPublicKeyUnpacked_63 public_key = default_8d_ab(); + generate_keypair_unpacked_221(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_ca1( + serialize_public_key_ed( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_991(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_ed(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2539,12 +2541,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_6a1( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -2554,7 +2556,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_1f1( +static KRML_MUSTINLINE void serialize_kem_secret_key_ae( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2580,7 +2582,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_1f1( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_411(public_key, ret0); + H_a9_e0(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -2610,7 +2612,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d61(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2619,13 +2621,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_6a1(ind_cpa_keypair_randomness); + generate_keypair_bb1(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_1f1( + serialize_kem_secret_key_ae( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2633,14 +2635,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b1(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af0(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee0( - uu____2, libcrux_ml_kem_types_from_5a_670(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -2653,8 +2655,8 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_641(Eurydice_slice randomness, - uint8_t ret[32U]) { +static KRML_MUSTINLINE void entropy_preprocess_d8_be(Eurydice_slice randomness, + uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), randomness, uint8_t); @@ -2669,11 +2671,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; +static KRML_MUSTINLINE tuple_23 +sample_ring_element_cbd_b41(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = ZERO_ef_05();); + error_1[i] = ZERO_ef_61();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -2681,28 +2683,30 @@ sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_a9_b22(prf_inputs, prf_outputs); + PRFxN_a9_41(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____1 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_error_1[3U]; memcpy( copy_of_error_1, error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b0 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_23 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -2710,7 +2714,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void PRF_960(Eurydice_slice input, uint8_t ret[128U]) { +static KRML_MUSTINLINE void PRF_a6(Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)128U, digest, uint8_t), input); @@ -2727,9 +2731,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_164(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_410(Eurydice_slice input, uint8_t ret[128U]) { - PRF_960(input, ret); + PRF_a6(input, ret); } /** @@ -2738,8 +2742,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_f7( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_1_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -2759,8 +2763,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_98( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_2_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -2778,8 +2782,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_fe( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_3_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { KRML_MAYBE_FOR16(i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; re->coefficients[round] = @@ -2795,11 +2799,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_75(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_61(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = montgomery_multiply_fe_5f(a_minus_b, zeta_r); + b = montgomery_multiply_fe_61(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2810,8 +2814,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_bc( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -2825,7 +2829,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_bc( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_75( + inv_ntt_layer_int_vec_step_reduce_61( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2842,18 +2846,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8f1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f7(&zeta_i, re); - invert_ntt_at_layer_2_98(&zeta_i, re); - invert_ntt_at_layer_3_fe(&zeta_i, re); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_a9(re); + invert_ntt_at_layer_1_61(&zeta_i, re); + invert_ntt_at_layer_2_61(&zeta_i, re); + invert_ntt_at_layer_3_61(&zeta_i, re); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_61(re); } /** @@ -2867,9 +2871,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_dd( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { +static KRML_MUSTINLINE void add_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; @@ -2888,46 +2892,42 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_dd1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[3U]; +static KRML_MUSTINLINE void compute_vector_u_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*a_as_ntt)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result0[i] = ZERO_ef_05();); + result[i] = ZERO_ef_61();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_4f1(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_ab(&result[i1], &product); } - invert_ntt_montgomery_8f1(&result0[i1]); - add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_ab(&result[i1]); + add_error_reduce_ef_61(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; - memcpy( - result, result0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -2936,7 +2936,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_08(__m256i vec) { +static __m256i decompress_1_61(__m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09(s, @@ -2949,9 +2949,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_d3(uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_message_61(uint8_t serialized[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; __m256i coefficient_compressed = @@ -2959,7 +2959,7 @@ deserialize_then_decompress_message_d3(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_08(coefficient_compressed);); + re.coefficients[i0] = decompress_1_61(coefficient_compressed);); return re; } @@ -2974,11 +2974,11 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_ef_79( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +add_message_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3001,19 +3001,19 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_771( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_ring_element_v_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_4f1(&result, &product);); - invert_ntt_montgomery_8f1(&result); - result = add_message_error_reduce_ef_79(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_ab(&result, &product);); + invert_ntt_montgomery_ab(&result); + result = add_message_error_reduce_ef_61(error_2, message, result); return result; } @@ -3024,7 +3024,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_1a(__m256i vector) { +compress_ciphertext_coefficient_ef(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3071,8 +3071,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_09_74(__m256i vector) { - return compress_ciphertext_coefficient_1a(vector); +static __m256i compress_09_ef(__m256i vector) { + return compress_ciphertext_coefficient_ef(vector); } /** @@ -3081,14 +3081,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_2b0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { +static KRML_MUSTINLINE void compress_then_serialize_10_0e0( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_74(to_unsigned_field_modulus_7b(re->coefficients[i0])); + compress_09_ef(to_unsigned_field_modulus_61(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3108,7 +3108,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_1a0(__m256i vector) { +compress_ciphertext_coefficient_c4(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3155,8 +3155,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_09_740(__m256i vector) { - return compress_ciphertext_coefficient_1a0(vector); +static __m256i compress_09_c4(__m256i vector) { + return compress_ciphertext_coefficient_c4(vector); } /** @@ -3166,11 +3166,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_9e0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - compress_then_serialize_10_2b0(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_a4( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[320U]) { + uint8_t result[320U]; + compress_then_serialize_10_0e0(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3182,23 +3182,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_421( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], +static void compress_then_serialize_u_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_9e0(&re, ret); + compress_then_serialize_ring_element_u_a4(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3211,7 +3211,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_1a1(__m256i vector) { +compress_ciphertext_coefficient_d1(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3258,8 +3258,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_09_741(__m256i vector) { - return compress_ciphertext_coefficient_1a1(vector); +static __m256i compress_09_d1(__m256i vector) { + return compress_ciphertext_coefficient_d1(vector); } /** @@ -3268,14 +3268,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_a4( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, +static KRML_MUSTINLINE void compress_then_serialize_4_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_741(to_unsigned_field_modulus_7b(re.coefficients[i0])); + compress_09_d1(to_unsigned_field_modulus_61(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); Eurydice_slice_copy( @@ -3292,7 +3292,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_1a2(__m256i vector) { +compress_ciphertext_coefficient_f4(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3339,8 +3339,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_09_742(__m256i vector) { - return compress_ciphertext_coefficient_1a2(vector); +static __m256i compress_09_f4(__m256i vector) { + return compress_ciphertext_coefficient_f4(vector); } /** @@ -3349,14 +3349,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_03( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, +static KRML_MUSTINLINE void compress_then_serialize_5_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_09_742(to_unsigned_representative_3f(re.coefficients[i0])); + compress_09_f4(to_unsigned_representative_61(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); Eurydice_slice_copy( @@ -3373,9 +3373,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_d10( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_a4(re, out); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_78( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice out) { + compress_then_serialize_4_61(re, out); } /** @@ -3395,58 +3395,58 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_a41(IndCpaPublicKeyUnpacked_a0 *public_key, +static void encrypt_unpacked_741(IndCpaPublicKeyUnpacked_63 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_811(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; + tuple_23 uu____1 = sample_vector_cbd_then_ntt_out_b41(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = - sample_ring_element_cbd_a01(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; + tuple_23 uu____3 = + sample_ring_element_cbd_b41(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[3U]; memcpy( error_1, uu____3.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_164(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_410(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_2 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_dd1(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u[3U]; + compute_vector_u_ab(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_d3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_771(public_key->t_as_ntt, r_as_ntt, &error_2, - &message_as_ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message_as_ring_element = + deserialize_then_decompress_message_61(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + compute_ring_element_v_ab(public_key->t_as_ntt, r_as_ntt, &error_2, + &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____5[3U]; memcpy( uu____5, u, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_421( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compress_then_serialize_u_8c( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_d10( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____6 = v; + compress_then_serialize_ring_element_v_78( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3469,26 +3469,26 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_741(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_891(); - deserialize_ring_elements_reduced_531( + IndCpaPublicKeyUnpacked_63 unpacked_public_key = default_8d_ab(); + deserialize_ring_elements_reduced_ab( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____0)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____0)[3U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ee1(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_a0 *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_6c1(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_63 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - encrypt_unpacked_a41(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + encrypt_unpacked_741(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -3502,8 +3502,8 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_161(Eurydice_slice shared_secret, - uint8_t ret[32U]) { +static KRML_MUSTINLINE void kdf_d8_ae(Eurydice_slice shared_secret, + uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), shared_secret, uint8_t); @@ -3529,27 +3529,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a11( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_701( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_641( + entropy_preprocess_d8_be( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_411(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), - uint8_t), - ret); + H_a9_e0(Eurydice_array_to_slice( + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), + uint8_t), + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_9f1(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_e0(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -3557,25 +3557,25 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_a11( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_6f1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_741(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_451(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_161(shared_secret, shared_secret_array); + kdf_d8_ae(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -3587,9 +3587,9 @@ libcrux_ml_kem.serialize.deserialize_to_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_6c(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_to_uncompressed_ring_element_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -3606,12 +3606,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_541( +static KRML_MUSTINLINE void deserialize_secret_key_ab( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_05();); + secret_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -3622,17 +3622,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_541( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6c(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_uncompressed_ring_element_61(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -3642,7 +3638,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_8e(__m256i vector) { +decompress_ciphertext_coefficient_ef(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3686,8 +3682,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_09_70(__m256i vector) { - return decompress_ciphertext_coefficient_8e(vector); +static __m256i decompress_ciphertext_coefficient_09_ef(__m256i vector) { + return decompress_ciphertext_coefficient_ef(vector); } /** @@ -3696,21 +3692,19 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_10 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_c7(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); - LowStar_Ignore_ignore( - Eurydice_slice_len( - Eurydice_array_to_slice((size_t)16U, re.coefficients, __m256i), - __m256i), - size_t, void *); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_10_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); + size_t _coefficients_length = Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, re.coefficients, __m256i), __m256i); + LowStar_Ignore_ignore(_coefficients_length, size_t, void *); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_70(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_ef(coefficient); } return re; } @@ -3722,7 +3716,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_8e0(__m256i vector) { +decompress_ciphertext_coefficient_c4(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3766,8 +3760,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_09_700(__m256i vector) { - return decompress_ciphertext_coefficient_8e0(vector); +static __m256i decompress_ciphertext_coefficient_09_c4(__m256i vector) { + return decompress_ciphertext_coefficient_c4(vector); } /** @@ -3776,16 +3770,16 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_11 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_d5(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_11_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_700(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_c4(coefficient); } return re; } @@ -3796,9 +3790,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_790(Eurydice_slice serialized) { - return deserialize_then_decompress_10_c7(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_ring_element_u_ee(Eurydice_slice serialized) { + return deserialize_then_decompress_10_61(serialized); } /** @@ -3807,17 +3801,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_b70( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_vector_u_ee( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_ba(&zeta_i, re); - ntt_at_layer_2_89(&zeta_i, re); - ntt_at_layer_1_d7(&zeta_i, re); - poly_barrett_reduce_ef_a9(re); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_61(&zeta_i, re); + ntt_at_layer_2_61(&zeta_i, re); + ntt_at_layer_1_61(&zeta_i, re); + poly_barrett_reduce_ef_61(re); } /** @@ -3828,12 +3822,12 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_251( +static KRML_MUSTINLINE void deserialize_then_decompress_u_ed( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_05();); + u_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t), @@ -3851,12 +3845,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_251( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_790(u_bytes); - ntt_vector_u_b70(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_ee(u_bytes); + ntt_vector_u_ee(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -3866,7 +3860,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_8e1(__m256i vector) { +decompress_ciphertext_coefficient_d1(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3910,8 +3904,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_09_701(__m256i vector) { - return decompress_ciphertext_coefficient_8e1(vector); +static __m256i decompress_ciphertext_coefficient_09_d1(__m256i vector) { + return decompress_ciphertext_coefficient_d1(vector); } /** @@ -3920,16 +3914,16 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_75(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_4_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_09_701(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_09_d1(coefficient); } return re; } @@ -3941,7 +3935,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_8e2(__m256i vector) { +decompress_ciphertext_coefficient_f4(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3985,8 +3979,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_09 with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_09_702(__m256i vector) { - return decompress_ciphertext_coefficient_8e2(vector); +static __m256i decompress_ciphertext_coefficient_09_f4(__m256i vector) { + return decompress_ciphertext_coefficient_f4(vector); } /** @@ -3995,9 +3989,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_f8(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_5_61(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -4005,7 +3999,7 @@ deserialize_then_decompress_5_f8(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_09_702(re.coefficients[i0]); + decompress_ciphertext_coefficient_09_f4(re.coefficients[i0]); } return re; } @@ -4016,9 +4010,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_b90(Eurydice_slice serialized) { - return deserialize_then_decompress_4_75(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_ring_element_v_42(Eurydice_slice serialized) { + return deserialize_then_decompress_4_61(serialized); } /** @@ -4032,9 +4026,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_ef_da(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +subtract_reduce_ef_61(libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -4054,18 +4048,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7d1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_message_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_4f1(&result, &product);); - invert_ntt_montgomery_8f1(&result); - result = subtract_reduce_ef_da(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_ab(&result, &product);); + invert_ntt_montgomery_ab(&result); + result = subtract_reduce_ef_61(v, result); return result; } @@ -4075,12 +4069,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_dd( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { +static KRML_MUSTINLINE void compress_then_serialize_message_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_field_modulus_7b(re.coefficients[i0]); + __m256i coefficient = to_unsigned_field_modulus_61(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); uint8_t bytes[2U]; @@ -4105,18 +4099,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_9d1(IndCpaPrivateKeyUnpacked_a0 *secret_key, - uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_251(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_b90( +static void decrypt_unpacked_2f(IndCpaPrivateKeyUnpacked_63 *secret_key, + uint8_t *ciphertext, uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[3U]; + deserialize_then_decompress_u_ed(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + deserialize_then_decompress_ring_element_v_42( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7d1(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message = + compute_message_ab(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_dd(message, ret0); + compress_then_serialize_message_61(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4130,22 +4124,22 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_751(Eurydice_slice secret_key, uint8_t *ciphertext, - uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_541(secret_key, secret_as_ntt); +static void decrypt_2f(Eurydice_slice secret_key, uint8_t *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; + deserialize_secret_key_ab(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_secret_as_ntt[3U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - IndCpaPrivateKeyUnpacked_a0 secret_key_unpacked; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + IndCpaPrivateKeyUnpacked_63 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_9d1(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + uint8_t ret0[32U]; + decrypt_unpacked_2f(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -4153,7 +4147,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void PRF_96(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void PRF_9e(Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)32U, digest, uint8_t), input); @@ -4170,8 +4164,8 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_163(Eurydice_slice input, uint8_t ret[32U]) { - PRF_96(input, ret); +static KRML_MUSTINLINE void PRF_a9_41(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -4196,8 +4190,8 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f1( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +void libcrux_ml_kem_ind_cca_decapsulate_a11( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -4214,9 +4208,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_751(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_2f(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -4224,7 +4218,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f1( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_9f1(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_e0(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -4232,31 +4226,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f1( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_425(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_401(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_163(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), - implicit_rejection_shared_secret0); + PRF_a9_41(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), + implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_6f1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_741(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_161(Eurydice_array_to_slice( - (size_t)32U, implicit_rejection_shared_secret0, uint8_t), - implicit_rejection_shared_secret); + kdf_d8_ae(Eurydice_array_to_slice((size_t)32U, + implicit_rejection_shared_secret0, uint8_t), + implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_161(shared_secret0, shared_secret1); + kdf_d8_ae(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_401(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4271,9 +4265,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_53( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_42( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -4284,8 +4278,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_53( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_dc(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_reduced_ring_element_61(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4296,16 +4290,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_42( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_53(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_61();); + deserialize_ring_elements_reduced_42(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[4U]; + memcpy( + result, deserialized_pk, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy( - ret, deserialized_pk, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, result, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -4315,25 +4313,25 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_99( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, +static KRML_MUSTINLINE void serialize_secret_key_78( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_2c(&re, ret0); + serialize_uncompressed_ring_element_61(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4348,13 +4346,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_1e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_99(t_as_ntt, ret); + serialize_secret_key_78(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4371,14 +4369,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_ca( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_1e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1568U]; - memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_1e(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4389,15 +4385,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_520(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_cc0( +bool libcrux_ml_kem_ind_cca_validate_public_key_1e(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[4U]; + deserialize_ring_elements_reduced_out_42( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_ca( + serialize_public_key_1e( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4415,7 +4411,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void H_a9_41(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_ac(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -4427,11 +4423,11 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_700( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { +bool libcrux_ml_kem_ind_cca_validate_private_key_b9( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *_ciphertext) { uint8_t t[32U]; - H_a9_41(Eurydice_array_to_subslice2( + H_a9_ac(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)4U, (size_t)768U * (size_t)4U + (size_t)32U, uint8_t), t); @@ -4448,9 +4444,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $4size_t */ -typedef struct IndCpaPrivateKeyUnpacked_01_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; -} IndCpaPrivateKeyUnpacked_01; +typedef struct IndCpaPrivateKeyUnpacked_39_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[4U]; +} IndCpaPrivateKeyUnpacked_39; /** This function found in impl {(core::default::Default for @@ -4463,12 +4459,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static IndCpaPrivateKeyUnpacked_01 default_1a_3c(void) { - IndCpaPrivateKeyUnpacked_01 lit; - lit.secret_as_ntt[0U] = ZERO_ef_05(); - lit.secret_as_ntt[1U] = ZERO_ef_05(); - lit.secret_as_ntt[2U] = ZERO_ef_05(); - lit.secret_as_ntt[3U] = ZERO_ef_05(); +static IndCpaPrivateKeyUnpacked_39 default_1a_42(void) { + IndCpaPrivateKeyUnpacked_39 lit; + lit.secret_as_ntt[0U] = ZERO_ef_61(); + lit.secret_as_ntt[1U] = ZERO_ef_61(); + lit.secret_as_ntt[2U] = ZERO_ef_61(); + lit.secret_as_ntt[3U] = ZERO_ef_61(); return lit; } @@ -4478,11 +4474,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $4size_t */ -typedef struct IndCpaPublicKeyUnpacked_01_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[4U]; +typedef struct IndCpaPublicKeyUnpacked_39_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 t_as_ntt[4U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[4U][4U]; -} IndCpaPublicKeyUnpacked_01; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 A[4U][4U]; +} IndCpaPublicKeyUnpacked_39; /** This function found in impl {(core::default::Default for @@ -4495,32 +4491,32 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static IndCpaPublicKeyUnpacked_01 default_8d_89(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[4U]; +static IndCpaPublicKeyUnpacked_39 default_8d_42(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - uu____0[i] = ZERO_ef_05();); + uu____0[i] = ZERO_ef_61();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_01 lit; + IndCpaPublicKeyUnpacked_39 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_05(); - lit.A[0U][1U] = ZERO_ef_05(); - lit.A[0U][2U] = ZERO_ef_05(); - lit.A[0U][3U] = ZERO_ef_05(); - lit.A[1U][0U] = ZERO_ef_05(); - lit.A[1U][1U] = ZERO_ef_05(); - lit.A[1U][2U] = ZERO_ef_05(); - lit.A[1U][3U] = ZERO_ef_05(); - lit.A[2U][0U] = ZERO_ef_05(); - lit.A[2U][1U] = ZERO_ef_05(); - lit.A[2U][2U] = ZERO_ef_05(); - lit.A[2U][3U] = ZERO_ef_05(); - lit.A[3U][0U] = ZERO_ef_05(); - lit.A[3U][1U] = ZERO_ef_05(); - lit.A[3U][2U] = ZERO_ef_05(); - lit.A[3U][3U] = ZERO_ef_05(); + lit.A[0U][0U] = ZERO_ef_61(); + lit.A[0U][1U] = ZERO_ef_61(); + lit.A[0U][2U] = ZERO_ef_61(); + lit.A[0U][3U] = ZERO_ef_61(); + lit.A[1U][0U] = ZERO_ef_61(); + lit.A[1U][1U] = ZERO_ef_61(); + lit.A[1U][2U] = ZERO_ef_61(); + lit.A[1U][3U] = ZERO_ef_61(); + lit.A[2U][0U] = ZERO_ef_61(); + lit.A[2U][1U] = ZERO_ef_61(); + lit.A[2U][2U] = ZERO_ef_61(); + lit.A[2U][3U] = ZERO_ef_61(); + lit.A[3U][0U] = ZERO_ef_61(); + lit.A[3U][1U] = ZERO_ef_61(); + lit.A[3U][2U] = ZERO_ef_61(); + lit.A[3U][3U] = ZERO_ef_61(); return lit; } @@ -4533,7 +4529,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void G_a9_9f(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_ac(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -4547,7 +4543,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_75( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_6a( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4558,7 +4554,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_75( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)4U; uint8_t ret0[64U]; - G_a9_9f(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_ac(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -4569,8 +4565,8 @@ generics - K= 4 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_96(uint8_t input[4U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_29 state = +shake128_init_absorb_final_ac(uint8_t input[4U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_55 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( &state, Eurydice_array_to_slice((size_t)34U, input[0U], uint8_t), @@ -4591,11 +4587,11 @@ generics - K= 4 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_a9_c1(uint8_t input[4U][34U]) { +shake128_init_absorb_final_a9_ac(uint8_t input[4U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[4U][34U]; memcpy(copy_of_input, input, (size_t)4U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_96(copy_of_input); + return shake128_init_absorb_final_ac(copy_of_input); } /** @@ -4604,7 +4600,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_08( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_ac( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[4U][504U]) { uint8_t out[4U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -4641,9 +4637,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_7a( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_ac( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[4U][504U]) { - shake128_squeeze_first_three_blocks_08(self, ret); + shake128_squeeze_first_three_blocks_ac(self, ret); } /** @@ -4694,7 +4690,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_78( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -4732,7 +4728,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_01( +static KRML_MUSTINLINE void shake128_squeeze_next_block_ac( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[4U][168U]) { uint8_t out[4U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -4769,9 +4765,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_9f( +static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_ac( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[4U][168U]) { - shake128_squeeze_next_block_01(self, ret); + shake128_squeeze_next_block_ac(self, ret); } /** @@ -4822,7 +4818,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe0( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_780( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -4860,9 +4856,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_b4( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f6 closure_6c( int16_t s[272U]) { - return from_i16_array_ef_ef( + return from_i16_array_ef_61( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -4872,46 +4868,46 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_90( +static KRML_MUSTINLINE void sample_from_xof_6c( uint8_t seeds[4U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[4U]) { size_t sampled_coefficients[4U] = {0U}; int16_t out[4U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_final_a9_c1(copy_of_seeds); + shake128_init_absorb_final_a9_ac(copy_of_seeds); uint8_t randomness0[4U][504U]; - shake128_squeeze_first_three_blocks_a9_7a(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_a9_ac(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fe( + bool done = sample_from_uniform_distribution_next_78( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[4U][168U]; - shake128_squeeze_next_block_a9_9f(&xof_state, randomness); + shake128_squeeze_next_block_a9_ac(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fe0( + done = sample_from_uniform_distribution_next_780( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[4U][272U]; memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_b4(copy_of_out[i]);); + ret0[i] = closure_6c(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -4920,8 +4916,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_ee( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[4U], +static KRML_MUSTINLINE void sample_matrix_A_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*A_transpose)[4U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR4( i0, (size_t)0U, (size_t)4U, (size_t)1U, size_t i1 = i0; @@ -4936,25 +4932,23 @@ static KRML_MUSTINLINE void sample_matrix_A_ee( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[4U]; - sample_from_xof_90(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sampled[4U]; + sample_from_xof_6c(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -4963,7 +4957,7 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_fb(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_44(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { uint8_t out[4U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -5004,9 +4998,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_b2(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_44(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { - PRFxN_fb(input, ret); + PRFxN_44(input, ret); } /** @@ -5017,8 +5011,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b4( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5027,16 +5021,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b0( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_a9_b2(prf_inputs, prf_outputs); + PRFxN_a9_44(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_d7( + re_as_ntt[i0] = sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_61(&re_as_ntt[i0]);); return domain_separator; } @@ -5046,10 +5042,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_avx2_SIMD256Vector[4size_t], uint8_t */ -typedef struct tuple_71_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 fst[4U]; +typedef struct tuple_dd_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 fst[4U]; uint8_t snd; -} tuple_71; +} tuple_dd; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -5059,27 +5055,27 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_81( +static KRML_MUSTINLINE tuple_dd sample_vector_cbd_then_ntt_out_b4( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_05();); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_61();); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b0(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b4(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 result; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_dd lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -5093,9 +5089,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_4f( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(Eurydice_array_to_slice( (size_t)16U, self->coefficients, __m256i), @@ -5113,37 +5109,37 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[4U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*matrix_A)[4U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[4U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[4U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[4U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[4U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = ZERO_ef_61(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_4f(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_42(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_61(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5156,47 +5152,47 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_a4( +static void generate_keypair_unpacked_22( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_01 *private_key, - IndCpaPublicKeyUnpacked_01 *public_key) { + IndCpaPrivateKeyUnpacked_39 *private_key, + IndCpaPublicKeyUnpacked_39 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_75(key_generation_seed, hashed); + cpa_keygen_seed_d8_6a(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____1)[4U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____1)[4U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ee(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_6c(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b0(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b4(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_81(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_b4(copy_of_prf_input, domain_separator) .fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_2d(public_key->t_as_ntt, public_key->A, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compute_As_plus_e_42(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -5212,18 +5208,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_6a0( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_bb0( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_01 private_key = default_1a_3c(); - IndCpaPublicKeyUnpacked_01 public_key = default_8d_89(); - generate_keypair_unpacked_a4(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_39 private_key = default_1a_42(); + IndCpaPublicKeyUnpacked_39 public_key = default_8d_42(); + generate_keypair_unpacked_22(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_ca( + serialize_public_key_1e( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_99(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_78(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5232,12 +5228,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_6a0( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5247,7 +5243,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_1f0( +static KRML_MUSTINLINE void serialize_kem_secret_key_5e( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5273,7 +5269,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_1f0( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_41(public_key, ret0); + H_a9_ac(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -5303,7 +5299,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d60(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5312,13 +5308,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_6a0(ind_cpa_keypair_randomness); + generate_keypair_bb0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_1f0( + serialize_kem_secret_key_5e( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5326,14 +5322,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[3168U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_af1(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_83 private_key = + libcrux_ml_kem_types_from_7f_39(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_83 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee1( - uu____2, libcrux_ml_kem_types_from_5a_671(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_94( + uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); } /** @@ -5346,8 +5342,8 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_640(Eurydice_slice randomness, - uint8_t ret[32U]) { +static KRML_MUSTINLINE void entropy_preprocess_d8_6a(Eurydice_slice randomness, + uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), randomness, uint8_t); @@ -5362,11 +5358,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; +static KRML_MUSTINLINE tuple_dd +sample_ring_element_cbd_b4(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - error_1[i] = ZERO_ef_05();); + error_1[i] = ZERO_ef_61();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -5374,28 +5370,30 @@ sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_a9_b2(prf_inputs, prf_outputs); + PRFxN_a9_44(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____1 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_error_1[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_error_1[4U]; memcpy( copy_of_error_1, error_1, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_71 result; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_dd lit; memcpy( - result.fst, copy_of_error_1, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -5408,9 +5406,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_160(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_440(Eurydice_slice input, uint8_t ret[128U]) { - PRF_960(input, ret); + PRF_a6(input, ret); } /** @@ -5419,18 +5417,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8f( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f7(&zeta_i, re); - invert_ntt_at_layer_2_98(&zeta_i, re); - invert_ntt_at_layer_3_fe(&zeta_i, re); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_a9(re); + invert_ntt_at_layer_1_61(&zeta_i, re); + invert_ntt_at_layer_2_61(&zeta_i, re); + invert_ntt_at_layer_3_61(&zeta_i, re); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_61(re); } /** @@ -5439,46 +5437,42 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_dd( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[4U]; +static KRML_MUSTINLINE void compute_vector_u_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*a_as_ntt)[4U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result0[i] = ZERO_ef_05();); + result[i] = ZERO_ef_61();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[4U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[4U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[4U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[4U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_4f(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_42(&result[i1], &product); } - invert_ntt_montgomery_8f(&result0[i1]); - add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_42(&result[i1]); + add_error_reduce_ef_61(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; - memcpy( - result, result0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -5487,19 +5481,19 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_77( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_ring_element_v_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_4f(&result, &product);); - invert_ntt_montgomery_8f(&result); - result = add_message_error_reduce_ef_79(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_42(&result, &product);); + invert_ntt_montgomery_42(&result); + result = add_message_error_reduce_ef_61(error_2, message, result); return result; } @@ -5509,14 +5503,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_17( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { +static KRML_MUSTINLINE void compress_then_serialize_11_0e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_09_740(to_unsigned_representative_3f(re->coefficients[i0])); + compress_09_c4(to_unsigned_representative_61(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5534,11 +5528,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_9e( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { - uint8_t uu____0[352U]; - compress_then_serialize_11_17(re, uu____0); - memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_6f( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[352U]) { + uint8_t result[352U]; + compress_then_serialize_11_0e(re, result); + memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); } /** @@ -5550,23 +5544,23 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_42( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], +static void compress_then_serialize_u_c9( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_9e(&re, ret); + compress_then_serialize_ring_element_u_6f(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5579,9 +5573,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_d1( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_03(re, out); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice out) { + compress_then_serialize_5_61(re, out); } /** @@ -5601,57 +5595,57 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_a4(IndCpaPublicKeyUnpacked_01 *public_key, +static void encrypt_unpacked_74(IndCpaPublicKeyUnpacked_39 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_81(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[4U]; + tuple_dd uu____1 = sample_vector_cbd_then_ntt_out_b4(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____3 = - sample_ring_element_cbd_a0(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; + tuple_dd uu____3 = + sample_ring_element_cbd_b4(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[4U]; memcpy( error_1, uu____3.fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_160(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_440(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_2 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_dd(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u[4U]; + compute_vector_u_42(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_d3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_77(public_key->t_as_ntt, r_as_ntt, &error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message_as_ring_element = + deserialize_then_decompress_message_61(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + compute_ring_element_v_42(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____5[4U]; memcpy( uu____5, u, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_42( + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compress_then_serialize_u_c9( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_d1( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____6 = v; + compress_then_serialize_ring_element_v_ff( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -5674,26 +5668,26 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_740(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { - IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_89(); - deserialize_ring_elements_reduced_53( + IndCpaPublicKeyUnpacked_39 unpacked_public_key = default_8d_42(); + deserialize_ring_elements_reduced_42( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1536U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____0)[4U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____0)[4U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ee(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_01 *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_6c(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_39 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1568U]; - encrypt_unpacked_a4(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + uint8_t ret1[1568U]; + encrypt_unpacked_74(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } /** @@ -5707,8 +5701,8 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_160(Eurydice_slice shared_secret, - uint8_t ret[32U]) { +static KRML_MUSTINLINE void kdf_d8_5e(Eurydice_slice shared_secret, + uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), shared_secret, uint8_t); @@ -5734,27 +5728,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_a10( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_ind_cca_encapsulate_700( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_640( + entropy_preprocess_d8_6a( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_41(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), + H_a9_ac(Eurydice_array_to_slice( + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_af(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_9f(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_ac(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -5762,25 +5756,25 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_a10( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_af(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_6f0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_740(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_45(copy_of_ciphertext); + libcrux_ml_kem_types_MlKemCiphertext_64 ciphertext0 = + libcrux_ml_kem_types_from_01_af(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_160(shared_secret, shared_secret_array); - libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; + kdf_d8_5e(shared_secret, shared_secret_array); + libcrux_ml_kem_types_MlKemCiphertext_64 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_21 lit; + tuple_fa lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -5792,12 +5786,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_540( +static KRML_MUSTINLINE void deserialize_secret_key_42( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_05();); + secret_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -5808,17 +5802,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_540( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6c(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_uncompressed_ring_element_61(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; memcpy( - result, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, secret_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -5827,9 +5817,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_79(Eurydice_slice serialized) { - return deserialize_then_decompress_11_d5(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_ring_element_u_85(Eurydice_slice serialized) { + return deserialize_then_decompress_11_61(serialized); } /** @@ -5838,17 +5828,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_b7( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void ntt_vector_u_85( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_ba(&zeta_i, re); - ntt_at_layer_2_89(&zeta_i, re); - ntt_at_layer_1_d7(&zeta_i, re); - poly_barrett_reduce_ef_a9(re); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_61(&zeta_i, re); + ntt_at_layer_2_61(&zeta_i, re); + ntt_at_layer_1_61(&zeta_i, re); + poly_barrett_reduce_ef_61(re); } /** @@ -5859,12 +5849,12 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_25( +static KRML_MUSTINLINE void deserialize_then_decompress_u_1e( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_05();); + u_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1568U, ciphertext, uint8_t), @@ -5882,12 +5872,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_25( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_79(u_bytes); - ntt_vector_u_b7(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_85(u_bytes); + ntt_vector_u_85(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -5896,9 +5886,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_b9(Eurydice_slice serialized) { - return deserialize_then_decompress_5_f8(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +deserialize_then_decompress_ring_element_v_b4(Eurydice_slice serialized) { + return deserialize_then_decompress_5_61(serialized); } /** @@ -5907,18 +5897,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7d( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_message_42( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_4f(&result, &product);); - invert_ntt_montgomery_8f(&result); - result = subtract_reduce_ef_da(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_42(&result, &product);); + invert_ntt_montgomery_42(&result); + result = subtract_reduce_ef_61(v, result); return result; } @@ -5932,18 +5922,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_9d(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_37(IndCpaPrivateKeyUnpacked_39 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_25(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_b9( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[4U]; + deserialize_then_decompress_u_1e(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + deserialize_then_decompress_ring_element_v_b4( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7d(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message = + compute_message_42(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_dd(message, ret0); + compress_then_serialize_message_61(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5957,22 +5947,22 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_750(Eurydice_slice secret_key, uint8_t *ciphertext, - uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_540(secret_key, secret_as_ntt); +static void decrypt_37(Eurydice_slice secret_key, uint8_t *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[4U]; + deserialize_secret_key_42(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_secret_as_ntt[4U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - IndCpaPrivateKeyUnpacked_01 secret_key_unpacked; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + IndCpaPrivateKeyUnpacked_39 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_9d(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + uint8_t ret0[32U]; + decrypt_unpacked_37(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -5985,8 +5975,8 @@ with const generics - K= 4 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_16(Eurydice_slice input, uint8_t ret[32U]) { - PRF_96(input, ret); +static KRML_MUSTINLINE void PRF_a9_44(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -6011,9 +6001,9 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f0( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { +void libcrux_ml_kem_ind_cca_decapsulate_a10( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)3168U, private_key->value, uint8_t), (size_t)1536U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6029,9 +6019,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_750(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_37(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -6039,7 +6029,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f0( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_9f(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_ac(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -6047,31 +6037,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f0( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1600U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_7f(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_40(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_af(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_16(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), + PRF_a9_44(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_6f0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_740(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_160(Eurydice_array_to_slice( - (size_t)32U, implicit_rejection_shared_secret0, uint8_t), - implicit_rejection_shared_secret); + kdf_d8_5e(Eurydice_array_to_slice((size_t)32U, + implicit_rejection_shared_secret0, uint8_t), + implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_160(shared_secret0, shared_secret1); + kdf_d8_5e(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_40(ciphertext), + libcrux_ml_kem_types_as_ref_00_af(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6086,9 +6076,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_530( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_89( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -6099,8 +6089,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_530( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_dc(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_reduced_ring_element_61(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6111,16 +6101,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_cc( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_89( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_05();); - deserialize_ring_elements_reduced_530(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_61();); + deserialize_ring_elements_reduced_89(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[2U]; + memcpy( + result, deserialized_pk, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy( - ret, deserialized_pk, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, result, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -6130,25 +6124,25 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_990( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, +static KRML_MUSTINLINE void serialize_secret_key_29( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_2c(&re, ret0); + serialize_uncompressed_ring_element_61(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -6163,13 +6157,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_6c0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_ba( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_990(t_as_ntt, ret); + serialize_secret_key_29(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6186,14 +6180,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_ca0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_ba( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_6c0(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[800U]; - memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_ba(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } /** @@ -6204,15 +6196,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_52(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_cc( +bool libcrux_ml_kem_ind_cca_validate_public_key_ba(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[2U]; + deserialize_ring_elements_reduced_out_89( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_ca0( + serialize_public_key_ba( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6230,7 +6222,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void H_a9_410(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_fd(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -6242,14 +6234,14 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_70( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { +bool libcrux_ml_kem_ind_cca_validate_private_key_ad( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *_ciphertext) { uint8_t t[32U]; - H_a9_410(Eurydice_array_to_subslice2( - private_key->value, (size_t)384U * (size_t)2U, - (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), - t); + H_a9_fd(Eurydice_array_to_subslice2( + private_key->value, (size_t)384U * (size_t)2U, + (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), + t); Eurydice_slice expected = Eurydice_array_to_subslice2( private_key->value, (size_t)768U * (size_t)2U + (size_t)32U, (size_t)768U * (size_t)2U + (size_t)64U, uint8_t); @@ -6263,9 +6255,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $2size_t */ -typedef struct IndCpaPrivateKeyUnpacked_d6_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; -} IndCpaPrivateKeyUnpacked_d6; +typedef struct IndCpaPrivateKeyUnpacked_94_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[2U]; +} IndCpaPrivateKeyUnpacked_94; /** This function found in impl {(core::default::Default for @@ -6278,10 +6270,10 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static IndCpaPrivateKeyUnpacked_d6 default_1a_3c0(void) { - IndCpaPrivateKeyUnpacked_d6 lit; - lit.secret_as_ntt[0U] = ZERO_ef_05(); - lit.secret_as_ntt[1U] = ZERO_ef_05(); +static IndCpaPrivateKeyUnpacked_94 default_1a_89(void) { + IndCpaPrivateKeyUnpacked_94 lit; + lit.secret_as_ntt[0U] = ZERO_ef_61(); + lit.secret_as_ntt[1U] = ZERO_ef_61(); return lit; } @@ -6291,11 +6283,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $2size_t */ -typedef struct IndCpaPublicKeyUnpacked_d6_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[2U]; +typedef struct IndCpaPublicKeyUnpacked_94_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 t_as_ntt[2U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[2U][2U]; -} IndCpaPublicKeyUnpacked_d6; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 A[2U][2U]; +} IndCpaPublicKeyUnpacked_94; /** This function found in impl {(core::default::Default for @@ -6308,20 +6300,20 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static IndCpaPublicKeyUnpacked_d6 default_8d_890(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[2U]; +static IndCpaPublicKeyUnpacked_94 default_8d_89(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - uu____0[i] = ZERO_ef_05();); + uu____0[i] = ZERO_ef_61();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_d6 lit; + IndCpaPublicKeyUnpacked_94 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_05(); - lit.A[0U][1U] = ZERO_ef_05(); - lit.A[1U][0U] = ZERO_ef_05(); - lit.A[1U][1U] = ZERO_ef_05(); + lit.A[0U][0U] = ZERO_ef_61(); + lit.A[0U][1U] = ZERO_ef_61(); + lit.A[1U][0U] = ZERO_ef_61(); + lit.A[1U][1U] = ZERO_ef_61(); return lit; } @@ -6334,7 +6326,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void G_a9_9f0(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_fd(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -6348,7 +6340,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_750( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_f8( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6359,7 +6351,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_750( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)2U; uint8_t ret0[64U]; - G_a9_9f0(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_fd(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -6370,8 +6362,8 @@ generics - K= 2 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_960(uint8_t input[2U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_29 state = +shake128_init_absorb_final_fd(uint8_t input[2U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_55 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( &state, Eurydice_array_to_slice((size_t)34U, input[0U], uint8_t), @@ -6392,11 +6384,11 @@ generics - K= 2 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_final_a9_c10(uint8_t input[2U][34U]) { +shake128_init_absorb_final_a9_fd(uint8_t input[2U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[2U][34U]; memcpy(copy_of_input, input, (size_t)2U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_960(copy_of_input); + return shake128_init_absorb_final_fd(copy_of_input); } /** @@ -6405,7 +6397,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_080( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_fd( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[2U][504U]) { uint8_t out[2U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -6436,9 +6428,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_first_three_blocks_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_7a0( +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_a9_fd( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[2U][504U]) { - shake128_squeeze_first_three_blocks_080(self, ret); + shake128_squeeze_first_three_blocks_fd(self, ret); } /** @@ -6489,7 +6481,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe1( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_29( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6527,7 +6519,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_010( +static KRML_MUSTINLINE void shake128_squeeze_next_block_fd( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[2U][168U]) { uint8_t out[2U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -6558,9 +6550,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_next_block_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_9f0( +static KRML_MUSTINLINE void shake128_squeeze_next_block_a9_fd( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[2U][168U]) { - shake128_squeeze_next_block_010(self, ret); + shake128_squeeze_next_block_fd(self, ret); } /** @@ -6611,7 +6603,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fe2( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_290( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6649,9 +6641,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_b40( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f6 closure_6c0( int16_t s[272U]) { - return from_i16_array_ef_ef( + return from_i16_array_ef_61( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -6661,46 +6653,46 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_900( +static KRML_MUSTINLINE void sample_from_xof_6c0( uint8_t seeds[2U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[2U]) { size_t sampled_coefficients[2U] = {0U}; int16_t out[2U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_final_a9_c10(copy_of_seeds); + shake128_init_absorb_final_a9_fd(copy_of_seeds); uint8_t randomness0[2U][504U]; - shake128_squeeze_first_three_blocks_a9_7a0(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_a9_fd(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fe1( + bool done = sample_from_uniform_distribution_next_29( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[2U][168U]; - shake128_squeeze_next_block_a9_9f0(&xof_state, randomness); + shake128_squeeze_next_block_a9_fd(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fe2( + done = sample_from_uniform_distribution_next_290( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[2U][272U]; memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_b40(copy_of_out[i]);); + ret0[i] = closure_6c0(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -6709,8 +6701,8 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_ee0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[2U], +static KRML_MUSTINLINE void sample_matrix_A_6c0( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*A_transpose)[2U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR2( i0, (size_t)0U, (size_t)2U, (size_t)1U, size_t i1 = i0; @@ -6725,25 +6717,23 @@ static KRML_MUSTINLINE void sample_matrix_A_ee0( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[2U]; - sample_from_xof_900(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sampled[2U]; + sample_from_xof_6c0(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -6752,8 +6742,8 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_fb0(uint8_t (*input)[33U], - uint8_t ret[2U][192U]) { +static KRML_MUSTINLINE void PRFxN_49(uint8_t (*input)[33U], + uint8_t ret[2U][192U]) { uint8_t out[2U][192U] = {{0U}}; uint8_t out0[192U] = {0U}; uint8_t out1[192U] = {0U}; @@ -6787,9 +6777,9 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_a9_b20(uint8_t (*input)[33U], - uint8_t ret[2U][192U]) { - PRFxN_fb0(input, ret); +static KRML_MUSTINLINE void PRFxN_a9_49(uint8_t (*input)[33U], + uint8_t ret[2U][192U]) { + PRFxN_49(input, ret); } /** @@ -6798,9 +6788,9 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_d70(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_20(randomness); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +sample_from_binomial_distribution_ab(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_61(randomness); } /** @@ -6811,8 +6801,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b00( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b40( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -6821,16 +6811,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b00( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][192U]; - PRFxN_a9_b20(prf_inputs, prf_outputs); + PRFxN_a9_49(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_d70( + re_as_ntt[i0] = sample_from_binomial_distribution_ab( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_61(&re_as_ntt[i0]);); return domain_separator; } @@ -6840,10 +6832,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_avx2_SIMD256Vector[2size_t], uint8_t */ -typedef struct tuple_74_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 fst[2U]; +typedef struct tuple_40_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 fst[2U]; uint8_t snd; -} tuple_74; +} tuple_40; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -6853,27 +6845,27 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_810( +static KRML_MUSTINLINE tuple_40 sample_vector_cbd_then_ntt_out_b40( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_05();); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_61();); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b00(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_b40(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 result; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_40 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -6887,9 +6879,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_4f0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(Eurydice_array_to_slice( (size_t)16U, self->coefficients, __m256i), @@ -6907,37 +6899,37 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[2U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*matrix_A)[2U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[2U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[2U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[2U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[2U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = ZERO_ef_61(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_4f0(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_89(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_34(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_61(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6950,47 +6942,47 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_a40( +static void generate_keypair_unpacked_220( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_d6 *private_key, - IndCpaPublicKeyUnpacked_d6 *public_key) { + IndCpaPrivateKeyUnpacked_94 *private_key, + IndCpaPublicKeyUnpacked_94 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_750(key_generation_seed, hashed); + cpa_keygen_seed_d8_f8(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____1)[2U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____1)[2U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ee0(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_6c0(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b00(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_b40(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_810(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_b40(copy_of_prf_input, domain_separator) .fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_2d0(public_key->t_as_ntt, public_key->A, - private_key->secret_as_ntt, error_as_ntt); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compute_As_plus_e_89(public_key->t_as_ntt, public_key->A, + private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -7006,18 +6998,18 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_6a( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_bb( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_3c0(); - IndCpaPublicKeyUnpacked_d6 public_key = default_8d_890(); - generate_keypair_unpacked_a40(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_94 private_key = default_1a_89(); + IndCpaPublicKeyUnpacked_94 public_key = default_8d_89(); + generate_keypair_unpacked_220(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_ca0( + serialize_public_key_ba( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_990(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_29(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -7026,12 +7018,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_6a( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -7041,7 +7033,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_1f( +static KRML_MUSTINLINE void serialize_kem_secret_key_4d( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -7067,7 +7059,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_1f( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_410(public_key, ret0); + H_a9_fd(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -7096,7 +7088,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( +libcrux_ml_kem_types_MlKemKeyPair_3e libcrux_ml_kem_ind_cca_generate_keypair_d6( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -7106,13 +7098,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_6a(ind_cpa_keypair_randomness); + generate_keypair_bb(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_1f( + serialize_kem_secret_key_4d( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7120,14 +7112,14 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_0b( uint8_t copy_of_secret_key_serialized[1632U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_fa private_key = + libcrux_ml_kem_types_from_7f_2a(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_fa uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_fa( + uu____2, libcrux_ml_kem_types_from_5a_4d(copy_of_public_key)); } /** @@ -7140,7 +7132,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_64(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_f8(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7154,7 +7146,7 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_fb1(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_490(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { uint8_t out[2U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -7189,9 +7181,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_b21(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_490(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { - PRFxN_fb1(input, ret); + PRFxN_490(input, ret); } /** @@ -7202,11 +7194,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; +static KRML_MUSTINLINE tuple_40 +sample_ring_element_cbd_b40(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - error_1[i] = ZERO_ef_05();); + error_1[i] = ZERO_ef_61();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -7214,28 +7206,30 @@ sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][128U]; - PRFxN_a9_b21(prf_inputs, prf_outputs); + PRFxN_a9_490(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____1 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_error_1[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_error_1[2U]; memcpy( copy_of_error_1, error_1, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_74 result; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_40 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -7248,9 +7242,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_162(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_490(Eurydice_slice input, uint8_t ret[128U]) { - PRF_960(input, ret); + PRF_a6(input, ret); } /** @@ -7259,18 +7253,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_8f0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_f7(&zeta_i, re); - invert_ntt_at_layer_2_98(&zeta_i, re); - invert_ntt_at_layer_3_fe(&zeta_i, re); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_bc(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_a9(re); + invert_ntt_at_layer_1_61(&zeta_i, re); + invert_ntt_at_layer_2_61(&zeta_i, re); + invert_ntt_at_layer_3_61(&zeta_i, re); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_61(re); } /** @@ -7279,46 +7273,42 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_dd0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[2U]; +static KRML_MUSTINLINE void compute_vector_u_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*a_as_ntt)[2U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result0[i] = ZERO_ef_05();); + result[i] = ZERO_ef_61();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[2U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[2U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[2U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[2U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_4f0(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_89(&result[i1], &product); } - invert_ntt_montgomery_8f0(&result0[i1]); - add_error_reduce_ef_dd(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_89(&result[i1]); + add_error_reduce_ef_61(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; - memcpy( - result, result0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -7327,19 +7317,19 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_770( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_ring_element_v_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_4f0(&result, &product);); - invert_ntt_montgomery_8f0(&result); - result = add_message_error_reduce_ef_79(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_89(&result, &product);); + invert_ntt_montgomery_89(&result); + result = add_message_error_reduce_ef_61(error_2, message, result); return result; } @@ -7352,23 +7342,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_420( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], +static void compress_then_serialize_u_2d( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_9e0(&re, ret); + compress_then_serialize_ring_element_u_a4(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7391,57 +7381,57 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_a40(IndCpaPublicKeyUnpacked_d6 *public_key, +static void encrypt_unpacked_740(IndCpaPublicKeyUnpacked_94 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_810(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[2U]; + tuple_40 uu____1 = sample_vector_cbd_then_ntt_out_b40(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____3 = - sample_ring_element_cbd_a00(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; + tuple_40 uu____3 = + sample_ring_element_cbd_b40(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[2U]; memcpy( error_1, uu____3.fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_162(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_490(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_2 = + sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_dd0(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u[2U]; + compute_vector_u_89(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_d3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_770(public_key->t_as_ntt, r_as_ntt, &error_2, - &message_as_ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message_as_ring_element = + deserialize_then_decompress_message_61(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + compute_ring_element_v_89(public_key->t_as_ntt, r_as_ntt, &error_2, + &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____5[2U]; memcpy( uu____5, u, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_420( + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + compress_then_serialize_u_2d( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_d10( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____6 = v; + compress_then_serialize_ring_element_v_78( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7464,26 +7454,26 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_6f(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_74(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { - IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_890(); - deserialize_ring_elements_reduced_530( + IndCpaPublicKeyUnpacked_94 unpacked_public_key = default_8d_89(); + deserialize_ring_elements_reduced_89( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)768U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____0)[2U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____0)[2U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ee0(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_d6 *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_6c0(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_94 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[768U]; - encrypt_unpacked_a40(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + uint8_t ret1[768U]; + encrypt_unpacked_740(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } /** @@ -7497,7 +7487,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_16(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_4d(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7524,27 +7514,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_a1( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_ind_cca_encapsulate_70( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_64( + entropy_preprocess_d8_f8( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_410(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), - uint8_t), - ret); + H_a9_fd(Eurydice_array_to_slice( + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_4d(public_key), + uint8_t), + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_9f0(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_fd(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7552,25 +7542,25 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_a1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_4d(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_6f(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_74(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_450(copy_of_ciphertext); + libcrux_ml_kem_types_MlKemCiphertext_1a ciphertext0 = + libcrux_ml_kem_types_from_01_d0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_16(shared_secret, shared_secret_array); - libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; + kdf_d8_4d(shared_secret, shared_secret_array); + libcrux_ml_kem_types_MlKemCiphertext_1a uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_ec lit; + tuple_41 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -7582,12 +7572,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_54( +static KRML_MUSTINLINE void deserialize_secret_key_89( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_05();); + secret_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -7598,17 +7588,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_54( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_6c(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + deserialize_to_uncompressed_ring_element_61(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; - memcpy( - result, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( - ret, result, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, secret_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -7619,12 +7605,12 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_250( +static KRML_MUSTINLINE void deserialize_then_decompress_u_ba( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_05();); + u_as_ntt[i] = ZERO_ef_61();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)768U, ciphertext, uint8_t), @@ -7642,12 +7628,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_250( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_790(u_bytes); - ntt_vector_u_b70(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_ee(u_bytes); + ntt_vector_u_ee(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -7656,18 +7642,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_7d0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +compute_message_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = ZERO_ef_61(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_ef_b2(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_4f0(&result, &product);); - invert_ntt_montgomery_8f0(&result); - result = subtract_reduce_ef_da(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + ntt_multiply_ef_61(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_89(&result, &product);); + invert_ntt_montgomery_89(&result); + result = subtract_reduce_ef_61(v, result); return result; } @@ -7681,18 +7667,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_9d0(IndCpaPrivateKeyUnpacked_d6 *secret_key, - uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_250(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_b90( +static void decrypt_unpacked_4b(IndCpaPrivateKeyUnpacked_94 *secret_key, + uint8_t *ciphertext, uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[2U]; + deserialize_then_decompress_u_ba(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + deserialize_then_decompress_ring_element_v_42( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_7d0(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message = + compute_message_89(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_dd(message, ret0); + compress_then_serialize_message_61(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7706,22 +7692,22 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_75(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_4b(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_54(secret_key, secret_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[2U]; + deserialize_secret_key_89(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_secret_as_ntt[2U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - IndCpaPrivateKeyUnpacked_d6 secret_key_unpacked; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + IndCpaPrivateKeyUnpacked_94 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - decrypt_unpacked_9d0(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + uint8_t ret0[32U]; + decrypt_unpacked_4b(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -7734,8 +7720,8 @@ with const generics - K= 2 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_161(Eurydice_slice input, uint8_t ret[32U]) { - PRF_96(input, ret); +static KRML_MUSTINLINE void PRF_a9_49(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -7760,9 +7746,9 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_7f( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { +void libcrux_ml_kem_ind_cca_decapsulate_a1( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)1632U, private_key->value, uint8_t), (size_t)768U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -7778,9 +7764,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_75(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_4b(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -7788,7 +7774,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_9f0(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_fd(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7796,30 +7782,30 @@ void libcrux_ml_kem_ind_cca_decapsulate_7f( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[800U]; - libcrux_ml_kem_utils_into_padded_array_424(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_4d(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_400(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_161(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), - implicit_rejection_shared_secret0); + PRF_a9_49(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), + implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_6f(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_74(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_16(Eurydice_array_to_slice((size_t)32U, + kdf_d8_4d(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_16(shared_secret0, shared_secret1); + kdf_d8_4d(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_400(ciphertext), + libcrux_ml_kem_types_as_ref_00_d0(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index 02a4b1c04..5acac13d5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem_avx2_H @@ -23,6 +23,7 @@ extern "C" { #include "libcrux_mlkem_portable.h" #include "libcrux_sha3.h" #include "libcrux_sha3_avx2.h" +#include "libcrux_sha3_internal.h" void libcrux_ml_kem_hash_functions_avx2_G(Eurydice_slice input, uint8_t ret[64U]); diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index 25021f8c9..5b88ac78e 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "internal/libcrux_mlkem_portable.h" @@ -75,11 +75,11 @@ libcrux_ml_kem_vector_portable_vector_type_from_i16_array( Eurydice_slice array) { libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; int16_t ret[16U]; - core_result_Result_c0 dst; + core_result_Result_0a dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(array, (size_t)0U, (size_t)16U, int16_t), Eurydice_slice, int16_t[16U]); - core_result_unwrap_26_30(dst, ret); + core_result_unwrap_26_00(dst, ret); memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t)); return lit; } @@ -199,6 +199,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_11( ret[21U] = r11_21.f10; } +void libcrux_ml_kem_vector_portable_serialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[22U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -206,7 +212,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_11_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); + libcrux_ml_kem_vector_portable_serialize_11(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -299,13 +305,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); + return libcrux_ml_kem_vector_portable_deserialize_11(a); } KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_vector_type_to_i16_array( @@ -1141,7 +1152,9 @@ uint8_t libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); + int16_t r0 = shifted_positive_in_range >> 15U; + int16_t r1 = r0 & (int16_t)1; + return (uint8_t)r1; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1190,8 +1203,10 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step( int16_t t = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( vec->elements[j], zeta); - vec->elements[j] = vec->elements[i] - t; - vec->elements[i] = vec->elements[i] + t; + int16_t a_minus_t = vec->elements[i] - t; + int16_t a_plus_t = vec->elements[i] + t; + vec->elements[j] = a_minus_t; + vec->elements[i] = a_plus_t; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1300,8 +1315,9 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step( libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, int16_t zeta, size_t i, size_t j) { int16_t a_minus_b = vec->elements[j] - vec->elements[i]; + int16_t a_plus_b = vec->elements[j] + vec->elements[i]; int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - vec->elements[i] + vec->elements[j]); + a_plus_b); int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( a_minus_b, zeta); @@ -1415,12 +1431,11 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, size_t j, - libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { - int16_t ai = a->elements[i]; - int16_t bi = b->elements[i]; - int16_t aj = a->elements[j]; - int16_t bj = b->elements[j]; + size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { + int16_t ai = a->elements[(size_t)2U * i]; + int16_t bi = b->elements[(size_t)2U * i]; + int16_t aj = a->elements[(size_t)2U * i + (size_t)1U]; + int16_t bj = b->elements[(size_t)2U * i + (size_t)1U]; int32_t ai_bi = (int32_t)ai * (int32_t)bi; int32_t aj_bj_ = (int32_t)aj * (int32_t)bj; int16_t aj_bj = @@ -1437,8 +1452,10 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( ai_bj_aj_bi); - out->elements[i] = o0; - out->elements[j] = o1; + int16_t _out0[16U]; + memcpy(_out0, out->elements, (size_t)16U * sizeof(int16_t)); + out->elements[(size_t)2U * i] = o0; + out->elements[(size_t)2U * i + (size_t)1U] = o1; } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1452,22 +1469,22 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply( int16_t nzeta3 = -zeta3; libcrux_ml_kem_vector_portable_vector_type_PortableVector out = libcrux_ml_kem_vector_portable_vector_type_zero(); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta0, (size_t)2U, (size_t)3U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta1, (size_t)6U, (size_t)7U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta2, (size_t)10U, (size_t)11U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta3, (size_t)14U, (size_t)15U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta0, + (size_t)0U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta0, + (size_t)1U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta1, + (size_t)2U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta1, + (size_t)3U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta2, + (size_t)4U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta2, + (size_t)5U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta3, + (size_t)6U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta3, + (size_t)7U, &out); return out; } @@ -1507,6 +1524,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_1( ret[1U] = result1; } +void libcrux_ml_kem_vector_portable_serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[2U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1514,7 +1537,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); + libcrux_ml_kem_vector_portable_serialize_1(a, ret); } KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1601,13 +1624,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); + return libcrux_ml_kem_vector_portable_deserialize_1(a); } KRML_MUSTINLINE uint8_t_x4 @@ -1657,6 +1685,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_4( ret[7U] = result4_7.f3; } +void libcrux_ml_kem_vector_portable_serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[8U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1664,7 +1698,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_4_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); + libcrux_ml_kem_vector_portable_serialize_4(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -1734,13 +1768,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); + return libcrux_ml_kem_vector_portable_deserialize_4(a); } KRML_MUSTINLINE uint8_t_x5 @@ -1788,6 +1827,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_5( ret[9U] = r5_9.f4; } +void libcrux_ml_kem_vector_portable_serialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[10U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1795,7 +1840,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_5_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); + libcrux_ml_kem_vector_portable_serialize_5(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -1876,13 +1921,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); + return libcrux_ml_kem_vector_portable_deserialize_5(a); } KRML_MUSTINLINE uint8_t_x5 @@ -1956,6 +2006,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_10( ret[19U] = r15_19.f4; } +void libcrux_ml_kem_vector_portable_serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[20U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1963,7 +2019,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_10_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); + libcrux_ml_kem_vector_portable_serialize_10(a, ret); } KRML_MUSTINLINE int16_t_x8 @@ -2052,13 +2108,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); + return libcrux_ml_kem_vector_portable_deserialize_10(a); } KRML_MUSTINLINE uint8_t_x3 @@ -2126,6 +2187,12 @@ KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_serialize_serialize_12( ret[23U] = r21_23.thd; } +void libcrux_ml_kem_vector_portable_serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[24U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2133,7 +2200,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} void libcrux_ml_kem_vector_portable_serialize_12_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); + libcrux_ml_kem_vector_portable_serialize_12(a, ret); } KRML_MUSTINLINE int16_t_x2 @@ -2191,13 +2258,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { return lit; } +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); + return libcrux_ml_kem_vector_portable_deserialize_12(a); } KRML_MUSTINLINE size_t libcrux_ml_kem_vector_portable_sampling_rej_sample( @@ -2290,8 +2362,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ZERO_ef_1b(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; +static libcrux_ml_kem_polynomial_PolynomialRingElement_1d ZERO_ef_8c(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[2U] = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -2317,9 +2389,9 @@ libcrux_ml_kem.serialize.deserialize_to_reduced_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_a5(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_to_reduced_ring_element_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2340,9 +2412,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_d0( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2353,8 +2425,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_a5(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_reduced_ring_element_8c(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2365,16 +2437,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_531( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_d0( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_da(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_8c();); + deserialize_ring_elements_reduced_d0(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[4U]; + memcpy( + result, deserialized_pk, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy( - ret, deserialized_pk, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, result, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -2383,7 +2459,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_95(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +shift_right_ef(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2402,8 +2478,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_9d(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_95(v); +shift_right_0d_ef(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_ef(v); } /** @@ -2413,10 +2489,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_representative_7c( +to_unsigned_representative_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_9d(a); + shift_right_0d_ef(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -2430,10 +2506,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_field_modulus_b0( +to_unsigned_field_modulus_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - to_unsigned_representative_7c(a); + to_unsigned_representative_8c(a); return result; } @@ -2443,14 +2519,14 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_8b( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_b0(re->coefficients[i0]); + to_unsigned_field_modulus_8c(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2470,25 +2546,25 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_5a( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, +static KRML_MUSTINLINE void serialize_secret_key_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_8b(&re, ret0); + serialize_uncompressed_ring_element_8c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -2503,13 +2579,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_3c( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_00( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_5a(t_as_ntt, ret); + serialize_secret_key_ff(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2526,14 +2602,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_07( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_00( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_3c(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1568U]; - memcpy(result, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + serialize_public_key_mut_00(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } /** @@ -2544,15 +2618,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf1(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_531( +bool libcrux_ml_kem_ind_cca_validate_public_key_00(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[4U]; + deserialize_ring_elements_reduced_out_d0( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_07( + serialize_public_key_00( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2570,7 +2644,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void H_f1_d5(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_ac(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -2582,11 +2656,11 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_ae( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { +bool libcrux_ml_kem_ind_cca_validate_private_key_b5( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *_ciphertext) { uint8_t t[32U]; - H_f1_d5(Eurydice_array_to_subslice2( + H_f1_ac(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)4U, (size_t)768U * (size_t)4U + (size_t)32U, uint8_t), t); @@ -2603,9 +2677,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $4size_t */ -typedef struct IndCpaPrivateKeyUnpacked_42_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; -} IndCpaPrivateKeyUnpacked_42; +typedef struct IndCpaPrivateKeyUnpacked_af_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[4U]; +} IndCpaPrivateKeyUnpacked_af; /** This function found in impl {(core::default::Default for @@ -2618,12 +2692,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static IndCpaPrivateKeyUnpacked_42 default_1a_e9(void) { - IndCpaPrivateKeyUnpacked_42 lit; - lit.secret_as_ntt[0U] = ZERO_ef_1b(); - lit.secret_as_ntt[1U] = ZERO_ef_1b(); - lit.secret_as_ntt[2U] = ZERO_ef_1b(); - lit.secret_as_ntt[3U] = ZERO_ef_1b(); +static IndCpaPrivateKeyUnpacked_af default_1a_d0(void) { + IndCpaPrivateKeyUnpacked_af lit; + lit.secret_as_ntt[0U] = ZERO_ef_8c(); + lit.secret_as_ntt[1U] = ZERO_ef_8c(); + lit.secret_as_ntt[2U] = ZERO_ef_8c(); + lit.secret_as_ntt[3U] = ZERO_ef_8c(); return lit; } @@ -2633,11 +2707,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $4size_t */ -typedef struct IndCpaPublicKeyUnpacked_42_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[4U]; +typedef struct IndCpaPublicKeyUnpacked_af_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[4U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[4U][4U]; -} IndCpaPublicKeyUnpacked_42; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[4U][4U]; +} IndCpaPublicKeyUnpacked_af; /** This function found in impl {(core::default::Default for @@ -2650,32 +2724,32 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static IndCpaPublicKeyUnpacked_42 default_8d_d1(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[4U]; +static IndCpaPublicKeyUnpacked_af default_8d_d0(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - uu____0[i] = ZERO_ef_1b();); + uu____0[i] = ZERO_ef_8c();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_42 lit; + IndCpaPublicKeyUnpacked_af lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_1b(); - lit.A[0U][1U] = ZERO_ef_1b(); - lit.A[0U][2U] = ZERO_ef_1b(); - lit.A[0U][3U] = ZERO_ef_1b(); - lit.A[1U][0U] = ZERO_ef_1b(); - lit.A[1U][1U] = ZERO_ef_1b(); - lit.A[1U][2U] = ZERO_ef_1b(); - lit.A[1U][3U] = ZERO_ef_1b(); - lit.A[2U][0U] = ZERO_ef_1b(); - lit.A[2U][1U] = ZERO_ef_1b(); - lit.A[2U][2U] = ZERO_ef_1b(); - lit.A[2U][3U] = ZERO_ef_1b(); - lit.A[3U][0U] = ZERO_ef_1b(); - lit.A[3U][1U] = ZERO_ef_1b(); - lit.A[3U][2U] = ZERO_ef_1b(); - lit.A[3U][3U] = ZERO_ef_1b(); + lit.A[0U][0U] = ZERO_ef_8c(); + lit.A[0U][1U] = ZERO_ef_8c(); + lit.A[0U][2U] = ZERO_ef_8c(); + lit.A[0U][3U] = ZERO_ef_8c(); + lit.A[1U][0U] = ZERO_ef_8c(); + lit.A[1U][1U] = ZERO_ef_8c(); + lit.A[1U][2U] = ZERO_ef_8c(); + lit.A[1U][3U] = ZERO_ef_8c(); + lit.A[2U][0U] = ZERO_ef_8c(); + lit.A[2U][1U] = ZERO_ef_8c(); + lit.A[2U][2U] = ZERO_ef_8c(); + lit.A[2U][3U] = ZERO_ef_8c(); + lit.A[3U][0U] = ZERO_ef_8c(); + lit.A[3U][1U] = ZERO_ef_8c(); + lit.A[3U][2U] = ZERO_ef_8c(); + lit.A[3U][3U] = ZERO_ef_8c(); return lit; } @@ -2688,7 +2762,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void G_f1_87(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_ac(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -2702,7 +2776,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_57( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_03( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2713,7 +2787,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_57( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)4U; uint8_t ret0[64U]; - G_f1_87(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_ac(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -2722,9 +2796,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash with const generics - $4size_t */ -typedef struct PortableHash_d1_s { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[4U]; -} PortableHash_d1; +typedef struct PortableHash_44_s { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[4U]; +} PortableHash_44; /** A monomorphic instance of @@ -2732,9 +2806,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const generics - K= 4 */ -static KRML_MUSTINLINE PortableHash_d1 -shake128_init_absorb_final_24(uint8_t input[4U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[4U]; +static KRML_MUSTINLINE PortableHash_44 +shake128_init_absorb_final_ac(uint8_t input[4U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[4U]; KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init();); @@ -2744,12 +2818,12 @@ shake128_init_absorb_final_24(uint8_t input[4U][34U]) { &shake128_state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t));); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[4U]; + libcrux_sha3_generic_keccak_KeccakState_17 copy_of_shake128_state[4U]; memcpy(copy_of_shake128_state, shake128_state, - (size_t)4U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - PortableHash_d1 lit; + (size_t)4U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); + PortableHash_44 lit; memcpy(lit.shake128_state, copy_of_shake128_state, - (size_t)4U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); + (size_t)4U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); return lit; } @@ -2763,12 +2837,12 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE PortableHash_d1 -shake128_init_absorb_final_f1_31(uint8_t input[4U][34U]) { +static KRML_MUSTINLINE PortableHash_44 +shake128_init_absorb_final_f1_ac(uint8_t input[4U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[4U][34U]; memcpy(copy_of_input, input, (size_t)4U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_24(copy_of_input); + return shake128_init_absorb_final_ac(copy_of_input); } /** @@ -2777,8 +2851,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_63( - PortableHash_d1 *st, uint8_t ret[4U][504U]) { +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_ac( + PortableHash_44 *st, uint8_t ret[4U][504U]) { uint8_t out[4U][504U] = {{0U}}; KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; @@ -2798,9 +2872,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_2f( - PortableHash_d1 *self, uint8_t ret[4U][504U]) { - shake128_squeeze_first_three_blocks_63(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_ac( + PortableHash_44 *self, uint8_t ret[4U][504U]) { + shake128_squeeze_first_three_blocks_ac(self, ret); } /** @@ -2851,7 +2925,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_71( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_ff( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -2889,8 +2963,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_11( - PortableHash_d1 *st, uint8_t ret[4U][168U]) { +static KRML_MUSTINLINE void shake128_squeeze_next_block_ac( + PortableHash_44 *st, uint8_t ret[4U][168U]) { uint8_t out[4U][168U] = {{0U}}; KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; @@ -2910,9 +2984,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_c4( - PortableHash_d1 *self, uint8_t ret[4U][168U]) { - shake128_squeeze_next_block_11(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_ac( + PortableHash_44 *self, uint8_t ret[4U][168U]) { + shake128_squeeze_next_block_ac(self, ret); } /** @@ -2963,7 +3037,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_710( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_ff0( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -3006,9 +3080,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -from_i16_array_ef_54(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +from_i16_array_ef_8c(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3028,9 +3102,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_eb( +static libcrux_ml_kem_polynomial_PolynomialRingElement_1d closure_2b( int16_t s[272U]) { - return from_i16_array_ef_54( + return from_i16_array_ef_8c( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -3041,45 +3115,45 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_bf( +static KRML_MUSTINLINE void sample_from_xof_2b( uint8_t seeds[4U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[4U]) { size_t sampled_coefficients[4U] = {0U}; int16_t out[4U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); - PortableHash_d1 xof_state = shake128_init_absorb_final_f1_31(copy_of_seeds); + PortableHash_44 xof_state = shake128_init_absorb_final_f1_ac(copy_of_seeds); uint8_t randomness0[4U][504U]; - shake128_squeeze_first_three_blocks_f1_2f(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_f1_ac(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_71( + bool done = sample_from_uniform_distribution_next_ff( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[4U][168U]; - shake128_squeeze_next_block_f1_c4(&xof_state, randomness); + shake128_squeeze_next_block_f1_ac(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_710( + done = sample_from_uniform_distribution_next_ff0( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[4U][272U]; memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_eb(copy_of_out[i]);); + ret0[i] = closure_2b(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -3089,8 +3163,8 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_0d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[4U], +static KRML_MUSTINLINE void sample_matrix_A_2b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[4U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR4( i0, (size_t)0U, (size_t)4U, (size_t)1U, size_t i1 = i0; @@ -3105,25 +3179,23 @@ static KRML_MUSTINLINE void sample_matrix_A_0d( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[4U]; - sample_from_xof_bf(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[4U]; + sample_from_xof_2b(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -3132,7 +3204,7 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_af(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_44(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { uint8_t out[4U][128U] = {{0U}}; KRML_MAYBE_FOR4( @@ -3153,9 +3225,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_13(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_44(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { - PRFxN_af(input, ret); + PRFxN_44(input, ret); } /** @@ -3164,8 +3236,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_2 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_2_48(Eurydice_slice randomness) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +sample_from_binomial_distribution_2_8c(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -3199,7 +3271,7 @@ sample_from_binomial_distribution_2_48(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_ef_54( + return from_i16_array_ef_8c( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3209,8 +3281,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_3 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_3_3a(Eurydice_slice randomness) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +sample_from_binomial_distribution_3_8c(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -3243,7 +3315,7 @@ sample_from_binomial_distribution_3_3a(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_ef_54( + return from_i16_array_ef_8c( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3253,9 +3325,9 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_6b(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_48(randomness); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +sample_from_binomial_distribution_a0(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_8c(randomness); } /** @@ -3264,8 +3336,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_97( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_at_layer_7_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; @@ -3292,7 +3364,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -montgomery_multiply_fe_ad( +montgomery_multiply_fe_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -3306,12 +3378,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - ntt_layer_int_vec_step_57( + ntt_layer_int_vec_step_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - montgomery_multiply_fe_ad(b, zeta_r); + montgomery_multiply_fe_8c(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -3325,8 +3397,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_bf( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void ntt_at_layer_4_plus_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -3338,7 +3410,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_bf( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - ntt_layer_int_vec_step_57( + ntt_layer_int_vec_step_8c( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3355,8 +3427,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_d0( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_at_layer_3_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -3373,8 +3445,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_76( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_at_layer_2_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -3392,8 +3464,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_5d( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_at_layer_1_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] + (size_t)1U; @@ -3418,8 +3490,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_ef_17( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { +static KRML_MUSTINLINE void poly_barrett_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3436,17 +3508,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_d8( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - ntt_at_layer_7_97(re); +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { + ntt_at_layer_7_8c(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_d0(&zeta_i, re); - ntt_at_layer_2_76(&zeta_i, re); - ntt_at_layer_1_5d(&zeta_i, re); - poly_barrett_reduce_ef_17(re); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_8c(&zeta_i, re); + ntt_at_layer_2_8c(&zeta_i, re); + ntt_at_layer_1_8c(&zeta_i, re); + poly_barrett_reduce_ef_8c(re); } /** @@ -3458,8 +3530,8 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_3b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -3468,16 +3540,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b1( KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_f1_13(prf_inputs, prf_outputs); + PRFxN_f1_44(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_6b( + re_as_ntt[i0] = sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_8c(&re_as_ntt[i0]);); return domain_separator; } @@ -3487,10 +3561,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_portable_vector_type_PortableVector[4size_t], uint8_t */ -typedef struct tuple_710_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[4U]; +typedef struct tuple_dd0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[4U]; uint8_t snd; -} tuple_710; +} tuple_dd0; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -3501,27 +3575,27 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_cb( +static KRML_MUSTINLINE tuple_dd0 sample_vector_cbd_then_ntt_out_3b( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_1b();); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_8c();); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b1(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_3b(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_re_as_ntt[4U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 result; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_dd0 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -3535,10 +3609,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -ntt_multiply_ef_45(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +ntt_multiply_ef_8c(libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d out = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3568,9 +3642,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_5d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3593,7 +3667,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_standard_domain_bf( +to_standard_domain_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -3610,14 +3684,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_ef_0f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +static KRML_MUSTINLINE void add_standard_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = to_standard_domain_bf(self->coefficients[j]); + coefficient_normal_form = to_standard_domain_8c(self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, @@ -3632,37 +3706,37 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_c7( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[4U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[4U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[4U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[4U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[4U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[4U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = ZERO_ef_8c(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_5d(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_d0(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_8c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -3675,47 +3749,47 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_e9( +static void generate_keypair_unpacked_1c( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_42 *private_key, - IndCpaPublicKeyUnpacked_42 *public_key) { + IndCpaPrivateKeyUnpacked_af *private_key, + IndCpaPublicKeyUnpacked_af *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_57(key_generation_seed, hashed); + cpa_keygen_seed_d8_03(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____1)[4U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[4U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_0d(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_2b(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b1(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_3b(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_cb(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_3b(copy_of_prf_input, domain_separator) .fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_c7(public_key->t_as_ntt, public_key->A, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compute_As_plus_e_d0(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -3731,18 +3805,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_501( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_151( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_42 private_key = default_1a_e9(); - IndCpaPublicKeyUnpacked_42 public_key = default_8d_d1(); - generate_keypair_unpacked_e9(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_af private_key = default_1a_d0(); + IndCpaPublicKeyUnpacked_af public_key = default_8d_d0(); + generate_keypair_unpacked_1c(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_07( + serialize_public_key_00( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_5a(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_ff(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3751,12 +3825,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_501( uint8_t copy_of_public_key_serialized[1568U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair1024 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair1024 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1536U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1568U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -3766,7 +3840,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_d4( +static KRML_MUSTINLINE void serialize_kem_secret_key_60( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3792,7 +3866,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_d4( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_d5(public_key, ret0); + H_f1_ac(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -3822,7 +3896,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_f81(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3831,13 +3905,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_501(ind_cpa_keypair_randomness); + generate_keypair_151(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_d4( + serialize_kem_secret_key_60( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3845,14 +3919,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f1(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[3168U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_7f_af1(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_83 private_key = + libcrux_ml_kem_types_from_7f_39(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_83 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee1( - uu____2, libcrux_ml_kem_types_from_5a_671(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_94( + uu____2, libcrux_ml_kem_types_from_5a_af(copy_of_public_key)); } /** @@ -3865,7 +3939,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_62(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_03(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3882,11 +3956,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_7f(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; +static KRML_MUSTINLINE tuple_dd0 +sample_ring_element_cbd_3b(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - error_1[i] = ZERO_ef_1b();); + error_1[i] = ZERO_ef_8c();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -3894,28 +3968,30 @@ sample_ring_element_cbd_7f(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[4U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)4U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_f1_13(prf_inputs, prf_outputs); + PRFxN_f1_44(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_error_1[4U]; memcpy( copy_of_error_1, error_1, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_710 result; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_dd0 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -3923,7 +3999,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f70(Eurydice_slice input, uint8_t ret[128U]) { +static KRML_MUSTINLINE void PRF_a6(Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)128U, digest, uint8_t), input); @@ -3940,9 +4016,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_9f0(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_440(Eurydice_slice input, uint8_t ret[128U]) { - PRF_f70(input, ret); + PRF_a6(input, ret); } /** @@ -3951,8 +4027,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_08( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_1_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -3972,8 +4048,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_91( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_2_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -3991,8 +4067,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_41( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_at_layer_3_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; zeta_i[0U] = zeta_i[0U] - (size_t)1U; @@ -4011,7 +4087,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_13( + inv_ntt_layer_int_vec_step_reduce_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4019,7 +4095,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = montgomery_multiply_fe_ad(a_minus_b, zeta_r); + b = montgomery_multiply_fe_8c(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -4031,8 +4107,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_ed( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -4046,7 +4122,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_ed( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_13( + inv_ntt_layer_int_vec_step_reduce_8c( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4063,18 +4139,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_55( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_08(&zeta_i, re); - invert_ntt_at_layer_2_91(&zeta_i, re); - invert_ntt_at_layer_3_41(&zeta_i, re); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_17(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_8c(&zeta_i, re); + invert_ntt_at_layer_3_8c(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_8c(re); } /** @@ -4088,9 +4164,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_ef_4d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +static KRML_MUSTINLINE void add_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; @@ -4112,46 +4188,42 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_b8( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[4U]; +static KRML_MUSTINLINE void compute_vector_u_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[4U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result0[i] = ZERO_ef_1b();); + result[i] = ZERO_ef_8c();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[4U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[4U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[4U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[4U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_5d(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_d0(&result[i1], &product); } - invert_ntt_montgomery_55(&result0[i1]); - add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_d0(&result[i1]); + add_error_reduce_ef_8c(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; - memcpy( - result, result0, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -4161,7 +4233,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_1_78(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { +decompress_1_8c(libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); libcrux_ml_kem_vector_portable_vector_type_PortableVector s = @@ -4178,9 +4250,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_e3(uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_message_8c(uint8_t serialized[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -4190,7 +4262,7 @@ deserialize_then_decompress_message_e3(uint8_t serialized[32U]) { (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_1_78(coefficient_compressed); + decompress_1_8c(coefficient_compressed); re.coefficients[i0] = uu____0;); return re; } @@ -4206,11 +4278,11 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_ef_21( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +add_message_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -4236,19 +4308,19 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_1e( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_ring_element_v_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_5d(&result, &product);); - invert_ntt_montgomery_55(&result); - result = add_message_error_reduce_ef_21(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_d0(&result, &product);); + invert_ntt_montgomery_d0(&result); + result = add_message_error_reduce_ef_8c(error_2, message, result); return result; } @@ -4258,7 +4330,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_61(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_ef(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4279,9 +4351,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_fe( +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_61(a); + return compress_ef(a); } /** @@ -4290,7 +4362,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_610(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_c4(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4311,9 +4383,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 11 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_fe0(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_610(a); +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_c4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_c4(a); } /** @@ -4322,14 +4394,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_a9( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { +static KRML_MUSTINLINE void compress_then_serialize_11_54( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_fe0(to_unsigned_representative_7c(re->coefficients[i0])); + compress_0d_c4(to_unsigned_representative_8c(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4347,11 +4419,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b5( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { - uint8_t uu____0[352U]; - compress_then_serialize_11_a9(re, uu____0); - memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_82( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[352U]) { + uint8_t result[352U]; + compress_then_serialize_11_54(re, result); + memcpy(ret, result, (size_t)352U * sizeof(uint8_t)); } /** @@ -4363,23 +4435,23 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_cd( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], +static void compress_then_serialize_u_2f( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)4U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_b5(&re, ret); + compress_then_serialize_ring_element_u_82(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4391,7 +4463,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_611(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_d1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4412,9 +4484,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 4 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_fe1(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_611(a); +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_d1(a); } /** @@ -4423,14 +4495,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_06( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, +static KRML_MUSTINLINE void compress_then_serialize_4_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_fe1(to_unsigned_field_modulus_b0(re.coefficients[i0])); + compress_0d_d1(to_unsigned_field_modulus_8c(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4446,7 +4518,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_612(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { +compress_f4(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4467,9 +4539,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 5 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_fe2(libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return compress_612(a); +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_f4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { + return compress_f4(a); } /** @@ -4478,14 +4550,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_69( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, +static KRML_MUSTINLINE void compress_then_serialize_5_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_fe2(to_unsigned_representative_7c(re.coefficients[i0])); + compress_0d_f4(to_unsigned_representative_8c(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4502,9 +4574,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_cf( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_69(re, out); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_8e( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice out) { + compress_then_serialize_5_8c(re, out); } /** @@ -4525,57 +4597,57 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_c3(IndCpaPublicKeyUnpacked_42 *public_key, +static void encrypt_unpacked_2a(IndCpaPublicKeyUnpacked_af *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_cb(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[4U]; + tuple_dd0 uu____1 = sample_vector_cbd_then_ntt_out_3b(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____3 = - sample_ring_element_cbd_7f(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; + tuple_dd0 uu____3 = + sample_ring_element_cbd_3b(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[4U]; memcpy( error_1, uu____3.fst, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_9f0(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_440(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_b8(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[4U]; + compute_vector_u_d0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_e3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_1e(public_key->t_as_ntt, r_as_ntt, &error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element = + deserialize_then_decompress_message_8c(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + compute_ring_element_v_d0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____5[4U]; memcpy( uu____5, u, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_cd( + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compress_then_serialize_u_2f( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_cf( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____6 = v; + compress_then_serialize_ring_element_v_8e( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4599,26 +4671,26 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_4b1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_2a1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { - IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_d1(); - deserialize_ring_elements_reduced_da( + IndCpaPublicKeyUnpacked_af unpacked_public_key = default_8d_d0(); + deserialize_ring_elements_reduced_d0( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1536U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____0)[4U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____0)[4U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_0d(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_42 *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_2b(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_af *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1568U]; - encrypt_unpacked_c3(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1568U * sizeof(uint8_t)); + uint8_t ret1[1568U]; + encrypt_unpacked_2a(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } /** @@ -4632,7 +4704,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_19(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_60(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4659,27 +4731,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_661( - libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, +tuple_fa libcrux_ml_kem_ind_cca_encapsulate_ca1( + libcrux_ml_kem_types_MlKemPublicKey_64 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_62( + entropy_preprocess_d8_03( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_d5(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), + H_f1_ac(Eurydice_array_to_slice( + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_af(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_87(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_ac(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -4687,25 +4759,25 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_661( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_fe(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_fd_af(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_4b1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_2a1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_01_45(copy_of_ciphertext); + libcrux_ml_kem_types_MlKemCiphertext_64 ciphertext0 = + libcrux_ml_kem_types_from_01_af(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_19(shared_secret, shared_secret_array); - libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; + kdf_d8_60(shared_secret, shared_secret_array); + libcrux_ml_kem_types_MlKemCiphertext_64 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_21 lit; + tuple_fa lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -4717,9 +4789,9 @@ libcrux_ml_kem.serialize.deserialize_to_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_07(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_to_uncompressed_ring_element_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -4738,12 +4810,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_121( +static KRML_MUSTINLINE void deserialize_secret_key_d0( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_1b();); + secret_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -4754,17 +4826,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_121( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_07(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_uncompressed_ring_element_8c(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; - memcpy( - result, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, secret_as_ntt, + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -4774,18 +4842,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_4a( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -4799,9 +4867,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_ea( +decompress_ciphertext_coefficient_0d_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_4a(v); + return decompress_ciphertext_coefficient_ef(v); } /** @@ -4810,16 +4878,15 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_10 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_5c(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); - LowStar_Ignore_ignore( - Eurydice_slice_len( - Eurydice_array_to_slice( - (size_t)16U, re.coefficients, - libcrux_ml_kem_vector_portable_vector_type_PortableVector), +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_10_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); + size_t _coefficients_length = Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, re.coefficients, libcrux_ml_kem_vector_portable_vector_type_PortableVector), - size_t, void *); + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + LowStar_Ignore_ignore(_coefficients_length, size_t, void *); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -4828,7 +4895,7 @@ deserialize_then_decompress_10_5c(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_ea(coefficient); + decompress_ciphertext_coefficient_0d_ef(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4841,18 +4908,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_4a0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_c4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -4866,9 +4933,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_ea0( +decompress_ciphertext_coefficient_0d_c4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_4a0(v); + return decompress_ciphertext_coefficient_c4(v); } /** @@ -4877,9 +4944,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_11 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_77(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_11_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -4888,7 +4955,7 @@ deserialize_then_decompress_11_77(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_ea0(coefficient); + decompress_ciphertext_coefficient_0d_c4(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4900,9 +4967,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_cd(Eurydice_slice serialized) { - return deserialize_then_decompress_11_77(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_ring_element_u_5e(Eurydice_slice serialized) { + return deserialize_then_decompress_11_8c(serialized); } /** @@ -4911,17 +4978,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_2c( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_vector_u_5e( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_d0(&zeta_i, re); - ntt_at_layer_2_76(&zeta_i, re); - ntt_at_layer_1_5d(&zeta_i, re); - poly_barrett_reduce_ef_17(re); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_8c(&zeta_i, re); + ntt_at_layer_2_8c(&zeta_i, re); + ntt_at_layer_1_8c(&zeta_i, re); + poly_barrett_reduce_ef_8c(re); } /** @@ -4932,12 +4999,12 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_bb( +static KRML_MUSTINLINE void deserialize_then_decompress_u_00( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[4U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_1b();); + u_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1568U, ciphertext, uint8_t), @@ -4955,12 +5022,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_bb( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd(u_bytes); - ntt_vector_u_2c(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_5e(u_bytes); + ntt_vector_u_5e(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -4970,18 +5037,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_4a1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -4995,9 +5062,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_ea1( +decompress_ciphertext_coefficient_0d_d1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_4a1(v); + return decompress_ciphertext_coefficient_d1(v); } /** @@ -5006,9 +5073,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_b1(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_4_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -5017,7 +5084,7 @@ deserialize_then_decompress_4_b1(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_ea1(coefficient); + decompress_ciphertext_coefficient_0d_d1(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5030,18 +5097,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_4a2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_ciphertext_coefficient_f4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -5055,9 +5122,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_ea2( +decompress_ciphertext_coefficient_0d_f4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_4a2(v); + return decompress_ciphertext_coefficient_f4(v); } /** @@ -5066,9 +5133,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_7b(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_5_8c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -5077,7 +5144,7 @@ deserialize_then_decompress_5_7b(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_ea2(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_f4(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5089,9 +5156,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_ce(Eurydice_slice serialized) { - return deserialize_then_decompress_5_7b(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_ring_element_v_9f(Eurydice_slice serialized) { + return deserialize_then_decompress_5_8c(serialized); } /** @@ -5105,9 +5172,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_ef_92(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +subtract_reduce_ef_8c(libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -5130,18 +5197,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_82( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_message_d0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_5d(&result, &product);); - invert_ntt_montgomery_55(&result); - result = subtract_reduce_ef_92(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_d0(&result, &product);); + invert_ntt_montgomery_d0(&result); + result = subtract_reduce_ef_8c(v, result); return result; } @@ -5151,13 +5218,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_15( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { +static KRML_MUSTINLINE void compress_then_serialize_message_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_field_modulus_b0(re.coefficients[i0]); + to_unsigned_field_modulus_8c(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5183,18 +5250,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_c9(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_7d(IndCpaPrivateKeyUnpacked_af *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_bb(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_ce( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[4U]; + deserialize_then_decompress_u_00(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + deserialize_then_decompress_ring_element_v_9f( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_82(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message = + compute_message_d0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_15(message, ret0); + compress_then_serialize_message_8c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5208,22 +5275,22 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_dc1(Eurydice_slice secret_key, uint8_t *ciphertext, - uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_121(secret_key, secret_as_ntt); +static void decrypt_7d(Eurydice_slice secret_key, uint8_t *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[4U]; + deserialize_secret_key_d0(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_secret_as_ntt[4U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - IndCpaPrivateKeyUnpacked_42 secret_key_unpacked; + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + IndCpaPrivateKeyUnpacked_af secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_c9(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + uint8_t ret0[32U]; + decrypt_unpacked_7d(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -5231,7 +5298,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f7(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void PRF_9e(Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)32U, digest, uint8_t), input); @@ -5248,8 +5315,8 @@ with const generics - K= 4 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_9f(Eurydice_slice input, uint8_t ret[32U]) { - PRF_f7(input, ret); +static KRML_MUSTINLINE void PRF_f1_44(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -5274,9 +5341,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_191( - libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, - libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { +void libcrux_ml_kem_ind_cca_decapsulate_621( + libcrux_ml_kem_types_MlKemPrivateKey_83 *private_key, + libcrux_ml_kem_types_MlKemCiphertext_64 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)3168U, private_key->value, uint8_t), (size_t)1536U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5292,9 +5359,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_191( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_dc1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_7d(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5302,7 +5369,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_191( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_87(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_ac(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -5310,31 +5377,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_191( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1600U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_7f(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_40(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_af(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_9f(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), + PRF_f1_44(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_4b1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_2a1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_19(Eurydice_array_to_slice((size_t)32U, + kdf_d8_60(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_19(shared_secret0, shared_secret1); + kdf_d8_60(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_40(ciphertext), + libcrux_ml_kem_types_as_ref_00_af(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5349,9 +5416,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_a0( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -5362,8 +5429,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da0( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_a5(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_reduced_ring_element_8c(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5374,16 +5441,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_530( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_a0( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_da0(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_8c();); + deserialize_ring_elements_reduced_a0(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[2U]; memcpy( - ret, deserialized_pk, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + result, deserialized_pk, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + memcpy( + ret, result, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -5393,25 +5464,25 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_5a0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, +static KRML_MUSTINLINE void serialize_secret_key_64( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_8b(&re, ret0); + serialize_uncompressed_ring_element_8c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5426,13 +5497,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_3c0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_86( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_5a0(t_as_ntt, ret); + serialize_secret_key_64(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5449,14 +5520,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_070( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_86( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_3c0(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[800U]; - memcpy(result, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)800U * sizeof(uint8_t)); + serialize_public_key_mut_86(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } /** @@ -5467,15 +5536,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf0(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_530( +bool libcrux_ml_kem_ind_cca_validate_public_key_86(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[2U]; + deserialize_ring_elements_reduced_out_a0( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_070( + serialize_public_key_86( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5493,7 +5562,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void H_f1_d50(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_fd(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -5505,14 +5574,14 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_b4( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { +bool libcrux_ml_kem_ind_cca_validate_private_key_fb( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *_ciphertext) { uint8_t t[32U]; - H_f1_d50(Eurydice_array_to_subslice2( - private_key->value, (size_t)384U * (size_t)2U, - (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), - t); + H_f1_fd(Eurydice_array_to_subslice2( + private_key->value, (size_t)384U * (size_t)2U, + (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), + t); Eurydice_slice expected = Eurydice_array_to_subslice2( private_key->value, (size_t)768U * (size_t)2U + (size_t)32U, (size_t)768U * (size_t)2U + (size_t)64U, uint8_t); @@ -5526,9 +5595,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $2size_t */ -typedef struct IndCpaPrivateKeyUnpacked_ae_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; -} IndCpaPrivateKeyUnpacked_ae; +typedef struct IndCpaPrivateKeyUnpacked_d4_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[2U]; +} IndCpaPrivateKeyUnpacked_d4; /** This function found in impl {(core::default::Default for @@ -5541,10 +5610,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static IndCpaPrivateKeyUnpacked_ae default_1a_e90(void) { - IndCpaPrivateKeyUnpacked_ae lit; - lit.secret_as_ntt[0U] = ZERO_ef_1b(); - lit.secret_as_ntt[1U] = ZERO_ef_1b(); +static IndCpaPrivateKeyUnpacked_d4 default_1a_a0(void) { + IndCpaPrivateKeyUnpacked_d4 lit; + lit.secret_as_ntt[0U] = ZERO_ef_8c(); + lit.secret_as_ntt[1U] = ZERO_ef_8c(); return lit; } @@ -5554,11 +5623,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $2size_t */ -typedef struct IndCpaPublicKeyUnpacked_ae_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[2U]; +typedef struct IndCpaPublicKeyUnpacked_d4_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[2U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[2U][2U]; -} IndCpaPublicKeyUnpacked_ae; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[2U][2U]; +} IndCpaPublicKeyUnpacked_d4; /** This function found in impl {(core::default::Default for @@ -5571,20 +5640,20 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static IndCpaPublicKeyUnpacked_ae default_8d_d10(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[2U]; +static IndCpaPublicKeyUnpacked_d4 default_8d_a0(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - uu____0[i] = ZERO_ef_1b();); + uu____0[i] = ZERO_ef_8c();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_ae lit; + IndCpaPublicKeyUnpacked_d4 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_1b(); - lit.A[0U][1U] = ZERO_ef_1b(); - lit.A[1U][0U] = ZERO_ef_1b(); - lit.A[1U][1U] = ZERO_ef_1b(); + lit.A[0U][0U] = ZERO_ef_8c(); + lit.A[0U][1U] = ZERO_ef_8c(); + lit.A[1U][0U] = ZERO_ef_8c(); + lit.A[1U][1U] = ZERO_ef_8c(); return lit; } @@ -5597,7 +5666,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void G_f1_870(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_fd(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -5611,7 +5680,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_36( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_10( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5622,7 +5691,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_36( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)2U; uint8_t ret0[64U]; - G_f1_870(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_fd(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -5631,9 +5700,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash with const generics - $2size_t */ -typedef struct PortableHash_8b_s { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[2U]; -} PortableHash_8b; +typedef struct PortableHash_cf_s { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[2U]; +} PortableHash_cf; /** A monomorphic instance of @@ -5641,9 +5710,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const generics - K= 2 */ -static KRML_MUSTINLINE PortableHash_8b -shake128_init_absorb_final_240(uint8_t input[2U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[2U]; +static KRML_MUSTINLINE PortableHash_cf +shake128_init_absorb_final_fd(uint8_t input[2U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[2U]; KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init();); @@ -5653,12 +5722,12 @@ shake128_init_absorb_final_240(uint8_t input[2U][34U]) { &shake128_state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t));); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[2U]; + libcrux_sha3_generic_keccak_KeccakState_17 copy_of_shake128_state[2U]; memcpy(copy_of_shake128_state, shake128_state, - (size_t)2U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - PortableHash_8b lit; + (size_t)2U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); + PortableHash_cf lit; memcpy(lit.shake128_state, copy_of_shake128_state, - (size_t)2U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); + (size_t)2U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); return lit; } @@ -5672,12 +5741,12 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE PortableHash_8b -shake128_init_absorb_final_f1_310(uint8_t input[2U][34U]) { +static KRML_MUSTINLINE PortableHash_cf +shake128_init_absorb_final_f1_fd(uint8_t input[2U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[2U][34U]; memcpy(copy_of_input, input, (size_t)2U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_240(copy_of_input); + return shake128_init_absorb_final_fd(copy_of_input); } /** @@ -5686,8 +5755,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_630( - PortableHash_8b *st, uint8_t ret[2U][504U]) { +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_fd( + PortableHash_cf *st, uint8_t ret[2U][504U]) { uint8_t out[2U][504U] = {{0U}}; KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; @@ -5707,9 +5776,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_2f0( - PortableHash_8b *self, uint8_t ret[2U][504U]) { - shake128_squeeze_first_three_blocks_630(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_fd( + PortableHash_cf *self, uint8_t ret[2U][504U]) { + shake128_squeeze_first_three_blocks_fd(self, ret); } /** @@ -5760,7 +5829,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_711( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_64( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -5798,8 +5867,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_110( - PortableHash_8b *st, uint8_t ret[2U][168U]) { +static KRML_MUSTINLINE void shake128_squeeze_next_block_fd( + PortableHash_cf *st, uint8_t ret[2U][168U]) { uint8_t out[2U][168U] = {{0U}}; KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; @@ -5819,9 +5888,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_c40( - PortableHash_8b *self, uint8_t ret[2U][168U]) { - shake128_squeeze_next_block_110(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_fd( + PortableHash_cf *self, uint8_t ret[2U][168U]) { + shake128_squeeze_next_block_fd(self, ret); } /** @@ -5872,7 +5941,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_712( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_640( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -5911,9 +5980,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_eb0( +static libcrux_ml_kem_polynomial_PolynomialRingElement_1d closure_2b0( int16_t s[272U]) { - return from_i16_array_ef_54( + return from_i16_array_ef_8c( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -5924,45 +5993,45 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_bf0( +static KRML_MUSTINLINE void sample_from_xof_2b0( uint8_t seeds[2U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[2U]) { size_t sampled_coefficients[2U] = {0U}; int16_t out[2U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); - PortableHash_8b xof_state = shake128_init_absorb_final_f1_310(copy_of_seeds); + PortableHash_cf xof_state = shake128_init_absorb_final_f1_fd(copy_of_seeds); uint8_t randomness0[2U][504U]; - shake128_squeeze_first_three_blocks_f1_2f0(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_f1_fd(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_711( + bool done = sample_from_uniform_distribution_next_64( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[2U][168U]; - shake128_squeeze_next_block_f1_c40(&xof_state, randomness); + shake128_squeeze_next_block_f1_fd(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_712( + done = sample_from_uniform_distribution_next_640( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[2U][272U]; memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_eb0(copy_of_out[i]);); + ret0[i] = closure_2b0(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -5972,8 +6041,8 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_0d0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[2U], +static KRML_MUSTINLINE void sample_matrix_A_2b0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[2U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR2( i0, (size_t)0U, (size_t)2U, (size_t)1U, size_t i1 = i0; @@ -5988,25 +6057,23 @@ static KRML_MUSTINLINE void sample_matrix_A_0d0( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[2U]; - sample_from_xof_bf0(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[2U]; + sample_from_xof_2b0(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -6015,8 +6082,8 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_af0(uint8_t (*input)[33U], - uint8_t ret[2U][192U]) { +static KRML_MUSTINLINE void PRFxN_49(uint8_t (*input)[33U], + uint8_t ret[2U][192U]) { uint8_t out[2U][192U] = {{0U}}; KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; @@ -6036,9 +6103,9 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_f1_130(uint8_t (*input)[33U], - uint8_t ret[2U][192U]) { - PRFxN_af0(input, ret); +static KRML_MUSTINLINE void PRFxN_f1_49(uint8_t (*input)[33U], + uint8_t ret[2U][192U]) { + PRFxN_49(input, ret); } /** @@ -6047,9 +6114,9 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_6b0(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_3a(randomness); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +sample_from_binomial_distribution_1b(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_8c(randomness); } /** @@ -6061,8 +6128,8 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b10( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_3b0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -6071,16 +6138,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b10( KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][192U]; - PRFxN_f1_130(prf_inputs, prf_outputs); + PRFxN_f1_49(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_6b0( + re_as_ntt[i0] = sample_from_binomial_distribution_1b( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_8c(&re_as_ntt[i0]);); return domain_separator; } @@ -6090,10 +6159,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_portable_vector_type_PortableVector[2size_t], uint8_t */ -typedef struct tuple_740_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[2U]; +typedef struct tuple_400_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[2U]; uint8_t snd; -} tuple_740; +} tuple_400; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -6104,27 +6173,27 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_cb0( +static KRML_MUSTINLINE tuple_400 sample_vector_cbd_then_ntt_out_3b0( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_1b();); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_8c();); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b10(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_3b0(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_re_as_ntt[2U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 result; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_400 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -6138,9 +6207,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_5d0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6162,37 +6231,37 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_c70( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[2U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[2U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[2U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[2U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[2U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[2U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = ZERO_ef_8c(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_5d0(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_a0(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_8c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6205,47 +6274,47 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_e90( +static void generate_keypair_unpacked_1c0( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_ae *private_key, - IndCpaPublicKeyUnpacked_ae *public_key) { + IndCpaPrivateKeyUnpacked_d4 *private_key, + IndCpaPublicKeyUnpacked_d4 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_36(key_generation_seed, hashed); + cpa_keygen_seed_d8_10(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____1)[2U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[2U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_0d0(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_2b0(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b10(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_3b0(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_cb0(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_3b0(copy_of_prf_input, domain_separator) .fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_c70(public_key->t_as_ntt, public_key->A, - private_key->secret_as_ntt, error_as_ntt); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compute_As_plus_e_a0(public_key->t_as_ntt, public_key->A, + private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -6261,18 +6330,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_500( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_150( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_ae private_key = default_1a_e90(); - IndCpaPublicKeyUnpacked_ae public_key = default_8d_d10(); - generate_keypair_unpacked_e90(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_d4 private_key = default_1a_a0(); + IndCpaPublicKeyUnpacked_d4 public_key = default_8d_a0(); + generate_keypair_unpacked_1c0(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_070( + serialize_public_key_86( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_5a0(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_64(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6281,12 +6350,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_500( uint8_t copy_of_public_key_serialized[800U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)800U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair512 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair512 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)768U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)800U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -6296,7 +6365,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_a1( +static KRML_MUSTINLINE void serialize_kem_secret_key_30( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6322,7 +6391,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_a1( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_d50(public_key, ret0); + H_f1_fd(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -6351,8 +6420,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { +libcrux_ml_kem_types_MlKemKeyPair_3e +libcrux_ml_kem_ind_cca_generate_keypair_f80(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6361,13 +6430,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_500(ind_cpa_keypair_randomness); + generate_keypair_150(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_a1( + serialize_kem_secret_key_30( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6375,14 +6444,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[1632U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_fa private_key = + libcrux_ml_kem_types_from_7f_2a(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_fa uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_fa( + uu____2, libcrux_ml_kem_types_from_5a_4d(copy_of_public_key)); } /** @@ -6395,7 +6464,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_89(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_10(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6409,7 +6478,7 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_af1(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_490(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { uint8_t out[2U][128U] = {{0U}}; KRML_MAYBE_FOR2( @@ -6430,9 +6499,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_131(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_490(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { - PRFxN_af1(input, ret); + PRFxN_490(input, ret); } /** @@ -6444,11 +6513,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_7f0(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; +static KRML_MUSTINLINE tuple_400 +sample_ring_element_cbd_3b0(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - error_1[i] = ZERO_ef_1b();); + error_1[i] = ZERO_ef_8c();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -6456,28 +6525,30 @@ sample_ring_element_cbd_7f0(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[2U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)2U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][128U]; - PRFxN_f1_131(prf_inputs, prf_outputs); + PRFxN_f1_490(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_error_1[2U]; memcpy( copy_of_error_1, error_1, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_740 result; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_400 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -6490,9 +6561,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_9f2(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_490(Eurydice_slice input, uint8_t ret[128U]) { - PRF_f70(input, ret); + PRF_a6(input, ret); } /** @@ -6501,18 +6572,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_550( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_08(&zeta_i, re); - invert_ntt_at_layer_2_91(&zeta_i, re); - invert_ntt_at_layer_3_41(&zeta_i, re); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_17(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_8c(&zeta_i, re); + invert_ntt_at_layer_3_8c(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_8c(re); } /** @@ -6521,46 +6592,42 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_b80( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[2U]; +static KRML_MUSTINLINE void compute_vector_u_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[2U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result0[i] = ZERO_ef_1b();); + result[i] = ZERO_ef_8c();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[2U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[2U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[2U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[2U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_5d0(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_a0(&result[i1], &product); } - invert_ntt_montgomery_550(&result0[i1]); - add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_a0(&result[i1]); + add_error_reduce_ef_8c(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; - memcpy( - result, result0, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -6569,19 +6636,19 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_1e0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_ring_element_v_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_5d0(&result, &product);); - invert_ntt_montgomery_550(&result); - result = add_message_error_reduce_ef_21(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_a0(&result, &product);); + invert_ntt_montgomery_a0(&result); + result = add_message_error_reduce_ef_8c(error_2, message, result); return result; } @@ -6591,14 +6658,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_470( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { +static KRML_MUSTINLINE void compress_then_serialize_10_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_fe(to_unsigned_field_modulus_b0(re->coefficients[i0])); + compress_0d_ef(to_unsigned_field_modulus_8c(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6618,11 +6685,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_b50( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - compress_then_serialize_10_470(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_fe( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { + uint8_t result[320U]; + compress_then_serialize_10_ff(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -6634,23 +6701,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_cd0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], +static void compress_then_serialize_u_6d( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)2U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_b50(&re, ret); + compress_then_serialize_ring_element_u_fe(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -6663,9 +6730,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_cf0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_06(re, out); +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_ff0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice out) { + compress_then_serialize_4_8c(re, out); } /** @@ -6686,58 +6753,58 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_c30(IndCpaPublicKeyUnpacked_ae *public_key, +static void encrypt_unpacked_2a0(IndCpaPublicKeyUnpacked_d4 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_740 uu____1 = - sample_vector_cbd_then_ntt_out_cb0(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[2U]; + tuple_400 uu____1 = + sample_vector_cbd_then_ntt_out_3b0(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_740 uu____3 = - sample_ring_element_cbd_7f0(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; + tuple_400 uu____3 = + sample_ring_element_cbd_3b0(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[2U]; memcpy( error_1, uu____3.fst, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_9f2(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_490(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_b80(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[2U]; + compute_vector_u_a0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_e3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_1e0(public_key->t_as_ntt, r_as_ntt, &error_2, - &message_as_ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element = + deserialize_then_decompress_message_8c(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + compute_ring_element_v_a0(public_key->t_as_ntt, r_as_ntt, &error_2, + &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____5[2U]; memcpy( uu____5, u, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_cd0( + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compress_then_serialize_u_6d( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_cf0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____6 = v; + compress_then_serialize_ring_element_v_ff0( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -6761,26 +6828,26 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_4b0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_2a0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { - IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_d10(); - deserialize_ring_elements_reduced_da0( + IndCpaPublicKeyUnpacked_d4 unpacked_public_key = default_8d_a0(); + deserialize_ring_elements_reduced_a0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)768U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____0)[2U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____0)[2U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_0d0(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_ae *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_2b0(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_d4 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[768U]; - encrypt_unpacked_c30(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)768U * sizeof(uint8_t)); + uint8_t ret1[768U]; + encrypt_unpacked_2a0(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } /** @@ -6794,7 +6861,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_ab(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_30(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6821,27 +6888,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_660( - libcrux_ml_kem_types_MlKemPublicKey_be *public_key, +tuple_41 libcrux_ml_kem_ind_cca_encapsulate_ca0( + libcrux_ml_kem_types_MlKemPublicKey_52 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_89( + entropy_preprocess_d8_10( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_d50(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), - uint8_t), - ret); + H_f1_fd(Eurydice_array_to_slice( + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_4d(public_key), + uint8_t), + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_870(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_fd(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -6849,25 +6916,25 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_660( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_fd_fe0(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_fd_4d(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_4b0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_2a0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_450(copy_of_ciphertext); + libcrux_ml_kem_types_MlKemCiphertext_1a ciphertext0 = + libcrux_ml_kem_types_from_01_d0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_ab(shared_secret, shared_secret_array); - libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; + kdf_d8_30(shared_secret, shared_secret_array); + libcrux_ml_kem_types_MlKemCiphertext_1a uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_ec lit; + tuple_41 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -6879,12 +6946,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_120( +static KRML_MUSTINLINE void deserialize_secret_key_a0( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_1b();); + secret_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -6895,17 +6962,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_120( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_07(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_uncompressed_ring_element_8c(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; memcpy( - result, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - memcpy( - ret, result, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, secret_as_ntt, + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -6914,9 +6977,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_cd0(Eurydice_slice serialized) { - return deserialize_then_decompress_10_5c(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_ring_element_u_0a(Eurydice_slice serialized) { + return deserialize_then_decompress_10_8c(serialized); } /** @@ -6925,17 +6988,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_2c0( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void ntt_vector_u_0a( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_d0(&zeta_i, re); - ntt_at_layer_2_76(&zeta_i, re); - ntt_at_layer_1_5d(&zeta_i, re); - poly_barrett_reduce_ef_17(re); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_8c(&zeta_i, re); + ntt_at_layer_2_8c(&zeta_i, re); + ntt_at_layer_1_8c(&zeta_i, re); + poly_barrett_reduce_ef_8c(re); } /** @@ -6946,12 +7009,12 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_bb0( +static KRML_MUSTINLINE void deserialize_then_decompress_u_86( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[2U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_1b();); + u_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)768U, ciphertext, uint8_t), @@ -6969,12 +7032,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_bb0( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd0(u_bytes); - ntt_vector_u_2c0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_0a(u_bytes); + ntt_vector_u_0a(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -6983,9 +7046,9 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_ce0(Eurydice_slice serialized) { - return deserialize_then_decompress_4_b1(serialized); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +deserialize_then_decompress_ring_element_v_d0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_8c(serialized); } /** @@ -6994,18 +7057,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_820( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_message_a0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_5d0(&result, &product);); - invert_ntt_montgomery_550(&result); - result = subtract_reduce_ef_92(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_a0(&result, &product);); + invert_ntt_montgomery_a0(&result); + result = subtract_reduce_ef_8c(v, result); return result; } @@ -7019,18 +7082,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_c90(IndCpaPrivateKeyUnpacked_ae *secret_key, - uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_bb0(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_ce0( +static void decrypt_unpacked_d1(IndCpaPrivateKeyUnpacked_d4 *secret_key, + uint8_t *ciphertext, uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[2U]; + deserialize_then_decompress_u_86(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + deserialize_then_decompress_ring_element_v_d0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_820(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message = + compute_message_a0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_15(message, ret0); + compress_then_serialize_message_8c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7044,22 +7107,22 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_dc0(Eurydice_slice secret_key, uint8_t *ciphertext, - uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_120(secret_key, secret_as_ntt); +static void decrypt_d1(Eurydice_slice secret_key, uint8_t *ciphertext, + uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[2U]; + deserialize_secret_key_a0(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_secret_as_ntt[2U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - IndCpaPrivateKeyUnpacked_ae secret_key_unpacked; + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + IndCpaPrivateKeyUnpacked_d4 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_c90(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + uint8_t ret0[32U]; + decrypt_unpacked_d1(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -7072,8 +7135,8 @@ with const generics - K= 2 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_9f1(Eurydice_slice input, uint8_t ret[32U]) { - PRF_f7(input, ret); +static KRML_MUSTINLINE void PRF_f1_49(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -7098,9 +7161,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_190( - libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, - libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { +void libcrux_ml_kem_ind_cca_decapsulate_620( + libcrux_ml_kem_types_MlKemPrivateKey_fa *private_key, + libcrux_ml_kem_types_MlKemCiphertext_1a *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)1632U, private_key->value, uint8_t), (size_t)768U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -7116,9 +7179,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_190( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_dc0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_d1(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -7126,7 +7189,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_190( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_870(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_fd(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7134,31 +7197,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_190( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[800U]; - libcrux_ml_kem_utils_into_padded_array_424(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_4d(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_400(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_9f1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), - implicit_rejection_shared_secret0); + PRF_f1_49(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), + implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_4b0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_2a0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_ab(Eurydice_array_to_slice((size_t)32U, + kdf_d8_30(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_ab(shared_secret0, shared_secret1); + kdf_d8_30(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_400(ciphertext), + libcrux_ml_kem_types_as_ref_00_d0(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7173,9 +7236,9 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -7186,8 +7249,8 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_da1( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_a5(ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_reduced_ring_element_8c(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7198,16 +7261,20 @@ libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_53( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_1b( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_ef_1b();); - deserialize_ring_elements_reduced_da1(public_key, deserialized_pk); + deserialized_pk[i] = ZERO_ef_8c();); + deserialize_ring_elements_reduced_1b(public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U]; + memcpy( + result, deserialized_pk, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, result, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -7217,25 +7284,25 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_5a1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, +static KRML_MUSTINLINE void serialize_secret_key_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_8b(&re, ret0); + serialize_uncompressed_ring_element_8c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -7250,13 +7317,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_3c1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_mut_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_5a1(t_as_ntt, ret); + serialize_secret_key_89(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7273,14 +7340,12 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_071( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void serialize_public_key_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_3c1(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -7291,15 +7356,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_bf(uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_53( +bool libcrux_ml_kem_ind_cca_validate_public_key_6c(uint8_t *public_key) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; + deserialize_ring_elements_reduced_out_1b( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_071( + serialize_public_key_6c( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7317,7 +7382,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void H_f1_d51(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_e0(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -7329,14 +7394,14 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_33( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +bool libcrux_ml_kem_ind_cca_validate_private_key_37( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - H_f1_d51(Eurydice_array_to_subslice2( - private_key->value, (size_t)384U * (size_t)3U, - (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), - t); + H_f1_e0(Eurydice_array_to_subslice2( + private_key->value, (size_t)384U * (size_t)3U, + (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), + t); Eurydice_slice expected = Eurydice_array_to_subslice2( private_key->value, (size_t)768U * (size_t)3U + (size_t)32U, (size_t)768U * (size_t)3U + (size_t)64U, uint8_t); @@ -7350,9 +7415,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct IndCpaPrivateKeyUnpacked_f8_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; -} IndCpaPrivateKeyUnpacked_f8; +typedef struct IndCpaPrivateKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; +} IndCpaPrivateKeyUnpacked_a0; /** This function found in impl {(core::default::Default for @@ -7365,11 +7430,11 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static IndCpaPrivateKeyUnpacked_f8 default_1a_e91(void) { - IndCpaPrivateKeyUnpacked_f8 lit; - lit.secret_as_ntt[0U] = ZERO_ef_1b(); - lit.secret_as_ntt[1U] = ZERO_ef_1b(); - lit.secret_as_ntt[2U] = ZERO_ef_1b(); +static IndCpaPrivateKeyUnpacked_a0 default_1a_1b(void) { + IndCpaPrivateKeyUnpacked_a0 lit; + lit.secret_as_ntt[0U] = ZERO_ef_8c(); + lit.secret_as_ntt[1U] = ZERO_ef_8c(); + lit.secret_as_ntt[2U] = ZERO_ef_8c(); return lit; } @@ -7379,11 +7444,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct IndCpaPublicKeyUnpacked_f8_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; +typedef struct IndCpaPublicKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[3U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; -} IndCpaPublicKeyUnpacked_f8; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; +} IndCpaPublicKeyUnpacked_a0; /** This function found in impl {(core::default::Default for @@ -7396,25 +7461,25 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static IndCpaPublicKeyUnpacked_f8 default_8d_d11(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; +static IndCpaPublicKeyUnpacked_a0 default_8d_1b(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - uu____0[i] = ZERO_ef_1b();); + uu____0[i] = ZERO_ef_8c();); uint8_t uu____1[32U] = {0U}; - IndCpaPublicKeyUnpacked_f8 lit; + IndCpaPublicKeyUnpacked_a0 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = ZERO_ef_1b(); - lit.A[0U][1U] = ZERO_ef_1b(); - lit.A[0U][2U] = ZERO_ef_1b(); - lit.A[1U][0U] = ZERO_ef_1b(); - lit.A[1U][1U] = ZERO_ef_1b(); - lit.A[1U][2U] = ZERO_ef_1b(); - lit.A[2U][0U] = ZERO_ef_1b(); - lit.A[2U][1U] = ZERO_ef_1b(); - lit.A[2U][2U] = ZERO_ef_1b(); + lit.A[0U][0U] = ZERO_ef_8c(); + lit.A[0U][1U] = ZERO_ef_8c(); + lit.A[0U][2U] = ZERO_ef_8c(); + lit.A[1U][0U] = ZERO_ef_8c(); + lit.A[1U][1U] = ZERO_ef_8c(); + lit.A[1U][2U] = ZERO_ef_8c(); + lit.A[2U][0U] = ZERO_ef_8c(); + lit.A[2U][1U] = ZERO_ef_8c(); + lit.A[2U][2U] = ZERO_ef_8c(); return lit; } @@ -7427,7 +7492,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void G_f1_871(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_e0(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -7441,7 +7506,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_d1( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_9c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -7452,7 +7517,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_d1( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - G_f1_871(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_e0(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -7461,9 +7526,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash with const generics - $3size_t */ -typedef struct PortableHash_58_s { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; -} PortableHash_58; +typedef struct PortableHash_88_s { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U]; +} PortableHash_88; /** A monomorphic instance of @@ -7471,9 +7536,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const generics - K= 3 */ -static KRML_MUSTINLINE PortableHash_58 -shake128_init_absorb_final_241(uint8_t input[3U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; +static KRML_MUSTINLINE PortableHash_88 +shake128_init_absorb_final_e0(uint8_t input[3U][34U]) { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U]; KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init();); @@ -7483,12 +7548,12 @@ shake128_init_absorb_final_241(uint8_t input[3U][34U]) { &shake128_state[i0], Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t));); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[3U]; + libcrux_sha3_generic_keccak_KeccakState_17 copy_of_shake128_state[3U]; memcpy(copy_of_shake128_state, shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - PortableHash_58 lit; + (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); + PortableHash_88 lit; memcpy(lit.shake128_state, copy_of_shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); + (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); return lit; } @@ -7502,12 +7567,12 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE PortableHash_58 -shake128_init_absorb_final_f1_311(uint8_t input[3U][34U]) { +static KRML_MUSTINLINE PortableHash_88 +shake128_init_absorb_final_f1_e0(uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return shake128_init_absorb_final_241(copy_of_input); + return shake128_init_absorb_final_e0(copy_of_input); } /** @@ -7516,8 +7581,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_631( - PortableHash_58 *st, uint8_t ret[3U][504U]) { +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_e0( + PortableHash_88 *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; @@ -7537,9 +7602,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_2f1( - PortableHash_58 *self, uint8_t ret[3U][504U]) { - shake128_squeeze_first_three_blocks_631(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_first_three_blocks_f1_e0( + PortableHash_88 *self, uint8_t ret[3U][504U]) { + shake128_squeeze_first_three_blocks_e0(self, ret); } /** @@ -7590,7 +7655,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_713( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_89( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -7628,8 +7693,8 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_111( - PortableHash_58 *st, uint8_t ret[3U][168U]) { +static KRML_MUSTINLINE void shake128_squeeze_next_block_e0( + PortableHash_88 *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; @@ -7649,9 +7714,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_c41( - PortableHash_58 *self, uint8_t ret[3U][168U]) { - shake128_squeeze_next_block_111(self, ret); +static KRML_MUSTINLINE void shake128_squeeze_next_block_f1_e0( + PortableHash_88 *self, uint8_t ret[3U][168U]) { + shake128_squeeze_next_block_e0(self, ret); } /** @@ -7702,7 +7767,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_714( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_890( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -7741,9 +7806,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_eb1( +static libcrux_ml_kem_polynomial_PolynomialRingElement_1d closure_2b1( int16_t s[272U]) { - return from_i16_array_ef_54( + return from_i16_array_ef_8c( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -7754,45 +7819,45 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_bf1( +static KRML_MUSTINLINE void sample_from_xof_2b1( uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - PortableHash_58 xof_state = shake128_init_absorb_final_f1_311(copy_of_seeds); + PortableHash_88 xof_state = shake128_init_absorb_final_f1_e0(copy_of_seeds); uint8_t randomness0[3U][504U]; - shake128_squeeze_first_three_blocks_f1_2f1(&xof_state, randomness0); + shake128_squeeze_first_three_blocks_f1_e0(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_713( + bool done = sample_from_uniform_distribution_next_89( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - shake128_squeeze_next_block_f1_c41(&xof_state, randomness); + shake128_squeeze_next_block_f1_e0(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_714( + done = sample_from_uniform_distribution_next_890( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[3U][272U]; memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_eb1(copy_of_out[i]);); + ret0[i] = closure_2b1(copy_of_out[i]);); memcpy( ret, ret0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -7802,8 +7867,8 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_0d1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[3U], +static KRML_MUSTINLINE void sample_matrix_A_2b1( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR3( i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; @@ -7818,25 +7883,23 @@ static KRML_MUSTINLINE void sample_matrix_A_0d1( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - sample_from_xof_bf1(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[3U]; + sample_from_xof_2b1(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { A_transpose[i1][j] = sample; } - } - - ); + }); } /** @@ -7845,8 +7908,8 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_af2(uint8_t (*input)[33U], - uint8_t ret[3U][128U]) { +static KRML_MUSTINLINE void PRFxN_41(uint8_t (*input)[33U], + uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; @@ -7866,9 +7929,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_132(uint8_t (*input)[33U], - uint8_t ret[3U][128U]) { - PRFxN_af2(input, ret); +static KRML_MUSTINLINE void PRFxN_f1_41(uint8_t (*input)[33U], + uint8_t ret[3U][128U]) { + PRFxN_41(input, ret); } /** @@ -7880,8 +7943,8 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b11( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_3b1( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -7890,16 +7953,18 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_b11( KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_f1_132(prf_inputs, prf_outputs); + PRFxN_f1_41(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_6b( + re_as_ntt[i0] = sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_8c(&re_as_ntt[i0]);); return domain_separator; } @@ -7909,10 +7974,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t], uint8_t */ -typedef struct tuple_b00_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[3U]; +typedef struct tuple_230_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[3U]; uint8_t snd; -} tuple_b00; +} tuple_230; /** A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt_out @@ -7923,27 +7988,27 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_cb1( +static KRML_MUSTINLINE tuple_230 sample_vector_cbd_then_ntt_out_3b1( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = ZERO_ef_1b();); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; + re_as_ntt[i] = ZERO_ef_8c();); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_b11(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_3b1(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_230 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -7957,9 +8022,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_ef_5d1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { +static KRML_MUSTINLINE void add_to_ring_element_ef_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7981,37 +8046,37 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_c71( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt) { +static KRML_MUSTINLINE void compute_As_plus_e_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = ZERO_ef_8c(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(matrix_element, &s_as_ntt[j]); - add_to_ring_element_ef_5d1(&t_as_ntt[i0], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(matrix_element, &s_as_ntt[j]); + add_to_ring_element_ef_1b(&t_as_ntt[i0], &product); } - add_standard_error_reduce_ef_0f(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_ef_8c(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -8024,47 +8089,47 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_e91( +static void generate_keypair_unpacked_1c1( Eurydice_slice key_generation_seed, - IndCpaPrivateKeyUnpacked_f8 *private_key, - IndCpaPublicKeyUnpacked_f8 *public_key) { + IndCpaPrivateKeyUnpacked_a0 *private_key, + IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_d1(key_generation_seed, hashed); + cpa_keygen_seed_d8_9c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_0d1(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + sample_matrix_A_2b1(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_b11(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_3b1(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_cb1(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_3b1(copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_c71(public_key->t_as_ntt, public_key->A, - private_key->secret_as_ntt, error_as_ntt); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compute_As_plus_e_1b(public_key->t_as_ntt, public_key->A, + private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - core_result_Result_00 dst; + core_result_Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - core_result_unwrap_26_33(dst, uu____5); + core_result_unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -8080,18 +8145,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_50( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_15( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_e91(); - IndCpaPublicKeyUnpacked_f8 public_key = default_8d_d11(); - generate_keypair_unpacked_e91(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_1b(); + IndCpaPublicKeyUnpacked_a0 public_key = default_8d_1b(); + generate_keypair_unpacked_1c1(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_071( + serialize_public_key_6c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_5a1(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_89(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8100,12 +8165,12 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_50( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -8115,7 +8180,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_b0( +static KRML_MUSTINLINE void serialize_kem_secret_key_d6( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8141,7 +8206,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_b0( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_d51(public_key, ret0); + H_f1_e0(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -8171,7 +8236,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_f8(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8180,13 +8245,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_50(ind_cpa_keypair_randomness); + generate_keypair_15(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_b0( + serialize_kem_secret_key_d6( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8194,14 +8259,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af0(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee0( - uu____2, libcrux_ml_kem_types_from_5a_670(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -8214,7 +8279,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_a9(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_9c(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8231,11 +8296,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_7f1(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; +static KRML_MUSTINLINE tuple_230 +sample_ring_element_cbd_3b1(uint8_t prf_input[33U], uint8_t domain_separator) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = ZERO_ef_1b();); + error_1[i] = ZERO_ef_8c();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -8243,28 +8308,30 @@ sample_ring_element_cbd_7f1(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));); + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_f1_132(prf_inputs, prf_outputs); + PRFxN_f1_41(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_error_1[3U]; memcpy( copy_of_error_1, error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b00 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_230 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -8277,9 +8344,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_9f4(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_410(Eurydice_slice input, uint8_t ret[128U]) { - PRF_f70(input, ret); + PRF_a6(input, ret); } /** @@ -8288,18 +8355,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_551( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void invert_ntt_montgomery_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_08(&zeta_i, re); - invert_ntt_at_layer_2_91(&zeta_i, re); - invert_ntt_at_layer_3_41(&zeta_i, re); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_ed(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_ef_17(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_8c(&zeta_i, re); + invert_ntt_at_layer_3_8c(&zeta_i, re); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_ef_8c(re); } /** @@ -8308,46 +8375,42 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_b81( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[3U]; +static KRML_MUSTINLINE void compute_vector_u_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result0[i] = ZERO_ef_1b();); + result[i] = ZERO_ef_8c();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(a_element, &r_as_ntt[j]); - add_to_ring_element_ef_5d1(&result0[i1], &product); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(a_element, &r_as_ntt[j]); + add_to_ring_element_ef_1b(&result[i1], &product); } - invert_ntt_montgomery_551(&result0[i1]); - add_error_reduce_ef_4d(&result0[i1], &error_1[i1]); + invert_ntt_montgomery_1b(&result[i1]); + add_error_reduce_ef_8c(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, result0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -8356,19 +8419,19 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_1e1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_ring_element_v_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_ef_5d1(&result, &product);); - invert_ntt_montgomery_551(&result); - result = add_message_error_reduce_ef_21(error_2, message, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_ef_1b(&result, &product);); + invert_ntt_montgomery_1b(&result); + result = add_message_error_reduce_ef_8c(error_2, message, result); return result; } @@ -8381,23 +8444,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_cd1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], +static void compress_then_serialize_u_43( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_b50(&re, ret); + compress_then_serialize_ring_element_u_fe(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -8421,59 +8484,59 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_c31(IndCpaPublicKeyUnpacked_f8 *public_key, +static void encrypt_unpacked_2a1(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_421(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = - sample_vector_cbd_then_ntt_out_cb1(copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; + tuple_230 uu____1 = + sample_vector_cbd_then_ntt_out_3b1(copy_of_prf_input0, 0U); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = - sample_ring_element_cbd_7f1(copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; + tuple_230 uu____3 = + sample_ring_element_cbd_3b1(copy_of_prf_input, domain_separator0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U]; memcpy( error_1, uu____3.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_9f4(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_410(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = + sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_b81(public_key->A, r_as_ntt, error_1, u); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[3U]; + compute_vector_u_1b(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_e3(copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_1e1(public_key->t_as_ntt, r_as_ntt, &error_2, - &message_as_ring_element); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element = + deserialize_then_decompress_message_8c(copy_of_message); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + compute_ring_element_v_1b(public_key->t_as_ntt, r_as_ntt, &error_2, + &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____5[3U]; memcpy( uu____5, u, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_cd1( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + compress_then_serialize_u_43( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_cf0( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____6 = v; + compress_then_serialize_ring_element_v_ff0( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -8497,26 +8560,26 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_4b(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_2a(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_d11(); - deserialize_ring_elements_reduced_da1( + IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_1b(); + deserialize_ring_elements_reduced_1b( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____0)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____0)[3U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_0d1(uu____0, ret0, false); - IndCpaPublicKeyUnpacked_f8 *uu____1 = &unpacked_public_key; + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + sample_matrix_A_2b1(uu____0, ret0, false); + IndCpaPublicKeyUnpacked_a0 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - encrypt_unpacked_c31(uu____1, copy_of_message, randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + encrypt_unpacked_2a1(uu____1, copy_of_message, randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -8530,7 +8593,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_b7(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_d6(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8557,27 +8620,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_66( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_a9( + entropy_preprocess_d8_9c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_d51(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), - uint8_t), - ret); + H_f1_e0(Eurydice_array_to_slice( + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), + uint8_t), + ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_871(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_e0(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -8585,25 +8648,25 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_66( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_fe1(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_4b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_451(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_b7(shared_secret, shared_secret_array); + kdf_d8_d6(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -8615,12 +8678,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_12( +static KRML_MUSTINLINE void deserialize_secret_key_1b( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = ZERO_ef_1b();); + secret_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -8631,17 +8694,13 @@ static KRML_MUSTINLINE void deserialize_secret_key_12( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_07(secret_bytes); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + deserialize_to_uncompressed_ring_element_8c(secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -8652,12 +8711,12 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_bb1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_6c( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = ZERO_ef_1b();); + u_as_ntt[i] = ZERO_ef_8c();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t), @@ -8675,12 +8734,12 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_bb1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_cd0(u_bytes); - ntt_vector_u_2c0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_0a(u_bytes); + ntt_vector_u_0a(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -8689,18 +8748,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_821( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +compute_message_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = ZERO_ef_8c(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_ef_45(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_ef_5d1(&result, &product);); - invert_ntt_montgomery_551(&result); - result = subtract_reduce_ef_92(v, result); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + ntt_multiply_ef_8c(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_ef_1b(&result, &product);); + invert_ntt_montgomery_1b(&result); + result = subtract_reduce_ef_8c(v, result); return result; } @@ -8714,18 +8773,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_c91(IndCpaPrivateKeyUnpacked_f8 *secret_key, - uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_bb1(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_ce0( +static void decrypt_unpacked_42(IndCpaPrivateKeyUnpacked_a0 *secret_key, + uint8_t *ciphertext, uint8_t ret[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; + deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + deserialize_then_decompress_ring_element_v_d0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_821(&v, secret_key->secret_as_ntt, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message = + compute_message_1b(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_15(message, ret0); + compress_then_serialize_message_8c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8739,22 +8798,22 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_dc(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_42(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_12(secret_key, secret_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; + deserialize_secret_key_1b(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_secret_as_ntt[3U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - IndCpaPrivateKeyUnpacked_f8 secret_key_unpacked; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + IndCpaPrivateKeyUnpacked_a0 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - decrypt_unpacked_c91(&secret_key_unpacked, ciphertext, result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + uint8_t ret0[32U]; + decrypt_unpacked_42(&secret_key_unpacked, ciphertext, ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -8767,8 +8826,8 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_9f3(Eurydice_slice input, uint8_t ret[32U]) { - PRF_f7(input, ret); +static KRML_MUSTINLINE void PRF_f1_41(Eurydice_slice input, uint8_t ret[32U]) { + PRF_9e(input, ret); } /** @@ -8793,8 +8852,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_19( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +void libcrux_ml_kem_ind_cca_decapsulate_62( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -8811,9 +8870,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_19( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_dc(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_42(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -8821,7 +8880,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_19( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_871(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_e0(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -8829,30 +8888,30 @@ void libcrux_ml_kem_ind_cca_decapsulate_19( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_425(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_401(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_9f3(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), - implicit_rejection_shared_secret0); + PRF_f1_41(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), + implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_4b(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_2a(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_b7(Eurydice_array_to_slice((size_t)32U, + kdf_d8_d6(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - kdf_d8_b7(shared_secret0, shared_secret1); + kdf_d8_d6(shared_secret0, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_401(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index e36fc4ae2..ad2c41c1f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem_portable_H @@ -74,6 +74,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_11( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[22U]); +void libcrux_ml_kem_vector_portable_serialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[22U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -99,6 +103,9 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_11_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -421,8 +428,7 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d( void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, size_t j, - libcrux_ml_kem_vector_portable_vector_type_PortableVector *out); + size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out); libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ntt_ntt_multiply( @@ -444,6 +450,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[2U]); +void libcrux_ml_kem_vector_portable_serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[2U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -455,6 +465,9 @@ void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -476,6 +489,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[8U]); +void libcrux_ml_kem_vector_portable_serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[8U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -490,6 +507,9 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_4_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -512,6 +532,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_5( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[10U]); +void libcrux_ml_kem_vector_portable_serialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[10U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -526,6 +550,9 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_5_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -540,6 +567,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_10( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[20U]); +void libcrux_ml_kem_vector_portable_serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[20U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -554,6 +585,9 @@ int16_t_x8 libcrux_ml_kem_vector_portable_serialize_deserialize_10_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -574,6 +608,10 @@ void libcrux_ml_kem_vector_portable_serialize_serialize_12( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, uint8_t ret[24U]); +void libcrux_ml_kem_vector_portable_serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[24U]); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -593,6 +631,9 @@ int16_t_x2 libcrux_ml_kem_vector_portable_serialize_deserialize_12_int( libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes); +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a); + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index 09a7923b5..8e5562ecc 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_H @@ -29,7 +29,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha512(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e4(buf0, buf); + libcrux_sha3_portable_keccakx1_96(buf0, buf); } /** @@ -39,7 +39,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha256(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e40(buf0, buf); + libcrux_sha3_portable_keccakx1_ad(buf0, buf); } /** @@ -49,7 +49,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake256( Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e41(buf0, buf); + libcrux_sha3_portable_keccakx1_ad0(buf0, buf); } /** @@ -59,7 +59,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha224(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e42(buf0, buf); + libcrux_sha3_portable_keccakx1_1e(buf0, buf); } /** @@ -69,7 +69,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e43(buf0, buf); + libcrux_sha3_portable_keccakx1_7c(buf0, buf); } /** @@ -158,7 +158,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake128( Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e44(buf0, buf); + libcrux_sha3_portable_keccakx1_c6(buf0, buf); } /** diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index 49d6623c3..9d800b385 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "internal/libcrux_sha3_avx2.h" @@ -46,14 +46,14 @@ with const generics - LEFT= 1 - RIGHT= 63 */ -static KRML_MUSTINLINE __m256i rotate_left_21(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_76(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)1, x, __m256i), mm256_srli_epi64((int32_t)63, x, __m256i)); } static KRML_MUSTINLINE __m256i _vrax1q_u64(__m256i a, __m256i b) { __m256i uu____0 = a; - return mm256_xor_si256(uu____0, rotate_left_21(b)); + return mm256_xor_si256(uu____0, rotate_left_76(b)); } /** @@ -175,9 +175,9 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_29 -new_89_71(void) { - libcrux_sha3_generic_keccak_KeccakState_29 lit; +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_55 +new_89_a6(void) { + libcrux_sha3_generic_keccak_KeccakState_55 lit; lit.st[0U][0U] = zero_ef(); lit.st[0U][1U] = zero_ef(); lit.st[0U][2U] = zero_ef(); @@ -211,7 +211,7 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void load_block_fe(__m256i (*s)[5U], +static KRML_MUSTINLINE void load_block_5b(__m256i (*s)[5U], Eurydice_slice blocks[4U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)32U; i++) { size_t i0 = i; @@ -331,13 +331,13 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block_ef with const generics - RATE= 136 */ -static KRML_MUSTINLINE void load_block_ef_d4(__m256i (*a)[5U], +static KRML_MUSTINLINE void load_block_ef_5b(__m256i (*a)[5U], Eurydice_slice b[4U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[4U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(Eurydice_slice)); - load_block_fe(uu____0, copy_of_b); + load_block_5b(uu____0, copy_of_b); } /** @@ -346,7 +346,7 @@ with const generics - LEFT= 36 - RIGHT= 28 */ -static KRML_MUSTINLINE __m256i rotate_left_210(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_02(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)36, x, __m256i), mm256_srli_epi64((int32_t)28, x, __m256i)); } @@ -357,9 +357,9 @@ with const generics - LEFT= 36 - RIGHT= 28 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_13(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_02(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_210(ab); + return rotate_left_02(ab); } /** @@ -372,8 +372,8 @@ with const generics - LEFT= 36 - RIGHT= 28 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c(__m256i a, __m256i b) { - return _vxarq_u64_13(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_02(__m256i a, __m256i b) { + return _vxarq_u64_02(a, b); } /** @@ -382,7 +382,7 @@ with const generics - LEFT= 3 - RIGHT= 61 */ -static KRML_MUSTINLINE __m256i rotate_left_211(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_ac(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)3, x, __m256i), mm256_srli_epi64((int32_t)61, x, __m256i)); } @@ -393,9 +393,9 @@ with const generics - LEFT= 3 - RIGHT= 61 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_130(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_ac(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_211(ab); + return rotate_left_ac(ab); } /** @@ -408,8 +408,8 @@ with const generics - LEFT= 3 - RIGHT= 61 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c0(__m256i a, __m256i b) { - return _vxarq_u64_130(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_ac(__m256i a, __m256i b) { + return _vxarq_u64_ac(a, b); } /** @@ -418,7 +418,7 @@ with const generics - LEFT= 41 - RIGHT= 23 */ -static KRML_MUSTINLINE __m256i rotate_left_212(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_020(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)41, x, __m256i), mm256_srli_epi64((int32_t)23, x, __m256i)); } @@ -429,9 +429,9 @@ with const generics - LEFT= 41 - RIGHT= 23 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_131(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_020(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_212(ab); + return rotate_left_020(ab); } /** @@ -444,8 +444,8 @@ with const generics - LEFT= 41 - RIGHT= 23 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c1(__m256i a, __m256i b) { - return _vxarq_u64_131(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_020(__m256i a, __m256i b) { + return _vxarq_u64_020(a, b); } /** @@ -454,7 +454,7 @@ with const generics - LEFT= 18 - RIGHT= 46 */ -static KRML_MUSTINLINE __m256i rotate_left_213(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_a9(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)18, x, __m256i), mm256_srli_epi64((int32_t)46, x, __m256i)); } @@ -465,9 +465,9 @@ with const generics - LEFT= 18 - RIGHT= 46 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_132(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_a9(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_213(ab); + return rotate_left_a9(ab); } /** @@ -480,8 +480,8 @@ with const generics - LEFT= 18 - RIGHT= 46 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c2(__m256i a, __m256i b) { - return _vxarq_u64_132(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_a9(__m256i a, __m256i b) { + return _vxarq_u64_a9(a, b); } /** @@ -490,9 +490,9 @@ with const generics - LEFT= 1 - RIGHT= 63 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_133(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_76(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_21(ab); + return rotate_left_76(ab); } /** @@ -505,8 +505,8 @@ with const generics - LEFT= 1 - RIGHT= 63 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c3(__m256i a, __m256i b) { - return _vxarq_u64_133(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_76(__m256i a, __m256i b) { + return _vxarq_u64_76(a, b); } /** @@ -515,7 +515,7 @@ with const generics - LEFT= 44 - RIGHT= 20 */ -static KRML_MUSTINLINE __m256i rotate_left_214(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_58(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)44, x, __m256i), mm256_srli_epi64((int32_t)20, x, __m256i)); } @@ -526,9 +526,9 @@ with const generics - LEFT= 44 - RIGHT= 20 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_134(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_58(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_214(ab); + return rotate_left_58(ab); } /** @@ -541,8 +541,8 @@ with const generics - LEFT= 44 - RIGHT= 20 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c4(__m256i a, __m256i b) { - return _vxarq_u64_134(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_58(__m256i a, __m256i b) { + return _vxarq_u64_58(a, b); } /** @@ -551,7 +551,7 @@ with const generics - LEFT= 10 - RIGHT= 54 */ -static KRML_MUSTINLINE __m256i rotate_left_215(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_e0(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)10, x, __m256i), mm256_srli_epi64((int32_t)54, x, __m256i)); } @@ -562,9 +562,9 @@ with const generics - LEFT= 10 - RIGHT= 54 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_135(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_e0(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_215(ab); + return rotate_left_e0(ab); } /** @@ -577,8 +577,8 @@ with const generics - LEFT= 10 - RIGHT= 54 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c5(__m256i a, __m256i b) { - return _vxarq_u64_135(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_e0(__m256i a, __m256i b) { + return _vxarq_u64_e0(a, b); } /** @@ -587,7 +587,7 @@ with const generics - LEFT= 45 - RIGHT= 19 */ -static KRML_MUSTINLINE __m256i rotate_left_216(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_63(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)45, x, __m256i), mm256_srli_epi64((int32_t)19, x, __m256i)); } @@ -598,9 +598,9 @@ with const generics - LEFT= 45 - RIGHT= 19 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_136(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_63(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_216(ab); + return rotate_left_63(ab); } /** @@ -613,8 +613,8 @@ with const generics - LEFT= 45 - RIGHT= 19 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c6(__m256i a, __m256i b) { - return _vxarq_u64_136(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_63(__m256i a, __m256i b) { + return _vxarq_u64_63(a, b); } /** @@ -623,7 +623,7 @@ with const generics - LEFT= 2 - RIGHT= 62 */ -static KRML_MUSTINLINE __m256i rotate_left_217(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_6a(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)2, x, __m256i), mm256_srli_epi64((int32_t)62, x, __m256i)); } @@ -634,9 +634,9 @@ with const generics - LEFT= 2 - RIGHT= 62 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_137(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_6a(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_217(ab); + return rotate_left_6a(ab); } /** @@ -649,8 +649,8 @@ with const generics - LEFT= 2 - RIGHT= 62 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c7(__m256i a, __m256i b) { - return _vxarq_u64_137(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_6a(__m256i a, __m256i b) { + return _vxarq_u64_6a(a, b); } /** @@ -659,7 +659,7 @@ with const generics - LEFT= 62 - RIGHT= 2 */ -static KRML_MUSTINLINE __m256i rotate_left_218(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_ab(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)62, x, __m256i), mm256_srli_epi64((int32_t)2, x, __m256i)); } @@ -670,9 +670,9 @@ with const generics - LEFT= 62 - RIGHT= 2 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_138(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_ab(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_218(ab); + return rotate_left_ab(ab); } /** @@ -685,8 +685,8 @@ with const generics - LEFT= 62 - RIGHT= 2 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c8(__m256i a, __m256i b) { - return _vxarq_u64_138(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_ab(__m256i a, __m256i b) { + return _vxarq_u64_ab(a, b); } /** @@ -695,7 +695,7 @@ with const generics - LEFT= 6 - RIGHT= 58 */ -static KRML_MUSTINLINE __m256i rotate_left_219(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_5b(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)6, x, __m256i), mm256_srli_epi64((int32_t)58, x, __m256i)); } @@ -706,9 +706,9 @@ with const generics - LEFT= 6 - RIGHT= 58 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_139(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_5b(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_219(ab); + return rotate_left_5b(ab); } /** @@ -721,8 +721,8 @@ with const generics - LEFT= 6 - RIGHT= 58 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c9(__m256i a, __m256i b) { - return _vxarq_u64_139(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5b(__m256i a, __m256i b) { + return _vxarq_u64_5b(a, b); } /** @@ -731,7 +731,7 @@ with const generics - LEFT= 43 - RIGHT= 21 */ -static KRML_MUSTINLINE __m256i rotate_left_2110(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_6f(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)43, x, __m256i), mm256_srli_epi64((int32_t)21, x, __m256i)); } @@ -742,9 +742,9 @@ with const generics - LEFT= 43 - RIGHT= 21 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1310(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_6f(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2110(ab); + return rotate_left_6f(ab); } /** @@ -757,8 +757,8 @@ with const generics - LEFT= 43 - RIGHT= 21 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c10(__m256i a, __m256i b) { - return _vxarq_u64_1310(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_6f(__m256i a, __m256i b) { + return _vxarq_u64_6f(a, b); } /** @@ -767,7 +767,7 @@ with const generics - LEFT= 15 - RIGHT= 49 */ -static KRML_MUSTINLINE __m256i rotate_left_2111(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_62(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)15, x, __m256i), mm256_srli_epi64((int32_t)49, x, __m256i)); } @@ -778,9 +778,9 @@ with const generics - LEFT= 15 - RIGHT= 49 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1311(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_62(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2111(ab); + return rotate_left_62(ab); } /** @@ -793,8 +793,8 @@ with const generics - LEFT= 15 - RIGHT= 49 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c11(__m256i a, __m256i b) { - return _vxarq_u64_1311(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_62(__m256i a, __m256i b) { + return _vxarq_u64_62(a, b); } /** @@ -803,7 +803,7 @@ with const generics - LEFT= 61 - RIGHT= 3 */ -static KRML_MUSTINLINE __m256i rotate_left_2112(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_23(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)61, x, __m256i), mm256_srli_epi64((int32_t)3, x, __m256i)); } @@ -814,9 +814,9 @@ with const generics - LEFT= 61 - RIGHT= 3 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1312(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_23(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2112(ab); + return rotate_left_23(ab); } /** @@ -829,8 +829,8 @@ with const generics - LEFT= 61 - RIGHT= 3 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c12(__m256i a, __m256i b) { - return _vxarq_u64_1312(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_23(__m256i a, __m256i b) { + return _vxarq_u64_23(a, b); } /** @@ -839,7 +839,7 @@ with const generics - LEFT= 28 - RIGHT= 36 */ -static KRML_MUSTINLINE __m256i rotate_left_2113(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_37(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)28, x, __m256i), mm256_srli_epi64((int32_t)36, x, __m256i)); } @@ -850,9 +850,9 @@ with const generics - LEFT= 28 - RIGHT= 36 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1313(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_37(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2113(ab); + return rotate_left_37(ab); } /** @@ -865,8 +865,8 @@ with const generics - LEFT= 28 - RIGHT= 36 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c13(__m256i a, __m256i b) { - return _vxarq_u64_1313(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_37(__m256i a, __m256i b) { + return _vxarq_u64_37(a, b); } /** @@ -875,7 +875,7 @@ with const generics - LEFT= 55 - RIGHT= 9 */ -static KRML_MUSTINLINE __m256i rotate_left_2114(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_bb(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)55, x, __m256i), mm256_srli_epi64((int32_t)9, x, __m256i)); } @@ -886,9 +886,9 @@ with const generics - LEFT= 55 - RIGHT= 9 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1314(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_bb(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2114(ab); + return rotate_left_bb(ab); } /** @@ -901,8 +901,8 @@ with const generics - LEFT= 55 - RIGHT= 9 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c14(__m256i a, __m256i b) { - return _vxarq_u64_1314(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_bb(__m256i a, __m256i b) { + return _vxarq_u64_bb(a, b); } /** @@ -911,7 +911,7 @@ with const generics - LEFT= 25 - RIGHT= 39 */ -static KRML_MUSTINLINE __m256i rotate_left_2115(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_b9(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)25, x, __m256i), mm256_srli_epi64((int32_t)39, x, __m256i)); } @@ -922,9 +922,9 @@ with const generics - LEFT= 25 - RIGHT= 39 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1315(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_b9(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2115(ab); + return rotate_left_b9(ab); } /** @@ -937,8 +937,8 @@ with const generics - LEFT= 25 - RIGHT= 39 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c15(__m256i a, __m256i b) { - return _vxarq_u64_1315(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_b9(__m256i a, __m256i b) { + return _vxarq_u64_b9(a, b); } /** @@ -947,7 +947,7 @@ with const generics - LEFT= 21 - RIGHT= 43 */ -static KRML_MUSTINLINE __m256i rotate_left_2116(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_54(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)21, x, __m256i), mm256_srli_epi64((int32_t)43, x, __m256i)); } @@ -958,9 +958,9 @@ with const generics - LEFT= 21 - RIGHT= 43 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1316(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_54(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2116(ab); + return rotate_left_54(ab); } /** @@ -973,8 +973,8 @@ with const generics - LEFT= 21 - RIGHT= 43 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c16(__m256i a, __m256i b) { - return _vxarq_u64_1316(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_54(__m256i a, __m256i b) { + return _vxarq_u64_54(a, b); } /** @@ -983,7 +983,7 @@ with const generics - LEFT= 56 - RIGHT= 8 */ -static KRML_MUSTINLINE __m256i rotate_left_2117(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_4c(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)56, x, __m256i), mm256_srli_epi64((int32_t)8, x, __m256i)); } @@ -994,9 +994,9 @@ with const generics - LEFT= 56 - RIGHT= 8 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1317(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_4c(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2117(ab); + return rotate_left_4c(ab); } /** @@ -1009,8 +1009,8 @@ with const generics - LEFT= 56 - RIGHT= 8 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c17(__m256i a, __m256i b) { - return _vxarq_u64_1317(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_4c(__m256i a, __m256i b) { + return _vxarq_u64_4c(a, b); } /** @@ -1019,7 +1019,7 @@ with const generics - LEFT= 27 - RIGHT= 37 */ -static KRML_MUSTINLINE __m256i rotate_left_2118(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_ce(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)27, x, __m256i), mm256_srli_epi64((int32_t)37, x, __m256i)); } @@ -1030,9 +1030,9 @@ with const generics - LEFT= 27 - RIGHT= 37 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1318(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_ce(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2118(ab); + return rotate_left_ce(ab); } /** @@ -1045,8 +1045,8 @@ with const generics - LEFT= 27 - RIGHT= 37 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c18(__m256i a, __m256i b) { - return _vxarq_u64_1318(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_ce(__m256i a, __m256i b) { + return _vxarq_u64_ce(a, b); } /** @@ -1055,7 +1055,7 @@ with const generics - LEFT= 20 - RIGHT= 44 */ -static KRML_MUSTINLINE __m256i rotate_left_2119(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_77(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)20, x, __m256i), mm256_srli_epi64((int32_t)44, x, __m256i)); } @@ -1066,9 +1066,9 @@ with const generics - LEFT= 20 - RIGHT= 44 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1319(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_77(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2119(ab); + return rotate_left_77(ab); } /** @@ -1081,8 +1081,8 @@ with const generics - LEFT= 20 - RIGHT= 44 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c19(__m256i a, __m256i b) { - return _vxarq_u64_1319(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_77(__m256i a, __m256i b) { + return _vxarq_u64_77(a, b); } /** @@ -1091,7 +1091,7 @@ with const generics - LEFT= 39 - RIGHT= 25 */ -static KRML_MUSTINLINE __m256i rotate_left_2120(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_25(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)39, x, __m256i), mm256_srli_epi64((int32_t)25, x, __m256i)); } @@ -1102,9 +1102,9 @@ with const generics - LEFT= 39 - RIGHT= 25 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1320(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_25(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2120(ab); + return rotate_left_25(ab); } /** @@ -1117,8 +1117,8 @@ with const generics - LEFT= 39 - RIGHT= 25 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c20(__m256i a, __m256i b) { - return _vxarq_u64_1320(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_25(__m256i a, __m256i b) { + return _vxarq_u64_25(a, b); } /** @@ -1127,7 +1127,7 @@ with const generics - LEFT= 8 - RIGHT= 56 */ -static KRML_MUSTINLINE __m256i rotate_left_2121(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_af(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)8, x, __m256i), mm256_srli_epi64((int32_t)56, x, __m256i)); } @@ -1138,9 +1138,9 @@ with const generics - LEFT= 8 - RIGHT= 56 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1321(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_af(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2121(ab); + return rotate_left_af(ab); } /** @@ -1153,8 +1153,8 @@ with const generics - LEFT= 8 - RIGHT= 56 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c21(__m256i a, __m256i b) { - return _vxarq_u64_1321(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_af(__m256i a, __m256i b) { + return _vxarq_u64_af(a, b); } /** @@ -1163,7 +1163,7 @@ with const generics - LEFT= 14 - RIGHT= 50 */ -static KRML_MUSTINLINE __m256i rotate_left_2122(__m256i x) { +static KRML_MUSTINLINE __m256i rotate_left_fd(__m256i x) { return mm256_xor_si256(mm256_slli_epi64((int32_t)14, x, __m256i), mm256_srli_epi64((int32_t)50, x, __m256i)); } @@ -1174,9 +1174,9 @@ with const generics - LEFT= 14 - RIGHT= 50 */ -static KRML_MUSTINLINE __m256i _vxarq_u64_1322(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i _vxarq_u64_fd(__m256i a, __m256i b) { __m256i ab = mm256_xor_si256(a, b); - return rotate_left_2122(ab); + return rotate_left_fd(ab); } /** @@ -1189,8 +1189,8 @@ with const generics - LEFT= 14 - RIGHT= 50 */ -static KRML_MUSTINLINE __m256i xor_and_rotate_ef_5c22(__m256i a, __m256i b) { - return _vxarq_u64_1322(a, b); +static KRML_MUSTINLINE __m256i xor_and_rotate_ef_fd(__m256i a, __m256i b) { + return _vxarq_u64_fd(a, b); } /** @@ -1199,8 +1199,8 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE void theta_rho_1b( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void theta_rho_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i c[5U] = {xor5_ef(s->st[0U][0U], s->st[1U][0U], s->st[2U][0U], s->st[3U][0U], s->st[4U][0U]), xor5_ef(s->st[0U][1U], s->st[1U][1U], s->st[2U][1U], @@ -1228,30 +1228,30 @@ static KRML_MUSTINLINE void theta_rho_1b( rotate_left1_and_xor_ef(c[((size_t)4U + (size_t)4U) % (size_t)5U], c[((size_t)4U + (size_t)1U) % (size_t)5U])}; s->st[0U][0U] = xor_ef(s->st[0U][0U], t[0U]); - s->st[1U][0U] = xor_and_rotate_ef_5c(s->st[1U][0U], t[0U]); - s->st[2U][0U] = xor_and_rotate_ef_5c0(s->st[2U][0U], t[0U]); - s->st[3U][0U] = xor_and_rotate_ef_5c1(s->st[3U][0U], t[0U]); - s->st[4U][0U] = xor_and_rotate_ef_5c2(s->st[4U][0U], t[0U]); - s->st[0U][1U] = xor_and_rotate_ef_5c3(s->st[0U][1U], t[1U]); - s->st[1U][1U] = xor_and_rotate_ef_5c4(s->st[1U][1U], t[1U]); - s->st[2U][1U] = xor_and_rotate_ef_5c5(s->st[2U][1U], t[1U]); - s->st[3U][1U] = xor_and_rotate_ef_5c6(s->st[3U][1U], t[1U]); - s->st[4U][1U] = xor_and_rotate_ef_5c7(s->st[4U][1U], t[1U]); - s->st[0U][2U] = xor_and_rotate_ef_5c8(s->st[0U][2U], t[2U]); - s->st[1U][2U] = xor_and_rotate_ef_5c9(s->st[1U][2U], t[2U]); - s->st[2U][2U] = xor_and_rotate_ef_5c10(s->st[2U][2U], t[2U]); - s->st[3U][2U] = xor_and_rotate_ef_5c11(s->st[3U][2U], t[2U]); - s->st[4U][2U] = xor_and_rotate_ef_5c12(s->st[4U][2U], t[2U]); - s->st[0U][3U] = xor_and_rotate_ef_5c13(s->st[0U][3U], t[3U]); - s->st[1U][3U] = xor_and_rotate_ef_5c14(s->st[1U][3U], t[3U]); - s->st[2U][3U] = xor_and_rotate_ef_5c15(s->st[2U][3U], t[3U]); - s->st[3U][3U] = xor_and_rotate_ef_5c16(s->st[3U][3U], t[3U]); - s->st[4U][3U] = xor_and_rotate_ef_5c17(s->st[4U][3U], t[3U]); - s->st[0U][4U] = xor_and_rotate_ef_5c18(s->st[0U][4U], t[4U]); - s->st[1U][4U] = xor_and_rotate_ef_5c19(s->st[1U][4U], t[4U]); - s->st[2U][4U] = xor_and_rotate_ef_5c20(s->st[2U][4U], t[4U]); - s->st[3U][4U] = xor_and_rotate_ef_5c21(s->st[3U][4U], t[4U]); - __m256i uu____27 = xor_and_rotate_ef_5c22(s->st[4U][4U], t[4U]); + s->st[1U][0U] = xor_and_rotate_ef_02(s->st[1U][0U], t[0U]); + s->st[2U][0U] = xor_and_rotate_ef_ac(s->st[2U][0U], t[0U]); + s->st[3U][0U] = xor_and_rotate_ef_020(s->st[3U][0U], t[0U]); + s->st[4U][0U] = xor_and_rotate_ef_a9(s->st[4U][0U], t[0U]); + s->st[0U][1U] = xor_and_rotate_ef_76(s->st[0U][1U], t[1U]); + s->st[1U][1U] = xor_and_rotate_ef_58(s->st[1U][1U], t[1U]); + s->st[2U][1U] = xor_and_rotate_ef_e0(s->st[2U][1U], t[1U]); + s->st[3U][1U] = xor_and_rotate_ef_63(s->st[3U][1U], t[1U]); + s->st[4U][1U] = xor_and_rotate_ef_6a(s->st[4U][1U], t[1U]); + s->st[0U][2U] = xor_and_rotate_ef_ab(s->st[0U][2U], t[2U]); + s->st[1U][2U] = xor_and_rotate_ef_5b(s->st[1U][2U], t[2U]); + s->st[2U][2U] = xor_and_rotate_ef_6f(s->st[2U][2U], t[2U]); + s->st[3U][2U] = xor_and_rotate_ef_62(s->st[3U][2U], t[2U]); + s->st[4U][2U] = xor_and_rotate_ef_23(s->st[4U][2U], t[2U]); + s->st[0U][3U] = xor_and_rotate_ef_37(s->st[0U][3U], t[3U]); + s->st[1U][3U] = xor_and_rotate_ef_bb(s->st[1U][3U], t[3U]); + s->st[2U][3U] = xor_and_rotate_ef_b9(s->st[2U][3U], t[3U]); + s->st[3U][3U] = xor_and_rotate_ef_54(s->st[3U][3U], t[3U]); + s->st[4U][3U] = xor_and_rotate_ef_4c(s->st[4U][3U], t[3U]); + s->st[0U][4U] = xor_and_rotate_ef_ce(s->st[0U][4U], t[4U]); + s->st[1U][4U] = xor_and_rotate_ef_77(s->st[1U][4U], t[4U]); + s->st[2U][4U] = xor_and_rotate_ef_25(s->st[2U][4U], t[4U]); + s->st[3U][4U] = xor_and_rotate_ef_af(s->st[3U][4U], t[4U]); + __m256i uu____27 = xor_and_rotate_ef_fd(s->st[4U][4U], t[4U]); s->st[4U][4U] = uu____27; } @@ -1261,8 +1261,8 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE void pi_70( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void pi_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(__m256i[5U])); s->st[0U][1U] = old[1U][1U]; @@ -1297,8 +1297,8 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE void chi_12( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void chi_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(__m256i[5U])); KRML_MAYBE_FOR5( @@ -1315,8 +1315,8 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE void iota_fe( - libcrux_sha3_generic_keccak_KeccakState_29 *s, size_t i) { +static KRML_MUSTINLINE void iota_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s, size_t i) { s->st[0U][0U] = xor_constant_ef( s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]); } @@ -1327,14 +1327,14 @@ with types core_core_arch_x86___m256i with const generics - N= 4 */ -static KRML_MUSTINLINE void keccakf1600_cd( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void keccakf1600_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { for (size_t i = (size_t)0U; i < (size_t)24U; i++) { size_t i0 = i; - theta_rho_1b(s); - pi_70(s); - chi_12(s); - iota_fe(s, i0); + theta_rho_a6(s); + pi_a6(s); + chi_a6(s); + iota_a6(s, i0); } } @@ -1345,13 +1345,13 @@ with const generics - N= 4 - RATE= 136 */ -static KRML_MUSTINLINE void absorb_block_32( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice blocks[4U]) { +static KRML_MUSTINLINE void absorb_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice blocks[4U]) { __m256i(*uu____0)[5U] = s->st; Eurydice_slice uu____1[4U]; memcpy(uu____1, blocks, (size_t)4U * sizeof(Eurydice_slice)); - load_block_ef_d4(uu____0, uu____1); - keccakf1600_cd(s); + load_block_ef_5b(uu____0, uu____1); + keccakf1600_a6(s); } /** @@ -1359,14 +1359,14 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void load_block_full_1d(__m256i (*s)[5U], +static KRML_MUSTINLINE void load_block_full_5b(__m256i (*s)[5U], uint8_t blocks[4U][200U]) { Eurydice_slice buf[4U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[1U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[2U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[3U], uint8_t)}; - load_block_fe(s, buf); + load_block_5b(s, buf); } /** @@ -1378,13 +1378,13 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block_full_ef with const generics - RATE= 136 */ -static KRML_MUSTINLINE void load_block_full_ef_e6(__m256i (*a)[5U], +static KRML_MUSTINLINE void load_block_full_ef_5b(__m256i (*a)[5U], uint8_t b[4U][200U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[4U][200U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(uint8_t[200U])); - load_block_full_1d(uu____0, copy_of_b); + load_block_full_5b(uu____0, copy_of_b); } /** @@ -1395,8 +1395,8 @@ with const generics - RATE= 136 - DELIM= 31 */ -KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice last[4U]) { +static KRML_MUSTINLINE void absorb_final_fb( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice last[4U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[4U][200U] = {{0U}}; KRML_MAYBE_FOR4( @@ -1411,8 +1411,8 @@ KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f( __m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); - load_block_full_ef_e6(uu____3, uu____4); - keccakf1600_cd(s); + load_block_full_ef_5b(uu____3, uu____4); + keccakf1600_a6(s); } /** @@ -1420,7 +1420,7 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void store_block_78(__m256i (*s)[5U], +static KRML_MUSTINLINE void store_block_5b(__m256i (*s)[5U], Eurydice_slice out[4U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)32U; i++) { size_t i0 = i; @@ -1542,7 +1542,7 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void store_block_full_61(__m256i (*s)[5U], +static KRML_MUSTINLINE void store_block_full_5b(__m256i (*s)[5U], uint8_t ret[4U][200U]) { uint8_t out0[200U] = {0U}; uint8_t out1[200U] = {0U}; @@ -1553,7 +1553,7 @@ static KRML_MUSTINLINE void store_block_full_61(__m256i (*s)[5U], Eurydice_array_to_slice((size_t)200U, out1, uint8_t), Eurydice_array_to_slice((size_t)200U, out2, uint8_t), Eurydice_array_to_slice((size_t)200U, out3, uint8_t)}; - store_block_78(s, buf); + store_block_5b(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out0[200U]; memcpy(copy_of_out0, out0, (size_t)200U * sizeof(uint8_t)); @@ -1580,9 +1580,9 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block_full_ef with const generics - RATE= 136 */ -static KRML_MUSTINLINE void store_block_full_ef_d1(__m256i (*a)[5U], +static KRML_MUSTINLINE void store_block_full_ef_5b(__m256i (*a)[5U], uint8_t ret[4U][200U]) { - store_block_full_61(a, ret); + store_block_full_5b(a, ret); } /** @@ -1592,18 +1592,18 @@ with const generics - N= 4 - RATE= 136 */ -static KRML_MUSTINLINE void squeeze_first_and_last_a8( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +static KRML_MUSTINLINE void squeeze_first_and_last_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { uint8_t b[4U][200U]; - store_block_full_ef_d1(s->st, b); + store_block_full_ef_5b(s->st, b); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; lit.start = (size_t)0U; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t);); } @@ -1616,9 +1616,9 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block_ef with const generics - RATE= 136 */ -static KRML_MUSTINLINE void store_block_ef_e3(__m256i (*a)[5U], +static KRML_MUSTINLINE void store_block_ef_5b(__m256i (*a)[5U], Eurydice_slice b[4U]) { - store_block_78(a, b); + store_block_5b(a, b); } /** @@ -1628,9 +1628,9 @@ with const generics - N= 4 - RATE= 136 */ -static KRML_MUSTINLINE void squeeze_first_block_ca( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - store_block_ef_e3(s->st, out); +static KRML_MUSTINLINE void squeeze_first_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + store_block_ef_5b(s->st, out); } /** @@ -1640,10 +1640,10 @@ with const generics - N= 4 - RATE= 136 */ -static KRML_MUSTINLINE void squeeze_next_block_66( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - keccakf1600_cd(s); - store_block_ef_e3(s->st, out); +static KRML_MUSTINLINE void squeeze_next_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + keccakf1600_a6(s); + store_block_ef_5b(s->st, out); } /** @@ -1653,19 +1653,19 @@ with const generics - N= 4 - RATE= 136 */ -static KRML_MUSTINLINE void squeeze_last_fe( - libcrux_sha3_generic_keccak_KeccakState_29 s, Eurydice_slice out[4U]) { - keccakf1600_cd(&s); +static KRML_MUSTINLINE void squeeze_last_97( + libcrux_sha3_generic_keccak_KeccakState_55 s, Eurydice_slice out[4U]) { + keccakf1600_a6(&s); uint8_t b[4U][200U]; - store_block_full_ef_d1(s.st, b); + store_block_full_ef_5b(s.st, b); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; lit.start = (size_t)0U; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t);); } @@ -1677,34 +1677,34 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void keccak_b9(Eurydice_slice data[4U], +static KRML_MUSTINLINE void keccak_fb(Eurydice_slice data[4U], Eurydice_slice out[4U]) { - libcrux_sha3_generic_keccak_KeccakState_29 s = new_89_71(); + libcrux_sha3_generic_keccak_KeccakState_55 s = new_89_a6(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_29 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_55 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[4U]; memcpy(copy_of_data, data, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice ret[4U]; slice_n_ef(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - absorb_block_32(uu____0, ret); + absorb_block_97(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_29 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_55 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[4U]; memcpy(copy_of_data, data, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice ret[4U]; slice_n_ef(copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_7f(uu____2, ret); + absorb_final_fb(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - squeeze_first_and_last_a8(&s, out); + squeeze_first_and_last_97(&s, out); } else { Eurydice_slice_uint8_t_4size_t__x2 uu____4 = split_at_mut_n_ef(out, (size_t)136U); @@ -1712,15 +1712,15 @@ static KRML_MUSTINLINE void keccak_b9(Eurydice_slice data[4U], memcpy(o0, uu____4.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o1[4U]; memcpy(o1, uu____4.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_first_block_ca(&s, o0); - core_ops_range_Range_b3 iter = + squeeze_first_block_97(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -1730,12 +1730,12 @@ static KRML_MUSTINLINE void keccak_b9(Eurydice_slice data[4U], memcpy(o, uu____5.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice orest[4U]; memcpy(orest, uu____5.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_next_block_66(&s, o); + squeeze_next_block_97(&s, o); memcpy(o1, orest, (size_t)4U * sizeof(Eurydice_slice)); } } if (last < outlen) { - squeeze_last_fe(s, o1); + squeeze_last_97(s, o1); } } } @@ -1749,15 +1749,15 @@ void libcrux_sha3_avx2_x4_shake256(Eurydice_slice input0, Eurydice_slice input1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf0[4U] = {input0, input1, input2, input3}; Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - keccak_b9(buf0, buf); + keccak_fb(buf0, buf); } /** Initialise the [`KeccakState`]. */ -libcrux_sha3_generic_keccak_KeccakState_29 +libcrux_sha3_generic_keccak_KeccakState_55 libcrux_sha3_avx2_x4_incremental_init(void) { - return new_89_71(); + return new_89_a6(); } /** @@ -1765,8 +1765,8 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void load_block_fe0(__m256i (*s)[5U], - Eurydice_slice blocks[4U]) { +static KRML_MUSTINLINE void load_block_3a(__m256i (*s)[5U], + Eurydice_slice blocks[4U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)32U; i++) { size_t i0 = i; __m256i v00 = mm256_loadu_si256_u8( @@ -1881,14 +1881,14 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block_full with const generics - RATE= 168 */ -static KRML_MUSTINLINE void load_block_full_1d0(__m256i (*s)[5U], - uint8_t blocks[4U][200U]) { +static KRML_MUSTINLINE void load_block_full_3a(__m256i (*s)[5U], + uint8_t blocks[4U][200U]) { Eurydice_slice buf[4U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[1U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[2U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[3U], uint8_t)}; - load_block_fe0(s, buf); + load_block_3a(s, buf); } /** @@ -1900,13 +1900,13 @@ A monomorphic instance of libcrux_sha3.simd.avx2.load_block_full_ef with const generics - RATE= 168 */ -static KRML_MUSTINLINE void load_block_full_ef_e60(__m256i (*a)[5U], - uint8_t b[4U][200U]) { +static KRML_MUSTINLINE void load_block_full_ef_3a(__m256i (*a)[5U], + uint8_t b[4U][200U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[4U][200U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(uint8_t[200U])); - load_block_full_1d0(uu____0, copy_of_b); + load_block_full_3a(uu____0, copy_of_b); } /** @@ -1917,8 +1917,8 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void absorb_final_7f0( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice last[4U]) { +static KRML_MUSTINLINE void absorb_final_fb0( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice last[4U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[4U][200U] = {{0U}}; KRML_MAYBE_FOR4( @@ -1933,18 +1933,18 @@ static KRML_MUSTINLINE void absorb_final_7f0( __m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); - load_block_full_ef_e60(uu____3, uu____4); - keccakf1600_cd(s); + load_block_full_ef_3a(uu____3, uu____4); + keccakf1600_a6(s); } /** Absorb */ void libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3) { Eurydice_slice buf[4U] = {data0, data1, data2, data3}; - absorb_final_7f0(s, buf); + absorb_final_fb0(s, buf); } /** @@ -1952,8 +1952,8 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void store_block_780(__m256i (*s)[5U], - Eurydice_slice out[4U]) { +static KRML_MUSTINLINE void store_block_3a(__m256i (*s)[5U], + Eurydice_slice out[4U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)32U; i++) { size_t i0 = i; __m256i v0l = mm256_permute2x128_si256( @@ -2078,9 +2078,9 @@ A monomorphic instance of libcrux_sha3.simd.avx2.store_block_ef with const generics - RATE= 168 */ -static KRML_MUSTINLINE void store_block_ef_e30(__m256i (*a)[5U], - Eurydice_slice b[4U]) { - store_block_780(a, b); +static KRML_MUSTINLINE void store_block_ef_3a(__m256i (*a)[5U], + Eurydice_slice b[4U]) { + store_block_3a(a, b); } /** @@ -2090,9 +2090,9 @@ with const generics - N= 4 - RATE= 168 */ -static KRML_MUSTINLINE void squeeze_first_block_ca0( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - store_block_ef_e30(s->st, out); +static KRML_MUSTINLINE void squeeze_first_block_970( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + store_block_ef_3a(s->st, out); } /** @@ -2102,10 +2102,10 @@ with const generics - N= 4 - RATE= 168 */ -static KRML_MUSTINLINE void squeeze_next_block_660( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - keccakf1600_cd(s); - store_block_ef_e30(s->st, out); +static KRML_MUSTINLINE void squeeze_next_block_970( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + keccakf1600_a6(s); + store_block_ef_3a(s->st, out); } /** @@ -2115,43 +2115,43 @@ with const generics - N= 4 - RATE= 168 */ -KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +static KRML_MUSTINLINE void squeeze_first_three_blocks_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { Eurydice_slice_uint8_t_4size_t__x2 uu____0 = split_at_mut_n_ef(out, (size_t)168U); Eurydice_slice o0[4U]; memcpy(o0, uu____0.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o10[4U]; memcpy(o10, uu____0.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_first_block_ca0(s, o0); + squeeze_first_block_970(s, o0); Eurydice_slice_uint8_t_4size_t__x2 uu____1 = split_at_mut_n_ef(o10, (size_t)168U); Eurydice_slice o1[4U]; memcpy(o1, uu____1.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o2[4U]; memcpy(o2, uu____1.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_next_block_660(s, o1); - squeeze_next_block_660(s, o2); + squeeze_next_block_970(s, o1); + squeeze_next_block_970(s, o2); } /** Squeeze three blocks */ void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed(s, buf); + squeeze_first_three_blocks_97(s, buf); } /** Squeeze another block */ void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - squeeze_next_block_660(s, buf); + squeeze_next_block_970(s, buf); } /** @@ -2161,37 +2161,37 @@ with const generics - N= 4 - RATE= 168 */ -static KRML_MUSTINLINE void squeeze_first_five_blocks_0b( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +static KRML_MUSTINLINE void squeeze_first_five_blocks_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { Eurydice_slice_uint8_t_4size_t__x2 uu____0 = split_at_mut_n_ef(out, (size_t)168U); Eurydice_slice o0[4U]; memcpy(o0, uu____0.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o10[4U]; memcpy(o10, uu____0.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_first_block_ca0(s, o0); + squeeze_first_block_970(s, o0); Eurydice_slice_uint8_t_4size_t__x2 uu____1 = split_at_mut_n_ef(o10, (size_t)168U); Eurydice_slice o1[4U]; memcpy(o1, uu____1.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o20[4U]; memcpy(o20, uu____1.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_next_block_660(s, o1); + squeeze_next_block_970(s, o1); Eurydice_slice_uint8_t_4size_t__x2 uu____2 = split_at_mut_n_ef(o20, (size_t)168U); Eurydice_slice o2[4U]; memcpy(o2, uu____2.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o30[4U]; memcpy(o30, uu____2.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_next_block_660(s, o2); + squeeze_next_block_970(s, o2); Eurydice_slice_uint8_t_4size_t__x2 uu____3 = split_at_mut_n_ef(o30, (size_t)168U); Eurydice_slice o3[4U]; memcpy(o3, uu____3.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o4[4U]; memcpy(o4, uu____3.snd, (size_t)4U * sizeof(Eurydice_slice)); - squeeze_next_block_660(s, o3); - squeeze_next_block_660(s, o4); + squeeze_next_block_970(s, o3); + squeeze_next_block_970(s, o4); } /** @@ -2199,20 +2199,20 @@ static KRML_MUSTINLINE void squeeze_first_five_blocks_0b( */ KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - squeeze_first_five_blocks_0b(s, buf); + squeeze_first_five_blocks_97(s, buf); } /** Absorb */ KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3) { Eurydice_slice buf[4U] = {data0, data1, data2, data3}; - libcrux_sha3_generic_keccak_absorb_final_7f(s, buf); + absorb_final_fb(s, buf); } /** @@ -2220,10 +2220,10 @@ KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_absorb_final( */ KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - squeeze_first_block_ca(s, buf); + squeeze_first_block_97(s, buf); } /** @@ -2231,8 +2231,8 @@ libcrux_sha3_avx2_x4_incremental_shake256_squeeze_first_block( */ KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - squeeze_next_block_66(s, buf); + squeeze_next_block_97(s, buf); } diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index 1e2e63c96..de46ad631 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_avx2_H @@ -23,16 +23,6 @@ extern "C" { #include "libcrux_core.h" #include "libcrux_sha3_internal.h" -/** -A monomorphic instance of libcrux_sha3.generic_keccak.KeccakState -with types core_core_arch_x86___m256i -with const generics -- $4size_t -*/ -typedef struct libcrux_sha3_generic_keccak_KeccakState_29_s { - __m256i st[5U][5U]; -} libcrux_sha3_generic_keccak_KeccakState_29; - /** Perform 4 SHAKE256 operations in parallel */ @@ -44,56 +34,56 @@ void libcrux_sha3_avx2_x4_shake256(Eurydice_slice input0, Eurydice_slice input1, /** Initialise the [`KeccakState`]. */ -libcrux_sha3_generic_keccak_KeccakState_29 +libcrux_sha3_generic_keccak_KeccakState_55 libcrux_sha3_avx2_x4_incremental_init(void); /** Absorb */ void libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3); /** Squeeze three blocks */ void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3); /** Squeeze another block */ void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3); /** Squeeze five blocks */ void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3); /** Absorb */ void libcrux_sha3_avx2_x4_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3); /** Squeeze block */ void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3); /** Squeeze next block */ void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3); #if defined(__cplusplus) diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index 5b4b70a94..0248f0f5e 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_internal_H @@ -79,14 +79,14 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d6(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_76(uint64_t x) { return x << (uint32_t)(int32_t)1 | x >> (uint32_t)(int32_t)63; } static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak__vrax1q_u64(uint64_t a, uint64_t b) { uint64_t uu____0 = a; - return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_d6(b); + return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_76(b); } /** @@ -183,9 +183,9 @@ with types uint64_t with const generics - $1size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakState_48_s { +typedef struct libcrux_sha3_generic_keccak_KeccakState_17_s { uint64_t st[5U][5U]; -} libcrux_sha3_generic_keccak_KeccakState_48; +} libcrux_sha3_generic_keccak_KeccakState_17; /** Create a new Shake128 x4 state. @@ -200,9 +200,9 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 -libcrux_sha3_generic_keccak_new_89_cf(void) { - libcrux_sha3_generic_keccak_KeccakState_48 lit; +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 +libcrux_sha3_generic_keccak_new_89_04(void) { + libcrux_sha3_generic_keccak_KeccakState_17 lit; lit.st[0U][0U] = libcrux_sha3_portable_keccak_zero_5a(); lit.st[0U][1U] = libcrux_sha3_portable_keccak_zero_5a(); lit.st[0U][2U] = libcrux_sha3_portable_keccak_zero_5a(); @@ -236,18 +236,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_65( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_3a( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, uu____0); + core_result_unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -260,11 +260,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d4( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_3a( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_65(s, buf); + libcrux_sha3_portable_keccak_load_block_3a(s, buf); } /** @@ -276,13 +276,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_05( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_3a( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d4(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_3a(uu____0, copy_of_b); } /** @@ -292,7 +292,7 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d60(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_02(uint64_t x) { return x << (uint32_t)(int32_t)36 | x >> (uint32_t)(int32_t)28; } @@ -303,9 +303,9 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_74(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_02(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d60(ab); + return libcrux_sha3_portable_keccak_rotate_left_02(ab); } /** @@ -319,8 +319,8 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_03(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_74(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_02(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_02(a, b); } /** @@ -330,7 +330,7 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d61(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ac(uint64_t x) { return x << (uint32_t)(int32_t)3 | x >> (uint32_t)(int32_t)61; } @@ -341,9 +341,9 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_740(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ac(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d61(ab); + return libcrux_sha3_portable_keccak_rotate_left_ac(ab); } /** @@ -357,8 +357,8 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_030(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_740(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ac(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ac(a, b); } /** @@ -368,7 +368,7 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d62(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_020(uint64_t x) { return x << (uint32_t)(int32_t)41 | x >> (uint32_t)(int32_t)23; } @@ -379,9 +379,9 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_741(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_020(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d62(ab); + return libcrux_sha3_portable_keccak_rotate_left_020(ab); } /** @@ -395,8 +395,8 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_031(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_741(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_020(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_020(a, b); } /** @@ -406,7 +406,7 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d63(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_a9(uint64_t x) { return x << (uint32_t)(int32_t)18 | x >> (uint32_t)(int32_t)46; } @@ -417,9 +417,9 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_742(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_a9(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d63(ab); + return libcrux_sha3_portable_keccak_rotate_left_a9(ab); } /** @@ -433,8 +433,8 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_032(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_742(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_a9(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_a9(a, b); } /** @@ -444,9 +444,9 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_743(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_76(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d6(ab); + return libcrux_sha3_portable_keccak_rotate_left_76(ab); } /** @@ -460,8 +460,8 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_033(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_743(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_76(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_76(a, b); } /** @@ -471,7 +471,7 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d64(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_58(uint64_t x) { return x << (uint32_t)(int32_t)44 | x >> (uint32_t)(int32_t)20; } @@ -482,9 +482,9 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_744(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_58(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d64(ab); + return libcrux_sha3_portable_keccak_rotate_left_58(ab); } /** @@ -498,8 +498,8 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_034(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_744(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_58(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_58(a, b); } /** @@ -509,7 +509,7 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d65(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_e0(uint64_t x) { return x << (uint32_t)(int32_t)10 | x >> (uint32_t)(int32_t)54; } @@ -520,9 +520,9 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_745(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_e0(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d65(ab); + return libcrux_sha3_portable_keccak_rotate_left_e0(ab); } /** @@ -536,8 +536,8 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_035(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_745(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_e0(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_e0(a, b); } /** @@ -547,7 +547,7 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d66(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_63(uint64_t x) { return x << (uint32_t)(int32_t)45 | x >> (uint32_t)(int32_t)19; } @@ -558,9 +558,9 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_746(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_63(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d66(ab); + return libcrux_sha3_portable_keccak_rotate_left_63(ab); } /** @@ -574,8 +574,8 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_036(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_746(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_63(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_63(a, b); } /** @@ -585,7 +585,7 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d67(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_6a(uint64_t x) { return x << (uint32_t)(int32_t)2 | x >> (uint32_t)(int32_t)62; } @@ -596,9 +596,9 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_747(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_6a(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d67(ab); + return libcrux_sha3_portable_keccak_rotate_left_6a(ab); } /** @@ -612,8 +612,8 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_037(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_747(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_6a(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_6a(a, b); } /** @@ -623,7 +623,7 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d68(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ab(uint64_t x) { return x << (uint32_t)(int32_t)62 | x >> (uint32_t)(int32_t)2; } @@ -634,9 +634,9 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_748(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ab(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d68(ab); + return libcrux_sha3_portable_keccak_rotate_left_ab(ab); } /** @@ -650,8 +650,8 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_038(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_748(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ab(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ab(a, b); } /** @@ -661,7 +661,7 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d69(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_5b(uint64_t x) { return x << (uint32_t)(int32_t)6 | x >> (uint32_t)(int32_t)58; } @@ -672,9 +672,9 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_749(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_5b(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d69(ab); + return libcrux_sha3_portable_keccak_rotate_left_5b(ab); } /** @@ -688,8 +688,8 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_039(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_749(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_5b(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_5b(a, b); } /** @@ -699,7 +699,7 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d610(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_6f(uint64_t x) { return x << (uint32_t)(int32_t)43 | x >> (uint32_t)(int32_t)21; } @@ -710,9 +710,9 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7410(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_6f(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d610(ab); + return libcrux_sha3_portable_keccak_rotate_left_6f(ab); } /** @@ -726,8 +726,8 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0310(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7410(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_6f(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_6f(a, b); } /** @@ -737,7 +737,7 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d611(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_62(uint64_t x) { return x << (uint32_t)(int32_t)15 | x >> (uint32_t)(int32_t)49; } @@ -748,9 +748,9 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7411(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_62(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d611(ab); + return libcrux_sha3_portable_keccak_rotate_left_62(ab); } /** @@ -764,8 +764,8 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0311(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7411(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_62(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_62(a, b); } /** @@ -775,7 +775,7 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d612(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_23(uint64_t x) { return x << (uint32_t)(int32_t)61 | x >> (uint32_t)(int32_t)3; } @@ -786,9 +786,9 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7412(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_23(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d612(ab); + return libcrux_sha3_portable_keccak_rotate_left_23(ab); } /** @@ -802,8 +802,8 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0312(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7412(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_23(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_23(a, b); } /** @@ -813,7 +813,7 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d613(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_37(uint64_t x) { return x << (uint32_t)(int32_t)28 | x >> (uint32_t)(int32_t)36; } @@ -824,9 +824,9 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7413(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_37(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d613(ab); + return libcrux_sha3_portable_keccak_rotate_left_37(ab); } /** @@ -840,8 +840,8 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0313(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7413(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_37(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_37(a, b); } /** @@ -851,7 +851,7 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d614(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_bb(uint64_t x) { return x << (uint32_t)(int32_t)55 | x >> (uint32_t)(int32_t)9; } @@ -862,9 +862,9 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7414(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_bb(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d614(ab); + return libcrux_sha3_portable_keccak_rotate_left_bb(ab); } /** @@ -878,8 +878,8 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0314(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7414(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_bb(a, b); } /** @@ -889,7 +889,7 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d615(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_b9(uint64_t x) { return x << (uint32_t)(int32_t)25 | x >> (uint32_t)(int32_t)39; } @@ -900,9 +900,9 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7415(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_b9(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d615(ab); + return libcrux_sha3_portable_keccak_rotate_left_b9(ab); } /** @@ -916,8 +916,8 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0315(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7415(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_b9(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_b9(a, b); } /** @@ -927,7 +927,7 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d616(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_54(uint64_t x) { return x << (uint32_t)(int32_t)21 | x >> (uint32_t)(int32_t)43; } @@ -938,9 +938,9 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7416(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_54(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d616(ab); + return libcrux_sha3_portable_keccak_rotate_left_54(ab); } /** @@ -954,8 +954,8 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0316(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7416(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_54(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_54(a, b); } /** @@ -965,7 +965,7 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d617(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_4c(uint64_t x) { return x << (uint32_t)(int32_t)56 | x >> (uint32_t)(int32_t)8; } @@ -976,9 +976,9 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7417(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_4c(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d617(ab); + return libcrux_sha3_portable_keccak_rotate_left_4c(ab); } /** @@ -992,8 +992,8 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0317(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7417(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_4c(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_4c(a, b); } /** @@ -1003,7 +1003,7 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d618(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ce(uint64_t x) { return x << (uint32_t)(int32_t)27 | x >> (uint32_t)(int32_t)37; } @@ -1014,9 +1014,9 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7418(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ce(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d618(ab); + return libcrux_sha3_portable_keccak_rotate_left_ce(ab); } /** @@ -1030,8 +1030,8 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0318(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7418(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ce(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ce(a, b); } /** @@ -1041,7 +1041,7 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d619(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_77(uint64_t x) { return x << (uint32_t)(int32_t)20 | x >> (uint32_t)(int32_t)44; } @@ -1052,9 +1052,9 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7419(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_77(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d619(ab); + return libcrux_sha3_portable_keccak_rotate_left_77(ab); } /** @@ -1068,8 +1068,8 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0319(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7419(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_77(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_77(a, b); } /** @@ -1079,7 +1079,7 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d620(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_25(uint64_t x) { return x << (uint32_t)(int32_t)39 | x >> (uint32_t)(int32_t)25; } @@ -1090,9 +1090,9 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7420(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_25(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d620(ab); + return libcrux_sha3_portable_keccak_rotate_left_25(ab); } /** @@ -1106,8 +1106,8 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0320(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7420(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_25(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_25(a, b); } /** @@ -1117,7 +1117,7 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d621(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_af(uint64_t x) { return x << (uint32_t)(int32_t)8 | x >> (uint32_t)(int32_t)56; } @@ -1128,9 +1128,9 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7421(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_af(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d621(ab); + return libcrux_sha3_portable_keccak_rotate_left_af(ab); } /** @@ -1144,8 +1144,8 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0321(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7421(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_af(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_af(a, b); } /** @@ -1155,7 +1155,7 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d622(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_fd(uint64_t x) { return x << (uint32_t)(int32_t)14 | x >> (uint32_t)(int32_t)50; } @@ -1166,9 +1166,9 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7422(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_fd(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d622(ab); + return libcrux_sha3_portable_keccak_rotate_left_fd(ab); } /** @@ -1182,8 +1182,8 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0322(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7422(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_fd(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_fd(a, b); } /** @@ -1192,8 +1192,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_a7( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t c[5U] = { libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][0U], s->st[1U][0U], s->st[2U][0U], s->st[3U][0U], @@ -1228,53 +1228,53 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_a7( c[((size_t)4U + (size_t)1U) % (size_t)5U])}; s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_5a(s->st[0U][0U], t[0U]); s->st[1U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_03(s->st[1U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_02(s->st[1U][0U], t[0U]); s->st[2U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_030(s->st[2U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ac(s->st[2U][0U], t[0U]); s->st[3U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_031(s->st[3U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_020(s->st[3U][0U], t[0U]); s->st[4U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_032(s->st[4U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_a9(s->st[4U][0U], t[0U]); s->st[0U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_033(s->st[0U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_76(s->st[0U][1U], t[1U]); s->st[1U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_034(s->st[1U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_58(s->st[1U][1U], t[1U]); s->st[2U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_035(s->st[2U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_e0(s->st[2U][1U], t[1U]); s->st[3U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_036(s->st[3U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_63(s->st[3U][1U], t[1U]); s->st[4U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_037(s->st[4U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_6a(s->st[4U][1U], t[1U]); s->st[0U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_038(s->st[0U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ab(s->st[0U][2U], t[2U]); s->st[1U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_039(s->st[1U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_5b(s->st[1U][2U], t[2U]); s->st[2U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0310(s->st[2U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_6f(s->st[2U][2U], t[2U]); s->st[3U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0311(s->st[3U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_62(s->st[3U][2U], t[2U]); s->st[4U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0312(s->st[4U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_23(s->st[4U][2U], t[2U]); s->st[0U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0313(s->st[0U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_37(s->st[0U][3U], t[3U]); s->st[1U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0314(s->st[1U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(s->st[1U][3U], t[3U]); s->st[2U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0315(s->st[2U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_b9(s->st[2U][3U], t[3U]); s->st[3U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0316(s->st[3U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_54(s->st[3U][3U], t[3U]); s->st[4U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0317(s->st[4U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_4c(s->st[4U][3U], t[3U]); s->st[0U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0318(s->st[0U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ce(s->st[0U][4U], t[4U]); s->st[1U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0319(s->st[1U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_77(s->st[1U][4U], t[4U]); s->st[2U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0320(s->st[2U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_25(s->st[2U][4U], t[4U]); s->st[3U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0321(s->st[3U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_af(s->st[3U][4U], t[4U]); uint64_t uu____27 = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0322(s->st[4U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_fd(s->st[4U][4U], t[4U]); s->st[4U][4U] = uu____27; } @@ -1284,8 +1284,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_d5( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); s->st[0U][1U] = old[1U][1U]; @@ -1320,8 +1320,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_3e( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); KRML_MAYBE_FOR5( @@ -1338,8 +1338,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_00( - libcrux_sha3_generic_keccak_KeccakState_48 *s, size_t i) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s, size_t i) { s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_constant_5a( s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]); } @@ -1350,14 +1350,14 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_b8( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { for (size_t i = (size_t)0U; i < (size_t)24U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_theta_rho_a7(s); - libcrux_sha3_generic_keccak_pi_d5(s); - libcrux_sha3_generic_keccak_chi_3e(s); - libcrux_sha3_generic_keccak_iota_00(s, i0); + libcrux_sha3_generic_keccak_theta_rho_04(s); + libcrux_sha3_generic_keccak_pi_04(s); + libcrux_sha3_generic_keccak_chi_04(s); + libcrux_sha3_generic_keccak_iota_04(s, i0); } } @@ -1369,8 +1369,8 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_40( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -1388,8 +1388,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_40( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_05(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_3a(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1397,7 +1397,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_3a( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { size_t i0 = i; @@ -1419,9 +1419,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_49( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_3a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b(a, b); + libcrux_sha3_portable_keccak_store_block_3a(a, b); } /** @@ -1431,9 +1431,9 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_49(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_3a(s->st, out); } /** @@ -1443,10 +1443,10 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_49(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_3a(s->st, out); } /** @@ -1454,18 +1454,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_650( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5b( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, uu____0); + core_result_unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -1478,11 +1478,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d40( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5b( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_650(s, buf); + libcrux_sha3_portable_keccak_load_block_5b(s, buf); } /** @@ -1494,13 +1494,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_050( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_5b( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d40(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_5b(uu____0, copy_of_b); } /** @@ -1511,8 +1511,8 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_400( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e0( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -1530,8 +1530,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_400( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1539,7 +1539,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b0( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5b( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { size_t i0 = i; @@ -1561,9 +1561,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_490( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_5b( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b0(a, b); + libcrux_sha3_portable_keccak_store_block_5b(a, b); } /** @@ -1573,9 +1573,9 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b0( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_490(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_5b(s->st, out); } /** @@ -1585,10 +1585,10 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c20( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_490(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_5b(s->st, out); } /** @@ -1600,13 +1600,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_35( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_5b( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_650(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_5b(uu____0, copy_of_b); } /** @@ -1618,13 +1618,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_350( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_3a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_65(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_3a(uu____0, copy_of_b); } /** @@ -1634,13 +1634,13 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_403( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1648,12 +1648,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e3( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_3a( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b(s, buf); + libcrux_sha3_portable_keccak_store_block_3a(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -1669,10 +1669,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_273(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e3(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_3a( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_3a(a, ret); } /** @@ -1683,21 +1682,21 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_883( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_273(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_3a(s->st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1709,22 +1708,22 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca3( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c63( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_273(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_3a(s.st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1737,36 +1736,36 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e4( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)168U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)168U, (size_t)168U, ret); - libcrux_sha3_generic_keccak_absorb_block_403(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c63(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)168U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_40(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)168U; size_t last = outlen - outlen % (size_t)168U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_883(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c63(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); @@ -1774,15 +1773,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c6(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -1792,12 +1791,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca3(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c63(s, o1); } } } @@ -1808,12 +1807,12 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e44( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_c6( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_064(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e4(copy_of_data, out); } /** @@ -1821,18 +1820,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_653( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_7a( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, uu____0); + core_result_unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -1849,13 +1848,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_353( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_7a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_653(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_7a(uu____0, copy_of_b); } /** @@ -1865,13 +1864,13 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_402( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_353(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_7a(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1879,11 +1878,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d43( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_7a( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_653(s, buf); + libcrux_sha3_portable_keccak_load_block_7a(s, buf); } /** @@ -1895,13 +1894,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_053( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_7a( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d43(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_7a(uu____0, copy_of_b); } /** @@ -1912,8 +1911,8 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_404( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e4( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -1931,8 +1930,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_404( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_053(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_7a(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1940,7 +1939,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b3( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_7a( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { size_t i0 = i; @@ -1958,12 +1957,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e2( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7a( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b3(s, buf); + libcrux_sha3_portable_keccak_store_block_7a(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -1979,10 +1978,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_272(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e2(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_7a( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_7a(a, ret); } /** @@ -1993,21 +1991,21 @@ with const generics - RATE= 104 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_882( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_272(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_7a(s->st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2021,9 +2019,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_493( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_7a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b3(a, b); + libcrux_sha3_portable_keccak_store_block_7a(a, b); } /** @@ -2033,9 +2031,9 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b3( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_493(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_7a(s->st, out); } /** @@ -2045,10 +2043,10 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c23( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_493(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_7a(s->st, out); } /** @@ -2058,22 +2056,22 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca2( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c62( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_272(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_7a(s.st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2086,36 +2084,36 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e3( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)104U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)104U, (size_t)104U, ret); - libcrux_sha3_generic_keccak_absorb_block_402(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c62(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)104U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_404(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e4(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)104U; size_t last = outlen - outlen % (size_t)104U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_882(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c62(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)104U); @@ -2123,15 +2121,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b3(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c63(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -2141,12 +2139,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c23(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c63(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca2(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c62(s, o1); } } } @@ -2157,12 +2155,12 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e43( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_7c( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_063(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e3(copy_of_data, out); } /** @@ -2170,18 +2168,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_652( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, uu____0); + core_result_unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -2198,13 +2196,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_352( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_2c( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_652(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_2c(uu____0, copy_of_b); } /** @@ -2214,13 +2212,13 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_401( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_352(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_2c(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2228,11 +2226,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d42( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_2c( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_652(s, buf); + libcrux_sha3_portable_keccak_load_block_2c(s, buf); } /** @@ -2244,13 +2242,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_052( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_2c( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d42(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_2c(uu____0, copy_of_b); } /** @@ -2261,8 +2259,8 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_403( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e3( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -2280,8 +2278,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_403( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_052(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_2c(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2289,7 +2287,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b2( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_2c( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { size_t i0 = i; @@ -2307,12 +2305,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e1( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2c( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b2(s, buf); + libcrux_sha3_portable_keccak_store_block_2c(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -2328,10 +2326,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_271(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e1(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_2c( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_2c(a, ret); } /** @@ -2342,21 +2339,21 @@ with const generics - RATE= 144 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_881( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_271(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_2c(s->st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2370,9 +2367,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_492( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_2c( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b2(a, b); + libcrux_sha3_portable_keccak_store_block_2c(a, b); } /** @@ -2382,9 +2379,9 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_492(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_2c(s->st, out); } /** @@ -2394,10 +2391,10 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c22( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_492(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_2c(s->st, out); } /** @@ -2407,22 +2404,22 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca1( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c61( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_271(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_2c(s.st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2435,36 +2432,36 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e2( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)144U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)144U, (size_t)144U, ret); - libcrux_sha3_generic_keccak_absorb_block_401(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c61(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)144U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_403(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e3(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)144U; size_t last = outlen - outlen % (size_t)144U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_881(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c61(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)144U); @@ -2472,15 +2469,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b2(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c62(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -2490,12 +2487,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c22(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c62(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca1(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c61(s, o1); } } } @@ -2506,12 +2503,12 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e42( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_1e( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_062(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e2(copy_of_data, out); } /** @@ -2521,13 +2518,13 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_400( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_35(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2535,12 +2532,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e0( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5b( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b0(s, buf); + libcrux_sha3_portable_keccak_store_block_5b(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -2556,10 +2553,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_270(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e0(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_5b( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_5b(a, ret); } /** @@ -2570,21 +2566,21 @@ with const generics - RATE= 136 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_880( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_270(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_5b(s->st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2596,22 +2592,22 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca0( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c60( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_270(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_5b(s.st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2624,36 +2620,36 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e1( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_400(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c60(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_400(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e0(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_880(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c60(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); @@ -2661,15 +2657,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c60(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -2679,12 +2675,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c20(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca0(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c60(s, o1); } } } @@ -2695,12 +2691,12 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e41( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ad0( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_061(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e1(copy_of_data, out); } /** @@ -2711,8 +2707,8 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_402( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e2( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -2730,8 +2726,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_402( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2742,36 +2738,36 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e0( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_400(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c60(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_402(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e2(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_880(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c60(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); @@ -2779,15 +2775,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c60(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -2797,12 +2793,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c20(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca0(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c60(s, o1); } } } @@ -2813,12 +2809,12 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e40( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ad( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_060(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e0(copy_of_data, out); } /** @@ -2826,18 +2822,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_651( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_f8( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - core_result_Result_56 dst; + core_result_Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - core_result_unwrap_26_0e(dst, uu____0); + core_result_unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -2854,13 +2850,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_351( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_f8( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_651(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_f8(uu____0, copy_of_b); } /** @@ -2870,13 +2866,13 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_40( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_351(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_f8(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2884,11 +2880,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d41( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_f8( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_651(s, buf); + libcrux_sha3_portable_keccak_load_block_f8(s, buf); } /** @@ -2900,13 +2896,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_051( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_f8( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d41(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_f8(uu____0, copy_of_b); } /** @@ -2917,8 +2913,8 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_401( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e1( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; { @@ -2936,8 +2932,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_401( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_051(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_f8(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2945,7 +2941,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b1( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_f8( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { size_t i0 = i; @@ -2963,12 +2959,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_f8( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b1(s, buf); + libcrux_sha3_portable_keccak_store_block_f8(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -2984,9 +2980,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_27( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_f8( uint64_t (*a)[5U], uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e(a, ret); + libcrux_sha3_portable_keccak_store_block_full_f8(a, ret); } /** @@ -2997,21 +2993,21 @@ with const generics - RATE= 72 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_88( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_27(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_f8(s->st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -3025,9 +3021,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_491( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_f8( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b1(a, b); + libcrux_sha3_portable_keccak_store_block_f8(a, b); } /** @@ -3037,9 +3033,9 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b1( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_491(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_f8(s->st, out); } /** @@ -3049,10 +3045,10 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c21( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_491(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_f8(s->st, out); } /** @@ -3062,22 +3058,22 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c6( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_27(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_f8(s.st, b); { size_t i = (size_t)0U; Eurydice_slice uu____0 = out[i]; uint8_t *uu____1 = b[i]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -3090,36 +3086,36 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)72U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)72U, (size_t)72U, ret); - libcrux_sha3_generic_keccak_absorb_block_40(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c6(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)72U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_401(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e1(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)72U; size_t last = outlen - outlen % (size_t)72U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_88(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c6(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)72U); @@ -3127,15 +3123,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b1(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c61(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, core_option_Option_b3) + &iter, size_t, core_option_Option_08) .tag == core_option_None) { break; } else { @@ -3145,12 +3141,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c6(s, o1); } } } @@ -3161,14 +3157,24 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e4( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_96( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_06(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e(copy_of_data, out); } +/** +A monomorphic instance of libcrux_sha3.generic_keccak.KeccakState +with types core_core_arch_x86___m256i +with const generics +- $4size_t +*/ +typedef struct libcrux_sha3_generic_keccak_KeccakState_55_s { + __m256i st[5U][5U]; +} libcrux_sha3_generic_keccak_KeccakState_55; + #if defined(__cplusplus) } #endif diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index d84fc7126..ed67034a0 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #include "libcrux_sha3_neon.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index bdb6771ab..063d29226 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_neon_H @@ -51,7 +51,7 @@ void libcrux_sha3_neon_x2_shake256(Eurydice_slice input0, Eurydice_slice input1, Eurydice_slice out0, Eurydice_slice out1); typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s { - libcrux_sha3_generic_keccak_KeccakState_48 state[2U]; + libcrux_sha3_generic_keccak_KeccakState_17 state[2U]; } libcrux_sha3_neon_x2_incremental_KeccakState; /** diff --git a/libcrux-ml-kem/cg.yaml b/libcrux-ml-kem/cg.yaml index 08e55ac47..0eb5bb3f4 100644 --- a/libcrux-ml-kem/cg.yaml +++ b/libcrux-ml-kem/cg.yaml @@ -26,9 +26,9 @@ files: - [libcrux_sha3, avx2, "*"] - [libcrux_sha3, simd, avx2, "*"] monomorphizations_exact: - - [libcrux_sha3, generic_keccak, KeccakState_29] - - [libcrux_sha3, generic_keccak, absorb_final_7f ] - - [libcrux_sha3, generic_keccak, squeeze_first_three_blocks_ed ] + - [libcrux_sha3, generic_keccak, KeccakState_55] + - [libcrux_sha3, generic_keccak, absorb_final_fb ] + - [libcrux_sha3, generic_keccak, squeeze_first_three_blocks_97 ] monomorphizations_of: - [libcrux_sha3, avx2, "*"] - [libcrux_sha3, simd, avx2, "*"] @@ -59,11 +59,11 @@ files: monomorphizations_exact: - [ libcrux_ml_kem, mlkem768, avx2, unpacked, MlKem768KeyPairUnpacked ] - [ libcrux_ml_kem, mlkem768, avx2, unpacked, MlKem768PublicKeyUnpacked ] - - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPrivateKeyUnpacked_a0 ] - - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPublicKeyUnpacked_a0 ] - - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPrivateKeyUnpacked_a0 ] - - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPublicKeyUnpacked_a0 ] - - [ libcrux_ml_kem, polynomial, PolynomialRingElement_d2 ] + - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPrivateKeyUnpacked_63 ] + - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPublicKeyUnpacked_63 ] + - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPrivateKeyUnpacked_63 ] + - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPublicKeyUnpacked_63 ] + - [ libcrux_ml_kem, polynomial, PolynomialRingElement_f6 ] - [ libcrux_ml_kem, vector, avx2, SIMD256Vector ] - name: libcrux_mlkem768_portable_types @@ -72,11 +72,11 @@ files: monomorphizations_exact: - [ libcrux_ml_kem, mlkem768, portable, unpacked, MlKem768KeyPairUnpacked ] - [ libcrux_ml_kem, mlkem768, portable, unpacked, MlKem768PublicKeyUnpacked ] - - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPrivateKeyUnpacked_f8 ] - - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPublicKeyUnpacked_f8 ] - - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPrivateKeyUnpacked_f8 ] - - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPublicKeyUnpacked_f8 ] - - [ libcrux_ml_kem, polynomial, PolynomialRingElement_f0 ] + - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPrivateKeyUnpacked_a0 ] + - [ libcrux_ml_kem, ind_cca, unpacked, MlKemPublicKeyUnpacked_a0 ] + - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPrivateKeyUnpacked_a0 ] + - [ libcrux_ml_kem, ind_cpa, unpacked, IndCpaPublicKeyUnpacked_a0 ] + - [ libcrux_ml_kem, polynomial, PolynomialRingElement_1d ] - [ libcrux_ml_kem, vector, portable, vector_type, PortableVector ] # MLKEM: MISC NON-ARCHITECTURE SPECIFIC HEADERS diff --git a/libcrux-ml-kem/cg/benches/sha3.cc b/libcrux-ml-kem/cg/benches/sha3.cc index 7212fc4ed..31180a799 100644 --- a/libcrux-ml-kem/cg/benches/sha3.cc +++ b/libcrux-ml-kem/cg/benches/sha3.cc @@ -69,14 +69,14 @@ shake128_34_504(benchmark::State &state) Eurydice_slice last[4] = {EURYDICE_SLICE(input, 0, 34), EURYDICE_SLICE(input, 0, 34), EURYDICE_SLICE(input, 0, 34), EURYDICE_SLICE(input, 0, 34)}; Eurydice_slice out[4] = {EURYDICE_SLICE(digest0, 0, 504), EURYDICE_SLICE(digest1, 0, 504), EURYDICE_SLICE(digest2, 0, 504), EURYDICE_SLICE(digest3, 0, 504)}; libcrux_sha3_avx2_x4_incremental_KeccakState st = libcrux_sha3_avx2_x4_incremental_init(); - libcrux_sha3_generic_keccak_absorb_final_7f(&st, last); - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed(&st, out); + libcrux_sha3_generic_keccak_absorb_final_fb(&st, last); + libcrux_sha3_generic_keccak_squeeze_first_three_blocks_97(&st, out); for (auto _ : state) { libcrux_sha3_avx2_x4_incremental_KeccakState st = libcrux_sha3_avx2_x4_incremental_init(); - libcrux_sha3_generic_keccak_absorb_final_7f(&st, last); - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed(&st, out); + libcrux_sha3_generic_keccak_absorb_final_fb(&st, last); + libcrux_sha3_generic_keccak_squeeze_first_three_blocks_97(&st, out); } } diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index 7599cb2f1..03c666cb2 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -1,6 +1,6 @@ This code was generated with the following revisions: -Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 -Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac -Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 -F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 -Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf +Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 +Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b +Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df +F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 +Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index c6916acab..572a1639b 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_core_H @@ -25,30 +25,30 @@ A monomorphic instance of core.ops.range.Range with types size_t */ -typedef struct core_ops_range_Range_b3_s { +typedef struct core_ops_range_Range_08_s { size_t start; size_t end; -} core_ops_range_Range_b3; +} core_ops_range_Range_08; #define Ok 0 #define Err 1 -typedef uint8_t Result_86_tags; +typedef uint8_t Result_a9_tags; #define None 0 #define Some 1 -typedef uint8_t Option_ef_tags; +typedef uint8_t Option_9e_tags; /** A monomorphic instance of core.option.Option with types size_t */ -typedef struct Option_b3_s { - Option_ef_tags tag; +typedef struct Option_08_s { + Option_9e_tags tag; size_t f0; -} Option_b3; +} Option_08; static inline uint16_t core_num__u16_7__wrapping_add(uint16_t x0, uint16_t x1); @@ -88,13 +88,13 @@ A monomorphic instance of core.result.Result with types uint8_t[24size_t], core_array_TryFromSliceError */ -typedef struct Result_6f_s { - Result_86_tags tag; +typedef struct Result_b2_s { + Result_a9_tags tag; union { uint8_t case_Ok[24U]; TryFromSliceError case_Err; } val; -} Result_6f; +} Result_b2; /** This function found in impl {core::result::Result[TraitClause@0, @@ -105,7 +105,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[24size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_76(Result_6f self, uint8_t ret[24U]) { +static inline void unwrap_26_70(Result_b2 self, uint8_t ret[24U]) { if (self.tag == Ok) { uint8_t f0[24U]; memcpy(f0, self.val.case_Ok, (size_t)24U * sizeof(uint8_t)); @@ -122,13 +122,13 @@ A monomorphic instance of core.result.Result with types uint8_t[20size_t], core_array_TryFromSliceError */ -typedef struct Result_7a_s { - Result_86_tags tag; +typedef struct Result_e1_s { + Result_a9_tags tag; union { uint8_t case_Ok[20U]; TryFromSliceError case_Err; } val; -} Result_7a; +} Result_e1; /** This function found in impl {core::result::Result[TraitClause@0, @@ -139,7 +139,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[20size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_ea(Result_7a self, uint8_t ret[20U]) { +static inline void unwrap_26_20(Result_e1 self, uint8_t ret[20U]) { if (self.tag == Ok) { uint8_t f0[20U]; memcpy(f0, self.val.case_Ok, (size_t)20U * sizeof(uint8_t)); @@ -156,13 +156,13 @@ A monomorphic instance of core.result.Result with types uint8_t[10size_t], core_array_TryFromSliceError */ -typedef struct Result_cd_s { - Result_86_tags tag; +typedef struct Result_9d_s { + Result_a9_tags tag; union { uint8_t case_Ok[10U]; TryFromSliceError case_Err; } val; -} Result_cd; +} Result_9d; /** This function found in impl {core::result::Result[TraitClause@0, @@ -173,7 +173,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[10size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_07(Result_cd self, uint8_t ret[10U]) { +static inline void unwrap_26_ce(Result_9d self, uint8_t ret[10U]) { if (self.tag == Ok) { uint8_t f0[10U]; memcpy(f0, self.val.case_Ok, (size_t)10U * sizeof(uint8_t)); @@ -198,7 +198,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_423( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_9e( Eurydice_slice slice, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; uint8_t *uu____0 = out; @@ -221,7 +221,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_76( +static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_80( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -231,9 +231,9 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey with const generics - $1184size_t */ -typedef struct libcrux_ml_kem_types_MlKemPublicKey_15_s { +typedef struct libcrux_ml_kem_types_MlKemPublicKey_30_s { uint8_t value[1184U]; -} libcrux_ml_kem_types_MlKemPublicKey_15; +} libcrux_ml_kem_types_MlKemPublicKey_30; /** This function found in impl {(core::convert::From<@Array> for @@ -244,12 +244,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_5a with const generics - SIZE= 1184 */ -static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_5a_67(uint8_t value[1184U]) { +static inline libcrux_ml_kem_types_MlKemPublicKey_30 +libcrux_ml_kem_types_from_5a_d0(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPublicKey_15 lit; + libcrux_ml_kem_types_MlKemPublicKey_30 lit; memcpy(lit.value, copy_of_value, (size_t)1184U * sizeof(uint8_t)); return lit; } @@ -259,13 +259,13 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey with const generics - $2400size_t */ -typedef struct libcrux_ml_kem_types_MlKemPrivateKey_55_s { +typedef struct libcrux_ml_kem_types_MlKemPrivateKey_d9_s { uint8_t value[2400U]; -} libcrux_ml_kem_types_MlKemPrivateKey_55; +} libcrux_ml_kem_types_MlKemPrivateKey_d9; typedef struct libcrux_ml_kem_mlkem768_MlKem768KeyPair_s { - libcrux_ml_kem_types_MlKemPrivateKey_55 sk; - libcrux_ml_kem_types_MlKemPublicKey_15 pk; + libcrux_ml_kem_types_MlKemPrivateKey_d9 sk; + libcrux_ml_kem_types_MlKemPublicKey_30 pk; } libcrux_ml_kem_mlkem768_MlKem768KeyPair; /** @@ -279,8 +279,8 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_3a_ee(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, - libcrux_ml_kem_types_MlKemPublicKey_15 pk) { +libcrux_ml_kem_types_from_3a_74(libcrux_ml_kem_types_MlKemPrivateKey_d9 sk, + libcrux_ml_kem_types_MlKemPublicKey_30 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); } @@ -294,12 +294,12 @@ A monomorphic instance of libcrux_ml_kem.types.from_7f with const generics - SIZE= 2400 */ -static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_7f_af(uint8_t value[2400U]) { +static inline libcrux_ml_kem_types_MlKemPrivateKey_d9 +libcrux_ml_kem_types_from_7f_28(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 lit; + libcrux_ml_kem_types_MlKemPrivateKey_d9 lit; memcpy(lit.value, copy_of_value, (size_t)2400U * sizeof(uint8_t)); return lit; } @@ -309,13 +309,13 @@ A monomorphic instance of core.result.Result with types uint8_t[32size_t], core_array_TryFromSliceError */ -typedef struct Result_00_s { - Result_86_tags tag; +typedef struct Result_fb_s { + Result_a9_tags tag; union { uint8_t case_Ok[32U]; TryFromSliceError case_Err; } val; -} Result_00; +} Result_fb; /** This function found in impl {core::result::Result[TraitClause@0, @@ -326,7 +326,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[32size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_33(Result_00 self, uint8_t ret[32U]) { +static inline void unwrap_26_b3(Result_fb self, uint8_t ret[32U]) { if (self.tag == Ok) { uint8_t f0[32U]; memcpy(f0, self.val.case_Ok, (size_t)32U * sizeof(uint8_t)); @@ -344,10 +344,10 @@ with types libcrux_ml_kem_types_MlKemCiphertext[[$1088size_t]], uint8_t[32size_t] */ -typedef struct tuple_3c_s { +typedef struct tuple_c2_s { libcrux_ml_kem_mlkem768_MlKem768Ciphertext fst; uint8_t snd[32U]; -} tuple_3c; +} tuple_c2; /** This function found in impl {(core::convert::From<@Array> for @@ -359,7 +359,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_8c(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_01_80(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -376,8 +376,8 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_fd with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_02( - libcrux_ml_kem_types_MlKemPublicKey_15 *self) { +static inline uint8_t *libcrux_ml_kem_types_as_slice_fd_d0( + libcrux_ml_kem_types_MlKemPublicKey_30 *self) { return self->value; } @@ -389,7 +389,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_422( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_c8( Eurydice_slice slice, uint8_t ret[33U]) { uint8_t out[33U] = {0U}; uint8_t *uu____0 = out; @@ -408,7 +408,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_421( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_b6( Eurydice_slice slice, uint8_t ret[34U]) { uint8_t out[34U] = {0U}; uint8_t *uu____0 = out; @@ -428,7 +428,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_8c( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_80( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -441,7 +441,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_420( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_15( Eurydice_slice slice, uint8_t ret[1120U]) { uint8_t out[1120U] = {0U}; uint8_t *uu____0 = out; @@ -460,7 +460,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_42( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_24( Eurydice_slice slice, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; uint8_t *uu____0 = out; @@ -476,13 +476,13 @@ A monomorphic instance of core.result.Result with types int16_t[16size_t], core_array_TryFromSliceError */ -typedef struct Result_c0_s { - Result_86_tags tag; +typedef struct Result_0a_s { + Result_a9_tags tag; union { int16_t case_Ok[16U]; TryFromSliceError case_Err; } val; -} Result_c0; +} Result_0a; /** This function found in impl {core::result::Result[TraitClause@0, @@ -493,7 +493,7 @@ A monomorphic instance of core.result.unwrap_26 with types int16_t[16size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_30(Result_c0 self, int16_t ret[16U]) { +static inline void unwrap_26_00(Result_0a self, int16_t ret[16U]) { if (self.tag == Ok) { int16_t f0[16U]; memcpy(f0, self.val.case_Ok, (size_t)16U * sizeof(int16_t)); @@ -510,13 +510,13 @@ A monomorphic instance of core.result.Result with types uint8_t[8size_t], core_array_TryFromSliceError */ -typedef struct Result_56_s { - Result_86_tags tag; +typedef struct Result_15_s { + Result_a9_tags tag; union { uint8_t case_Ok[8U]; TryFromSliceError case_Err; } val; -} Result_56; +} Result_15; /** This function found in impl {core::result::Result[TraitClause@0, @@ -527,7 +527,7 @@ A monomorphic instance of core.result.unwrap_26 with types uint8_t[8size_t], core_array_TryFromSliceError */ -static inline void unwrap_26_0e(Result_56 self, uint8_t ret[8U]) { +static inline void unwrap_26_68(Result_15 self, uint8_t ret[8U]) { if (self.tag == Ok) { uint8_t f0[8U]; memcpy(f0, self.val.case_Ok, (size_t)8U * sizeof(uint8_t)); diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index 2b5ee19c2..aed9b958c 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index 553bb0252..ff2c1d887 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_avx2_H @@ -734,12 +734,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_4( libcrux_intrinsics_avx2_mm_storeu_bytes_si128( Eurydice_array_to_slice((size_t)16U, serialized, uint8_t), combined0); uint8_t ret0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, ret0); + unwrap_26_68(dst, ret0); memcpy(ret, ret0, (size_t)8U * sizeof(uint8_t)); } @@ -846,12 +846,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_5( Eurydice_array_to_subslice2(serialized, (size_t)5U, (size_t)21U, uint8_t), upper_8); uint8_t ret0[10U]; - Result_cd dst; + Result_9d dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)10U, uint8_t), Eurydice_slice, uint8_t[10U]); - unwrap_26_07(dst, ret0); + unwrap_26_ce(dst, ret0); memcpy(ret, ret0, (size_t)10U * sizeof(uint8_t)); } @@ -989,12 +989,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_10( uint8_t), upper_8); uint8_t ret0[20U]; - Result_7a dst; + Result_e1 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)20U, uint8_t), Eurydice_slice, uint8_t[20U]); - unwrap_26_ea(dst, ret0); + unwrap_26_20(dst, ret0); memcpy(ret, ret0, (size_t)20U * sizeof(uint8_t)); } @@ -1151,12 +1151,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_avx2_serialize_serialize_12( uint8_t), upper_8); uint8_t ret0[24U]; - Result_6f dst; + Result_b2 dst; Eurydice_slice_to_array2( &dst, Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)24U, uint8_t), Eurydice_slice, uint8_t[24U]); - unwrap_26_76(dst, ret0); + unwrap_26_70(dst, ret0); memcpy(ret, ret0, (size_t)24U * sizeof(uint8_t)); } @@ -1289,9 +1289,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ZERO_ef_05(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_ZERO_ef_61(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_avx2_ZERO_09(); lit.coefficients[1U] = libcrux_ml_kem_vector_avx2_ZERO_09(); lit.coefficients[2U] = libcrux_ml_kem_vector_avx2_ZERO_09(); @@ -1318,9 +1318,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_23(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_ab(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -1330,11 +1330,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ff( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -1352,12 +1352,12 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_c6( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / @@ -1369,18 +1369,14 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_c6( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_61( secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - memcpy( - ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + ret, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -1392,9 +1388,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_53(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_ed(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -1405,7 +1401,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_53( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_ef( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1457,9 +1453,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_ef( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_53( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_ef( vector); } @@ -1470,16 +1466,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_86( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_10_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); - LowStar_Ignore_ignore( - Eurydice_slice_len( - Eurydice_array_to_slice((size_t)16U, re.coefficients, __m256i), - __m256i), - size_t, void *); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); + size_t _coefficients_length = Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, re.coefficients, __m256i), __m256i); + LowStar_Ignore_ignore(_coefficients_length, size_t, void *); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -1487,7 +1481,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_86( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_ef( coefficient); } return re; @@ -1501,7 +1495,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_530( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_c4( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1553,9 +1547,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb0( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_c4( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_530( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_c4( vector); } @@ -1566,11 +1560,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_6d( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_11_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -1578,7 +1572,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_6d( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb0( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_c4( coefficient); } return re; @@ -1591,10 +1585,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_3c( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ee( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_86(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_61(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1609,7 +1603,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f( +static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_61( __m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09(v, fer); } @@ -1622,9 +1616,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97(__m256i a, __m256i b, +libcrux_ml_kem_ntt_ntt_layer_int_vec_step_61(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(b, zeta_r); + __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_61(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_09(a, &t); a = libcrux_ml_kem_vector_avx2_add_09(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -1638,8 +1632,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -1651,7 +1645,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_97( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_61( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -1669,8 +1663,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_ba( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -1688,8 +1682,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_89( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -1708,8 +1702,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_d7( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -1735,8 +1729,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -1752,24 +1746,24 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_96( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_ee( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_ba(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_61(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_89(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_61(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_d7(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_61(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_61(re); } /** @@ -1782,12 +1776,12 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9c( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_ed( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len( @@ -1807,13 +1801,13 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9c( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_3c( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ee( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_96(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_ee(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -1824,7 +1818,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_531( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_d1( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1876,9 +1870,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb1( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_d1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_531( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_d1( vector); } @@ -1889,11 +1883,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_c2( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_4_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -1901,7 +1895,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_c2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb1( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_d1( coefficient); } return re; @@ -1915,7 +1909,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_532( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_f4( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1967,9 +1961,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb2( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_f4( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_532( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_f4( vector); } @@ -1980,11 +1974,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_1b( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_5_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -1992,7 +1986,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_1b( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_09(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_eb2( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_09_f4( re.coefficients[i0]); } return re; @@ -2005,10 +1999,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f4( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_42( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_c2(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_61(serialized); } /** @@ -2023,12 +2017,12 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ntt_multiply_ef_b2( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = - libcrux_ml_kem_polynomial_ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_ntt_multiply_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 out = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2057,9 +2051,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(Eurydice_array_to_slice( (size_t)16U, self->coefficients, __m256i), @@ -2078,8 +2072,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_2d( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2102,8 +2096,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_38( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2124,8 +2118,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_0f( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2145,13 +2139,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_9b(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_61(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_09(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_5f(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_61(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2164,8 +2158,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_61( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -2179,7 +2173,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_9b( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_61( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); __m256i x = uu____0.fst; @@ -2197,22 +2191,22 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_2d(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_38(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_0f(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_61(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_61(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_61(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e0(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_61(re); } /** @@ -2227,10 +2221,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_ef_23( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_subtract_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2251,22 +2245,22 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_ee( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_matrix_compute_message_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_61(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_ab(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_23(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ab(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_61(v, result); return result; } @@ -2277,7 +2271,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_f2(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_ef(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2291,9 +2285,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_c1( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_09_ef( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_f2(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_ef(vector); } /** @@ -2304,8 +2298,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_traits_to_unsigned_representative_3f(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_c1(a); +libcrux_ml_kem_vector_traits_to_unsigned_representative_61(__m256i a) { + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_09_ef(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_09( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_09(a, &fm); @@ -2319,8 +2313,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b(__m256i a) { - return libcrux_ml_kem_vector_traits_to_unsigned_representative_3f(a); +libcrux_ml_kem_serialize_to_unsigned_field_modulus_61(__m256i a) { + return libcrux_ml_kem_vector_traits_to_unsigned_representative_61(a); } /** @@ -2331,12 +2325,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_db( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { +libcrux_ml_kem_serialize_compress_then_serialize_message_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_61( re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_09(coefficient); @@ -2363,20 +2357,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_2f( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9c(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f4( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u_as_ntt[3U]; + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_ed(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_42( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_ee(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message = + libcrux_ml_kem_matrix_compute_message_ab(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_db(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_61(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2391,25 +2385,25 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_1c(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_2f(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_c6(secret_key, secret_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; + libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_secret_as_ntt[3U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3(&secret_key_unpacked, ciphertext, - result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + uint8_t ret0[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_2f(&secret_key_unpacked, ciphertext, + ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -2422,7 +2416,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_G_a9_9f( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -2433,7 +2427,7 @@ with const generics - LEN= 32 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_96( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_9e( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( @@ -2452,9 +2446,9 @@ with const generics - LEN= 32 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_41( Eurydice_slice input, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_avx2_PRF_96(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRF_9e(input, ret); } /** @@ -2469,27 +2463,27 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 +libcrux_ml_kem_ind_cpa_unpacked_default_8d_ab(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - uu____0[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + uu____0[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } uint8_t uu____1[32U] = {0U}; - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[0U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[0U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[1U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[1U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[1U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[2U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[2U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.A[2U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + lit.A[0U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[0U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[0U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[1U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[1U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[1U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[2U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[2U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.A[2U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); return lit; } @@ -2500,11 +2494,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ed( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_61( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2525,9 +2519,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ab( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2538,8 +2532,8 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_61( ring_element); deserialized_pk[i0] = uu____0; } @@ -2556,9 +2550,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_96( +libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_e0( uint8_t input[3U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_29 state = + libcrux_sha3_generic_keccak_KeccakState_55 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( &state, Eurydice_array_to_slice((size_t)34U, input[0U], uint8_t), @@ -2580,12 +2574,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_a9_c1( +libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_a9_e0( uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_96( + return libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_e0( copy_of_input); } @@ -2597,7 +2591,7 @@ const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_08( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -2633,9 +2627,9 @@ const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_a9_7a( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_a9_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][504U]) { - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_08( + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_e0( self, ret); } @@ -2689,7 +2683,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fe( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_ed( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2732,7 +2726,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_01( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -2768,9 +2762,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_a9_9f( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_a9_e0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][168U]) { - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_01(self, ret); + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_e0(self, ret); } /** @@ -2823,7 +2817,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fe0( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_ed0( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2870,10 +2864,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_from_i16_array_ef_ef(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_from_i16_array_ef_61(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2891,9 +2885,9 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_xof_closure_b4(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_ef_ef( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_sampling_sample_from_xof_closure_6c(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_ef_61( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -2904,51 +2898,51 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_90( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_6c( uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_a9_c1( + libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_final_a9_e0( copy_of_seeds); uint8_t randomness0[3U][504U]; - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_a9_7a( + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_first_three_blocks_a9_e0( &xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fe( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_ed( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_a9_9f( + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_next_block_a9_e0( &xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fe0( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_ed0( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[3U][272U]; memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_b4(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_6c(copy_of_out[i]); } memcpy( ret, ret0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -2958,8 +2952,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_ee( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[3U], +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -2978,17 +2972,17 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_ee( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_90(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sampled[3U]; + libcrux_ml_kem_sampling_sample_from_xof_6c(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { @@ -3004,10 +2998,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_avx2_SIMD256Vector[3size_t], uint8_t */ -typedef struct tuple_b00_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 fst[3U]; +typedef struct tuple_230_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 fst[3U]; uint8_t snd; -} tuple_b00; +} tuple_230; /** A monomorphic instance of @@ -3019,9 +3013,9 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_f4(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_b4(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -3031,7 +3025,7 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_fb( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -3070,9 +3064,9 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_b2( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - libcrux_ml_kem_hash_functions_avx2_PRFxN_fb(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRFxN_41(input, ret); } /** @@ -3082,8 +3076,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_4a( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_61( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3118,7 +3112,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_4a( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_ef_ef( + return libcrux_ml_kem_polynomial_from_i16_array_ef_61( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3129,8 +3123,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_20( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_61( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3164,7 +3158,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_20( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_ef_ef( + return libcrux_ml_kem_polynomial_from_i16_array_ef_61( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3175,10 +3169,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 2 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_sampling_sample_from_binomial_distribution_89( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_4a( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_61( randomness); } @@ -3189,8 +3183,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_13( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; @@ -3211,23 +3205,23 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ef( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_13(re); +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re) { + libcrux_ml_kem_ntt_ntt_at_layer_7_61(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ca( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_61( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_ba( + libcrux_ml_kem_ntt_ntt_at_layer_3_61( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_89( + libcrux_ml_kem_ntt_ntt_at_layer_2_61( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_d7( + libcrux_ml_kem_ntt_ntt_at_layer_1_61( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_a9(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_61(re); } /** @@ -3240,8 +3234,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b4( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -3250,19 +3244,21 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_b2(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ef(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_61(&re_as_ntt[i0]); } return domain_separator; } @@ -3276,29 +3272,29 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( +static KRML_MUSTINLINE tuple_230 +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_b4( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b4( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_230 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -3310,9 +3306,9 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_92(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_b4(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -3324,12 +3320,12 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_fe(uint8_t prf_input[33U], +static KRML_MUSTINLINE tuple_230 +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_b4(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - error_1[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + error_1[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -3338,31 +3334,33 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_fe(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_b2(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 copy_of_error_1[3U]; memcpy( copy_of_error_1, error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - tuple_b00 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + tuple_230 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + lit.snd = domain_separator; + return lit; } /** @@ -3371,7 +3369,7 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_960( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a6( Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( @@ -3390,9 +3388,9 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_160( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_410( Eurydice_slice input, uint8_t ret[128U]) { - libcrux_ml_kem_hash_functions_avx2_PRF_960(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRF_a6(input, ret); } /** @@ -3402,9 +3400,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_c6(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_matrix_compute_vector_u_closure_ab(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -3419,9 +3417,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_3a( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; @@ -3441,49 +3439,44 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_43( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result0[3U]; +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*a_as_ntt)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result0[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + result[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result0[i1], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_61(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_ab(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result0[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_3a(&result0[i1], - &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ab(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_61(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; - memcpy( - result, result0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); memcpy( ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -3493,7 +3486,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_06( +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_61( __m256i vec) { __m256i z = libcrux_ml_kem_vector_avx2_ZERO_09(); __m256i s = libcrux_ml_kem_vector_avx2_sub_09(z, &vec); @@ -3508,11 +3501,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_45( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_then_decompress_message_61( uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; __m256i coefficient_compressed = @@ -3520,7 +3513,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_45( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_06(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_61(coefficient_compressed); } return re; } @@ -3537,11 +3530,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_81( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3565,23 +3558,23 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_5b( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_ef_05(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_matrix_compute_ring_element_v_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result = + libcrux_ml_kem_polynomial_ZERO_ef_61(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_61(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_ab(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ea(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_81( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ab(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_61( error_2, message, result); return result; } @@ -3594,7 +3587,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_ef( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3649,9 +3642,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_ef( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_ef( vector); } @@ -3663,14 +3656,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_34( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_10_0e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_ef( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_61( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_09(coefficient, bytes); @@ -3692,7 +3685,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f0( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_c4( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3747,9 +3740,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e0( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_c4( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f0( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_c4( vector); } @@ -3761,14 +3754,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_47( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_11_0e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e0( - libcrux_ml_kem_vector_traits_to_unsigned_representative_3f( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_c4( + libcrux_ml_kem_vector_traits_to_unsigned_representative_61( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_09(coefficient, bytes); @@ -3789,11 +3782,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_e3( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_34(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_a4( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[320U]) { + uint8_t result[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_0e(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -3806,23 +3799,23 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_57( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_e3(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_a4(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3837,7 +3830,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f1( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d1( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3892,9 +3885,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e1( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_d1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f1( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d1( vector); } @@ -3906,14 +3899,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_c3( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, +libcrux_ml_kem_serialize_compress_then_serialize_4_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_3e1( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_09_d1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_61( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_09(coefficient, bytes); @@ -3932,7 +3925,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f2( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_f4( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3987,9 +3980,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_3e2( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_09_f4( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_4f2( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_f4( vector); } @@ -4001,14 +3994,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_de( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, +libcrux_ml_kem_serialize_compress_then_serialize_5_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_3e2( - libcrux_ml_kem_vector_traits_to_unsigned_representative_3f( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_09_f4( + libcrux_ml_kem_vector_traits_to_unsigned_representative_61( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_09(coefficients, bytes); @@ -4028,9 +4021,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ba( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_c3(re, out); +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_78( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re, Eurydice_slice out) { + libcrux_ml_kem_serialize_compress_then_serialize_4_61(re, out); } /** @@ -4051,60 +4044,60 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_74( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( + tuple_230 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_b4( copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_fe( + tuple_230 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_b4( copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_1[3U]; memcpy( error_1, uu____3.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_160( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_410( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_d7( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_2 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_89( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_43(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 u[3U]; + libcrux_ml_kem_matrix_compute_vector_u_ab(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_45( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 message_as_ring_element = + libcrux_ml_kem_serialize_deserialize_then_decompress_message_61( copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_5b( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 v = + libcrux_ml_kem_matrix_compute_ring_element_v_ab( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____5[3U]; memcpy( uu____5, u, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_57( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_8c( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ba( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____6 = v; + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_78( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4128,31 +4121,31 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_b6(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_74(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 - unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 + unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_ab(); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ab( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____0)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____0)[3U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_ee(uu____0, ret0, false); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____1 = + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + libcrux_ml_kem_matrix_sample_matrix_A_6c(uu____0, ret0, false); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____1, copy_of_message, - randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_74(uu____1, copy_of_message, + randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -4167,7 +4160,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_16( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_ae( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4199,8 +4192,8 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_ind_cca_decapsulate_a1( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -4217,10 +4210,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_1c(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_2f(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -4228,7 +4221,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -4237,14 +4230,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -4252,18 +4245,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b6(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_74(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_16( + libcrux_ml_kem_variant_kdf_d8_ae( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_16(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_ae(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4293,10 +4286,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0b( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1f(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a1(private_key, ciphertext, ret); } /** @@ -4308,9 +4301,9 @@ static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0b( */ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_0b(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_35(private_key, ciphertext, ret); } @@ -4325,7 +4318,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_64( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_be( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4343,7 +4336,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_H_a9_41( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -4368,28 +4361,28 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_82( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_70( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_64( + libcrux_ml_kem_variant_entropy_preprocess_d8_be( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -4398,27 +4391,27 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_82( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b6(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_74(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_16(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_ae(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -4442,15 +4435,15 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_71( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_82(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_70(uu____0, copy_of_randomness); } /** @@ -4461,14 +4454,14 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_71( bytes of `randomness`. */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_avx2_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_71( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_cd( uu____0, copy_of_randomness); } @@ -4484,12 +4477,12 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(void) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 lit; - lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); - lit.secret_as_ntt[2U] = libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 +libcrux_ml_kem_ind_cpa_unpacked_default_1a_ab(void) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 lit; + lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); + lit.secret_as_ntt[2U] = libcrux_ml_kem_polynomial_ZERO_ef_61(); return lit; } @@ -4504,7 +4497,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_75( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_be( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4515,7 +4508,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_75( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -4527,7 +4520,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_79( +static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_61( __m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_09( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -4546,14 +4539,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_34( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_79( + libcrux_ml_kem_vector_traits_to_standard_domain_61( self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_09( libcrux_ml_kem_vector_avx2_add_09(coefficient_normal_form, @@ -4568,40 +4561,40 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_2d( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt) { +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_ab( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 (*matrix_A)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_ZERO_ef_05(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + libcrux_ml_kem_polynomial_ZERO_ef_61(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_b2(matrix_element, + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_61(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_4f(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_ab(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_34( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_61( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -4616,50 +4609,50 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_22( Eurydice_slice key_generation_seed, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 *private_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_75(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_be(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_ee(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + libcrux_ml_kem_matrix_sample_matrix_A_6c(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b4( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_b4( copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_2d( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + libcrux_ml_kem_matrix_compute_As_plus_e_ab( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____5); + unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -4671,13 +4664,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_2c( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_7b( + __m256i coefficient = libcrux_ml_kem_serialize_to_unsigned_field_modulus_61( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_09(coefficient, bytes); @@ -4699,25 +4692,25 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_99( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2), - libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6), + libcrux_ml_kem_polynomial_PolynomialRingElement_f6); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_2c(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_61(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4733,13 +4726,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_99(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_ed(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4757,15 +4750,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_ca( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_ed( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ed(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -4782,20 +4773,20 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_6a(Eurydice_slice key_generation_seed) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( +libcrux_ml_kem_ind_cpa_generate_keypair_bb(Eurydice_slice key_generation_seed) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 private_key = + libcrux_ml_kem_ind_cpa_unpacked_default_1a_ab(); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 public_key = + libcrux_ml_kem_ind_cpa_unpacked_default_8d_ab(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_22( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_ca( + libcrux_ml_kem_ind_cpa_serialize_public_key_ed( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_99(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_ed(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4805,12 +4796,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_6a(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -4821,7 +4812,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_ae( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -4847,7 +4838,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41(public_key, ret0); + libcrux_ml_kem_hash_functions_avx2_H_a9_e0(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -4878,7 +4869,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d6(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -4887,13 +4878,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_6a(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_bb(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_ae( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -4901,14 +4892,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -4924,12 +4915,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_20( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_0b(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d6(copy_of_randomness); } /** @@ -4941,7 +4932,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_20( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_c6( copy_of_randomness); } @@ -4957,24 +4948,24 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_f5( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_ae( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; - libcrux_ml_kem_utils_into_padded_array_42(shared_secret, kdf_input); + libcrux_ml_kem_utils_into_padded_array_24(shared_secret, kdf_input); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_76(ciphertext), + libcrux_ml_kem_types_as_slice_d4_80(ciphertext), uint8_t), ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); uint8_t ret1[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_41( Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1); memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); } @@ -5002,8 +4993,8 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_ind_cca_decapsulate_a10( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -5020,10 +5011,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_1c(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_2f(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5031,7 +5022,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5040,14 +5031,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5055,18 +5046,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_1f0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b6(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_74(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_f5( + libcrux_ml_kem_variant_kdf_33_ae( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_f5(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_ae(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5100,10 +5091,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_02( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1f0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a10(private_key, ciphertext, ret); } /** @@ -5115,9 +5106,9 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_02( */ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_02( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_35( private_key, ciphertext, ret); } @@ -5132,9 +5123,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_e7( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_be( Eurydice_slice randomness, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_avx2_H_a9_41(randomness, ret); + libcrux_ml_kem_hash_functions_avx2_H_a9_e0(randomness, ret); } /** @@ -5157,28 +5148,28 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_820( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_700( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_e7( + libcrux_ml_kem_variant_entropy_preprocess_33_be( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5187,27 +5178,27 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_820( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b6(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_74(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_f5(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_ae(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -5234,15 +5225,15 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_7a( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_820(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_700(uu____0, copy_of_randomness); } /** @@ -5253,14 +5244,14 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_7a( bytes of `randomness`. */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_7a( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_cd( uu____0, copy_of_randomness); } @@ -5275,9 +5266,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_bc( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_be( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { - libcrux_ml_kem_hash_functions_avx2_G_a9_9f(key_generation_seed, ret); + libcrux_ml_kem_hash_functions_avx2_G_a9_e0(key_generation_seed, ret); } /** @@ -5290,50 +5281,50 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a40( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_220( Eurydice_slice key_generation_seed, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 *private_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_bc(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_be(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_ee(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + libcrux_ml_kem_matrix_sample_matrix_A_6c(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b0( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b4( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_81( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_b4( copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_2d( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + libcrux_ml_kem_matrix_compute_As_plus_e_ab( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____5); + unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -5351,21 +5342,21 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_6a0( +libcrux_ml_kem_ind_cpa_generate_keypair_bb0( Eurydice_slice key_generation_seed) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a40( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 private_key = + libcrux_ml_kem_ind_cpa_unpacked_default_1a_ab(); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 public_key = + libcrux_ml_kem_ind_cpa_unpacked_default_8d_ab(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_220( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_ca( + libcrux_ml_kem_ind_cpa_serialize_public_key_ed( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_99(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_ed(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5375,12 +5366,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_6a0( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5398,7 +5389,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d60(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5407,13 +5398,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_6a0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_bb0(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_1f( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_ae( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5421,14 +5412,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_0b0(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -5445,12 +5436,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_74( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_0b0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d60(copy_of_randomness); } /** @@ -5462,7 +5453,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_74( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_c6( copy_of_randomness); } @@ -5475,11 +5466,11 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_3a( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_12( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), @@ -5501,10 +5492,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_4f( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_31( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_3a(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_12(private_key, ciphertext); } @@ -5515,9 +5506,9 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_4f( */ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_4f( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_31( private_key, ciphertext); } @@ -5528,10 +5519,10 @@ types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_4b( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_ab( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -5542,18 +5533,22 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_3e( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ab( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ab( public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 result[3U]; memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + result, deserialized_pk, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); + memcpy( + ret, result, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); } /** @@ -5565,16 +5560,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_c0( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_ed( uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_3e( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 deserialized_pk[3U]; + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_ab( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_ca( + libcrux_ml_kem_ind_cpa_serialize_public_key_ed( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5593,9 +5588,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a4( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_31( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_c0(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_ed(public_key); } /** @@ -5605,8 +5600,8 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a4( */ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_a4( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) { + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_31( public_key->value); } @@ -5632,14 +5627,14 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_12( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b3( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_2f( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, @@ -5650,7 +5645,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a( uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5659,30 +5654,30 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420( + libcrux_ml_kem_utils_into_padded_array_15( Eurydice_array_to_slice( (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t), to_hash); Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_16( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____3 = + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *uu____3 = &key_pair->public_key.ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_74( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -5719,10 +5714,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_e8( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_35( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_6a(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_12(key_pair, ciphertext, ret); } /** @@ -5736,7 +5731,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_decapsulate( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_e8( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_35( private_key, ciphertext, ret); } @@ -5759,11 +5754,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_11( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_unpacked_encapsulate_70( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, @@ -5773,7 +5768,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_11( (size_t)32U, public_key->public_key_hash, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_9f( + libcrux_ml_kem_hash_functions_avx2_G_a9_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5781,13 +5776,13 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_11( Eurydice_slice_uint8_t_x2); Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____2 = + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *uu____2 = &public_key->ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_05(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_74(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -5797,12 +5792,12 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_11( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -5830,16 +5825,16 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_89( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cd( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_11(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_70(uu____0, copy_of_randomness); } @@ -5852,15 +5847,15 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_89( [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_89( + return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_cd( uu____0, copy_of_randomness); } @@ -5879,9 +5874,9 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_59(size_t _j) { - return libcrux_ml_kem_polynomial_ZERO_ef_05(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_d6(size_t _j) { + return libcrux_ml_kem_polynomial_ZERO_ef_61(); } /** @@ -5899,10 +5894,10 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_c4( - size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_d6( + size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_05(); + ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_61(); } } @@ -5918,10 +5913,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_clone_8d_ae( - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f6 +libcrux_ml_kem_polynomial_clone_8d_61( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 lit; __m256i ret[16U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)16U, self->coefficients, ret, __m256i, void *); @@ -5946,7 +5941,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_41( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_d6( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -5956,46 +5951,46 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_41( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_a4( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_22( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_c4(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_d6(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_ae( + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0 = + libcrux_ml_kem_polynomial_clone_8d_61( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } } - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____1[3U][3U]; memcpy(uu____1, A, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U])); memcpy(out->public_key.ind_cpa_public_key.A, uu____1, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_ca( + libcrux_ml_kem_ind_cpa_serialize_public_key_ed( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), pk_serialized); uint8_t uu____2[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_slice((size_t)1184U, pk_serialized, uint8_t), uu____2); memcpy(out->public_key.public_key_hash, uu____2, (size_t)32U * sizeof(uint8_t)); uint8_t uu____3[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, implicit_rejection_value, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____3); + unwrap_26_b3(dst, uu____3); memcpy(out->private_key.implicit_rejection_value, uu____3, (size_t)32U * sizeof(uint8_t)); } @@ -6017,13 +6012,13 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b7( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_c6( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_41(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_d6(copy_of_randomness, out); } /** @@ -6036,7 +6031,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b7( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_c6( copy_of_randomness, key_pair); } @@ -6052,10 +6047,10 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_default_1c_9e(void) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; - lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_89(); +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 +libcrux_ml_kem_ind_cca_unpacked_default_1c_ab(void) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 lit; + lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_ab(); lit.public_key_hash[0U] = 0U; lit.public_key_hash[1U] = 0U; lit.public_key_hash[2U] = 0U; @@ -6105,9 +6100,9 @@ with const generics KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_e2(void) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; - uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_3c(); + libcrux_ml_kem_ind_cca_unpacked_default_07_ab(void) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_63 uu____0; + uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_ab(); uu____0.implicit_rejection_value[0U] = 0U; uu____0.implicit_rejection_value[1U] = 0U; uu____0.implicit_rejection_value[2U] = 0U; @@ -6143,7 +6138,7 @@ static KRML_MUSTINLINE return ( CLITERAL(libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_9e()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_ab()}); } /** @@ -6152,16 +6147,16 @@ static KRML_MUSTINLINE KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_e2(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_ab(); } /** Create a new, empty unpacked public key. */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_9e(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_ab(); } /** @@ -6182,10 +6177,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_ed( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *self, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_ed( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -6210,10 +6205,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a7( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_ed( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92( + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_ed( &self->public_key, serialized); } @@ -6224,8 +6219,8 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a7(key_pair, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_ed(key_pair, serialized); } @@ -6241,28 +6236,28 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_42( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ab( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)3U, self->t_as_ntt, uu____0, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2, void *); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6, void *); uint8_t uu____1[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->seed_for_A, uu____1, uint8_t, void *); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 ret[3U][3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)3U, self->A, ret, - libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U], void *); + libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U], void *); memcpy(lit.A, ret, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f6[3U])); return lit; } @@ -6278,12 +6273,12 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_clone_28_24( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 +libcrux_ml_kem_ind_cca_unpacked_clone_28_ab( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *self) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_42(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_ab(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -6306,8 +6301,8 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_77( +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 * +libcrux_ml_kem_ind_cca_unpacked_public_key_de_ab( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -6318,10 +6313,10 @@ libcrux_ml_kem_ind_cca_unpacked_public_key_de_77( KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_24( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_77(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *pk) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 uu____0 = + libcrux_ml_kem_ind_cca_unpacked_clone_28_ab( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_ab(key_pair)); pk[0U] = uu____0; } @@ -6330,9 +6325,9 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( */ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_serialized_public_key( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_92(public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *public_key, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_ed(public_key, serialized); } @@ -6350,33 +6345,33 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_72( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_6d( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ea( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ab( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; - libcrux_ml_kem_utils_into_padded_array_423( + libcrux_ml_kem_utils_into_padded_array_9e( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), uu____1); memcpy(unpacked_public_key->ind_cpa_public_key.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_d2(*uu____2)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_f6(*uu____2)[3U] = unpacked_public_key->ind_cpa_public_key.A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421( + libcrux_ml_kem_utils_into_padded_array_b6( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), ret); - libcrux_ml_kem_matrix_sample_matrix_A_ee(uu____2, ret, false); + libcrux_ml_kem_matrix_sample_matrix_A_6c(uu____2, ret, false); uint8_t uu____3[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_41( + libcrux_ml_kem_hash_functions_avx2_H_a9_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -6397,11 +6392,11 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_d1( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_a5( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_72(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_6d(public_key, unpacked_public_key); } @@ -6410,10 +6405,10 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_d1( */ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_unpacked_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_d1( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_a5( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h index a99ed2625..10ba95cd1 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_avx2_types_H @@ -27,9 +27,9 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement with types libcrux_ml_kem_vector_avx2_SIMD256Vector */ -typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_d2_s { +typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f6_s { __m256i coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement_d2; +} libcrux_ml_kem_polynomial_PolynomialRingElement_f6; /** A monomorphic instance of @@ -37,11 +37,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 t_as_ntt[3U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; -} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0; + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 A[3U][3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63; /** A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.MlKemPublicKeyUnpacked @@ -49,12 +49,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0_s { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 ind_cpa_public_key; +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_63 ind_cpa_public_key; uint8_t public_key_hash[32U]; -} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63; -typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768PublicKeyUnpacked; /** @@ -63,9 +63,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; -} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0; +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_f6 secret_as_ntt[3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63; /** A monomorphic instance of @@ -73,15 +73,15 @@ libcrux_ml_kem.ind_cca.unpacked.MlKemPrivateKeyUnpacked with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0_s { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_63_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_63 ind_cpa_private_key; uint8_t implicit_rejection_value[32U]; -} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_63; typedef struct libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked_s { - libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 private_key; - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 public_key; + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_63 private_key; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_63 public_key; } libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked; #if defined(__cplusplus) diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 2d7b89018..c4fac71e6 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_portable_H @@ -111,11 +111,11 @@ libcrux_ml_kem_vector_portable_vector_type_from_i16_array( Eurydice_slice array) { libcrux_ml_kem_vector_portable_vector_type_PortableVector lit; int16_t ret[16U]; - Result_c0 dst; + Result_0a dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(array, (size_t)0U, (size_t)16U, int16_t), Eurydice_slice, int16_t[16U]); - unwrap_26_30(dst, ret); + unwrap_26_00(dst, ret); memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t)); return lit; } @@ -250,6 +250,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_11( ret[21U] = r11_21.f10; } +static inline void libcrux_ml_kem_vector_portable_serialize_11( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[22U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -257,7 +263,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_11_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[22U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret); + libcrux_ml_kem_vector_portable_serialize_11(a, ret); } typedef struct int16_t_x8_s { @@ -361,13 +367,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_11(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a); + return libcrux_ml_kem_vector_portable_deserialize_11(a); } static KRML_MUSTINLINE void @@ -1221,7 +1232,9 @@ libcrux_ml_kem_vector_portable_compress_compress_message_coefficient( int16_t mask = shifted >> 15U; int16_t shifted_to_positive = mask ^ shifted; int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832; - return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1); + int16_t r0 = shifted_positive_in_range >> 15U; + int16_t r1 = r0 & (int16_t)1; + return (uint8_t)r1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1271,8 +1284,10 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step( int16_t t = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( vec->elements[j], zeta); - vec->elements[j] = vec->elements[i] - t; - vec->elements[i] = vec->elements[i] + t; + int16_t a_minus_t = vec->elements[i] - t; + int16_t a_plus_t = vec->elements[i] + t; + vec->elements[j] = a_minus_t; + vec->elements[i] = a_plus_t; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1381,8 +1396,9 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step( libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec, int16_t zeta, size_t i, size_t j) { int16_t a_minus_b = vec->elements[j] - vec->elements[i]; + int16_t a_plus_b = vec->elements[j] + vec->elements[i]; int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element( - vec->elements[i] + vec->elements[j]); + a_plus_b); int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer( a_minus_b, zeta); @@ -1497,12 +1513,11 @@ static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( libcrux_ml_kem_vector_portable_vector_type_PortableVector *a, libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta, - size_t i, size_t j, - libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { - int16_t ai = a->elements[i]; - int16_t bi = b->elements[i]; - int16_t aj = a->elements[j]; - int16_t bj = b->elements[j]; + size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) { + int16_t ai = a->elements[(size_t)2U * i]; + int16_t bi = b->elements[(size_t)2U * i]; + int16_t aj = a->elements[(size_t)2U * i + (size_t)1U]; + int16_t bj = b->elements[(size_t)2U * i + (size_t)1U]; int32_t ai_bi = (int32_t)ai * (int32_t)bi; int32_t aj_bj_ = (int32_t)aj * (int32_t)bj; int16_t aj_bj = @@ -1519,8 +1534,10 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( int16_t o1 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element( ai_bj_aj_bi); - out->elements[i] = o0; - out->elements[j] = o1; + int16_t _out0[16U]; + memcpy(_out0, out->elements, (size_t)16U * sizeof(int16_t)); + out->elements[(size_t)2U * i] = o0; + out->elements[(size_t)2U * i + (size_t)1U] = o1; } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1534,22 +1551,22 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply( int16_t nzeta3 = -zeta3; libcrux_ml_kem_vector_portable_vector_type_PortableVector out = libcrux_ml_kem_vector_portable_vector_type_zero(); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta0, (size_t)2U, (size_t)3U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta1, (size_t)6U, (size_t)7U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta2, (size_t)10U, (size_t)11U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out); - libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials( - lhs, rhs, nzeta3, (size_t)14U, (size_t)15U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta0, + (size_t)0U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta0, + (size_t)1U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta1, + (size_t)2U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta1, + (size_t)3U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta2, + (size_t)4U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta2, + (size_t)5U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, zeta3, + (size_t)6U, &out); + libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(lhs, rhs, nzeta3, + (size_t)7U, &out); return out; } @@ -1590,6 +1607,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_1( ret[1U] = result1; } +static inline void libcrux_ml_kem_vector_portable_serialize_1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[2U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1597,7 +1620,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_1_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[2U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret); + libcrux_ml_kem_vector_portable_serialize_1(a, ret); } static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -1684,13 +1707,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a); + return libcrux_ml_kem_vector_portable_deserialize_1(a); } typedef struct uint8_t_x4_s { @@ -1748,6 +1776,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_4( ret[7U] = result4_7.f3; } +static inline void libcrux_ml_kem_vector_portable_serialize_4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[8U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1755,7 +1789,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_4_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[8U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret); + libcrux_ml_kem_vector_portable_serialize_4(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -1825,13 +1859,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a); + return libcrux_ml_kem_vector_portable_deserialize_4(a); } typedef struct uint8_t_x5_s { @@ -1888,6 +1927,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_5( ret[9U] = r5_9.f4; } +static inline void libcrux_ml_kem_vector_portable_serialize_5( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[10U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -1895,7 +1940,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_5_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[10U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret); + libcrux_ml_kem_vector_portable_serialize_5(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -1976,13 +2021,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_5(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a); + return libcrux_ml_kem_vector_portable_deserialize_5(a); } static KRML_MUSTINLINE uint8_t_x5 @@ -2057,6 +2107,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_10( ret[19U] = r15_19.f4; } +static inline void libcrux_ml_kem_vector_portable_serialize_10( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[20U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2064,7 +2120,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_10_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[20U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret); + libcrux_ml_kem_vector_portable_serialize_10(a, ret); } static KRML_MUSTINLINE int16_t_x8 @@ -2153,13 +2209,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a); + return libcrux_ml_kem_vector_portable_deserialize_10(a); } typedef struct uint8_t_x3_s { @@ -2234,6 +2295,12 @@ libcrux_ml_kem_vector_portable_serialize_serialize_12( ret[23U] = r21_23.thd; } +static inline void libcrux_ml_kem_vector_portable_serialize_12( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a, + uint8_t ret[24U]) { + libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} @@ -2241,7 +2308,7 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} static inline void libcrux_ml_kem_vector_portable_serialize_12_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, uint8_t ret[24U]) { - libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret); + libcrux_ml_kem_vector_portable_serialize_12(a, ret); } typedef struct int16_t_x2_s { @@ -2304,13 +2371,18 @@ libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) { return lit; } +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) { + return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); +} + /** This function found in impl {(libcrux_ml_kem::vector::traits::Operations for libcrux_ml_kem::vector::portable::vector_type::PortableVector)} */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) { - return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a); + return libcrux_ml_kem_vector_portable_deserialize_12(a); } static KRML_MUSTINLINE size_t @@ -2430,10 +2502,10 @@ static inline size_t libcrux_ml_kem_vector_portable_rej_sample_0d( (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE + \ LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768) -typedef libcrux_ml_kem_types_MlKemPrivateKey_55 +typedef libcrux_ml_kem_types_MlKemPrivateKey_d9 libcrux_ml_kem_mlkem768_MlKem768PrivateKey; -typedef libcrux_ml_kem_types_MlKemPublicKey_15 +typedef libcrux_ml_kem_types_MlKemPublicKey_30 libcrux_ml_kem_mlkem768_MlKem768PublicKey; #define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT_768 \ @@ -2457,9 +2529,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ZERO_ef_1b(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ZERO_ef_8c(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[2U] = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -2485,9 +2557,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_57(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_1b(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -2496,11 +2568,11 @@ libcrux_ml_kem.serialize.deserialize_to_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_4c( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2519,12 +2591,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_1b( Eurydice_slice secret_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / @@ -2536,18 +2608,14 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_4c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8c( secret_bytes); secret_as_ntt[i0] = uu____0; } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( - ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, secret_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -2558,9 +2626,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_77(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_6c(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -2570,18 +2638,18 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10); decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -2595,9 +2663,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef( v); } @@ -2607,18 +2675,17 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_10 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_f9( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_10_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); - LowStar_Ignore_ignore( - Eurydice_slice_len( - Eurydice_array_to_slice( - (size_t)16U, re.coefficients, - libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); + size_t _coefficients_length = Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, re.coefficients, libcrux_ml_kem_vector_portable_vector_type_PortableVector), - size_t, void *); + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + LowStar_Ignore_ignore(_coefficients_length, size_t, void *); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -2627,7 +2694,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_f9( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ef( coefficient); re.coefficients[i0] = uu____0; } @@ -2641,18 +2708,18 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a0( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_c4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11); decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -2666,9 +2733,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea0( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_c4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a0( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_c4( v); } @@ -2678,11 +2745,11 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_11 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_a7( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_11_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -2691,7 +2758,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_a7( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea0( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_c4( coefficient); re.coefficients[i0] = uu____0; } @@ -2704,10 +2771,10 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_d9( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_f9(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_8c(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2722,7 +2789,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad( +libcrux_ml_kem_vector_traits_montgomery_multiply_fe_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -2736,12 +2803,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(b, zeta_r); + libcrux_ml_kem_vector_traits_montgomery_multiply_fe_8c(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -2755,8 +2822,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -2768,7 +2835,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_57( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_8c( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -2785,8 +2852,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_d0( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2805,8 +2872,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_76( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2826,8 +2893,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_5d( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -2854,8 +2921,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2872,24 +2939,24 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_62( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_0a( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U, (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U, (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U, (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_d0(&zeta_i, re, (size_t)3U, + libcrux_ml_kem_ntt_ntt_at_layer_3_8c(&zeta_i, re, (size_t)3U, (size_t)5U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_76(&zeta_i, re, (size_t)2U, + libcrux_ml_kem_ntt_ntt_at_layer_2_8c(&zeta_i, re, (size_t)2U, (size_t)6U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_5d(&zeta_i, re, (size_t)1U, + libcrux_ml_kem_ntt_ntt_at_layer_1_8c(&zeta_i, re, (size_t)1U, (size_t)7U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_8c(re); } /** @@ -2901,12 +2968,12 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9d( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( uint8_t *ciphertext, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len( @@ -2926,13 +2993,13 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9d( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_d9( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_62(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_0a(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -2942,18 +3009,18 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a1( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4); decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -2967,9 +3034,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea1( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_d1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a1( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1( v); } @@ -2979,11 +3046,11 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_87( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_4_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -2992,7 +3059,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_87( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea1( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_d1( coefficient); re.coefficients[i0] = uu____0; } @@ -3006,18 +3073,18 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a2( - libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_f4( + libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; - int32_t decompressed = (int32_t)v.elements[i0] * + int32_t decompressed = (int32_t)a.elements[i0] * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS; decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5); decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1); - v.elements[i0] = (int16_t)decompressed; + a.elements[i0] = (int16_t)decompressed; } - return v; + return a; } /** @@ -3031,9 +3098,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea2( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f4( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_4a2( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_f4( v); } @@ -3043,11 +3110,11 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_df( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_5_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -3056,7 +3123,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_df( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_ea2( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_f4( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3069,10 +3136,10 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_54( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_d0( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_87(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_8c(serialized); } /** @@ -3086,12 +3153,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_ef_45( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_ntt_multiply_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d out = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3121,9 +3188,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_ef_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3145,8 +3212,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_28( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -3168,8 +3235,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_69( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -3189,8 +3256,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_6a( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t round = i; @@ -3211,7 +3278,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_96( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3219,7 +3286,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_ad(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_8c(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -3232,8 +3299,8 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa( - size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c( + size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) { @@ -3247,7 +3314,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_96( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_8c( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_get_zeta(zeta_i[0U])); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3264,22 +3331,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_28(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_69(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_6a(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_8c(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_8c(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_8c(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_fa(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_8c(re); } /** @@ -3293,10 +3360,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_ef_3d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_subtract_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3319,22 +3386,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_d5( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_message_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_45(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_8c(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_1b(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_ef_3d(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_ef_8c(v, result); return result; } @@ -3344,7 +3411,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_95( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3364,9 +3431,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_9d( +libcrux_ml_kem_vector_portable_shift_right_0d_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_95(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef(v); } /** @@ -3376,10 +3443,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( +libcrux_ml_kem_vector_traits_to_unsigned_representative_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_9d(a); + libcrux_ml_kem_vector_portable_shift_right_0d_ef(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -3393,10 +3460,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( +libcrux_ml_kem_serialize_to_unsigned_field_modulus_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector result = - libcrux_ml_kem_vector_traits_to_unsigned_representative_7c(a); + libcrux_ml_kem_vector_traits_to_unsigned_representative_8c(a); return result; } @@ -3407,13 +3474,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_b1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { +libcrux_ml_kem_serialize_compress_then_serialize_message_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8c( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3441,20 +3508,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_42( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_9d(ciphertext, u_as_ntt); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_54( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U]; + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_d0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_d5(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message = + libcrux_ml_kem_matrix_compute_message_1b(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_b1(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_8c(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3468,25 +3535,25 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_35(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_42(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_ab(secret_key, secret_as_ntt); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; + libcrux_ml_kem_ind_cpa_deserialize_secret_key_1b(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_secret_as_ntt[3U]; memcpy( copy_of_secret_as_ntt, secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 secret_key_unpacked; memcpy( secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - uint8_t result[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d(&secret_key_unpacked, ciphertext, - result); - memcpy(ret, result, (size_t)32U * sizeof(uint8_t)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + uint8_t ret0[32U]; + libcrux_ml_kem_ind_cpa_decrypt_unpacked_42(&secret_key_unpacked, ciphertext, + ret0); + memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } /** @@ -3498,7 +3565,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_87( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -3508,7 +3575,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f7( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_9e( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( @@ -3526,9 +3593,9 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_41( Eurydice_slice input, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_PRF_f7(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_9e(input, ret); } /** @@ -3542,27 +3609,27 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(void) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_default_8d_1b(void) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - uu____0[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + uu____0[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } uint8_t uu____1[32U] = {0U}; - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 lit; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - lit.A[0U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[0U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[0U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[1U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[1U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[1U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[2U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[2U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.A[2U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + lit.A[0U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[0U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[0U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[1U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[1U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[1U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[2U][0U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[2U][1U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.A[2U][2U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); return lit; } @@ -3572,11 +3639,11 @@ libcrux_ml_kem.serialize.deserialize_to_reduced_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_87( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8c( Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -3598,9 +3665,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) { for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -3611,8 +3678,8 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT + LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_87( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8c( ring_element); deserialized_pk[i0] = uu____0; } @@ -3623,9 +3690,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash with const generics - $3size_t */ -typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_58_s { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; -} libcrux_ml_kem_hash_functions_portable_PortableHash_58; +typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_88_s { + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U]; +} libcrux_ml_kem_hash_functions_portable_PortableHash_88; /** A monomorphic instance of @@ -3633,10 +3700,10 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_24( +static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_88 +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0( uint8_t input[3U][34U]) { - libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; + libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init(); } @@ -3647,12 +3714,12 @@ libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_24( Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t)); } /* Passing arrays by value in Rust generates a copy in C */ - libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[3U]; + libcrux_sha3_generic_keccak_KeccakState_17 copy_of_shake128_state[3U]; memcpy(copy_of_shake128_state, shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); - libcrux_ml_kem_hash_functions_portable_PortableHash_58 lit; + (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); + libcrux_ml_kem_hash_functions_portable_PortableHash_88 lit; memcpy(lit.shake128_state, copy_of_shake128_state, - (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48)); + (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17)); return lit; } @@ -3666,13 +3733,13 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_f1_31( +static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_88 +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_f1_e0( uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_24( + return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0( copy_of_input); } @@ -3683,8 +3750,8 @@ const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_63( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3707,10 +3774,10 @@ with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_f1_2f( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_f1_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self, uint8_t ret[3U][504U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_63( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0( self, ret); } @@ -3763,7 +3830,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 504 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_71( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3805,8 +3872,8 @@ generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_11( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3829,10 +3896,10 @@ generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_f1_c4( - libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_f1_e0( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self, uint8_t ret[3U][168U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_11(self, + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0(self, ret); } @@ -3885,7 +3952,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 168 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_710( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3931,10 +3998,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_from_i16_array_ef_54(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_from_i16_array_ef_8c(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3954,9 +4021,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_xof_closure_eb(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_ef_54( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_xof_closure_2b(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_ef_8c( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -3967,51 +4034,51 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_bf( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_2b( uint8_t seeds[3U][34U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { size_t sampled_coefficients[3U] = {0U}; int16_t out[3U][272U] = {{0U}}; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_hash_functions_portable_PortableHash_58 xof_state = - libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_f1_31( + libcrux_ml_kem_hash_functions_portable_PortableHash_88 xof_state = + libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_f1_e0( copy_of_seeds); uint8_t randomness0[3U][504U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_f1_2f( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_f1_e0( &xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_71( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_f1_c4( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_f1_e0( &xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_710( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890( copy_of_randomness, sampled_coefficients, out); } } /* Passing arrays by value in Rust generates a copy in C */ int16_t copy_of_out[3U][272U]; memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_eb(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_2b(copy_of_out[i]); } memcpy( ret, ret0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -4021,8 +4088,8 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_0d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[3U], +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_2b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -4041,17 +4108,17 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_0d( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_bf(copy_of_seeds, sampled); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[3U]; + libcrux_ml_kem_sampling_sample_from_xof_2b(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, sampled, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j]; if (transpose) { A_transpose[j][i1] = sample; } else { @@ -4067,10 +4134,10 @@ with types libcrux_ml_kem_polynomial_PolynomialRingElement libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t], uint8_t */ -typedef struct tuple_b0_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[3U]; +typedef struct tuple_23_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[3U]; uint8_t snd; -} tuple_b0; +} tuple_23; /** A monomorphic instance of @@ -4082,9 +4149,9 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_55(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_3b(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -4093,7 +4160,7 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_af( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4115,9 +4182,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_13( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_41( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - libcrux_ml_kem_hash_functions_portable_PRFxN_af(input, ret); + libcrux_ml_kem_hash_functions_portable_PRFxN_41(input, ret); } /** @@ -4126,8 +4193,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_2 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_48( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_8c( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4162,7 +4229,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_48( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_ef_54( + return libcrux_ml_kem_polynomial_from_i16_array_ef_8c( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4172,8 +4239,8 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_3 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_3a( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_8c( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4207,7 +4274,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_3a( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_ef_54( + return libcrux_ml_kem_polynomial_from_i16_array_ef_8c( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4217,10 +4284,10 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_48( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_8c( randomness); } @@ -4230,8 +4297,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_97( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { size_t j = i; @@ -4253,23 +4320,23 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d8( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_97(re); +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) { + libcrux_ml_kem_ntt_ntt_at_layer_7_8c(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U, (size_t)11207U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U, (size_t)11207U + (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_bf( + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c( &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_d0( + libcrux_ml_kem_ntt_ntt_at_layer_3_8c( &zeta_i, re, (size_t)3U, (size_t)11207U + (size_t)3U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_76( + libcrux_ml_kem_ntt_ntt_at_layer_2_8c( &zeta_i, re, (size_t)2U, (size_t)11207U + (size_t)4U * (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_5d( + libcrux_ml_kem_ntt_ntt_at_layer_1_8c( &zeta_i, re, (size_t)1U, (size_t)11207U + (size_t)5U * (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_17(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_ef_8c(re); } /** @@ -4282,8 +4349,8 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4292,19 +4359,21 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_13(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_f1_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d8(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_8c(&re_as_ntt[i0]); } return domain_separator; } @@ -4318,29 +4387,29 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( +static KRML_MUSTINLINE tuple_23 +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_3b( uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_re_as_ntt[3U]; memcpy( copy_of_re_as_ntt, re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_23 lit; memcpy( - result.fst, copy_of_re_as_ntt, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_re_as_ntt, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -4352,9 +4421,9 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_b7(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_3b(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -4366,12 +4435,12 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - ETA2= 2 */ -static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95(uint8_t prf_input[33U], +static KRML_MUSTINLINE tuple_23 +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b(uint8_t prf_input[33U], uint8_t domain_separator) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - error_1[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + error_1[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4380,31 +4449,33 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t)); } + uint8_t _prf_inputs_init[3U][33U]; + memcpy(_prf_inputs_init, prf_inputs, (size_t)3U * sizeof(uint8_t[33U])); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_13(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_f1_41(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } /* Passing arrays by value in Rust generates a copy in C */ - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_error_1[3U]; memcpy( copy_of_error_1, error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - tuple_b0 result; + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + tuple_23 lit; memcpy( - result.fst, copy_of_error_1, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - result.snd = domain_separator; - return result; + lit.fst, copy_of_error_1, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + lit.snd = domain_separator; + return lit; } /** @@ -4412,7 +4483,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f70( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_a6( Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( @@ -4430,9 +4501,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_9f0( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_410( Eurydice_slice input, uint8_t ret[128U]) { - libcrux_ml_kem_hash_functions_portable_PRF_f70(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_a6(input, ret); } /** @@ -4441,9 +4512,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_a1(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_vector_u_closure_1b(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -4457,9 +4528,9 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_2f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; @@ -4481,49 +4552,44 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_90( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result0[3U]; +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result0[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + result[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, a_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i0++) { size_t i1 = i0; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1]; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_45(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result0[i1], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_8c(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_1b(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result0[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_ef_2f(&result0[i1], - &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_ef_8c(&result[i1], &error_1[i1]); } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; - memcpy( - result, result0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); memcpy( ret, result, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -4533,7 +4599,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_d4( +libcrux_ml_kem_vector_traits_decompress_1_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) { libcrux_ml_kem_vector_portable_vector_type_PortableVector z = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4551,11 +4617,11 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_c5( +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_then_decompress_message_8c( uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -4565,7 +4631,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_c5( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_d4(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_8c(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4582,11 +4648,11 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_ef_bf( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_add_message_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -4612,23 +4678,23 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_c6( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_matrix_compute_ring_element_v_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_45(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_8c(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_ef_1b(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_b9(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_bf( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_ef_8c( error_2, message, result); return result; } @@ -4639,7 +4705,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_61( +libcrux_ml_kem_vector_portable_compress_compress_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4662,9 +4728,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_fe( +libcrux_ml_kem_vector_portable_compress_0d_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_61(a); + return libcrux_ml_kem_vector_portable_compress_compress_ef(a); } /** @@ -4674,15 +4740,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_9d( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_10_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_fe( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( + libcrux_ml_kem_vector_portable_compress_0d_ef( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8c( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4702,7 +4768,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_610( +libcrux_ml_kem_vector_portable_compress_compress_c4( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4725,9 +4791,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_fe0( +libcrux_ml_kem_vector_portable_compress_0d_c4( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_610(a); + return libcrux_ml_kem_vector_portable_compress_compress_c4(a); } /** @@ -4737,15 +4803,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_63( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { +libcrux_ml_kem_serialize_compress_then_serialize_11_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_fe0( - libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( + libcrux_ml_kem_vector_portable_compress_0d_c4( + libcrux_ml_kem_vector_traits_to_unsigned_representative_8c( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); @@ -4765,11 +4831,11 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_78( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { - uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_9d(re, uu____0); - memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) { + uint8_t result[320U]; + libcrux_ml_kem_serialize_compress_then_serialize_10_ff(re, result); + memcpy(ret, result, (size_t)320U * sizeof(uint8_t)); } /** @@ -4781,23 +4847,23 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_d3( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, input, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0]; Eurydice_slice uu____0 = Eurydice_slice_subslice2( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_78(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4810,7 +4876,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_611( +libcrux_ml_kem_vector_portable_compress_compress_d1( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4833,9 +4899,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_fe1( +libcrux_ml_kem_vector_portable_compress_0d_d1( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_611(a); + return libcrux_ml_kem_vector_portable_compress_compress_d1(a); } /** @@ -4845,15 +4911,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_32( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, +libcrux_ml_kem_serialize_compress_then_serialize_4_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_fe1( - libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( + libcrux_ml_kem_vector_portable_compress_0d_d1( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8c( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4870,7 +4936,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_612( +libcrux_ml_kem_vector_portable_compress_compress_f4( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4893,9 +4959,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_fe2( +libcrux_ml_kem_vector_portable_compress_0d_f4( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { - return libcrux_ml_kem_vector_portable_compress_compress_612(a); + return libcrux_ml_kem_vector_portable_compress_compress_f4(a); } /** @@ -4905,15 +4971,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_14( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, +libcrux_ml_kem_serialize_compress_then_serialize_5_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_fe2( - libcrux_ml_kem_vector_traits_to_unsigned_representative_7c( + libcrux_ml_kem_vector_portable_compress_0d_f4( + libcrux_ml_kem_vector_traits_to_unsigned_representative_8c( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); @@ -4932,9 +4998,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_32( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_32(re, out); +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ff( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice out) { + libcrux_ml_kem_serialize_compress_then_serialize_4_8c(re, out); } /** @@ -4955,60 +5021,60 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_24( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( + tuple_23 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_3b( copy_of_prf_input0, 0U); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator0 = uu____1.snd; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_95( + tuple_23 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b( copy_of_prf_input, domain_separator0); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U]; memcpy( error_1, uu____3.fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_9f0( + libcrux_ml_kem_hash_functions_portable_PRF_f1_410( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_6b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = + libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_90(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[3U]; + libcrux_ml_kem_matrix_compute_vector_u_1b(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_c5( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element = + libcrux_ml_kem_serialize_deserialize_then_decompress_message_8c( copy_of_message); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_c6( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d v = + libcrux_ml_kem_matrix_compute_ring_element_v_1b( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____5[3U]; memcpy( uu____5, u, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_d3( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_32( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____6 = v; + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_ff( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5032,31 +5098,31 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_a7(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_2a(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 - unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_1b(); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____0)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____0)[3U] = unpacked_public_key.A; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_0d(uu____0, ret0, false); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *uu____1 = + libcrux_ml_kem_utils_into_padded_array_b6(seed, ret0); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____0, ret0, false); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); - uint8_t result[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_24(uu____1, copy_of_message, - randomness, result); - memcpy(ret, result, (size_t)1088U * sizeof(uint8_t)); + uint8_t ret1[1088U]; + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(uu____1, copy_of_message, + randomness, ret1); + memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } /** @@ -5070,7 +5136,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_b7( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_d6( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5101,8 +5167,8 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_ind_cca_decapsulate_62( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -5119,10 +5185,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_35(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_42(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5130,7 +5196,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5139,14 +5205,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( + libcrux_ml_kem_hash_functions_portable_PRF_f1_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5154,18 +5220,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d5( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a7(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_b7( + libcrux_ml_kem_variant_kdf_d8_d6( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_d8_b7(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_d8_d6(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5195,10 +5261,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_a8( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_d5(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_62(private_key, ciphertext, ret); } /** @@ -5209,9 +5275,9 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_a8( [`MlKem768Ciphertext`]. */ static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_a8( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35( private_key, ciphertext, ret); } @@ -5225,7 +5291,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_a9( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_9c( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5242,7 +5308,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_d5( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -5266,28 +5332,28 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_49( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_a9( + libcrux_ml_kem_variant_entropy_preprocess_d8_9c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5296,27 +5362,27 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_49( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a7(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_b7(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_d6(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -5339,15 +5405,15 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_a9( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_49(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ca(uu____0, copy_of_randomness); } /** @@ -5357,14 +5423,14 @@ libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_a9( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_a9( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd( uu____0, copy_of_randomness); } @@ -5379,12 +5445,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(void) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 lit; - lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); - lit.secret_as_ntt[2U] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_default_1a_1b(void) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 lit; + lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); + lit.secret_as_ntt[2U] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); return lit; } @@ -5398,7 +5464,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_d1( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_9c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5409,7 +5475,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_d1( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -5421,7 +5487,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_bf( +libcrux_ml_kem_vector_traits_to_standard_domain_8c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -5439,15 +5505,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_0f( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { +libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_bf( + libcrux_ml_kem_vector_traits_to_standard_domain_8c( self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( @@ -5463,40 +5529,40 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_c7( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt) { +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_1b( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[3U], + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) { for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, matrix_A, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i0]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_ZERO_ef_1b(); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_polynomial_ZERO_ef_8c(); t_as_ntt[i0] = uu____0; for (size_t i1 = (size_t)0U; i1 < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, row, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i1++) { size_t j = i1; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element = &row[j]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_ef_45(matrix_element, + libcrux_ml_kem_polynomial_PolynomialRingElement_1d product = + libcrux_ml_kem_polynomial_ntt_multiply_ef_8c(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_ef_5d(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_ef_1b(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_0f( + libcrux_ml_kem_polynomial_add_standard_error_reduce_ef_8c( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5510,50 +5576,50 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( Eurydice_slice key_generation_seed, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_d1(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_9c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_0d(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_3b( copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_c7( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_matrix_compute_As_plus_e_1b( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____5); + unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -5564,14 +5630,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8b( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_serialize_to_unsigned_field_modulus_b0( + libcrux_ml_kem_serialize_to_unsigned_field_modulus_8c( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5592,25 +5658,25 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_5a( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_89( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( (size_t)3U, key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0), - libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d), + libcrux_ml_kem_polynomial_PolynomialRingElement_1d); i++) { size_t i0 = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0]; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8b(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_8c(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5625,13 +5691,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_89(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5648,15 +5714,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_07( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_6c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c(t_as_ntt, seed_for_a, public_key_serialized); - uint8_t result[1184U]; - memcpy(result, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - memcpy(ret, result, (size_t)1184U * sizeof(uint8_t)); + memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } /** @@ -5672,20 +5736,20 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_50(Eurydice_slice key_generation_seed) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( +libcrux_ml_kem_ind_cpa_generate_keypair_15(Eurydice_slice key_generation_seed) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = + libcrux_ml_kem_ind_cpa_unpacked_default_1a_1b(); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = + libcrux_ml_kem_ind_cpa_unpacked_default_8d_1b(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_07( + libcrux_ml_kem_ind_cpa_serialize_public_key_6c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_89(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5695,12 +5759,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_50(Eurydice_slice key_generation_seed) { uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -5710,7 +5774,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5736,7 +5800,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5(public_key, ret0); + libcrux_ml_kem_hash_functions_portable_H_f1_e0(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -5766,7 +5830,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_f8(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5775,13 +5839,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_50(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_15(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5789,14 +5853,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -5812,12 +5876,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d1( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_6f(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_f8(copy_of_randomness); } /** @@ -5828,7 +5892,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d1( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_c6( copy_of_randomness); } @@ -5843,24 +5907,24 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_de( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_d6( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; - libcrux_ml_kem_utils_into_padded_array_42(shared_secret, kdf_input); + libcrux_ml_kem_utils_into_padded_array_24(shared_secret, kdf_input); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_76(ciphertext), + libcrux_ml_kem_types_as_slice_d4_80(ciphertext), uint8_t), ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); uint8_t ret1[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( + libcrux_ml_kem_hash_functions_portable_PRF_f1_41( Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1); memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); } @@ -5887,8 +5951,8 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static inline void libcrux_ml_kem_ind_cca_decapsulate_620( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t), @@ -5905,10 +5969,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_35(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_42(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5916,7 +5980,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5925,14 +5989,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( + libcrux_ml_kem_hash_functions_portable_PRF_f1_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5940,18 +6004,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d50( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a7(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_de( + libcrux_ml_kem_variant_kdf_33_d6( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret1[32U]; - libcrux_ml_kem_variant_kdf_33_de(shared_secret0, ciphertext, shared_secret1); + libcrux_ml_kem_variant_kdf_33_d6(shared_secret0, ciphertext, shared_secret1); uint8_t shared_secret[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret1, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5985,10 +6049,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_08( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_35( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_d50(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_620(private_key, ciphertext, ret); } /** @@ -5999,9 +6063,9 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_08( [`MlKem768Ciphertext`]. */ static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_08( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_35( private_key, ciphertext, ret); } @@ -6015,9 +6079,9 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_47( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_9c( Eurydice_slice randomness, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_H_f1_d5(randomness, ret); + libcrux_ml_kem_hash_functions_portable_H_f1_e0(randomness, ret); } /** @@ -6039,28 +6103,28 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_490( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca0( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_47( + libcrux_ml_kem_variant_entropy_preprocess_33_9c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -6069,27 +6133,27 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_490( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_02(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a7(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_de(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_d6(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -6116,15 +6180,15 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_9e( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_cd( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_490(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ca0(uu____0, copy_of_randomness); } /** @@ -6134,14 +6198,14 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_9e( The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; + libcrux_ml_kem_types_MlKemPublicKey_30 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_9e( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_cd( uu____0, copy_of_randomness); } @@ -6155,9 +6219,9 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_de( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_9c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { - libcrux_ml_kem_hash_functions_portable_G_f1_87(key_generation_seed, ret); + libcrux_ml_kem_hash_functions_portable_G_f1_e0(key_generation_seed, ret); } /** @@ -6169,50 +6233,50 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e90( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c0( Eurydice_slice key_generation_seed, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_de(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_9c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); Eurydice_slice seed_for_A = uu____0.fst; Eurydice_slice seed_for_secret_and_error = uu____0.snd; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____1)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] = public_key->A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_0d(uu____1, ret, true); + libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, true); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, - prf_input); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____2 = + libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error, + prf_input); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = private_key->secret_as_ntt; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_b1( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_cb( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_3b( copy_of_prf_input, domain_separator) .fst, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_c7( + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); + libcrux_ml_kem_matrix_compute_As_plus_e_1b( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____5); + unwrap_26_b3(dst, uu____5); memcpy(public_key->seed_for_A, uu____5, (size_t)32U * sizeof(uint8_t)); } @@ -6229,21 +6293,21 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_500( +libcrux_ml_kem_ind_cpa_generate_keypair_150( Eurydice_slice key_generation_seed) { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e90( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = + libcrux_ml_kem_ind_cpa_unpacked_default_1a_1b(); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = + libcrux_ml_kem_ind_cpa_unpacked_default_8d_1b(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c0( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_07( + libcrux_ml_kem_ind_cpa_serialize_public_key_6c( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5a(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_89(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6253,12 +6317,12 @@ libcrux_ml_kem_ind_cpa_generate_keypair_500( uint8_t copy_of_public_key_serialized[1184U]; memcpy(copy_of_public_key_serialized, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - libcrux_ml_kem_utils_extraction_helper_Keypair768 result; - memcpy(result.fst, copy_of_secret_key_serialized, + libcrux_ml_kem_utils_extraction_helper_Keypair768 lit; + memcpy(lit.fst, copy_of_secret_key_serialized, (size_t)1152U * sizeof(uint8_t)); - memcpy(result.snd, copy_of_public_key_serialized, + memcpy(lit.snd, copy_of_public_key_serialized, (size_t)1184U * sizeof(uint8_t)); - return result; + return lit; } /** @@ -6275,7 +6339,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_f80(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6284,13 +6348,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_500(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_150(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_b0( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6298,14 +6362,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_6f0(uint8_t randomness[64U]) { uint8_t copy_of_secret_key_serialized[2400U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); - libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_7f_af(copy_of_secret_key_serialized); - libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; + libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key = + libcrux_ml_kem_types_from_7f_28(copy_of_secret_key_serialized); + libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_3a_ee( - uu____2, libcrux_ml_kem_types_from_5a_67(copy_of_public_key)); + return libcrux_ml_kem_types_from_3a_74( + uu____2, libcrux_ml_kem_types_from_5a_d0(copy_of_public_key)); } /** @@ -6321,12 +6385,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_69( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_c6( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_6f0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_f80(copy_of_randomness); } /** @@ -6338,7 +6402,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_69( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_c6( copy_of_randomness); } @@ -6350,11 +6414,11 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_fd( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_37( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), @@ -6375,10 +6439,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_b9( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31( + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_fd(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_37(private_key, ciphertext); } @@ -6388,9 +6452,9 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_b9( Returns `true` if valid, and `false` otherwise. */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( - libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, + libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_b9( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31( private_key, ciphertext); } @@ -6401,10 +6465,10 @@ types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_bc( +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_1b( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -6414,18 +6478,22 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a9( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b( Eurydice_slice public_key, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( public_key, deserialized_pk); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U]; + memcpy( + result, deserialized_pk, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy( - ret, deserialized_pk, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + ret, result, + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); } /** @@ -6436,16 +6504,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_68( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_6c( uint8_t *public_key) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a9( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U]; + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_07( + libcrux_ml_kem_ind_cpa_serialize_public_key_6c( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6463,9 +6531,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_1f( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_31( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_68(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_6c(public_key); } /** @@ -6474,8 +6542,8 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_1f( Returns `true` if valid, and `false` otherwise. */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_1f( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) { + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_31( public_key->value); } @@ -6501,14 +6569,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_51( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_42( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, @@ -6519,7 +6587,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6( uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -6528,30 +6596,30 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_420( + libcrux_ml_kem_utils_into_padded_array_15( Eurydice_array_to_slice( (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t), to_hash); Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_00_80(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_9f( + libcrux_ml_kem_hash_functions_portable_PRF_f1_41( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *uu____3 = + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____3 = &key_pair->public_key.ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_24( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_00_8c(ciphertext), + libcrux_ml_kem_types_as_ref_00_80(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -6587,10 +6655,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_65( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_f6(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_51(key_pair, ciphertext, ret); } /** @@ -6604,7 +6672,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_65( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35( private_key, ciphertext, ret); } @@ -6627,11 +6695,11 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, +static inline tuple_c2 libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_42( + libcrux_ml_kem_utils_into_padded_array_24( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, @@ -6641,7 +6709,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e( (size_t)32U, public_key->public_key_hash, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_87( + libcrux_ml_kem_hash_functions_portable_G_f1_e0( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -6649,13 +6717,13 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e( Eurydice_slice_uint8_t_x2); Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *uu____2 = + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____2 = &public_key->ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_24(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6665,12 +6733,12 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_01_8c(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_80(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, (size_t)32U * sizeof(uint8_t)); - tuple_3c lit; + tuple_c2 lit; lit.fst = uu____5; memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t)); return lit; @@ -6697,16 +6765,16 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_37( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, +static inline tuple_c2 +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_8e(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(uu____0, copy_of_randomness); } @@ -6718,15 +6786,15 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_37( [`MlKem768PublicKeyUnpacked`], the SHA3-256 hash of this public key, and [`SHARED_SECRET_SIZE`] bytes of `randomness`. */ -static inline tuple_3c libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, +static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_37( + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd( uu____0, copy_of_randomness); } @@ -6744,9 +6812,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_42(size_t _j) { - return libcrux_ml_kem_polynomial_ZERO_ef_1b(); +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_f8(size_t _j) { + return libcrux_ml_kem_polynomial_ZERO_ef_8c(); } /** @@ -6763,10 +6831,10 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8d( - size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_f8( + size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_1b(); + ret[i] = libcrux_ml_kem_polynomial_ZERO_ef_8c(); } } @@ -6781,10 +6849,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_clone_8d_26( - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; +static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d +libcrux_ml_kem_polynomial_clone_8d_8c( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit; libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)16U, self->coefficients, ret, @@ -6811,7 +6879,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_db( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f8( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -6821,46 +6889,46 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_db( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_e9( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_8d(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_f8(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_clone_8d_26( + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 = + libcrux_ml_kem_polynomial_clone_8d_8c( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } } - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1[3U][3U]; memcpy(uu____1, A, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); memcpy(out->public_key.ind_cpa_public_key.A, uu____1, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_07( + libcrux_ml_kem_ind_cpa_serialize_public_key_6c( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), pk_serialized); uint8_t uu____2[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_slice((size_t)1184U, pk_serialized, uint8_t), uu____2); memcpy(out->public_key.public_key_hash, uu____2, (size_t)32U * sizeof(uint8_t)); uint8_t uu____3[32U]; - Result_00 dst; + Result_fb dst; Eurydice_slice_to_array2(&dst, implicit_rejection_value, Eurydice_slice, uint8_t[32U]); - unwrap_26_33(dst, uu____3); + unwrap_26_b3(dst, uu____3); memcpy(out->private_key.implicit_rejection_value, uu____3, (size_t)32U * sizeof(uint8_t)); } @@ -6881,13 +6949,13 @@ const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_b3( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c6( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_db(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_f8(copy_of_randomness, out); } /** @@ -6900,7 +6968,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_b3( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_c6( copy_of_randomness, key_pair); } @@ -6915,10 +6983,10 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_default_1c_bd(void) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; - lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_d1(); +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_default_1c_1b(void) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; + lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_1b(); lit.public_key_hash[0U] = 0U; lit.public_key_hash[1U] = 0U; lit.public_key_hash[2U] = 0U; @@ -6967,9 +7035,9 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_db(void) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 uu____0; - uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_e9(); + libcrux_ml_kem_ind_cca_unpacked_default_07_1b(void) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; + uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_1b(); uu____0.implicit_rejection_value[0U] = 0U; uu____0.implicit_rejection_value[1U] = 0U; uu____0.implicit_rejection_value[2U] = 0U; @@ -7005,7 +7073,7 @@ static KRML_MUSTINLINE return (CLITERAL( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_bd()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_1b()}); } /** @@ -7013,15 +7081,15 @@ static KRML_MUSTINLINE */ static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_db(); + return libcrux_ml_kem_ind_cca_unpacked_default_07_1b(); } /** Create a new, empty unpacked public key. */ -static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_bd(); + return libcrux_ml_kem_ind_cca_unpacked_default_1c_1b(); } /** @@ -7041,10 +7109,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_3c( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_6c( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_6c( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -7068,10 +7136,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a4( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_6c( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1( + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_6c( &self->public_key, serialized); } @@ -7081,8 +7149,8 @@ libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a4( static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_a4(key_pair, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_6c(key_pair, serialized); } @@ -7097,28 +7165,28 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_clone_ef_59( - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *self) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; +static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cpa_unpacked_clone_ef_1b( + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)3U, self->t_as_ntt, uu____0, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0, void *); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d, void *); uint8_t uu____1[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->seed_for_A, uu____1, uint8_t, void *); - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 lit; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit; memcpy( lit.t_as_ntt, uu____0, - (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); + (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d)); memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U][3U]; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U][3U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)3U, self->A, ret, - libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U], void *); + libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U], void *); memcpy(lit.A, ret, (size_t)3U * - sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); + sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U])); return lit; } @@ -7133,12 +7201,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_clone_28_d3( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_clone_28_1b( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_59(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_1b(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -7160,8 +7228,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_3d( +static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * +libcrux_ml_kem_ind_cca_unpacked_public_key_de_1b( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -7171,10 +7239,10 @@ libcrux_ml_kem_ind_cca_unpacked_public_key_de_3d( */ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *pk) { - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_d3( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_3d(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = + libcrux_ml_kem_ind_cca_unpacked_clone_28_1b( + libcrux_ml_kem_ind_cca_unpacked_public_key_de_1b(key_pair)); pk[0U] = uu____0; } @@ -7183,9 +7251,9 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( */ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, - libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_a1(public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, + libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) { + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_6c(public_key, serialized); } @@ -7202,33 +7270,33 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_f9( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e5( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; - libcrux_ml_kem_utils_into_padded_array_423( + libcrux_ml_kem_utils_into_padded_array_9e( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), uu____1); memcpy(unpacked_public_key->ind_cpa_public_key.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t)); - libcrux_ml_kem_polynomial_PolynomialRingElement_f0(*uu____2)[3U] = + libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____2)[3U] = unpacked_public_key->ind_cpa_public_key.A; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_421( + libcrux_ml_kem_utils_into_padded_array_b6( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), ret); - libcrux_ml_kem_matrix_sample_matrix_A_0d(uu____2, ret, false); + libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____2, ret, false); uint8_t uu____3[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_d5( + libcrux_ml_kem_hash_functions_portable_H_f1_e0( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_fd_02(public_key), + libcrux_ml_kem_types_as_slice_fd_d0(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -7248,11 +7316,11 @@ const generics - PUBLIC_KEY_SIZE= 1184 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_5b( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_a5( + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_f9(public_key, unpacked_public_key); } @@ -7261,10 +7329,10 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_5b( */ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( - libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 + libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_5b( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_a5( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h index e305985cd..1eb1f6f44 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_mlkem768_portable_types_H @@ -29,9 +29,9 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement with types libcrux_ml_kem_vector_portable_vector_type_PortableVector */ -typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f0_s { +typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_1d_s { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients[16U]; -} libcrux_ml_kem_polynomial_PolynomialRingElement_f0; +} libcrux_ml_kem_polynomial_PolynomialRingElement_1d; /** A monomorphic instance of @@ -39,11 +39,11 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[3U]; uint8_t seed_for_A[32U]; - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; -} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8; + libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0; /** A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.MlKemPublicKeyUnpacked @@ -51,12 +51,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8_s { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 ind_cpa_public_key; +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 ind_cpa_public_key; uint8_t public_key_hash[32U]; -} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0; -typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768PublicKeyUnpacked; /** @@ -65,9 +65,9 @@ libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8_s { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; -} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8; +typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0_s { + libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U]; +} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0; /** A monomorphic instance of @@ -75,16 +75,16 @@ libcrux_ml_kem.ind_cca.unpacked.MlKemPrivateKeyUnpacked with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - $3size_t */ -typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8_s { - libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 +typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0_s { + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 ind_cpa_private_key; uint8_t implicit_rejection_value[32U]; -} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8; +} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0; typedef struct libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked_s { - libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 private_key; - libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 public_key; + libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 private_key; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 public_key; } libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked; #if defined(__cplusplus) diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index 6cdf64314..95b25f755 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_avx2_H @@ -59,7 +59,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_21(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_76(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)1, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)63, x, __m256i)); @@ -70,7 +70,7 @@ static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vrax1q_u64(__m256i a, __m256i b) { __m256i uu____0 = a; return libcrux_intrinsics_avx2_mm256_xor_si256( - uu____0, libcrux_sha3_simd_avx2_rotate_left_21(b)); + uu____0, libcrux_sha3_simd_avx2_rotate_left_76(b)); } /** @@ -203,9 +203,9 @@ with types core_core_arch_x86___m256i with const generics - $4size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakState_29_s { +typedef struct libcrux_sha3_generic_keccak_KeccakState_55_s { __m256i st[5U][5U]; -} libcrux_sha3_generic_keccak_KeccakState_29; +} libcrux_sha3_generic_keccak_KeccakState_55; /** Create a new Shake128 x4 state. @@ -221,9 +221,9 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_29 -libcrux_sha3_generic_keccak_new_89_71(void) { - libcrux_sha3_generic_keccak_KeccakState_29 lit; +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_55 +libcrux_sha3_generic_keccak_new_89_a6(void) { + libcrux_sha3_generic_keccak_KeccakState_55 lit; lit.st[0U][0U] = libcrux_sha3_simd_avx2_zero_ef(); lit.st[0U][1U] = libcrux_sha3_simd_avx2_zero_ef(); lit.st[0U][2U] = libcrux_sha3_simd_avx2_zero_ef(); @@ -258,7 +258,7 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_fe( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_5b( __m256i (*s)[5U], Eurydice_slice blocks[4U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)32U; i++) { size_t i0 = i; @@ -388,13 +388,13 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_ef_d4( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_ef_5b( __m256i (*a)[5U], Eurydice_slice b[4U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[4U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_simd_avx2_load_block_fe(uu____0, copy_of_b); + libcrux_sha3_simd_avx2_load_block_5b(uu____0, copy_of_b); } /** @@ -405,7 +405,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_210(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_02(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)36, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)28, x, __m256i)); @@ -418,10 +418,10 @@ with const generics - RIGHT= 28 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_13(__m256i a, +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_02(__m256i a, __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_210(ab); + return libcrux_sha3_simd_avx2_rotate_left_02(ab); } /** @@ -436,8 +436,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_13(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_02(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_02(a, b); } /** @@ -448,7 +448,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_211(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_ac(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)3, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)61, x, __m256i)); @@ -461,10 +461,10 @@ with const generics - RIGHT= 61 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_130(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_ac(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_211(ab); + return libcrux_sha3_simd_avx2_rotate_left_ac(ab); } /** @@ -479,8 +479,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c0(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_130(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_ac(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_ac(a, b); } /** @@ -491,7 +491,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_212(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_020(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)41, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)23, x, __m256i)); @@ -505,9 +505,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_131(__m256i a, __m256i b) { +libcrux_sha3_simd_avx2__vxarq_u64_020(__m256i a, __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_212(ab); + return libcrux_sha3_simd_avx2_rotate_left_020(ab); } /** @@ -522,8 +522,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c1(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_131(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_020(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_020(a, b); } /** @@ -534,7 +534,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_213(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_a9(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)18, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)46, x, __m256i)); @@ -547,10 +547,10 @@ with const generics - RIGHT= 46 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_132(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_a9(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_213(ab); + return libcrux_sha3_simd_avx2_rotate_left_a9(ab); } /** @@ -565,8 +565,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c2(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_132(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_a9(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_a9(a, b); } /** @@ -576,10 +576,10 @@ with const generics - RIGHT= 63 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_133(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_76(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_21(ab); + return libcrux_sha3_simd_avx2_rotate_left_76(ab); } /** @@ -594,8 +594,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c3(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_133(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_76(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_76(a, b); } /** @@ -606,7 +606,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_214(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_58(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)44, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)20, x, __m256i)); @@ -619,10 +619,10 @@ with const generics - RIGHT= 20 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_134(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_58(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_214(ab); + return libcrux_sha3_simd_avx2_rotate_left_58(ab); } /** @@ -637,8 +637,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c4(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_134(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_58(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_58(a, b); } /** @@ -649,7 +649,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_215(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_e0(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)10, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)54, x, __m256i)); @@ -662,10 +662,10 @@ with const generics - RIGHT= 54 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_135(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_e0(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_215(ab); + return libcrux_sha3_simd_avx2_rotate_left_e0(ab); } /** @@ -680,8 +680,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c5(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_135(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_e0(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_e0(a, b); } /** @@ -692,7 +692,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_216(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_63(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)45, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)19, x, __m256i)); @@ -705,10 +705,10 @@ with const generics - RIGHT= 19 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_136(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_63(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_216(ab); + return libcrux_sha3_simd_avx2_rotate_left_63(ab); } /** @@ -723,8 +723,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c6(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_136(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_63(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_63(a, b); } /** @@ -735,7 +735,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_217(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_6a(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)2, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)62, x, __m256i)); @@ -748,10 +748,10 @@ with const generics - RIGHT= 62 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_137(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_6a(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_217(ab); + return libcrux_sha3_simd_avx2_rotate_left_6a(ab); } /** @@ -766,8 +766,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c7(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_137(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_6a(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_6a(a, b); } /** @@ -778,7 +778,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_218(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_ab(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)62, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)2, x, __m256i)); @@ -791,10 +791,10 @@ with const generics - RIGHT= 2 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_138(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_ab(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_218(ab); + return libcrux_sha3_simd_avx2_rotate_left_ab(ab); } /** @@ -809,8 +809,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c8(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_138(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_ab(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_ab(a, b); } /** @@ -821,7 +821,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_219(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_5b(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)6, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)58, x, __m256i)); @@ -834,10 +834,10 @@ with const generics - RIGHT= 58 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_139(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_5b(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_219(ab); + return libcrux_sha3_simd_avx2_rotate_left_5b(ab); } /** @@ -852,8 +852,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c9(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_139(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_5b(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_5b(a, b); } /** @@ -864,7 +864,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2110(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_6f(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)43, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)21, x, __m256i)); @@ -877,10 +877,10 @@ with const generics - RIGHT= 21 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1310(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_6f(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2110(ab); + return libcrux_sha3_simd_avx2_rotate_left_6f(ab); } /** @@ -895,8 +895,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c10(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1310(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_6f(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_6f(a, b); } /** @@ -907,7 +907,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2111(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_62(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)15, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)49, x, __m256i)); @@ -920,10 +920,10 @@ with const generics - RIGHT= 49 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1311(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_62(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2111(ab); + return libcrux_sha3_simd_avx2_rotate_left_62(ab); } /** @@ -938,8 +938,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c11(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1311(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_62(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_62(a, b); } /** @@ -950,7 +950,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2112(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_23(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)61, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)3, x, __m256i)); @@ -963,10 +963,10 @@ with const generics - RIGHT= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1312(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_23(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2112(ab); + return libcrux_sha3_simd_avx2_rotate_left_23(ab); } /** @@ -981,8 +981,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c12(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1312(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_23(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_23(a, b); } /** @@ -993,7 +993,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2113(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_37(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)28, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)36, x, __m256i)); @@ -1006,10 +1006,10 @@ with const generics - RIGHT= 36 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1313(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_37(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2113(ab); + return libcrux_sha3_simd_avx2_rotate_left_37(ab); } /** @@ -1024,8 +1024,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c13(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1313(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_37(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_37(a, b); } /** @@ -1036,7 +1036,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2114(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_bb(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)55, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)9, x, __m256i)); @@ -1049,10 +1049,10 @@ with const generics - RIGHT= 9 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1314(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_bb(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2114(ab); + return libcrux_sha3_simd_avx2_rotate_left_bb(ab); } /** @@ -1067,8 +1067,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c14(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1314(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_bb(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_bb(a, b); } /** @@ -1079,7 +1079,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2115(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_b9(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)25, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)39, x, __m256i)); @@ -1092,10 +1092,10 @@ with const generics - RIGHT= 39 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1315(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_b9(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2115(ab); + return libcrux_sha3_simd_avx2_rotate_left_b9(ab); } /** @@ -1110,8 +1110,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c15(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1315(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_b9(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_b9(a, b); } /** @@ -1122,7 +1122,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2116(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_54(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)21, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)43, x, __m256i)); @@ -1135,10 +1135,10 @@ with const generics - RIGHT= 43 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1316(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_54(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2116(ab); + return libcrux_sha3_simd_avx2_rotate_left_54(ab); } /** @@ -1153,8 +1153,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c16(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1316(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_54(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_54(a, b); } /** @@ -1165,7 +1165,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2117(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_4c(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)56, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)8, x, __m256i)); @@ -1178,10 +1178,10 @@ with const generics - RIGHT= 8 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1317(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_4c(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2117(ab); + return libcrux_sha3_simd_avx2_rotate_left_4c(ab); } /** @@ -1196,8 +1196,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c17(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1317(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_4c(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_4c(a, b); } /** @@ -1208,7 +1208,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2118(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_ce(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)27, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)37, x, __m256i)); @@ -1221,10 +1221,10 @@ with const generics - RIGHT= 37 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1318(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_ce(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2118(ab); + return libcrux_sha3_simd_avx2_rotate_left_ce(ab); } /** @@ -1239,8 +1239,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c18(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1318(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_ce(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_ce(a, b); } /** @@ -1251,7 +1251,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2119(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_77(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)20, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)44, x, __m256i)); @@ -1264,10 +1264,10 @@ with const generics - RIGHT= 44 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1319(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_77(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2119(ab); + return libcrux_sha3_simd_avx2_rotate_left_77(ab); } /** @@ -1282,8 +1282,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c19(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1319(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_77(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_77(a, b); } /** @@ -1294,7 +1294,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2120(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_25(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)39, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)25, x, __m256i)); @@ -1307,10 +1307,10 @@ with const generics - RIGHT= 25 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1320(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_25(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2120(ab); + return libcrux_sha3_simd_avx2_rotate_left_25(ab); } /** @@ -1325,8 +1325,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c20(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1320(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_25(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_25(a, b); } /** @@ -1337,7 +1337,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2121(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_af(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)8, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)56, x, __m256i)); @@ -1350,10 +1350,10 @@ with const generics - RIGHT= 56 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1321(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_af(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2121(ab); + return libcrux_sha3_simd_avx2_rotate_left_af(ab); } /** @@ -1368,8 +1368,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c21(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1321(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_af(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_af(a, b); } /** @@ -1380,7 +1380,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_rotate_left_2122(__m256i x) { +libcrux_sha3_simd_avx2_rotate_left_fd(__m256i x) { return libcrux_intrinsics_avx2_mm256_xor_si256( libcrux_intrinsics_avx2_mm256_slli_epi64((int32_t)14, x, __m256i), libcrux_intrinsics_avx2_mm256_srli_epi64((int32_t)50, x, __m256i)); @@ -1393,10 +1393,10 @@ with const generics - RIGHT= 50 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2__vxarq_u64_1322(__m256i a, __m256i b) { +static KRML_MUSTINLINE __m256i libcrux_sha3_simd_avx2__vxarq_u64_fd(__m256i a, + __m256i b) { __m256i ab = libcrux_intrinsics_avx2_mm256_xor_si256(a, b); - return libcrux_sha3_simd_avx2_rotate_left_2122(ab); + return libcrux_sha3_simd_avx2_rotate_left_fd(ab); } /** @@ -1411,8 +1411,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c22(__m256i a, __m256i b) { - return libcrux_sha3_simd_avx2__vxarq_u64_1322(a, b); +libcrux_sha3_simd_avx2_xor_and_rotate_ef_fd(__m256i a, __m256i b) { + return libcrux_sha3_simd_avx2__vxarq_u64_fd(a, b); } /** @@ -1422,8 +1422,8 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_1b( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i c[5U] = {libcrux_sha3_simd_avx2_xor5_ef(s->st[0U][0U], s->st[1U][0U], s->st[2U][0U], s->st[3U][0U], s->st[4U][0U]), @@ -1457,53 +1457,53 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_1b( c[((size_t)4U + (size_t)1U) % (size_t)5U])}; s->st[0U][0U] = libcrux_sha3_simd_avx2_xor_ef(s->st[0U][0U], t[0U]); s->st[1U][0U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c(s->st[1U][0U], t[0U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_02(s->st[1U][0U], t[0U]); s->st[2U][0U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c0(s->st[2U][0U], t[0U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_ac(s->st[2U][0U], t[0U]); s->st[3U][0U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c1(s->st[3U][0U], t[0U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_020(s->st[3U][0U], t[0U]); s->st[4U][0U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c2(s->st[4U][0U], t[0U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_a9(s->st[4U][0U], t[0U]); s->st[0U][1U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c3(s->st[0U][1U], t[1U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_76(s->st[0U][1U], t[1U]); s->st[1U][1U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c4(s->st[1U][1U], t[1U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_58(s->st[1U][1U], t[1U]); s->st[2U][1U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c5(s->st[2U][1U], t[1U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_e0(s->st[2U][1U], t[1U]); s->st[3U][1U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c6(s->st[3U][1U], t[1U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_63(s->st[3U][1U], t[1U]); s->st[4U][1U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c7(s->st[4U][1U], t[1U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_6a(s->st[4U][1U], t[1U]); s->st[0U][2U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c8(s->st[0U][2U], t[2U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_ab(s->st[0U][2U], t[2U]); s->st[1U][2U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c9(s->st[1U][2U], t[2U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_5b(s->st[1U][2U], t[2U]); s->st[2U][2U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c10(s->st[2U][2U], t[2U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_6f(s->st[2U][2U], t[2U]); s->st[3U][2U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c11(s->st[3U][2U], t[2U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_62(s->st[3U][2U], t[2U]); s->st[4U][2U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c12(s->st[4U][2U], t[2U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_23(s->st[4U][2U], t[2U]); s->st[0U][3U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c13(s->st[0U][3U], t[3U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_37(s->st[0U][3U], t[3U]); s->st[1U][3U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c14(s->st[1U][3U], t[3U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_bb(s->st[1U][3U], t[3U]); s->st[2U][3U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c15(s->st[2U][3U], t[3U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_b9(s->st[2U][3U], t[3U]); s->st[3U][3U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c16(s->st[3U][3U], t[3U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_54(s->st[3U][3U], t[3U]); s->st[4U][3U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c17(s->st[4U][3U], t[3U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_4c(s->st[4U][3U], t[3U]); s->st[0U][4U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c18(s->st[0U][4U], t[4U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_ce(s->st[0U][4U], t[4U]); s->st[1U][4U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c19(s->st[1U][4U], t[4U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_77(s->st[1U][4U], t[4U]); s->st[2U][4U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c20(s->st[2U][4U], t[4U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_25(s->st[2U][4U], t[4U]); s->st[3U][4U] = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c21(s->st[3U][4U], t[4U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_af(s->st[3U][4U], t[4U]); __m256i uu____27 = - libcrux_sha3_simd_avx2_xor_and_rotate_ef_5c22(s->st[4U][4U], t[4U]); + libcrux_sha3_simd_avx2_xor_and_rotate_ef_fd(s->st[4U][4U], t[4U]); s->st[4U][4U] = uu____27; } @@ -1514,8 +1514,8 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_70( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(__m256i[5U])); s->st[0U][1U] = old[1U][1U]; @@ -1551,8 +1551,8 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_12( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { __m256i old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(__m256i[5U])); for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) { @@ -1573,8 +1573,8 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_fe( - libcrux_sha3_generic_keccak_KeccakState_29 *s, size_t i) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s, size_t i) { s->st[0U][0U] = libcrux_sha3_simd_avx2_xor_constant_ef( s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]); } @@ -1586,14 +1586,14 @@ with const generics - N= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_cd( - libcrux_sha3_generic_keccak_KeccakState_29 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_a6( + libcrux_sha3_generic_keccak_KeccakState_55 *s) { for (size_t i = (size_t)0U; i < (size_t)24U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_theta_rho_1b(s); - libcrux_sha3_generic_keccak_pi_70(s); - libcrux_sha3_generic_keccak_chi_12(s); - libcrux_sha3_generic_keccak_iota_fe(s, i0); + libcrux_sha3_generic_keccak_theta_rho_a6(s); + libcrux_sha3_generic_keccak_pi_a6(s); + libcrux_sha3_generic_keccak_chi_a6(s); + libcrux_sha3_generic_keccak_iota_a6(s, i0); } } @@ -1605,13 +1605,13 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_32( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice blocks[4U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice blocks[4U]) { __m256i(*uu____0)[5U] = s->st; Eurydice_slice uu____1[4U]; memcpy(uu____1, blocks, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_simd_avx2_load_block_ef_d4(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_cd(s); + libcrux_sha3_simd_avx2_load_block_ef_5b(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_a6(s); } /** @@ -1620,14 +1620,14 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_1d( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_5b( __m256i (*s)[5U], uint8_t blocks[4U][200U]) { Eurydice_slice buf[4U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[1U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[2U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[3U], uint8_t)}; - libcrux_sha3_simd_avx2_load_block_fe(s, buf); + libcrux_sha3_simd_avx2_load_block_5b(s, buf); } /** @@ -1640,13 +1640,13 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_ef_e6( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_ef_5b( __m256i (*a)[5U], uint8_t b[4U][200U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[4U][200U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(uint8_t[200U])); - libcrux_sha3_simd_avx2_load_block_full_1d(uu____0, copy_of_b); + libcrux_sha3_simd_avx2_load_block_full_5b(uu____0, copy_of_b); } /** @@ -1658,8 +1658,8 @@ with const generics - DELIM= 31 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice last[4U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_fb( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice last[4U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[4U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)4U; i++) { @@ -1677,8 +1677,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f( __m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); - libcrux_sha3_simd_avx2_load_block_full_ef_e6(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_cd(s); + libcrux_sha3_simd_avx2_load_block_full_ef_5b(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_a6(s); } /** @@ -1687,7 +1687,7 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_78( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_5b( __m256i (*s)[5U], Eurydice_slice out[4U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)32U; i++) { size_t i0 = i; @@ -1810,7 +1810,7 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_full_61( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_full_5b( __m256i (*s)[5U], uint8_t ret[4U][200U]) { uint8_t out0[200U] = {0U}; uint8_t out1[200U] = {0U}; @@ -1821,7 +1821,7 @@ static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_full_61( Eurydice_array_to_slice((size_t)200U, out1, uint8_t), Eurydice_array_to_slice((size_t)200U, out2, uint8_t), Eurydice_array_to_slice((size_t)200U, out3, uint8_t)}; - libcrux_sha3_simd_avx2_store_block_78(s, buf); + libcrux_sha3_simd_avx2_store_block_5b(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out0[200U]; memcpy(copy_of_out0, out0, (size_t)200U * sizeof(uint8_t)); @@ -1849,9 +1849,9 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_full_ef_d1( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_full_ef_5b( __m256i (*a)[5U], uint8_t ret[4U][200U]) { - libcrux_sha3_simd_avx2_store_block_full_61(a, ret); + libcrux_sha3_simd_avx2_store_block_full_5b(a, ret); } /** @@ -1863,21 +1863,21 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_a8( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { uint8_t b[4U][200U]; - libcrux_sha3_simd_avx2_store_block_full_ef_d1(s->st, b); + libcrux_sha3_simd_avx2_store_block_full_ef_5b(s->st, b); for (size_t i = (size_t)0U; i < (size_t)4U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1892,9 +1892,9 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_ef_e3( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_ef_5b( __m256i (*a)[5U], Eurydice_slice b[4U]) { - libcrux_sha3_simd_avx2_store_block_78(a, b); + libcrux_sha3_simd_avx2_store_block_5b(a, b); } /** @@ -1905,9 +1905,9 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_ca( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - libcrux_sha3_simd_avx2_store_block_ef_e3(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + libcrux_sha3_simd_avx2_store_block_ef_5b(s->st, out); } /** @@ -1918,10 +1918,10 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_66( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - libcrux_sha3_generic_keccak_keccakf1600_cd(s); - libcrux_sha3_simd_avx2_store_block_ef_e3(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + libcrux_sha3_generic_keccak_keccakf1600_a6(s); + libcrux_sha3_simd_avx2_store_block_ef_5b(s->st, out); } /** @@ -1932,22 +1932,22 @@ with const generics - RATE= 136 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_fe( - libcrux_sha3_generic_keccak_KeccakState_29 s, Eurydice_slice out[4U]) { - libcrux_sha3_generic_keccak_keccakf1600_cd(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_97( + libcrux_sha3_generic_keccak_KeccakState_55 s, Eurydice_slice out[4U]) { + libcrux_sha3_generic_keccak_keccakf1600_a6(&s); uint8_t b[4U][200U]; - libcrux_sha3_simd_avx2_store_block_full_ef_d1(s.st, b); + libcrux_sha3_simd_avx2_store_block_full_ef_5b(s.st, b); for (size_t i = (size_t)0U; i < (size_t)4U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1961,36 +1961,36 @@ with const generics - DELIM= 31 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_b9( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_fb( Eurydice_slice data[4U], Eurydice_slice out[4U]) { - libcrux_sha3_generic_keccak_KeccakState_29 s = - libcrux_sha3_generic_keccak_new_89_71(); + libcrux_sha3_generic_keccak_KeccakState_55 s = + libcrux_sha3_generic_keccak_new_89_a6(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_29 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_55 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[4U]; memcpy(copy_of_data, data, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice ret[4U]; libcrux_sha3_simd_avx2_slice_n_ef(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_32(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_97(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_29 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_55 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[4U]; memcpy(copy_of_data, data, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice ret[4U]; libcrux_sha3_simd_avx2_slice_n_ef( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_7f(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_fb(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_a8(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_97(&s, out); } else { Eurydice_slice_uint8_t_4size_t__x2 uu____4 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(out, (size_t)136U); @@ -1998,15 +1998,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_b9( memcpy(o0, uu____4.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o1[4U]; memcpy(o1, uu____4.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_ca(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_97(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -2016,12 +2016,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_b9( memcpy(o, uu____5.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice orest[4U]; memcpy(orest, uu____5.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_66(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_97(&s, o); memcpy(o1, orest, (size_t)4U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_fe(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_97(s, o1); } } } @@ -2036,19 +2036,19 @@ static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_shake256( Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf0[4U] = {input0, input1, input2, input3}; Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_keccak_b9(buf0, buf); + libcrux_sha3_generic_keccak_keccak_fb(buf0, buf); } -typedef libcrux_sha3_generic_keccak_KeccakState_29 +typedef libcrux_sha3_generic_keccak_KeccakState_55 libcrux_sha3_avx2_x4_incremental_KeccakState; /** Initialise the [`KeccakState`]. */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_29 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_55 libcrux_sha3_avx2_x4_incremental_init(void) { - return libcrux_sha3_generic_keccak_new_89_71(); + return libcrux_sha3_generic_keccak_new_89_a6(); } /** @@ -2057,7 +2057,7 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_fe0( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_3a( __m256i (*s)[5U], Eurydice_slice blocks[4U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)32U; i++) { size_t i0 = i; @@ -2183,14 +2183,14 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_1d0( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_3a( __m256i (*s)[5U], uint8_t blocks[4U][200U]) { Eurydice_slice buf[4U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[1U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[2U], uint8_t), Eurydice_array_to_slice((size_t)200U, blocks[3U], uint8_t)}; - libcrux_sha3_simd_avx2_load_block_fe0(s, buf); + libcrux_sha3_simd_avx2_load_block_3a(s, buf); } /** @@ -2203,13 +2203,13 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_ef_e60( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_load_block_full_ef_3a( __m256i (*a)[5U], uint8_t b[4U][200U]) { __m256i(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[4U][200U]; memcpy(copy_of_b, b, (size_t)4U * sizeof(uint8_t[200U])); - libcrux_sha3_simd_avx2_load_block_full_1d0(uu____0, copy_of_b); + libcrux_sha3_simd_avx2_load_block_full_3a(uu____0, copy_of_b); } /** @@ -2221,8 +2221,8 @@ with const generics - DELIM= 31 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f0( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice last[4U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_fb0( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice last[4U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[4U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)4U; i++) { @@ -2240,8 +2240,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f0( __m256i(*uu____3)[5U] = s->st; uint8_t uu____4[4U][200U]; memcpy(uu____4, blocks, (size_t)4U * sizeof(uint8_t[200U])); - libcrux_sha3_simd_avx2_load_block_full_ef_e60(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_cd(s); + libcrux_sha3_simd_avx2_load_block_full_ef_3a(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_a6(s); } /** @@ -2250,10 +2250,10 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_7f0( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3) { Eurydice_slice buf[4U] = {data0, data1, data2, data3}; - libcrux_sha3_generic_keccak_absorb_final_7f0(s, buf); + libcrux_sha3_generic_keccak_absorb_final_fb0(s, buf); } /** @@ -2262,7 +2262,7 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_780( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_3a( __m256i (*s)[5U], Eurydice_slice out[4U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)32U; i++) { size_t i0 = i; @@ -2389,9 +2389,9 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_ef_e30( +static KRML_MUSTINLINE void libcrux_sha3_simd_avx2_store_block_ef_3a( __m256i (*a)[5U], Eurydice_slice b[4U]) { - libcrux_sha3_simd_avx2_store_block_780(a, b); + libcrux_sha3_simd_avx2_store_block_3a(a, b); } /** @@ -2402,9 +2402,9 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_ca0( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - libcrux_sha3_simd_avx2_store_block_ef_e30(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_970( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + libcrux_sha3_simd_avx2_store_block_ef_3a(s->st, out); } /** @@ -2415,10 +2415,10 @@ with const generics - RATE= 168 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_660( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { - libcrux_sha3_generic_keccak_keccakf1600_cd(s); - libcrux_sha3_simd_avx2_store_block_ef_e30(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_970( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { + libcrux_sha3_generic_keccak_keccakf1600_a6(s); + libcrux_sha3_simd_avx2_store_block_ef_3a(s->st, out); } /** @@ -2430,23 +2430,23 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +libcrux_sha3_generic_keccak_squeeze_first_three_blocks_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { Eurydice_slice_uint8_t_4size_t__x2 uu____0 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(out, (size_t)168U); Eurydice_slice o0[4U]; memcpy(o0, uu____0.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o10[4U]; memcpy(o10, uu____0.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_ca0(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_970(s, o0); Eurydice_slice_uint8_t_4size_t__x2 uu____1 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(o10, (size_t)168U); Eurydice_slice o1[4U]; memcpy(o1, uu____1.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o2[4U]; memcpy(o2, uu____1.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o1); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o2); } /** @@ -2455,10 +2455,10 @@ libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_ed(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_three_blocks_97(s, buf); } /** @@ -2467,10 +2467,10 @@ libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_three_blocks( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, buf); } /** @@ -2482,37 +2482,37 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_five_blocks_0b( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out[4U]) { +libcrux_sha3_generic_keccak_squeeze_first_five_blocks_97( + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out[4U]) { Eurydice_slice_uint8_t_4size_t__x2 uu____0 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(out, (size_t)168U); Eurydice_slice o0[4U]; memcpy(o0, uu____0.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o10[4U]; memcpy(o10, uu____0.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_ca0(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_970(s, o0); Eurydice_slice_uint8_t_4size_t__x2 uu____1 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(o10, (size_t)168U); Eurydice_slice o1[4U]; memcpy(o1, uu____1.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o20[4U]; memcpy(o20, uu____1.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o1); Eurydice_slice_uint8_t_4size_t__x2 uu____2 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(o20, (size_t)168U); Eurydice_slice o2[4U]; memcpy(o2, uu____2.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o30[4U]; memcpy(o30, uu____2.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o2); Eurydice_slice_uint8_t_4size_t__x2 uu____3 = libcrux_sha3_simd_avx2_split_at_mut_n_ef(o30, (size_t)168U); Eurydice_slice o3[4U]; memcpy(o3, uu____3.fst, (size_t)4U * sizeof(Eurydice_slice)); Eurydice_slice o4[4U]; memcpy(o4, uu____3.snd, (size_t)4U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o3); - libcrux_sha3_generic_keccak_squeeze_next_block_660(s, o4); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o3); + libcrux_sha3_generic_keccak_squeeze_next_block_970(s, o4); } /** @@ -2521,10 +2521,10 @@ libcrux_sha3_generic_keccak_squeeze_first_five_blocks_0b( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_first_five_blocks_0b(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_five_blocks_97(s, buf); } /** @@ -2533,10 +2533,10 @@ libcrux_sha3_avx2_x4_incremental_shake128_squeeze_first_five_blocks( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice data0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice data0, Eurydice_slice data1, Eurydice_slice data2, Eurydice_slice data3) { Eurydice_slice buf[4U] = {data0, data1, data2, data3}; - libcrux_sha3_generic_keccak_absorb_final_7f(s, buf); + libcrux_sha3_generic_keccak_absorb_final_fb(s, buf); } /** @@ -2545,10 +2545,10 @@ libcrux_sha3_avx2_x4_incremental_shake256_absorb_final( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_first_block_ca(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_block_97(s, buf); } /** @@ -2557,10 +2557,10 @@ libcrux_sha3_avx2_x4_incremental_shake256_squeeze_first_block( KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void libcrux_sha3_avx2_x4_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_29 *s, Eurydice_slice out0, + libcrux_sha3_generic_keccak_KeccakState_55 *s, Eurydice_slice out0, Eurydice_slice out1, Eurydice_slice out2, Eurydice_slice out3) { Eurydice_slice buf[4U] = {out0, out1, out2, out3}; - libcrux_sha3_generic_keccak_squeeze_next_block_66(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_97(s, buf); } #if defined(__cplusplus) diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index cfdd6e5d5..5b31b9051 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -4,11 +4,11 @@ * SPDX-License-Identifier: MIT or Apache-2.0 * * This code was generated with the following revisions: - * Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 - * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac - * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 - * F*: 3063d19312f8ec3af5945f24ed3ebbb6b6cd9678 - * Libcrux: a089e8609d2bf2df5c165076a79e3fd30dbf87cf + * Charon: 2b71c3c42337fe17ceca860bedaafb3443e6c5e8 + * Eurydice: dcfae68c874635956f71d4c05928841b29ad0a8b + * Karamel: 87384b244a98a0c41a2e14c65b872d885af7c8df + * F*: 8b6fce63ca91b16386d8f76e82ea87a3c109a208 + * Libcrux: 4b0d78759e0adf160bab80862883bd5ba7338977 */ #ifndef __libcrux_sha3_portable_H @@ -79,14 +79,14 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d6(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_76(uint64_t x) { return x << (uint32_t)(int32_t)1 | x >> (uint32_t)(int32_t)63; } static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak__vrax1q_u64(uint64_t a, uint64_t b) { uint64_t uu____0 = a; - return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_d6(b); + return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_76(b); } /** @@ -183,9 +183,9 @@ with types uint64_t with const generics - $1size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakState_48_s { +typedef struct libcrux_sha3_generic_keccak_KeccakState_17_s { uint64_t st[5U][5U]; -} libcrux_sha3_generic_keccak_KeccakState_48; +} libcrux_sha3_generic_keccak_KeccakState_17; /** Create a new Shake128 x4 state. @@ -200,9 +200,9 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 -libcrux_sha3_generic_keccak_new_89_cf(void) { - libcrux_sha3_generic_keccak_KeccakState_48 lit; +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 +libcrux_sha3_generic_keccak_new_89_04(void) { + libcrux_sha3_generic_keccak_KeccakState_17 lit; lit.st[0U][0U] = libcrux_sha3_portable_keccak_zero_5a(); lit.st[0U][1U] = libcrux_sha3_portable_keccak_zero_5a(); lit.st[0U][2U] = libcrux_sha3_portable_keccak_zero_5a(); @@ -236,18 +236,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_65( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_f8( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, uu____0); + unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -264,13 +264,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_35( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_f8( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_65(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_f8(uu____0, copy_of_b); } /** @@ -280,7 +280,7 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d60(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_02(uint64_t x) { return x << (uint32_t)(int32_t)36 | x >> (uint32_t)(int32_t)28; } @@ -291,9 +291,9 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_74(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_02(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d60(ab); + return libcrux_sha3_portable_keccak_rotate_left_02(ab); } /** @@ -307,8 +307,8 @@ with const generics - RIGHT= 28 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_03(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_74(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_02(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_02(a, b); } /** @@ -318,7 +318,7 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d61(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ac(uint64_t x) { return x << (uint32_t)(int32_t)3 | x >> (uint32_t)(int32_t)61; } @@ -329,9 +329,9 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_740(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ac(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d61(ab); + return libcrux_sha3_portable_keccak_rotate_left_ac(ab); } /** @@ -345,8 +345,8 @@ with const generics - RIGHT= 61 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_030(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_740(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ac(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ac(a, b); } /** @@ -356,7 +356,7 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d62(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_020(uint64_t x) { return x << (uint32_t)(int32_t)41 | x >> (uint32_t)(int32_t)23; } @@ -367,9 +367,9 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_741(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_020(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d62(ab); + return libcrux_sha3_portable_keccak_rotate_left_020(ab); } /** @@ -383,8 +383,8 @@ with const generics - RIGHT= 23 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_031(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_741(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_020(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_020(a, b); } /** @@ -394,7 +394,7 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d63(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_a9(uint64_t x) { return x << (uint32_t)(int32_t)18 | x >> (uint32_t)(int32_t)46; } @@ -405,9 +405,9 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_742(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_a9(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d63(ab); + return libcrux_sha3_portable_keccak_rotate_left_a9(ab); } /** @@ -421,8 +421,8 @@ with const generics - RIGHT= 46 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_032(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_742(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_a9(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_a9(a, b); } /** @@ -432,9 +432,9 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_743(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_76(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d6(ab); + return libcrux_sha3_portable_keccak_rotate_left_76(ab); } /** @@ -448,8 +448,8 @@ with const generics - RIGHT= 63 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_033(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_743(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_76(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_76(a, b); } /** @@ -459,7 +459,7 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d64(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_58(uint64_t x) { return x << (uint32_t)(int32_t)44 | x >> (uint32_t)(int32_t)20; } @@ -470,9 +470,9 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_744(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_58(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d64(ab); + return libcrux_sha3_portable_keccak_rotate_left_58(ab); } /** @@ -486,8 +486,8 @@ with const generics - RIGHT= 20 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_034(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_744(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_58(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_58(a, b); } /** @@ -497,7 +497,7 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d65(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_e0(uint64_t x) { return x << (uint32_t)(int32_t)10 | x >> (uint32_t)(int32_t)54; } @@ -508,9 +508,9 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_745(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_e0(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d65(ab); + return libcrux_sha3_portable_keccak_rotate_left_e0(ab); } /** @@ -524,8 +524,8 @@ with const generics - RIGHT= 54 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_035(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_745(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_e0(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_e0(a, b); } /** @@ -535,7 +535,7 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d66(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_63(uint64_t x) { return x << (uint32_t)(int32_t)45 | x >> (uint32_t)(int32_t)19; } @@ -546,9 +546,9 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_746(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_63(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d66(ab); + return libcrux_sha3_portable_keccak_rotate_left_63(ab); } /** @@ -562,8 +562,8 @@ with const generics - RIGHT= 19 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_036(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_746(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_63(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_63(a, b); } /** @@ -573,7 +573,7 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d67(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_6a(uint64_t x) { return x << (uint32_t)(int32_t)2 | x >> (uint32_t)(int32_t)62; } @@ -584,9 +584,9 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_747(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_6a(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d67(ab); + return libcrux_sha3_portable_keccak_rotate_left_6a(ab); } /** @@ -600,8 +600,8 @@ with const generics - RIGHT= 62 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_037(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_747(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_6a(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_6a(a, b); } /** @@ -611,7 +611,7 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d68(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ab(uint64_t x) { return x << (uint32_t)(int32_t)62 | x >> (uint32_t)(int32_t)2; } @@ -622,9 +622,9 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_748(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ab(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d68(ab); + return libcrux_sha3_portable_keccak_rotate_left_ab(ab); } /** @@ -638,8 +638,8 @@ with const generics - RIGHT= 2 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_038(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_748(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ab(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ab(a, b); } /** @@ -649,7 +649,7 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d69(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_5b(uint64_t x) { return x << (uint32_t)(int32_t)6 | x >> (uint32_t)(int32_t)58; } @@ -660,9 +660,9 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_749(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_5b(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d69(ab); + return libcrux_sha3_portable_keccak_rotate_left_5b(ab); } /** @@ -676,8 +676,8 @@ with const generics - RIGHT= 58 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_039(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_749(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_5b(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_5b(a, b); } /** @@ -687,7 +687,7 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d610(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_6f(uint64_t x) { return x << (uint32_t)(int32_t)43 | x >> (uint32_t)(int32_t)21; } @@ -698,9 +698,9 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7410(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_6f(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d610(ab); + return libcrux_sha3_portable_keccak_rotate_left_6f(ab); } /** @@ -714,8 +714,8 @@ with const generics - RIGHT= 21 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0310(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7410(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_6f(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_6f(a, b); } /** @@ -725,7 +725,7 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d611(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_62(uint64_t x) { return x << (uint32_t)(int32_t)15 | x >> (uint32_t)(int32_t)49; } @@ -736,9 +736,9 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7411(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_62(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d611(ab); + return libcrux_sha3_portable_keccak_rotate_left_62(ab); } /** @@ -752,8 +752,8 @@ with const generics - RIGHT= 49 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0311(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7411(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_62(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_62(a, b); } /** @@ -763,7 +763,7 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d612(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_23(uint64_t x) { return x << (uint32_t)(int32_t)61 | x >> (uint32_t)(int32_t)3; } @@ -774,9 +774,9 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7412(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_23(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d612(ab); + return libcrux_sha3_portable_keccak_rotate_left_23(ab); } /** @@ -790,8 +790,8 @@ with const generics - RIGHT= 3 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0312(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7412(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_23(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_23(a, b); } /** @@ -801,7 +801,7 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d613(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_37(uint64_t x) { return x << (uint32_t)(int32_t)28 | x >> (uint32_t)(int32_t)36; } @@ -812,9 +812,9 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7413(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_37(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d613(ab); + return libcrux_sha3_portable_keccak_rotate_left_37(ab); } /** @@ -828,8 +828,8 @@ with const generics - RIGHT= 36 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0313(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7413(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_37(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_37(a, b); } /** @@ -839,7 +839,7 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d614(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_bb(uint64_t x) { return x << (uint32_t)(int32_t)55 | x >> (uint32_t)(int32_t)9; } @@ -850,9 +850,9 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7414(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_bb(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d614(ab); + return libcrux_sha3_portable_keccak_rotate_left_bb(ab); } /** @@ -866,8 +866,8 @@ with const generics - RIGHT= 9 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0314(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7414(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_bb(a, b); } /** @@ -877,7 +877,7 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d615(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_b9(uint64_t x) { return x << (uint32_t)(int32_t)25 | x >> (uint32_t)(int32_t)39; } @@ -888,9 +888,9 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7415(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_b9(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d615(ab); + return libcrux_sha3_portable_keccak_rotate_left_b9(ab); } /** @@ -904,8 +904,8 @@ with const generics - RIGHT= 39 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0315(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7415(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_b9(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_b9(a, b); } /** @@ -915,7 +915,7 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d616(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_54(uint64_t x) { return x << (uint32_t)(int32_t)21 | x >> (uint32_t)(int32_t)43; } @@ -926,9 +926,9 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7416(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_54(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d616(ab); + return libcrux_sha3_portable_keccak_rotate_left_54(ab); } /** @@ -942,8 +942,8 @@ with const generics - RIGHT= 43 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0316(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7416(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_54(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_54(a, b); } /** @@ -953,7 +953,7 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d617(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_4c(uint64_t x) { return x << (uint32_t)(int32_t)56 | x >> (uint32_t)(int32_t)8; } @@ -964,9 +964,9 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7417(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_4c(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d617(ab); + return libcrux_sha3_portable_keccak_rotate_left_4c(ab); } /** @@ -980,8 +980,8 @@ with const generics - RIGHT= 8 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0317(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7417(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_4c(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_4c(a, b); } /** @@ -991,7 +991,7 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d618(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_ce(uint64_t x) { return x << (uint32_t)(int32_t)27 | x >> (uint32_t)(int32_t)37; } @@ -1002,9 +1002,9 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7418(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_ce(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d618(ab); + return libcrux_sha3_portable_keccak_rotate_left_ce(ab); } /** @@ -1018,8 +1018,8 @@ with const generics - RIGHT= 37 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0318(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7418(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_ce(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_ce(a, b); } /** @@ -1029,7 +1029,7 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d619(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_77(uint64_t x) { return x << (uint32_t)(int32_t)20 | x >> (uint32_t)(int32_t)44; } @@ -1040,9 +1040,9 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7419(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_77(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d619(ab); + return libcrux_sha3_portable_keccak_rotate_left_77(ab); } /** @@ -1056,8 +1056,8 @@ with const generics - RIGHT= 44 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0319(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7419(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_77(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_77(a, b); } /** @@ -1067,7 +1067,7 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d620(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_25(uint64_t x) { return x << (uint32_t)(int32_t)39 | x >> (uint32_t)(int32_t)25; } @@ -1078,9 +1078,9 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7420(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_25(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d620(ab); + return libcrux_sha3_portable_keccak_rotate_left_25(ab); } /** @@ -1094,8 +1094,8 @@ with const generics - RIGHT= 25 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0320(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7420(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_25(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_25(a, b); } /** @@ -1105,7 +1105,7 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d621(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_af(uint64_t x) { return x << (uint32_t)(int32_t)8 | x >> (uint32_t)(int32_t)56; } @@ -1116,9 +1116,9 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7421(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_af(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d621(ab); + return libcrux_sha3_portable_keccak_rotate_left_af(ab); } /** @@ -1132,8 +1132,8 @@ with const generics - RIGHT= 56 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0321(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7421(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_af(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_af(a, b); } /** @@ -1143,7 +1143,7 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_rotate_left_d622(uint64_t x) { +libcrux_sha3_portable_keccak_rotate_left_fd(uint64_t x) { return x << (uint32_t)(int32_t)14 | x >> (uint32_t)(int32_t)50; } @@ -1154,9 +1154,9 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak__vxarq_u64_7422(uint64_t a, uint64_t b) { +libcrux_sha3_portable_keccak__vxarq_u64_fd(uint64_t a, uint64_t b) { uint64_t ab = a ^ b; - return libcrux_sha3_portable_keccak_rotate_left_d622(ab); + return libcrux_sha3_portable_keccak_rotate_left_fd(ab); } /** @@ -1170,8 +1170,8 @@ with const generics - RIGHT= 50 */ static KRML_MUSTINLINE uint64_t -libcrux_sha3_portable_keccak_xor_and_rotate_5a_0322(uint64_t a, uint64_t b) { - return libcrux_sha3_portable_keccak__vxarq_u64_7422(a, b); +libcrux_sha3_portable_keccak_xor_and_rotate_5a_fd(uint64_t a, uint64_t b) { + return libcrux_sha3_portable_keccak__vxarq_u64_fd(a, b); } /** @@ -1180,8 +1180,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_a7( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t c[5U] = { libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][0U], s->st[1U][0U], s->st[2U][0U], s->st[3U][0U], @@ -1216,53 +1216,53 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_a7( c[((size_t)4U + (size_t)1U) % (size_t)5U])}; s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_5a(s->st[0U][0U], t[0U]); s->st[1U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_03(s->st[1U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_02(s->st[1U][0U], t[0U]); s->st[2U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_030(s->st[2U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ac(s->st[2U][0U], t[0U]); s->st[3U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_031(s->st[3U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_020(s->st[3U][0U], t[0U]); s->st[4U][0U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_032(s->st[4U][0U], t[0U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_a9(s->st[4U][0U], t[0U]); s->st[0U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_033(s->st[0U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_76(s->st[0U][1U], t[1U]); s->st[1U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_034(s->st[1U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_58(s->st[1U][1U], t[1U]); s->st[2U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_035(s->st[2U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_e0(s->st[2U][1U], t[1U]); s->st[3U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_036(s->st[3U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_63(s->st[3U][1U], t[1U]); s->st[4U][1U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_037(s->st[4U][1U], t[1U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_6a(s->st[4U][1U], t[1U]); s->st[0U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_038(s->st[0U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ab(s->st[0U][2U], t[2U]); s->st[1U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_039(s->st[1U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_5b(s->st[1U][2U], t[2U]); s->st[2U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0310(s->st[2U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_6f(s->st[2U][2U], t[2U]); s->st[3U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0311(s->st[3U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_62(s->st[3U][2U], t[2U]); s->st[4U][2U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0312(s->st[4U][2U], t[2U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_23(s->st[4U][2U], t[2U]); s->st[0U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0313(s->st[0U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_37(s->st[0U][3U], t[3U]); s->st[1U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0314(s->st[1U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(s->st[1U][3U], t[3U]); s->st[2U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0315(s->st[2U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_b9(s->st[2U][3U], t[3U]); s->st[3U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0316(s->st[3U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_54(s->st[3U][3U], t[3U]); s->st[4U][3U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0317(s->st[4U][3U], t[3U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_4c(s->st[4U][3U], t[3U]); s->st[0U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0318(s->st[0U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_ce(s->st[0U][4U], t[4U]); s->st[1U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0319(s->st[1U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_77(s->st[1U][4U], t[4U]); s->st[2U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0320(s->st[2U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_25(s->st[2U][4U], t[4U]); s->st[3U][4U] = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0321(s->st[3U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_af(s->st[3U][4U], t[4U]); uint64_t uu____27 = - libcrux_sha3_portable_keccak_xor_and_rotate_5a_0322(s->st[4U][4U], t[4U]); + libcrux_sha3_portable_keccak_xor_and_rotate_5a_fd(s->st[4U][4U], t[4U]); s->st[4U][4U] = uu____27; } @@ -1272,8 +1272,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_d5( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); s->st[0U][1U] = old[1U][1U]; @@ -1308,8 +1308,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_3e( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { uint64_t old[5U][5U]; memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U])); for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) { @@ -1329,8 +1329,8 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_00( - libcrux_sha3_generic_keccak_KeccakState_48 *s, size_t i) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s, size_t i) { s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_constant_5a( s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]); } @@ -1341,14 +1341,14 @@ with types uint64_t with const generics - N= 1 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_b8( - libcrux_sha3_generic_keccak_KeccakState_48 *s) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_04( + libcrux_sha3_generic_keccak_KeccakState_17 *s) { for (size_t i = (size_t)0U; i < (size_t)24U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_theta_rho_a7(s); - libcrux_sha3_generic_keccak_pi_d5(s); - libcrux_sha3_generic_keccak_chi_3e(s); - libcrux_sha3_generic_keccak_iota_00(s, i0); + libcrux_sha3_generic_keccak_theta_rho_04(s); + libcrux_sha3_generic_keccak_pi_04(s); + libcrux_sha3_generic_keccak_chi_04(s); + libcrux_sha3_generic_keccak_iota_04(s, i0); } } @@ -1359,13 +1359,13 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_40( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_35(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_f8(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1373,11 +1373,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d4( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_f8( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_65(s, buf); + libcrux_sha3_portable_keccak_load_block_f8(s, buf); } /** @@ -1389,13 +1389,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_05( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_f8( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d4(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_f8(uu____0, copy_of_b); } /** @@ -1406,8 +1406,8 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_40( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -1425,8 +1425,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_40( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_05(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_f8(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1434,7 +1434,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_f8( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) { size_t i0 = i; @@ -1452,12 +1452,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_f8( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b(s, buf); + libcrux_sha3_portable_keccak_store_block_f8(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -1473,9 +1473,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_27( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_f8( uint64_t (*a)[5U], uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e(a, ret); + libcrux_sha3_portable_keccak_store_block_full_f8(a, ret); } /** @@ -1486,21 +1486,21 @@ with const generics - RATE= 72 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_88( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_27(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_f8(s->st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1514,9 +1514,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_49( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_f8( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b(a, b); + libcrux_sha3_portable_keccak_store_block_f8(a, b); } /** @@ -1526,9 +1526,9 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_49(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_f8(s->st, out); } /** @@ -1538,10 +1538,10 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_49(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_f8(s->st, out); } /** @@ -1551,22 +1551,22 @@ with const generics - N= 1 - RATE= 72 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c6( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_27(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_f8(s.st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1579,36 +1579,36 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)72U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)72U, (size_t)72U, ret); - libcrux_sha3_generic_keccak_absorb_block_40(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c6(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)72U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_40(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)72U; size_t last = outlen - outlen % (size_t)72U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_88(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c6(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)72U); @@ -1616,15 +1616,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c6(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -1634,12 +1634,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_06( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c2(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c6(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c6(s, o1); } } } @@ -1650,12 +1650,12 @@ with const generics - RATE= 72 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e4( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_96( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_06(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e(copy_of_data, out); } /** @@ -1665,7 +1665,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha512(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e4(buf0, buf); + libcrux_sha3_portable_keccakx1_96(buf0, buf); } /** @@ -1673,18 +1673,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_650( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5b( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, uu____0); + unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -1701,13 +1701,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_350( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_5b( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_650(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_5b(uu____0, copy_of_b); } /** @@ -1717,13 +1717,13 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_400( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1731,11 +1731,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d40( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5b( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_650(s, buf); + libcrux_sha3_portable_keccak_load_block_5b(s, buf); } /** @@ -1747,13 +1747,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_050( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_5b( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d40(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_5b(uu____0, copy_of_b); } /** @@ -1764,8 +1764,8 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_400( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e0( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -1783,8 +1783,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_400( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -1792,7 +1792,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b0( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5b( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) { size_t i0 = i; @@ -1810,12 +1810,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e0( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5b( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b0(s, buf); + libcrux_sha3_portable_keccak_store_block_5b(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -1831,10 +1831,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_270(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e0(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_5b( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_5b(a, ret); } /** @@ -1845,21 +1844,21 @@ with const generics - RATE= 136 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_880( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_270(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_5b(s->st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1873,9 +1872,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_490( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_5b( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b0(a, b); + libcrux_sha3_portable_keccak_store_block_5b(a, b); } /** @@ -1885,9 +1884,9 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b0( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_490(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_5b(s->st, out); } /** @@ -1897,10 +1896,10 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c20( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_490(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c60( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_5b(s->st, out); } /** @@ -1910,22 +1909,22 @@ with const generics - N= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca0( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c60( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_270(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_5b(s.st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -1938,36 +1937,36 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e0( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_400(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c60(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_400(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e0(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_880(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c60(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); @@ -1975,15 +1974,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c60(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -1993,12 +1992,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_060( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c20(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca0(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c60(s, o1); } } } @@ -2009,12 +2008,12 @@ with const generics - RATE= 136 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e40( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ad( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_060(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e0(copy_of_data, out); } /** @@ -2024,7 +2023,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha256(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e40(buf0, buf); + libcrux_sha3_portable_keccakx1_ad(buf0, buf); } /** @@ -2035,8 +2034,8 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_401( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e1( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -2054,8 +2053,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_401( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2066,36 +2065,36 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e1( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_generic_keccak_absorb_block_400(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c60(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_401(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e1(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)136U; size_t last = outlen - outlen % (size_t)136U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_880(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c60(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U); @@ -2103,15 +2102,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c60(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -2121,12 +2120,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_061( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c20(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca0(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c60(s, o1); } } } @@ -2137,12 +2136,12 @@ with const generics - RATE= 136 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e41( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ad0( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_061(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e1(copy_of_data, out); } /** @@ -2152,18 +2151,18 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake256( Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e41(buf0, buf); + libcrux_sha3_portable_keccakx1_ad0(buf0, buf); } -typedef libcrux_sha3_generic_keccak_KeccakState_48 +typedef libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_KeccakState; /** Create a new SHAKE-128 state object. */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_incremental_shake128_init(void) { - return libcrux_sha3_generic_keccak_new_89_cf(); + return libcrux_sha3_generic_keccak_new_89_04(); } /** @@ -2171,18 +2170,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_651( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_3a( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, uu____0); + unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -2195,11 +2194,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d41( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_3a( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_651(s, buf); + libcrux_sha3_portable_keccak_load_block_3a(s, buf); } /** @@ -2211,13 +2210,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_051( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_3a( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d41(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_3a(uu____0, copy_of_b); } /** @@ -2228,8 +2227,8 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_402( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e2( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -2247,8 +2246,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_402( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_051(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_3a(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2256,9 +2255,9 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_402( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data0) { Eurydice_slice buf[1U] = {data0}; - libcrux_sha3_generic_keccak_absorb_final_402(s, buf); + libcrux_sha3_generic_keccak_absorb_final_9e2(s, buf); } /** @@ -2266,7 +2265,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b1( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_3a( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) { size_t i0 = i; @@ -2288,9 +2287,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_491( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_3a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b1(a, b); + libcrux_sha3_portable_keccak_store_block_3a(a, b); } /** @@ -2300,9 +2299,9 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b1( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_491(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_3a(s->st, out); } /** @@ -2312,10 +2311,10 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c21( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_491(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_3a(s->st, out); } /** @@ -2326,23 +2325,23 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_three_blocks_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { Eurydice_slice_uint8_t_1size_t__x2 uu____0 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); Eurydice_slice o0[1U]; memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o10[1U]; memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b1(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_c61(s, o0); Eurydice_slice_uint8_t_1size_t__x2 uu____1 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); Eurydice_slice o1[1U]; memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o2[1U]; memcpy(o2, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o1); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o2); } /** @@ -2350,9 +2349,9 @@ libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_three_blocks_5c(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_three_blocks_c6(s, buf); } /** @@ -2360,9 +2359,9 @@ libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, buf); } #define libcrux_sha3_Sha224 0 @@ -2408,18 +2407,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_652( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, uu____0); + unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -2436,13 +2435,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_351( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_2c( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_652(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_2c(uu____0, copy_of_b); } /** @@ -2452,13 +2451,13 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_401( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_351(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_2c(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2466,11 +2465,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d42( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_2c( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_652(s, buf); + libcrux_sha3_portable_keccak_load_block_2c(s, buf); } /** @@ -2482,13 +2481,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_052( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_2c( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d42(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_2c(uu____0, copy_of_b); } /** @@ -2499,8 +2498,8 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_403( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e3( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -2518,8 +2517,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_403( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_052(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_2c(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2527,7 +2526,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b2( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_2c( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) { size_t i0 = i; @@ -2545,12 +2544,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e1( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2c( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b2(s, buf); + libcrux_sha3_portable_keccak_store_block_2c(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -2566,10 +2565,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_271(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e1(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_2c( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_2c(a, ret); } /** @@ -2580,21 +2578,21 @@ with const generics - RATE= 144 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_881( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c61( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_271(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_2c(s->st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2608,9 +2606,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_492( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_2c( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b2(a, b); + libcrux_sha3_portable_keccak_store_block_2c(a, b); } /** @@ -2620,9 +2618,9 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b2( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_492(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_2c(s->st, out); } /** @@ -2632,10 +2630,10 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c22( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_492(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_2c(s->st, out); } /** @@ -2645,22 +2643,22 @@ with const generics - N= 1 - RATE= 144 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca1( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c61( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_271(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_2c(s.st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2673,36 +2671,36 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e2( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)144U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)144U, (size_t)144U, ret); - libcrux_sha3_generic_keccak_absorb_block_401(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c61(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)144U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_403(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e3(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)144U; size_t last = outlen - outlen % (size_t)144U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_881(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c61(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)144U); @@ -2710,15 +2708,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b2(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c62(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -2728,12 +2726,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_062( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c22(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c62(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca1(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c61(s, o1); } } } @@ -2744,12 +2742,12 @@ with const generics - RATE= 144 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e42( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_1e( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_062(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e2(copy_of_data, out); } /** @@ -2759,7 +2757,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha224(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e42(buf0, buf); + libcrux_sha3_portable_keccakx1_1e(buf0, buf); } /** @@ -2767,18 +2765,18 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_653( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_7a( uint64_t (*s)[5U], Eurydice_slice blocks[1U]) { for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { size_t i0 = i; uint8_t uu____0[8U]; - Result_56 dst; + Result_15 dst; Eurydice_slice_to_array2( &dst, Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t), Eurydice_slice, uint8_t[8U]); - unwrap_26_0e(dst, uu____0); + unwrap_26_68(dst, uu____0); size_t uu____1 = i0 / (size_t)5U; size_t uu____2 = i0 % (size_t)5U; s[uu____1][uu____2] = @@ -2795,13 +2793,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_352( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_7a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_653(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_7a(uu____0, copy_of_b); } /** @@ -2811,13 +2809,13 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_402( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_352(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_7a(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2825,11 +2823,11 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_d43( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_7a( uint64_t (*s)[5U], uint8_t blocks[1U][200U]) { Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)}; - libcrux_sha3_portable_keccak_load_block_653(s, buf); + libcrux_sha3_portable_keccak_load_block_7a(s, buf); } /** @@ -2841,13 +2839,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_053( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_7a( uint64_t (*a)[5U], uint8_t b[1U][200U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_b[1U][200U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_d43(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_full_7a(uu____0, copy_of_b); } /** @@ -2858,8 +2856,8 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_404( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9e4( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice last[1U]) { size_t last_len = Eurydice_slice_len(last[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -2877,8 +2875,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_404( uint64_t(*uu____3)[5U] = s->st; uint8_t uu____4[1U][200U]; memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_053(uu____3, uu____4); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_full_5a_7a(uu____3, uu____4); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -2886,7 +2884,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_9b3( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_7a( uint64_t (*s)[5U], Eurydice_slice out[1U]) { for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) { size_t i0 = i; @@ -2904,12 +2902,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e2( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7a( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b3(s, buf); + libcrux_sha3_portable_keccak_store_block_7a(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -2925,10 +2923,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_272(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e2(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_7a( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_7a(a, ret); } /** @@ -2939,21 +2936,21 @@ with const generics - RATE= 104 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_882( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c62( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_272(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_7a(s->st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -2967,9 +2964,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a with const generics - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_493( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_7a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { - libcrux_sha3_portable_keccak_store_block_9b3(a, b); + libcrux_sha3_portable_keccak_store_block_7a(a, b); } /** @@ -2979,9 +2976,9 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_7b3( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_portable_keccak_store_block_5a_493(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_portable_keccak_store_block_5a_7a(s->st, out); } /** @@ -2991,10 +2988,10 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c23( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(s); - libcrux_sha3_portable_keccak_store_block_5a_493(s->st, out); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(s); + libcrux_sha3_portable_keccak_store_block_5a_7a(s->st, out); } /** @@ -3004,22 +3001,22 @@ with const generics - N= 1 - RATE= 104 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca2( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c62( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_272(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_7a(s.st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -3032,36 +3029,36 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e3( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)104U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)104U, (size_t)104U, ret); - libcrux_sha3_generic_keccak_absorb_block_402(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c62(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)104U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_404(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e4(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)104U; size_t last = outlen - outlen % (size_t)104U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_882(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c62(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)104U); @@ -3069,15 +3066,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b3(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c63(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -3087,12 +3084,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_063( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c23(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c63(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca2(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c62(s, o1); } } } @@ -3103,12 +3100,12 @@ with const generics - RATE= 104 - DELIM= 6 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e43( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_7c( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_063(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e3(copy_of_data, out); } /** @@ -3118,7 +3115,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e43(buf0, buf); + libcrux_sha3_portable_keccakx1_7c(buf0, buf); } /** @@ -3209,13 +3206,13 @@ A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_353( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_3a( uint64_t (*a)[5U], Eurydice_slice b[1U]) { uint64_t(*uu____0)[5U] = a; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_b[1U]; memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_651(uu____0, copy_of_b); + libcrux_sha3_portable_keccak_load_block_3a(uu____0, copy_of_b); } /** @@ -3225,13 +3222,13 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_403( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) { +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice blocks[1U]) { uint64_t(*uu____0)[5U] = s->st; Eurydice_slice uu____1[1U]; memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_353(uu____0, uu____1); - libcrux_sha3_generic_keccak_keccakf1600_b8(s); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____0, uu____1); + libcrux_sha3_generic_keccak_keccakf1600_04(s); } /** @@ -3239,12 +3236,12 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_7e3( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_3a( uint64_t (*s)[5U], uint8_t ret[1U][200U]) { uint8_t out[200U] = {0U}; Eurydice_slice buf[1U] = { Eurydice_array_to_slice((size_t)200U, out, uint8_t)}; - libcrux_sha3_portable_keccak_store_block_9b1(s, buf); + libcrux_sha3_portable_keccak_store_block_3a(s, buf); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_out[200U]; memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t)); @@ -3260,10 +3257,9 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void -libcrux_sha3_portable_keccak_store_block_full_5a_273(uint64_t (*a)[5U], - uint8_t ret[1U][200U]) { - libcrux_sha3_portable_keccak_store_block_full_7e3(a, ret); +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_3a( + uint64_t (*a)[5U], uint8_t ret[1U][200U]) { + libcrux_sha3_portable_keccak_store_block_full_3a(a, ret); } /** @@ -3274,21 +3270,21 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_and_last_883( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_and_last_c63( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_273(s->st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_3a(s->st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -3300,22 +3296,22 @@ with const generics - N= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_ca3( - libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&s); +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_c63( + libcrux_sha3_generic_keccak_KeccakState_17 s, Eurydice_slice out[1U]) { + libcrux_sha3_generic_keccak_keccakf1600_04(&s); uint8_t b[1U][200U]; - libcrux_sha3_portable_keccak_store_block_full_5a_273(s.st, b); + libcrux_sha3_portable_keccak_store_block_full_5a_3a(s.st, b); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { size_t i0 = i; Eurydice_slice uu____0 = out[i0]; uint8_t *uu____1 = b[i0]; - core_ops_range_Range_b3 lit; + core_ops_range_Range_08 lit; lit.start = (size_t)0U; lit.end = Eurydice_slice_len(out[i0], uint8_t); Eurydice_slice_copy( uu____0, Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t, - core_ops_range_Range_b3), + core_ops_range_Range_08), uint8_t); } } @@ -3328,36 +3324,36 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_9e4( Eurydice_slice data[1U], Eurydice_slice out[1U]) { - libcrux_sha3_generic_keccak_KeccakState_48 s = - libcrux_sha3_generic_keccak_new_89_cf(); + libcrux_sha3_generic_keccak_KeccakState_17 s = + libcrux_sha3_generic_keccak_new_89_04(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)168U; i++) { size_t i0 = i; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)168U, (size_t)168U, ret); - libcrux_sha3_generic_keccak_absorb_block_403(uu____0, ret); + libcrux_sha3_generic_keccak_absorb_block_c63(uu____0, ret); } size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)168U; - libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s; + libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = &s; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret); - libcrux_sha3_generic_keccak_absorb_final_402(uu____2, ret); + libcrux_sha3_generic_keccak_absorb_final_9e2(uu____2, ret); size_t outlen = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = outlen / (size_t)168U; size_t last = outlen - outlen % (size_t)168U; if (blocks == (size_t)0U) { - libcrux_sha3_generic_keccak_squeeze_first_and_last_883(&s, out); + libcrux_sha3_generic_keccak_squeeze_first_and_last_c63(&s, out); } else { Eurydice_slice_uint8_t_1size_t__x2 uu____4 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); @@ -3365,15 +3361,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o1[1U]; memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b1(&s, o0); - core_ops_range_Range_b3 iter = + libcrux_sha3_generic_keccak_squeeze_first_block_c61(&s, o0); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -3383,12 +3379,12 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_064( memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice orest[1U]; memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(&s, o); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(&s, o); memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < outlen) { - libcrux_sha3_generic_keccak_squeeze_last_ca3(s, o1); + libcrux_sha3_generic_keccak_squeeze_last_c63(s, o1); } } } @@ -3399,12 +3395,12 @@ with const generics - RATE= 168 - DELIM= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_e44( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_c6( Eurydice_slice data[1U], Eurydice_slice out[1U]) { /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_data[1U]; memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccak_064(copy_of_data, out); + libcrux_sha3_generic_keccak_keccak_9e4(copy_of_data, out); } /** @@ -3414,7 +3410,7 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake128( Eurydice_slice digest, Eurydice_slice data) { Eurydice_slice buf0[1U] = {data}; Eurydice_slice buf[1U] = {digest}; - libcrux_sha3_portable_keccakx1_e44(buf0, buf); + libcrux_sha3_portable_keccakx1_c6(buf0, buf); } /** @@ -3506,7 +3502,7 @@ static KRML_MUSTINLINE void libcrux_sha3_neon_x2_shake256(Eurydice_slice input0, } typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s { - libcrux_sha3_generic_keccak_KeccakState_48 state[2U]; + libcrux_sha3_generic_keccak_KeccakState_17 state[2U]; } libcrux_sha3_neon_x2_incremental_KeccakState; /** @@ -3613,37 +3609,37 @@ with const generics - RATE= 168 */ static KRML_MUSTINLINE void -libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) { +libcrux_sha3_generic_keccak_squeeze_first_five_blocks_c6( + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out[1U]) { Eurydice_slice_uint8_t_1size_t__x2 uu____0 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U); Eurydice_slice o0[1U]; memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o10[1U]; memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_first_block_7b1(s, o0); + libcrux_sha3_generic_keccak_squeeze_first_block_c61(s, o0); Eurydice_slice_uint8_t_1size_t__x2 uu____1 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U); Eurydice_slice o1[1U]; memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o20[1U]; memcpy(o20, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o1); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o1); Eurydice_slice_uint8_t_1size_t__x2 uu____2 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o20, (size_t)168U); Eurydice_slice o2[1U]; memcpy(o2, uu____2.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o30[1U]; memcpy(o30, uu____2.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o2); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o2); Eurydice_slice_uint8_t_1size_t__x2 uu____3 = libcrux_sha3_portable_keccak_split_at_mut_n_5a(o30, (size_t)168U); Eurydice_slice o3[1U]; memcpy(o3, uu____3.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice o4[1U]; memcpy(o4, uu____3.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o3); - libcrux_sha3_generic_keccak_squeeze_next_block_c21(s, o4); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o3); + libcrux_sha3_generic_keccak_squeeze_next_block_c61(s, o4); } /** @@ -3651,9 +3647,9 @@ libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) { Eurydice_slice buf[1U] = {out0}; - libcrux_sha3_generic_keccak_squeeze_first_five_blocks_3e(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_five_blocks_c6(s, buf); } /** @@ -3661,17 +3657,17 @@ libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_absorb_final( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data) { Eurydice_slice buf[1U] = {data}; - libcrux_sha3_generic_keccak_absorb_final_401(s, buf); + libcrux_sha3_generic_keccak_absorb_final_9e1(s, buf); } /** Create a new SHAKE-256 state object. */ -static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48 +static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_incremental_shake256_init(void) { - return libcrux_sha3_generic_keccak_new_89_cf(); + return libcrux_sha3_generic_keccak_new_89_04(); } /** @@ -3679,9 +3675,9 @@ libcrux_sha3_portable_incremental_shake256_init(void) { */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_squeeze_first_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_first_block_7b0(s, buf); + libcrux_sha3_generic_keccak_squeeze_first_block_c60(s, buf); } /** @@ -3689,9 +3685,9 @@ libcrux_sha3_portable_incremental_shake256_squeeze_first_block( */ static KRML_MUSTINLINE void libcrux_sha3_portable_incremental_shake256_squeeze_next_block( - libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_next_block_c20(s, buf); + libcrux_sha3_generic_keccak_squeeze_next_block_c60(s, buf); } /** @@ -3701,14 +3697,14 @@ with const generics - $1size_t - $136size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_4f_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_KeccakXofState_e2_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][136U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_4f; +} libcrux_sha3_generic_keccak_KeccakXofState_e2; -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f +typedef libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_Shake256Absorb; /** @@ -3731,8 +3727,8 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_15( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; @@ -3765,15 +3761,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs0[1U]; memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_8b_15(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_fill_buffer_8b_c6(uu____0, copy_of_inputs0); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -3789,8 +3785,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( uint64_t(*uu____2)[5U] = self->inner.st; Eurydice_slice uu____3[1U]; memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____2, uu____3); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -3806,8 +3802,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a( Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_inputs, input_consumed + i0 * (size_t)136U, (size_t)136U, ret); - libcrux_sha3_portable_keccak_load_block_5a_350(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_5b(uu____4, ret); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } return remainder; } @@ -3835,15 +3831,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_45( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c6(uu____0, copy_of_inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -3870,12 +3866,12 @@ This function found in impl libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ static inline void libcrux_sha3_portable_incremental_absorb_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_8b_45(self, buf); + libcrux_sha3_generic_keccak_absorb_8b_c6(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_4f +typedef libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_Shake256Squeeze; /** @@ -3896,15 +3892,15 @@ with const generics - RATE= 136 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b6( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_9e( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_e2 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c6(uu____0, copy_of_inputs); size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -3935,8 +3931,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b6( uint64_t(*uu____6)[5U] = self->inner.st; uint8_t uu____7[1U][200U]; memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_050(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_full_5a_5b(uu____6, uu____7); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } /** @@ -3947,11 +3943,11 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_absorb_final_7d( - libcrux_sha3_generic_keccak_KeccakXofState_4f self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_8b_b6(&self, buf); + libcrux_sha3_generic_keccak_absorb_final_8b_9e(&self, buf); return self; } @@ -3969,7 +3965,7 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline void libcrux_sha3_generic_keccak_zero_block_8b_5e( +static inline void libcrux_sha3_generic_keccak_zero_block_8b_c6( uint8_t ret[136U]) { ret[0U] = 0U; ret[1U] = 0U; @@ -4123,12 +4119,12 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f -libcrux_sha3_generic_keccak_new_8b_47(void) { - libcrux_sha3_generic_keccak_KeccakXofState_4f lit; - lit.inner = libcrux_sha3_generic_keccak_new_89_cf(); +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 +libcrux_sha3_generic_keccak_new_8b_c6(void) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 lit; + lit.inner = libcrux_sha3_generic_keccak_new_89_04(); uint8_t ret[136U]; - libcrux_sha3_generic_keccak_zero_block_8b_5e(ret); + libcrux_sha3_generic_keccak_zero_block_8b_c6(ret); memcpy(lit.buf[0U], ret, (size_t)136U * sizeof(uint8_t)); lit.buf_len = (size_t)0U; lit.sponge = false; @@ -4143,9 +4139,9 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for libcrux_sha3::portable::incremental::Shake256Absorb)#2} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_4f +static inline libcrux_sha3_generic_keccak_KeccakXofState_e2 libcrux_sha3_portable_incremental_new_7d(void) { - return libcrux_sha3_generic_keccak_new_8b_47(); + return libcrux_sha3_generic_keccak_new_8b_c6(); } /** @@ -4155,14 +4151,14 @@ with const generics - $1size_t - $168size_t */ -typedef struct libcrux_sha3_generic_keccak_KeccakXofState_78_s { - libcrux_sha3_generic_keccak_KeccakState_48 inner; +typedef struct libcrux_sha3_generic_keccak_KeccakXofState_97_s { + libcrux_sha3_generic_keccak_KeccakState_17 inner; uint8_t buf[1U][168U]; size_t buf_len; bool sponge; -} libcrux_sha3_generic_keccak_KeccakXofState_78; +} libcrux_sha3_generic_keccak_KeccakXofState_97; -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 +typedef libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_Shake128Absorb; /** @@ -4185,8 +4181,8 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_150( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static inline size_t libcrux_sha3_generic_keccak_fill_buffer_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); size_t consumed = (size_t)0U; @@ -4219,15 +4215,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs0[1U]; memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_consumed = - libcrux_sha3_generic_keccak_fill_buffer_8b_150(uu____0, copy_of_inputs0); + libcrux_sha3_generic_keccak_fill_buffer_8b_c60(uu____0, copy_of_inputs0); if (input_consumed > (size_t)0U) { Eurydice_slice borrowed[1U]; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -4243,8 +4239,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( uint64_t(*uu____2)[5U] = self->inner.st; Eurydice_slice uu____3[1U]; memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_load_block_5a_353(uu____2, uu____3); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____2, uu____3); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); self->buf_len = (size_t)0U; } size_t input_to_consume = @@ -4260,8 +4256,8 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_8b_7a0( Eurydice_slice ret[1U]; libcrux_sha3_portable_keccak_slice_n_5a( copy_of_inputs, input_consumed + i0 * (size_t)168U, (size_t)168U, ret); - libcrux_sha3_portable_keccak_load_block_5a_353(uu____4, ret); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_5a_3a(uu____4, ret); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } return remainder; } @@ -4289,15 +4285,15 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_450( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a0(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c60(uu____0, copy_of_inputs); if (input_remainder_len > (size_t)0U) { size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -4321,12 +4317,12 @@ This function found in impl libcrux_sha3::portable::incremental::Shake128Absorb)} */ static inline void libcrux_sha3_portable_incremental_absorb_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_8b_450(self, buf); + libcrux_sha3_generic_keccak_absorb_8b_c60(self, buf); } -typedef libcrux_sha3_generic_keccak_KeccakXofState_78 +typedef libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_Shake128Squeeze; /** @@ -4347,15 +4343,15 @@ with const generics - RATE= 168 - DELIMITER= 31 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b60( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_9e0( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice inputs[1U]) { - libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self; + libcrux_sha3_generic_keccak_KeccakXofState_97 *uu____0 = self; /* Passing arrays by value in Rust generates a copy in C */ Eurydice_slice copy_of_inputs[1U]; memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice)); size_t input_remainder_len = - libcrux_sha3_generic_keccak_absorb_full_8b_7a0(uu____0, copy_of_inputs); + libcrux_sha3_generic_keccak_absorb_full_8b_c60(uu____0, copy_of_inputs); size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t); uint8_t blocks[1U][200U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)1U; i++) { @@ -4386,8 +4382,8 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_8b_b60( uint64_t(*uu____6)[5U] = self->inner.st; uint8_t uu____7[1U][200U]; memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U])); - libcrux_sha3_portable_keccak_load_block_full_5a_051(uu____6, uu____7); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_portable_keccak_load_block_full_5a_3a(uu____6, uu____7); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } /** @@ -4395,11 +4391,11 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for libcrux_sha3::portable::incremental::Shake128Absorb)} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_absorb_final_1c( - libcrux_sha3_generic_keccak_KeccakXofState_78 self, Eurydice_slice input) { + libcrux_sha3_generic_keccak_KeccakXofState_97 self, Eurydice_slice input) { Eurydice_slice buf[1U] = {input}; - libcrux_sha3_generic_keccak_absorb_final_8b_b60(&self, buf); + libcrux_sha3_generic_keccak_absorb_final_8b_9e0(&self, buf); return self; } @@ -4417,7 +4413,7 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline void libcrux_sha3_generic_keccak_zero_block_8b_5e0( +static inline void libcrux_sha3_generic_keccak_zero_block_8b_c60( uint8_t ret[168U]) { ret[0U] = 0U; ret[1U] = 0U; @@ -4603,12 +4599,12 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 -libcrux_sha3_generic_keccak_new_8b_470(void) { - libcrux_sha3_generic_keccak_KeccakXofState_78 lit; - lit.inner = libcrux_sha3_generic_keccak_new_89_cf(); +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 +libcrux_sha3_generic_keccak_new_8b_c60(void) { + libcrux_sha3_generic_keccak_KeccakXofState_97 lit; + lit.inner = libcrux_sha3_generic_keccak_new_89_04(); uint8_t ret[168U]; - libcrux_sha3_generic_keccak_zero_block_8b_5e0(ret); + libcrux_sha3_generic_keccak_zero_block_8b_c60(ret); memcpy(lit.buf[0U], ret, (size_t)168U * sizeof(uint8_t)); lit.buf_len = (size_t)0U; lit.sponge = false; @@ -4620,9 +4616,9 @@ This function found in impl {(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for libcrux_sha3::portable::incremental::Shake128Absorb)} */ -static inline libcrux_sha3_generic_keccak_KeccakXofState_78 +static inline libcrux_sha3_generic_keccak_KeccakXofState_97 libcrux_sha3_portable_incremental_new_1c(void) { - return libcrux_sha3_generic_keccak_new_8b_470(); + return libcrux_sha3_generic_keccak_new_8b_c60(); } /** @@ -4637,7 +4633,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_5a with const generics - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_81( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_5b( uint64_t (*state)[5U], Eurydice_slice out[1U]) { size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; @@ -4678,11 +4674,11 @@ with const generics - PARALLEL_LANES= 1 - RATE= 136 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_c6( + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice out[1U]) { if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } size_t out_len = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = out_len / (size_t)136U; @@ -4699,15 +4695,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice out_rest[1U]; memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out00); - core_ops_range_Range_b3 iter = + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out00); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -4718,14 +4714,14 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba( memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice tmp[1U]; memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out0); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out0); memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_81(self->inner.st, out_rest); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_5b(self->inner.st, out_rest); } self->sponge = true; } @@ -4739,9 +4735,9 @@ This function found in impl libcrux_sha3::portable::incremental::Shake256Squeeze)#3} */ static inline void libcrux_sha3_portable_incremental_squeeze_8a( - libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakXofState_e2 *self, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_8b_ba(self, buf); + libcrux_sha3_generic_keccak_squeeze_8b_c6(self, buf); } /** @@ -4756,7 +4752,7 @@ A monomorphic instance of libcrux_sha3.portable_keccak.store_5a with const generics - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_810( +static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_3a( uint64_t (*state)[5U], Eurydice_slice out[1U]) { size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U; size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U; @@ -4797,11 +4793,11 @@ with const generics - PARALLEL_LANES= 1 - RATE= 168 */ -static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, +static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_c60( + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice out[1U]) { if (self->sponge) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); } size_t out_len = Eurydice_slice_len(out[0U], uint8_t); size_t blocks = out_len / (size_t)168U; @@ -4818,15 +4814,15 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice out_rest[1U]; memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out00); - core_ops_range_Range_b3 iter = + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out00); + core_ops_range_Range_08 iter = core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter( - (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U, + (CLITERAL(core_ops_range_Range_08){.start = (size_t)1U, .end = blocks}), - core_ops_range_Range_b3, core_ops_range_Range_b3); + core_ops_range_Range_08, core_ops_range_Range_08); while (true) { if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A__TraitClause_0___6__next( - &iter, size_t, Option_b3) + &iter, size_t, Option_08) .tag == None) { break; } else { @@ -4837,14 +4833,14 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_8b_ba0( memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice)); Eurydice_slice tmp[1U]; memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice)); - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out0); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out0); memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice)); } } if (last < out_len) { - libcrux_sha3_generic_keccak_keccakf1600_b8(&self->inner); - libcrux_sha3_portable_keccak_store_5a_810(self->inner.st, out_rest); + libcrux_sha3_generic_keccak_keccakf1600_04(&self->inner); + libcrux_sha3_portable_keccak_store_5a_3a(self->inner.st, out_rest); } self->sponge = true; } @@ -4858,18 +4854,18 @@ This function found in impl libcrux_sha3::portable::incremental::Shake128Squeeze)#1} */ static inline void libcrux_sha3_portable_incremental_squeeze_10( - libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice out) { + libcrux_sha3_generic_keccak_KeccakXofState_97 *self, Eurydice_slice out) { Eurydice_slice buf[1U] = {out}; - libcrux_sha3_generic_keccak_squeeze_8b_ba0(self, buf); + libcrux_sha3_generic_keccak_squeeze_8b_c60(self, buf); } /** This function found in impl {(core::clone::Clone for libcrux_sha3::portable::KeccakState)} */ -static inline libcrux_sha3_generic_keccak_KeccakState_48 +static inline libcrux_sha3_generic_keccak_KeccakState_17 libcrux_sha3_portable_clone_3d( - libcrux_sha3_generic_keccak_KeccakState_48 *self) { + libcrux_sha3_generic_keccak_KeccakState_17 *self) { return self[0U]; }